[Arm-netbook] TPM backdoor

freebirds at fastmail.fm freebirds at fastmail.fm
Wed Sep 4 18:52:41 BST 2013


Derek, thanks for correcting my statement that TPM has an UUID. TPM's
keys have an UUID.

I am open minded that I may be wrong that TPM can use bluetooth when
computers are offline. 
I am not the first person to link the two. CLU posted three comments:
"Disable TPM hardware drivers in linux by blacklisting them and
bluetooth. That's the NSA backdoor. . .That's part of the bluetooth
stack. If you blacklist the drivers it can't connect and by proxy
disables the cell phone built into every laptop since 2005. You'll note
that you get back around 7% of system resources (at least on the i7 I
have running) after doing so. On the craptacular i3's I have it returns
around 20% of the system CPU. "
http://www.zerohedge.com/contributed/2013-06-25/governm...

If CLU is correct that "every laptop since 2005" has hidden bluetooth,
my purchasing an used 2006 Averatec 1150 netbook and an used 2008 Asus
900 netbook this month from Ebay will be a mistake. 

I am certain that Microsoft has been requiring manufacturers to
secretely install embedded bluetooth in laptop as early as 2009. This
bluetooth is not accessible to users. It is accessible to third parties.
Bluesnarfing does not rquire TPM. lsmod detected TPM in just two of my
netbooks. lsmod didn't detect TPM in my other netbooks. lsmod, ps ax
|grep blue, dmesg, conky and htop detected bluetooth in all of my
netbooks. Yet, bluetooth manger, hardinfo and lshw did not detect
bluetooth and the manufacturers' specifications misrepresented no
bluetooth. 

Jack Alter's crackers have bluesnarfed all of my netbooks. They didn't
need TPM to bluesnarf to gain complete remote control of my computers. 

Derek, abusers anywhere in the world can hire crackers anywhere in the
world to crack 

computers anywhere in the world. Most crackers reside in China and
Russia. Russia has the 

best crackers and they are cheap:

Thank you Luke for standing up for me.

luke.leighton" <luke.leighton at gmail.com wrote:

"i'm absolutely astounded that the people being paid to deploy these
attack vectors are even 

permitted to do so by their government." 

The Russian government does not arrest Russian crackers if their targets
are out of the 

country.
http://www.taipeitimes.com/News/editorials/archives/2013/08/26/2003570588/2

http://www.wired.com/threatlevel/2012/11/russian-underground-economy/

The level of sophistication of Jack Alter's crackers leads me to believe
they are Russian. 

They repeatedly crashing a Fedora kernel. Infected PDFs, jpgs, movie and
music files. 

Changed the MIME coding of my plain text documents so gedit could not
open them. Besides 

completely deleting some of my files, they emptied some of my files.
Some of my PDFs, music 

files, plain text files are now zero bytes. Transmitted encrypted
frameless packets 

commencing 48 hours after my netbooks were on to a Roadrunner ISP
address in Northern 

Virginia. I consider their most accomplished feat is infecting my
removable media with 

hidden null files.

Gaining physical access to computers and peripherals such as external
DVD writers to 

physically tamper with them is an one time expense. Thereafter, firmware
rootkits, other 

malware and hidden protected encrypted partitions on harddrives and
removable media work for 

free. In present times, few private investigators "gumshoe" anymore.
Instead they hire 

crackers.

"the term gumshoe started in the days when most private investigators
walked the
streets and intervewed people for information so much they always
managed to
get gum on their shoes because they were consistly walking in bad
neighborhoods usually in 

downtown areas where there was no one that cleaned up the sidewalks. The
term caught on in 

the 40's and 50's in police departments and Hollywood as a term for
private investigator." 

http://www.pimall.com/nais/n.gumshoe.html

How much funds are needed to produce a prototype of the rhombus laptop?
I am willing to donate. Create a donate button to click on!

-- 
http://www.fastmail.fm - IMAP accessible web-mail




More information about the arm-netbook mailing list