JayJuanGee
Legendary
Online
Activity: 3878
Merit: 11065
Self-Custody is a right. Say no to"Non-custodial"
|
|
February 27, 2020, 03:27:24 AM |
|
|
|
|
|
jojo69
Legendary
Online
Activity: 3318
Merit: 4606
diamond-handed zealot
|
|
February 27, 2020, 03:36:09 AM Last edit: February 27, 2020, 03:48:27 AM by jojo69 |
|
my bios has a reset to default button for times it all goes wrong. dont conflate things to 2 options when there are many more possibilities
hmmmm I honestly don't know if the backup BIOS on overclocking boards is an actual ROM, if so that is a pretty good option. I'd still be worried about the firmware on any drives or other connected devices
|
|
|
|
xhomerx10
Legendary
Offline
Activity: 4004
Merit: 8789
|
|
|
|
|
jbreher
Legendary
Offline
Activity: 3038
Merit: 1660
lose: unfind ... loose: untight
|
|
February 27, 2020, 04:00:41 AM |
|
Most linux distributions can be run on read-only filesystems (same as from cd) BUT the only true security hole is running them as root, because volumes can be remounted in rw mode on the fly. I'm using this strategy on my raspberryPi that is running the game console emulators for the kids. They don't do no shutdown, they just pull the plug/wallwart. Roms are stored on etx4 USB, mounted read-only. This one is just mounted in rw mode on the PC, to manage the roms and emulator binaries.
Just make sure you run linux as unprivileged user. Privilege escalation is a thing though, but unlikely on patched systems. However, when you're not connected to the net, i doubt there is a fair chance of catching a successful exploit via USB.
Again, your postulated security described above is utterly dependent upon the rando USB device implementing only a storage class endpoint. Whatevs. Good luck with that. I would care less if i am running as unpriv. user on a system that is not network connected. I didn't mention that i'd never use a host with actual user data on it. I thought that would be clear because i was replying to Dabs' "frozen sysimage" approach. I would definitely not use a guest VM but a dedicated box that i can reset via dd or similar disc imaging tools, i wasn't clear on that, as i just recognize while typing this. And yes, it's part of the very basics: there is no 100% security, only 100% security against certain (and therefor known) attack vectors. I’m gonna say this one last time. Your postulated recovery is weaksauce against anything other than a disk-resident vector. dd ain’t gonna do nothing for you if malware-containing USB infects the BIOS. Forget about badUSB/badBIOS as it has already been perfectly documented and evidenced... Maybe you are the right person to ask this, depending on how low level your work or knowledge goes... I have always thought another theoretical attack vector would be in the HD firmware from which it would be possible to on-the-fly replace a call to the boot sector adding some payload to it. I still think so but... have you ever seen any real practical example/exploit of that? Even as a PoC "lab test"? Well, if you can program new drive FW, and you can get it programmed into the drive’s FW store, then yes - that would be trivial. Indeed, I’ve shipped devices that provided canned boot sector data before - not as an exploit, but because the operating environment needed such in order to function. Of course, that was a ‘from the factory’ thing, not a field exploit. However, drive FW development is non-trivial. Embedded computers without public data on memory maps, peripheral specs, etc. Nonstandard SoCs, built on various ISAs, dependent upon lots of in-house developed tools. Very difficult. Albeit doable in theory. However^2, most (all?) contemporary drives will not load FW that does not have a valid crypto signature. I have never heard of any case of a successful exploit of a drive’s FW sig being cracked. Though drive companies are just collections of people, and some people in the chain of custody for the root certs may not fully understand their responsibilities. I could see the possibility of a leak of keys happening some day by some vendor or another. At which point, such an exploit again becomes plausible.
|
|
|
|
jbreher
Legendary
Offline
Activity: 3038
Merit: 1660
lose: unfind ... loose: untight
|
|
February 27, 2020, 04:05:41 AM |
|
Most linux distributions can be run on read-only filesystems (same as from cd) BUT the only true security hole is running them as root, because volumes can be remounted in rw mode on the fly. I'm using this strategy on my raspberryPi that is running the game console emulators for the kids. They don't do no shutdown, they just pull the plug/wallwart. Roms are stored on etx4 USB, mounted read-only. This one is just mounted in rw mode on the PC, to manage the roms and emulator binaries.
Just make sure you run linux as unprivileged user. Privilege escalation is a thing though, but unlikely on patched systems. However, when you're not connected to the net, i doubt there is a fair chance of catching a successful exploit via USB.
Again, your postulated security described above is utterly dependent upon the rando USB device implementing only a storage class endpoint. Whatevs. Good luck with that. I would care less if i am running as unpriv. user on a system that is not network connected. I didn't mention that i'd never use a host with actual user data on it. I thought that would be clear because i was replying to Dabs' "frozen sysimage" approach. I would definitely not use a guest VM but a dedicated box that i can reset via dd or similar disc imaging tools, i wasn't clear on that, as i just recognize while typing this. And yes, it's part of the very basics: there is no 100% security, only 100% security against certain (and therefor known) attack vectors. I’m gonna say this one last time. Your postulated recovery is weaksauce against anything other than a disk-resident vector. dd ain’t gonna do nothing for you if malware-containing USB infects the BIOS. my bios has a reset to default button for times it all goes wrong. dont conflate things to 2 options when there are many more possibilities I am not limiting things to two options. I am merely pointing out a single issue with the postulated ‘presumed safe’ activity. Perhaps one of many. I’ll leave it as an exercise to the reader to prove that there is no way for malware to futz with the ‘safe copy’ of the BIOS that could overwrite the other. (Hint: as if)
|
|
|
|
jojo69
Legendary
Online
Activity: 3318
Merit: 4606
diamond-handed zealot
|
|
February 27, 2020, 04:16:41 AM |
|
I’ll leave it as an exercise to the reader to prove that there is no way for malware to futz with the ‘safe copy’ of the BIOS that could overwrite the other. (Hint: as if)
depends how it is implemented if the button is an actual hardware reset that forces a reload from ROM that seems like it would work if it is just a software call then the malware would just reset your settings and lie to you, and if it is not an actual ROM it would just write itself in the backup...
|
|
|
|
lightfoot
Legendary
Offline
Activity: 3164
Merit: 2258
I fix broken miners. And make holes in teeth :-)
|
|
February 27, 2020, 04:23:02 AM |
|
For better computers, the BIOS updates are usually signed with a key that is compared to the author list. Tougher to screw with by far.
|
|
|
|
jojo69
Legendary
Online
Activity: 3318
Merit: 4606
diamond-handed zealot
|
|
February 27, 2020, 04:26:54 AM |
|
since when?
people write custom BIOS for older stuff all the time
not being snarky, really want to know
|
|
|
|
Paashaas
Legendary
Offline
Activity: 3560
Merit: 4689
|
|
February 27, 2020, 04:51:04 AM Last edit: February 27, 2020, 05:26:39 AM by Paashaas Merited by BobLawblaw (2), xhomerx10 (1) |
|
Coronavirus update: - There are currently 82,147 confirmed cases worldwide, including 2,772 fatalities. - Pakistan, North Macedonia, Greece, Georgia, Finland, Norway and Algeria reporting their first cases. - A resident of Solano County, California, might be the first example in the country of community spread. Orange County declares state of emergency. - Iraq closes all schools and universities for at least 10 days. - Kuwait sends plane to evacuate its nationals from Milan. - Saudi Arabia suspends entry for religious purposes and for tourists from countries where coronavirus is spreading. - Qatar evacuates its nationals from Iran. - Leaked documents reveal coronavirus infections up to 52 times higher than reported figures in China’s Shandong province. - Helicopter money arrives in Hong Kong. HK residents aged 18 and above will each receive a cash handout of HK$10,000 in a HK$120 billion relief deal. - Chinese hotel worker, 56, is diagnosed with coronavirus after testing negative 8 times in 17 days while in quarantine. - Germany health minister warns we're at beginning of epidemic in Germany. - Australian Prime Minister Scott Morrison: "Based on the expert medical advice we've received, there is every indication that the world will soon enter a pandemic phase of coronavirus" - Coronavirus cases in Italy have jumped to 374 in the past six days, 12 deaths. - South Korea reports 334 new cases, bringing the total number in the country to 1,595. - 14 new cases in the Diamond Princess cruise ship. This brings the number of passengers and crew infected with the virus to 705. - North Korea postpones the opening of schools, no information how many infected people. - Scientists discover HIV-like mutation which makes coronavirus extremely infectious.
|
|
|
|
|
bitebits
Legendary
Offline
Activity: 2251
Merit: 3592
Flippin' burgers since 1163.
|
|
February 27, 2020, 05:49:05 AM |
|
|
|
|
|
bitebits
Legendary
Offline
Activity: 2251
Merit: 3592
Flippin' burgers since 1163.
|
|
February 27, 2020, 05:56:03 AM Merited by JayJuanGee (1) |
|
Think that the dissent by SEC Commissioner Hester Peirce is quite telling how much Bitcoin getting traction / being adopted is being feared: "This line of disapprovals leads me to conclude that this Commission is unwilling to approve the listing of any product that would provide access to the market for bitcoin and that no filing will meet the ever-shifting standards that this Commission insists on applying to bitcoin-related products—and only to bitcoin-related products"
|
|
|
|
Slow death
Legendary
Online
Activity: 3178
Merit: 1129
Leading Crypto Sports Betting & Casino Platform
|
- Leaked documents reveal coronavirus infections up to 52 times higher than reported figures in China’s Shandong province. the problem of politicians is that even when there is a serious situation they continue to lie, I do not believe in the numbers that the Chinese government keeps talking. the situation is probably much more serious and china continues to lie about the numbers of dead and infected
|
|
|
|
jupiter9
Member
Offline
Activity: 165
Merit: 10
|
|
February 27, 2020, 06:42:44 AM |
|
Bitcoin price forecast. The next target should be on the 1st March! Maybe a day more or less. The pivot should be on the 1st of March! Good luck!
|
|
|
|
Phil_S
Legendary
Offline
Activity: 2110
Merit: 1537
We choose to go to the moon
|
|
February 27, 2020, 06:55:56 AM |
|
Well looks like Pence will be the person who will run point on the virus outbreak.
We're screwed. But at least he will prey for us.
Pff. What's the worst that could happen?
|
|
|
|
JSRAW
Legendary
Offline
Activity: 2324
Merit: 1548
|
|
February 27, 2020, 07:40:23 AM |
|
Mrs Jay bossing you around at home?
|
|
|
|
OutOfMemory
Legendary
Offline
Activity: 1708
Merit: 3413
Man who stares at charts (and stars, too...)
|
|
February 27, 2020, 07:44:46 AM Last edit: February 27, 2020, 08:12:11 AM by OutOfMemory |
|
Most linux distributions can be run on read-only filesystems (same as from cd) BUT the only true security hole is running them as root, because volumes can be remounted in rw mode on the fly. I'm using this strategy on my raspberryPi that is running the game console emulators for the kids. They don't do no shutdown, they just pull the plug/wallwart. Roms are stored on etx4 USB, mounted read-only. This one is just mounted in rw mode on the PC, to manage the roms and emulator binaries.
Just make sure you run linux as unprivileged user. Privilege escalation is a thing though, but unlikely on patched systems. However, when you're not connected to the net, i doubt there is a fair chance of catching a successful exploit via USB.
Again, your postulated security described above is utterly dependent upon the rando USB device implementing only a storage class endpoint. Whatevs. Good luck with that. I would care less if i am running as unpriv. user on a system that is not network connected. I didn't mention that i'd never use a host with actual user data on it. I thought that would be clear because i was replying to Dabs' "frozen sysimage" approach. I would definitely not use a guest VM but a dedicated box that i can reset via dd or similar disc imaging tools, i wasn't clear on that, as i just recognize while typing this. And yes, it's part of the very basics: there is no 100% security, only 100% security against certain (and therefor known) attack vectors. I’m gonna say this one last time. Your postulated recovery is weaksauce against anything other than a disk-resident vector. dd ain’t gonna do nothing for you if malware-containing USB infects the BIOS. Newer BIOSes. I forgot to mention, i'd never use such for plugging in untrusted usb media. My good old Pentium-M notebook is still running, as long as mains power is supplied. 12 year old NAS with usb should also do, wouldn't even accept input devices. Totally wrong? I’ll leave it as an exercise to the reader to prove that there is no way for malware to futz with the ‘safe copy’ of the BIOS that could overwrite the other. (Hint: as if)
depends how it is implemented if the button is an actual hardware reset that forces a reload from ROM that seems like it would work if it is just a software call then the malware would just reset your settings and lie to you, and if it is not an actual ROM it would just write itself in the backup... Imo, it depends if the reset procedure copies over a default BIOS from actual ROM (safer, resets to factory BIOS) or a copy of the current BIOS from NVRAM (not safe at all). I'd suggest it's the latter. I have a P7 milspec grade board made by asus, dual bios, read from NVRAM. So i wouldn't consider anything like this as safe as long as proven otherwise (security standard certification). - Leaked documents reveal coronavirus infections up to 52 times higher than reported figures in China’s Shandong province. the problem of politicians is that even when there is a serious situation they continue to lie, I do not believe in the numbers that the Chinese government keeps talking. the situation is probably much more serious and china continues to lie about the numbers of dead and infected The less (free) information from china (and similar dictatorships), the worse the situation, imo. Think that the dissent by SEC Commissioner Hester Peirce is quite telling how much Bitcoin getting traction / being adopted is being feared: "This line of disapprovals leads me to conclude that this Commission is unwilling to approve the listing of any product that would provide access to the market for bitcoin and that no filing will meet the ever-shifting standards that this Commission insists on applying to bitcoin-related products—and only to bitcoin-related products"
The "fear" phase.
|
|
|
|
nutildah
Legendary
Offline
Activity: 3150
Merit: 8519
Happy 10th Birthday to Dogeparty!
|
|
February 27, 2020, 08:04:02 AM |
|
Well looks like Pence will be the person who will run point on the virus outbreak.
We're screwed. But at least he will prey for us.
Pff. What's the worst that could happen? In all fairness, the "Do Not Touch" is in parentheses, so maybe he thought the sign was just kidding.
|
|
|
|
OutOfMemory
Legendary
Offline
Activity: 1708
Merit: 3413
Man who stares at charts (and stars, too...)
|
|
February 27, 2020, 08:14:56 AM |
|
Well looks like Pence will be the person who will run point on the virus outbreak.
We're screwed. But at least he will prey for us.
Pff. What's the worst that could happen? In all fairness, the "Do Not Touch" is in parentheses, so maybe he thought the sign was just kidding. Who would stick a note like this onto anything that must not be touched, anyway?
|
|
|
|
somac.
Legendary
Offline
Activity: 2106
Merit: 1238
Never selling
|
|
February 27, 2020, 08:53:59 AM |
|
Sigh! looks like we're going lower again the order books are evenly distributed again. Sellers are definitely chasing the price down.
No worries though, they will run out of coins soon and the further down it goes the more BTC I can get with my fiat. Halvening on the 12th of May, less coins for the sellers and less for us buyers.
|
|
|
|
|