Jump to content

Welcome to nsane.forums

Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.

  • Access special members only forums
  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates

 

Please note: Unfortunetely due to some server side issues, registration via Hotmail / Outlook email addresses do not work, members are requested to use some other email addresses like Gmail to register here.


Sign in to follow this  
jtmulc

Malware as security?

Recommended Posts

jtmulc    371
jtmulc

DISCLAIMER: This post is for hypothetical discussion only.

 

With police and border control having increasingly broad powers to search people's electronic devices, how long before we see malware developed as a security service?


Given that it is already possible to create infected usb drives that execute code as soon as they are plugged in to a PC, how difficult would it be to design something that infects any device trying to read a phone or tablet?

Share this post


Link to post
Share on other sites
Kalju    3,845
Kalju

There is nothing hypothetical, all these things are already in place and are used in many countries at the national level.

The same is also with these massive cyber attacks. These all are the ordered work at the national level.

And you all know which countries are doing it and which countries produce the appropriate software so that it can be done. It's not a secret.

Share this post


Link to post
Share on other sites
pc71520    1,081
pc71520
1 hour ago, jtmulc said:

How long before we see malware developed as a security service?

Already developed by Security & Intelligence services...;)

  • Like 2

Share this post


Link to post
Share on other sites
straycat19    3,021
straycat19
On 5/19/2017 at 3:33 AM, jtmulc said:

how difficult would it be to design something that infects any device trying to read a phone or tablet?

 

Do you think any security service is going to plug a device into an unknown phone or tablet and allow anything to write to their device.  Those devices are read only, not forensic tools, and as such have a write block built into them.  They cause the device to show suspect data on the screen, then the device can be confiscated based upon what the examiner sees. Then a full forensic copy can be made of the device, again using a write blocker so the forensic utility is just reading the data and writing it to a storage medium.  It will not allow any program on the device to run.  How do I know this?  In the past I have setup these devices for law enforcement agencies and have much experience in computer forensics.  I carry a hardware USB write blocker with me everywhere I go.  I never plug any unknown USB device into anything of mine without using the writeblocker between it and my device.

  • Like 4

Share this post


Link to post
Share on other sites
jtmulc    371
jtmulc
On 5/21/2017 at 1:46 AM, straycat19 said:

Do you think any security service is going to plug a device into an unknown phone or tablet and allow anything to write to their device.

 

I don't travel much and my only interaction with security services has been limited to getting pulled over for speeding, so I had no idea what they use.  Given the level of IT security in other parts of the government, I wouldn't have been surprised if you had told me they used unsecured laptops from Target.

 

On 5/21/2017 at 1:46 AM, straycat19 said:

Those devices are read only, not forensic tools, and as such have a write block built into them.  They cause the device to show suspect data on the screen, then the device can be confiscated based upon what the examiner sees. Then a full forensic copy can be made of the device, again using a write blocker so the forensic utility is just reading the data and writing it to a storage medium.  It will not allow any program on the device to run.  How do I know this?  In the past I have setup these devices for law enforcement agencies and have much experience in computer forensics.  I carry a hardware USB write blocker with me everywhere I go.  I never plug any unknown USB device into anything of mine without using the writeblocker between it and my device.

 

That is really neat and informative.  Thank you.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

×