The Asian Commercial Sex Scene  

Go Back   The Asian Commercial Sex Scene > For stuff you can't discuss with your Facebook Account > Coffee Shop Talk of a non sexual Nature

Notices

Coffee Shop Talk of a non sexual Nature Visit Sam's Alfresco Heaven. Singapore's best Alfresco Coffee Experience! If you're up to your ears with all this Sex Talk and would like to take a break from it all to discuss other interesting aspects of life in Singapore,  pop over and join in the fun.

User Tag List

Reply
 
Thread Tools
  #1  
Old 12-08-2016, 10:20 AM
Sammyboy RSS Feed Sammyboy RSS Feed is offline
Sam's RSS Feed Bot - I'm not Human. Don't talk to me.
 
Join Date: Aug 2001
Posts: 467,206
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 22 Post(s)
My Reputation: Points: 10000241 / Power: 3357
Sammyboy RSS Feed has a reputation beyond reputeSammyboy RSS Feed has a reputation beyond reputeSammyboy RSS Feed has a reputation beyond reputeSammyboy RSS Feed has a reputation beyond reputeSammyboy RSS Feed has a reputation beyond reputeSammyboy RSS Feed has a reputation beyond reputeSammyboy RSS Feed has a reputation beyond reputeSammyboy RSS Feed has a reputation beyond reputeSammyboy RSS Feed has a reputation beyond reputeSammyboy RSS Feed has a reputation beyond reputeSammyboy RSS Feed has a reputation beyond repute
Thumbs up Serious WARNING: You're like totally fcuk if you use MS Windows

An honorable member of the Coffee Shop Has Just Posted the Following:

Microsoft accidentally leaks golden keys that unlock every Windows device
The keys allow hackers to unlock Windows devices, including tablets and phones

Microsoft accidentally leaked the golden keys to the Windows kingdom. The keys allow hackers to unlock every Windows device, including tablets, phones and other devices that are protected by Secure Boot. The most alarming part about the leak is that it is believed that it may likely be impossible for Microsoft to fully recover from the leak.

The leakwas uncovered by two security researchers MY123 and Slipstream, who revealed in a (Star Wars-style) blog that the security flaw allowed malicious entities with admin rights or physical access to a device can bypass Secure Boot to not only run other operating systems (OS) like Linux or Android on the device but also install and execute rootkits and bootkits, at the most deeply penetrated level of the device.

The leak serves as a reminder of the potential dangers in security when tech firms are pressured by governments and law enforcement agencies into producing special keys that can be used by investigators to unlock devices, in the course of criminal investigations.

The researchers wrote: "A backdoor, which MS put in to secure boot because they decided to not let the user turn it off in certain devices, allows for secure boot to be disabled everywhere! You can see the irony. Also the irony in that MS themselves provided us several nice 'golden keys' (as the FBI would say) for us to use for that purpose."

"About the FBI: are you reading this? If you are, then this is a perfect real world example about why your idea of backdooring cryptosystems with a 'secure golden key' is very bad!," the duo added.

What is Secure Boot?

Microsoft's Secure Boot is part of its Unified Extensible Firmware Interface (UEFI) firmware, which when fully enabled deters users from booting their devices with other OS. Additionally, in specific devices, Secure Boot users cannot disable Secure Boot.

Secure Boot works in tandem with certain policies, among which one particular boot policy is designed to load early and disable OS security checks. Although this policy is useful for developers, especially when conducting OS testing, the loophole allows users to allegedly boot devices with whichever OS they desire.

According to a report by the Register, the "golden key" debacle was born out of a design flaw in this debug-mode policy, which was accidentally shipped onto retail devices. Unfortunately for Microsoft, the leaked golden key policy is universal and works on any device that operates on the Windowsboot manager.

Microsoft's response

The researchers claim that they informed Microsoft in March that they had uncovered the debug-mode policy. Although Redmond allegedly initially refused to follow up the issue, Microsoft later awarded a bug bounty and pushed out a security patch MS16-094. A second patch MS16-100 followed the first in August, after it was deemed "inadequate".

However, a third patch is also expected soon, given that the second patch did not completely resolve the issue. "Either way, it'd be impossible in practise for MS to revoke every bootmgr earlier than a certain point, as they'd break install media, recovery partitions, backups, etc," the the researchers commented.

Source: http://www.ibtimes.co.uk/microsoft-a...device-1575542


Click here to view the whole thread at www.sammyboy.com.
Advert Space Available
Bypass censorship with https://1.1.1.1

Cloudflare 1.1.1.1
Reply



Bookmarks
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


t Similar Threads
Thread Thread Starter Forum Replies Last Post
Serious WARNING: You're like totally fcuk if you use MS Windows Sammyboy RSS Feed Coffee Shop Talk of a non sexual Nature 0 12-08-2016 09:50 AM
Serious WARNING: You're like totally fcuk if you use MS Windows Sammyboy RSS Feed Coffee Shop Talk of a non sexual Nature 0 12-08-2016 09:20 AM
Ser Fcuk did fcuk-all to defuse situation - just a disgusting opportunist Sammyboy RSS Feed Coffee Shop Talk of a non sexual Nature 0 30-09-2014 01:40 AM
Ser Fcuk did fcuk-all to defuse situation - just a disgusting opportunist Sammyboy RSS Feed Coffee Shop Talk of a non sexual Nature 0 30-09-2014 12:40 AM
Ser Fcuk did fcuk-all to defuse situation - just a disgusting opportunist Sammyboy RSS Feed Coffee Shop Talk of a non sexual Nature 0 30-09-2014 12:20 AM


All times are GMT +8. The time now is 02:46 AM.


Powered by vBulletin® Version 3.8.10
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2024 DragonByte Technologies Ltd.
Copywrong © Samuel Leong 2006 ~ 2025 ph