You have got to be kidding me... - Miata Turbo Forum - Boost cars, acquire cats.

Welcome to Miataturbo.net   Members
 


Insert BS here A place to discuss anything you want

Reply
 
 
 
LinkBack Thread Tools Search this Thread
Old 10-07-2011, 09:35 PM   #1
Destroyer of Inconel
Thread Starter
iTrader: (37)
 
EO2K's Avatar
 
Join Date: Apr 2010
Location: In ur driveway, abusin' ur WPA
Posts: 9,642
Total Cats: 954
Default You have got to be kidding me...

http://www.wired.com/dangerroom/2011...s-drone-fleet/

Quote:
A computer virus has infected the cockpits of America’s Predator and Reaper drones, logging pilots’ every keystroke as they remotely fly missions over Afghanistan and other warzones.

The virus, first detected nearly two weeks ago by the military’s Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech’s computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the U.S. military’s most important weapons system.


/facepalm

I really need to get DangerRoom off my RSS...
EO2K is offline   Reply With Quote
Old 10-08-2011, 12:02 AM   #2
Elite Member
 
Join Date: Jul 2007
Location: Little Rock, AR
Posts: 3,109
Total Cats: 127
Default

Scary ****.
jacob300zx is offline   Reply With Quote
Old 10-08-2011, 05:42 AM   #3
Destroyer of Inconel
Thread Starter
iTrader: (37)
 
EO2K's Avatar
 
Join Date: Apr 2010
Location: In ur driveway, abusin' ur WPA
Posts: 9,642
Total Cats: 954
Default

The fact that the military has this **** connected to the public internet blows my ******* mind. I need to stop going to DefCon and reading InfoSec bullshit in my spare time.

If you really want to go for a ride, take a look at **** like nMap, WireShark and the MetaSploit project... and that's just the tip of the iceberg. The rabbit hole gets pretty damn deep.
EO2K is offline   Reply With Quote
Old 10-08-2011, 01:12 PM   #4
Elite Member
iTrader: (2)
 
Join Date: Jan 2007
Location: Los Angeles, CA
Posts: 8,782
Total Cats: 119
Default

What's the big deal about nmap and metasplooit?
Faeflora is offline   Reply With Quote
Old 10-08-2011, 02:10 PM   #5
Destroyer of Inconel
Thread Starter
iTrader: (37)
 
EO2K's Avatar
 
Join Date: Apr 2010
Location: In ur driveway, abusin' ur WPA
Posts: 9,642
Total Cats: 954
Default

Its really just a starting point. Most people don't realize this stuff is out there, how easy it is to acquire and use, and how vulnerable they really are.
EO2K is offline   Reply With Quote
Old 10-08-2011, 03:38 PM   #6
Senior Member
iTrader: (2)
 
Join Date: Jun 2007
Location: Shalimar, FL
Posts: 965
Total Cats: 7
Default

I read about this earlier today on defensetech. While my job has nothing to do with network security, it's embarrassing to know that my fellow airmen elsewhere can't seem to get their **** straight.
messiahx is offline   Reply With Quote
Old 10-08-2011, 04:31 PM   #7
Junior Member
 
Join Date: Sep 2010
Location: SFL
Posts: 376
Total Cats: 3
Default

I find it ironic the system they invented (the internet) is being used against them.
MD323 is offline   Reply With Quote
Old 10-11-2011, 05:34 PM   #8
Boost Pope
iTrader: (8)
 
Joe Perez's Avatar
 
Join Date: Sep 2005
Location: Chicago (Over two miles from Wrigley Field. Fuck the Cubs. Fuck them in their smarmy goat-hole.)
Posts: 26,317
Total Cats: 1,914
Default

Apparently the USAF isn't the only one.

This message was distributed company-wide within the Harris Corporation (whose primary business is in defense electronics, mostly encrypted comms and nav systems) today:
Harris Security Advisory - Be Alert for Unsolicited USB Thumb Drives!

Several Harris employees have recently received unsolicited USB thumb drives via mail and other delivery methods. Some of the envelopes included a brief note indicating the drive was “found” and being returned; others had no message or marking of any kind. Fortunately, these employees were vigilant enough to be suspicious and notified the Service Desk, who advised them how to send in the materials for investigation by Harris information security authorities.

In an increasing number of incidents, attackers use the convenience and portability of USB drives to trick unsuspecting victims into infecting their computers. Typically, a thumb drive pre-loaded with malware is either left in a public place for a random victim to find, or sent directly to a predetermined target. If plugged into a computer, the malware installs and gives the attacker access to harvest sensitive information, gain an entry to the network, or other malicious activities.

If you find or receive an unknown USB device, NEVER PLUG IT INTO YOUR COMPUTER to view the contents or attempt to identify the owner. If you find such a device at a Harris-related event or location, or receive one in the mail at a Harris address, keep the drive and all associated packaging (note, envelope, etc.) and notify the Service Desk immediately. They will engage the Incident Response security team, who will take appropriate action.
Joe Perez is offline   Reply With Quote
Old 10-11-2011, 05:47 PM   #9
Destroyer of Inconel
Thread Starter
iTrader: (37)
 
EO2K's Avatar
 
Join Date: Apr 2010
Location: In ur driveway, abusin' ur WPA
Posts: 9,642
Total Cats: 954
Default

Hehe, we used to do this with CDR's labeled "MP3s" back in the day. There was a little autorun program on the disc that installed a program we built to call home to an IRC chatroom, just to see how effective this distribution method was. IIRC the local community college had the best reply rate.

Also: State sponsored spyware!

http://www.wired.com/threatlevel/201...n-gov-spyware/

German Minister Wants Investigation of State Authorities’ Use of Spyware

Quote:
Germany’s justice minister has called for an investigation after authorities in at least four German states acknowledged using computer spyware to conduct surveillance on citizens.

Authorities in the state of Bavaria admitted on Monday that a piece of spyware discovered on a citizen’s computer by the local Chaos Computer Club hacker group was designed for use by authorities to spy on suspects.

Under German law, authorities can use spyware to monitor criminals, but its use is supposed to be limited to the interception of internet telephony.

The so-called R2D2 keylogging Trojan CCC examined, however, does much more than this. In addition to monitoring Skype calls and recording keystrokes to monitor e-mail and instant messaging communications, the Trojan can take screenshots and activate a computer’s microphone and webcam to allow someone to remotely spy on activities in a room. Furthermore, the program includes a backdoor that would allow authorities to remotely update the program with additional functionality.
Sounds like a sample that would be REALLY fun to pull apart. Too bad its been years since I played with IDAPro
EO2K is offline   Reply With Quote
Old 10-11-2011, 06:01 PM   #10
Boost Pope
iTrader: (8)
 
Joe Perez's Avatar
 
Join Date: Sep 2005
Location: Chicago (Over two miles from Wrigley Field. Fuck the Cubs. Fuck them in their smarmy goat-hole.)
Posts: 26,317
Total Cats: 1,914
Default

Quote:
Originally Posted by EO2K View Post
Quote:
the Trojan can take screenshots and activate a computer’s microphone and webcam to allow someone to remotely spy on activities in a room.
You want to know what's funny? When they first started putting integrated webcams and microphones into laptops, I half-jokingly pointed out that I really didn't want my computer to be able to spy on me. And to this day, I have never owned a computer with a built-in webcam (admittedly, my laptops do all have microphones.)

Anybody remember the book / film 1984? Cliffs: Everybody's apartment has a "telescreen" in it, which is basically just a television set, except that Big Brother can also use it to see and hear what you are doing.

That was written in 1949.
Joe Perez is offline   Reply With Quote
Old 10-11-2011, 06:58 PM   #11
Elite Member
iTrader: (21)
 
Join Date: Jun 2007
Location: Rochester, NY
Posts: 5,684
Total Cats: 555
Default

There was a recent case of a school using laptops to spy on students at home.
rleete is offline   Reply With Quote
Old 10-11-2011, 07:16 PM   #12
Boost Pope
iTrader: (8)
 
Joe Perez's Avatar
 
Join Date: Sep 2005
Location: Chicago (Over two miles from Wrigley Field. Fuck the Cubs. Fuck them in their smarmy goat-hole.)
Posts: 26,317
Total Cats: 1,914
Default

Quote:
Originally Posted by rleete View Post
There was a recent case of a school using laptops to spy on students at home.
Now that doesn't surprise me. (Robbins v. Lower Merion School District). To be honest, any time you use a computing asset which is owned by a third party (be it a school laptop, a company PC on your desk, a web forum, a third-party email server, etc) you have no reasonable expectation of privacy, nor should you delude yourself into thinking otherwise.

Google scans the contents of your email for the purposes of targeted marketing. Your employer keeps tabs on what you are doing on your PC at work (and elsewhere, if you are using a company-issued laptop and/or VPN account.) And while it may be immoral and is almost certainly illegal, it does not surprise me in the least that a school board would active the built-in surveillance features of laptop it supplied to children, not because of any grand conspiracy, but just because people in positions of minor authority are like that.


But for a government to covertly slip spyware into the privately-owned computers of its own citizens? Well, +10 for creativity, but -several million for creepiness, even if local laws permit it.



I'm honestly surprised we haven't heard of something like this happening with smartphones. They can not only hear and see you, but they know where you are, ever place you have ever been, how fast you are moving, etc. My phone knows not just how often I go to Fry's, the freaky **** store, etc., but how fast I drive on the way there and back. With a bit of data-crunching, it could even tell you what specific people I tend to meet up with at various locations and when.

So a hypothetical person is busted for, let's say, possession of heroin, or creating child pornography, or some other thing that's easy to ram through both the courts and the Court of Public Opinion on the grounds of being inherently evil. It's not that big of a stretch to imagine pulling the location history from her phone for the past year, and running it through a database which also contains the location history for every other cell phone in the system, and figuring out that this individual tended to meet in person with two or three other individuals in a certain secluded location on a regular schedule, and always at night.

Did this violate anybody's rights? Did it constitute an unlawful search? All they did was take several sets of data which were lawfully (and consensually) gathered by a commercial third-party, and comparing them together.

Last edited by Joe Perez; 10-11-2011 at 07:35 PM.
Joe Perez is offline   Reply With Quote
 
 
Reply

Related Topics
Thread Thread Starter Forum Replies Last Post
Turbo 1995 Miata Low mileage Clean Tekel Cars for sale/trade 29 02-05-2016 05:16 PM
Help multi issues here! ReallyRottenTurbo MEGAsquirt 4 09-22-2015 01:49 PM
Track Video & Bluetooth MS3 Questions ofspunk7 General Miata Chat 3 08-31-2015 03:14 PM
funniest quote hahaha.... XxGoKoUxX Insert BS here 3 01-07-2008 04:05 PM
kids hit my car with a pumpkin 92mazdarati Insert BS here 12 10-08-2006 10:10 AM


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -4. The time now is 04:20 PM.