* Posts by CrysTalK

21 posts • joined 10 May 2013

The eagle has handed.... scientists a serious text message bill after flying through Iran, Pakistan

CrysTalK

Straight line route

Stared at the map and was impressed by that straight route from iran-pakistan border up to central russia.

wonder if thats just a software bug or this eagle knows crab angles to compensate for crosswinds.

Pentagon beams down $10bn JEDI contract to Microsoft: Windows giant beats off Bezos

CrysTalK

Re: Bad week for Bezos

I agree, those billionares have money beyond our imagination. But in an interview, Bill Gates said he doesn't have that much cash, and his net worth is just because of the stocks he holds and this value fluctuates because the price per share of microsoft keeps on changing.

Nine words to ruin your Monday: Emergency Internet Explorer patch amid in-the-wild attacks

CrysTalK

Re: So...

If you remove [Internet Explorer] folder inside [Program Files], you will delete a system file named ieproxy.dll which is responsible for the Safely Remove Hardware option. Which means any USB pendrive or USB devices you live-insert cannot be safely removed. I too was perplexed as to why SAFELY REMOVE feature needs INTERNET EXPLORER to function properly.

Breaking, literally: Microsoft's fix for CPU-hogging Windows bug wrecks desktop search

CrysTalK

Re: How'd they do that?

You should've read the EULA. With Win10 it's not your PC anymore, MS can modify and download anything at will. Yes, including your private stuff.

If you can't find the EULA, just use windows search. Oh, wait...

My MacBook Woe: I got up close and personal with city's snatch'n'dash crooks (aka some bastard stole my laptop)

CrysTalK

Re: Cowards

KMcC: In truth, though, the most awful part of the whole experience was how everyone in the coffee shop, save two guys who came and talked to me afterwards, chose to ignore the whole thing and wouldn't even make eye contact afterwards. Cowards, I muttered under my breath.

There are chances that those cowards inside the coffee shops are colleagues of the snatch'n'dash guy. They notified the sprinter that an expensive Mac was spotted inside.

Ransomware attackers have gone from 'spray and pray' to 'slayin' prey'

CrysTalK

Re: Weird Behaviour

Ransomwares can be stopped by simply creating an application whitelist. There's no need for typical employee to download a new binary/application to do his job. If you block all new binary/exe's those windows boxes won't get ransomwares. Heck, even Windows XP Pro have this feature and tried to enable it on my home machine. It won't run any new applications inserted by my daughter.

Need to automatically and securely verify a download is legit? You bet rget this new tool

CrysTalK

In *nix world there's pipes and scripts

This rget tool sounds user friendly. But in *nix world you can just pipe or build a 4 line script to:

download the file (wether binary or compressed) using the good old wget

verify the private key (sig) of 'checkum file' with public key of author using OpenSSL

verify the digest of the binary using the 'checksum file'

Done.

With rget there are new weaknesses created, as mentioned above. This tool rget is more convenient and user friendly but less secure, IMO.

Detailed: How Russian government's Fancy Bear UEFI rootkit sneaks onto Windows PCs

CrysTalK

Re: UEFI = ?

Unsecurable EEPROM for Intel.

Unix Exclusion Firmware Interface

CrysTalK

Save humanity

and I would fix their code in less tghan 5 seconds flat.

You should work for AMI or Phoenix or Intel so humanity would be saved from this mess caused by UEFI which was crammed with dozens of buggy features.

Your two-minute infosec roundup: Drone arrests, Alexa bot hack, Windows zero-day, and more

CrysTalK

Win10 side effect

Seems this zero-day bug only affects Win10. All other OS's are immune. NT was released since 1993 and can't be perfected it seems. Oh how about we throw in more featres to make it shinier.

Facebook: Up to 90 million addicts' accounts slurped by hackers, no thanks to crappy code

CrysTalK
Childcatcher

'View As' Could be an intentional feature

That feature could've been intentional for TLA's so agents can access anybody's private account, even if said agents were deployed overseas.

If not for TLA's and secret agencies, then maybe that feature was given to big corps who wanted some private data of FB users.

Just patched by FB when that Taiwanese guy claimed he would delete the FB account of Zuckerberg in a live stream.

That's why it's not good to put backdoors, as claimed by most tech gurus, be it hardware or software because sooner or later someone will discover those backdoors. Ok, as usual, just claim it was a bug and not an intentional feature.

You'll never guess what you can do once you steal a laptop, reflash the BIOS, and reboot it

CrysTalK

Use of digest and or checksums

I also shutdown after each use, and everytime I bootup I need to enter 4 different passwords to get a working environment. First is HDD BIOS password, then BIOS System password, then GRUB menu password (SHA512), then Windows logon password, then some private archives were also encrypted. This is just a personal laptop with nothing to protect except my daughters photos and some banking PDF files which are also password-protected by the bank itself.

On the othe rhand, I think any type of encryption used by the owner on his/her documents and private stuff would make this types of cold b oot attack useless. Even zip encryption or .7z compression with strong crypto would defend against this cold boot attack, as long as the password is not stored in any plaintext documents sitting on the filesystem.

Patch Tuesday heats up with pair of exploited zero-days squashed – plus 58 other vulns fixed

CrysTalK

Infinity and beyond

Just like our to do list and things we need to do, bugs are also infinite. Maybe due to human error, negligence or intentional those bugs just keeps on flowing in infinitely. Humans might be wiped out on Earth, but software bugs would still be there.

We need to talk about mathematical backdoors in encryption algorithms

CrysTalK

Re: AES Backdoor...

I thought that AES was chosen since it was the best performance vs security, but was not chosen to be implemented on small devices due to its low processing requirement.

......

I seem to recall that Elliptic Curve encryption is the chosen encryption for small devices since it is relatively secure and requires minimal processing to encrypt.

AES = symmetric cipher (would use just a single key for encryption and decryption)

Elliptic Curve =assymmetric cipher (uses 2 keys, a private and a public key)

Wonder why you mixed and compared both when they're not the same.

Hey girl, what's that behind your Windows task bar? Looks like a hidden crypto-miner...

CrysTalK

Block js.miners via hosts file on your router or OS

https://github.com/hoshsadiq/adblock-nocoin-list/

on linux OS or routers powered by linux OS just edit: /etc/hosts

if on windows then just edit: windows\****\drivers\etc\hosts

Restart your machine after applying changes on your hosts file.

You're welcome.

It's 2017 – and your Windows PC can be forced to run malware-stuffed Excel macros

CrysTalK

Legit bugs

More than 130 bugs? So how many of those were intentional backdoors? Patch the old bugs and open new ones to protect our children.

‪WannaCry‬pt ransomware note likely written by Google Translate-using Chinese speakers

CrysTalK

Cheap Translators online

Except anyone can have a bunch of translators online these days who would charge you for peanuts. Maybe true that the keyboard used was Mandarin or Cantonese setup, but could have been requested by a different citizen in a 1st world country.

While Microsoft griped about NSA exploit stockpiles, it stockpiled patches: Friday's WinXP fix was built in February

CrysTalK

Re: Silly analogy <indeed>

<i>With software, it takes a little bit more and considering MS wrote the code and left the bloody hole then they should have supplied a fix for zero day exploits regardless of the age of the software. Yes, even for DOS.</i>

With software, it would be impossible for a third party to create a fix and sell them. First, creating a fix requires disassembly which is illegal, and selling fixes for a software you don't own is illegal too. Very different in the world of automobiles where any third party can create a fix or a performance kit for profit.

German govt DUMPS 170 NEW PCs riddled with Conficker

CrysTalK
Thumb Up

Re: just distribute scripts for cleaning

//

@CrysTalK "just distribute scripts for cleaning"

apt-get install LinuxMint

20 minutes later - perfectly good, fast and secure PC.

// -Eadon

I agree Eadon, use Linux instead.

But:

1. we need to download LinuxMint and burn it into CD or USB stick, I don't think we can just apt-get install Mint from within another distro : )

2. LinuxMint is too bloated for my taste. All unnecessary stuff is loaded, I prefer the leanest distro where I load the firmware/driver myself and install those browser plugins I require, on my own. Mint has 3 browsers, 4 players, and a dozens of plugins. Not my taste. : )

I agree that you'll be safer with Linux though.

CrysTalK
IT Angle

just distribute scripts for cleaning

would take an average .js programmer just 1 hour to build a cleaner script which could be deployed on all those machines. And conficker will be removed right away. True the startup files and malware binaries might have random characters, but just build a script to check legit file names and delete those random programs not in the list of legit programs inside the script file.

so yes, just $200 USD for the script and all of those can be cleaned, by even NON-techie teachers after they double click the script.

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020