Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://geeknews.chat/@theregister" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>theregister</span></a></span> that's not enough!</p><p><a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> must <a href="https://infosec.space/tags/ban" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ban</span></a> <a href="https://infosec.space/tags/Rootkits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Rootkits</span></a> / <a href="https://infosec.space/tags/Bootkits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bootkits</span></a> and <a href="https://infosec.space/tags/Lernel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Lernel</span></a>-level <a href="https://infosec.space/tags/drivers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>drivers</span></a> entirely or <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> will get banned amidst it's unfixable security!</p>
med-mastodon.com is one of the many independent Mastodon servers you can use to participate in the fediverse.
Medical community on Mastodon
Administered by:
Server stats:
364active users
med-mastodon.com: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#bootkits
0 posts · 0 participants · 0 posts today
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://squirrelmob.com/@bedast" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>bedast</span></a></span> My problem is that these people <em>refuse</em> to take the <em>correct consequences</em> and migrate away from garbage:</p><ol><li><p>You <em>just don't</em> install such garbage on <a href="https://infosec.space/tags/Unix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Unix</span></a>-esque Systems like <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a>!</p></li><li><p><a href="https://infosec.space/tags/CrowdStrike" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CrowdStrike</span></a> is just yet another <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> <a href="https://infosec.space/tags/Scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scam</span></a>.</p></li><li><p>The entire business model of <a href="https://infosec.space/tags/AntiVirus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AntiVirus</span></a> and other Scareware shouldn't exist to begin with.</p></li><li><p>3rd party <a href="https://infosec.space/tags/BinaryBlobs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BinaryBlobs</span></a> on a non-<a href="https://infosec.space/tags/FLOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FLOSS</span></a>'d kernel are just bad!</p></li><li><p>It should be <a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a>'s sole tesponsibility to just not allow <a href="https://infosec.space/tags/Rootkits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Rootkits</span></a> / <a href="https://infosec.space/tags/Bootkits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bootkits</span></a> like that to exist eith their blessing aka. <a href="https://infosec.space/tags/Signature" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signature</span></a> on.</p></li><li><p><a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> & <a href="https://infosec.space/tags/WindowsServer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WindowsServer</span></a> are unbelieveably <a href="https://infosec.space/tags/cursed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cursed</span></a> and unmaintainable mess that'll make even <a href="https://infosec.space/tags/Solaris" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Solaris</span></a> 7 look clean and sleek.</p></li><li><p>The diversity of Linux and Unix-esque distros like <a href="https://infosec.space/tags/BSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BSD</span></a>'s make it basically impossible to bmhave such a giant and direct effect.</p></li><li><p>The whole issue should've been avoided throug extensive testing because it's certainly so rampant that it would've been picked up by <a href="https://infosec.space/tags/QA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>QA</span></a> testers.</p></li><li><p>The fuckedup-ness of <a href="https://infosec.space/tags/CensorBoot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CensorBoot</span></a> aka. <em>"<a href="https://infosec.space/tags/SecureBoot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecureBoot</span></a>"</em> (which is insecure af - see <a href="https://infosec.space/tags/GoldenKeyBoot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GoldenKeyBoot</span></a>!) is the reason why this results in such catastrophic failures, whereas on <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> one just uses <a href="https://infosec.space/tags/LUKS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LUKS</span></a> and can easily recover files.</p></li><li><p>Most Windows users & -<a href="https://infosec.space/tags/sysadmins" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sysadmins</span></a> neglect <a href="https://infosec.space/tags/Backups" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Backups</span></a> of Windows machines because there is no good way to backup them!</p></li><li><p>3rd party kernel binaryblobs are <a href="https://infosec.space/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a>, regardless if <em>"Anti-Malware"</em> or <em>"<a href="https://infosec.space/tags/AntiCheat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AntiCheat</span></a>"</em> is the claimed functionality.</p></li><li><p>If I don't trust <a href="https://infosec.space/tags/WindowsDefender" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WindowsDefender</span></a> then I don't trust Windows or rather Microsoft and thus have to cease using it!</p></li><li><p><a href="https://nondeterministic.computer/@mjg59/112816011370924959" rel="nofollow noopener" target="_blank">This shit would not have been possible under Linux</a>!</p></li></ol>
Porquerias | 1312 🏴🌵G@K<p>The <a href="https://kolektiva.social/tags/LogoFail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LogoFail</span></a> <a href="https://kolektiva.social/tags/UEFI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UEFI</span></a> <a href="https://kolektiva.social/tags/exploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exploit</span></a> is a perfect example of how capitalism fucks everything up. So many people worked so hard on securing UEFI against <a href="https://kolektiva.social/tags/bootkits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bootkits</span></a> but having a goddamn image load was necessary for capitalist "intellectual property" to be enforced, thus opening this vulnerability for literally every Windows and Linux system with a hardware manufacturer logo loading in boot, which is most of them. <a href="https://arstechnica.com/security/2023/12/just-about-every-windows-and-linux-device-vulnerable-to-new-logofail-firmware-attack/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">arstechnica.com/security/2023/</span><span class="invisible">12/just-about-every-windows-and-linux-device-vulnerable-to-new-logofail-firmware-attack/</span></a></p><p>This isn't a security fail, it's a <a href="https://kolektiva.social/tags/capitalism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>capitalism</span></a> fail, because the social/legal regime of <a href="https://kolektiva.social/tags/intellectualproperty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>intellectualproperty</span></a> is actually unnecessary and oppressive, and in this case prevented people from designing secure systems.</p>
Tech news from Canada<p>Ars Technica: Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack <a href="https://arstechnica.com/?p=1988975" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="">arstechnica.com/?p=1988975</span><span class="invisible"></span></a> <a href="https://mastodon.roitsystems.ca/tags/Tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tech</span></a> <a href="https://mastodon.roitsystems.ca/tags/arstechnica" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>arstechnica</span></a> <a href="https://mastodon.roitsystems.ca/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IT</span></a> <a href="https://mastodon.roitsystems.ca/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://mastodon.roitsystems.ca/tags/unitedextensiblefirmwareinterface" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>unitedextensiblefirmwareinterface</span></a> <a href="https://mastodon.roitsystems.ca/tags/Features" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Features</span></a> <a href="https://mastodon.roitsystems.ca/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://mastodon.roitsystems.ca/tags/bootkits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bootkits</span></a> <a href="https://mastodon.roitsystems.ca/tags/firmware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>firmware</span></a> <a href="https://mastodon.roitsystems.ca/tags/logofail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>logofail</span></a> <a href="https://mastodon.roitsystems.ca/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://mastodon.roitsystems.ca/tags/Biz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Biz</span></a>&IT <a href="https://mastodon.roitsystems.ca/tags/uefi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>uefi</span></a></p>
Tech news from Canada<p>Ars Technica: Unkillable UEFI malware bypassing Secure Boot enabled by unpatchable Windows flaw <a href="https://arstechnica.com/?p=1921876" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="">arstechnica.com/?p=1921876</span><span class="invisible"></span></a> <a href="https://mastodon.roitsystems.ca/tags/Tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tech</span></a> <a href="https://mastodon.roitsystems.ca/tags/arstechnica" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>arstechnica</span></a> <a href="https://mastodon.roitsystems.ca/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IT</span></a> <a href="https://mastodon.roitsystems.ca/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://mastodon.roitsystems.ca/tags/vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilities</span></a> <a href="https://mastodon.roitsystems.ca/tags/Features" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Features</span></a> <a href="https://mastodon.roitsystems.ca/tags/bootkits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bootkits</span></a> <a href="https://mastodon.roitsystems.ca/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://mastodon.roitsystems.ca/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> <a href="https://mastodon.roitsystems.ca/tags/Biz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Biz</span></a>&IT <a href="https://mastodon.roitsystems.ca/tags/uefi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>uefi</span></a></p>
Tech News Worldwide<p>Unkillable UEFI malware bypassing Secure Boot enabled by unpatchable Windows flaw <br> <br> <a href="https://arstechnica.com/?p=1921876" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="">arstechnica.com/?p=1921876</span><span class="invisible"></span></a> <br> <br> <a href="https://aspiechattr.me/tags/vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilities</span></a> <a href="https://aspiechattr.me/tags/Features" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Features</span></a> <a href="https://aspiechattr.me/tags/bootkits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bootkits</span></a> <a href="https://aspiechattr.me/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://aspiechattr.me/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> <a href="https://aspiechattr.me/tags/Biz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Biz</span></a>&IT <a href="https://aspiechattr.me/tags/uefi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>uefi</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload