Comments on: This Week in Security: EUCLEAK, Revival Hijack, and More

By: Miles

Miles — Mon, 09 Sep 2024 17:01:49 +0000

In reply to The Commenter Formerly Known As Ren. Three letter acronyms strike again . I took PC repair and Automotive technology in college. Lots of TLAs. Although I suppose TPMS is more accurate to describe the whole system. A single sensor would indeed be a TPM. No curious which was invented first.

By: Miles

Miles — Sun, 08 Sep 2024 21:49:19 +0000

I think at this point projects need a unique ID, not just a unique user facing name. It shouldn’t need that many ID numbers, because it will still go off of the name, a thousand or so should be plenty. (Maybe just add them to the version number?)

The typo sqaut mitigation is a good idea.

By: Drone

Drone — Sat, 07 Sep 2024 17:21:06 +0000

Ages ago I remember commenting to Steve Gibson: “It’s only a question of time before we will be talking about Yubikey being hacked.” – And here we are! If my whiskey-soaked memory serves though – I do not remember Mr. Gibson disagreeing with me – I think he knew better.

By: x0rpunk

x0rpunk — Fri, 06 Sep 2024 16:30:01 +0000

Regarding TraceShark: The problem is anything worth tracing is going to have a protector with anti-debug that likely isn’t handled by the existing outdated plugins for runtime debuggers, and likely buried in a inline-VM that prevents a quick patch..

Garbage level malware that mostly just does ransom after process hollowing or side-loading via phishing of people who shouldn’t be working in tech is typically boring with some xor crypter stub..

By: The Commenter Formerly Known As Ren

The Commenter Formerly Known As Ren — Fri, 06 Sep 2024 14:21:57 +0000

So, TPM doesn’t just stand for Tire Pressure Monitor.

https://www.tomsguide.com/news/what-is-a-tpm-and-heres-why-you-need-it-for-windows-11