11 posts • joined 28 Dec 2007
Use full drive crypto with TPM
The only way to secure a laptop is to use full drive crypto that supports TPM and have a laptop which has functional TPM chip. For example DELL business models.
And then never leave the laptop in suspended mode when you leave the room, always either switch it off or use hibernation.
Thus attacker cannot do DMA attack to memory since memory is switched off, and cannot modify boot sector even by accessing hard drive directly with another PC as TPM will scream on that.
They did not mention defence.
Curious that they did not mention how to defend against this.
Simply use Applocker and deny execution from all external media.
Why would attacker need to take over the machine?
Everything that is interesting for attacker is under users own account.
Tell me one, just one thing that would be of interest for attacker and could not be gained with user privileges.
If battle goes badly, change the rules
Actually the best way to defend your system against this kind of crap is to prevent it from getting into the system in the first place.
And thats where web blockers and exploit guard components come to play, if user cannot get to the hostile page, or the hostile advertisement cannot load user is safe.
Traditional AV is the last line of defense when more modern techniques fail
No admin password is needed for Linux
Unless you are using some distro which has ultra paranoid security, you don't need admin access to install stuff that can access users stuff.
Just install attack component as Gnome or KDE applet and you get both autostart and access to all user data. No root password needed.
USB-SEA is typical Apple invention
USB-SEA sounds like typical Apple invention, a good idea as long as you accept the limitations it brings.
If self extraction would be mandatory we would not have cheap passive USB hubs. Also I have my PC in very hard to get location and I have printer and other cables connected to back of the PC.
It would really suck to eject my printer or USB hub cable by mistake when I want to eject USB stick from the front.
CD-R and DVD-R media contain manufacturing date in the disc info.
So if you are about to create a forgery of CD-R you must have to be able to obtain a disc that is at least as old as the documents in the disc.
And this is already something most people do not know about, so they would be easily caught if they burn a fresh disc with altered documents.
WTF they had SSH open to the world
It boggles the mind that high profile target like apache.org had SSH port open to everyone.
Any admin worth their salt knows that you should have SSH and any other login protocols accessible only over local network on publicly visible target like that.
Actually the first mobile phones were introduced in 1971.
Typical US assumptions.
Finns introduced ARP (short for AutoRadioPuhelin) in 1971, which would be two years before Motorola.
And just what he hopes to prove with this?
Fake golf clubs are easy to spot
I read article from local technology mag (a one with long reputation of accuracy).
They went to china and bought fake clubs from 3 different stores. Then they tested them both in lab and blind tests with golf pros.
Needless to say that the fake clubs performed abysmally, the pros could detect the difference with first swing. And when you saw the lab photos you did not wonder why.
The fake with was really shoddily built and had completely wrong construction when compared to club it was supposed to imitate.
Probably same thing with that fake kit, they probably has Cisco OS, but HW quality will probably show both in durability and ability to handle high loads and heat.