EllGab - Spite Board
The Woo => Technology => Topic started by: Whistler on September 03, 2018, 07:27:41 AM
-
Naturally this thread will be focused on Windows, but since they are moving to an OSAAS (Operating System As A Service) model, let them handle it - LOL !
Can't help you - switch to Linux or BSD.
For those of you (in the Doze camp,) smart enough to still be running Doze - 7 [or XP] (Hope you've switched off automatic updates) this is the thread to post your problems and worries. I'll try to help - to the best of my knowledge.
Linux, BSD, and IOS users, Dump your Questions here too. (There won't be many from the BSD users dumping questions - there's a reason for that ;) )
As far as mobile users go - I can't help you - all your systems are compromised from the factory.
Others may be able to help, but I probably won't be able to.
There it is Ladies and Gents.
Take it or leave it.
-
CRYPTOJACKING__
What is it, and how do you mitigate it ?
https://www.csoonline.com/article/3253572/internet/what-is-cryptojacking-how-to-prevent-detect-and-recover-from-it.html (https://www.csoonline.com/article/3253572/internet/what-is-cryptojacking-how-to-prevent-detect-and-recover-from-it.html)
-
Oh, one thing you might notice with a lot of these articles, is that most exploits come in through JavaScript.
Please don't confuse JavaScript with Java.
One is a Browser script, the other is a Programming Language. ;)
-
Watch worldwide Cyber-Attacks in real time:
https://geekflare.com/real-time-cyber-attacks/ (https://geekflare.com/real-time-cyber-attacks/)
-
This one falls under mitigation - if you're running a server, any server, check this out...
https://www.kitploit.com/2015/12/collection-of-awesome-honeypots.html (https://www.kitploit.com/2015/12/collection-of-awesome-honeypots.html)
(This article is mainly geared towards Linux,)
-
BlackHat - 2018 _ _ Keynote address - 1:12:07 (skip the first 10 minutes - it's nothing but an audio track - actual info starts around 10:26)
This is just the Keynote, but It gives an overview of what I saw. ;)
If you're into tech, these conferences are really worth going to.
Don't let the name scare you. there are some damn intelligent people there - along with shit-tons of 3-letter agencies. ;)
Cats & Chicks, even if you have no clue about Tech stuff, I'd really recommend listening to this vid.
((Oh yeah - Fuck political correctness - erhm - I mean Cultural Communism) LOL ! Bite Me Libs ! ! ! ! )
-
Naturally this thread will be focused on Windows, but since they are moving to an OSAAS (Operating System As A Service) model, let them handle it - LOL !
Can't help you - switch to Linux or BSD.
For those of you (in the Doze camp,) smart enough to still be running Doze - 7 [or XP] (Hope you've switched off automatic updates) this is the thread to post your problems and worries. I'll try to help - to the best of my knowledge.
Linux, BSD, and IOS users, Dump your Questions here too. (There won't be many from the BSD users dumping questions - there's a reason for that ;) )
As far as mobile users go - I can't help you - all your systems are compromised from the factory.
Others may be able to help, but I probably won't be able to.
There it is Ladies and Gents.
Take it or leave it.
switching off updates is a terrible idea right now. with meltdown and spectre variants appearing daily it seems , those security updates are essential.
spectre and meltdown effect all operating systems and require a processor firmware patch to fix . intel is the worst affected, but amd and arm can still be affected, albeit to a much lesser degree.
these patches are distributed via operating system updates and bios updates. anything much older than the current generation of chips is unlikely to get the bios update. the older a machine is ,the less likely a bios update will be available.
thus its left to the os vendors to implement the intel (amd/arm) microcode.
-
US, UK, and other governments asks tech companies to build backdoors into encrypted devices (https://www.theverge.com/2018/9/3/17815196/five-eyes-encryption-backdoors-us-uk-australia-nz-canada)
The US, UK, and three other governments have called on tech companies to build backdoors into their encrypted products, so that law enforcement will always be able to obtain access. If companies don’t, the governments say they “may pursue technological, enforcement, legislative, or other measures†in order to get into locked devices and services.
it will also provide access for those with the ability and little to no moral compass .
we have seen this over and over in the past. govt finds a exploit and sits on it for their own purposes. then a security researcher finds it and publishes it, and every black hat hacker (along with misc scumbags that are not govt) suddenly exploits it; recently spectre/meltdown .
this in the articles comments describes it perfectly :
Security flaws in applications and operating systems leading to unintentional back-doors are patched once discovered.
Introducing official back-doors into device encryption code is probably the most dangerous of all. The mere mention of their existence will entice non-law-abiding entities and individuals to seek them out. Furthermore, such official back-doors will be, by design and under the law, un-patchable.
No matter what, it will be difficult to achieve a reasonable balance between privacy rights and public safety.
-
switching off updates is a terrible idea right now. with meltdown and spectre variants appearing daily it seems , those security updates are essential.
spectre and meltdown effect all operating systems and require a processor firmware patch to fix . intel is the worst affected, but amd and arm can still be affected, albeit to a much lesser degree.
these patches are distributed via operating system updates and bios updates. anything much older than the current generation of chips is unlikely to get the bios update. the older a machine is ,the less likely a bios update will be available.
thus its left to the os vendors to implement the intel (amd/arm) microcode.
I had a really nice reply all typed up for you, and then the input box bit the dust on a preview. >:( >:( >:( >:( >:(
So 2nd try:
Allow me to be more precise; I stand behind my statement to turn off updates for XP, which as of June of this year, still commanded over a 5% market share.
https://www.windowslatest.com/2018/06/03/new-stats-show-windows-xps-market-share-increased/ (https://www.windowslatest.com/2018/06/03/new-stats-show-windows-xps-market-share-increased/)
If you are still running XP and want the updates, do the registry hack to fool the M$ servers into thinking you're an embedded system - at your own risk.
http://www.expertreviews.co.uk/software/8089/how-to-get-new-windows-xp-updates-for-free-until-2019-with-a-registry-hack (http://www.expertreviews.co.uk/software/8089/how-to-get-new-windows-xp-updates-for-free-until-2019-with-a-registry-hack)
Why would I put it out there to turn them off for XP ? 3 months before EOL (2014) I had two XP machines that the updates totally hosed. In fact they were hosed so badly by the updates that I had to reinstall (from Bkps and turn off auto updates on them. (I use them for regression testing - XP Pro SP2 & SP3.)
As far as Spectre and Meltdown go, there is absolutely no software or Bios update that will fix them. Those are NSA backdoors built right into the hardware of the motherboard that integrate with Intel ME and go all the way back to the Celeorn (the design all newer chips are based on) CPUs.
The NSA has been in bed with Intel since at least the early 90's so SPECTRE and Meltdown are not bugs, they're design features.
The only reason any of these 'features' have come to light is because the Shadow Brokers released them into the wild and the NSA had to cover their ass, so they they ran it down the pipe to their other bedroom buddies to look for the exploits - with some hints as where to look, I'm sure.
XKeyScore ring any bells ? ;)
BTW, that design was developed in Israel. (I have no paper trail for the NSA shennanigans, but all the evidence points to it )
Of course they're going to say this; https://www.techdirt.com/articles/20180106/10334238946/nsa-denies-prior-knowledge-meltdown-spectre-exploits-claims-it-would-never-harm-companies-withholding-vulns.shtml (https://www.techdirt.com/articles/20180106/10334238946/nsa-denies-prior-knowledge-meltdown-spectre-exploits-claims-it-would-never-harm-companies-withholding-vulns.shtml)
Now, these exploits are being modified; https://www.csoonline.com/article/3253247/security/3-leaked-nsa-exploits-work-on-all-windows-versions-since-windows-2000.html (https://www.csoonline.com/article/3253247/security/3-leaked-nsa-exploits-work-on-all-windows-versions-since-windows-2000.html)
Meltdown can be slightly mitigated, but forget about SPECTRE until the manufacturing process for the chips is revamped.
visitors can't see pics , please register or login
SPECTRE operates at the Instruction Set Architecture level, which is lower level than the BIOS / EFI or Operating System level. The machine doesn't need to be turned on, it just needs batteries or to be plugged in.
https://en.wikibooks.org/wiki/Microprocessor_Design/Instruction_Set_Architectures (https://en.wikibooks.org/wiki/Microprocessor_Design/Instruction_Set_Architectures)
https://en.wikipedia.org/wiki/Instruction_set_architecture (https://en.wikipedia.org/wiki/Instruction_set_architecture)
" According to some cybersecurity experts, fixing Spectre will require a complete overhaul of the way chips are made and could take years.
6. Spectre will require a complete re-architecture of the way processors are designed and the threats posed will be with us for an entire hardware lifecycle, likely the next decade.
— Nicole Perlroth (@nicoleperlroth) January 3, 2018 "
https://www.trustedreviews.com/news/intel-chip-problem-cpu-flaw-meltdown-spectre-vulnerability-patch-3365861 (https://www.trustedreviews.com/news/intel-chip-problem-cpu-flaw-meltdown-spectre-vulnerability-patch-3365861)
" AV-Test, an independent antivirus testing house, is reporting that they’ve seen about 139 separate code samples that exploit the vulnerabilities. They include the first JavaScript-based proof-of-concept exploits attacking browsers. "
https://www.pcworld.com/article/3245606/security/intel-x86-cpu-kernel-bug-faq-how-it-affects-pc-mac.html (https://www.pcworld.com/article/3245606/security/intel-x86-cpu-kernel-bug-faq-how-it-affects-pc-mac.html)
Time to look into a fine grained JS blocker like NoScript if you're not already running one. :o
Nice, eh ? ::)
(Not as elegant a response as I wanted, but I'm tired - I think it's nap time.) ;) ;D
-
Chrome Users: " Warning! If you are using Chrome browser extension from the MEGA file storage service, uninstall it right now. "
https://thehackernews.com/2018/09/mega-file-upload-chrome-extension.html (https://thehackernews.com/2018/09/mega-file-upload-chrome-extension.html)
https://news.ibinex.com/2018/09/06/chrome-extension-mega-full-of-malware-that-steals-peoples-monero/ (https://news.ibinex.com/2018/09/06/chrome-extension-mega-full-of-malware-that-steals-peoples-monero/)
-
" A highly popular top-tier app in Apple's Mac App Store that's designed to protect its users from adware and malware threats has been, ironically, found surreptitiously stealing their browsing history without their consent, and sending it to a server in China. "
https://thehackernews.com/2018/09/mac-adware-removal-tool.html (https://thehackernews.com/2018/09/mac-adware-removal-tool.html)
-
8 1/2 real time cyber attack maps. ;)
https://geekflare.com/real-time-cyber-attacks/ (https://geekflare.com/real-time-cyber-attacks/)
visitors can't see pics , please register or login
-
As far as Spectre and Meltdown go, there is absolutely no software or Bios update that will fix them. Those are NSA backdoors built right into the hardware of the motherboard that integrate with Intel ME and go all the way back to the Celeorn (the design all newer chips are based on) CPUs.
The NSA has been in bed with Intel since at least the early 90's so SPECTRE and Meltdown are not bugs, they're design features.
The only reason any of these 'features' have come to light is because the Shadow Brokers released them into the wild and the NSA had to cover their ass, so they they ran it down the pipe to their other bedroom buddies to look for the exploits - with some hints as where to look, I'm sure.
XKeyScore ring any bells ? ;)
BTW, that design was developed in Israel. (I have no paper trail for the NSA shennanigans, but all the evidence points to it )
Of course they're going to say this; https://www.techdirt.com/articles/20180106/10334238946/nsa-denies-prior-knowledge-meltdown-spectre-exploits-claims-it-would-never-harm-companies-withholding-vulns.shtml (https://www.techdirt.com/articles/20180106/10334238946/nsa-denies-prior-knowledge-meltdown-spectre-exploits-claims-it-would-never-harm-companies-withholding-vulns.shtml)
Now, these exploits are being modified; https://www.csoonline.com/article/3253247/security/3-leaked-nsa-exploits-work-on-all-windows-versions-since-windows-2000.html (https://www.csoonline.com/article/3253247/security/3-leaked-nsa-exploits-work-on-all-windows-versions-since-windows-2000.html)
Meltdown can be slightly mitigated, but forget about SPECTRE until the manufacturing process for the chips is revamped.
visitors can't see pics , please register or login
SPECTRE operates at the Instruction Set Architecture level, which is lower level than the BIOS / EFI or Operating System level. The machine doesn't need to be turned on, it just needs batteries or to be plugged in.
https://en.wikibooks.org/wiki/Microprocessor_Design/Instruction_Set_Architectures (https://en.wikibooks.org/wiki/Microprocessor_Design/Instruction_Set_Architectures)
https://en.wikipedia.org/wiki/Instruction_set_architecture (https://en.wikipedia.org/wiki/Instruction_set_architecture)
" According to some cybersecurity experts, fixing Spectre will require a complete overhaul of the way chips are made and could take years.
6. Spectre will require a complete re-architecture of the way processors are designed and the threats posed will be with us for an entire hardware lifecycle, likely the next decade.
— Nicole Perlroth (@nicoleperlroth) January 3, 2018 "
https://www.trustedreviews.com/news/intel-chip-problem-cpu-flaw-meltdown-spectre-vulnerability-patch-3365861 (https://www.trustedreviews.com/news/intel-chip-problem-cpu-flaw-meltdown-spectre-vulnerability-patch-3365861)
" AV-Test, an independent antivirus testing house, is reporting that they’ve seen about 139 separate code samples that exploit the vulnerabilities. They include the first JavaScript-based proof-of-concept exploits attacking browsers. "
https://www.pcworld.com/article/3245606/security/intel-x86-cpu-kernel-bug-faq-how-it-affects-pc-mac.html (https://www.pcworld.com/article/3245606/security/intel-x86-cpu-kernel-bug-faq-how-it-affects-pc-mac.html)
Time to look into a fine grained JS blocker like NoScript if you're not already running one. :o
Nice, eh ? ::)
(Not as elegant a response as I wanted, but I'm tired - I think it's nap time.) ;) ;D
while spectre is indeed a hardware issue, intel can still update microcode to not allow access to that part of the hardware. this microcode is implemented through operating system updates, or bios updates.
it does slow the processor down though.
also software is able to mitigate this by blocking specific code from running; such as,but not limited to, web browsers patched to block javascript code that could exploit this.
see https://meltdownattack.com/ for an explanation ; it has the whitepapers available as well.
i have stated elsewhere that the NSA has had knowledge (and therefore access) to all these exploits for at least a decade, and more likely 2 decades.
a thought on intel ME:
this was designed for sysadmins to be able to have remote access to a machine, that allows the admin to change BIOS settings remotely (without having to travel perhaps hundreds of miles). this is so a admin can fix things with minimal downtime. this makes sense if you think about it, if a sysadmin has to drive 50 miles on a saturday to for example, change a setting in bios, and drive home; then you (the company) has the cost of paying said admin OT, as well as a hour or more of downtime on the server. this could be done in a minute or 2 remotely.
an example of this would be :
a company has a webserver for ecommerce.
the power is cut,your ups runs out, everthing shuts down
now the original webserver is stuck in bios for whatever reason (kb not found, press F1 to continue for example)
the admin can remote in to intel ME and fix these things.
all of the above said, intel ME has its flaws and spectre can certainly exploit them via speculative execution.
-
while spectre is indeed a hardware issue, intel can still update microcode to not allow access to that part of the hardware. this microcode is implemented through operating system updates, or bios updates. ...
Excellent retort. ;)
For the non-Techs, here's a report - from 2012 - that pretty much covers it.
Offensive Language Warning
http://truedemocracyparty.net/2012/11/new-intel-based-pcs-permanently-hackable-jim-stone-new-core-vpro-processors-no-longer-any-pretense-about-your-private-information-internet-freedom-is-over/ (http://truedemocracyparty.net/2012/11/new-intel-based-pcs-permanently-hackable-jim-stone-new-core-vpro-processors-no-longer-any-pretense-about-your-private-information-internet-freedom-is-over/)
Here's a workaround fro P4's up to VPro - you'll need to be a DIYer though.
(The folowing direct quote was lifted from Intel Exchange, which referenced a 2014 Jim Stone article that no longer exists afaik.
(JS is under constant attack by state actors)
(I've also X'ed out the usernames in the following quote.)
June 18th 2014, by xxxxxx xxxxxx @ Jim Stone Forum / Computer security thread
__________________________________________________________________
Excuse me please - something hot has emerged re Hardware Security.
To wit: We have all been informed of the always-on cellphone link embedded in the Intel proceesors from (iirc) the Pentium-4 forward. To date, no real word seems to have surfaced as to countermeasures, though. For my part, I have puzzled over the "How" of this foul bit o' tech from the start, with an eye toward, ah, "Sovereign Remedy". Well, I could indeed be mistaken - but I think I have caught onto it. Here's what:
My first notion was to do a leetle surgery on the chip, possibly by removing The Antenna Pin(s) from the package. So starting from knowing exactly nothing in particular about any aspect of the package, I up 'n' got myself a copy of the official P4 spec sheet, since I have nothing newer than that in my lab's Resource Pile. Read that fine Intel pinout chart top-to-bottom. Found NO designation for any pin or clampable terminal (as used in the later models) that could be seen even as a veiled reference to an antenna-feed terminal connected to the mainboard.
Didn't make much sense to bury such a key board trace between the ground-plane layers of that fine four-layer composite item anyway. Moreover, all the PC-Board-based etched-trace antennae I have observed (all both of 'em) were etched in a fully recognizable manner.
So what is left...? Too simple. Hidden in plain view! It's the top cap of the chip plus the heat-sink. The "rubber" pad that provides thermal contact between the two parts is in fact electrically as well as thermally conductive. So is metal-filled heat transfer paste. Perfect connection for the purpose.
Ohmmeter tests done @ ~1.5 volts across the probes of a 20K ohms-per-volt Shack-grade multimeter, done this morning on several naked boards of the P4's vintage, clearly demonstrate the presence of semiconductor junction(s) standing between the P4 chip's protective top cap and System Chassis Ground. High resistance one way, much lower in the other direction. But only on Intel P4-equipped boards, NOT with any of the AMD-based ones. Ditto the Intel Celeron-equipped boards; an open circuit is all I have found on any of those boards currently in-house.
So there we have it. 99.44% Confidence Factor. Nailed solid, afaiac. The Rogue Stealth Cellphone Connection Antenna is the bloody heatsink!
Sidebar: The likely answer to the "So what's left?" question, which I had left to "simmer" as I often do when things Look Impossible, first rose to mind last night while conversing with a friend on an entirely different Edgy Topic. So I said something to her in passing on the matter, having warned her of the remote-shutdown/hacking/datamining hazard a couple of months prior. And POOF! - just as soon as I set the topic and then said, "...looks like it's the Heat Sink..." our connection (via Skype-to-iPhone and back again) went DOWN. Just like in the old days when Mr. Christopher Story FRSA was alive and howling in the Bush Gang's face for Honest Banking, real estate prices were gonna' never drop and Financial Derivatives were the Big Criminal Secret! (My friends finally caught on that I was Not Paranoid from that series of forced hangups, fwiw. Such a lovely backfire! {grin} ). So per SOP, I just dialed her back up and we finished-off with no further interference.
So what to DO about it...? Can't just go out and blow up all the cellie towers, though doing so'd surely spark a resurgence of Citizens Band and Family Channel Radio activity in its place. (GET 'em while you CAN imvho.) Well, I dunno' fer sure; my test gear ain't exactly up to the full task today. (OK for that to change too, fwiw.) But classic "Faraday Cage" shielding of the heatsink+fan assembly seems both mechanically difficult to achieve on the kitchen table and thermally impractical besides, once installed. How about braided copper straps fastened to the fins with aggressive-thread screws on one end and to the board's grounding connections on the other? Possibly, but those fine handcrafted copper straps just might even unintendedly resonate at the frequencies involved, making themselves a New Part of the Old Problem. But oh wait wait... Capacitive bypass... HM!
The object of the exercise, of course, is to divert the incoming signal to system ground before it can enter the logic and play hob with one's work. Best first-cut notion from out of my own "seat o' th' pants" instinct seems to be .001 to .005 microfarad disk-style ceramic capacitors connected from the heatsink to the nearest system ground points, using leads as short and as fat as can be soldered onto 'em. (It seems on reflection that those caps should be mounted as close to the fins as possible, just to capture as much microwave energy as can be without lead inductance getting in the way.) Mylar caps seem unsuitable due to the inherently unavoidable (significant at those frequencies though indeed tiny) inductance component built into that rolled-up foil+dielectric design.
Others with deeper microwave engineering exposure than mine may have something to contribute to this notion and the line of hardware-mod development that follows. One thing has come out plain as day once again, though: High-tech assault can often be stopped in its tracks by means of a leetle intelligently devised low-tech defense. This instance simply does look, for all the world (at least on the first cut) just like Another One of Those.
So I sure do hope this input proves to help keep the Rest of Us safe, free and online without interruption. Love to hear from others on this line; this tab stays open now. Let's just harden 'em up, shall we not? And that is all. 0{:-)o[
xxxxxxxxxxxxx
4 years and 11 weeks ago
Wow. Using the heat sink was ingenius. Is there a possibility of some kind of non electrically conductive heat sink paste? Something that would still pull heat up like is needed, but would electricaly insulate the cpu?
xxx
4 years and 11 weeks ago
I've been waiting for this... I'm not that good in electronics, so I guess I'll wait for an answer to SlapstickLlama's question.
xxx
Don't think using a heatsink as an antenna is possible ? :o
(Please give special note to the dates in this article.) ;)
https://www.researchgate.net/publication/3883616_Study_of_heatsink_grounding_schemes_for_GHz_microprocessors (https://www.researchgate.net/publication/3883616_Study_of_heatsink_grounding_schemes_for_GHz_microprocessors)
-
Excellent retort. ;)
For the non-Techs, here's a report - from 2012 - that pretty much covers it.
Offensive Language Warning
http://truedemocracyparty.net/2012/11/new-intel-based-pcs-permanently-hackable-jim-stone-new-core-vpro-processors-no-longer-any-pretense-about-your-private-information-internet-freedom-is-over/ (http://truedemocracyparty.net/2012/11/new-intel-based-pcs-permanently-hackable-jim-stone-new-core-vpro-processors-no-longer-any-pretense-about-your-private-information-internet-freedom-is-over/)
Here's a workaround fro P4's up to VPro - you'll need to be a DIYer though.
(The folowing direct quote was lifted from Intel Exchange, which referenced a 2014 Jim Stone article that no longer exists afaik.
(JS is under constant attack by state actors)
(I've also X'ed out the usernames in the following quote.)
Don't think using a heatsink as an antenna is possible ? :o
(Please give special note to the dates in this article.) ;)
https://www.researchgate.net/publication/3883616_Study_of_heatsink_grounding_schemes_for_GHz_microprocessors (https://www.researchgate.net/publication/3883616_Study_of_heatsink_grounding_schemes_for_GHz_microprocessors)
any electrically conductive material can be used as a antenna. however the antenna length must be tuned to match the desired radio frequency. you *could* use a paperclip as a tv antenna. you wont pick up many (possibly 0) tv stations. this is because the length of the antenna must match the frequency (or a quarter of said frequency) of the radio wave you want to transmit/receive, or (remote) reception will be degraded. and yes television uses radio waves.
usually antennas are designed to transmit/receive (well not so much transmit) a range of frequencies, such as fm radio, am radio, uhf tv , etc.
a metal heatsink doesnt match any frequency, mainly because they are designed to dissipate heat, not transmit/receive. thus any transmissions will be of poor quality at best. and when encased in a solid metal case (a standard desktop pc for example) is further degraded or blocked entirely because the case becomes a (poor) faraday cage. the new glass cases tend to let radio waves through.
furthermore tempest monitoring* may (further) drown out any transmissions from said heatsink.
modern LCD screen have cut down significantly on tempest monitoring due to much lower power requirements and therefore less transmit power over older crt monitors. while still possible, tempest monitoring may only extend a few tens of feet from the monitor. instead of 100 or so for crt monitors.
*tempest monitoring is when a person picks up emissions from your monitor ,and reconstructs those to see what you are doing on your monitor. arguably it can include monitoring any emissions from your computer.
see here (https://en.wikipedia.org/wiki/Tempest_(codename)) for more info.
-
any electrically conductive material can be used as a antenna. however the antenna length must be tuned to match the desired radio frequency. you *could* use a paperclip as a tv antenna. you wont pick up many (possibly 0) tv stations. this is because the length of the antenna must match the frequency (or a quarter of said frequency) of the radio wave you want to transmit/receive, or (remote) reception will be degraded. and yes television uses radio waves.
usually antennas are designed to transmit/receive (well not so much transmit) a range of frequencies, such as fm radio, am radio, uhf tv , etc.
a metal heatsink doesnt match any frequency, mainly because they are designed to dissipate heat, not transmit/receive. thus any transmissions will be of poor quality at best. and when encased in a solid metal case (a standard desktop pc for example) is further degraded or blocked entirely because the case becomes a (poor) faraday cage. the new glass cases tend to let radio waves through.
furthermore tempest monitoring* may (further) drown out any transmissions from said heatsink.
modern LCD screen have cut down significantly on tempest monitoring due to much lower power requirements and therefore less transmit power over older crt monitors. while still possible, tempest monitoring may only extend a few tens of feet from the monitor. instead of 100 or so for crt monitors.
*tempest monitoring is when a person picks up emissions from your monitor ,and reconstructs those to see what you are doing on your monitor. arguably it can include monitoring any emissions from your computer.
see here (https://en.wikipedia.org/wiki/Tempest_(codename)) for more info.
I have used a paper clip and a short jumper clipped wire many times for a satisfactory TV antenna. Local reception was just about as good as the old trusty rabbit ear antennas. I always get a laugh when I see commercials for the Magic TV Key and other similar products which are nothing more than a simple indoor antenna marketed to make it sound like you will get a ton of extra channels "for free" only with their magic device.
Many years ago, I remember working on computers that were Tempest rated. Otrona made a "portable" Tempest computer that was time consuming to work on due to all the extra shielding and a ton of screws that had to be removed. A nice but expensive computer used primarily by the military.
Just about anything conductive can be used for a receiving antenna as reception is more forgiving. Transmitting is another story as efficiency and effectiveness is determined by proper design...
-
any electrically conductive material can be used as a antenna. however the antenna length must be tuned to match the desired radio frequency.
Ding, Ding, Ding, - Give this man a cigar ! ;)
(Would you settle for a +1 instead ?) ;D
Thanks for the excellent lead in.
Okay - pull out your calculator, let's figure this out.
For an example, we'll be using a laptop from - oh, I don't know, 2004. This example laptop might be a Toshiba, M-55 Satellite w/ a susceptible Pentium 4M (mobile) cpu running at 2.0 GHz (max cpu freq..)
This lappy is built from molded plastic - except for the back of the lid - which is aluminum. (No Faraday cage effect for the cpu.)
Wifi in 2004 (and still) operates in the 2.4 GHz range.
The first thing to know about antennas is:
There is an inverse relationship between frequency and wavelength: the lower the frequency, the longer the wavelength; the higher the frequency, the shorter the wavelength.
So how do you figure antenna length for one full wavelength of 2.4 GHz ? (This goes for any frequency you want an antenna length for.)
Divide the speed of light in meters, ((Damn Brits... ;) ) ...which is the speed radio signals propagate at,) by the frequency.
c / f = one full wavelength for the target frequency - in meters.
Speed of light in meters: 299,792,458
Freq (cycles per second): 2.4 GHz = 2,400,000,000
Which comes out to: 0.124913524 meters,
or 12.491 Centimeters
Converting to inches, we get 4.9177165", approximately 4 and 59/64 inches.
That's just shy of 5" (actually, right between 4-7/8 and 4-15/16")
Think we can stuff that in a laptop ? ;) (Heh, heh, heh)
(I actually thought about tearing mine down again to get an accurate measurement on the heatpipe (the copper section) from the cpu to the cooling fins the fan blows through, but a picture will do.)
K000032240 TOSHIBA SATELLITE M55 HEATSINK SERIES "GRADE A"
visitors can't see pics , please register or login
The length of my cooling fins are approximately 2.4 inches.
That means that if the heatpipe was used for an antenna, it would be right in the ballpark for 2.4 GHz.
As far as I'm concerned, yeah, it can easily be used as an antenna.
As far as cpu coolers in desktops ?
It's actually possible they could act like a YAGI antenna
Scope this out...
What we have here is known as a BiQuad wifi antenna, designed for 2.4 & 5 GHz (Hence the different sized plates.)
visitors can't see pics , please register or login
From: https://www.kickstarter.com/projects/1096577862/the-biquad-yagi-antenna-for-wifi-and-fpv (https://www.kickstarter.com/projects/1096577862/the-biquad-yagi-antenna-for-wifi-and-fpv)
They are right around the size of the larger CPU coolers like the MegaHalems.
visitors can't see pics , please register or login
Granted, these antennas have to be precise in their measurements and spacing, so it's doubtful the coolers would work as antennas, but, most MoBos are mounted on the side panel of the desktop case, which would make a perfect YAGI antenna (for just one direction.) ;)
usually antennas are designed to transmit/receive (well not so much transmit) a range of frequencies, such as fm radio, am radio, uhf tv , etc.
Yup, That's why if you wanted to build an AM loop to pick up the entire AM spectrum from 540 KHz to 1700 KHz (1.7 MHz,) you would shoot for the center frequency of 1120 KHz.
((1700 - 540) / 2) + 540 == 1120
Broadcast antennas are a whole different ballgame. You need to consider impedance matching, resistance, grounding, reduction baluns, antenna height, polarization, etc., etc., etc. .
c / f ==
299,792,458 / 1,120,000 == 267.67 meters
Convert.
878.18' is one full wavelength for 1120 KHz
Then make your antenna length 1/4 wave of 878.18'
or
219.5' ( or 219'6") - total length of wire for a 1/4 wave loop.
Gauge of the wire, spacings between turns, winding style (spiral, box, spider,) and size of the loop all make a difference in the nulling and distance of the stations you can pick up.
It's a fun project for DIY'ers, and there's plenty of info on the net . ;)
furthermore tempest monitoring* may (further) drown out any transmissions from said heatsink.
How so ?
TEMPEST (a.k.a. Van Eck Phreaking) monitoring is generally passive reconnaissance. What I mean by that is; the target is not being zapped by any electro-magnetics the attacker is putting out. The attacker is reading and interpreting the the targets' electro-magnetic emminations.
This article explains it better than I can.
http://www.surasoft.com/articles/tempest.php (http://www.surasoft.com/articles/tempest.php)
Oh, and I really like this one - they apply TEMPEST mitigation to their website - LOL. (See if you can pick up on it. ;) )
https://www.hertzsystems.com/en/product/tempest-equipment/ (https://www.hertzsystems.com/en/product/tempest-equipment/)
modern LCD screen have cut down significantly on tempest monitoring due to much lower power requirements...
Don't be getting slack on me, WR250. (Tisk,tisk.) ;)
(Just kidding.)
The cables going to those LCDs and metal hinges in laptops make TEMPEST attacks still viable. It's still (as of 2007,) up to 75' with the right target. Funny how there's no newer information on this in Public Domain. (I smell a R.A.T.) ;) ;D
http://web.archive.org/web/20180312095201/https://www.newscientist.com/blog/technology/2007/04/seeing-through-walls.html (http://web.archive.org/web/20180312095201/https://www.newscientist.com/blog/technology/2007/04/seeing-through-walls.html)
https://www.engadget.com/2007/04/21/laptops-and-flat-panels-also-vulnerable-to-van-eck-eavesdropping/ (https://www.engadget.com/2007/04/21/laptops-and-flat-panels-also-vulnerable-to-van-eck-eavesdropping/)
Big D. even had his communications TEMPEST hardened.
https://electrospaces.blogspot.com/2017/11/trumps-communications-equipment-outside.html (https://electrospaces.blogspot.com/2017/11/trumps-communications-equipment-outside.html)
So yeah, I have to disagree with you on these points.
It is kind of a specialist area. Anti TEMPEST, Van Eck, whatever you want to call it, technologies were actually being developed in the last days of WWII by the Army. ;)
Here's some info on covert channels : https://hackaday.com/2017/02/02/hacking-the-aether/ (https://hackaday.com/2017/02/02/hacking-the-aether/)
And a good Sci-Fi book to read (if you haven't already,) is the Crytonomicon by Neal Stephenson.
https://archive.org/details/cryptonomicon00neal (https://archive.org/details/cryptonomicon00neal)
;) :)
-
Quote
furthermore tempest monitoring* may (further) drown out any transmissions from said heatsink.
How so ?
the same way jamming radio signals work. the more extraneous radio noise tossed out there, the harder it is to sort out what your looking for.
as i understood your "heatsink as a antenna" theory, it is passive reconnaissance, just like tempest monitoring.
additionally thermal paste (what intel and most manufacturers use) is non electrically conductive, forming a barrier to what you are describing, thus weakening the effect.
on recent (core2/i series/pentium/celeron) intel processors (and many amd,but not all) there is thermal paste between the silicon die and the (glued on) heat spreader on the chip. then another layer of thermal paste between the heat spreader and the cpu cooling device.
therefore i do not think this is a valid attack for anything other than govt agencies with more money than brains to carry out. and why would they do that when so many (un)known flaws exist to get information that are far easier to do? or when people actually volunteer said info (farcebook, tweeter, etc)
additionally tempest attacks on crt monitors could be carried out several hundred feet away from the target. lcd monitors use less power and therefore have less "broadcasting" capabilities. no matter how you factor things , more distance in receivable radio emissions required 1 of 2 things.
1. a larger receiving antenna ( i dont see anyone carrying around a 40' dish to tempest monitor)
2. more transmit power.
-
additionally thermal paste (what intel and most manufacturers use) is non electrically conductive...
" - some companies use silver, aluminum, ceramic, and diamonds which are ground to a very fine powder and mixed with the bonding compound. The final mixture of the thermal paste is often kept as a secret recipe.""
From:
https://www.ekwb.com/blog/thermal-compound-guide/ (https://www.ekwb.com/blog/thermal-compound-guide/)
I'm kind of rushed for time right now, so I didn't check out what the major manufacturers use as standard, But, silver is electrically conductive, Diamonds are generally not - there are exceptions.
https://www.thoughtco.com/diamond-a-conductor-607583 (https://www.thoughtco.com/diamond-a-conductor-607583)
" After 21 seconds of research, I learnt that it depends on the type of diamond. The range of resistance is pretty high, some are very resistant while some are very conductive. It depends on their constitution (since diamonds are not all the same). "
https://www.quora.com/Is-diamond-electrically-conductive (https://www.quora.com/Is-diamond-electrically-conductive)
(In a pinch, (automotive) Anti-Sieze makes a (cheap, and) fairly decent thermal paste.)
Yes, I've used it on an old - and very hot - AMD dual-core setup from 2005 and it dropped the cpu temps from 100 C (boiling) to approximately mid 50's C. ;)
BUT, you are forgetting something; the cpu is electrically grounded to the cooler through the cooler mounting screws. ;)
additionally tempest attacks on crt monitors could be carried out several hundred feet away from the target. lcd monitors use less power and therefore have less "broadcasting" capabilities. no matter how you factor things , more distance in receivable radio emissions required 1 of 2 things.
1. a larger receiving antenna ( i dont see anyone carrying around a 40' dish to tempest monitor)
LOL - neither do I. :) :D ;D
(Smart ass) ;)
2. more transmit power.
Don't forget about unshielded transmissions from the cables going to the monitor, plus the keyboards and mice. ;)
https://www.allaboutcircuits.com/news/hackers-device-electromagemissions-side-channel-attacks-cybersecurity/ (https://www.allaboutcircuits.com/news/hackers-device-electromagemissions-side-channel-attacks-cybersecurity/)
http://www.cialfor.com/2016/04/21/van-eck-phreaking-a-hack-using-eradiations/ (http://www.cialfor.com/2016/04/21/van-eck-phreaking-a-hack-using-eradiations/)
(There's more than one way to skin a cat.)
(Sorry Spookcat - :D - just a figure of speech) ;)
Add to that the general insecurity of wireless keyboards and mice. (Different attack, but still highly effective.)
https://threatpost.com/mousejack-attacks-abuse-vulnerable-wireless-keyboard-mouse-dongles/116402/ (https://threatpost.com/mousejack-attacks-abuse-vulnerable-wireless-keyboard-mouse-dongles/116402/)
So, I still have to disagree with you.
(This is getting some good info out there though.) ;)
-
" - some companies use silver, aluminum, ceramic, and diamonds which are ground to a very fine powder and mixed with the bonding compound. The final mixture of the thermal paste is often kept as a secret recipe.""
From:
https://www.ekwb.com/blog/thermal-compound-guide/ (https://www.ekwb.com/blog/thermal-compound-guide/)
from what ive seen in 30 years of building computers, the thermal paste used by OEM's is shit. its not in the interests of a OEM to take the chance of over application of a electrically conductive paste to short something out.
arctic silver has silver in it. arctic silver claims its electrically non conductive.
http://www.arcticsilver.com/as5.htm
BUT, you are forgetting something; the cpu is electrically grounded to the cooler through the cooler mounting screws. ;)
consumer intel cpus use a plastic mounting system. many amd processors do as well. however there are some that bolt to a metal backplate which is shielded with plastic/rubber to prevent shorting the board.
server processors usually use a metal backplate, which has the rubber/plastic shield on it to prevent shorting the board.
aftermarket heatsinks use the stock intel mounting holes, or the aforementioned metal backplate.
Add to that the general insecurity of wireless keyboards and mice. (Different attack, but still highly effective.)
https://threatpost.com/mousejack-attacks-abuse-vulnerable-wireless-keyboard-mouse-dongles/116402/ (https://threatpost.com/mousejack-attacks-abuse-vulnerable-wireless-keyboard-mouse-dongles/116402/)
So, I still have to disagree with you.
(This is getting some good info out there though.) ;)
as far as kb insecurities, nothing beats a hardware inline dongle to intercept keystrokes. but then again, that requires physical access. with physical access, its game over.
intercepting the (usually) unencrypted wireless communications from a kb/mouse is always a possibility.
/*edit*/
i added "electrically" to the the arctic silver claim for clarity
-
.....
*tempest monitoring is when a person picks up emissions from your monitor ,and reconstructs those to see what you are doing on your monitor. arguably it can include monitoring any emissions from your computer.
see here (https://en.wikipedia.org/wiki/Tempest_(codename)) for more info.
Tempest monitoring is what my handler does.
-
from what ive seen in 30 years of building computers, the thermal paste used by OEM's is shit. its not in the interests of a OEM to take the chance of over application of a electrically conductive paste to short something out.
arctic silver has silver in it. arctic silver claims its electrically non conductive.
http://www.arcticsilver.com/as5.htm
consumer intel cpus use a plastic mounting system. many amd processors do as well. however there are some that bolt to a metal backplate which is shielded with plastic/rubber to prevent shorting the board.
server processors usually use a metal backplate, which has the rubber/plastic shield on it to prevent shorting the board.
aftermarket heatsinks use the stock intel mounting holes, or the aforementioned metal backplate.as far as kb insecurities, nothing beats a hardware inline dongle to intercept keystrokes. but then again, that requires physical access. with physical access, its game over.
intercepting the (usually) unencrypted wireless communications from a kb/mouse is always a possibility.
/*edit*/
i added "electrically" to the the arctic silver claim for clarity
Ah you are into a favorite topic of mine (and pet peeve as well) in that I've always thought the MIL-spec for RF shielding on computers and associated cables (called tempest here) should be a standard on "consumer grade" computers including laptops.
Notice that cool green anodized aluminum power supply brick with the properly shielded BNC type connector. (and the quality of all the cabling in the experiments behind it) This is how it is supposed to be.
visitors can't see pics , please register or login
-
Ah you are into a favorite topic of mine (and pet peeve as well) in that I've always thought the MIL-spec for RF shielding on computers and associated cables (called tempest here) should be a standard on "consumer grade" computers including laptops.
that will never happen , due to costs involved and that manufacturers deem "unnecessary" except for military computers. this is to make said electronics "emp resistant", and not really for tempest protection, although it does that too.
as long as americans want cheep, they will get cheep, and complain about the cheepness of the cheep item.
-
from what ive seen in 30 years of building computers, the thermal paste used by OEM's is shit. its not in the interests of a OEM to take the chance of over application of a electrically conductive paste to short something out.
arctic silver has silver in it. arctic silver claims its electrically non conductive.
http://www.arcticsilver.com/as5.htm
True.
consumer intel cpus use a plastic mounting system. many amd processors do as well. however there are some that bolt to a metal backplate which is shielded with plastic/rubber to prevent shorting the board.
server processors usually use a metal backplate,
Yup which has the rubber/plastic shield on it to prevent shorting the board.
aftermarket heatsinks use the stock intel mounting holes, or the aforementioned metal backplate.as far as kb insecurities, nothing beats a hardware inline dongle to intercept keystrokes. but then again, that requires physical access. with physical access, its game over.
Agreed intercepting the (usually) unencrypted wireless communications from a kb/mouse is always a possibility.
/*edit*/
i added "electrically" to the the arctic silver claim for clarity
Allright, let's get a couple of things straight.
Are we talking magnetic or electrical antennas ?
Please read this entire article - it's the most basic, fundamental description of the technology that I could find.
https://interferencetechnology.com/antenna-fundamentals/ (https://interferencetechnology.com/antenna-fundamentals/)
Do you notice how an insulated (condenser - capacitor) setup is ideal for how an electrical (not magnetic field) antenna works ?
consumer intel cpus use a plastic mounting system. many amd processors do as well. however there are some that bolt to a metal backplate which is shielded with plastic/rubber to prevent shorting the board.
That's a condenser / capacitor. ^^^^^
Wasn't your main point that the cpu's are [electrically] insulated (capacitor action) from the heatsink ?
The example I was using was a magnetically coupled heat-pipe {loop- inductor]... but it works better as an electrically coupled heat-pipe antenna.
Take a look here at a loop FM transmitter (which is magnetically coupled, not electrically coupled). Pay special attention to the line about the tank circuit.
(Scroll down to " THE PROBLEM - POOR STABILITY ")
(Oh BTW - if you're into DIY, hit the Home link on this page - there are some awesome projects there. ;) )
http://www.techlib.com/area_50/Readers/Pilar/index.htm (http://www.techlib.com/area_50/Readers/Pilar/index.htm)
(BTW - I've also built quite a few systems, for customers, so I'm not a novice in this area) ;)
The point is, with a little electrical engineering, that heat pipe can be used as a fairly efficient transmitting antenna - even if it's not on a standard frequency. ;)
-
FED - Er... Face-book strikes again.
https://thehackernews.com/2018/09/facebook-account-hacked.html (https://thehackernews.com/2018/09/facebook-account-hacked.html)
-
Really, they're just making the public aware of this now ?
https://thehackernews.com/2018/09/uefi-rootkit-malware.html (https://thehackernews.com/2018/09/uefi-rootkit-malware.html)
-
True.
Yup Agreed
Allright, let's get a couple of things straight.
Are we talking magnetic or electrical antennas ?
Please read this entire article - it's the most basic, fundamental description of the technology that I could find.
https://interferencetechnology.com/antenna-fundamentals/ (https://interferencetechnology.com/antenna-fundamentals/)
Do you notice how an insulated (condenser - capacitor) setup is ideal for how an electrical (not magnetic field) antenna works ?That's a condenser / capacitor. ^^^^^
Wasn't your main point that the cpu's are [electrically] insulated (capacitor action) from the heatsink ?
The example I was using was a magnetically coupled heat-pipe {loop- inductor]... but it works better as an electrically coupled heat-pipe antenna.
Take a look here at a loop FM transmitter (which is magnetically coupled, not electrically coupled). Pay special attention to the line about the tank circuit.
(Scroll down to " THE PROBLEM - POOR STABILITY ")
(Oh BTW - if you're into DIY, hit the Home link on this page - there are some awesome projects there. ;) )
http://www.techlib.com/area_50/Readers/Pilar/index.htm (http://www.techlib.com/area_50/Readers/Pilar/index.htm)
(BTW - I've also built quite a few systems, for customers, so I'm not a novice in this area) ;)
The point is, with a little electrical engineering, that heat pipe can be used as a fairly efficient transmitting antenna - even if it's not on a standard frequency. ;)
as i stated in an earlier post, antennas (magnetic or not) need to be tuned to a specific frequency for transmit. a randomly sized hunk of metal used a processor back plate will not be a very good transmit antenna. also you have other interference such as hard drive activity, power supply radio noise, and other components that generate electrical noise. it is not feasible to monitor such noise for any real data. unless something happens to be a nearly perfect tuned length to suffice as a "transmit antenna" then its pretty much hopeless, unless you are within a few feet of the device,in which case you have physical access anyways. game over at that point.
can we agree to disagree on this?
/*edit*/
this is why the police simply seize computers, to gain physical access. yes even the FBI. because its not feasible to use tempest monitoring on a computer tower. the monitor may be a different story though.
-
a relatively new exploit: (https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies)
some supermicro server motherboards manufactured after 2014 ( real start date unknown) to late 2016, have a extra chip on the motherboard that is not part of supermicro's design. it was added in production to some server boards, the number of which is unknown. the chip looks like a power regulator, but isnt. it can steal the stream of data going to and from the cpu, and report back to an unknown internet server the server is idle (periods of low cpu activity) . since it has the datastream access it can inject commands and/or alter them.
effected companies :
Amazon (amazon reported this when they found it during a security audit of the servers)
Apple
and about 30 other companies.
it is suspected this a state sponsored hack (since the parts were manufactured in china, and had the chip upon leaving china, had the chips) and the US govt is extremely interested in this hardware hack.
amazon has removed the problem servers, and Apple has terminated its supermicro contract (allegedly for other reasons) and gone with another company for its servers.
it should be noted this chip was not "added on later" it was added during production of the board. apparently that chip had a obvious failure when amazon found it.
-
it should be noted that this is an attack which the US govt has warned against for years and has employed itself, usually after board manufacture, but before the board gets installed. yes you govt does this, so it isnt to unreasonable that others do as well.
china has a unique position: the boards are manufactured within its boarders, and it has the money/technology to insert said chips during mobo manufacture without anyone being the wiser.
-
it should be noted that this is an attack which the US govt has warned against for years and has employed itself, usually after board manufacture, but before the board gets installed. yes you govt does this, so it isnt to unreasonable that others do as well.
china has a unique position: the boards are manufactured within its boarders, and it has the money/technology to insert said chips during mobo manufacture without anyone being the wiser.
I'm following this one with interest WR. Once upon a time I was in the server business - still miss it. Fascinating that Apple got bit by this.
-
as i stated in an earlier post, antennas (magnetic or not) need to be tuned to a specific frequency for transmit.
Correct - if you're listening on a specific frequency. Granted, out put will multiply exponentially if the system is resonant. ;)
(I'll grant you that - it makes a hell of a difference.)
can we agree to disagree on this?
Most definitely. I have considerable experience in the MW, and LW bands. most of the principals translate to to the upper bandwidths, but not all.
Hey, we both put some good information out there for those that might be interested.
I'm still going to hold to my point of view, because I've seen nothing to prove me wrong, but that doesn't mean I'm right. I don't have an oscilloscope t o test whether it's putting out readable frequencies or not - or at what range they can be picked up at - if it even is.
All I know is that the heat-pipe is right in the range for a 2.4 MHz broadcast antenna. That makes me nervous. ;)
Oh yeah, this is a very old lappy that I'm using as an example.
So yes, we can [respectfully] agree to disagree.
(BTW - I value your opinions. No one has the same experience as another person does. If we shut ourselves off from learning, what's the sense in living ?) ;)
-
I'm following this one with interest WR. Once upon a time I was in the server business - still miss it. Fascinating that Apple got bit by this.
it should be noted that almost all of the companies effected are denying the claims. the rest are saying "no comment" . supermicro claims "they have no knowledge of this", the chinese govt is claiming to be "committed to supply chain security" and denies wrongdoing; also it claims to be a victim.
the US govt and the assorted 3 letter agencies all claim "no comment" .
-
here is more on the supermicro server compromise:
https://www.extremetech.com/computing/278164-supermicro-servers-completely-compromised-by-chinese-hardware-backdoors
https://www.imore.com/did-china-hardware-hack-supermicro-servers-used-apple-and-amazon
https://www.sdxcentral.com/articles/news/china-hacked-supermicro-servers-to-spy-on-amazon-apple-report-says/2018/10/
there are several options:
1. bloomberg is totally wrong and just trying to gain notoriety or (paying) users
2. bloomberg is partially right and the rest of #1 applies
3. the companies in question have contained the news of the compromise to a few persons each (those that actually know), and those who know were forced to sign a NDA and/or a govt gag order is in place. this means that PR is unaware and wont be informed of such a hack, due to the NDA or govt gag order.
4. the "US national security officials" cited have a beef against one or more of the companies named and want to defame them by this "whistleblowing" .
putting on my tin foil hat, it would not surprise me that the US govt has done this, then directed said companies to respond as they have, under threats of things like :
IRS audits
raids by any of a number of 3 letter agencies for any reason they can dream up (and yes they have done this, even on foreign soil) seizing hardware and even data centers
removing large tax incentives that said companies have
and anything else the they (the govt) can do
any of the above could put said company out of business, even apple and amazon.
-
here is more on the supermicro server compromise:
https://www.extremetech.com/computing/278164-supermicro-servers-completely-compromised-by-chinese-hardware-backdoors
https://www.imore.com/did-china-hardware-hack-supermicro-servers-used-apple-and-amazon
https://www.sdxcentral.com/articles/news/china-hacked-supermicro-servers-to-spy-on-amazon-apple-report-says/2018/10/
there are several options:
1. bloomberg is totally wrong and just trying to gain notoriety or (paying) users
2. bloomberg is partially right and the rest of #1 applies
3. the companies in question have contained the news of the compromise to a few persons each (those that actually know), and those who know were forced to sign a NDA and/or a govt gag order is in place. this means that PR is unaware and wont be informed of such a hack, due to the NDA or govt gag order.
4. the "US national security officials" cited have a beef against one or more of the companies named and want to defame them by this "whistleblowing" .
putting on my tin foil hat, it would not surprise me that the US govt has done this, then directed said companies to respond as they have, under threats of things like :
IRS audits
raids by any of a number of 3 letter agencies for any reason they can dream up (and yes they have done this, even on foreign soil) seizing hardware and even data centers
removing large tax incentives that said companies have
and anything else the they (the govt) can do
any of the above could put said company out of business, even apple and amazon.
Weren't many systems already vulnerable? NSA etc has done similar for years, I've heard. I've always had a concerned about outsourcing critical components to China. Interesting that so much of the government (even CIA) is now outsourced to Amazon cloud storage. If compromised China got a lot of stuff, then again considering our history I would've thought that some in government or tech industry would be aware of threat and/or problems, so disinformation could also be used. A few years back it was said how many spies and assets we've lost in China under Obama rendering our spying capacity very low now. I wonder if it wasn't a person that compromised all those agents (leading to their torture and death) but these hacks?
-
Weren't many systems already vulnerable? NSA etc has done similar for years, I've heard. I've always had a concerned about outsourcing critical components to China. Interesting that so much of the government (even CIA) is now outsourced to Amazon cloud storage. If compromised China got a lot of stuff, then again considering our history I would've thought that some in government or tech industry would be aware of threat and/or problems, so disinformation could also be used. A few years back it was said how many spies and assets we've lost in China under Obama rendering our spying capacity very low now. I wonder if it wasn't a person that compromised all those agents (leading to their torture and death) but these hacks?
[tin foil hat]
the US govt has been planting chips like this into servers (for other countries) for years. it would not surprise me if the US govt was the one behind this compromise (mimicking chinese design). the US govt has done this with software for many many years (engineering software to hack a specific resource, and coding the hack to look as if it were russian or chinese in design).
the US govt has extreme interest in apple, amazon, google and other large companies, and is therefore motivated to do something like this.
[/tin foil hat]
-
here is more on the supermicro server compromise:
https://www.extremetech.com/computing/278164-supermicro-servers-completely-compromised-by-chinese-hardware-backdoors
https://www.imore.com/did-china-hardware-hack-supermicro-servers-used-apple-and-amazon
https://www.sdxcentral.com/articles/news/china-hacked-supermicro-servers-to-spy-on-amazon-apple-report-says/2018/10/
there are several options:
1. bloomberg is totally wrong and just trying to gain notoriety or (paying) users
2. bloomberg is partially right and the rest of #1 applies
3. the companies in question have contained the news of the compromise to a few persons each (those that actually know), and those who know were forced to sign a NDA and/or a govt gag order is in place. this means that PR is unaware and wont be informed of such a hack, due to the NDA or govt gag order.
4. the "US national security officials" cited have a beef against one or more of the companies named and want to defame them by this "whistleblowing" .
putting on my tin foil hat, it would not surprise me that the US govt has done this, then directed said companies to respond as they have, under threats of things like :
IRS audits
raids by any of a number of 3 letter agencies for any reason they can dream up (and yes they have done this, even on foreign soil) seizing hardware and even data centers
removing large tax incentives that said companies have
and anything else the they (the govt) can do
any of the above could put said company out of business, even apple and amazon.
Bloomberg might be mistaken but what if it's worse? It's seems to me that you would need some operatives on the inside to really make it a slick operation.
Just thinking out loud. So ServerDesign Corp does a board design and they put a BMC on the board - because that's what you do [IPMI/BMC has enough problems as it is but that's a different subject]. They send the design off to China and the early engineering boards that come back look pretty good. They have a few QA issues so there is a tweak here and there and then it's time to ship.
So Acme Corp places an order for 4,000 units. The Chinese MSS has placed an agent in ServerDesign Corp's business operations and they note the order and pass it on to the MSS. The MSS has a particular interest in Acme Corp so they instruct the board manufacturer to introduce the board change - on say every 10th board. They place something between the SPI and the BMC that lets them dork around with the BMC when some sort of magic packet hits it. Boards get built, systems get built off they go. Some of the compromised units end up at Acme Corp where the MSS has an operative in the data center. Acme Corp installs the units and they start running Cloud stuff. KVM, VM's, Docker, the whole lot. Acne Corp have their systems mgmt network isolated off from everything else and it is tightly controlled. However the operative has access and has a way to send the magic packet and take over the BMC. Somehow whatever they did allows the I2C bus to pull data out of the VM's or they simply just grab what they can with an eye of grunting through it. Somehow there is a way that the operative can get at the data where it wouldn't be easily detected. When the coast is clear the operative gets the data out of the building and ships it off to the MSS. They dig around maybe they pull a VM running Ellbag and maybe they pull something juicy on occasion. A glimmer here and flash there might lead to something big. The US Navy used a glimmer and a glammer to prepare an ambush for the Battle of Midway when they broke the IJN25b code during the war.
If they used a little moxie and only compromised some boards it might be a cast iron bitch to detect. The story gets out and the new President has taken a much different approach to immigration and also is clearly no friend to Acme Corp. Not wanting to give the President any more ammunition, instead of issuing some wishy washy PR statement, they go all in on a categorical denial rather than to admit that they have hired MSS operatives from overseas into sensitive positions and have purchased compromised units to boot. How is that for tin foil hat @wr250 ?
Clearly *something* happened with this - Apple apparently ripped out every SuperMicro system they had and cancelled a big order and Amazon
ditched their whole Beijing DataCenter. Like I said just thinking out loud and riffing a little bit.
-
Bloomberg might be mistaken but what if it's worse? It's seems to me that you would need some operatives on the inside to really make it a slick operation.
Just thinking out loud. So ServerDesign Corp does a board design and they put a BMC on the board - because that's what you do [IPMI/BMC has enough problems as it is but that's a different subject]. They send the design off to China and the early engineering boards that come back look pretty good. They have a few QA issues so there is a tweak here and there and then it's time to ship.
So Acme Corp places an order for 4,000 units. The Chinese MSS has placed an agent in ServerDesign Corp's business operations and they note the order and pass it on to the MSS. The MSS has a particular interest in Acme Corp so they instruct the board manufacturer to introduce the board change - on say every 10th board. They place something between the SPI and the BMC that lets them dork around with the BMC when some sort of magic packet hits it. Boards get built, systems get built off they go. Some of the compromised units end up at Acme Corp where the MSS has an operative in the data center. Acme Corp installs the units and they start running Cloud stuff. KVM, VM's, Docker, the whole lot. Acne Corp have their systems mgmt network isolated off from everything else and it is tightly controlled. However the operative has access and has a way to send the magic packet and take over the BMC. Somehow whatever they did allows the I2C bus to pull data out of the VM's or they simply just grab what they can with an eye of grunting through it. Somehow there is a way that the operative can get at the data where it wouldn't be easily detected. When the coast is clear the operative gets the data out of the building and ships it off to the MSS. They dig around maybe they pull a VM running Ellbag and maybe they pull something juicy on occasion. A glimmer here and flash there might lead to something big. The US Navy used a glimmer and a glammer to prepare an ambush for the Battle of Midway when they broke the IJN25b code during the war.
If they used a little moxie and only compromised some boards it might be a cast iron bitch to detect. The story gets out and the new President has taken a much different approach to immigration and also is clearly no friend to Acme Corp. Not wanting to give the President any more ammunition, instead of issuing some wishy washy PR statement, they go all in on a categorical denial rather than to admit that they have hired MSS operatives from overseas into sensitive positions and have purchased compromised units to boot. How is that for tin foil hat @wr250 ?
Clearly *something* happened with this - Apple apparently ripped out every SuperMicro system they had and cancelled a big order and Amazon
ditched their whole Beijing DataCenter. Like I said just thinking out loud and riffing a little bit.
thats basically where i was going with it, substituting the US govt for the chinese govt. ie the us govt intercepts the shipment, places the chips, then send the shipment on its way with no one the wiser.
none of the affected companies would dare or are told not to disclose such things.
BTW, Acme only sells things like earthquake machines, batman suits, rocket roller skates and the like to super geniuses like Wile E. Coyote.
-
thats basically where i was going with it, substituting the US govt for the chinese govt. ie the us govt intercepts the shipment, places the chips, then send the shipment on its way with no one the wiser.
none of the affected companies would dare or are told not to disclose such things.
BTW, Acme only sells things like earthquake machines, batman suits, rocket roller skates and the like to super geniuses like Wile E. Coyote.
So with your scenario, Uncle Sam stops the units at Customs. Defeats the tamper seal, unboxes the unit and replaces the boards with
"special" boards that have the same S/N as the originals. Everything else stays the same. Possible. You just need the S/N's or it would stick out
like a sore thumb if any one bothered to look at the records.
-
FYI. Interest write up on the MSS and how little is known about it: https://nationalinterest.org/feature/everything-we-know-about-chinas-secretive-state-security-21459
-
So with your scenario, Uncle Sam stops the units at Customs. Defeats the tamper seal, unboxes the unit and replaces the boards with
"special" boards that have the same S/N as the originals. Everything else stays the same. Possible. You just need the S/N's or it would stick out
like a sore thumb if any one bothered to look at the records.
or has a agent at the manufacturing plant in china do it (it being add the part to the motherboard before boxing the motherboard up), so there is no record of the stop in shipping. then blame the chinese as needed, otherwise its "no comment" . then i has the original serial number, the anti-tamper seal is in place, no need to produce (for replacement) or alter boards after they are boxed up and so on.
-
https://www.techpowerup.com/248301/microsoft-pulls-windows-10-october-2018-update (https://www.techpowerup.com/248301/microsoft-pulls-windows-10-october-2018-update)
For those that haven't seen this news, Microsoft if fighting the contents of your documents folder getting deleted via malware by deleting them for you via update. No, this is not from The Onion.
-
https://www.bloomberg.com/news/articles/2018-10-09/new-evidence-of-hacked-supermicro-hardware-found-in-u-s-telecom
-
a youtube video that looks into the supermicro issue, starts at 1:46.
-
BlueKeep is set to Wreak Havoc, but may not be as bad as first deemed.
It is serious enough for M$ to push patches all the way back to XP & Server 2003, though.
May threat updates.
https://securityboulevard.com/2019/06/cyber-security-roundup-for-may-2019/ (https://securityboulevard.com/2019/06/cyber-security-roundup-for-may-2019/)
Independent threat assessment test:
https://blog.erratasec.com/2019/05/almost-one-million-vulnerable-to.html (https://blog.erratasec.com/2019/05/almost-one-million-vulnerable-to.html)
Fortune 500's that are vulnerable.
http://core.intrigue.io/2019/06/03/bluekeep-cve-2019-0708-fortune-500-external-exposure/ (http://core.intrigue.io/2019/06/03/bluekeep-cve-2019-0708-fortune-500-external-exposure/)
Turn off the RDP service in the first place, and this is not a problem - unless an update re-activates it.
(Not many people actually use it, and if you do use it, patch it.)
This has been a problem w/ M$ from 3.5. Just like the C: drive is by default, shared - although this might be changed now in Win-10. (Doubt it.)
-
https://healthitsecurity.com/news/5-more-healthcare-providers-fall-victim-to-ransomware-attacks (https://healthitsecurity.com/news/5-more-healthcare-providers-fall-victim-to-ransomware-attacks)
All health-care providers should be required by law to store their records on OPEN BSD or Whonix systems. >:(
That would mitigate these problems
If an attacker is smart enough to break those systems, then there is nothing you can reasonably do to stop them anyway.
-
Once again, M$ fucks over its user base. Win 7 is getting close to EOL, so they decided to slip in a backdoor disguised as a security update (for the 2nd time in as many years.)
They pulled the same shit with XP, pushing updates that hobbled the OS and made it run horribly slow - in order to force users to update.
Please understand this backdoor is stealing your usage habits and that that information is being sold to the highest bidder. Don't believe the WinBLOWS BullSHIT line that they want to better understand their customers in order to make a better product. This is outright theft and invasion of privacy - plain and simple.
https://www.computerworld.com/article/3408496/new-windows-7-security-only-update-installs-telemetrysnooping-uh-feature.html (https://www.computerworld.com/article/3408496/new-windows-7-security-only-update-installs-telemetrysnooping-uh-feature.html)
Since this is the Exploits and Mitigation thread, you may want to check out the following.
WARNING ! ! ! I Have NOT Vetted The Software Mentioned.
Please use due dilligence.
https://www.getblackbird.net/ (https://www.getblackbird.net/)
The documentation in the above link goes into detail abot what the .exe does. If I was still running a Doze box, I'd probably be using this software instead of trying to manually disable it myself, then again... .
One more thing, the author is of the same bent that I am - LOL. "Fuck Google" Heh, heh, heh. :D
-
I just love you.
I still have an in the box desktop computer with XP Home or XP Pro, not sure. Think it's from 04 or 05. I can't imagine starting it up and plugging it in to the shitty new world.
Also, are you a kickboxer and a chess player?
-
I just love you.
I still have an in the box desktop computer with XP Home or XP Pro, not sure. Think it's from 04 or 05. I can't imagine starting it up and plugging it in to the shitty new world.
Also, are you a kickboxer and a chess player?
LOL - Yes. ;)
-
Yes.
@Whistler
That is soooo HOT! (Roy Orbison sound from song - pretty Woman) -> Eerrrggggghhhh mercyaaahhh
I'm a real hunk ;D
Join us again, for the Young.. & The Restless..
-
@
I'm a real hunk ;D
Of feces.
-
Dammit @Whistler I installed blackbird and it fucked up my computer seeing the network drive. I tried the fix from blackbird but it didn’t work. Then I had blackbird go back and reset everything to default and the computer still won’t open the drive. Windows troubleshooter can’t find the problem. A laptop that I did not install blackbird on still sees the drive, so the problem is with the changed computer. I should have known better.
If you’re thinking about installing this software, be careful.
-
Dammit @Whistler I installed blackbird and it fucked up my computer seeing the network drive. I tried the fix from blackbird but it didn’t work. Then I had blackbird go back and reset everything to default and the computer still won’t open the drive. Windows troubleshooter can’t find the problem. A laptop that I did not install blackbird on still sees the drive, so the problem is with the changed computer. I should have known better.
If you’re thinking about installing this software, be careful.
@ juan, you goof-ball ;)
You didn't RTFM (http://onlineslangdictionary.com/meaning-definition-of/rtfm), did you ? :o
I hope you're not just fucking with me, with this post.
LAN / VPN / misc. network issues:
Blackbird disables 2 services, SSDP Discovery & UPnP Device Host, which are required to run Network Discovery on your PC
Read Me (https://www.getblackbird.net/documentation/readme/)
Betcha didn't make a Bkp before messing w/ the system either ? :(
If you don't understand what certain terms mean, please do look them up and what they entail instead of just going ahead with the proceedure and hoping everything will be okay.
It plainly states that network discovery will be disabled, using the industry standard (different) terminology for network sharing.
Alright, let's get into S.O.P (Standard Operating Proceedure.)
These are things I take for granted becuase I assume (there's that word again - ASSUME: makes an ASS out of U and ME ;) ) that most people follow precautions when messing with their system. I have a tendency to forget that not everyone has my training, technical ability, (or paranoia, for that matter.) ;)
I'm used to dealing w/ other SE's, programmers, and business personnel.
So here it is; anytime you decide to mess w/ your system, or use a software that does so, a backup of your important files should be made. This doesn't neccisarily mean the entire system - just the files that have changed since the last Bkp.
(I know it's obvious, but, save the backup off of the disk (external to the one) you will be working on.)
For instance; save off anything you have downloaded or saved to the system you are going to be working on. Ex: My Documents, My Videos, etc... plus any folders you have created for storage since the last time you did a Bkp - including the Desktop.
Here's the other thing, when installing a new Operating System, and getting everything tweaked the way you like it, and registered (WinDoze and other proprietary OSes,) do a complete Bkp so you have a pristine, reloadable / reinstallable OS if things really go South and fixing it is beyond your technical abilities, or just plain impossible.
If you're at a loss of what Bkp solution to use, there are 3 that I've used in the past that work well w/ Doze. Each has a particular strength depending upon your situation, but it is best to pick just one and get used to using it. That way you are familiar with its' capabilities and limitations.
Before backing up, it is always best to defragment w/ windows built-in defragging option, or a 3rd party app - BE CAREFULL WITH 3rd PARTY APPS.
I've always had good luck with UltraDefrag (https://www.majorgeeks.com/files/details/ultradefrag_64_bit.html), but I haven't used any Defragmenting programs since Win 7. CAVEAT EMPTOR !
Tips:
1. NEVER, under any circumstances, interrupt a defrag operation - even if there is a
pause button. Allot enough time to let it complete. (defragging will take hours
if you haven't done it in a while; or ever.)
2. Don't ever run on batteries while defragging - plug that bitch in.
3. If it's your first time defragging, depending on the size of the drive,
expect a minimum of hours, or days with a very large drive.
4. Defrag as often as you want with an HDD, SSDs should be defragmented when the ssd
is noticably lagging. Every write to an SSD decreases its life and the defrag
operation rearranges the entire drive.
These are all freeware backup solutions, which are just fine for home users and small businesses.
I've used all of these at one time or another.
Listed in no particular order -
ReDo Backup: (https://sourceforge.net/projects/redobackup/)
Review (https://www.lifewire.com/redo-backup-review-2617939)
Easeus ToDo Backup (https://www.techradar.com/reviews/easeus-todo-backup-free)
Allows for differential backups
Drive Image XML (https://www.runtime.org/driveimage-xml.htm)
Review (https://lifehacker.com/hot-image-your-pcs-hard-drive-with-driveimage-xml-326086)
Allows you to browse the files on a stored backup, and also to hot Bkp (while the system is running.)
Here's another thing; if you have a fairly recent backup, you can give the bird to any ransomware that comes your way as long as you don't constantly leave your backup drive plugged into your running system. (Everyone should have a dedicated drive for backups that only gets plugged in when they are doing a Bkp and Are Offline ! ;)
You may also want to check out the Ultimate Boot CD. (https://www.ultimatebootcd.com/)
This is a system utility disk.
Be Careful though. The programs on that disk are extremely powerful.
(That means you can really hose your system if you use them improperly, or in ignorance.)
I hope you can recover / fix your system. :)
Now, I have a kernel to compile.
I'll catch you guys later. ;)
-
@Whistler
Of course I made a full backup.
The software claims there is a fix to the network problem. It doesn't work.
At least this incident made me get off my ass and set up my otherwise unused Mac Mini as a proper server.
-
@Whistler
Of course I made a full backup.
The software claims there is a fix to the network problem. It doesn't work.
At least this incident made me get off my ass and set up my otherwise unused Mac Mini as a proper server.
;)
visitors can't see pics , please register or login
-
Hi Whistler,
This is my situation. This laptop is a Lenovo B570. It's over 7 years old. The Lenovo website states it's not win10 compatible yet win10 has forced it's way onto this machine and at least in my opinion was the cause of a hard drive failure.
I purchased a new hd and reinstalled win7. So is ms going to try to force win 10 on it again and if so, what can I do to stop it. I'm nowhere savvy as you so if it's not a simple solution, it wont work for me.
This machine is only a net surfer. I dont use it for anything else.
How do I defend it against win10 intrusions?
-
Hi Whistler,
This is my situation. This laptop is a Lenovo B570. It's over 7 years old. The Lenovo website states it's not win10 compatible yet win10 has forced it's way onto this machine and at least in my opinion was the cause of a hard drive failure.
I purchased a new hd and reinstalled win7. So is ms going to try to force win 10 on it again and if so, what can I do to stop it. I'm nowhere savvy as you so if it's not a simple solution, it wont work for me.
This machine is only a net surfer. I dont use it for anything else.
How do I defend it against win10 intrusions?
Hello @Exile :)
Yeah, if you didn't have at least 8 GB of free space on your drive, then I can say with high confidence, that Doze hosed it for you. >:(
visitors can't see pics , please register or login
And...
visitors can't see pics , please register or login
...even worse !
So, let's get rid of the Bullshit, shall we ? ;)
There are a few different ways to go about this.
You can use Group Policy Objects, or Hack the Registry, to keep M$ from forcing their crapware on you.
You could totally turn off updates. (Not Recommended)
You could set your internet connection to ' Metered ' . (This will keep 8GB of crap from downloading onto your system, but won't get rid of the nag.)
You could make Doze notify you of updates. (But then you have to research every one to see if it's the upgrade, and then make sure not to install it.)
Or, you could download and install some 3rd party software to do it for you (like GWX Control Panel - Not recommended,) that then resides on your system, doing gawd knows what.
Hand editing the registry is not a good idea if you've never done it before, and are not capable of extracting yourself from a mess, if you mistakenly delete, or mess up the key pair value.
Okay, so what does that leave us ?
Take a look at the following two links.
The 1st is link to a PE (Portable Executable) that integrity checks, and then changes 2 registry entries that will stop the M$ B$.
The second link goes into detail, in case you want to hack the Registry yourself. Plus it gives more info on the PE.
It's from a trusted company (important,) and the Reg Hax are reversible. (Lot's of details.)
https://www.grc.com/never10.htm (https://www.grc.com/never10.htm) (Includes DL link.)
https://www.grc.com/never10/details.htm (https://www.grc.com/never10/details.htm) (What it does & why).
I hope this helps. ;)
-
Whistler! ;D
I have 2 Window 7 Laptops. One is working and one isn't. Should I consider letting Windows install 10, or should I consider Linux? Or do you have a better suggestion?
-
Whistler! ;D
I have 2 Window 7 Laptops. One is working and one isn't. Should I consider letting Windows install 10, or should I consider Linux? Or do you have a better suggestion?
You know how I despise Doze. ;) ;D
An ubiased answer is: It depends on what you need to do with it, and how good your technical skills are..
If you use Skype, there is really no direct replacement in Linux, although you can try to run it in an emulator.
I'd say, stiay w/ 7 for as long as you can. (Turn off the update nag described in my previous post.)
BUT, test drive some Linux distros before Win 7 support runs out.
Also understand that Doze 10 is a data collection and privacy invasion platform of unprecedented proportion that is looking to switch to a yearly subscription paradigm.
Personally, I said FUCK M$, years ago. ;)
Now, Linux - if you want to try it - has many distros that come as a live version. This means you can burn them to disk (or a flash drive,) and boot from them, without changing anything on your existing setup. :)
Live disks can also be used to boot a Doze system if the Doze bootloader gets hosed.
In fact, when I used to use Doze, I removed the loader so the only way to boot the system was with a live Linux disk - lol.
(I was around a lot of pranksters @ the time. (fellow programmers.)) heh, heh, heh.
Everyone recommends the major flavors of *nix for someone moving from Doze, but I never see Knoppix mentioned in those recommendations.
Knoppix has got to be the most user friendly *nix out there. I'm not partial to the KDE desktop, but it's probably the easiest to use for new *nix users.
The hardware detection in Knoppix is second to none (always has been), and they were actually the first distro to create a live disk. :)
A note about live disks: if running from a cd or dvd, they will always be slower than a flash drive, or an installed system.
The newest knoppix, is version 8.6. The dvd is huge @ 4.5 GB, + they ditched systemd - WOOT, WOOT !
The latest cd is from 2013, version 7.2 @ 717 MB.
Personally, I like version 5.1.
Oh, it also comes with excellent assistive software on the ADRIANE version. The computer talks to you. ;D
The DE in the filename from the download site deginates the iso is localized to the German language (where it was developed, and the EN is the English version.
The download mirrors make you jump through a bunch of hoops to get to the actual discs, so I'll direct link them for anyone interested.
The .iso file is what you want (for whatever versiion you select.
The newer versions can be found here: ftp://mirrors.sonic.net/knoppix/ (http://ftp://mirrors.sonic.net/knoppix/)
The older versions were a real bitch to find. Spoogle is definitely censoring the search results for some reason, and the censoring has been happening for a few years now. (I know why they do this, and just know, its not for your best interest.)
But, I know how to find things. ;) ;D
http://mirror.cs.utah.edu/pub/knoppix/ (http://mirror.cs.utah.edu/pub/knoppix/)
Suck It, Google !
visitors can't see pics , please register or login
And here's the complete mirrors list. http://knopper.net/knoppix-mirrors/index-en.html (http://knopper.net/knoppix-mirrors/index-en.html)
For a write-up, explanation, and install instructions (with bug bypasses,) take a look here: https://www.knopper.net/knoppix/knoppix860-en.html (https://www.knopper.net/knoppix/knoppix860-en.html)
If you're not technically inclined, but have a CD / DVD drive, DL a copy and burn it to disc, as that's the easiest way to use it. Just set your bios boot order for CD drive before hard disk, if it's not already set this way. ;)
Then boot from the live disk you just burnt.
Note: The .md5, and .asc files are for verifying the integrity of your DLed .iso file.
if you use the DownThemAll addin for FireFox - it has the ability to verify MD5, SHA1, SHA256, etc, hashes, right in the
downloader. :)
If you do decide to take Knoppix for a spin, as with any *nix distro, don't forget to turn on your firewall before going online - it's in the main menu. :)
(Live discs make distro-hopping fun and allow you to test drive a distro before installing it)
-
You know how I despise Doze. ;) ;D
An ubiased answer is: It depends on what you need to do with it, and how good your technical skills are..
If you use Skype, there is really no direct replacement in Linux, although you can try to run it in an emulator.
I'd say, stiay w/ 7 for as long as you can. (Turn off the update nag described in my previous post.)
BUT, test drive some Linux distros before Win 7 support runs out.
Also understand that Doze 10 is a data collection and privacy invasion platform of unprecedented proportion that is looking to switch to a yearly subscription paradigm.
Personally, I said FUCK M$, years ago. ;)
Now, Linux - if you want to try it - has many distros that come as a live version. This means you can burn them to disk (or a flash drive,) and boot from them, without changing anything on your existing setup. :)
Live disks can also be used to boot a Doze system if the Doze bootloader gets hosed.
In fact, when I used to use Doze, I removed the loader so the only way to boot the system was with a live Linux disk - lol.
(I was around a lot of pranksters @ the time. (fellow programmers.)) heh, heh, heh.
Everyone recommends the major flavors of *nix for someone moving from Doze, but I never see Knoppix mentioned in those recommendations.
Knoppix has got to be the most user friendly *nix out there. I'm not partial to the KDE desktop, but it's probably the easiest to use for new *nix users.
The hardware detection in Knoppix is second to none (always has been), and they were actually the first distro to create a live disk. :)
A note about live disks: if running from a cd or dvd, they will always be slower than a flash drive, or an installed system.
The newest knoppix, is version 8.6. The dvd is huge @ 4.5 GB, + they ditched systemd - WOOT, WOOT !
The latest cd is from 2013, version 7.2 @ 717 MB.
Personally, I like version 5.1.
Oh, it also comes with excellent assistive software on the ADRIANE version. The computer talks to you. ;D
The DE in the filename from the download site deginates the iso is localized to the German language (where it was developed, and the EN is the English version.
The download mirrors make you jump through a bunch of hoops to get to the actual discs, so I'll direct link them for anyone interested.
The .iso file is what you want (for whatever versiion you select.
The newer versions can be found here: ftp://mirrors.sonic.net/knoppix/ (http://ftp://mirrors.sonic.net/knoppix/)
The older versions were a real bitch to find. Spoogle is definitely censoring the search results for some reason, and the censoring has been happening for a few years now. (I know why they do this, and just know, its not for your best interest.)
But, I know how to find things. ;) ;D
http://mirror.cs.utah.edu/pub/knoppix/ (http://mirror.cs.utah.edu/pub/knoppix/)
Suck It, Google !
visitors can't see pics , please register or login
And here's the complete mirrors list. http://knopper.net/knoppix-mirrors/index-en.html (http://knopper.net/knoppix-mirrors/index-en.html)
For a write-up, explanation, and install instructions (with bug bypasses,) take a look here: https://www.knopper.net/knoppix/knoppix860-en.html (https://www.knopper.net/knoppix/knoppix860-en.html)
If you're not technically inclined, but have a CD / DVD drive, DL a copy and burn it to disc, as that's the easiest way to use it. Just set your bios boot order for CD drive before hard disk, if it's not already set this way. ;)
Then boot from the live disk you just burnt.
Note: The .md5, and .asc files are for verifying the integrity of your DLed .iso file.
if you use the DownThemAll addin for FireFox - it has the ability to verify MD5, SHA1, SHA256, etc, hashes, right in the
downloader. :)
If you do decide to take Knoppix for a spin, as with any *nix distro, don't forget to turn on your firewall before going online - it's in the main menu. :)
(Live discs make distro-hopping fun and allow you to test drive a distro before installing it)
Thank you kindly, Whistler. I'll certainly take that into consideration. ;) :-*
-
Why does the text parser on this site always delete my closing parens ? :P
-
Why does the text parser on this site always delete my closing parens ? :P
Autotourette addin
-
@StarrMountain
I went through this a couple of years ago. You’ll get technical answers, like the one from @Whistler, that are accurate but miss the mark in a way.
It depends on what programs you need to run and whether it or a replacement will run on Linux. I wanted to set up a computer to keep my financial information on and also to work on my intellectual property. I was only partially successful. The accounting program Quicken installed on Linux with no problem. The program Quickbooks, which I used for my business, would not. However, I was able to find an acceptable substitute. The programs I used for editing photographs and music would not install. These are professional programs with capabilities far beyond the usually recommended GIMP and Audacity. I ended up putting these programs on a separate Windows computer that is not connected to the Internet. So yes, I run three desktop computers. (OK Boomer).
Now , if you’re using a web browser, email program, Word, etc. there are acceptable substitutes that are usually free. As I said, it depends. BTW, I downloaded Linux Mint and found it very easy to install and use.
Good luck.
-
@StarrMountain
I went through this a couple of years ago. You’ll get technical answers, like the one from @Whistler, that are accurate but miss the mark in a way.
It depends on what programs you need to run and whether it or a replacement will run on Linux. I wanted to set up a computer to keep my financial information on and also to work on my intellectual property. I was only partially successful. The accounting program Quicken installed on Linux with no problem. The program Quickbooks, which I used for my business, would not. However, I was able to find an acceptable substitute. The programs I used for editing photographs and music would not install. These are professional programs with capabilities far beyond the usually recommended GIMP and Audacity. I ended up putting these programs on a separate Windows computer that is not connected to the Internet. So yes, I run three desktop computers. (OK Boomer).
Now , if you’re using a web browser, email program, Word, etc. there are acceptable substitutes that are usually free. As I said, it depends. BTW, I downloaded Linux Mint and found it very easy to install and use.
Good luck.
Bless you, and +1 Juan. I just want to convert my Windows 7s laptops so I can still use them for the same
old non-essential crap I've always used them for. ;) ;D
-
Autotourette addin
+1 Just cuz. ;)
-
Autotourette addin
LOL - Seems legit. ;) ;D
-
https://spyware.neocities.org/articles/browsers.html (https://spyware.neocities.org/articles/browsers.html)
Scope out your favorite browser to see how badly it rats you out, and how to fix it.
-
Autotourette addin
That's a good one.
-
Of the browsers, Brave sends to its masters the least data, Edge and Yandex the most.
http://www.zdnet.com/article/brave-deemed-most-private-browser-in-terms-of-phoning-home/