Little Pig, Little Pig! Let Me Admin! (Security Thread)

User avatar
Grath
Posts: 1489
Joined: Mon Jan 20, 2014 7:34 pm

Re: Little Pig, Little Pig! Let Me Admin! (Security Thread)

Postby Grath » Tue Nov 28, 2017 7:13 pm

Looks like the problem is that High Sierra just shipped with a root account with no password because setting the root password fixes the issue.

User avatar
Caithness
Posts: 689
Joined: Mon Jan 20, 2014 6:45 pm
Location: Mint is a vegetable, right?

Re: Little Pig, Little Pig! Let Me Admin! (Security Thread)

Postby Caithness » Tue Nov 28, 2017 7:51 pm

Thanks for that, Grath. I think I'm still going to attempt my long-delayed install of Windows 10 on this MacBook Pro tonight, though.

User avatar
Rico
Posts: 476
Joined: Tue Jan 21, 2014 2:29 am

Re: Little Pig, Little Pig! Let Me Admin! (Security Thread)

Postby Rico » Thu Jan 04, 2018 6:01 am

If you've got an Intel chip, be sure to update as soon as possible, a huge bug lets regular programs access kernel memory space.

User avatar
Thad
Posts: 5868
Joined: Tue Jan 21, 2014 10:05 am
Location: 1611 Uranus Avenue
Contact:

Re: Little Pig, Little Pig! Let Me Admin! (Security Thread)

Postby Thad » Thu Jan 04, 2018 10:17 am

As it turns out, there are two huge memory-access bugs, Meltdown and Spectre. Meltdown is the one that's been confirmed on Intel chips but not yet known to affect any other processors; Spectre affects Intel, AMD, and ARM. Both are critically serious -- "JavaScript can read your passwords" serious.

The security patches have some potentially huge performance impacts, mostly on file R/W operations. (Servers are going to be affected in a big way, but you shouldn't notice a significant impact on gaming performance.)

It's possible that these bugs have existed for decades, it's unknown whether they've ever been exploited, and if they have, there wouldn't be any evidence in any logs. So yeah you're gonna wanna update your shit, whether said shit is Linux, Windows, MacOS, iOS, Android, BSD, or whatever.

User avatar
Thad
Posts: 5868
Joined: Tue Jan 21, 2014 10:05 am
Location: 1611 Uranus Avenue
Contact:

Re: Little Pig, Little Pig! Let Me Admin! (Security Thread)

Postby Thad » Sun Jan 28, 2018 1:17 pm


User avatar
Thad
Posts: 5868
Joined: Tue Jan 21, 2014 10:05 am
Location: 1611 Uranus Avenue
Contact:

Re: Little Pig, Little Pig! Let Me Admin! (Security Thread)

Postby Thad » Sun Mar 18, 2018 10:36 pm

Thad wrote:And there's not really any good alternative. AMD and ARM chips don't use IME, but they've got similar coprocessors with similar proprietary firmware and similar vulnerabilities.

To wit: AMDFLAWS is a list of 9 vulnerabilties affecting AMD's "secure" coprocessor.

This isn't Meltdown/Spectre level; in fact, every one of these vulnerabilities requires that the attacker already have some kind of administrative access to the machine. The article notes that the disclosure by Israeli security research firm CTS-Labs is sensationalistic and potentially shady.

Cory Doctorow wrote:Now, with that all said, there are some very important caveats, which are summed up well in this thread by security researcher Arrigo Triulzi and its replies.

Triulzi points out that the CTS-Labs paper is very short on technical details. Moreover, CTS-Labs' claimed defects are presented as grave in and of themselves, even though they can only be effected by attackers who are already in a position to control the user's system. For example, the MASTERKEY attack requires that the user install an untrusted BIOS update; there are many ways that such an update could allow an attacker to control the user's system, making the MASTERKEY attack somewhat redundant. The RYZENFALL attack requires that unauthorized code be loaded into the secure coprocessor; FALLOUT requires that the attacker gain control over the vendor's signing keys. Any computer that is vulnerable to these attacks is also vulnerable to much better-understood attacks and is by definition insecure, so Triulzi asserts that CTS-Labs is making a lot out of nothing.

I quibble with this: sneaking malicious code into the secure coprocessor is indeed a high barrier for attackers to hurdle -- but the nature of secure computing also makes such an attack particularly grave, in a way that mere physical control and root access to a system without such a coprocessor doesn't approach. The secure copro is designed to resist inspection and alteration (to prevent attackers), and this means that defenders are effectively helpless against such an attack.

But Triulzi's other points are well-made. The CTS-Labs paper makes a bunch of irrelevant references to aerospace, the FTC, and self-driving cars that seem calculated to discredit AMD; it also includes a disclaimer that reveals that a fall in AMD share-prices could benefit CTS-Labs and/or its personnel.


tl;dr CTS-Labs is probably exaggerating the threat of these vulnerabilities, but, like I was saying earlier, coprocessors running proprietary code are inherently insecure. Even if these vulnerabilities aren't as bad as the research firm is making them out to be, we can expect a lot more stories about coprocessor exploits in the years to come.


User avatar
Mongrel
Posts: 9900
Joined: Mon Jan 20, 2014 6:28 pm
Location: Canadumb

Re: Little Pig, Little Pig! Let Me Admin! (Security Thread)

Postby Mongrel » Mon Mar 19, 2018 5:00 pm

So it looks like this Cambridge Analytica & Facebook leak is going to have some big effect, not the least of which is EU regulation of social-media (which was already under consideration, but may grow significantly harsher and be implements much quicker now).

Also, CA has been revealed to have high-level ties to Russia (this is my surprised face).

Annnd finally, a breaking story coming out of the UK tonight: Executives from Cambridge Analytica boasted that they could entrap politicians with Ukrainian sex workers, offer bribes to public officials, and use former spies to dig dirt on political opponents. (Vice article, in anticipation of a Channel 4 broadcast coming out tonight in the UK)
Image

User avatar
Mongrel
Posts: 9900
Joined: Mon Jan 20, 2014 6:28 pm
Location: Canadumb

Re: Little Pig, Little Pig! Let Me Admin! (Security Thread)

Postby Mongrel » Mon Mar 19, 2018 5:05 pm

Oh and in TOTALLY UNRELATED news, Facebook lost $36 Billion in share price today.
Image

Who is online

Users browsing this forum: No registered users and 1 guest