Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

uncommon's Achievements


Newbie (1/14)

  1. Lets say we have a win 7 computer with non-admin access. There is a particular registry setting we want change. And we dont have permissions to any cool stuff like regedit, gpedit, etc. And lets say any registry setting we do manage to save, through something like chntpw, gets reverted on boot/profile load to its original setting. Computer is on a domain system. And lets pretend creating a new windows admin user might be a little too invasive for a vigilant System admin ignore. What methodology would you guys use to permaset a reg setting?
  2. Could you post a link to that episode? I think I would like to watch it.
  3. Did You forget the United States or was that a given?
  4. Then they will install some kind of zero day root kit that can only be wiped with a new ROM.
  5. I am paranoid, but I don't think I have reached that level.
  6. I would also like to say, although this incident happened in the US customs I could easily see this happening at the customs border of certain countries such as Russia, china, Germany, etc. All of which have a technology readiness to implement data rape disguise as "inspections" . So while you may not have anything to hide, you can not hold accountable countries who may have nefarious intentions.
  7. Even if you are a US citizen you could be traveling to a country with the same data garbing policy. Need to be ready went the time comes and it WILL come.
  8. I was watching threat wire and look what they talked about. coincidence?
  9. hmm a burner phone might be a good idea, but sometimes I like to record like pictures and video and sometimes it adds up to 50gb or so. What do you think the most paranoid feasible way to make sure that data comes back with you? And for those who say "You should have nothing to hide", this should not apply if you are traveling across many boarders because you do not know what privacy laws they have if they have any at all. They could assume you give up all privacy by entering the country.
  10. I recently read an article about an employee who was detained in US customs and was asked to unlock his phone. The article specified that he was a US citizen. http://www.theverge.com/2017/2/12/14583124/nasa-sidd-bikkannavar-detained-cbp-phone-search-trump-travel-ban *Puts on paranoia hat* Now I run the possibility that homeland security/TSA/CIA/{Insert other federal agencies here} will attempt to gain easy access to rootkit my phone by simply demanding that I unlock my phone for them. I am sure agencies already have the capabilities of doing this in the US, but I can see the same thing could happen at the customs border of other counties as well. This made me wonder about the legal implications of evading this. For example let's say you are traveling to China, and at immigration they ask you to step aside for some more questions. They could ask me to unlock my phone or be detained for a few days, but what if my phone was already broken and would not turn on at that moment? I think its unlikely for any agency to say, "Well because your phone will not turn on we will detain for a few days just to make sure." I am sure there is a clause somewhere that says they can detain anyone for any reason but the point would be they cannot try and leverage unlimited access to your phone (any possibly most of your life) in exchange for a shorter detained time. So here are my thoughts on some ways one might make a phone temporary inaccessible on demand if and when they ask you to step aside. 1. Factory default your phone. Not sure I like this option because it would only prevent them from any personal info currently on the phone. It would not stop them from a possible rootkit. If it were me, I would wipe then through the phone away after they do whatever it is they want to do with it. 2. Remove and destroy battery (possibility the usb port as well). I am making the assumption that they agency you encounter does not have the means to forensically take apart and power your phone at the airport. I have never worked at a airport but I know there are a lot of phones out there and I find it unlikely they have the tools and parts to make any or majority of phone operations from a defunct state at an international airport. This obviously means you would need to replace the party you destroy but they cannot access a phone with no power. What are your thoughts? These are the solutions I was able to think of, I want to know if someone has come up with better solutions.
  • Create New...