Very true, and I'm sure that I am not going to be able to keep people
from getting around it, I just want to make it really really hard.
Obviously, if the person is smart enough to boot to a different OS,
setup their internet connection on that OS, and browse, then they are
not going to be using this product in the first place!
I want this software to help people who want help, to keep them honest,
and unaware that their system is monitoring activity.
Most of the other services out there are very "in-your-face" or they
only monitor one type of traffic. The BIOS requirement was to keep the
users using the system. If they take the machine in to BestBuy to get
it serviced, and the tech wipes or replaces the hard drive, the poor guy
doesn't remember to reload the monitoring software.
I'm open to other suggestions, I just want to make it next to impossible
to delete (without the admin password, of course), and invisble to
operate.
Thanks for the comments!
-- Matt
-----Original Message-----
From: Paul J. Morris [mailto:mole@acnatsci.org]
Sent: Thursday, March 03, 2005 8:46 PM
To: matt@dynamicanswers.com
Subject: Re: [Full-Disclosure] Bios programming...
Matt,
Don't know much about working that close to the bios, but a couple of
potential means of circumvention immediately come to mind:
1) booting from cd, in particular booting with a different operating
system from the one you wrote the monitoring code for, as in booting
from a knoppix distribution.
2) browsing the web through a secure anonymous proxy (such as guardster)
-Paul
On Thu, 3 Mar 2005 13:44:39 -0500
"Matt Marooney" <matt@dynamicanswers.com> wrote:
I am trying to write a program to help people who are addicted to
internet pornography. This application would be tied into an online
service where someone could sign up for monitoring, and download a
thin client app. The application would run in the background of the
person's computer, and upload the person's internet activity to the
website. The service would then email this activity report to
designated recipients. I have most of the knowledge to create this
service, but I need to know how to do a couple things:
1. I would like the program to be "un-installable". I've heard of a
couple of hardware security tracking services that can load a very
small setup package in the CMOS and if a computer is stolen, and the
hard drive is replaced, the app reloads itself and the next time the
computer is on the internet, it sends out a beacon. Does anyone have
any insight about how to do something like this? I want the CMOS
program to run on boot, and check to see if the monitoring software is
still installed. If it is not, the boot process reloads it.
2. obviously, the program does not need to be very large, so I want it
to run in the background and not be visible to the computer's user.
This is easy, I know, but I want the process to be completely
invisible.(even to super-geeks)
3. I would like to figure out a way to monitor traffic for multiple
protocols (HTTP, FTP, File Sharing, Chat, etc.) . I'm wondering if
there is a way to figure out "bad" requests on a packet level.
I really appreciate any help with these questions! Thank you all,
-- Matt
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
