In 2017, I had stumbled on an issue with Facebook: while you are entering your password, adding a superfluous extra character at the end of the password would STILL allow you to login to https://Facebook.com.
Continue reading “Does Facebook store passwords insecurely?”Category: Computing
Spy Craft of the 22nd century: Quantum Entanglement
I’m not a I’m not a quantum physicist, nor a computer scientist. But Microsoft released this video a few months ago which sparked a thought.
While they were quick to point out the obvious benefits of “teleporting” the quantum state, i.e. the computational results, from one pair of entangled qubits to another.
This quickly begged the question: given the hyper-advanced nature of supply chain attacks (see Israel planting explosives in the pagers of Hezbollah operatives, recently), could a nation-state simply take entangled qubits of an adversary’s quantum computer and see what it is they are working on at any given time? Further, could communications networks be compromised for real time ‘eavesdropping,’ so to speak? Perhaps not even internationally, but perhaps in an intelligence gathering platform akin to the NSA’s own PRISM program? If there is, according to some theories, no limit to the number of particles that share an entangled state, nobody would know if you simply “cloned” a few more, right?
Am I understanding that well enough? Or would it not be the Qubits that become entangled, and only the ‘data’ that flows through them?
I’m not the person to write the research paper on this topic. But I certainly hope someone out there will produce it – because I would love to read through it. Just an interesting thought I had with an eye on the future. Whether that future is 20 years, 50 years, or even further out is another question.
Robo & Kala 2 in 1 Laptop Review
Back in September, I purchased the Robo & Kala 2 in 1 Laptop. I was looking for tablet that specifically ran Windows. Unfortunately, Windows tablets are few and far between, and those that exist are quite underpowered. That’s not to say that this device is a powerhouse, and we’ll talk about that more in a moment. But I was about to travel internationally for the first time in many years, and I was looking for a laptop that met two important requirements: battery life, and lightweight.
Continue reading “Robo & Kala 2 in 1 Laptop Review”Gaining Command Prompt access on a Windows Computer that has never been set up
I sometimes work in an environment that has reasonably tight security requirements. One of those requirements as that a device’s MAC Address / Hardware Address be entered into a table on the router before it can be assigned an IP address.
I recently showed up on site with a brand new in box Surface Pro 9, but I had no idea how to get the MAC Address of the device because I could not log in and open a command prompt. Or so I thought.
I got to the wifi screen telling me to create a connection, then pressed “Control+Alt+Escape” which brings up Task Manager. Although it did not appear on my screen, I suspected it was running behind the overlay locked to the forefront of my screen. I pressed “Alt+Tab” and was able to confirm my suspicion. I then used the keyboard combination of “Alt+F” to open the file menu, pressed Enter knowing that “Run” was highlighted, typed “cmd” and pressed enter to open a Command Prompt window. All of this was happening behind the “Let’s Connect You to a Network” screen, but as veteran of the keyboard era of Windows, all of this was second nature to me.
From there I was able to run the familiar ipconfig /all command, then, with the help of my phone’s camera, I could take a photo of the output of the command prompt and see the MAC Address that I was looking for.
This was convenient enough, but the thought of just being connected to wifi without ever logging in to the machine and then being able to take advantage of this “defaultuser0” account to open a terminal, and then utilize wget to download and execute potential malware before the computer has ever even been set up… fascinating. I’m sure this isn’t “breaking news” to anyone, infact the feature is probably left in, intentionally, for cases just like my original issue! But it does force me to take pause and think of what I can do with this.