Dirk,
Even if there was an institutionally installed, surreptitious, key logger within the hardware/firmware of laptops built over the last 10 years, how do the devices ‘phone home’ the captured data?
Yes, you could have ‘rogue’ chips installed…. Doctored CMOS… Any number of nasty, clever, hardware/firmware sort of things that tools like chkroot, and other similar scanners couldn’t find as it is not software, but something instrumenting memory directly, or listening on some IO path on the box, that is performing the logging of key strokes.
The problem for the bastards, again, is how do they make use of anything they capture with out the transfer, eventually, being spotted?
There are any number of clever ways to send data surreptitiously, many such methods are used once by the Agencies and then abandoned as they feel that they are likely compromised after being used in ONLY ONE Op against a capable advesary. Coming up with CovComms is an interesting endeavor, one that I, in fact, am engaged in. However, they ALL get spotted, eventually… Especially, in the case of some firmware based keylogger on “every’ laptop built since 10 years ago”…. Such a huge amount of data, flowing from the millions of Windoze and Mac machines in use, would INEVITABLY be spotted by resourceful, and very clever, Network Security types.
The data MUST get out on the network, if they are to retrieve it… If not the “Internet” then what other network accessible to the hardware? It MUST be routed (to get anywhere outside of the local area network’s collision domain [Ethernet]), I.E. it must be carried within a packet routed over a layer 3 protocol (IPv4 and increasingly IPv6, by definition, implement the “Internet”). Again, you could try hiding it (CovComs) in stuff but these methods are WELL KNOWN and only clever encoding, obfuscation, and spreading messages around any number of these methods work for very long. People like, me (if motivated by need, duty, curiosity, money, or any combination of the former) WOULD FIND IT.
Frankly, I don’t for a second believe that the miscreants have an institutional capacity to instrument our machines. Yes, they occasionally, with a varying degree of effort (depending on how protected a machine is), will plant a rootkit on some box, and get data out of it (USUALLY by physical access to the machine and NOT by any network transmission). Probably they plant hardware/firmware on h4xored laptops on particular targets… But institutionally? On every laptop out there? No way….
The first thing that happens to any new laptop (certainly within a year or so of it coming out) is that its taken completely apart, and every component checked by Security Professionals. If I had anything that I TRULY NEEDED to hide, and the budget to support it, that is what I would do…
A lot of what folks perceive as being ‘hacked’ is either plain old crappy networks wigging out at random. However, that is not to say that any number of Denial of Service attacks can’t account for claims of being ‘hacked’… there is a BIG difference between the bastards screwing with our connectivity, via any number of methods and actually having our machines broken into and compromised. For example, it is ELEMENTARY to completely mess up a Wireless 802.11x network if you are in range of the Access point and have some very simple software to inject frames over the air. One could also send syn floods, or icmp floods, or send tcp reset packets, or do any number of things to make networks unstable, unreliable, or completely unusable (and when that is done, its again then ELEMENTARY, if one captures packets entering the affected network, to tell what is happening to the network)… But, that is a FAR CRY from actually Hacking INTO a box–that is a different kettle of fish altogether–and an attacker must have a vector, a vulnerability, to be exploited. At the same time, those very same vectors, and vulnerabilities, and are constantly being discovered (and the more its used the faster its found) and publicized, by the very community that is blamed for the Hacking!
In any case, I do what I can and giving Google free reign to capture details about my life–THAT I CLEARLY AM CERTAIN THAT THEY CAN DO–would be completely FOOLISH, if not INSANE on my part.
What your are saying, Psychiatrist, is that its is reasonable to not fix the leak in your tank that you KNOW ABOUT, because you have a “Belief” that a much bigger leak exists but that you can not put your finger on but for a nebulous dread….
I would humbly suggest that it would behoove you to contemplate the most apropos function of your Moniker and evaluate if your position on this matter is, in fact, “sane” or is not….
Regards,
–Azti
