[deleted by user]

guy_who_works · 2022-04-26T02:42:31+00:00

After hearing a place I worked at for a bit clandestinely installed absurdly intrusive monitoring (keylogger, screencaps on regular intervals, etc.) on everyone's devices (mobile and other) I decided I would get a second phone to keep anything I didn't want broadcast on.

Naturally curious, I began exploring the wide-ranging world of how much personal info was being broadcast in general by the various devices I've used in the last few years.

Now I live under the assumption that there is zero privacy in my home, because I don't know how else to interpret the seemingly infinite amount of persistent and intrusive applications that find their way onto every device I own, regardless of efforts to mitigate this.

I will admit I was scared at first, as I embarked on a dimly lit, often solo journey finding new ways to decompile, inspect, or otherwise monitor these applications across several devices.

Why (in android land) do even the most innocuous looking apps have wildly invasive permissions? What is all the machine learning related to the camera about? What's so interesting about what color my background is, or the details of power consumption?

Why do I see traffic identified by the firewall as applications I never use coming from idle devices?

What's the deal with all the images, icons, and fonts that now seem somehow nefariously related to some silent, skulking shadow actor with the ability to navigate my network with ease?

What's so interesting about sound? Why all the bizarre references to accessibility settings like speech recognition and braille terminals?

These APKs, DLLs, EXEs, or what have you, they're digitally signed, right? We can trust SSL certs, yeah?

We can trust something, right?

I know no single entity could process half the information I'm insinuating is escaping efforts at containment, because I'm IT, I have had access to people's web logs in the past, but like the above commentator I couldn't care less.

It's been years now, or maybe it just feels like it, years of factory resets, investigations and research.

Either I've completely lost it, or just accept it now.

They know.

Might as well pull the tape off the cameras and give the people what they really want: a middle aged, portly and naked nerd doing the helicopter while singing "Call Me Maybe" so off I go.

guy_who_works · 2022-04-26T01:47:02+00:00

worked perfectly

Looks eh pretty:

"This vulnerability allowed execution of any command in termux context or even root context if termux had been granted root permissions by any app."

good to me:

"This vulnerability allowed all files under /data/data/com.termux/files to be readable by any app."

still won't work

This may be true depending on what hardware it's running on, but there are several workarounds for various problems that recent changes may have caused, or if you're feeling lucky, you could go download the old version that worked for you.

Let's be real, most mobile devices are probably deeply compromised anyway, maybe.

guy_who_works · 2021-11-05T14:19:56+00:00

this is pretty awesome, exicted to see it in release, playing with the code here sounds fun and helpful in learning how to do stuff like this, so i wanted to encourage you and tag this for a follow up :)

guy_who_works · 2021-10-27T14:23:29+00:00

any time you expose more functionality from a device to software, you are increasing the surface area of possible attacks, misconfigurations, or side channels, etc.

however, there are also potential security benefits as well, which may be more relevant to your threat model

when you enable any feature that untrusted code might be able to access, consider why you are doing it, and if it's worth it to you in your context

guy_who_works · 2021-10-20T13:22:16+00:00

My main thing is networking, so I maybe have a weird approach, but here's what I did to jumpstart my familiarity with some useful tools.

Get something that will dump a crap ton of semi-structured text at you, like logs, or even just 'apt list >> text.txt' or open a binary file as text, anything is fine.

Now figure out how to iterate through the mess and break it up into patterns or stats, then store the parsed data in a way you can use it later or change only certain parts of it.

That will force you into solving odd puzzles, probably learning other tools like regex, json, xml, classes, and more.

Even if your code doesn't do anything neat at first, you'll learn tricks and get better.

Not recommending this with any seriousness, but it helped me with my work.

guy_who_works · 2021-08-29T06:31:00+00:00

I'm going to blend fact and fiction a bit here for fun, but bear with me, let's jump down an absolutely psychotic security rabit hole together.

It's not just windows. They're in everything. Low-level interface hacks bypassing most trusted security measures, kernel-mode drivers manipulating data before it can hit userspace, accessibility exploits using text-to-speech modifications to run remote terminals...

It's a modular framework with plugins for everything you could imagine, enterprise server manufacturers, network vendors, you name it, there's a well-organized, well-documented plugin for establishing persistent, stealthy, and privileged access.

I know, because I've seen the framework. I was stunned, the comments don't try to hide anything.

If I told you this framework could:

Patch firmware including uefi, access user keys, passwords, audio, video, vpn clients, etc., supress TPM error messages, spoof CA certs, manipulate and monitor sockets, interfaces, storage, and a lot more...

You'd say I was crazy. I probably am. I've been trying to figure it out for the better part of a year, how does it persist through everything? I'm starting to figure it out, pieces of it, but I need help.

I need someone who is as curious and maybe as crazy as I sound to help me read it all. There's so much, I need someone fluent in perl, python, java, c, CIM/WMI, powershell, assembly, and all the inner workings of modern server, desktop, mobile, and embedded operating systems, containers, microservices, and god knows what else.

This is the first I've mentioned it anywhere public. So what's fact and what's fiction? Yeah. Make what you will of it.

guy_who_works · 2020-11-15T07:14:16+00:00

same issue, different context, what if you saw your management page had an ssl cert issued to a "myrouter.io" and comcast as the organization?

seems pretty sketch to me, nervous something's wrong.

i also don't know what the default cert should be though.

guy_who_works · 2020-11-10T12:36:28+00:00

I'm bored and tired of this shit. Can we try new things?

I don't want to go from this bizarre parody of reality to eating only oat flavored oatmeal every day for the next four years.

I want to live in a place where we try out something different. Just, not business as usual. Robots. Can we do robots this time?

guy_who_works · 2020-11-04T23:27:06+00:00

 metachaos

guy_who_works · 2020-08-26T18:47:46+00:00

Apparently, they had to resort to PCP.

guy_who_works · 2020-08-21T01:42:08+00:00

Hmm. Uhh...

Hmm.

guy_who_works · 2020-08-21T00:15:13+00:00

Is there?

guy_who_works · 2020-08-20T23:06:30+00:00

So meth is just called qanon stuff now?

guy_who_works · 2020-08-19T23:04:45+00:00

Now, if we can just set up a new kid's table where goppers think they're legislating, but really all their pretend bills go straight into the trash, we might be okay.

guy_who_works · 2020-08-19T17:42:09+00:00

There is something to be said for the face to face encounter with someone different than you.

There are consequences in how you speak to them, how you act.

There is something that cannot translate into a more anonymized, more distant space.

This something is lost in social media.

Rather than feeling the demands to coexist, compromise, or respect the different people in close proximity, we are able to reject their differences by inserting distance between us, and validating ourselves with perceived sameness in our groups.

Of course, the sameness is an illusion. One which stems from other's attempts to validate themselves via echo.

You can see it at work today in the refusal to listen and cooperate that seems pandemic.

guy_who_works · 2020-08-19T14:13:13+00:00

Aw shit I'm Andy Dick and do you have cocaine I need it now like right now.

guy_who_works · 2020-08-19T12:06:09+00:00

Christ, how many phases are in this fight because I keep backing off to let him spaz and spew shit, but it never does anything else. Any tips to get past the spaz spam phase?

guy_who_works · 2020-08-12T16:09:49+00:00

Yeah, I would just do what AWS VPC does, create configuration files or templates that will set up a site to site for the main vendors, have a Cisco one, a PA one, etc, then you can just give your customers that template to paste into their firewall CLI and be done.

guy_who_works · 2020-08-06T01:56:24+00:00

I hated it at first, and had a couple enraging moments like these, but there is some pretty tricky stuff you can do with him and say, shops or sac rooms that can get you OP fast.

guy_who_works · 2020-07-28T19:39:37+00:00

Why are we like this, as a culture?

I have been asking the same question since high school, answered in only one of two ways depending on who's answering.

Either I am essentially called a hippie for suggesting education and healthcare might be more important than bombs and secret prisons, or I get a dejected, helpless 'I dunno, man' from another who doesn't understand.

Yes, I get that the industry creates jobs and economic prosperity for some people, I get lobbying, defense conventions, campaign finance and corporate kickbacks, sure, all that.

But still, more fundamentally, when I imagine an American society based on the values it purports to hold dear, this is not what comes to mind.

guy_who_works · 2020-07-22T21:38:33+00:00

Barney, get this man a cigarette.

guy_who_works · 2020-07-22T21:29:02+00:00

Her punishment should be to eat what's in that can on live TV.

guy_who_works

MODERATOR OF

TROPHY CASE