Fwd: [tor-talk] How does one remove the NSA Virus off the BIOS Chip as described by Snowden in the ANT Program
it should be noted that BIOS exports contain device identifiers, like HDD serials and so forth... ---------- Forwarded message ---------- From: coderman <coderman@gmail.com> Subject: Re: [tor-talk] How does one remove the NSA Virus off the BIOS Chip as described by Snowden in the ANT Program On 11/21/15, Flipchan <flipchan@riseup.net> wrote:
I would like to help in anyway i can , i'm currently developing an anti virus and auditing multi platform program , So if u can find out/copy all the viruses the nsa have given You and send it i would love to help on detecting and protecting ppl from it :)
you say "find out, copy all" like it's so easy, *grin* here's some fun for you: https://peertech.org/files/taobios-v2.tar.bz2 $ sha256sum taobios-v2.tar.bz2 0ba12b0ecf89d109301b619cbc8275e5cd78b6fefd3724fba0b6952186e37779 interesting details in both samples! ( L2 is config only PDoS via UEFI BIOS :) best regards,
On Sun, Dec 6, 2015 at 6:04 AM, coderman <coderman@gmail.com> wrote:
here's some fun for you: https://peertech.org/files/taobios-v2.tar.bz2
https://www.ssllabs.com/ssltest/analyze.html?d=peertech.org Today's fun has been jacked by the NSA ;)
grarpamp wrote:
On Sun, Dec 6, 2015 at 6:04 AM, coderman <coderman@gmail.com> wrote:
here's some fun for you: https://peertech.org/files/taobios-v2.tar.bz2 https://www.ssllabs.com/ssltest/analyze.html?d=peertech.org Today's fun has been jacked by the NSA ;)
This is really 'above my pay grade' but the only thing I saw of concern (besides lack of *some* support in *some* instances for certain browser/os combos) is:
Chain issues Contains anchor #2 Subject Go Daddy Secure Certificate Authority - G2
Besides the onus of Go Daddy certifying you, my searching doesn't show the above issue is a real problem, unless you're task is sever efficiency. So I guess I need an explanation of "Today's fun has been jacked by the NSA ;)" -- RR "You might want to ask an expert about that - I just fiddled around with mine until it worked..."
On Tue, Dec 8, 2015 at 11:27 AM, Rayzer <Rayzer@riseup.net> wrote:
So I guess I need an explanation of "Today's fun has been jacked by the NSA ;)"
Well it was an "F" grade so either it's fixed now or someone was jacking it along the way.
The poor score was the result of SSLv3 being enabled. -Travis On Tue, Dec 8, 2015 at 11:53 AM, grarpamp <grarpamp@gmail.com> wrote:
On Tue, Dec 8, 2015 at 11:27 AM, Rayzer <Rayzer@riseup.net> wrote:
So I guess I need an explanation of "Today's fun has been jacked by the NSA ;)"
Well it was an "F" grade so either it's fixed now or someone was jacking it along the way.
-- Twitter <https://twitter.com/tbiehn> | LinkedIn <http://www.linkedin.com/in/travisbiehn> | GitHub <http://github.com/tbiehn> | TravisBiehn.com <http://www.travisbiehn.com> | Google Plus <https://plus.google.com/+TravisBiehn>
On Tue, Dec 8, 2015 at 8:53 AM, grarpamp <grarpamp@gmail.com> wrote:
... Well it was an "F" grade so either it's fixed now or someone was jacking it along the way.
sir, my military grade crypto is NSA-proof forever and ever, amen. ;P
participants (4)
-
coderman -
grarpamp -
Rayzer -
Travis Biehn