You are free to believe or not to believe, but you are not free to insult me. Is that clear ?
Sent with ProtonMail Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Thursday 2 April 2020 03:01, Anders Andersson <[email protected]> wrote: > On Wed, Apr 1, 2020 at 10:29 PM Cord [email protected] wrote: > > > Hi, > > I found something that in my opinion are nearly evidences. > > For those who doesn't know my story please read past messages: > > https://marc.info/?a=155355261500002&r=1&w=2 > > Well, as I said previously my laptop was been hacked then I bought a new > > laptop because my suspicious are that the uefi or other firmware was been > > hacked (I reinstalled openbsd various times) > > The old laptop had a wifi usb dongle to connect to the wifi router. > > Now the new laptop has a wifi chip that works properly on opnebsd. > > The inner IF is iwm0. > > And I discovered differences on wifi performance between the on board IF > > and the old usb dongle. > > Of course the tests were been made from exactly the same physical place. > > The following are the results (I used speedtest-cli): > > iwm0 with vpn download: 0,46 mbit/s upload: 0,55 mbit/s > > iwm0 without vpn download: 0,50 mbit/s upload: 2,53 mbit/s > > urtwn0 with vpn download: 20,88 mbit/s upload: 8,49 mbit/s > > urtwn0: without vpn download: 24,83 mbit/s upload 9,27 mbit/s > > The following are the results pinging 8.8.8.8 with -c 500: > > 500 packets transmitted, 500 packets received, 0.0% packet loss > > iwm0: round-trip min/avg/max/std-dev = 18.761/6372.615/72372.495/14987.007 > > ms > > urtwn0: round-trip min/avg/max/std-dev = 24.068/36.489/878.218/48.120 ms > > > > As I know the traffic shaping is configured by pf with pf.conf, the > > following is my pf.conf (I'm sorry I'm not a genius of pf): > > -------/etc/pf.conf > > if="urtwn0" > > #if="iwm0" > > dns="{8.8.8.8}" > > myvpn="{x.x.x.x, x.x.x.x, x.x.x.x, x.x.x.x, x.x.x.x}" > > weird="{239.255.255.250, 224.0.0.1}" > > pany="{udp, tcp}" > > set skip on tun0 > > set skip on lo > > set block-policy drop > > set loginterface $if > > block quick inet6 > > block quick on $if from any to $weird > > pass quick proto icmp > > pass out quick on $if proto $pany from $if to $dns > > pass out quick on $if proto udp from $if to $myvpn > > pass out quick on $if proto tcp from $if to my01-other-vpn.com > > pass out quick on $if proto tcp from $if to my02-other-vpn.com > > pass out quick on $if proto tcp from $if to my03-other-vpn.com > > block drop in on ! lo0 proto tcp to port 6000:6010 > > block drop out log proto {tcp udp} user _pbuild > > block log quick on $if > > > > ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- > > > > Other strange things that happens on my laptop are the following: > > > > 1. sometimes my openvpn (2 times on 5) fail authentication even I use a > > saved file authentication data and pass it the data with --auth-user-pass > > /my/path/pass > > Then in my opinion it's impossible fails the authentication. > > > > 2. sometimes KeePassXC fails authentication on random site. If I copy the > > password and paste it by hand it works. > > 3. and of course there are people that can spy me and modify suggested > > videos on youtube. Please do not comment this because I know it's very > > subjective. > > > > As I said previously in my opinion there is 0day on how is implemented the > > tcp/ip stack in the kernel. > > And the vulnerability can be exploited by a mitm attack from the home > > router. > > Thank you Cord. > > Hello Cord, and thank you for the interesting messages. > > Just a thought: Do you have any wall paintings, and have you noticed > something different about them since you got hacked? > > You see, I once talked to a man at the local library who was looking > for literature about computer viruses and he mentioned that the virus > had somehow spread out from the USB ports in his computer onto his > paintings, which had now become dull and grey. His family told him > that he was imagining things and refused to help him, that's why he > was at the library to search for information. > > If your computer has been hacked, maybe it is by the same virus. > > Kind regards, > Anders
