tfw there is a post you know you saw months ago but can't find anymore...
-
tfw there is a post you know you saw months ago but can't find anymore...
Was about someone testing the "secureboot certificate apocalypse" by setting the clock forward & I think everything was fine?
soon: CVE-something: setting clock ahead in bios results in TPM malfunction and unbootable PCs.
PoC code == NTP server using UDP/123 with clock set in 3012
-
soon: CVE-something: setting clock ahead in bios results in TPM malfunction and unbootable PCs.
PoC code == NTP server using UDP/123 with clock set in 3012
@kajer more like: setting clock to the past bypasses certificate expiration check, leading to complete integrity & confidentiality loss
-
soon: CVE-something: setting clock ahead in bios results in TPM malfunction and unbootable PCs.
PoC code == NTP server using UDP/123 with clock set in 3012
@kajer @nyanbinary are you still mad about DEFCON kids?
-
@kajer @nyanbinary are you still mad about DEFCON kids?
957 0-days found!!!!
-
957 0-days found!!!!
@kajer @nyanbinary so, yes, then
-
957 0-days found!!!!
@kajer feels like I am missing a story?
-
@kajer feels like I am missing a story?
@nyanbinary @kajer kajer once got really annoyed about someone involved in DEFCON kids referring to setting the clock on a phone to bypass timers and whatnot for mobile "games" as 0-days
-
R relay@relay.infosec.exchange shared this topic
-
@nyanbinary @kajer kajer once got really annoyed about someone involved in DEFCON kids referring to setting the clock on a phone to bypass timers and whatnot for mobile "games" as 0-days
... I guess technically we have a 0-day if you do that, as in "a day" passing in 0 time? :3
-
@nyanbinary @kajer kajer once got really annoyed about someone involved in DEFCON kids referring to setting the clock on a phone to bypass timers and whatnot for mobile "games" as 0-days
@nyanbinary @kajer he came to my gender repeal party and also we used to play and run CTFs together
-
@nyanbinary @kajer I highly recommend reminding kajer of this in a few weeks once he's forgotten about this exchange.
-
tfw there is a post you know you saw months ago but can't find anymore...
Was about someone testing the "secureboot certificate apocalypse" by setting the clock forward & I think everything was fine?
@nyanbinary Seems like I remember @wdormann or @mjg59 saying something about this. It's been while so I apologize for @'ing either or both of you that didn't post about it.
-
@nyanbinary @kajer I highly recommend reminding kajer of this in a few weeks once he's forgotten about this exchange.
@ryanc @nyanbinary kajer does not forget 0-day countz
-
@nyanbinary Seems like I remember @wdormann or @mjg59 saying something about this. It's been while so I apologize for @'ing either or both of you that didn't post about it.
