Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: MS is still hostile to open formats (Score 3, Interesting) 47

by Burz (#49389959) Attached to: UK Forces Microsoft To Adopt Open Document Standards

And that makes them hostile to open software in my book. They insist on treating Linux-formatted disks as essentially blank and have Windows tell the user the volume must be formatted to be used; fixing this would be simple in the extreme and would not even require an ability to read an Ext* volume. They stonewall AV formats like Vorbis when they could be added easily to existing apps. Really, the list goes on. The place where they have capitulated is formats that are intrinsic to the web (while parading their proprietary stuff as "open" hoping enough people will take the bait).

MS still promotes lock-in. And from what I gather even their new .NET licensing terms are designed to leave you on the hook.

Comment: Re:Daala (Score 1) 68

by Burz (#49362839) Attached to: Another Patent Pool Forms For HEVC

Vorbis made it into a lot of products that were not Apple or MS, from Sandisk to Samsung.

Daala is shaping up to be excellent as well, but its biggest competition may be VPx in the long run... Google announced they would start 18-month release cycles for major VPx codec revisions after 10. That creates a Chrome-like effect on the mindshare of early adopters, so it should be interesting. Of course, who is backing Daala? Mozilla... who may get dragged into release-cycle competition with Google on another product. :)

Comment: Re:Disposable, and "Not A Personal Computer" (Score 1) 362

by Burz (#49309205) Attached to: OEMs Allowed To Lock Secure Boot In Windows 10 Computers

I suggest rallying around vendors like this: https://www.crowdsupply.com/pu...

Honestly I think those guys are a bunch of hypocrites. They make a big deal about openness and evil binary blobs etc. But last I checked I don't see their board design schematics, layout files, CAD drawings for the chassis, etc. available anywhere under an open source license.

Honestly, I don't think anyone has raised the question with them. They have responded very well to the concerns of Qubes users, developers and other communities. Something tells me they would love to emulate the Apple of the 1970s and supply schematics.

Call me crazy, but I respect IHVs wanting to have the ability to patch hardware issues on devices that have already shipped. Remember the Pentium FDIV bug? Intel has had up-datable microcode ever since then for a reason. Having hardware be patchable like that creates binary blobs of out necessity. I guess I'm just too pragmatic or something.

I don't get this part. You're against closed design for motherboards but not for firmware?

The hypocrisy charge doesn't hold. Purism is a tiny startup and they are not going to be able to deliver the whole kit and kaboodle down to the last transistor to you immediately. In the meantime, we can have hardware whose documentation is thorough and therefore FOSS-friendly with no mystery drivers; We can have all open software and firmware on a powerful system if Intel is willing.

Comment: Re:I dub all unswitchable hardware: disposable (Score 1) 362

by Burz (#49305795) Attached to: OEMs Allowed To Lock Secure Boot In Windows 10 Computers

The vast majority of PC buyers will never want the missing feature, and will be protected from social engineering attacks that would turn it off. As for a compromised OS bricking the system? Well, that's probably actually a good thing for most people. Much better than their bank account getting siphoned.

I think you mean its better for MS and vendor bank accounts, not ours.

Comment: Disposable, and "Not A Personal Computer" (Score 5, Insightful) 362

by Burz (#49305785) Attached to: OEMs Allowed To Lock Secure Boot In Windows 10 Computers

There should be a permanent sh!tlist pinned to the top of Slashdot with any vendor that promotes this scheme for "PCs".

Microsoft's long-time disruptive technology shark in the water was that they promoted a platform that was just open enough to let techies (and 3rd party vendors) on a budget customize the systems however they need. This is the essence of a "personal computer", for the MS camp at least. Now MS has jumped their own shark.

Their tepid claims of being FOSS-friendly are being shown as ultimately false. Like Apple, they still won't incorporate open A/V formats into their products and their OSes will tell you an inserted Linux-formatted volume "must be formatted before use". Heaven forbid if I ever give an EXT3 formatted flash drive to an Android user, and they decide someday to look at it with Windows. They are similarly hostile when it comes to Linux multiboot setups. Its wilful negligence that still reigns in Redmond and must be fought with tooth and nail to gain any concession.

And how necessary for security are these firmware-level lockouts?? They are not! Qubes OS employs a scheme that, in combination with a TPM, prevents a computer from being able to reproduce a chosen passphrase if its been tampered-with. No doubt, the MS excuse will be that the consumer or administrator can't be bothered to remember a sentence to verify system integrity.

I suggest rallying around vendors like this: https://www.crowdsupply.com/pu...
Eventually, we should pressure the market to open up the whole damn stack; We will probably be forced to.

Comment: Re:We desperately need unflashable firmwares (Score 1) 120

by Burz (#49304949) Attached to: Persistent BIOS Rootkit Implant To Debut At CanSecWest

I'm not a developer, but I don't mind being called a fanboy for something like this.

And no, there's no reason why another OS couldn't use a TPM in the same way. Qubes seems to be the only one so far with this interesting feature.

Anti Evil Maid was designed initially for physical attacks, as the name implies. It does eliminate the 'Evil Maid' scenario if its assumed the attacker is unskilled and/or only has time to plug a USB or similar device into the computer. So it greatly reduces the opportunity for successful physical attacks.

For remote attacks against motherboard firmware, AEM ought to work 100% of the time. This is especially true if you have disabled booting from internal drives, in which case your HD firmware could become compromised and still not be able to obtain any unencrypted keys or data.

Qubes R3 will have an unprivileged storage domain which should protect you even if the HD firmware is *already* infected or indeterminate at install time.

Comment: Browsers will always have a huge attack surface (Score 1) 237

by Burz (#49304725) Attached to: Every Browser Hacked At Pwn2own 2015, HP Pays Out $557,500 In Awards

The best way to deal with the situation is to run browsers under a hardened type-1 hypervisor that has a tiny attack surface itself. Create an 'untrusted' domain and tool around the Internet to your heart's content, or use disposable VMs that appear for risky temporary tasks and then self-delete.

If we want this rich content in our lives we have to accept the complexity and the risk to some degree. Using an OS built on security by isolation allows us all that complexity, but behind very strong, simple security structures that are built on the best hardware virtualization features. This is probably the only good way to keep private data and core systems from being exploited.

I even have reservations about air-gapping as a 'good' security solution: As the practice stands with PCs now, its too free-form and there are too many complex code layers to think about and work around while sneaker-netting info and code between systems. A USB device that got infected could pretend to be any of hundreds of devices that use dodgy, vulnerable drivers; and that doesn't even touch on the risk from complex file formats or desktop features.

Comment: Re:Just another reminder to use LibreSSL (Score 1) 64

by Burz (#49294249) Attached to: OpenSSL Security Update Less Critical Than Expected, Still Recommended

That is not such a big difference, considering most installations are still using OpenSSL (more eyes...).

LibreSSL is still valued for their efforts, but they and most of the IT community waited until a major crisis occurred before taking action. Now that OpenSSL has been in the spotlight and finally received decent funding to do their own reviews and cleanup, I'm not sure where that leaves LibreSSL.

Comment: Re:We desperately need unflashable firmwares (Score 1) 120

by Burz (#49293813) Attached to: Persistent BIOS Rootkit Implant To Debut At CanSecWest

What's infuriating is that USB drives used to come with hardware write switches and now you can't find them anywhere. And motherboards used to require you to move a jumper to flash the BIOS but, those are gone too. I don't know if it was cost cutting or a case of user stupidity or both but, the hardware write switch has faded into history. I'm fine with the being in a default-write setup as long as they had the option to cut it off.

A third possibility is that the NSA and their friends abroad might have pressured the manufacturers to remove these security features. The pressure might have subtle, like pointing out "good" places for cost savings.

As someone else mentioned, Kanguru has write protect (and I think a few others -- I have some drives by Imation and RiData that have the switch). But that doesn't necessarily protect you from something like badUSB, which can infect drive firmware.

Kanguru states their drive firmwares are protected with digital signatures. However, that means the firmwares are writeable under certain conditions, and we now know that certain organizations make it their job to steal the private keys of security vendors (you can bet the practice is not limited to SIM cards). In that case, you may be better off with a 'plain' thumb drive that has a non-changeable firmware especially if it has a write-protect switch.

What really, really sucks is that virtually no manufacturers are stepping up to the plate with better hardware designs that can mitigate the problem... and even the OPAL2 spec appears to state that firmware protection is optional. Merely putting write-protect jumpers on the firmware storage chips would prevent most attacks (the remote ones).

An exception to the lack of manufacturer concern may be the new Purism brand that just launched their Librem 15 OSS-friendly laptop. They are interested in putting at least a jumper on the motherboard that can block BIOS changes. They also promise to release an edition of the Librem that allows the user to cut power to wireless, mic and camera.

Another mitigation is Qubes OS, which has an architecture that greatly ups the bar for security and it can detect tampering in the BIOS, kernel, hypervisor, etc.

Comment: Mitigations (Score 2) 120

by Burz (#49293481) Attached to: Persistent BIOS Rootkit Implant To Debut At CanSecWest

Qubes OS will detect this type of attack, and in most cases prevent it. It can also protect you against badUSB if you create a USBVM to handle the USB controllers.

Detection comes via the Anti-Evil Maid package, which uses a TPM to measure the system firmware, bootloader, kernel and hypervisor. It optionally can create a USB thumbdrive for booting Qubes in AEM mode. (AEM should *always* detect a compromised base system, but using a thumbdrive can help prevent an attack from succeeding in an 'Evil Maid' scenario.)

Qubes uses Xen, a type 1 bare-metal hypervisor with a miniscule attack surface, and uses that as a chokepoint to regulate ALL system activity (including network and graphics) in a way other OSes do not. Graphics is one of the weaknesses in VM host security that enables 'VM Breakout' escalation attacks. In using VMs for all sensitive functions, remote attacks are highly unlikely to escalate and take over the core system or firmware.

"Most of us, when all is said and done, like what we like and make up reasons for it afterwards." -- Soren F. Petersen

Working...