Re: UEFI = ?
Unsecurable EEPROM for Intel.
Unix Exclusion Firmware Interface
14 posts • joined 10 May 2013
That feature could've been intentional for TLA's so agents can access anybody's private account, even if said agents were deployed overseas.
If not for TLA's and secret agencies, then maybe that feature was given to big corps who wanted some private data of FB users.
Just patched by FB when that Taiwanese guy claimed he would delete the FB account of Zuckerberg in a live stream.
That's why it's not good to put backdoors, as claimed by most tech gurus, be it hardware or software because sooner or later someone will discover those backdoors. Ok, as usual, just claim it was a bug and not an intentional feature.
I also shutdown after each use, and everytime I bootup I need to enter 4 different passwords to get a working environment. First is HDD BIOS password, then BIOS System password, then GRUB menu password (SHA512), then Windows logon password, then some private archives were also encrypted. This is just a personal laptop with nothing to protect except my daughters photos and some banking PDF files which are also password-protected by the bank itself.
On the othe rhand, I think any type of encryption used by the owner on his/her documents and private stuff would make this types of cold b oot attack useless. Even zip encryption or .7z compression with strong crypto would defend against this cold boot attack, as long as the password is not stored in any plaintext documents sitting on the filesystem.
I thought that AES was chosen since it was the best performance vs security, but was not chosen to be implemented on small devices due to its low processing requirement.
I seem to recall that Elliptic Curve encryption is the chosen encryption for small devices since it is relatively secure and requires minimal processing to encrypt.
AES = symmetric cipher (would use just a single key for encryption and decryption)
Elliptic Curve =assymmetric cipher (uses 2 keys, a private and a public key)
Wonder why you mixed and compared both when they're not the same.
on linux OS or routers powered by linux OS just edit: /etc/hosts
if on windows then just edit: windows\****\drivers\etc\hosts
Restart your machine after applying changes on your hosts file.
<i>With software, it takes a little bit more and considering MS wrote the code and left the bloody hole then they should have supplied a fix for zero day exploits regardless of the age of the software. Yes, even for DOS.</i>
With software, it would be impossible for a third party to create a fix and sell them. First, creating a fix requires disassembly which is illegal, and selling fixes for a software you don't own is illegal too. Very different in the world of automobiles where any third party can create a fix or a performance kit for profit.
@CrysTalK "just distribute scripts for cleaning"
apt-get install LinuxMint
20 minutes later - perfectly good, fast and secure PC.
I agree Eadon, use Linux instead.
1. we need to download LinuxMint and burn it into CD or USB stick, I don't think we can just apt-get install Mint from within another distro : )
2. LinuxMint is too bloated for my taste. All unnecessary stuff is loaded, I prefer the leanest distro where I load the firmware/driver myself and install those browser plugins I require, on my own. Mint has 3 browsers, 4 players, and a dozens of plugins. Not my taste. : )
I agree that you'll be safer with Linux though.
would take an average .js programmer just 1 hour to build a cleaner script which could be deployed on all those machines. And conficker will be removed right away. True the startup files and malware binaries might have random characters, but just build a script to check legit file names and delete those random programs not in the list of legit programs inside the script file.
so yes, just $200 USD for the script and all of those can be cleaned, by even NON-techie teachers after they double click the script.
Biting the hand that feeds IT © 1998–2019