Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
Kalenden
Oct 30, 2012


I just finished reading "This Is How They Tell Me the World Ends: The Cyberweapons Arms Race" by Nicole Perlroth (https://www.goodreads.com/en/book/show/49247043-this-is-how-they-tell-me-the-world-ends) and was wondering what the threads thoughts about it were.

It paints a pretty stark picture and the source sounds credible (a NYT journalist). Still, is it sensationalist or pretty accurate?

Adbot
ADBOT LOVES YOU

BaseballPCHiker
Jan 16, 2006



It glosses over a lot of technical details to make the book more approachable for a wider audience. I would say the tone is a bit sensationalist, and I've worked at one of the companies mentioned in the book and she paints a slightly different picture than what I experienced in reality.

On the whole I'd say its fine and gives a decent overview of the current state of things.

RFC2324
Jun 7, 2012

http 418



SlowBloke posted:

If they pop your bitwarden password they can both login and MFA, that's the core issue(i have a similar scheme on keepass so i shouldn't be preaching on this). If you have a strong enough key you should be fine.

Thats what i figured, just curious if there was some known flaw or something with the BW implementation.

I have 2fa on bw itself, and only use it for video games, so not worried

Arsenic Lupin
Apr 11, 2012

This particularly rapid💨 unintelligible 😖patter💁 isn't generally heard🧏‍♂️, and if it is🤔, it doesn't matter💁.



https://twitter.com/d_feldman/status/1558309810801631233

Rescue Toaster
Mar 13, 2003


Has anyone ever heard of any storage (NVMe, SATA, eMMC, USB drive or SD card) that provides a seriously strong guaranteed read-only mode? Basically I want some kind of bootable device that can make strong guarantees of being immutable. I can always setup linux to mount the filesystems all read-only but that's just a quick escalation & remount away from a permanent exploit. In this scenario an escalation isn't the end of the world as long as it's not persistent. I mean go ahead and assume spinning optical is not an option for this, due to size and performance.

The best idea I could come up with so far was some kind of microcontroller that can monitor the SD card data lines for write commands and disconnect the sd or reset the cpu before the entire write command goes through. Seems like there could be a lot of commands/patterns to worry about though. Another option would be some microcontroller that is a USB device and can present an attached SD card as a block device, so it's easier to snoop on the write commands. There are definitely source code examples floating around that do this, but would likely be much slower than the dedicated SD controller on the host.

Volmarias
Dec 31, 2002

I'm sure I'll think of something.

Aren't there USB drives that have physical write protection switches? turns out the write protection switch is just a suggestion to the host :rolleye: Could you just force overwrite a drive after it's used if you're concerned about reuse? Is UEFI tampering a concern? Is physical tampering a concern?

What's your actual threat model here? On which side of the Mossad / Not Mossad line are you concerned?

E: someone suggested a card flexxon makes that specifically prevents further writing, take a look at that?

Volmarias fucked around with this message at 02:57 on Aug 14, 2022

The Fool
Oct 16, 2003



worm storage is a thing, flexxon makes a usb stick

Mustache Ride
Sep 11, 2001







Buy one of these and break the switch off?

Rescue Toaster
Mar 13, 2003


Thanks! I really just need something like a write protect switch, but a real one.

I knew the little switch on SD cards was bs, but it looks like some of these USB or special SD card options could work.

BlankSystemDaemon
Mar 13, 2009



Rescue Toaster posted:

Has anyone ever heard of any storage (NVMe, SATA, eMMC, USB drive or SD card) that provides a seriously strong guaranteed read-only mode? Basically I want some kind of bootable device that can make strong guarantees of being immutable. I can always setup linux to mount the filesystems all read-only but that's just a quick escalation & remount away from a permanent exploit. In this scenario an escalation isn't the end of the world as long as it's not persistent. I mean go ahead and assume spinning optical is not an option for this, due to size and performance.

The best idea I could come up with so far was some kind of microcontroller that can monitor the SD card data lines for write commands and disconnect the sd or reset the cpu before the entire write command goes through. Seems like there could be a lot of commands/patterns to worry about though. Another option would be some microcontroller that is a USB device and can present an attached SD card as a block device, so it's easier to snoop on the write commands. There are definitely source code examples floating around that do this, but would likely be much slower than the dedicated SD controller on the host.
Netboot to a NFS directory mounted read-only on the host side.

BonHair
Apr 28, 2007

easily buttfrustrated


CD rom

Rust Martialis
May 8, 2007

Sarcastic Bastard

Pillbug

R/O Zip Drive :freakout:

Jabor
Jul 16, 2010

#1 Loser at SpaceChem

There are NAND flash chips that literally cannot be written to unless the write protect pin on the chip has the "allow writes" voltage level applied to it.

Having the USB device signal the OS that "hey, the write protect switch is on so please do not try writing" is definitely still something you want the device to do, but if that switch is also hooked up to the write protect pin on the actual flash then even if the computer tries to write something it won't actually be written. You might have to buy from several different vendors and crack them open to find one that's been designed properly and isn't just relying on the OS signal.

Rescue Toaster
Mar 13, 2003


I was looking at flash chips at one point to in terms of write protecting BIOS on motherboards with a physical switch, and unfortunately a lot of them aren't as simple as just a write protect line. There's a control register that itself is protected by the write protect IO, but you have to write a write protect bit to that control register first, and then assert the line, and it will be blocked after that point. So you'd still need a microcontroller in between the motherboard and BIOS chip to manipulate it before boot.

Also quite a few models of the large (32MB+) 8 pin NAND flash ics that are used for BIOS in particular just don't even bother to hook up the write protect lines, the chip will just have a no connect in that position.

USB seems like a crapshoot since it's just whatever firmware is on the controller IC, whether it actually internally obeys the write protect switch or not, and whether the firmware can be easily reset/reloaded at runtime... but that's getting much farther down the rabbit hole than the scenarios I'm trying to deal with. Although these days who knows what all is freely available in the various exploit toolkits out there.

Hed
Mar 31, 2004



Fun Shoe

Rescue Toaster posted:

Has anyone ever heard of any storage (NVMe, SATA, eMMC, USB drive or SD card) that provides a seriously strong guaranteed read-only mode? Basically I want some kind of bootable device that can make strong guarantees of being immutable. I can always setup linux to mount the filesystems all read-only but that's just a quick escalation & remount away from a permanent exploit. In this scenario an escalation isn't the end of the world as long as it's not persistent. I mean go ahead and assume spinning optical is not an option for this, due to size and performance.

The best idea I could come up with so far was some kind of microcontroller that can monitor the SD card data lines for write commands and disconnect the sd or reset the cpu before the entire write command goes through. Seems like there could be a lot of commands/patterns to worry about though. Another option would be some microcontroller that is a USB device and can present an attached SD card as a block device, so it's easier to snoop on the write commands. There are definitely source code examples floating around that do this, but would likely be much slower than the dedicated SD controller on the host.

Iíve always put storage behind one of these if I needed it to be read only: https://www.amazon.com/Tableau-TK8u-USB-Forensic-Bridge/dp/B00YDEM30O. Iím almost positive Iíve done a Debian netinst behind one.

Subjunctive
Sep 12, 2006

✨sparkle and shine✨



Hed posted:

Iíve always put storage behind one of these if I needed it to be read only: https://www.amazon.com/Tableau-TK8u-USB-Forensic-Bridge/dp/B00YDEM30O. Iím almost positive Iíve done a Debian netinst behind one.

Why is that thing nearly 2 pounds? I would expect it to be the size and weight of a deck of cards to do read-only USBÖ

Thanks Ants
May 21, 2004

#essereFerrari




Package weight including the power brick, at a guess.

There's also devices like https://wiebetech.com/products/usb-3-1-writeblocker/

Thanks Ants fucked around with this message at 22:53 on Aug 14, 2022

Subjunctive
Sep 12, 2006

✨sparkle and shine✨



Ah, that makes sense (hell of a power brick still)

Absurd Alhazred
Mar 27, 2010

:rip:


https://twitter.com/ImbecillicusRex/status/1558903108574625792

#wholesome

Potato Salad
Oct 23, 2014

Nobody Cares




Rescue Toaster posted:

Basically I want some kind of bootable device that can make strong guarantees of being immutable.

https://github.com/enjoy-digital/litex/wiki/Installation

https://github.com/enjoy-digital/litesata

sniff here for your undesirable commands. the above gives you several points where you can trivially insert some extra logic and memory as a command buffer / cop. kudos if you don't slow it down much. the whole point of litex is that its implementations don't take much area.
https://wiki.osdev.org/ATA_Command_Matrix

write / no write
https://www.digikey.com/en/products/detail/c-k/JS102000SAQN/1640101

Potato Salad fucked around with this message at 04:33 on Aug 15, 2022

Potato Salad
Oct 23, 2014

Nobody Cares




alternately you can package the os you want as a live image, burn it to a $0.20 dvd-r, and run it off a $15 dvd drive

don't know to what degree you need the os itself to be "immutable" as pretty much any os running in memory has the tools of is own demise available to it; just because the block storage device is "immutable" doesn't mean that the OS is immutable once it's booted

if what you're really looking for is a robust code/execution trust integrity stack, the hard drive isn't the focal point of the problem

Potato Salad fucked around with this message at 04:26 on Aug 15, 2022

Potato Salad
Oct 23, 2014

Nobody Cares




triple post, apologies

What I'm trying to say is that bosses and compliance guys often don't know enough about what an OS running on a machine IS to understand that "this drive is literally immutable" doesn't actually buy you much security beyond what is strictly promised by worm media: what is on the drive can't change, but everything else CAN

just make sure you understand exactly what the use case you're aiming for is, and make sure that "the block device can't be written to" actually helps you once the OS boots and you've given it a scratch volume and waved goodbye

Jabor
Jul 16, 2010

#1 Loser at SpaceChem

Rescue Toaster posted:

I was looking at flash chips at one point to in terms of write protecting BIOS on motherboards with a physical switch, and unfortunately a lot of them aren't as simple as just a write protect line. There's a control register that itself is protected by the write protect IO, but you have to write a write protect bit to that control register first, and then assert the line, and it will be blocked after that point. So you'd still need a microcontroller in between the motherboard and BIOS chip to manipulate it before boot.

The ones I've seen using that scheme (e.g. https://www.endrich.com/fm/2/GD5F1GQ4UAYIG.pdf) power up in a fully write-protected state, and you have to change the control register to unlock them for writes. So it stays unwriteable if the WP line is asserted from power-on.

BlankSystemDaemon
Mar 13, 2009



Rescue Toaster posted:

Has anyone ever heard of any storage (NVMe, SATA, eMMC, USB drive or SD card) that provides a seriously strong guaranteed read-only mode? Basically I want some kind of bootable device that can make strong guarantees of being immutable. I can always setup linux to mount the filesystems all read-only but that's just a quick escalation & remount away from a permanent exploit. In this scenario an escalation isn't the end of the world as long as it's not persistent. I mean go ahead and assume spinning optical is not an option for this, due to size and performance.

The best idea I could come up with so far was some kind of microcontroller that can monitor the SD card data lines for write commands and disconnect the sd or reset the cpu before the entire write command goes through. Seems like there could be a lot of commands/patterns to worry about though. Another option would be some microcontroller that is a USB device and can present an attached SD card as a block device, so it's easier to snoop on the write commands. There are definitely source code examples floating around that do this, but would likely be much slower than the dedicated SD controller on the host.
Another option would be secureboot with something equivalent to MAC/veriexec on FreeBSD, where every file is checked against a hash and if it doesn't match it isn't allowed to execute (enforced by MAC, which is in the kernel) - I'd be a little surprised if Linux can't do something like that.

Subjunctive
Sep 12, 2006

✨sparkle and shine✨



BlankSystemDaemon posted:

Another option would be secureboot with something equivalent to MAC/veriexec on FreeBSD, where every file is checked against a hash and if it doesn't match it isn't allowed to execute (enforced by MAC, which is in the kernel) - I'd be a little surprised if Linux can't do something like that.

That seems like it would be incomplete for this purpose since it wouldnít protect against data-based attacks, like changing config files or exploiting an approved program with bad input. A cool facility, though!

BlankSystemDaemon
Mar 13, 2009



Subjunctive posted:

That seems like it would be incomplete for this purpose since it wouldnít protect against data-based attacks, like changing config files or exploiting an approved program with bad input. A cool facility, though!
Sorry, I guess I didn't explain it well enough - if any file fails a checksum on either open() or exec(), it fails with EIO.

Rescue Toaster
Mar 13, 2003


BlankSystemDaemon posted:

Sorry, I guess I didn't explain it well enough - if any file fails a checksum on either open() or exec(), it fails with EIO.

I swear I saw something on phoronix about something like veriexec for linux but I can't figure out what to search for, or I'm remembering it wrong.

Hed
Mar 31, 2004



Fun Shoe

Subjunctive posted:

Ah, that makes sense (hell of a power brick still)

The power brick is ridiculous and conjures up bending pins in an old PS/2 or S-video plug--it's that same mini-DIN, I can only assume to carry both USB and device voltages from the same power brick.
Still, the device mounts mass storage as read-only and swallows any write commands so I like it very much. They have similar (smaller) devices for SATA and perhaps other things.

fyallm
Feb 27, 2007





College Slice

Ooo this should be entertaining: https://twitter.com/SteveD3/status/1560025494594224133?t=Yft59DBINYPqOs-mA4ryNg&s=19

JehovahsWetness
Dec 9, 2005

bang that shit retarded


Imma sue DT for the covid I got.

BaseballPCHiker
Jan 16, 2006



EDIT: I fear I mentioned to much even changing things, just being extra cautious.

BaseballPCHiker fucked around with this message at 15:02 on Aug 18, 2022

Jeoh
Jul 20, 2010
Deze poster is lief en goed en aardig!



i thought this was a pretty good thread on what it's "actually" about :

https://twitter.com/AlyssaM_InfoSec/status/1560035887421046800

fyallm
Feb 27, 2007





College Slice

Jeoh posted:

i thought this was a pretty good thread on what it's "actually" about :

https://twitter.com/AlyssaM_InfoSec/status/1560035887421046800

I don't think that is what it is actually about. But I guess we will just wait for the trial. Can't wait for this all to play out because there are lots of legal things that will come up because of this

Ynglaur
Oct 9, 2013





If you're in the US or Europe, you may wish to get personal legal counsel. You may have mandatory reporting requirements for that type of information breach. Your company almost certainly does. IANAL and don't get legal advice from goons online, etc., but take care of your own exposure.

Ynglaur fucked around with this message at 16:34 on Aug 18, 2022

TheWorldsaStage
Sep 10, 2020



Ynglaur posted:

If you're in the US or Europe, you may wish to get personal legal counsel. You may have mandatory reporting requirements for that type of information breach. Your company almost certainly does. IANAL and don't get legal advice from goons online, etc., but take care of your own exposure.

Yeah like I know you've been covering your rear end with paper but once there's a breach of medical information I would at the very least have a consultation.

Sickening
Jul 15, 2007

Black summer was the best summer.

Ynglaur posted:

If you're in the US or Europe, you may wish to get personal legal counsel. You may have mandatory reporting requirements for that type of information breach. Your company almost certainly does. IANAL and don't get legal advice from goons online, etc., but take care of your own exposure.

You only have mandatory requirements if you hold a license that comes with those kind of strings. A computer toucher has no individual requirements and it rests solely on the company. Unless you are doing something illegal personally (stealing data, committing fraud, etc) , I would save your money.

CommieGIR
Aug 22, 2006

The blue glow is a feature, not a bug




Pillbug


His goal is to out the victims. I hope DEFCON ruins his life.

The Fool
Oct 16, 2003



Yeah, literally everyone whose opinion I trust thinks the guy is a shitbag and this is definitely a retaliation lawsuit in order to intimidate his victims.

fyallm
Feb 27, 2007





College Slice

The Fool posted:

Yeah, literally everyone whose opinion I trust thinks the guy is a shitbag and this is definitely a retaliation lawsuit in order to intimidate his victims.

I haven't actually heard what he has actually done? I've heard rumors but no one has really stated what he did. And it sounds like everyone is piling on? I honestly have no idea because I just saw all the drama when he was banned and when he joined another Con last minute.

Adbot
ADBOT LOVES YOU

Cup Runneth Over
Aug 8, 2009

Life's too short to worry
Life's too long to wait
Life's too short not
To love everybody
Life is too long to hate





fyallm posted:

I haven't actually heard what he has actually done? I've heard rumors but no one has really stated what he did. And it sounds like everyone is piling on? I honestly have no idea because I just saw all the drama when he was banned and when he joined another Con last minute.

Surprised nobody's eager to gossip about the guy throwing defamation lawsuits around.

He cited cancel culture in his suit, that should tell you all you need to know.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply