Hardware Vulnerabilities…

Right now a lot of the Gen 2 and earlier Intel “Core iX” chips are on the secondary market, along with their Xeon server brethren. These represent an amazing amount of “bang for buck” but also come with some hardware vulnerabilities.

With the “Vault 7” release by Wikileaks people are talking again about computer and network vulnerabilities. The truth is that ALL systems are vulnerable, just that these older processors have much more available documentation on their vulnerabilities. This also means that the BIOS updates needed to minimize these vulnerabilities are also out there. I’m typing this out on a second gen core i5 laptop, and have no problems accepting my risk level using this hardware. Yes I could get a newer laptop without the vulnerabilities the current laptop has, but I’m at the point where if someone wants to compromise my laptop, they are REALLY putting in some work to do so.

What I really want people to take away from this post, is that “digital security” is a moving goalpost. Older hardware is still good and useful for most people (the exception here is when you are a business and hardware vulnerability exploitation by an attacker would cost you way more than simply buying hardware without that vulnerability). With good software security and patch management you can minimize your risks as an individual.

Now…all this advice about being ok with older hardware comes with a cost, YOU need to know what you are doing. If you are going to rock out a five year old laptop as an investigative journalist and you want to protect your sources, you really need to use an operating system other than Windows that is designed for security. It won’t stop a nation state level attack, but it will make them work for it.

Oh..and as far as exactly how much of a bargain are those older chips? Plenty of quad core xeons in the 2 to 3 gigahertz range for less than the cost of a decent meal out, and even a few dual processor motherboards for less than a hotel stay for a night. Simply put you can now slap together a 16 process thread capable computer for under 100 bucks (before shipping at least). That’s an amazing value, and computer enthusiasts can really do some cool stuff with that much processing power.

Comments are open.

Advertisements
This entry was posted in Uncategorized. Bookmark the permalink.

2 Responses to Hardware Vulnerabilities…

  1. DW says:

    Nice post on using tech that is a bit older, I second your motion! The older tech is especially good for building cheap small servers for testing, mucking about online and also air-gapped stuff. Combine the cpu’s and chips with sata drives – 4TB available for under $125. You can store a lot of data locally, no need to give it to the man by using the cloud.

    Interested in your take on Vault7?

    The captains journal:
    http://www.captainsjournal.com/2017/03/07/wikileaks-issues-a-beatdown-to-the-cia/
    nicely summarizes my feelings, but as a developer – my good friends at the Register have a detailed write-up on the downloaded info:
    http://www.theregister.co.uk/2017/03/08/cia_exploit_list_in_full/?page=1

    As mentioned the 4th amendment is basically toilet paper now to our government, yet the American Serfdom seems not to care. Pass the doritos and put on the game? Very disconcerting.

    Like

    • rthtgnbs says:

      I would feel comfortable saying that even the most outrageous claims about the capabilities exposed by Vault 7 are in fact a reality. Not because the CIA is so awesome, but because people don’t update vulnerable systems in a timely manner. It is much easier to spy on Suzy Soccer Mom than it is to infiltrate the KGB running triple stateful firewalls with multiple honeynets and modern triple A authentication.

      Security and usability are really the same thing. Secure means only one authorized user, and usability means everyone. And once you connect a computer to a network, it is never truly “secure” ever again.

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s