May 3, 2023
May 3, 2023
[2304.14717] faulTPM: Exposing AMD fTPMs' Deepest Secrets
Trusted Platform Modules constitute an integral building block of modern security features. Moreover, as Windows 11 made a TPM 2.0 mandatory, they are subject to an ever-increasing academic challenge. While discrete TPMs - as found in higher-end systems - have been susceptible to attacks on their exposed communication interface, more common firmware TPMs (fTPMs) are immune to this attack vector as they do not communicate with the CPU via an exposed bus. In this paper, we analyze a new class of attacks against fTPMs: Attacking their Trusted Execution Environment can lead to a full TPM state compromise. We experimentally verify this attack by compromising the AMD Secure Processor, which constitutes the TEE for AMD's fTPMs. In contrast to previous dTPM sniffing attacks, this vulnerability exposes the complete internal TPM state of the fTPM. It allows us to extract any cryptographic material stored or sealed by the fTPM regardless of authentication mechanisms such as Platform Configuration Register validation or passphrases with anti-hammering protection. First, we demonstrate the impact of our findings by - to the best of our knowledge - enabling the first attack against Full Disk Encryption solutions backed by an fTPM. Furthermore, we lay out how any application relying solely on the security properties of the TPM - like Bitlocker's TPM- only protector - can be defeated by an attacker with 2-3 hours of physical access to the target device. Lastly, we analyze the impact of our attack on FDE solutions protected by a TPM and PIN strategy. While a naive implementation also leaves the disk completely unprotected, we find that BitLocker's FDE implementation withholds some protection depending on the complexity of the used PIN. Our results show that when an fTPM's internal state is compromised, a TPM and PIN strategy for FDE is less secure than TPM-less protection with a reasonable passphrase.
Film studios lose bid to unmask Reddit users who wrote comments on piracy | Ars Technica
Judge voids subpoena, says film studios sought info that isn't relevant to case.
Mac Monitor
The macOS version of procmon, claims red canary.
https://redcanary.com/blog/mac-monitor/Thus, some of us have never stopped calling it: pic.twitter.com/baUFS20MYD
— ...and that was how we lost the war (@HowWeLostTheWar) May 2, 2023
150 African Workers for AI Companies Vote to Unionize | TIME
More than 150 workers for Facebook, TikTok and ChatGPT pledged to establish the first African Content Moderators Union
https://twitter.com/jimleitrim2/status/1652719799388995584
Broken login, broken DMs, god knows what next. In earnest, I'm actually saddened seeing the decline of Twitter in the Elon era. Twitter was where I met my wife, the love of my life and the mother of my children. Now that Twitter is dying, I have no way to contact these three.
— Sridhar Ramesh (@RadishHarmers) May 1, 2023
“You want to put that inside Elmo?”
— Uncle Duke (@UncleDuke1969) May 22, 2021
“Yes.”
“And Elmo get twenty dollars?”
“That’s right.”
“Elmo want to see money first.” pic.twitter.com/L0SxZOTjzs
IYMI: @agents_media report GRU illegal Pablo Gonzales, aka Pavel Rubsov (detained in Poland last year) was able to infiltrate the Boris Nemtsov Foundation, befriended its key members and stole and reported to Center data about their activities:https://t.co/T9q2UK2ugJ
— Christo Grozev (@christogrozev) May 2, 2023
Interesting reading about UEFI, secure boot and BlackLotus bootkit
— 0xor0ne (@0xor0ne) May 3, 2023
Credits Alex Matrosov (@binarly_io)https://t.co/slvEL4MvxV#malware pic.twitter.com/5rFVzX60xc
https://twitter.com/ridt/status/1653607203188748290
https://twitter.com/ridt/status/1653607203188748290
Constant Activity Defines Cyber Operations | CYBERCOM’s strategic approach is “persistent engagement,” said GEN Paul Nakasone, and this requires cooperation among a diverse set of partners. https://t.co/mwDqUdjCBC @signalmag
— 780th Military Intelligence Brigade (Cyber) (@780thC) May 3, 2023
Recruiting Cyber Soldiers From a Young Age | “You cannot fake the funk in this business, if you don't have technical depth, you can't do the mission,” said @CG_CyberForge https://t.co/f6cTJNlwSv
— 780th Military Intelligence Brigade (Cyber) (@780thC) May 3, 2023
🚨 New intra-day satellite imagery of the Korla East Test Site in Xinjiang, China, shows the operation of laser anti-satellite weapons (ASAT) to engage with Western satellites.
— Byron Wan (@Byron_Wan) May 3, 2023
https://t.co/n8oD1kwtEV
Amnesty International criticised for using AI-generated images | Colombia | The Guardian
Group has removed AI images used to promote their reports on social media, including fake photos of Colombia’s 2021 protests
https://twitter.com/dalperovitch/status/1653725457987039232
Astonishing footage of last night's drone attack on the Kremlin pic.twitter.com/3rghCHdIed
— Francis Scarr (@francis_scarr) May 3, 2023
There is no such thing as “military-grade” spyware. This is a made-up term that has no meaning. Same for “military-grade” encryption. Call it sophisticated, call it government spyware. But don’t call it “military-grade.”
— Kim Zetter (@KimZetter) May 3, 2023
It is definitely not military grade. Military grade means it’s made by the lowest bidder, it comes in green, and it’s primary design goal is to still function after it’s been manhandled by clumsy 18yr olds for decades.
— thaddeus e. grugq thegrugq@infosec.exchange (@thegrugq) May 3, 2023