Threat Model: Parents

Honza Klokanek Sipek klokanek at eldar.cz
Sun May 31 20:20:58 PDT 2015 

Remark: Just wonder how many later hackers started by bypassing
parental/school network limits.  Strict rules are just encouraging the right
education.

With limited budget is also not a bad idea to collect the components and other
'computer waste' from luckier friends and build an own computer for free.

Kids will always win. At least in the long run. ;-)



Sun, May 31, 2015 at 08:14:10PM -0600, Mirimir pise:
> OK, stealth is the only option. The first requirement is a safe place
> for communicating, researching, and downloading stuff. Doing that on a
> compromised machine is most likely pointless.
> 
> I know nothing about parental monitoring software. But one could get a
> good sense of its universe from searching.[0] Task Manager shows what's
> running, but Process Explorer is much more informative.[1] It doesn't
> require installation, or admin rights to run, and one can run it from a
> USB flash drive. Its use will be logged, of course, but at least it
> won't show up as an installed program.
> 
> Right click on processes of interest, and select Properties. The
> Environment tab shows where logs etc might be found. The TCP/IP tab
> shows network activity and remote IPs/hosts.
> 
> If there is stuff that requires admin rights to see, and there is some
> private time, booting with a Linux LiveCD would be useful. makeuseof
> recommends Hiren’s BootCD, The Ultimate Boot CD, and Knoppix.[2]
> 
> If there's no evidence of sophisticated efforts, it might be worth using
> Portable VirtualBox[3,4] and a Ubuntu VM with LUKS.[5] However, using
> Portable VirtualBox would likely require admin rights to install
> drivers. It's fairly trivial to get admin rights in Windows.[6] And one
> could reverse all changes after installing drivers needed for Portable
> VirtualBox. But consequences of discovery might be painful.
> 
> [to be continued]
> 
> [0]
> https://search.disconnect.me/searchTerms/serp?search=46415e34-ef20-48fd-96b3-4ab927edf312
> [1] https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
> [2] http://www.makeuseof.com/tag/5-best-rescue-disks-windows-system-restore/
> [3] http://www.vbox.me/
> [4]
> http://www.howtogeek.com/188142/use-portable-virtualbox-to-take-virtual-machines-with-you-everywhere/
> [5] http://mirror.pnl.gov/releases/14.04/ubuntu-14.04.2-desktop-i386.iso
> [6]
> http://www.pcworld.com/article/2039773/regain-your-pcs-administrator-rights-even-if-you-dont-have-the-password.html
> 

-- 
..<(o)>..klokanek..............................................
     (honza sipek) * klokanek (zavinac) eldar (tecka) cz 
        skype: brouci.tykadylko * gsm: +420 776 817 817 
..................................... . ..        ..   . .  
klokankova homepage >------------------------> http://eldar.cz/kangaroo

More information about the cypherpunks mailing list