lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <50cd0e8541b0c96f233ce54c72f19d2d@jschipper.dynalias.net>
From: j.schipper at math.uu.nl (Joachim Schipper)
Subject: re: Bios Programming...

On 14:35 03/04/05 "Matt Marooney" <matt@...amicanswers.com> wrote:
> Okay, okay, guys...I  get all of your points.  I'm really glad
> I threw this idea out there  because you all have given me some really
> great reactions.  Thank you Bill  Humphries for your comments; you
> bring up some really good points.
> Now, getting back to  technical conversation, the most important
> requirement for this software is the  multi-protocol monitoring.  As
> some of you have said, this is not going to  be able to be done with a
> small program.
> I don't mind letting  the user know he/she is being monitored, and I
> do not intend for this utility to  be used to spy on someone without
> their knowledge.  I guess I didn't  explain that very well before.
> So, with that out of  the way, I'd like the program to run in the
> background, and be slim enough that  it does not noticeably slow down
> the user's computer.  This is to avoid the  person coming to the
> recovery group and saying, "I had to uninstall the monitor  because it
> is slowing down my computer".
> Most Important  Requirements:
>
> 1. Multi-protocol  monitoring (HTTP, FTP, Chat, File sharing,
> Newsreaders,  etc.)
> 2. Thin application,  does not *noticeably* interfere with normal
> computer  operation
> 3. Difficult to  remove (disregarding all hardware replacements,
> obviously, the person could go  get a new computer) without a
> password Again, thanks for  your helpful input.  I assure you, I am
> not trying to create more problems,  and I am just like you guys when
> it comes to hatred of spy ware.  I've been  making a pretty decent
> living for years securing people's computers.
> --  Matt
>

Of course, a relatively simple solution would involve giving them a free
internet connection, and a modified ADSL/Cable modem... some of the smarter
appliances might be able to do what you describe. Failing that, get
yourself a simple Linux install. Strip it of all shells and run only those
few programs necessary for connection plus Snort. Now get some ISP to
cooperate and only give *you* the connection passwords, then install the
Linux box as a gateway. Anyone unable to crack the Linux box will not be
able to connect via this particular ISP anymore; if you want to be
reasonably secure, make the box ask for a password-protected decryption key
at boot, and make sure only a select few people have these disks. However,
this is burdensome. A simpler alternative is either pinging them or having
them ping you to ensure they are not taken down for protracted periods.

Note that the above scheme can be defeated easily by a knowledgeable user
unless you use the decryption floppy scheme, and even in that case, it is
pretty easy to get a second connection (or encrypt traffic, or whatever)...
but both require some work, hopefully enough to make them reconsider.

This is more up-front, and possibly more effective, than the spyware you
were originally proposing (yes, it is spyware. Your goals may be considered
noble by some, but it would still be spyware).

Also note that the whole idea may, depending on who you ask, be technically
flawed and morally wrong.

             Joachim

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ