lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: pjvenda at arrakis.net.dhis.org (Pedro Venda) Subject: Bios programming... -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Matt Marooney wrote: | Thanks for the feedback Valdis! | | I've been doing some reading about custom BIOS chips that include | security programs, so that may not be the way I want to go... | | I definatly want the program to behave like spyware, but not show up on | scanners! :) | | The intent of the BIOS portion of the program was just to have a small | bit of code that checked for the existence of the main monitoring | program on the disk, and if it was not there, reload it somehow. This is hardly possible or even considerable non-spyware-big-brother. As said before, the BIOS code runs before OS booting starts. It is very very dumb and simple code. sometimes it can't even correctly detect hard drives. Putting in code that: 1. looks for a valid hard drive 2. looks for a known filesystem on the drive (ntfs, fat32, etc) 3. scans in the filesystem for some files (which may just be renamed files) 4. if there are any more hard drives, go back to step 1. 5. reload the program... I don't even know how to start explaining why this is very hard/impossible. In reality, this is IMPOSSIBLE to do with bios code. not mentioning as said before, the different hw and bios codes (either sane or not). Although your intentions may be honest, your program is the exact description of a hard-to-remove spyware bigbrother intrusive tool. a.k.a. spyware, virus etc. even if you don't want, such a tool would soon be hunted down by anti-virus and anti-spyware software because of it's nature. If the people you refer are willing to cooperate, there are a lot of other solutions on the web that can limit web browsing, like child control software. The simple task to "monitor" multi-protocol traffic and your definition of "thin client app" are completely contradictory. to scan traffic is a heavy process because the OS must look at each TCP or UDP or other packets to decide upon them. Finally, not considering other operating systems or boot cds and such tools and considering people are too dumb to know "bios", "other-os-other-than-windows", etc sounds just too naive. regards, pedro venda. - -- Pedro Jo?o Lopes Venda email: pjvenda < at > arrakis.dhis.org http://arrakis.dhis.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCJ5TFeRy7HWZxjWERAsIwAKDBSx8NYcLqnZp2CT5PbNZrWA7JtACeJAOF yeFe14aXtMfbp/oA6c9cWTY= =kdrl -----END PGP SIGNATURE-----
Powered by blists - more mailing lists