|
Boris Galerkin posted:Isn’t he like an actual murderer? He's wanted for questioning in Belize concerning the death of his former neighbours. Based on his Bluelight posts from the time it sounds pretty drat plausible that he did go and get his murder on (His username was stuffmonger): http://www.bluelight.org/vb/threads/541627-Hello-and-an-MDPV-Question Edit: VVV yeah that's mentioned in the Bluelight thread. VVV Pile Of Garbage fucked around with this message at 14:23 on Feb 9, 2018 |
# ? Feb 9, 2018 13:40 |
|
|
# ? May 28, 2024 16:28 |
|
I think his neighbors killed his dogs or some other hosed up poo poo.
|
# ? Feb 9, 2018 14:22 |
|
Not sure if you all got to witness the glorious social media marketing fiasco that was Cygilent last night.. They have since deleted the tweets, but it's the internet.. It was so amazing https://twitter.com/mattifestation/status/961833483243941888
|
# ? Feb 9, 2018 15:18 |
|
fyallm posted:Not sure if you all got to witness the glorious social media marketing fiasco that was Cygilent last night.. Beautiful.
|
# ? Feb 9, 2018 18:47 |
|
Today on "computers were a bad idea", your airgapped system in a drat Faraday cage can STILL be made to exfiltrate dataquote:Air-gapped computers are computers which are kept isolated from the Internet, because they store and process sensitive information. When highly sensitive data is involved, an air-gapped computer might also be kept secluded in a Faraday cage. The Faraday cage prevents the leakage of electromagnetic signals emanating from various computer parts, which may be picked up by an eavesdropping adversary remotely. The air-gap separation, coupled with the Faraday shield, provides a high level of isolation, preventing the potential leakage of sensitive data from the system. In this paper, we show how attackers can bypass Faraday cages and air-gaps in order to leak data from highly secure computers. Our method is based on an exploitation of the magnetic field generated by the computer CPU. https://arxiv.org/abs/1802.02700
|
# ? Feb 9, 2018 19:21 |
|
Docjowles posted:Today on "computers were a bad idea", your airgapped system in a drat Faraday cage can STILL be made to exfiltrate data As much as this industry is a dumpster fire, poo poo like this is so god drat cool
|
# ? Feb 9, 2018 19:23 |
|
Docjowles posted:Today on "computers were a bad idea", your airgapped system in a drat Faraday cage can STILL be made to exfiltrate data flakeloaf posted:first, install malware on the airgapped machine
|
# ? Feb 9, 2018 19:23 |
|
Preinstall in ME during manufacturing process.
|
# ? Feb 9, 2018 19:25 |
|
Build your computer from scratch with raw materials.
|
# ? Feb 9, 2018 19:28 |
|
Thermopyle posted:Build your computer from scratch with raw materials.
|
# ? Feb 9, 2018 20:47 |
|
Gotta source mats from an independent galaxy. Ofc if you're looking to mitigate against high-level localised relativity deconstruction attacks (?) then we'll need an independent universe.
|
# ? Feb 9, 2018 21:34 |
|
There was this too, where you transfer data using the fan at 900 bits/hr.
|
# ? Feb 10, 2018 01:16 |
|
Thanks for quoting a bad yospos post at me I admit to being a total dipshit in the security realm. And yeah this is something 99% of us won’t ever have to worry about. Just posting it because a) the attack itself is fascinating. And b) remember that time the NSA was caught intercepting hardware and installing backdoors? Maybe that airgapped computer wasn’t as secure as you thought.
|
# ? Feb 10, 2018 04:53 |
|
It was an interesting item. Don’t internalize the forums.
|
# ? Feb 10, 2018 06:11 |
|
Subjunctive posted:It was an interesting item. Don’t internalize the forums. Too late, the forums jumped the airgap into their subconscious.
|
# ? Feb 10, 2018 06:15 |
|
Absurd Alhazred posted:Too late, the forums jumped the airgap into their subconscious. Yeah, had he gotten either McAfee MindSecure or Symantec Norton Cerebral Security 2018, he would have (had a seizure) been perfectly fine!
|
# ? Feb 10, 2018 06:30 |
|
Samizdata posted:Yeah, had he gotten either McAfee MindSecure or Symantec Norton Cerebral Security 2018, he would have (had a seizure) been perfectly fine! Can't spell "seizure" without "sure"!
|
# ? Feb 10, 2018 06:31 |
|
Docjowles posted:I admit to being a total dipshit in the security realm. And yeah this is something 99% of us wont ever have to worry about. Just posting it because a) the attack itself is fascinating. And b) remember that time the NSA was caught intercepting hardware and installing backdoors? Maybe that airgapped computer wasnt as secure as you thought. it's interesting, but more as a demonstration of how much a cpu or whatnot can be coaxed into doing really crazy stuff. As for real security, until someone comes up with a way to use some component on an airgapped pc to receive data, all of these exotic methods to send data out of the air gap are kinda academic. Installing malware on an airgapped machine is demonstrably possible. But if your goal is exfiltrating data, you can just do that the same way your malware got into the target machine in the first place (the USB keys or custom trojan hardware). If stuxnet had been aiming to steal "iranian agents.xls" instead of wreck centrifuges, the CIA would have made it save that data back to the USB key or whatever. But since the data you want to steal probably isn't an excell sheet saved on the desktop, you're probably going to need multiple rounds of passing information back and forth across the airgap to find the thing you want. And while these magnetic flippers or radio generators or led flashers would shorten one leg of the process, it's no magic bullet. At best they're a shortcut -- but since they also require physically placing a bug nearby, even that is questionable.
|
# ? Feb 10, 2018 20:04 |
|
Klyith posted:it's interesting, but more as a demonstration of how much a cpu or whatnot can be coaxed into doing really crazy stuff. The beauty of those were that they spread on other people's USB drives though.
|
# ? Feb 10, 2018 20:26 |
|
astral posted:The beauty of those were that they spread on other people's USB drives though. exactly. but if you wanted to steal data, instead of the centrifuge-destroyer payload you'd have a data theft module that, when it recognizes the target airgapped machine, searches and writes your secret dox to the USB drive (encrypted of course). then you'd have an "exfiltration" module that was on every infected machine that passes the hot data along until you can upload to ftp.cia.gov from some tech's home pc. of course now if you have an airgapped computer with the Mission Impossible NOC List you are expoying all the USB ports and stuff because the cat is out of the bag. e VVV stuxnet was infecting 60% of the computers in Iran before they discovered it. the data can propagate out just as fast as the original infection, and jump any gap via sneakernet Klyith fucked around with this message at 23:34 on Feb 10, 2018 |
# ? Feb 10, 2018 21:03 |
|
How do they get the USB key back?
|
# ? Feb 10, 2018 22:16 |
|
Subjunctive posted:How do they get the USB key back? usb with malware is slotted into airgapped machine and then you count on the info you targeted on the airgapped pc to propagate via that same usb (or a later one) to some other machine connected to the internet at which point you can exfiltrate.
|
# ? Feb 10, 2018 23:21 |
|
Dadbod Apocalypse posted:usb with malware is slotted into airgapped machine and then you count on the info you targeted on the airgapped pc to propagate via that same usb (or a later one) to some other machine connected to the internet at which point you can exfiltrate. But then they know that you were after info, that you (likely) successfully acquired info, and exactly what info you may have acquired. Or, worse, if it gets caught with the info before it connects to the internet, you'll find yourself fed some false information instead. Not ideal.
|
# ? Feb 10, 2018 23:38 |
|
https://twitter.com/secristr/status/962544626765914112
|
# ? Feb 11, 2018 05:34 |
|
Oh Android, you keep being you.
|
# ? Feb 11, 2018 05:56 |
|
Buttception https://twitter.com/SCMagazine/status/962413395101257728
|
# ? Feb 11, 2018 06:21 |
|
Anyone played with Quad9 for DNS? Sounds neat, but I don't know how much they actually block.
|
# ? Feb 11, 2018 13:25 |
Any and all blocking should be done by returning NXDOMAIN from as close to the client devices as possible to minimize RTT when you're head-of-line blocked, preferably through something like unbound and void-zone-tools (there are other solutions that are available, although in my experience they're usually a lot harder to reason about and debug), and upstream DNS should leave queries wholly untouched. This way, if the filtering gives rise to issues, you know exactly to go to affect changes and there's no propregation time.
|
|
# ? Feb 11, 2018 15:58 |
|
https://twitter.com/campuscodi/status/962617957900730368 https://twitter.com/SwiftOnSecurity/status/962619340553097216
|
# ? Feb 11, 2018 18:15 |
|
ufarn posted:Anyone played with Quad9 for DNS? Sounds neat, but I don't know how much they actually block. As a side note, I recently setup Pi-Hole at home and it's a blast.
|
# ? Feb 11, 2018 20:38 |
|
This is my surprised face
|
# ? Feb 11, 2018 22:37 |
|
ufarn posted:Anyone played with Quad9 for DNS? Sounds neat, but I don't know how much they actually block. If you're in Australia I'd avoid it, IBM are having issues there which breaks stuff that uses geo-DNS stuff (e.g. Office 365).
|
# ? Feb 12, 2018 10:39 |
|
ufarn posted:Anyone played with Quad9 for DNS? Sounds neat, but I don't know how much they actually block. I run it as the upstream DNS for my house, seems to work fine. No idea how much it actually blocks since those queries just fail but I benchmarked it on my ISP and it was by far the fastest filtered DNS solution and was maybe a ms or two slower than Google's 8.8.8.8/8.8.4.4 so that's fine.
|
# ? Feb 12, 2018 13:31 |
|
Am I right in thinking that Certificate Authorities for websites are basically a scam and I should just go with the cheapest option that doesn't throw a red address bar/error page while allowing HTTPS? Which appears to be Namecheap Comodo PositiveSSL. I don't need a Green Bar.
|
# ? Feb 12, 2018 14:35 |
|
No, don't go for the cheapest one. Nor the most expensive one necessarily. Cheap ones probably have not-so-good security configuration and their CA could be compromised (this has happened in the past). Just go for Let's Encrypt if you can (they are free, but not cheap when it comes to handling security, if you get my drift).
|
# ? Feb 12, 2018 14:37 |
|
Alpha Mayo posted:Am I right in thinking that Certificate Authorities for websites are basically a scam and I should just go with the cheapest option that doesn't throw a red address bar/error page while allowing HTTPS? Which appears to be Namecheap Comodo PositiveSSL. Let's Encrypt
|
# ? Feb 12, 2018 14:53 |
|
Alpha Mayo posted:Am I right in thinking that Certificate Authorities for websites are basically a scam and I should just go with the cheapest option that doesn't throw a red address bar/error page while allowing HTTPS? Which appears to be Namecheap Comodo PositiveSSL. The idea is that all the CAs are obliged to operate by the same set of rules for documenting/issuing certs to have their CA pre-loaded as a trust in your OS or browser, and the software vendors will pull that if you get caught loving up which basically means game over for your company. Going with the absolute cheapest option will increase your risk of them completely mishandling things and getting popped which means you'd have to do some additional work to re-issue certs when it happens. This happened to Symantec last year when they got caught red-handed issuing certs incorrectly and all the browsers stopped trusting any new certs they issued and set a cutoff for existing ones to go untrusted. This forced Symantec to sell off their cert division and complete leave the market. It's not a great system but the idea is the software vendors keep the CAs in check because they have competing interests.
|
# ? Feb 12, 2018 15:19 |
|
Finally, we've found a new economic model for porn sites to replace banner ads.
|
# ? Feb 12, 2018 17:03 |
|
Klyith posted:it's interesting, but more as a demonstration of how much a cpu or whatnot can be coaxed into doing really crazy stuff. Still really academic, but this might conceivably be used on secure devices like networking equipment to leak encryption keys. Either as pre-installed software or a hardware trojan.
|
# ? Feb 12, 2018 17:07 |
|
|
# ? May 28, 2024 16:28 |
|
Also I have been studying real-world IT security and decided to play around with password cracking. Holy poo poo everything is loving broken and if you aren't using 2FA on EVERYTHING you are hosed. I thought passwords like 64Sephir0th# would be reasonably secure but Hashcat, rules, masks, billions of leaked passwords, and GPUs have basically broken it all. I had an old SQL backup from a site I ran in in 2002, with 4000 registered users with md5 hashed passwords. Just playing around with hashcat and I've cracked 3850 of the passwords. Best64 x Top 2 billion passwords = 96% cracked in about 10 minutes, on my single Radeon 7870 GPU.
|
# ? Feb 12, 2018 22:39 |