Full Disclosure mailing list archives
RE: Bios programming...
From: "Matt Marooney" <matt () dynamicanswers com>
Date: Thu, 3 Mar 2005 15:04:40 -0500
Very true, and I'm sure that I am not going to be able to keep people from getting around it, I just want to make it really really hard. Obviously, if the person is smart enough to boot to a different OS, setup their internet connection on that OS, and browse, then they are not going to be using this product in the first place! I want this software to help people who want help, to keep them honest, and unaware that their system is monitoring activity. Most of the other services out there are very "in-your-face" or they only monitor one type of traffic. The BIOS requirement was to keep the users using the system. If they take the machine in to BestBuy to get it serviced, and the tech wipes or replaces the hard drive, the poor guy doesn't remember to reload the monitoring software. I'm open to other suggestions, I just want to make it next to impossible to delete (without the admin password, of course), and invisble to operate. Thanks for the comments! -- Matt -----Original Message----- From: Paul J. Morris [mailto:mole () acnatsci org] Sent: Thursday, March 03, 2005 8:46 PM To: matt () dynamicanswers com Subject: Re: [Full-disclosure] Bios programming... Matt, Don't know much about working that close to the bios, but a couple of potential means of circumvention immediately come to mind: 1) booting from cd, in particular booting with a different operating system from the one you wrote the monitoring code for, as in booting from a knoppix distribution. 2) browsing the web through a secure anonymous proxy (such as guardster) -Paul On Thu, 3 Mar 2005 13:44:39 -0500 "Matt Marooney" <matt () dynamicanswers com> wrote:
I am trying to write a program to help people who are addicted to internet pornography. This application would be tied into an online service where someone could sign up for monitoring, and download a thin client app. The application would run in the background of the person's computer, and upload the person's internet activity to the website. The service would then email this activity report to designated recipients. I have most of the knowledge to create this service, but I need to know how to do a couple things: 1. I would like the program to be "un-installable". I've heard of a couple of hardware security tracking services that can load a very small setup package in the CMOS and if a computer is stolen, and the hard drive is replaced, the app reloads itself and the next time the computer is on the internet, it sends out a beacon. Does anyone have any insight about how to do something like this? I want the CMOS program to run on boot, and check to see if the monitoring software is
still installed. If it is not, the boot process reloads it. 2. obviously, the program does not need to be very large, so I want it
to run in the background and not be visible to the computer's user. This is easy, I know, but I want the process to be completely invisible.(even to super-geeks) 3. I would like to figure out a way to monitor traffic for multiple protocols (HTTP, FTP, File Sharing, Chat, etc.) . I'm wondering if there is a way to figure out "bad" requests on a packet level. I really appreciate any help with these questions! Thank you all, -- Matt
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Bios programming..., (continued)
- RE: Bios programming... Matt Marooney (Mar 03)
- Re: Bios programming... Steve Kudlak (Mar 03)
- RE: Bios programming... Aditya Deshmukh (Mar 03)
- Re: Bios programming... Steve Kudlak (Mar 04)
- Re: Bios programming... Pedro Venda (Mar 04)
- Re: Bios programming... Michael Holstein (Mar 03)
- RE: Bios programming... Aditya Deshmukh (Mar 03)
- Re: Bios programming... Valdis . Kletnieks (Mar 03)
- Re: Bios programming... devis (Mar 04)
- Re: re: Bios Programming... Joachim Schipper (Mar 04)
- Re: re: Bios Programming... Benjamin Franz (Mar 04)