Wendell and Qain discuss Internet of Things!
This is a companion discussion topic for the original entry at https://teksyndicate.com/videos/tek-0244-hack-planet
Wendell and Qain discuss Internet of Things!
This is a companion discussion topic for the original entry at https://teksyndicate.com/videos/tek-0244-hack-planet
3 Likes
Wait, so are saying that Secure Boot isn't just for signing kernels, it's also used to protect UEFI firmware?
Anyways, in my opinion, firmware on board should not be able to be modified unless the user gives his consent physically by for instance flipping a switch, the operating system should not be able to write anything to the firmware otherwise and the firmware should be signed by hardware manufacturers.
When it comes to checking the integrity of the operating system I think the user should be able to use his own key pair but that is probably not going to happen.
Wendell are you bored of No Man's Sky yet? :P
Good episode guys, I think this is the best episode that Wendell and Qain have done!
Re: Tor
Nation State actors with the ability to reliably conduct traffic timing correlation attacks have never been part of the Tor threat model. It wasn't designed to defend against that, and it's always been stated in their documentation on their website, at least since like 2006 or 2007, cause that's when I first started learning about the project.
Just look at the first sentence of section 3.1 in their design documentation.
A global passive adversary is the most commonly assumed threat when
analyzing theoretical anonymity designs. But like all practical
low-latency systems, Tor does not protect against such a strong
adversary. Instead, we assume an adversary who can observe some fraction
of network traffic; who can generate, modify, delete, or delay
traffic; who can operate onion routers of his own; and who can
compromise some fraction of the onion routers.
https://svn.torproject.org/svn/projects/design-paper/tor-design.html
That's been there for as long as I can remember. So you are correct in that Tor cannot defeat the NSA, for example. But that's because it's not designed to.
I definitely agree with you @DeusQain that if everyone used Tor, it would be a lot better. So maybe Tek Syndicate should run active promotions for Tor. They would take up time you could use for paying advertisements, but it would be for the betterment of humanity if thousands more people starting using it as a result, no?
2 Likes
900 million phones.... Microsoft's golden key.... Volkswagen.... Airlines....
I'm feeling a little dizzy. Might be from all the head shaking.
Very good episode! Thank you.
@DeusQain, is that a Commodore 64 to your left? Just for retro or are you doing something with it?
"Security through obscurity" - Not considered a real security measure anymore.
Oh shit he is actually installing backula on it.
2 Likes
Both.
1 Like
Honestly, I'd probably would get a robot to provide services to a lot of things instead of a human if it runs very well and doesn't make egregious mistakes. Both sides can make mistakes but if one can make less mistakes while providing a better service or result, then I'm going with that side. Tattoos would be one of them.
So @DeusQain, how is the performance of No Man's Sky treating you if you have got the chance to play it? There are reports from many PC players that are having completely unsatisfactory results. Some are saying the port to this game is Arkham Knight levels of bad porting.
Suggestion: ¨I am not planning for future nothing¨ T-Shirt. I loved that line...
When Secure Boot was announced, you criticized it, saying that Microsoft is using it to prevent people from installing Linux.
Then, when Microsoft stopped requiring manufacturers, who want Windows certification, to implement a way to disable secure boot, you wanted a way to disable Secure Boot.
Now, that we know for sure, that anybody can disable Secure Boot, you complain, because now you suddenly want to use Secure Boot.
You say, that disabling Secure Boot can allow the creation of viruses, which survive a harddrive reformat, but you didn't say anything about that, when you were demanding a way to disable Secure Boot because of Linux.
Did you actually repeat what you just wrote in your head....
Being able to disable secure boot to keep your device open to other software (an ability that a security system should not be tampering with btw) and being able bypass secure boot when enabled using a golden key are two entirely different matters...The guys did not defend secure boot as a technique. They just expressed how much of a bad idea is to have golden keys for such systems...Whether secure boot or any other.
Secure Boot works by only allowing code, that has been digitally signed by Microsoft.
This only works, if there is a key, that Microsoft uses to sign the code, the golden key.
How exactly do you implement this without a golden key ?
Then why did they talked about this exploit being used be viruses, when you can also have the same viruses if Secure Boot is disabled, because you want to run a different operating system.
About the Xbox app on Windows 10.
You guys do realize, that the Reddit post is one year old right ? It's from Jul 26, 2015. It's from before Windows 10 was even released.
It's so old, that the problem has probably been fixed by now.
They talked about being exploited because the update manager on windows has access to the bios. That is OS specific...
Actually, it's because the UEFI allows the OS to to access it.
If Linux doesn't support it, it doesn't matter, because anybody can make a driver for Linux, which will allow it to access the UEFI and change it.
It will require root access to install the driver, but in Windows, accessing the UEFI also requires admin access.
In windows it is built in by default and machine comes pre-installed. If you want to exploit the same thing on Linux you need to also solve the issue of deploying it. Not impossible to do, of course, but definitely more difficult
You could use more distributed protocol methods that just one key would not be a single point of failure? Or allowing the user to disabled at will for bios updates instead of having a golden key...
Actually I was wrong. It turns out, that Linux does support it as well:
The Linux kernel gives access to the UEFI configuration variables
https://www.flashrom.org/Flashrom
It is designed to flash BIOS/EFI/coreboot/firmware
Portability. Supports DOS, Linux, FreeBSD
https://www.phoronix.com/scan.php?page=news_item&px=uefi-2.5-better-linux-updates
On systems with UEFI 2.5+, the goal is to make it easy to update your system's BIOS via the GNOME Software program
Well that can solve the deployment issue under certain circumstance then (if you actively use these programs or the kernel update is compromised)...You would still have to move through more hoops to make it though...