A lot of my windows drivers have expired dates for the certificate, and some are not even signed, is this normal? [migrated]

I just gathered all the drivers in my system32/drivers folder and checked their certificate (my windows is updated and its a windows 10 x64)

But i found that so many of them have expired certificate! and some are not even signed! (pictures included)

so my questions are :

  1. Is this normal? if not, what should i do? and if not, then why are the expiration date expired?

  2. How are these drivers are able to get loaded when they have no certificate or its expired? my system is W10 x64 with secure boot enabled, i thought you can only load signed drivers with valid certificates?

  3. What is the role of these countersignatures put in simply? i tried reading MSDN and other websites but couldn’t understand whats the need of this?

here are some examples

WindowsTrustedRTProxy.sys (countersignature is also expired) :

enter image description here

winusb.sys (no certificate) :

enter image description here

Troika! How to check for normal skill or action?

For example a player wants to kick a door open or transport glasses over a slippery wet floor. The player has no fitting advanced skill for those.

The base SKILL is 1d3+3 which can be very low. Rolling that under 2d6 is very hard. Everyday tasks become impossible. I could let them spend extra LUCK to boost their roll but that feels unnatural. Players tend to save their LUCK when they need it.

Alternatively I could let them roll 2d6 + SKILL versus or under a given difficulty but the Troika! does not have any rulings for this.

How to check for an normal task that sometimes fail?

Where can i download a benign PE dataset? or at least which website is the best candidate for crawling and downloading normal executables? [closed]

I’m planning to gather a benign dataset for my ML malware detection model

the problem I’m having is finding benign PE files, i just need a source that has a dataset of normal executables, i will scan them with VT and extract benign ones, but i cant find anything useful

if there is nothing out there, then at least what is the best website that has the potential to be useful for a PE downloader crawler? (meaning its easy to crawl and automatically download .exe files without running into problems)

also another problem of using a download website is Installers, considering most of their files are installer and i need to install the program first, is there any good solution to this? is there any AutoIT script that somehow can install all types of installers ?

(I tried looking at surveys on using ML in malware detection like [1], but seems like non of the papers have released any useful benign dataset other than simple windows files which anyone can gather and is less than 10k, and very small amounts like 1000, i need to gather a large benign dataset, more than 50,000 benign files because my malware dataset is really large)

[1] https://www.sciencedirect.com/science/article/pii/S0167404818303808

If your wild shaped form has damage resistance and you revert to your normal form, does your normal form take the halved damage?

Let’s say we had a druid with the Circle of the Moon archetype. They can use their wild shape feature to turn into an elemental as per their Elemental Wild Shape feature (PHB, p. 69):

Elemental Wild Shape
At 10th level, you can expend two uses of Wild Shape at the same time to transform into an air elemental, an earth elemental, a fire elemental, or a water elemental.

Those elemental creatures all have resistance to nonmagical bludgeoning, piercing and slashing damage, and some forms have other damage resistances too. Let’s say your elemental form was on 5 HP and you took 20 nonmagical slashing damage. Your elemental form would halve that damage to 10 damage. This exceeds the total HP the elemental form was on, and so you would revert back to your normal form, as per wild shape (PHB, p. 67):

… if you revert as a result of dropping to 0 hit points, any excess damage carries over to your normal form. For example, if you take 10 damage in animal form and have only 1 hit point left, you revert and take 9 damage.

Let’s assume that your normal form has no damage resistances. Does your normal form really take just 5 slashing damage, even though your normal form isn’t resistant to slashing damage, or would your normal form take 10 damage, since that’s what it would have been if it wasn’t halved by a resistance that no longer applies to your reverted form? Intuitively I think the normal form should take 5 damage, but the below related question’s answers (even through it’s the opposite scenario) would imply that it would take 10 damage.


Related (but the other way around, since that Q&A is talking about the normal form having the resistance, whereas I’m asking about the wild shaped form having the resistance): How does resistance/vulnerability/immunity interact with carryover damage after reducing Polymorphed (or Wild Shaped) form to 0 HP?

Is it normal to see two different IP addresses in the arp table when you run the arp -a check?

Long story short I noticed that there are two different IP addresses in the ARP table when I ran the arp check. I suspect my computer might have been compromised because when I ran similar check on my other computer it only returns one IP address instead of two. I’m not running any VPN or anything if it would clear any misunderstanding, it’s why I’m puzzled by this.

Does “Claw at the Moon” require the character to make a normal attack roll in addition to the Jump check?

Claw at the Moon’s description states the following:

ToB p.86

As part of this maneuver, you attempt a Jump check to leap into the air and make a melee attack that targets your foe’s upper body, face, and neck. The Jump check’s DC is equal to your target’s AC. If this check succeeds, your attack deals an extra 2d6 points of damage. If this attack threatens a critical hit, you gain a +4 bonus on your roll to confirm the critical hit.

If your check fails, you can still attack, but you do not deal extra damage or gain a bonus on a roll to confirm a critical hit. The maneuver is still considered expended.

I have two interpretations of this maneuver’s effect:

  1. You get to make a Jump check and a normal attack roll, if the check fails, you only take into account the normal attack roll and don’t have any additional bonuses.
  2. You only make the Jump check to determine the attack roll (since the DC of the roll is the enemy’s AC, it would make sense), and only if you fail, you can make a normal attack roll and attack normally.

Logic dictates that the first interpretation is the correct one and that the second one is a tad overpowered, but I’ve been wrong before. Which interpretation is the correct one?

How does Tor preserve anonymity if it uses normal Internet Routing?

I’m studying Tor and Onion Routing and I don’t understand how it preserves anonymity if the Internet routing is still done using public ip addresses.

Let’s suppose we have the following Tor circuit: Tor Browser -> A -> B -> C -> Server. If someone follows the traffic from relay to relay then the anonymity is broken. Even though it uses 3 layers of encryption the routing is done by public ip addresses which are in clear text in the ip header.

Or when the server responds back it sends the packets to the public ip address of C. Some authority could follow to route from the server to C to B to A to the client and knows that the client is communicating with the server.

Can anyone say if I’m right? Or the entire security of Tor is based on the fact that no one can ever control all 3 relays (or statistically is very improbable)?

Is it possible to use a weapon as a normal weapon and an arcane focus at the same time?

I am relatively new to D&D, and am currently creating my very first PC, a Tiefling Sorcerer with a Draconic Origin. As I was working on my weapons and items, I got into what an arcane focus is and how they work.

Since I read online that a quarterstaff can double as a weapon and an arcane focus, I was wondering if it was possible to use them as both of those things at the same time?

Let me give an example: I am a 3rd level Sorcerer and know the metamagic Quickened Spell and the Shocking Grasp cantrip. I am in the middle of combat, and on my turn decide to attack an enemy within range with my quarterstaff. Before I attack, I decide to expend my two sorcery points to change the casting time of Shocking Grasp cantrip to one bonus action. I then attack and hit the monster.

Can I simultaneously hit the monster, costing 1 action, and cast my Shocking Grasp cantrip, costing 1 bonus action, to deal more damage with my attack?