Domain: tagmeme.com
Stories and comments across the archive that link to tagmeme.com.
Comments · 14
-
Over 17 Years - subversionhack
Over 17 Years - subversionhack:
http://subversionhack.livejournal.com/1093.html
http://subversionhack.livejournal.com/1745.html
Subversionhack Archive:
(expired certificate) -
LOOK AT THIS PAPER
No, really look at this:
http://csrc.nist.gov/publications/history/myer80.pdf
I had a fellow Researcher send this to me this morning - it blows the lid off of what I've been speaking (LOUDLY) and writing about for years - here and other places, basically Subversionhack:
http://subversionhack.livejournal.com/
https://tagmeme.com/subhack/a/
^ 2nd site has Certificate Expiration problem ^
Chertoff article:
"Chertoff told ZDNet UK at the conference that cyberattacks on critical national infrastructure could put thousands of people at risk. "I can envision attacks with catastrophic consequences, with serious loss of life," said Chertoff. "If someone took down an air-traffic control system, we would have devastating loss of life."
"Cold War" is a bit extreme, Red Teams would be a better response.
When you have a hack within the truly elite league such as (the) Subversion(hack) you really need to envision the possibilities of a thousand little fires all within the confines of your neighborhood - honestly.This NAVY paper of 1980 should get you up to speed.
If you have a Slashdot account, review my post on this and things will become a bit more clear.The first of my links should give you a good over all.
-
It's Funny Until ...
It's Funny Until
...Subversionhack:
http://subversionhack.livejournal.com/
-
Guess who is INSIDE your pc/mac/etc?
Subject: Every computer hackable by Radio Freq?
- a global conspiracy?This lady claims to have found some strange things on her Windows PCs and Linux!
Subversionhack Archive
https://tagmeme.com/subhack/So, with modern blackboxed hardware components, are all of our PCs hackable via radio frequency / ham packet radio type of blackbox voodoo?
Dig deep, I've found no other site like this. Are Linux/BSD varieties vulnerable?
http://www.invisiblethings.org/code.html
http://www.invisiblethings.org/papers.htmlAND
This talk explores three possible methods that a hardware Trojan can use to leak secret information to the outside world: thermal, optical and radio.
In the thermal Trojan demo, we use an infrared camera to show how electronic components or exposed connector pins can be used to transmit illicit information thermally. In the optical Trojan demo, we use an optical-to-audio converter to show how a power-on LED can be used to transmit illicit information using signal frequencies undetectable by human eyes. Finally, in the radio Trojan demo, we use a radio receiver to show how an external connector can be used to transmit illicit information using AM radio transmission.
http://www.cvorg.ece.udel.edu/defcon-16/
https://www.defcon.org/html/defcon-16/dc-16-speakers.html#Kiamilevfools laugh and cry tinfoil, others read and learn and decide for themselves
http://subversionhack.livejournal.com/1815.html
"I sincerely believe that Blue Pill technology will (very soon) allow for creating 100% undetectable malware, which is not based on obscurity of the concept. And I already stressed this in the description of my talk here (http://syscan.org/program.html) and here (http://blackhat.com/html/bh-usa-06/bh-usa-06-speakers.html#Rutkowska). The working prototype I have (and which I will be demonstrating at SyScan and Black Hat) implements the most important step towards creating such malware, namely it allows to move the underlying operating system, on the fly, into a secure virtual machine."
- http://theinvisiblethings.blogspot.com/2006/07/blue-pill-hype.htmlhttp://rayer.ic.cz/romos/romose.htm
"The ROMOS is a stand-alone x86 code allows you to load and run your own binary code or 3rd-party code. ROMOS rely on BIOS functions only so it can be executed directly without any operating system. The main purpose of ROMOS is to be placed in a ROM, from where it can load/run other software (e.g. bootmanager, HW diagnostics, special controlling software...) during POST (Power-On Self Test) while your PC is booting up. It can also load DOS-based operating systems (may be other OSes) such as FreeDOS stored in ROM together with ROMOS. This mean that any floppy/harddisk/CD-ROM drive is not needed. It may be very useful in various embedded diskless systems. Or simply as reserve OS for rescue use. Other applications are on you."
mark this offtopic while you browse for porn to satisfy one more rub-one-off session, despite it containing more than the OP.
-
Like Nothing You've Ever Seen
It's all one liners until someone puts an eye out.
This seems to relate quite similarly.
The quest for ring 0:
http://www.securityfocus.com/columnists/402
http://www.securityfocus.com/comments/columns/402/33600#33600
(^replaces a broken link^)
http://www.mackido.com/EasterEggs/CD-System70.html
Researchers: Rootkits headed for BIOS:
(comments especially)http://www.securityfocus.com/news/11372
http://www.securityfocus.com/comments/articles/11372/33017/threaded#33017
http://www.securityfocus.com/comments/articles/11372/34206/threaded#34206
http://www.securityfocus.com/comments/articles/11372/33500/threaded#33500
http://www.securityfocus.com/comments/articles/11372/34207/threaded#34207
http://www.spywareinfoforum.com/index.php?s=3a3ce02c4055e269a0220c239560f3f9&showtopic=6056
Nancy:
https://tagmeme.com/exmachina/a/002450.html
This possible variant is out of "beta" (12 years old) it seems and truly roams "at will", those with the coding chops will understand what even a partial AI engine is capable of (SOAR).
On Macintoshes it leaves strings:
http://www.google.com/search?q=NuNV+N%5ENuNV&btnG=Search&hl=en&sa=2
PCs become junk as well:
http://www.derkeiler.com/Newsgroups/microsoft.public.security.virus/2005-09/0230.html
This Gal has a handle on it:
Joanna Rutkowska, Invisible Things Lab:
-
Anomalies
Catch-22
Catch-22 is a sort of senseless, cruel, and idiotic unspoken rule.... that you have to be insane to fly a bombing mission, which means that you should be grounded (not allowed to fly a mission), but if you don't want to fly, that clearly proves that you are sane and must fly the missions.
Describing the meaning of the phrase "Catch-22".
Yeah, this is going to be long
...I find myself (and a very few others) in a position similar to Cliff Stoll in his book:
"The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage"
http://en.wikipedia.org/wiki/Clifford_Stoll
Certified anomalies permeating the net of a hardware based logic bomb / trojan.
This is cross-platform simply because "hardware trumps root".I have dealt with this since 1997 and have contacted through a Lawyer all the channels one would contact.
This is not your "normal" beast.I don't require an answer here, from Representative Jim Langevin, in this forum, a contact below is provided.
This requires attention.Required reading:
Reflections on Trusting Trust
Ken Thompsonhttp://portal.acm.org/citation.cfm?id=358198.358210&coll=ACM&dl=ACM&CFID=14389570&CFTOKEN=96928429
Companion:
http://portal.acm.org/citation.cfm?id=777313.777347&coll=ACM&dl=ACM&CFID=14389570&CFTOKEN=96928429
This is a good a place to start as any.
Nancy has named it:Subversion:
Nancy's Story: (expired site certificate)
(2005-present)https://tagmeme.com/exmachina/a/002450.html
Same situation:
http://www.securityfocus.com/comments/articles/11372/33017/threaded#33017
http://www.securityfocus.com/comments/articles/11372/34206/threaded#34206
http://www.securityfocus.com/comments/articles/11372/33500/threaded#33500
http://www.securityfocus.com/comments/articles/11372/34207/threaded#34207
It took me years to find anyone that was aware as some of these folks.
This is highly sophisticated, prevalent and dangerous.I am a Systems Administrator working in the western United States.
hylas [AT] operamail {DOT} com
-
Ghosts in the Machine
Ghosts in the Machines
This is not a terribly good thing at this time, they're not prepared.
For those of you that have an understanding:Below Links: [tagmeme.com]
She's forgotten to pay her SSL certificate fees - click through, it's more than likely 99.999% cool.
See:http://laughingsquid.net/faq/ssl/
Site:
https://tagmeme.com/exmachina/
Guide to the source archive contents:
https://tagmeme.com/exmachina/a/000177.html
Orinoco-like:
https://tagmeme.com/subhack/a/pcmcia07-051227.txt
It's taken 10 years to find someone else that will talk about their experiences with this hack. It has been named "Subversionhack" or just plain "Subversion".
If you've ever been hit by this you'll soon see that it affects computers with no wireless cards, allowing for Ultra high frequency (UHF, VHF, etc.) receptions (see FCC warning label on your computer) using a techniques of code replacement, i.e. chip crowding or just a plain re-flash of non-flash-able chips. It can also be achieved through kernel kits written in assembly.
This has been so under the radar (no pun intended) for so long people will call you names for just considering it.
Find out for yourself.
Packet Radio:
http://en.wikipedia.org/wiki/Packet_radio
Ultra-Wideband:
http://en.wikipedia.org/wiki/Ultra_wideband
http://en.wikipedia.org/wiki/Ultra_high_frequency#United_States_2
Why do you think the Air Force wants to go with custom networking protocols?
http://blog.wired.com/defense/2008/11/air-force-aims.html
Because they can't beat it.
http://www.securityfocus.com/comments/articles/11372/33500#33500
http://www.securityfocus.com/comments/articles/11372/33017#33017
http://www.securityfocus.com/comments/articles/11372/34206/threaded#34206
http://www.securityfocus.com/comments/articles/11372/34207/threaded#34207
-
Ghosts in the Machine
Ghosts in the Machines
This is not a terribly good thing at this time, they're not prepared.
For those of you that have an understanding:Below Links: [tagmeme.com]
She's forgotten to pay her SSL certificate fees - click through, it's more than likely 99.999% cool.
See:http://laughingsquid.net/faq/ssl/
Site:
https://tagmeme.com/exmachina/
Guide to the source archive contents:
https://tagmeme.com/exmachina/a/000177.html
Orinoco-like:
https://tagmeme.com/subhack/a/pcmcia07-051227.txt
It's taken 10 years to find someone else that will talk about their experiences with this hack. It has been named "Subversionhack" or just plain "Subversion".
If you've ever been hit by this you'll soon see that it affects computers with no wireless cards, allowing for Ultra high frequency (UHF, VHF, etc.) receptions (see FCC warning label on your computer) using a techniques of code replacement, i.e. chip crowding or just a plain re-flash of non-flash-able chips. It can also be achieved through kernel kits written in assembly.
This has been so under the radar (no pun intended) for so long people will call you names for just considering it.
Find out for yourself.
Packet Radio:
http://en.wikipedia.org/wiki/Packet_radio
Ultra-Wideband:
http://en.wikipedia.org/wiki/Ultra_wideband
http://en.wikipedia.org/wiki/Ultra_high_frequency#United_States_2
Why do you think the Air Force wants to go with custom networking protocols?
http://blog.wired.com/defense/2008/11/air-force-aims.html
Because they can't beat it.
http://www.securityfocus.com/comments/articles/11372/33500#33500
http://www.securityfocus.com/comments/articles/11372/33017#33017
http://www.securityfocus.com/comments/articles/11372/34206/threaded#34206
http://www.securityfocus.com/comments/articles/11372/34207/threaded#34207
-
Ghosts in the Machine
Ghosts in the Machines
This is not a terribly good thing at this time, they're not prepared.
For those of you that have an understanding:Below Links: [tagmeme.com]
She's forgotten to pay her SSL certificate fees - click through, it's more than likely 99.999% cool.
See:http://laughingsquid.net/faq/ssl/
Site:
https://tagmeme.com/exmachina/
Guide to the source archive contents:
https://tagmeme.com/exmachina/a/000177.html
Orinoco-like:
https://tagmeme.com/subhack/a/pcmcia07-051227.txt
It's taken 10 years to find someone else that will talk about their experiences with this hack. It has been named "Subversionhack" or just plain "Subversion".
If you've ever been hit by this you'll soon see that it affects computers with no wireless cards, allowing for Ultra high frequency (UHF, VHF, etc.) receptions (see FCC warning label on your computer) using a techniques of code replacement, i.e. chip crowding or just a plain re-flash of non-flash-able chips. It can also be achieved through kernel kits written in assembly.
This has been so under the radar (no pun intended) for so long people will call you names for just considering it.
Find out for yourself.
Packet Radio:
http://en.wikipedia.org/wiki/Packet_radio
Ultra-Wideband:
http://en.wikipedia.org/wiki/Ultra_wideband
http://en.wikipedia.org/wiki/Ultra_high_frequency#United_States_2
Why do you think the Air Force wants to go with custom networking protocols?
http://blog.wired.com/defense/2008/11/air-force-aims.html
Because they can't beat it.
http://www.securityfocus.com/comments/articles/11372/33500#33500
http://www.securityfocus.com/comments/articles/11372/33017#33017
http://www.securityfocus.com/comments/articles/11372/34206/threaded#34206
http://www.securityfocus.com/comments/articles/11372/34207/threaded#34207
-
Ignore This At Your Peril
OS Subversion:
http://www.securityfocus.com/comments/articles/11372/33500/threaded#33500
http://www.securityfocus.com/comments/articles/11372/34207/threaded#34207
Nancy's Story:
https://tagmeme.com/index.html
https://tagmeme.com/exmachina/a/004257.html
https://tagmeme.com/exmachina/a/cat_forensics
Search my name for more
/. post of this nature.(sticks and stones)
-
Ignore This At Your Peril
OS Subversion:
http://www.securityfocus.com/comments/articles/11372/33500/threaded#33500
http://www.securityfocus.com/comments/articles/11372/34207/threaded#34207
Nancy's Story:
https://tagmeme.com/index.html
https://tagmeme.com/exmachina/a/004257.html
https://tagmeme.com/exmachina/a/cat_forensics
Search my name for more
/. post of this nature.(sticks and stones)
-
Ignore This At Your Peril
OS Subversion:
http://www.securityfocus.com/comments/articles/11372/33500/threaded#33500
http://www.securityfocus.com/comments/articles/11372/34207/threaded#34207
Nancy's Story:
https://tagmeme.com/index.html
https://tagmeme.com/exmachina/a/004257.html
https://tagmeme.com/exmachina/a/cat_forensics
Search my name for more
/. post of this nature.(sticks and stones)
-
Re:no encryption that YOU didn't write is safe
its just that simple.
unless you can review (and understand) what's going on, line by line, you can't REALLY trust it.
what is at stake, here? the gov's are at an all-time power-grabbing frenzy for violating your personal privacy. corporate, too, for that matter.
it was once said that no one would be allowed to sell or market encryption tech that 'the big guys' would not be able to break; meaning our government. I once worked at a picture phone company (mid 80's) that was starting to go down the 'encrypt your video phone call' path (using old switched56 tech) and we were told we could NOT do our own encryption unless it was 'breakable' by, well, certain agencies.
believe what you want, but no commercial (or even freeware) encryption that is avaiable to YOU AND I will be worth anything other than 'for show'.
I fully believe that. you would do well to mistrust your government, too, given how greedy they have become on the rights-grab thing.
locks only keep honest people out. there is NO WAY to keep the gov out, anymore. and that means that others, too, have backdoors (you think the gov is the only entity that can 'get to' this kind of stuff?)
anyone who trusts encryption for their life, in this day and age, is deluded.
1st question: Is Hushmail even safe to use anymore?"
Short answer: no
Comment from "TheGratefulNet ":
Amen Brother.
Does this look like a
.sig answer file to you?[WON'T DISPLAY]
(I hit preview and everything below it disappears except the first letter - typical)
From: PGPDesktop983.dmg.sig, for PGPDesktop983.dmg.
Feeling it yet?
Ex Machina- Subversion Hack of 2005:
I've been alluding to this ^ ^ problem for awhile, someone else has surfaces with remarkably similar complaints.https://tagmeme.com/exmachina/a/002450.html
https://tagmeme.com/index.html
Hidden text: really, it's there, honest.
Ã
-
Re:no encryption that YOU didn't write is safe
its just that simple.
unless you can review (and understand) what's going on, line by line, you can't REALLY trust it.
what is at stake, here? the gov's are at an all-time power-grabbing frenzy for violating your personal privacy. corporate, too, for that matter.
it was once said that no one would be allowed to sell or market encryption tech that 'the big guys' would not be able to break; meaning our government. I once worked at a picture phone company (mid 80's) that was starting to go down the 'encrypt your video phone call' path (using old switched56 tech) and we were told we could NOT do our own encryption unless it was 'breakable' by, well, certain agencies.
believe what you want, but no commercial (or even freeware) encryption that is avaiable to YOU AND I will be worth anything other than 'for show'.
I fully believe that. you would do well to mistrust your government, too, given how greedy they have become on the rights-grab thing.
locks only keep honest people out. there is NO WAY to keep the gov out, anymore. and that means that others, too, have backdoors (you think the gov is the only entity that can 'get to' this kind of stuff?)
anyone who trusts encryption for their life, in this day and age, is deluded.
1st question: Is Hushmail even safe to use anymore?"
Short answer: no
Comment from "TheGratefulNet ":
Amen Brother.
Does this look like a
.sig answer file to you?[WON'T DISPLAY]
(I hit preview and everything below it disappears except the first letter - typical)
From: PGPDesktop983.dmg.sig, for PGPDesktop983.dmg.
Feeling it yet?
Ex Machina- Subversion Hack of 2005:
I've been alluding to this ^ ^ problem for awhile, someone else has surfaces with remarkably similar complaints.https://tagmeme.com/exmachina/a/002450.html
https://tagmeme.com/index.html
Hidden text: really, it's there, honest.
Ã