[ / / / / / / / / / / / / / ] [ dir / 8teen / gdp2083 / hikki / htg / loomis / maka / tijuana / yoga ][Options][ watchlist ]

/tech/ - Technology

You can now write text to your AI-generated image at https://aiproto.com It is currently free to use for Proto members.
Name
Email
Subject
Comment *
File
Select/drop/paste files here
* = required field[▶ Show post options & limits]
Confused? See the FAQ.
Expand all images

File (hide): 4fb21ce10323484⋯.jpg (19.47 KB, 500x375, 4:3, replacing-cooling-fan-02.jpg) (h) (u)

[–]

 No.829008[Watch Thread][Show All Posts]

>check bottom of Thinkpad

>several screws are loose or missing

>I frequently take it to work and leave it unattended in my office

>someone could have hastily opened it up and inserted some kind of spy chip or some shit

How do I check to make sure? In general, what way can I detect if someone has tampered with my hardware/inserted physical keyloggers/given me the ol' USB UEFI/IME overwrite?

 No.829010

nigga fuck off this shit nigga go smoke some rock lol gucci gang gucci gang


 No.829015

TPM


 No.829020

>muh spy chip

solder should be easy to spot with eyes, swapped boards/cards even more so

>UEFI

reflashing from livecd doesn't take days

>missing screws

weak point, screws are not that strong

calm down, t. FBI


 No.829021

No one's going to bother with a custom modification to your laptop. Even the NSA would just use software.

t. spook


 No.829034>>829194

It's better to do this preemptively. You can find out of place hardware easily by inspecting your machine, but unless you have previous ROM dumps you can compare with, you don't have a way to know that your firmware has not been altered.

The easy way to know you're safe from drive by USB exploits is to fill the USB ports in with hot glue. You will additionally want to fill in or otherwise disable any port that has DMA.

A crude intrusion sensor can be made with glitter nail polish. Put some on the important screws on the bottom and take high resolution pics of them. Keep the pics in a safe place. Compare the glitter patterns on the screws to the pics every time you turn the machine on. If there are screwdriver marks or different glitter patterns, intrusion is likely.

I would additionally recommend you add some blue thread locker before applying the paint so that the screws don't loosen by themselves if that's an issue on your machine.

More autism-tier hardware security advice can be found at link related. This article used to ship with the libreboot docs, but has since been removed.

https://notabug.org/libreboot/libreboot/src/8791c95748efa02fd8c998706883a0d23ff0e85e/docs/hardware/t60_security.md

If this seems like too much for you, it may be worth asking yourself if you're really an important enough target for anybody to bother with.


 No.829045

Look at the hardware implants described here to get an idea of what's in use: https://en.wikipedia.org/wiki/Global_surveillance_disclosures_(2013%E2%80%93present)

But yeah, any writable firmwware is suspect also. That's not just the CPU, since a lot of hardware uses firmware now. Kaspersky found malware hiding in HD firmware, totally invisible to the OS.


 No.829046>>829085

>tfw it's just some autist from your work who likes stealing screws.

Depending on your persona importance there are two possibilities:

1) Someone installed obvious hardware tap or bug, inspect the board carefully, compare with photos from Internet and schematics. Flash all firmwares with programmer or solder-down new if they have some sort of protection. Add nail polish or epoxy on those chips.

2) They forged a double-function chip instead of USB or network controller and utilize your DDR bus as cellular antenna. There is no way you can find out if it's done properly. There is no need for skilled attacker like NSA or megahacker like Mr Reddit to do that, though, Intel ME comes pre-installed already and has ton-of-a-bugs.


 No.829085>>829094

>>829046

Intel ME is disabled (or can be disabled) on consumer-grade products.


 No.829094

>>829085

You aren't good with computers, right?

Do not confuse Management Engine and AMT.

I bet you still can't tell difference between Internet and Internet Explorer, gramps.


 No.829194>>829250

>>829034

>DMA access

lol


 No.829220

File (hide): d55465ef7afa56c⋯.png (9.02 KB, 320x256, 5:4, menace_05.png) (h) (u)

Hey! DMA is no laughing matter!

(but PCs sure are)


 No.829250

>>829194

Direct DMA memory access.


 No.829253

File (hide): ccbe273231bec74⋯.jpg (34.51 KB, 640x331, 640:331, interception-and-beacon-lo….jpg) (h) (u)

One of the Tor coder had one keyboard he bought for his thinkpad intercepted. He prefered to toss it.

And please, stop with the "you're useless", "they'll never attack you" and stuff.

That's monstrously retarded. Because the scale of the surveillance system and soon to be executive system will be so damn huge that yeah, every single one of you will be at risk.

You're no the needle in a haystack.

I would even say that they don't need to bug you directly, since with all your internet fingerprint, they already know what you're thinking, and with algo, what is the risk of you doing anything at all.

We're fucked, and since a long time. The only thing that change with time is that we're fucked even more. That's the truth. Now you can put your head in the sand, saying "they don't care about you" or "it's too expansive for them". Bullshit. Their power is far beyond what is presented in 1984.



[Return][Go to top][Catalog][Screencap][Nerve Center][Cancer][Update] ( Scroll to new posts) ( Auto) 5
13 replies | 2 images | Page ?
[Post a Reply]
[ / / / / / / / / / / / / / ] [ dir / 8teen / gdp2083 / hikki / htg / loomis / maka / tijuana / yoga ][ watchlist ]