hey look, an actually useful orange-site comment, about HP ink cartridge hardware hacking
"Put a resistor, about 1kohm, in the power line to the security chip on the cartridge.
Now, whenever the printer tries to read data from the chip, it works. Whenever it tries to record data to the chip (for example, marking the cartridge as empty), that uses more power, and the memory chip doesn't respond.
Amazingly, the whole setup just works and prints forever, saying the cartridges are always full... "
This string was found by https://wetdry.world/@w - I have confirmed its presence in the Threads APK from apkcombo, "Threads, an Instagram app_289.0.0.68.109_apkcombo.com.apk", sha256 83a1f270aa2447f4e7310072b4d3217f9af8a03b7679b7760db03ff0bbf8e432, valid signature by "C=US, ST=California, L=Menlo Park, O=Meta Platforms Inc., OU=Meta Mobile, CN=Meta Platforms Inc." (rsa-4096 + sha-256, cert expires in 2053)
at offset 0xB7AE in assets/strings/en_GB.frsc
"Soon, you'll be able to follow and interact with people on other fediverse platforms, such as Mastodon. They can also find people on Threads using full usernames, such as <b>@%1$s</b>."
I found the code that is used with that string, in class X.10G (my jadx renamed it to p00X.C10G). A debug string calls it "FediversePromiseViewModel", and it confirms that the threads.net domain will be the one used for activitypub (or at least webfinger).
I found the code that is used with that string, in class X.10G (my jadx renamed it to p00X.C10G). A debug string calls it "FediversePromiseViewModel", and it confirms that the threads.net domain will be the one used for activitypub (or at least webfinger).
#FediBlock threads.net - we have confirmation now!
I just spent a day or so figuring this out, and CVE-2022-41099 is... really stupid...
I decided to call this "push button decrypt".
basically when you boot to WinRE tied to an OS install, keys for the os volume are derived (this is done by having a sha256 hash of a wim in the bitlocker metadata)
anyway, WinRE does not require bitlocker recovery key when choosing to "reset my PC" and "remove everything".
When choosing "just remove my files", winre starts to decrypt the bitlocker volume at ~98%.
Hard resetting (hard power off / power on) here will reboot back into WinRE and show an error.
Clicking OK on the error will cause a reboot back to the OS, and starts windows setup which shows an "upgrade" screen.
...where Shift+F10 works to get a shell, you can then pause the decryption, remove all key protectors, then dump plaintext VMK, decrypt the FVEK with that, and use that FVEK to decrypt a disk image you made earlier.
This is the second time that Shift+F10 in setup to get a shell broke bitlocker.
The fix removes "reset my PC" -> "remove everything" from the list of options that are allowed to start with the osvolume unlocked and without entering a recovery key. (leaving only one in place: startup repair)
Because this is an issue with code running in winre usermode, this affects legacy integrity validation as well as secure boot integrity validation.
@Rairii Great work. Do you think ShutdownWithoutLogon=0 would mitigate this - remove the ability to do a graceful reboot into the Recovery Environment from the lock screen?
if i had a nickel for every anti-cheat vendor whom implemented functionality in their driver to elevate the calling usermode process to PP/PPL, i would have two nickels. which isn't a lot, but it's weird that it happened twice
@Rairii Denuvo Anti-Cheat hilariously tries to ease concern about it being kernel-mode in their FAQ, with one of the questions asking if it's safe. They basically just say "it's concerning, but we need to do it! And also others do it too!" without actually saying that it's safe 🤣
@TheRogueArchivist still amazed nobody's done VTL1 cheats yet, it's theoretically possible. i guess when you can patch hyper-v itself you don't need vtl1
"one of the powerpoint slides actually uses the term "Micro$oft", huh." --> Because the marketing/sales baffoons at Microsoft wouldn't understand the term otherwise, when seen in the wild.
@Rairii keep an eye on the entire "Lemmy verse", particularly the big three/four instances boosted by the reddit migration. there seems to be lots of "just downvote and move on lmao"ers going on