[ars] Android "Strandhogg" Vulnerability being Exploited - Page 3 - Overclock.net - An Overclocking Community
Forum Jump: 

[ars] Android "Strandhogg" Vulnerability being Exploited

Reply
 
Thread Tools
post #21 of 53 (permalink) Old 12-04-2019, 07:45 PM
What goes here?
 
speed_demon's Avatar
 
Join Date: Nov 2006
Location: Wisconsin
Posts: 1,938
Rep: 103 (Unique: 81)
Pshh If you aren't browsing email on an airgapped machine fed via morse code from another PC's case fan are you even trying at all?

Might want to google it. The morse code-via-case-fan that is. It was a tool an AI used to gain access to a web connected PC in the same room while it was itself airgapped. Spoooooky stuff.

Quis custodiet ipsos custodes?


speed_demon is online now  
Sponsored Links
Advertisement
 
post #22 of 53 (permalink) Old 12-04-2019, 07:48 PM
LTSC Consiglieri
 
skupples's Avatar
 
Join Date: Apr 2012
Location: Fort Lauderdale
Posts: 22,516
Rep: 658 (Unique: 351)
Quote: Originally Posted by xJumper View Post
Root and/or custom rom, and you can get a full fledged permission manager. Let apps access all the data they way so they run and then actually block them on the back end or feed them fake data. Using roms you get the latest security patchs too, I get every months ASP from Google and if you choose a good vendor like Oneplus they provide manufacturer security updates every 3 months or so.


Running stock OEM phones from Verizone/AT&T leaves you as a sitting duck.



Scratch that, all calls/messages through Signal, GPS through OSMAnd and browsing only.

Using email on your phone is asking to get owned, email should be a one trick pony you only use on your main hardened security home base rig. If an attack takes control of your main email address it's game over.
that sounds like effort. never setting up your phone beyond basic function = least effort. there's email on phone #2 cuz it's my work's exchange server that i maintain, gotta make sure its working

R.I.P. Zawarudo, may you OC angels' wings in heaven.
If something appears too good to be true, it probably is.
Best R0ach Quote of all time : TLDR: Haswell might be the last legit gaming platform unless mice get their own non-USB interface on some newer architecture.

Last edited by skupples; 12-04-2019 at 07:53 PM.
skupples is offline  
post #23 of 53 (permalink) Old 12-04-2019, 07:56 PM
professional curmudgeon
 
looniam's Avatar
 
Join Date: Apr 2009
Posts: 9,911
Rep: 810 (Unique: 457)
stop. your preaching to the choir. its been shown that coil whine is actually an unknown tracking beacon.

i mean people are so dumb, just because it doesn't sound familiar they have no idea its another form of communication.

we're screwed.

Remember the golden rule of statistics: A personal sample size of one is a sufficient basis upon which to draw universal conclusions.
Upload the computer to Dropbox and provide a link to it so others may download it to examine and give advice for repairs.
loon 3.2
(18 items)
CPU
i7-3770K
Motherboard
Asus P8Z77-V Pro
GPU
EVGA 980TI SC+
RAM
16Gb PNY ddr3 1866
Hard Drive
PNY 1311 240Gb
Hard Drive
1 TB Seagate
Hard Drive
3 TB WD Blue
Optical Drive
DVD DVDRW+/-
Power Supply
EVGA SuperNova 750 G2
Cooling
EKWB P280 kit
Cooling
EK-VGA supremacy
Case
Stryker M [hammered and drilled]
Operating System
Win X
Monitor
LG 24MC57HQ-P
Keyboard
Ducky Zero [blues]
Mouse
corsair M65
Audio
SB Recon3D
Audio
Klipsch ProMedia 2.1
▲ hide details ▲


looniam is offline  
Sponsored Links
Advertisement
 
post #24 of 53 (permalink) Old 12-05-2019, 01:44 AM
New to Overclock.net
 
8051's Avatar
 
Join Date: Apr 2014
Posts: 3,199
Rep: 27 (Unique: 21)
Quote: Originally Posted by xJumper View Post
Root and/or custom rom, and you can get a full fledged permission manager. Let apps access all the data they way so they run and then actually block them on the back end or feed them fake data. Using roms you get the latest security patchs too, I get every months ASP from Google and if you choose a good vendor like Oneplus they provide manufacturer security updates every 3 months or so.

Running stock OEM phones from Verizone/AT&T leaves you as a sitting duck.

Scratch that, all calls/messages through Signal, GPS through OSMAnd and browsing only.

Using email on your phone is asking to get owned, email should be a one trick pony you only use on your main hardened security home base rig. If an attack takes control of your main email address it's game over.
If you wrote a book on how to root your phone or load up a custom ROM on your phone and then secure it I'd buy it.

I once saw an interview w/Snowden (the NSA leaker I believe). He said he modified his phone so that he could physically remove the microphone from the PCB.
8051 is offline  
post #25 of 53 (permalink) Old 12-05-2019, 01:44 AM
New to Overclock.net
 
8051's Avatar
 
Join Date: Apr 2014
Posts: 3,199
Rep: 27 (Unique: 21)
Android sounds like its the OS you can't help but not trust. Maybe I'll be buying apple from here on out.
8051 is offline  
post #26 of 53 (permalink) Old 12-05-2019, 02:11 AM
Performance is the bible
 
Join Date: Apr 2009
Posts: 6,847
Rep: 439 (Unique: 303)
Quote: Originally Posted by 8051 View Post
Android sounds like its the OS you can't help but not trust. Maybe I'll be buying apple from here on out.
I assume you are very sarcastic.
This is OCN. Buying apple is forbidden.


Defoler is offline  
post #27 of 53 (permalink) Old 12-05-2019, 06:28 AM
Overclocker in training
 
ThrashZone's Avatar
 
Join Date: Apr 2017
Location: Texas
Posts: 9,616
Rep: 132 (Unique: 85)
Quote: Originally Posted by 8051 View Post
Android sounds like its the OS you can't help but not trust. Maybe I'll be buying apple from here on out.
Hi,
Yep android has all the crack apps too so go figure the google store rocks
I've always used iphone they just work and I'm on an old one.

CPU
i9-9940x With Optimus Foundation copper-plexi and Heatkiller VRM Plexi-Copper water block
Motherboard
ASUS x299 Rampage VI Apex
GPU
Titan Xp with copper Water Block
RAM
Trident Z 3600C16 4x8gb's b-die default timings 16-16-16-36
Hard Drive
Samsung 970 Evo Plus 500gb M.2/ Samsung 850 Pro 256gb for os and 500gb evo for favorite games plus other wd hdd's for data and backup's
Optical Drive
LG Blu-Ray WH16NS40
Power Supply
evga 1200-P2
Cooling
2-280GTX Black Ice Nemesis rads with D5 pump-res combo and D5 top before and after rads.
Case
corsair 450D with added 2nd floor to house radiator on top
Operating System
Win-7 pro & 10 pro Win-7 Primary os.
Monitor
ASUS VG248QE 24" 144Hz
Keyboard
Logitech G910 Orion spectrum
Mouse
Redragon Perdition
Audio
Built in realtek and Insignia 2.0 soundbar HSB318
Other
5.0/https://valid.x86.fr/ez2ifr
CPU
i7-5930k with Heatkiller IV Pro Plexi-Copper and koolance vrm water blocks
Motherboard
X99 Sabertooth
GPU
EVGA 1080ti FTW3 with Water block
RAM
Trident-Z 3200C14 4x8gb's b-die default timings 14-14-14-34
Hard Drive
Samsung 970 Evo 500gb M.2/ Samsung 850 Pro 256gb for os and 500gb evo for favorite games plus other wd hdd's for data and backup's
Power Supply
EVGA 1000-P2
Cooling
2-240 GTX Black Ice Nemesis rads/ D5 pump-res combo and D5 top before and after rads.
Case
Corsair 450D with added 2nd floor to house radiator on top
Operating System
Win-7 and 10 pro Win-7 Primary os.
Monitor
AOC G2460PG 24"G-Sync 144Hz
Mouse
Red Dragon Perdition
Audio
Built in realtek and Insignia 2.0 soundbar HSB318
Hard Drive
eLeaf MELO-3 4ml
Power Supply
SE US18650VTC6 3120mAh 30A 3.6V 18650 Li-ion Battery - GREENx4
Case
ANGIS Legion MOD 200w Geek Vape
Operating System
VapeWild RazzleBerry 50-50-0mg nic
▲ hide details ▲
ThrashZone is online now  
post #28 of 53 (permalink) Old 12-05-2019, 07:38 AM
What goes here?
 
speed_demon's Avatar
 
Join Date: Nov 2006
Location: Wisconsin
Posts: 1,938
Rep: 103 (Unique: 81)
Quote: Originally Posted by 8051 View Post
If you wrote a book on how to root your phone or load up a custom ROM on your phone and then secure it I'd buy it.

I once saw an interview w/Snowden (the NSA leaker I believe). He said he modified his phone so that he could physically remove the microphone from the PCB.
That would be a one or two day book to write. Maybe I should write one too and we can have competing security books.

I'm running a rooted & heavily cut down stock ROM on my Nexus 6p. I've got it just the way I like it with apps having next to no permissions for anything which only takes an hour or so to accomplish.

A tip for you - the "Simple Camera" & "Simple Notes" apps on the play store are halfway decent, along with most other apps from that creator. You can also get the .APK's elsewhere if you want to leave the play store off the device like I've done in the past.

Not a big deal to add a switch in line for the mic. Or have a cutout to make removing the mic's ribbon cable easier. Or just rip the thing off the pcb if you want to go for finesse.

Now I'm wondering what type of headphone the NSA/CIA is using to listen in on these convos. I know the government pinches pennies when it comes to military spending, so I hope they don't make those poor agents wear dollar store earbuds all day.

Quis custodiet ipsos custodes?


speed_demon is online now  
post #29 of 53 (permalink) Old 12-05-2019, 07:44 AM
LTSC Consiglieri
 
skupples's Avatar
 
Join Date: Apr 2012
Location: Fort Lauderdale
Posts: 22,516
Rep: 658 (Unique: 351)
i mean, the ear plugs they used during Iraq/Afghan war have been recalled, cuz they didn't work AND actually helped you go deaf faster

(the double sided re-usables)

R.I.P. Zawarudo, may you OC angels' wings in heaven.
If something appears too good to be true, it probably is.
Best R0ach Quote of all time : TLDR: Haswell might be the last legit gaming platform unless mice get their own non-USB interface on some newer architecture.
skupples is offline  
post #30 of 53 (permalink) Old 12-05-2019, 08:14 AM
What goes here?
 
speed_demon's Avatar
 
Join Date: Nov 2006
Location: Wisconsin
Posts: 1,938
Rep: 103 (Unique: 81)
Yep. My buddy says the VA added insult to the injury by telling anyone with hearing problems their issues weren't service related.

I remember working on a tug boat being built and it had lots and lots of ambient noise in a confined space - either you wore the ear plugs and risked getting whacked with building materials because you are tuned out of the situation, or you left them off and went home with ringing in the ears every night.

Quis custodiet ipsos custodes?


speed_demon is online now  
Reply

Quick Reply
Message:
Options

Register Now

In order to be able to post messages on the Overclock.net - An Overclocking Community forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
If you do not want to register, fill this field only and the name will be used as user name for your post.
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:

Log-in



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page


Forum Jump: 

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off