-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Matt Marooney wrote:
| Thanks for the feedback Valdis!
|
| I've been doing some reading about custom BIOS chips that include
| security programs, so that may not be the way I want to go...
|
| I definatly want the program to behave like spyware, but not show up on
| scanners! :)
|
| The intent of the BIOS portion of the program was just to have a small
| bit of code that checked for the existence of the main monitoring
| program on the disk, and if it was not there, reload it somehow.
This is hardly possible or even considerable non-spyware-big-brother.
As said before, the BIOS code runs before OS booting starts. It is very
very dumb and simple code. sometimes it can't even correctly detect hard drives.
Putting in code that:
1. looks for a valid hard drive
2. looks for a known filesystem on the drive (ntfs, fat32, etc)
3. scans in the filesystem for some files (which may just be renamed files)
4. if there are any more hard drives, go back to step 1.
5. reload the program... I don't even know how to start explaining why this
is very hard/impossible.
In reality, this is IMPOSSIBLE to do with bios code. not mentioning as said
before,
the different hw and bios codes (either sane or not).
Although your intentions may be honest, your program is the exact description
of a hard-to-remove spyware bigbrother intrusive tool. a.k.a. spyware, virus
etc. even if you don't want, such a tool would soon be hunted down by anti-virus
and anti-spyware software because of it's nature.
If the people you refer are willing to cooperate, there are a lot of other
solutions on the web that can limit web browsing, like child control software.
The simple task to "monitor" multi-protocol traffic and your definition of
"thin client app" are completely contradictory. to scan traffic is a heavy
process because the OS must look at each TCP or UDP or other packets to
decide upon them.
Finally, not considering other operating systems or boot cds and such tools and
considering people are too dumb to know "bios", "other-os-other-than-windows",
etc sounds just too naive.
regards,
pedro venda.
- --
Pedro João Lopes Venda
email: pjvenda < at > arrakis.dhis.org
http://arrakis.dhis.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCJ5TFeRy7HWZxjWERAsIwAKDBSx8NYcLqnZp2CT5PbNZrWA7JtACeJAOF
yeFe14aXtMfbp/oA6c9cWTY=
=kdrl
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
