lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
From: matt at dynamicanswers.com (Matt Marooney)
Subject: Bios programming...


Very true, and I'm sure that I am not going to be able to keep people
from getting around it, I just want to make it really really hard.
Obviously, if the person is smart enough to boot to a different OS,
setup their internet connection on that OS, and browse, then they are
not going to be using this product in the first place! 

I want this software to help people who want help, to keep them honest,
and unaware that their system is monitoring activity.  

Most of the other services out there are very "in-your-face" or they
only monitor one type of traffic.  The BIOS requirement was to keep the
users using the system.  If they take the machine in to BestBuy to get
it serviced, and the tech wipes or replaces the hard drive, the poor guy
doesn't remember to reload the monitoring software.  

I'm open to other suggestions, I just want to make it next to impossible
to delete (without the admin password, of course), and invisble to
operate.  

Thanks for the comments!

-- Matt   
 


-----Original Message-----
From: Paul J. Morris [mailto:mole@...atsci.org] 
Sent: Thursday, March 03, 2005 8:46 PM
To: matt@...amicanswers.com
Subject: Re: [Full-Disclosure] Bios programming...


Matt,
   Don't know much about working that close to the bios, but a couple of
potential means of circumvention immediately come to mind:
   
1) booting from cd, in particular booting with a different operating
system from the one you wrote the monitoring code for, as in booting
from a knoppix distribution.

2) browsing the web through a secure anonymous proxy (such as guardster)

-Paul

On Thu, 3 Mar 2005 13:44:39 -0500
"Matt Marooney" <matt@...amicanswers.com> wrote:

> I am trying to write a program to help people who are addicted to 
> internet pornography.  This application would be tied into an online 
> service where someone could sign up for monitoring, and download a 
> thin client app.  The application would run in the background of the 
> person's computer, and upload the person's internet activity to the 
> website.  The service would then email this activity report to 
> designated recipients. I have most of the knowledge to create this 
> service, but I need to know how to do a couple things:
>  
> 1. I would like the program to be "un-installable".  I've heard of a 
> couple of hardware security tracking services that can load a very 
> small setup package in the CMOS and if a computer is stolen, and the 
> hard drive is replaced, the app reloads itself and the next time the 
> computer is on the internet, it sends out a beacon.  Does anyone have 
> any insight about how to do something like this?  I want the CMOS 
> program to run on boot, and check to see if the monitoring software is

> still installed. If it is not, the boot process reloads it.
>  
> 2. obviously, the program does not need to be very large, so I want it

> to run in the background and not be visible to the computer's user. 
> This is easy, I know, but I want the process to be completely 
> invisible.(even to super-geeks)
>  
> 3. I would like to figure out a way to monitor traffic for multiple 
> protocols (HTTP, FTP, File Sharing, Chat, etc.) .  I'm wondering if 
> there is a way to figure out "bad" requests on a packet level.
>  
> I really appreciate any help with these questions!  Thank you all,
>  
> -- Matt
>  
>  
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ