Jump to content

Malware as security?


jtmulc

Recommended Posts

DISCLAIMER: This post is for hypothetical discussion only.

 

With police and border control having increasingly broad powers to search people's electronic devices, how long before we see malware developed as a security service?


Given that it is already possible to create infected usb drives that execute code as soon as they are plugged in to a PC, how difficult would it be to design something that infects any device trying to read a phone or tablet?

Link to comment
Share on other sites


  • Replies 4
  • Views 1.1k
  • Created
  • Last Reply

There is nothing hypothetical, all these things are already in place and are used in many countries at the national level.

The same is also with these massive cyber attacks. These all are the ordered work at the national level.

And you all know which countries are doing it and which countries produce the appropriate software so that it can be done. It's not a secret.

Link to comment
Share on other sites


1 hour ago, jtmulc said:

How long before we see malware developed as a security service?

Already developed by Security & Intelligence services...;)

Link to comment
Share on other sites


straycat19
On 5/19/2017 at 3:33 AM, jtmulc said:

how difficult would it be to design something that infects any device trying to read a phone or tablet?

 

Do you think any security service is going to plug a device into an unknown phone or tablet and allow anything to write to their device.  Those devices are read only, not forensic tools, and as such have a write block built into them.  They cause the device to show suspect data on the screen, then the device can be confiscated based upon what the examiner sees. Then a full forensic copy can be made of the device, again using a write blocker so the forensic utility is just reading the data and writing it to a storage medium.  It will not allow any program on the device to run.  How do I know this?  In the past I have setup these devices for law enforcement agencies and have much experience in computer forensics.  I carry a hardware USB write blocker with me everywhere I go.  I never plug any unknown USB device into anything of mine without using the writeblocker between it and my device.

Link to comment
Share on other sites


On 5/21/2017 at 1:46 AM, straycat19 said:

Do you think any security service is going to plug a device into an unknown phone or tablet and allow anything to write to their device.

 

I don't travel much and my only interaction with security services has been limited to getting pulled over for speeding, so I had no idea what they use.  Given the level of IT security in other parts of the government, I wouldn't have been surprised if you had told me they used unsecured laptops from Target.

 

On 5/21/2017 at 1:46 AM, straycat19 said:

Those devices are read only, not forensic tools, and as such have a write block built into them.  They cause the device to show suspect data on the screen, then the device can be confiscated based upon what the examiner sees. Then a full forensic copy can be made of the device, again using a write blocker so the forensic utility is just reading the data and writing it to a storage medium.  It will not allow any program on the device to run.  How do I know this?  In the past I have setup these devices for law enforcement agencies and have much experience in computer forensics.  I carry a hardware USB write blocker with me everywhere I go.  I never plug any unknown USB device into anything of mine without using the writeblocker between it and my device.

 

That is really neat and informative.  Thank you.

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...