::I put on my robe and tinfoil hat.:: What keeps me awake at night is the thought of code running on things we traditionally don't even think of as having CPUs, like on SSDs, on the integrated device electronics of SATA disks for example. Or on the CPU inside your CPU, like the Minix computer inside just about any recent Intel chip.
Also, do we think it's possible that, if a NIC is physically connected to a wire or fibre, it could be signalling someone across that same physical medium but totally out-of-band as far as canonical protocols and frequencies are concerned? Granted, the expected behaviour of routers is that they forward only what they forward, under the rules of the game. But what if the exploit just had enough market penetration so that some other NIC talking, say, "SnoopyNet" besides TCP/IP could be expected to be within physically-wired-up reach of your SnoopyNet-talking NIC? With enough of a percentage of NICs pwned by SnoopyNet, they could be talking a dog-whistling language we can't hear and could be forwarding select data all the way to Fort Meade. This might be even easier to do with wireless. Think of this as software- (or firmware-)defined radio on steroids. To pick up on Raul's point, even with a spectrum analyser hooked up to our Suspiciously American(TM) NIC, SnoopyNet might be indistinguishable from noise. SnoopyNet may not even be low-bandwidth. Remember when people had acoustic and then line modems, and people thought a rate of kilobits per second was about the limit, but then someone invented DSL? Heck, it's possible to build audio bugs no bigger than a grain of rice and audio+video bugs no bigger than a pea, and even that may not be the limit, though there will be limits due to optics and wavelength. Also, any bug that doesn't just store recordings would have to have a biggish antenna. Unless it's maybe close enough to a firmware-defined radio running on a SnoopyNet-exploited NIC? Plus, absent the use of detectable radioisotopes, battery size and endurance will be an issue -- unless someone has written the mother of all RFID-like protocols and is using a SnoopyNet-exploited NIC slash RFID-like reader to actually power the nearby bug too? OTOH, why even bother with any of that when y'all have smaaatphones, amirite guise? Honestly, I don't even know what crypto I can truly trust anymore. That's mostly not even because of "bUt TeH nSa HaVe tEh qUaNtOoN cOmPuTaR" rumours^W conspiracy theories; no, it's mainly simply because of my own ignorance. Serious question: If Alice and Bob already have a shared password, what would you do to let them exchange messages without Eve finding out the content, assuming the shared secret is not long enough to be a one-time pad? /doffs tinfoil hat Ian On 03/07/2019, Raul Miller <rauldmil...@gmail.com> wrote: > Any sufficiently advanced technology is indistinguishable from noise, > > https://en.wikipedia.org/wiki/Shannon%E2%80%93Hartley_theorem > > Thanks, > > -- > Raul > > On Tue, Jul 2, 2019 at 1:30 PM Brian Brombacher <br...@planetunix.net> > wrote: >> >> Oh and if the implant is smart, it’ll detect you’re trying to find it and >> go dormant. >> >> Even more good luck! >> >> > On Jul 2, 2019, at 1:24 PM, Brian Brombacher <br...@planetunix.net> >> > wrote: >> > >> > Hardware implants go beyond just sending packets out your network card. >> > They have transceivers that let agents control or snoop the device from >> > a distance using RF. >> > >> > You need to scan the hardware with RF equipment to be sure. >> > >> > Good luck! >> > >> >>> On Jul 2, 2019, at 12:27 PM, Misc User <open...@leviathanresearch.net> >> >>> wrote: >> >>> >> >>> On 7/2/2019 12:43 AM, John Long wrote: >> >>> On Tue, 2 Jul 2019 10:07:59 +0300 >> >>> Mihai Popescu <mih...@gmail.com> wrote: >> >>>> Hello, >> >>>> >> >>>> I keep finding articles about some government bans against some >> >>>> hardware manufacturers related to some backdoor for espionage. I >> >>>> know >> >>>> this is an old talk. Most China manufacturers are under the search: >> >>>> Huawei, ZTE, Lenovo, etc. >> >>> It seems painfully obvious what's driving all the bans and >> >>> vilification >> >>> of Chinese hardware and software is that the USA wants exclusive >> >>> rights >> >>> to spy on you and won't tolerate any competition. >> >>> Does anybody think maybe the reason Google and Facebook don't pay >> >>> taxes >> >>> anywhere might have something to do with what they do with all that >> >>> info they collect? Is the "new" talk about USA banning any meaningful >> >>> encryption proof of how seriously they take security and privacy? >> >>>> What do you think and do when using OpenBSD on this kind of >> >>>> hardware? >> >>> Lemote boxes are kinda neat but they're not the fastest in the world. >> >>> It beats the hell out of the alternatives if you can live with the >> >>> limitations. >> >>>> Do you prefer Dell, HP and Fujitsu? >> >>> Your only choice is probably to pick the least objectionable entity >> >>> to >> >>> spy on you. If you buy Intel you know you're getting broken, insecure >> >>> crap no matter whose box it comes in. Sure it runs fast, but... in >> >>> that >> >>> case everybody is going to spy on you. >> >>> /jl >> >> >> >> Assume everything is compromised. Don't trust something because >> >> someone >> >> else said it was good. Really, the only way to test if a machine is >> >> spying on you, do some kind of packet capture to watch its traffic >> >> until >> >> you are satisfied. But also put firewalls in front of your devices to >> >> ensure that if someone is trying to spy on you, their command and >> >> control packets don't make it to the compromised hardware. >> >> >> >> Besides, subverting a supply a hardware supply chain is a difficult >> >> and >> >> expensive process. And if there is one thing I've learned in my >> >> career >> >> as a security consultant, its that no matter how malevolent or >> >> benevolent a government is, they are still, above all, cheap and lazy. >> >> And in a world where everything is built with the first priority is >> >> making the ship date, there are going to be so many security flaws to >> >> be >> >> exploited. So much cheaper and easier to let Intel rush a design to >> >> market or Red Hat push an OS release without doing thorough testing >> >> and >> >> exploit the inevitable remote execution flaws. >> >> >> >> Or intelligence agencies can take advantage of the average person's >> >> tendency to laziness and cheapness by just asking organizations like >> >> Google, Facebook, Comcast, Amazon to just hand over the data they >> >> gathered in the name of building an advertising profile. >> >> >> > >> > >
