Later On

A blog written for those whose interests more or less match mine.

What’s required to restore electronic security to the Capitol

leave a comment »

Read this thread by @jacobian, which begins:

So much this. A physical breach is a nightmare scenario for infosec.

On the off-chance that any of my followers are involved in this — I do have some experience in scenarios like this and would be happy to help. If I can be of assistance hit me up.

Just to give folks who aren’t in the field an idea what we’re talking about:

– we must assume that foreign agents were among the rioters
– snooping devices can be implanted into anything with a power cord
– so every device in the capitol is now a potential foreign asset 

So, just for starters:

– all computers need to be inventoried, inspected inside and out, and the OS paved/rebuilt
– keyboards, mice, &c might now have implants, they probably should be tossed (see eg… which looks like a usb cable but is in fact a logger)

Then everything with a power source needs to be audited. This means lamps. Thermostats. Those cute little portrait lights on top of photos. The vacuum cleaner in the storage closet. Even outlets — a fav trick of one Red Team I know is a fake outlet cover that hides a mic. 

Continue reading.

Written by Leisureguy

10 January 2021 at 3:22 pm

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.