P_Shep
Legendary
Online
Activity: 1818
Merit: 1298
I guess this is OK.
|
 |
February 26, 2020, 07:48:10 PM |
|
How can mounting a USB stick on an AutoRun-disabled VM affect your host's BIOS? Honest question, I want to know.
Don’t lost track of the fact that USB is an acronym for Universal Serial Bus. That device could contain any number of USB endpoints, each implementing a different device class. What if one of the endpoints identifies as a Human Interface Device — for example a keyboard — and injects a number of commands to the system? From the users perspective, invisibly. Or even deeper, a bridge device, giving it access to the underlying I2C bus - maybe even the SMB? Yeah, but who is going to maintain the discipline required to ensure any potential infection does not spread from the separate PC to others in your stable? There is the Yubikey which types for you like a USB keyboard. There is that Rubber Ducky, which types like a USB keyboard and can type like it was there at 100 words per second or something as fast as a keyboard will accept, such as Windows-R, CMD, and do any number of commands from the command prompt. https://shop.hak5.org/products/usb-rubber-ducky-deluxeAs for virgin clean PC's, I used to (and still do) use something called Deep Freeze, reboot to restore thing. If the host computer it's installed on gets infected, before it can propagate any problems to the rest of the network (assuming you disconnected it physically from the rest of the network), you just reboot, and it's back as new, as if it was never updated. Most malware is unaware of it's existence. It's great for setting up kiosks that provide internet access through regular browsers. At the end of the session, reboot, it's back to the way it was. If you need to update anything, reboot, turn it off, update, reboot, and it will stay that way. In theory, it can still be hacked, but in practice it's as if the whole computer is one giant VM. Reboot, and it's back to the way it was yesterday. If you need to save data or files or documents, you save them on a different drive or partition or folder designated as such. But the rest of the OS, reboot, and it goes back to the way it was. I recall reading an article where they made a 'flash drive' act like an ethernet adapter and would intercept all internet traffic for a man-in-the-middle attack.
|
|
|
|
Gyrsur
Legendary
Offline
Activity: 2856
Merit: 1520
Bitcoin Legal Tender Countries: 2 of 206
|
 |
February 26, 2020, 07:55:14 PM |
|
Bitstamp ADL 8,627.78 USD (source: Bitstamp API)
|
|
|
|
Gyrsur
Legendary
Offline
Activity: 2856
Merit: 1520
Bitcoin Legal Tender Countries: 2 of 206
|
 |
February 26, 2020, 07:58:41 PM |
|
[meme] BTC give me my life back, pls! [/meme]
|
|
|
|
jbreher
Legendary
Offline
Activity: 3080
Merit: 1688
lose: unfind ... loose: untight
|
 |
February 26, 2020, 08:03:33 PM |
|
As for virgin clean PC's, I used to (and still do) use something called Deep Freeze, reboot to restore thing. If the host computer it's installed on gets infected, before it can propagate any problems to the rest of the network (assuming you disconnected it physically from the rest of the network), you just reboot, and it's back as new, as if it was never updated.
Does your ‘reboot’ re-flash the BIOS with a known-good image? Probably not. Even if so, what ensures that supposedly ‘known-good’ image has not itself been corrupted by the malware? Again. There is NO perfect security.
|
|
|
|
jbreher
Legendary
Offline
Activity: 3080
Merit: 1688
lose: unfind ... loose: untight
|
 |
February 26, 2020, 08:12:51 PM |
|
Right, it’s low enough now. Logging onto laptop to buy 0.5BTC.
Thank you for your service. I’ve bought 4 BTC so far this week. Because incremental ladder trading. Wow, 4 whole coins this week. You wrote btc - as in bitcoin, with no other qualifiers. If I got it right, there goes a little haiku for you. That's just, like, you know five days and a weekend, man Congratulations! Yes, BTC. Just buying back the coins I sold (for more USD) on the way up. Incremental laddered standing orders FTW.
|
|
|
|
machasm
|
 |
February 26, 2020, 08:14:39 PM |
|
Bought another 0.1 BTC on this dip. Spent more than I originally planned this week already.
|
|
|
|
jbreher
Legendary
Offline
Activity: 3080
Merit: 1688
lose: unfind ... loose: untight
|
 |
February 26, 2020, 08:15:41 PM |
|
How can mounting a USB stick on an AutoRun-disabled VM affect your host's BIOS? Honest question, I want to know.
Don’t lost track of the fact that USB is an acronym for Universal Serial Bus. That device could contain any number of USB endpoints, each implementing a different device class. What if one of the endpoints identifies as a Human Interface Device — for example a keyboard — and injects a number of commands to the system? From the users perspective, invisibly. Or even deeper, a bridge device, giving it access to the underlying I2C bus - maybe even the SMB? Yeah, but who is going to maintain the discipline required to ensure any potential infection does not spread from the separate PC to others in your stable? There is the Yubikey which types for you like a USB keyboard. There is that Rubber Ducky, which types like a USB keyboard and can type like it was there at 100 words per second or something as fast as a keyboard will accept, such as Windows-R, CMD, and do any number of commands from the command prompt. https://shop.hak5.org/products/usb-rubber-ducky-deluxeAs for virgin clean PC's, I used to (and still do) use something called Deep Freeze, reboot to restore thing. If the host computer it's installed on gets infected, before it can propagate any problems to the rest of the network (assuming you disconnected it physically from the rest of the network), you just reboot, and it's back as new, as if it was never updated. Most malware is unaware of it's existence. It's great for setting up kiosks that provide internet access through regular browsers. At the end of the session, reboot, it's back to the way it was. If you need to update anything, reboot, turn it off, update, reboot, and it will stay that way. In theory, it can still be hacked, but in practice it's as if the whole computer is one giant VM. Reboot, and it's back to the way it was yesterday. If you need to save data or files or documents, you save them on a different drive or partition or folder designated as such. But the rest of the OS, reboot, and it goes back to the way it was. Most linux distributions can be run on read-only filesystems (same as from cd) BUT the only true security hole is running them as root, because volumes can be remounted in rw mode on the fly. I'm using this strategy on my raspberryPi that is running the game console emulators for the kids. They don't do no shutdown, they just pull the plug/wallwart. Roms are stored on etx4 USB, mounted read-only. This one is just mounted in rw mode on the PC, to manage the roms and emulator binaries. Just make sure you run linux as unprivileged user. Privilege escalation is a thing though, but unlikely on patched systems. However, when you're not connected to the net, i doubt there is a fair chance of catching a successful exploit via USB. Again, your postulated security described above is utterly dependent upon the rando USB device implementing only a storage class endpoint. Whatevs. Good luck with that.
|
|
|
|
soxxx
Member

Offline
Activity: 256
Merit: 62
|
 |
February 26, 2020, 08:18:04 PM |
|
Bitcoin cant close the day below the 200 Day moving average. Its currently at $8794.
If we close above it, it would be pretty bullish.
|
|
|
|
OutOfMemory
Legendary
Offline
Activity: 1820
Merit: 3629
Man who stares at charts (and stars, too...)
|
 |
February 26, 2020, 08:35:54 PM |
|
Most linux distributions can be run on read-only filesystems (same as from cd) BUT the only true security hole is running them as root, because volumes can be remounted in rw mode on the fly. I'm using this strategy on my raspberryPi that is running the game console emulators for the kids. They don't do no shutdown, they just pull the plug/wallwart. Roms are stored on etx4 USB, mounted read-only. This one is just mounted in rw mode on the PC, to manage the roms and emulator binaries.
Just make sure you run linux as unprivileged user. Privilege escalation is a thing though, but unlikely on patched systems. However, when you're not connected to the net, i doubt there is a fair chance of catching a successful exploit via USB.
Again, your postulated security described above is utterly dependent upon the rando USB device implementing only a storage class endpoint. Whatevs. Good luck with that. I would care less if i am running as unpriv. user on a system that is not network connected. I didn't mention that i'd never use a host with actual user data on it. I thought that would be clear because i was replying to Dabs' "frozen sysimage" approach. I would definitely not use a guest VM but a dedicated box that i can reset via dd or similar disc imaging tools, i wasn't clear on that, as i just recognize while typing this. And yes, it's part of the very basics: there is no 100% security, only 100% security against certain (and therefor known) attack vectors.
|
|
|
|
El duderino_
Legendary
Offline
Activity: 2786
Merit: 13781
BTC + Crossfit, living life.
|
 |
February 26, 2020, 08:48:46 PM |
|
Right, it’s low enough now. Logging onto laptop to buy 0.5BTC.
Thank you for your service. I’ve bought 4 BTC so far this week. Because incremental ladder trading. Wow, 4 whole coins this week. You wrote btc - as in bitcoin, with no other qualifiers. If I got it right, there goes a little haiku for you. That's just, like, you know five days and a weekend, man Congratulations! Yes, BTC. Just buying back the coins I sold (for more USD) on the way up. Incremental laddered standing orders FTW. Good breher is getting some sense.... now forget the worthless forks and be a true coiner in its purest form once again!
|
|
|
|
dragonvslinux
Legendary
Offline
Activity: 1722
Merit: 2213
|
 |
February 26, 2020, 08:52:26 PM |
|
|
|
|
|
Raja_MBZ
Legendary
Offline
Activity: 1806
Merit: 1520
|
 |
February 26, 2020, 08:52:50 PM Merited by JayJuanGee (1) |
|
|
|
|
|
OutOfMemory
Legendary
Offline
Activity: 1820
Merit: 3629
Man who stares at charts (and stars, too...)
|
 |
February 26, 2020, 09:04:50 PM |
|
Just sent some Sats for consolidation to an exchange via SegWit from Electrum with slider set at lowest fee (5.1 sat/b) and i got notified by the exchange about the deposit almost instantly.  NICE!!!
|
|
|
|
fillippone
Legendary
Online
Activity: 2436
Merit: 17550
Fully fledged Merit Cycler - Golden Feather 22-23
|
 |
February 26, 2020, 09:15:08 PM Last edit: February 27, 2020, 02:37:53 AM by fillippone Merited by OutOfMemory (1) |
|
Just sent some Sats for consolidation to an exchange via SegWit from Electrum with slider set at lowest fee (5.1 sat/b) and i got notified by the exchange about the deposit almost instantly.  NICE!!! Glad you had a successful confirmation of your transaction. Just be aware Electrum is not optimal at estimating the fees. Better to use tools like whatthefee.io or https://bitcoinfees.earn.com/ to determine the right fees level for you. Check here if you don’t know how to manually set the fees: Topic: Bitcoin Transaction Fees - Everything in one
|
|
|
|
bones261
Legendary
Offline
Activity: 1806
Merit: 1828
|
 |
February 26, 2020, 09:31:14 PM Merited by fillippone (1) |
|
WO brothers, I feel dirty, and traitor of the Gang. I dismissed my hat for a mere 45 USD/week. Sorry, something changed in Fillippone life and I need to keep staking sats!
I will wear back the hat on every possible occasion.
Don't feel bad. I had to do the same thing. We will have our hats back on in no time. Also, since the halving is coming up, who knows what the 45 USD in BTC will be worth if we HODL it, in the near future. I am certain in a few month, someone will have to be putting together the 100k party.
|
|
|
|
El duderino_
Legendary
Offline
Activity: 2786
Merit: 13781
BTC + Crossfit, living life.
|
 |
February 26, 2020, 09:33:24 PM |
|
ETF, long time I read those letters, of-course when else as in line with a DIP 
|
|
|
|
goldkingcoiner
Legendary
Offline
Activity: 2324
Merit: 2140
A Bitcoiner chooses. A slave obeys.
|
 |
February 26, 2020, 09:57:27 PM Last edit: February 27, 2020, 01:03:31 AM by goldkingcoiner |
|
ETF, long time I read those letters, of-course when else as in line with a DIP  Why did you change your name, Fatty?
|
|
|
|
soxxx
Member

Offline
Activity: 256
Merit: 62
|
 |
February 26, 2020, 09:59:31 PM |
|
Ascending triangle anyone? 
|
|
|
|
serveria.com
Legendary
Offline
Activity: 2520
Merit: 1260
Privacy Servers. Since 2009.
|
 |
February 26, 2020, 10:14:41 PM |
|
big green dildo where art thou? we need you! 
|
|
|
|
Gyrsur
Legendary
Offline
Activity: 2856
Merit: 1520
Bitcoin Legal Tender Countries: 2 of 206
|
 |
February 26, 2020, 10:28:15 PM Last edit: February 26, 2020, 11:33:42 PM by Gyrsur |
|
Ascending triangle anyone?  Ascending Triangle confirmed. if we break below the ascending line then "God save the Queen". 
|
|
|
|
|