Thread: Idle fun for net hackers..
View Single Post
  #109   Report Post  
Posted to uk.d-i-y
The Natural Philosopher[_2_] The Natural Philosopher[_2_] is offline
external usenet poster
  
Posts: 39,563
Default Idle fun for net hackers..
dennis@home wrote:


Nothing does get changed on the system, you are hacked from the start.
The hack is loaded on startup, runs in ram, disappears when you look for
it, reappears on restart, still no changes to your hashes.
Sure if you monitor all the outputs you may find the system is doing
something odd but you reinstall it and the hack is still there and the
hashes are the same.

Ok, so how is it going to avoid appearing in the process table?


It is possible to hide these from the source code of the compiler
by recognising the compiler and adding the code to do this when the
compiler is compiled.

But they have no control over what compiler you use with a common
language.

Are you sure it isn't in say the GNU compiler?

Its easy enough to be sure of that.

How?

By compiling code to assembler and looking at it.

Or in the limit disassembling the object files.


What you have to understand that as long as there is ONE trusted system
out there, you can uses it to assess an untrusted system,

IF of course you consider that no system can be trusted, and the men in
black helicopters have exploits on every single piece of hardware and
software, and have mind controlled all et software engineers working on
them, and that Neo is really not in the Matrix at all, then all I can
say is take the blue pill.



You can't detect it by reading the source and if you compile the
source with an infect compiler you have an infected compiler.

So you ensure you dont use infected compiler.

How?

By inspecting what it is doing.


Before you say this can't be done, did you use a binary to compile
your last program or did you do it by hand to ensure the above
wasn't done?

My last program isnt relevant. What matters is what is used to
compile the system that does the checks. With hashes the code
can be so simple that its quite practical to compile it by hand.

So you don't understand what I said then.

Wrong. There doesnt have to be any compiler involved at all.

You can compile by hand if you are that paranoid.

So now you are required to be paranoid to meet your security claim?


No Dennis, that doesn't mean there is a job waiting for you as a
security consultant: It means that you are ill.

Take the blue pill.


To people who know nothing, anything is possible. To people who know too
much, it is a sad fact that they know how little is really possible and
how hard it is to achieve it.

Reply With QuoteReply With Quote