How NSA access was built into Windows

Recommended Posts

dvb2000    664

Are you kidding me? NAT doesn't block incoming by choice, its just technically how it works. I could lecture you for a day about NAT translation tables if you want and all the different types of NAT. The fact of the matter is, NAT only allows incoming connections if they're initialised by the client on the end. There is P2P protocols etc, but then again, initialised by the client.


What are you on about? NAT by design DOES block incoming connections, but only because by design it is sharing your internet connection to multiple devices via a private network with private IP addresses.


NAT allows incoming connections by any number of mechanisms, including uPNP and port forwarding. They do not need to be initiated by the client end.

Link to post
Share on other sites
JonnyLH    342

What are you on about? NAT by design DOES block incoming connections, but only because by design it is sharing your internet connection to multiple devices via a private network with private IP addresses.


NAT allows incoming connections by any number of mechanisms, including uPNP and port forwarding. They do not need to be initiated by the client end.

The ideology of blocking incoming connections is a negative and takes away the fundamental point of the internet, an all connected network. It wasn't by design, it is a downfall which was created by the mechanism of saving IP space, but that needed to be completed as they're no IPv4's left in the world. You could not request any IPv4 blocks from organisations like ISOC since 2011, they're all out. You fell into the common misconception that the blocking of incoming connections was a design feature of NAT to boost security on the internal networks. Its actually the opposite, its a side-effect as I've said. It takes away the fundamental point of the internet, something IPv6 would restore. 


My days, I write pages of text explaining why it needs to initalised by the internal host and people just don't read it then claim the same point again. Read my posts. UPnP is sent from an internal host. I can't send a UPnP packet to a public IP address, it'll tell me to get lost.


A real example, your Xbox tells your home router that its using port 3074 and to send any traffic on that port to its IP address. Xbox Live doesn't tell your router. See what I mean? 

Link to post
Share on other sites
The_Observer    293

I Remember when Windows 95 came out and this was on the internet back them, There has never been any real proof of this. But dont get me wrong i think it could be in there but one would think by now something out there would see something and expose Microsoft. 

  • Like 1
Link to post
Share on other sites
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Abhay V
      Samsung might expand Galaxy Tab S7's Second screen feature to more Windows PCs
      by Abhay Venkatesh

      Apple debuted a feature in macOS Catalina called Sidecar back in 2019 that let Mac users extend their computer displays to iPads and other touchscreens. This allowed for users to use the secondary touch and stylus enabled displays – like the iPad Pro – as an input device for the Mac, making it easy to run touch-supported apps on devices without support for such input devices.

      Now, a new report suggests that Samsung is working to bring a similar feature to its flagship Galaxy Tab S7 tablets. The feature, internally codenamed ‘Sidekick’, aims to let users extend their Windows PC screens to the tablets and enable the S Pen to work as an active stylus for the devices. The feature is expected to also support different pressure levels from the S Pen.

      Interestingly, the South Korean giant detailed this very feature – called Second Screen – during the launch of its Galaxy Tab S7 devices. However, at the time, the firm claimed that the feature would work with Samsung PCs and that it will be available later this year. It is not clear if project Sidekick refers to the same feature, or if it is part of an effort to bring support to all Windows PCs.

      While the original announcement suggests that the tablets will connect wirelessly to Windows PCs, it is also not known if the capability will extend to support wired connections. This could greatly improve adoption owing to the addition of support for desktop PCs. Many Windows laptops already offer touchscreen and stylus support. Another advantage for PCs is that users can leverage the tablet’s hardware for input while running resource-heavy creative applications on the desktop.

      Second screen will be enabled for the Galaxy Tab S7 and Galaxy Tab S7+ via a firmware update “later this year”. It will be interesting to see how the company pegs this offering, and if ‘Sidekick’ happens to be more than what the company has already revealed.

      Source: Android Police

    • By Abhay V
      Recent Windows 10 version 2004 Patch Tuesday updates are reportedly breaking WSL 2
      by Abhay Venkatesh

      Microsoft released its regular suite of Patch Tuesday updates to all supported versions of Windows 10, Windows 8.1, and Windows 7 ESU customers yesterday. However, users of Windows Subsystem for Linux 2 (WSL 2) have begun reporting that the updates are causing issues with the environment. The troublesome update seems to be the one released for the May 2020 Update (version 2004), filed under KB4571756.

      Installing the cumulative update that bumps up the build to 19041.508 supposedly causes WSL2 to not load and display an “Element not found error”. It is not clear how widespread the issue is, and if there are any specific configurations that are causing the issue. Users on GitHub report that the problems began surfacing after installing the update, and that uninstalling the quality update fixed the problem.

      Interestingly, though users claim to be able to get WSL 2 working post uninstalling KB4571756, the problem with WSL prompting an error has existed since late July and also plagues users when they try to upgrade from WSL 1 to WSL 2. Another thread suggests that the errors are being served in Insider Preview builds, suggesting that the problem is not specific just to current production versions of the OS.

      It is not clear what exactly causes the issue since it affects multiple versions of the OS. It is also not clear if it was fixed with a previous patch for the production versions that reappeared with the latest round of updates. There are no reports on whether the error is seen on Windows 10 versions 1903 and 1909 since WSL 2 was backported to those versions last month.

      While the known issues on the KB article does not list the WSL 2 problems, a response on GitHub suggests that the company is working on a fix. For those running production builds that rely on WSL 2, it is best to pause the latest updates from installing. The only workaround for those that are facing issues after the update is to uninstall the cumulative patch by heading to Settings > Update & Security > Windows Update > View update history > Uninstall updates and uninstalling KB4571756..

      Source: GitHub via Techdows

    • By Abhay V
      New finding says custom Windows 10 themes can be used to steal users' credentials
      by Abhay Venkatesh

      A new finding shared on Twitter by security researcher Jimmy Bayne points towards a loophole in Windows 10’s themes settings that can let bad actors steal users’ credentials by creating a specific theme to carry out a ‘Pass-the-Hash’ attack. The ability to install separate themes from other sources lets attackers create malicious themes files that when opened, redirect users to a page that prompts users to enter their credentials.

      Windows lets users share themes via the Settings UI by right-clicking on the currently active theme under Personalization > Themes and clicking on “Save theme for sharing”. This creates a ‘.deskthemepack’ file for sharing through email or other sources, which can then be downloaded and installed. Attackers can similarly create a ‘.theme’ file wherein the default wallpaper setting points to a website that requires authentication. When unsuspecting users enter their credentials, an NTLM hash of the details is sent to the site for authentication. Non-complex passwords are then cracked open using special de-hashing software.

      One way that the researcher provided for protecting against such files is by looking for and blocking extensions such as ‘.theme’, ‘.themepack’, and ‘.desktopthemepackfile’. Additionally, BleepingComputer lists a few alternatives via group policy that restricts sending NTLM hashed credentials to remote hosts. However, the publication cautions that doing so could interfere with enterprise setups that require this feature for authentication.

      Image credit: BleepingComputer Bayne adds that these findings were disclosed to the Microsoft Security Response Center (MSRC). However, the bug was supposedly not fixed because it was a “feature by design”. It is not clear if the company does plan on fixing the bug post this disclosure, or if it tweaks the file structure for the themes to prevent bad actors from leveraging it to point to sites that require authentication.

      Considering that most users are logged into their Microsoft accounts in Windows 10, the theft of the credentials also puts users’ linked data – such as email, OneDrive, and even Azure data – at risk. It is best for users to always enable two-factor authentication as a primary form of account security.

      Source: Jimmy Bayne (Twitter) via BleepingComputer

    • By indospot
      Honor introduces new MagicBook and MagicBook Pro with Ryzen 5 processors
      by João Carrasqueira

      During its IFA 2020 event today, Honor introduced three new laptops as part of its MagicBook lineup. These include refreshes for the MagicBook 14 and 15, following up the models from earlier this year, as well as a new MagicBook Pro.

      All of the new devices use Ryzen 5 4000-series processors, but the MagicBook Pro actually has an H-series processor, which is the Ryzen 5 4600H, a six-core, 12-thread CPU with Radeon graphics integrated. It comes with 16GB of dual-channel RAM and 512GB of SSD storage. It has a 16.1-inch Full HD (1920x1080) display with a 90% screen-to-body ratio, and it promises to cover 100% of sRGB.

      In terms of ports, it has three USB 3.2 Gen1 Type-A ports, one USB Type-C port that's used for charging, HDMI 2.0, and a combo audio jack. There's also support for Bluetooth 5.0. As usual for Honor, the camera is hidden inside the keyboard, and you also get a fingerprint sensor in the power button so you're logged immediately when you turn it on.

      The MagicBook Pro weighs in at around 1.7kg, roughly 3.75lbs, which is fairly light for an H-series laptop. It's also 16.9mm thin.

      MagicBook 14 If you don't need that much power, the new MagicBook 14 and 15 are pretty much direct iterations of the laptops launched at MWC earlier in the year. They're now using a Ryzen 5 4500U, which is a pretty major upgrade over the Ryzen 5 3500U, and there's up to 16GB of RAM and 512GB of SSD storage, but the configurations available will vary by country.

      Aside from the display size difference indicated by the name, the two laptops are nearly identical. Both have the same resolution display, and the same ports - one USB Type-C for charging, one USB 3.2 Gen1 Type-A, one USB 2.0 Type-A, HDMI, and a 3.5mm combo audio jack. The biggest difference is the battery, which is much bigger on the MagicBook 14, for some reason - 56Wh versus 42Wh on the MagicBook 15.

      MagicBook 15 The MagicBook Pro, with a Ryzen 5 4600H, will be available in Germany starting on September 7, and in France and the UK on September 8, selling for €899.90/£859.99. You can get promotional offers at launch - €100 off in Germany and France, or a free Honor Magic Watch and Honor Router 3 in the UK.

      The MagicBook 14 will be available in all three regions on September 21 for €749.90/£669.99, and the launch promotion lets you get an accessory of your choice bundled in for free. The MagicBook 15 will be available in early October from €699.90, though UK pricing and launch offers weren't detailed.

    • By Usama Jawad96
      Microsoft is bringing DirectStorage from its Xbox Velocity Architecture to Windows
      by Usama Jawad

      Back in July, Microsoft announced that its upcoming Series X console sports the "Xbox Velocity Architecture". Simply put, this is an umbrella term consisting of four components: the custom NVMe SSD, hardware accelerated decompression, the DirectStorage API, and finally, Sampler Feedback Streaming or SFS.

      Now, the company has announced that it is bringing one of these components, namely DirectStorage APIs, to Windows PCs as well.

      DirectStorage is an API in the DirectX family that is designed to enable developers to establish multiple I/O queues, that will drastically improve load times, latency, and rendering abilities in games.

      Microsoft has explained that with the recent advancements in storage technology such as NVMe, games now load chunks of data at a time only relevant to the scenes that are being shown on screen. While this is a memory-efficient technique and results in considerably detailed rendering of environments, it requires more I/O requests as new chunks have to be loaded with transition in scenes. Meanwhile, current APIs are not designed for these solutions and become a bottleneck even in super-fast NVMe drives.

      This is where the DirectStorage API comes in to play as it allows parallelization of I/O requests which can theoretically eliminate load times altogether. Microsoft states that:

      The company has also stated that given high-speed requirements from demanding games, NVMe is the "storage technology of choice" for next-generation gaming.

      Moving forward, Microsoft is already working with its partners to finish building the DirectStorage API and its supported components. It expects to roll out a development preview for game developers sometime next year.