3. How do you find out if an adversary has remote access to your computer?

How do you find out if an adversary has remote access to your computer?

What's kind of strange about your question goes to - who are you and who wants your stuff? Are you a human rights activist travelling to Tibet? Are you a Falun Gong supporter in the US? Are you a Snowden supporter in the US? Are you a journalist for a major newspaper that leaks embarrassing things about Senators? Are you a normal guy who doesn't trust their brother's friend or the babysitter?

  • who is the 'adversary' (and therefore what are their resources and what can they do to you)

  • how much might you have hypothetically trusted this adversary in the past, or someone or some group that they could have controllled,

  • do you think that this adversary could hide things in places where you couldn't usually look with commercial off the shelf or homemade tools?

  • do you have a way to compare before/after snapshots of either the whole system or many parts of it to ensure integrity

  • is your adversary so powerful that they could embed remote access such that even a wipe/reinstall of the OS would not be enough to ensure that they are kept out, and long term, could not get right back in?

So, some hints here. If your adversary is something like the NSA, and they can control Microsoft, and Microsoft has been effective at getting motherboard level chips in place like TPM chips which hold secrets from the user and even parts of the OS, and in the past malware has run in everything from graphics cards to other chipsets besides your CPU and has exploited signed drivers running at kernel level, totally evading all this antivirus and so on -- well you are super duper hosed.

If your adversary is the NSA, and you are using Gmail on a Chromebook, same deal.

If your adversary is the NSA, and you are using a Macbook with Mac OS X and FileVault and doing all the good things. You are still pwned.

Is your adversary the 'evil maid' (a roommate?) who's had an hour alone with your PC up and booted in a live state, with your account logged in?

Dude, a beginner will never spot the things someone could be doing to you.

Even an expert would hardly HARDLY be able to tell if someone was an intruder on their system.

If you even suspect intrusion, and require security, wipe and rebuild and consider carefully if that's actually enough to stop whoever it is you think is your adversary.

/r/AskNetsec Thread
Previous
Next

Recently removed from /r/AskNetsec

Pentesters, what web vulnerability scanner do you use? Web App Pentesting Career Path Is a "security engineer" = a software dev focused on security or is it something uniquely different? What subjects would you take in hackerschool? Most reasonable way to protect Windows laptop from BadUSB? Your recommendations, I have an opportunity to learn netsec but I am at the starting line. I will be traveling to one of the countries hosting a great firewall, will only be using my phone to access anything. What kind of modifications and precaution should I be taking to protect myself from both of privacy and security perspective? Anyone interested in Advanced WiFi Pentesting Webinar? if net neutrality fails, could an online company provide a "neutral net" loophole? GCIH - using braindump questions to test my knowledge. Good or bad? Let's say you find an exploit in a vendors application. What's the best way to inquire about a bug bounty if one isn't already listed? Minimum Requirements For Entry Level Pentesting Job Can someone recommend how I can get into malware research/reverse engineering? Security clearance question What can a script kiddie do?

More Random Comments

Filling up holes from old plate I feel like the remake really shafted this character with their voice cast choice [WTS] Odin Works 16” Superlite 9mm barrel Information please. My mother, who passed in 2022 at age 99 had these my whole life. She immigrated to the US from Luxembourg in 1946. There is a small makers mark and the number 13056. I’m curious about age and origin. Thanks worlds jumpiest cops Oh okay You can't state facts If it's incredibly difficult for someone to be vegan, should they still be vegan? CMV: It's transphobic to demand trans people disclose they are trans on dating apps BNIB Defective Holosun SCS? I bought this SCS from Dawson Precision, open up, and attempt to manipulate. No power, no cycle, no reset. Am I an idiot? I am perturbed. potential solution for storing solar power from tesla how do I farm diamonds Just to show you what’s possible here Qual um campeonato continental nicho que é bacana de acompanhar? My Channel Was Deleted Last Night