Which fool is going to do all the trouble of the world to install 1 advanced spying device with danger to own life?
Is it not much simpler to simply stomp companies out of the ground who are seriously selling the price of electronics?Two flies in 1 blow.
How bad is it set with safety?
These are matters that are discussed in English-language forums, so can not directly find links in Dutch but:
- WPA3, the new WiFi standard has yet to be rolled out.
That takes about ten years to replace all routers and access points. Recently WPA3 was hacked in seconds or minutes, I want to get rid of it. Because WPA3 must be backward compatible with WPA2. And WPA2 is as leak as a sieve. Not to patch. Always unsafe.
This week, Google had to change their Intel cloud computing resources to not use hyperthreading anymore. Because virtualization, data from other customers can be viewed. For the certainty they have dropped that feature with reasonable performance loss.
He does not even notice. Well, Microsoft has just made us bugs, important zero-day bugs that are rolled out with delay. Nobody expects software to be safe. We do patch It when someone is walking against it. Some years ago when open source bugs, critical bugs were discovered, a very well-known brand of Internet security was still working with open source software that has been unpatched for 7 years. And a firewall needs root permission, so you don’t need a virus, your virus software will do anything you never know. Kaspersky has extracted a file from a laptop from a secret agent, because it was classified as a virus and they obtained that file to analyse and improve their software.
And air gapped computers, without connection to the outside world, can be approached via electricity cables. Such as PLC modems, power line carrier modems. Some years ago, for example, I saw a USB spy chip from a known power incorporated into a USB cable, no one that can see the difference. A cable is normally passive. One can also easily assume that if that cable became known, one can already have much more advanced things.
And certainly not with details. But rest assured, cyber armies are quite common today.
There were some more than there were officially installed. Information, even from befriended nations is worth gold.
As an ASIC designer, you shouldn’t even consciously put weaknesses in the system.The cost reducing measures in each company make enough low cost engineers to work on the project. Security is not a prioritization, the projects run through tampering and always go over budget. Debug and failure analysis are necessary and thus possibilities enough to break in and reverse engineer.
The problem is that 99% of people just don’t know what they’re talking about.
Dicks but some out of their neck.
By the way, in wartime it is crucial to lay down the infrastructure of a country.Observation of that infrastructure is very easy and at the same time crucial for the enemy.
There’s nothing safe, it’s like an alarm system in your house, make it harder so they try somewhere else.The pros get in everywhere.
A tricky question to answer.Not every spy is known everywhere and drinks his Martini 芒 鈧?虄shaken, not stirred芒 鈧劉. In the real world, things are going differently. No less. No, an awful lot more.
What we hear is not very reliable for two reasons.1) Spying is a very secret box and the newspapers are not full. Not determined. So it’s no more than tops of the massive icebergs underwater. En芒 鈧?”2) The opposing party is there as the chickens to sprinkle all sorts of fake news around it. So what we know is probably not true as well.
What we know is certainly for 80% wrong/half/suggestive and for 100% only the tip of the iceberg and de facto unusable.
Reality is utterly bizarre.Everything and everyone spies. Our government is spying on us for example. In all possible ways. The Tax Office has special spies sections. Google, Facebook, Instagram, really everything and everyone is doing it.
Sadly but true.
In the case of American companies, the CIA has intercepted shipments and provided them with backdoors themselves.At Cisco, they weren’t happy about that.
Both Apple and Microsoft have been pressured to provide access to data, in certain much-discussed cases that has not happened, you never know in what matters though.
The US is not alone in this.Israel also has a hand of it.
From Russia and China everyone expects this, because these countries are also very active in hacking.
So the question is how many software, services devices (and chips) from abroad you can trust 100% to keep your data safe.
The US government has done this in several ways:
- Exploitation of accidental security leaks.
This method is also used in other countries, among others by Russians, Chinese and Dutch.
The US government also seems to have been actively involved in the survival of a number of security vulnerabilities.Unless someone folds out of the school, it is difficult to find out whether that is happening in other countries. It is probably.
Huawei and the current Chinese government can have the best intentions. That does not give any guarantee for the future.
This type of equipment can be provided remotely by the manufacturer of new software.A spy could post a hack and later restore the original software which makes detection almost impossible.
Russian or Chinese companies will probably be forced to work with them without anything on paper.
The fact that this happened was well known.The huge scale became clear only when the story was put on Wikileaks.
That spying is not something new.Since the cold war, telephone traffic and radio traffic have been overheard on a large scale. But then there was more sense of alliance. We just let the Americans eavesdrop here.
Still, the Netherlands is very dependent on the United States and Israel when it comes to spying technology.Purely technically, these are the biggest threats. But those countries are not looking to drastically change our way of life. So then this risk falls again. Maybe.
Russia has a long history of spying and using every means that is seen as effective.Kaspersky virus scanner was captivated by many governments, after Russia was caught something too often when hacking.
China has only become active in Europe until later, but it is rapidly lagging behind in activity due to an enormous intensity.Much more so than Russian espionage, the Chinese hackers are engaged in businesses.
Not only foreign, but also domestic companies can be intended or unintentionally involved in spying.A Dutch company that provided encryption of data for the internet was hacked. As a result, data from many governments was vulnerable.
At the very least, companies will have to be monitored for security risks, depending on their interest.That happens, but probably on a totally inadequate scale. If adequately controlled, Chinese devices could be safer as American.
It is not just about safety.Trade interests and patent infringements also play a role. The US uses the security argument to put China under pressure. Since we are dependent on a good part of the US, we are more or less obliged to participate. But we also do a lot of business with China. This is an annoying situation for the Netherlands.
There is no indication that Russia of China has ever used one of their exporting technology companies for espionage.As long as there are backdoors and even occasionally being kept open by our great ally, there is also no immediate necessity.
On the other hand, if they do use their technology companies, we probably never get behind it.
Not so much governments, but the secret services make use of companies.That doesn’t have to be technology companies. They are mostly covercoats for the activities of the secret services.
In principle, any foreign company can be used for these purposes.
But I think that the secret services do know which companies in their countries do.They are easier to eavesdrop, rather than searching again and finding the new company that has taken over the job.
Maybe so, maybe not.That’s hard to say. But the question is rather how to do it, because it requires that special modifications be made in hardware to collect data and forward it to the home front. And how they do it can generally be easily traced, interpreted and eventually also countered…
First of all, it starts with data collection.You are a piece of hardware from a computer and see all sorts of data come over. Keystrokes, mouse movements, data files and much more. But you are only a small spy module and so can not store everything indefinitely. So you have to make a preselection of data that is important to steal. An impossible task when you consider that these types of spying modules have limited resources. And since there would be thousands of those modules that would provide a huge data stream to certain servers. That is too much! So simple listening modules make is pointless because it delivers too much data. Data that may eventually end up in China on mobile connections and various routers and ISPs.
What then?Basically the so-called backdoors in various modules that allow you to remotely access certain hardware. Very simple: the hardware module is activated and logs on to the home base as being active. In the home base, one has to investigate whether the module In question is In an interesting place to listen to and if so, you can take further action. But again, the amount of data traffic needs to be kept very limited!
You might hide this again in a kind of update functionality that comes with a product by default.If you are using Windows, MacOS or any of the larger Linux distributions then there is a good chance that the software will contact a server to check for updates to the affected system. Many software nowadays has automatic updates built in and that is also perfectly possible in the drivers of hardware.
Here we come to Huawei.You have a mobile phone and that activate you and the Linux distribution within your phone connects to Google for the APP store and other matters and with Huawei to phone-specific updates or even simply to register the phone. This is pretty standard among all brands of mobile phones and some brands are known to send a bunch of “bloatware” to the hardware. (Which happens also on computers.)
So these update channels can spy on your phone, although they can’t send too much data because it can stand out.If you have a lot of data usage with your mobile subscription while you are almost never going to the Internet then that is already striking. But also within your home network, a large amount of data traffic with servers in China would be quite noticeable.
So although not impossible, this type of spying is not too practical.
However, that is different if they want to perform a direct espionage action.Consumer hardware delivers too much noise that they have nothing to do, but hardware from providers and large companies may provide valuable information, provided they can get it in the system. What we are looking for above all is a backdoor in existing systems to make use of. But in principle anyone can do that…
I would be able to!You can buy a ESP8266 for a few euros with another 3 volt rechargeable battery and a solar panel.Just connect everything together and write code to run on the ESP8266 and you have such a device that searches for WiFi networks in the area and collects information about it to play through to a home base. Add a GPS module and then you can drive around the city and map all the mobile networks in the area. May not cost yet 芒 ‘ 卢 30 and some hours of work.
Want something more complex?Can too! Attach a USB connection to the ESP8266 with some extra hardware and make sure the computer recognizes it as an external drive. When Autorun is on, you can then run some code that hides the USB drive and also collects data on the connected computer and sends it home via its own WiFi network.
There are masses of ESP devices with different functionality that are easy for consumers to buy and usually only cost a few euros.These can then be used for various purposes. For example, add a microphone and you can listen to conversations. A camera module and you can also film. And so on. Spying is not limited to big companies! Anyone with a little technical knowledge can already make spying equipment.
And to answer your question: Yes, all governments will make use of such possibilities.Some methods are public such as the many speedcams and trajectory controls. Other methods are less known but the possibilities are unlimited.
And which companies are potentially risky?Basically all companies. But the risks are more in social media where everyone exposes his or her entire life. By means of data mining, many of these data can be translated into information by the parent companies of this media. But also for any other company that can gain access to these data.
The risky companies are also Google, Microsoft (LinkedIn/GitHub), Facebook, Twitter, Quora, Badoo, AliExpress VKontakte and many more…
Mr. Qadeer Khan was not a chipmaker but gained sufficient knowledge in the Netherlands to help his homeland to an atomic bomb.
Eh all companies from China/Russia/US?
If you understand what a device like a mobile phone does, what it consists of and where all the data goes, you know that there is a central place that can be monitored.
When a so-鈩?N company makes a mistake where a fine is handed out, that will be the moment that is attempted to negotiate.These are the times when such deals are closed.
So if you want to know which companies etc., then you are looking at the companies that have imposed high fines, which are decommissioned tax, that kind of business.
They have been chantable so there is a chance that your theorem is right there.