10 interesting stories served every morning and every evening.
Artemis II is NASA’s first crewed mission under the Artemis program and will launch from the agency’s Kennedy Space Center in Florida. It will send NASA astronauts Reid Wiseman, Victor Glover, Christina Koch, and CSA (Canadian Space Agency) astronaut Jeremy Hansen on an approximately 10-day journey around the Moon. Among objectives, the agency will test the Orion spacecraft’s life support systems for the first time with people and lay the groundwork for future crewed Artemis missions.
...
Read the original on plus.nasa.gov »
Live updates for launch of NASA’s Artemis II test flight will be published on this page. NASA’s launch broadcast coverage is airing on NASA+, Amazon Prime, and YouTube. All times are Eastern.
The Orion spacecraft’s SAWs (solar arrays wings) have fully deployed, completing a key configuration step for the Artemis II mission. Flight controllers in Houston confirmed that all four wings unfolded as planned, locking into place and beginning to draw power.
Each solar array wing extends outward from the European Service Module, giving Orion, named Integrity, a wingspan of roughly 63 feet when fully deployed. Each wing has 15,000 solar cells to convert sunlight to electricity. The arrays can turn on two axes that allow them to rotate and track the Sun, maximizing power generation as the spacecraft changes attitude during its time in Earth orbit and on its outbound journey to the Moon.
The next major milestones are the PRM (perigee raise maneuver) and ARB (apogee raise burn) that will increase the lowest and highest points of the Orion spacecraft’s orbit and prepare the spacecraft for deep‑space operations.
Following the burns, NASA will hold a postlaunch news conference at 9 p.m. from Kennedy Space Center in Florida. Following the news conference, the Artemis II crew will begin preparations for Orion’s proximity operations demonstration. This demonstration will test the ability to manually maneuver Orion relative to another spacecraft, in this case, the interim cryogenic propulsion stage after separation.
Coverage on NASA+ will soon conclude, however 24/7 coverage will continue on NASA’s YouTube channel, and keep following the Artemis blog for live updates of key milestones throughout the mission.
Main engine cutoff of the SLS (Space Launch System) core stage is complete, and the core stage has successfully separated from the interim cryogenic propulsion stage and the Orion spacecraft. This marks the end of the first major propulsion phase of the Artemis II mission and the transition to upper‑stage operations.
The next major milestone is the deployment of the spacecraft’s SAWs (solar array wings) scheduled to begin approximately 18 minutes after launch. Once extended, the four SAWs will provide continuous electrical power to the spacecraft throughout its journey, supporting life‑support systems, avionics, communications, and onboard operations. Deployment is a critical step in configuring Orion for the remainder of its time in Earth orbit and for the outbound trip to the Moon.
The spacecraft adapter jettison fairings that enclose the service module and the launch abort system have separated from the Orion spacecraft. With the rocket and spacecraft now flying above the densest layers of Earth’s atmosphere, Orion no longer requires the protective structures that shielded it during the early, high‑dynamic‑pressure portion of launch.
The next major milestone is core stage separation and Interim Cryogenic Propulsion Stage ignition.
The SLS (Space Launch System) twin solid rocket boosters have separated. The boosters, each standing 177 feet tall and generating more than 3.6 million pounds of thrust at liftoff, provide most of the rocket’s power during the first two minutes of flight and separation reduces mass and allows the core stage to continue propelling the Orion spacecraft, named Integrity, toward orbit.
With the boosters now clear, the SLS core stage remains the primary source of thrust.
In about one minute, the spacecraft adapter jettison fairings that enclose Orion’s service module and the launch abort system will separate from the spacecraft.
6:35 p.m.
NASA’s Artemis II SLS (Space Launch System) rocket, with the Orion spacecraft atop carrying NASA astronauts Reid Wiseman, Victor Glover, and Christina Koch, along with CSA (Canadian Space Agency) astronaut Jeremy Hansen, lifted off from Kennedy Space Center’s Launch Complex 39B in Florida at 6:35 p.m. EDT to begin its journey to deep space.
The twin solid rocket boosters ignited first, delivering more than 75% of the thrust needed to lift the 5.75-million-pound rocket off the pad. Their combined power, along with the four RS-25 engines already at full thrust, generated an incredible 8.8 million pounds of force at liftoff. As the rocket rose, the umbilicals — which provided power, fuel, and data connections during prelaunch — disconnected and retracted into protective housings. This ensured the vehicle is free from ground systems and fully autonomous for flight.
The approximately 10-day Artemis II mission around the Moon is the first crewed flight under NASA’s Artemis campaign. It will help test the systems and hardware needed to continue sending astronauts on increasingly difficult missions to explore more of the Moon for scientific discovery, economic benefits, and to continue building toward the first crewed missions to Mars.
Below are the ascent milestones that will occur leading up to core stage separation. Times may vary by several seconds.
The Artemis II countdown has entered terminal count, and the ground launch sequencer has taken control, orchestrating a precise series of automated commands to prepare the SLS (Space Launch System) rocket and Orion spacecraft for liftoff at a T-0 time of 6:35 p.m. EDT.
The ground launch sequencer ensures that all systems – from propulsion to avionics – transition into flight mode. Key actions performed include pressurizing propellant tanks for optimal engine performance, activating flight software and switching control from ground to onboard systems, and performing final health checks across thousands of sensors to confirm readiness.
This automated sequence minimizes human intervention, reducing risk and ensuring synchronization across complex subsystems. For Artemis II, this moment marks the culmination of years of planning and testing, as the mission moves from ground operations to the threshold of launch.
See the list below of the terminal count milestones:
* T-4M — GLS is go for core stage auxiliary power unit (APU) start
Inside the terminal countdown, teams have a few options to hold the count if needed.
The launch team can hold at 6 minutes for the duration of the launch window, less the 6 minutes needed to launch, without having to recycle back to 10 minutes.
If teams need to stop the clock between T-6 minutes and T-1 minute, 30 seconds, they can hold for up to 3 minutes and resume the clock to launch. If they require more than 3 minutes of hold time, the countdown would recycle back to T-10.
If the clock stops after T-1 minute and 30 seconds, but before the automated launch sequencer takes over, then teams can recycle back to T-10 to try again, provided there is adequate launch window remaining.
After handover to the automated launch sequencer, any issue that would stop the countdown would lead to concluding the launch attempt for that day.
Artemis II Launch Director Charlie Blackwell-Thompson conducted one of the most important steps before liftoff: the “go/no-go” poll for the team to proceed with the final 10 minutes of the countdown known as terminal count.
A unanimous “go” across the board signals that Artemis II is fully prepared to proceed toward launch. This moment represents the culmination of years of planning and hours of meticulous pre-launch work, bringing the mission to the threshold of history.
The launch team has made the decision to extend the T-10 minute hold ahead of today’s launch to give engineers time to work through final preparations for liftoff. There is a two-hour window in which Artemis II could launch, and a new liftoff time will be set shortly
NASA’s Artemis II closeout crew completed its final tasks and departed Launch Complex 39B at NASA’s Kennedy Space Center in Florida. After hours of meticulous work assisting the astronauts with suit-up, hatch closure, and critical spacecraft checks, the team exited the White Room and left the Orion spacecraft sealed and ready for flight.
This departure marks a major transition in launch operations: the spacecraft is now fully configured, and responsibility shifts to the launch control team for the final countdown. The closeout crew’s precision and expertise ensure that every connection, seal, and system is verified before they step away – making this moment a key milestone on the path to liftoff.
Engineers investigated a sensor on the launch abort system’s attitude control motor controller battery that showed a higher temperature than would be expected. It is believed to be an instrumentation issue and will not affect today’s launch.
The weather continues to cooperate and has now been upgraded to 90% go for launch.
Engineers have now resolved an issue with the hardware that communicates with the flight termination system that would have prevented the ground from sending a signal to destruct the rocket if it were to veer off course during ascent, to protect public safety. A confidence test was performed to ensure that the hardware is ready to support today’s launch.
Meanwhile, technicians have completed the launch abort system hatch closure – an essential step that ensures the Orion spacecraft is fully sealed and ready for flight. The hatch provides an additional protective barrier for the crew module, designed to safeguard astronauts during the Artemis II flight path and, if necessary, enable a rapid escape in the event of an emergency.
During this phase, the closeout team verifies hatch alignment, engages locking mechanisms, and confirms pressure integrity. These checks guarantee that the launch abort system hatch can perform its function flawlessly, maintaining structural integrity under extreme launch conditions. With the hatch secured, Orion enters its final configuration for liftoff, marking one of the last major milestones before fueling and launch.
Although the countdown to today’s Artemis II launch is continuing to progress, the Eastern Range has identified an issue that they are currently working to resolve related to their communication with the flight termination system. The flight termination system is a safety system that allows engineers on the ground to send a signal to destruct the rocket if it were to veer off course during ascent, to protect public safety. Without assurance that this system would work if needed, today’s launch would be no-go. However, engineers have devised a way to verify the system and are currently preparing to test this solution.
Technicians began installing the crew module hatch service panel on the Orion spacecraft, an important step in final launch preparations. This panel protects key connections and ensures the hatch area is secure for flight.
As part of current closeout activities, teams are confirming all systems around the hatch are properly sealed and ready for the mission.
With the hatch area secured, teams will continue final checks and countdown operations at Launch Pad 39B at NASA’s Kennedy Space Center in Florida, bringing us closer to sending astronauts on a historic journey around the Moon.
NASA engineers have conducted counterbalance mechanism operations and are now performing hatch seal pressure decay checks inside the White Room at Launch Complex 39B. These steps ensure Orion’s hatch maintains proper pressure integrity and that the counterbalance system functions as designed for launch conditions.
The counterbalance mechanism is a precision-engineered assembly that offsets the weight of the crew module hatch, allowing technicians to open and close it smoothly without introducing stress on the hinge or seal. This system uses calibrated springs and dampers to maintain alignment and prevent sudden movements, which is essential for preserving the hatch’s airtight seal. During this phase, technicians verify the mechanism’s load distribution and confirm that its locking features engage correctly under simulated launch loads.
Following these adjustments, the team performs seal pressurization decay checks – monitoring pressure loss over time to confirm the hatch’s integrity. These checks are vital for astronaut safety, ensuring the cabin remains secure in all mission phases.
NASA’s Artemis II closeout crew is now completing one of the most critical steps before launch: preparing and closing the crew module hatch to the Orion spacecraft. Inside the White Room at Launch Complex 39B, the closeout crew is working meticulously to inspect seals, secure fasteners, and verify that the hatch is airtight.
This process ensures Orion is fully pressurized and ready for flight. Once the hatch is closed and locked, the astronauts are officially sealed inside their spacecraft, marking a major milestone on the path to liftoff.
NASA’s Artemis II crew members are boarding the agency’s Orion spacecraft to begin communication checks to confirm voice links with mission control and onboard systems.
Before entering the spacecraft that will be their home on the approximately 10-day journey around the Moon and back, all four crewmates signed the inside of the White Room, an area at the end of the crew access arm that provides access to the spacecraft. The term “White Room” dates to NASA’s Gemini program, and to honor this human spaceflight tradition, the room remains white today.
The Artemis II closeout crew is now working to help the astronauts enter the Orion spacecraft and make final preparations for their nearly 700,000-mile trip to the Moon and back. As part of the process, the closeout crew is helping the astronauts don their Orion Crew Survival System helmets and gloves, as well as board Orion and get buckled in.
A short time from now, the closeout crew will close the crew module and exterior launch abort system hatches. Even a single strand of hair inside the hatch doors could potentially pose issues with closing either hatch, so the process is carefully done and takes up to four hours. Each step in the closeout process ensures airtight seals and communication readiness for the mission ahead.
Following communication checks, the team performed suit leak checks – a vital safety procedure ensuring each pressure suit maintains integrity in case of cabin depressurization. These operations are essential for crew readiness and mission assurance, marking one of the final phases before hatch closure and launch preparations.
With assistance from the closeout crew, the Artemis II crew are carefully donning their helmets and gloves – finalizing suit integrity checks before boarding the Orion spacecraft.
This step is more than ceremonial; it ensures airtight seals and communication readiness for the mission ahead. The closeout crew plays a vital role, guiding the astronauts through these procedures and confirming every connection is secure before hatch closure.
Stay tuned as we continue to follow the Artemis II team through each countdown milestone on their path to liftoff.
NASA’s Artemis II crew NASA astronauts Reid Wiseman, Victor Glover, and Christina Koch, along with CSA (Canadian Space Agency) astronaut Jeremy Hansen, arrived at Launch Complex 39B at the agency’s Kennedy Space Center in Florida, where the agency’s SLS (Space Launch System) rocket with Orion spacecraft atop stands ready for launch. The opening of today’s launch window is slated for just over 4 hours from now, at 6:24 p.m. EDT.
In the next few minutes, the crew will take the elevator up the pad’s fixed service structure and walk down the climate-controlled crew access arm to the White Room, their final stop before climbing aboard their Orion spacecraft. In this clean, controlled environment at the end of the crew access arm, the closeout crew will assist the astronauts with hatch operations and verify that all safety systems are ready for launch.
Since the late 1960s, pads A and B at Kennedy’s Launch Complex 39 have supported America’s major space programs, with Pad A used most frequently for launches under the Space Shuttle Program. After the retirement of the shuttle in 2011, Pad A helped usher in a new era of human spaceflight as launch pad for the agency’s Commercial Crew Program, which returned human spaceflight capability to the United States. Pad B saw the launch of NASA’s Artemis I mission in November 2022 and will continue to be the primary launch pad for America’s efforts to return to humans the Moon.
Just moments ago, NASA’s Artemis II flight crew began the walk that every NASA astronaut has made since Apollo 7 in 1968, heading to the elevator and down through the double doors below the Neil A. Armstrong Building’s Astronaut Crew Quarters at NASA’s Kennedy Space Center in Florida.
Before they left the suit-up room, the crew completed one last piece of unfinished business — a card game. A long-held spaceflight tradition, NASA crews play cards before leaving the crew quarters ahead of launch until the commander, in this instance NASA astronaut Reid Wiseman, loses. It is hoped that by losing, the commander burns off all his or her bad luck, thereby clearing the mission for only good luck.
NASA’s Artemis II is the first crewed mission of the Artemis program and will carry Wiseman and fellow NASA astronauts Victor Glover and Christina Koch, as well as CSA (Canadian Space Agency) astronaut Jeremy Hansen on an approximately 10-day mission around the Moon and back to Earth.
The first crewed deep-space flight in over 50 years, Artemis II is expected to send the crew farther from Earth than any previous human mission, potentially breaking the record of about 248,655 miles (400,171 km) from Earth set by Apollo 13 during its lunar free-return trajectory. This milestone will occur during the lunar flyby phase, when the crew travels on a free-return trajectory around the Moon, which allows the spacecraft to loop around the Moon and return to Earth without entering lunar orbit.
During the test flight, NASA will test life-support systems and critical operations in deep space, paving the way for future lunar landings and Mars exploration.
Having received goodbyes and well wishes from their families and friends, the crew embarks on the 20-minute journey to Kennedy’s Launch Pad 39B and their awaiting spacecraft.
NASA’s pad rescue and closeout crew teams have arrived at Launch Complex 39B at the agency’s Kennedy Space Center in Florida to ensure safety and readiness during the critical fueling operations. These specialized teams play a vital role in protecting personnel and hardware throughout the countdown.
The pad rescue team will be positioned to respond immediately in the unlikely event of an emergency, ensuring safe evacuation procedures for pad personnel. The rescue team is equipped with advanced gear and trained for rapid crew extraction, fire suppression, and hazard mitigation. Their presence ensures astronaut safety remains the top priority, providing an all-important layer of protection as fueling operations and system checks continue.
The closeout crew is responsible for closing the Orion crew module and launch abort system hatches, securing access points, verifying pad configurations, and maintaining the integrity of the launch area during propellant loading and system checks. Their work is critical for guaranteeing a secure environment for the astronauts before the launch pad is cleared for liftoff operations.
These teams are essential for mitigating risk and supporting the complex choreography of Artemis II’s prelaunch activities. With both teams in place, Artemis II remains on track for its historic mission to send astronauts around the Moon.
NASA astronauts Reid Wiseman, commander; Victor Glover, pilot; and Christina Koch, mission specialist; along with CSA (Canadian Space Agency) astronaut Jeremy Hansen, mission specialist, are suiting up inside the Astronaut Crew Quarters of the Neil A. Armstrong Operations and Checkout Building at the agency’s Kennedy Space Center in Florida.
A team of suit technicians help the crew put on their Orion Crew Survival System suits, which are each tailored for mobility and comfort while ensuring maximum safety during the dynamic phases of flight. The bright orange spacesuits are designed to protect them on their journey and feature many improvements from head to toe to the suits worn on the space shuttle. NASA reengineered many elements to improve safety and range of motion for Artemis astronauts, and instead of the small, medium, and large sizes from the shuttle era, they are custom fit for each crew member.
The outer layer is fire-resistant, and a stronger zipper allows astronauts to quickly put the suit on. Improved thermal management will help keep them cool and dry. A lighter, stronger helmet improves comfort and communication, and the gloves are more durable and touch-screen compatible. Better-fitting boots also provide protection in the case of fire and help an astronaut move more swiftly.
The suits’ design and engineering enhancements provide an additional layer of protection for astronauts and ensure they return home safely from deep space missions.
During suit-up, teams will check for leaks and ensure that all connecting life support systems, including air and power, are operating nominally ahead of the crew’s ride to NASA Kennedy’s Launch Complex 39B.
With NASA teams now maintaining the liquid oxygen levels in the interim cryogenic propulsion, all cryogenic stages of the SLS (Space Launch System) rocket have transitioned to replenish mode during the Artemis II launch countdown. This includes the core stage and SLS upper stage, ensuring both liquid hydrogen and liquid oxygen tanks remain at flight-ready levels.
Replenish mode is essential for maintaining stable propellant quantities and pressure as super-cold fuels naturally boil off over time. Continuous adjustments keep the rocket fully fueled and ready for ignition, supporting the RS-25 engines on the core stage and the RL10 engine on the SLS upper stage for their essential roles in launch and translunar injection.
These milestones coincide with the Artemis II countdown entering a planned 1-hour and 10-minute built-in hold. This scheduled pause allows teams to complete crucial system checks, verify launch readiness, and address any last-minute adjustments before proceeding toward crew ingress and final fueling operations.
During this hold, engineers review data from cryogenic loading, propulsion systems, and communications to ensure all parameters meet strict safety and performance criteria. The hold also provides flexibility for resolving minor issues without impacting the overall launch timeline.
Once the hold concludes, the countdown will resume with preparations for astronaut arrival at Launch Pad 39B at NASA’s Kennedy Space Center in Florida.
NASA’s Artemis II astronauts received a final weather briefing inside the Astronaut Crew Quarters of the Neil A. Armstrong Operations and Checkout Building at the agency’s Kennedy Space Center in Florida, as part of prelaunch preparations.
This weather update provides astronauts and mission teams with the latest conditions at NASA Kennedy’s Launch Pad 39B, the surrounding recovery zones, and potential abort sites along Artemis II’s flight path. Accurate weather forecasting is essential for protecting crew and hardware, as even minor changes can impact countdown decisions and flight dynamics.
NASA astronauts Reid Wiseman, commander; Victor Glover, pilot; and Christina Koch, mission specialist; along with CSA (Canadian Space Agency) astronaut Jeremy Hansen, mission specialist, were briefed on wind speeds, precipitation, lightning risk, and sea states for splashdown contingencies, ensuring all safety criteria are met before proceeding with launch operations.
Weather officials with NASA and the U. S. Space Force’s Space Launch Delta 45 are tracking 80% favorable conditions during the launch window, with primary concerns being the cumulus cloud rule, flight through precipitation rule, and ground winds.
With the weather briefing complete, the crew and ground teams remain aligned and ready to continue toward liftoff, keeping Artemis II on track for its historic mission to send astronauts around the Moon.
NASA teams also have begun liquid oxygen (LOX) topping process for the interim cryogenic propulsion stage, or SLS (Space Launch System) rocket upper stage, during the Artemis II launch countdown. This step follows the fast fill phase and ensures the liquid oxygen tank reaches full capacity with super-cold oxidizer.
Live coverage of Artemis II tanking operations continues on NASA’s YouTube channel. NASA’s full launch coverage begins at 1 p.m. EDT on NASA+, Amazon Prime, and YouTube. You can continue to follow the Artemis blog from launch to splashdown for mission updates.
Liquid oxygen (LOX) fast fill is now complete for the SLS (Space Launch System) upper stage, marking another major milestone in tanking operations. Teams have confirmed the upper stage is in good shape and are proceeding with the LOX vent and relief test. This step helps verify proper pressure regulation and ensures the system is ready to transition into topping and, later, replenish operations.
NASA teams are now maintaining the liquid oxygen levels in the SLS (Space Launch System) rocket core stage through replenish mode. This phase follows the completion of liquid oxygen fast fill and topping, ensuring the oxidizer remains at flight-ready levels throughout the final countdown.
NASA teams are in fast fill of liquid oxygen (LOX) into the interim cryogenic propulsion stage as part of the Artemis II launch countdown. This phase rapidly loads the oxidizer after chilldown is complete, bringing the SLS (Space Launch System) rocket upper stage closer to full readiness for its role in sending the Orion spacecraft into a high Earth orbit ahead of a proximity operations demonstration test and Orion’s translunar injection burn.
NASA teams have transitioned the interim cryogenic propulsion stage liquid hydrogen tank to replenish mode during the Artemis II countdown. This phase follows the successful topping process and ensures the tank remains at flight-ready levels all the way to launch.
NASA teams have begun the topping phase for the interim cryogenic propulsion stage liquid hydrogen (LH2) tank. This critical step occurs after successful chilldown and vent-and-relief checks, ensuring the tank reaches full capacity with super-cold liquid hydrogen.
Replenish is the final step in the fueling process, designed to maintain the correct LH2 levels as the super-cold propellant naturally boils off over time. This continuous, low-rate flow keeps the tanks topped off and thermally stable, ensuring the rocket remains fully fueled and ready for liftoff.
From chilldown to replenish, every phase of fueling is carefully managed to protect hardware and guarantee mission success. With replenish underway, Artemis II is in its final stretch toward launch and humanity’s next giant leap.
Topping is the process of adding small amounts of LH2 to the tanks after fast fill is complete, ensuring they remain at full capacity as the super-cold propellant naturally boils off. This step is critical for maintaining the precise levels needed for launch while keeping the system thermally stable.
The Artemis II launch team transitioned to the fast fill of liquid hydrogen (LH2) for the interim cryogenic propulsion stage, or SLS (Space Launch System) rocket upper stage.
After completing the chilldown phase, this step rapidly loads super-cold LH2 into the SLS upper stage tanks, ensuring the upper stage is fueled and ready to perform its fundamental role of raising the Orion spacecraft into a high Earth orbit ahead of a proximity operations demonstration test and Orion’s translunar injection burn.
Fast fill accelerates the fueling process while maintaining safety, marking another major milestone in the countdown as Artemis II moves closer to liftoff.
The Artemis II launch team has begun the liquid hydrogen chilldown for the interim cryogenic propulsion stage, or SLS (Space Launch System) rocket upper stage.
This process gradually cools the interim cryogenic propulsion stage fuel lines and components to cryogenic temperatures using super-cold liquid hydrogen. The chilldown step is essential to prevent thermal shock and ensure the stage is properly conditioned for full propellant loading. By stabilizing the system at these extreme temperatures, engineers guarantee safe and efficient fueling for the upper stage that will help position Orion into high Earth orbit for its journey toward the Moon.
NASA astronauts Reid Wiseman, Victor Glover, and Christina Koch, along with CSA (Canadian Space Agency) astronaut Jeremy Hansen have officially begun their launch day with a scheduled wake-up call at 9:25 a.m., marking the start of their final preparations for the historic Artemis II mission around the Moon.
The Artemis II launch team transitioned to the fast fill of liquid hydrogen (LH2) into the SLS (Space Launch System) rocket core stage.
...
Read the original on www.nasa.gov »
The cost of building software has drastically decreased. We recently rebuilt Next.js in one week using AI coding agents. But for the past two months our agents have been working on an even more ambitious project: rebuilding the WordPress open source project from the ground up.
WordPress powers over 40% of the Internet. It is a massive success that has enabled anyone to be a publisher, and created a global community of WordPress developers. But the WordPress open source project will be 24 years old this year. Hosting a website has changed dramatically during that time. When WordPress was born, AWS EC2 didn’t exist. In the intervening years, that task has gone from renting virtual private servers, to uploading a JavaScript bundle to a globally distributed network at virtually no cost. It’s time to upgrade the most popular CMS on the Internet to take advantage of this change.
Our name for this new CMS is EmDash. We think of it as the spiritual successor to WordPress. It’s written entirely in TypeScript. It is serverless, but you can run it on your own hardware or any platform you choose. Plugins are securely sandboxed and can run in their own isolate, via Dynamic Workers, solving the fundamental security problem with the WordPress plugin architecture. And under the hood, EmDash is powered by Astro, the fastest web framework for content-driven websites.
EmDash is fully open source, MIT licensed, and available on GitHub. While EmDash aims to be compatible with WordPress functionality, no WordPress code was used to create EmDash. That allows us to license the open source project under the more permissive MIT license. We hope that allows more developers to adapt, extend, and participate in EmDash’s development.
You can deploy the EmDash v0.1.0 preview to your own Cloudflare account, or to any Node.js server today as part of our early developer beta:
Or you can try out the admin interface here in the EmDash Playground:
The story of WordPress is a triumph of open source that enabled publishing at a scale never before seen. Few projects have had the same recognisable impact on the generation raised on the Internet. The contributors to WordPress’s core, and its many thousands of plugin and theme developers have built a platform that democratised publishing for millions; many lives and livelihoods being transformed by this ubiquitous software.
There will always be a place for WordPress, but there is also a lot more space for the world of content publishing to grow. A decade ago, people picking up a keyboard universally learned to publish their blogs with WordPress. Today it’s just as likely that person picks up Astro, or another TypeScript framework to learn and build with. The ecosystem needs an option that empowers a wide audience, in the same way it needed WordPress 23 years ago.
EmDash is committed to building on what WordPress created: an open source publishing stack that anyone can install and use at little cost, while fixing the core problems that WordPress cannot solve.
WordPress’ plugin architecture is fundamentally insecure. 96% of security issues for WordPress sites originate in plugins. In 2025, more high severity vulnerabilities were found in the WordPress ecosystem than the previous two years combined.
Why, after over two decades, is WordPress plugin security so problematic?
A WordPress plugin is a PHP script that hooks directly into WordPress to add or modify functionality. There is no isolation: a WordPress plugin has direct access to the WordPress site’s database and filesystem. When you install a WordPress plugin, you are trusting it with access to nearly everything, and trusting it to handle every malicious input or edge case perfectly.
EmDash solves this. In EmDash, each plugin runs in its own isolated sandbox: a Dynamic Worker. Rather than giving direct access to underlying data, EmDash provides the plugin with capabilities via bindings, based on what the plugin explicitly declares that it needs in its manifest. This security model has a strict guarantee: an EmDash plugin can only perform the actions explicitly declared in its manifest. You can know and trust upfront, before installing a plugin, exactly what you are granting it permission to do, similar to going through an OAuth flow and granting a 3rd party app a specific set of scoped permissions.
For example, a plugin that sends an email after a content item gets saved looks like this:
import { definePlugin } from “emdash”;
export default () =>
definePlugin({
id: “notify-on-publish”,
version: “1.0.0”,
capabilities: [“read:content”, “email:send”],
hooks: {
“content:afterSave”: async (event, ctx) => {
if (event.collection !== “posts” || event.content.status !== “published”) return;
await ctx.email!.send({
to: “[email protected]”,
subject: `New post published: ${event.content.title}`,
text: `“${event.content.title}” is now live.`,
ctx.log.info(`Notified editors about ${event.content.id}`);
This plugin explicitly requests two capabilities: content:afterSave to hook into the content lifecycle, and email:send to access the ctx.email function. It is impossible for the plugin to do anything other than use these capabilities. It has no external network access. If it does need network access, it can specify the exact hostname it needs to talk to, as part of its definition, and be granted only the ability to communicate with a particular hostname.
And in all cases, because the plugin’s needs are declared statically, upfront, it can always be clear exactly what the plugin is asking for permission to be able to do, at install time. A platform or administrator could define rules for what plugins are or aren’t allowed to be installed by certain groups of users, based on what permissions they request, rather than an allowlist of approved or safe plugins.
WordPress plugin security is such a real risk that WordPress.org manually reviews and approves each plugin in its marketplace. At the time of writing, that review queue is over 800 plugins long, and takes at least two weeks to traverse. The vulnerability surface area of WordPress plugins is so wide that in practice, all parties rely on marketplace reputation, ratings and reviews. And because WordPress plugins run in the same execution context as WordPress itself and are so deeply intertwined with WordPress code, some argue they must carry forward WordPress’ GPL license.
These realities combine to create a chilling effect on developers building plugins, and on platforms hosting WordPress sites.
Plugin security is the root of this problem. Marketplace businesses provide trust when parties otherwise cannot easily trust each other. In the case of the WordPress marketplace, the plugin security risk is so large and probable that many of your customers can only reasonably trust your plugin via the marketplace. But in order to be part of the marketplace your code must be licensed in a way that forces you to give it away for free everywhere other than that marketplace. You are locked in.
EmDash plugins have two important properties that mitigate this marketplace lock-in:
Plugins can have any license: they run independently of EmDash and share no code. It’s the plugin author’s choice. Plugin code runs independently in a secure sandbox: a plugin can be provided to an EmDash site, and trusted, without the EmDash site ever seeing the code.
The first part is straightforward — as the plugin author, you choose what license you want. The same way you can when publishing to NPM, PyPi, Packagist or any other registry. It’s an open ecosystem for all, and up to the community, not the EmDash project, what license you use for plugins and themes.
The second part is where EmDash’s plugin architecture breaks free of the centralized marketplace.
Developers need to rely on a third party marketplace having vetted the plugin far less to be able to make decisions about whether to use or trust it. Consider the example plugin above that sends emails after content is saved; the plugin declares three things:
It only runs on the content:afterSave hookIt has the read:content capabilityIt has the email:send capability
The plugin can have tens of thousands of lines of code in it, but unlike a WordPress plugin that has access to everything and can talk to the public Internet, the person adding the plugin knows exactly what access they are granting to it. The clearly defined boundaries allow you to make informed decisions about security risks and to zoom in on more specific risks that relate directly to the capabilities the plugin is given.
The more that both sites and platforms can trust the security model to provide constraints, the more that sites and platforms can trust plugins, and break free of centralized control of marketplaces and reputation. Put another way: if you trust that food safety is enforced in your city, you’ll be adventurous and try new places. If you can’t trust that there might be a staple in your soup, you’ll be consulting Google before every new place you try, and it’s harder for everyone to open new restaurants.
The business model of the web is at risk, particularly for content creators and publishers. The old way of making content widely accessible, allowing all clients free access in exchange for traffic, breaks when there is no human looking at a site to advertise to, and the client is instead their agent accessing the web on their behalf. Creators need ways to continue to make money in this new world of agents, and to build new kinds of websites that serve what people’s agents need and will pay for. Decades ago a new wave of creators created websites that became great businesses (often using WordPress to power them) and a similar opportunity exists today.
x402 is an open, neutral standard for Internet-native payments. It lets anyone on the Internet easily charge, and any client pay on-demand, on a pay-per-use basis. A client, such as an agent, sends a HTTP request and receives a HTTP 402 Payment Required status code. In response, the client pays for access on-demand, and the server can let the client through to the requested content.
EmDash has built-in support for x402. This means anyone with an EmDash site can charge for access to their content without requiring subscriptions and with zero engineering work. All you need to do is configure which content should require payment, set how much to charge, and provide a Wallet address. The request/response flow ends up looking like this:
Every EmDash site has a built-in business model for the AI era.
WordPress is not serverless: it requires provisioning and managing servers, scaling them up and down like a traditional web application. To maximize performance, and to be able to handle traffic spikes, there’s no avoiding the need to pre-provision instances and run some amount of idle compute, or share resources in ways that limit performance. This is particularly true for sites with content that must be server rendered and cannot be cached.
EmDash is different: it’s built to run on serverless platforms, and make the most out of the v8 isolate architecture of Cloudflare’s open source runtime workerd. On an incoming request, the Workers runtime instantly spins up an isolate to execute code and serve a response. It scales back down to zero if there are no requests. And it only bills for CPU time (time spent doing actual work).
You can run EmDash anywhere, on any Node.js server — but on Cloudflare you can run millions of instances of EmDash using Cloudflare for Platforms that each instantly scale fully to zero or up to as many RPS as you need to handle, using the exact same network and runtime that the biggest websites in the world rely on.
Beyond cost optimizations and performance benefits, we’ve bet on this architecture at Cloudflare in part because we believe in having low cost and free tiers, and that everyone should be able to build websites that scale. We’re excited to help platforms extend the benefits of this architecture to their own customers, both big and small.
EmDash is powered by Astro, the web framework for content-driven websites. To create an EmDash theme, you create an Astro project that includes:
A seed file: JSON that tells the CMS what content types and fields to create
This makes creating themes familiar to frontend developers who are increasingly choosing Astro, and to LLMs which are already trained on Astro.
WordPress themes, though incredibly flexible, operate with a lot of the same security risks as plugins, and the more popular and commonplace your theme, the more of a target it is. Themes run through integrating with functions.php which is an all-encompassing execution environment, enabling your theme to be both incredibly powerful and potentially dangerous. EmDash themes, as with dynamic plugins, turns this expectation on its head. Your theme can never perform database operations.
The least fun part about working with any CMS is doing the rote migration of content: finding and replacing strings, migrating custom fields from one format to another, renaming, reordering and moving things around. This is either boring repetitive work or requires one-off scripts and “single-use” plugins and tools that are usually neither fun to write nor to use.
EmDash is designed to be managed programmatically by your AI agents. It provides the context and the tools that your agents need, including:
Agent Skills: Each EmDash instance includes Agent Skills that describe to your agent the capabilities EmDash can provide to plugins, the hooks that can trigger plugins, guidance on how to structure a plugin, and even how to port legacy WordPress themes to EmDash natively. When you give an agent an EmDash codebase, EmDash provides everything the agent needs to be able to customize your site in the way you need. EmDash CLI: The EmDash CLI enables your agent to interact programmatically with your local or remote instance of EmDash. You can upload media, search for content, create and manage schemas, and do the same set of things you can do in the Admin UI.Built-in MCP Server: Every EmDash instance provides its own remote Model Context Protocol (MCP) server, allowing you to do the same set of things you can do in the Admin UI.
EmDash uses passkey-based authentication by default, meaning there are no passwords to leak and no brute-force vectors to defend against. User management includes familiar role-based access control out of the box: administrators, editors, authors, and contributors, each scoped strictly to the actions they need. Authentication is pluggable, so you can set EmDash up to work with your SSO provider, and automatically provision access based on IdP metadata.
You can import an existing WordPress site by either going to WordPress admin and exporting a WXR file, or by installing the EmDash Exporter plugin on a WordPress site, which configures a secure endpoint that is only exposed to you, and protected by a WordPress Application Password you control. Migrating content takes just a few minutes, and automatically works to bring any attached media into EmDash’s media library.
Creating any custom content types on WordPress that are not a Post or a Page has meant installing heavy plugins like Advanced Custom Fields, and squeezing the result into a crowded WordPress posts table. EmDash does things differently: you can define a schema directly in the admin panel, which will create entirely new EmDash collections for you, separately ordered in the database. On import, you can use the same capabilities to take any custom post types from WordPress, and create an EmDash content type from it.
For bespoke blocks, you can use the EmDash Block Kit Agent Skill to instruct your agent of choice and build them for EmDash.
EmDash is v0.1.0 preview, and we’d love you to try it, give feedback, and we welcome contributions to the EmDash GitHub repository.
If you’re just playing around and want to first understand what’s possible — try out the admin interface in the EmDash Playground.
To create a new EmDash site locally, via the CLI, run:
Or you can do the same via the Cloudflare dashboard below:
We’re excited to see what you build, and if you’re active in the WordPress community, as a hosting platform, a plugin or theme author, or otherwise — we’d love to hear from you. Email us at [email protected], and tell us what you’d like to see from the EmDash project.
If you want to stay up to date with major EmDash developments, you can leave your email address here.
...
Read the original on blog.cloudflare.com »
Today Raspberry Pi announced more price increases for all Pis with LPDDR4 RAM, alongside a ‘right-sized’ 3GB RAM Pi 4 for $83.75.
The price increases bring the 16GB Pi 5 up to $299.99.
Despite today’s date, this is not a joke.
I published a video going over the state of the hobbyist ‘high end SBC’ market (4/8/16 GB models in the current generation), which I’ll embed below:
But if you’d like the tl;dr:
Unless the DRAM pricing situation changes radically, I think the hobbyist SBC market is dying—or at least on life support. And I don’t just mean Raspberry Pis, but all SBC vendors. LPDDR chips now account for the majority of board cost from the vendors I’ve checked with.
Besides causing a radical reduction in new boards launched (Radxa seems to be the only vendor that had some cadence last year), the price increases for boards with greater than 4 GB of RAM have put those boards out of the reach of most hobbyists.
Even mini PCs, which for a time were a great deal, have risen to $250+ for 8 GB models. Used PC are also more expensive, especially with more than 4 GB of RAM.
I design most of my projects so they can be replicated for less than $100. Learning is easier on cheaper parts you won’t fret over too much when you break them. With prices going up, this limits the types of projects I take on.
I’m working more with older SBCs and microcontrollers now, and I think that’s the direction many in the hobbyist space are going.
Maybe, as Eben Upton says in Raspberry Pi’s post,
memory prices won’t remain at their current very high level indefinitely; the circumstances in which we find ourselves are challenging, but in the future they will abate.
But I’m not sure how long we’ll have to wait, or if a hobbyist SBC market will exist by the time the bubble bursts.
Lucky for Raspberry Pi, they have a thriving microcontroller ecosystem and industrial base to keep them going. I fear smaller vendors won’t be able to go on like this forever.
...
Read the original on www.jeffgeerling.com »
… is what I’m reading far too often! Some of you are losing faith!
A growing sentiment amongst my peers — those who haven’t already resigned to an NPC career path† — is that blogging is over. Coding is cooked. What’s the point of sharing insights and expertise when the Cognitive Dark Forest will feed on our humanity?
Before I’m dismissed as an ill-informed hater please note: I’ve done my research.
† To be fair it’s a valid choice in this economy. Clock in, slop around, clock out. Why not?
Star Trek’s captain Kirk leaning into a computer cast in shadow looking contemplative.
It’s never been more important to blog. There has never been a better time to blog. I will tell you why. We’re being starved for human conversation and authentic voices. What’s more: everyone is trying to take your voice away. Do not opt-out of using it yourself.
First let’s accept the realities. The giant plagiarism machines have already stolen everything. Copyright is dead. Licenses are washed away in clean rooms. Mass surveillance and tracking are a feature, privacy is a bug. Everything is an “algorithm” optimised to exploit.
How can we possibly combat that?
From a purely selfish perspective it’s never been easier to stand out and assert yourself as an authority. When everyone is deferring to the big bullshitter in the cloud your original thoughts are invaluable. Your brain is your biggest asset. Share it with others for mutual benefit.
I find writing stuff down improves my memory and hardens my resolve. I bet that’s true for you too. It’s part rote learning part rubberducking†. Writing publicly in blog form forces me to question assumptions. Even when research fails me Cunningham’s Law saves me.
† Some will claim writing into a predictive chat box helps too, and sure, they’re absolutely right!
Blogging makes you a better professional. No matter how small your audience, someone will eventually stumble upon your blog and it will unblock their path.
Don’t accept a fate being forced upon you.
The AI industry is 99% hype; a billion dollar industrial complex to put a price tag on creation. At this point if you believe AI is ‘just a tool’ you’re wilfully ignoring the harm. (Regardless, why do I keep being told it’s an ‘extreme’ stance if I decide not to buy something?)
The 1% utility AI has is overshadowed by the overwhelming mediocracy it regurgitates.
We’re saying goodbye to Sora. To everyone who created with Sora, shared it, and built community around it: thank you. What you made with Sora mattered, and we know this news is disappointing.
Is there anything, in the entire recorded history of human creation, that could have possibly mattered less than the flatulence Sora produced? NFTs had more value.
I’m not protective over the word “art”. Generative AI is art. It’s irredeemably shit art; end of conversation. A child’s crayon doodle is also lacking refined artistry but we hang it on our fridge because a human made it and that matters. We care and caring has a positive effect on our lives. When you pass human creativity through the slop wringer, or just prompt an incantation, the result is continvoucly morged; a vapid mockery of the input. The garbage out no longer matters, nobody cares, nobody benefits.
I forgot where I was going with this… oh right: don’t resign yourself to the deskilling of our craft. You should keep blogging! Take pride in your ability and unique voice. But please don’t desecrate yourself with slop.
A disheveled Oliver Twist looks up pleadingly holding out an empty bowl.
The only winning move is not to play.
We’ve gotten too comfortable with the convenience of Big Tech. We do not have to continue playing their game. Don’t buy the narratives they’re selling.
The AI industry is built on the predatory business model of casinos. Except they’ve forget the house is supposed to win. One upside of this looming economic and intellectual depression is that the media is beginning to recognise gate keepers are no longer the hand that feeds them. Big Tech is not the web. You don’t have to use it nor support it. Blog for the old web, the open web, the indie web — the web you want to see.
And if you think I’m being dramatic and I’ve upset your new toys, you’re welcome to be left behind in the miasmatic dystopia these technofacists are racing to build.
...
Read the original on dbushell.com »
Go for launch! New time 6.35pm ETWhat to know about the spacecraftFirst photos of Artemis II crew in their space suitsWho is on the Artemis II crewHow the launch is expected to unfold
Show key events onlyPlease turn on JavaScript to use this feature
We’re closing our live blog of the launch of Artemis II now after watching the space rocket’s spectacular launch into a clear blue Florida sky from the Kennedy Space Center.
Four astronauts, Americans Reid Wiseman, Victor Glover and Christina Koch, plus Jeremy Hansen from the Canadian Space Agency, are on their way to the moon after lifting off at 6.35pm from launchpad 39B.
Their 10-day lunar flyby is the first crewed mission to the moon in more than half a century. No other humans have traveled beyond lower Earth orbit since Apollo 17 in December 1972.
Artemis II is a test flight designed to evaluate the Orion crew capsule and essential life support and medical systems ahead of future Artemis missions, including the next moon landing scheduled for Artemis IV in 2028.
Thank you for following the launch with us, and stick with us for news of the mission and coverage of the Artemis II crew’s splashdown in the Pacific Ocean in 10 days’ time.
Officials in Florida’s space coast cities, including Cape Canaveral, Titusville, and Cocoa Beach, said they were expecting up to 400,000 spectators to fill beaches and causeways. As early as first light, shortly before 7am on Wednesday, dozens of cars were already parked along the waterfront in Titusville, which bills itself as “the gateway to space and nature”.Spectators secure a vantage spot for the Artemis II launch at Space View Park, Titusville, Florida, on Wednesday. Photograph: Marco Bello/ReutersThe city has a direct view across the Indian river to launchpad 39B, and the crowds there are a reminder of the Apollo era of the 1960s and 70s when millions packed in to watch the first moon missions.“There’s three entry ways to the Kennedy Space Center and two of them go through the city,” Andrew Connors, the mayor of Titusville, told me in an interview last week.An influx of hundreds of thousands for Artemis II will bring a welcome financial windfall, but Connors is also a little apprehensive.“It’s pretty crazy to think about it because we’re a city of 51,000,” he said.“All the bridges fill up really quickly and I’m sure the main route through will be a parking lot, but our police have been doing this a lot of times. It’s something really special.”Read more from the Titusville mayor, and other space coast figures, here:Florida space coast cities abuzz before Nasa’s Artemis launch: ‘At the doorstep of the future’
With Orion now orbiting Earth, a little more than half an hour into flight after a spectacular and flawless lift-off from Florida’s Kennedy Space Center, mission managers on the ground are assessing data. Flight controllers in Houston have confirmed that all four solar arrays were deployed successfully.Nasa leaders, no doubt beaming with pride, will conduct a post-launch press conference scheduled for 9pm ET. Our blog will have closed by then, but the Guardian will continue to bring you news as the rest of the 10-day Artemis II mission unfolds.
Jared Isaacman, the Nasa administrator, spoke about the Artemis II launch on Nasa TV.“It’s the opening act, the test mission,” for the Orion spacecraft, he said.“No humans have ever flown on this. We’re putting it through its paces to make sure it’s OK. It’s going to set up subsequent missions [and] a golden age of science and discovery.”Isaacman, a billionaire private astronaut and Donald Trump’s pick to lead the agency, who was confirmed earlier this year, was asked what his favorite moment of the mission would be.“After ignition, the moment I’m most excited for is splashdown,” he said.“The takeaway is gaining extra comfort in the Orion spacecraft. It’s new territory for us. SLS plus Orion is everything. On this one we want to make sure we do this in as safe a way as we can.”
Inside the Orion capsule, astronauts Reid Wiseman, Victor Glover, Christina Koch and Jeremy Hansen have raised their visors and are immediately commencing tasks to assess how the spacecraft handled the 17,500mph ascent to orbit. Deployment of the solar array wings, which will provide Orion with continuous electrical power throughout its lunar journey, is about to begin.
Artemis II is now in Earth’s orbit. The two solid rocket boosters of the Space Launch System have separated and are floating back down to the Atlantic for recovery. The spacecraft will orbit Earth until flight day two (Thursday) when the translunar injection burn will take place and sent it on the rest of its 240,000-mile journey to the moon.
Nasa launched Artemis II on a historic crewed mission to the moon. The 10-day test flight, which will not land on the moon, is a mission packed with milestones. The mission includes the first woman and first person of color to fly into cislunar space, the area between Earth’s orbit and the moon.Artemis II’s Orion space capsule could fly them farther from Earth than any human being before them.
Mission managers have announced they are working a few issues that will delay tonight’s Artemis II launch from its original 6.24pm ET time. Launch director Charlie Blackwell-Thompson says the recommendation is still to launch at some point, but we don’t yet know what new time might be provided.
...
Read the original on www.theguardian.com »
Use this to detect changes in likelihoods of events, for instance, to isolate a commit where a slightly flaky test became very flaky.
You don’t need to know the likelihoods (although you can provide priors), just that something has changed at some point in some direction
git_bayesect uses Bayesian inference to identify the commit introducing a change, with commit selection performed via greedy minimisation of expected entropy, and using a Beta-Bernoulli conjugacy trick while calculating posterior probabilities to make handling unknown failure rates tractable.
See https://hauntsaninja.github.io/git_bayesect.html for a write up.
Record an observation on the current commit:
Check the overall status of the bisection:
Set the prior for a given commit:
Set prior for all commits based on filenames:
Set prior for all commits based on the text in the commit message + diff:
Get a log of commands to let you reconstruct the state:
Run the bisection automatically using a command to make observations:
Checkout the best commmit to test:
This repository contains a little demo, in case you’d like to play around:
...
Read the original on github.com »
Advisory: FreeBSD-SA-26:08.rpcsec_gss
CVE: CVE-2026-4747
Affected: FreeBSD 13.5 (Tested on: FreeBSD 14.4-RELEASE amd64 (GENERIC kernel, no KASLR)
Attack surface: NFS server with kgssapi.ko loaded (port 2049/TCP)
In sys/rpc/rpcsec_gss/svc_rpcsec_gss.c, the function svc_rpc_gss_validate() reconstructs an RPC header into a 128-byte stack buffer (rpchdr[]) for GSS-API signature verification. It first writes 32 bytes of fixed RPC header fields, then copies the entire RPCSEC_GSS credential body (oa_length bytes) into the remaining space — without checking that oa_length fits.
static bool_t
svc_rpc_gss_validate(struct svc_rpc_gss_client *client,
struct rpc_msg *msg, gss_qop_t *qop, rpc_gss_proc_t gcproc)
int32_t rpchdr[128 / sizeof(int32_t)]; // 128 bytes on stack
int32_t *buf;
memset(rpchdr, 0, sizeof(rpchdr));
// Write 8 fixed-size RPC header fields (32 bytes total)
buf = rpchdr;
IXDR_PUT_LONG(buf, msg->rm_xid);
IXDR_PUT_ENUM(buf, msg->rm_direction);
IXDR_PUT_LONG(buf, msg->rm_call.cb_rpcvers);
IXDR_PUT_LONG(buf, msg->rm_call.cb_prog);
IXDR_PUT_LONG(buf, msg->rm_call.cb_vers);
IXDR_PUT_LONG(buf, msg->rm_call.cb_proc);
oa = &msg->rm_call.cb_cred;
IXDR_PUT_ENUM(buf, oa->oa_flavor);
IXDR_PUT_LONG(buf, oa->oa_length);
if (oa->oa_length) {
// BUG: No bounds check on oa_length!
// After 32 bytes of header, only 96 bytes remain in rpchdr.
// If oa_length > 96, this overflows past rpchdr into:
// local variables → saved callee-saved registers → return address
memcpy((caddr_t)buf, oa->oa_base, oa->oa_length);
buf += RNDUP(oa->oa_length) / sizeof(int32_t);
// gss_verify_mic() called after — but overflow already happened
The buffer has only 128 - 32 = 96 bytes of space for the credential body. Any credential larger than 96 bytes overflows the stack buffer.
The patch adds a single bounds check before the copy:
oa = &msg->rm_call.cb_cred;
if (oa->oa_length > sizeof(rpchdr) - 8 * BYTES_PER_XDR_UNIT) {
rpc_gss_log_debug(“auth length %d exceeds maximum”, oa->oa_length);
client->cl_state = CLIENT_STALE;
return (FALSE);
svc_rpc_gss_validate:
push rbp
mov rbp, rsp
push r15 ; saved at [rbp-8]
push r14 ; saved at [rbp-16]
push r13 ; saved at [rbp-24]
push r12 ; saved at [rbp-32]
push rbx ; saved at [rbp-40]
sub rsp, 0xb8 ; 184 bytes of local space
The rpchdr array is at [rbp-0xc0] (192 bytes below rbp). The memcpy writes to rpchdr + 32 = [rbp-0xa0]. The saved registers and return address are above rpchdr on the stack:
However, these are the offsets for a credential body that starts immediately. In practice, the credential body begins with a GSS header (version, procedure, sequence, service) plus a context handle. With a 16-byte handle, the actual offsets shift by 32 bytes — the return address lands at credential body byte 200 (verified via De Bruijn pattern analysis from the remote exploit).
Why NFS? The vulnerable module kgssapi.ko implements RPCSEC_GSS authentication for the kernel’s RPC subsystem. NFS is the primary (and typically only) in-kernel RPC service that uses RPCSEC_GSS. The NFS server daemon (nfsd) listens on port 2049/TCP and processes RPC packets in kernel context — making this a remote kernel code execution vulnerability reachable over the network.
Why Kerberos? The overflow is deep inside the GSS validation code path. svc_rpc_gss_validate() is only called when:
The GSS procedure is DATA (not INIT or DESTROY)
Without a valid GSS context, the server rejects the packet at step 3 (returning AUTH_REJECTEDCRED) and the vulnerable memcpy is never reached. Creating a valid GSS context requires a successful Kerberos handshake — the attacker must possess a valid Kerberos ticket for the NFS service principal.
In a real-world attack, the target would be an enterprise NFS server with existing Kerberos infrastructure (Active Directory, FreeIPA, etc.). Any user with a valid Kerberos ticket — even an unprivileged one — can trigger the vulnerability. The test lab includes its own KDC because there is no pre-existing Kerberos environment.
The XDR layer enforces MAX_AUTH_BYTES = 400 on the credential body, giving an overflow range of 97–400 bytes (1–304 bytes past the safe limit).
* Network access to the target’s NFS port (2049/TCP) and KDC port (88/TCP)
# Download image
wget https://download.freebsd.org/releases/VM-IMAGES/14.4-RELEASE/amd64/Latest/\
FreeBSD-14.4-RELEASE-amd64-BASIC-CLOUDINIT-ufs.qcow2.xz
xz -d FreeBSD-14.4-RELEASE-amd64-BASIC-CLOUDINIT-ufs.qcow2.xz
cp FreeBSD-14.4-RELEASE-amd64-BASIC-CLOUDINIT-ufs.qcow2 freebsd-vuln.qcow2
qemu-img resize freebsd-vuln.qcow2 8G
# Cloud-init auto-configuration
cat > user-data << ‘EOF’
#cloud-config
chpasswd:
list: |
root:freebsd
expire: False
ssh_pwauth: True
bootcmd:
- rm -f /firstboot # prevent auto-patching to -p1
- rm -f /var/db/freebsd-update/*
runcmd:
- echo ‘PermitRootLogin yes’ >> /etc/ssh/sshd_config
- service sshd restart
- kldload kgssapi
- sysrc rpcbind_enable=YES nfs_server_enable=YES
- echo ‘/export -network 0.0.0.0/0’ > /etc/exports
- mkdir -p /export
- service rpcbind start && service nfsd start
EOF
cat > meta-data << ‘EOF’
instance-id: cve-test
local-hostname: freebsd-vuln
EOF
genisoimage -output seed.iso -volid cidata -joliet -rock user-data meta-data
# Boot VM — forward SSH (22), NFS (2049), and KDC (88) ports
qemu-system-x86_64 -enable-kvm -cpu host -m 2G -smp 2 \
-drive file=freebsd-vuln.qcow2,format=qcow2,if=virtio \
-cdrom seed.iso \
-netdev user,id=net0,hostfwd=tcp::2222-:22,hostfwd=tcp::2049-:2049,hostfwd=tcp::8888-:88 \
-device virtio-net-pci,netdev=net0 -nographic
The KDC port (88) is forwarded to host port 8888 directly — no SSH tunnel required.
For VMware Workstation, ESXi, Fusion, VirtualBox, or bhyve. In this example the VM hostname is test.
Download the installer ISO (not the cloud-init image):
wget https://download.freebsd.org/releases/amd64/amd64/ISO-IMAGES/14.4-RELEASE/\
FreeBSD-14.4-RELEASE-amd64-disc1.iso
IMPORTANT: FreeBSD spawns 8 NFS threads per CPU. The exploit kills one thread per round and needs 15 rounds, so you need at least 2 CPUs (= 16 threads). With 1 CPU (8 threads) the exploit fails around round 9.
Network: bridged or NAT (the attacker needs to reach ports 22, 88, 2049)
Attach the ISO and install FreeBSD normally
...
Read the original on github.com »
Border Gateway Protocol (BGP) is the postal service of the Internet. It’s responsible for looking at all of the available paths that data could travel and picking the best route. Unfortunately, it isn’t secure, and there have been some major Internet disruptions as a result. But fortunately there is a way to make it secure.ISPs and other major Internet players (Sprint and others) would need to implement a certification system, called RPKI.
To better understand why BGP’s lack of security is so problematic, let’s look at a simplified model of how BGP is used to route Internet packets. The Internet is not run by just one company. It’s made up of thousands of autonomous systems with nodes located all around the world, connected to each other in a massive graph.In essence, the way BGP works is that each node must determine how to route packets using only what it knows from the nodes it connects with directly.For example, in the simple network A–B–C–D–E, the node A only knows how to reach E based on information it received from B. The node B knows about the network from A and C. And so forth.A BGP hijack occurs when a malicious node deceives another node, lying about what the routes are for its neighbors. Without any security protocols, this misinformation can propagate from node to node, until a large number of nodes now know about, and attempt to use these incorrect, nonexistent, or malicious routes.Click “Hijack the request” to visualize how packets are re-routed:
In order to make BGP safe, we need some way of preventing the spread of this misinformation. Since the Internet is so open and distributed, we can’t prevent malicious nodes from attempting to deceive other nodes in the first place. So instead we need to give nodes the ability to validate the information they receive, so they can reject these undesired routes on their own. Enter Resource Public Key Infrastructure (RPKI), a security framework method that associates a route with an autonomous system. It gets a little technical, but the basic idea is that RPKI uses cryptography to provide nodes with a way of doing this validation.With RPKI enabled, let’s see what happens to packets after an attempted BGP hijack. Click “Attempt to hijack” to visualize how RPKI allows the network to protect itself by invalidating the malicious routes:
Border Gateway Protocol (BGP) is the postal service of the Internet. When someone drops a letter into a mailbox, the postal service processes that piece of mail and chooses a fast, efficient route to deliver that letter to its recipient. Similarly, when someone submits data across the Internet, BGP is responsible for looking at all of the available paths that data could travel and picking the best route, which usually means hopping between autonomous systems. Learn more →By default, BGP does not embed any security protocols. It is up to every autonomous system to implement filtering of “wrong routes”. Leaking routes can break parts of the Internet by making them unreachable. It is commonly the result of misconfigurations. Although, it is not always accidental. A practice called BGP hijack consists of redirecting traffic to another autonomous system to steal information (via phishing, or passive listening for instance).BGP can be made safe if all autonomous systems (AS) only announce legitimate routes. A route is defined as legitimate when the owner of the resource allows its announcement. Filters need to be built in order to make sure only legitimate routes are accepted. There are a few approaches for BGP route validation which vary in degrees of trustability and efficiency. A mature implementation is RPKI. With 800k+ routes on the Internet, it is impossible to check them manually. Resource Public Key Infrastructure (RPKI) is a security framework method that associates a route with an autonomous system. It uses cryptography in order to validate the information before being passed onto the routers. You can read more about RPKI on the Cloudflare blog.On May 14th 2020, Job Snijders from NTT presented a free RPKI 101 webinar.How does the test work?In order to test if your ISP is implementing BGP safely, we announce a legitimate route but we make sure the announcement is invalid. If you can load the website we host on that route, that means the invalid route was accepted by your ISP. A leaked or a hijacked route would likely be accepted too.Can even more be done?Over the years, network operators and developers started working groups to design and deploy standards to overcome unsafe routing protocols. Cloudflare recently joined a global initiative called Mutually Agreed Norms for Routing Security (MANRS). It’s a community of security-minded organizations committed to making routing infrastructure more robust and secure, and members agree to implement filtering mechanisms. New voices are always appreciated.What can you do?Share this page For BGP to be safe, all of the major ISPs will need to embrace RPKI. Sharing this page will increase awareness of the problem which can ultimately pressure ISPs into implementing RPKI for the good of themselves and the general public. You can also reach out to your service provider or hosting company directly and ask them to deploy RPKI and join MANRS. When the Internet is safe, everybody wins.
...
Read the original on isbgpsafeyet.com »
Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.
...
Read the original on www.phoronix.com »
To add this web app to your iOS home screen tap the share button and select "Add to the Home Screen".
10HN is also available as an iOS App
If you visit 10HN only rarely, check out the the best articles from the past week.
If you like 10HN please leave feedback and share
Visit pancik.com for more.