Author Topic: Computer Security & Internet Privacy (Read 455 times)

Wizard X · « **on:** May 04, 2011, 02:26:02 AM »

Quote

Since Vesp posted...

http://127.0.0.1/talk/index.php/topic,2034.msg21353.html#msg21353

Additionally each person has a "Enough is enough" limit - some simply using a proxy is good enough, while others might go as far as proxy, open wifi, live disk, with a bought with cash laptop...

I guess I could say that it is not clear what is the wheat and what is the chaff.

I honestly feel that someone more into computer security than I should write such a thing - I could try to regurgitate what I have read/think I know - but I am surely not the most qualified to write such an article.

and this...

FBI spyware used to track suspects online. https://the-collective.ws/forum/index.php?topic=22593.0

http://www.rawstory.com/rs/2011/05/02/fbi-using-persistent-spyware-to-track-suspects-online/

The documents show that software called the Computer and Internet Protocol Address Verifier (CIPAV) was used by the FBI since at least 2001. The software allows the FBI to collect a variety of information from a computer every time it connects to the Internet, including the IP address, Media Access Control (MAC) address, open communication ports, list of the programs running, URLs visited, and more.

It is unclear how the FBI installs the software on a computer, but it is suspected that the spyware exploits a vulnerability in the user's browser, like other common Internet viruses.

The documents also suggest the FBI frequently uses the software during investigations, including domestic criminal cases and Foreign Intelligence Surveillance Act (FISA) cases.

ISPs to adopt CALEA https://the-collective.ws/forum/index.php?topic=22312.msg156487#msg156487

FBI Calls for Backdoor to Snoop Web. http://www.infowars.com/fbi-calls-for-backdoor-to-snoop-web/

CALEA requires traditional telecom carriers to allow law enforcement agencies real-time access to communications.

Instead of forcing ISPs to adopt CALEA, the government will attempt to convince communication providers to build in so-called back doors allowing law enforcement access to their software.

CALEA: http://www.eecs.harvard.edu/cs199r/fp/Pierce.pdf

Let's start a "Computer Security & Internet Privacy" thread to assist members to strengthen/protect themselves further. Assistance by knowledgeable members (psychexplorer, Lugh, etc) are welcomed.

Wizard X · « **Reply #1 on:** May 04, 2011, 06:11:18 AM »

09/04/2008 08:17p 950,306 ACPI BIOS Rootkits.pdf
19/08/2008 10:23a 728,147 Hiding Harddrives.pdf
17/02/2007 12:52p 304,132 Implementing_And_Detecting_A_PCI_Rootkit.pdf
27/07/2007 10:09a 780,860 keystroke protection.pdf
19/08/2008 10:23a 353,855 LED optical_tempest.pdf
19/08/2008 10:23a 14,336 SAFEWEB.PDF
04/05/2011 02:50p 3,413,694 security.zip
19/08/2008 10:23a 621,978 SPYCOUNTER.PDF
19/08/2008 10:23a 74,169 virtual_lans.pdf
19/08/2008 10:23a 39,815 wlan-ids.pdf

Start with SPYCOUNTER.PDF

Wizard X · « **Reply #2 on:** May 04, 2011, 06:55:04 AM »

Abstract. It is well known that eavesdroppers can reconstruct video screen content from radio frequency emanations. We discuss techniques that enable the software on a computer to control the electromagnetic radiation it transmits. This can be used for both attack and defence.

http://www.cl.cam.ac.uk/~mgk25/ih98-tempest.pdf

Wizard X · « **Reply #3 on:** May 25, 2011, 02:27:46 AM »

FBI cooperation Symantec, in compliance with the Federal Bureau of Investigation (FBI), whitelisted Magic Lantern, a keylogger actively developed by the FBI. The purpose of Magic Lantern is to obtain passwords to encrypted e-mail as part of a criminal investigation. Magic Lantern was first reported in the media by Bob Sullivan of MSNBC on November 20, 2001 and by Ted Bridis of the Associated Press.[83] Magic Lantern is deployed as an e-mail attachment. When the attachment is opened, a trojan horse is installed on the suspect's computer. The Trojan horse is activated when the suspect uses PGP encryption, often used to increase the security of sent e-mail messages. When activated, the trojan horse will log the PGP password, which allows the FBI to decrypt user communications.[84] Symantec and other major antivirus vendors have white-listed Magic Lantern, rendering their antivirus products, including Norton Internet Security, incapable of detecting Magic Lantern. Concerns include uncertainties about Magic Lantern's full potential and whether hackers could subvert it for purposes outside the jurisdiction of the law.[85]

Graham Cluley, a technology consultant from Sophos, said "We have no way of knowing if it was written by the FBI, and even if we did, we wouldn’t know whether it was being used by the FBI or if it had been commandeered by a third party".[86] Another reaction came from Marc Maiffret, chief technical officer and cofounder of eEye Digital Security, "Our customers are paying us for a service, to protect them from all forms of malicious code. It is not up to us to do law enforcement's job for them so we do not, and will not, make any exceptions for law enforcement malware or other tools."[87]

FBI spokesman Paul Bresson, in response if Magic Lantern needed a court order to deploy, "Like all technology projects or tools deployed by the FBI it would be used pursuant to the appropriate legal process."[88][89]

Proponents of Magic Lantern argue the technology would allow law enforcement to efficiently and quickly decrypt messages protected by encryption schemes. Implementing Magic Lantern does not require physical access to a suspect's computer, unlike Carnivore, a predecessor to Magic Lantern, since physical access to a computer would require a court order.

http://en.wikipedia.org/wiki/Norton_Internet_Security#FBI_cooperation

(1) Do not install PGP on a computer connected to the Internet.
(2) Save PGP keys on a USB thumb drive and, never connect this drive to a computer connected to the Internet.
(3) Copy 'n' paste PGP encrypted text to a text file from the computer connected to the Internet to another USB thumb drive (not your USB thumb drive containing your PGP keys) and decrypt on (1).

lugh · « **Reply #4 on:** May 25, 2011, 03:28:44 AM »

The Sophos Anti-Rootkit software for Windows is attached

Sedit · « **Reply #5 on:** May 28, 2011, 04:13:22 AM »

Whats the function of this Lugh?

lugh · « **Reply #6 on:** May 28, 2011, 04:25:53 AM »

It's malware detection software that according to Mr. Cluey is capable of detecting Magic Lantern

Like all statements made on the internet or anywhere else for that matter, it should bee greeted with skepticism

The only way to determine for sure is to test it for oneself

It seems like copies of Magic Lantern have been made available online so it should bee possible to run such tests

no1uno · « **Reply #7 on:** May 28, 2011, 08:54:30 AM »

Hmmmmm, so not only are they and the other pricks (big-bunch of letters later) hijacking our unused memory, but they are being given a carte blanche by the people some of us are paying, that allows them to do precisely what we are paying them for? I'm glad I'm a tightwad that regularly bins drives instead of installing crap AV software (Then again, the fuckers have at least 3 of my HDD's and more of my files than I do at present and a full-list of where I went & what I said - still couldn't prove shit).

Look, I realise that for most people Antimalware & Antivirus software is a good thing (fucked if I know why - browse at will using noscript, download to whatever drive is next for format/junk and if you get bit, junk the fucker). Personally Adaware, Spybot, etc are way past their prime (they both act more like the programs they are meant to be stopping nowadays), while the various AV programs go commercial with popups, annoying shit way too regularly for my liking. There is not one company I can point to and say they are following the rules AND are going to keep following them (used to be, you'd pay for a service and they couldn't change the rules retrospectively, now that shit is gone by the board).

However, I don't cruise for kiddie porn (rockspiders belong between rocks IMHO), don't incite violence, don't get involved in radical groups or militia, etc. I also don't post pictures of myself breaking laws, or openly discuss doing so (well, not while the evidence of the same is to hand at least). I am MUCH more likely to be targeted by LE based upon my history, I have more arrests than I've ever seen printed out in one hit & 0 convictions and have made some awfully nasty enemies within LE (their sense of humor at being shown up as the dickheads they are is awfully low). Based upon personal experience, the chances of getting rid of a HDD when they bang on the door is between slim & Sweet Fuck all* so I watch what I say, where I say it and who I talk to. I don't participate in illegal activities, I'm too old, scarred and slow for that shit now so I'm really not the easiest target on the block.

I'd have to say that none of the "fogeys" on this (or other) forums is probably completely unknown to their local pigs, nor is their propensity to collect suspicious shit. That said, there are more pressing problems, in terms of time, effort and funding, than chasing us to what they can pretty well predict to be a very unsatisfactory outcome. There are younger, dumber and more nefarious types to catch, shit, they'll even put their hands up.

* That song, "Bad boys, bad boys, whatchugonna do? whatchugonna do when they come for you?" You'll lie flat, face down on the floor with your hands behind your head if you have an ounce of common sense, that's what you'll do. If you are dumb enough to have evidence on you at that point, that's your problem, it's one getting shot by some halfbaked mummy's boy in a blue shirt ain't gonna help any.

The Lone Stranger · « **Reply #8 on:** May 28, 2011, 10:21:34 AM »

Mr.Kaspersky was asked about government spy programs in a TV interview and he said that kaspersky would never agree to white listing things like that .

The german and british governments have both openly said that there is no computer system that they cant enter and take over without detection . When ask over and over again how that would be done they replyed by useing a tailor made trojan for each system . Then to cement the point they were caught putting a trojan on a non government tax advice CD . <------ that couldnt be what they are talking about simply because it got detected and was so obvious . Thats easily divided up into to parts . ! - they can get on computers and take controle of them so that the user can do NOTHING about it ...... other than pull the plug and head for the hills . A FACT that i have seen being done . I watched a computer being taken over and fully controlled from outside in a mater of a few seconds . 2 - The story about a trojan is obviously not kosher . That is a method that they can use but not the method that was used to take over the computer i was witness to being taken over .

SO ...... how was it done ? <--------- = one BIG posibility is that all microsoft systems have a back door . Wich would explain why microshit says in the papers that come with vista and vista 7 that the products wouldnt have been possible without the help of the NSA <------thats not a quote but the jist of what is said . BUT ......how would they get on non microcack systems ?

Another thing . There are two levels of "police" danger . The first is the normal dumbfuck regular police who are there for the small picture = individual crimes wich get reported to them . They have no licence to look for people and their actions unles they have been given information or an order to do so . The other level is the secret services that are there to cover the big picture . They are as criminal and more than any of us and all of us put together . Thats the only way that they can get a picture of whats going on in the background . They infiltrate criminal organisatiopns and do crimes to gain insights and information that they couldnt get by any other means . Secret services are the biggest smuglers of drugs and arms for instance and have their fingers in most ( all ) big criminal organisations . There is no protection against them if they want you you are GOT . <-------- The LSD silo and the mr.big story are good examples of that . Also the book "The politics of heroin" by A.McCoy is largely about that . Another book wich i cant remember the title of but its by an ex-german minister andreas von bullow ? goes into detail about things like that too . Whatever if big brother or his cohorts want us there is sweet fuck all we can do about it = even if your as clean as jesus the fuckers will plant evidence , torture you and make false statements about you . The courts also do what they are told to do by big brother = dont expect justice there .

EDIT - That tool from sophos and their claim means 1 of two things = either they are lieing or the problem isnt with "magic lantern" and big brother must have another way to get into our computers as it would be more than useless if it could be detected so easily . = "magic lantern" is OLD and redundant so its offered as an explenation = a trojan trojan horse so we dont look for the real danger ..

Please comment ......

Wizard X · « **Reply #9 on:** May 29, 2011, 01:06:48 AM »

Disable System Restore first, then boot in Safe Mode and run the Sophos Anti-Rootkit, or other anti-rootkit software.

Formatting the hard drive will remove everything including rootkits. To ensure that the rootkit, or virus, isn't a boot sector malware, you can remove the C: partition and regenerate another with the OS install. This works in DOS when you boot from the CD, or in your case the bootable USB drive.

Removal can be complicated or practically impossible, especially in cases where the rootkit resides in the kernel; reinstallation of the operating system may be the only alternative. http://en.wikipedia.org/wiki/Rootkit

There are experts who believe that the only reliable way to remove them is to re-install the operating system from trusted media.
Booting an alternate operating system from trusted media can allow an infected system volume to be mounted and potentially safely cleaned. Even if the type and nature of a rootkit is known, manual repair may be impractical, while re-installing the operating system and applications is safer, simpler and quicker.

http://en.wikipedia.org/wiki/Rootkit#Removal

Use this RootKit scanner http://rkhunter.sourceforge.net/ if you want, but a fresh format & install is the way to go.

The Lone Stranger · « **Reply #10 on:** May 29, 2011, 09:44:20 AM »

Wizard X - Does that mean that if one has an acronis copy of a clean system one can just boot from the acronis CD wipe the C partition with "Disk Director" and then put the clean copy back on with "True immage" and be sure that all malware that was there before is gone ? <------Of cource after doing a full system check to make sure nothing is in any part of other hard disks on the system . If thats so i`m relatively safe as i do that at least once a month and sometimes more often . I think that if thats true it would be a better alternative than trusting any ratkit detection program . Wocha think ?

To all - Has anyone any idea how that computer was taken over ? The guy was only on the government web site for a few minutes . The whole finding the way in only took 10 - 15 minutes and didnt go through the government web site . He got in there useing links from other non government web sites from one to another untill he got in . That means to me that they only had the few minutes he was on the government web site to detect him , trace him and take over the computer

Wizard X · « **Reply #11 on:** May 30, 2011, 03:28:28 AM »

Quote from: The Lone Stranger on May 29, 2011, 09:44:20 AM

Wizard X - Does that mean that if one has an acronis copy of a clean system one can just boot from the acronis CD wipe the C partition with "Disk Director" and then put the clean copy back on with "True image" and be sure that all malware that was there before is gone ? <------Of course after doing a full system check to make sure nothing is in any part of other hard disks on the system . If thats so i`m relatively safe as i do that at least once a month and sometimes more often . I think that if thats true it would be a better alternative than trusting any ratkit detection program . Wocha think ?

Yes, agreed! Reinstalling an operating system from a backup image, WILL remove everything in the C partition, clone the backup image back to the C partition and also reinstall your Master Boot Record (MBR) sector.

MBR Backup – Back up your Master Boot Record. http://www.misec.net/products/mbr-backup/

The question is this? Does Microsoft Security Updates, also install KNOWN BACKDOORS for the NSA, FBI, CIA??

It's this reason I have a computer WHICH HAS NEVER BEEN CONNECTED TO THE INTERNET, and I have my PGP and all data encrypted there.

Wizard X · « **Reply #12 on:** May 30, 2011, 03:38:07 AM »

Surf the Internet in Guest account with ALL Java, Active X, Flash, and other scripting disabled to protect yourself from drive-by website malware infection. Use Firefox with NoScript.

fresh1 · « **Reply #13 on:** December 13, 2011, 05:35:08 AM »

Quote

The question is this? Does Microsoft Security Updates, also install KNOWN BACKDOORS for the NSA, FBI, CIA??

well from my limited experience, those backdoors work for whoever wants them to

Quote

one BIG posibility is that all microsoft systems have a back door

ABSOLUTELY!!!

I mentioned the "MS security

updates from hell" in another thread, which fuckt a mates computer, coming in via an AVG 'backdoor' as MS "security" updates, BUT, not the type you want!

My question is, ok I run No script, and cookie monster, anti rootkits, wifi. cash computers,(and proxies when the need is felt) and WAS running ESET, but its time to add another AV system ( i'm worried I'm paranoid

) and Kasperky comes to mind,

What is the general consensus? Kaspersky clearly state that they 'track' nothing and keep no records.....now, that said, I KNOW that...

Quote

Whatever if big brother or his cohorts want us there is sweet fuck all we can do about it = even if your as clean as jesus the fuckers will plant evidence , torture you and make false statements about you

I too, have had the unfortunate experience of "frustrating the advaces of LE", and those bastards ARE "time consuming, and expensive"

So, who suggests what? And why? Like I said, Kaspersky seems the way to go, but I'm no Pro in this game, as are a few here, so I would appreciate the advice

Cheers f1

Wizard X · « **Reply #14 on:** January 02, 2012, 03:11:43 AM »

I also suggest to download...

The Emsisoft Emergency Kit contains a collection of programs that can be used without a software installation to scan and clean infected computers for malware. http://www.emsisoft.com/en/software/eek/

...and burn this to a bootable CD. Make a bootable CD with Nero.

This CD can be used in Safe Mode, or boot in DOS mode, when unable to clean in Safe Mode.

Wizard X · « **Reply #15 on:** February 05, 2012, 01:48:28 AM »

Checking your DNS entries and fixing the Error code 80244019 problem.

Dns Changer Trojan: This Trojan changes the DNS entries for your computer and some times your router/modem. When your computer looks for the microsoft update server it gets sent to an infected server to download more malcious files.

http://benosullivan.co.uk/windows/how-to-fix-error-code-80244019-when-running-updates-in-windows-vista/

Tsathoggua · « **Reply #16 on:** February 19, 2012, 02:04:18 AM »

Anyone got the IP for this malicious server? would be a very good idea to circulate blocklists of known fed servers by PM, to contributing users (there is going to be discussion here I am sure...I mean, people who have more than say, a few 'spam' posts of rhodium's well known P2P synths, people who are known to be....well people. So to speak. And I don't speak of robots either. I mean the variety of unpeople who have more than two legs, and take their dinner donuts and coffee from a trough.

Wizard X · « **Reply #17 on:** February 19, 2012, 08:03:06 AM »

Quote from: Tsathoggua on February 19, 2012, 02:04:18 AM

Anyone got the IP for this malicious server? would be a very good idea to circulate blocklists of known fed servers by PM, to contributing users (there is going to be discussion here I am sure...I mean, people who have more than say, a few 'spam' posts of rhodium's well known P2P synths, people who are known to be....well people. So to speak. And I don't speak of robots either. I mean the variety of unpeople who have more than two legs, and take their dinner donuts and coffee from a trough.

DNS Changer viruses DNS Server IPs. http://www.dcwg.org/checkup2.html | http://127.0.0.1/talk/index.php/topic,2924.msg29566.html#msg29566

Wizard X · « **Reply #18 on:** May 27, 2012, 03:49:03 AM »

Bootable AntiVirus Rescue CD/USB, bootable CD/USB source that perform scans and removes computer virus without booting computer operating system first. Most of bootable Rescue CD builds are build based on Linux Live CD distribution, which load a simple operating system to scan malware threads without writing any system files on your hard drive.

Bootable antivirus Rescue CD solution is the most effective way to remove the virus, trojan and malware because it can track down viruses, trojans and other malware are embedded so tightly into your operating system, which cannot be detected or removed by antivirus software running in that system. Plus more, some of the antivirus rescue CDs even integrates with utilities tools such as hard disk partition software, Rootkit scanner and other system tasks.

http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/

Kaspersky Rescue Disk – Load Kaspersky AntiVirus 2009 Using DOS. http://www.techmixer.com/kaspersky-rescue-disk-load-kaspersky-antivirus-2009-using-dos/

Kaspersky Rescue Disk 10. http://www.techmixer.com/kaspersky-rescue-disk-2010/

Create Bootable Kaspersky USB Rescue Disk. http://www.techmixer.com/create-bootable-kaspersky-usb-rescue-disk/

Free F-Secure Rescue Bootable CD to Clean Virus and Malware. http://www.techmixer.com/free-f-secure-rescue-bootable-cd-to-clean-virus-and-malware/

Create Bootable BitDefender USB Rescue Disk. http://www.techmixer.com/create-bootable-bitdefender-usb-rescue-disk/

AVG Rescue Disk – Free AVG Bootable Antivirus CD. http://www.techmixer.com/avg-rescue-disk-free-avg-bootable-antivirus-cd/

Avira AntiVir Rescue Disk Download to clean Virus and Malware. http://www.techmixer.com/avira-antivir-rescue-disk-download-to-clean-virus-and-malware/

Multiple Antivirus Bootable Rescue CD Utility – Shardana Antivirus Rescue Disc Utility. http://www.techmixer.com/sardu-2-create-multiple-antivirus-utility-rescue-disk-usb/

Sardu 2: Create Multiple Antivirus and Utility Rescue Disk/USB. http://www.techmixer.com/sardu-2-create-multiple-antivirus-utility-rescue-disk-usb/

http://www.sarducd.it/downloads.html | http://www.sarducd.it/downloads/SARDU_2.0.4.3.zip

Other Multiple ISO Boot Apps.

http://www.snapfiles.com/get/liliusb.html
http://www.snapfiles.com/get/yumi.html
http://www.snapfiles.com/get/unetbootin.html

Wizard X · « **Reply #19 on:** June 04, 2012, 07:35:53 AM »

Large List of Downloadable Computer Repair CDs. http://www.technibble.com/large-list-of-useful-computer-repair-cds/

Author Topic: Computer Security & Internet Privacy (Read 455 times)

Wizard X

Computer Security & Internet Privacy

Wizard X

Re: Computer Security & Internet Privacy

Wizard X

Re: Computer Security & Internet Privacy

Wizard X

FBI Magic Lantern white-listed by major antivirus vendors.

lugh

Re: Computer Security & Internet Privacy

Sedit

Re: Computer Security & Internet Privacy

lugh

Re: Computer Security & Internet Privacy

no1uno

Re: Computer Security & Internet Privacy

The Lone Stranger

Re: Computer Security & Internet Privacy

Wizard X

Re: Computer Security & Internet Privacy

The Lone Stranger

Re: Computer Security & Internet Privacy

Wizard X

Re: Computer Security & Internet Privacy

Wizard X

Re: Computer Security & Internet Privacy

fresh1

Re: Computer Security & Internet Privacy

Wizard X

Re: Computer Security & Internet Privacy

Wizard X

Checking your DNS entries.

Tsathoggua

Re: Computer Security & Internet Privacy

Wizard X

Re: Computer Security & Internet Privacy

Wizard X

Bootable AntiVirus Rescue CD/USB

Wizard X

Re: Computer Security & Internet Privacy