Thanks Tobias,
It is always good to know that contact has been made.
What a shame that it is not likely to be one of those scenarios that you
outline :(
I do accept that it could be a bizarre coincidence, but.....
"While the scenario outlined below is very 'Grand Jeu' I will not be at all
surprised to learn that you believe this to be a hack."
----------------------------------------
This must be taken seriously.
I haven't carefully crafted the email to waste peoples valuable time.
There is every reason to consider the event as a realistic scenario.
It may not be.
That would be great.
My problem is that, like most people, I never studied digital security.
I'm having to catch up; but I can't - it's too complex.
I got Tails, and some secure mailboxes.
However, with hindsight; logically, this is merely a security layer to be
overcome.
Anyway, my guess is: that is what happened.
For a variety of reasons, it would be useful to know.
Even if we can't run tests.
Can such a hack be implemented with a mobile phone?
Is the laptop in all likelihood lost?
Are there any devs that can answer these questions?
I'm one of the good guys.
I'd appreciate some help on this :)
--
Securely sent with Tutanota. Claim your encrypted mailbox today!
https://tutanota.com
2. Feb 2018 19:12 by tob...@freiwuppertal.de:
> Hey,
> Disclaimer: I am a regular user, not a security expert. I am not a developer
> in this project, I'm subscribed to the list because I ran a Tails mirror for
> some years.
>
> Three things that came to my naive mind when reading:
>
> - Cui bono?
> - Hanlon's Razor
> - Number of users vs. Coincidence
>
> Is there any reason for an attack? Does the specific worker have any
> theoretical reason to be malicious here?
>
> Also, when a product is used by a billion people, a bug with a probability of
> "only 1:1000000" will occur about 1000 times. Extremely unlikely scenarios
> can suddenly actually happen when many people are using the same software. It
> is almost guaranteed that somewhere in the world, an earthquake will occur in
> the moment someone starts their computer. The computer, however, did not
> cause the earthquake to happen.
>
> There is a wonderful book called "Spurious Correlations". It makes fun of
> exactly this problem.
>
> Best regards
> Tobias Frei
>
>
>
> On Fri, Feb 2, 2018, 19:40 <> james.john.jo...@tutanota.com> > wrote:
>
>> >> Excuse me - I have joined this group to discuss what may have
>> been a 'high end' BIOS attack.
>> I am presuming that this group contains the most knowledgeable people.
>> I need that.
>>
>> While the scenario outlined below is very 'Grand Jeu' I will not be at all
>> surprised to learn that you believe this to be a hack.
>>
>> ---------------------------------------
>>
>> This is exactly what happened:
>>
>> Laptop circa 2011 (bios date)
>> AMD DCP C-50
>> Tails 3.5 loaded from a USB drive
>>
>> At a friends - laptop on the table in kitchen (pre-arranged over the phone).
>> Workmen are doing jobs.
>> (The IP box can give the WiFi connection at the press of a button) ;)
>>
>> A Libre Office doc saved in the session - other docs saved on a mounted
>> removable drive.
>>
>> One worker comes in the kitchen - he starts tapping away on his mobile (just
>> 3 meters away).
>>
>> Note - he has no need to be in the kitchen to get a signal - the walls are
>> thick, so outside would be better (if you don't have the wifi code).
>>
>> He makes a final tap, and walks... and my pc shuts down.
>> Some code appeared, but it shut down.
>>
>> Obviously it could be coincidental; but I'm sick of frigging coincidences.
>> The shutdown was simultaneous to his final tap on his mobile.
>>
>> ---------------------------------------------
>>
>> Post reboot - no apparent problems, other than it seemed to take slightly
>> longer to log into accounts.
>> I carried out my communications.
>>
>> A day later, I posted an email to >> tails-support-priv...@boum.org>> (on
>> this question).
>> I received no reply.
>>
>> Researched BIOS attacks, and checked my bios version.
>> https://www.schneier.com/blog/archives/2015/03/bios_hacking.html
>>
>> Talk of :
>> "Their exploit turns down existing protections in place to prevent
>> re-flashing of the firmware, enabling the implant to be inserted and
>> executed.
>> The devious part of their exploit is that they've found a way to insert
>> their agent into System Management Mode, which is used by firmware and runs
>> separately from the operating system, managing various hardware controls.
>> System Management Mode also has access to memory, which puts supposedly
>> secure operating systems such as Tails in the line of fire of the implant."
>>
>>
>>
>>
>> Also:
>>
>> "The method used to get at the BIOS then allows the likes of GCHQ et al to
>> get at other modifiable ROM in the likes of HDs, Sound Chips, Network cards
>> and other "below the OS" areas.
>> Having done this they can then put the main BIOS back the way it was, so
>> that it's harder to find what they have been up to."
>>
>> ---------------------------------------------
>>
>>
>> Rebooted to Tails.
>> Tails warns: can't check for upgrades.
>>
>> Tutanota mailbox warns: Couldn't connect to server - it seems like you are
>> offline.
>> But I was online, and could see my mailbox.
>> ---------------------------------------------
>>
>> First thing is:
>> Have you received this mail?
>> Could someone respond, to confirm this?
>>
>> Does it seem likely that I have been hacked?
>> Is there any way of knowing eg. running tests?
>> If it has been hacked - is the laptop now unusable?
>> If I was hacked - have they got everything that I've done since that point
>> (and the data off my drives)?
>>
>> I'm cool either way.
>> What's done is done; but I'd rather know
>>
>> BTW, I tried to get a riseup email, but it kept demanding an invite code.
>> Anyway, I figured that I first need to check with you guys re my current
>> status, before doing anything else.
>>
>> Thanks :)
>>
>> --
>> Securely sent with Tutanota. Claim your encrypted mailbox today!
>> https://tutanota.com>> >> _______________________________________________
>> Tails-dev mailing list
>> Tails-dev@boum.org
>> https://mailman.boum.org/listinfo/tails-dev
>> To unsubscribe from this list, send an empty email to >>
>> tails-dev-unsubscr...@boum.org>> .
_______________________________________________
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to
tails-dev-unsubscr...@boum.org.
