Ever thought about adding docking stations recommendations?
If I were running a government doing massive surveillance, I would probably do it by selling cheap docking stations and routers or perhaps subsidizing companies in my country who do. Think about it, docking stations are basically a small computer that acts as a gateway for your Ethernet, mouse, and keyboard. Some have direct memory access. They’re also not subject to any monitoring software on your computer since they have their own computer. Lastly, I’d think hiding traffic from a router would be easy.
So maybe I’m wrong here, but it seems like the absolute most perfect man-in-the-middle attack.
Depends on the Notebook, but many notebooks (HP for example) require a docking station from brand for the model. So yeah … not all people are targeted by that.
routers
Like TP-Link?
But yeah that’s a good idea.
your Ethernet
Most things on the internet is already encrypted like HTTPS or SSH. And if they want to sniff on such connections the ISP would be enough. So I don’t see the point of that.
mouse, and keyboard
Mouse, keyboard, usb-sticks, monitors, yeah that could get interesting to snoop on.
So maybe I’m wrong here, but it seems like the absolute most perfect man-in-the-middle attack.
I would not say the perfect thing, but definitely something.
Yes, the Ethernet is encrypted, but a docking station could use the Ethernet to send your keystrokes, monitor, and/or memory contents. Doesn’t really matter if the Internet is encrypted if everything else flows through it. I leave the Internet disconnected in hopes it can’t phone home.
I’m using Anker. That’s probably a terrible idea given the Eufy hack. I find if very strange that they “accidentally” left a way in to see anyone’s camera just by entering the serial number.
Perhaps this is the tinfoil hat talking, but I’m willing to bet the CCP had a copy of those serial numbers…
When it comes down to hardware, I guess that you will never know 100%.
At the same time, I don’t see “build your own docking station” as a viable solution for everybody and for everything.
The unfortunate state of things unfortunately…
Buy an original docking station from the brand of the device that it design for your model in an official store. If than there is malware on the docking station, then you can’t even trust your device, since there might also be malware, and you need to switch the brands or make the TempleOS move.
Buy docking stations with open source firmware that is audited and where you can flash the firmware if you want.
Having something attached to my computer which can basically see every password I type with a readily available Internet connection is pretty significant.
I guess I just prefer proactively assessing openings before waiting until they’re known as a common vector.
I suppose the bigger topic here is hardware in general. I definitely have regrets about my Eufy security cameras.
Which is kinda the same to me: the firmware is the closest-to-the-hardware-software AFAIK.
Mostly contrasting with actual physical circuits/SMDs here.
You can flash some firmware on some piece of hardware yes, that won’t per-se isolate a potential mic/SoC calling home. Just like having GrapheneOS on a phone won’t be able to fully limit what a SIM is doing by itself.
Firmware is the actual system on the CPU. Mostly coded in C or Assembler. There no lower/deeper levels as that. If you control the Firmware you also control the hardware.
This is what I do call software.
The firmware is a kind of software.
And you can lower, but yeah nobody speaks in 011101010010101 nowadays.
Not sure about this one.
Also, I don’t know a fully open hardware PCB on which everything runs fully open. Risc V are quite sparse and the support is meh at best.
Okay, yeah its like every firmware is software, but not every software is firmware.
And you can lower, but yeah nobody speaks in 011101010010101 nowadays.
Not really, Assembler is nothing else than binary, just in human-readable form.
If you are on the firmware there is nothing lower, besides physical voltage manipulation.
Point is, you won’t have any kind of open-schematics RISC V FOSS docking station…ever IMO.
But a lot of things are not fully open on hardware + software side and that’s fine, let’s just try to limit what we can by decluttering the software at least.
AI vision is pretty intelligent. If people were to start taking photos of chips it could be a major liability to anyone creating nefarious hardware.
If you’re a company, and you thought the risk of doing something like that was very low, why not do it especially if a government gives you a little money under the table. However, if you thought AI might identify the microphone or extra ROM module, you might think twice.
And I do think at some point in time people will start taking photos of chips because there’s a lot of talk of trying to use AI to design chips. It makes sense to take pictures of chips and put them in the data set.
These sorts of things are always kind of a give and take war. But you can’t fight what you don’t know, and if people aren’t talking about hardware vulnerabilities and all of the hardware hacks, then there’s not a lot of incentive for the people doing it to change.
False positives with AI work both ways so I’m not sure it’s a very reliable way.
Moreover, not sure anybody will really care. On top of still being able to hide it with various means + only have some nefarious and not all.
Overall, no way to solve that kind of issue at scale.
We feel @privateuser is using this topic and these hypotheticals to spread unfounded and unsubstantiated claims rather than ask genuine questions. Therefore, this topic has been closed.
