Share this page!

David Weston (DWIZZZLE) Profile picture
Twitter logo
Jul 15 4 tweets 2 min read
I have gotten to the point where I am maintaining my own forks of firmware and OS for all my routers, switches, and servers. I have a weekend reminder to merge fixes and spin builds - how did i get here.
my home router is now a 100GBe Arista switch running SONIC with NAT github.com/sonic-net/SONi… just need PPOE #dwizzzlecloud
If you want to play with sonic check this out from @ServeTheHome servethehome.com/get-started-wi…
From a security perspective it’s super easy to modify Sonics Debian kernel github.com/Azure/sonic-li… with a patch like github.com/anthraxx/linux…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with David Weston (DWIZZZLE)

David Weston (DWIZZZLE) Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @dwizzzleMSFT

David Weston (DWIZZZLE) Profile picture
Mar 3
@SwiftOnSecurity @BillDemirkapi @mattifestation WDAC policies work on both 10-11 with no hardware requirements down to the home SKU despite some FUD misinformation i have seen so it should be your first choice. Create a policy with the Wizard and then add a deny rule or allow specific versions of Nvidia if you need
@SwiftOnSecurity @BillDemirkapi @mattifestation webapp-wdac-wizard.azurewebsites.net is where you get the Wizard
@SwiftOnSecurity @BillDemirkapi @mattifestation These are all the attributes you can block or allow on: Image
Read 4 tweets
David Weston (DWIZZZLE) Profile picture
Feb 16
Windows 11 now has BY DEFAULT:

✅ TPM
✅ LSA PPL
✅ HVCI with block list updates
✅ credential guard
✅ enhanced sign in (Hello in VBS)

And there’s more…
It’s really burning me up not to tell you about “more”
“Why do I need this TPM thing” TPM is the base for every single layer here that provides credential protection.
Read 5 tweets
David Weston (DWIZZZLE) Profile picture
Jul 16, 2021
This is awesome, Microsoft matches donations to Open Security Training!
donated
I've learning about coreboot over lunch:
Read 4 tweets
David Weston (DWIZZZLE) Profile picture
Jun 3, 2021
I think people are going to excited (and scared) about getting a look at all the vulns in their BMC and SSD firmware with a virustotal-like web submission. With WFH I have been scanning all the stuff on my home network and it’s been enlightening :)
basically if you know how to use virustotal, with Refirm you can now find real bugs in just about any firmware file. Just download it from the mfg site and drag and drop. I think its going to really open peoples eyes, and show what's been ignored for far to long.
unlike most security start ups I have met, @RefirmLabs was no BS and within 10 minutes of meeting with them I could already use their product (on my own) and had an automated pen test report that was approaching the quality of one of our human pen testers.
Read 5 tweets
David Weston (DWIZZZLE) Profile picture
Jan 26, 2021
Just a reminder with Windows (Pro and up) there is a straightforward way to visit sites in a VM with WDAG. This means attackers need a Chrome RCE, Chrome LPE, Bypass of CI, and HV EOP.
You can also use the same tech to create a super-fast throwaway VM with Visual Studio with Windows Sandbox
if you have Windows enterprise you can author a policy to only open trusted sites in Edge/Chrome/Firefox on the host and redirect all other sites into a VM. We have extensions to do this: chrome.google.com/webstore/detai… addons.mozilla.org/en-US/firefox/…
Read 7 tweets
David Weston (DWIZZZLE) Profile picture
Jan 11, 2021
The biggest impediment to security on Linux is the same as Windows. Its currently much too hard for the average person to deploy hardening policies and use hardened kernels. The tyranny of the kernel conf reigns. The reality is a few Linux users will ever touch a conf
you should just be able to say "sudo apt-get hardened-kernel" and be done. Until it gets there the security value will remain hidden
i have been hacking around lately and there is much goodness out there, but MY GOD is it complicated to get this all into a package that works. No one will do this.
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(