Badcaps.net Forum
Go Back   Badcaps Forums > General Topics > General Computer & Tech Discussion
Register FAQ Calendar Search Today's Posts Mark Forums Read

 
Thread Tools Display Modes
Old 12-06-2014, 09:38 PM   #1
stj
Great Sage 齊天大聖
 
stj's Avatar
 
Join Date: Dec 2009
City & State: Europe
My Country: some shithole run by Israeli agents
I'm a: Professional Tech
Posts: 22,162
Exclamation hmmm - not good.

http://cyberwarzone.com/finfisher-du...rsky-included/
stj is offline   Reply With Quote
Old 12-06-2014, 10:47 PM   #2
Th3_uN1Qu3
Believe in
 
Join Date: Jul 2010
City & State: Bucharest
My Country: Romania
Line Voltage: 230VAC 50Hz
I'm a: Professional Tech
Posts: 5,358
Default Re: hmmm - not good.

Not even Malwarebytes picked it up? That is indeed reason for worry.
__________________
Quote:
Originally Posted by PeteS in CA View Post
Remember that by the time consequences of a short-sighted decision are experienced, the idiot who made the bad decision may have already been promoted or moved on to a better job at another company.
A working TV? How boring!
Th3_uN1Qu3 is offline   Reply With Quote
Old 12-07-2014, 12:27 AM   #3
stj
Great Sage 齊天大聖
 
stj's Avatar
 
Join Date: Dec 2009
City & State: Europe
My Country: some shithole run by Israeli agents
I'm a: Professional Tech
Posts: 22,162
Default Re: hmmm - not good.

"wanted" to pick it up / reported finding it, you mean!!!
stj is offline   Reply With Quote
Old 12-07-2014, 01:54 AM   #4
cheapie
null
 
Join Date: Jul 2010
City & State: Walcott, IA
My Country: USA
Line Voltage: 124VAC 59Hz
I'm a: Hobbyist Tech
Posts: 842
Default Re: hmmm - not good.

Is this a Windows-only (or Windows/Mac only) thing?
cheapie is offline   Reply With Quote
Old 12-07-2014, 01:59 AM   #5
c_hegge
Badcaps Veteran
 
c_hegge's Avatar
 
Join Date: Sep 2009
City & State: North Coast, NSW
My Country: Australia
Line Voltage: 240V 50Hz
I'm a: Professional Tech
Posts: 5,052
Default Re: hmmm - not good.

Quote:
Originally Posted by Th3_uN1Qu3 View Post
Not even Malwarebytes picked it up? That is indeed reason for worry.
And what's really strange is that, of all Antivirus programs, McAfee picked it up
__________________
I love putting bad caps and flat batteries in fire and watching them explode!!

No wonder it doesn't work! You installed the jumper wires backwards

Main PC: Core i7 3770K 3.5GHz, Gigabyte GA-Z77M-D3H-MVP, 8GB Kingston HyperX DDR3 1600, 240GB Intel 335 Series SSD, 750GB WD HDD, Sony Optiarc DVD RW, Palit nVidia GTX660 Ti, CoolerMaster N200 Case, Delta DPS-600MB 600W PSU, Hauppauge TV Tuner, Windows 7 Home Premium

Office PC: HP ProLiant ML150 G3, 2x Xeon E5335 2GHz, 4GB DDR2 RAM, 120GB Intel 530 SSD, 2x 250GB HDD, 2x 450GB 15K SAS HDD in RAID 1, 1x 2TB HDD, nVidia 8400GS, Delta DPS-650BB 650W PSU, Windows 7 Pro
c_hegge is offline   Reply With Quote
Old 12-07-2014, 03:11 AM   #6
stj
Great Sage 齊天大聖
 
stj's Avatar
 
Join Date: Dec 2009
City & State: Europe
My Country: some shithole run by Israeli agents
I'm a: Professional Tech
Posts: 22,162
Default Re: hmmm - not good.

McAfee probably didnt get the bribe.
that guy (John McAfee) has a history, he was prosecuted once to writing a virus to boost sales.
stj is offline   Reply With Quote
Old 12-07-2014, 03:13 AM   #7
stj
Great Sage 齊天大聖
 
stj's Avatar
 
Join Date: Dec 2009
City & State: Europe
My Country: some shithole run by Israeli agents
I'm a: Professional Tech
Posts: 22,162
Default Re: hmmm - not good.

Quote:
Originally Posted by cheapie View Post
Is this a Windows-only (or Windows/Mac only) thing?
the terrorists behind FinFisher have versions for every o.s. including mobile ones.
stj is offline   Reply With Quote
Old 12-07-2014, 03:20 AM   #8
diif
Badcaps Veteran
 
Join Date: Feb 2014
City & State: Midlands
My Country: England
I'm a: Professional Tech
Posts: 4,549
Default Re: hmmm - not good.

As it's been out over 3 years and is expensive, i'd like to think it wasn't picked up by many antivirus solutions.
FinFisher is for Linux too.
diif is online now   Reply With Quote
Old 12-07-2014, 01:45 PM   #9
cheapie
null
 
Join Date: Jul 2010
City & State: Walcott, IA
My Country: USA
Line Voltage: 124VAC 59Hz
I'm a: Hobbyist Tech
Posts: 842
Default Re: hmmm - not good.

Quote:
Originally Posted by diif View Post
FinFisher is for Linux too.
Well, then.... let's hope that it doesn't become a big problem.
cheapie is offline   Reply With Quote
Old 12-07-2014, 09:11 PM   #10
stj
Great Sage 齊天大聖
 
stj's Avatar
 
Join Date: Dec 2009
City & State: Europe
My Country: some shithole run by Israeli agents
I'm a: Professional Tech
Posts: 22,162
Default Re: hmmm - not good.

it cant get far in linux or osx without being given root access.

it's much harder to takeover a nix box because the security works very differently than windoze.
the same does not apply to fonez where the fone company / google are the root admin and you are just the user.
that's why you should always install a custom rom and lay off the app-store crap.

got an "eye-fone" - your fucked in that regard!
stj is offline   Reply With Quote
Old 12-07-2014, 10:47 PM   #11
goontron
5000!
 
goontron's Avatar
 
Join Date: Dec 2011
City & State: South Greeley, Wyoming
My Country: US
Line Voltage: 13.9kv HT service and some 240v center tap oddity.
I'm a: Professional Tech
Posts: 4,010
Default Re: hmmm - not good.

Quote:
Originally Posted by stj View Post
it cant get far in linux or osx without being given root access.

it's much harder to takeover a nix box because the security works very differently than windoze.
the same does not apply to fonez where the fone company / google are the root admin and you are just the user.
that's why you should always install a custom rom and lay off the app-store crap.

got an "eye-fone" - your fucked in that regard!
+1 to get the equivalent of root on windows its just one API call away.... with anything *nix it's a call to sudo, su, xdg-su, etc. and the rest would exceed the character limit of the forum.
__________________
Things I've fixed: anything from semis to crappy Chinese $2 radios, and now an IoT Dildo....

"Dude, this is Wyoming, i hopped on and sent 'er. No fucking around." -- Me

Excuse me while i do something dangerous


You must have a sad, sad boring life if you hate on people harmlessly enjoying life with an animal costume.

Sometimes you need to break shit to fix it.... Thats why my lawnmower doesn't have a deadman switch or engine brake anymore

Tomorrow Is Nearly Yesterday And Everyday Is Stupid!
goontron is offline   Reply With Quote
Old 12-07-2014, 11:42 PM   #12
ratdude747
Black Sheep
 
ratdude747's Avatar
 
Join Date: Nov 2008
City & State: Madison, IN
My Country: USA
Line Voltage: 120VAC 60Hz
I'm a: Professional Tech
Posts: 16,131
Default Re: hmmm - not good.

Quote:
Originally Posted by stj View Post
it cant get far in linux or osx without being given root access.

it's much harder to takeover a nix box because the security works very differently than windoze.
the same does not apply to fonez where the fone company / google are the root admin and you are just the user.
that's why you should always install a custom rom and lay off the app-store crap.

got an "eye-fone" - your fucked in that regard!
Two points:

1. what finfisher was made to do doesn't require root... as spying on a single user doesn't require or benifit from taking the system down. Ideally such would change as little as possible to avoid detection.

2. A lot of phones don't allow for custom roms like my POS Att galaxy S4. locked bootloader and it was made after the batch disabling loki came out. I didn't know at the time ATT locked all thier bootloaders... so I'm fucked for another year. Lucky to get root... and I couldn't even get safestrap to work (not that that compatible roms are any better, they still have touchwiz bullshit to pass the bootloader).
__________________


(Insert witty quote here)
ratdude747 is offline   Reply With Quote
Old 12-07-2014, 11:48 PM   #13
goontron
5000!
 
goontron's Avatar
 
Join Date: Dec 2011
City & State: South Greeley, Wyoming
My Country: US
Line Voltage: 13.9kv HT service and some 240v center tap oddity.
I'm a: Professional Tech
Posts: 4,010
Default Re: hmmm - not good.

Quote:
Originally Posted by ratdude747 View Post
Two points:

1. what finfisher was made to do doesn't require root... as spying on a single user doesn't require or benifit from taking the system down. Ideally such would change as little as possible to avoid detection.

2. A lot of phones don't allow for custom roms like my POS Att galaxy S4. locked bootloader and it was made after the batch disabling loki came out. I didn't know at the time ATT locked all thier bootloaders... so I'm fucked for another year. Lucky to get root... and I couldn't even get safestrap to work (not that that compatible roms are any better, they still have touchwiz bullshit to pass the bootloader).
not sure what it would be spying on. all keyloggers (that i have found) crash X. clamAV is OSS, so yeah.....
goontron is offline   Reply With Quote
Old 12-08-2014, 12:05 AM   #14
ratdude747
Black Sheep
 
ratdude747's Avatar
 
Join Date: Nov 2008
City & State: Madison, IN
My Country: USA
Line Voltage: 120VAC 60Hz
I'm a: Professional Tech
Posts: 16,131
Default Re: hmmm - not good.

Screenshots perhaps?
ratdude747 is offline   Reply With Quote
Old 12-08-2014, 01:05 AM   #15
stj
Great Sage 齊天大聖
 
stj's Avatar
 
Join Date: Dec 2009
City & State: Europe
My Country: some shithole run by Israeli agents
I'm a: Professional Tech
Posts: 22,162
Default Re: hmmm - not good.

a nix ap will need root access to get itself to reliably auto-start.
if it just attaches to a user proccess then it's dead after a reboot.
the only possible way around thatis to spoof itself as a screensaver - but i'm not even sure that would work because the screen savers are in the root path and the terror-ware could not insert or link itself to the path without being root.
it also cant hide - not that protesters,journalists etc know how to look for it anyway.
stj is offline   Reply With Quote
Old 12-08-2014, 01:17 AM   #16
goontron
5000!
 
goontron's Avatar
 
Join Date: Dec 2011
City & State: South Greeley, Wyoming
My Country: US
Line Voltage: 13.9kv HT service and some 240v center tap oddity.
I'm a: Professional Tech
Posts: 4,010
Default Re: hmmm - not good.

Quote:
Originally Posted by ratdude747 View Post
Screenshots perhaps?
I would, but....
No seriously, where can I get a replacement print screen keycap for an IBM model m keyboard?
Attached Images
File Type: jpg IMG_20141208_241456304.jpg (921.3 KB, 28 views)
goontron is offline   Reply With Quote
Old 12-08-2014, 01:20 AM   #17
stj
Great Sage 齊天大聖
 
stj's Avatar
 
Join Date: Dec 2009
City & State: Europe
My Country: some shithole run by Israeli agents
I'm a: Professional Tech
Posts: 22,162
Default Re: hmmm - not good.

you could patent that and sell modded keyboards to the u.s. government.
call it the anti-snowdon keyboard layout!
stj is offline   Reply With Quote
Old 12-09-2014, 12:39 AM   #18
Spork Schivago
Your Awesomeness
 
Join Date: Mar 2012
City & State: Corning, New York
My Country: United States of America
Line Voltage: 120VAC 60Hz
I'm a: Professional Tech
Posts: 4,617
Default Re: hmmm - not good.

Quote:
Originally Posted by stj View Post
a nix ap will need root access to get itself to reliably auto-start.
if it just attaches to a user proccess then it's dead after a reboot.
the only possible way around thatis to spoof itself as a screensaver - but i'm not even sure that would work because the screen savers are in the root path and the terror-ware could not insert or link itself to the path without being root.
it also cant hide - not that protesters,journalists etc know how to look for it anyway.
Not really arguing with you here but for KDE, I know you used to be able to put a shell script in /home/username/.kde/Autostart and it'd auto start when you logged into KDE. I don't know if that still works. I run Gnome now. /home/username/.kde/Autostart would be owned by the user, not root, I'd like to think.
__________________
-- Law of Expanding Memory: Applications Will Also Expand Until RAM Is Full
Spork Schivago is offline   Reply With Quote
Old 12-09-2014, 12:54 AM   #19
stj
Great Sage 齊天大聖
 
stj's Avatar
 
Join Date: Dec 2009
City & State: Europe
My Country: some shithole run by Israeli agents
I'm a: Professional Tech
Posts: 22,162
Default Re: hmmm - not good.

kde autostart wont work with kde4, i know because i tried to use it once for a christmas screen decoration.
it worked in kde3 though.
stj is offline   Reply With Quote
Old 12-09-2014, 01:06 AM   #20
Agent24
I see dead caps
 
Agent24's Avatar
 
Join Date: Oct 2007
City & State: Hiding inside a plated-through hole
My Country: New Zealand
Line Voltage: 230VAC 50Hz
I'm a: Hobbyist Tech
Posts: 4,636
Default Re: hmmm - not good.

Interesting but that VT scan has not been updated for a couple of months.. needs to be re-scanned to see what's up now... but they have to re-upload the file I think
__________________
"Tantalum for the brave, Solid Aluminium for the wise, Wet Electrolytic for the adventurous"
-David VanHorn
Agent24 is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



Badcaps.net Technical Forums 2003 - 2020
Powered by vBulletin ®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
All times are GMT -6. The time now is 05:46 PM.
Did you find this forum helpful?