~BD~ <~BD~@nomail.afraid.org> wrote in
news:j4aap3$ddu$2@dont-email.me:
>> I've been trying to follow all you, Dustin, have said about LoJack
>> both here and in the 'alt.comp.spyware group.
Posting the contents of that email isn't following, *******.
--
I am a sinner
Hold my prayers upto the sun
I am a sinner
Heaven's closed for what I've done.
Dustin wrote:
> ~BD~<~BD~@nomail.afraid.org> wrote in
> news:j4aap3$ddu$2@dont-email.me:
>
>>> I've been trying to follow all you, Dustin, have said about LoJack
>>> both here and in the 'alt.comp.spyware group.
>
> Posting the contents of that email isn't following, *******.
>
>
WTF???
I've posted *no* email content!
~BD~ <~BD~@nomail.afraid.org> wrote in news:j4bavi$do9$2@dont-email.me:
> I've posted *no* email content!
Fine. I jumped the gun. Some of the wording is almost identical to your
last email. The one you hinted about posting already. I'm sure you can
understand my quickness on the trigger on this one. no excuse, but..
atleast you understand the reasoning?
If I ever get around to taking all my text file quickie notes,
disassemblies and bins together into something readable for a techie, I
will provide it to a safe site where I know trusted, respected and
professional persons can study it safely. Obviously, you don't have the
pre-requiste knowledge to keep a potentially harmful piece of code in a
safe and controlled environment. It would be at the very least,
irresponsible of me to openly share the code or my notes as without
proper precautions, firmware corruption can result. I can handle that
should it occur, but you couldn't and I wouldn't want you to be left with
a dead computer on my account.
--
I am a sinner
Hold my prayers upto the sun
I am a sinner
Heaven's closed for what I've done.
Dustin wrote:
>~BD~ <~BD~@nomail.afraid.org> wrote in news:j4bavi$do9$2@dont-email.me:
>
>> I've posted *no* email content!
>
>Fine. I jumped the gun.
You lied.
G. Morgan <G_Morgan@easy.com> wrote in
news:jbll67tj5vb8d556bobbqsspdv55h8p3ih@Osama-is-dead.net:
> Dustin wrote:
>
>>~BD~ <~BD~@nomail.afraid.org> wrote in news:j4bavi$do9$2@dont-email.me:
>>
>>> I've posted *no* email content!
>>
>>Fine. I jumped the gun.
>
> You lied.
About?
--
I am a sinner
Hold my prayers upto the sun
I am a sinner
Heaven's closed for what I've done.
Dustin wrote:
>G. Morgan <G_Morgan@easy.com> wrote in
>news:jbll67tj5vb8d556bobbqsspdv55h8p3ih@Osama-is-dead.net:
>
>> Dustin wrote:
>>
>>>~BD~ <~BD~@nomail.afraid.org> wrote in news:j4bavi$do9$2@dont-email.me:
>>>
>>>> I've posted *no* email content!
>>>
>>>Fine. I jumped the gun.
>>
>> You lied.
>
>About?
Him posting a personal email.
G. Morgan <G_Morgan@easy.com> wrote in
news:qdol675rijfvj5hddh3rb7gp0utqr1no3p@Osama-is-dead.net:
> Dustin wrote:
>
>>G. Morgan <G_Morgan@easy.com> wrote in
>>news:jbll67tj5vb8d556bobbqsspdv55h8p3ih@Osama-is-dead.net:
>>
>>> Dustin wrote:
>>>
>>>>~BD~ <~BD~@nomail.afraid.org> wrote in
>>>>news:j4bavi$do9$2@dont-email.me:
>>>>
>>>>> I've posted *no* email content!
>>>>
>>>>Fine. I jumped the gun.
>>>
>>> You lied.
>>
>>About?
>
> Him posting a personal email.
Missed this huh?
"Some of the wording is almost identical to your
last email. The one you hinted about posting already. I'm sure you can
understand my quickness on the trigger on this one. no excuse, but..
atleast you understand the reasoning?"
a lie is something that's done on purpose Morgan. Obviously, I didn't
lie, I was wrong, but it wasn't intentional.
--
I am a sinner
Hold my prayers upto the sun
I am a sinner
Heaven's closed for what I've done.
Dustin wrote:
> ~BD~<~BD~@nomail.afraid.org> wrote in news:j4bavi$do9$2@dont-email.me:
>
>> I've posted *no* email content!
>
> Fine. I jumped the gun. Some of the wording is almost identical to your
> last email. The one you hinted about posting already. I'm sure you can
> understand my quickness on the trigger on this one. no excuse, but..
> atleast you understand the reasoning?
OK. I'll forgive you.
> If I ever get around to taking all my text file quickie notes,
> disassemblies and bins together into something readable for a techie, I
> will provide it to a safe site where I know trusted, respected and
> professional persons can study it safely. Obviously, you don't have the
> pre-requiste knowledge to keep a potentially harmful piece of code in a
> safe and controlled environment. It would be at the very least,
> irresponsible of me to openly share the code or my notes as without
> proper precautions, firmware corruption can result. I can handle that
> should it occur, but you couldn't and I wouldn't want you to be left with
> a dead computer on my account.
Please don't worry about my computer Dustin. It's simply a tool and
easily replaceable. Please answer my original question, viz:-
If I have understood correctly, when the LoJack software is loaded onto
a computer (from a CD/DVD) somehow or other, an alteration is made to
the BIOS chip. In turn, this results in a situation whereby even if the
hard drive is wiped clean, the product survives and can still call home.
Now, if LoJack can do this, as I've intimated in the past, why cannot a
specifically crafted *malware* do exactly the same thing if it was
planted on a CD/DVD which a user deliberately 'loaded' for a specific
purpose? For example, a CD used to install drivers for a printer or,
perhaps, a CD ordered by post to install Windows XP SP2?
Serious question.
Why don't you load it up. study it and report back here the results?
IOW answer you own questions and educate the masses at the same time.
"~BD~" <~BD~@nomail.afraid.org> wrote in message
news:j4etue$jre$1@dont-email.me...
If I have understood correctly, when the LoJack software is loaded onto
a computer (from a CD/DVD) somehow or other, an alteration is made to
the BIOS chip. In turn, this results in a situation whereby even if the
hard drive is wiped clean, the product survives and can still call home.
Now, if LoJack can do this, as I've intimated in the past, why cannot a
specifically crafted *malware* do exactly the same thing if it was
planted on a CD/DVD which a user deliberately 'loaded' for a specific
purpose? For example, a CD used to install drivers for a printer or,
perhaps, a CD ordered by post to install Windows XP SP2?
Serious question.
~BD~ <~BD~@nomail.afraid.org> wrote in
news:j4etue$jre$1@dont-email.me:
> Please don't worry about my computer Dustin. It's simply a tool and
> easily replaceable. Please answer my original question, viz:-
Alright. Consider it everyone elses computers who might try playing
around if I made the findings public. If you want an example, How many
computers are likely infected with something right now? Infected is
still better than dead.
For those users who can't remove, say, mywebsearch, a firmware
corruption is a dead computer; I don't think they'd be so forgiving.
> If I have understood correctly, when the LoJack software is loaded
> onto a computer (from a CD/DVD) somehow or other, an alteration is
> made to the BIOS chip. In turn, this results in a situation whereby
> even if the hard drive is wiped clean, the product survives and can
> still call home.
An additional codeblock is installed in a freespace section of the BIOS
itself, depending on installation style and manufacturer (I'm not going
to get any more specific here) it may or may not include modified
firmware code for the mainBIOS itself. Not all systems have a bios
which supports this. It isn't universal.
> Now, if LoJack can do this, as I've intimated in the past, why
> cannot a specifically crafted *malware* do exactly the same thing if
> it was planted on a CD/DVD which a user deliberately 'loaded' for a
> specific purpose? For example, a CD used to install drivers for a
> printer or, perhaps, a CD ordered by post to install Windows XP SP2?
David,
I never implied one couldn't do this; I only stated an ITW sample of a
real malware (technically, lojack is greyware) has never been reported.
firmware corruption, yes, but not installation of additional code. It's
not universal, as I've said from the getgo. The BIOS has to support it,
and the flasher code has to know which bios it's flashing too. It has
to do some very specific things in a specific order to convince the
BIOS to accept a new program. Those things and that order is specific
to BIOS manufacturer; not universal.
Also,
Some mainboards on desktop pcs (you can lojack those too if you feel a
real risk of the computer being stolen. You should be more concerned
with the data on it, tho. Imho.) contain a secondary read-only basic
firmware program; in the event of BIOS corruption, or the board things
you screwed up, it can reflash the bootblock for you, with code direct
from manufacturer. This will not touch lojack, but will restore you
from firmware corruption.
> Serious question.
Serious explanation provided, I'm sorry I can't be more specific, but
it would be bad of me. I have told people to google it tho. I can't
stop you from learning things that way.Hint hint.
--
I am a sinner
Hold my prayers upto the sun
I am a sinner
Heaven's closed for what I've done.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote