Category Archives: New Technology

NetCAT – a new side-channel vulnerability. Who should be concerned?

15 September 2019

Swati Khandelwal’s report (1) on NetCAT, published on 9/11/2019 in The Hacker News, scared me somewhat. Security researchers (2) from the Vrije University in Amsterdam discovered a new type of side-channel attack in Intel server processors which can be exploited across the network. This is really frightening.

As always in the case of hardware vulnerabilities, NetCAT is broadly discussed in the security community. A Google search for “CVE-2019-11184” shows 6.340 hits (as of 9/14/2019 8 pm).

CVE-2019-11184 CVSS V3 Specification

CVE-2019-11184: CVSS V3.1 Specification

Intel (3) classified CVE-2019-11184 as follows: CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N

Attack vector Adjacent is defined in the CVSS V3.1 specification document as follows: “The vulnerable component is bound to the network stack, but the attack is limited at the protocol level to a logically adjacent topology.”

With this, the attacker must have compromised the network before he can start the attack. In addition, the attacker must compromise “a machine which communicates over RDMA to an application server that supports DDIO”.(2)

So, NetCAT is not that dangerous than the reports suggest.

What goals can be achieved by exploiting this vulnerability?

In secured networks with latest patches applied, this technique can be used to spy on all kind of secrets, e.g. the passwords of high privileged accounts, for the complete takeover of the network.

What organizations should be concerned?

CVE-2019-11184 Threat Landscape

CVE-2019-11184 Threat Actor Targets

My conclusion: From a technical point of view, NetCAT shows again the shortcomings of the current processor architectures. Regarding the applicability in attacks, NetCAT is somewhat overestimated.

Have a great weekend.


References

  1. Khandelwal S. NetCAT: New Attack Lets Hackers Remotely Steal Data From Intel CPUs [Internet]. The Hacker News. 2019 [cited 2019 Sep 12]. Available from: https://thehackernews.com/2019/09/netcat-intel-side-channel.html
  2. Kurth M, Gras B, Andriesse D, Giuffrida C, Bos H, Razavi K. NetCAT: Practical Cache Attacks from the Network. 2019. Available from: https://www.cs.vu.nl/~herbertb/download/papers/netcat_sp20.pdf
  3. Intel Security Center. INTEL-SA-00290 [Internet]. Intel Security Center. 2019 [cited 2019 Sep 12]. Available from: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00290.html
Advertisements

Think Before You Sync. Why just moving to the cloud does not solve the ransomware threat.

27 July 2019

On May 7th, 2019 the city of Baltimore was hit by a ransomware attack.  Although the city hired Microsoft and five other firms it has not fully recovered from the attack yet.(1)

Since the city’s email system was down officials started to use Gmail accounts for communications.(1)(2) This makes sense in the case of an emergency. Not communicating in the case of a publicly visible cyber-attack commonly has a large financial impact on businesses; but in the case of cities this may result in the loss of public security.

The ransomware attack on Norsk Hydro on March 19th, 2019 impressively shows the effect of good communications(3)(4): Investor’s confidence was not endangered at any time, the share price remained unchanged.

But from a strategic point of view, just moving to the whatever cloud is not a good idea. Google’s idea behind ChromeOS was simply clever: If everything (applications and data) is stored in the cloud the impact of e.g. ransomware will be negligible because the malware cannot jump across the https barrier to your cloud storage. The same holds for O365.

Unfortunately, users are not used of this way of working in the browser. It’s often slow, requires a change in working habits, travelling requires extra preparation, etc. So, Microsoft invented OneDrive and Google came up with Sync for Windows. Similar tools are available for Box and DropBox, and for all desktop operating systems, even for Linux.

Linux Setup Online Accounts

Linux setup online accounts during first login

With these syncing tools, the data stored in the cloud is made available on the user’s desktop. Changes to local files are synchronized immediately to the cloud and vice versa. And with this, the ransomware problem still exists because if a ransomware encrypts the synchronized files on the local copy the change is immediately synchronized to the cloud.
Game over.

So, if you want to take advantage of the cloud you have to run a vast change project: The whole working environment with all forms, templates, etc. must be provided in the cloud. And the employees must get used of the new way of working.

We need change!

We need change!

But the effort pays off: Your network becomes more resilient against cyber-attacks, workstations can be easily exchanged, the endpoint complexity can be reduced, windows domains and in the end, the campus network, will become dispensable.

So, think before you sync!

Have a great weekend.


  1. Duncan I. Google Pitches to Baltimore after Ransomware Attacks [Internet]. Government Technology. 2019 [zitiert 27. Juli 2019]. Verfügbar unter: https://www.govtech.com/computing/Google-Pitches-to-Baltimore-after-Ransomware-Attacks.html
  2. Cyber-spies tight-lipped on Baltimore hack. BBC News [Internet]. 27. Mai 2019 [zitiert 27. Juli 2019]; Verfügbar unter: https://www.bbc.com/news/technology-48423954
  3. Norsk Hydro. Update: Hydro subject to cyber attack [Internet]. 2019 [zitiert 24. Mai 2019]. Verfügbar unter: https://www.hydro.com/de-DE/medien/news/2019/update-hydro-subject-to-cyber-attack/
  4. Norsk Hydro ASA. Norsk Hydro: Update: Hydro subject to cyber-attack – 19.03.19 – News – ARIVA.DE [Internet]. de. 2019 [zitiert 24. Mai 2019]. Verfügbar unter: https://www.ariva.de/news/norsk-hydro-update-hydro-subject-to-cyber-attack-7476743

The 5G security debate in Germany gains momentum

2 February 2019

Report ‘Deutsche Telekom proposes steps to make 5G safe as Huawei debate rages’ (1) published on January 30, 2019 by Reuters Technology News makes clear that at least the German government and the Deutsche Telekom started to discuss 5G security issues.

“Deutsche Telekom takes the global debate on the security of network equipment from Chinese providers very seriously,” the company said in a statement that spelled out three confidence-building measures.

The company, which is nearly one-third state owned, proposed that all critical infrastructure should be independently certified before deployment by an independent laboratory under state oversight.”

That sounds good.

“It also called for network equipment makers to submit the source code that runs their equipment to a trusted third party. Under certain circumstances, an operator would be able to gain access to address any security vulnerabilities.”

From my point of view, this is not sufficient to increase trust in Huawei’s hard- and software. Moreover, it is also not enough to investigate Huawei hardware and software only. If it comes to matters of national security we should trust no network equipment supplier.

Hardware and source code of all vendors must be verified by an independent organization. Only verified hard and software versions are approved for installation and operations. In addition, a technical testing organization must oversee the installation of hardware and software to make sure that only verified components are installed.

I strongly recommend that the German government should found an independent firm for certifying the software and hardware of any network equipment supplier involved. A trusted German partner should hold a share of at least 51% in this company. Goal of this company is not spying on the suppliers know how, but to create trust in a critical infrastructure.

View on Saargau

View on Saargau from 49.596700, 6.618173

Without trust in the 5G network infrastructure, service providers will not take full advantage of the technology. This will throw back the digitalization in Germany, and thus the German economics, by years. Internet access with 2 MBit/s, the standard in the rural German area Saargau, is definitely not enough to be competitive in the long-term, not to mention for self-driving cars or remote surgery.

Enjoy the view on Saargau.


References

1. Busvine D, Rinke A. Deutsche Telekom proposes steps to make 5G safe as Huawei debate rages. Reuters [Internet]. 2019 Jan 30 [cited 2019 Feb 2]; Available from: https://www.reuters.com/article/us-usa-europe-huawei-tech-deutsche-telek-idUSKCN1PO26K

Sorge um Datensicherheit im 5G-Mobilfunknetz– Berlin erwägt Huawei beim Netzausbau auszusperren

20. Januar 2019

Seit einigen Wochen häufen sich die Berichte in der Presse über Zweifel an der Vertrauenswürdigkeit des chinesischen 5G-Technologielieferanten Huawei. Australien(1) und Neuseeland(2) haben Huawei bereits als Technologielieferant ausgeschlossen, Großbritannien(3) hat erhebliche Zweifel an der Datensicherheit der Huawei Technologie.

Auch in Deutschland wird diskutiert, Huawei vom 5G-Mobilfunknetzausbau auszuschließen. Friedolin Strack, Sprecher der Geschäftsführung des Asien-Pazifik-Ausschusses der Deutschen Wirtschaft, stellt in einem Interview mit Felix Rohrbeck in der Zeit Nr. 1/2019(4) die Vertrauensfrage: „Es wäre Quatsch, Unternehmen wie Huawei grundsätzlich von europäischen Aufträgen auszuschließen. Aber im besonders sensiblen Bereich der neuen Mobilfunk-Infrastruktur muss man sich schon fragen, welchen Partnern man vertrauen kann.“

Friedolin Strack liefert im Interview Lösungsansätze für die Schaffung sicherer Kommunikationsnetze: “Konkret gibt es zwei Möglichkeiten, sichere Telekommunikationsnetze in Deutschland zu gewährleisten: zum einen über die Gestaltung der Ausschreibungen für die Vergabe der 5G-Frequenzen. Oder man passt einfach das Telekommunikationsgesetz an und verpflichtet die Betreiber auf Technologien, die Datensicherheit gewährleisten. So hat das beispielsweise Australien gelöst.”

“Technologien die Datensicherheit gewährleisten” – das klingt vielversprechend, ist jedoch nicht “einfach” per Gesetz zu erzielen. Zudem ist nicht klar, was im Umfeld der 5G-Plattform unter Datensicherheit zu verstehen ist.

Das BSI Glossar der Cyber-Sicherheit definiert Datensicherheit(5) wie folgt:

“Mit Datensicherheit wird der Schutz von Daten hinsichtlich gegebener Anforderungen an deren Vertraulichkeit, Verfügbarkeit und Integrität bezeichnet. Ein modernerer Begriff dafür ist Informationssicherheit.”

Friedolin Strack reduziert Datensicherheit auf Vertraulichkeit. Aus Sicht der deutschen Wirtschaft ist dies nachvollziehbar. Der Schutz von geistigem Eigentum ist die Grundlage für den Erfolg der deutschen Unternehmen auf dem Weltmarkt.

Im Umfeld der 5G Plattform ist Vertraulichkeit hauptsächlich auf 2 Ebenen relevant:

  1. Gewährleistung der Vertraulichkeit der Teilnehmerdaten.
  2. Gewährleistung der Vertraulichkeit der Nutzdaten, die Teilnehmer über die Plattform mit anderen Teilnehmern oder Diensteanbietern austauschen.

Die Vertraulichkeit der Teilnehmerdaten ist von den Serviceprovidern zu gewährleisten. Der Lieferant der Plattformtechnologie sollte im Idealfall nicht auf Teilnehmerdaten zugreifen müssen.

Technologien zur Sicherung der Vertraulichkeit der Nutzdaten sind bekannt und unabhängig von der Plattform umsetzbar. Die Ende-zu-Ende Verschlüsselung(6) ist die bevorzugte Lösung. Hier erfolgt die Ver- und Entschlüsselung der Informationen auf den Endgeräten der Teilnehmer. Solange der Plattformbetreiber keinen Zugriff auf die Schlüssel hat ist die Vertraulichkeit gewährleistet.

Voraussetzung für die Ende-zu-Ende Verschlüsselung ist die Bereitstellung einer sicheren Schlüsselverwaltungsstelle, die die Online-Identitätsprüfung der Teilnehmer ermöglicht und die öffentlichen Schlüssel der Teilnehmer für die Verschlüsselung bereitstellt.

Schneller, flächendeckender Internetzugriff ist die Voraussetzung für die erfolgreiche Digitalisierung und die Umsetzung von Industrie 4.0 in der deutschen Wirtschaft. Daneben stellt die 5G-Plattform die Infrastruktur für Smart-Grid Anwendungen im Energiesektor, Smart- und Connected-Car Anwendungen und selbstfahrende Kraftfahrzeuge im Transportsektor, e-Health Anwendungen im Gesundheitswesen, usw. bereit.

5G Security

In diesem Umfeld sind Datenintegrität und Verfügbarkeit der Plattform von größter Wichtigkeit, da deren Verlust zum Verlust der funktionalen Sicherheit führen kann. Verfälschte Energieverbrauchsdaten aus dem Smart-Grid können zu großräumigen und langandauernden Stromausfällen führen wenn die Stromnetzbetreiber falsche Entscheidungen auf Grundlage dieser Daten treffen. Der Ausfall der Plattform kann zum Stillstand der gesamten selbstfahrenden Transportflotte führen, etc. In letzter Konsequenz gefährdet der Verlust der Datensicherheit der 5G-Plattform die nationale Sicherheit Deutschlands.

Die 5G-Plattform und sämtliche Services sind kritische Infrastrukturen (KRITIS) und unterliegen damit den Regelungen des IT-Sicherheitsgesetzes. Sind die Vorgaben des IT-Sicherheitsgesetzes ausreichend, wenn es um Fragen der nationalen Sicherheit geht?

Die Überlegung, Huawei als Technologielieferant für die 5G-Plattform auszuschließen ist also berechtigt. Wir müssen diese Frage jedoch auch bei amerikanischen oder europäischen Technologielieferanten stellen – wenn es um Fragen der nationalen Sicherheit geht dürfen wir keinem Lieferanten vertrauen.

Aus meiner Sicht sind weder die Gestaltung der Ausschreibungen für die Vergabe der 5G-Frequenzen noch eine Anpassung des Telekommunikationsgesetzes ausreichend um die Datensicherheit zu gewährleisten. Die Vorgehensweise der chinesischen Regierung zur Sicherung ausländischen Knowhows ist der dritte, erfolgversprechende Weg:

  1. Jeder Technologielieferant muss mit einem deutschen Unternehmen eine Partnerschaft eingehen, an der das deutsche Unternehmen 51% der Anteile hält. Ziel der Partnerschaft ist nicht der Transfer des Knowhows auf den deutschen Partner, sondern die Gewährleistung der Datensicherheit der 5G-Plattform.
  2. Der Technologielieferant bringt alle Software mit Quellcode und Hardware in das Unternehmen ein.
  3. Die besten IT-Spezialisten Deutschlands zertifizieren die Hard- und Software, erstellen das Konzept für den sicheren Betrieb der 5G-Plattform und verifizieren dessen Implementierung.
  4. Der Technologielieferant nutzt ausschließlich die zertifizierte Hard- und Software zum Aufbau der 5G-Infrastruktur in Deutschland.

Das verzögert die Einführung der 5G-Plattform etwas, reduziert jedoch die Wahrscheinlichkeit des Verlustes der Datensicherheit drastisch.

Parallel zum Aufbau der 5G Infrastruktur ist die Schlüsselverwaltungsstelle bereitzustellen. Damit ist gewährleistet, dass die Nutzer unabhängig von der Plattform (3G, LTE, 4G, etc.) sicher kommunizieren können. Werden zudem alle E-Mails digital signiert so sind Passwort Phishing Attacken nicht mehr möglich.

Zudem muss die Forschung in neue kryptographische Methoden umgehend intensiviert werden. Die heute genutzten Public-Key-Verfahren sind im Zeitalter von Quantencomputern nicht mehr sicher.


Quellenverzeichnis

  1. ITV News. Australia bans Huawei from 5G network over security concerns [Internet]. ITV News. 2018 [zitiert 20. Januar 2019]. Verfügbar unter: https://www.itv.com/news/2018-08-23/australia-bans-huawei-from-5g-network-over-security-concerns/

  2. Jolly J. New Zealand blocks Huawei imports over ‘significant security risk’. The Guardian [Internet]. 28. November 2018 [zitiert 20. Januar 2019]; Verfügbar unter: https://www.theguardian.com/business/2018/nov/28/new-zealand-blocks-huawei-5g-equipment-on-security-concerns

  3. Taylor C. UK defense minister admits „grave concerns“ over Huawei 5G equipment [Internet]. 2018 [zitiert 20. Januar 2019]. Verfügbar unter: https://www.cnbc.com/2018/12/27/uk-defense-minister-admits-grave-concerns-over-huawei-5g-equipment.html

  4. Rohrbeck F. China: „Das ist ein gehöriges Sicherheitsrisiko“. Die Zeit [Internet]. 29. Dezember 2018 [zitiert 29. Dezember 2018]; Verfügbar unter: https://www.zeit.de/2019/01/china-unternehmen-sicherheitsrisiko-industriespionage-friedolin-strack

  5. Bundesamt für Sicherheit in der Informationstechnik. BSI – Glossar der Cyber-Sicherheit [Internet]. Glossar der Cyber-Sicherheit. [zitiert 6. Januar 2019]. Verfügbar unter: https://www.bsi.bund.de/DE/Themen/Cyber-Sicherheit/Empfehlungen/cyberglossar/Functions/glossar.html

  6. Ende-zu-Ende-Verschlüsselung. In: Wikipedia [Internet]. 2018 [zitiert 6. Januar 2019]. Verfügbar unter: https://de.wikipedia.org/w/index.php?title=Ende-zu-Ende-Verschl%C3%BCsselung&oldid=182680921

DeepLocker: AI Powered, Ultra-Targeted and Evasive Malware

19 August 2018

Mohit Kumar’s report on DeepLocker (1) published on 9 August 2018 in The Hacker News made me jump. Is AI becoming the doomsday machine of the 21st century?

DeepLocker is the result of a study (2) performed by IBM Researcher Marc Stoecklin and his colleagues on the question how the use of AI will change cyber-attacks:

“DeepLocker has changed the game of malware evasion by taking a fundamentally different approach from any other current evasive and targeted malware.”

The good news is that DeepLocker still needs a carrier app. Marc Stoecklin writes:

“DeepLocker hides its malicious payload in benign carrier applications, such as a video conference software, to avoid detection by most antivirus and malware scanners.”

Seven Phases Cyber Kill Chain

Cyber Kill Chain

DeepLocker is hence not invincible. A compromised carrier app will have another fingerprint than the not compromised version, at least until the carrier app is not compromised during development.

With this, program reputation, a must-have in every Next Generation Endpoint Protection Solution (NGEPS), can stop a malicious app very early in the Cyber Kill Chain (CKC).

The bad news is that reverse engineering is hardly possible. Marc Stoecklin writes:

“What is unique about DeepLocker is that the use of AI makes the “trigger conditions” to unlock the attack almost impossible to reverse engineer. The malicious payload will only be unlocked if the intended target is reached. It achieves this by using a deep neural network (DNN) AI model.”

Although I am fond of reading malware analysis papers I won’t miss them. From my point of view, it is only important that the NGEPS blocks the payload from being executed. In terms of the Cyber Kill Chain this means: ideally in the delivery phase, the latest in the installation phase.

For more details on DeepLocker please see the presentation (3) Marc Stoecklin delivered at the Black Hat 2018 conference.

Don’t panic, but be prepared: Skynet will gain world supremacy soon …

Have a great week.


  1. Kumar M. Researchers Developed Artificial Intelligence-Powered Stealthy Malware [Internet]. The Hacker News. 2018 [cited 2018 Aug 13]. Available from: https://thehackernews.com/2018/08/artificial-intelligence-malware.html
  2. Stoecklin MP. DeepLocker: How AI Can Power a Stealthy New Breed of Malware [Internet]. Security Intelligence. 2018 [cited 2018 Aug 13]. Available from: https://securityintelligence.com/deeplocker-how-ai-can-power-a-stealthy-new-breed-of-malware/
  3. Stoecklin MP, Kirat D, Jang J. DeepLocker – Concealing Targeted Attacks with AI Locksmithing [Internet]. Black Hat USA 2018. 2018 [cited 2018 Aug 19]. Available from: https://www.blackhat.com/us-18/briefings/schedule/#deeplocker—concealing-targeted-attacks-with-ai-locksmithing-11549

Blockchain unchained?

3 June 2018

Blockchain technology is a digital platform for applications where seamless traceability and full transparency is required.

For example, in pharmaceutical industry blockchain could give full traceability of drugs across the entire supply chain up to the patients.

Another interesting application is mobile voting. From the Brookings publication “How blockchain could improve election transparency” (1) on the use of blockchain for internet voting in the West Virginia primaries in May this year we learn that “all data of the election process can be recorded on a publicly verifiable ledger while maintaining the anonymity of voters, with results available instantly”.

This sounds very promising.

Blockchain Grid

Picture By Davidstankiewicz, for details see below (5)

Unfortunately, every software has bugs. On May 28th, 2018 Swati Khandelwal reported in “The Hacker News” about a remote code execution (RCE) vulnerability in the blockchain-based EOS smart contract system (2).

If an attacker exploits this RCE he could destroy the integrity of the entire system:

“Since the super node system can be controlled, the researchers said the attackers can “do whatever they want,” including, controlling the virtual currency transactions, and acquiring other financial and privacy data in the EOS network participating node systems, such as an exchange Digital currency, the user’s key stored in the wallet, key user profiles, privacy data, and much more.”

Although it is not clear whether the voting system used in West Virginia is based on the Blockchain 3.0 platform there is urgent need for action. EOSIO set up a bug bounty program (3) to improve their code. But should we rely on bug bounty programs for such important issues like elections or patient safety?

From the Qihoo 360 security researchers report (4) we learn that the vulnerability is created by “a buffer out-of-bounds write” error. This means that this vulnerability could have been avoided by performing a static code analysis prior to release.

The big question is: How many errors of this type are still included in the blockchain infrastructure? A bug bounty program is a good approach to improve security, a static code analysis is indispensable in my view. In particular when the outcome of an election can be influenced or patient safety is endangered.

Have a great week.


References

1. Desouza KC, Somvanshi KK. How blockchain could improve election transparency [Internet]. Brookings. 2018 [cited 2018 Jun 1]. Available from: https://www.brookings.edu/blog/techtank/2018/05/30/how-blockchain-could-improve-election-transparency/

2. Khandelwal S. Critical RCE Flaw Discovered in Blockchain-Based EOS Smart Contract System [Internet]. The Hacker News. 2018 [cited 2018 Jun 1]. Available from: https://thehackernews.com/2018/05/eos-blockchain-smart-contract.html

3. eosio. Calling all Devs: The EOSIO Bug Bounty Program is Live [Internet]. Medium. 2018 [cited 2018 Jun 3]. Available from: https://medium.com/eosio/calling-all-devs-the-eosio-bug-bounty-program-is-live-7219c625a444

4. Chen Y, Peng Z. EOS Node Remote Code Execution Vulnerability — EOS WASM Contract Function Table Array Out of Bounds – 奇虎360技术博客 [Internet]. 2018 [cited 2018 Jun 1]. Available from: http://blogs.360.cn/blog/eos-node-remote-code-execution-vulnerability/

Picture Credits

5. By Davidstankiewicz [CC BY-SA 4.0 (https://creativecommons.org/licenses/by-sa/4.0)%5D, from Wikimedia Commons

Windows 10 Lean – Microsoft’s essential step (back) to the future?

29 April 2018

The report “Windows 10 Lean: Latest build offers first glimpse of Microsoft’s new cut-down OS” (1) published by Liam Tung on 24 April 2018 at ZDNet made me really curios.

Why is the industry in desperate need of a cut-down Windows OS? To answer this question we need to dig into the history of computing.

Tandberg TDV 1200 Terminal. Picture Credits (2)

Tandberg TDV 1200 (2)

In the nineteen sixties and seventies IT business was largely based on host-based computing. Usually the end-user devices were character based terminals with very restricted functionality. Business reports or letters were a real challenge on a Tandberg terminal with IBM ISPF. Individual changes to the user interface were usually limited to the change of the highlight colors and the function key assignment.

Apollo Domain DN330 Workstation

Apollo Domain DN330 (3)

The introduction of server-based computing in the nineteen seventies was a significant benefit for the end users. Graphics-based workstations, often diskless, opened up new fields of application, e.g. desktop publishing, CAD or CAPE. Here, too, the users had only limited options to customize the user interface or to install applications.

With the introduction of Windows NT AS 3.1 in 1993 everything changed. For the first time an operating system had an easy to use graphical user interface, was easy to operate through this GUI , and had easy to use inbuilt peer-to-peer networking capabilities. This was the Wild West for the users.

Unfortunately, very often the Wild West ended up in chaos. With Windows 2000 everything was under control again. Server-based computing was the standard again, peer-to-peer networking capabilities were hardly used.

SAAS, e.g. O365, OneDrive, Sharepoint Online, Box for Business or Google’s G Suite, takes us eventually back to host-based computing: The cloud is the new host.

Once the industry has adopted SAAS every interaction with the cloud is based on the HTTPS protocol. SMB and all the client-server and peer-to-peer networking capabilities of Windows are no longer needed. Even for printing the IPP protocol can substitute SMB.

Thus it is time to eliminate these networking capabilities from the OS. And with this, we eliminate all this EternalBlue, EternalRomance, WannaCry and NotPetya stuff because lateral movement depends heavily on the Windows Peer-to-Peer networking capabilities.

Chrome OS is Google’s answer to this trend. Will Microsoft follow with Windows 10 Lean?

From Liam Tung’s report we learn:

“Windows 10 Lean was revealed on Twitter by Windows enthusiast Lucan, who noted the heavily cut-down OS has no wallpaper and is missing apps like Registry Editor and Microsoft Management Console, as well as drivers for CD and DVD drives.”

From my point of view that’s not enough to deal with the IT security challenges the industry faces today.

Have a great week.


  1. Tung L. Windows 10 Lean: Latest build offers first glimpse of Microsoft’s new cut-down OS [Internet]. ZDNet. 2018 [cited 2018 Apr 24]. Available from: https://www.zdnet.com/article/windows-10-lean-latest-build-offers-first-glimpse-of-microsofts-new-cut-down-os/

  2. Picture credits: Telemuseet, Wikipedia, https://digitaltmuseum.no/011025208286/datautstyr

  3. Picture credits: Jim Rees, Wikipedia, https://commons.wikimedia.org/wiki/File:Dn330.jpg