* Posts by TheVogon

3511 publicly visible posts • joined 17 Jan 2013

Malware hidden in vid app is so nasty, victims should wipe their Macs

TheVogon

Re: Wow

"I would venture then that the UEFI bios of these Macs are 'OK'."

I wouldn't. See for instance:

https://arstechnica.com/information-technology/2017/09/an-alarming-number-of-macs-remain-vulnerable-to-stealthy-firmware-hacks/

There have been at least 3 different MAC EFI vulnerabilities found and exploited in the past, so likely given enough effort likely more could be found...

TheVogon

"Erm, aren't they called firmware viruses?"

See https://www.theregister.co.uk/2015/02/17/kaspersky_labs_equation_group/

We talk to Tron artist Syd Mead: On the other side of the screen, it all looks so easy

TheVogon

No Money, No Honey!

"If you love Tron, perhaps it's best you don't watch this cartoon:"

It wouldn't be the first time someone has ripped off a popular concept:

https://www.youtube.com/watch?v=eulSdeHxmLw

(NSFW - swearing)

Wanna exorcise Intel's secretive hidden CPU from your hardware? Meet Purism's laptops

TheVogon

Re: Disabled? Yeah, right...

"There is on every thinkpad I've seen"

Great, so does that solve the problem? We just need that option on all BIOSs?

TheVogon

Re: For decades now

"Perhaps a compromise, then. Have the jumper open for read-only, but have the jumper installed at the factory. "

OK so you make certain bits of the BIOS read only by default. That still leaves the rest to be attacked. And makes it much less likely that critical vulnerabilities found in the read only code will actually ever be patched. Most users wont bother to change a jumper.

"Large environments and users who would rather keep using an old, perhaps insecure firmware than open the case would find things exactly as they are now, so no loss, no gain for them. "

In my experience it's the large environments that are much more likely to have to the resources to package and deploy a BIOS update.

TheVogon

Re: For decades now

"You don't need to update the bootstrap code very often, if at all, for the life of the machine."

We only recently had to patch the BIOS of most recent corporate PCs due to a critical UEFI vulnerability.

Also the boot code is still part of the BIOS which is on a single flash chip - and that typically requires several updates over the life of a PC.

TheVogon

Re: Disabled? Yeah, right...

"Don't use local firewalls then."

So you propose configuring an external hardware firewall by destination IP and port for for every every PC you use in every location and say over wifi?! Good luck with that...

"Err... It's quite unlikely it'll be trying access your internet banking or PayPal"

On the contrary your Internet banking or PayPal would likely be of great interest to a hacker that has taken remote control of your PC.

"and it's really easy to check what goes where and when."

So you propose not only to hardware firewall every device everywhere, but also think you know exactly which of the millions of addresses on the Internet are "safe"?! And even if that were even possible then that won't help if they come via say TOR, a VPN, a proxy or another compromised device...

TheVogon

Re: A recent delidding...

"So, either as an undocumented side and failed design, or an actual hidden system, there was wifi where there should not be"

A link would be good. If this is correct then most likely it's just a multipurpose chipset that can also do WiFi to reduce cost. The good news is that to actually transmit anything would almost certainly require an external amplifier and at least a rudimentary antenna.

If you tried to generate any receivable level of signal within a processor chip at 2.4 or 5GHz I don't think that chip would be very stable!

TheVogon

Re: Open message to Intel. Security by obscurity does not work. C'n'P chip design is bad too.

"Open message to Intel. Security by obscurity does not work"

As I understand it, the security of the underlying system does not rely on obscurity of the code or how it works. Intel just choose not to publish to source code which is not quite the same thing.

TheVogon

Re: Spreading b*ll against Intel as usual....

"Spreading b*ll against Intel as usual...."

It's clearly not bs. There is plenty of evidence of flaws that can be attacked. And once compromised you could potentially bypass all OS security. Also I recall that AMD have a similar solution and many servers also do so this is probably not only an Intel problem.

If you bear in mind that this stuff is on almost all corporate PCs which can be rich picking for hackers its quite possible someone will attack it.

The most likely risk imo is that we already know that government agencies have gone so far as for instance attacking hard disk firmware, so you can bet they will attack this if they don't already have easier methods. And such exploits tend to eventually leak or be found in the wild...

TheVogon

Re: For decades now

"add a physical switch to write protect the boot flash"

It's not practical to have to change a jumper to update every box - especially in large environments. Most corporates set Bios passwords which you would require to know for an update script to work - at least if it uses conventional update methods...

For partly this reason and also to make boxes mostly useless if stolen I always disable external boot and set Bios passwords on my own kit.

To remove a Bios password without manufacturer's assistance generally requires replacing a chip on the motherboard as I understand it so it's not perfect but it's a good start.

TheVogon

Re: We need companies like Purism @Michael Habel

" I don't think they're very likely to be interested in running Windows of any variety."

It depends on the use. For desktops where you have user interaction Windows is most attacked. However if you look at say Internet facing servers, Windows server is several times less likely to be attacked than say Linux boxes if you look at for instance defacement stats versus share of boxes. That might well be partly because of what is commonly run on the Linux boxes rather than the OS itself but you could say the same about Windows on the desktop where attacks have commonly leavaged java, flash, acrobat, office, etc...

TheVogon

Re: Pixies?

"You made a boob with your spelling"

Android at least autocorrects silicon to silicone if you don't change it...

TheVogon

Re: Pixies?

"Allow those that want to put iLO's into the devices"

ILO cards cost a few hundred quid and if optional take a slot / motherboard connector and presumably an additional network connection. Extra hardware built into a chip you already use costs a few cents...

TheVogon

Re: Disabled? Yeah, right...

What I don't understand is why isn't there simply a Bios setting to disable it? Wouldn't that make sense? Then no need for special hardware for the US government, etc. etc.

Google and Intel cook AI chips, neural network exchanges – and more

TheVogon

Re: And AlphaGo Zero

"Have not seen IBM do anything really big in AI for a long time."

IBM have their Watson platform that they are developing for various solutions. For instance automated reasoning, visual recognition and natural language processing / translation. So they are already fairly big in AI.

Windows 10 Fall Creators Update tackles IT's true menace: Cheating gamers

TheVogon

Re: Games is a key Win10 priority? Smells of desperation...

"Now let’s remind ourselves what’s been happening in Windows-land. When Windows became “a service” it became a perpetual beta, in which the end users are guinea pigs."

The RTM of Windows 10 was indeed pretty crappy because they rushed it out of the door.

However, the major updates since then (if you wait for them to be applied via default update settings and don't install them early yourself) have actually been pretty good by the time they hit your PC!

It's only a perpetual beta if you choose to enable early access to builds.

TheVogon

"But graphics driver issue...tell me more ..."

You need to install the full Nvidia driver, not the cut down one that ships with Windows 10. This includes detailed control in the settings of where exactly new app windows will appear...

TheVogon

"My current pet peeve is around Excel windows that refuse to stay in the same place (open up 3 spreadsheets, and they all seem to cascade hap-hazardly even after being arranging them countless times one behind the other)"

That's usually a graphics driver issue. Let me guess - Nvidia?

TheVogon

Re: I often wonder...

"Win 8.x+ TIFKAM (which on a server platform, is so horribly ugly, that for the first time, I can not refer to ugly GUI's in *nix)"

Why would you need it on a server? There is no GUI by default and all the GUI management tools can be enabled to run remotely...

TheVogon

Re: install fun

" Fail update did fail."

If you want to fix that to a fully consistent version, best way is an "in place install" via the "media creation tool"...

TheVogon

Do tell me more? They owe me a fortune ;-)

YouTube sin-bins account of KRACK WPA2 researcher

TheVogon

Re: In Range

"Otherwise, the client will just hop back to the stronger channel."

With default roaming settings it won't hop unless the signal level is really low!

Taste the Redmond: Dell strengthens its Azure Stackery

TheVogon

"We're going to talk about on-premises cloud with a straight face?"

It's more within your control than off premises cloud. Which you might not have noticed but seems to be a thing these days....

MongoDB shoots for $220m in IPO, values NoSQL biz at $1.2bn

TheVogon

Re: "The relational database era is passing…"

"Yes, because mathematically demonstrable advantages are no longer important!"

See https://www.youtube.com/watch?v=b2F-DItXtZs

The age of six-monthly Windows Server updates starts … now!

TheVogon

Re: Upgrading every 6 months?! No chance. But...

"The Register lacks credentials to Microsoft's Volume Licensing Service Center where it can be found."

It's on MSDN too. Confusingly it's labelled just as Windows Datacentre Server and you have to dig into the description to find reference to build 1709...

Windows Fall Creators Update is here: What do you want first – bad news or good news?

TheVogon

Re: Have they fixed the decades old bug in File Explorer ?

"Have they fixed the decades-old bug in File Explorer that means it cannot handle NTFS long file paths, THAT IT ITSELF CREATES ?"

That's deliberate behaviour for compatibility and not a bug. Tens of thousands of software packages use Win32 APIs to handle files and they expect a defined maximum path length of 260 and allocate buffers accordingly.

Starting in Windows 10 version 1607 these limitations were removed from common Win32 file and directory functions. However, you must opt-in to the new behavior. To enable long path support set the registry key at HKLM\SYSTEM\CurrentControlSet\Control\FileSystem LongPathsEnabled (Type: REG_DWORD)

If you enable this, some Win32 applications may not behave correctly if they encounter long paths.

Remember how you said it was cool if your mobe network sold your name, number and location?

TheVogon

Re: Bring on GDPR - Vive l'Europe

"Don't worry, the USA will ignore the GPDR."

The US itself might do, but it will be VERY expensive very quickly for any US company that does or any company that sends GDPR protected data to the US without obtaining specific informed consent. The potential fines are vast...

TheVogon

Thank goodness for the GDPR in the EU...

Here's a timeless headline: Adobe rushes out emergency Flash fix after hacker exploits bug

TheVogon

Re: Why does Windows 10 bundle Flash?

Flash is only enabled by default for certain white listed websites in W10. For anything else you have to choose to enable it on a per site basis...

WPA2 security in trouble as KRACK Belgian boffins tease key reinstallation bug

TheVogon

Re: Firmware update or OS?

"the attacker would have to be on the same base station as the victim, which restricts any attack's impact somewhat."

So when using say a high gain Yagi directional antenna that means within a couple of miles line of sight of the Base station then. That doesn't seem to be much of a restriction!

Uber begins appeals process to claw back taxi licence in London

TheVogon

"If Uber drivers were required to pass the same inspections, background checks, licensing and insurance"

They are. Well at least the same as any other minicab anyway...

TheVogon

Re: It will be interesting to see the grounds of appeal

I hope they run for a while. I used some Tesco Clubcard points to convert at 1:3 for Uber credit and still have some credit to use up!

Beware the GDPR 'no win, no fee ambulance chasers' – experts

TheVogon

Re: Sweet!

"Anyone who buys online accepts they've accepted these T&Cs"

If you sell to someone in the EU then EU laws apply. Any T&C that contradicts EU law is invalid. So if an EU customer say raises a credit card chargeback based under a right in EU law, you will lose it.

TheVogon

Re: A good thing too

"They want to leave because they don't want the hordes of Turkish immigrants entering the country just as soon as Turkey enters the EU"

Within a few decades, global warming is predicted to create tens of millions of refugees. The Turks are the least of our worries.

TheVogon

Re: At least we know now

let me correct that for you:

>> the bank's shareholders have now been forced to pay out something like £25billion in compensation

And in some cases subsidised by the tax payer...

I love disruptive computer jargon. It's so very William Burroughs

TheVogon

Re: First post!

Nice Beaver!

Scouse marketing scamps scalped £70k for 100,000+ nuisance calls

TheVogon

Re: 1 minute in prison for each call

Yep they need to hit the directors. Otherwise they simply take out all the money, strike off and rinse / repeat...

Google: This may shock you, but we also banked thousands of dollars to run Russian propaganda

TheVogon

Re: More bullshit

"Even if these numbers for an alleged Russian spend are real, and represent only 1% of the true amount ... that's still just a rounding error."

But when you consider that the Russians can post any old lie without caring, and then have a large army of paid political bloggers than can leverage posts and adverts as true - a few million of spend likely has a far larger influence that you might think....And that's just the things they have done that we know about!

Baring in mind how close the election was, I think that the Russians might well have done enough to make a difference.

TheVogon

"It isn't like either major party candidate was going to trim back any of the various wars we're currently in or slow the spending of human capital in the quest to make the world safe for democracy through the use of explosives and high velocity projectiles."

Possibly, but only one of them is certifiably sane.

TheVogon

Re: @ratfox - "drop in the bucket" compared to campaign spending

More evidence of other spending is emerging:

http://money.cnn.com/2017/10/12/media/dont-shoot-us-russia-pokemon-go/index.html

Android ransomware DoubleLocker encrypts data and changes PINs

TheVogon

My phone is a Galaxy S8+ from a UK vendor. Still got malware from the PlayStore...

TheVogon

Android security is terrible. My device is not rooted .I only install from the Playstore. Yet I had malware (called Expensive Wall) register me for a premium rate service (which fortunately I cancelled before being charged)

Russia to block access to cryptocurrency exchanges' websites – report

TheVogon

Re: Is there a pattern here?

""Tiny" transactions are exactly the kind for which bitcoin should definitely not be used. spent some of mine when it hit £1000* and the transactions just would not go through unless I paid fees of a few £ equivalent."

What fees to who? You just send the transaction to their bitcoin wallet. There are no costs. It's ideal for small transactions.

TheVogon

Re: Banning it so it must be popular

"Brits shouldn't complain about American gun laws"

You have some gun laws?!

Outage at EE wrecks voice calls across the UK

TheVogon

"Actually replying to the text is part of the scam - the reply could cost you £10 or more to send."

Not if it's to cancel by sending STOP or STOP ALL. That's never chargeable over a basic text message fee.

TheVogon

Re: EE/Orange not accepting the number for spam reports

"They've had that bug for 6 or 7 years (at least) now.

Insisting on the number (as if they couldn't cross-correlate it anyway), and then rejecting it."

Always works fine for me on EE. I report them and then cut and paste the number in the next text.

You may not have noticed, but 'superfast' broadband is available to 94% of Blighty

TheVogon

Re: "Anyone know anything?"

"A class-action lawsuit in the US over the issue "

Thanks. Is it actually fixable in firmware? Or they will need replacing?

Hackers in Arab world collaborate more than hoodie-clad Westerners

TheVogon
Trollface

Re: Allahu hackbar !

"BTW: Are hoodies still in?"

In circa 50% of the Arab world they are apparently!