Home Mail MemberMap Chat (0) Wallpapers
Go Back   ChiefsPlanet > The Ed & Dave Lounge > Media Center

Reply
 
Thread Tools Display Modes
Old 06-19-2014, 03:12 PM  
planetdoc planetdoc is offline
Veteran
 
Join Date: Apr 2012
Casino cash: $25264
Hackers reverse-engineer NSA's leaked bugging devices

link
(highlights)

Quote:
RADIO hackers have reverse-engineered some of the wireless spying gadgets used by the US National Security Agency. Using documents leaked by Edward Snowden, researchers have built simple but effective tools that can be attached to parts of a computer to gather private information in a host of intrusive ways.

The technologies include fake base stations for hijacking and monitoring cellphone calls and radio-equipped USB sticks that transmit a computer's contents.

But the catalogue also lists a number of mysterious computer-implantable devices called "retro reflectors" that boast a number of different surreptitious skills, including listening in on ambient sounds and harvesting keystrokes and on-screen images.

One reflector, which the NSA called Ragemaster, can be fixed to a computer's monitor cable to pick up on-screen images. Another, Surlyspawn, sits on the keyboard cable and harvests keystrokes. Joshua Datko of Cryptotronix in Fort Collins, Colorado, will reveal a version of an NSA device he has developed that allows malware to be reinstalled even after being dealt with by antivirus software. It works by attaching its bug to an exposed portion of a computer's wiring system – called the I2C bus – on the back of the machine. "This means you can attack somebody's PC without even opening it up," says Ossmann.

Having figured out how the NSA bugs work, Ossmann says the hackers can now turn their attention to defending against them – and they have launched a website to collate such knowledge, called NSAPlayset.org. "Showing how these devices exploit weaknesses in our systems means we can make them more secure in the future," he says.
Posts: 1,989
planetdoc has disabled reputation
  Reply With Quote
Old 06-19-2014, 03:29 PM   #2
DaveNull DaveNull is offline
Veteran
 
DaveNull's Avatar
 

Join Date: Nov 2011
Location: Villa Straylight
Casino cash: $14524
Looking forward to seeing this talk in #partytrack.
Posts: 1,181
DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.
  Reply With Quote
Old 06-19-2014, 03:41 PM   #3
Detoxing Detoxing is offline
Dyslexic Speed Reader
 
Detoxing's Avatar
 

Join Date: Mar 2005
Location: San Diego
Casino cash: $449760140
Yay....lets give malicious hackers more tools to **** over the rest of the world with. Great idea guys.
__________________
Don't half ass two things. Whole ass one thing.
Posts: 18,983
Detoxing has an IQ even higher than Frankie's.Detoxing has an IQ even higher than Frankie's.Detoxing has an IQ even higher than Frankie's.Detoxing has an IQ even higher than Frankie's.Detoxing has an IQ even higher than Frankie's.Detoxing has an IQ even higher than Frankie's.Detoxing has an IQ even higher than Frankie's.Detoxing has an IQ even higher than Frankie's.Detoxing has an IQ even higher than Frankie's.Detoxing has an IQ even higher than Frankie's.Detoxing has an IQ even higher than Frankie's.
  Reply With Quote
Old 06-19-2014, 04:02 PM   #4
Fish Fish is online now
Missing Dick Curl
 
Fish's Avatar
 

Join Date: Sep 2005
Casino cash: $2121360
You can gain access to some data when you have direct access to the computer? No way!

This is pretty dumb. This isn't "Hacking" in the slightest. All of these things are very well known and have been possible for decades. Hell, you can view the output of a computer monitor a short distance away without ever touching a single thing. This and much more is possible with access to the machine, and it's not any NSA secret. And if you have direct access to a computer in the first place, there are much much better ways to get what you want from that computer without using goofy-named hypothetical tinker toys attached to the cabling.

Quote:
It works by attaching its bug to an exposed portion of a computer's wiring system – called the I2C bus – on the back of the machine. "This means you can attack somebody's PC without even opening it up," says Ossmann.
Yeah...... these idiots have no clue what they're talking about. I've constructed I2C boards that can read computer sensor information in various ways. It's moronic to say an I2C bus could hack a PC, unless you consider getting the current fan speed of the CPU fan as "Hacking".

This is pointless fear mongering.
__________________
Posts: 25,562
Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.
  Reply With Quote
Old 06-19-2014, 06:31 PM   #5
beach tribe beach tribe is online now
I'm Comin'
 
beach tribe's Avatar
 

Join Date: May 2007
Location: ft.lauderdale
Casino cash: $109917
Quote:
Originally Posted by Fish View Post
You can gain access to some data when you have direct access to the computer? No way!

This is pretty dumb. This isn't "Hacking" in the slightest. All of these things are very well known and have been possible for decades. Hell, you can view the output of a computer monitor a short distance away without ever touching a single thing. This and much more is possible with access to the machine, and it's not any NSA secret. And if you have direct access to a computer in the first place, there are much much better ways to get what you want from that computer without using goofy-named hypothetical tinker toys attached to the cabling.



Yeah...... these idiots have no clue what they're talking about. I've constructed I2C boards that can read computer sensor information in various ways. It's moronic to say an I2C bus could hack a PC, unless you consider getting the current fan speed of the CPU fan as "Hacking".

This is pointless fear mongering.
Absolutely this.
There is not a single example of hacking in that article, nor anything that was developed as a result of the NSA.
__________________
Posts: 17,357
beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.
  Reply With Quote
Old 06-19-2014, 07:10 PM   #6
planetdoc planetdoc is offline
Veteran
 

Join Date: Apr 2012
Casino cash: $25264
Quote:
Originally Posted by Fish View Post
And if you have direct access to a computer in the first place, there are much much better ways to get what you want from that computer without using goofy-named hypothetical tinker toys attached to the cabling.
Thats the difference between monitoring/keylogging vs getting what is already in the machine (what is typed and seen might not be in there).

Quote:
Originally Posted by Fish View Post
Yeah...... these idiots have no clue what they're talking about. I've constructed I2C boards that can read computer sensor information in various ways. It's moronic to say an I2C bus could hack a PC, unless you consider getting the current fan speed of the CPU fan as "Hacking".
It sounds like they say that i2c is a path that malware can travel from their bug to execution (either gpu or something else). The bugs described are about monitoring/keylogging from hardware without modifying the software environment.

Quote:
Originally Posted by anon
Display connectors use i2c for the EDID information. VGA, DVI, and maybe HDMI have an i2c interface in them. According to the article their "bug" attaches to the i2c. The i2c bus is likely not isolated from everything else. VGA i2c bus likely originates in the GPU display controller. That doesn't mean NSA backdoor software can't open a side interface on it.

You can use i2c-tools on Linux to poke around your system's i2c busses if you're trying to find out more. I'm fairly certain RAM also uses i2c, each RAM module has a little i2c EEPROM on it that stores timing and configuration data for the module and those busses are accessible with i2c-tools as well

One fairly prominent use is with serial presence detect in DDR SDRAM, which allows the reading of an EEPROM on the DIMM containing the necessary information to set up the memory controller to access the RAM. I.e., this is done by the processor before it can use its RAM.

In fact, I would go so far as to say this is the perfect exemplar of the niche I2C inhabits.

I2C will be used in multiple separate buses; one or two are routed through external connectors.
Posts: 1,989
planetdoc has disabled reputation
  Reply With Quote
Old 06-20-2014, 09:06 AM   #7
Fish Fish is online now
Missing Dick Curl
 
Fish's Avatar
 

Join Date: Sep 2005
Casino cash: $2121360
Quote:
Originally Posted by planetdoc View Post
Thats the difference between monitoring/keylogging vs getting what is already in the machine (what is typed and seen might not be in there).



It sounds like they say that i2c is a path that malware can travel from their bug to execution (either gpu or something else). The bugs described are about monitoring/keylogging from hardware without modifying the software environment.
No, there is absolutely no way malware could infect a computer through I2C. I2C lets you probe known outputs from the rest of the bus. Meaning that another piece of hardware has to be hard wired to output wanted information to a specific pin. It can only access info that other hardware natively shares. It's incredibly limited in both speed and available bits to work with. It doesn't have the capability to do much else, especially anything software or OS related.

Yes, most of the bugs described are about monitoring a computer which relies on access to the machine. It's pointless and has nothing to do with the NSA.
__________________
Posts: 25,562
Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.
  Reply With Quote
Old 06-20-2014, 09:46 AM   #8
htismaqe htismaqe is online now
Ask JASON about Tony's cock...
 
htismaqe's Avatar
 

Join Date: Aug 2000
Location: Chiefsplanet
Casino cash: $1108869
You totally beat me to it on the I2C bus, Fish.

This "story" is hilarious.
Posts: 61,043
htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.
  Reply With Quote
Old 06-20-2014, 02:30 PM   #9
planetdoc planetdoc is offline
Veteran
 

Join Date: Apr 2012
Casino cash: $25264
Quote:
Originally Posted by Fish View Post
No, there is absolutely no way malware could infect a computer through I2C.
lets revisit this after the release their findings at Defcon. Either it can be done as they claim or it cant.
Posts: 1,989
planetdoc has disabled reputation
  Reply With Quote
Old 06-20-2014, 02:39 PM   #10
DaveNull DaveNull is offline
Veteran
 
DaveNull's Avatar
 

Join Date: Nov 2011
Location: Villa Straylight
Casino cash: $14524
Agreed. Better to wait for the actual research as opposed to what may be no more than a reporter who has no technical background reading the talk description.

oh, and Fish the tools are similar to those described in the leaked Snowden documents.
Posts: 1,181
DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.
  Reply With Quote
Old 06-22-2014, 01:01 PM   #11
htismaqe htismaqe is online now
Ask JASON about Tony's cock...
 
htismaqe's Avatar
 

Join Date: Aug 2000
Location: Chiefsplanet
Casino cash: $1108869
Quote:
Originally Posted by DaveNull View Post
oh, and Fish the tools are similar to those described in the leaked Snowden documents.
Hey, read the article.

Quote:
RADIO hackers have reverse-engineered some of the wireless spying gadgets used by the US National Security Agency. Using documents leaked by Edward Snowden, researchers have built simple but effective tools that can be attached to parts of a computer to gather private information in a host of intrusive ways.
Posts: 61,043
htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.
  Reply With Quote
Old 07-24-2014, 10:17 PM   #12
planetdoc planetdoc is offline
Veteran
 

Join Date: Apr 2012
Casino cash: $25264
defcon is coming up.
https://www.defcon.org/html/defcon-2...ers.html#Datko
Posts: 1,989
planetdoc has disabled reputation
  Reply With Quote
Old 07-25-2014, 08:11 AM   #13
DaveNull DaveNull is offline
Veteran
 
DaveNull's Avatar
 

Join Date: Nov 2011
Location: Villa Straylight
Casino cash: $14524
Who's going?
Posts: 1,181
DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.
  Reply With Quote
Old 07-29-2014, 12:48 PM   #14
DaveNull DaveNull is offline
Veteran
 
DaveNull's Avatar
 

Join Date: Nov 2011
Location: Villa Straylight
Casino cash: $14524
Quote:
Originally Posted by DaveNull View Post
Looking forward to seeing this talk in #partytrack.
This talk is happening on Defcon Sunday (already not looking forward to that wakeup call) in partytrack.
Posts: 1,181
DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.
  Reply With Quote
Old 08-14-2014, 08:30 AM   #15
DaveNull DaveNull is offline
Veteran
 
DaveNull's Avatar
 

Join Date: Nov 2011
Location: Villa Straylight
Casino cash: $14524
I've got the draft papers if anyone wants to read them. I should have video of the talks in a couple weeks.
Posts: 1,181
DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.
  Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump




All times are GMT -6. The time now is 12:46 PM.


Powered by vBulletin® Version 3.8.0
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.