Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Gripping! Would love to read more articles in this “genre”.

I’m wondering if there was an easy way for the attacker to encrypt or obfuscate some of these configuration files, so that defenders can’t extract settings even when physically connected to the device.



Read The Cuckoo's Egg by Cliff Stoll. An oldie but a goldie.


There’s a PBS made for TV movie about this story too, don’t know if it can still be found on streaming:

https://imdb.com/title/tt0308449/


I’ve owned a copy for a while now. This might just be the push I needed to pick it up.


I read the whole book over a long weekend, I just couldn't put it down.

Make sure you don't have any work deadlines in the few days after you start it.


The first time I read it I could not put it down. Incredible book.


Some malware will store the executable and all configuration encrypted on the disk and will only decrypt in memory with a key downloaded from the internet.

Ofcourse you can still defeat this if you dump the memory or reverse engineer the process to get the key yourself. Makes it a bit harder but still not impossible.


Unless the disk has some way of checking the hash sum of its own file structure before execution, additional debug, logging scripts can be added which load at boot time and record the entire process. It’s a cat and mouse game.


The investigative work in that piece reminds me of this old case: https://www.youtube.com/watch?v=OAI8S2houW4




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: