Police set to step up hacking of home PCs
Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Police set to step up hacking of home PCs

  1. #1
    AO's Filibustier Cheap Scotch Ron's Avatar
    Join Date
    Nov 2008
    Location
    Swamps of Jersey
    Posts
    378

    Police set to step up hacking of home PCs

    What's going on across the pond? This would never fly here...

    http://www.timesonline.co.uk/tol/new...SS&attr=797084

    CSR
    In God We Trust....Everything else we backup.

  2. #2
    Member
    Join Date
    Apr 2004
    Posts
    69
    I could have so much fun over there right about now...

  3. #3
    AO's Filibustier Cheap Scotch Ron's Avatar
    Join Date
    Nov 2008
    Location
    Swamps of Jersey
    Posts
    378
    I wonder how sys admins will manage this. For example, if there is a back door, how will they allow this "valid" exception? and more importantly, how will software (e.g. AV, rkhunters) be able to distinguish from a malcious back door. Not to mention folks that think like NukEvil (nothing personal NE). Seems like a recipe for disaster.
    In God We Trust....Everything else we backup.

  4. #4
    BS, EnCE, ACE, Cellebrite 11001001's Avatar
    Join Date
    Mar 2002
    Location
    Just West of Beantown, though nobody from Beantown actually calls it "Beantown."
    Posts
    1,228
    wow...
    That's Officer 11001001 to you...
    Now you see me | Now you don't
    "Relax, Bender; It was just a dream. There's no such thing as two." ~ Fry
    sometimes my computer goes down on me

  5. #5
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391
    He said the authorities could break into a suspect’s home or office and insert a “key-logging” device into an individual’s computer. This would collect and, if necessary, transmit details of all the suspect’s keystrokes. “It’s just like putting a secret camera in someone’s living room,” he said.

    Police might also send an e-mail to a suspect’s computer. The message would include an attachment that contained a virus or “malware”. If the attachment was opened, the remote search facility would be covertly activated. Alternatively, police could park outside a suspect’s home and hack into his or her hard drive using the wireless network.

  6. #6
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Being the conspiracy theorist I naturally am...I thought the US governement has all ready been doing this to monitor their citizens...and others...by releasing malware and infecting machines...which they can then monitor.

    I personally dont think its anything new....

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  7. #7
    Senior Member mungyun's Avatar
    Join Date
    Apr 2004
    Location
    Illinois
    Posts
    172
    Quote Originally Posted by morganlefay View Post
    Being the conspiracy theorist I naturally am...I thought the US governement has all ready been doing this to monitor their citizens...and others...by releasing malware and infecting machines...which they can then monitor.

    I personally dont think its anything new....

    MLF
    Yep agreed.. Im just surprised they even announced that they were going to do it. I would think they would do it anyway and if someone tried pursuing it they could produce documents saying they had a right to it.. There is no doubt in my mind that US govt does it plenty
    I believe in making the world safe for our children, but not our children’s children, because I don’t think children should be having sex. -- Jack Handey

  8. #8
    Member
    Join Date
    Apr 2004
    Posts
    69
    For you n00blets (new to the security/government hacking scene):

    I mean, come on...

    Let's pretend that I am a law enforcement officer, and I need to remotely gather info on some perp's computing habits.

    The only really reliable way to pull this off would be to have physical access to the machine(s) in question. Ok, this alone implies that 1) the person in question only uses one machine or 2) the person in question uses multiple machines, but I know exactly which machines he/she uses for which purposes.

    If the person has multiple machines, how would I get this info? Not from the ISP, for one. To them, it all looks like a lot of data all going to one machine (the router). Of course, using MAC address lookups, I'd know that the person was using a router, but other than that, I'd have NO information. I'd need to actually go to the person's house, hang around, and watch the person use each machine, take notes, etc. All without being seen or found out. Unless I secretly installed a camera in each room a machine was in, AND ran power to each camera, AND installed some way of transmitting whatever data each camera gathered to where I would be watching. All this before I even installed anything on any of the person's computers. Other than that, I'd just install multiple copies of the snooping software on each machine. Too much work the other way.

    Now, assuming I've went to the guy's house to install software on the machine(s), I'd also need to know how to circumvent the protection capabilities this person has deployed not only on the machine(s) in question, but also on the physical barriers surrounding the machine(s). Ok, one home-installed remote-monitored security system disabled (either from cooperation with the security monitors or by hacking (heehee, cops hacking a security system).

    Ok, I'm at the first machine. Turn the machine on, slip a live CD into the drive bay. Oops, the BIOS isn't set to boot from a CD, only from the internal harddrive. Reboot, press DEL (or whatever) to go into the CMOS settings. OOPS, need a password to access the settings. Screw this, pop open the machine, take out the battery, or jumper the pins, and hope it resets the CMOS to default settings. Oh, sh@t, it's still saved to the NVRAM chip, short that out as well. Ok, back to default settings.

    Weee, my live CD is booting, now to grab the Admin password from the SAM file. Wait, this guy uses LINUX?? F#$%#^ this software only works with Windows!

    Rince and repeat for all other machines in question. True, this perp may have a windows box, but the entire harddrive will undoubtedly be encrypted with some well-known algorithm with an ungodly number of bits.

    Now, let's pretend I'm the suspect in question...

    Meanwhile, I'm sitting at work, watching everything this officer is doing over remote webcam, via another machine sitting in my house somewhere, comfortably chuckling over watching this officer's efforts gone to waste. Maybe I'll send a remote message to one of the machines he's working on, thanking him for the attention, maybe not.

    1) Because the officer will find it rather difficult to enter my premises without being noticed, being I have three dogs inside, on guard duty at all times. With a fixation on male genitals. Because, as we all know, people will break into houses, whether or not they see the obligatory "Beware of Dog" signs.

    2) Even if he was able to gain access to one of my machines and install whatever he needed to install, I'd be instantly notified of any new installations within a certain timeframe. Let's pretend he'd also know the password he'd need to gain access to my firewall settings to tell it to let the program communicate with the remote office. And let's pretend that pigs have wings, Satan's made a batch order of antifreeze, and our moon is really made of a certain dairy product.

    3) I seriously doubt I'd do anything to attract the attention of any government, unless that government decided they didn't like my opinions of their dictatorial laws.


    Anyways, doesn't matter. They're just going to deny they've changed the rules on their people. Oh, wait, they just did:

    http://www.theregister.co.uk/2009/01..._remote_snoop/
    Last edited by NukEvil; January 5th, 2009 at 04:15 PM.

  9. #9
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Well the average jo blow luser doesnt have all those safe guards in place....geez...they dont even update thier anti virus and click on every link they possibly can

    Come on...

    It take less then 10 mins for an unprotected computer to become infected once connected to the internet...and the stat was from a few years ago.

    I still get " can you look at my machine...its running pretty slow" every time I visit someones house.

    My point...you dont need physical access when you can social engineer a user to click on a link or visit a site and down load a keylogger.

    Who is the fricken n00b??

    MLF
    Last edited by morganlefay; January 5th, 2009 at 04:36 PM.
    How people treat you is their karma- how you react is yours-Wayne Dyer

  10. #10
    Member
    Join Date
    Apr 2004
    Posts
    69
    True...but the average user probably isn't a criminal :P

    The users that were found out to be criminals didn't get found out by snooping software, but rather by forensic software.

    Oh, and what happens after an officer installs software onto one of my machines? I simply change my browsing habits.

    Ever watch paint dry? I bet I can make even the smartest, most well-relaxed person's sanity crumble if they were forced to look at me accessing whitepapers, RFC documents, online ITIL manuals, and Microsoft Licencing agreements.

Similar Threads

  1. Ethical Hacking!
    By E5C4P3 in forum AntiOnline's General Chit Chat
    Replies: 33
    Last Post: January 17th, 2008, 12:40 AM
  2. You can be a Certified Ethical Hacker...
    By -DaRK-RaiDeR- in forum AntiOnline's General Chit Chat
    Replies: 13
    Last Post: January 10th, 2003, 07:10 PM
  3. The Future of hacking
    By haknwak in forum Product / Book / Training / Conference Reviews
    Replies: 14
    Last Post: July 29th, 2002, 04:15 PM
  4. Article/news: EU draft-law on hacking
    By Guus in forum AntiOnline's General Chit Chat
    Replies: 6
    Last Post: April 23rd, 2002, 04:43 PM
  5. The Worlds Longest Thread!
    By Noble Hamlet in forum AntiOnline's General Chit Chat
    Replies: 1100
    Last Post: March 17th, 2002, 09:38 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •