| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20111010180500.A0696E672D@smtp.hushmail.com> Date: Mon, 10 Oct 2011 14:05:00 -0400 From: "Elazar Broad" <elazar@...hmail.com> To: uuf6429@...il.com, mt2410689@...il.com, thor@...merofgod.com Cc: full-disclosure@...ts.grok.org.uk Subject: Re: “We keep wiping it off, and it keeps coming back” -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The report states that they have been using flash drives for map and video data transfer. The source is probably some flight operators personal drive which never came under the microscope, that and "well...it's an *isolated* network so proper security posture is moot" make for an easy target. I still like the fact that real-time drone video can be viewed using SkyGrabber, don't most local LEO use the same technology(albeit on a smaller scale)? I'm sure many criminals and organized crime can afford a DVB-S card... My devalued .002 elazar On Mon, 10 Oct 2011 13:36:23 -0400 "Thor (Hammer of God)" <thor@...merofgod.com> wrote: >Consider the source. It’s “someone close” to the operations, and >that only according to this guy. It could very well be a slot- >puller in the casino across the street… I’m always dubious of >the reporting of this type of thing where the source is some >“secret” person, and where there is never any ability to refute >claims. > >t > >From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full- >disclosure-bounces@...ts.grok.org.uk] On Behalf Of Christian >Sciberras >Sent: Monday, October 10, 2011 7:05 AM >To: Michael T >Cc: full-disclosure@...ts.grok.org.uk >Subject: Re: [Full-disclosure] “We keep wiping it off, and it >keeps coming back” > >I'm talking more about their engineers than their network. > >If I had my network infected with a virus, I'd immediately deploy >some form of logging/monitoring tool (eg, wireshark). > >Honestly, it all sounds like they're employing inexperienced >engineers. Which is again strange, considering the field they're >in. > >Regarding your bet, see that's already something. Why exactly >can't they verify your bet? It isn't like viruses suddenly became >invisible, is it? > >I'm just curious to these questions. It's strange to hear someone >saying "we basically have no idea what's going on". > > >On Mon, Oct 10, 2011 at 3:40 PM, Michael T ><mt2410689@...il.com<mailto:mt2410689@...il.com>> wrote: >It's a network that's 'detached', or 'segregated', or whatevered >from the rest of the world, so it's 'largely immune to viruses'. >That likely means they have: >1. NO logging >2. NO anti-virus >3. NO hardening > >The very fact that these systems are on a segregated network means >they are probably more frail, and more susceptible to viruses, >than a normal person's laptop. > >Immune to viruses... What a crock of shit. My bet is that it's >coming from the planes. > >Mike >On Mon, Oct 10, 2011 at 7:51 AM, Christian Sciberras ><uuf6429@...il.com<mailto:uuf6429@...il.com>> wrote: >http://www.wired.com/dangerroom/2011/10/virus-hits-drone-fleet/ > >This is news to me. > >Moreover, I'm a bit confused as to how they don't track how it's >coming back. >I mean, how is it possible that no one stepped in and analyzed how >the virus acts and where it came from? > >It sounds fish if you ask me. > >Chris. > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ -----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQECAAYFAk6TM8wACgkQi04xwClgpZivsAQAiOGPaAUQ5AUfHzd9JbTZeJzo8kRl GvWrTNcLgMQTqySuBWDpIqjo/9cWVjAlKZ+ucqibWYc38gwETIbVMbBxR4WQq2YAuDoJ yR49pcvkSvMy+qzUi4s8WDBf7kDOh9q88Db22Dee8EUuM+2CsWjCMQa1JYTLuEg0rhvZ biT3tHg= =AiuT -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists