And after the neural network has analysed it and extracted the command, the raw audio data may well be ditched other than the command it recognised with a success/error response code. There may be no recordings available for the police at all.
I suppose you know how timing side channel attacks are done? All those layers of abstraction make it possible to accurately predict and alter code path length? Oh, and they do automatically handle things like proper memory scrubbing of keys when no-longer valid? Right?
These things need low level hardware access to manage, and are hard even then where there is less in the way screwing with it. It is nearly impossible to handle properly on highly abstracted languages running in managed virtual environments like Java and C#.
Yes those abstractions help avoid specific classes of vulnerabilities, but can open a whole host of just as bad context specific ones when talking about security stuff like encryption. This is why we should only let specialists in that specific field do such implementations and have them vet each others code.
1km? on 70cm band (one used for UHF TV and the band allowed for 802.11af in the US), simplex FM (voice) has been done over 43 miles at 5W PEP, that is 69.2018km on a good day... It's a little better than 1km even on a bad day.
I addresses are not enough anyway, it is not hard to make an attack look like it's coming from another country, just proxy the attack through a previously hacked computer from that country. You think any state sponsored hackers can't do this when mear amateurs can?
Google's safe browsing list have been in both Firefox and chrome since chrome's first release, and both Firefox and chrome have a toggle to turn it off in the options should you wish. For some reason Google has added pirate bay download pages to the list, according to database lookup it matches the sort of block they usually impose when the site has been compromised either directly or via maleware embedded in advertising.
So they can track everything, seriously. Most of these devices have no real need of an internet connection.
Anyway, that said, even my routers are using HTTPS, with a key and certificate pair generated by me for my own CA, it is possible, and not all that hard. I just added a HP printer to my network, again I uploaded my own certificate to it, it even had a nice wizard that generated the CSR which I then signed, run the wizard again and choose to upload the certificate.
No USB does not have DMA exposed to external devices, the USB host controller may use DMA as it is just another device on the PCI/PCI-Express bus, however it is not expose and queriable by devices. Yes, later in FireWire, some operating system drivers (Linux and Windows) would request the FireWire controller disable DMA support, but the hardware needs to be built to have this functionality. Finally such functionality would break thunderbolt as DMA is a fundamental part of how PCI-Express works and as a such key to the functionality. There is a feature for virtual machines to allow PCI-Express pass though called IOMMU that could also be used as DMA mitigation as it works by pretending to the device only a section of memory is the whole system memory, however, I believe only kernels built for use as hypervisor have it enabled and none are actually using it for DMA mitigation.
The problem with Tor is not throughput but latency, and the latency issue in Tor exists as a protection against timing attacks. Basically, Tor nodes capture several requests to pass on, then wait, only sending in batches on a given interval, they also shuffle the order of the batches, 3 hops later and all these waits add up. Without this method, one could easily watch packets going into and coming out of the network and just match them up, as they come out in the same order a few milliseconds later, with the batching you have no idea which packet matches with which one going in.
Thunderbolt is a major security issue as thunderbolt devices (along with all PCI, PCI express, expresscard and FireWire) have direct memory access. Direct memory access allows reading and writing directly to the system memory bypassing the operating system and any protections it has. This is for performance reasons and makes some degree of sense until you start to put it on external interfaces users will plug anything into... FireWire was not allowed in a lot of companies for exactly the this reason.
USB has its own security issues inherent in it, though not as bad as bypassing software protections and in some more sensitive workplaces they have the USB ports sealed too. What are you going to do when there is no other option than to plug the monitor in view a USB port, you can't seal ports that use insecure protocols if all devices, secure or not use the same port. Oh and now, I can hide my attack in the display that usually would only give me HDMI ddi data access with a lot larger attack surface.
Until you want 4k@144hz... Oh and yes a human can distinguish the difference in framerates above 60Hz, especially with interactive media. The This is why current vr headsets run at 90fps of 120fps, humans do distinguish it and the latency between head tracking and display update can cause simulation sickness.
We all know USB already has various security issues by its nature. And until they added (the little used) Ethernet causality down HDMI cables, we were pretty safe from video cables being an attack vector, but if we start all pushing it down USB. What's to say my companies smart TV on a firewalled subnet that I also use as a secondary display doesn't also connect thunderbolt or USB down one of these cables? No more just not plugging suspicious devices into USB ports when all the machine has is USB ports. This is getting ridiculous.
Not to mention, I bet Linux and GCC support for the instructions will actually happen first. Linux usually gets CPU instruction set support first as an open test platform but it is rarely advertised. Finally it does not stop individual applications implementing such instruction sets either way. In fact, there is very little in the kernels of either OS that would benefit from these specialist instruction sets.
Well, there are a few other ways to communicate the parameter other than as a GET parameter (or POST). For example the server one is trying to sign into could send it direct to google via a side channel, that said, this only stops a MITM modifying the string in flight, not a bad server sending a bad string anyway, this is how paypal handles payment amounts for example.
You are talking challenge response authentication. The problem with that generally is that the shared secret (password ore hash of the password that is then used as the password so an attacker can just skip the hashing step in an attack) has to be stored in plain text on the server (obviously this means we have a major credential theft issue server side) as to be able to calculate the response, this is true for CRAM-MD5 (which is why it hasn't been updated from MD5), CHAP, OATH, DIGEST-MD5, and zero knowledge proofs like SRP.
Now there is one challenge response algorithm that does not have this issue, known as SCRAM, however it is only supported in SASL at time of writing which means we can use it for POP3, IMAP and XMPP authentication, it also requires ca signed encryption certificates for the client.
Finally, challenge-response authentication does not stop the attack they are suggesting or any other phishing attack as that is all this is really, only this one is phishing attack on the open redirect of the login process rather than directly.
It's simple, Google has safe search permanently enabled unless exact keywords match against a specific list, so if I put in say a particular models name, I'd only get the "safe" results. Bing still allows the turning off of safe search altogether.
Some gopher servers still exists, I was too young when the protocol first became popular, however I wanted to learn about it so loaded up a gopher client to see what was still out there a few years ago, decided to repeat that a couple of months ago.
It doesn't scale, and every voter would need a private encryption key that can't leak....
I'm just happy a security company has finally been able to get one of these machines to demonstrate how bad it is. Most of the more major but less visible outside of the field researchers have been screaming for a decade that there are obvious flaws but haven't been able to get their hands on the machines to prove them.
The only thing, it had to be Symantec, really... The one company that is too large for it's own good, uses unnecessary scare tactics to fleece customers and has suffered it's own fair share of security failures. Only good thing I see with Symantec doing it is maybe they are well known enough that the powers that be might take note.
Slashdot Mirror
And after the neural network has analysed it and extracted the command, the raw audio data may well be ditched other than the command it recognised with a success/error response code. There may be no recordings available for the police at all.
I suppose you know how timing side channel attacks are done? All those layers of abstraction make it possible to accurately predict and alter code path length? Oh, and they do automatically handle things like proper memory scrubbing of keys when no-longer valid? Right?
These things need low level hardware access to manage, and are hard even then where there is less in the way screwing with it. It is nearly impossible to handle properly on highly abstracted languages running in managed virtual environments like Java and C#.
Yes those abstractions help avoid specific classes of vulnerabilities, but can open a whole host of just as bad context specific ones when talking about security stuff like encryption. This is why we should only let specialists in that specific field do such implementations and have them vet each others code.
1km? on 70cm band (one used for UHF TV and the band allowed for 802.11af in the US), simplex FM (voice) has been done over 43 miles at 5W PEP, that is 69.2018km on a good day... It's a little better than 1km even on a bad day.
I addresses are not enough anyway, it is not hard to make an attack look like it's coming from another country, just proxy the attack through a previously hacked computer from that country. You think any state sponsored hackers can't do this when mear amateurs can?
Which is why google probably flagged something in one of those worse than normal adverts.
Google's safe browsing list have been in both Firefox and chrome since chrome's first release, and both Firefox and chrome have a toggle to turn it off in the options should you wish. For some reason Google has added pirate bay download pages to the list, according to database lookup it matches the sort of block they usually impose when the site has been compromised either directly or via maleware embedded in advertising.
the download pages have been added to google safe browsing blacklist.
The thing is, if it doesn't exist, OpenSSH generates a brand new key to use on first run. So there is absolutely no need for it having vendor keys.
Well, it probably needs camera, but that's because the LED it turns on is the "camera flash". Past that, no it doesn't!
So they can track everything, seriously. Most of these devices have no real need of an internet connection.
Anyway, that said, even my routers are using HTTPS, with a key and certificate pair generated by me for my own CA, it is possible, and not all that hard. I just added a HP printer to my network, again I uploaded my own certificate to it, it even had a nice wizard that generated the CSR which I then signed, run the wizard again and choose to upload the certificate.
I guess it's time to send in SeaQuest.
No USB does not have DMA exposed to external devices, the USB host controller may use DMA as it is just another device on the PCI/PCI-Express bus, however it is not expose and queriable by devices. Yes, later in FireWire, some operating system drivers (Linux and Windows) would request the FireWire controller disable DMA support, but the hardware needs to be built to have this functionality. Finally such functionality would break thunderbolt as DMA is a fundamental part of how PCI-Express works and as a such key to the functionality. There is a feature for virtual machines to allow PCI-Express pass though called IOMMU that could also be used as DMA mitigation as it works by pretending to the device only a section of memory is the whole system memory, however, I believe only kernels built for use as hypervisor have it enabled and none are actually using it for DMA mitigation.
Expresscard and thunderbolt.
The problem with Tor is not throughput but latency, and the latency issue in Tor exists as a protection against timing attacks. Basically, Tor nodes capture several requests to pass on, then wait, only sending in batches on a given interval, they also shuffle the order of the batches, 3 hops later and all these waits add up. Without this method, one could easily watch packets going into and coming out of the network and just match them up, as they come out in the same order a few milliseconds later, with the batching you have no idea which packet matches with which one going in.
Thunderbolt is a major security issue as thunderbolt devices (along with all PCI, PCI express, expresscard and FireWire) have direct memory access. Direct memory access allows reading and writing directly to the system memory bypassing the operating system and any protections it has. This is for performance reasons and makes some degree of sense until you start to put it on external interfaces users will plug anything into... FireWire was not allowed in a lot of companies for exactly the this reason.
USB has its own security issues inherent in it, though not as bad as bypassing software protections and in some more sensitive workplaces they have the USB ports sealed too. What are you going to do when there is no other option than to plug the monitor in view a USB port, you can't seal ports that use insecure protocols if all devices, secure or not use the same port. Oh and now, I can hide my attack in the display that usually would only give me HDMI ddi data access with a lot larger attack surface.
Until you want 4k@144hz...
Oh and yes a human can distinguish the difference in framerates above 60Hz, especially with interactive media. The
This is why current vr headsets run at 90fps of 120fps, humans do distinguish it and the latency between head tracking and display update can cause simulation sickness.
*compromised smart tv
We all know USB already has various security issues by its nature. And until they added (the little used) Ethernet causality down HDMI cables, we were pretty safe from video cables being an attack vector, but if we start all pushing it down USB. What's to say my companies smart TV on a firewalled subnet that I also use as a secondary display doesn't also connect thunderbolt or USB down one of these cables? No more just not plugging suspicious devices into USB ports when all the machine has is USB ports. This is getting ridiculous.
Not to mention, I bet Linux and GCC support for the instructions will actually happen first. Linux usually gets CPU instruction set support first as an open test platform but it is rarely advertised. Finally it does not stop individual applications implementing such instruction sets either way. In fact, there is very little in the kernels of either OS that would benefit from these specialist instruction sets.
Well, there are a few other ways to communicate the parameter other than as a GET parameter (or POST). For example the server one is trying to sign into could send it direct to google via a side channel, that said, this only stops a MITM modifying the string in flight, not a bad server sending a bad string anyway, this is how paypal handles payment amounts for example.
You are talking challenge response authentication. The problem with that generally is that the shared secret (password ore hash of the password that is then used as the password so an attacker can just skip the hashing step in an attack) has to be stored in plain text on the server (obviously this means we have a major credential theft issue server side) as to be able to calculate the response, this is true for CRAM-MD5 (which is why it hasn't been updated from MD5), CHAP, OATH, DIGEST-MD5, and zero knowledge proofs like SRP.
Now there is one challenge response algorithm that does not have this issue, known as SCRAM, however it is only supported in SASL at time of writing which means we can use it for POP3, IMAP and XMPP authentication, it also requires ca signed encryption certificates for the client.
Finally, challenge-response authentication does not stop the attack they are suggesting or any other phishing attack as that is all this is really, only this one is phishing attack on the open redirect of the login process rather than directly.
It's simple, Google has safe search permanently enabled unless exact keywords match against a specific list, so if I put in say a particular models name, I'd only get the "safe" results. Bing still allows the turning off of safe search altogether.
Really, you sure? Sure it's not just a web view of web.spotify.com?
Some gopher servers still exists, I was too young when the protocol first became popular, however I wanted to learn about it so loaded up a gopher client to see what was still out there a few years ago, decided to repeat that a couple of months ago.
It doesn't scale, and every voter would need a private encryption key that can't leak....
I'm just happy a security company has finally been able to get one of these machines to demonstrate how bad it is. Most of the more major but less visible outside of the field researchers have been screaming for a decade that there are obvious flaws but haven't been able to get their hands on the machines to prove them.
The only thing, it had to be Symantec, really... The one company that is too large for it's own good, uses unnecessary scare tactics to fleece customers and has suffered it's own fair share of security failures. Only good thing I see with Symantec doing it is maybe they are well known enough that the powers that be might take note.