Skip to content
 
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Ars Technica)   To get root privileges on any windows PC, all you need to do is (A) type up 1000 lines of code to hack all the passwords; (B) install a keylogger using CIA infiltration techniques; or (C) just plug in a mouse   (arstechnica.com) divider line
    More: Asinine, Microsoft Windows, Razer mouse, Microsoft, Windows Update, part of the Windows Catalog, PCI Device IDof a Razer mouse, Windows Vista, Windows 98  
•       •       •

1628 clicks; posted to STEM » on 27 Aug 2021 at 8:55 AM (13 weeks ago)   |   Favorite    |   share:  Share on Twitter share via Email Share on Facebook



57 Comments     (+0 »)
View Voting Results: Smartest and Funniest


Oldest | « | 1 | 2 | » | Newest | Show all

 
2021-08-27 8:56:41 AM  
Oh, HELL no.
 
2021-08-27 9:08:20 AM  
So someone will still need physical access to your computer. Unless they've somehow convinced you to buy a razor mouse, open up a remote session with them, and let them take control.
 
2021-08-27 9:08:44 AM  
This is why I prefer Apple hardware. To break the the top security of apple stuff you actually have to be in the room with it and plug stuff into the USB
 
2021-08-27 9:14:41 AM  
2017
 
2021-08-27 9:14:42 AM  

snowshovel: This is why I prefer Apple hardware. To break the the top security of apple stuff you actually have to be in the room with it and plug stuff into the USB


...which it doesn't have.
 
2021-08-27 9:15:30 AM  

Unoriginal_Username: So someone will still need physical access to your computer.


I like how you think of this in terms of your home computer and not the hundreds of thousands of corporate, academic (especially high school and undergrad), and government computers out there.

If I were a sh*thead college freshman I'd be scheming ways to give Mr. Vote From the Rooftops a major headache, muahahaha.
 
2021-08-27 9:30:29 AM  
I'm waiting for the demonstration video where the person breaks in to the room where the computer is all all Mission Impossible style and shows this technique.
 
2021-08-27 9:46:06 AM  

Unoriginal_Username: Unless they've somehow convinced you to buy a razor mouse


It says that you just need a cable that reports the device id of a razer mouse. That's a much scarier vulnerability.
 
2021-08-27 9:54:58 AM  

snowshovel: This is why I prefer Apple hardware. To break the the top security of apple stuff you actually have to be in the room with it and plug stuff into the USB


Same as a PC....
 
2021-08-27 10:00:21 AM  

snowshovel: This is why I prefer Apple hardware. To break the the top security of apple stuff you actually have to be in the room with it and plug stuff into the USB


Which is why i went to Linux......
 
2021-08-27 10:02:27 AM  

KidKorporate: snowshovel: This is why I prefer Apple hardware. To break the the top security of apple stuff you actually have to be in the room with it and plug stuff into the USB

...which it doesn't have.


Wow

I heard the bone break on that one.

Apple prefers proprietary stuff so they can better control the herd and take more of its money
 
2021-08-27 10:06:17 AM  
To be fair you can hack any machine if you have physical access to it.

But if its data is properly encrypted ur fuked
 
2021-08-27 10:07:19 AM  

KidKorporate: snowshovel: This is why I prefer Apple hardware. To break the the top security of apple stuff you actually have to be in the room with it and plug stuff into the USB

...which it doesn't have.


Ahem......apple and its sit at home stock owners...
 
2021-08-27 10:31:01 AM  

MusicMakeMyHeadPound: I like how you think of this in terms of your home computer and not the hundreds of thousands of corporate, academic (especially high school and undergrad), and government computers out there.


Most people don't think in terms of a larger, enterprise deployment.

You don't even need the mouse or a mimic cable. All you need is a USB stick flashed with a live Linux distro.

Now you have access to the entire disk and can drop whatever payload you want on the disk or perform whatever farkery you wish. It's not like large deployments that are multi-user are going to be using BitLocker.
 
2021-08-27 11:08:09 AM  

Caelistis: Now you have access to the entire disk and can drop whatever payload you want on the disk or perform whatever farkery you wish. It's not like large deployments that are multi-user are going to be using BitLocker.


BitLocker itself is a joke, be careful with that.
 
2021-08-27 11:53:58 AM  

MusicMakeMyHeadPound: Caelistis: Now you have access to the entire disk and can drop whatever payload you want on the disk or perform whatever farkery you wish. It's not like large deployments that are multi-user are going to be using BitLocker.

BitLocker itself is a joke, be careful with that.


That's why I encrypt all my drives with ROT13.

And to be even safer, I run it twice.
 
2021-08-27 11:58:41 AM  
As someone who uses SteelSeries mice at work and at home, I have to lol.
 
2021-08-27 12:35:29 PM  
external-preview.redd.itView Full Size


The funny thing is that this form of privilege escalation dates back 20 years to Win9x.
 
2021-08-27 12:35:58 PM  

MusicMakeMyHeadPound: BitLocker itself is a joke, be careful with that.


How so?
 
2021-08-27 12:41:08 PM  
Yet they still haven't fixed sticky keys...
 
2021-08-27 1:30:26 PM  

trialpha: MusicMakeMyHeadPound: BitLocker itself is a joke, be careful with that.

How so?


Well, the fact that there are a bunch of professional recovery and forensic tools for lost, deleted, or corrupted BitLocker installations should be a big red flag.

The recovery key used to be written backwards in the first kilobyte on the disk (I forget the offset; I have it written down somewhere). I think they've fixed that though.

After that, there are two vectors of attack: brute forcing/selective attacking the password on the disk and obtaining your Microsoft account credentials (your recovery key is automatically stored in the cloud). I've heard reports that this takes only about a day or less of effort for most people's passwords because most of us are lazy.
 
2021-08-27 1:36:43 PM  
I used to do a party trick where I'd tell the host I could get any info off of his computer. I'd pop off a cufflink containing a USB drive with a bootable Windows image, and voila.

Did it at a Christmas party of as small firm CEO as a couple dozen of his employees watched. I suggested any of the house staff could do it too (cook, maid, p.a,).
 
2021-08-27 2:03:12 PM  
Easiest evil maid attack ever.
 
2021-08-27 2:26:52 PM  

Pats_Cloth_Coat: I'd pop off a cufflink containing a USB drive


I have so many questions about the cuff link. Like are you a street magician, in intelligence/spy, an IT person that attends a lot of formal parties and doesn't like a USB drive in your pocket ruining the line of your pants?
 
2021-08-27 2:40:55 PM  

The Ocho: Pats_Cloth_Coat: I'd pop off a cufflink containing a USB drive

I have so many questions about the cuff link. Like are you a street magician, in intelligence/spy, an IT person that attends a lot of formal parties and doesn't like a USB drive in your pocket ruining the line of your pants?


It was a set like this. When I went in an office I wore cufflinks a lot (I like cufflinks and watches) and I kept my usual tools on one for when I started a new contract - editor, rdp manager, doc templates, etc. Even a whole dev VM

I'd get some jaw drops first day when I popped open a cufflink and inserted the drive .
 
2021-08-27 2:50:12 PM  

PTP_Professor: Yet they still haven't fixed sticky keys...


Quit wacking off at your puter
 
2021-08-27 2:50:46 PM  

Tax Boy: MusicMakeMyHeadPound: Caelistis: Now you have access to the entire disk and can drop whatever payload you want on the disk or perform whatever farkery you wish. It's not like large deployments that are multi-user are going to be using BitLocker.

BitLocker itself is a joke, be careful with that.

That's why I encrypt all my drives with ROT13.

And to be even safer, I run it twice.


ROT26
 
2021-08-27 2:52:33 PM  

Nimbull: I'm waiting for the demonstration video where the person breaks in to the room where the computer is all all Mission Impossible style and shows this technique.


Fark user imageView Full Size
 
2021-08-27 2:56:09 PM  

Pats_Cloth_Coat: I used to do a party trick where I'd tell the host I could get any info off of his computer. I'd pop off a cufflink containing a USB drive with a bootable Windows image, and voila.

Did it at a Christmas party of as small firm CEO as a couple dozen of his employees watched. I suggested any of the house staff could do it too (cook, maid, p.a,).


Linux started that running ur OS from a DVD or USB thing in ram only, years ago
 
2021-08-27 3:11:55 PM  

Linux_Yes: Pats_Cloth_Coat: I used to do a party trick where I'd tell the host I could get any info off of his computer. I'd pop off a cufflink containing a USB drive with a bootable Windows image, and voila.

Did it at a Christmas party of as small firm CEO as a couple dozen of his employees watched. I suggested any of the house staff could do it too (cook, maid, p.a,).

Linux started that running ur OS from a DVD or USB thing in ram only, years ago


Go take a shower, get a haircut, and find a job. God I hate hippies
 
2021-08-27 3:42:10 PM  

Pats_Cloth_Coat: Linux_Yes: Pats_Cloth_Coat: I used to do a party trick where I'd tell the host I could get any info off of his computer. I'd pop off a cufflink containing a USB drive with a bootable Windows image, and voila.

Did it at a Christmas party of as small firm CEO as a couple dozen of his employees watched. I suggested any of the house staff could do it too (cook, maid, p.a,).

Linux started that running ur OS from a DVD or USB thing in ram only, years ago

Go take a shower, get a haircut, and find a job. God I hate hippies


So much for the hippies

Taking over your proprietary closed source community hating fading capitalist world........

https://en.wikipedia.org/wiki/List_of​_​Linux_adopters
 
2021-08-27 3:43:41 PM  

Pats_Cloth_Coat: The Ocho: Pats_Cloth_Coat: I'd pop off a cufflink containing a USB drive

I have so many questions about the cuff link. Like are you a street magician, in intelligence/spy, an IT person that attends a lot of formal parties and doesn't like a USB drive in your pocket ruining the line of your pants?

It was a set like this. When I went in an office I wore cufflinks a lot (I like cufflinks and watches) and I kept my usual tools on one for when I started a new contract - editor, rdp manager, doc templates, etc. Even a whole dev VM

I'd get some jaw drops first day when I popped open a cufflink and inserted the drive .


Reminds me a bit of this:

Richard Feynman Lecture -- "Los Alamos From Below"
Youtube uY-u1qyRM5w

That should start at 32:32.
Then there's the famous stories about safes that starts at at 1:09:20.
 
2021-08-27 3:43:46 PM  

Pats_Cloth_Coat: Linux_Yes: Pats_Cloth_Coat: I used to do a party trick where I'd tell the host I could get any info off of his computer. I'd pop off a cufflink containing a USB drive with a bootable Windows image, and voila.

Did it at a Christmas party of as small firm CEO as a couple dozen of his employees watched. I suggested any of the house staff could do it too (cook, maid, p.a,).

Linux started that running ur OS from a DVD or USB thing in ram only, years ago

Go take a shower, get a haircut, and find a job. God I hate hippies


Forget it, Jake, it's LinuxBevits.
 
2021-08-27 3:46:26 PM  

Pats_Cloth_Coat: Linux_Yes: Pats_Cloth_Coat: I used to do a party trick where I'd tell the host I could get any info off of his computer. I'd pop off a cufflink containing a USB drive with a bootable Windows image, and voila.

Did it at a Christmas party of as small firm CEO as a couple dozen of his employees watched. I suggested any of the house staff could do it too (cook, maid, p.a,).

Linux started that running ur OS from a DVD or USB thing in ram only, years ago

Go take a shower, get a haircut, and find a job. God I hate hippies


That would be a great comment to make towards lazy murcan sit at home stock owners living off other peoples labor
 
2021-08-27 3:49:25 PM  

Pats_Cloth_Coat: Linux_Yes: Pats_Cloth_Coat: I used to do a party trick where I'd tell the host I could get any info off of his computer. I'd pop off a cufflink containing a USB drive with a bootable Windows image, and voila.

Did it at a Christmas party of as small firm CEO as a couple dozen of his employees watched. I suggested any of the house staff could do it too (cook, maid, p.a,).

Linux started that running ur OS from a DVD or USB thing in ram only, years ago

Go take a shower, get a haircut, and find a job. God I hate hippies


Btw

Did i forget to mention the open source public decentralized blockchains like Ethereum and Bitcoin??

They will become Internet II in 10 to 20 years.
 
2021-08-27 4:07:35 PM  

Linux_Yes: Pats_Cloth_Coat: Linux_Yes: Pats_Cloth_Coat: I used to do a party trick where I'd tell the host I could get any info off of his computer. I'd pop off a cufflink containing a USB drive with a bootable Windows image, and voila.

Did it at a Christmas party of as small firm CEO as a couple dozen of his employees watched. I suggested any of the house staff could do it too (cook, maid, p.a,).

Linux started that running ur OS from a DVD or USB thing in ram only, years ago

Go take a shower, get a haircut, and find a job. God I hate hippies

Btw

Did i forget to mention the open source public decentralized blockchains like Ethereum and Bitcoin??

They will become Internet II in 10 to 20 years.


Right after we get flying cars powered by cold fusion to take us to our yurts made of hemp.
 
2021-08-27 4:19:06 PM  

Linux_Yes: To be fair you can hack any machine if you have physical access to it.

But if its data is properly encrypted ur fuked


media4.giphy.comView Full Size
 
2021-08-27 5:22:20 PM  

Linux_Yes: Pats_Cloth_Coat: I used to do a party trick where I'd tell the host I could get any info off of his computer. I'd pop off a cufflink containing a USB drive with a bootable Windows image, and voila.

Did it at a Christmas party of as small firm CEO as a couple dozen of his employees watched. I suggested any of the house staff could do it too (cook, maid, p.a,).

Linux started that running ur OS from a DVD or USB thing in ram only, years ago


Amiga computers could run from, and even reboot from a ramdisk before Linux ever existed.
 
2021-08-27 5:48:49 PM  
Meanwhile my users can't even install printers anymore because M$ can't figure out how to plug their security hole in the Print Spooler.  Awesome.
 
2021-08-27 7:56:41 PM  

Pats_Cloth_Coat: Linux_Yes: Pats_Cloth_Coat: Linux_Yes: Pats_Cloth_Coat: I used to do a party trick where I'd tell the host I could get any info off of his computer. I'd pop off a cufflink containing a USB drive with a bootable Windows image, and voila.

Did it at a Christmas party of as small firm CEO as a couple dozen of his employees watched. I suggested any of the house staff could do it too (cook, maid, p.a,).

Linux started that running ur OS from a DVD or USB thing in ram only, years ago

Go take a shower, get a haircut, and find a job. God I hate hippies

Btw

Did i forget to mention the open source public decentralized blockchains like Ethereum and Bitcoin??

They will become Internet II in 10 to 20 years.

Right after we get flying cars powered by cold fusion to take us to our yurts made of hemp.


Youre holding on to the past too hard.

Blockchains will decentralize power, which if you havent noticed, is becoming too concentrated.

Dont get distracted by the coins, learn about blockchains.

Digital Democracy
 
2021-08-27 7:58:11 PM  

Ivo Shandor: Linux_Yes: Pats_Cloth_Coat: I used to do a party trick where I'd tell the host I could get any info off of his computer. I'd pop off a cufflink containing a USB drive with a bootable Windows image, and voila.

Did it at a Christmas party of as small firm CEO as a couple dozen of his employees watched. I suggested any of the house staff could do it too (cook, maid, p.a,).

Linux started that running ur OS from a DVD or USB thing in ram only, years ago

Amiga computers could run from, and even reboot from a ramdisk before Linux ever existed.


But how much could you do with them??

https://en.wikipedia.org/wiki/List_of​_​Linux_adopters
 
2021-08-27 7:59:46 PM  

shroom: Meanwhile my users can't even install printers anymore because M$ can't figure out how to plug their security hole in the Print Spooler.  Awesome.


Youd think MS would have printing down by now

Unless they have other plans........
 
2021-08-27 8:03:54 PM  
We get it, Linux_Yes, Linux is the future and for all I know Hemp is the solution to all our problems. Dial it back a little, dude! You really are coming across as a crazy-eyed evangelist. Some of us actually work day-to-day with Linux and Unix, and have done so since the 1980's.
 
2021-08-27 8:17:50 PM  

Pats_Cloth_Coat: The Ocho: Pats_Cloth_Coat: I'd pop off a cufflink containing a USB drive

I have so many questions about the cuff link. Like are you a street magician, in intelligence/spy, an IT person that attends a lot of formal parties and doesn't like a USB drive in your pocket ruining the line of your pants?

It was a set like this. When I went in an office I wore cufflinks a lot (I like cufflinks and watches) and I kept my usual tools on one for when I started a new contract - editor, rdp manager, doc templates, etc. Even a whole dev VM

I'd get some jaw drops first day when I popped open a cufflink and inserted the drive .


I will say, that *is* James Bond-ian! :)

/ had a PDA and a 512Mb flash drive on my belt at one point. I'm more of a Utility-belt sort.
 
2021-08-27 9:19:46 PM  

maxheck: We get it, Linux_Yes,


Wait what? Does not everyone have him on ignore?
 
2021-08-27 10:28:11 PM  

Linux_Yes: Blockchains will decentralize power, which if you havent noticed, is becoming too concentrated.


Nothing to say that it won't still happen. Blockchains have one issue, they are monstrously computationally intensive. Computers might get around that in the future, but by then, new technologies may exist - and blockchain will be a historical footnote.
 
2021-08-27 10:59:29 PM  

Linux_Yes: Ivo Shandor: Linux_Yes: Pats_Cloth_Coat: I used to do a party trick where I'd tell the host I could get any info off of his computer. I'd pop off a cufflink containing a USB drive with a bootable Windows image, and voila.

Did it at a Christmas party of as small firm CEO as a couple dozen of his employees watched. I suggested any of the house staff could do it too (cook, maid, p.a,).

Linux started that running ur OS from a DVD or USB thing in ram only, years ago

Amiga computers could run from, and even reboot from a ramdisk before Linux ever existed.

But how much could you do with them??

https://en.wikipedia.org/wiki/List_of_​Linux_adopters


I'm well aware of Linux. I'm a co-author of a (very small) piece of the kernel tree, and I've been using it since the 1.2.x days across half a dozen different CPU architectures. I still have my first Slackware CD around here somewhere. Doesn't change the fact that the Amiga did some things earlier and better.
 
2021-08-28 8:41:42 AM  

phimuskapsi: Linux_Yes: Blockchains will decentralize power, which if you havent noticed, is becoming too concentrated.

Nothing to say that it won't still happen. Blockchains have one issue, they are monstrously computationally intensive. Computers might get around that in the future, but by then, new technologies may exist - and blockchain will be a historical footnote.


Proof of stake uses about as much power as a typical email server.
 
2021-08-28 8:43:23 AM  

Ivo Shandor: Linux_Yes: Ivo Shandor: Linux_Yes: Pats_Cloth_Coat: I used to do a party trick where I'd tell the host I could get any info off of his computer. I'd pop off a cufflink containing a USB drive with a bootable Windows image, and voila.

Did it at a Christmas party of as small firm CEO as a couple dozen of his employees watched. I suggested any of the house staff could do it too (cook, maid, p.a,).

Linux started that running ur OS from a DVD or USB thing in ram only, years ago

Amiga computers could run from, and even reboot from a ramdisk before Linux ever existed.

But how much could you do with them??

https://en.wikipedia.org/wiki/List_of_​Linux_adopters

I'm well aware of Linux. I'm a co-author of a (very small) piece of the kernel tree, and I've been using it since the 1.2.x days across half a dozen different CPU architectures. I still have my first Slackware CD around here somewhere. Doesn't change the fact that the Amiga did some things earlier and better.


Fair enough.  Back in 08 i was shocked at how far linux had progressed.  Never looked back after that.
 
2021-08-28 8:57:45 AM  

Linux_Yes: Ivo Shandor: Linux_Yes: Ivo Shandor: Linux_Yes: Pats_Cloth_Coat: I used to do a party trick where I'd tell the host I could get any info off of his computer. I'd pop off a cufflink containing a USB drive with a bootable Windows image, and voila.

Did it at a Christmas party of as small firm CEO as a couple dozen of his employees watched. I suggested any of the house staff could do it too (cook, maid, p.a,).

Linux started that running ur OS from a DVD or USB thing in ram only, years ago

Amiga computers could run from, and even reboot from a ramdisk before Linux ever existed.

But how much could you do with them??

https://en.wikipedia.org/wiki/List_of_​Linux_adopters

I'm well aware of Linux. I'm a co-author of a (very small) piece of the kernel tree, and I've been using it since the 1.2.x days across half a dozen different CPU architectures. I still have my first Slackware CD around here somewhere. Doesn't change the fact that the Amiga did some things earlier and better.

Fair enough.  Back in 08 i was shocked at how far linux had progressed.  Never looked back after that.


If corporate America ran on  a steam powered abacus I'd learn to shovel coal.
 
Displayed 50 of 57 comments


Oldest | « | 1 | 2 | » | Newest | Show all


View Voting Results: Smartest and Funniest

This thread is closed to new comments.

Continue Farking




On Twitter


  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.