Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Secret Service Infiltration Detection ?


  • Please log in to reply
6 replies to this topic

#1 webasylum

webasylum

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:51 PM

Posted 25 September 2014 - 11:37 PM

Is there any software group keeping track and introducing virus detection for infiltration techniques being developed by the secret services ?



BC AdBot (Login to Remove)

 


m

#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:51 PM

Posted 26 September 2014 - 12:02 AM

Hello webasylum, and welcome.
 

Do you think that there should be such a group ?? What would they actually do ??

 

Normal Virus / Malware problems are enough for most programs, and how would you ever enforce this ??

 

Your Secret Services have been watching you for many years, just to keep you safe from outside groups.

 

No, I am not just joking either, this is what they refer to as "chatter" between groups, and it is used to protect you.

 

Thank You -



#3 webasylum

webasylum
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:51 PM

Posted 26 September 2014 - 12:29 AM

:)  Well... I knew it would be Clandestine... and I suppose I couldn't expect a serious answer either !  
Code that would just identify that such SIS software is active on the machine would be nice to know.... especially when the system starts behaving weird even though "normal" detection software doesn't find anything.


Edited by webasylum, 26 September 2014 - 12:31 AM.


#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:51 PM

Posted 26 September 2014 - 01:31 AM

:)  Well... I knew it would be Clandestine... and I suppose I couldn't expect a serious answer either ! 

The reply is 100% serious as we all need to be protected from any problem that you refer to as "SIS software".

If you use normal Antivirus and Antimalware programs, you should be protected from anything that can harm you.

 

All agencies from all over the world are able to watch and listen to any computer output that they wish to survey, for reasons of national security and safety.



#5 rp88

rp88

  • Members
  • 2,895 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:51 AM

Posted 27 September 2014 - 06:57 AM

If secret services are trying to put malware on people's machines it will be detectable just like normal civilian made malware. there are 193 national governments in the united nations, and a few more governments if you count those in disputed regions. Each has a secret service. Remember also that antivirus products come from a range of countries, so even if a particular antivirus company had a shady deal not to detect particular pieces of malware from 1 government, it would still detect infections made by the 192 (or more) others. If a single government tried to get all the antivirus companies to co-operate with it, no doubt some of them would leak information about the bribes/threats/shady deals . As the antivirus companies come from a wide range of nations a single government is going to find it almost impossible to force it's will on those run from countries foreign to it, even if some companies co-operate others will not (and when those that don't co-operate find out that others do co-operate those that don't will be able to advertize this fact and boost sales because of it). In short, malware made by governments will be detected just like malware made by gangs or individuals. It certainly exists but it isn't long before, for any given instance, an antivirus company discovers the virus and takes steps to fight it. That company might never find out the malware os governmental in origin, but as soon as they report they have found it and are blocking it then companies who have co-operated with the government will need to change their databases fast so that it becomes detectable by them(otherwise when someone finds out they have shady deal the co-operating company will lose customers). Most surveillance isn't done by malware anyway, but by watching internet traffic, you machine doesn't need to be compromised because your ISP is. It is to be assumed that these traffic watchers know they have a risk of getting false positives when watching someone's traffic, so they probably just make a log of things they see, and then forget about the log. I'm not sure why you are particularly concerned about THIS threat to your computer/internet traffic, there are many bigger threats and this is one of the rarest, but just follow the practices of keeping your antivirus in good order and getting a second opinion scan from time to time.
Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,620 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:51 AM

Posted 27 September 2014 - 06:57 AM

Is there any software group keeping track and introducing virus detection for infiltration techniques being developed by the secret services ?

 

Yes, there are activists doing this.

For example for FinFisher:

 

http://en.wikipedia.org/wiki/FinFisher


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#7 Crazy Cat

Crazy Cat

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:03:51 PM

Posted 27 September 2014 - 08:29 PM

Not only the PC operating system is vulnerable to hacks, but the attached hardware also.

Security researchers have demonstrated a hack that allowed them to get into the web interface of a Canon Pixma printer before modifying its firmware to run the classic 90s computer game Doom. The hack was only possible because the printer's firmware used basic XOR Encryption. The same tactics could easily be applied to either plant a trojan on the printer to spy on documents being printed or to establish a compromised gateway into a corporate network associated with the pox-ridden printer. http://www.theregister.co.uk/2014/09/15/hacking_printers_to_play_doom/

Hacking Canon Pixma Printers - Doomed Encryption. http://www.contextis.co.uk/resources/blog/hacking-canon-pixma-printers-doomed-encryption/

 
Ricochet is an experiment with a different kind of instant messaging that doesn't trust anyone with your identity, your contact list, or your communications https://github.com/ricochet-im/ricochet

Middle-School Dropout Codes Clever Chat Program That Foils NSA Spying - Ricochet. http://www.wired.com/2014/09/new-encrypted-chat-program-thwarts-nsa-eliminating-metadata/
 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users