Hmmmm The Do Not Call List

Originally posted by Lorn
"they can't scan unless they have the proper premision.." crap, that's all it is is crap.

If you are running exploitable software which allows remote hosts to view your hard drive, then yes its possible. But that is very unlikely to be true, much less that the government would be actually trying to break into someone's computer.

First of all, thank you Shoktek, I feel like I'm the last one picked in the pick-up game in grade school again. Exploitible software you say, to the point in all honesty any softwares exploitible nothing fullproof. Where there's a will there's a way. Hackers expliot these programs all the time or else we wouldn't have secuirity updates and anti-virius software. Don't get me wrong, I seriously in all fullness, believe that they were not scanning his HDD but yet I just want it to get the point across there are malicious scanners out there and yes they do exactly what you say they can't, access with out permission and search. But those are not usually assciated with just popping into a site like that one at hand but the government does do this. Now if they've usued the technology offensively I don't know but it is in use defensively in their servers and such cause once a hacker gets in and that link is opened, you've given all the permission it needs. But yeah there there. btw thanks for actually involving me lol

Ok I suppose all software is exploitable once an exploit is found...but do you really think it is practical for the government to sit around looking for exploits in software you may be running to get in? And you cant get remote access to a host without the host computer running some sort of service granting remote login. You can try to make connections to the computer, and find out some information, but there are no programs out there allowing you to simply punch in an IP address and have someone's hard drive for viewing on your computer.

(CNN) -- A cryptography expert says that Microsoft operating systems include a back door that allows the National Security Agency to enter systems using one of the operating system versions.

The chief scientist at an Internet security company reported the flaw at a recent conference in Santa Barbara where he discussed a "key" entrance into the cryptographic standard used in Microsoft Windows products. That includes Windows 95, Windows 98, Windows NT4 and Windows2000.

"It turns out that there are really two keys used by Windows; the first belongs to Microsoft, and it allows them to securely load (the cryptography services)," said Andrew Fernandes in a press release. Fernandes works for Cryptonym, a company based in Ontario.

The press release states "the second belongs to the NSA. That means that the NSA can also securely load (the services) on your machine, and without your authorization."

www.cnn.com...

Everythings exploitible but yet just cause a program starts it up doesn't mean it's accessing you computer through a program. They could come in on a free or accessible port or just link the signal through your IP drop something in there maybe a recall (sorta like a dialler but not the same and don't say trojan) in there no more than 3kb in size in a matter of sec they've linked in got there foot int the door and that's all you need and that's happened in less than 3 sec most counting the setup signal then it's just a hayday on you system and creating an archive of what's on there in a text doc no more than 5kb mayber another 2-4 sec if it goes with the registry then the package ships back the client program stays in and undisclosed area that the average user will never find nor look and within 6-8 sec you intire system and data are compromised. BAM.

See NSA is government and they can walk in when ever they please you said it yourself.

You can't just gain access to computers on "free or accessible port"(s), it doesn't work that way. You can connect, but you won't be able to do anything or else the connection will be terminated. I would love to see a link backing any of these methods you are talking about..

I find info on what you want but even yet if you know anything about hacks and for that computers, most of this is basic process. Ok if you've ever incounter anything along the line of a malicous virous or code, trojan, dailer all of these programs keep the descreteness by only being around 3-5 k (this also means, yes, they could shoot through your safety net before it's noticed) and you see how much those can for lack of a better term 'rewire' your configs. Once that's done those permissions are changed and the program has access that's what it does. The follow through obvously is to use you address to send back what it wants, the layout or dir tree which is created by the program via text document which can be 3-5 kb and that's sent back. See how processors are up and above the 3 Ghz level now and we operate in nano sec this is a very abropt and fast happening and you probably wouldn't know the diff from that to that of a TSR. So...

I still don't get how you say this malicious code/program would just be sent through some random open port and magically executed by the host computer...

You say your A+ certified and that your a network admin and all of that and that why I fail to understand the lacking of where your lost. An autoexe file auto runs when you put the cd in or when the correct enviroment comes to just cause it's not called a fancy generic name doesn't me it doesn't work like and evil twin. You playing innocencent, that's what there designed to do.

by the way there's nothing magic about it it's just 1's and 0's. Merlin's not the governments Security Admin.

Originally posted by Lorn
You say your A+ certified and that your a network admin and all of that

No, didn't say I was either of those...but I do know that what you are talking about is impossible.

So let's see where points differ, what's wrong with what I'm saying? Do you not believe ports are accessible, that there are not programs designed to access these ports and exploit them or that there are not programs that do what I've described, or maybe is it just the fact you're being a little nieve? Seriously, be specific I'm just a bit curious as to where this is slipping off for you.

Originally posted by Lorn
this also means, yes, they could shoot through your safety net before it's noticed

You're wrong buddy. For one, they could range from probably 5-10k AT MINIMUM unless they are some kind of tracker that simply reports what URL's you have visited. A simple program with 1 button on it is like 15-20k alone. These dialers and such have a lot of coding to them. Also, they don't just slip past your "safety" because of their filesize. The "safety" monitors connections, not specific programs. Ports can't be altered to allow services through if something is stopping them (stopping them, meaining if the "safety" has the capability to stop the whatever it may be).

Edit: Back on topic... All that Peer Guardian does is identify IP's moreless, probably by a whois or from a database. If the government wanted to scan our hard drives (for what reason besides something that is actually worth it), they would more than likely hire some top hackers that will go undetected, whom won't use trojans, viruses, or any of that. Probably some hacker they have caught trying to break into their systems, so they figure hey, do this and we'll let you off the line.

[Edited on 8-2-2004 by pyxsul]