Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment Re:Why not capture with wireshark and analyze? (Score 1) 259

And how to you propose to get around the fact that all the code that you would need to replace won't run unless is it signed by Microsoft? At this point, the layers of verification from power on to logged in go deeper than firmware.

This is a silly question to ask. I personally haven't seen or even heard of any systems that don't permit you to disable boot code signature enforcement. Hell, even the Microsoft built Surface Pro 4 does; you can go right ahead and install Linux on the damn thing. Without enforcement there's no chain of trust, so you can patch wherever the hell you want.

Comment Re: Why not capture with wireshark and analyze? (Score 1) 259

Some code needs to be patched to write the data to a file before the encryption happens. I doubt that is impossible.

Precisely. If you patched it, you'd break patches and other whatnots, but that doesn't matter because this doesn't have to be a production system. Or if there are so many checks that it would take forever and a day to patch them all, then perhaps run it in a VM and poke the kernel memory from behind the hypervisor until it cooperates.

For the latter approach, I'm not sure if any tools exist that could properly map the kernel memory in a VM due to address randomization, but that doesn't mean it can't be done.

Comment Re:Why not capture with wireshark and analyze? (Score 2) 259

Well, son, there are three possible scenarios:

- They are using a symmetric key (doubtful)
- They are using assymmetric keys to negotiate a symmetric key on the fly
- They are using asymmetric keys for the whole transmission

The first two can be figured out with some kernel patching, or even just firing up a VM and watching for the symmetric key.

The third would involve patching the kernel to replace Microsoft's public key used for encryption with your own public key that you can then decrypt with a private key. Or just flat out disable the encryption entirely.

Either way it's done, you'd also need to have another host emulate Microsoft's server responses to see how the exchange takes place, and simply capture what is being sent, and analyze.

Comment Re:Stop with the crappy proxies (Score 1) 52

It fails on more than that. Sometimes, for no apparent reason at all, the whole screen will go blank and you can't do anything until you force stop the app. Also text editing not only has a shitload of bugs, but the selection of text within an editor is also horribly designed.

But again, because the web itself is overall so fucking broken by design without browser addons, you don't have to deal with the usual shit that websites send your way.

Comment Re:Subpoenas and the right against self-incriminat (Score 1) 171

A court does, law enforcement does not. If you are stopped by a cop or fed or other LEO and they ask you for your identity, you are under no obligation to tell them.

You are correct in that they can't just randomly stop you and ask for ID, however they can if they have probable cause to believe that you were involved in illegal activity, which even SCOTUS has upheld:

https://www.flexyourrights.org...

Comment Re:Subpoenas and the right against self-incriminat (Score 2) 171

Police and prosecutors absolutely can demand the people turn over passwords

That doesn't make sense to me because a password is the "what you know" authentication factor. And what would stop somebody from saying they forgot the password?

Now a fingerprint on the other hand is "who you are" and the government does have the right to make you identify "who you are" not only to law enforcement but to the courts as well.

The third authenticaiton factor "what you have" (i.e. smart card, key fob) could be compelled to be turned over only if the government can prove that not only does it exist, but that you actually have it too.

Comment Re:Clickbait (Score 1) 171

Admittedly I haven't read TFA, what has me scratching my head is how they know that this phone belonged to one of the San Bernadino killers. Perhaps they know who the phones belong to, but what makes them think the owner is one of the San Bernadino killers? Perhaps they already have other evidence and they don't actually need any backdoors?

Comment Re:Cool (Score 2, Insightful) 185

Seems more like pork to me. The problem with cybersecurity right now mainly comes from basically anybody and everybody running old shit that is vulnerable. A classic example is Android 2.3 devices that people still carry around. And of course, large companies that have obsolete OSes still running on the public internet.

This whole IoT mess is only going to make it much worse. What's needed are rules establishing a minimum standard to raise the bar for longer term security updates. I.e. rules to the effect of requiring manufacturers to provide security updates for no less than 7 years after first product general availability to market. Also provide some kind of source escrow so that if the company folds the firmware can be released as completely open source, complete with signing keys where applicable.

Also something needs to be done about the DDoS as a service situation. The primary target should be end users who harbor compromised systems connected to a broadband ISP. For example, if they're found to be participating in a DDoS attack, whether they are a willing participant or not, they are to have their internet connection throttled to 128kbit until they have cleaned their systems.

Comment Re:Stop with the crappy proxies (Score 3, Informative) 52

I use Firefox on Android with adblock plus, searchonymous, and google redirects fixer installed. Clunky browser overall but it's better than dealing with the usual shit that most websites (slashdot included) have. I used the Ghostery addon before, but after seeing how much better privacy badger is (or rather, how it doesn't break websites like most privacy addons do) I just use that on desktop and hope they might make it available for Android. For now, I mostly just rely on the setting to make third party cookies be session only.

Comment Re:Oh look, another HaD cross post (Score 1) 95

Aside from the risk of someone abusing that mechanism, the potential for it to fail like it did with NEST is too great.

Isn't that why modern devices have dual firmware images? Or at least, one firmware image is just a shim that can phone home and fix things that have gone wrong in the main firmware image, or alternatively allow somebody with a PC and a simple set of instructions to connect to it and fix it.

Comment Re:What's a DLL? (Score 2) 161

I would say that Microsoft could improve on desktop applications by giving them their own namespace or user space (a la Android) but instead they now call these "legacy apps" and have the unrealistic expectation that you use universal apps which do have these protections.

I say unrealistic because universal apps don't have anywhere near the capability set that you can get with "legacy apps", and there's no reason to write new desktop applications anymore because typically the best way to deliver your application to desktop users is through web apps. If a web app can't do what you need to do, then a universal app probably can't either, and indeed can probably only do less things since it has to operate very strictly within Microsoft's walled garden.

Slashdot Top Deals

A good supervisor can step on your toes without messing up your shine.

Working...