What if hackers could time travel? That’s the eyebrow-raising reality of this latest attack, and the FBI wants you to act today.
God that article was a horrible read. So for anyone who wants to skip it…
tl;dr: Hackers are using SSL certs from 2012 and changing the unprotected system clock in order to bypass security measures.
Thank you.
Thank you for taking one for the team.
Its some of the most hilarious titlegore I’ve ever seen in my life
TLDR: encrypt and authenticate your fucking NTP traffic
Upvoted for 2 reasons.
-
I didn’t have to read the article
-
You were at 68 upvotes before I upvoted. Nice!
-
I used the same trick to get around time limits on shareware games back in the day
:)
I can understand (meaning have heard of) not enforcing certificate expirations, but who let’s just anybody set their system date?
Typically the same level of permissions needed to load drivers - which if they’re attacking the system using custom out of date drivers is relevant.
Having users and services at least privileges is one step of attack surface area reduction, but the “better” solution is to make sure that revocation check is enabled and that the compromised cert is revoked by its issuer. Or if it’s an old, unused root, you can ban that root at the machine level.
