Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
Kuvo
Oct 27, 2008

Blame it on the misfortune of your bark!
Fun Shoe

lol

Adbot
ADBOT LOVES YOU

CmdrRiker
Apr 8, 2016

You dismally untalented little creep!


Let the files be free. If they never come back then they were never really yours.

Cybernetic Vermin
Apr 18, 2005

Jabor posted:

i mean, notepad does do text layout (break into lines, tab spacing, etc.), and unicode

so i wouldn't be too surprised if it turned out some obscure combination of those things blew a stack buffer

that and microsofts recent updating of it (broader encoding support, different line ending support, long path support, etc.) has indeed replaced a lot of that plumbing. so he is most likely teasing a bug in the newer versions of the components notepad uses.

Meat Beat Agent
Aug 5, 2007

felonious assault with a sproinging boner
yeah, i had assumed it was probably w10-related encoding support or something

Proteus Jones
Feb 28, 2013



He did say it was a memory corruption thing, but won't be anymore specific until the patch is released or 90 days pass.

sadus
Apr 5, 2004

Is this new? https://mdsattacks.com/
Errr the youtube videos are from May so I guess not, nevermind
zzzzzz AMD stock should be doing good

post hole digger
Mar 21, 2011

lol sick

Cocoa Crispies
Jul 20, 2001

Vehicular Manslaughter!

Pillbug

Proteus Jones posted:

He did say it was a memory corruption thing, but won't be anymore specific until the patch is released or 90 days pass.

I mean 90% of arbitrary code execution can be classified as "memory corruption"

Samuel L. ACKSYN
Feb 29, 2008


Cool



the neatest tech thing i ever found at a thrift store was a metal cased thing with a bunch of strange ports on the back and some USB ports. normally i wouldnt care but i noticed the front usb port was marked "USB Sniffer", so i bought it for a dollar


anyway disappointingly it turned out to be some sort of security camera thing that would overlay data from the usb onto the video feed, so like, an access controlled door could overlay the name of the person using the access card onto the video



also i got a hauppauge hd pvr 2 for 3 dollars today at goodwill so eh

You Am I
May 20, 2001

Me @ your poasting


stealin dis

Subjunctive
Sep 12, 2006

✨sparkle and shine✨

A friend of mine bought a used HP laptop off eBay, and wants to make sure it's not carrying something unpleasant deep inside. HP recommends "HP Reset", but I'm not au courant enough on the used-PC threat model to know if that is sufficient or a secfuck waiting to happen.

Please help me pretend I know what I'm talking about when I reply to my friend!

Winkle-Daddy
Mar 10, 2007
I'd reinstall from USB to get rid of the hp poo poo and also swap the drive to cover the very unlikely event there is some latent malware on the drive as well as the very likely scenario he will want something bigger and faster as storage is always getting cheaper.

Tankakern
Jul 25, 2007

Winkle-Daddy posted:

I'd reinstall from USB to get rid of the hp poo poo and also swap the drive to cover the very unlikely event there is some latent malware on the drive as well as the very likely scenario he will want something bigger and faster as storage is always getting cheaper.

what fud is this, "latent malware" if you flatten and reinstall?

Shaggar
Apr 26, 2006
make sure computrace or anything like it is disabled

Sagebrush
Feb 26, 2012

Tankakern posted:

what fud is this, "latent malware" if you flatten and reinstall?

I don't know how common they are, but there are rootkits that install themselves into hard disk firmware so they aren't erased by a reformat

dpkg chopra
Jun 9, 2007

Fast Food Fight

Grimey Drawer

Tankakern posted:

what fud is this, "latent malware" if you flatten and reinstall?

I remember some stuff being posted here about certain laptop manufacturers hiding code in hidden partitions that would reinstall their poo poo even if you completely formatted the drive and reinstalled windows from a clean media install.

Edit: https://www.extremetech.com/computing/212074-lenovo-laptops-can-reinstall-bundled-crapware-even-if-you-load-a-retail-copy-of-windows

Of course it was Lenovo, although in theory this just affected Windows 7 and 8.

dpkg chopra fucked around with this message at 15:50 on Jun 5, 2019

power botton
Nov 2, 2011

lets not forget persistant malware in your bios that exfiltrates data through microwaves or morse code or something

mystes
May 31, 2006

power botton posted:

lets not forget persistant malware in your bios that exfiltrates data through microwaves or morse code or something
IIRC Windows automatically installs software provided by EFI and that's what computrace uses, so you don't anything exotic to achieve this.

infernal machines
Oct 11, 2012

we have sealed ourselves away behind our money, growing inward, generating a seamless universe of self.

Ur Getting Fatter posted:

I remember some stuff being posted here about certain laptop manufacturers hiding code in hidden partitions that would reinstall their poo poo even if you completely formatted the drive and reinstalled windows from a clean media install.

Edit: https://www.extremetech.com/computing/212074-lenovo-laptops-can-reinstall-bundled-crapware-even-if-you-load-a-retail-copy-of-windows

Of course it was Lenovo, although in theory this just affected Windows 7 and 8.

that was in efi, so replacing the hard drive wouldn't prevent it from pushing the app back into the install

BangersInMyKnickers
Nov 3, 2004

I have a thing for courageous dongles

Tankakern posted:

what fud is this, "latent malware" if you flatten and reinstall?

there's some lovely tricks the oems were using where crapware installers were packaged in the uefi and then the windows installer would slipstream those in at install time due to some behavior in the OS installer being abused but I think MS cracked down on those now

BangersInMyKnickers
Nov 3, 2004

I have a thing for courageous dongles

Sagebrush posted:

I don't know how common they are, but there are rootkits that install themselves into hard disk firmware so they aren't erased by a reformat

those are defeated by secureboot unless the hardware is also compromised

Cybernetic Vermin
Apr 18, 2005

yeah, in principle there can be malware in the uefi firmware or bios, but as the only way to fix that is to toss the laptop and not get a new one (as the new one may have it too) it is not very helpful info. ideally do a full format and reinstall, but whatever reset-to-factory-image is offered up by hp is *probably* sufficient.

there is a lot of stuff malware *could* do to be incredibly well-hidden and persistent, but as the actual reformat is such a rare event in the life of a piece of consumer-grade malware i don't think many bother to try very hard.

El Mero Mero
Oct 13, 2001

I mean, if it's the manufacturer whether it was bought off eBay or not shouldn't matter.

New hard drive and reinstall is sufficient for an average non-paranoid non-computer toucher.

Asking for advice in this thread though on how to secure your used hp eBay laptop though? Lol. Shoulda bought an abacus and cut the electricity to the house because your friend's first mistake was being on the internet. HTH

infernal machines
Oct 11, 2012

we have sealed ourselves away behind our money, growing inward, generating a seamless universe of self.
assuming you can disable vpro/amt and any other remote asset management stuff in the bios then a wipe and reinstall from USB media should be good enough

dpkg chopra
Jun 9, 2007

Fast Food Fight

Grimey Drawer

El Mero Mero posted:

your friend's first mistake was being on the internet. HTH

honestly this was humanity's first mistake tbh

Shame Boy
Mar 2, 2010

BangersInMyKnickers posted:

there's some lovely tricks the oems were using where crapware installers were packaged in the uefi and then the windows installer would slipstream those in at install time due to some behavior in the OS installer being abused but I think MS cracked down on those now

why would they crack down on it, it's working as intended

those things are called "drivers" and they're 600MB because they're full of important driver things, honest

Shame Boy
Mar 2, 2010

look it just has ads because people like them and told us how much they would miss them if they're gone, why do you all hate adding value and improving the user experience you hitlers :colbert:

Cybernetic Vermin
Apr 18, 2005

while the general thrust of this argument is true microsoft did in fact crack down on the use of this uefi hook for loading software

Tankakern
Jul 25, 2007

if your really worried install linux on it

mystes
May 31, 2006

Tankakern posted:

if your really worried install linux on it
Good thing there aren't any other convenient mechanisms for the EFI bios to compromise the system regardless of OS.

Cybernetic Vermin
Apr 18, 2005

besides, the nsa already lives in your intel me install.

BangersInMyKnickers
Nov 3, 2004

I have a thing for courageous dongles

in eye-rolling stupid poo poo news that you'll have to deal with from vuln tester dipshits, qualys is now marking non-GCM ciphers as "weak" so have fun dealing with that bullshit

Winkle-Daddy
Mar 10, 2007

Tankakern posted:

what fud is this, "latent malware" if you flatten and reinstall?

You spelled common knowledge wrong? NSA has been installing malware into HD firmware since at least 2001, and did it for 14 years undetected until that whole Kaspersky thing on equation group malware back in '15.

e: I mean, it's really rare, but HDs are cheap, just get a new one and re-install from USB. If your threat model requires you to be any more paranoid, don't buy used, I guess?

e2: a link https://www.kaspersky.com/blog/equation-hdd-malware/7623/

Cybernetic Vermin
Apr 18, 2005

i originally found thompsons 'trusting trust' talk (you know the ones, the impossibility of figuring out a backdoor inserted by a compiler by source inspection), but it comes up pretty often in this kind of conversation: yeah, no poo poo, you can't trust anything. your intel-based laptop comes with three operating systems installed, and you can only have an effect on the one that is least trusted and loads last.

Subjunctive
Sep 12, 2006

✨sparkle and shine✨

Thanks, folks. He's thinking about getting a new nvme whatsit for it anyway to increase the storage, so I'll just encourage him in that direction.

Ur Getting Fatter posted:

Of course it was Lenovo, although in theory this just affected Windows 7 and 8.

Serious Hardware / Software Crap > YOSPOS > Security Fuckup Megathread v18.2 - of course it was Lenovo

Winkle-Daddy
Mar 10, 2007

Subjunctive posted:

Serious Hardware / Software Crap > YOSPOS > Security Fuckup Megathread v18.2 - of course it was Lenovo

Kazinsal
Dec 13, 2011



Subjunctive posted:

Serious Hardware / Software Crap > YOSPOS > Security Fuckup Megathread v18.2 - of course it was Lenovo

Chris Knight
Jun 5, 2002

me @ ur posts


Fun Shoe

Subjunctive posted:

Serious Hardware / Software Crap > YOSPOS > Security Fuckup Megathread v18.2 - of course it was Lenovo

Jabor
Jul 16, 2010

#1 Loser at SpaceChem
lolnovo

Adbot
ADBOT LOVES YOU

DrPossum
May 15, 2004

i am not a surgeon

Subjunctive posted:

Serious Hardware / Software Crap > YOSPOS > Security Fuckup Megathread v18.2 - of course it was Lenovo

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply