Microsoft has released an accountability notice after the big Crowdstrike outage. According to the release, Microsoft is going to change and innovate in the area of end-to-end resilience. This includes things like VBS enclaves, which require no kernel mode drivers, as well as Azure Attestation, which determines secure boot posture. The messaging indicates that Microsoft sees kernel access is their biggest issue and they are going to try and develop new tools that eliminate the need for it. This and more on the Rundown.
Apple Podcasts | Spotify | Overcast | Amazon Music | Audio | YouTube
1:24 – SK hynix Considers US IPO for Solidigm
SK hynix is considering a US IPO for Solidigm, spun out of Intel in a $9 billion deal. Now profitable after 12 quarters of losses, Solidigm has developed a successful line of enterprise and AI SSDs. The IPO could help fund SK hynix’s $6.8 billion HBM plant in Korea, starting in 2025. This hasn’t been officially announced, but we’ve been expecting this for a while.
Read More: SK hynix reportedly planning to float Solidigm unit in US
6:37 – Marvell Teralynx Leaps into Production
Marvell has a new fast cat on the market. The Teralynx 10x switch is a 51.2 Tbps beast that is aimed at AI networking. It has some of the lowest latency on the market along with low power consumption and programmable features. The Teralynx also runs the open source SONiC operating system, which Marvell has backed for a number of years. In addition to AI networking, large cloud providers are interested in the high speeds and low latency of the Teralynx. For more on this news let’s turn it over to Futurum Group Research Directory Ron Westfall.
Read More: Marvell Pumps up the Teralynx 10 Ethernet Switch Volume
10:54 – Marvell Structures DDR4 With CXL 2.0
Marvell just released a new line of CXL 2.0 products under the Structera brand, bringing additional memory to servers for AI and cloud workloads. The line includes support for up to 4TB of DDR5 memory as well as an intriguing offering that enables customers to reuse DDR4 modules with modern servers.
Read More: Marvell Unveils Structera CXL Solutions to Meet Hyperscaler Memory Needs
Read More: Marvell intros CXL 2.0 memory acceleration and expansion gear
15:08 – Secure Boot Totally Insecure
One of the biggest advancements in computing in the last fifteen years has now been invalidated. Secure boot, which uses cryptographic keys in UEFI to prevent unauthorized code execution, was found to have been completely compromised on over 200 different device models from a variety of manufacturers including Dell, Supermicro, and more. The reason for the compromise is that the platform key, or the root-of-trust anchor, was published to a private GitHub repository back in 2022 and wasn’t noticed. Researchers at Binarly found the key and were able to crack the 4-digit password on it quickly. This provided the means to create PKFail, a proof-of-concept that shows that secure boot is effectively dead.
Read More: Secure Boot is completely broken on 200+ models from 5 big device makers
20:46 – VMware Takes Group Authentication Exploit to New Highs
VMware by Broadcom is looking at yet another major issue with their ESXi hypervisor this week. This one comes with a very entertaining setup. If you have already gained domain access to a Microsoft Active Directory network and your ESXi hypervisors are joined to that domain, you can gain total administrative control over them by adding any user to the ESXi Admins group. Don’t have that group? Just create it and the hypervisor will assume you must be an admin by being a part of that group. This has allowed a number of ransomware crews to mass encrypt hypervisors over the past few months.
Read More: Hackers exploit VMware vulnerability that gives them hypervisor admin
26:02 – DigiCert Underscores Certificate Revocation Woes
DigiCert issued a statement yesterday stating that certain users have 24 hours to get new certificates after it was announced that some of them were going to be revoked today. The reason might be one of the craziest typos ever. In short, DigiCert allows you to verify control of your domain by creating a special DNS pointer record with a random number. By rule, that record must begin with an underscore character. DigiCert said that the code that added the underscore to the pointer record was cleaned up at some point and the random numbers that were issued didn’t have the correct character. As this violates the rules laid out for checking the authorization for the domain those certificates must be revoked. DigiCert says that only about 0.4% of customers should be affected by that domains will stop working until new certificates are issued.
Read More: DigiCert Revocation Incident
30:40 – Microsoft’s Resiliency Notice And Path Forward
Microsoft has released an accountability notice after the big Crowdstrike outage. According to the release, Microsoft is going to change and innovate in the area of end-to-end resilience. This includes things like VBS enclaves, which require no kernel mode drivers, as well as Azure Attestation, which determines secure boot posture. The messaging indicates that Microsoft sees kernel access is their biggest issue and they are going to try and develop new tools that eliminate the need for it.
Read More: Windows resiliency: Best practices and the path forward
Read More: ‘Error’ in Microsoft’s DDoS defenses amplified 8-hour Azure outage
44:43 – The Weeks Ahead
Tech Field Day Experience at SHARE Kansas City 2024 – August 4 – 8
AI Field Day 5 – September 11 – 12
Edge Field Day 3 – September 18 – 19
Gestalt IT and Tech Field Day are now part of The Futurum Group.
The Gestalt IT Rundown is your look at the IT news of the week. Be sure to subscribe to Gestalt IT on YouTube for even more weekly video content.
