| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 12 Oct 2011 02:44:09 +0800
From: seclist <seclist@...ish.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Wipe off, rub out, reappear...
Just a little bit of creative thinking here... If the communications
between the base and the drone are not encrypted and these
communications have successfully been intercepted - Is it possible that
in addition to the ability to collect videos transmitted by the drone,
data could be sent to the drone while it's airborne? and perhaps the
malware waits until it receives a signal from the perpetrator on the
ground before it transmits its collected data? The drones are rumored to
carry out airborne network attacks so if this is the case theoretically
it would be communicating with more than just the operation centre and
someone could have exploited this?
I also view this article with great skepticism. It's "exclusive" with an
unnamed source. If the source is credible why have they chosen to speak
to Wired? and why on earth would these technicians be following "removal
instructions posted on the website of the Kaspersky security firm"?
Perhaps this is a precursor to the hunt for "weapons of mass disruption"
or perhaps it's just a cleverly disguised advert... how many product
placements can you spot in that article? ;)
On 11/10/2011 7:31 AM, Michael Schmidt wrote:
> If its bot net code and it is behind an air barrier then it will never phone home. They can take their time to kill it because it will never get instructions to do anything. If it's something more destructive then maybe they need to call in someone more experienced. But it does not sound destructive and it does sound like it is on a disconnected network.
>
> From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of xD 0x41
> Sent: Monday, October 10, 2011 3:53 PM
> To: Daniel Sichel
> Cc: full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] Wipe off, rub out, reappear...
>
> I will say, with Botnets, and bots in general, i dont see much talented people on FD... although, seems many can decrypt them, so, makes me wonder , it is a train-of-thought also, i guess this is where hat colors take control.. black hats would say, go read some bot src and wake up FD, while white hats would say, "but we can just kill it anyhow...' "oh, we decrypted it"... etc...
> another pintless neverneding arguement..
>
>
> On 11 October 2011 07:22, Daniel Sichel<daniels@...derosatel.com<mailto:daniels@...derosatel.com>> wrote:
> Somebody posted the following;
>
>> I'm just curious to these questions. It's strange to hear someone
>> saying "we basically have no idea what's going on".****
>>
> Doesn't sound funny to me, happens to me all the time. That's how I
> learn.
>
> Dan S.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists