uncommon
-
Posts
11 -
Joined
-
Last visited
Posts posted by uncommon
-
-
Lets say we have a win 7 computer with non-admin access. There is a particular registry setting we want change. And we dont have permissions to any cool stuff like regedit, gpedit, etc. And lets say any registry setting we do manage to save, through something like chntpw, gets reverted on boot/profile load to its original setting. Computer is on a domain system. And lets pretend creating a new windows admin user might be a little too invasive for a vigilant System admin ignore.
What methodology would you guys use to permaset a reg setting?
-
10 hours ago, Spoonish said:
On last weeks security now, the anouncer guy was this younger heavy set hispanic/simoan looking guy, younger who was wearing the Catholic Priest collar. I guess he's the normal on a seperate TWIT podcast (I watch the podcast because my 3yr old daughter asks about watching the TV and I respond with sing/hum 'Security now..' and she quickly breaks down, 'I can't want to watch Steve Gibsons..').
He mentioned that he uses a burner and recently came back into the country and he was scruitinized for not having the fingerprint scanner enabled and apps like Onedrive and google drive setup on the phone already.
Could you post a link to that episode? I think I would like to watch it.
-
5 hours ago, Lord_KamOS said:
China, North-Korea, Russia (list of dictatorships) ?
Did You forget the United States or was that a given?
-
3 hours ago, haze1434 said:
I think you're misunderstanding how they check your phone/laptop at the airport.
Generally, they won't just boot it up and look around it using a GUI. They'll plug it in to a computer that will pull all of the data from it, including files located in 'another launcher'.
Having multiple launchers will not hide the data.
Then they will install some kind of zero day root kit that can only be wiped with a new ROM.
-
7 minutes ago, graceinc said:
Do you think they wont be having any members out here to find all the possibilities.
I am paranoid, but I don't think I have reached that level.
-
54 minutes ago, TheCape said:
I've never had someone ask to see my phone or laptop when going through customs, maybe I don't travel enough to have run into it. I also don't agree with the "if you have nothing to hide" mentality, granted, I don't have anything to hide, but I'm not fond of the idea of people poking into my personal life without good reason other than "we can".
I would also like to say, although this incident happened in the US customs I could easily see this happening at the customs border of certain countries such as Russia, china, Germany, etc. All of which have a technology readiness to implement data rape disguise as "inspections" . So while you may not have anything to hide, you can not hold accountable countries who may have nefarious intentions.
-
1 hour ago, Rkiver said:
Which of course does not apply to anyone who is not a US citizen.
Even if you are a US citizen you could be traveling to a country with the same data garbing policy. Need to be ready went the time comes and it WILL come.
-
I was watching threat wire and look what they talked about.
coincidence?
-
16 minutes ago, Rkiver said:
I have a burner phone.
Before leaving for wherever I go, I not just factory reset it, I load a new rom.
Then they can have it all they want, nothing is on it. Get into the country, factory reset and flash a new rom again (hey let's be paranoid!) and then put in a nice new prepay simcard.
Leaving, factory reset and flash again.
Laborious? Sure. "Oh if you've nothing to hide you've nothing to worry about". Well screw you, I live in a country with privacy laws thank you.
hmm a burner phone might be a good idea, but sometimes I like to record like pictures and video and sometimes it adds up to 50gb or so. What do you think the most paranoid feasible way to make sure that data comes back with you?
And for those who say "You should have nothing to hide", this should not apply if you are traveling across many boarders because you do not know what privacy laws they have if they have any at all. They could assume you give up all privacy by entering the country.
-
I recently read an article about an employee who was detained in US customs and was asked to unlock his phone. The article specified that he was a US citizen.
*Puts on paranoia hat*
Now I run the possibility that homeland security/TSA/CIA/{Insert other federal agencies here} will attempt to gain easy access to rootkit my phone by simply demanding that I unlock my phone for them. I am sure agencies already have the capabilities of doing this in the US, but I can see the same thing could happen at the customs border of other counties as well.
This made me wonder about the legal implications of evading this. For example let's say you are traveling to China, and at immigration they ask you to step aside for some more questions. They could ask me to unlock my phone or be detained for a few days, but what if my phone was already broken and would not turn on at that moment? I think its unlikely for any agency to say, "Well because your phone will not turn on we will detain for a few days just to make sure." I am sure there is a clause somewhere that says they can detain anyone for any reason but the point would be they cannot try and leverage unlimited access to your phone (any possibly most of your life) in exchange for a shorter detained time.
So here are my thoughts on some ways one might make a phone temporary inaccessible on demand if and when they ask you to step aside.
1. Factory default your phone. Not sure I like this option because it would only prevent them from any personal info currently on the phone. It would not stop them from a possible rootkit. If it were me, I would wipe then through the phone away after they do whatever it is they want to do with it.
2. Remove and destroy battery (possibility the usb port as well). I am making the assumption that they agency you encounter does not have the means to forensically take apart and power your phone at the airport. I have never worked at a airport but I know there are a lot of phones out there and I find it unlikely they have the tools and parts to make any or majority of phone operations from a defunct state at an international airport. This obviously means you would need to replace the party you destroy but they cannot access a phone with no power.
What are your thoughts? These are the solutions I was able to think of, I want to know if someone has come up with better solutions.
Need ideas for setting win registry
in Questions
Posted
Its not public PC, its all theory