they also make extreme examples of anyone threatening to “blow it up”, show the public all the corruption and give freedom to the people. Edward Snowden is an example. Also recently Roman Storm the Tornado Cash dev. These extreme attacks from the government are meant to cause fear so no one dares to do anything like that again.

i forgot about that reason. That’s true I think some people have that as their motive. They are probably thinking that it’s best to not let the beginners know that vpn doesn’t do much on its own or that brave doesn’t actually stop all tracking and won’t necessarily give you a non-unique fingerprint etc. They want to make it look easy to get privacy because if they make it look hard that these simple beginner steps aren’t enough then they won’t even get started and give up.

I think it’s a wrong mindset to have. I don’t think those types of people who give up if they realize privacy isn’t a one click solution are the target audience for privacy. We want the people who can actually spend some time to learn and put in some effort because if they can’t do that then they probably don’t care that much about privacy to begin with.

But its just my opinion not a fact.

I think it’s personal for techlore regarding grapheneos because a few people in the gos community helped him in a way he felt was rude. Then techlore started making lots of bad videos about gos and then maybe he out of cope had to try see some light in google because he alienated himself from gos community. That’s just my guess.

You are right but I think most people would in hindsight say they wished the did more to protect their computer when shit happens. It’s like a camera, you can buy a cheap camera meant to be used for a vacation then thrown away and it’s not worth much but the pictures you have taken are worth a lot as in semantic value, memories you want to keep.

In someones computer they have their entire digital life. Work, personal life, social life, all kinds of data, pictures, banking, investments, crypto, etc. All that is priceless. That’s why ransomware viruses are so effective, people will pay and do anything to get their data back and they all wished they had just done some simple backups and from then on they will probably spend effort on security.

Ahh, very interesting! I think QubesOS only does mitigations, not microupdates. So that’s a point for linux in linux vs qubesos. I need to spend more time learning about these cpu vulnerabilities. One of the things I like about QubesOS is they do many security stuff that many of users don’t know about or understand. For example QubesOS doesn’t use the GPU in the Qubes because an attacker could get control of the GPU and see everything that the GPU renders which means seeing the host (dom0) and all the Qubes.

I guess you can do that on Linux as well by disabling kvm passthrough of the GPU to the VMs.

And maybe disabling hyperthreading like QubesOS does isn’t necessary on Linux if the cpu microupdates from Linux kernel already solves that cpu vulnerability. Many things for me to look into regarding these cpu vulnerabilities.

QubesOS does make compartmentalizing much easier and smoother experience though.

yeah the elites who run the world have limitless money for the lobbying. I don’t think it’s possible to win this war on their turf under their rigged rules. Revolution is the only way but I don’t think that’s a realistic possibility neither. They have so many ways to divide and conquer.

problem is getting everyone to do revolution at the same time. That’s one of the purposes of mass surveillance, they can detect the early beginnings of organization and send them to prison before it grows into a big snowball.

On https://osresearch.net it says Linux kernel has some mitigations but it doesn’t protect entirely.

I hope you are right, it would really make it easier if it’s just an external boot rom flash that is needed. I mean I know that feds can plant chips in the silicon and you wouldn’t find it if they had covert physical access and there’s no glitter nail polish to protect the screws, but in this case they are not the adversary, in this case it’s just random cyber criminals who are the adversary when you buy a second hand laptop.

That article I linked to seems to suggest the malware can persist by hiding in any usb peripheral even camera. I think bluetooth is usb as well if i am not mixing it up with something else but i remember reading bluetooth is actually using usb bus. But anyway you mentioned only the boot rom and EC, you didn’t mention other peripherals so that’s why I’m replying and asking what you know about it. Do you think that linked article is mostly FUD and a bit incorrect when it says a malware can hide in the hardwired webcam or other USB components inside the computer?

Intel ME and AMD PSP, in conspiracy-speak are kinda like government backdoors, closed source, undocumented, with huge control over a processor.

In theory it’s possible that intel me is made to be spyware/backdoor for feds but I don’t think it is because if it was then why are there so many cyber criminals in the world who the feds can’t catch? There are lots of cyber criminals on the top wanted lists and feds want to catch them so badly. And that’s just the non-affiliated cyber criminals, then there are also nation sponsored hackers for example north korea has been in spotlight recently for crypto hacks. And if intel me really was what we fear it could be in theory then usa’s enemies like russia and china would be instantly defeated.

So even if it’s possible in theory because it’s cpu proprietary firmware with its own OS and that’s scary but if it really was abused that way then wouldn’t the world be a completely different situation?

Also, intel wouldn’t need to have a backdoor in intel me. This source puts it well (https://deploy-preview-244--privsec-dev.netlify.app/posts/knowledge/laptop-hardware-security/):

Intel and AMD do not need the co-processor to implement a backdoor - they can simply introduce CPU vulnerabilities like Spectre and Meltdown if they want to. If you do not trust a CPU vendor, the only mitigation is to not use said vendor.

So if you read that article, he says there’s no point in buying an old brick just to be able to disable intel me because of the above quote.

You have to negotiate.

They: Do you have whatsapp?

You: No i hate that app but we can use Rehnijobuboba, heard of that?

They: No and there’s no way I’m installing something I can’t even speak.

You: Ok, you dont want to install that and I don’t want whatsapp, lets meet halfway and use Signal together!

They: Fine.

I have respect for what you’re saying and I would like to think you’re right. I don’t have the experience myself to know, I just listen to what experts like you are saying. But I have also read other experts say worrying things like this (https://www.srlabs.de/blog-post/usb-peripherals-turn):

To make matters worse, cleanup after an incident is hard: Simply reinstalling the operating system – the standard response to otherwise ineradicable malware – does not address BadUSB infections at their root. The USB thumb drive, from which the operating system is reinstalled, may already be infected, as may the hardwired webcam or other USB components inside the computer. A BadUSB device may even have replaced the computer’s BIOS – again by emulating a keyboard and unlocking a hidden file on the USB thumb drive.

Once infected, computers and their USB peripherals can never be trusted again.

What do you think about that?

And if you want to get tin foil hatty. How do you know you werent man in the middled when you bought a laptop from a retailer. What if a bad actor installed or tampered with the new laptop you bought. And now is less secure than a second hand laptop because joe down the street doesnt care what you do with the laptop as long as he gets paid.

That is part of the unavoidable risk. There are some entities we can’t avoid having to place some trust in. But I think the risk is higher buying second hand instead of from a reputable brand and off the shelf. And the previous owner was also at risk of such a mitm attack from the vendor.

Lets say you have your laptop and sombody steals it. Your using LUKS full disk encryption right? Lets say you did for this example, your headers for decryption are plaintext on boot. So a threat actor can use brutforce to crack your disk. You can setup LUKS to have your headers on a separate disk that you take with you. Its the equivalent of taking away a lock and a key. So all the threat actor is left with is a door.

If you have a password with 100+ entity then practically I don’t think we need to worry about bruteforce attack, or am I wrong about that? But you are still making a good point about there being many attack surfaces to defend against, it’s not only about where you buy it from.

It sounds like you’re saying buying used second hand laptops can’t have malware from the manufacturers, only new laptops can but that is wrong.

If you buy second hand you still have that risk of malware from manufacturers and you also have the risk of malware received because of previous owner bad opsec. So if you avoid second hand laptops then your risk is small but with second hand then its bigger risk.

https://osresearch.net

oh, I should have understood that. I’ve read about “usb condoms” before. I wonder why a manufacturer for a charger would have those data carrying lines. Why don’t they just manufacture the connector without those data lines?

If they don’t want to use private communication then just leave it. If you want privacy you have to get used to having a less social life, at least online. That’s the key really, if you want a social life, you have to start going offline, out into the real world and meet people. Get to know your neighborhood a bit or join some outdoor activity or club or something. I know it’s weird at first about going outside because we’re all basement computer nerds but you will find freedom without all the online surveillance when you leave your home.

JK, because next challenge is to convince everyone you meet that they should leave their phones are home and if you thought getting people to use Signal is hard you have no idea because that’s just step 1.

should be able to cut D-/D+ and the SS lines

What do those lines do if they are ok to cut? And why we cutting them?

I also wonder if Boot Guard or USBGuard is enough to protect against a malicious charger. Becuase if the adversaries switch the charger out for their own malicious charger that looks the same but is going to be used to maybe record my password or something, then USBGuard should recognize it’s a different device? And I don’t know enough about Boot Guard, I guess Boot Guard doesn’t help in this situation because Boot Guard is just about during the Boot.

It was a good read, thanks for the link.

Problem for me is which experts do I listen to? The article you linked to says a lot of the experts in the privacy community are wrong (common misinformation). But how do I know who’s actually wrong? If two experts are arguing with each other, how do I know who’s right? I would have to become an expert as well before I can know that, or I have to go with the majority and hope they’re right.

There’s so much going on at boot, pre-boot, post-boot and everything, it’s tough to learn. Boot guard, intel txt, TPM, heads, etc. They all sound like they are doing same thing. And sometimes people use words like DRTM but they are talking about intel txt because txt is srtm or something like that. I’m just saying it’s difficult to learn about all this.

I guess there’s just no shortcut really. I am just going to have to keep reading and slowly and steadily keep learning about this until I become an expert as well.

I did some research about usbguard. usbguard is userspace so its basically to protect from yourself or something or if you leave the computer running when you go out it can help protect it. I think biggest reason to use usbguard is if you are admin of other peoples linux desktops which seems unusual.

I also read during my research that blocking or allowing specific USB device classes and device IDs is possible with usbguard, however generic lists can easily be bypassed.

This topic is really about protection against a physical access attacker when you leave the laptop powered off. I don’t think usbguard helps against that because it’s userspace.

A modified thumb drive or external hard disk can – when it detects that the computer is starting up – boot a small virus, which infects the computer’s operating system prior to boot.

But pre-boot attacks may be prevented by use of a BIOS password and booting only to the hard drive.

So maybe this means that Heads or trenchboot isn’t even necessary to protect against usb attacks when you leave your computer turned off. Just need to set a BIOS password and configure bios to only boot the HDD.

But I’m not a hacker so I don’t have experience to know if there’s any other way around this protection. But glitter nail polish would at least give evidence of tampering if the way to hack around this protection requires unscrewing the laptop to open it up.

Problem is first party tracking. Blocking is just against third parties. For first party tracking you are just going to have to use tor browser.