lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <4E948E79.8050007@bexish.com>
Date: Wed, 12 Oct 2011 02:44:09 +0800
From: seclist <seclist@...ish.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Wipe off, rub out, reappear...

Just a little bit of creative thinking here... If the communications 
between the base and the drone are not encrypted and these 
communications have successfully been intercepted - Is it possible that 
in addition to the ability to collect videos transmitted by the drone, 
data could be sent to the drone while it's airborne? and perhaps the 
malware waits until it receives a signal from the perpetrator on the 
ground before it transmits its collected data? The drones are rumored to 
carry out airborne network attacks so if this is the case theoretically 
it would be communicating with more than just the operation centre and 
someone could have exploited this?

I also view this article with great skepticism. It's "exclusive" with an 
unnamed source. If the source is credible why have they chosen to speak 
to Wired? and why on earth would these technicians be following "removal 
instructions posted on the website of the Kaspersky security firm"?

Perhaps this is a precursor to the hunt for "weapons of mass disruption" 
or perhaps it's just a cleverly disguised advert... how many product 
placements can you spot in that article? ;)

On 11/10/2011 7:31 AM, Michael Schmidt wrote:
> If its bot net code and it is behind an air barrier then it will never phone home. They can take their time to kill it because it will never get instructions to do anything. If it's something more destructive then maybe they need to call in someone more experienced. But it does not sound destructive and it does sound like it is on a disconnected network.
>
> From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of xD 0x41
> Sent: Monday, October 10, 2011 3:53 PM
> To: Daniel Sichel
> Cc: full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] Wipe off, rub out, reappear...
>
> I will say, with Botnets, and bots in general, i dont see much talented people on FD... although, seems many can decrypt them, so, makes me wonder , it is a train-of-thought also, i guess this is where hat colors take control.. black hats would say, go read some bot src and wake up FD, while white hats would say, "but we can just kill it anyhow...' "oh, we decrypted it"... etc...
> another pintless neverneding arguement..
>
>
> On 11 October 2011 07:22, Daniel Sichel<daniels@...derosatel.com<mailto:daniels@...derosatel.com>>  wrote:
> Somebody posted the following;
>
>> I'm just curious to these questions. It's strange to hear someone
>> saying "we basically have no idea what's going on".****
>>
> Doesn't sound funny to me, happens to me all the time. That's how I
> learn.
>
> Dan S.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/


Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ