loader from loading.io

Using TPM to Secure Windows and Linux Operating Systems plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Release Date: 10/16/2020

AS HEARD ON - The Jim Polito Show - WTAG 580 AM: Computer Repair, Hunter Biden's Laptop and Scully's Tweet  show art AS HEARD ON - The Jim Polito Show - WTAG 580 AM: Computer Repair, Hunter Biden's Laptop and Scully's Tweet

Craig Peterson - America's Leading Security Coach

Welcome! Good morning, everybody. I was on WTAG this morning with Jim Polito.  We got into a lengthy discussion about Hunter Biden and the legitimacy of the emails and how to tell, also about computer repair shops and then a little about Steve Scully's tweet and his lies about it. Here we go with Jim. For more tech tips, news, and updates visit - ---  Automated Machine Generated Transcript: Craig Peterson: [00:00:00] That is a dead give away and these news agencies such as Fox who have seen both emails, I'm sure dug into it because they said these emails were legitimate because we...

info_outline
AS HEARD ON NH Today WGIR-AM 610: Election Security and Federal Warning about Nation-State Actors accessing Vulnerabilities show art AS HEARD ON NH Today WGIR-AM 610: Election Security and Federal Warning about Nation-State Actors accessing Vulnerabilities

Craig Peterson - America's Leading Security Coach

Welcome, Good Monday morning, everybody. Craig Peterson here. You will find here a different host this morning on NH Today. Jack Heath has moved on to another radio group. I was on with Scott Spradlin. We discussed election security in the light of revelations by the FBI and DHS about Nation-State Actors accessing our election systems through known vulnerabilities. Here we go with Scott.  These and more tech tips, news, and updates visit. -  ---  Automated Machine Generated Transcript: Craig Peterson: How vulnerable are the web pages where these final tallies are as well. So...

info_outline
Trojan Worm Infecting Republicans through Phishing Scam plus more on this Tech Talk with Craig Peterson Podcast show art Trojan Worm Infecting Republicans through Phishing Scam plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses a new Phishing Scam that is targeting Republicans with a legitimate email but that adds an attachment with a nasty trojan payload.   For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Hi, everybody. We're going to be talking about some new Trojan malware that targets Trump supporters. Some new tools that are out there. Ransomware being paid by one of the country's biggest online providers right here. Hey everybody. I'm Craig Peterson. Today we are going to with no...

info_outline
Security Tools You Can and Should Use plus more on this Tech Talk with Craig Peterson Podcast show art Security Tools You Can and Should Use plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses one of the security tools he uses and why you should use it too. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Remember everybody, don't open those email attachments.  I'm going to talk about a new tool released out there that if you're involved with security, you probably need it. So here we go. Hi everybody. Craig Peterson here.  I want to talk right now about this great tool that I've been using for decades now, I think. It's called Nmap. Now it's something that I...

info_outline
Ransoming Local and State Governments plus more on this Tech Talk with Craig Peterson Podcast show art Ransoming Local and State Governments plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses why State and Local governments are getting ransomware and who is actually at fault. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Hey, Tyler technologies, you might not have heard of them, but you've almost certainly use them. And we'll tell you why they got nailed by these human-operated ransomware pieces that are floating around there as part of phishing expeditions. Here we go. Hey, thanks for joining me. This is Craig Peterson of course. Tyler technologies, you might not...

info_outline
5G Speeds and What is Really going on plus more on this Tech Talk with Craig Peterson Podcast show art 5G Speeds and What is Really going on plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses 5G and explains how it works why what you may have heard about 5G speeds might have a bit misleading. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Are you as excited about five G as I am? I got some good news and I got some bad news and we're going to explain 5g here because five G, isn't five G, isn't five G.  Why is Europe so much faster? Hey everybody. Thanks for tuning in. You're listening to Craig Peterson. five G held open a couple of different promises. One of the big promises of five G was...

info_outline
 Uncovering the Mystery of Disk Encryption plus more on this Tech Talk with Craig Peterson Podcast show art Uncovering the Mystery of Disk Encryption plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig helps to unravel the mystery behind disk encryption and tells you what you need to know. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Hey, welcome back in this hour, we are going to be talking about security, hardware, security. You might not be aware of it. we're going to be talking about trusted platforms and hardware, encryption, and keys because this is the only thing that's really going to protect you.  Thanks for listening. I'm Craig Peterson. Let's talk about that security....

info_outline
Apple's T2 Vulnerabilities plus more on this Tech Talk with Craig Peterson Podcast show art Apple's T2 Vulnerabilities plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses the vulnerabilities in Apple's T2 Chip. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Hey, if encryption has been really messing you. I'm trying to figure out how do I make these things safe? What is data at rest? What is Data-in-flight? How come we have disc encryption at the hardware level? What does it mean to have a TPM, the T2  what's Apple doing that's what we're talking about right now. Hi everybody. Craig Peterson here. Welcome back. So glad to have you.  I...

info_outline
Using TPM to Secure Windows and Linux Operating Systems plus more on this Tech Talk with Craig Peterson Podcast show art Using TPM to Secure Windows and Linux Operating Systems plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses the uses of TPM in securing Windows and Linux For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] We're going to delve now into the idea behind keeping your data safe on your disks and what are the different regulations about it? Cause there's a few right now that you need to know about. Hi everybody. Welcome back, Craig Peterson  We're talking today, at least this hour about security because of a major security problem that was announced this week, about Apple's security chip,...

info_outline
Business PCI Compliance and Android Ransomware plus more on this Tech Talk with Craig Peterson Podcast show art Business PCI Compliance and Android Ransomware plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses PCI DSS Compliance in businesses and the increasing problem with Android ransomware. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] If you have a business that takes credit cards if you. Ever go into a business or use a business online that takes credit cards. There are some special rules that you need to follow called the PCI standards. We'll talk about it. Hi, welcome back. This is Craig Peterson here. Verizon. I'm not sure if you've seen these before, but Verizon has...

info_outline
 
More Episodes

Craig discusses the uses of TPM in securing Windows and Linux

For more tech tips, news, and updates, visit - CraigPeterson.com

---

Trojan Malware Targets Trump Supporters

Nmap 7.90 released: New fingerprints, NSE scripts, and Npcap 1.0.0

Tyler Technologies finally paid the ransom to receive the decryption key

5G in the US averages 51Mbps while other countries hit hundreds of megabits

Appleā€™s T2 security chip has an unfixable flaw

Verizon Payment Security Report is a Wake-up Call: Time to Refocus on PCI DSS Compliance

Android Ransomware Has Picked Up Some Ominous New Trick

---

Automated Machine-Generated Transcript:

Craig Peterson: [00:00:00] We're going to delve now into the idea behind keeping your data safe on your disks and what are the different regulations about it? Cause there's a few right now that you need to know about.

Hi everybody. Welcome back, Craig Peterson 

We're talking today, at least this hour about security because of a major security problem that was announced this week, about Apple's security chip, the T2 chip.  not a very good thing, frankly and so going through all of this right now and we're going to move upscale just slightly here.

I love this quote here. It was in ARS Technica this week, and it is from a gentleman who worked for the NSA his name's Patrick Wardle. He's an Apple security researcher at the enterprise management firm JAMF JAMF.  I've talked about them on the show before they have some great management software.

He's also a former NSA researcher. And he said I had already assumed that since T2 was vulnerable to CheckM8 Check M eight. It was toast.

He said, okay, there really isn't much that Apple can do to fix it. It's not the end of the world, but this Chip, which was supposed to provide all this extra security is now pretty much moot. So it's, an interesting time here.

Wardle points out that for companies that manage their devices using Apple's activation lock and find my features, the jailbreak could be particularly problematic, both in terms of possible device theft and other insider threats. He knows that the jailbreak tool could be a valuable jumping-off point for attackers looking to take a shortcut to develop potentially powerful attacks Quote you likely could weaponize this and create a lovely in-memory implant that by design disappears. On reboot. By the way, that is a very common method now for much of the smell where it's memory resident, there's no sign of it on disc. It never hits the disc. So your antivirus software, ain't gonna find it because when it scans the disc, it's just not there. It's just amazing. So the bottom line here is building in hardware security mechanism is always a double-edged sword. That is true, not just of the Apple side, but over on the windows side and the union Linux sides, there's something called a trusted platform module also called TPM. This is an ISO standard here. It's standard for a secure cryptoprocessor. Just like that T2, it is a processor. It is a computer and it's designed physically to be almost impenetrable. I call it elephant snot. It's that really hard epoxy that they put onto the chips so that you can't get into the chip without destroying it. There are other methods for it as well, to try and keep that data safe.

But it's been around now for quite a few years, the most recent edition of it came out in about 2016. There've been a few errata, but it is designed to have a hardware, random number generator. Now that's important because having a secure cryptographic key, it means you have to have a very good source to generate that key with, and that means a very good, random number generator. Most processors aren't that great, man. I could talk for hours about the problems we've had over the years of these types of things. That's the whole idea behind the trusted platform module. It can also store those keys. It can also identify itself and the computer uniquely, which is very handy when you are trying to log in, you can use the TPM to help to identify the machine. It has bind keys. It's public key cryptography. It's an RSA key and ceiling as well. So it allows the TPM to be used or not be used. I'm trying to keep this pretty simple. Department of Defense is now specifying that all new computer assets that are purchased by the DOD must include a TPM or a trusted again remember platform module that is version 1.2 or higher.  There are details on that. You can look those up, but I've gotten to say no matter who you are, what business you're in, you really should make sure the computer you buy has a TPM in it. Now we have seen security problems with TPMS by certain vendors. They've fixed them, just like this T2 problem with Apple. I'm sure it'll be fixed. By the way, the T1 chip from Apple does not have this problem, it's just the T2 chip, but the whole TPM is really there to help ensure the integrity of the platform. In other words, the operating system, the hard desk, the encryption for the heart.

So if you're using BitLocker on Windows, it works best with a TPM. So BitLocker and windows will encrypt the desk using the key that is generated by and stored in the TPM on the machine.

So write that one down and in my cybersecurity mastery course. We talk about BitLocker and how to use it and TPMs and how to just select those.

Also nowadays, you're going to find the newer computers no longer have bios in them. You probably already figured that one out. Most of you guys, right? You are the best and brightest out there. But they have UAF, I mentioned earlier, that's the unified extensible firmware phase to boot.

So the UEFI works with the TPM to create this kind of circle of trust crust if you will. It's absolutely phenomenal. So Linux has its own little thing called the unified keys set up. I already mentioned BitLocker's private core and various other things. Full disk encryption. Very important.

There are utilities to do that again on Apple. It's very easy to set up full disk encryption in all these cases here where you should be using your TPM or T2 chip in order to do that. The authentic catered mechanism. It just me authentication mechanism in. The software can be hacked in hardware.

Usually can't be hacked. What have we just been talking about for the last half hour? yeah. Hacking the hardware. But that's what the TPMS is all about. That's what gene to do. There's discreet, TPMS, there's TPMS that are built right onto the motherboard. And, there are also some that run as software-only solutions inside the CPU itself.

That's part of their trusted execution environment. Not really fond of those. But now, you know what to look for. There are other things as well that we go through a lot of other things in the cybersecurity mastery course. But, one more thing before we go. And that is we talked about encryption on the hard disk level.

So the physical hard disk itself can have encryption, which is great, but that encryption is really only useful for when you are getting rid of that disk. So you destroyed the key by removing a jumper or shorting out a jumper and now that disks data is effectively destroyed. And the disk can actually be reused again.

Certain standards, federal government standards. we have a system that literally melts the aluminum platters right down. It's Kiln. I forgot what you call these things, but a very hot, yeah. Over a thousand degrees, but for a regular business computer, you're not going to have to worry about that.

You need to also have a TPM and make sure that on top of that you are using BitLocker or some other type of encryption. And when you get. Way up there into the CMMC as part of the department of defense standards or the 800-171 standards from NIST, then you have to have special key management remotely that has a different key for every desk.

And it gets pretty complicated pretty quickly, but the whole idea is to secure your data and remember. Just because it's all encrypted doesn't mean it's safe from hackers. 

We should talk about that at some point, but when we get back, we're going to talk about, but our final two final do articles of the day, listening to Craig Peterson, and you'll find me online at craigpeterson.com.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553