Dark Force

I just watched the WAN show and Linus mentioned this thread so I came over to read it all. I made an account just now too.
 
I use Ubiquiti equipment at my business as a WISP provider exclusively, for over 600 customers just using this point to point network we built in our county. We monitor it all on a VM because we considered the cloud hosted UNMS/UISP an unnecessary cost for whatever they are charging to back up ~200mb, which is the backup file size that gets sent to the NAS daily for a little peace of mind. I'm very glad that call was made now. VMs really are delightful. 
 
The extensive access granted to a malicious attacker would be astounding. You can access a CLI and SSH into peoples dishes on their roofs or their access points in their hallways. 

One example of issues these devices face include the following:

Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an improperly neutralized element in an OS command due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an admin account could escape the restricted CLI and execute arbitrary shell instructions.
- https://www.cvedetails.com/vulnerability-list/vendor_id-12765/Ubnt.html

Now I'm not very good with command line, as I just put down my anti static bracelet a few months ago, but I assume this is a problem due to the fact you have some pretty high level permission on a device inside a persons network. My coworker was recently working on writing a "rubber ducky shellcode" was the words he kept using without explaining it, but if Rubber Ducky's website has a clip from Mr. Robot you know bad stuff is going to happen to your credentials. 
 
All of this said. I didn't know that cve website existed, and I know why people don't want multifactor authentication at a business. Sharing password manager accounts at business isn't too uncommon. I saw it several times when working with businesses who would have dozens of desktops, laptops, tablets, and phones they need to keep track of and they have potentially 10 people who need access to those passwords to help manage them due to the high volume of staff they have. 
 
Its just sort of.... hard to keep employees obeying the company policies about passwords and managers, and sticky notes, and emailing passwords without verification of recipient or request being approved by a high enough authority when you don't write anything in stone about it. And when you do, you will have those lazy boners still using their PW manager over the internal business PW server hosted in a local only VM CUS ITS GOT AN EXTENSION THO. Hard argument to fight until you don't have a job cus your small business burned to the ground.... cus you left your pc open at Starbucks.... cus you had to take a wicked piss. 
 
Oh also their equipment lasts in fires and storms no problem. We have about a dozen aircubes out in the field that we're slowly replacing whenever a customer complains about anything if they have one. On the other hand we have dozens of NanoStation Loco M5s that are performing perfectly, and I'm unsure of their age but it seems to be about 5 years. 

Some very specific products like some of their access points get a lot of DFS hits on one firmware and not on another. Its kind of annoying because it's too complicated to troubleshoot without wasting a reasonable amount time and at that point you just want to downgrade it to the firmware that was working fine before this. Bam security flaw and you didn't think of it. 
 
 
 

They are turning into every other company.

Summary
According to a whistleblower, Ubiquiti's previous security breach was much worse than they had disclosed. Allegedly, the attacker used a compromised LastPass account of an employee of the company to gain root administrator access to all Ubiquiti AWS accounts which included user credentials and secrets - meaning all Ubiquiti endpoint devices and accounts registered at the time of the attack are potentially compromised or could be compromised with a malicious "update" to the device.
 
Quotes
What happened:
 
What was taken & how:
 
Recommendation to Ubiquity Users on how to protect themselves:
 
 
My thoughts
This caught my eye since they have partnered with LTT for sponsored videos in the past and Linus is deeply invested in their ecosystem at home. It is incredibly baffling for a company of Ubiquiti's size (and the market they are in) to not have access logging set up in their environment (cloud or otherwise). If you are a Ubiquiti user, I urge you to follow the recommendations above and also set up 2FA if you haven't already.
 
Sources
https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/

Summary
According to a whistleblower, Ubiquiti's previous security breach was much worse than they had disclosed. Allegedly, the attacker used a compromised LastPass account of an employee of the company to gain root administrator access to all Ubiquiti AWS accounts which included user credentials and secrets - meaning all Ubiquiti endpoint devices and accounts registered at the time of the attack are potentially compromised or could be compromised with a malicious "update" to the device.
 
Quotes
What happened:
 
What was taken & how:
 
Recommendation to Ubiquity Users on how to protect themselves:
 
 
My thoughts
This caught my eye since they have partnered with LTT for sponsored videos in the past and Linus is deeply invested in their ecosystem at home. It is incredibly baffling for a company of Ubiquiti's size (and the market they are in) to not have access logging set up in their environment (cloud or otherwise). If you are a Ubiquiti user, I urge you to follow the recommendations above and also set up 2FA if you haven't already.
 
Sources
https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/

Summary
According to a whistleblower, Ubiquiti's previous security breach was much worse than they had disclosed. Allegedly, the attacker used a compromised LastPass account of an employee of the company to gain root administrator access to all Ubiquiti AWS accounts which included user credentials and secrets - meaning all Ubiquiti endpoint devices and accounts registered at the time of the attack are potentially compromised or could be compromised with a malicious "update" to the device.
 
Quotes
What happened:
 
What was taken & how:
 
Recommendation to Ubiquity Users on how to protect themselves:
 
 
My thoughts
This caught my eye since they have partnered with LTT for sponsored videos in the past and Linus is deeply invested in their ecosystem at home. It is incredibly baffling for a company of Ubiquiti's size (and the market they are in) to not have access logging set up in their environment (cloud or otherwise). If you are a Ubiquiti user, I urge you to follow the recommendations above and also set up 2FA if you haven't already.
 
Sources
https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/

Summary
According to a whistleblower, Ubiquiti's previous security breach was much worse than they had disclosed. Allegedly, the attacker used a compromised LastPass account of an employee of the company to gain root administrator access to all Ubiquiti AWS accounts which included user credentials and secrets - meaning all Ubiquiti endpoint devices and accounts registered at the time of the attack are potentially compromised or could be compromised with a malicious "update" to the device.
 
Quotes
What happened:
 
What was taken & how:
 
Recommendation to Ubiquity Users on how to protect themselves:
 
 
My thoughts
This caught my eye since they have partnered with LTT for sponsored videos in the past and Linus is deeply invested in their ecosystem at home. It is incredibly baffling for a company of Ubiquiti's size (and the market they are in) to not have access logging set up in their environment (cloud or otherwise). If you are a Ubiquiti user, I urge you to follow the recommendations above and also set up 2FA if you haven't already.
 
Sources
https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/

Summary
According to a whistleblower, Ubiquiti's previous security breach was much worse than they had disclosed. Allegedly, the attacker used a compromised LastPass account of an employee of the company to gain root administrator access to all Ubiquiti AWS accounts which included user credentials and secrets - meaning all Ubiquiti endpoint devices and accounts registered at the time of the attack are potentially compromised or could be compromised with a malicious "update" to the device.
 
Quotes
What happened:
 
What was taken & how:
 
Recommendation to Ubiquity Users on how to protect themselves:
 
 
My thoughts
This caught my eye since they have partnered with LTT for sponsored videos in the past and Linus is deeply invested in their ecosystem at home. It is incredibly baffling for a company of Ubiquiti's size (and the market they are in) to not have access logging set up in their environment (cloud or otherwise). If you are a Ubiquiti user, I urge you to follow the recommendations above and also set up 2FA if you haven't already.
 
Sources
https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/

Summary
According to a whistleblower, Ubiquiti's previous security breach was much worse than they had disclosed. Allegedly, the attacker used a compromised LastPass account of an employee of the company to gain root administrator access to all Ubiquiti AWS accounts which included user credentials and secrets - meaning all Ubiquiti endpoint devices and accounts registered at the time of the attack are potentially compromised or could be compromised with a malicious "update" to the device.
 
Quotes
What happened:
 
What was taken & how:
 
Recommendation to Ubiquity Users on how to protect themselves:
 
 
My thoughts
This caught my eye since they have partnered with LTT for sponsored videos in the past and Linus is deeply invested in their ecosystem at home. It is incredibly baffling for a company of Ubiquiti's size (and the market they are in) to not have access logging set up in their environment (cloud or otherwise). If you are a Ubiquiti user, I urge you to follow the recommendations above and also set up 2FA if you haven't already.
 
Sources
https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/

Summary
According to a whistleblower, Ubiquiti's previous security breach was much worse than they had disclosed. Allegedly, the attacker used a compromised LastPass account of an employee of the company to gain root administrator access to all Ubiquiti AWS accounts which included user credentials and secrets - meaning all Ubiquiti endpoint devices and accounts registered at the time of the attack are potentially compromised or could be compromised with a malicious "update" to the device.
 
Quotes
What happened:
 
What was taken & how:
 
Recommendation to Ubiquity Users on how to protect themselves:
 
 
My thoughts
This caught my eye since they have partnered with LTT for sponsored videos in the past and Linus is deeply invested in their ecosystem at home. It is incredibly baffling for a company of Ubiquiti's size (and the market they are in) to not have access logging set up in their environment (cloud or otherwise). If you are a Ubiquiti user, I urge you to follow the recommendations above and also set up 2FA if you haven't already.
 
Sources
https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/

I have to say, I do find the dislike number useful for telling me right away that the tutorial video I'm about to watch is trash and not worth my time.

I could see how clicking a video and immediately looking at the like/dislike ratio to determine if you should watch it would be the actual driving force behind this.
 
They can increase the amount of time people watch videos by decreasing the information they have going into them. Just get people to the first ad break before they know how much the video sucks. Thats probably their real goal here

LADS, IT'S GOOGLE.

Disclaimer: Warning, I made this post on Mobile, formatting might be borke.
 
Sources:
ZDnet
Chrome bug tracker
 
Summary:
Ab experimental flag enabled in Chrome by an update bricked Chrome for various businesses running Thin Clients and other Terminal Servers.
 
Quotes/Excerpts:
 
My Thoughts:
OOF. Those environments running Citrix and Thin clients sound like they had a fun week. This was an expensive lesson in redundancy for some businesses and they want Google to be at fault. Whether or not Google should be held at fault is up to you to decide but I personally believe they can't be held fully at fault.

https://www.bleepingcomputer.com/news/software/google-fixes-white-screen-problem-in-chrome-admins-furious/
 
https://www.forbes.com/sites/daveywinder/2019/11/15/google-chrome-white-screen-of-death-browsers-crash-as-google-tests-new-feature/#6075518c1188
 
So to summarize Google tried out a new function causing many Citrix and similar VM systems to utterly fail at loading chrome pages. IT departments are furious that this was done without telling them.
 
 
 
This is concerning that Google apparently things making multi million dollar or larger company servers into test beds without consent. To my mind this should end in Google being fined very harshly and informed if any further instances occur it will be bankrupted and liquidated.
 
May sound harsh and I love free markets but this is playing with other company assets without permission and should be a fast track to bankruptcy. Googles apparently lack of ability to grasp that it is not used solely by windows and android users in desktop markets is staggering. The fact is any IT admin knows once you hit enterprise level things change drastically and single changes can throw entire sections out of whack if done in a ham fisted manner.
 
 
 
This is to me a dangerous president for them to go thorugh and it makes IT admins now have to question if they trust google in their high stakes equipment where stability is a MUST not just a nice feature in their system. I just find this to be very scary that Google apparently thinks there is nothing wrong with this behavior.
 
Edit: edits made to try to better comply with posting guidelines.

Thanks Goodie! Always very lovely threads on our favourite OS :3
 
That said, I'm sad there's no mention on dark mode being extended to the Task Manager yet

Honestly Intel doesn't even have that as an advantage since AMD's consumer platform goes up to 16-cores whereas Intel's goes up to 10.
 
Back when I built my first rig in 2013, I would've never thought AMD would have matured so much that I would actually consider them over Intel. Yet here I am, more than happy with my Ryzen 5 3600X. It's really fun to think about how the industry flipped relatively quickly.

It appears as though someone has benchmarked a 10900X CPU on Geekbench. Best guess based on core count is that this is a HEDT CPU based on Cascade Lake X though that's not entirely clear yet.

 
The 10900X looks like it going to be a direct upgrade to the 9900X being almost identical just with faster clocks.

 
https://www.tomshardware.co.uk/intel-core-i9-10900x-cascade-lake-x-benchmarks,news-61696.html
 
Yawn, another rerelease from Intel. I suppose I shouldn't be surprised at this point.

Basically it gets those 10% from 2 extra cores (10 vs 8 on 9900K). Rather yawn release...

Its still kinda meh since you still need 110/220V AC to 12V DC adaptor because this thing feeds from 12V DC.

99% chance it still needs the normal external bricks they sell. That's just to hook up to the 24 pin and presumably the CPU 8 pin.

Source: https://gizmodo.com/the-clever-tech-powering-the-new-apple-watchs-always-on-1838350997
 
Now, yes Always on Display on a smartwatch has existed before. But those were achieved by adding a second screen or by giving option to the user to have that feature enabled at the cost of significant battery life. Apple figured out a way to integrate two different technology and integrate it in such a way to get the best of both worlds
But the LTPO isn't working alone, and according to Apple
They took their time, and they're not always the first, but when they do it, they do it in the best possible way with a bit of apple magic (aka innovation) and deliver the best widescale mass adoptable technology that sets the standard for everything else.
 
Pfft, Apple doesn't innovate, my ass.
 
In Other Apple related display news, DisplayMate Awarded the iPhone 11 Pro "Highest ever A+ screen tested"
 
Source: http://www.displaymate.com/iPhone_11Pro_ShootOut_1P.htm
Via: https://9to5mac.com/2019/09/23/iphone-11-pro-best-smartphone-display/
Impressive. Now 120Hz Pro-motion display next year, and we've basically perfected the display technology. Intense smartphone competition has truly done wonders to the tech industry in the past decade or so, wouldn't you say?
 
For anyone who wants a refresher on what all Apple Watch is capable of, here's a fun little ad Apple made that I absolutely love
 

https://www.tomshardware.com/news/bitlocker-encrypts-self-encrypting-ssds,40504.html
 
 
In the continuing saga of "don't trust hardware manufacturers", Microsoft has announced that BitLocker will no longer by default utilise hardware encryption.
 
Their reasoning is based on repeatedly finding that hardware implementations often have severe flaws, significantly harming security
 

It isn't, @Princess Luna is incorrect. Only the ability to run code at the target is required, whether it is by physical access or by e.g. tricking the target's owner to run malicious executable.

Why does it require "physical access" to the machine? Of the two articles I've read, both mention the requirement to run a specifically crafted application. If the attack vector is to run the exploit's software, I don't see why "physical access" is necessary. Maybe by "local access" they mean, local admin rights? 

Sources: @valdyrgramr, overclock3d
 
Researchers over at Bitdefender have uncovered a new side-channel attack which impacts Intel x86 processors from Sandy Bridge (2011) and up. This new Speculative Execution attack is called SWAPGS, and has been designated the CVE-2019-1125 name.