Slashdot Mirror

← Back to Stories (view on slashdot.org)

Leaked Docs Offer Win 8 Tip: FinFisher Spyware Can't Tap Skype's Metro App

Posted by Unknown on from the never-trust-proprietary-software dept.

mask.of.sanity (1228908) writes "A string of documents detailing the operations and effectiveness of the FinFisher suite of surveillance platforms appears to have been leaked. The documents, some dated 4 April this year, detail the anti-virus detection rates of the FinFisher spyware which German based Gamma Group sold to governments and law enforcement agencies. The dump also reveals Windows 8 users should opt for the Metro version of Skype rather than the desktop client because it cannot be tapped by FinFisher."

74 comments

  1. Irrelevant by Anonymous Coward · · Score: 4, Insightful

    Skype belongs to Microsoft, Microsoft is in the US, the US records your calls.

    1. Re:Irrelevant by Anonymous Coward · · Score: 1

      US needs to file paperwork to get the phone records; no need to make it any easier for them.

    2. Re:Irrelevant by Travis+Mansbridge · · Score: 3, Informative

      The content of telephone calls was brought under the protection of the 4th amendment around the 1950s. Why such protections still haven't been extended to electronic communication is beyond me.

    3. Re:Irrelevant by Anonymous Coward · · Score: 0

      Much of electronic collection is metadata, which is explicitly NOT under the 4th Amendment primarily because most telecom providers already require you to authorize them to datamine your metadata for marketing purposes. SCOTUS, many years ago, reasoned that metadata can't be protected because people already let telecoms use their metadata for things much more scummy than warrantless wiretapping. (Yes, marketing is worse than government surveillance - technically they're both panopticons, but the former implies malicious intent)

    4. Re:Irrelevant by Anonymous Coward · · Score: 0

      What part of "the US records your calls" did you not understand?

    5. Re:Irrelevant by CreatureComfort · · Score: 2

      Actually, I would have reversed that and said that the latter implies malicious intent.

      All the marketing folks want to do is sell you stuff. The Gov wants to throw you in prison, or worse.

      --
      "Unheard of means only it's undreamed of yet,
      Impossible means not yet done." ~~ Julia Ecklar
    6. Re:Irrelevant by Anonymous Coward · · Score: 0

      Teh terrists!!!

    7. Re:Irrelevant by Anonymous Coward · · Score: 2, Insightful

      Which is absolute 100% nonsense. We killed people based on metadata. Paul Revere could have been found with metadata. Furthermore, people letting telecoms use their metadata is their choice; that doesn't mean they also opt to let the government use it. Their logic is, "You let one person see your metadata, so everyone in the world, including the government, should be able to do so."

    8. Re:Irrelevant by SpankiMonki · · Score: 2

      Yes, marketing is worse than government surveillance...

      So a service provider gathering data on the way its customers use the service for marketing purposes (which the customer agreed to by contract) is worse than the government secretly surveilling its own citizens?

      Nice!

    9. Re:Irrelevant by Anonymous Coward · · Score: 0

      US needs to file paperwork to get the phone records; no need to make it any easier for them.

      No, you just "THINK" ( I use the term "think" loosely in your case )
      that paperwork "needs to be filed".

      ALL phone calls are recorded. You cannot do anything about it.

      Bend over and relax so it won't hurt so much, because you are just chattel and
      those in power see you as nothing more significant than the toilet paper
      they just flushed.

    10. Re:Irrelevant by stooo · · Score: 3, Informative

      >> Much of electronic collection is metadata
      No. This is theory. In practice, they record everything for later (mis)use :
      http://gawker.com/5991731/cias...
      http://www.theguardian.com/com...

      --
      aaaaaaa
    11. Re:Irrelevant by Impy+the+Impiuos+Imp · · Score: 1

      Much of electronic collection is metadata, which is explicitly NOT under the 4th Amendment primarily because most telecom providers already require you to authorize them to datamine your metadata for marketing purposes. SCOTUS, many years ago, reasoned that metadata can't be protected because people already let telecoms use their metadata for things much more scummy than warrantless wiretapping. (Yes, marketing is worse than government surveillance - technically they're both panopticons, but the former implies malicious intent)

      Wow. Do you have your judgements bass-ackwards. Whether figuring out if they should be trying to sell you Pampers or Depends is perhaps a little embarrasing, it's not evil. Evil is government tracking who you call, and when, which can be massively abused to sculpt the political landscape of opponents.

      This ignores that it's trivial to listen in on convetsations without a warrant and not get caught. It's the 40th anniversary of Nixon's resignation. All it takes is one G. Gordon Liddy type, and presto! All communications of opponents are easily monitored.

      No, EVUL CORPORATION is a distractionary meme.

      --
      (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
    12. Re:Irrelevant by ron_ivi · · Score: 1

      Not quite irrelevant.

      Microsoft probably sells Skype data to some law enforcement and intel agencies but not to others.

    13. Re:Irrelevant by causality · · Score: 1

      No, EVUL CORPORATION is a distractionary meme.

      Like the author Jeffrey Grupp explains, corporatism (as Mussolini called it) is the idea that the government, the major corporations, and the military function as one entity. It's always been this way since the kings of old; read up on the East India Company sometime. Eisenhower focused on the military and defense contract aspects and referred to it as the military-industrial complex. Sometimes it's called the military-industrial-media complex (so how 'bout those scary WMDs Iraq was supposedly threatening us with?). To focus on "government being evil" or "evil corporation" is a form of tunnel vision that denies the scope of the problem. It's one of those "pet causes" people get caught up in while nothing changes.

      The problem with the marketing datamining is that many of these organizations are in bed with the government. There's a definite double standard here. If you hired someone to perform an illegal act on your behalf, both you and your hireling would be guilty of a crime. Yet somehow the government can pay companies for data that would be illegal for the government to directly collect itself and this is legal.

      So if it were merely about trying to sell you "adult diapers" versus the regular kind, it would be more benign. At least in G. Gordon Liddy's day, surveillance was expensive, required a certain determination and commitment of resources, and consequently would only be done on targets considered important enough. With modern tech, the idea that "obviously I'm not interesting enough to spy on" is obsolete. This didn't happen though without plenty of support from government, media, marketers, and various other corporations all working towards their own common interests.

      --
      It is a miracle that curiosity survives formal education. - Einstein
    14. Re:Irrelevant by Anonymous Coward · · Score: 1

      Or if you agree to have sex with one person you also agree to be raped by everyone else.

    15. Re:Irrelevant by aaaaaaargh! · · Score: 1

      It's irrelevant anyway, because the info is from April.

      I don't know how much a workplace for FinFisher costs but we're talking about the military/intelligence/law enforcement sector here. It would be kind of stupid to assume that they haven't written an access module by now. And if not, these types of companies are surely happy to provide a suitable exploit as an upgrade upon request - provided that the client has the necessary credentials and is willing to throw enough money at it.

    16. Re:Irrelevant by mi · · Score: 2

      The Gov wants to throw you in prison, or worse.

      Huh? No, they don't. They want to protect us against enemies — and are willing to sacrifice our freedoms to that end. Most (all?) people in government get rather cavalier about the subjects' freedoms and rights — as well as monies. In their arrogance, they — both politicians and bureaucrats — quickly develop the opinion, that "they know better"...

      But there is no malicious intent to throw everyone into prison.

      --
      In Soviet Washington the swamp drains you.
    17. Re:Irrelevant by DoofusOfDeath · · Score: 1

      Torture is also against our laws too, but apparently that doesn't concern the CIA.

    18. Re:Irrelevant by Anonymous Coward · · Score: 0

      what paperwork? it's already too easy for them.

    19. Re:Irrelevant by LordLimecat · · Score: 1

      If you're in China, they also record your calls (TOM Skype).

      You should not be using Skype for anything that you dont want a nationstate to hear, full stop. Microsoft is one of a number of companies known to cooperate in surveillance requests in countries like China.

    20. Re:Irrelevant by bondsbw · · Score: 1

      But there is no malicious intent to throw everyone into prison.

      I really do believe this. But we shouldn't just let our guard down; the powers we grant our government today may one day be abused by someone who actually does want to throw everyone in prison, or worse.

      --
      All my liberal friends think I'm a conservative, all my conservative friends think I'm a liberal.
    21. Re:Irrelevant by znrt · · Score: 1

      Actually, I would have reversed that and said that the latter implies malicious intent.

      All the marketing folks want to do is sell you stuff. The Gov wants to throw you in prison, or worse.

      all of them actually want you buying stuff constantly.

      but on a pure semantical level, marketing naturally implies profit, while government should be synonymous of "caring for the res publica", even though in our particular reality government is nothing but another marketing tool.

    22. Re:Irrelevant by ewibble · · Score: 1

      But there is no malicious intent to throw everyone into prison.

      They have no desire to throw you imprison, unless you are a threat to their job security/power or you disagree with the way they are running the country.

      From their point of view they have a benevolent intent to throw you in prison.

    23. Re:Irrelevant by davester666 · · Score: 1

      The only agencies MS will not take money from are those it isn't legally permitted to. And for those, they just get a dummy corp to act as the middleman for plausible deniability.

      --
      Sleep your way to a whiter smile...date a dentist!
    24. Re:Irrelevant by Anonymous Coward · · Score: 0

      The motivations are not that different at their core.

    25. Re:Irrelevant by Sabriel · · Score: 1

      So not only do we have to worry about incompetence indistinguishable from malice, we also have to worry about righteousness indistinguishable from malice.

    26. Re: Irrelevant by Anonymous Coward · · Score: 0

      Logic? As you can see from the patent world, it never works right. Trying to bring logic to a money fight? Same result as "knives is in a gun fight."
      "Money, you say? " Yup

      Corporations want money. Their lawyers can sue you peasants into keeping with the status quo
      Governments want money ( in the form of power) and will use laws to make logic go away, and bribe companies with cancelling large contracts

  2. Metro Skype is useless by kriston · · Score: 4, Informative

    That would be a good idea if Metro Skype wasn't so utterly useless. It's almost as if they didn't even try. It is missing such basic features as marking yourself as "Busy" and is even missing the screen sharing feature.

    --

    Kriston

    1. Re:Metro Skype is useless by jtwiegand · · Score: 3, Insightful

      This is probably why it's more difficult to exploit; it's a simpler program.

    2. Re:Metro Skype is useless by monkeyhybrid · · Score: 1

      IIRC, Metro apps have additional sandboxing so I'd presume that is the reason it is more difficult to exploit.

  3. What about security against Microsoft? by Anonymous Coward · · Score: 2, Insightful

    "People are aware that Windows has bad security but they are underestimating the problem because they are thinking about third parties.

    What about security against Microsoft? Every non-free program is a 'just trust me program'. 'Trust me, we're a big corporation. Big corporations would never mistreat anybody, would we?' Of course they would! They do all the time, that's what they are known for. So basically you mustn't trust a non free programme."

    "There are three kinds: those that spy on the user, those that restrict the user, and back doors. Windows has all three. Microsoft can install software changes without asking permission. Flash Player has malicious features, as do most mobile phones."

    "Digital handcuffs are the most common malicious features. They restrict what you can do with the data in your own computer. Apple certainly has the digital handcuffs that are the tightest in history. The i-things, well, people found two spy features and Apple says it removed them and there might be more""

    From:

    Richard Stallman: 'Apple has tightest digital handcuffs in history'
    www.newint.org/features/web-exclusive/2012/12/05/richard-stallman-interview/

  4. That's what they want you to think by Anonymous Coward · · Score: 1

    "The dump also reveals Windows 8 users should opt for the Metro version of Skype rather than the desktop client because it cannot be tapped by FinFisher."
    That's what they want you to think!

    1. Re:That's what they want you to think by Anonymous Coward · · Score: 0

      Am I supposed to be glad that the Metro Skype app has less vulnerabilities when the real vulnerability is Microsoft? They will respond to law enforcement in most cases (not the Ireland case).

  5. Or maybe... by Black+Parrot · · Score: 3, Interesting

    ...the docs were leaked by spy agencies, because the Metro version is *easier* to spy on?

    --
    Sheesh, evil *and* a jerk. -- Jade
  6. "partners" are able to bypass win firewall by Trax3001BBS · · Score: 1

    This of course is very old news, but relevant.

  7. The Story of Your Slavery, in brief by Anonymous Coward · · Score: 0, Offtopic

    Memorable quotes for
    Looker (1981)
    http://www.imdb.com/title/tt00...

    "John Reston: Television can control public opinion more effectively than armies of secret police, because television is entirely voluntary. The American government forces our children to attend school, but nobody forces them to watch T.V. Americans of all ages *submit* to television. Television is the American ideal. Persuasion without coercion. Nobody makes us watch. Who could have predicted that a *free* people would voluntarily spend one fifth of their lives sitting in front of a *box* with pictures? Fifteen years sitting in prison is punishment. But 15 years sitting in front of a television set is entertainment. And the average American now spends more than one and a half years of his life just watching television commercials. Fifty minutes, every day of his life, watching commercials. Now, that's power."

    ##

    "The United States has it's own propaganda, but it's very effective because people don't realize that it's propaganda. And it's subtle, but it's actually a much stronger propaganda machine than the Nazis had but it's funded in a different way. With the Nazis it was funded by the government, but in the United States, it's funded by corporations and corporations they only want things to happen that will make people want to buy stuff. So whatever that is, then that is considered okay and good, but that doesn't necessarily mean it really serves people's thinking - it can stupify and make not very good things happen."
    - Crispin Glover: http://www.imdb.com/name/nm000...

    ##

    "It's only logical to assume that conspiracies are everywhere, because that's what people do. They conspire. If you can't get the message, get the man." - Mel Gibson (from an interview)

    ##

    "We'll know our disinformation program is complete when everything the American public believes is false." - William Casey, CIA Director

    ##

    "The real reason for the official secrecy, in most instances, is not to keep the opposition (the CIA's euphemistic term for the enemy) from knowing what is going on; the enemy usually does know. The basic reason for governmental secrecy is to keep you, the American public, from knowing - for you, too, are considered the opposition, or enemy - so that you cannot interfere. When the public does not know what the government or the CIA is doing, it cannot voice its approval or disapproval of their actions. In fact, they can even lie to your about what they are doing or have done, and you will not know it. As for the second advantage, despite frequent suggestion that the CIA is a rogue elephant, the truth is that the agency functions at the direction of and in response to the office of the president. All of its major clandestine operations are carried out with the direct approval of or on direct orders from the White House. The CIA is a secret tool of the president - every president. And every president since Truman has lied to the American people in order to protect the agency. When lies have failed, it has been the duty of the CIA to take the blame for the president, thus protecting him. This is known in the business as "plausible denial." The CIA, functioning as a secret instrument of the U.S. government and the presidency, has long misused and abused history and continues to do so."
    - Victor Marchetti, Propaganda and Disinformation: How the CIA Manufactures History

    ##

    George Carlin:

    "The real owners are the big wealthy business interests that control things and make all the important decisions. Forget the politicians, they're an irrelevancy. The politicians are put there to give you the idea that you have freedom of choice. You don't. You have no choice. You have owners. They own you. They own everything. They own all the important land. They own and control the corporations. They've long since bought and paid for the Senate, the Congress, the statehouses, the city h

  8. Re:'Tis Modern UI by theshowmecanuck · · Score: 1

    Ha. For those old enough to remember, it's kind of like 'new coke' vs 'coke classic'. When W9 comes out it will be like coke classic and everyone will come flocking back and buying new PCs. Then MS will claim that W8 was a marketing ploy to get more sales of W9 as a way to save face with all the losses from W8.

    --
    -- I ignore anonymous replies to my comments and postings.
  9. Re:'Tis Modern UI by Anonymous Coward · · Score: 2, Funny

    No one cares, Ballmer.

  10. Nothing to see here. by fisted · · Score: 1

    Move along.

    --
    CLI paste? paste.pr0.tips!
    1. Re:Nothing to see here. by IMightB · · Score: 2

      No kidding, FinFisher 5.0 can't do the metro app, finfisher 5.1 can. FinFisher 6 has been out for 2 years.....

  11. IT'S A TRAP by cloud.pt · · Score: 2

    This is just another one of the recent MS gimmicks to get you to switch to the Metro version.

    I just received a very official Skype Team email stating my desktop version would be automatically removed. That's exactly what it said: YOUR SKYPE VERSION WILL BE REMOVED. If a company would add such a trigger on an application (even one that highly depends on a single external cloud service to do anything at all), I would call that heavy persuasion.

    1. Re:IT'S A TRAP by Anonymous Coward · · Score: 0

      People would continue using Skype because 1. It's convenient. 2. They have nothing to hide.
      I ain't people, but that's absolutely what they will do.

    2. Re:IT'S A TRAP by JackieBrown · · Score: 1

      Mine said I was signed out because I was using an outdated version and would not let me sign back in until I upgraded it.

      I have to use it for work.

    3. Re:IT'S A TRAP by jeIIomizer · · Score: 2

      2. They have nothing to hide.

      No, they mistakenly believe they have nothing to hide. But they are not the ones who decide; the government does. If you do something the government doesn't like, and it notices, you may find yourself in a very unfortunate situation.

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  12. Switch away from Skype and Windows by bluefoxlucid · · Score: 0

    And it doesn't end there. To really get a high-security setup, boot chain, you need to do a lot of start-up work.

    To start, you need a pre-boot scan. The occasional scan from a USB image would provide an integrity check: EFI settings (boot order), bootloader, kernel image, and initrd. You'd need to validate the boot loader against the installed package, validate the installed ClamAV database signature, pull ClamAV updates if the signature doesn't validate, validate kernels against installed packages, and validate the bootloader and kernel and initrd contents via ClamAV.

    At boot time, the initrd should do similar: it should run clamscan against ClamAV itself, init, the basic libraries and services, and so on. This takes about 9 seconds--it takes 7 seconds to start ClamAV, so a running, resident service to execute scans is desirable for continuous scanning.

    During boot, a service loads which hooks into LSM or otherwise to catch all execve(), mmap(), and open() calls, as well as any writes.Any such call first checks if the access is to a file; if so, it checks if the file is known safe; if not, it validates the file. If the file does not validate, it taints the process or blocks access. If the process is tainted and is allowed to write to a file, it un-validates that file. Upon load, the daemon immediately scans all running processes, checking their open files (including the main binary, mmap()ed segments, etc.) for validation.

    To validate, the scanner daemon scans the file. If the file contains no malware, it's entered into a patricia trie and marked as clean. If it contains malware, it's entered as malware. Whenever the file enters an unknown state, it's removed from the trie. Patricia tries are compact structures which branch away from common prefixes: "/usr/lib/libc.so.6" and "/usr/lib/libclobber.so.2" are entered as "/usr/lib/libc" pointing to ".so.6" and "lobber.so.2"; likewise, more entries will create breaks after "/usr/" and "lib/lib" and whatever else. 100MB of RAM should suffice to track almost 300,000 files.

    Any already-validated files are skipped: a fast trie look-up is performed, and the state is returned. If the file is not found in the trie, it is validated. If the file is written to by a tainted process, it's marked as tainted. If a process opens a malware file, it is marked as tainted.

    For further protection, processes should not be allowed to transition any memory area from non-executable to executable, or to a state of both writability and executability. This prevents direct code injection, as you cannot write to executable code, and you cannot execute writable code. Further, tracking of processes which have communicated with tainted processes (IPC, pipes, sockets, network connections, etc.) should be done.

    Now you can see that a tainted malware app has connected to your Skype process!

    --
    Support my political activism on Patreon.
    1. Re:Switch away from Skype and Windows by jader3rd · · Score: 2

      To start, you need a pre-boot scan. The occasional scan from a USB image would provide an integrity check: EFI settings (boot order), bootloader, kernel image, and initrd.

      You mean like the Windows 8 UEFI Secure Boot?

    2. Re:Switch away from Skype and Windows by Junta · · Score: 0

      Windows 8 Secure boot is a pretty flimsy facility that says 'yep, this code was blessed by microsoft'. It does nothing to vouch for whether the configuration leading up to or the configuration of the payload is what you actually want (e.g. a specific user expects they hve put in Windows 8, but instead Red Hat loading with malicious configuration would be a sort of misbehavior that SecureBoot does nothing for).

      Of course, the proposed scheme isn't exactly nice. Notably handwaving about 'file is known safe'. In an open, diverse ecosystem this is highly impractical. SELinux errs on the side of letting some stuff slide and still gets enough false positives to frustrate a user trying to use some legitimate applications. These schemes start from a premise of 'if you know everything the system is ever supposed to do, then....' which is unlikely. Doing this from firmware to kernel may be feasible and a way to declare a 'known good state' to start some instrumentation in the common case, but going more into the wide open user space with overly specific restrictions and there will be difficulties. Maybe in some very specific special purpose applications, but in a general purpose system the universe of legitimate things to do is just not well defined enough.

      --
      XML is like violence. If it doesn't solve the problem, use more.
    3. Re:Switch away from Skype and Windows by bluefoxlucid · · Score: 1

      That depends on a TPM, which depends largely on a secret key in the OS RAM (magic cookie) that can be accessed if you have a kernel exploit. From there, you can modify the TPM.

      --
      Support my political activism on Patreon.
    4. Re:Switch away from Skype and Windows by Khyber · · Score: 1

      " To really get a high-security setup, boot chain, you need to do a lot of start-up work. "

      No. To get a high-security setup, you simply never connect to the internet.

      If you have internet access, you're fucked. Man can make it, man has repeatedly proven man can break it.

      There is ZERO other alternative.

      --
      Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
    5. Re:Switch away from Skype and Windows by Junta · · Score: 1

      There's a few things that seem off in that statement...

      IIRC, Secure Boot didn't actually hook into the TPM.

      Another, I'm not sure what you imply with 'modify the TPM'. You can have perhaps the TPM bind some stuff that the legitimate user wouldn't want you to do but you couldn't defeat sealing to a sufficient set of PCRs by having os level control of the TPM facilities afaik.

      --
      XML is like violence. If it doesn't solve the problem, use more.
    6. Re:Switch away from Skype and Windows by bluefoxlucid · · Score: 1

      Oh, huh. SecureBoot isn't Palladium; it's some new-fanegaled UEFI feature.

      It looks like you can insert new keys into the SecureBoot DB with dpkg-reconfigure secureboot-db in Ubuntu, so sufficient OS-level access should allow for bypassing SecureBoot in UEFI. This is a little easier than it was with the TPM, I guess.

      --
      Support my political activism on Patreon.
    7. Re:Switch away from Skype and Windows by bluefoxlucid · · Score: 2

      Security: Confidentiality, Integrity, Accessibility. Removing Accessibility is called a Denial of Service.

      It's like you just said the only way to be safe from murder is to kill yourself.

      --
      Support my political activism on Patreon.
    8. Re:Switch away from Skype and Windows by benjymouse · · Score: 1

      Windows 8 Secure boot is a pretty flimsy facility that says 'yep, this code was blessed by microsoft'. It does nothing to vouch for whether the configuration leading up to or the configuration of the payload is what you actually want (e.g. a specific user expects they hve put in Windows 8, but instead Red Hat loading with malicious configuration would be a sort of misbehavior that SecureBoot does nothing for).

      UEFI secure boot validates everything (configuration) until the boot-loader load. The boot-loader sits in signed cabinet files and the UEFI firmware will not load the boot-loader if the boot-loader cabinet files do not check out (invalid signature).

      The boot-loader will check the operating system - Windows 8 - core before relinquishing control of the boot process to the OS. Windows 8 sits in signed cabinet files and the boot-loader will not boot the OS if the files have been tampered with (invalid signatures).

      Right after the kernel has started - relying *only* on information from the signed cabinet files and signed kernel drivers (all drivers which load in kernel space in Windows 64 bit versions must be signed), the antivirus providers will be allowed to load. AV must *also* be signed by MS to be allowed to load at this stage. The AV can now control loading the rest of the OS. Still, any kernel level drivers *must* be signed.

      You are correct that the boot-loader will also boot other signed OSes - like RH Linux and those *could* be used to start Win8 or some other OS in a VM and under control of the "signed" OS. You can bet that MS has requirements that the booting of non-Windows OS is obvious (something must happen at the screen clearly identifying the OS being booted).

      But at the whole, UEFI Secure Boot along with Windows 8 signed boot-loader and OS is *very* hard to circumvent. I haven't heard of any successful attack yet. There was some spin on an attempt that did not use UEFI Secure Boot (it used BIOS).

      --
      Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
    9. Re:Switch away from Skype and Windows by benjymouse · · Score: 1

      Oh, huh. SecureBoot isn't Palladium; it's some new-fanegaled UEFI feature.

      It looks like you can insert new keys into the SecureBoot DB with dpkg-reconfigure secureboot-db in Ubuntu, so sufficient OS-level access should allow for bypassing SecureBoot in UEFI. This is a little easier than it was with the TPM, I guess.

      No, not unless the OEM did *not* follow the specs. If they followed the UEFI specs this should not be possible.

      On top op that, it is a specific requirement for "Designed for Windows 8 certification" that the keys cannot be manipulated from the operating system.

      The only way to change the key store is through physical (like in at the keyboard) control of the UEFI firmware in the pre-boot "maintenance mode" *or* through a firmware upgrade. Firmware upgrades *must* be signed as well, so no, you can not use that avenue either.

      OEMs who designs their system with UEFI will certainly make sure to meet those requirements.

      --
      Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
    10. Re:Switch away from Skype and Windows by bluefoxlucid · · Score: 1

      After these databases have been added, and after final firmware validation and testing, the OEM locks the firmware from editing, except for updates that are signed with the correct key or updates by a physically present user who is using firmware menus, and then generates a platform key (PK). The PK can be used to sign updates to the KEK or to turn off Secure Boot.

      So if you have the PK, you can sign updates to the KEK. Okay, so this requires the user to intentionally load a PK first, and store it on the machine. Makes sense.

      So then the chain is shorter: have your kernel load a signed initrd, perform useful scans, and then load the real initrd and engage the boot process. I likes this.

      --
      Support my political activism on Patreon.
    11. Re:Switch away from Skype and Windows by Khyber · · Score: 1

      "It's like you just said the only way to be safe from murder is to kill yourself. "

      Is it wrong? The only way to avoid being killed or dying is to already be dead. The only way to avoid getting compromised online is to not be online at all.

      There is no such thing as 100% security.

      --
      Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
    12. Re:Switch away from Skype and Windows by Junta · · Score: 1

      But at the whole, UEFI Secure Boot along with Windows 8 signed boot-loader and OS is *very* hard to circumvent.

      If you are paying attention during boot, and the attack comes from within the OS. Of course, MS could have afforded the within the OS protection themselves by being very special in how they treated the system partition without requiring firmware to verify it. If you have full control of the console and/or device, you can do exactly what you describe, boot a valid OS using a malicious configuration designed to rootkit the OS that's there or impersonate the OS that was supposed to be there to gain information about accessing the presumably cloned disk.

      Because it is actually pretty ineffectual against an adversary that physically controls your entire system or your disk contents, I think a different design would have been better. Secure boot is too open ended to afford sufficient protection and yet too much a pain by being not quite open ended enough to allow OS vendors without Microsoft blessing. I think Secure Boot should have been done by the key being installed to firmware at initial OS install time. The first OS install getting to 'take ownership' of the platform, and that key being *the* key to trust. This would have allowed Microsoft to put in a Microsoft key and say 'screw trying to certify things like grub'. Installing a different OS after a first would have required going into firmware to unclaim the platform to let the new bootloader claim it on the install of that system.

      I'm actually ok with TPM and how things like Bitlocker leverage the TPM. The Secure Boot scheme reeks of too much inconvenience for inadequate security compared to what *could* have been done.

      --
      XML is like violence. If it doesn't solve the problem, use more.
  13. TrueCrypt by Anonymous Coward · · Score: 0

    For those still wondering if there was anything "wrong" with TrueCrypt a quote from the document:

    The FinFly USB dongle and the Infection ISO
    Images can infect the MBR of the system in
    one of the following situations:
    - The installed OS is unencrypted
    - The installed OS is encrypted with TrueCrypt
    - The installed OS is encrypted with BitLocker

    1. Re: TrueCrypt by Anonymous Coward · · Score: 2

      Likely the virus just replaces the bootloader with one that logs the passphrase.

      Not much you can do about that, except making sure that USB/removable media boot is disabled and there is adequate tamper evident physical security on the computer hardware casing.

      Not much point in the OS driver validating the bootloader. If things have already got that far, it's game over. OK, you would get a warning and that would be nice, but at that point it's too late.

  14. Good to remember by sasparillascott · · Score: 2, Informative

    Keep in mind just what exactly Microsoft handed the keys to the NSA for:

    http://www.theguardian.com/wor...

    Microsoft wasn't called out as an "enthusiastic" partner in the NSA's documents for nothing. Definitely consider all versions of Skype to be damaged goods - along with all other Microsoft products - can't imagine how excited the NSA was for the Xbox One and its always on audio monitoring and (originally) required connected video camera.

  15. Re:'Tis Modern UI by rossdee · · Score: 1

    I drink Mt Dew (pr Mello Yello) anyway.

  16. Re:'Tis Modern UI by Anonymous Coward · · Score: 0

    IIRC, "Windows Classic" was the Win9x theme on Windows XP-7

  17. Not worth it by rebelwarlock · · Score: 3, Funny

    I'll take spyware over metro any day.

  18. Metrosexual UI by Anonymous Coward · · Score: 0

    The queen she doth protest too much.

  19. Re:'Tis Modern UI by Anonymous Coward · · Score: 2

    They will, after their third tablet has broken because the batteries died.

  20. No, I want the NSA to listen by Anonymous Coward · · Score: 0

    I have been having endless Skype video calls with my gf while I'm spending the summer in Europe. Sometimes we are discussing technical stuff related to stuff our academic research, but usually it's a bunch of inane crap, and sometimes it's 6 hours of one of us sleeping. So if the NSA wants to commit resources to make sure that secret codes are not being passed across the Atlantic in our Skype calls, I feel fine about that. By raising the cost of spying, don't we reduce the incentive to do it?

  21. IT'S A TRAP by Anonymous Coward · · Score: 0

    The logic that people would continue using Skype is what baffles me.

  22. Or... by Anonymous Coward · · Score: 0

    Just don't use the PoS that is Skype, which STILL hasn't fixed the IP exploit.

  23. cannot be tapped... by fustakrakich · · Score: 1

    Very funny... Pull the other other one...

    --
    “He’s not deformed, he’s just drunk!”
  24. Metro Skype is useless by Anonymous Coward · · Score: 0

    I might use it then. It's not a please take over my pc, no really, program.