hate these ads?, log in or register to hide them
Page 22 of 30 FirstFirst ... 1219202122232425 ... LastLast
Results 421 to 440 of 600

Thread: Antivirus is shit, everything is compromised, etc etc (Cybersecurity thread)

  1. #421
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    12,335
    Fucking. Called. It.
    Microsoft has backtracked on a decision it took back in January when it conditioned that computers without a special registry key would not receive any more security updates.
    https://www.bleepingcomputer.com/new...dows-10-users/
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  2. #422
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    18,514
    Quote Originally Posted by Itiken View Post
    Have Intel taken out a 'Hit' on AMD? https://arstechnica.com/information-...ch-much-worse/

    The flaws—in AMD's EPYC, Ryzen, Ryzen Pro, and Ryzen Mobile lines of processors—require attackers to first gain administrative rights on a targeted network or computer, which is a hurdle that's difficult but by no means impossible to clear. From there, attackers can exploit the vulnerabilities to achieve a variety of extraordinary feats that would be catastrophic for the owners' long-term security. Among other things, the feats include:

    - Running persistent malware inside the AMD Secure Processor that's impossible—or nearly impossible—to detect
    - Bypassing advanced protections such as AMD's Secure Encrypted Virtualization, Firmware Trusted Platform Module, and other security features, which are intended to secure systems and sensitive data in the event that malware infects a computer's operating system
    - Stealing credentials a vulnerable computer uses to access networks
    - Physically destroying hardware by attackers in hardware-based "ransomware" scenarios

    The advisory came with its own disclaimer that CTS—the Israeli research organization that published the report—"may have, either directly or indirectly, an economic interest in the performance" of the stock of AMD or other companies. It also discloses that its contents were all statements of opinion and "not statements of fact." Critics have said the disclaimers, which are highly unusual in security reports, are signs that the report is exaggerating the severity of the vulnerabilities in a blatant attempt to effect the stock price of AMD and possibly other companies. Critics also faulted the researchers for giving AMD just 24 hours to review the report before it went public and using a dedicated-website to bring attention to the flaws.
    It also discloses that its contents were all statements of opinion and "not statements of fact."


    Ok.. I guess my statement of opinion is get fucked till you can prove it then.
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  3. #423
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    18,514
    Quote Originally Posted by Daneel Trevize View Post
    Fucking. Called. It.
    Microsoft has backtracked on a decision it took back in January when it conditioned that computers without a special registry key would not receive any more security updates.
    https://www.bleepingcomputer.com/new...dows-10-users/
    Oh yeah I need to remove that group policy.
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  4. #424
    Movember 2012 Stoffl's Avatar
    Join Date
    April 10, 2011
    Location
    The original viennese waffle
    Posts
    21,602
    Quote Originally Posted by Lana Torrin View Post
    Quote Originally Posted by Itiken View Post
    Have Intel taken out a 'Hit' on AMD? https://arstechnica.com/information-...ch-much-worse/

    The flaws—in AMD's EPYC, Ryzen, Ryzen Pro, and Ryzen Mobile lines of processors—require attackers to first gain administrative rights on a targeted network or computer, which is a hurdle that's difficult but by no means impossible to clear. From there, attackers can exploit the vulnerabilities to achieve a variety of extraordinary feats that would be catastrophic for the owners' long-term security. Among other things, the feats include:

    - Running persistent malware inside the AMD Secure Processor that's impossible—or nearly impossible—to detect
    - Bypassing advanced protections such as AMD's Secure Encrypted Virtualization, Firmware Trusted Platform Module, and other security features, which are intended to secure systems and sensitive data in the event that malware infects a computer's operating system
    - Stealing credentials a vulnerable computer uses to access networks
    - Physically destroying hardware by attackers in hardware-based "ransomware" scenarios

    The advisory came with its own disclaimer that CTS—the Israeli research organization that published the report—"may have, either directly or indirectly, an economic interest in the performance" of the stock of AMD or other companies. It also discloses that its contents were all statements of opinion and "not statements of fact." Critics have said the disclaimers, which are highly unusual in security reports, are signs that the report is exaggerating the severity of the vulnerabilities in a blatant attempt to effect the stock price of AMD and possibly other companies. Critics also faulted the researchers for giving AMD just 24 hours to review the report before it went public and using a dedicated-website to bring attention to the flaws.
    It also discloses that its contents were all statements of opinion and "not statements of fact."


    Ok.. I guess my statement of opinion is get fucked till you can prove it then.
    Good old Linus on the CTS Labs smackdown scenes

    http://www.zdnet.com/article/linus-t...bility-report/

    Linux's creator said he thinks CTS Labs' AMD chip security report "looks more like stock manipulation than a security advisory" and questions an industry.

    CTS Labs, a heretofore unknown Tel Aviv-based cybersecurity startup, has claimed it's found over a dozen security problems with AMD Ryzen and EPYC processors. Linus Torvalds, Linux's creator, doesnt buy it.

    Torvalds, in a Google+ discussion, wrote:"
    When was the last time you saw a security advisory that was basically 'if you replace the BIOS or the CPU microcode with an evil version, you might have a security problem?' Yeah."


    Or, as a commenter put it on the same thread, "I just found a flaw in all of the hardware space. No device is secure: if you have physical access to a device, you can just pick it up and walk away. Am I a security expert yet?"

    They've got a point.

    CTS Labs sprang out of nowhere to give AMD less than 24 hours to address these "problems."

    The startup has jazzed up its discoveries with a research paper, a video describing the vulnerabilities, and, of course, fancy names for them: Ryzenfall, Master Key, Fallout, and Chimera.

    CTS Labs claimed in an interview they gave AMD less than a day because they didn't think AMD could fix the problem for "many, many months, or even a year" anyway.

    Why would they possibly do this? For Torvalds: "It looks more like stock manipulation than a security advisory to me."

    These are real bugs though. Dan Guido, CEO of Trail of Bits, a security company with a proven track-record, tweeted: "Regardless of the hype around the release, the bugs are real, accurately described in their technical report (which is not public afaik), and their exploit code works." But, Guido also admitted, "Yes, all the flaws require admin [privileges] but all are flaws, not expected functionality."

    It's that last part that ticks Torvalds off. The Linux creator agrees these are bugs, but all the hype annoys the heck out of him.

    Are there bugs? Yes. Do they matter in the real world? No.

    They require a system administrator to be almost criminally negligent to work. To Torvalds, inflammatory security reports are annoying distractions from getting real work done.

    This is far from the first such case. A recent Linux "vulnerability," Chaos, required the attacker to have the root password. News flash: If an attacker has the root password, your system is already completely hosed. Everything else is just details.

    Torvalds believes "it's the security industry that has taught everybody to not be critical of their findings."

    He also thinks, "there are real security researchers." For many of the rest, it's all about giving even the most minor security bug. In Torvalds' words: "A catchy name and a website is almost required for a splashy security disclosure these days."

    Torvalds thinks "security people need to understand that they look like clowns because of it. The whole security industry needs to just admit that they have a lot of sh*t going on, and they should use -- and encourage -- some critical thinking."

    This rant is far from the first time Torvalds has snarled at people or companies for focusing too much on what he sees as on the wrong end of security.

    As he wrote on the Linux Kernel Mailing List (LKML) in 2008: "I refuse to bother with the whole security circus ... It makes "heroes" out of security people, as if the people who don't just fix normal bugs aren't as important. In fact, all the boring normal bugs are _way_ more important, just because there's a lot more of them. I don't think some spectacular security hole should be glorified or cared about as being any more 'special' than a random spectacular crash due to bad locking."

    More recently, he doubled down on this position, saying last year about a proposed Linux kernel change, "Some security people have scoffed at me when I say that security problems are primarily 'just bugs'. Those security people are f**king morons."

    What Torvalds really wants from security programmers and researchers, as he spelled out recently, is:

    the first step should *ALWAYS* be "just report it." Not killing things, not even stopping the access. Report it. Nothing else.
    "Do no harm" should be your mantra for any new hardening work.
    Do that, and you'll make Torvalds, and a lot of other people who care about practical security, much happier.
    2/10/17 Greatposthellpurge never forget
    23/10/17 The Greatreposteninging ?

  5. #425
    Cosmin's Avatar
    Join Date
    March 14, 2012
    Location
    UK
    Posts
    5,877
    Linus pops in glory hole reference, nobody bats an eye ^^


    Sent from my iPhone using Tapatalk
    Guns make the news, science doesn't.

  6. #426

    Join Date
    November 5, 2011
    Posts
    10,715
    Wait so to do any of that you need full admin access?

    But if you have that it doesn't matter, you've already compromised and can do just about whatever, surely?

    Fuck me these people are shit.

    Sent from my Nexus 5X using Tapatalk

  7. #427
    Straight Hustlin's Avatar
    Join Date
    April 14, 2011
    Posts
    10,288
    They really missed out big time by naming one of the 'exploits' ryzenshine.

    fucking amateur hour.

  8. #428

    Join Date
    April 13, 2011
    Posts
    6,258
    Quote Originally Posted by Isyel View Post
    Fuck me these people are shit.
    Not necessarily. I actually think some of the backlash (including Linus's rant du jour) against this is a pissing contest to see who can be the most ~infosec~, and people are underestimating the threat*.

    Without seeing the exact exploits, what they're describing is pretty terrifying. Taken together, the set of exploits means that essentially anyone with root or physical access to an AMD-based machine (say, a corporate laptop) can trivially, undetectably and permanently hijack the secure coprocessors and system chipset, with a set of the vulnerabilities being stupid-as-fuck built in backdoors. Given AMD push people to store things like corporate and privileged credentials in the compromised secure zones, and that you can run fully fledged applications from them because they're general purpose CPUs rather than real TPMs, it's pretty easy to see how these quickly become a gaping hole in your security.

    It'll come down to the exact attack vectors, but it's hardly a nonstory.


    *They're not, because no one actually runs AMD CPUs, but still
    Last edited by elmicker; March 15 2018 at 08:38:22 PM.

  9. #429

    Join Date
    May 30, 2011
    Location
    asleep
    Posts
    6,178
    Quote Originally Posted by Isyel View Post
    Wait so to do any of that you need full admin access?

    But if you have that it doesn't matter, you've already compromised and can do just about whatever, surely?
    What they are claiming, is once you have had root once, you can install dodgy unsigned shit on the processors that you shouldn't be able to, which is totally undetectable and irremovable. The only way to be sure is to throw it in a fire and buy a new computer.

    It's not like escalate to root exploits don't come out weekly with *nix packages, or 'state actors' can't get into machines to do the installs.
    Last edited by Itiken; March 15 2018 at 08:46:24 PM.
    Please don't teach me what to do with my pc.

  10. #430
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    18,514
    Quote Originally Posted by Itiken View Post
    What they are claiming, is once you have had root once, you can possibly install dodgy maybe unsigned shit on the processors that you probably shouldn't be able to, which is maybe totally undetectable and possibly irremovable. The only way to be sure is to throw it in a fire and buy a new computer, if it works which hasn't been proven yet.
    FYP
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  11. #431
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    12,335
    So a speculative exploit, as it were...
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  12. #432

    Join Date
    May 31, 2011
    Posts
    3,880
    Quote Originally Posted by Daneel Trevize View Post
    So a speculative exploit, as it were...
    Yeah, and unfortunately we learned in the past how that evolved. What initially was labeled "speculative exploit", "requires local access to machine", "root/admin privilegues needed", was turned into some practical exploits rather sooner than later ...

  13. #433
    Keckers's Avatar
    Join Date
    July 31, 2012
    Posts
    16,230
    Quote Originally Posted by Daneel Trevize View Post
    So a speculative exploit, as it were...
    I'm sure AMD don't need fanboys white knighting them.
    Quote Originally Posted by Paul Mason
    It is absurd that we are capable of witnessing a 40,000 year old system of gender oppression begin to dissolve before our eyes yet still see the abolition of a 200 year old economic system as an unrealistic utopia.

  14. #434
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    12,335
    ... it was just an (apparently bad) play on recent Speculative Execution exploits.
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  15. #435
    walrus's Avatar
    Join Date
    April 9, 2011
    Location
    Fancomicidolkostümier- ungsspielgruppenzusammenkunft
    Posts
    6,178
    So AMD has gone through the exploits and:

    The salient high-level takeaway from AMD is this:

    All the issues can be confirmed on related AMD hardware, but require Admin Access at the metal
    All the issues are set to be fixed within weeks, not months, through firmware patches and BIOS updates
    No performance impact expected
    None of these issues are Zen-specific, but relate to the PSP and ASMedia chipsets.
    These are not related to the GPZ exploits earlier this year.
    https://www.anandtech.com/show/12556...tched-in-weeks

    So much for CTS-labs claim that AMD would never be able to patch it.
      Spoiler:
    Quote Originally Posted by RazoR View Post
    But islamism IS a product of class warfare. Rich white countries come into developing brown dictatorships, wreck the leadership, infrastructure and economy and then act all surprised that religious fanaticism is on the rise.
    Also:
    Quote Originally Posted by Tellenta View Post
    walrus isnt a bad poster.
    Quote Originally Posted by cullnean View Post
    also i like walrus.
    Quote Originally Posted by AmaNutin View Post
    Yer a hoot

  16. #436
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    12,335
    And meanwhile, though unrelated to cybersecurity other than supplier independence, GPU rivals nVidia are sticking to this bullshit "GeForce Partner Program" policy of exclusive branding or no supply.
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  17. #437
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    9,076
    Quote Originally Posted by Daneel Trevize View Post
    And meanwhile, though unrelated to cybersecurity other than supplier independence, GPU rivals nVidia are sticking to this bullshit "GeForce Partner Program" policy of exclusive branding or no supply.
    Which is why I stick with XFX and Team Red.
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...

  18. #438

    Join Date
    May 30, 2011
    Location
    asleep
    Posts
    6,178
    Quote Originally Posted by walrus View Post
    So AMD has gone through the exploits and:

    The salient high-level takeaway from AMD is this:

    All the issues can be confirmed on related AMD hardware, but require Admin Access at the metal
    All the issues are 'allegedly' set to be fixed within weeks, not months, through firmware patches and BIOS updates
    No performance impact expected
    None of these issues are Zen-specific, but relate to the PSP and ASMedia chipsets.
    These are not related to the GPZ exploits earlier this year.
    https://www.anandtech.com/show/12556...tched-in-weeks

    So much for CTS-labs claim that AMD would never be able to patch it.
    Who else pinned "allegedly" into all of these AMD statements?
    Please don't teach me what to do with my pc.

  19. #439
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    18,514
    Quote Originally Posted by Itiken View Post
    Quote Originally Posted by walrus View Post
    So AMD has gone through the exploits and:

    The salient high-level takeaway from AMD is this:

    All the issues can be confirmed on related AMD hardware, but require Admin Access at the metal
    All the issues are 'allegedly' set to be fixed within weeks, not months, through firmware patches and BIOS updates
    No performance impact expected
    None of these issues are Zen-specific, but relate to the PSP and ASMedia chipsets.
    These are not related to the GPZ exploits earlier this year.
    https://www.anandtech.com/show/12556...tched-in-weeks

    So much for CTS-labs claim that AMD would never be able to patch it.
    Who else pinned "allegedly" into all of these AMD statements?
    I trust AMD more than I trust a security research firm that doesnt even give the company they are releasing the exploits for a reasonable window to address the issues. (Although I also trusted Intel about that much and how well did that go).
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  20. #440

    Join Date
    May 30, 2011
    Location
    asleep
    Posts
    6,178
    AMD Starting a game of whack-a-mole.
    Please don't teach me what to do with my pc.

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •