Posts by tr1ck5t3r

Re: Details Please

> maybe even using some more of the security domains the Intel architecture offers

Is that the Intel Management Engine which as been neutralised?

http://hackaday.com/2016/11/28/neutralizing-intels-management-engine/

Re: Stuff happens...

Less is more, using embed OS's means everyone can tweak the source code to reduce bugs which can be used as backdoors as its smaller and more manageable and quicker to get to grips with, when writing your own version of an OS.

Plus various open source licences don't force you to share your tweaked OS, webservers, email servers reducing the backdoors to just the cpu and other chip based domain which adds security, despite some arguing theres no security with obscurity.

The raspberrypi is more secure than you think.

@allthecoolshortnamesweretaken

Sock puppet preplanned conversation.

Just another example of the corporate fascist world we live in, easily passed off as a coincidental conversation depending on how much you analyse the text output on websites.

Psychological training with thumbs up and thumbs down facilities, after all when you control the DNS you control what version of the internet you see.

It is interesting. Try this for an experiment.

Windows 7 hooked up to a Draytek Vigor 120 using ppoe to log onto your broadband connection.

Only network attacks being blocked is this slammer worm coming in on the SQL port.

Now boot from a Linux live cd like Ubuntu using same vigor 120 with pope and you'll get loads of different types of network attacks.

What info is sent out? Windows 7 communicates with MS which adjusts the network icon to say its online.

Try the same with XP, but remove the time server references from the registery and disable windows updates so theres no apparent communication with the outside world and your XP device will still talk to MS.

UEFI allows device drivers to be remotely installed irrespective of your OS, and most firewalls communicate whats behind it through DNS lookups in a particular order.

I do wonder whose really behind these hacks.

Can a trillionaires billion dollar company be so inept at making software they are still in business and that rich unless they are getting lucrative contracts from Govt to hide the fact the US Tech giants just spy on their users, much like Telco & mobile companies listen into calls and track your movements?

CEO's & board members have a price to keep quiet about the spying they facilitate which is more than can be said for the dumb twats who work in law enforcement or the spooks for a pittance!

Re: Let's be realistic

If you think about this situation using closed software like MS Windows, I would agree, if you think about this situation with opensource I would disagree.

WRT to using Open source, you have one AI spotting the problems (Ai1), another AI (Ai2) can rewrite the code randomly, put each iteration up for testing with Ai1. If Ai1 gives it a pass, code is committed. Job Done.

If you are familiar with coding, how long does it take to change something and recompile it? Perhaps the wrong data type was used for a variable, a String when it should have been a Cstring or Long and the inherent boundary checks datatypes bring to the table.

Its not hard to do, I even wrote a system in the 00's which rewrote software from procedural toOOP code, converting ISAM to SQL data sources. What the software house thought would take 3 months based on their own programmers experience, took me 1 week to write the convertor, and a few hours for the convertor to run and rewrite the software. Still got paid that 3months though.

Its just evolution on "steroids" albeit in the silicon domain and not the wider world where we have not even been able to quantify the effect different chemicals have on the long and short decision making process that affect animals including humans.

Lets face it, I could say something offensive to you whilst you are sober and you wont react, give you some drugs like alcohol which affects your liver and cholesterol production which in turn affects the production of various other hormones that can then go on and affect your judgement, and then you might be able to see how our decision making processes are so widely affected by the chemicals/drugs we choose to ingest, inhale, rub or spray on ourselves.

Look at this image to see how the liver which produces around 80% of your cholesterol is converted into different hormones. https://en.wikipedia.org/wiki/Cholesterol#/media/File:Steroidogenesis.svg

Lets not forget the metabolites of alcohol take 14 days to be broken down by the Liver.

So lets not kid ourselves that we are in control of our emotions or decision making processes, hey?

Standardised mass market foods go some way to standardise the emotions of humans which in turn helps the legal profession maintain their authority over us by ignoring inconvenient facts like how data you may have been exposed to at some previous point in time coupled with your chemistry at the time can determine future behaviour/reactions which much of main stream science is just scraping the surface on.

http://journals.plos.org/plosone/article?id=10.1371/journal.pone.0051959

http://www.lifeextension.com/Magazine/2007/11/report_pregnenolone/Page-01

"Scientists from the VA Medical Center in St. Louis explored pregnenolone’s benefits in memory retention using a conditioning task in animals that involved learning to avoid a mild electric shock to the foot.37,38 To their surprise, they discovered that pregnenolone displayed beneficial effects in improving memory retention at almost incredibly low doses.1 They also found the response to pregnenolone was much faster than expected had the supplement been working like a typical neurosteroid, leading to the conclusion that something much more dramatic was going on."

What I take away from this, is that humans with no sex drive is a medical marker to show they are not functioning properly, and considering the weighting we give to old people's influence over our lives, think House of Lords as one example, is society as a whole set up to fail due to the faulty memories and decision making processes of old people with no sex drive, whilst still only allowing alcohol to be dominant recreational drug for society, considering how it affects both short term and long term memories by affecting the cholesterol production and other liver functions?

Lets not forget Liver is Latin for life.

Its also interesting how producing so much of the stress hormones can cause ill health by removing/reducing the other hormones which would normally be produced. So whilst stress hormones can increase spatial intelligence as a species are we setting ourselves up for failure in the future, as we know stress hormones affect the ability to remember and learn?

Studies already show Westerner kids have lower IQ levels.

Are Western countries suffering the intellectual effects of a baby boomer generation not able to think properly for themselves?

Re: If it compiles, ship it

> Nobody at Microsoft really knows how SMB file sharing actually works any more

MS like all typical big businesses with a corporate mindset got rid of the staff that originally worked on most of windows core anyway. Even the dude who wrote the core of MS Word is long gone now.

MS made redundant their expertise in return for short term profit, and if you really understand capitalism, the ever lasting light bulb and the Phoebus Cartel, you'll know these are nothing more than deliberate actions on the part of MS, but your EULA means you cant sue them.

It would be illogical to draw any other conclusion.

https://en.wikipedia.org/wiki/Phoebus_cartel

They are the corporate heroin dealers of software, you want to leave and use another operating system, but you cant as the software you need, doesn't exist elsewhere.

You want an alternative but they just don't exist, the same conformity that ushered in the Nazi's is now being used against you, people are lazy, they have been told you cant go wrong with MS, it used to be you cant go wrong with IBM, tomorrow it will be some other company you have yet to hear of.

Face it, we are all corporate clones with just enough intelligence to recognise some problems but not enough intelligence to come up with a solution.

So how do you know these were false positives and not some really really good worm which has so far gone undetected? Stuxnet took over a year to just be reversed engineered and classified as a virus!

I'm always intrigued by these False Positives, because what it boils down to is believing someone or something else and not your anti virus software because the truth appears to be too uncomfortable!

Put it like this, when your AV software flags itself up, how do you know its not been infected?

Do you, like any good scientist have anything else to back up your position/opinion like a hash sum of the file in question compared to a known offline good copy for example?

Do MS even provide a list of their files & version numbers with a variety of hash sums, for people to use to verify and trust their Windows files independent of AV software analysis?

How do you know the Spooks are not redirecting your DNS lookup's or intercepting your network connections (MITM) to a hypothetical web link to MS which lists the hash sums of their own files?

Some people don't appear to have thought things through properly.

Re: Hackers are not the only threat.

Misdirection is a valid technique in the dark arts of spying.

You feel more relaxed and let down your guard if you think they are only hacking network backbones.

Perhaps consider the fact the US Tech sector is just a PR friendly part of the US Military with spooks from other countries more interested in whats going on in your home than anything else. DO you really think Bill Gates got that knighthood just for MS Windows service to business, or perhaps its really a window into your life?

Whilst you might sense someone staring at you when out & about or from across the office, you sense nothing when that cold dark abyss of the camera in your smart phone is secretly watching your every move, whilst that microphone is recording everything you emit from your orifices.

Listening in to people when they are asleep is the best because so many people sleep talk when they dream, so you can find out what's on someone's mind, which is why the smartphone is used as an alarm clock more than any other application. Perhaps you have secret pervasion, like sticking things up your bottom? Its all recorded for future posterity.

I trust you have seen the news? https://www.theregister.co.uk/2017/01/12/never_mind_your_the_devlelopers_maps_and_alarm_clocks_are_the_best_thing_about_mobes/

Spooks including MI5 & MI6 will play your behaviours more than you think, why do you think they have a close working relationship with escort agencies, sex and blackmail are the two oldest tricks in the book. Something Journo's know only too well, but sometimes they have to resort to drugging their targets in a bid to get them into a compromising situation which might be the "banker" that comes in handy later on in life, and with the best pharmacy in the world of legal and illegal drugs at their disposal, they can do anything they like, after all they make the rules and its all done in secret until the journo's get given a tip off so often seen with public figures including celeb's & politicians stepping out of line.

Maybe you will think twice next time you read the Daily Mail about some juicy gossip, just what is the real agenda behind the scenes?

Re: We won't pay because the computer says so

Human's employed to train an AI, whilst the customer and company pretend AI is here and now. Its been the holy grail since the dawn of time, yet theres just not enough computing power to properly recognise your speech, so next time you use an AI assistant think of the underpaid foreign worker typing up what you say in realtime.

Clockwork Turk machines have been around for a long long time.

The ransomware is operating at the Firmware level, rewriting your bios, typically a VIA chip on your motherboard, and some firmware of hard drives. Western Digital and Samsung are especially effected, but Hitachi's and Fujitsu's are not from what I have seen. It works in both Windows XP, 7 & 8, and various versions of Linux, going back to Gutsy Gibbon on Ubuntu, but seems to affect debian distro's including Kali, Parted Magic, Linux Mint, Raspbian and also updates the firmware of RaspberryPi's.

Its a good bit of malware exploiting the IEE standards.

For example, if you put a bios password in place to prevent setup changes and/or OS loading, once you have loaded the OS, you'll note you can update the bios from within Windows or Linux, so the charade of bios security is non existent. With regards to hacking the firmware of hard drives, this practice goes back to the 90's and in my tests, the malware even works on Bios found in PC's built in 2004 infecting the hard drives firmware of those machines.

A bios will always load a USB device first and the latest UEFI standard even allows drivers to be remotely loaded/unloaded so theres nothing stopping this malware from spreading unnoticed as Antivirus simply doesn't look at firmware. Theres millions of device's that have been hacked, now you know why the Chinese wont allow their own branded android phone's to have the firmware be updated.

Re: Nice article, but...

>When 'illegal' surveillance is brought to light the government change the rules to make it 'legal'

Totally agree, just look at the Snoopers Charter section 56.4.

http://www.legislation.gov.uk/ukpga/2016/25/section/56/enacted

"Any reference in subsection (1) to interception-related conduct also includes any conduct taking place before the coming into force of this section and consisting of—"

"the Interception of Communications Act 1985;"

Not quite 1984, but 1 year out isn't bad!

Besides law needs evidence, so the tech giants are still safe as the global population is dumbed down.

Who needs a Zika virus when you have consumerism!

Re: I can see the press release now...

Companies are not legally obliged to admit they have been hacked, and that's when they have discovered they have been hacked.

See no Evil, Hear no Evil.

Some companies wont ever know they have been hacked because the data is not the sort that's useful to make public, and is lucrative to just milk over time, like bank accounts.

Re: Attack of the Russian cyber bogeyman

Smokes and mirrors whilst the UK and US slowly go bust as Globalists exported your jobs and politicians sold off your industries.

Trumps has several bankruptcies under his belt, no other US politician has that sort of experience, so not only does he know how to make businesses profitable, the fact he had issued many executive orders including a ban on Govt recruitment is no different to what Tesco's did when Labour got into power in the 90's.

Govt spending in both countries is out of control, you only have to look at how George Osborne increased the national debt more than Labour did over 13 years.

http://blogs.spectator.co.uk/2013/11/the-tories-have-piled-on-more-debt-than-labour/

Baby boomers and pensioners stole your future by never paying enough tax or NI to fund the NHS crisis today and politicians only interested in their short term careers feathered their nests for their next payemaster once unelected.

So the question is, when China decided to offload US Treasuries & UK Gilts, how long with these currencies exist until hyper inflation like we saw during the Weimer Republic or will the UK see a repeat of 1976 with the Sterling Crisis and IMF loan.

http://www.nationalarchives.gov.uk/cabinetpapers/themes/imf-crisis.htm

Use public data for the house price crash that's happening right, and China's recently announced increased capital controls which is hurting the value of UK housing stock, arguably the last asset the country can export but where the stock never leaves the warehouse.

Re: "how to perform open heart surgery"

Surprised the NHS are helping to train Google Health.

https://googleblog.blogspot.co.uk/2015/02/health-info-knowledge-graph.html

Now I know how Google knows when the UK suffers pandemics, or local out breaks of something, whilst helping to train Google's Health AI's which will be a future venture based on their current partners.

Do taxpayers mind the NHS helping to train Google's AI's and getting awarded contracts for eye scans?

Its getting to the stage Google is taking with the left hand using searchs from the NHS as well as the right with Deep Mind contracts.

>No kidding, you should see how hard it it to find animal and dairy products from

Brexit has its advantages, like getting decent food from the commonwealth countries, even if your lamb and butter comes all the way from New Zealand during our winter months.

And the best bit, MS have introduced their own disruptive technology that will be the demise of MS.

How stupid can you get price gouging your sales & engineering proxy staff when Western economies are already flatlining?

China's just announced tightening capital control's are going to trigger the mother of all financial crashes.

But are they clever enough to not fart on the chair leaving behind traces of fecal matter and thus their DNA?

https://www.ncbi.nlm.nih.gov/pubmed/16078481

Re: U2F / 2FA are far from a panacea

This is only really going to appeal to businesses and celeb's reliant on Facebook.

Just hack the USB bus in the OS and get the U2F key redirected to your computer.

Cloning dongles and using dongles plugged into one computer whilst tricking said software running on another machine is as old as the dongle itself.

You can try it right now with Windows Remote Access and sharing a USB printer.

Carry on using flawed OS's.....

Re: One hand scratches the other

>Neither the US nor Russia wastes favours on dispensable items like people.

The sooner the population of every country on this planet realises that noone can get in the way of the authority of the Govt and establishment, the sooner people will realise that they dont live in a free world, and that Representative Democracy is just a woolly name given to sheeple to hide the fact that its no different to a fascist dictatorship, because in a Representative Democracy they still make the laws without your say so.

>What is needed in this instance is user education

Because humans are human, my software has a bulk mailing facility that is programmed to only send BCC, whilst also capable of spitting out email's individually in a manner to not trip up ISP's email restrictions which might exist more so in overseas country's, eg 200 an hour and no more than 1000 a day for example.

Dont blame the user's blame the chain of command at the top for their stupidity at failing to quantify the risk to their business. In the mean time, sign up to every mailing list going and have some software to delete the spam automatically but ready to harvest email addresses when these businesses slip up.

Its only a question of time, and a valid attack vector for future hacking, if you choose to plan ahead.

Re: Forgot?

Elements of the US establishment have gone rogue on the world, the US will not be defeated which means sabotaging other countries efforts.

Is this Ukraine conflict like the one, where Victoria Nuland says "F*** the EU" when the US orchestrated the coo, and Vice President Joe Biden's son Hunter now heads up one Ukraine's major oil companies? Or like the coo orchestrated in Turkey where the bridges over the Bosphorus Strait were commandeered as this then controlled access to the Russian Black Sea Fleet, which could have prevented Russia from getting the likes of the aircraft carrier Admiral Kuznetsov down to Syria protecting their interests & Syria's regarding a certain pipeline from reaching the EU?

And all because the Ukrainians were stealing gas from the Russian pipeline into EU which forced Russia to turn off the Gas. The fact Germany has now built a gas terminal port to take in Russian gas seems to be missed on you as well. Sure go for fuel security especially as the sun is expected to go into a Grand Solar minimum by 2020-2022 (read Professor Fagan's book The Little Ice Age: How Climate Made History 1300-1850 to get an understanding of the implications of what a Grand Solar Minimum will mean for this planet), the likes of which has not been seen for 500 years well before anything resembling any Met office ever existed.

Is it right to bomb the hell out innocent people creating terrorists which go rogue and bring it to your doorstep?

Be careful what you wish for, in this complicated game of politics and warmongering. The world has become a more dangerous place over the last few decades since the US become Globocop.

Extremism is the result of extreme US foreign policy.