So, I was reading an article which described how a penetration testing company managed to get past a firewall by posting an employee a specially rigged mouse! The idea was that my embedding a micro-controller in the mouse which could be programmed to disable the virus protection on a computer and then load some Trojan vector. The real difference in this design was that it didn’t depend on a USB memory stick and autoload, it used HID keyboard commands instead.

One of the comments in The Register article made me think, the suggestion was basically this could be more than just a mouse. That had me thinking:

Why not put a 2G modem embedded in the keyboard!? Not just a dumb one, but one programmed to accept an incoming connection or create a reverse connection to the hacker. An mbed processor could act as the infection vector controller, or perhaps even one of the modems with embedded python-on-a-chip just to make it neat?

Then wow, that is a really big security risk and not that difficult to achieve. OK hackers, you have your next project, get going!

I already knew it was a thin edge that people found themselves on if they offered free wifi, but I didn’t realise until today that it will soon be illegal to share an internet connection if you don’t log the identity of the person using said connection!

Thanks to a Tweet by Liam J. Hayter with a link to his blog I found out that apparently it will now be a legal requirement to take responsibility for who uses your internet connection. You will be liable for any illegal usage of your connection if you cannot prove who else used said connection.

So I have written to my local MP just to try and head it off at the pass, perhaps you might do the same:

 

Continue reading “Dangerous WiFi law making”