Government snooping, backdoors and #necessaryhashtags - Page 34

xilman · 2014-02-04, 10:35

Jean-Jacques Quisquater (allegedly) has had malware of NSA/GCHQ origin installed on his machine.

If you don't know who JJQ is, Google and/or Wikipedia is your friend.

kladner · 2014-02-04, 13:11

Quote:

Originally Posted by xilman

Jean-Jacques Quisquater (allegedly) has had malware of NSA/GCHQ origin installed on his machine.

If you don't know who JJQ is, Google and/or Wikipedia is your friend.

More.....
http://www.techweekeurope.co.uk/news...attacks-137990

ewmayer · 2014-02-04, 22:29

Quote:

Originally Posted by kladner

More.....
http://www.techweekeurope.co.uk/news...attacks-137990

Sounds like JJQ simply fell prey to a run-of-the-mill phish:

Quote:

t’s understood [Quisqauter's] machine was infected in September 2013 after he clicked on a fake LinkedIn request over email, leading to malware infecting his PC, allowing the attackers to scoop up his metadata.

It never ceases to amaze/dismay me how many otherwise-very-knowledgeable people still haven't learned (or learned to make habitual) the simple anti-phishing expedient of "hover cursor over link and examine url before clicking anything".

But, hey, it happens - no need to go invoking grand government conspiracies (which is not to say such do not exist). Paul, your beloved "never ascribe to malice" aphorism comes to mind, although in this case substituting "lapse in judgment" for "incompetence".

retina · 2014-02-05, 01:49

Quote:

Originally Posted by ewmayer

It never ceases to amaze/dismay me how many otherwise-very-knowledgeable people still haven't learned (or learned to make habitual) the simple anti-phishing expedient of "hover cursor over link and examine url before clicking anything".

JavaScript took care of that by faking the status bar text so the user never knows where the real link goes unless they carefully examine the source (or, more sensibly, disabled JS (why does the latest FF make so difficult for ordinary users to disable JS? FFS!)).

ewmayer · 2014-02-05, 03:35

Quote:

Originally Posted by retina

JavaScript took care of that by faking the status bar text so the user never knows where the real link goes unless they carefully examine the source (or, more sensibly, disabled JS (why does the latest FF make so difficult for ordinary users to disable JS? FFS!)).

Does the above JS exploit also allow spoofing of link hovertext?

Your frustration with FF sounds distressingly par for the course of late ... I've frozen my FF at version 22 - after Mozilla force-enabled image display in v23 I decided I'd rather not have any more of their "latest innovations", thanks very much. Dunno if FF has changed w.r.to JS, but I continue to be quite happy with the NoScript add-on.

Mind you, most phish-mail I view using Apple Mail, but I've yet to come across a suspect message (e.g. which has been junked by the mail client, more rarely but also a-priori-obviously it ends up in my Inbox but is from a spoofed BigCorp I am not even a customer of) whose links appear to be legit but which does not also have the language typical of a legit mail, i.e. "You may log in to your account to view more details and take the required actions."

Paul, you wouldn't happen to know JJQ personally, would you? I'd love to peruse a copy of the mail which snared him.

retina · 2014-02-05, 03:59

Quote:

Originally Posted by ewmayer

Does the above JS exploit also allow spoofing of link hovertext?

Link hover text (if you mean what I think you mean) is the alt tag which can be any arbitrary text the sender wants to make it. But to answer your question, yes, JS can also alter this afterwards. In fact JS can rewrite the entire page if it desires and change any tag, text or link to something else. JS is both powerful and dangerous.

Brian-E · 2014-02-05, 10:16

As well as the danger of clicking something which isn't what it seems, there is also the very real danger of performing a mouse click when this is unintended, perhaps while hovering the cursor over a link to investigate it as Ernst describes, whether or not the destination of the link has been faked as described by Retina. This was brought home to me a few days ago when using Firefox on a laptop with a built-in mouse pad. I was quite alarmed to notice that if I inadvertently applied a sudden light pressure with my finger on the mouse pad (which I am used to using to position the cursor), it would be interpreted as a mouse click (which I am normally used to performing with the buttons below the pad). Quite insidious!

kladner · 2014-02-05, 12:32

I have yet to encounter a built-in laptop pointing device which I like. I find touch pads particularly irritating. However, the ones I have dealt with, IIRC, could disable tap-to-click.

LaurV · 2014-02-05, 12:57

The Latitudes E6(?)xx (those which have all 4 devices, including the IBM's "electronic clitoris") can do that, you can disable any of the devices, or any of the functions, and they have functional key to do that. I have one from the company, quite nice when you type.

retina · 2014-02-05, 13:05

Quote:

Originally Posted by LaurV

... the intel's "electronic clitoris"

I had to look this up because I couldn't find anything related to Intel. I know the Thinkpads have it and HP also, but are you sure that Intel makes these?

A link for those curious: https://en.wikipedia.org/wiki/Pointing_stick

LaurV · 2014-02-05, 13:09

IMB. Sorry. Hurry. Not intel.

[edit: exactly, the one you linked, although someone needs to read the page up to the end, to get the point(ing)]

2014-02-04, 10:35	#364
xilman Bamboozled! "𒉺𒌌𒇷𒆷𒀭" May 2003 Down not across 2×5,393 Posts	The buggers now targetting data security professors? Jean-Jacques Quisquater (allegedly) has had malware of NSA/GCHQ origin installed on his machine. If you don't know who JJQ is, Google and/or Wikipedia is your friend. Last fiddled with by xilman on 2014-02-04 at 10:39

2014-02-05, 10:16	#370
Brian-E "Brian" Jul 2007 The Netherlands CC5₁₆ Posts	As well as the danger of clicking something which isn't what it seems, there is also the very real danger of performing a mouse click when this is unintended, perhaps while hovering the cursor over a link to investigate it as Ernst describes, whether or not the destination of the link has been faked as described by Retina. This was brought home to me a few days ago when using Firefox on a laptop with a built-in mouse pad. I was quite alarmed to notice that if I inadvertently applied a sudden light pressure with my finger on the mouse pad (which I am used to using to position the cursor), it would be interpreted as a mouse click (which I am normally used to performing with the buttons below the pad). Quite insidious! Last fiddled with by Brian-E on 2014-02-05 at 10:17

2014-02-05, 12:57	#372
LaurV Romulan Interpreter Jun 2011 Thailand 10010111000000₂ Posts	The Latitudes E6(?)xx (those which have all 4 devices, including the IBM's "electronic clitoris") can do that, you can disable any of the devices, or any of the functions, and they have functional key to do that. I have one from the company, quite nice when you type. Last fiddled with by LaurV on 2014-02-05 at 13:09 Reason: s/intel/IMB grrr

2014-02-05, 13:09	#374
LaurV Romulan Interpreter Jun 2011 Thailand 2⁶×151 Posts	IMB. Sorry. Hurry. Not intel. [edit: exactly, the one you linked, although someone needs to read the page up to the end, to get the point(ing)] Last fiddled with by LaurV on 2014-02-05 at 13:17

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
I'm rich AND on a government check.	jasong	jasong	18	2013-08-12 18:21
How does proper government manifest in regulation?	cheesehead	Soap Box	10	2011-04-17 02:29

2014-02-05, 12:32	#371
kladner "Kieren" Jul 2011 In My Own Galaxy! 2×3×1,693 Posts	I have yet to encounter a built-in laptop pointing device which I like. I find touch pads particularly irritating. However, the ones I have dealt with, IIRC, could disable tap-to-click.