CIAnigger Trojan Detection

In light of the recent CIAnigger leaks, I was thinking about how it might be possible to check if you're compromised.

One thought that I had is that we have an application that takes a SHA256 hash of every .so and executable file on the OS.

This is then checked against a database that contains distribution specific SHA256 hashes to see if the files match.

Would something like this be feasible? This check could be run once a day or whatever.

Anything that doesn't match could be flagged as suspicious.

Other urls found in this thread:

8ch.net/pol/res/9442649.html#q9456917
twitter.com/AnonBabble

I'm no virus expert, but, I can consider the following idea to foil your plan if I was a virus maker. This presupposes your machine is infected: have the virus be made of two active components A and B. Both have some field in memory designated and randA and randB, respectively. This files can constantly communicate to tell each other to generate a new random value in the given field, thus the file is always changing SHA (or, at least, often enough that you can't compile any reasonable database).

jsut assume you're compromised

The idea is that you're checking against your Distro's SHA256 file hashes. What it would essentially signify if that you're not running the .so or executable that your distro provides you with (thus the file was either installed by you or is otherwise suspicious).

To foil this, I imagine the Trojan could be rigged to give a false matching SHA256 hash for the infected file.

But, perhaps a Live USB stick could be booted to run this check?

Not saying that it'd still be flawless, but I imagine a firmware implant would be needed to corrupt the booted USB stick?

Also, I was meant to post this on Holla Forums.

Apologies for the mistake.

1. Uninstall Windows, go full linux (not ubuntu).
2. Stop caring about kiddie video games.
3. If intel user - switch to AMD as soon as possible.
4. Don't use chrome or Wine.

And you will be safe.

You mean like rpm -V?

linux.die.net/man/8/rpm

I can barely get ubuntu to run on my computer and I still get a bunch of errors on startup. There's no way I could get anything else to even work with this hardware. Driver support for anything other than Fedora or Ubuntu is literally nonexistent for the majority of hardware.

Try Mint. At least it doesn't send your data to third parties. Fedora is alright too.
Also all drivers are available through terminal executable repository packages for almost all hardware in existence, if you get good with linux you won't have problems with them.

bump

Debian or nothing.

I was just on /g/ and those neets seem convinced that most linux distros and all the non user made OSs are compromised.

How old is your PC? Try Lubuntu or xubuntu.

I've heard Mints creator is a bad goy.

I tried Fedora since I've used it before but it had tons of errors with the graphics card. Never tried Linux Mint since I thought of it as too casual but if I'm stuck using Ubuntu atm I might as well try.


What is worth using about Debian?


It's brand new, got it a few months ago. It has good hardware, Linux just sucks balls at utilizing it. Steam games run at a fraction of the performance they get on windows on the same hardware (I keep windows around since I need CAD software for uni but rarely boot into it).

Another thing that's annoying is that I can't get KDE to work on this computer either. I used to have a slick KDE setup a few computers ago and Gnome just looks clunky to me. Polite sage for doublepost.

He told israelis to uninstall his OS if they supported camel jockeys oppression.

Congratulations, you just re-invented late-80s era antivirus software.

Poorly, I should add.

Application name is “Tripwire”

en.wikipedia.org/wiki/Open_Source_Tripwire

Do you have any electronics whatsoever? You're compromised.

This is now a CIA Wishlist thread. Please let the CIA know what you'd like for your birthday in this thread. And CIA, no trying to get out of it by saying you don't know our birthdays, because we know that's bullshit. You probably know what our first wet dreams were about at this point.
Angela Landsbury from Murder, She Wrote in a witch Halloween costume
No, I have no idea why

My birthday wish:
For you guys to increase your efforts to stop muslims and jews in the planning stages of their operations instead of devoting all your time to creeping on the autistic and trying to pull down a duly-elected president.

Also, I'd like a pony.

This really, all muh tools are nicely packed almost all of them.

But…. systemd and pulseaudio

I finally grew out of games around age 29, now a little older still I'm almost ready to grow out of windows

This is just the old, leaked shit.
8ch.net/pol/res/9442649.html#q9456917

Practically wasting your time when almost any hardware you use is backdoored. Anything truly sensitive you want to keep is compromised.
Normie chat yeah whatever it's lost in the information soup mostly but if you're a political dissident or leaking shit anything electronic is accessible and will be. fin.

TLDR: everything you do no matter what can be compromised electronically. Legal protection aka sovereignty is the only solution.

Seems good. I second this wish.

Fun fact:

Legal precedence was set 2 years ago by a Federal court that you can only sue a government agency for spying on you, if you can prove that they were spying on you.

If OP figures out a method for detecting CIA compromised files, then anyone who uses it and gets a positive result has actual federally defined legal standing to sue the CIA for violation of constitutional rights

Pic related: It's what happens when we give OP method to niggers and trick them into thinking that they'll be getting some dope #CIABUX

...

...

or tripwire, or mtree. OP is a bundle of sticks. If you haven't done that on a clean install, it isn't really going to do you any good now. If you think your box has been broken into, do a fresh install… but they also install firmware shit, so basically you're fucked if they have already targeted you. Brand new shit that is known not to have been vulnerable to anything they released is the only way to go.

...

What's the best form of Linux? Let's say I'm just a regular Windows 7 user and all I do with my computer is do basic MS Office homework, browse the internet and download a few torrents, and I don't want to spend a lot of time on the transition process and I don't want to have a lot of headaches trying to run the new operating system on an old computer. What the best replacement?

Ubuntu -> Debian -> Arch -> Gentoo

I think we're mainly talking about things being remotely compromised with a few clicks or with government agency malware. If you're the target of a police investigation then it's a different story because they can hide microphones in your apartment and do things like that but I don't think OP had that in mind when he started the thread.

What? install Ubuntu then install Debian then install Arch then install Gentoo?

YOU HAVE TO GO BACK NOW

OP here. This was meant to be a Holla Forums thread, but posted it in Holla Forums accidentally.

Thread got off-topic quickly with a lot of demoralization tacts (some deliberate, others probably unintentional).

The idea of this IS NOT to prevent compromise, it is to detect it. If your .so and executables on a Linux install do not match those supplied by your distribution, it suggest that either:
a) You've tampered yourself
b) Someone else has tampered

I can't see an easy method of CIAnigger mitigation if this would be run from a Live USB stick.

In Debian Repo's, for example, I believe the SHA256 hashes are readily available in the repo dirs. This might be for the packaged files, however, which would moot (cuck) the convenience of this plan.

If we were to build a SHA256 file list of Repo provided files though and detect which have changed on our host OS, it would give a good indicator of whether or not you're compromised.