• 5 Posts
  • 23 Comments
Joined 3 months ago
cake
Cake day: September 16th, 2024

help-circle


  • i forgot about that reason. That’s true I think some people have that as their motive. They are probably thinking that it’s best to not let the beginners know that vpn doesn’t do much on its own or that brave doesn’t actually stop all tracking and won’t necessarily give you a non-unique fingerprint etc. They want to make it look easy to get privacy because if they make it look hard that these simple beginner steps aren’t enough then they won’t even get started and give up.

    I think it’s a wrong mindset to have. I don’t think those types of people who give up if they realize privacy isn’t a one click solution are the target audience for privacy. We want the people who can actually spend some time to learn and put in some effort because if they can’t do that then they probably don’t care that much about privacy to begin with.

    But its just my opinion not a fact.



  • You are right but I think most people would in hindsight say they wished the did more to protect their computer when shit happens. It’s like a camera, you can buy a cheap camera meant to be used for a vacation then thrown away and it’s not worth much but the pictures you have taken are worth a lot as in semantic value, memories you want to keep.

    In someones computer they have their entire digital life. Work, personal life, social life, all kinds of data, pictures, banking, investments, crypto, etc. All that is priceless. That’s why ransomware viruses are so effective, people will pay and do anything to get their data back and they all wished they had just done some simple backups and from then on they will probably spend effort on security.


  • Ahh, very interesting! I think QubesOS only does mitigations, not microupdates. So that’s a point for linux in linux vs qubesos. I need to spend more time learning about these cpu vulnerabilities. One of the things I like about QubesOS is they do many security stuff that many of users don’t know about or understand. For example QubesOS doesn’t use the GPU in the Qubes because an attacker could get control of the GPU and see everything that the GPU renders which means seeing the host (dom0) and all the Qubes.

    I guess you can do that on Linux as well by disabling kvm passthrough of the GPU to the VMs.

    And maybe disabling hyperthreading like QubesOS does isn’t necessary on Linux if the cpu microupdates from Linux kernel already solves that cpu vulnerability. Many things for me to look into regarding these cpu vulnerabilities.

    QubesOS does make compartmentalizing much easier and smoother experience though.






  • I hope you are right, it would really make it easier if it’s just an external boot rom flash that is needed. I mean I know that feds can plant chips in the silicon and you wouldn’t find it if they had covert physical access and there’s no glitter nail polish to protect the screws, but in this case they are not the adversary, in this case it’s just random cyber criminals who are the adversary when you buy a second hand laptop.

    That article I linked to seems to suggest the malware can persist by hiding in any usb peripheral even camera. I think bluetooth is usb as well if i am not mixing it up with something else but i remember reading bluetooth is actually using usb bus. But anyway you mentioned only the boot rom and EC, you didn’t mention other peripherals so that’s why I’m replying and asking what you know about it. Do you think that linked article is mostly FUD and a bit incorrect when it says a malware can hide in the hardwired webcam or other USB components inside the computer?


  • Intel ME and AMD PSP, in conspiracy-speak are kinda like government backdoors, closed source, undocumented, with huge control over a processor.

    In theory it’s possible that intel me is made to be spyware/backdoor for feds but I don’t think it is because if it was then why are there so many cyber criminals in the world who the feds can’t catch? There are lots of cyber criminals on the top wanted lists and feds want to catch them so badly. And that’s just the non-affiliated cyber criminals, then there are also nation sponsored hackers for example north korea has been in spotlight recently for crypto hacks. And if intel me really was what we fear it could be in theory then usa’s enemies like russia and china would be instantly defeated.

    So even if it’s possible in theory because it’s cpu proprietary firmware with its own OS and that’s scary but if it really was abused that way then wouldn’t the world be a completely different situation?

    Also, intel wouldn’t need to have a backdoor in intel me. This source puts it well (https://deploy-preview-244--privsec-dev.netlify.app/posts/knowledge/laptop-hardware-security/):

    Intel and AMD do not need the co-processor to implement a backdoor - they can simply introduce CPU vulnerabilities like Spectre and Meltdown if they want to. If you do not trust a CPU vendor, the only mitigation is to not use said vendor.

    So if you read that article, he says there’s no point in buying an old brick just to be able to disable intel me because of the above quote.



  • I have respect for what you’re saying and I would like to think you’re right. I don’t have the experience myself to know, I just listen to what experts like you are saying. But I have also read other experts say worrying things like this (https://www.srlabs.de/blog-post/usb-peripherals-turn):

    To make matters worse, cleanup after an incident is hard: Simply reinstalling the operating system – the standard response to otherwise ineradicable malware – does not address BadUSB infections at their root. The USB thumb drive, from which the operating system is reinstalled, may already be infected, as may the hardwired webcam or other USB components inside the computer. A BadUSB device may even have replaced the computer’s BIOS – again by emulating a keyboard and unlocking a hidden file on the USB thumb drive.

    Once infected, computers and their USB peripherals can never be trusted again.

    What do you think about that?

    And if you want to get tin foil hatty. How do you know you werent man in the middled when you bought a laptop from a retailer. What if a bad actor installed or tampered with the new laptop you bought. And now is less secure than a second hand laptop because joe down the street doesnt care what you do with the laptop as long as he gets paid.

    That is part of the unavoidable risk. There are some entities we can’t avoid having to place some trust in. But I think the risk is higher buying second hand instead of from a reputable brand and off the shelf. And the previous owner was also at risk of such a mitm attack from the vendor.

    Lets say you have your laptop and sombody steals it. Your using LUKS full disk encryption right? Lets say you did for this example, your headers for decryption are plaintext on boot. So a threat actor can use brutforce to crack your disk. You can setup LUKS to have your headers on a separate disk that you take with you. Its the equivalent of taking away a lock and a key. So all the threat actor is left with is a door.

    If you have a password with 100+ entity then practically I don’t think we need to worry about bruteforce attack, or am I wrong about that? But you are still making a good point about there being many attack surfaces to defend against, it’s not only about where you buy it from.






  • If they don’t want to use private communication then just leave it. If you want privacy you have to get used to having a less social life, at least online. That’s the key really, if you want a social life, you have to start going offline, out into the real world and meet people. Get to know your neighborhood a bit or join some outdoor activity or club or something. I know it’s weird at first about going outside because we’re all basement computer nerds but you will find freedom without all the online surveillance when you leave your home.

    JK, because next challenge is to convince everyone you meet that they should leave their phones are home and if you thought getting people to use Signal is hard you have no idea because that’s just step 1.


  • should be able to cut D-/D+ and the SS lines

    What do those lines do if they are ok to cut? And why we cutting them?

    I also wonder if Boot Guard or USBGuard is enough to protect against a malicious charger. Becuase if the adversaries switch the charger out for their own malicious charger that looks the same but is going to be used to maybe record my password or something, then USBGuard should recognize it’s a different device? And I don’t know enough about Boot Guard, I guess Boot Guard doesn’t help in this situation because Boot Guard is just about during the Boot.


  • It was a good read, thanks for the link.

    Problem for me is which experts do I listen to? The article you linked to says a lot of the experts in the privacy community are wrong (common misinformation). But how do I know who’s actually wrong? If two experts are arguing with each other, how do I know who’s right? I would have to become an expert as well before I can know that, or I have to go with the majority and hope they’re right.

    There’s so much going on at boot, pre-boot, post-boot and everything, it’s tough to learn. Boot guard, intel txt, TPM, heads, etc. They all sound like they are doing same thing. And sometimes people use words like DRTM but they are talking about intel txt because txt is srtm or something like that. I’m just saying it’s difficult to learn about all this.

    I guess there’s just no shortcut really. I am just going to have to keep reading and slowly and steadily keep learning about this until I become an expert as well.


  • I did some research about usbguard. usbguard is userspace so its basically to protect from yourself or something or if you leave the computer running when you go out it can help protect it. I think biggest reason to use usbguard is if you are admin of other peoples linux desktops which seems unusual.

    I also read during my research that blocking or allowing specific USB device classes and device IDs is possible with usbguard, however generic lists can easily be bypassed.

    This topic is really about protection against a physical access attacker when you leave the laptop powered off. I don’t think usbguard helps against that because it’s userspace.

    A modified thumb drive or external hard disk can – when it detects that the computer is starting up – boot a small virus, which infects the computer’s operating system prior to boot.

    But pre-boot attacks may be prevented by use of a BIOS password and booting only to the hard drive.

    So maybe this means that Heads or trenchboot isn’t even necessary to protect against usb attacks when you leave your computer turned off. Just need to set a BIOS password and configure bios to only boot the HDD.

    But I’m not a hacker so I don’t have experience to know if there’s any other way around this protection. But glitter nail polish would at least give evidence of tampering if the way to hack around this protection requires unscrewing the laptop to open it up.