Category: Security

Why I uninstalled Microsoft Windows 11 Preview build?

Paul
Windows 11 — Isn’t the great!

I reinstalled Windows 10 and Deleted Windows 11!

I don’t know about everyone else but after my week long expedition into Windows 11, I just couldn’t handle the speed issues of the Windows 11 and the encryption.   I know it isn’t worth my time after all that to down grade to Windows 10 but I I felt it wasn’t going to get any smoother than that.  I also would of had to have deleted the partition anyways since it was locked to secure boot and UEFI.  I really didn’t want to try to convert it back to MBR.   I got my trust Windows 10 DVD and started it up and found the partitions I wanted to delete and then I reinstall Windows 10.   I will say that after wiping the hard drive and reinstalling Windows 10, and turning off all the Encryption crap and just booting into Windows has seen my load times go back to normal.

Windows 11 Problems

First off the main problem I had with Windows was the need to encrypt the Hard drive and I was using a NVME which should of been way faster than a standard SSD or Hard drive to boot up.   That wasn’t the case, I’d see the swirling load screen on my system for several seconds and then it would finally boot.  Due to the encryption that Microsoft says is required to run Windows 11, it just doesn’t cut it for me.   Even playing games like Minecraft was screwy and that isn’t even taking up that much memory at the most 2 GB or if you know how to do it 4 GB.   I’d play with Minecraft and the system would take forever to load up the next part of the map or even play Microsoft Flight Simulator 2020 and It wouldn’t be sluggish there also.

The Start Menu

This was something that was just annoying, I think Microsoft wanted to look like an Apple device and bring the apple guys over because of the look.  I can’t understand why you would prevent people from reverting back to the old Windows 10 setup.  I can only wonder what people will do to find out what they are running and if it will actually be a good idea to keep the start menu in the middle of the screen.  Some people have these really long screens and it might help them.  I personally would like to move the taskbar anywhere on the outside of the screen, top or maybe right or left of the screen.  You wouldn’t be able to do that either.   Which will make people really mad.

I can’t see this being all about security

It just can’t be about viruses and malware or even the recent months of ransomware attacks that have been happening in the past year, due to the Covid19 situation around the world.  I have talked about how Windows will ultimately fail and we will see virus writers come up with some good viruses and malwares to compromise the Secure boot and even the TPM that is trying to be forced to be used by Windows.   I am sure it isn’t over, and if Microsoft isn’t going to change, we’ll see people leaving left and right to go to operating system that are much less restrictive and more open such as Linux.  In the end, I went back to Windows 10 because of the speed and performance, and I am not even thinking about Windows 11 until I find out what they will require when the system is finally released.   This will be a big deal to some but me, I am not interested in the so called security features of Windows 11.

 

Gigabyte Hit with RansomEXX attack and could be big problems for the Motherboard manufacturer

Paul
Blame the Broker

Bleeping Computer

It seems bleeping computer is the one who is first reporting but as you can see if you go to the Gigabyte homepage. You’ll find that there homepage has been changed a little with the about us graphic being changed to this little blame the broker gif.   It is a reference to the BlackMatter that was recently been reborn from REvil and Darkmatter.  So this is definitely a sign that they have been hacked and attacked.  According to Bleleping Computers the attack was done by the RansomEXX gang but I have my own thoughts on this that it was also part of the BlackMatter group who also helped out in this hack.

Gigabyte Support

According to all sources I could find, the esupport website is currently down.  There have been reports that RansomEXX will release 112gb of data to the public that involves customers and business relationships such as Intel, AMD, and even American Megatrends.  I’ve not seen to much other than that right.   I can only imagine that all this data is NDA.   Gigabyte even confirmed this in the Chinese media outlet to have been attacked by hackers.

Customer Data

I don’t know what data the hackers actually have or what they intend to do about it.   I’ve not even heard what type of data the hackers have.   We just know that they have some serious data that is about the relationships between Gigabyte and other manufacturers that is startling to say the least and we don’t even know everything that is behind this attack.  We just know that it will be interesting to see what will happen in the coming weeks.  I’ve still seen people on twitter and other places complaining they can’t get to the esuppport websites on twitter.  Hopefully someone will talk about this in the coming weeks.  I know I want to find out what actually happened.

How to wipe your hard drive securely before selling or recycling your computer

Paul
Photo by: pastedo on Pixabay

Wiping the Hard drive

Sometimes it’s a good idea to wipe the hard drive beyond recovery to prevent someone else from getting that information about the previous owner.     It is always a good idea to erase the information before you sell or recycle or even donate your computer.   You can destroy the data on the hard drive with little or no effort but it does takes an app to do it.   Depending on your situation, if you have an OEM system, than you will probably want to reinstall Windows into the system that you are going to wipe securely and erase the data on the hard drive.  It’s best before you do this to create a USB or DVD of the operating system you are going to wipe.   If this is Windows 10, you can download the the media creation tool for Windows 10 and make a bootable USB for Windows 10 for after the wiping of the hard drive.  If this is an older system like Windows 7, I would suggest before wiping checking to see if you have the DVD for it or you could buy a Windows 7 from amazon using my Affiliate Link, which I’ll get a small amount of money when you do that.  If this is another system all together, Like Linux, or even Mac OS you’ll have to get a copy of the operating system that you are going to wipe and reinstall it to be helpful to the next person to use the system.

DBAN : Darik’s Boot and Nuke

Darik's boot and nuke

This is one of the utilities that I use to remove and erase all the information securely to prevent anyone from getting the information that is on the hard drive.    It’s open sourced and can be downloaded freely.   They do have an enterprise version that is for those who are running a business and requires a license to do use in a business environment.  This is however the first one that I use when I have a Hard drive that I need to erase, destroy,  or wipe the entire Hard drive.  This can even be used on SSD and NVME’s.

MHDD

This one is similar to DBAN but has some interesting features that work well with what I might need to do.  I often times will us MHDD after I use DBAN just to be safe and make sure nothing is left on the hard drive, or the Solid State drives to prevent anyone from getting any information from the hard drive.  This probably sounds like over kill but I figure it sometimes is needed to prevent the people from accessing the data.  It was developed by Dmitry Postrigan and I have used this program from time.  You’ll need to download the ISO and create a bootable USB or CD/DVD to use this program and I suggest something like Yumi Pen Drive creator to make a USB Bootable Disk for MHDD.

Formatting the HDD, SSD, or NVME

Format commends

This is the last option I would suggest because this option is only going to do it once and you’ll need to format the disk several times with different commands to provide enough assurances that the data is destroy or wiped.  This option is good for those disk drives that didn’t have any really important information on them and had either games or files that probably didn’t have anything on that would be too personal  for anyone to find.   I usually use this as a last resort when I know the system wasn’t used to keep personal data and maybe the HDD was being exclusively used for games on it.  The format command on a HDD or SSD could be useful because it’s already on the media creation tool and can be accessed by hitting Shift+F10.

Then all you will need to do it type:

format <drive>: /fs:NTFS /p:1 (For zeros)
or
format <drive>: /fs:NTFS /p:2 (For one's)

This will write zero’s  or one’s to every sector on the HDD or SDD and will securely erase the data.   I have found to go from zero’s to one’s or doing one’s than doing zeros.   Be warned thought doing this will take a very long time.  It could be hours between passes.

This option is good when you have a system that you can use to install and format HDD and still do other things on the system or if you can pull the HDD and SSD out and temporarily install it on the working system.  While it does it things you can do other things on the system.   Be warned this might take some of your system resources while you are formatting the HDD in question.  The System might be a bit slower to respond.   Also it will take a VERY long time to do multiple passes on a HDD.  So don’t be surprised if it takes several minutes to go from 0 to 1% or several hours to even get to 100% depending on the size of the drive you are formatting.

Do you have any good tools that work better?  Why not leave a comment and tell me what you use to securely wipe hard drives and SSD’s.  Why not share your experiences and hear how you do it.  If this has helped you with something, why not consider checking out my affiliate links below and say thank you for this great resource.

Security News for this Month and How that affects you!

Paul

tpm chip on imac.png

Hackers get around TPM

According to Arstechnica, a hacker was able to get around TPM in under 30 minutes.  It seems impressive for someone to be able get around something that Microsoft thinks helps secure your operating system.  I’ve been doing some major research into how secure is the TPM and secure boot.

Getting around the TPM in this manner is akin to ignoring Fort Knox and focusing on the not-so-armored car coming out of it.  — Arstechnica

Fort Knox is way better than a TPM, it just means that people don’t realize the vulnerabilities of the the TPM.   It is still relatively new and people just haven’t had the chance to thoroughly test the trusted platform module.

BlackMatter is Reborn

With Revil and DarkSide getting shut down, we now see that BlackMatter could really be just a simple name change from Darkside.

And sure enough, a recent detailed forensic analysis of the cryptographic algorithms being employed by an apparent newcomer named “BlackMatter” suggests that BlackMatter is actually DarkSide 2.0. — Steve Gibson

It seems that they have left the affiliate model and now are looking for the IAB(initial Access Brokers) to be able to infect computers and networks that might bring them some great revenue from ransomware.  Ransomware is getting more and more common and I can guess that they will start to use something like this to infect companies computers.   I doubt they will infect targets that are going to be bring them to much attention.

Print Nightmare is a feature not a bug!

I keep saying this but the Print nightmare that is being talked about last month will probably never truly be fix because Microsoft created this issue in the early days so people could easily print to any system.   Microsoft has been trying to fix some of the issues but I doubt they will ever fix them all.  The idea that it is a zero day, is something that Microsoft didn’t expect but most researchers would have said it was probably possible for several years at the least.  I am sure this will be used with a number of other things such as the Boothole exploit.  Although this has already be patched by most Linux distro, there are some that just won’t update due to not being able to or wanting to.  So there are going always have people who will not see a need to update their systems.  .

The First 6 months

Most researchers have said this but in the past 6 months there has already been more attacks than last year.   Although most of malware and ransomware writers were all just like everyone else watching what is going on in the world and covid19.  They probably weren’t very busy last year and now they need to fix that by showing us how much more they can do.   I am sure it will even be better the next 6 months but I am also hopeful the Russians government will keep putting pressure on the virus writers to keep their acts clean and leave companies alone.  I doubt it but I can only hope.

What’s your thoughts on all that has happened this year?  Do you think it will slow down or get even faster?  Do you think we will see more computers getting compromised even with TPM and Secure boot enabled?  Let me hear your thoughts.

My Initial thoughts on Windows 11!

Paul
Windows 11 — Just is!

It’s like pulling teeth!

I finally installed Windows 11 Windows Preview build into my system. Later last week I was wondering what they had done with Windows 11 and requirements. So I thought it would be a great idea to try to install Windows 11 with my current system that I built last year. Thanks to building this system just last year and thinking ahead, I got everything I could to prepare for the future needs. I even made sure it had TPM 2.0 just in case, I thought I’d not need this. I guess I was completely and most definitely wrong. I will say after talking about how to update Windows 10 to GPT and Secure Boot, that part went rather smoothly. I did find that if you have a Linux partition and a Windows partition then the converter will not be able to work. I had to erase the Linux Mint Distro partition to be able to convert it to GPT. I however divided the size to possibly install Linux mint along side Windows 11. I am curious to see just how well that will happen. That’s my next step in the next few days.

I didn’t like the setup

After converting the partitions and joining the Windows insiders program, I was able after a few attempts and fixing the CMOS.  It seems strange that I had to keep going into CMOS to enable even more things than I initially thought.   I had to enable secure boot, UEFI, and PTT (For those on Gigabyte Motherboards).   It wasn’t easy to say the least, I’d update one and the other and find out I had to enable more in the bios so Microsoft would see I met the requirements to download and install Windows 11.

Privacy is a Real concern!

I know on my Windows 10 system, I didn’t have my account linked to Microsoft but when I installed Windows 11.  It automatically linked my account to Microsoft.  I’d think if I am upgrading to Windows 11and it sees that it was a local account it would not link it to the Microsoft account.  The Bad news was I had to delete that account and remove all the data so Microsoft wouldn’t be watching me.  I had to re-install all my apps and loose some of my personally files but it was worth it to keep the information safe.  I wish I could of had an easy way to go back to my local account without having to jump through so many hoops.

It’s Just isn’t that good!

So far, after only using this for so many hours.  I can’t see any major differences that I will like.  The Start button will be an issue because I just don’t like it in the middle.   Also finding what I might need in the Settings is a little bit more interesting and difficult for me because they looked like they buried some of that.  I have also noticed the Windows 11 hack to revert my Windows start menu doesn’t work.  I’m going to try the Windows 11 preview builds some more but I am not that impressed with them and I might just go Windows 10 when Windows 11 finally get’s released unless they allow the users to use windows there own way, like No TPM, Or Secure boot.  I hope Linux will hurry up and make it easier for people to install Linux along side Windows 11.  I am almost sure there is a way just haven’t had time to explore the possibility.

Boot Times

After install Windows 11 and using my NVME drive, I have found the boot times to be a bit longer.  That was to expected because of the encryptions that is being used to quote “Secure” windows from any virus tampering.   I can’t see this being an extreme issue but I don’t  like the fact that it takes several more seconds on my NVME to boot up Windows when it would just boot almost instantly with my NVME.   They better fix that problem also because I don’t care about their so call security if I am sitting there waiting for the system boot.   All in All the Windows 11 experience isn’t as much a good thing as a bad thing.   I already know Virus writers are creating viruses to get around the so called security and I have done some research on the topic.  I can’t wait to say to Microsoft “I told you so“.

What’s your thoughts on Windows 11?  Have you tried it?  Will you install it even with the TPM and Secure boot requirements?  I’d like to hear your thoughts on the issue.  Why not leave a comment and tell me what you think about Windows 11.