Security News for this Month and How that affects you!

tpm chip on imac.png

Hackers get around TPM

According to Arstechnica, a hacker was able to get around TPM in under 30 minutes.  It seems impressive for someone to be able get around something that Microsoft thinks helps secure your operating system.  I’ve been doing some major research into how secure is the TPM and secure boot.

Getting around the TPM in this manner is akin to ignoring Fort Knox and focusing on the not-so-armored car coming out of it.  — Arstechnica

Fort Knox is way better than a TPM, it just means that people don’t realize the vulnerabilities of the the TPM.   It is still relatively new and people just haven’t had the chance to thoroughly test the trusted platform module.

BlackMatter is Reborn

With Revil and DarkSide getting shut down, we now see that BlackMatter could really be just a simple name change from Darkside.

And sure enough, a recent detailed forensic analysis of the cryptographic algorithms being employed by an apparent newcomer named “BlackMatter” suggests that BlackMatter is actually DarkSide 2.0. — Steve Gibson

It seems that they have left the affiliate model and now are looking for the IAB(initial Access Brokers) to be able to infect computers and networks that might bring them some great revenue from ransomware.  Ransomware is getting more and more common and I can guess that they will start to use something like this to infect companies computers.   I doubt they will infect targets that are going to be bring them to much attention.

Print Nightmare is a feature not a bug!

I keep saying this but the Print nightmare that is being talked about last month will probably never truly be fix because Microsoft created this issue in the early days so people could easily print to any system.   Microsoft has been trying to fix some of the issues but I doubt they will ever fix them all.  The idea that it is a zero day, is something that Microsoft didn’t expect but most researchers would have said it was probably possible for several years at the least.  I am sure this will be used with a number of other things such as the Boothole exploit.  Although this has already be patched by most Linux distro, there are some that just won’t update due to not being able to or wanting to.  So there are going always have people who will not see a need to update their systems.  .

The First 6 months

Most researchers have said this but in the past 6 months there has already been more attacks than last year.   Although most of malware and ransomware writers were all just like everyone else watching what is going on in the world and covid19.  They probably weren’t very busy last year and now they need to fix that by showing us how much more they can do.   I am sure it will even be better the next 6 months but I am also hopeful the Russians government will keep putting pressure on the virus writers to keep their acts clean and leave companies alone.  I doubt it but I can only hope.

What’s your thoughts on all that has happened this year?  Do you think it will slow down or get even faster?  Do you think we will see more computers getting compromised even with TPM and Secure boot enabled?  Let me hear your thoughts.

This is why Windows 11 Will fail miserably with Security!

Photo by TheDigitalWay on Pixabay

Microsoft’s bad Idea

“Microsoft claims that their telemetry shows that they have seen up to a 60% reduction in malware when TPM-enabled features like Windows Hello and BitLocker encryption are used on supported devices — it’s unclear why that would be at all true, unless it’s correlation and not causation”   Steve Gibson (Security Now #825 Podcast)

I dare say it’s a terrible idea.  I have been doing some major research into secure boot and TPM and everything I’m seeing is a little bit worrying to say the least.  Even listening to others talk about what Windows 11 can do or can’t do seems quite obvious.   Afterall, I’ve even had my son get information on how to get around the security requirements for Windows 11 and install Windows a boot logged copy of it onto a USB just to play around with it.   I am quite concerned with this also because it seems Microsoft trying to force users onto a proprietary system.  Microsoft is only doing the complete opposite of what they claim.

Scrutinizing the Boot Process

The goal of a hardware root of trust is to verify that the software installed in every component of the hardware is the software that was intended.  — Jessie Frazelle

The problem with trust is that we should never trust anything and always question it.   How can a system trust that the software wasn’t installed as intended?   These are the basic problems with the premise of a TPM and even the Secure Boot process.

The goal of attestation is to prove to a third party that your operating system and application software are intact and trustworthy. — Jessie Frazelle

The problem with this is even more obvious to the security of a system.   Attestation can’t always witness or even prove a program doesn’t have the right to be run or used in boot up.   Unless Attestations can be programmed to boot Windows a certain everytime in hardware, we will always have the virus developers skirting around the boot process.

Some members of the technology industry have raised the concern that the well-documented, modern, high-level language interface provided by UEFI makes it easier to compromise a platform [12]; that the ability to add modules
and applications to the boot process could compromise security.

Richard Wilkins and Brian Richardson

I wouldn’t call some being a small amount of people but a large amount.  I’ve heard time and time again this idea and it seems to be a growing concern with UEFI and how virus writers / developers will overcome UEFI and be able to install viruses / Malware around the the Windows system to be able to do what they have always been able to do.

Security through Obscurity

Microsoft seems to have take this approach as  their next step through the security door and it’s seems quite evident that they’ve not learned their lesson from others.  I say that with the understanding that Apple tried this with their systems and they still have virus writers who can compromise their system.  It’s not like the security community doesn’t want all operating system to be secure, in fact most would want it so badly because we wouldn’t have to worry as much about the viruses or malware to being on peoples systems.   Let’s not forget we still have users who will do dumb things and that much will always be true.   There is always going to be need to teach the company users, how to be secure while using the company’s computer(s) or laptop(s).

Return-Oriented Programming

Return-Oriented Programming is a security exploit technique used by attackers to execute code on their target system. By obtaining control of the call stack, the attacker can control the flow of existing trusted software running on the computer and manipulate it to their own ends. — Secureteam UK

The ROP(return-oriented programming) has been a constant problem for several years now and will probably grow even more.   I say that not lightly because the Virus writers / Developers will have to start to use it more and more often and even find other exploits techniques to get around the Secure boot and UEFI protocols.  This is often called the Blindside attack and is most often used with IOT(Internet of Things) devices but can be used with Windows operating systems and will become more and more useful to them in the future, I suspect.

Not unlike the previous tutorial we will be crafting [ROP] the parameters to Windows API calls on the stack and then executing them.  — FuzzySecurity

As you can see, there is already programming that people can do with Windows 7 API and that’s been out for quite a while.  I am unsure when someone did this little experient and talked about the vulnerability.  This vulnerability is available on Windows 7.   It could very well be used on Windows 10 or even Windows 11, I suspect.

Mitigation

I will say there has been talk about mitigating this and other attacks but it requires a constant updating of the operating system and CPU (Secureteam UK).   As you know CPU manufacturers will take years to update a problem just because people will not want to go buy a new cpu or even a new computer until the old computer isn’t able to run or something actually breaks in the system.   I know Virus writers / developers will always be having to be a head of Windows updates and that might be what they are already doing.   Looking for vulnerabilities in the UEFI and Secure boot area.  I suspect they are already doing that now.   I can’t say if they’ll succeed but I know the virus writers make so much money on ransomware and getting those companies systems compromised.   So who really wins?  I would hazard a guess no one in the end, the security that Microsoft is trying to force will still fail miserably and I will be there saying “I told you so!

 

 

Why I bought Microsoft Flight Simulator 2020

Simulator evolution 101

Saying that can mean so many different things, from First person shooters to flights like Microsoft Flight Simulator.   Each one has an unique aspect in the Gaming or PC world.   Now Let’s talk about what a Simulator is and then we can get into the mechanics of why someone would use this.  According to Wikipedia a “flight simulator is a device that artificially re-creates aircraft flight and the environment in which it flies, for pilot training, design, or other purposes.”

In the 1990’s it used to be a big bulky room with plenty of room for hydraulics and servos to simulate the direction and motion of the aircraft.  I know this really well because I on occasion would visit one of those places where you could see the flight crews flying in the simulator and it was so interesting and quite nice to see in actions.   The cockpit would be up in the air and you’d see the simulator tilt right or left or tilt down or up and you could imagine how that would be so fun to fly.   Now I on occasion I got to join the flight in the simulator because hey I was a little kid at the time and who’d not want to see it in action.

Simulations Still amazes me

I would on occasion remember those days in the big simulator and be in awe of what you could do.  So ten years ago I started looking for a simulator game or app.   I found the Microsoft Flight Simulator 2004 and I was just amazed about it.   I started playing that simulator in the early days when it wasn’t really as good as it got today.   It was really fun and enjoyable to fly in those days to remind me what it was like when I was young.  The nostalgia alone is something that was the best feeling in the world for me.

Fast Forward to 2020

As the Pandemic hit and we were stuck in our house for days on end due to being lockdown.   I got really bored and started playing the old simulator.   I decided I wanted to see if they’re something new and better graphics.  So I found out that Microsoft was releasing the 2020 version later that year.   I ordered my copy of the software as soon as I was able to preorder it because well I was stuck in my house and wanted something to do.   I started using it and I have had the best time of life flying the game that reminds so much of my childhood as a kid in a real simulator.   I will say that it does take some time to get used.   You will also need a Decent graphics card to be able to play this one if you really want the realism of the way everything looks and how the terrain will look.   I suggest something like a minimum of Nvidia 1060 TI or higher and that is just the GPU.  A good CPU is recommended  something like an i5 or high would work just as well.   I never tried this on a I3 cpu so I am not sure how well it would work.   I encourage you to try it out on your system and see just how nice it is to fly a plane.

Buy Microsoft Flight Simulator (PC), (Steam),(XBOX) and explore the world!

 

How Computers have changed the world

Microsoft Flight Simulator 2020

The History of Flight Simulator

In the early 80’s and 90’s, there was very few people who actually knew this but bases and other places had flight simulators for their pilots to practice.   In the early days we had simulators where you had to schedule to have a chance to work on their pilot skills.   It would be a big bulky room with Hydraulics and even had a preformed landscape that was used.   This wasn’t easy to setup or even to move if you had to.   The building had to have massive room to make the simulator move and feel like you were in the air.  The controls didn’t always worked as they should of and you had to have someone monitoring the simulator outside and hit buttons to make the simulator do things they wanted too.  Pilots only had so much time usually allocated a hour at a time to fly the sim to work on their skills.    It always left the pilot with stress because they would want to do even more than the simulator could do.

The early Simulators:

  • could not fly to far
  • Had massive heat issues.  (The Simulator had to have a cool off period between flights)
  • Be down for days to weeks due to hardware.
  • Need Racks of physical tape backups
  • cost a lot to make and maintain

The Downfall of Simulators

Like most who are reading this, you’re probably asking yourself why would they have those simulator?   In truth, they were required by the FAA and the Military to train new pilots before they could actually fly a real plane or helicopters.   Pilots also were required to fly so many hours in a simulator a week to brush up on their pilot skills, in the early days.   When new models came out, the pilots would come back to the simulator to learn how to fly the new models such as the Boeing 747 aircraft.   Each simulator facility, there was a massive undertaking to update the simulator to the newest model and keep their pilots up to date on the latest techniques to flying.

Fast Forward to today

In today’s era, there are some major upgrades to the simulator.   The building has been reduced to more than half.   The simulator itself can be used longer and acts more like a real boeing 747.   The controls in the simulator work even better because the heating issue was resolved by the way the system has developed.    You really only need a few fast CPU and GPUS, such as a I9-10850k with a Nvidia 2060ti or even better a 2 x 3060ti with SLI.   The Simulator now has few downtimes and less heat and even more realism than the before.   You can feel the aircraft and expect it to do what you want it to do and learn even more about aviation, navigation, and communication in the new simulators.   Pilots can now do simulations at home with very little cost to them compared to what it would of cost in those days.   You can buy a Microsoft Flight Simulator and fly anywhere in the world you want to and keep up your flight skills in 2020.  No more needing to schedule to use that flight simulator when you can do it at home and learn the techniques that are required.

Some Useful Links:

 

 

Flying is Safer than most think, an in depth look at flight!

Boeing 747 - Microsoft Flight Simulator 2020
Microsoft Flight Simulator 2020

Aviate, Navigate, and Communicate!

These words you probably never heard before if you were never interested in flying.  These are common to hear in practicing to fly or training to fly.   There are many acronyms you probably never rarely heard about in your lifetime.   Pilots have bunch of acronyms that if you were to listen to while they said it to the ATC(Air Traffic Control), you wouldn’t be able to keep up with it.   Just like Piosee(Problems, informations, Options, Select, Execute, Evaluate).   It can seem daunting if you were needed to figure out what they can say or what they want the pilot to do sometimes.


With the Airbus 330 Transatlantic Flight 236, the problem the pilots didn’t know about was they had a fuel leak.   Having a fuel leak can be hard to evaluate or even execute if there isn’t any major ways of knowing it.   Just like a car, we can have oil or even gas leaks and no one would know about it until someone would be looking for it.   The incident in question has was not even very well known in the early days because flying was almost so brand new that there wasn’t even checklists for some of the things we have checklists for now.   I’ve tried to find the checklists that they might of had in 2001 and I couldn’t find it, especially the Fuel Imbalance Checklist.

I emailed a friend who is an actual pilot and he couldn’t find it either.    So the report from the FAA says that it wasn’t prominent or not located on the FCOM(Flight Crew Operating Manuals).  In which case that was something they changed in the coming years to make it easier to see and remind pilots that it’s not a good idea to hit that switch to balance the plane unless you know there isn’t a fuel leak.

How they handles the Problem and tried to get Information to come up with Options, can be quite different in today’s reality unlike in the early 2000’s because so much has happened from then until now.   We’ve had flights that crashed and even flights that almost didn’t make it.   The Piosee is one of the acronyms that is most used in case of any malfunction or problem in the cockpit.   They have way more reundantacies than they did before even the FBW(Fly By Wire) aircraft have ways to fly the aircraft even when nothing is working.   This is also a good point to make that Peter forgot to mention about the RAT.   Wait they have a RAT on board?  No not an actual RAT but  a RAM Air Turbine which provides barely enough power and hydraulics for a plane to land with no engines or APU’s(Auxiliary Power Supply Unit).

Air travel is a lot safer than it used to be.

Just before I leave you, Let’s talk about flying in today’s society.   I know watching those videos can make people nervous to fly because well let’s face it could happen to you while you are flying.   We’ve seen many times where planes have landed due to emergencies due to bird strikes, to mechanical failures, and even pilot errors.   It’s so important to understand that the FAA requires planes to have  many redundant systems to give the pilot the chance to land the plane as safely as possible.

So the next time you fly, remember you’re in good hands because the pilots love their job and want you to make it to your destination on time and safely.

If you like to try the Microsoft Flight Simulator 2020 please Visit Amazon for it!