[HOME] [DOWNLOAD] [DOCS] [BLOG] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

Avoiding key strokes spying implemented in the bundles "mainboard + keyboard"


#1

Of course, we should take in consideration that THEY have introduced keylogging capability into all mainboards which are imployed by the mainboard’s firmware. Those capabilities allow to send your keystrokes from the keyboard to the ethernet-card or FDDI card and to your router and/or to your internet provider directly. This layer is deeper than any operating system and no operating system can protect against this.

Solution

You need a pen tablet (such as used by photoshoppers for drawing) and a software recognizing your handwriting and transferring it into printed letters. Also you need the second PC. The setup should be like this:
PC1 has pen tablet attached and no internet connection
PC2 with internet connection and without a keyboard or a with a keyboard which is never used.
Physical connection of PC1 to PC2 is made directly via a second ethernet-card installed on PC2, not via a router, hub, or switch.
Letters obtained from handwriting are sent to PC2 via a secure tunnel.
A secure tunnel based on own enryption (not on a possibly backdoored ssh or vpn or other ready made public solutions) is established between PC1 to PC2 so that you can remotely use the operating system of PC1 on PC2.
So you penwrite on PC1 but use the operating system of PC2. The firmware of the mainboard of PC2 does not have connection to the pen tablet of PC1 and cannot send your key strokes to your internet provider bypassing your operating system. Only in this case all TOR and other software ciphering means of any OSes may protect you.
The hardware spying possibilities are always ignored.


#2

What are you talking about? Any reliable sources to back this claim up?

If this is true Wireshark would catch anything suspicious calling home.


#3

Of course, there are claims if you HAVE BRAINS. This hardware-firmware tracking mechanism was implemented since Intel 82573E (Tekoa; usually 945, ICH7") in all mainboards.
You should use either two raspberrypis or two PCs older than Intel 82573E (Tekoa; usually 945, ICH7") to have not keystroke tracking. This information was confirmed by respected but anonymous sorces.
The firmware-hardwre tracking mechanism makes all OS-level protection useless including virtual-machine-based whonix and super-puper cool QubesOS.
Whonix bare metal solution may work provided that all data are sent from PC1 to PC2 IN THE ENCRYPTED FORM. BUT… PC1 (mainboard) of course will try to send data also directly from keyboard to PC2 and PC2 (mainboard) may have the capabilities also to send data from all plugged in eth/fddi (second, third, etc.) cards to the router and provider or directly to provider if there is no router. The new world order servants are not idiots to give you clean hardware without tracking inside. Don’t be a naive. All naives are fooled on the regular base. Take precations to protect yourself. Good luck.

There is NO PROTECTION ON THE HIGHER OS LAYER AGAINST HARDWARE AND FIRMWARE TRACKING!!! AHTUNG!


#4

Against hardware backdoors, we’re totally hosed.

I find the idea of a keyboard logger built into hardware rather unlikely - because there are much worse things that could be done with the same effort by an adversary in that position.

  • Step one, hardware could accept special commands that is hidden by default from wireshark.
  • Step two, network cards registers each machine that goes online at the adversaries computer. Someone running wiresharik wouldn’t see it, because the network card would somehow exclude that traffic.
  • Step three, the adversaries computer starts a VNC and ssh connection to the hardware backdoor.

This is total speculation for now. I wouldn’t be too much surprised if someone found hardware backdoors of that magnitude some day.

How do we know, that there isn’t a backdoor, that sends a copy of everything the graphic card does elsewhere?

How do we know, that there isn’t a secret VNC / ssh backdoor built into all network cards?

What are those respected but anonymous sources? How can one verify this apart taking the word of an anonymous user in Whonix forum?


#5

We may ask the respectful person to join the talk. But there is no sense to hezitate about spies in the hardware and all those things were published regularly about hardware on russian sites. Only small part of them were tested. It was found that TVsetboxes send not only the info which channels you watch and how long, which was found by letting the traffic go via a second pc with a traffic scanner, but all plasma tvs can serve as cameras showing your room to the adversaries.
PC people don’t have qualifications to check the hardware. Additional firmware modules can be installed inside a chip and not visible. It can be a subcpu inside cpu of the mainboard, in any place.
And you would not trust to monopolistic corporations who took all the power into their hands.

And you wrote about wireshark what we wanted to say… One approved public scanner for everyone. Isn’t strange? Also take into consideration that the hardware hidden chip may encrypt or steganograph the sent data turning them into numbers of packets all the non-text parts, different tls and other options. So even wireshark can be fooled if it is an honest software which we doubt.

We deal with 0000 and 1111s in the form of electrical signals. Electricity can be run in a millions or billions of sideways not registered by the OS software because their level is lower.

Network card just creats a separate channel in a hidden electrical frequency. As you may know network cards recognize the defined ranges of frequencies where they TAKE THOSE STREAMS OF 0000 and 1111s as electrical signal or to be more correct flashing of electrical signals. But imagine how easy it is to create a hidden frequency and even apply steganography to it, which is not even needed. And no other network card can read this frequency but the provider’s HARDWARE CAN READ IT PERFECTLY. That’s why your second PC’s network card with wireshark will never see any information transmitted on that frequency and wireshark will fail under any condition even it’s an honest software.
Do we have qualifications to study the entire frequency range of the entire electrical stream of the card? It’s impossible because even if they use the detectable frequency they may compact signals steganographically between streams like ADSL technology increasing the telephone line speed by thousands of times. That’s how they track us.
We do not have access to corporations’ secret papers. And we must not be naive that soldiers of the new world order give us clean hardware. On the contrary the eye in the triangle is increasing its power.
What we should do is to eliminate electricity completely… Our ancestors used energy which could be obtained from between-atomic connections from any material object. But electricity is the WEB and the WEB always has a SPY sitting in the CENTER and eating the agonizing insects.


#6

Let’s further ponder over the WEB AND SPYDER comparison. What is the so called so much desired decentralization? It’s when instead of one fly hundreds of flies fall on the web simaltanously so that the spider does not know which one to eat. But the spyder will follow its instincts and will eat each of them one by one, consequentially because all they ARE CAUGHT BY THE WEB AND CANNOT MOVE. This kind of decentralization is not the way out. The WEB itself must be ruined. And the web is the so called neutral “informational technologies” (hiding the black essense of it) and they can be ruined only by damaging all power producing facilities at once. We need a special weapon for that. It can be the global climatic catastrophe or huge magnetic field. No one knows.


#7

It’s interesting that tor/tails team never discuss or raise the questions about hardware spies as if they do not exist at all. Each new months we here a regular fairytale about found and fixed software holes. AND NOT A WORD ABOUT FIXING HARDWARE TRACKING!
Patrik, you are a nice guy but wasting time.


#8

Also think about a hidden module in network cards which establishes connection with provider’s hardware and allows reprograming this module for new spying frequencies every week, for example. It will be hard to detect it.


#9

Only you know about it, so only you can do it. Please do.

But there is no sense to hezitate about spies in the hardware and all those things were published regularly about hardware on russian sites.
Please try to imagine my perspective. Not speaking Russian, no sources, just one anonymous person making the claim.
And you would not trust to monopolistic corporations who took all the power into their hands.
Sure, I appreciated more competition in hardware market.
And you wrote about wireshark what we wanted to say... One approved public scanner for everyone. Isn't strange?
I guess there are multiple tools for that purpose, perhaps not that popular?
Also take into consideration that the hardware hidden chip may encrypt or steganograph the sent data turning them into numbers of packets all the non-text parts, different tls and other options. So even wireshark can be fooled if it is an honest software which we doubt.
Possible.
We deal with 0000 and 1111s in the form of electrical signals. Electricity can be run in a millions or billions of sideways not registered by the OS software because their level is lower.
Possible.
Network card just creats a separate channel in a hidden electrical frequency. As you may know network cards recognize the defined ranges of frequencies where they TAKE THOSE STREAMS OF 0000 and 1111s as electrical signal or to be more correct flashing of electrical signals. But imagine how easy it is to create a hidden frequency and even apply steganography to it, which is not even needed. And no other network card can read this frequency but the provider's HARDWARE CAN READ IT PERFECTLY. That's why your second PC's network card with wireshark will never see any information transmitted on that frequency and wireshark will fail under any condition even it's an honest software.
I am getting your basic point.
Do we have qualifications to study the entire frequency range of the entire electrical stream of the card?
I sure don't.
We do not have access to corporations' secret papers. And we must not be naive that soldiers of the new world order give us clean hardware.
Yes.
What we should do is to eliminate electricity completely...
Then we cannot communicate anymore? :)
It's interesting that tor/tails team never discuss or raise the questions about hardware spies as if they do not exist at all. Each new months we here a regular fairytale about found and fixed software holes. AND NOT A WORD ABOUT FIXING HARDWARE TRACKING!
Whonix doesn't say much about hardware backdoors either.

There is a little bit here:

I agree, that hardware backdoors are like the elephant in the room in the computer security community as well as in the Tor/Tails/Whonix/Anonymity community.

Also stylometry is the elephant in the room in the Tor/Tails/Whonix/Anonymity community. The thing is… Also see below.

Patrik, you are a nice guy but wasting time.

Only under your assumption. Your threat model is “let’s make it work against the most powerful adversary who introduced hardware backdoors”.

Whonix doesn’t claim being able to defeat such powerful adversaries yet:

Sure, it would be nice if we could do that, but that’s a long way. Better don’t hold your breath for that moment.

Even if Whonix only helps in weaker threat models such as to stop stalkers, then this has value. As long as Whonix helps anyone besides me, it is meaningful work.

The thing is… You gotta start somewhere. Developing hardware is very difficult. Making proof and verifiable of being backdoor free is even more difficult. In relation to that, developing Whonix is much simpler, see:

So there are people who develop privacy preserving software. And Tor/Tails/Whonix are among them.

Accusing people who actually do something for not doing something else is in my opinion not very helpful.

It’s like in politics. Some people use their time to advocate peace. Others advocate better economic systems that can sustain without war. The people advocating better economic systems accusing peace activist for not working on better economic systems and vice versa makes no point. You cannot do everything at the same time. That is our division of labor system. So if you want to accuse someone, then please accuse the ones, who’re not engaged in any activity to improve the world, who have the ability and time to do so.

And in computer security, I think it makes little sense accusing the people who work on privacy preserving software for not working on verifiable backdoor free hardware. This doesn’t mean we shouldn’t have better documentation for hardware backdoors. Feel free to contribute them. If there is some day verifiable backdoor free hardware, I will be very happy to recommend on whonix.org using that verifiable backdoor free hardware over today’s hardware.

There are a very few people who work on Free Software / Open Source and/or even verifiable backdoor free hardware. I am sure they urgently need support. Be it developers, financial support, advocates or else. Perhaps it’s really the most neglected and most important piece of computer security.

So if one has the choice to either contribute to Whonix or on verifiable backdoor free hardware, please rather contribute to the latter.

But then again, I am sure someone somewhere sometime will show up and tell the people working on verifiable backdoor free hardware, that they are wasting their time, since they are not working on secure verifiable backdoor free kernel or operating system. So when they finished verifiable backdoor free hardware, there will be no secure software to run on top. And someone else will complain, why work on hardware security, if you could be a political activist to advocate preventing people from getting in position to develop hardware backdoors in the first place? Things like advocating transparency, prevention of monopolies and other things could do the trick in a sustainable way by fixing the root of the issue rather than working on the symptoms (hardware backdoors).

When we get some day hopefully verifiable backdoor free hardware, then the research and development of privacy preserving software will be progressed a lot. We then simply switch to verifiable backdoor free hardware. So for now, I rather do something within my ability, than doing nothing. And Whonix is just one project of mine. I am also a political activist.

So 1guest, my rhetoric question for you, what is it that you do to strive for a better world. For one, why not help the people working on verifiable backdoor free software with fundraising or something else.


#10

Patrick what a wonderful reply. If you want to endorse an almost totally open and verifiable hardware platform look at the Novena laptop.


#11

Hardware related security has always been an interesting subject that needs more scrutiny. By the way, I wonder what is considered a safe keyboard to attach to the Novena?


#12

Edited by Patrick:
Forum rules violated, post removed.


#13

And we forgot to mention the second useful application of tor is that you can access some forbidden sites but not all of course. You cannot access for example pentagon hidden sites, etc. or sites of high priests of the world government.


#14

you talk so much without showing anything to back up your claims. How do we know you are not just spouting bullshit? Show some kind of proof that what you say is not total conspiracy shit.


#15

Edited by Patrick:
Forum rules violated, post removed.


#16

I know this only adds up to your conspiracy thesis, but I cannot allow hate speech here. I don’t know if it already was hate speech, but since I am responsible with respect to German press law, and since it seems outside the boundaries of this topic and project, you need a different place for that kind of topic.

Apart from that you’re free to (re-) post any criticism targeting Whonix, me, or hardware backdoor, conspiracy, etc. here. I don’t think I am going to answer a lot, since you tend to make too many claims with no proof at all.

By the way, one doesn’t need to be able to break Tor to find out which pseudonym you are. It is your unique world view, argumentation line and writing style that makes you unique.


#17

All posts about apple Juices are always removed. Thanks Patrick. :slight_smile:


#18

It’s not “It is your unique world view, argumentation line and writing style that makes you unique.”

Juices confirmed keyboard spying, comrade.

Imagine that you write with different styles on different sites via Tor with interval of several hours. And they know that it is YOU!
Moreover, they already have the global system of management of all sites belonging to them (99%) and they are able to respond to you in any forum or chat instead of the person whom you think you are talking to.


#19

Zionist snake and the globe. Signs inside the hi-tech. http://pixpipeline.com/d/bbdfb4837b12.jpg


#20

Now do you understand why mozilla was chosen for torbrowser?