27 days of security

can you trust your hardware?  You’ve probably seen the headline about chips embedded into motherboards of computers used by Apple and others.

But before we start unplugging all of our computers and going back to paper cups and string as our communication means, there are also numerous stories that the article has holes in it.  For example… statements from the vendors.  Questions about the reporting from others.

But now there are stories that it’s not just hardware but firmware updates.  So how can you trust hardware when so much of it is built in a Country (and I’m going to be less than diplomatic here) has a history of being less than transparent?

And how do you know if you have a system that has such a backdoor?

There are several tools I use to better understand what is going out of my system, but none of them are easy to understand.  Some are cheap (free), but take a rocket scientist, of which I am not, to understand.

Ranging from tools like wireshark (free) that allow you to view the packets leaving your system, to Windows defender Advanced threat protection that give Windows 10 E5 users (yeah, not cheap) the ability to view in a console what is going on in your system helps me to better understand what is going outbound from my computer.

What is a bit disconcerting is that all of this information that we, the computing public, need to better understand what is happening to our systems is getting more complicated, not less.  Furthermore, our vendors are making it harder to get answers from our own systems.  While Windows 10 has a relatively new (in 1803) diagnostic data viewer, pretty much only a Microsoft engineer can understand it.

So what’s a computer user to do?  Today I don’t have a good solution for us.  Seeing and viewing outbound traffic and understanding it isn’t easy.  I hope that someday Microsoft will put Advanced threat protection in all versions of Windows.  The best I can recommend is get a gut feel for your system.  Open up the task manager and view what processes are running.  Note when your system “hits” the hard drive and what you are using at the time.  See if you want to tackle understanding Wireshark.  And then just kinda freak out a bit reading those articles.

I told you this would be 31 days of paranoia!