Support the Arctic Sea Ice Forum and Blog

Author Topic: How to secure internet ?  (Read 21823 times)

LRC1962

  • ASIF Citizen
  • Posts: 409
    • View Profile
Re: How to secure internet ?
« Reply #50 on: April 06, 2017, 01:32:29 PM »
If I may.
It is a very important thing to protect your data from those who could use it for criminal purposes.  As for data mining, that is a different story. One there is such a thing is that having too much data can actually backfire. Case in point. Saw a story which talked about the fact the NSA has so much data, it actually can do little to find activities before they happen, but can find the trail after it had already occurred. As for targeted sales, that is old as statistics. Can not remember if it was a course I took or a documentary, but spoke of the fact door to door sales people, and ad companies could figure out the profile of people almost down to the house, just by using the available statistics that governments collect every single year, with uncanny accuracy. So ISPs selling your activities and you getting targeted accordingly is more accurate now, but basically the same as before internet era.
As someone who I talked to about this pointed out, obscuring yourself too much can have the reverse effect of making you a much more interesting person to target. As most police would tell you, the best way to be a good criminal is not to hide yourself or run, but act like everyone else around you.
"All truth passes through three stages: First, it is ridiculed; Second,  it is violently opposed; and Third, it is accepted as self-evident."
       - Arthur Schopenhauer

ivica

  • ASIF Middle Class
  • Posts: 567
  • Kelele
    • View Profile
Re: How to secure internet ?
« Reply #51 on: May 07, 2017, 03:36:07 PM »
May 6, 2017 4:01 pm UTC

https://arstechnica.com/security/2017/05/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought/

"A remote hijacking flaw that lurked in Intel chips for seven years was more severe than many people imagined, because it allowed hackers to remotely gain administrative control over huge fleets of computers without entering a password. This is according to technical analyses published Friday."

"In a blog post published Friday, Intel officials said they expect PC makers to release a patch next week. The releases will update Intel firmware, meaning patching will require that each vulnerable chip set is reflashed. In the meantime, Intel is urging customers to download and run this discovery tool to diagnose potentially vulnerable computers. Systems that test positive should be temporarily secured using this mitigation guide until a patch is supplied. Computer makers Fujitsu, HP, and Lenovo, have also issued advisories for specific models they sell."


Neven

  • Administrator
  • ASIF Governor
  • *****
  • Posts: 4317
    • View Profile
    • Arctic Sea Ice Blog
Re: How to secure internet ?
« Reply #52 on: May 07, 2017, 05:00:32 PM »
Good thing I've always been an AMD fanboy, back in the day when I enjoyed building energy efficient computers. But I wouldn't be surprised if those chips are compromised as well.

Pretty crazy that the hardware is vulnerable. Software okay, but hardware?
Il faut cultiver notre jardin

mati

  • ASIF Citizen
  • Posts: 267
    • View Profile
Re: How to secure internet ?
« Reply #53 on: May 08, 2017, 05:15:01 PM »
when i found out about AMT many years ago, it was and still is worrysome, tho usually only used to manage corporate networks...certain people with err connections can probably do something with it...

AMT is designed into a secondary (service) processor located on the motherboard

AMT runs in a completely separate computer hidden in the northbridge chip on the motherboard.  It runs without an OS and can monitor the computer even if it is "turned off" as long as there is power to the computer.

https://en.wikipedia.org/wiki/Intel_Active_Management_Technology

and so it goes

TerryM

  • ASIF Governor
  • Posts: 2532
    • View Profile
Re: How to secure internet ?
« Reply #54 on: May 08, 2017, 06:31:37 PM »
Thought my Crackberry was impervious, the end of the days of innocence.
Terry

ivica

  • ASIF Middle Class
  • Posts: 567
  • Kelele
    • View Profile
Re: How to secure internet ?
« Reply #55 on: May 13, 2017, 10:43:17 PM »
Sam Biddle, 2017-05-12T19:13:25+00:00, at The Intercept_:
"Leaked NSA Malware Is Helping Hijack Computers Around the World"

In mid-April, an arsenal of powerful software tools apparently designed by the NSA to infect and control Windows computers was leaked by an entity known only as the “Shadow Brokers.” Not even a whole month later, the hypothetical threat that criminals would use the tools against the general public has become real, and tens of thousands of computers worldwide are now crippled by an unknown party demanding ransom.

Dan Goodin - May 13, 2017 10:21 am UTC, at Ars Technica:
https://arstechnica.com/security/2017/05/wcry-is-so-mean-microsoft-issues-patch-for-3-unsupported-windows-versions/

People who are running unpatched machines should take action immediately.
The best measure is to patch the vulnerability using this link for supported versions
or this one for XP, 8, and Server 2003.
Those who can't patch should ensure their computers are locked down by, among other things, blocking outside access to ports 138, 139, and 445. They should also disable version 1 of the Server Message Block protocol.

--ivica (back to carrots...)

mati

  • ASIF Citizen
  • Posts: 267
    • View Profile
Re: How to secure internet ?
« Reply #56 on: May 14, 2017, 12:49:50 AM »
nobody wants to pay for safe and secure software.
for microsoft to do this would make the cost of windows at least 10,000$
so we get down to risk vs cost
which drives lots of people to just accept the risk....
and so it goes

TerryM

  • ASIF Governor
  • Posts: 2532
    • View Profile
Re: How to secure internet ?
« Reply #57 on: May 14, 2017, 01:16:53 AM »
So do we blame the lame at Microsoft for building vulnerable machines, or the evil doers at the NSA for developing such evil software, or the evil dunces in the intelligence community for releasing this into the wild.
Decisions Decisions Decisions
Terry

oren

  • ASIF Upper Class
  • Posts: 1669
    • View Profile
Re: How to secure internet ?
« Reply #58 on: May 14, 2017, 04:52:41 AM »
So do we blame the lame at Microsoft for building vulnerable machines, or the evil doers at the NSA for developing such evil software, or the evil dunces in the intelligence community for releasing this into the wild.
Decisions Decisions Decisions
Terry
Machines will always be full of backdoors and loopholes, and hackers will always try to profit from that. Having a government body do the heavylifting development is quite gross, though this might be more common than naively expected.
There's a couple of brilliant books by Vernor Vinge dealing with these backdoors among other things.

TerryM

  • ASIF Governor
  • Posts: 2532
    • View Profile
Re: How to secure internet ?
« Reply #59 on: May 14, 2017, 11:57:36 AM »
So do we blame the lame at Microsoft for building vulnerable machines, or the evil doers at the NSA for developing such evil software, or the evil dunces in the intelligence community for releasing this into the wild.
Decisions Decisions Decisions
Terry
Machines will always be full of backdoors and loopholes, and hackers will always try to profit from that. Having a government body do the heavylifting development is quite gross, though this might be more common than naively expected.
There's a couple of brilliant books by Vernor Vinge dealing with these backdoors among other things.


I was on a very small team that wrote the accounting software for a business computer line that really never made it out of the 80's. The software however was ported into many vertical niche systems that sprouted up all over the world. The last hospital bill I received in the States was on a form I'd designed twenty years earlier.
I still remember our back door, so I'm familiar with the concept.
The factory, every programming team, and sometimes even nefarious peoples can and do leave easy access entries for a myriad of reasons.
What I don't understand is why the NSA, whose mandate is to protect us from cyber terrorism would need to write code to facilitate cyber terrorism - then pass it out to contractors who had not been properly vetted.
If I were a hot shot lawyer I'd be thinking of class action lawsuits with the US as a defendant.


Terry

sidd

  • ASIF Upper Class
  • Posts: 1917
    • View Profile
Re: How to secure internet ?
« Reply #60 on: September 20, 2017, 01:37:03 AM »
Patch to disable intel cpu backdoor. looks like the disable bit was to satisfy the NA, who clearly want not to be spied on themselves ...

http://blog.ptsecurity.com/2017/08/disabling-intel-me.html

sidd

sidd

  • ASIF Upper Class
  • Posts: 1917
    • View Profile
Re: How to secure internet ?
« Reply #61 on: September 20, 2017, 01:38:38 AM »
Wikileaks dumps russian telecom spy kit

https://wikileaks.org/spyfiles/russia/

interesting to compare to snowden dumps.

sidd

sidd

  • ASIF Upper Class
  • Posts: 1917
    • View Profile
Re: How to secure internet ?
« Reply #62 on: October 11, 2017, 10:52:05 PM »

sidd

  • ASIF Upper Class
  • Posts: 1917
    • View Profile
Re: How to secure internet ?
« Reply #63 on: November 13, 2017, 12:51:41 AM »
Game on: USB interface to Intel Management Engine backdoor exposed. In Russian, but google translate actually does an ok job here.

https://habrahabr.ru/company/pt/blog/341946/


English language summaries at:

https://www.theregister.co.uk/2017/11/09/chipzilla_come_closer_closer_listen_dump_ime/

And an earlier network (!!) exploit of the Intel management tool, which accepted empty passwords.

https://www.theregister.co.uk/2017/05/05/intel_amt_remote_exploit/

Intel is losing it. If they dont give us an ez option to disable that Management Engine soon, I am going ARM for everything except serious numbercrunching behind draconian firewall.

sidd

sidd

  • ASIF Upper Class
  • Posts: 1917
    • View Profile
Re: How to secure internet ?
« Reply #64 on: November 21, 2017, 05:16:52 AM »
Everybody is watching.

https://freedom-to-tinker.com/2017/09/28/i-never-signed-up-for-this-privacy-implications-of-email-tracking/

https://freedom-to-tinker.com/2017/11/15/no-boundaries-exfiltration-of-personal-data-by-session-replay-scripts/

https://motherboard.vice.com/en_us/article/59yexk/princeton-study-session-replay-scripts-tracking-you

The Walgreen's example runs afoul of HIPPA in, oh, so many ways.

List of sites discovered (i bet many, many more are doing it)

https://webtransparency.cs.princeton.edu/no_boundaries/session_replay_sites.html

Disable all scripting. Disable images. Hell, i'm almost at the point of disabling stylesheets, that'll be the next tracker if they aint doing it already.

I guess, just use surfraw and parse the output. Or go oldschool and lynx/links.

sidd

sidd

  • ASIF Upper Class
  • Posts: 1917
    • View Profile
Re: How to secure internet ?
« Reply #65 on: November 24, 2017, 03:14:59 AM »
intel has released a tool to check if you are screwed by the holes in their CPU backdoor

https://downloadcenter.intel.com/download/27150

sidd

ivica

  • ASIF Middle Class
  • Posts: 567
  • Kelele
    • View Profile
Re: How to secure internet ?
« Reply #66 on: December 29, 2017, 05:42:43 PM »

We designed Haven for investigative journalists, human rights defenders, and people at risk of forced disappearance to create a new kind of herd immunity.
By combining the array of sensors found in any smartphone, with the world’s most secure communications technologies, like Signal and Tor, Haven prevents the worst kind of people from silencing citizens without getting caught in the act.



And open-source it is.

sidd

  • ASIF Upper Class
  • Posts: 1917
    • View Profile
Re: How to secure internet ?
« Reply #67 on: December 29, 2017, 08:54:40 PM »
Many excellent talks at the chaos conference this year:

https://streaming.media.ccc.de/34c3/relive

sidd

sidd

  • ASIF Upper Class
  • Posts: 1917
    • View Profile
Re: How to secure internet ?
« Reply #68 on: January 05, 2018, 12:37:57 AM »
Schneier on CPU bugs:

https://www.schneier.com/blog/archives/2018/01/spectre_and_mel.html

https://spectreattack.com/

https://meltdownattack.com/

The Intel problem is the more serious. The fixes can cause appreciable slowdown on databases.

sidd

Pmt111500

  • ASIF Upper Class
  • Posts: 1122
    • View Profile
Re: How to secure internet ?
« Reply #69 on: January 05, 2018, 03:31:23 AM »
Schneier on CPU bugs:

https://www.schneier.com/blog/archives/2018/01/spectre_and_mel.html

https://spectreattack.com/

https://meltdownattack.com/

The Intel problem is the more serious. The fixes can cause appreciable slowdown on databases.

sidd

Specially nasty engineering fault. On the patch of Linux kernel: "It's not like the few Linux-experts who can code the kernel, would purposefully slow their computers though a particularly paranoid one might have tried to experiment with something like this."
« Last Edit: January 05, 2018, 07:34:03 AM by Pmt111500 »
A quantity relates to a quantum like camel's back relates to camel's _______ ? (back, vertebra, vertebral tendon, spinal disc, paralysis)

TerryM

  • ASIF Governor
  • Posts: 2532
    • View Profile
Re: How to secure internet ?
« Reply #70 on: January 05, 2018, 07:59:36 PM »
This may have a golden lining yet. :)


I can't imagine anyone relying on a modern military who would be ready to risk it all on the hope that their modern, computerized armament hasn't been compromised.


Terry