Hacker News: IgorBog61650384

New comment by IgorBog61650384 in "Apt Encounters of the Third Kind"

IgorBog61650384 — Sat, 27 Mar 2021 04:57:08 +0000

Hi, author of the blog post. This is correct - keeping PII protected has always been their concern, but recent breaches in thier's and other industries (including some they heard of and were not publicized) made them even more concerned.

New comment by IgorBog61650384 in "Length's malware writers will go through to get PII"

IgorBog61650384 — Thu, 25 Mar 2021 04:22:34 +0000

Yep!

Length's malware writers will go through to get PII

IgorBog61650384 — Wed, 24 Mar 2021 19:37:27 +0000

Article URL: https://igor-blue.github.io/2021/03/24/apt1.html

Comments URL: https://news.ycombinator.com/item?id=26571944

Points: 3

# Comments: 2

Security of the Intel Graphics Stack – Part 2 – FW GuC

IgorBog61650384 — Thu, 25 Feb 2021 11:08:44 +0000

Article URL: https://igor-blue.github.io/2021/02/24/graphics-part2.html

Comments URL: https://news.ycombinator.com/item?id=26261745

Points: 2

# Comments: 0

New comment by IgorBog61650384 in "Security features of the Intel/Windows platform secure boot process"

IgorBog61650384 — Tue, 16 Feb 2021 16:35:18 +0000

Thanks, fixed it

New comment by IgorBog61650384 in "SolarWinds hack was 'largest and most sophisticated attack' ever: MSFT president"

IgorBog61650384 — Mon, 15 Feb 2021 04:31:25 +0000

The SolarWinds incident was detect because of bad opsec by the operators who performed the FireEye op. I would image the capability was developed by an expert group in some intelligence agency, and then used as an entry point by a different operator group with lower standards. But who is to day there aren't more of this kinds of attacks out there, just no one has made a foolish error using them yet? If we assume that, we have to assume this operation was somewhere in the middle of a normal curve of complexity, and there are even more sophisticated backdoored systems like that we just don't know about. Imagine any medium-large code base (100+ of KLoCs), that is deployed widely, and has an auto update mechanism. Most companies don't have very strict access to the build process (and even if they do, all you need is to corrupt one employee), so it shouldn't be to hard to patch binaries before they are signed (especially bytecode in .NET and Java) , and add another URL and/or signature for verification (for sig only the attacker needs access to the web site/CDN too). The change will be only a few lines, so is very hard to detect automatically - it will look like regular code for tools.

New comment by IgorBog61650384 in "System76 Launch Configurable Keyboard with Open Source Code"

IgorBog61650384 — Thu, 11 Feb 2021 05:11:36 +0000

You're right, as long as the hardware switch is really hardware and not fake-hardware-implemented-in-software like many vendors.

New comment by IgorBog61650384 in "System76 Launch Configurable Keyboard with Open Source Code"

IgorBog61650384 — Thu, 11 Feb 2021 04:53:07 +0000

I love the idea but is scaring me a bit security wise. This can be a really hidden persistence method for malware.

Imagine the following scenario - memory only malware lands on my computers, identifies the keyboard, uploads a malicious firmware and disappears. Using basic heuristics like time and entropy it detect when I logon to the machine, get my passwords, understands my OS, and what for a hidden signal by the memory only malware. If the signal is not detected for a while because I rebooted my computer or reinstalled it, It unlocks the computer with the password at a time of inactivity, and types in a command like wget/curl to to download the malware again, and so on.

I think this can even be used for Virtual Machine escape, as many VMs just pass-through HID commands, so its possible the firmware can be updated from a VM.

Kudos to System76 though for providing the firmware, this helps in auditing it and running tools like lint or PVS studio to decrease the chance of bugs like that. They are consistent in being open source and I hope more vendors with firmware follow their lead.

New comment by IgorBog61650384 in "Intermittent Fasting 101 – How to Lose Weight and Clear Your Mind"

IgorBog61650384 — Thu, 11 Feb 2021 04:45:19 +0000

Nice article, thanks for the tips at the end!

Personal perspective: I've been trying intermittent fasting for about four years, and found it helped a little in the beginning but then petered out.

What happened was I did not eat until 7PM, then ate a little bit, but once I started eating I could not stop. It was never a matter of hunger, I barely ever feel hunger at all, it was like a deep primal drive to eat once the gates had opened - each and every evening.

The one thing that actually worked for me for a while was almost complete fasting - I would eat one meal one Saturday, one meal one Sunday, and that's all. The first two weeks were hard, but then it became quite easy, except the time aches Monday morning. It also lowered my resting heart rate by 10 BPM. I managed to drop about 40lbs in 6 month. Then I started on a really tough and stressful project at work, stayed late with coworkers, they ordered pizza night after night, I ate, and the fasting was over. Couldn't get back on the wagon since ...

New comment by IgorBog61650384 in "Evidence that the FBI can hack into private Signal messages on a locked iPhone"

IgorBog61650384 — Thu, 11 Feb 2021 04:13:14 +0000

Exploits are possible even without DMA. Windows had a slew of USB stack exploits, ranging from the serial and modem drivers to HID device and more. There have also been in the past (and probably still exist) exploits over serial lines, over I2C and SMBus, etc'. Not having DMA makes it much, much harder, but not impossible.

So having the modem connected by USB does not make attacking through it impossible - how can you tell there are no bugs in the iOS USB stack?

Security of the Intel Graphics Stack – Part 1 – Introduction

IgorBog61650384 — Wed, 10 Feb 2021 10:20:43 +0000

Article URL: https://igor-blue.github.io/2021/02/10/graphics-part1.html

Comments URL: https://news.ycombinator.com/item?id=26087469

Points: 2

# Comments: 0

New comment by IgorBog61650384 in "Indian space startup fires world’s first fully 3D printed rocket engine"

IgorBog61650384 — Wed, 10 Feb 2021 04:14:16 +0000

I love hearing great news about the space industry, that the way to get us humans into outer space.

Can any one a little more knowledgeable explain the difference between this 3d printed engine and RocketLab's one? Thanks!

New comment by IgorBog61650384 in "Evidence that the FBI can hack into private Signal messages on a locked iPhone"

IgorBog61650384 — Wed, 10 Feb 2021 04:12:31 +0000

I don't think this should surprise anyone. The FBI has multiple methods for accessing locked phones: using physical exploits like those provided by Cellbrite, or through baseband attacks - i.e. first attacking the cellular modem and from there using an exploit to get to the main ARM cpu, or through exploits or backdoors in any app the phone had that do background refresh through the web while the phone is locked. I think the current status of infosec means that anyone that is the target of a nation state intelligence agency or counter intelligence agency can be hacked. The question if that is actually done or not depends on how interesting they are and the lawfulness of the action and not on technical capabilities.

New comment by IgorBog61650384 in "Show HN: Started a dev blog – will write more about developer productivity hacks"

IgorBog61650384 — Mon, 08 Feb 2021 09:45:23 +0000

Love the post, good luck!

Re “Productivity equiation” from Ali Abdaal: Productivity = Useful output / time x f (where f is the ‘fun factor’), but treating f as constant is wrong - even fun projects can get tiresome . A good measure might be instead an inverse 'tediousness' factor, e.g. how tedious are the worst expected tedious parts of the project (like the 'fun' bottleneck) and make sure you don't get stuck when you reach those points.

Also fun project tend to be novel, but novel project have the highest amount of unexpectedness, so its good to decide on a few 'novel' things and let the rest of the project be based on stuff you know well.

New comment by IgorBog61650384 in "Barcode scanner app on Google Play infects 10M users with one update"

IgorBog61650384 — Mon, 08 Feb 2021 05:37:37 +0000

The only reason this was detected was very overt behavior - opening AD popups. So I guesstimate for each one of these we have 10 that go undetected. This means the whole ecosystem is broken, as there is no reason this will happen only for updates and not for new apps as well. Apple's ecosystem is somewhat better, but I can't imagine they go through every line of code in each package, so most of their review is probably done with some combination of automatic static and dynamic analysis, and these can be fooled. The problem with both platforms is that they don't provide run of the mill users the option of installing an effective firewall and security solutions.

New comment by IgorBog61650384 in "Barcode scanner app on Google Play infects 10M users with one update"

IgorBog61650384 — Mon, 08 Feb 2021 05:34:03 +0000

How do you decide when it is safe to update?

New comment by IgorBog61650384 in "Is Russia distorting GPS signals to protect Vladimir Putin?"

IgorBog61650384 — Mon, 08 Feb 2021 05:32:31 +0000

Russia has a long history of GPS jamming for security reasons. A friend serving in the russian forces in Syria says that GPS accuracy in the country varies dramatically with Russian military activity in the region. About two years ago there were a series of posts about GPS distortion around Moscow center (https://news.ycombinator.com/item?id=26060590, https://money.cnn.com/2016/12/02/technology/kremlin-gps-sign...). But this happens not only in Russia, also in the US as an anti-drone measure (https://eu.usatoday.com/story/tech/news/2017/09/26/gps-spoof...)

New comment by IgorBog61650384 in "If any Ubuntu maintainers are listening: PLEASE STOP DOING THIS"

IgorBog61650384 — Mon, 08 Feb 2021 05:28:07 +0000

I get that breaking packages is a bad user experience, but the Linux community at large should start paying more notice to security-first software engineering. Learn a little bit from Microsoft's experience - they made 100% backward compatibility their mantra for years, and look where it got them - a reputation as an unsecure platform with lots of exploits. Linux has many exploits too, its just a less popular platform for research by security researchers so less security bugs are found then Windows. But when those are found - its catastrophic like the last SUDO bug. They way to forward is to understand that even great software developers have bugs with security implementation, as writing reasoning about the correctness of software is very hard, and start implementing wide reaching mitigations by default. Control flow mitigations made implementing exploits on Windows much much harder, raising the bar of "bug to real-world exploit" significantly. Ubuntu setting CF protections to default will encourage many maintainers to finally fix their code.

New comment by IgorBog61650384 in "Biden says it will be difficult to achieve Covid herd immunity before summer end"

IgorBog61650384 — Mon, 08 Feb 2021 05:21:24 +0000

People need to understand that stopping Covid will take much more then a year, and can easily extend for 2-3 years. 24% of the USA population is under 18 (from google). The article states that at least 75% of the population must be vaccinated, which means that he expects 100% vaccination of the rest of the population, which is impossible due to medical reasons, and in the USA with its large communities of anti-vaxxers even more complicated. To achieve herd immunity we need to slowly lower the lower age limit for vaccinations, and adjust the ways schools operate - for example mandatory temperature measurments and rapid 10-min covid tests for the kids before they can enter the school buildings. People trying to sell everything will be back to normal by summer might in the end cause more harm then good by creating false hopes for fast fixes.

New comment by IgorBog61650384 in "A visual guide to SSH tunnels"

IgorBog61650384 — Sun, 07 Feb 2021 07:48:21 +0000

Really nice and clear. One addition: the final example uses ProxyCommand, I find ProxyJump much more useful: you can specify multiple hops clearly and even specify different private keys for each hop.