I keep hearing this claim, and I see no evidence for it. Shit, I worked for redmond for years, and IE was *never* faster outside of a lab than Firefox, much less Chrome. I didn't particularly care for the immense amount of telemetry that Chrome shipped back to the goog, but it started fast and stayed that way. A fresh copy of IE/WIn8 on the other hand, was zippy for the first few days of use -- almost as fast as firefox on 32 or 64 -- but quickly bogged down with local cache writes and content inspection, tons of default temetry, and helper libraries that could not be unloaded without heading into the registry with an army of villagers weilding pitchforks and torches. Besides, it's UGLY. Why bother with it?
Not sure why I keep taking the bait on this, but... two things:
1. Just to pick an example: I proposed that one of your users receives *content* (not an exe) that first subverts the function of existing whitelisted exes, then inserts a logical payload; a mildly good version of this will never hit disk or appear as anything more than a new thread of an existing process. Impossible? You are
2. Where the rubber meets the road: The systemic error you've made is assuming you are the smartest guy in the room. You might well be smarter them me, but you are assuredly not smarter than all of your adversaries... where "smarter" may be measured by totality of information about a complex and dynamic system (in which case, there is no condition in which it is possible to have total knowledge or control), or the ability to logically use and creatively combine the resources local to you (not humanly possible to disposition all possible permutations of a mesh graph with a nontrivial number of nodes). If you think you have accounted for all possibilities and logically made errors impossible, then you lack sufficiently deep understanding of the game.
It should be very easy to find you, either from the Hindenburg-size ego, or by following the immense target you painted on your own network. Wrong? Would you post your gateway's public IP ? (I say this to make a point. Please don't be so stupid as to actually connect your personal arrogant bluster with any professional responsibility to protect assets.) In a way I am grateful for opinions like yours, because I'll be fully employed at top dollar well into my old age, doing rescue jobs when your unsinkable ship does the impossible.
'Nother day, 'nother dolla, Dolla dolla dolla bill y'all...
"users needing to exchange information.. [no]" and "protocols for file transfers...upload or download a specific file at time X."
No ad-hoc messaging in business? The environment you describe does not exist.
"Communication between the work stations or to unauthorized servers on the network is not allowed... again, at the appliance level"
Soooo.... you replaced the hub with a switch?
"refreshed from a template on login. You can't infect the workstations."
Check out Angler malware. Oh, and for two scoops of irony, use the browser in your liveCD Kali distro to read up on in-mem exploits for debian.
"unauthorized code" or "BestTrojanEVER.exe"?
Not required, nor is code persistence. The default OS contains more than enough helpful code you had to whitelist. But *is* terribly helpful of you to eradicate the host OS after user creds are compromised, so there's no pesky log data.
"about four different changes to the way the computers work"
You don't know much about Windows or *nix, do ya? Or computers?
"The system I've set up is the firmest security I've heard of short of building a secret air gapped network run by mole people under the earth with no door in or out."
Mole people? Who... who told you about the mole people?
"the sort of system I'm talking about... Doesn't get hacked. Its never happened. Ever."
Oh sure it does. Go read up on Buckshot Yankee and SIPRNet. Took three years for the US feds to clean up that shit, all because some lonely intel guy stationed in the sandbox wanted to look at boobies on a goddamn thumbdrive.
"attack with no physical component...just don't see how you could do it"
If you use anyone else's code.... Oh shit... are you forking TempleOS?
Bullshit. Arrogance is always the undoing. Even in the most hardcore, wired-only, mac-whitelist, tightass-vlan, zone-enforced user minimum-privilege network, people have to get work done. That means if you have internet access, people will exchange data or even documents with uncontrolled sources. If you don’t, they will find some way to move or bring data in. If you have commodity operating systems or compatible office software, you have compromisable endpoints that need continuous maintenance. If you have shared resources like file servers, printers, and email, then you have nodes to emulate which facilitate lateral movement. If you have user accounts in the same directory as administrators, you have a venue for elevation of privilege. If humans administer the network, there exists a method for changing its configuration.
While you are positive that your environment is “basically impossible” to hack, someone will send your staff a slow trickle of emails every week or leave a few 32GB thumbdrives in the lobby that have a file “Confidential-Proposed2015Q4Layoffs.PPTX” and one of your std-priv staff will invariably open it. You might miss powerpoint.exe spawning flash.exe and a call to NativeProcess(); or something more subtle. You might not catch a call to twitter.com or ello.co from their machine that’s missing an http referrer, and a plaintext C2 reply. Soon a regular user makes a few novel but authorized connections, then some hash files get read, then a few more users do the same. Someone with more than usual user privs makes an authorized filesystem write to a host in IT. Soon one of the service admins’ laptops ends up with a virtual USB HID device, and Windows helpfully mirrors all keyboard input to it. One or two more hops, and some patience, and the credentials for your core switch are lifted. Your own infrastructure is then mildly tweaked without disturbing anything you care about – an fspan modified here, some data staged on a low-priv endpoint there, with a path that appears for less than a minute each week to do something else before disappearing from affected tables. An adversary takes residence on one of the cards in your core cisco gear, resistant to even a chassis IOS wipe and reload. And when that’s stable, all the previous steps will be eradicated if not already done, though a diligent adversary might adopt a ‘rule-of-three’ method to ensure each re-entry stage has two fallbacks in case you get wise. But you’ll probably never see it, and you’ll likely insist that it’s not happening even when your adversary makes a mistake and drops a hint. And that’s just what bad guys can do without the advantage of walking in with a warrant and a 1U box.
Now, do the junior-birdman purveyors of “E-Detective” make the claim their sniffer owns up your network simply by being plugged in? They do? That doesn’t even pass the giggle test. But don’t be too smug about what could happen with an adversary that isn’t a fool, or about the efficacy of bone-simple tooling accurately matched to vulnerabilities. And don’t use words like “impossible.”
Blackberry Passport. I got one last week. Holy shit, this is a great phone. Specs very close to the 1+One. Have a look.
Runs android 4.x alongside QNX, runs BB apps, runs Android apps, **sandboxes** the Android apps for better security than typical Samsung implementation. It took me two tries to get standard Google Play services installed, and now it handles both personal and work google accounts cleanly and separately. All the amusements are there, and all the business stuff is there too.
And it has a sweet physical keyboard with a capacitive surface, so I can gesture on the kbd without obscuring what's on that gorgeous 1440x1440 screen.
The weird hipster factor is pretty high on the Passport, but it's so damn functional.
I find it really ironic that Google, a company so used to being the new hotness upstart company, is so willfully ignoring usage patterns of a significant minority comprising "the youth" and people on the wrong side of the internet divide, and much of the third world, and anyone without a data plan outside of wifi range.
What these people have in common is they use sms or some form of text-like DM instead of email, so email notifications sit in an unread inbox and are effectively useless. Syncing calendars is fine as long as each individual maintains their own calendar, but sms is one of the nice ways to notify individual attendees without some major calendar confab.
For example, my kid's french tutor uses Google calendar for scheduling, and if you load the calendar it shows *every* person scheduled on that calendar, which is great for finding available spots, but it's not something you would leave visible. Turn it off/non-visible, and you lose web notifications. However, at present each person gets an sms notification for their appointment, even if they turn the calendar off. Sooo.... Google expects every person on a shared calendar to leave that calendar active at all times in order to receive web or email notifications, which are likely ignored if not disabled?
It's a tone-deaf move. Personally, I use sms to ensure my kids get the notification no matter what, and this downgrade will result in all sorts of ignored events and missed appointments. One workaround, at least for t-mobile, is to email the notification to 800YOURNUM@tmomail.net
For an individual or small group, I won't assume malice where incompetence or failure is an entirely viable explanation.
For a large group, inhuman malice towards individuals is generally indistinguishable from studied and successful neutrality.
Why? Because open naivete and narrow cynicism are both excellent spices, but neither fills the stomach.
Note to Obama: You are being lied to.
Seriously, and trying to sidestep most of the political angles: This is what happens when a person with authority collects a small set of advisers -- in an effort to cut noise/increase focus/get to data-driven decisions -- and then those advisers are not challenged or regularly rotated or infused with new thinking.
This instance pains me, partly because by my citizenship I'm on the wrong end of the Patriot Act aka "Putin's Law"
- Let's get real: metadata IS the data. Who/when/how/where you called is just as important as the what/why content of the call. The ears don't get much more totalitarian than this, we just don't have totalitarian fists yet. (Oh wait... *watches news about street cops outfitted with combat armaments and light tanks, then acquitted for movie-style executions*)
- NSA's collection of citizen's communication data and metadata have not led to even one single foiled terrorist plot. Not one. It's not even the right model to catch the stuff we know about in hindsight. The only reliable detection tool for decades has been manual notification by family and friends to authorities, and there's still no good unified repository and workflow system to handle it.
- There are multiple documented instances of abuse where the collected information was too tempting for federal employees not to do something stupid or illegal or both. (LOVEINT is almost funny, but multiple instances of commercial espionage have been alleged and documented.) If we amass this kind of information, people will use it for whatever purpose they imagine -- justified or illicit -- because admitting there's no legitimate function is the worst option of all.
- In the big picture, total security really does obliterate freedom. How I wish we could discuss that without hyperbole. Maybe we could stay grounded by involving the French, who are further into a discussion about how overreaction to Muslim immigration will destroy their governing principles as effectively as any perceived human threat.
- It deeply troubles me that Obama appears to have no better tech-sourced intel than 3rd tier CEOs buying security guidance from consultancies with 800 number to a sales guy and $150/hr bill rate.
What a sad state of affairs.
I'm horrified, partly because I'm on the verge of buying a BB Passport. It's the best thing they've done in years, and since playing with SWMBO's (she bought one instead of a galaxy edge, after much comparison). The BB has a nice android implementation, simple hack to add the Google apps, better security and sandboxing of droid apps, and real keys with a touch surface that flows right onto the 1440x1440 touchscreen. Oh, and all that stuffy Blackberry stuff. It's a truly awesome piece of hardware. And now Redmond wants to gut 'em for their IP portfolio and security reputation?
In the mobile market, Microsoft is like King Midas in reverse: everything they touch turns to shit.* But this isn't a rant about Microsoft, it's a worry that Blackberry -- having done the amazing job of pulling out of the total nosedive they were in -- might get stomped just as they level out, and ship something even better. What a disappointment that would be.
*apologies to Tony Soprano
Yes, kitchen counter space is limited. And toolbox space, and desks, and dressers, etc etc. Keurig has a functional niche (places where mess is intolerable or there's no one to clean it up, like medical lobby or a low-use office), but their marketing has convinced a broader market that it's too cool not to have one. It won't last. Already there's blowback about the amount of waste produced by this particular device, and popularity is waning... just like most other uber-popular single-use doohickeys.
In order to survive past initial novelty-driven sales, a single-purpose/non-flexible device had better be utterly awesome at what it does, and seriously durable in both function and regularity of need. That's why the regular pan stays while the egg-magic pan goes to Goodwill (not durable, don't want eggs every day), and virtually every Rolodex has been replaced by a free app on a general-purpose portable computing device (not flexible, need changed). The Keurig makes consistent mid-grade coffee (not awesome), and is moderately durable at best (and DRM is a form of intentional breakage), which means market survival will eventually come down to flexibility. Can JoeBob consumer make ramen with a Keurig? No? Then eventually he'll keep the kettle and throw out the Keurig.
'Jus sayin... as I sip decent coffee out of a mug, made with a 15yo Cuisinart kettle, an $0.80 sbux Via packet, and less waste/cleanup than Keurig. The packet will change, the kettle will stay.
Oh, holy shit yes, THIS.
Having just dropped off dragon #2 at his educational containment unit, I have just a few hours to restock the feed lots before the return of #1 early this afternoon. I do not know how long I can keep this up; perhaps they will just eat my remains.
Anybody got NSA's customer service email address?
No, because I dropped Facebook a couple of years ago. Too narrow a view on the world, too much of a social/political/financial echo chamber, too prying re personal detail, too much advertising, and too much extremely-creepy influence on ads I see externally. I miss a *little* of the content, but most of it was OCD junk from distant relatives and bloviating nonsense from industry "thought leaders". Good riddance.
Ok, ok, I know Ford would sue the bejezus out of Tesla if they did it, but... I so hoped that after the Roadster ("Model R") and the Model S (...well...), the affordable car for the masses would be the Tesla Model T. Can they at least spell out "Three" on the nameplate, with a big capital "T"??? Please ??
So.... really, how is this different from Windows RT leftovers, warmed up and plonked onto a phone a la Atrix as mentioned above?
It's got all the overhead of Windows but in a walled garden, etc etc. As before, what's the compelling advantage versus Android (which is faster, less costly, runs everywhere) or iOS (more pretty, more apps, and reliably walled-in)? It seems like they're beating the wall with their collective head.
More pointedly, the scraps left between the two big players in mobile aren't enough to create a success condition for Windows Phone 10, UNLESS somehow Microsoft fixes all the hassles with syncing enterprise AD accounts with consumer-level Microsoft accounts, AND all those Fortune 1000 companies with their own cloud implementation plans abruptly change their security policies to allow confidential documents to transit MS cloud services under consumer msft accounts (e.g. do phone buyers allow an employer to have complete control of their personal phone aka Blackberry, or carry two phones). Unlikely on all fronts. They can build it, but who's gonna come?