Discussion in 'Computers, Games, Electronics etc' started by DarkHand, Oct 31, 2013.
Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps
Absolutely incredible stuff.
Well that was a weird read.
This guy has finally lost his mind. I'm familiar with him - he's not an idiot.
But speakers and microphones to communicate? What the hell ?
I don't want to click on that link. I didn't even want to click on this thread. But I just had to comment on this.... Why are there so many worthless piece of shit people working on methods to randomly fuck people over? I mean I could understand if it was on a personal level, but to randomly fuck someone's day up, someone you don't know and have never met; what is wrong with these people?
It's using an attack vector that one of the foremost security researchers in the world can't pin down. This is state-sponsored level stuff if it's real.
Money in the case of "normal" malware. Check out the new strong encryption ransomware articles that have been popping up lately.
But in this case as DarkHand said, it is most likely State sponsored stuff. Much like Stuxnet.
I believe it's highly likely the Chinese have been cooking this type of stuff directly into the chips of consumer electronics for some time now. If you pwn the hardware, antimalware software is useless.
We're living in an age where the greatest criminal threat to our prosperity is our own governments. To say it's Orwellian would be a massive understatement. Orwell couldn't have fathomed how bad it would get or how easy technology would make it, or how complicit the people would be. Snowden released evidence that the NSA tapped into the fiber optics going into the Google and yahoo servers, and the head of NSA goes on national TV with a flag sewn on his shoulder and lies to our fucking faces. They violate our constitution and expect to be viewed as a legitimate authority instead of the crime syndicate they truly are.
There's more truth in this thread than any of you will ever know.
That being said, this thing is scary as fuck, but just stresses something called "Supply Chain Integrity." I've said this before, but I'll leave this here again:
Throughout India, Pakistan and China school is free.
And what's better, is you just show up and start attending. It's the dream.
But it turns into a nightmare when upon graduation, you're now in a world of people with your same exact resume and degree. So you don't get jobs.
Those countries are full of companies that don't even put out ads anymore to hire. They wait for people to come to them on their knees, begging for scraps to do a little coding. This is the paradise of free education in the eyes of the communist. But I digress:
In order for these guys to stand out, they need to go home, write something, and then show the recruiters / employers how good they are. Spyware is born.
Spyware is supported by, and endorsed throughout the growing third and second world.
Remember Bonsai Buddy? That application wasn't spyware, but they had an SDK for it that would allow someone to build spyware into it, before that was even a word.
I had a friend who worked for that company in their "data collection center." They received so much data each week that they shipped hard drives from one site to another, to load it into a database cluster and check for duplicates and pre-process it. Once it was pre-processed, they'd buy time from Cray. I'm talking about Ryder trucks full of hard drives each week. They were only the number two or three user of Oracle's database software back then... They would sell access to their database in the form of queries. One query cost you $10k, but it would return so much ASCII data that they'd send it on a hard drive.
Most spyware, malware, and data mining software is contracted out to the lowest bidders. What happens is these companies anonymously post an offer on some forums and in a couple IRC channels, and people respond. They receive the documentation, and the coders all go to work. The buyer sifts through all the crap, and pays the coders according to completion and adherence to the documentation -- all in escrow. THIS is how spyware is born. It's not a race to the top, it's an obfuscated way to make money. The coders only receive TIDBITS of whatever they're writing so nobody can piece it all together but the offeror. Nobody builds a resume on this stuff.
Then you'll have to ask yourself : Where is the money ?
Separate names with a comma.