Fwd: [tor-talk] How does one remove the NSA Virus off the BIOS Chip as described by Snowden in the ANT Program
it should be noted that BIOS exports contain device identifiers, like
HDD serials and so forth...
---------- Forwarded message ----------
From: coderman
I would like to help in anyway i can , i'm currently developing an anti virus and auditing multi platform program , So if u can find out/copy all the viruses the nsa have given You and send it i would love to help on detecting and protecting ppl from it :)
you say "find out, copy all" like it's so easy, *grin* here's some fun for you: https://peertech.org/files/taobios-v2.tar.bz2 $ sha256sum taobios-v2.tar.bz2 0ba12b0ecf89d109301b619cbc8275e5cd78b6fefd3724fba0b6952186e37779 interesting details in both samples! ( L2 is config only PDoS via UEFI BIOS :) best regards,
On Sun, Dec 6, 2015 at 6:04 AM, coderman
here's some fun for you: https://peertech.org/files/taobios-v2.tar.bz2
https://www.ssllabs.com/ssltest/analyze.html?d=peertech.org Today's fun has been jacked by the NSA ;)
grarpamp wrote:
On Sun, Dec 6, 2015 at 6:04 AM, coderman
wrote: here's some fun for you: https://peertech.org/files/taobios-v2.tar.bz2 https://www.ssllabs.com/ssltest/analyze.html?d=peertech.org Today's fun has been jacked by the NSA ;)
This is really 'above my pay grade' but the only thing I saw of concern (besides lack of *some* support in *some* instances for certain browser/os combos) is:
Chain issues Contains anchor #2 Subject Go Daddy Secure Certificate Authority - G2
Besides the onus of Go Daddy certifying you, my searching doesn't show the above issue is a real problem, unless you're task is sever efficiency. So I guess I need an explanation of "Today's fun has been jacked by the NSA ;)" -- RR "You might want to ask an expert about that - I just fiddled around with mine until it worked..."
On Tue, Dec 8, 2015 at 11:27 AM, Rayzer
So I guess I need an explanation of "Today's fun has been jacked by the NSA ;)"
Well it was an "F" grade so either it's fixed now or someone was jacking it along the way.
The poor score was the result of SSLv3 being enabled.
-Travis
On Tue, Dec 8, 2015 at 11:53 AM, grarpamp
On Tue, Dec 8, 2015 at 11:27 AM, Rayzer
wrote: So I guess I need an explanation of "Today's fun has been jacked by the NSA ;)"
Well it was an "F" grade so either it's fixed now or someone was jacking it along the way.
-- Twitter https://twitter.com/tbiehn | LinkedIn http://www.linkedin.com/in/travisbiehn | GitHub http://github.com/tbiehn | TravisBiehn.com http://www.travisbiehn.com | Google Plus https://plus.google.com/+TravisBiehn
On Tue, Dec 8, 2015 at 8:53 AM, grarpamp
... Well it was an "F" grade so either it's fixed now or someone was jacking it along the way.
sir, my military grade crypto is NSA-proof forever and ever, amen. ;P
participants (4)
-
coderman
-
grarpamp
-
Rayzer
-
Travis Biehn