The person you're responding to is discussing "exit bag" systems, a popular method for self-euthanasia.
Generally speaking someone using an "exit bag" (google for yourself) will leave a polite note on the door in case of leakage, since they probably won't be alive later to turn off the knob on the gas tank, but in any controlled setting, a respirator-type mask would do the trick wonderfully.
A colorant or odorant could be easily added for operant safety, but it's not any more dangerous for the operator than, say, dental gasses.
While I'm tacking stuff onto this, I should also say that it doesn't appear as though ThreatExpert installed this sniffer with any sort of parameters - meaning the default behavior for this executable contained the 10.116.240.31 machine expected the c$ share and twain_32 folder to exist.
Although the "kit" form of this executable may include space for selecting a new drop-off point, or the executable they examined might just have a wrapper on it that passes shares and credentials to the real executable, it was designed just for someone who already owned 10.116.240.31.
It's a pretty lazy threat analysis. They run it through an application sequencer, noted the keys it captured and called it "analyzed." I know they'll go further, but why not tell their clients more about the process - does it spawn other processes, handles, hooks, threads, etc?
I think you need to retake Economics 101. Reality doesn't bend to your will. Just because you think Bitcoins shouldn't be in demand, doesn't make it so. What an exceedingly dumb thing to say.
Perhaps you should retake Econ 101. Him thinking Bitcoins are in demand is exactly what makes them worth something.
....one obvious conclusion jumped to is that the test box for ThreatExpert might also just be called "ttcopscli3acs" but the means by which this works (fowards data to an internal box) remains the same.
The actual report on the software installed on the agent makes it pretty clear that the information was being gathered locally and forwarded internally to a collection point before being sent to Russia, like I suggested in previous threads:
The point of sale machines try to make a connection to \\10.116.240.31\c$\WINDOWS\twain_32 -- an obvious store-and-forward point on the network for exporting the card data otuside of Target. Hackers compromised this box, likely named ttcopscli3acs, since the credentials passed to 10.116.240.31 were ttcopscli3acs\Best1_user with a password of BackupU$r.
It also made port 80 requests to 10.116.240.31 -- the server the hackers "owned" inside of Target.
The rest of the breakdown only details the registry changes that happen when you install a service -- which was the install vector. There isn't a discussion of how the skimming/scanning/card-stealing software was distributed, but...
IT WAS OBVIOUS THEY WERE ALREADY INSIDE THE NETWORK - they (p)owned servers - so it's a reasonable guess that they just deployed the software without needing any hole on the workstations.
The twain_32 folder is one of those things that casual inspection would overlook - and obviously did.
Schools are generally representative of the neighborhoods they serve.
Shitty neighborhoods have shitty schools. Good neighborhoods have good schools.
When you hear horror stories about uncaring teachers and students being barely babysat until they get their state minimum hours, you're generally in a terrible neighborhood with a culture of not caring either...
Once installed on a device, each Android app lives in its own security sandbox:
The Android operating system is a multi-user Linux system in which each app is a different user. By default, the system assigns each app a unique Linux user ID (the ID is used only by the system and is unknown to the app). The system sets permissions for all the files in an app so that only the user ID assigned to that app can access them. Each process has its own virtual machine (VM), so an app's code runs in isolation from other apps. By default, every app runs in its own Linux process. Android starts the process when any of the app's components need to be executed, then shuts down the process when it's no longer needed or when the system must recover memory for other apps. In this way, the Android system implements the principle of least privilege. That is, each app, by default, has access only to the components that it requires to do its work and no more. This creates a very secure environment in which an app cannot access parts of the system for which it is not given permission.
However, there are ways for an app to share data with other apps and for an app to access system services:
It's possible to arrange for two apps to share the same Linux user ID, in which case they are able to access each other's files. To conserve system resources, apps with the same user ID can also arrange to run in the same Linux process and share the same VM (the apps must also be signed with the same certificate). An app can request permission to access device data such as the user's contacts, SMS messages, the mountable storage (SD card), camera, Bluetooth, and more. All app permissions must be granted by the user at install time.
Programs can, of course, run at startup - otherwise all of your push-based applications and automatic realtime Craigslist searchers would be pretty sad.
I don't have a great need to talk to my television, but I find the basic voice controls on my XBox One fairly useful.
Xbox Turn On Xbox Watch TV
By the time I settle down, it's all good.
I recognize it's not much faster than hitting the "watch TV" button on my Harmony, but it does impress the natives.
Shouting Xbox Mute from across the room is fairly convenient, and the voice commands to snap in things from menus you couldn't get to without navigating for are useful. Saying "Snap NFL" is way easier than turning on my controller, going to the dashboard, finding the app, starting it, going back to TV, etc.
It'd be like a piece of malware that installs an old copy of VNC for spying purposes, in a hidden folder, with a obscure named.EXE, starting in an arcane point in the registry, and then leading with a headline of: Microsoft Removes VNC From Computers!.
Most Android malware is installed by user choice, from unsavory sources. If you check the "Trust me, I know what I'm doing" box, you can install an.apk file from anywhere.
Then, in the normal security dialogs, you'll let it do things like send messages or take photos or access the internet -- and then it does just that, except not when you're expecting it.
Your new app can access "public" spaces in the filesystem, like saved photos, contacts (if allowed), etc. but it can't get data out of another program directly unless you're again (a) rooted, and (b) you've allowed this new program root.
The three most important things are McDonald's are consistency, consistency and consistency.
Although their international preparations change, fat contents of beef vary, and vegetables are often locally sourced, a Big Mac is a Big Mac is a Big Mac in pretty much every English speaking store on the planet, and the one you get on Tuesday will be made exactly the same was on Sunday.
Slashdot Mirror
I posted this above, but...
A colorant or odorant could be easily added for operant safety, but it's not any more dangerous for the operator than, say, dental gasses.
In these discussions of the value of a human life, I'm not alone in not simply defining "human" as having the required number of chromosomes.
The thing Ohio had in its custody was an animal, and was put down as such.
So, kill them more frequently at centralized locations, and speed the appeal process.
I'm not for debating the right and wrong of situations -- that's for women. I'm a man. I like to fix things.
The person you're responding to is discussing "exit bag" systems, a popular method for self-euthanasia.
Generally speaking someone using an "exit bag" (google for yourself) will leave a polite note on the door in case of leakage, since they probably won't be alive later to turn off the knob on the gas tank, but in any controlled setting, a respirator-type mask would do the trick wonderfully.
A colorant or odorant could be easily added for operant safety, but it's not any more dangerous for the operator than, say, dental gasses.
While I'm tacking stuff onto this, I should also say that it doesn't appear as though ThreatExpert installed this sniffer with any sort of parameters - meaning the default behavior for this executable contained the 10.116.240.31 machine expected the c$ share and twain_32 folder to exist.
Although the "kit" form of this executable may include space for selecting a new drop-off point, or the executable they examined might just have a wrapper on it that passes shares and credentials to the real executable, it was designed just for someone who already owned 10.116.240.31.
It's a pretty lazy threat analysis. They run it through an application sequencer, noted the keys it captured and called it "analyzed." I know they'll go further, but why not tell their clients more about the process - does it spawn other processes, handles, hooks, threads, etc?
Adoption is low, but there are most certainly restaurants and car dealerships taking bitcoin.
We've already seen big merchants like Overstock take BTC...and we're seeing more and more people take things like Coinbox at their mom and pop stores.
I think you need to retake Economics 101. Reality doesn't bend to your will. Just because you think Bitcoins shouldn't be in demand, doesn't make it so. What an exceedingly dumb thing to say.
Perhaps you should retake Econ 101. Him thinking Bitcoins are in demand is exactly what makes them worth something.
....one obvious conclusion jumped to is that the test box for ThreatExpert might also just be called "ttcopscli3acs" but the means by which this works (fowards data to an internal box) remains the same.
Even texting on cell phones in theaters get you shot now, so...
Doesn't appear that way to me..
The actual report on the software installed on the agent makes it pretty clear that the information was being gathered locally and forwarded internally to a collection point before being sent to Russia, like I suggested in previous threads:
http://krebsonsecurity.com/wp-content/uploads/2014/01/POSWDS-ThreatExpert-Report.pdf
The point of sale machines try to make a connection to \\10.116.240.31\c$\WINDOWS\twain_32 -- an obvious store-and-forward point on the network for exporting the card data otuside of Target. Hackers compromised this box, likely named ttcopscli3acs, since the credentials passed to 10.116.240.31 were ttcopscli3acs\Best1_user with a password of BackupU$r.
It also made port 80 requests to 10.116.240.31 -- the server the hackers "owned" inside of Target.
The rest of the breakdown only details the registry changes that happen when you install a service -- which was the install vector. There isn't a discussion of how the skimming/scanning/card-stealing software was distributed, but...
IT WAS OBVIOUS THEY WERE ALREADY INSIDE THE NETWORK - they (p)owned servers - so it's a reasonable guess that they just deployed the software without needing any hole on the workstations.
The twain_32 folder is one of those things that casual inspection would overlook - and obviously did.
Schools are generally representative of the neighborhoods they serve.
Shitty neighborhoods have shitty schools.
Good neighborhoods have good schools.
When you hear horror stories about uncaring teachers and students being barely babysat until they get their state minimum hours, you're generally in a terrible neighborhood with a culture of not caring either...
And mid 2000's, and early 2010's.
FYI, I'm still not sure how to pronounce either of those :)
This is better than my other link, sorry:
From: http://developer.android.com/guide/components/fundamentals.html
Programs can, of course, run at startup - otherwise all of your push-based applications and automatic realtime Craigslist searchers would be pretty sad.
http://developer.android.com/guide/topics/security/permissions.html
I don't have a great need to talk to my television, but I find the basic voice controls on my XBox One fairly useful.
Xbox Turn On
Xbox Watch TV
By the time I settle down, it's all good.
I recognize it's not much faster than hitting the "watch TV" button on my Harmony, but it does impress the natives.
Shouting Xbox Mute from across the room is fairly convenient, and the voice commands to snap in things from menus you couldn't get to without navigating for are useful. Saying "Snap NFL" is way easier than turning on my controller, going to the dashboard, finding the app, starting it, going back to TV, etc.
It's...not bad.
RTFA? Or any of the dozens of comments above yours?
TFA is fucking garbage.
MSRT removed a specific version of Tor in a specific arcane/obscured directory used only by a botnet.
It's not even good trolling on the author's part.
It'd be like a piece of malware that installs an old copy of VNC for spying purposes, in a hidden folder, with a obscure named .EXE, starting in an arcane point in the registry, and then leading with a headline of: Microsoft Removes VNC From Computers!.
While the intention was definitely good, I personally would not want to use a machine that the could be remotely accessed in such a mannter.
Well you're in luck!
Using the Malicious Software Removal Tool is entirely voluntary.
Well, you grant it that authority, so unless you're suggesting you shouldn't have that authority, I don't know what your point is.
Most Android malware is installed by user choice, from unsavory sources. If you check the "Trust me, I know what I'm doing" box, you can install an .apk file from anywhere.
Then, in the normal security dialogs, you'll let it do things like send messages or take photos or access the internet -- and then it does just that, except not when you're expecting it.
Your new app can access "public" spaces in the filesystem, like saved photos, contacts (if allowed), etc. but it can't get data out of another program directly unless you're again (a) rooted, and (b) you've allowed this new program root.
Apps with root access can see the entire filesystem, yes.
You'd need (a) a rooted phone, and (b) to have given the application access -- e.g. many backup programs running on rooted phones.
USB access to Android phones allows transfer of files from a number of folders without unlocking the device.
[Most application data directories, of course, aren't among those, but they're not regularly exposed at all during USB connections, so...]
The three most important things are McDonald's are consistency, consistency and consistency.
Although their international preparations change, fat contents of beef vary, and vegetables are often locally sourced, a Big Mac is a Big Mac is a Big Mac in pretty much every English speaking store on the planet, and the one you get on Tuesday will be made exactly the same was on Sunday.
So, roughly one guy in my address book?
As mentioned in my original post, both my current and last jobs were (are) in healthcare. The wheels turn slowly here.