Reply to post: Re: If I visited dodgy sites...

Search engine results increasingly poisoned with malicious links

tr1ck5t3r

Re: If I visited dodgy sites...

Considering how easy it is to spin up a website nowadays, and considering this TED talk warning people of their filter bubble from March 2011 https://www.ted.com/talks/eli_pariser_beware_online_filter_bubbles and considering the level of surveillance there is when you combine the advert tracking which deliver viruses & other malicious software often zero day types, you really dont know what are dodgy sites now a days.

Some of the things I've caught is the TalkTalk tv box trying to access windows 7 desktop, and sites like DailyMail.co.uk & Akamai networks being blocked by Snort for the data they have been delivering. If it wasnt for the vlans & firewall setup I've had at home I wouldnt have caught this stuff. Attacking home devices to gain access to work networks is a valid attack vector especially if you provide support to other companies is not beyond the realms of possibility.

Even running from a Linux live CD, I recently heard a laptop emitting a funny noise similar to the old dialup modem handshake which wouldnt have been picked up in a room with normal noise levels, but would have been picked up by microphones in nearby devices.

In fact one hack I discovered last night, appears to target CD roms, causing it to not read from genuine media but does boot from fake media printed to look like Dell Windows CD's. The fake Dell CD's will install on any non Dell computer, the genuine Dell media will not install on non-Dell devices. If you do a diagnostic on the Dell optical drive it throws an errorcode 0152 incorrect status 1A Error Registration 0020h but only when you run diagnostics on the device. Thats your only clue.

Bottom line is, you cant trust any of your tech and unless you log everything and have disposable servers handling your encrypted internet traffic for things like email servers or serving webpages, and then pull that back to your internal main servers unencrypted whilst logging it and acket inspect it, you have zero chance of spotting some hacks considering the resources some entities have.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon