On Mon, 01 Dec 2008 22:09:56 -0500, jayjwa wrote:

> File under "Chilling Effects" dept.
>
> http://news.bbc.co.uk/2/hi/technology/7758127.stm
>
>
> The RSS feed comment says "Police forces will be remotely searching hard
> drives

How is that done? If someone is a suspect, do they somehow infect his
computer with a virus that allows the hard drive to be remotely searched?

How would they do that? Would they send him emails with subjects like:
'Someone Has Sent You A Happy Greeting'? And hope he clicks on the
attachment?

Or does his OS have a back door?

And what about virus-searching software, and programs like BO Clean?
Won't they detect the virus, or stop it from running? Well, no, those
only work if the virus is 'in the wild', that is, if the police have
already finished using it to gather information and have made it public.
So Boclean and other anti-virus products are useless.

I'd bet that half the viruses 'in the wild' were created by LEAs for the
purpose of searching computers. The constant drumbeat about stolen credit
cards and 'identity theft' is good cover for what is probably the real
activity more often than not. Heck, half the 'criminal cyber-gangs' in
Estonia are probably cops.

My guess is that after telling us that remote searches will take place
because of kiddieporn, the next step is to add 'terrorism' as well,
describing how we may all be unwitting carriers of encrypted terrorist
messages, etc., and must do our part and let our machines be searched.

And, for the finale, it will be explained how Windows has patriotically
cooperated with the fbi and interpol, and allowed them back-door access
to windows systems.

Nomen Nescio wrote:

> On Mon, 01 Dec 2008 22:09:56 -0500, jayjwa wrote:
>
> > File under "Chilling Effects" dept.
> >
> > http://news.bbc.co.uk/2/hi/technology/7758127.stm
> >
> >
> > The RSS feed comment says "Police forces will be remotely searching hard
> > drives
>
> How is that done? If someone is a suspect, do they somehow infect his
> computer with a virus that allows the hard drive to be remotely searched?
>
> How would they do that? Would they send him emails with subjects like:
> 'Someone Has Sent You A Happy Greeting'? And hope he clicks on the
> attachment?
>
> Or does his OS have a back door?
>
> And what about virus-searching software, and programs like BO Clean?
> Won't they detect the virus, or stop it from running? Well, no, those
> only work if the virus is 'in the wild', that is, if the police have
> already finished using it to gather information and have made it public.
> So Boclean and other anti-virus products are useless.

That's not true. Much of an anti-malware software's detection
ability is attributable to it spotting activity that's similar to
other virus activity. It's called heuristic detection. Quite
common.

I'd also suspect that in this scenario we wouldn't be dealing with
a virus anyway. Probably more of a root kit. Even easier to detect
than a virus, using heuristic methods (but a little harder to
detect by its "fingerprints".

> I'd bet that half the viruses 'in the wild' were created by LEAs for the

Have your foil beanie sent out for maintenance.

<snip>

Bottom line is: If it makes a change, creates a hole, or generates
any activity at all... it's detectable. Period. Simple math.

And reality and made-for-prime-time movie plots are two different
things.

Of course I could be a government spook hanging out here just to
spread disinformation, right? ROTFL!

On Tue, 02 Dec 2008 21:05:03 +0100, Anonymous Remailer (austria) wrote:

> Nomen Nescio wrote:
>
>> On Mon, 01 Dec 2008 22:09:56 -0500, jayjwa wrote:
>>
>> > File under "Chilling Effects" dept.
>> >
>> > http://news.bbc.co.uk/2/hi/technology/7758127.stm
>> >
>> >
>> > The RSS feed comment says "Police forces will be remotely searching
>> > hard drives
>>
>> How is that done? If someone is a suspect, do they somehow infect his
>> computer with a virus that allows the hard drive to be remotely
>> searched?
>>
>> How would they do that? Would they send him emails with subjects like:
>> 'Someone Has Sent You A Happy Greeting'? And hope he clicks on the
>> attachment?
>>
>> Or does his OS have a back door?
>>
>> And what about virus-searching software, and programs like BO Clean?
>> Won't they detect the virus, or stop it from running? Well, no, those
>> only work if the virus is 'in the wild', that is, if the police have
>> already finished using it to gather information and have made it
>> public. So Boclean and other anti-virus products are useless.
>
> That's not true. Much of an anti-malware software's detection ability is
> attributable to it spotting activity that's similar to other virus
> activity. It's called heuristic detection. Quite common.

Maybe so, but boclean, for example, relies on signatures that are updated
- when the virus is 'in the wild' - not when the programmer knows about
their existence. This is from Nancy Macaleavey. Maybe it is different now.

>
> I'd also suspect that in this scenario we wouldn't be dealing with a
> virus anyway. Probably more of a root kit. Even easier to detect than a
> virus, using heuristic methods (but a little harder to detect by its
> "fingerprints".
>
>> I'd bet that half the viruses 'in the wild' were created by LEAs for
>> the
>
> Have your foil beanie sent out for maintenance.

Don't be a naive ass. What is so hard to believe about government
agencies using viruses to target computers?