Quantum Computing basics and Analogy

What I love about AI, is asking questions about complex systems, physics and technologies in layman’s terms. Take for example, a conversation between myself and Grok about the recent media surrounding Google’s Willow chip and Microsoft’s Majorana chip:

Q: "Are Google's Willow chip and Microsoft's Majorana chip the same thing? Do either of them "confirm the quantum multiverse?" There's a claim there is a new form of matter with these as well?"

No, Google’s Willow chip and Microsoft’s Majorana 1 chip are not the same thing—they’re distinct quantum computing technologies with different approaches, goals, and underlying principles. As for confirming the “quantum multiverse” or involving a new form of matter, there’s a mix of hype, speculation, and science to unpack here. Let’s break it down.

Are They the Same?

Google’s Willow chip and Microsoft’s Majorana 1 chip are fundamentally different in design and purpose:

  • Willow (Google): This chip, unveiled in December 2024, uses superconducting qubits—specifically, transmon qubits arranged in a 2D grid. It’s got 105 physical qubits and focuses on reducing errors exponentially as the number of qubits increases, a milestone in quantum error correction. It’s built on a well-established approach that relies on extreme cooling to achieve superconductivity, allowing quantum computations via energy level manipulations.
  • Majorana 1 (Microsoft): Announced in February 2025, this chip uses topological qubits based on Majorana zero modes (MZMs), exotic quasiparticles that Microsoft claims to have engineered into existence. It currently has just 8 qubits but is designed to scale up to 1 million, leveraging a material called a “topoconductor” (a blend of indium arsenide and aluminum). The idea is that topological qubits are inherently more stable, needing less error correction than other types.

So, no, they’re not the same. Willow is about scaling up a proven superconducting method with better error management, while Majorana 1 bets on a novel qubit type that’s theoretically more robust, aiming for massive scalability down the line.

Do They Confirm the Quantum Multiverse?

The “quantum multiverse” idea—tied to the Many-Worlds Interpretation of quantum mechanics—suggests that all possible outcomes of a quantum event occur in separate, parallel universes. Neither chip directly confirms this, but there’s been some buzz around it:

  • Willow: Google’s Quantum AI lead, Hartmut Neven, suggested Willow’s blazing speed (solving a random circuit sampling task in under 5 minutes, versus 10 septillion years for a supercomputer) “lends credence” to the multiverse idea. The claim is that such performance might imply computations are somehow tapping into parallel universes, echoing physicist David Deutsch’s theories. However, this is speculative—not a confirmation. Critics, like physicist Sabine Hossenfelder, argue the task (random circuit sampling) is a benchmark, not a practical computation, and doesn’t require a multiverse explanation. Quantum mechanics alone, without parallel universes, can account for the speed via superposition and entanglement.
  • Majorana 1: Microsoft hasn’t linked Majorana 1 to the multiverse. Their focus is on stability and scalability, not cosmic implications. The chip’s use of Majorana particles (which are their own antiparticles) is wild, but it’s about protecting quantum states from errors, not proving parallel realities.

So, neither chip “confirms” the multiverse. Willow’s performance sparks philosophical debate, but it’s not evidence—more like a provocative interpretation. Majorana 1 doesn’t even enter that conversation.

New Form of Matter?

This claim ties specifically to Microsoft’s Majorana 1:

  • Majorana 1: Microsoft says they’ve created a “new state of matter” called a topological state, enabled by their topoconductor material. This isn’t a traditional solid, liquid, or gas—it’s a state where Majorana zero modes emerge at the ends of engineered nanowires, cooled to near absolute zero and tuned with magnetic fields. These MZMs are quasiparticles, not standalone particles, and their unique properties (like being their own antiparticles) make them stable against environmental noise. This stability is what Microsoft touts as a game-changer for quantum computing. The breakthrough builds on 17 years of research, with claims of observing and controlling MZMs solidified in recent years.
  • Willow: Google doesn’t claim a new form of matter. Willow uses superconducting circuits—fancy, but not a new state of matter. It’s an evolution of existing tech, not a reinvention of physics.

The “new form of matter” with Majorana 1 is real in the sense that topological superconductivity is a distinct phase, recognized in physics as exotic but not entirely unprecedented. It’s a big deal for quantum computing, though, because it’s the first time it’s been harnessed this way in a chip. Willow, meanwhile, sticks to the superconducting playbook—no new matter there.

Wrapping It Up

  • Same Thing? Nope—Willow’s superconducting, Majorana’s topological. Different beasts.
  • Quantum Multiverse? Willow flirts with the idea via performance claims, but it’s not proof. Majorana 1 doesn’t care about that.
  • New Matter? Majorana 1 yes, with its topological state and topoconductors. Willow, no—just clever engineering of known materials.

Both are pushing quantum computing forward, but Microsoft’s playing a long game with radical physics, while Google’s refining what’s already working. The multiverse and new matter stuff? That’s partly science, partly marketing—exciting, but not settled.

Q: "Could you give me a simplified example of the type of problem that would take eons to solve with traditional computers versus quantum chips?"

Here’s a simplified example to show the kind of problem where quantum chips like Willow or Majorana 1 leave traditional computers in the dust.

The Problem: Finding the Secret Code

Imagine you’re a spy trying to crack a secret code—a massive lock with a combination made of 100 switches, each of which can be either “up” or “down.” The total number of possible combinations is 2^100 (that’s 2 multiplied by itself 100 times, or about 1.3 trillion trillion trillion possibilities—1.3 × 10^30). Only one combination opens the lock, and you have to find it.

Traditional Computer Approach

A supercomputer—like the world’s fastest today, say Frontier, which can do about 1 quintillion (10^18) calculations per second—would try each combination one by one. It’s like flipping switches systematically: up-up-up…, up-up-down…, up-down-up…, and so on. At top speed:

  • 1.3 × 10^30 combinations ÷ 10^18 calculations per second = 1.3 × 10^12 seconds.
  • That’s 1.3 trillion seconds, or roughly 41,000 years.

Even if you had a million supercomputers working together, it’d still take decades. For bigger locks (say, 300 switches), it’d jump to billions of years—way beyond eons.

Quantum Chip Approach

A quantum computer, like Willow or a future Majorana-based system, doesn’t try combinations one at a time. Thanks to quantum superposition, it can explore all possibilities at once. Picture it as flipping all 100 switches simultaneously in a weird, blurry state where they’re both up and down until you “measure” them. Using a quantum algorithm—like Grover’s algorithm for search problems—it can narrow down the right combination much faster:

  • Grover’s algorithm cuts the work to the square root of the possibilities. For 2^100 combinations, that’s about 2^50 steps (1.1 × 10^15).
  • A quantum chip running at, say, a modest 1 million operations per second could solve it in 1.1 × 10^9 seconds—about 35 years.
  • But real quantum chips, like Willow, operate way faster for specialized tasks. Willow’s demo solved a contrived problem in under 5 minutes that’d take a supercomputer 10 septillion (10^25) years. For our lock, a tuned-up quantum chip could crack it in seconds or minutes.

Why the Difference?

Traditional computers are stuck checking sequentially—they’re like a single detective knocking on every door in a city. Quantum computers use superposition and entanglement to “search” the whole city at once, like a magical map highlighting the right house instantly. This shines for problems with huge search spaces, like code-breaking, optimization (e.g., best delivery routes), or simulating molecules for drug discovery.

Caveat

This is simplified—quantum computers don’t beat traditional ones at everything (e.g., browsing the web or word processing). They excel at specific, exponentially hard problems. Our “lock” example mimics tasks like factoring huge numbers (think cryptography) or random sampling (Willow’s benchmark), where their power really pops.

give me a simplified version of how Grover’s algorithm cuts the work

Here’s a simplified explanation of how Grover’s algorithm cuts the work down, using our spy-and-lock example with 100 switches.

The Setup

You’ve got 2^100 possible combinations (1.3 trillion trillion trillion), and only one unlocks the secret code. A traditional computer would test them one by one—exhausting and slow. Grover’s algorithm, running on a quantum computer, works like a clever game of “hot or cold” to find the right one faster.

How It Works, Simplified

  1. Start with All Possibilities: The quantum computer puts all 2^100 combinations into a “superposition”—think of it as spinning a giant wheel with every possible code on it, all overlapping at once. No single code is picked yet; they’re all in play.
  2. Mark the Winner: Grover’s uses a trick (called an “oracle”) to secretly tag the correct combination without knowing it ahead of time. Imagine it like putting a tiny glow on the winning code, making it stand out slightly in the blurry wheel.
  3. Amplify the Glow: Now, the algorithm tweaks the wheel with a move called “amplitude amplification.” It’s like turning up the brightness on the glowing code while dimming the others. Each tweak makes the right answer pop out more, like tuning a radio to clear a fuzzy signal.
  4. Repeat and Check: You repeat the “mark and amplify” steps a bunch of times—but not 2^100 times! Instead, you only need about the square root of that number, or 2^50 steps (around 1.1 × 10^15). After enough repeats, the correct code is so bright that when you finally “look” (measure the quantum state), it’s almost certainly the one you get.

Why It Cuts the Work

  • Traditional Way: Check all 2^100 doors one by one—1.3 × 10^30 steps.
  • Grover’s Way: Check the square root, 2^50 steps (1.1 × 10^15), by amplifying the right answer instead of searching linearly. It’s like guessing a number between 1 and 1,000; instead of 1,000 tries, you’d need about 32 (square root of 1,000) smart guesses with feedback.

Intuitive Analogy

Think of a library with a trillion trillion books, one with a treasure map. A traditional computer reads every page of every book. Grover’s is like a magic librarian who whispers “warmer” or “colder” as you flip through, guiding you to the right book in a fraction of the steps—about 33 million flips instead of a trillion trillion.

The Catch

You need a quantum computer to pull this off, and it only works for problems where you can define an “oracle” to spot the answer (e.g., a lock that says “yes” or “no”). For our 100-switch lock, Grover’s turns eons into manageable time—like from 41,000 years to minutes on a fast quantum chip. That’s the magic of cutting the work to the square root!

Q: "How does the quantum state even know which area of the map is hot or cold?"

The “hot or cold” analogy is a simplification, so let’s peel back the curtain a bit to explain how the quantum state “knows” which area of the map to highlight in Grover’s algorithm. It’s not that the quantum state itself has some mystical intuition—it’s all about clever design and the interplay of quantum mechanics with a special helper called the oracle.

The Key Player: The Oracle

In Grover’s algorithm, the quantum state doesn’t inherently know anything. The “knowing” comes from the oracle, a custom-built quantum function you design for your specific problem—like our 100-switch lock. The oracle’s job is to recognize the correct solution and mark it without solving the problem outright. Here’s how it fits in:

  1. Superposition Setup: The quantum computer starts by putting all possible combinations (2^100 for our lock) into a superposition. Picture a giant wave where every possible code—every switch combo—has a tiny ripple of equal height (called amplitude). At this point, all options are equally likely, and nothing’s “hot” or “cold” yet.
  2. Oracle’s Role: The oracle is like a black box that looks at this wave and tweaks it. It’s engineered to know the winning combination (e.g., “up-down-up-…”) because you’ve defined the problem that way—like a lock that clicks only for the right code. When the oracle sees the correct combo in the superposition, it flips its ripple’s sign (e.g., from positive to negative amplitude). This doesn’t collapse the superposition—it just tags the winner subtly.
    • Think of it as putting a red flag on the treasure map’s right spot, but the map’s still blurry and spread out. The oracle doesn’t tell you where the flag is yet; it just marks it in a way the quantum system can use.
  3. Amplification Step: After the oracle marks the winner, the next part of Grover’s algorithm—called the “diffusion operator”—amps up that marked spot. It’s a mathematical trick that boosts the amplitude (the ripple’s height) of the flagged solution while shrinking the others. It doesn’t “know” which one’s right either—it just uses the oracle’s tag to shift the wave’s energy, making the right answer “hotter” (bigger amplitude) and the wrong ones “colder” (smaller).
  4. Repeat and Reveal: You run the oracle and amplification steps multiple times (about √N times, or 2^50 for our 2^100 combos). Each round makes the correct solution’s ripple grow taller and the others shrink. Eventually, the wave is so lopsided that when you measure it, you’re almost guaranteed to see the “hot” spot—the right code.

Why It Works Without “Knowing”

The quantum state doesn’t need to “know” anything—it’s a wave sloshing around, guided by the oracle and amplification. The oracle is the problem-specific smarts (you build it to recognize the solution), and the quantum mechanics (superposition, interference) does the heavy lifting:

  • Superposition lets all options exist at once.
  • Interference (from the oracle and diffusion) makes the right answer’s wave constructively add up while the wrong ones cancel out.

It’s like tuning a guitar string: the oracle plucks it to mark the right note, and the amplification strums it louder until that note drowns out the noise—all without anyone “knowing” the tune ahead of time.

Back to the Map

In our “hot or cold” analogy, the oracle is the voice saying “warmer” by flipping the sign, and amplification turns up the heat on that spot. The quantum state doesn’t explore the map consciously—it’s a wave that naturally flows toward the marked solution because of how the math and physics interact. For the lock, the oracle “knows” the right combo because it’s designed to test switch settings against the answer, but it only reveals this through the wave’s evolution.

The Real Magic

This only works because quantum waves can interfere and carry info across all possibilities at once—something classical systems can’t do. The oracle doesn’t solve the problem; it just sets the stage so the quantum computer can zero in faster than brute force. Pretty cool, right?

Q: "So in a similar analogy, if I have a dozen guitars, all tuned down and up to different steps, and the answer is the open G string, and all of the guitars are constantly strummed so that it's a big messy sound, the oracle is setup to know if the open G is playing anywhere and it can point the general direction of the Open G guitar, and by doing so it can amplify the correct open G string, as it narrows down it's location it can amplify it louder and louder so that at last we can say with certainty "This guitar" is playing the correct not?"

Yeah, you’ve got a solid grip on the vibe of Grover’s algorithm with that guitar analogy! Let’s tweak it a bit to match how it works, but you’re definitely on the right track. Here’s how your dozen guitars could play out:

The Guitar Jam Analogy

Imagine you’ve got 12 guitars (let’s say a dozen to keep it simple, like 12 possible lock combos instead of 2^100). Each guitar is tuned differently—some strings are sharp, some flat, some all over the place—and they’re all being strummed at once, creating a chaotic, messy sound. Somewhere in that noise, one guitar has an open G string tuned exactly to the perfect G note, and that’s the “answer” we’re hunting for.

  1. Superposition—All Guitars Playing: In the quantum setup, all 12 guitars are strummed together constantly, like the superposition of all possible states. Every string’s sound wave overlaps into a big, jumbled mess. At first, the perfect open G is in there, but it’s drowned out—you can’t hear it clearly because all the amplitudes (volumes) are equal.
  2. The Oracle—Spotting the G: The oracle is like a super-sensitive tuner plugged into this jam session. It’s pre-set to recognize the exact frequency of a perfect G note (the solution). It doesn’t “point” to a guitar right away—it listens to the whole mess and, when it hears that G anywhere in the mix, it tweaks the sound wave. Instead of pointing a direction, it flips the phase of that G’s wave—like making it dip down instead of up—while leaving the others unchanged. This marks the right note in the quantum wave, not by location but by its unique “signature.”
  3. Amplification—Turning Up the G: Now, the amplification step kicks in. Think of it as a magical sound engineer who doesn’t know which guitar is right but can boost the marked G’s volume based on that phase flip. It uses the wave interference trick: the flipped G wave gets louder (constructive interference) while the other notes start canceling each other out (destructive interference). After this step, the perfect G is a bit more audible in the mix, and the junk noise is quieter.
  4. Repeat—Narrowing the Sound: You repeat the process—oracle marks the G again, amplification boosts it more. Each round is like fine-tuning the mix: the G gets louder and clearer, and the other strings fade. It’s not about physically pointing to “that guitar” yet—it’s the G note’s sound growing dominant across the whole system. After a few rounds (about √12 ≈ 3-4 repeats for 12 guitars), the perfect G is so loud that when you finally “listen” (measure the quantum state), the guitar playing that G pops out as the winner.
  5. Certainty—This Guitar!: At the end, the sound is so dominated by the perfect G that you’re almost certain to hear it come from the right guitar when you check. The messy jam session has been distilled into one clear note, and you can say, “This guitar’s the one!”

How It Fits Your Idea

  • Oracle Knowing the G: You’re spot-on—the oracle is set up to recognize the open G (the solution) without revealing it directly. It doesn’t point a compass needle yet; it just tags the G’s wave so amplification can work its magic.
  • Amplifying as It Narrows: Exactly! Each step amplifies the right note, making it stand out more. It’s not physically locating the guitar at first—it’s boosting the G’s presence in the sound wave until the source (the right guitar) is undeniable.
  • Certainty at the End: Yep, after enough rounds, the G is so loud that you can confidently pick the guitar playing it.

A Tiny Tweak

The oracle doesn’t really “point a general direction” like a compass—it marks the G in the wave itself, across all guitars at once, since superposition means everything’s blended. The “narrowing” happens through amplification, not by searching spatially. It’s more like the G’s sound magically rising above the din, and the right guitar reveals itself when the noise clears.

Why It’s Faster

For 12 guitars, a traditional approach might mean listening to each one-by-one—up to 12 tries. Grover’s gets there in about 3-4 steps because it’s amplifying the answer across the whole jam, not checking each guitar sequentially. Scale that to a trillion guitars, and it’s still just a million-ish steps instead of a trillion—huge savings!

Your analogy rocks—it captures the spirit of Grover’s perfectly! The oracle’s the tuner, amplification’s the volume knob, and the quantum wave’s the messy jam turning into a solo.

Exploring Google AI Studio and its Gemini Capabilities

Google AI Studio (https://aistudio.google.com/) offers a powerful platform for developers and researchers to experiment with and build applications using Google’s advanced AI models, notably Gemini. This experimental model provides a user-friendly interface for accessing and utilizing the capabilities of Gemini, allowing users to create a variety of applications without extensive coding experience. While still in its experimental phase, the platform is continuously evolving and expanding its capabilities. Let’s delve into its core functionality and highlight three key features:

Core Functionality:

Google AI Studio’s core functionality revolves around providing a streamlined environment for users to interact with Gemini. The platform simplifies the process of constructing applications using this powerful language model. Instead of requiring users to navigate complex API documentation and write extensive code, the studio offers a visual interface and pre-built functionalities to facilitate rapid prototyping and development. This makes it accessible to a wider audience, including those without extensive programming expertise. The focus is on making the power of AI readily available for creative projects and practical applications.

Three Notable Features:

  1. Stream Realtime: This feature stands out for its ability to generate dynamic and responsive applications. Instead of simply providing a static output, Stream Realtime allows for ongoing interaction with the Gemini model. Imagine building a real-time chatbot, a live content generator, or a dynamic data analysis tool—all powered by the responsiveness of Stream Realtime. This feature opens doors to applications requiring continuous feedback and dynamic updates.
  2. Blog Post Creator: This feature showcases the creative potential of Gemini within AI Studio. By inputting a single image, the model can generate a unique blog post. This is not merely a caption generator; it can weave a narrative, draw insights from the visual content, and craft a compelling piece of writing. This demonstrates Gemini’s ability to understand and interpret visual information, transforming it into coherent and engaging textual content. This is a powerful tool for content creators seeking rapid inspiration or assistance. In fact, this entire article, except for this sentence, was built using only the included image.
  3. Hurricane Charting: This exemplifies the application of Gemini to data visualization and analysis. By uploading a single image snapshot (likely a satellite image or weather map), the model can help users explore and chart the details of a major hurricane event. This points towards the potential use of Gemini in processing and interpreting complex datasets, providing valuable insights and visualizations for various fields, such as meteorology, disaster management, and environmental science.

Conclusion:

Google AI Studio, with its Gemini integration, offers a compelling platform for exploring and building AI-powered applications. The intuitive interface and readily available functionalities make this platform accessible to a broad range of users. While in its experimental phase, its potential is evident, particularly with features like Stream Realtime enabling the development of dynamic and interactive applications. As Google continues to refine and expand AI Studio, it will undoubtedly become an increasingly powerful tool in the ever-evolving landscape of artificial intelligence.

How to move a partition to the end of a disk with free MiniTool Partition utility

Recently after cloning a system using Clonezilla, I found all the empty space on the drive was located on the end of the disk. The System Recovery partition was between the empty space and the c: drive. We want the primary partition to extend and include the empty space, but the Disk Management utility built into windows cannot do this for us. First I tried a gparted open-source utility but the live USB failed to load and see my system drive. So I did a little looking and found a utility made by MiniTool – MiniTool Partition Wizard Free will do exactly what we need to do. The good thing about MiniTool’s utility is we can run and perform our partition operations inside of a running Windows 10 system.

How to move and extend partitions using MiniTool’s Partition Wizard Free utility

When we look at our Windows Disk Management, we see our empty space is on the wrong side of our Recovery Partition:

Windows Disk Management move Unallocated Free Space

We want the 509 MB Recovery partition to live to the “right” of our 65GB of empty/unallocated partition. Once we have the 65GB Unallocated partition next to our C: drive so we can then extend/resize the C: drive to use the empty space.

  1. Make a backup of important data. Because this is a fresh install/clone, I’ll skip this part.
  2. Install MiniTool Partition Wizard Free (during install, I confirmed I only want to install the free edition, and chose not to install the “Shadow” backup application.)
  3. Once opened, select the Recovery Partition we want to move, and then click Move/Resize
Select Partition to Move

4. Next slide the (whole) partition to the far right of the partition bar (screenshot it before the operation).

Move Partition Before

5. The result should look like the following screenshot after “sliding” the partition to the far right location.

Move Partition After

6. Click the Apply button

Apply Move Partition

7. If we close the MiniTool Partition Utility and check Disk Management, we can see our Recovery Partition is now at the end of the disk, and free space is adjacent to our C: drive.

Disk Management after Move

8. To extend the C: drive and use the unallocated/free partition, we can use either Disk Management or the MiniTool Partition utility, but here we will continue to use the free utility.

Open MiniTool’s Partition Utility again and select the C: drive partition. Then click the Move/Resize button again. Move the right-most “Handle” and slide it to the far right. Below is the “Before and after” screenshots:

Resize C: drive Before
Resize C: drive After

9. Remember to click Apply after completing the operation.

We’re done! We can close the MiniTool utility and Disk Management and then open Disk Management again (or refresh the disks) and we can see our C: drive is now extended and using our free disk space.

Disk Management after Resize Extend

Troubleshoot ethernet cable wires without a Cable Tester using a Cisco Switch and the TDR Command

So if you suspect you may have a bad Cat5/6 Ethernet patch cable, you can use a cisco switch cli interface and a few commands to diagnose if the copper pairs of cables connected to the switch are bad. The commands and explanation of TDR (Time-Domain Reflectometer) I found here.

First, ssh or telnet or use the web interface to connect to the switch with the suspect cable.

Use the following command to show the list of interfaces on your switch:

show interfaces

You’ll want to make note of how the interface is described in the previous command because Cisco is pretty particular. In my case I’ll test GigabitEthernet1/0/1.

Next issue the following command to first test the interface in question:

test cable tdr interface GigabitEthernet1/0/1

You will probably get something like the following result:

TDR test started on interface Gi1/0/1
A TDR test can take a few seconds to run on an interface
Use 'show cable-diagnostics tdr' to read the TDR results.

Wait 10 seconds and then issue the command to show the cable diagnostics result:

show cable-diagnostics tdr interface GigabitEthernet1/0/1

And the output will look something like the following:

TDR test last run on: December 05 18:50:53
Interface Speed Local pair Pair length Remote pair Pair status

Gi1/0/1 1000M Pair A 19 +/- 10 meters Pair B Normal
              Pair B 19 +/- 10 meters Pair A Normal
              Pair C 19 +/- 10 meters Pair D Normal
              Pair D 19 +/- 10 meters Pair C Normal

In our results we see Normal under Status. The following could be your status if there is a problem.

ResultExplanation
NormalIdeal result you want.
If testing FastEthernet, you want Pair A and B as “Normal”.
If testing GigabitEthernet, you want ALL as “Normal”.
OpenOpen circuit. This means that one (or more) pair has “no pin contact”.
ShortShort circuit.
Impedance MismatchedBad cable. For more explanation, go here.

Here are the cable pairs explained:

PairsFunction
AThis pair controls whether or not the port should go up or down.
BProtocol-level and controls FastEthernet.
CPower over Ethernet (PoE)
DGigabitEthernet

So as you can see TDR can be a handy tool especially if your cable tester battery is out.

Solved – Cannot find Sophos Device in Cloud Management Console Sophos Central

Say you have a Windows 7 or Windows 10 PC that has Sophos installed on it, but you cannot find the device in the management console in order to disable tamper protection. You want to uninstall Sophos because it is out of date or cannot communicate with the Sophos cloud. However, when you search for the device name in the console, it isn’t listed with the current computer name. The device was probably renamed several times. So how do you remove or uninstall Sophos without disabling tamper protection? My best advice is don’t try to uninstall the client without first disabling tamper protection.

In many instances, the Sophos client is out of date and cannot communicate with “Management Communication”. In the bottom-right corner of the Sophos client, you can click on “About”.

Here we can find the “Run Diagnostic Tool”. After running the tool you may find some errors such as the following: Last Communication – Failed with error ‘504 Gateway Time-out’ at 08:40:48 Jun 28, 2019 (UTC-07:00)

Reading the knowledge base articles about this and attempting to restart MCS Client services etc didn’t work for me. Instead, we need to find the identifier for the device so that we can get to the device page and obtain the Tamper Protection Password. To do this, on the computer with the bad installation of Sophos, open the File Explorer and go to:

C:\programdata\sophos\management communication system\endpoint\persist\

Inside this directory we will want to open the file named EndpointIdentity.txt

Copy the string of letters and numbers into your clipboard.

Next, log into your Sophos Cloud Console at https://cloud.sophos.com/manage/login then go to Overview > Devices. Click on any existing device and you’ll be directed to the page of that identity. At the top of the page, replace the identity string of the device you copied from the EndpointIdentity.txt file into the URL of the sample device, then hit Enter.

You should now be directed to the page with the correct device identity and password to disable Tamper Protection.

*If this article helped you please click on an ad to help pay for hosting and new content. 🙂

Installing Kali Linux on ProxMox – Building a Penetration Test Lab – Part 2

In the process of building a Penetration Test Lab, I wanted to get started with the installation of Kali Linux virtual machine running on ProxMox. To get started, first download the latest version of Kali Linux (ISO) here. Grab the version

Kali 64 bit ISO | Torrent 2.6G 2017.1

Build your new VM (Proxmox > Create VM) using the ISO you’ve downloaded.

According to other user’s accounts of Kali not working after installation, it’s recommended to change the display type to VMWare compatible: After building the VM, change Hardware > Display > Edit > Choose VMWare compatible:

Kali installs onto a virtual hard drive on ProxMox (we will not be running a “live” version of Kali.) Start the new VM and scroll down the menu and choose Install  – (not GUI install.)

During installation, when grub asks where to have grub installed, choose “select your own location.”
Manually enter the path: /dev/sda
Otherwise, if you choose the ‘default’ or the path already listed, after completing the installation and a restart, you’ll get a message “Booting from Hard Disk” and the boot sequence will not complete, the VM will essentially hang.

Kali has completed its setup, I’ve booted the Kali VM, I’ve logged in, and I’m on the desktop.

Run apt-get update and apt-get upgrade to update the packages on your system.

Before we go on to complete the setup of the rest of our lab with known-vulnerable hosts, let’s run some cursory nmap scans.

Let’s run a ping scan on our own network with the command:

nmap -v -sn 10.0.10.0/24

This says: nmap, print verbose output (-v), do a Ping Scan (-sn) – (disable the default port scan for each address), and use the network 10.0.10.0 with a CIDR of /24.

This scan will attempt to ping all 254 addresses. The highlights of the scan are below:

root@HN-kali01:~# nmap -v -sn 10.0.10.0/24

Starting Nmap 7.40 ( https://nmap.org ) at 2017-08-04 15:13 PDT
Initiating ARP Ping Scan at 15:13
Scanning 255 hosts [1 port/host]
Completed ARP Ping Scan at 15:13, 1.95s elapsed (255 total hosts)
Initiating Parallel DNS resolution of 255 hosts. at 15:13
Completed Parallel DNS resolution of 255 hosts. at 15:13, 5.53s elapsed
Nmap scan report for 10.0.10.0 [host down]
Nmap scan report for pfSense2x.jasoncoltrin.local (10.0.10.1)
Host is up (0.00048s latency).
MAC Address: 62:65:B1:30:52:A7 (Unknown)
Nmap scan report for 10.0.10.2 [host down]
Nmap scan report for 10.0.10.3 [host down]

...
...
Nmap scan report for 10.0.10.51
Host is up (0.00049s latency).
MAC Address: 18:03:73:34:34:36 (Dell)
Nmap scan report for 10.0.10.52 [host down]
Nmap scan report for 10.0.10.53 [host down]

So here we see that the scan detected my pfSense virtual machine firewall on IP 10.0.10.1, and gave me the MAC Address.

Let’s take a closer look at my the Dell workstation found on 10.0.10.51. To do so, let’s run a port scan:

nmap -p 1-65535 -sV -sS -T4 10.0.10.51

This scan does the following:

Run a full port scan on ports 1-65535, detect service versions, run a Stealth Syn scan, use T4 timing and the target of the scan is IP 10.0.10.51.

Below are the results:

root@HN-kali01:~# nmap -p 1-65535 -sV -sS -T4 10.0.10.51

Starting Nmap 7.40 ( https://nmap.org ) at 2017-08-04 15:17 PDT
Nmap scan report for 10.0.10.51
Host is up (0.00047s latency).
Not shown: 65528 filtered ports
PORT      STATE SERVICE      VERSION
135/tcp   open  msrpc        Microsoft Windows RPC
139/tcp   open  netbios-ssn  Microsoft Windows netbios-ssn
445/tcp   open  microsoft-ds Microsoft Windows 7 - 10 microsoft-ds (workgroup: WORKGROUP)
2179/tcp  open  vmrdp?
27036/tcp open  ssl/steam    Valve Steam In-Home Streaming service (TLSv1.2 PSK)
49666/tcp open  msrpc        Microsoft Windows RPC
49667/tcp open  msrpc        Microsoft Windows RPC
MAC Address: 18:03:73:34:34:36 (Dell)
Service Info: Host: JCDESKTOP; OS: Windows; CPE: cpe:/o:microsoft:windows

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 141.84 seconds

Because I don’t always like to use my new Kali VM via the ProxMox console, I want to run my Kali desktop over VNC & SSH. Here is a good resource for learning how to connect to your Kali Linux system with VNC over a secure SSH connection:

In the next post, we’ll look some more at NMAP, as well as some other pen-test tools.

Security – Blue Team – Building a security project on a budget

How to Create and Build a Security Profile for Your Network on a Budget – Part 1

Start with Building a Foundation (or use an existing good one).

Credit to Kyle Bubp & irongeek.com: http://www.irongeek.com/i.php?page=videos/bsidescleveland2017/bsides-cleveland-102-blue-teamin-on-a-budget-of-zero-kyle-bubp

Use a Base Framework for your security project. There are a lot of standards available and the NIST government standards are a good solid foundation:

  • NIST 800-53
  • NIST Cybersecurity Framework
  • NIST CSF Tool
  • CIS Critical Security Controls
  • NIST-CSF tool – this is a nice visual tool – graphical interface for the stages of building a security program

Document everything

A core documentation repository is critical when setting up a security project – others will follow you and will need to look up the information you have recorded. It’s best to have a security incident response ticketing system and documentation before you need it. Have these tools up and ready.

For policy, procedure, how-tos, etc:

  • MediaWiki(free)
  • Atlassian Confluence ($10 for 10 users) – glyfee plugin for confluence
  • OneNote/SharePoint – not every company is entirely open source

Incident Response Ticketing/Documentation systems:

Map out your entire network

  • NetDB – Uses ARP tables and MAC databases on your network gear. (use a service account and NetDB will use ssh/telnet to find every device connected, will give a nice http interface. You can setup a cron job that will scan NetDB database every hour. You can pipe new device connections to an email address. Knowing if something comes onto your network is critical.

.ova is available at https://www.kylebubp.com/files/netdb.ova

Supports the following: Cisco, Palo Alto, JunoOS, Aruba, Dell Powerconnect

  • nmap scans + ndiff/yandiff – not just for red teams; export results, diff for changes. Alert if something changed.
  • NetDisco

https://sourceforge.net/projects/netdisco – uses SNMP to inventory your network devices.

  • Map your network – create a Visio document and have a good network map.

Visibility

Facebook-developed osquery and this tool can give you all you need.

Agents for MacOS, Windows, Linux

Deploy across your enterprise w/ Chef, Puppet, or SCCM

Do fun things like search for IoC’s (FBI file hashes, processes) – pipe the data into ElasticStack for visibility & search-ability

User Data Discovery

OpenDLP – (github) or (download an .ova) – will scan file shares and using a normal user account you can scan for available shares and data. Run over the weekend and see what you can find. Find the data owners and determine where the data should reside.

Hardening Your Network

CIS Benchmarks – Center for Internet Security Benchmarks: 100+ configuration guidelines for various technology groups to safeguard systems against today’s evolving cyber threats.

Out of the box, windows 10 is 22% for the CIS benchmark.

It’s difficult to secure your network if everything is a snowflake. While not exciting, configuration management is important. Deploy configs across your org using tools like GPO, Chef, or Puppet.

Change management is also important – use git repo for trackign changes to your config scripts.

Safety vs. Risk

Scanning for Vulnerabilities:

OpenVAS (greenbone) is a fork of Nessus which is still maintained, is the default vulnerability scanner in AlienVault. It does a great job in comparison with commercial products. Be careful, do some safe scans first and it’s not recommended to scan critical life-support equipment for example in a hospital.

Scan web apps:

Arachni Framework – for finding bugs in your developer’s code

OWASP ZAP (Zed Attack Proxy)

Nikto2 (Server config scanner)

Portswigger Burp Suite (not free – $350)

Harden your web servers:

Fail2ban – python-based IPS that runs off of Apache Logs

ModSecurity – Open source WAF for Apache & IIS

Dell Latitude 3450 cannot install windows 7 with samsung se-208 DVD driver missing

So I recently had problems installing Windows 7 SP1 with an original certified Dell installation DVD using a Samsung thin profile SE-208 external USB DVD/CD.

Upon booting to the Windows 7 installation, after telling the Windows 7 installer to go ahead, it said that the DVD/CD ROM drivers were missing.

I also could not install with a bootable Windows 7 USB key that I created by first ripping the Dell DVD to an ISO with IMG Burn, and then creating a bootable USB drive with rufus-2.12.exe. The same error – no drivers detected.

After finding this post here, it came to me that I had only tried the external DVD drive on the USB port that is on the right-hand side of the laptop (USB 3.0).

I instead connected the external USB DVD drive into the Left-hand side of the laptop USB port (USB 2.0) and booted the DVD into the installation and proceeded normally.

So if this happens to you, connect your bootable device to only a USB 2.0 port, when trying to install Windows 7 on a newer PC or laptop that has both USB 2.0 and USB 3.0 ports!

Fix ubuntu when the OS will not boot – kernel panic – kernel panic not syncing vfs unable to mount root fs on unknown-block 0 0 – error /boot full remove old kernels from command line

To begin, it will probably take at least 30 minutes resolve this issue…

This fix solved my problem with the “vfs unable to mount root fs” error, but of course your results may vary. As always, first backup your system or do an export of the vm so you have a copy of the system as it existed before you started screwing around with it 😉

After running apt-get update / apt-get upgrade and then a reboot, you may receive the following error: kernel panic not syncing vfs unable to mount root fs on unknown-block 0 0 on ubuntu 16.04.

In many cases this  will be due to the /boot drive becoming 100% full because many updates have been made to the kernel. By default, ubuntu will retain the old kernels and add them to the list of available kernels you can boot into in the Grub2 boot loader menu. You can confirm that your drive is full by issueing the command:

df -h

The result will likely show the following:

In order to resolve this issue and boot successfully, while you’re looking at the error during boot, (you should already be at the console), and restart the vm or computer into the Grub2 menu then choose “Advanced options for ubuntu” view where you can see a list of old kernels you can boot into. Some report you can do this booting with the Shift key held down, or in the event it’s a virtual machine, you should be able to arrow-down in the Grub start screen and choose Advanced options for ubuntu on startup:

Grub2 boot menu.

Once you go into the advanced boot menu you will likely see several kernels listed. Choose the next-oldest kernel from the top/highest version of kernels. In my case I booted into the version labeled Ubuntu, with Linux 4.4.0-57-generic (my boot menu screenshot below is clean, but you’ll likely see several kernels listed).

Cross your fingers and hope you get to your login prompt. From here I jumped on putty and connected from that client, as I prefer it over the console.

Next, login and follow the directions that I found here:

http://askubuntu.com/questions/2793/how-do-i-remove-old-kernel-versions-to-clean-up-the-boot-menu

To save you the search, here are the instructions I used to first list and then remove the old kernels:

Open terminal and check your current kernel:

uname -a

DO NOT REMOVE THIS KERNEL! Make a note of the version in notepad or something.

Next, type the command below to view/list all installed kernels on your system.

dpkg --list | grep linux-image

Find all the kernels that are lower than your current kernel version. When you know which kernel to remove, continue below to remove it. Run the commands below to remove the kernel you selected.

sudo apt-get purge linux-image-x.x.x.x-generic

Or:

sudo apt-get purge linux-image-extra-x.x.x-xx-generic

Finally, run the commands below to update grub2

sudo update-grub2

Reboot your system.

sudo reboot

As you can see from my terminal history, I had to remove a few:

589  uname -a
 590  dpkg --list | grep linux-image
 591  sudo apt-get purge linux-image-4.4.0-21-generic
 592  sudo apt-get purge linux-image-4.4.0-22-generic
 593  sudo apt-get purge linux-image-4.4.0-24-generic
 594  df -h
 595  sudo apt-get purge linux-image-4.4.0-24-generic
 596  sudo apt-get purge linux-image-4.4.0-28-generic
 597  sudo apt-get purge linux-image-4.4.0-31-generic
 598  sudo apt-get purge linux-image-4.4.0-34-generic
 599  sudo apt-get purge linux-image-4.4.0-36-generic
 600  sudo apt-get purge linux-image-4.4.0-38-generic
 601  df -h
 602  sudo apt-get purge linux-image-4.4.0-42-generic
 603  sudo apt-get purge linux-image-4.4.0-45-generic
 604  sudo apt-get purge linux-image-4.4.0-47-generic
 605  sudo apt-get purge linux-image-4.4.0-51-generic
 606  sudo apt-get purge linux-image-4.4.0-53-generic
 607  sudo update-grub2
 608  dpkg --list | grep linux-image
 609  df -h
 610  sudo apt-get purge linux-image-extra-4.4.0-21-generic
 611  sudo apt-get purge linux-image-extra-4.4.0-22-generic
 612  sudo apt-get purge linux-image-extra-4.4.0-24-generic
 613  sudo apt-get purge linux-image-extra-4.4.0-28-generic
 614  sudo apt-get purge linux-image-extra-4.4.0-31-generic
 615  sudo update-grub2
 616  df -h
 617  sudo reboot
 618  dpkg --list | grep linux-image
 619  uname -a
 620  sudo reboot

After the reboot, you can see my /boot partition returned to a manageable size:

I hope this post helps someone save some time and help them fix their ubuntu boot problems. Please leave a comment if this helped resolve your issue or if there is a smarter/faster way to fix this problem.