💾 Archived View for gemini.tuxmachines.org › n › 2024 › 08 › 18 › Security_and_Windows_TCO.gmi captured on 2024-08-18 at 19:19:23. Gemini links have been rewritten to link to archived content

View Raw

More Information

-=-=-=-=-=-=-

Tux Machines

Security and Windows TCO

Posted by Roy Schestowitz on Aug 18, 2024

How to Make Your Linux Laptop More Secure in 7 Steps

Programming Leftovers

Wired ☛ Nearly All Google Pixel Phones Exposed by Unpatched Flaw in Hidden Android App

=> https://www.wired.com/story/google-android-pixel-showcase-vulnerability/ ↺ Nearly All Google Pixel Phones Exposed by Unpatched Flaw in Hidden Android App

The issue relates to a software package called “Showcase.apk” that runs at the system level and lurks invisible to users. The application was developed by the enterprise software company Smith Micro for Verizon as a mechanism for putting phones into a retail store demo mode—it is not Google software. Yet for years, it has been in each Android release for Pixel and has deep system privileges, including remote code execution and remote software installation. Even riskier, the application is designed to download a configuration file over an unencrypted HTTP web connection that iVerify researchers say could be hijacked by an attacker to take control of the application and then the entire victim device.

Windows TCO

Tom's Hardware ☛ Microsoft patches TPM 2.0 bypass to prevent backdoored Windows 11 installs on PCs with unsupported CPUs [Ed: This is just Microsoft attacking computer users, and moreover doing it wrong]

=> https://www.tomshardware.com/software/operating-systems/microsoft-patches-tpm-20-bypass-to-prevent-windows-11-installs-on-pcs-with-unsupported-cpus ↺ Microsoft patches TPM 2.0 bypass to prevent backdoored Windows 11 installs on PCs with unsupported CPUs

It has been discovered that backdoored Windows 11 Insider Build 27686 (Dilithium) has a patch that disables the '/product server' command line used by those without a TPM 2.0-supported CPU, permanently skipping the hardware verification process.

gemini.tuxmachines.org