Slashdot Mirror
Ask Slashdot: How Do You Best Protect Client Files From Wireless Hacking?
dryriver writes: A client has given you confidential digital files containing a design for a not-yet-public consumer product. You need to work on those files on a Windows 10 PC that has a wireless chipset built into it. What can you do, assuming that you have to work under Windows 10, that would make 3rd party wireless access to this PC difficult or impossible? I can imagine that under a more transparent, open-source, power-user OS like Linux, it would be a piece of cake to kill all wireless access completely and reliably even if the system contains wireless hardware. But what about a I-like-to-phone-home-sometimes, non open-source OS like Windows 10 that is nowhere near as open and transparent? Is there a good strategy for making outside wireless access to a Windows 10 machine difficult or impossible?
First post
to an area without any possibility of a signal.
Make a Linux partition via VirtualBox (...), put the encrypted data there through ssh / rsync, encrypt it and keep it encrypted when on disk.
Slashdot, fix the reply notifications... You won't get away with it...
1) Don't set up an access point. If you still need an access point, set up a encrypted one (which you should do anyways) and don't give the isolated PC the keys. WiFi isn't magic; if there's no place for it to go, it's not going to go anywhere.
2) Put a Faraday cage around the antenna. This could be as simple as wrapping it in foil.
Do it in a Windows 10 VM on a Linux host.
Most (all excluding Apple?) laptops wil allow you to turn off / disable the wireless chipset in the bios. Many also have a physical kill switch on the side of the case.
Barring some wikileaks sort of tomfoolery from the CIA, this should stop any network access (assuming you also don't plug in a network cable).
Disable the wireless interface in the device manager. Or, look for the switch on the side of the computer that turns of the wireless, if it still has such a thing.
Do not look into laser with remaining eye.
By not giving them wireless access in the first place.
Come on guys, this must be about Trump somehow. Everything on Slashdot seems to be, ready-set-go!
Put all the critical files on an external drive that is only plugged in when the system is isolated. Not perfect, but with good higene and an innocuous configuration on the base it should be fine.
Paint your office in wifi blocking paint or build a Faraday cage around your desk.
.. and disabling the device in Windows 10 or the BIOS isn't enough, then just remove the wireless card. If by PC you mean desktop PC, unless it's a USB wifi chip soldered onto the motherboard, it'll be a typical miniPCIe or M.2 card. Remove it. For laptops a physical switch or hotkey for disabling the wifi card at the firmware level is common, but the same goes for that. They're not soldered onto the board (with some very rare exceptions) - they're miniPCIe or M.2 cards that are removable. Whether they're easily accessible varies by laptop model, but they're still removable.
In my experience its as easy as handing your laptop off to your friend who "wants to play pinball."
Disable the wireless chip in the system EFI? Assuming that is possible, it used to be on some systems back when they still used BIOS.
on a Windows 10 PC First problem
that has a wireless chipset built into it Second problem.
1. Don't work on sensitive issues using Windows of any version. Explore a windows VM under a more secure hypervisor where the guest cannot override the host on hardware or network issues.
2.Don't work on sensitive issues using a system with communications ability that does not use a verified hardware kill switch. EG: Avoid systems that use software to check the hardware switch to disable. Use hardware that uses a hardware switch to either kill power to that subsystem or uses an NMI to prevent function.
3. Build a Faraday cage room for sensitive work stations. There are government manuals on how to create TEMPEST spaces.
Sound hard? Somewhat. But then again, security, real security, isn't trivial.
Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves.
Whoever created the requirement that you use Windows 10 has taken the responsibility from you. (And in their version of "thinking," Microsoft took that responsibility from them). You don't need to do anything to secure the machine; just let what happens happens, and if it leaks, and if the leak is detected, you have someone to point at. If they fire you, say "you can't fire me, because nobody got fired for buying Microsoft. Those are the rules."
1) Disable NIC in Windows
2) Disable NIC using the hardware switch
3) Disable NIC via BIOS
4) Remove NIC from PC
5) Use WPA2-Enterprise
6) Turn off PC
IDK, what are your constraints?
"Don't connect to any wireless network" would be my first suggestion, followed by "disable the wireless networking adapter in the OS or firmware" if you're extra paranoid, followed by "unplug the antenna connectors from the wireless module or remove the module entirely" if you're trying to defend against a nation-state actor.
Everything else reads like you've never actually experienced Windows for yourself, you've just read about it from folks who replace the "s" with a $ in Microsoft to seem edgy.
If you believe Windows 10 is going to spy on you via wireless after you disable it, then you likely don't really understand how to practice good security under any OS.
The Daddy casts sleep on the Baby. The Baby resists!
WiFi is unlicensed spectrum. Quite a number of other devices use those frequencies, often to the detriment of WiFi. Baby monitors, wireless video playback, I've seen a lot of trouble over the years.
In this case, if such a device was employed nearby, you'll be pretty safe... Unfriendly with your neighbors, but safe.
you slide the wi-fi switch to "off" on the laptop?
Stop trusting wifi on any network or device. Its not just the CIA, NSA but also local governments, competitors, random people that are looking for files.
Use ethernet for internal networks.
Ethernet for any internet connected computer.
Buy laptops or desktops with ethernet. If you need wifi for some new device, use it with caution and limit any files that get moved by wifi.
If you need "I-like-to-phone-home-sometimes" turn on wifi for that, let a device do its connection. No need to connect all your files to wifi due to one brand of smart phone. Have a work and home wifi smart phone. Files on both can be kept limited when using wifi.
The main risk with wifi is travel, new cities and other nations security services, competitors, criminal groups getting access to a wifi computer in another nation.
Or the request to open and share the files on a smartphone when entering another nation or returning.
Travel with a very average, trendy looking smart phone that can be replaced without any issue.
Wifi at work can be just for that file, project network, no need to keep the entire history of all work ever done on the same wifi network.
Domestic spying is now "Benign Information Gathering"
Definition of complacency
plural complacencies
1
: self-satisfaction especially when accompanied by unawareness of actual dangers or deficiencies When it comes to safety, complacency can be dangerous.
2
: an instance of usually unaware or uninformed self-satisfaction
https://www.merriam-webster.co...
turn on airplane mode.
Some PCs have a physical switch that turns off all the wireless. If you have one of those, switch it off. Files can be transferred over bluetooth, as well.
there are 3 kinds of people:
* those who can count
* those who can't
Most PCs with built in wifi have a couple antennas in the top of the case, connected by wires to a wireless card in a pci-e slot. That's so the antennas get better signal than they could deep inside on the card. It's usually on a card, because wifi standards vary across countries, so it's easier to put in the right card, than to make a new motherboard per region. Open it up, unplug the antenna, and remove the card. If the wireless is actually built in to the motherboard, then unplug the antennas, and wrap insulated tin foil around the card.
Just Google the model of the laptop in question and teardown, example, "thinkpad yoga teardown"
Many laptops still use WIFI+Bluetooth cards which can be physically removed. The antenna wire runs directly to the module and can be removed disabling the antenna if you don't want to pull the module.
Even the newer Yoga's have WIFI modules which can be physically removed.
So if you want to make outside WIFI access difficult or impossible, remove the module and it will be impossible. Plug the laptop into physical wiring only and secure your network.
As for running Windows 10, that OS has a mind of it's own and the only way you can stop the madness is at the network level.
Just go on about your life and everything will be fine. Your client isn't nearly as important as you and she seem to think she is. The Chinese aren't going to put an undercover corporate spy in disguise up on your closest telephone pole with a wifi antenna just to hack into your new Dell to steal a prototype for a new kind of dog sweater.
Remove the wifi card (which often contains a bluetooth transceiver as well). As others have noted, it's often either a mini-PCIe card or an m2 card. For phoning home, either use the wired Ethernet port or a USB wifi card.
This is all very simple and obvious, I'm not sure why it needs a slashdot article.
First make sure the windows firewall is enabled, and the inbound is set to block. you can also use device manager to disable the wireless devices if you want. but
that wont stop malware from doing an outbound connection.
but here the short list:
1 use ciscos opendns and configure the web security rules.
2 decent AV/security software
3 malwarebytes
4 chrome
5 block flash and ads, use WOT plugin
6 UAC set to full do not run as admin
-Nex6
Never owned a laptop or desktop system where wireless radio cards can't be easily removed.
Ultimately the only correct course of action is to reject the use of systems and software you don't trust.
Most of us are likely not clever or observant enough to account for covert intentional malice. A lot of damage was done via sneaker-net before most people knew what Internet even was. If you believe Microsoft Windows 10 may intentionally covertly configure WLAN to exfiltrate your data then the only rational course of action is to reject Windows 10 or decline work/resign.
Fully disable the onboard chip: Remove the PCI-E Wifi card or remove the antenna's from the card. If the WIFI chip and\or antenna's lead wires are soldered in, cut them in such a way they can be re-soldered later and ensure the metal contacts are electrical taped over so they cannot come into contact with anything inside. Same goes for blue tooth. If the antenna is built into the laptop, find a new laptop. From there, Go into device manager and disable the wifi card, then turn it off via a function key shortcut, then go into the BIOS and turn it off. You then need to repeat 3 steps to turn back on the embedded chip.
Use burner USB Wifi adapters: Purchase an inexpensive commercial grade USB Wireless adapter from a reputable name-brand company, use that for any wireless access. Preferably go with a USB 2.0 card to limit transmission bandwidth and range due to the voltage limitations of the standard. This way if you are on the machine and think you are being hacked, unplugging is a 2 second ordeal. If you need to remain anonymous on a large network, you can switch out and dispose of the adapters as needed.
Use an Enterprise grade WAP with key rotation: If you are going to connect to a controlled AP, make sure beaconing is turned off, and make sure to use WPA2-Personal with AES-256 and CBAC turned on with a 128 digit wifi encryption key, and secure the management plane of the device. Cycle this key every few weeks. Most AP's will accept the entire UTF-16 spectrum as a password, as will windows. Setting your password to "ANGRYDUDEÒ_Ó" is way more secure than a 24char alphanumeric; 66536^13 is way more secure than 108^24. Use alt codes to get the extra chars, if your password contains hieroglyphics, you have done it right. If you need better security, buy an enterprise grade WAP that has a certificate then use WPA2-Enterprise which uses the encyrption key to effectively salt the password. Most should also support key rotation, set this to as aggressive as needed. If you are paranoid about your burner adapters having crappy security, change out between different vendors. If done right, thousands of nvidia tegra cards running hashcat will not be able to crack your password in time before the key change.
Encrypt and secure the device properly: Harden the device against the disk being attacked, the network port being attacked, and the interfaces on the laptop being attacked. Full disk encryption, Implement a firewall and A/V Package that will protect the unit against network recon. Disable USB ports except the one you're going to use, and make sure autoplay is turned off. Use Secure boot, set a BIOS password. There are models of laptop where resetting the CMOS Battery will not let you get into the BIOS, get one of these. Set a windows password that has 24 characters minimum, make sure to edit LOCSEC.msc so the password is stored in MD5 and if possible, salted.
Implement an always-on VPN software: This way if the machine is stolen and then reconnected clumsily to the network you want it to phone home. Also, if you connect to a network, keeping the network stack from communicating with the outside world except for through the VPN ensures the data is filtered going to and from that machine. Lo-jack is another option.
Finally, Back up the machine. It's great to put in security, but if you secure the data from yourself, you are totally foobar'd. Encrypt onto a flash drive, store in a safe, and keep the password in your wallet.
Whatever the consumer product is, there are probably any number of other companies working on a similar product, and will probably beat them to market even without industrial espionage.
1. Don't turn on wireless when your sensitive data files are laying around on your device...Simple, effective, but not likely what the user wants. You can augment this a bit by encrypting the data when at rest and trying to have a policy that users are NOT allowed to have their wireless on when the data is unencrypted. (I.E. Do individual file/directory encryption and only decrypt when the network is turned off).
2. Only do you work on VM's which are NOT run locally on the portable device but in a secure physical location which is only accessed by a secure VPN tunnel which is encrypted. Not so simple, Very effective, but always requires a network connection to "access" the data in question.
Personally I like #2 for a couple of reasons... 1. It's very secure if you have good VPN. 2. It allows editing and sharing of files on a common file system and avoid the "how do I merge this change" issue. 3. If your mobile device gets stolen or searched, your valuable data isn't on it (Just make sure to have some kind of token for the VPN connections)
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
As bad as it seems.... turn on Windows Firewall with Advanced security, and make sure the computer is not joined to a domain, And None of the firewall exceptions are turned on. Open Computer Management, make sure the only enabled users have strong passwords, and set a Setup Password, User Password, and Hard Drive Unlock password in the BIOS/CMOS,
turn on the computer's TPM Function, and setup BitLocker drive encryption. Shutdown the PC fully when you are not physically present at the keyboard.
What reason in particular do you have to be concerned with 'Hacking over the wireless' again?
How about you Disable all Wireless NICs, then open Services.msc and set all Wireless-related services to Disabled, then reboot.
First ask yourself, what are you guarding against?
What guidelines has the client given you, what expectations do they have?
There's no point in you being so secure that the machine is virtually useless if the client happily stores these files on Dropbox/Google Drive etc.
Are you guarding against random drive-by hacking, script kiddies and the like, or are you guarding against an advanced persistent threat?
If you're guarding against the US Govt then your threat model is very different to if you're simply protecting yourself against casual hacking.
If you're concerned about an APT, then what level of threat do you expect to face? Is this a competitors company that has some guy who knows computers? Is it a multinational corporation with a large budget and a cybersecurity team? Is it a nation state? Is it the US Government?
The answers to those questions will heavily influence the appropriate course of action to take. If you're worried about casual hacking and the client has provided the files to you via Dropbox, then simply don't connect to any open wifi networks and don't connect to any wifi networks you don't know are secure. Make sure the wifi networks use WPA2.
If however you are concerned that the Govt. is likely out to get to your secrets, and they're specifically targeting you (as opposed to you being caught in a drift net) then you will want to physically disable the wifi, probably by taking the wifi card out of the laptop - it's likely on a small mezzanine card that is usually easily removed with a small Philips head screwdriver.
Specialist Mac support for creative pros, Melbourne
I turns out if you add the guest extensions to virtual box guest os's they can mount host os directories as local files (shared folders). It works from host to guest. If the host is linux bring up samba on it, and you can mount the guests files also.
Most (all excluding Apple?) laptops wil allow you to turn off / disable the wireless chipset in the bios.
The Apple macOS menu bar has status indicators. One is for wifi. Select it and a dropdown menu appears. One of the options is "Turn Wi-Fi Off".
Here you go: Faraday cage.
I've fallen off your lawn, and I can't get up.
1. disable with physical switch on side of machine if possible. .sys files.
2. disable in bios if possible
3. go to device manager and remove the device. remove driver from driver store. go to \windows\system32\drivers and delete any remaining relevant
4. go to device manager/network manager. Right click wireless adapter, hit disable.
5. remove all entries in windows firewall, set it to block in/out by default, and whitelist required applications. This is the least secure but most convenient of the options besides default.
If your client's truly that paranoid (justifiably or not), just operate on the data from a hardwired/airgapped machine and charge him for the inconvenience.
Most (all excluding Apple?) laptops wil allow you to turn off / disable the wireless chipset in the bios.
The Apple macOS menu bar has status indicators. One is for wifi. Select it and a dropdown menu appears. One of the options is "Turn Wi-Fi Off".
And if you prefer to run Windows 10 directly on Apple hardware (Boot Camp rather than emulation) then select the wifi status indicator on the task bar and use the WiFi on/off toggle button.
Use a virtual machine to contain Windows 10. Install an operating system and virtual machine software you trust. Disable any wireless interface for that operating system. Put the files in a Windows 10 virtual machine. Do not give the virtual machine access to any wireless interfaces.
By using a wire.
I know this sounds redundant and trite but I'm serious. The question asks about how to not use wireless on Windows 10, yet few people seem to be giving the stunningly obvious advice of not using wireless on Windows 10. Disable the wireless NIC. Don't use wireless. Don't join a wireless network. Tada! You're not using wireless!
Either get a laptop with a physical RF-off switch, or remove the wireless card. If you bought a really crappy one, you can still almost always disconnect the antenna.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Remove the wireless chip. They come right out. Can't get much easier than that, can it?
"You need to work on those files on a Windows 10 PC that has a wireless chipset built into it."
Why must it be on a system with wireless circuitry? Can't be away from your laptop for 5 minutes?
Don't use Windows 10. Or disconnect the WiFi antenna.
A client has given you confidential digital files containing a design for a not-yet-public consumer product. You need to work on those files on a Windows 10 PC that has a wireless chipset built into it. What can you do, assuming that you have to work under Windows 10, that would make 3rd party wireless access to this PC difficult or impossible? I can imagine that under a more transparent, open-source, power-user OS like Linux, it would be a piece of cake to kill all wireless access completely and reliably even if the system contains wireless hardware. But what about a I-like-to-phone-home-sometimes, non open-source OS like Windows 10 that is nowhere near as open and transparent? Is there a good strategy for making outside wireless access to a Windows 10 machine difficult or impossible?
Completely ridiculous question.
1. What possible reason would you need to work on those client files on a Windows 10 PC that has a wireless chipset built in? Use one that doesn't have a wireless chipset.
2. Unless you have access to the source code, and compiler to compile your own version of Windows 10, you are at Microsoft's mercy, as to how impenetrable the wireless is, or is not.
3. The rest of you post is irrelevant. You are not in control of any phoning home, unless you make sure that there is NO connection to the outside world.
When working, unplug the router, Airport your phones, and turn off your Bluetooth on the computer. Turn off any IoT devices. Do not use wireless keyboards or mouse. Buy a faraday phone bag on Amazon because iPhones never fully turn off. Some refrigerators work too if you don't want a paper trail. They make software that you can use to scan for radio signals, which is what wifi and Bluetooth are, just to be sure. Keep one original copy (for emergencies) of the file on one flash drive and the modified, edited one on another. When satisfied, boot up a light version of Linux. Use the Linux OS in Live session from a CD to use GParted to format the flash drives. They also make tools such as "shred" and "srm" to wipe and load zeros as many times as you want for a file to prevent recovery. Though to make things easier, Windows 10 will run on VirtualBox with Linux as the main OS. If the Linux machine isn't connected, than neither is Windows in this case. If there's a trial period, you can just save your VirtualBox session as a snapshot after setting the Windows install. When it comes time for the trial to be over, just keep loading the saved snapshot and open the files you need from a flash drive. I've never used Windows 10 (or will ever), but this method definitely worked when I needed Windows 7 because some software devs are dumbasses. Also, Linux has software called WINE to run Windows applications that works well enough to run Office 2013 and some modern games (PlayOnLinux). There is also another way to run Windows apps via ReactOS. It's like Windows but open source, except for real open source. The developers are really friendly if you have any questions. Everyone needs a tin foil hat plan whether you think you need it or not. Future wars will be cyber wars and no smart person fights with a dirty gun.
I've had two different android devices (neither sharing software, so it wasn't a common virus) switch from airplane mode into cellular mode spontaneously.
Dramatically different android versions and both 'unattended' when it happened. The only likely culprit given timing of the activation being an intentional software glitch, or a hidden trigger in the baseband modem intended to activate them. Their sole common feature was both being Qualcomm based, meaning their baseband processor is the 'core' processor for the system with the 'keys to the kingdom' as it were.
Computer -> USB key router -> Network
So that I can setup a firewall on said USB key router that can handle what and when my computer can connect to.
My computer with some proprietary OS (Such as Windows 10) can only connect to the network through the USB key which is running a trusted OS, acting as a router, so I am able to specifically allow or disallow (firewall) connections, beyond the reach of my main OS.
Does this exist?
I like the position of this article directly below the exposition of the CIA hacks...
Paai
Are you assuming some exploit that allows someone to connect to your computer and start downloading files just because you have a wireless chipset?
Are you assuming someone snooping sensitive information while you are using a wireless connection?
The way the article is worded I'm going to say it's the former. Ignore it. Focus on actual risks which will come from the other end of your network connection. Don't assume someone can magically and silently convince your computer to act as an access point, connect to it, and then just hand over files. That's bloody difficult enough to do when you specifically want it to happen.
If you're really super paranoid, enable flight mode. That will disable your wireless altogether.
1. Remove tinfoil hat.
2. Wrap tinfoil hat around computer/laptop/whatever.
*Warning* this method will of course leave your head exposed to the Gubmint reading your mind.
I'd turn off USB as well!
You need to work on those files on a Windows 10 PC that has a wireless chipset built into it.
You have already lost. You have an NSA/CIA-controlled operating system with wireless communications. The NSA/CIA most likely already have your client files.
As suggested by other discussion threads here around :
You can also achieve the same virtually :
"virtually move" the image to an area without any signal.
I.e.: .iso files you mount) and shared folder (VirtualBox sharing doesn't go through network, so it's not opening windows 10 to remote access, at least not without a collaborating host OS).
Windows 10 goes into a VirtualBox VM.
VM has no network.
VM has only CD-ROM (so can read from
You can pass the files and necessary application through shared folders and .ISO respectively.
I would suggest avoiding USB pass-through because it's complex to configure it in a secure way (defaults VBox scripts just make all device visible to any application running with VBox's goup credentials).
You achieve the same as moving a Windows 10 laptop to an area without any signal.
(i.e.: No network for Windows 10, no matter what)
But you still get to have an actual connection on your host OS (say a well secured and well kept Linux host).
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
If turning off wifi in the system is not secure enough for you (that is, if you are afraid of a targetted attack), don't ask here, but go to some security consultant. There are other attack vectors that you might forget, like a good telescope and a camera in the building over the street. Hint: goverment contracts in one company I know are handled in a windowless, steel lined room without any network access on a certified HW.
QEMU / KVM supports passing through a VGA card (NVIDIA consumer grade cards require some special VM options to keep the NVIDIA Windows driver from deliberately taking out Windows on boot). You can get 90-95% of bare metal performance with VGA passthrough, NIC passthrough, and the various paravirtualization drivers. Your CPU and motherboard must support IOMMU (or AMD equiv) and NUMA support is a bonus.
I have not found any reliable way of passing through a VGA card from Windows to a guest OS. I believe VMWare is working on it (someone with more experience please chime in).
authorized USB sticks
Pay attention that the current default behavious of VBox scripts might open a different kind of vulnerability :
USB-pass-though requires that the VBox process has access to the raw USB device.
This is done by the script "/usr/lib/virtualbox/VBoxCreateUSBNode.sh"
it creates the appropriate entries in "/dev/vboxusb/"
granting them full group access for "vboxusers"
Currently this script is called by default by "/etc/udev/rules.d/90-vbox-usb.rules" for any plugged-in device.
That means the raw USB device of *any* USB gizmo is available for *ANY* process that runs with VBox's group credential.
This opens quite a big hole.
(Virtual Box it self then use a white list so *NOT ALL* device will be available to the Windows 10 VM, only those that you grant access to.
But it means potentially any USB device could be hacked by any process running with "vboxusers" group privileges).
A better way is to comment out the insersion rules, and only create the devices for device that you want to be visible to virtual box. :
Example of a configuration file that only grants access to a few of my devices that rely on windows-only software for firmware updates
# TomTom Live
ATTRS{idVendor}=="1390",ATTRS{idProduct}=="5454", ACTION=="add", RUN+="/usr/lib/udev/VBoxCreateUSBNode.sh $major $minor $attr{bDeviceClass} vboxusers"
# iRobot Scooba 450
ATTRS{idVendor}=="27a6",ATTRS{idProduct}=="0001", ACTION=="add", RUN+="/usr/lib/udev/VBoxCreateUSBNode.sh $major $minor $attr{bDeviceClass} vboxusers"
# UE MEGABOOM
ATTRS{idVendor}=="046d",ATTRS{idProduct}=="0a53", ACTION=="add", RUN+="/usr/lib/udev/VBoxCreateUSBNode.sh $major $minor $attr{bDeviceClass} vboxusers"
#SUBSYSTEM=="usb_device", ACTION=="add", RUN+="/usr/lib/virtualbox/VBoxCreateUSBNode.sh $major $minor $attr{bDeviceClass}"
#SUBSYSTEM=="usb", ACTION=="add", ENV{DEVTYPE}=="usb_device", RUN+="/usr/lib/virtualbox/VBoxCreateUSBNode.sh $major $minor $attr{bDeviceClass}"
SUBSYSTEM=="usb_device", ACTION=="remove", RUN+="/usr/lib/virtualbox/VBoxCreateUSBNode.sh --remove $major $minor"
SUBSYSTEM=="usb", ACTION=="remove", ENV{DEVTYPE}=="usb_device", RUN+="/usr/lib/virtualbox/VBoxCreateUSBNode.sh --remove $major $minor"
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Guest Additions are great when they work, but I find sometimes they just don't.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
Faraday cage :D
Boom. No Wireless hacking if you dont use the radios.
And I advised my own boss to conduct his business on his laptop using standard LAN connector. World wonder, it works!
Right?
"Science is the power of man"
...is integrated?
Disable the drivers for said wireless card.
Or whatever the fuck passes for the device drivers setting thing.
With the CIA leaks from the other day, your PC can be compromised by hackers very easily now. You may as well set up an open access point and just get on with your work. The files are going to be hacked and publicly accessible at some point anyway, if they aren't already.
Press the little button on the laptop that looks like an antenna with curvy lines coming out of it.
https://www.random.org/passwor...
Casteism
WHERE do you find an area with no signal?
The whole point is *VIRTUAL*.
The host's virtual manager (e.g.: Virtual Box running on the Host GNU/Linux distro of your choice) is in charge of what happens.
Windows 10 is installed on a virtual machine, that machine has no network device simulated at all, only a shared directory (Note: Under VirtualBox, shared directory don't work over the network, but use a dedicated separate API offered by VirtualBox. No need to expose the virtual image to the network in order to exchange data. Windows 10 can't phone home.)
It happens this laptop has wider radio capabilities than wi fi and there is no interface to see what the laptop radio is saying over what frequency,
Again, I'm speaking about a virtual machine. A VM will only have as much functionnality as your decide to make available to it.
If that machine has no access to Wifi, nor Bluetooth (well technically to the USB bus on which a Bluetooth device is available. But in practice the result is the same : if you're not passing it to the VM, then the Windows 10 running on the VM can't do much).
The point is to be able to be online without danger, not to be completely isolated. Maybe Win 3.1 was fully isolated, but these new windows do not seem to be able to stop being in permanent conference.
Hence the idea :
- use a normal decent OS to do the actual online work and which has an access to the internet.
- for the things where you absolutely need Windows 10, keep a copy inside a VM that is completely isolated.
Whenever you need *that weird piece of software* that absolutely refuse to work under anything but Windows 10, then you can fire up the Windows 10 VM and run the software.
For everything else, use a "Real Operating System (tm) "
(most Unices will do)
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
1 - Format PC disk
2 - Install real OS