wildcard

Cyber-security 101 Information thread

333 posts in this topic

Soo finally I'm getting around to posting a few things. Firstly a little background, I have some experience and a few certifications in the cyber-security field working for one of the major ISP's. I don't work for the Gubymint though we do some work for them. I focus mainly on internal stuff going back out. I'll answer what questions I can if any of you have them.

I've been reading about Gubymit consiracies for years and I do LOVE a GOOD conspiracy (keyword here is GOOD). I find that most people are greatly misinformed and or mislead when It comes to cyber-security, Gubermint eavesdropping, hacking ect. You really need to understand why things work the way they do on a starship to be abel to do what they do.

The recent rash of "state sponsored" virus like Stuxnet, and Gauss were developed several years ago. They were "found" only because most likely they served their prurpose. Also what was found doesn't mean that it is the ACTUAL product. We have seen this stuff for awhil now, take Gauss for instance :

On August, 9 2012, Kaspersky filed a press release stating that they had discovered the “Gauss” virus. According to the release Gauss is a, “complex, nation-state sponsored cyber-espionage toolkit designed to steal sensitive data, with a specific focus on browser passwords, online banking account credentials, cookies, and specific configurations of infected machines.”

“The Flame” was the second cyber-espionage toolkit to be discovered, surfacing in May 2012. This piece of malware had the ability to record audio, screenshots, traffic and even keystrokes of an infected computer. It also had the subsequent ability to remotely transmit this information back to a central location. This piece of malware targeted Iran as well, but also had several targets throughout the Middle East and North Africa, including: Sudan, Syria, Lebanon, Saudi Arabia and Egypt.

“Stuxnet,” discovered in June 2010, was the first major cyber weapon to be uncovered, and was created in order to target and disrupt the Uranium enrichment powers of several Iranian companies. According to an upcoming book about cyber-security, sources have apparently confirmed the United States’ and Israel’s collaboration in this project.

These were all developed 3-5 yrs ago, the new stuff wont be found for a few years and thats not even taking into account on what the "other" side is sending back our way in retaliatoin.

All of them appear mainly outside the U.S., why you might ask? well, A) They very easily could have something (like finfisher) here in the CONUS. Then again they don't really need to use anything. B) Thanks to the patriot act a special agent can send over a order to a ISP or telecomm under the auspices of Calea and get all of a persons phone records, text messages, browser history, IM history, Email history, and even get a direct link to a persons computer. Oh and notice I didn't say a jusges order or supeana! NOPE just a SAIC (special agent in charge) sends over a special request and they get a load of information, then if it's determined to be needed they get a more encompassing warrent signed by a judge. I don't do these reports, I monitor the folks that do pull this information. We used to write them up for Code of Conduct violations and breaking certain laws since the information is zipped then sent in the clear with no encryption. WHY you ask? because the agency or law enforcement department usually cant de-crypt files since they either don't know how, have a much older version or have a free version that doesn't allow them to! So much for the Guberment protecting your rights and privacy!!

Here is another little tidbit most people don't seem to understand. TOR is a IP anonymizer and in 3rd world countries it works great! but, some things we in the free world (supposedly) should know. TOR was designed for ...the DOD. It was released later on as freeware by...the DOD. You may be asking yourself "well so what wildcard, whats up with that?" well, do you really think they are gonna release something that could be used against the U.S. Gubermint without creating some kind of back door, especially for the encryption portion? From what I have heard from some folks I took a certification class with, it was released to help "freedom fighters", disadents ect in foreign countries primarily however, they still wanted to be able to monitor what was going on. Another thing to consider for the IP anonymizing portion: information leaves your PC in the form of packets, to get anonymized it goes to a anonymizing proxy server but, before it gets there it has to cross your ISP's gateway and backbone. Guess where the taps are at? (BTW tehy are usually our taps and we just feed the info to whichever agency requires it like NSA). I know they may sound like paraoid ramblings but keep this in mind, I monitor our network, I know how it operates from the inside, I know where the taps are, the loggers, and I know what kind of systems "tehy" use cause its some of the same systems WE use.

This isn't meant to give anyone a feeling of doom and gloom ala GLP. I just think it fair if some of you know some of how things work. For the vast majority of us all, it's really no big deal. Unless TPTB are looking for you, or are monitoring you. Yes it is hard to "find someone doing something", like a needle in a very very large haystack but, if they already are monitoring you, well not much you really can do.

If they aren't monitoring you or looking for you you can make it difficult for them but you can never make it impossible. NSA or any other groups greatest asset is their people, not their systems. I say this because they are just like me, doing the same thing all day long gets really boring and monotenous, when I (or them) get whiff of a scent we are like bloodhounds on the hunt and I am a very tenacious hunter.

Ill post more when time allows and I'll answer any questions and no this isn't gonna be a "im a such and such ask me a question" kinda GLP thread. I won't answer anything that will be illegal or violate confidentiality rules of my company but, if you have a serious question or want to learn more about cyber or network security then I will answer as best I can.

3 people like this

Share this post


Link to post
Share on other sites

oops....!! Thanks wildcard for explaining this fully...confirmation is always nice.... :D

Share this post


Link to post
Share on other sites

Thanks wildcard for a very interesting read...please feel free to post any other tid-bits of information which may help us to understand the telcomm companies better or anything related to keeping us safe from eavesdropping, but from the sound of it seems there is no way to be safe from their snooping.

The TOR info also very helpful did not realize this was a dod project... thanks again for posting looking forward to some follow up information.

Share this post


Link to post
Share on other sites

Here is some more stuff :

http://www.wired.com/dangerroom/2012/08/degrade-disrupt-deceive/

http://www.wired.com/threatlevel/2012/08/gauss-espionage-tool/

Kaspersky had uncovered Flame in May after the UN’s International Telecommunciations Union asked the company to investigate claims out of Iran that malware had struck computers belonging to the oil industry there and wiped out data. Kaspersky never found malware that matched the description of the code that attacked the oil industry computers, but did find Flame, a massive and sophisticated espionage toolkit that has multiple components designed to conduct various kinds of espionage on infected systems. One module takes screenshots of e-mail and instant-messaging communications, while other modules steal documents or turn on the internal microphone on a computer to record conversations conducted via Skype or in the vicinity of an infected system.
(emphasis on the BOLD'D parts)

In regards to Gauss there is something very interesting as quoted here:

While the banking component adds a new element to state-sponsored malware, the mysterious payload may prove to be the most interesting part of Gauss, since this part of the malware has been carefully encrypted by the attackers and so far remains uncracked by Kaspersky. The payload appears to be highly targeted against machines that have a specific configuration — a configuration used to generate a key that unlocks the encryption. So far the researchers have been unable to determine what configuration generates the key. They’re asking for assistance from any cryptographers who might be able to help crack the code.

He notes that using a strong encryption key tied to the configuration illustrates great efforts by the attackers to control their code and prevent others from getting a hold of it to create copycat versions of it, something they may have learned from mistakes made with Stuxnet.
A major reason stuxnet got discovered is because one of the "partner nations" (everyone is assuming it was Israel) Altered some of the code to expand on what stuxnet attacked, this backfired and it was discovered early also it is easily copied and altered to attack U.S. and its allies.

Share this post


Link to post
Share on other sites

here is some lite (hehe) reading for ya'll

http://www.verizonbusiness.com/about/events/2012dbir/  (clicky on the read now button)

More info on stuxnet, flame, gauss ect.

http://www.securelist.com/en/blog/208193767/Gauss_Nation_state_cyber_surveillance_meets_banking_Trojan

Here is a online Gauss detection tool: I recommend this to everyone

http://gauss.crysys.hu

Here is some info on something I (we) have been following for a lil while.

http://www.securelist.com/en/blog/208193808/What_was_that_Wiper_thing

I made mention of this in another thread...cant find it now but the gist is this: while Kaspersky Labs was looking into Flame they found Gauss but whilst all this has been happening and getting lots of MSM time there is something else out there, it appears to be this Wiper malware. This appears to be a direct type of attack software that is delivered to its target by unknown means, basically wipes everything and then leaves no trace. You can't develop anti-virus definition files unless you can get part of the code to get it's "signature".

From Kaspersky's security blog:

The malware was so well written that once it was activated, no data survived. So, although we-ve seen traces of the infection, the malware is still unknown because we have not seen any additional wiping incidents that followed the same pattern as Wiper, and no detections of the malware have appeared in the proactive detection components of our security solutions.

Conclusions:

It may be possible that we will never find out what Wiper was but based on our experience, we are reasonably sure that it existed, and that it was not related to Flame.

It-s possible that some machines exist somewhere where the malware has somehow escaped being wiped, but if there is such a case, we haven-t seen it yet.

Wiper may have been related to Duqu and Stuxnet, given the common filenames, but we cannot be sure of this.

What is certain is that Wiper was extremely effective and has sparked potential copycats such as Shamoon.

The fact that the use of Wiper led to the discovery of the 4- or 5-year-old Flame cyber-espionage campaign raises a major question. If the same people who created Duqu/Stuxnet/Flame also created Wiper, was it worth blowing the cover of a complex cyber-espionage campaign such as Flame just to destroy a few computer systems?

Emphasis added by yours truly-

More info when I get it, if any of you can get thru all that reading before I have more to post...then I owe ya a beer! Took me awhile to digest it all and filter thru it and I have a bit of experience with this stuff  8)

Share this post


Link to post
Share on other sites

http://www.reuters.com/article/2012/09/17/us-usa-security-viruses-idUSBRE88G0QF20120917

(Reuters) - Researchers have found evidence suggesting that the United States may have developed three previously unknown computer viruses for use in espionage operations or cyber warfare.

The findings are likely to bolster a growing view that the U.S. government is using cyber technology more widely than previously believed to further its interests in the Middle East. The United States has already been linked to the Stuxnet Trojan that attacked Iran's nuclear program in 2010 and the sophisticated Flame cyber surveillance tool that was uncovered in May.

Anti-virus software makers Symantec Corp of the United States and Kaspersky Lab of Russia disclosed on Monday that they have found evidence that Flame's operators may have also worked with three other viruses that have yet to be discovered.

The two security firms, which conducted their analyses separately, declined to comment on who was behind Flame. But current and former Western national security officials have told Reuters that the United States played a role in creating Flame. The Washington Post has reported that Israel was also involved.

Current and former U.S. government sources also told Reuters that the United States was behind Stuxnet. Kaspersky and Symantec linked Stuxnet to Flame in June, saying that part of the Flame program is nearly identical to code found in a 2009 version of Stuxnet.

For now, the two firms know very little about the newly identified viruses, except that one of them is currently deployed in the Middle East. They are not sure what the malicious software was designed to do. "It could be anything," said Costin Raiu, director of Kaspersky Lab's Global Research and Analysis Team.

NEWSFORYOU

Kaspersky and Symantec released their findings in reports describing analysis of "command and control" servers used to communicate with and control computers infected with Flame.

Researchers from both firms said the Flame operation was managed using a piece of software named "Newsforyou" that was built by a team of four software developers starting in 2006.

It was designed to look like a common program for managing content on websites, which was likely done in a bid to disguise its real purpose from hosting providers or investigators so that the operation would not be compromised, Kaspersky said in its report.

Newsforyou handled four types of malicious software: Flame and programs code-named SP, SPE and IP, according to both firms. Neither firm has obtained samples of the other three pieces of malware.

Kaspersky Lab said it believes that SP, SPE and IP were espionage or sabotage tools separate from Flame. Symantec said it was not sure if they were simply variations of Flame or completely different pieces of software.

"We know that it is definitely out there. We just can't figure out a way to actually get our hands on it. We are trying," Symantec researcher Vikram Thakur said in an interview.

About a dozen computers in Iran and Lebanon that are infected with one of the newly identified pieces of malware are trying to communicate with command and control servers, according to Kaspersky Lab.

The researchers found a large cache of data on one of the command and control servers, but cannot analyze it because it is encrypted using a password that they said would be virtually impossible to crack.

They believe that it was encrypted so heavily because the people coordinating the attack did not want the workers using the Newsforyou program to be able to read potentially sensitive information.

"This approach to uploading packages and downloading data fits the profile of military and/or intelligence operations," Symantec said in its report.

.

The implications of this are getting pretty scary, It's Illegal for you or I to infect computers with a virus but, you can go to work for the US gubermint and its A-OK!!

Share this post


Link to post
Share on other sites

OK then...how about they catch the jerk who keeps putting them on my computer??I was getting to the point that I was running a full virus scan morning and night  good lord...nope, not gonna say it....LOL

Share this post


Link to post
Share on other sites

OK then...how about they catch the jerk who keeps putting them on my computer??I was getting to the point that I was running a full virus scan morning and night  good lord...nope, not gonna say it....LOL

do you have a firewall? either hardware based or software based? If so you can go thru the logs and block the offending IP address's IF that is how they are comming to you. If it;s  a site your visiting or a link on a site that can be blocked as well. try installing ADblock+, that stops alot of drive by spyware/virus's. No Script is another good one to have on your browsers.

Let me know if you need more help

Share this post


Link to post
Share on other sites

Yes, have a firewall...software I'd think it is...I will check into both of those....Thank you very much, wildcard....breezy

Share this post


Link to post
Share on other sites

Stuxnet goes out of control: Chevron infected by anti-Iranian virus, others could be next

Published: 09 November, 2012, 20:49

ifac7bc4f743f293f78c88714d3195454_america-s-accidental-cyber-civil-war--stuxnet-ravages-chevron.n.jpg

America’s cyberwar is already seeing collateral damage, and it’s hitting the country’s own billion-dollar companies. Oil giants Chevron say the Stuxnet computer virus made by the US to target Iran infected their systems as well.

California-based Chevron, a Fortune 500 company that’s among the biggest corporations in the world, admits this week that they discovered the Stuxnet worm on their systems back in 2010. Up until now, Chevron managed to make their finding a well-kept secret, and their disclosure published by the Wall Street Journal on Thursday marks the first time a US company has come clean about being infected by the virus intended for Iran’s nuclear enrichment program. Mark Koelmel of the company’s earth sciences department says that they are likely to not be the last, though.

“We’re finding it in our systems and so are other companies,” says Koelmel. “So now we have to deal with this.”

Koelmel claims that the virus did not have any adverse effects on his company, which generated a quarter of a trillion dollars in revenue during 2011. As soon as Chevron identified the infection, it was taken care of immediately, he says. Other accidental targets might not be so lucky though, and the computer worm’s complex coding means it might be a while before anyone else becomes aware of the damage.

“I don’t think the US government even realized how far it had spread,” Koelmel adds.

http://rt.com/usa/news/stuxnet-chevron-cyber-virus-348/

Share this post


Link to post
Share on other sites

Certain countries have taken virus's released by the supposed good guys and back engineered/re-engineered them and turned them loose...everywhere. This isn't going to just affect teh U.S. but the whole world.

Its going to get worse...alot worse, we are already getting cert bulletins of these new attacks as they happen and we are getting them several times a day where as we used to get them alot less often  maybe every couple or three days.

some information that we use (NOTE: these aren't goofy halfwitted doom on sites ...just a FYI they are actually real)

http://mtc.sri.com/

https://atlas.arbor.net/

http://www.securitywizardry.com/radar.htm

Share this post


Link to post
Share on other sites

Thank you for this thread wildcard.

Here's a question for you; if a website is put up  and within an hour or so and is visited-as noted by Google Analytics- from Quantico, and then by Washington DC without any other information, both coming direct without referral from a search engine or another site, what exactly does that mean?

The site contained no overtly political content, but was Celtic art.

Share this post


Link to post
Share on other sites

Thank you for this thread wildcard.

Here's a question for you; if a website is put up  and within an hour or so and is visited-as noted by Google Analytics- from Quantico, and then by Washington DC without any other information, both coming direct without referral from a search engine or another site, what exactly does that mean?

The site contained no overtly political content, but was Celtic art.

Sounds like a standard scan of a new site to update a database

Share this post


Link to post
Share on other sites

Thank you for this thread wildcard.

Here's a question for you; if a website is put up  and within an hour or so and is visited-as noted by Google Analytics- from Quantico, and then by Washington DC without any other information, both coming direct without referral from a search engine or another site, what exactly does that mean?

The site contained no overtly political content, but was Celtic art.

Sounds like a standard scan of a new site to update a database

Thanks. :)

Share this post


Link to post
Share on other sites

Certain countries have taken virus's released by the supposed good guys and back engineered/re-engineered them and turned them loose...everywhere. This isn't going to just affect teh U.S. but the whole world.

Its going to get worse...

Yes, blow back.

Share this post


Link to post
Share on other sites

http://fearthegovernment.com/keystroke_logger.html

GOVERNMENT AND COMPUTER MANUFACTURERS CAUGHT INSTALLING HARD-WIRED KEYSTROKE LOGGERS INTO ALL NEW LAPTOP COMPUTERS!

Turner Radio Network | October 4, 2005

Devices capture everything you ever type, then can send it via your ethernet card to the Dept. of Homeland Security without your knowledge, consent or a search warrant each time you log onto the internet! .........

Share this post


Link to post
Share on other sites

>:(  >:(    >:(

man oh man...I knew there were gonna be days like this...although I hoped not...makes me wonder about all this wireless technology and if on laptops, then how about regular pcs???

Share this post


Link to post
Share on other sites

http://www.veteransnewsnow.com/2012/12/05/u-s-to-start-internet-storm-of-dissent-as-direct-consequence-of-blatant-spying/

Europeans unhappy with U.S. snooping on their internet activity under the guise of protecting its citizens!

Storm of Dissent to Hit U.S. and Deservedly So…

Researchers at the University of Amsterdam have publicly voiced their concerns and anger at the United States for allowing their unconstitutional “Patriot Act” to bypass foreign laws and snoop on foreign citizens. Here is their most recent published study ...

The United States has long been using the excuse of security as a means to justify its over arching investigation on the innocent citizens of the world. The fact that policy creators are so out of touch in 2012 is best shown in their idiotic support of laws that are completely against the citizens of the world. Do they honestly believe they have gotten away with this treason unnoticed?

... Every president has gone under oath swearing to uphold the constitution. The only law in America that all other laws must be judged by is the CONSTITUTION. Any government act that tries to get around the law is stupid at least, criminal at best.

Administration after administration have made it their goal to trash the people’s Constitution, Why? Because they’re power hungry perverts.....

Share this post


Link to post
Share on other sites

http://fearthegovernment.com/keystroke_logger.html

GOVERNMENT AND COMPUTER MANUFACTURERS CAUGHT INSTALLING HARD-WIRED KEYSTROKE LOGGERS INTO ALL NEW LAPTOP COMPUTERS!

Turner Radio Network | October 4, 2005

Devices capture everything you ever type, then can send it via your ethernet card to the Dept. of Homeland Security without your knowledge, consent or a search warrant each time you log onto the internet! .........

I find it rather interesting among other things that the author of that article is using pictures that are from an article written in 2000 (almost 13 years ago!...you will see this information again). I found this by just doing a quick google search for keyghost. So my question is: IF the author REALLY took his laptop apart to work on it why didn't he take his own photos?

Also he actually has some of the exact text written regarding this little device as does previous articles.

Original article was written in 2000, the one quoted is from 2005 using pics and text from the 2000 article....Ask yourself something "when was DHS created"? This is after spending less than 5 minutes researching the article, I could go on...

Oh and using a ps/2 keyboard?...they still make those?

Another thing to consider, the technology is leaps and bounds more advanced than 13 years ago! personally I use a USB connected keyboard/mouse and use wireless at work. Bluetooth can be intercepted if your within range and if TPTB want my keystrokes they just install a duplicate keyboard with a device built inside of the keyboard (ever take one apart? Know ANYBODY that has?) It;s far far easier to just pull all mine or anyones data right off the network not to mention cheaper, more clandestine, and faster

Even if they put the high end keystroke device, thats  2 million keystrokes! Now try multiplying that by say 300 million people, not only do you have to have multi-petaflops (or more) of storage capacity to put all these logs into, THEN you need to have someone look thru each and every log (we are talking trillions+ of lines of logs). Now ofcourse someone would have a machine doing the heavy lifting but damn thats still going to take a HUGE amount of time and for what? to see what you typed in a email they most likely have anyway? pffft...

Anonymous- I'm not trying to throw you under the bus, I know I sometimes come off this way but in reality I'm just trying to get people to see that alot of the folks that write these little articles have absolutely no idea how the cyber security field really works and just sensationalize non issues OR it could be a disinfo article to lead you away from the stuff you really should be afraid of.

Now, all that being said if you have gotten yourself on "their" radar and "they" want your data..."they" are going to get it...all of it and there is little you can do about it. some things you do can do to mitigate it but "they" will still get what they are after...if its there or not  8)

Oh wait there is more!!

Look here: http://www.dansdata.com/keyghost.htm this is the original article from 2000

This part is about 3/4 of the way down but ill quote it here:

UPDATE!

I wrote this review way back in 2000. Some time in 2005, somebody decided to use the above section of the review, including the pictures, in a hoax story about "Dell Keyloggers". The story alleges that the above hardware was being hidden in Dell laptops, and who knows where else, at the order of the US Department of Homeland Security.

This is, of course, nonsense. But as of early 2009 the bogus story is still all over the Web, sometimes in the deluxe edition that includes my pictures too. There's a Snopes page about it, as well.

And now, back to the original review.

1 person likes this

Share this post


Link to post
Share on other sites

Wow!  Thank you wildcard.

I have a Dell laptop, bought around 2005.

Back in 2010, someone wanted to get into my laptop.

I do not use wi-fi but rather a wired connection to the internet and that one night, I found my wi-fi suddenly activated itself and was trying to connect up to a network.  I stopped it but it kept trying again and again.  I'm not a computer buff but after a bit of a battle, discovered out how to disable it.

Around that time, I had another strange incident.  I was using my daughter's PC and I left it in hibernate mode for the night.  This too has a wired connection to the internet which is never unplugged.  (I can't remember if the wi-fi was disabled at the time.)  The next morning, I found someone had got into it and left me a scary message. 

The laptop uses Win XP while the PC is on Windows Vista.

I also have a netbook - on Win XP. 

Back at that very strange time when they kept trying to break into my computers, I found that my webcam kept switching itself on.

Luckily, I had the lens covered up so it did not matter.

I discovered that I had this software which kept activating itself - Remote Computer.  I think I noticed these because they appeared in the Start menu.  I kept disabling it but it kept switching itself back on.

They eventually managed to fry my netbook and all the data disappeared but it didn't have that much in it in the first place.  My laptop survived perhaps because my healer had taken it upon himself to protect it with some special blessings or whatnot.  His son who was upgrading my laptop, considers his father to be a bit weird in that way!

Have you any idea how people can do this to me?  I stopped worrying about people monitoring me on the internet.  I just assume they watch me all the time and leave it at that.  I tell people that where Satanism is concerned, there are no secrets for I have seen demonstrations of what psychics can do.  A competent psychic only needs to be given a name to get the low down on that person, dead or alive.

I've also had a very strange experience on the internet which is totally woo-woo but perhaps doesn't really belong in this thread.  It is unlikely that anyone else would encounter that.

Share this post


Link to post
Share on other sites

http://fearthegovernment.com/keystroke_logger.html

GOVERNMENT AND COMPUTER MANUFACTURERS CAUGHT INSTALLING HARD-WIRED KEYSTROKE LOGGERS INTO ALL NEW LAPTOP COMPUTERS!

Turner Radio Network | October 4, 2005

Devices capture everything you ever type, then can send it via your ethernet card to the Dept. of Homeland Security without your knowledge, consent or a search warrant each time you log onto the internet! .........

I find it rather interesting among other things that the author of that article is using pictures that are from an article written in 2000 (almost 13 years ago!...you will see this information again). I found this by just doing a quick google search for keyghost. So my question is: IF the author REALLY took his laptop apart to work on it why didn't he take his own photos?

Also he actually has some of the exact text written regarding this little device as does previous articles.

Original article was written in 2000, the one quoted is from 2005 using pics and text from the 2000 article....Ask yourself something "when was DHS created"? This is after spending less than 5 minutes researching the article, I could go on...

Oh and using a ps/2 keyboard?...they still make those?

Another thing to consider, the technology is leaps and bounds more advanced than 13 years ago! personally I use a USB connected keyboard/mouse and use wireless at work. Bluetooth can be intercepted if your within range and if TPTB want my keystrokes they just install a duplicate keyboard with a device built inside of the keyboard (ever take one apart? Know ANYBODY that has?) It;s far far easier to just pull all mine or anyones data right off the network not to mention cheaper, more clandestine, and faster

Even if they put the high end keystroke device, thats  2 million keystrokes! Now try multiplying that by say 300 million people, not only do you have to have multi-petaflops (or more) of storage capacity to put all these logs into, THEN you need to have someone look thru each and every log (we are talking trillions+ of lines of logs). Now ofcourse someone would have a machine doing the heavy lifting but damn thats still going to take a HUGE amount of time and for what? to see what you typed in a email they most likely have anyway? pffft...

Anonymous- I'm not trying to throw you under the bus, I know I sometimes come off this way but in reality I'm just trying to get people to see that alot of the folks that write these little articles have absolutely no idea how the cyber security field really works and just sensationalize non issues OR it could be a disinfo article to lead you away from the stuff you really should be afraid of.

Now, all that being said if you have gotten yourself on "their" radar and "they" want your data..."they" are going to get it...all of it and there is little you can do about it. some things you do can do to mitigate it but "they" will still get what they are after...if its there or not  8)

Oh wait there is more!!

Look here: http://www.dansdata.com/keyghost.htm this is the original article from 2000

This part is about 3/4 of the way down but ill quote it here:

UPDATE!

I wrote this review way back in 2000. Some time in 2005, somebody decided to use the above section of the review, including the pictures, in a hoax story about "Dell Keyloggers". The story alleges that the above hardware was being hidden in Dell laptops, and who knows where else, at the order of the US Department of Homeland Security.

This is, of course, nonsense. But as of early 2009 the bogus story is still all over the Web, sometimes in the deluxe edition that includes my pictures too. There's a Snopes page about it, as well.

And now, back to the original review.

;) Well said Wildcard,and absolutely true. You cannot hide crap from those guys if they want to know what you're up to. No point. Unless u really had something to hide , then you give them something they want to see and subversively continue on with what you are doing. under the radar as it were. I have no doubt they can see and hear any person on the internet at any given moment- (unless incognito?). Somewhere out in cyberland the Matrixmother is storing every bit and bite of any info being transmitted... Gee doesn't that make you feel better?

Share this post


Link to post
Share on other sites

Wow!  Thank you wildcard.

I have a Dell laptop, bought around 2005.

Back in 2010, someone wanted to get into my laptop.

I do not use wi-fi but rather a wired connection to the internet and that one night, I found my wi-fi suddenly activated itself and was trying to connect up to a network.  I stopped it but it kept trying again and again.  I'm not a computer buff but after a bit of a battle, discovered out how to disable it.

Around that time, I had another strange incident.  I was using my daughter's PC and I left it in hibernate mode for the night.  This too has a wired connection to the internet which is never unplugged.  (I can't remember if the wi-fi was disabled at the time.)  The next morning, I found someone had got into it and left me a scary message. 

The laptop uses Win XP while the PC is on Windows Vista.

I also have a netbook - on Win XP. 

Back at that very strange time when they kept trying to break into my computers, I found that my webcam kept switching itself on.

Luckily, I had the lens covered up so it did not matter.

I discovered that I had this software which kept activating itself - Remote Computer.  I think I noticed these because they appeared in the Start menu.  I kept disabling it but it kept switching itself back on.

They eventually managed to fry my netbook and all the data disappeared but it didn't have that much in it in the first place.  My laptop survived perhaps because my healer had taken it upon himself to protect it with some special blessings or whatnot.  His son who was upgrading my laptop, considers his father to be a bit weird in that way!

Have you any idea how people can do this to me?  I stopped worrying about people monitoring me on the internet.  I just assume they watch me all the time and leave it at that.  I tell people that where Satanism is concerned, there are no secrets for I have seen demonstrations of what psychics can do.  A competent psychic only needs to be given a name to get the low down on that person, dead or alive.

I've also had a very strange experience on the internet which is totally woo-woo but perhaps doesn't really belong in this thread.  It is unlikely that anyone else would encounter that.

Without physically going thru the logs on your PC/laptop I can only make educated guess. Most likely you got some malicious software from a website. Possibly due to a re-direct or cross site scripting. Also you seem to have either had remote desktop software maybe bundled on your laptop or it was a drive by install, this can happen on some websites where you don't see anything but in the background software is being installed, or it could have come in a email....these ae just guess's but, in truth that was then what you need to do is protect yourself NOW.

I have no doubt that your healer is awesome and their blessing help especially with the spirit world however when it comes to cyber security you need to take a proactive LAYERED approach...actually even with things beyond the "normal" world we see you should do this but, thats another discussion.

I put together a little list that will help and strongly encourage EVERYONE to use or use something similar.

PC/Laptop protection:

Anti-virus protection!  don't matter who you use (I use AVG paid version but free is just as good) you absolutely positively MUST keep the virus definition files up to date AND actually let the AV software run its scans...DAILY full scans not the short lil quick scans!

Anti spyware: windows defender, spybot search and destroy (awesome), spyware blaster, Adaware (good but can block stuff you want to get thru so might need tinkering). BTW not one of these but SEVERAL since no anti spyware catches 100%. Again run regularly and if using spybot make sure to use the immunize feature.

Firewall: software version, Windows firewall (IMNSHO just isn't beefy enough) get one and use it (I use AVG)

Firewall: Hardware, most routers have a built in firewall...USE it! When it comes to firewalls its like Ian Mcshane...ya just cant have enough Ian!! (great actor BTW)

File and or hard drive encryption. I encrypt my main harddrive, I use a seperate SDD drive for gamming and browsing with encrpted files on it.

Email scan: scan ALL incoming email BEFORE you open it, even if its from a trusted source since they may have been compromised!

Passwords: Personally I keep all my passwords in keypass safe (free to use). It encrypts passwords using 256 bit encryption, I only have to remember 1 master password and it has some really cool features like password generator, and login shortcuts where it fills in your login info for you using a certain keystroke command that you can specify.

Best practice security stuff: Keep financial and personal info on a separate drive  (even a usb drive), make backups and keep them encrypted and stored somewhere other than you Harddrive I dont use carbonite but I hear good things.

BROWSING:

I use either Firefox and or Chrome...I got burned to many times with IE so I simply dont use it.

You should get some very helpful extensions and use them in both browsers-

Adblock plus (cant live without it!) I know Aco has ads on here but, the only time ever saw one was when I turned this off..when on ...no ads (sorry Aco!)

Lastpass: I use this in conjunction with lastpass, it stores your passwords on a secure server. I use this for forum logins, news sites ect. NOT for banking or financial...yeah I trust them to a point..im still paranoid and that can be a good thing, my shink told me soo!!

WOT: helps you find trustworthy websites with user participation. Really nice when doing those deep web searches

NoScript: STOP those nasty scripts BEFORE they can run in your browser

Ghostery: Protect your privacy. See who's tracking your web browsing and block them

That should help, when you start looking at the various addons for your browsers its always gonna be a tradeoff between performance and security.

here is the link to firefox's addon page for security:

https://addons.mozilla.org/en-US/firefox/extensions/privacy-security/

Chrome Extensions 9sorry no security direct links, ya gotta search:

https://chrome.google.com/webstore/category/extensions

http://www.chromeextensions.org/

Always remember no security no matter how advanced is 100% so come at it with a layered approach, if they get past one layer then hopefully the next layer will either stop them or slow them down enough to give you time to take action. Hope some of this helps

Share this post


Link to post
Share on other sites

Thank you Wildcard.

It's kind of you to give me those pointers.

It's a jungle out there.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now