E46 BMW Social Directory E46 FAQ 3-Series Discussion Forums BMW Photo Gallery BMW 3-Series Technical Information E46 Fanatics - The Ultimate BMW Resource BMW Vendors General E46 Forum The Tire Rack's Tire Wheel Forum Forced Induction Forum The Off-Topic The E46 BMW Showroom For Sale, For Trade or Wanting to Buy

Welcome to the E46Fanatics forums. E46Fanatics is the premiere website for BMW 3 series owners around the world with interactive forums, a geographical enthusiast directory, photo galleries, and technical information for BMW enthusiasts.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact contact us.

Go Back   E46Fanatics > Everything Else > The Off-Topic > General Off-Topic

General Off-Topic
Everything not about BMWs. Posts must be "primetime" safe and in good taste. You must be logged in to see sub-forums.
Click here to browse all new posts.

Reply
 
Thread Tools Search this Thread Rate Thread Display Modes
Old 03-07-2017, 02:10 PM   #21
makecopies
Registered User
 
Join Date: Oct 2007
Location: 1600 Penn. Ave
Posts: 1,820
My Ride: Gods Chariot
WWJBD= What Would Jason Bourne Do?
makecopies is offline   Reply With Quote
Old 03-07-2017, 03:12 PM   #22
jeffro3000
Registered User
 
Join Date: Feb 2008
Location: Huntsville, AL
Posts: 2,812
My Ride: 2000 328i
No one can hack the iPhone, it's unpossible.
jeffro3000 is offline   Reply With Quote
Old 03-07-2017, 03:49 PM   #23
jeffro3000
Registered User
 
Join Date: Feb 2008
Location: Huntsville, AL
Posts: 2,812
My Ride: 2000 328i
Despite Wikileaks, the CIA can't crack Signal and Whatsapp encryption
Quote:
A close reading of the descriptions of mobile hacking outlined in the documents released by WikiLeaks shows that the CIA has not yet cracked those invaluable encryption tools. That has done little to prevent confusion on the matter, something Wikileaks itself contributed to with a carelessly worded tweet

Of course, the CIA can compromise the devices sending, or receiving, those messages. By taking control of a so-called “end point,” spies can access everything on a smartphone, be it texts, videos, the camera, or the microphone. “It isn’t about ‘defeating encryption’ despite the hype,” says Nicholas Weaver, a computer security researcher at the International Computer Science Institute. “If you compromise a target’s phone, you don’t care about encryption anymore.”
If they want to read your Signal messages, they have to compromise your actual phone. The messaging service is still secure. This is an important distinction, since compromising everyone's phone is probably more difficult than just intercepting everyone's messages en masse.

Their protocol also means that Signal, etc. are immune to FISA court orders to hand over bulk data, since they don't have any data to hand over. This forces the CIA to do things the hard way.

Whatsapp and Google Allo's incognito mode also use the Signal protocol.
jeffro3000 is offline   Reply With Quote
Old 03-07-2017, 05:43 PM   #24
swordsman11868
Registered User
 
Join Date: Aug 2006
Location: Las Vegas
Posts: 1,306
My Ride: 2003 325i
Quote:
Originally Posted by jeffro3000 View Post
Despite Wikileaks, the CIA can't crack Signal and Whatsapp encryption


If they want to read your Signal messages, they have to compromise your actual phone. The messaging service is still secure. This is an important distinction, since compromising everyone's phone is probably more difficult than just intercepting everyone's messages en masse.

Their protocol also means that Signal, etc. are immune to FISA court orders to hand over bulk data, since they don't have any data to hand over. This forces the CIA to do things the hard way.

Whatsapp and Google Allo's incognito mode also use the Signal protocol.
Technically that seems to be correct (based on what I have read on WikiLeaks).

It seems that since their encryption is so strong it's much easier for CIA to compromise the phone, thus alleviating the need to crack end-to-end encryption.
__________________
I'm just here to change the world.
BMW Wiki: http://www.bimmerfest.com/wiki/index.php

E46Fanatics inspiration Robolop: http://forum.e46fanatics.com/showthr...87566&page=101

2016 Beheadings in Saudi Arabia: 92.
swordsman11868 is offline   Reply With Quote
Old 03-07-2017, 05:47 PM   #25
swordsman11868
Registered User
 
Join Date: Aug 2006
Location: Las Vegas
Posts: 1,306
My Ride: 2003 325i
Here's something relevant to the above idea of the phones themselves being compromised from WikiLeaks:

"A number of the CIA's electronic attack methods are designed for physical proximity. These attack methods are able to penetrate high security networks that are disconnected from the internet, such as police record database. In these cases, a CIA officer, agent or allied intelligence officer acting under instructions, physically infiltrates the targeted workplace. The attacker is provided with a USB containing malware developed for the CIA for this purpose, which is inserted into the targeted computer. The attacker then infects and exfiltrates data to removable media. For example, the CIA attack system Fine Dining, provides 24 decoy applications for CIA spies to use. To witnesses, the spy appears to be running a program showing videos (e.g VLC), presenting slides (Prezi), playing a computer game (Breakout2, 2048) or even running a fake virus scanner (Kaspersky, McAfee, Sophos). But while the decoy application is on the screen, the underlaying system is automatically infected and ransacked."

It seems that if an agent can gain physical access to the device they can hack it. That would allow them to circumvent WhatsApp, etc, encryption.
__________________
I'm just here to change the world.
BMW Wiki: http://www.bimmerfest.com/wiki/index.php

E46Fanatics inspiration Robolop: http://forum.e46fanatics.com/showthr...87566&page=101

2016 Beheadings in Saudi Arabia: 92.
swordsman11868 is offline   Reply With Quote
Old 03-07-2017, 05:57 PM   #26
Act of God
Registered User
 
Join Date: Dec 2004
Location: NY
Posts: 335
My Ride: Longboard
Send a message via ICQ to Act of God Send a message via AIM to Act of God Send a message via Yahoo to Act of God
I guess this is why Mark Zuckerberg covers his webcam on his laptop and plugs in a cut off headphone input in the external mic (or so I've heard).
__________________
"In the modern welfare state, a vote becomes a license to take what others create" - Thomas Sowell

Last edited by Act of God; 03-07-2017 at 05:58 PM.
Act of God is offline   Reply With Quote
Old 03-07-2017, 05:59 PM   #27
swordsman11868
Registered User
 
Join Date: Aug 2006
Location: Las Vegas
Posts: 1,306
My Ride: 2003 325i
Quote:
Originally Posted by Act of God View Post
I guess this is why Mark Zuckerberg covers his webcam on his laptop and plugs in a cut off headphone input in the external mic (or so I've heard).
A decidedly low-tech solution to a high-tech problem. Bravo.
__________________
I'm just here to change the world.
BMW Wiki: http://www.bimmerfest.com/wiki/index.php

E46Fanatics inspiration Robolop: http://forum.e46fanatics.com/showthr...87566&page=101

2016 Beheadings in Saudi Arabia: 92.
swordsman11868 is offline   Reply With Quote
Old 03-07-2017, 06:00 PM   #28
swordsman11868
Registered User
 
Join Date: Aug 2006
Location: Las Vegas
Posts: 1,306
My Ride: 2003 325i
Quote:
Originally Posted by makecopies View Post
WWJBD= What Would Jason Bourne Do?
Bourne would grab the nearest cop's gun and shoot his way out. Like a baus.


All after infiltrating Langley by himself.
__________________
I'm just here to change the world.
BMW Wiki: http://www.bimmerfest.com/wiki/index.php

E46Fanatics inspiration Robolop: http://forum.e46fanatics.com/showthr...87566&page=101

2016 Beheadings in Saudi Arabia: 92.

Last edited by swordsman11868; 03-07-2017 at 06:00 PM.
swordsman11868 is offline   Reply With Quote
Old 03-07-2017, 06:04 PM   #29
swordsman11868
Registered User
 
Join Date: Aug 2006
Location: Las Vegas
Posts: 1,306
My Ride: 2003 325i
IMHO, and based on what I have heard, there is another Snowden out there who leaked this info.

It will be interesting to see if they become known. Also, it's interesting that this info is from 2013-1016.
__________________
I'm just here to change the world.
BMW Wiki: http://www.bimmerfest.com/wiki/index.php

E46Fanatics inspiration Robolop: http://forum.e46fanatics.com/showthr...87566&page=101

2016 Beheadings in Saudi Arabia: 92.
swordsman11868 is offline   Reply With Quote
Old 03-07-2017, 06:15 PM   #30
swordsman11868
Registered User
 
Join Date: Aug 2006
Location: Las Vegas
Posts: 1,306
My Ride: 2003 325i
I watched The Americans series a while back. It was really well done and had some really convincing actors and story lines. Since espionage is such a hot topic I suggest that everyone watch it.

One of the anti-spying methods the FBI used was to create a "vault" that no electronic signals could penetrate. That room was swept daily(?) for bugs. It was also sound and light proof.
__________________
I'm just here to change the world.
BMW Wiki: http://www.bimmerfest.com/wiki/index.php

E46Fanatics inspiration Robolop: http://forum.e46fanatics.com/showthr...87566&page=101

2016 Beheadings in Saudi Arabia: 92.
swordsman11868 is offline   Reply With Quote
Old 03-07-2017, 06:21 PM   #31
swordsman11868
Registered User
 
Join Date: Aug 2006
Location: Las Vegas
Posts: 1,306
My Ride: 2003 325i
So since there are a multitude of vulnerabilities that have been exposed everyone should start checking for updates on their devices!

There should be several in the coming days and weeks.
__________________
I'm just here to change the world.
BMW Wiki: http://www.bimmerfest.com/wiki/index.php

E46Fanatics inspiration Robolop: http://forum.e46fanatics.com/showthr...87566&page=101

2016 Beheadings in Saudi Arabia: 92.
swordsman11868 is offline   Reply With Quote
Old 03-07-2017, 06:41 PM   #32
cowmoo32
.--. . -. .. ...
 
cowmoo32's Avatar
 
Join Date: Jul 2003
Location: FL
Posts: 5,545
My Ride: Yukon
Quote:
Originally Posted by swordsman11868 View Post
This looks ominous and sounds surprisingly simple(?)...


"Actually Hooking ExitBootServices

When ExitBootServices is called, the DXE phase is about to end. The firmware has done all that it needs to do from UEFI to set up the system for the OS, and the OS itself has already been loaded into memory. You can be creative with what you could do to the kernel that is just sitting there in memory, not protected by anything.

Because the ExitBootServices service can be found by getting its pointer from the global EFI_BOOT_SERVICES table, hooking the ExitBootServices call is trivial."
Trivial is relative. Could you modify the kernel with a back door and leave it in working order?
__________________
cowmoo32 is offline   Reply With Quote
Old 03-07-2017, 06:48 PM   #33
swordsman11868
Registered User
 
Join Date: Aug 2006
Location: Las Vegas
Posts: 1,306
My Ride: 2003 325i
Quote:
Originally Posted by cowmoo32 View Post
Trivial is relative. Could you modify the kernel with a back door and leave it in working order?
I should have posted a link to the source since it goes into greater detail. In fact, there's sample code also.

https://wikileaks.org/ciav7p1/cms/page_36896783.html

Take a look and see what you think. This is out of my league so I'll leave it to the experts. Thanks

Edit: the source does mention doing some clean up if you messed with the kernel but doesn't elaborate. They must assume you know what you're doing.
__________________
I'm just here to change the world.
BMW Wiki: http://www.bimmerfest.com/wiki/index.php

E46Fanatics inspiration Robolop: http://forum.e46fanatics.com/showthr...87566&page=101

2016 Beheadings in Saudi Arabia: 92.

Last edited by swordsman11868; 03-07-2017 at 06:50 PM.
swordsman11868 is offline   Reply With Quote
Old 03-07-2017, 07:03 PM   #34
swordsman11868
Registered User
 
Join Date: Aug 2006
Location: Las Vegas
Posts: 1,306
My Ride: 2003 325i
Interesting that if you click on the links within links within links you get:

::: THIS BINARY FILE IS STILL BEING EXAMINED BY WIKILEAKS. :::
::: IT MAY BE RELEASED IN THE NEAR FUTURE. WHAT FOLLOWS IS :::
::: AN AUTOMATICALLY GENERATED DUMP OF ITS ATTRIBUTES: :::
__________________
I'm just here to change the world.
BMW Wiki: http://www.bimmerfest.com/wiki/index.php

E46Fanatics inspiration Robolop: http://forum.e46fanatics.com/showthr...87566&page=101

2016 Beheadings in Saudi Arabia: 92.
swordsman11868 is offline   Reply With Quote
Old 03-07-2017, 07:42 PM   #35
swordsman11868
Registered User
 
Join Date: Aug 2006
Location: Las Vegas
Posts: 1,306
My Ride: 2003 325i
This is under Sontaran (notice the Dr. Who? reference?):

Try to load my drivers at boot time, first
Continue to study at source - specifically, drv_vmmc and drv_tapi
Check older? phones for presence of /dev/vmmc1X
Continue to study the sample applications that use the ifx_mps interface
Continue trying to get an application using the TAPI interface to work
Reverse voice processor firmware (strings, binwalk provide no additional insight)


Looks like this is the plan for studying how to infiltrate cell phones: TAPI - Telephony application program interface.
__________________
I'm just here to change the world.
BMW Wiki: http://www.bimmerfest.com/wiki/index.php

E46Fanatics inspiration Robolop: http://forum.e46fanatics.com/showthr...87566&page=101

2016 Beheadings in Saudi Arabia: 92.
swordsman11868 is offline   Reply With Quote
Old 03-07-2017, 07:44 PM   #36
tks
Registered User
 
Join Date: May 2010
Location: Online
Posts: 1,152
My Ride: slower than yours
This is why I can't get a cheap e30
__________________


WTB:: Natural Brown Sedan Full Interior
tks is offline   Reply With Quote
Old 03-07-2017, 08:35 PM   #37
MorganFreeman
Registered User
 
Join Date: Mar 2013
Location: i hate cats
Posts: 83
My Ride: bacon
I wish a hot CIA chick would hack my phone. I got a collection of dlck pics.
__________________
MorganFreeman is offline   Reply With Quote
Old 03-07-2017, 09:10 PM   #38
Brucifer325
Registered User
 
Join Date: Aug 2011
Location: Gulfport, MS
Posts: 136
My Ride: 2007 Ford Edge
Quote:
Originally Posted by Act of God View Post
Again, this is why I don't want medical records online. It would lead to serious mishandling of confidential information.
A cold sore is a pretty good indication of your medical history. No hacking needed.
__________________
Quote:
Originally Posted by SPDSKTR View Post
I'm doing something wrong with my life.

"Love Us with Money, or We'll Hate you with Hammers!" - Milk & Cheese
BMWCCA# 147961
Brucifer325 is offline   Reply With Quote
Old 03-07-2017, 09:13 PM   #39
swordsman11868
Registered User
 
Join Date: Aug 2006
Location: Las Vegas
Posts: 1,306
My Ride: 2003 325i
Quote:
Originally Posted by Brucifer325 View Post
A cold sore is a pretty good indication of your medical history. No hacking needed.


HAPI/HL7 reference. Good point.

Online Healthcare info is very vulnerable.
__________________
I'm just here to change the world.
BMW Wiki: http://www.bimmerfest.com/wiki/index.php

E46Fanatics inspiration Robolop: http://forum.e46fanatics.com/showthr...87566&page=101

2016 Beheadings in Saudi Arabia: 92.
swordsman11868 is offline   Reply With Quote
Old 03-07-2017, 09:26 PM   #40
Chibo
Registered User
 
Join Date: Jul 2004
Location: Arizona
Posts: 533
My Ride: Nothing
Quote:
Originally Posted by jeffro3000 View Post
Despite Wikileaks, the CIA can't crack Signal and Whatsapp encryption


If they want to read your Signal messages, they have to compromise your actual phone. The messaging service is still secure. This is an important distinction, since compromising everyone's phone is probably more difficult than just intercepting everyone's messages en masse.

Their protocol also means that Signal, etc. are immune to FISA court orders to hand over bulk data, since they don't have any data to hand over. This forces the CIA to do things the hard way.

Whatsapp and Google Allo's incognito mode also use the Signal protocol.
See how well that worked out for Lavabit.
__________________
2005 330i ZHP Sedan (Street/Track)
2002 Honda S2000 (Street/Track)
2003 Yamaha R6 (Track/Race)
2007 Aprilia Tuono 1000 (Street/Track)
Chibo is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Censor is ON





All times are GMT -5. The time now is 08:57 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
(c) 1999 - 2016 performanceIX Inc - privacy policy - terms of use