Technology

37994 readers

199 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 3 years ago

MODERATORS

[email protected]

wondering about those commercial stalkerwarw stuff and mitigations? kinda curious about the subject (beehaw.org)

submitted 1 month ago by [email protected] to c/[email protected]

2 comments fedilink hide all child comments

So, you know commercial spyware? No I'm not referring to ads or things like pegasus. Talking about those weird providers that market to schools, employers and shitty partners

What measures could be taken to mitigate these threats? When physical can be assumes but the attacker isn't skilled, just using one of said tools? How would this vary between phones and laptops for example?

Thoughts?

No I'm not in danger, just get curious about this subject once in a while

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 1 month ago

This will be highly platform-dependent, and also dependent on your threat model.

On PC laptops, you should probably enable Secure Boot (if it's not enabled by default), and password-protect your BIOS. On Macs you can disable booting from external media (I think that's even the default now, but not totally sure). You should definitely enable full-disk encryption -- that's FileVault on Mac and Bitlocker on Windows.

On Apple devices, you can enable USB Restricted Mode, which will protect against some attacks with USB cables or devices.

Apple devices also have lockdown mode, which restricts or disables a whole bunch of functionality in an effort to reduce your attack surface against a variety of sophisticated attacks.

If you're worried about hardware hacks, then on a laptop you'd want to apply some tamper-evident stickers or something similar, so if an evil maid opens it up and tampers with the hardware, at least you'll know something fishy happened, so you can go drop your laptop in an active volcano or something.

If you use any external devices, like a keyboard, mouse, hard drive, whatever...well...how paranoid are you? I'm going to be honest: there is a near 0% chance I would even notice if someone replaced my charging cables or peripheral cables with malicious ones. I wouldn't even notice if someone plugged in a USB keylogger between my desktop PC and my keyboard, because I only look at the back of my PC once in a blue moon. Digital security begins with physical security.

On the software side, make sure you're the only one with admin rights, and ideally you shouldn't even log into admin accounts on a day-to-day basis.