Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Ship it.

tech / sci.electronics.design / OT: iron spam!

SubjectAuthor
* OT: iron spam!Don Y
+- Re: OT: iron spam!bitrex
+* Re: OT: iron spam!Fred Bloggs
|`* Re: OT: iron spam!Don Y
| `* Re: OT: iron spam!Fred Bloggs
|  `* Re: OT: iron spam!Don Y
|   `* Re: OT: iron spam!Fred Bloggs
|    +* Re: OT: iron spam!bitrex
|    |`* Re: OT: iron spam!Fred Bloggs
|    | `* Re: OT: iron spam!bitrex
|    |  `- Re: OT: iron spam!Clifford Heath
|    `- Re: OT: iron spam!jlarkin
`* Re: OT: iron spam!Spehro Pefhany
 `- Re: OT: iron spam!Don Y

1
OT: iron spam!

<s8ij8q$p2p$1@dont-email.me>

  copy mid

https://www.novabbs.com/tech/article-flat.php?id=63846&group=sci.electronics.design#63846

  copy link   Newsgroups: sci.electronics.design
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: blockedo...@foo.invalid (Don Y)
Newsgroups: sci.electronics.design
Subject: OT: iron spam!
Date: Tue, 25 May 2021 03:24:23 -0700
Organization: A noiseless patient Spider
Lines: 5
Message-ID: <s8ij8q$p2p$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 25 May 2021 10:24:27 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="7979a0636c8b1ac9f553911590efb866";
logging-data="25689"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX192bPw1e2cPCFlQyR3S6AQj"
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
Thunderbird/52.1.1
Cancel-Lock: sha1:j5Qy6I0PZyfSshLTOJC6320OjwE=
Content-Language: en-US
X-Mozilla-News-Host: news://news.eternal-september.org:119
 by: Don Y - Tue, 25 May 2021 10:24 UTC

If true, this would actually be pretty clever!

<https://www.bbc.co.uk/news/blogs-news-from-elsewhere-24707337>

(stumbled upon while looking for something completely different!)

Re: OT: iron spam!

<NNurI.448670$ST2.45687@fx47.iad>

  copy mid

https://www.novabbs.com/tech/article-flat.php?id=63936&group=sci.electronics.design#63936

  copy link   Newsgroups: sci.electronics.design
Path: i2pn2.org!i2pn.org!paganini.bofh.team!news.dns-netz.com!news.freedyn.net!newsfeed.xs4all.nl!newsfeed7.news.xs4all.nl!feeder.usenetexpress.com!tr3.eu1.usenetexpress.com!feeder1.feed.usenet.farm!feed.usenet.farm!news-out.netnews.com!news.alt.net!fdc3.netnews.com!peer02.ams1!peer.ams1.xlned.com!news.xlned.com!peer03.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx47.iad.POSTED!not-for-mail
Subject: Re: OT: iron spam!
Newsgroups: sci.electronics.design
References: <s8ij8q$p2p$1@dont-email.me>
From: use...@example.net (bitrex)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.10.2
MIME-Version: 1.0
In-Reply-To: <s8ij8q$p2p$1@dont-email.me>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Lines: 12
Message-ID: <NNurI.448670$ST2.45687@fx47.iad>
X-Complaints-To: abuse@frugalusenet.com
NNTP-Posting-Date: Wed, 26 May 2021 16:35:57 UTC
Organization: frugalusenet - www.frugalusenet.com
Date: Wed, 26 May 2021 12:35:56 -0400
X-Received-Bytes: 1329
 by: bitrex - Wed, 26 May 2021 16:35 UTC

On 5/25/2021 6:24 AM, Don Y wrote:
> If true, this would actually be pretty clever!
>
> <https://www.bbc.co.uk/news/blogs-news-from-elsewhere-24707337>
>
> (stumbled upon while looking for something completely different!)

Ya, I read about something similar with respect to desktop PSUs having
tiny ARM processors hidden in there and you can keep em powered on all
the time so long as the thing is plugged into the wall.

Just buy Corsair, don't be a cheapskate and get the HongHai.

Re: OT: iron spam!

<4a322f3e-f2d4-4a2f-9a4a-55604d523891n@googlegroups.com>

  copy mid

https://www.novabbs.com/tech/article-flat.php?id=63938&group=sci.electronics.design#63938

  copy link   Newsgroups: sci.electronics.design
X-Received: by 2002:a37:f612:: with SMTP id y18mr41828303qkj.436.1622053615146;
Wed, 26 May 2021 11:26:55 -0700 (PDT)
X-Received: by 2002:ac8:7f96:: with SMTP id z22mr35910223qtj.308.1622053614966;
Wed, 26 May 2021 11:26:54 -0700 (PDT)
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!proxad.net!feeder1-2.proxad.net!209.85.160.216.MISMATCH!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: sci.electronics.design
Date: Wed, 26 May 2021 11:26:54 -0700 (PDT)
In-Reply-To: <s8ij8q$p2p$1@dont-email.me>
Injection-Info: google-groups.googlegroups.com; posting-host=2601:5cc:4701:5250:c8eb:b837:d6b8:89f6;
posting-account=iGtwSwoAAABNNwPORfvAs6OM4AR9GRHt
NNTP-Posting-Host: 2601:5cc:4701:5250:c8eb:b837:d6b8:89f6
References: <s8ij8q$p2p$1@dont-email.me>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <4a322f3e-f2d4-4a2f-9a4a-55604d523891n@googlegroups.com>
Subject: Re: OT: iron spam!
From: bloggs.f...@gmail.com (Fred Bloggs)
Injection-Date: Wed, 26 May 2021 18:26:55 +0000
Content-Type: text/plain; charset="UTF-8"
 by: Fred Bloggs - Wed, 26 May 2021 18:26 UTC

On Tuesday, May 25, 2021 at 6:24:32 AM UTC-4, Don Y wrote:
> If true, this would actually be pretty clever!
>
> <https://www.bbc.co.uk/news/blogs-news-from-elsewhere-24707337>
>
> (stumbled upon while looking for something completely different!)

This is probably all true.

The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

And imagine doing something like this after promising Obama they wouldn't!

Re: OT: iron spam!

<s8mhaf$f97$1@dont-email.me>

  copy mid

https://www.novabbs.com/tech/article-flat.php?id=63951&group=sci.electronics.design#63951

  copy link   Newsgroups: sci.electronics.design
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: blockedo...@foo.invalid (Don Y)
Newsgroups: sci.electronics.design
Subject: Re: OT: iron spam!
Date: Wed, 26 May 2021 15:15:30 -0700
Organization: A noiseless patient Spider
Lines: 25
Message-ID: <s8mhaf$f97$1@dont-email.me>
References: <s8ij8q$p2p$1@dont-email.me>
<4a322f3e-f2d4-4a2f-9a4a-55604d523891n@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 26 May 2021 22:15:43 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="283567159b18a78de187e428cf96380e";
logging-data="15655"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+FJQ419Szp/idg7WWVf+ma"
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
Thunderbird/52.1.1
Cancel-Lock: sha1:dbpzyv/kYPILmz82UeT+SBG9AVA=
In-Reply-To: <4a322f3e-f2d4-4a2f-9a4a-55604d523891n@googlegroups.com>
Content-Language: en-US
 by: Don Y - Wed, 26 May 2021 22:15 UTC

On 5/26/2021 11:26 AM, Fred Bloggs wrote:
> On Tuesday, May 25, 2021 at 6:24:32 AM UTC-4, Don Y wrote:
>> If true, this would actually be pretty clever!
>>
>> <https://www.bbc.co.uk/news/blogs-news-from-elsewhere-24707337>
>>
>> (stumbled upon while looking for something completely different!)
>
> This is probably all true.
>
> The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies

In the years since the episode, one would think a TECHNICAL analysis
of the alleged issue would be forthcoming -- instead of pictures of
unmarked components on a PCB the schematic of which isn't available, either.

> And imagine doing something like this after promising Obama they wouldn't!

You expect a server to be used in a corporate setting/datacenter so
it is a *likely* target (shame on anyone who doesn't completely vet their
suppliers!)

The appeal of a "common household appliance" is that it is NOT the sort of
place you would look for stuff like this. Would you suspect your toaster
or garbage disposal of "being an attack vector"?

Re: OT: iron spam!

<71b742e5-2603-4a7c-8c4a-560a5d23d202n@googlegroups.com>

  copy mid

https://www.novabbs.com/tech/article-flat.php?id=63952&group=sci.electronics.design#63952

  copy link   Newsgroups: sci.electronics.design
X-Received: by 2002:a0c:9b96:: with SMTP id o22mr652028qve.23.1622068437107;
Wed, 26 May 2021 15:33:57 -0700 (PDT)
X-Received: by 2002:a05:622a:28f:: with SMTP id z15mr432507qtw.260.1622068436920;
Wed, 26 May 2021 15:33:56 -0700 (PDT)
Path: i2pn2.org!i2pn.org!aioe.org!news.uzoreto.com!news-out.netnews.com!news.alt.net!fdc3.netnews.com!peer01.ams1!peer.ams1.xlned.com!news.xlned.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: sci.electronics.design
Date: Wed, 26 May 2021 15:33:56 -0700 (PDT)
In-Reply-To: <s8mhaf$f97$1@dont-email.me>
Injection-Info: google-groups.googlegroups.com; posting-host=2601:5cc:4701:5250:8cad:3d37:9f98:f5ef;
posting-account=iGtwSwoAAABNNwPORfvAs6OM4AR9GRHt
NNTP-Posting-Host: 2601:5cc:4701:5250:8cad:3d37:9f98:f5ef
References: <s8ij8q$p2p$1@dont-email.me> <4a322f3e-f2d4-4a2f-9a4a-55604d523891n@googlegroups.com>
<s8mhaf$f97$1@dont-email.me>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <71b742e5-2603-4a7c-8c4a-560a5d23d202n@googlegroups.com>
Subject: Re: OT: iron spam!
From: bloggs.f...@gmail.com (Fred Bloggs)
Injection-Date: Wed, 26 May 2021 22:33:57 +0000
Content-Type: text/plain; charset="UTF-8"
X-Received-Bytes: 2600
 by: Fred Bloggs - Wed, 26 May 2021 22:33 UTC

On Wednesday, May 26, 2021 at 6:15:49 PM UTC-4, Don Y wrote:
> On 5/26/2021 11:26 AM, Fred Bloggs wrote:
> > On Tuesday, May 25, 2021 at 6:24:32 AM UTC-4, Don Y wrote:
> >> If true, this would actually be pretty clever!
> >>
> >> <https://www.bbc.co.uk/news/blogs-news-from-elsewhere-24707337>
> >>
> >> (stumbled upon while looking for something completely different!)
> >
> > This is probably all true.
> >
> > The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
> In the years since the episode, one would think a TECHNICAL analysis
> of the alleged issue would be forthcoming -- instead of pictures of
> unmarked components on a PCB the schematic of which isn't available, either.
> > And imagine doing something like this after promising Obama they wouldn't!
> You expect a server to be used in a corporate setting/datacenter so
> it is a *likely* target (shame on anyone who doesn't completely vet their
> suppliers!)
>
> The appeal of a "common household appliance" is that it is NOT the sort of
> place you would look for stuff like this. Would you suspect your toaster
> or garbage disposal of "being an attack vector"?

There are better places like a nightlite, a wallwart, a LED bulb, seems endless variety of doodads permanently plugged into the line and therefor have access to plenty of power.

Re: OT: iron spam!

<s8mm96$ame$1@dont-email.me>

  copy mid

https://www.novabbs.com/tech/article-flat.php?id=63955&group=sci.electronics.design#63955

  copy link   Newsgroups: sci.electronics.design
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: blockedo...@foo.invalid (Don Y)
Newsgroups: sci.electronics.design
Subject: Re: OT: iron spam!
Date: Wed, 26 May 2021 16:40:06 -0700
Organization: A noiseless patient Spider
Lines: 45
Message-ID: <s8mm96$ame$1@dont-email.me>
References: <s8ij8q$p2p$1@dont-email.me>
<4a322f3e-f2d4-4a2f-9a4a-55604d523891n@googlegroups.com>
<s8mhaf$f97$1@dont-email.me>
<71b742e5-2603-4a7c-8c4a-560a5d23d202n@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 26 May 2021 23:40:22 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="283567159b18a78de187e428cf96380e";
logging-data="10958"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18YDCvvkIyEM86QIDlqweUF"
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
Thunderbird/52.1.1
Cancel-Lock: sha1:+VQy5qbCablMjjPHabl85BCcJ5k=
In-Reply-To: <71b742e5-2603-4a7c-8c4a-560a5d23d202n@googlegroups.com>
Content-Language: en-US
 by: Don Y - Wed, 26 May 2021 23:40 UTC

On 5/26/2021 3:33 PM, Fred Bloggs wrote:
> On Wednesday, May 26, 2021 at 6:15:49 PM UTC-4, Don Y wrote:
>> On 5/26/2021 11:26 AM, Fred Bloggs wrote:
>>> On Tuesday, May 25, 2021 at 6:24:32 AM UTC-4, Don Y wrote:
>>>> If true, this would actually be pretty clever!
>>>>
>>>> <https://www.bbc.co.uk/news/blogs-news-from-elsewhere-24707337>
>>>>
>>>> (stumbled upon while looking for something completely different!)
>>>
>>> This is probably all true.
>>>
>>> The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
>> In the years since the episode, one would think a TECHNICAL analysis of
>> the alleged issue would be forthcoming -- instead of pictures of unmarked
>> components on a PCB the schematic of which isn't available, either.
>>> And imagine doing something like this after promising Obama they
>>> wouldn't!
>> You expect a server to be used in a corporate setting/datacenter so it is
>> a *likely* target (shame on anyone who doesn't completely vet their
>> suppliers!)
>>
>> The appeal of a "common household appliance" is that it is NOT the sort
>> of place you would look for stuff like this. Would you suspect your
>> toaster or garbage disposal of "being an attack vector"?
>
> There are better places like a nightlite, a wallwart, a LED bulb, seems
> endless variety of doodads permanently plugged into the line and therefor
> have access to plenty of power.

But you don't *need* continuous access to power! That's the beauty of the
"iron" solution -- it sees *some* use but not CONTINUOUS use.

All it has to do is rely on the fact that you likely have other
"internet appliances" that are likely to be powered on and operational
WHEN the iron gets used. It's job is to exploit the devices while it
is powered up and attempt to establish a persistent infection -- with
the potential help of an adversary outside of your protection domain.

If you detect the infection (at some later point in time), you are
unlikely to be able to trace down its source -- unless the iron
happens to be plugged in at the same time! (by contrast, an
attack vector that is continually powered leaves evidence of its
presence all the time!)

Re: OT: iron spam!

<c395bece-69a4-424b-85e7-fb315753f904n@googlegroups.com>

  copy mid

https://www.novabbs.com/tech/article-flat.php?id=63972&group=sci.electronics.design#63972

  copy link   Newsgroups: sci.electronics.design
X-Received: by 2002:a05:6214:902:: with SMTP id dj2mr3741856qvb.11.1622124344455;
Thu, 27 May 2021 07:05:44 -0700 (PDT)
X-Received: by 2002:a37:a44d:: with SMTP id n74mr3646678qke.367.1622124344234;
Thu, 27 May 2021 07:05:44 -0700 (PDT)
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!proxad.net!feeder1-2.proxad.net!209.85.160.216.MISMATCH!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: sci.electronics.design
Date: Thu, 27 May 2021 07:05:44 -0700 (PDT)
In-Reply-To: <s8mm96$ame$1@dont-email.me>
Injection-Info: google-groups.googlegroups.com; posting-host=2601:5cc:4701:5250:8049:9191:d65d:d860;
posting-account=iGtwSwoAAABNNwPORfvAs6OM4AR9GRHt
NNTP-Posting-Host: 2601:5cc:4701:5250:8049:9191:d65d:d860
References: <s8ij8q$p2p$1@dont-email.me> <4a322f3e-f2d4-4a2f-9a4a-55604d523891n@googlegroups.com>
<s8mhaf$f97$1@dont-email.me> <71b742e5-2603-4a7c-8c4a-560a5d23d202n@googlegroups.com>
<s8mm96$ame$1@dont-email.me>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <c395bece-69a4-424b-85e7-fb315753f904n@googlegroups.com>
Subject: Re: OT: iron spam!
From: bloggs.f...@gmail.com (Fred Bloggs)
Injection-Date: Thu, 27 May 2021 14:05:44 +0000
Content-Type: text/plain; charset="UTF-8"
 by: Fred Bloggs - Thu, 27 May 2021 14:05 UTC

On Wednesday, May 26, 2021 at 7:40:29 PM UTC-4, Don Y wrote:
> On 5/26/2021 3:33 PM, Fred Bloggs wrote:
> > On Wednesday, May 26, 2021 at 6:15:49 PM UTC-4, Don Y wrote:
> >> On 5/26/2021 11:26 AM, Fred Bloggs wrote:
> >>> On Tuesday, May 25, 2021 at 6:24:32 AM UTC-4, Don Y wrote:
> >>>> If true, this would actually be pretty clever!
> >>>>
> >>>> <https://www.bbc.co.uk/news/blogs-news-from-elsewhere-24707337>
> >>>>
> >>>> (stumbled upon while looking for something completely different!)
> >>>
> >>> This is probably all true.
> >>>
> >>> The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
> >> In the years since the episode, one would think a TECHNICAL analysis of
> >> the alleged issue would be forthcoming -- instead of pictures of unmarked
> >> components on a PCB the schematic of which isn't available, either.
> >>> And imagine doing something like this after promising Obama they
> >>> wouldn't!
> >> You expect a server to be used in a corporate setting/datacenter so it is
> >> a *likely* target (shame on anyone who doesn't completely vet their
> >> suppliers!)
> >>
> >> The appeal of a "common household appliance" is that it is NOT the sort
> >> of place you would look for stuff like this. Would you suspect your
> >> toaster or garbage disposal of "being an attack vector"?
> >
> > There are better places like a nightlite, a wallwart, a LED bulb, seems
> > endless variety of doodads permanently plugged into the line and therefor
> > have access to plenty of power.
> But you don't *need* continuous access to power! That's the beauty of the
> "iron" solution -- it sees *some* use but not CONTINUOUS use.
>
> All it has to do is rely on the fact that you likely have other
> "internet appliances" that are likely to be powered on and operational
> WHEN the iron gets used. It's job is to exploit the devices while it
> is powered up and attempt to establish a persistent infection -- with
> the potential help of an adversary outside of your protection domain.
>
> If you detect the infection (at some later point in time), you are
> unlikely to be able to trace down its source -- unless the iron
> happens to be plugged in at the same time! (by contrast, an
> attack vector that is continually powered leaves evidence of its
> presence all the time!)

Ummmm
https://www.computerworld.com/article/2475911/don-t-look-now-but-the-led-light-fixtures-are-spying-on-you.html

You probably have some kind of chip capsule permanently lodged in your gut by now- it was the Chinese takeout that put it there.

Re: OT: iron spam!

<HRNrI.6875$Vh1.5507@fx21.iad>

  copy mid

https://www.novabbs.com/tech/article-flat.php?id=63974&group=sci.electronics.design#63974

  copy link   Newsgroups: sci.electronics.design
Path: i2pn2.org!i2pn.org!aioe.org!feeder1.feed.usenet.farm!feed.usenet.farm!newsfeed.xs4all.nl!newsfeed9.news.xs4all.nl!news-out.netnews.com!news.alt.net!fdc3.netnews.com!peer03.ams1!peer.ams1.xlned.com!news.xlned.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx21.iad.POSTED!not-for-mail
Subject: Re: OT: iron spam!
Newsgroups: sci.electronics.design
References: <s8ij8q$p2p$1@dont-email.me>
<4a322f3e-f2d4-4a2f-9a4a-55604d523891n@googlegroups.com>
<s8mhaf$f97$1@dont-email.me>
<71b742e5-2603-4a7c-8c4a-560a5d23d202n@googlegroups.com>
<s8mm96$ame$1@dont-email.me>
<c395bece-69a4-424b-85e7-fb315753f904n@googlegroups.com>
From: use...@example.net (bitrex)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
Thunderbird/78.10.2
MIME-Version: 1.0
In-Reply-To: <c395bece-69a4-424b-85e7-fb315753f904n@googlegroups.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Lines: 53
Message-ID: <HRNrI.6875$Vh1.5507@fx21.iad>
X-Complaints-To: abuse@frugalusenet.com
NNTP-Posting-Date: Thu, 27 May 2021 14:17:11 UTC
Organization: frugalusenet - www.frugalusenet.com
Date: Thu, 27 May 2021 10:17:11 -0400
X-Received-Bytes: 3777
 by: bitrex - Thu, 27 May 2021 14:17 UTC

On 5/27/2021 10:05 AM, Fred Bloggs wrote:
> On Wednesday, May 26, 2021 at 7:40:29 PM UTC-4, Don Y wrote:
>> On 5/26/2021 3:33 PM, Fred Bloggs wrote:
>>> On Wednesday, May 26, 2021 at 6:15:49 PM UTC-4, Don Y wrote:
>>>> On 5/26/2021 11:26 AM, Fred Bloggs wrote:
>>>>> On Tuesday, May 25, 2021 at 6:24:32 AM UTC-4, Don Y wrote:
>>>>>> If true, this would actually be pretty clever!
>>>>>>
>>>>>> <https://www.bbc.co.uk/news/blogs-news-from-elsewhere-24707337>
>>>>>>
>>>>>> (stumbled upon while looking for something completely different!)
>>>>>
>>>>> This is probably all true.
>>>>>
>>>>> The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
>>>> In the years since the episode, one would think a TECHNICAL analysis of
>>>> the alleged issue would be forthcoming -- instead of pictures of unmarked
>>>> components on a PCB the schematic of which isn't available, either.
>>>>> And imagine doing something like this after promising Obama they
>>>>> wouldn't!
>>>> You expect a server to be used in a corporate setting/datacenter so it is
>>>> a *likely* target (shame on anyone who doesn't completely vet their
>>>> suppliers!)
>>>>
>>>> The appeal of a "common household appliance" is that it is NOT the sort
>>>> of place you would look for stuff like this. Would you suspect your
>>>> toaster or garbage disposal of "being an attack vector"?
>>>
>>> There are better places like a nightlite, a wallwart, a LED bulb, seems
>>> endless variety of doodads permanently plugged into the line and therefor
>>> have access to plenty of power.
>> But you don't *need* continuous access to power! That's the beauty of the
>> "iron" solution -- it sees *some* use but not CONTINUOUS use.
>>
>> All it has to do is rely on the fact that you likely have other
>> "internet appliances" that are likely to be powered on and operational
>> WHEN the iron gets used. It's job is to exploit the devices while it
>> is powered up and attempt to establish a persistent infection -- with
>> the potential help of an adversary outside of your protection domain.
>>
>> If you detect the infection (at some later point in time), you are
>> unlikely to be able to trace down its source -- unless the iron
>> happens to be plugged in at the same time! (by contrast, an
>> attack vector that is continually powered leaves evidence of its
>> presence all the time!)
>
> Ummmm
> https://www.computerworld.com/article/2475911/don-t-look-now-but-the-led-light-fixtures-are-spying-on-you.html
>
> You probably have some kind of chip capsule permanently lodged in your gut by now- it was the Chinese takeout that put it there.
>

Free market: <https://imgur.com/a/v7n5Hf8>

Re: OT: iron spam!

<8976180d-54b3-4171-b5db-3233e70f2263n@googlegroups.com>

  copy mid

https://www.novabbs.com/tech/article-flat.php?id=63975&group=sci.electronics.design#63975

  copy link   Newsgroups: sci.electronics.design
X-Received: by 2002:a05:620a:5fc:: with SMTP id z28mr3574998qkg.378.1622125195754; Thu, 27 May 2021 07:19:55 -0700 (PDT)
X-Received: by 2002:a37:a6c6:: with SMTP id p189mr3718662qke.161.1622125195546; Thu, 27 May 2021 07:19:55 -0700 (PDT)
Path: i2pn2.org!i2pn.org!aioe.org!feeder5.feed.usenet.farm!feeder1.feed.usenet.farm!feed.usenet.farm!tr1.eu1.usenetexpress.com!feeder.usenetexpress.com!tr1.iad1.usenetexpress.com!border1.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: sci.electronics.design
Date: Thu, 27 May 2021 07:19:55 -0700 (PDT)
In-Reply-To: <HRNrI.6875$Vh1.5507@fx21.iad>
Injection-Info: google-groups.googlegroups.com; posting-host=2601:5cc:4701:5250:8049:9191:d65d:d860; posting-account=iGtwSwoAAABNNwPORfvAs6OM4AR9GRHt
NNTP-Posting-Host: 2601:5cc:4701:5250:8049:9191:d65d:d860
References: <s8ij8q$p2p$1@dont-email.me> <4a322f3e-f2d4-4a2f-9a4a-55604d523891n@googlegroups.com> <s8mhaf$f97$1@dont-email.me> <71b742e5-2603-4a7c-8c4a-560a5d23d202n@googlegroups.com> <s8mm96$ame$1@dont-email.me> <c395bece-69a4-424b-85e7-fb315753f904n@googlegroups.com> <HRNrI.6875$Vh1.5507@fx21.iad>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <8976180d-54b3-4171-b5db-3233e70f2263n@googlegroups.com>
Subject: Re: OT: iron spam!
From: bloggs.f...@gmail.com (Fred Bloggs)
Injection-Date: Thu, 27 May 2021 14:19:55 +0000
Content-Type: text/plain; charset="UTF-8"
Lines: 54
 by: Fred Bloggs - Thu, 27 May 2021 14:19 UTC

On Thursday, May 27, 2021 at 10:17:17 AM UTC-4, bitrex wrote:
> On 5/27/2021 10:05 AM, Fred Bloggs wrote:
> > On Wednesday, May 26, 2021 at 7:40:29 PM UTC-4, Don Y wrote:
> >> On 5/26/2021 3:33 PM, Fred Bloggs wrote:
> >>> On Wednesday, May 26, 2021 at 6:15:49 PM UTC-4, Don Y wrote:
> >>>> On 5/26/2021 11:26 AM, Fred Bloggs wrote:
> >>>>> On Tuesday, May 25, 2021 at 6:24:32 AM UTC-4, Don Y wrote:
> >>>>>> If true, this would actually be pretty clever!
> >>>>>>
> >>>>>> <https://www.bbc.co.uk/news/blogs-news-from-elsewhere-24707337>
> >>>>>>
> >>>>>> (stumbled upon while looking for something completely different!)
> >>>>>
> >>>>> This is probably all true.
> >>>>>
> >>>>> The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
> >>>> In the years since the episode, one would think a TECHNICAL analysis of
> >>>> the alleged issue would be forthcoming -- instead of pictures of unmarked
> >>>> components on a PCB the schematic of which isn't available, either.
> >>>>> And imagine doing something like this after promising Obama they
> >>>>> wouldn't!
> >>>> You expect a server to be used in a corporate setting/datacenter so it is
> >>>> a *likely* target (shame on anyone who doesn't completely vet their
> >>>> suppliers!)
> >>>>
> >>>> The appeal of a "common household appliance" is that it is NOT the sort
> >>>> of place you would look for stuff like this. Would you suspect your
> >>>> toaster or garbage disposal of "being an attack vector"?
> >>>
> >>> There are better places like a nightlite, a wallwart, a LED bulb, seems
> >>> endless variety of doodads permanently plugged into the line and therefor
> >>> have access to plenty of power.
> >> But you don't *need* continuous access to power! That's the beauty of the
> >> "iron" solution -- it sees *some* use but not CONTINUOUS use.
> >>
> >> All it has to do is rely on the fact that you likely have other
> >> "internet appliances" that are likely to be powered on and operational
> >> WHEN the iron gets used. It's job is to exploit the devices while it
> >> is powered up and attempt to establish a persistent infection -- with
> >> the potential help of an adversary outside of your protection domain.
> >>
> >> If you detect the infection (at some later point in time), you are
> >> unlikely to be able to trace down its source -- unless the iron
> >> happens to be plugged in at the same time! (by contrast, an
> >> attack vector that is continually powered leaves evidence of its
> >> presence all the time!)
> >
> > Ummmm
> > https://www.computerworld.com/article/2475911/don-t-look-now-but-the-led-light-fixtures-are-spying-on-you.html
> >
> > You probably have some kind of chip capsule permanently lodged in your gut by now- it was the Chinese takeout that put it there.
> >
> Free market: <https://imgur.com/a/v7n5Hf8>

If only! Three of the most worthless people of all time.

Re: OT: iron spam!

<u2bvag52hdqau9bvacbgc40j2g43bnoeua@4ax.com>

  copy mid

https://www.novabbs.com/tech/article-flat.php?id=63979&group=sci.electronics.design#63979

  copy link   Newsgroups: sci.electronics.design
Path: i2pn2.org!i2pn.org!paganini.bofh.team!goblin3!goblin.stu.neva.ru!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!buffer2.nntp.dca1.giganews.com!nntp.supernews.com!news.supernews.com.POSTED!not-for-mail
NNTP-Posting-Date: Thu, 27 May 2021 09:35:24 -0500
From: jlar...@highlandsniptechnology.com
Newsgroups: sci.electronics.design
Subject: Re: OT: iron spam!
Date: Thu, 27 May 2021 07:35:20 -0700
Message-ID: <u2bvag52hdqau9bvacbgc40j2g43bnoeua@4ax.com>
References: <s8ij8q$p2p$1@dont-email.me> <4a322f3e-f2d4-4a2f-9a4a-55604d523891n@googlegroups.com> <s8mhaf$f97$1@dont-email.me> <71b742e5-2603-4a7c-8c4a-560a5d23d202n@googlegroups.com> <s8mm96$ame$1@dont-email.me> <c395bece-69a4-424b-85e7-fb315753f904n@googlegroups.com>
X-Newsreader: Forte Agent 3.1/32.783
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Lines: 73
X-Trace: sv3-9rrrmcAu9FfJBkMzqeuSaR4rjpQgv/mOVpzXEhltvdK7QBjnbO34gZ3Hu+cGgXa9s6/j3iwz30P4tDL!H11Lwep0G2tQFRU+adDr+U/cXd9OwP/Wty6k3psJzYaqrsK71gCWdRmidiOwqgC8+AD5tjxrZ1Ka!fFuqYw==
X-Complaints-To: www.supernews.com/docs/abuse.html
X-DMCA-Complaints-To: www.supernews.com/docs/dmca.html
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.40
X-Original-Bytes: 4451
 by: jlar...@highlandsniptechnology.com - Thu, 27 May 2021 14:35 UTC

On Thu, 27 May 2021 07:05:44 -0700 (PDT), Fred Bloggs
<bloggs.fredbloggs.fred@gmail.com> wrote:

>On Wednesday, May 26, 2021 at 7:40:29 PM UTC-4, Don Y wrote:
>> On 5/26/2021 3:33 PM, Fred Bloggs wrote:
>> > On Wednesday, May 26, 2021 at 6:15:49 PM UTC-4, Don Y wrote:
>> >> On 5/26/2021 11:26 AM, Fred Bloggs wrote:
>> >>> On Tuesday, May 25, 2021 at 6:24:32 AM UTC-4, Don Y wrote:
>> >>>> If true, this would actually be pretty clever!
>> >>>>
>> >>>> <https://www.bbc.co.uk/news/blogs-news-from-elsewhere-24707337>
>> >>>>
>> >>>> (stumbled upon while looking for something completely different!)
>> >>>
>> >>> This is probably all true.
>> >>>
>> >>> The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
>> >> In the years since the episode, one would think a TECHNICAL analysis of
>> >> the alleged issue would be forthcoming -- instead of pictures of unmarked
>> >> components on a PCB the schematic of which isn't available, either.
>> >>> And imagine doing something like this after promising Obama they
>> >>> wouldn't!
>> >> You expect a server to be used in a corporate setting/datacenter so it is
>> >> a *likely* target (shame on anyone who doesn't completely vet their
>> >> suppliers!)
>> >>
>> >> The appeal of a "common household appliance" is that it is NOT the sort
>> >> of place you would look for stuff like this. Would you suspect your
>> >> toaster or garbage disposal of "being an attack vector"?
>> >
>> > There are better places like a nightlite, a wallwart, a LED bulb, seems
>> > endless variety of doodads permanently plugged into the line and therefor
>> > have access to plenty of power.
>> But you don't *need* continuous access to power! That's the beauty of the
>> "iron" solution -- it sees *some* use but not CONTINUOUS use.
>>
>> All it has to do is rely on the fact that you likely have other
>> "internet appliances" that are likely to be powered on and operational
>> WHEN the iron gets used. It's job is to exploit the devices while it
>> is powered up and attempt to establish a persistent infection -- with
>> the potential help of an adversary outside of your protection domain.
>>
>> If you detect the infection (at some later point in time), you are
>> unlikely to be able to trace down its source -- unless the iron
>> happens to be plugged in at the same time! (by contrast, an
>> attack vector that is continually powered leaves evidence of its
>> presence all the time!)
>
>Ummmm
>https://www.computerworld.com/article/2475911/don-t-look-now-but-the-led-light-fixtures-are-spying-on-you.html
>
>You probably have some kind of chip capsule permanently lodged in your gut by now- it was the Chinese takeout that put it there.

I think we would have noticed chips and batteries in our dumplings.

Dumplings are the rage here now. That's cool.

https://www.uniteddumplings.com/

The shrimp toast is great, but it's not toast and it doesn't taste
like shrimp. Which evolved the thought that an oxymoron contains no
oxen and no morons.

--

John Larkin Highland Technology, Inc

The best designs are necessarily accidental.

Re: OT: iron spam!

<OaQrI.2085$v01.720@fx07.iad>

  copy mid

https://www.novabbs.com/tech/article-flat.php?id=63990&group=sci.electronics.design#63990

  copy link   Newsgroups: sci.electronics.design
Path: i2pn2.org!i2pn.org!aioe.org!news.uzoreto.com!news-out.netnews.com!news.alt.net!fdc3.netnews.com!peer03.ams1!peer.ams1.xlned.com!news.xlned.com!peer03.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx07.iad.POSTED!not-for-mail
Subject: Re: OT: iron spam!
Newsgroups: sci.electronics.design
References: <s8ij8q$p2p$1@dont-email.me>
<4a322f3e-f2d4-4a2f-9a4a-55604d523891n@googlegroups.com>
<s8mhaf$f97$1@dont-email.me>
<71b742e5-2603-4a7c-8c4a-560a5d23d202n@googlegroups.com>
<s8mm96$ame$1@dont-email.me>
<c395bece-69a4-424b-85e7-fb315753f904n@googlegroups.com>
<HRNrI.6875$Vh1.5507@fx21.iad>
<8976180d-54b3-4171-b5db-3233e70f2263n@googlegroups.com>
From: use...@example.net (bitrex)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
Thunderbird/78.10.2
MIME-Version: 1.0
In-Reply-To: <8976180d-54b3-4171-b5db-3233e70f2263n@googlegroups.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Lines: 60
Message-ID: <OaQrI.2085$v01.720@fx07.iad>
X-Complaints-To: abuse@frugalusenet.com
NNTP-Posting-Date: Thu, 27 May 2021 16:56:14 UTC
Organization: frugalusenet - www.frugalusenet.com
Date: Thu, 27 May 2021 12:56:14 -0400
X-Received-Bytes: 4276
 by: bitrex - Thu, 27 May 2021 16:56 UTC

On 5/27/2021 10:19 AM, Fred Bloggs wrote:
> On Thursday, May 27, 2021 at 10:17:17 AM UTC-4, bitrex wrote:
>> On 5/27/2021 10:05 AM, Fred Bloggs wrote:
>>> On Wednesday, May 26, 2021 at 7:40:29 PM UTC-4, Don Y wrote:
>>>> On 5/26/2021 3:33 PM, Fred Bloggs wrote:
>>>>> On Wednesday, May 26, 2021 at 6:15:49 PM UTC-4, Don Y wrote:
>>>>>> On 5/26/2021 11:26 AM, Fred Bloggs wrote:
>>>>>>> On Tuesday, May 25, 2021 at 6:24:32 AM UTC-4, Don Y wrote:
>>>>>>>> If true, this would actually be pretty clever!
>>>>>>>>
>>>>>>>> <https://www.bbc.co.uk/news/blogs-news-from-elsewhere-24707337>
>>>>>>>>
>>>>>>>> (stumbled upon while looking for something completely different!)
>>>>>>>
>>>>>>> This is probably all true.
>>>>>>>
>>>>>>> The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
>>>>>> In the years since the episode, one would think a TECHNICAL analysis of
>>>>>> the alleged issue would be forthcoming -- instead of pictures of unmarked
>>>>>> components on a PCB the schematic of which isn't available, either.
>>>>>>> And imagine doing something like this after promising Obama they
>>>>>>> wouldn't!
>>>>>> You expect a server to be used in a corporate setting/datacenter so it is
>>>>>> a *likely* target (shame on anyone who doesn't completely vet their
>>>>>> suppliers!)
>>>>>>
>>>>>> The appeal of a "common household appliance" is that it is NOT the sort
>>>>>> of place you would look for stuff like this. Would you suspect your
>>>>>> toaster or garbage disposal of "being an attack vector"?
>>>>>
>>>>> There are better places like a nightlite, a wallwart, a LED bulb, seems
>>>>> endless variety of doodads permanently plugged into the line and therefor
>>>>> have access to plenty of power.
>>>> But you don't *need* continuous access to power! That's the beauty of the
>>>> "iron" solution -- it sees *some* use but not CONTINUOUS use.
>>>>
>>>> All it has to do is rely on the fact that you likely have other
>>>> "internet appliances" that are likely to be powered on and operational
>>>> WHEN the iron gets used. It's job is to exploit the devices while it
>>>> is powered up and attempt to establish a persistent infection -- with
>>>> the potential help of an adversary outside of your protection domain.
>>>>
>>>> If you detect the infection (at some later point in time), you are
>>>> unlikely to be able to trace down its source -- unless the iron
>>>> happens to be plugged in at the same time! (by contrast, an
>>>> attack vector that is continually powered leaves evidence of its
>>>> presence all the time!)
>>>
>>> Ummmm
>>> https://www.computerworld.com/article/2475911/don-t-look-now-but-the-led-light-fixtures-are-spying-on-you.html
>>>
>>> You probably have some kind of chip capsule permanently lodged in your gut by now- it was the Chinese takeout that put it there.
>>>
>> Free market: <https://imgur.com/a/v7n5Hf8>
>
> If only! Three of the most worthless people of all time.
>

Wasn't Ayn Rand on disability or Social Security or something? "When the
government gives you money, you take it", I guess...

Re: OT: iron spam!

<bakvaglba1dcl66v92gtbe2rc8ruu97fro@4ax.com>

  copy mid

https://www.novabbs.com/tech/article-flat.php?id=63993&group=sci.electronics.design#63993

  copy link   Newsgroups: sci.electronics.design
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: speffS...@interlogDOTyou.knowwhat (Spehro Pefhany)
Newsgroups: sci.electronics.design
Subject: Re: OT: iron spam!
Date: Thu, 27 May 2021 13:14:07 -0400
Organization: A noiseless patient Spider
Lines: 19
Message-ID: <bakvaglba1dcl66v92gtbe2rc8ruu97fro@4ax.com>
References: <s8ij8q$p2p$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Injection-Info: reader02.eternal-september.org; posting-host="468e75593415c66f65128777abb48643";
logging-data="31717"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/qMnqLlI3RcGh5smu7Koun"
Cancel-Lock: sha1:aLFit7hb7PXa2zJzLDg9RV2V3pk=
X-Newsreader: Forte Agent 4.2/32.1118
 by: Spehro Pefhany - Thu, 27 May 2021 17:14 UTC

On Tue, 25 May 2021 03:24:23 -0700, Don Y
<blockedofcourse@foo.invalid> wrote:

>If true, this would actually be pretty clever!
>
><https://www.bbc.co.uk/news/blogs-news-from-elsewhere-24707337>
>
>(stumbled upon while looking for something completely different!)

LOL, looks like an IR sensor. There's another photo with them pointing
to something else.

Kind of like the fake Supermicro story that made the rounds a few
years ago.

Expect a lot more BS floating around.
--
Best regards,
Spehro Pefhany

Re: OT: iron spam!

<s8ol4k$7iq$1@dont-email.me>

  copy mid

https://www.novabbs.com/tech/article-flat.php?id=63995&group=sci.electronics.design#63995

  copy link   Newsgroups: sci.electronics.design
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: blockedo...@foo.invalid (Don Y)
Newsgroups: sci.electronics.design
Subject: Re: OT: iron spam!
Date: Thu, 27 May 2021 10:33:01 -0700
Organization: A noiseless patient Spider
Lines: 33
Message-ID: <s8ol4k$7iq$1@dont-email.me>
References: <s8ij8q$p2p$1@dont-email.me>
<bakvaglba1dcl66v92gtbe2rc8ruu97fro@4ax.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Thu, 27 May 2021 17:33:08 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="283567159b18a78de187e428cf96380e";
logging-data="7770"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/UHjzmDfIApNS2a1Xi9eD6"
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
Thunderbird/52.1.1
Cancel-Lock: sha1:WWm+vMW60GVnY3UXbJaNhQPn47A=
In-Reply-To: <bakvaglba1dcl66v92gtbe2rc8ruu97fro@4ax.com>
Content-Language: en-US
 by: Don Y - Thu, 27 May 2021 17:33 UTC

On 5/27/2021 10:14 AM, Spehro Pefhany wrote:
> On Tue, 25 May 2021 03:24:23 -0700, Don Y
> <blockedofcourse@foo.invalid> wrote:
>
>> If true, this would actually be pretty clever!
>>
>> <https://www.bbc.co.uk/news/blogs-news-from-elsewhere-24707337>
>>
>> (stumbled upon while looking for something completely different!)
>
> LOL, looks like an IR sensor. There's another photo with them pointing
> to something else.
>
> Kind of like the fake Supermicro story that made the rounds a few
> years ago.
>
> Expect a lot more BS floating around.

Exactly. It wouldn't be hard for someone ELSE to produce (as in "dig up")
one of these alleged devices and publicize a legitimate teardown.

OTOH, just because these haven't been forthcoming, doesn't make
the IDEA any less clever!

E.g., you CAN buy a pwn plug -- and then sort out how to get
it surreptitiously installed. So, why can't someone MAKE
a ubiquitous device that the customer unwittingly installs?

Like an iron.

[ignoring all of the obvious "communications enabled" tech
that folks WILLINGLY install for their tech overlords...]

Re: OT: iron spam!

<16831111ad204b8f$1$1356503$70dd7a6b@news.thecubenet.com>

  copy mid

https://www.novabbs.com/tech/article-flat.php?id=64017&group=sci.electronics.design#64017

  copy link   Newsgroups: sci.electronics.design
Subject: Re: OT: iron spam!
Newsgroups: sci.electronics.design
References: <s8ij8q$p2p$1@dont-email.me> <4a322f3e-f2d4-4a2f-9a4a-55604d523891n@googlegroups.com> <s8mhaf$f97$1@dont-email.me> <71b742e5-2603-4a7c-8c4a-560a5d23d202n@googlegroups.com> <s8mm96$ame$1@dont-email.me> <c395bece-69a4-424b-85e7-fb315753f904n@googlegroups.com> <HRNrI.6875$Vh1.5507@fx21.iad> <8976180d-54b3-4171-b5db-3233e70f2263n@googlegroups.com> <OaQrI.2085$v01.720@fx07.iad>
From: no.s...@please.net (Clifford Heath)
Date: Fri, 28 May 2021 09:44:18 +1000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
MIME-Version: 1.0
In-Reply-To: <OaQrI.2085$v01.720@fx07.iad>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Message-ID: <16831111ad204b8f$1$1356503$70dd7a6b@news.thecubenet.com>
Lines: 73
Path: i2pn2.org!i2pn.org!aioe.org!feeder1.feed.usenet.farm!feed.usenet.farm!tr3.eu1.usenetexpress.com!feeder.usenetexpress.com!tr3.iad1.usenetexpress.com!2a07:8080:119:fe::44.MISMATCH!news.thecubenet.com!not-for-mail
NNTP-Posting-Date: Thu, 27 May 2021 23:44:18 +0000
X-Received-Bytes: 4196
X-Complaints-To: abuse@thecubenet.com
Organization: theCubeNet - www.thecubenet.com
 by: Clifford Heath - Thu, 27 May 2021 23:44 UTC

On 28/5/21 2:56 am, bitrex wrote:
> On 5/27/2021 10:19 AM, Fred Bloggs wrote:
>> On Thursday, May 27, 2021 at 10:17:17 AM UTC-4, bitrex wrote:
>>> On 5/27/2021 10:05 AM, Fred Bloggs wrote:
>>>> On Wednesday, May 26, 2021 at 7:40:29 PM UTC-4, Don Y wrote:
>>>>> On 5/26/2021 3:33 PM, Fred Bloggs wrote:
>>>>>> On Wednesday, May 26, 2021 at 6:15:49 PM UTC-4, Don Y wrote:
>>>>>>> On 5/26/2021 11:26 AM, Fred Bloggs wrote:
>>>>>>>> On Tuesday, May 25, 2021 at 6:24:32 AM UTC-4, Don Y wrote:
>>>>>>>>> If true, this would actually be pretty clever!
>>>>>>>>>
>>>>>>>>> <https://www.bbc.co.uk/news/blogs-news-from-elsewhere-24707337>
>>>>>>>>>
>>>>>>>>> (stumbled upon while looking for something completely different!)
>>>>>>>>
>>>>>>>> This is probably all true.
>>>>>>>>
>>>>>>>> The Big Hack: How China Used a Tiny Chip to Infiltrate U.S.
>>>>>>>> Companies
>>>>>>> In the years since the episode, one would think a TECHNICAL
>>>>>>> analysis of
>>>>>>> the alleged issue would be forthcoming -- instead of pictures of
>>>>>>> unmarked
>>>>>>> components on a PCB the schematic of which isn't available, either.
>>>>>>>> And imagine doing something like this after promising Obama they
>>>>>>>> wouldn't!
>>>>>>> You expect a server to be used in a corporate setting/datacenter
>>>>>>> so it is
>>>>>>> a *likely* target (shame on anyone who doesn't completely vet their
>>>>>>> suppliers!)
>>>>>>>
>>>>>>> The appeal of a "common household appliance" is that it is NOT
>>>>>>> the sort
>>>>>>> of place you would look for stuff like this. Would you suspect your
>>>>>>> toaster or garbage disposal of "being an attack vector"?
>>>>>>
>>>>>> There are better places like a nightlite, a wallwart, a LED bulb,
>>>>>> seems
>>>>>> endless variety of doodads permanently plugged into the line and
>>>>>> therefor
>>>>>> have access to plenty of power.
>>>>> But you don't *need* continuous access to power! That's the beauty
>>>>> of the
>>>>> "iron" solution -- it sees *some* use but not CONTINUOUS use.
>>>>>
>>>>> All it has to do is rely on the fact that you likely have other
>>>>> "internet appliances" that are likely to be powered on and operational
>>>>> WHEN the iron gets used. It's job is to exploit the devices while it
>>>>> is powered up and attempt to establish a persistent infection -- with
>>>>> the potential help of an adversary outside of your protection domain.
>>>>>
>>>>> If you detect the infection (at some later point in time), you are
>>>>> unlikely to be able to trace down its source -- unless the iron
>>>>> happens to be plugged in at the same time! (by contrast, an
>>>>> attack vector that is continually powered leaves evidence of its
>>>>> presence all the time!)
>>>>
>>>> Ummmm
>>>> https://www.computerworld.com/article/2475911/don-t-look-now-but-the-led-light-fixtures-are-spying-on-you.html
>>>>
>>>>
>>>> You probably have some kind of chip capsule permanently lodged in
>>>> your gut by now- it was the Chinese takeout that put it there.
>>>>
>>> Free market: <https://imgur.com/a/v7n5Hf8>
>>
>> If only! Three of the most worthless people of all time.
>>
>
> Wasn't Ayn Rand on disability or Social Security or something? "When the
> government gives you money, you take it", I guess...

https://www.snopes.com/fact-check/ayn-rand-social-security/

1
server_pubkey.txt

rocksolid light 0.9.81
clearnet tor