lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: lists at domain-logic.com (Randall Perry)
Subject: Bios programming... 

The program in question is quite legitimate in nature and already
exists in several forms.

In some instances, it sends the data to 'accountability partners'
who are your chosen peers that monitor your activity.

Think of it as AA for online porn.  Online porn has become a
real problem for males age 12 to early 40's.
Properly implemented, solutions to combat porn are good business.
(mind you, this is not 'spyware' for parents.  this is targeted at
adults who are trying to curb their own behavior).

Those who are not aware of that epidemic should sit quietly and
not scoff at the efforts of others.

As for the function of BIOS, that is the wrong road to go down.

If you are looking for checking if services are disabled, then
have a bot call home every so often (much like DirectTV PPV).

Any 'net activity could be logged in a seperate file and compared
to the monitor's activity report (to determine if it was active or not).
It would purge every 2-3 days to the online site.
If you do not have an update in 2-3 weeks, then send out an
email reminder.

To monitor IP activity, you might want to insert into the tcp/ip stack
through LSP layers (only for Windows boxes).

This lower level monitoring is harder to disable (but not impossible).

In this scenario you could either choose to redirect/block sites
(through blacklists or other)
-or-
Just log activity, don't block anything and lean towards the 'accountability'
side.

Good luck with the project,
it sounds noble at root.
RP


-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 266.5.1 - Release Date: 2/27/2005

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ