• 0 Posts
  • 32 Comments
Joined 1 year ago
cake
Cake day: June 12th, 2023

help-circle


  • There are of course a myriad of reasons for which you’ll get a lot of ideas. Some have already suggested running memtest.

    I’d suggest a full hardware “scrub”. Open the case, clean out all dust with a blower (don’t forget the PSU!!!), wiggle or remove-reinsert all electrical connections, especially CPU and RAM, but also GPU and expansion cards, storage (data and power), etc etc. Basically if you can plug it in, give it a wiggle to break any oxide layers or as I said remove-reinsert. Might not even hurt to double check your CPU and GPU thermal paste contact if it’s old and might have dried out.

    Then double check your overall air flow. Your CPU might be cool as a cucumber, but maybe your m/b is getting too hot from lack of air flow. Ironically its possible that a cool CPU = slower fan = less airflow around SB chips and power chips.

    I was having escalating browser freezes from random weekly to random daily to random hourly or worse, on a system that was stable for years. I did the above and added another case fan for better MB flow. Now my CPU runs cooler, the CPU fan runs even slower, and I’ve been rock steady for 2 weeks without a single freeze-up.








  • good point about the room.

    as for an installed keylogger, there are organizations that will inspect for that and catch it. My point is this is a way to get an actually unmolested USB device into play.

    But I hear you, this isn’t likely an ideal option right now, but it is an option for maybe some niche case. And these are early days, put enough funding behind it and it might become more viable. Or not. Mostly I’m just offering the thought that there ARE use cases if someone puts even a moment’s creative thought into trade craft and the problems it might solve like breaking the air gap, emplacement, avoiding detection, and data exfil. Each of those are problems to be solved at various levels of difficulty depending on the exact target.


  • Hmmm not totally. A bad actor could record the keyboard and then figure out a way to get it installed. Either through a logistics attack (not everyone maintains a secure supply chain), or an insider threat installing it. Everyone’s trained not to allow thumb drives and the like. But a 100% completely unaltered bog standard keyboard brought into a building is probably easier, and for sure less suspicious if you get caught.

    Sure you might say, “but if you have an insider you’ve already lost” to which I say, your insider is at risk if they do certain things. But once this keyboard is installed, their own detection risk is less.

    Now the question is, how far away can the mic be? Because that’s gonna be suspicious AF getting that installed. BUT!!! this is still a great way to break the air gap.