Re: Win11 explorer bug?

Liste des GroupesRevenir à se design 
Sujet : Re: Win11 explorer bug?
De : invalid (at) *nospam* invalid.invalid (Edward Rawde)
Groupes : sci.electronics.design
Date : 13. Dec 2024, 00:36:15
Autres entêtes
Organisation : BWH Usenet Archive (https://usenet.blueworldhosting.com)
Message-ID : <vjfs1g$1iam$1@nnrp.usenet.blueworldhosting.com>
References : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
User-Agent : Microsoft Outlook Express 6.00.2900.5931
"Don Y" <blockedofcourse@foo.invalid> wrote in message news:vjfjul$2ufi0$1@dont-email.me...
On 12/12/2024 1:42 PM, Edward Rawde wrote:
"Don Y" <blockedofcourse@foo.invalid> wrote in message news:vjfg9k$2tnfq$1@dont-email.me...
On 12/12/2024 12:32 PM, Edward Rawde wrote:
Is there any reason the camera can't talk to a phone that is also
hosted by the customer's access point?
>
If you want to let the camera access a phone that is NOT "local",
then let the user subscribe to a DynDNS service -- provided by
any number of competing firms (even the manufacturer -- via a nice
clean OPEN interface).
>
Inbound is problematic for various reasons.
Do you want your cameras accepting inbound connections from anywhere in the world?
>
Vendors have no problem selling "hubs" as a prerequisite to talk to
their devices.  Why can't the hub implement a packet filter?
>
One reason is that the packet filtering would have to be configured specifically for local requirements.
This gets us back to the issue of most people not knowig a packet filter if they fell over it.
>
Most users have banal needs for a firewall.  If running Windows hosts,
then the filter in the host is even finer-grained than a filter in
an external firewall (as the host-based filter can be tailored
to specific applications).

The host based filter is worthless if the user is administrator (like most Windows users are) because malware can configure/disable
the firewall as it likes.

>
Use that as a selling point:  the hub can act to protect the
local network (for a fee!!) while their access point/router likely
has not been reliably configured for that purpose.
>
Ok they don't have access credentials but there's still a risk of an 0-day in a camera system which isn't going to get any more
firmware updates.
>
Simply putting the camera (or any device manufactured by someone who
may or may not be trustworthy) on your "internal network puts you
at risk.
>
E.g., I can open an outbound connection to hostile_actor.com and let
an external agent act as command-and-control, telling me (the camera)
what to do ON THE INTERNAL NETWORK.
>
I don't permit outbound connections to a long list of countries.
>
You're thinking two-dimensionally.  Your *neighbor*'s PC can be acting as
a C&C node for a foreign actor.  Just like the camera INSIDE your "perimeter
defenses" (WELCOMED in!) can act on behalf of some other agency.
>
IP filtering doesn't buy you any real protection.

It does if you watch the logs for anything unusual.
A connection to a neighbor IP address would be obvious to me and I'd likely block it to see if anything legitimate breaks.
Just like I watch who goes in and out of my house and who I give keys to.
Imagine owning a house where you can't tell who comes and goes or who has keys.
That's how it is for most people online and they aren't interested in knowing more, except perhaps briefly after the ransomware
cleanup.

>
I (the camera) can masquerade as any host INSIDE your network when I
want to deliver data to an external agent.  Because I can DYNAMICALLY
set my network stack to masquerade as any IP address on a packet-to-packet
basis.
>
And, I have a good idea what the range of valid IP addresses for your
internal network will be -- based on the address and netmask that you
assigned to *me* when I was installed (or, negotiated my DHCP lease).
Likewise, I can claim my MAC is anything that I want it to be!
>
If you happen to peruse the logs, there is nothing that tells you
over which "wire" the request came into your switch, AP, etc.  So,
you would have to eliminate devices until you stopped seeing "suspicious"
traffic.
>
All this assuming you are capable of doing so.
>
I can always whitelist if it does turn out that I need to connect to a server in one of those countries.
>
See above.
>
This traffic can be disguised to look innocuous.  E.g., resolving
"whatshouldIdo.hostile_actor.com" can deliver data to the camera that
can be augmented by then resolving "whatELSEshouldIdo.hostile_actor.com".
Results can be delivered to the external agency by resolving
"thepasswordisFOOBAR.hostile_actor.com", etc.
>
Or, open an HTTP connection to hostile_actor.com and anyone looking
through the logs (ha!) would just think a user visited a website of
with an oddly suspicious domain name.  (So, buy up yahooo.com,
goggle.com, etc.)
>
I would do this myself because I can use a firewall to restrict inbound as necessary and I can quickly add any IP or network
attempting brute force to a blacklist.
But most people have no interest in that.
>
Hence the value of a "hub".
>
I "hide" my file server behind a particular "knock sequence" that is
only known to folks who should need access to it.  Trying to probe
the IP address gets you no information -- it looks like there isn't
a machine AT that IP address.
>
I don't see any additional value in this provided the file server is restricted to specific IP addresses or networks and the
connection is secure.
>
Knowing that a server exists is information.  (esp if your AUP
prohibits them!  :> )  Knowing that there is <something> sitting
at an IP invites probes.

Knowing that there's a house there is information.
Or in the country I'm from, knowing that there's a castle there is information but if it's surrounded by a moat then good luck
getting in unseen.
Violation of the access protocol could get you an arrow or cannon ball up your somewhere in the past.

>
An address that never reacts to your actions is uninteresting.
And, unless you can snoop the actual traffic, you can't know that
the address is actually actively moving data!

In many cases you can infer. 1.2.3.0/24 and if you know 1.2.3.20 is active then the rest are likely doing someting potentially
interesting.

>
Once a connection is granted, there are no limits on what can be
transfered (set up a tunnel and all of those transactions are hidden)
>
Most people just want the pictures on their phone wherever they are and they may wrongly assume that it's impossible for the
pictures to be viewed by anyone other than themselves.
>
<https://www.shodan.io/search?query=camera>
>
Even if you can't (easily) access the video, the fact that someone has
INSTALLED a camera (five cameras??) has informational value.
>
A nearby store installed cameras not long ago.
The number if cameras (or what looked like there were cameras inside them) made it easy to conclude that they were fake.
>
Many parts of the US deliver "utilities" (phone, cable, power) via
overhead wiring:  "telephone poles".  There exist transformers
on these poles (at regular intervals) to step down the mains to
the 240V center tapped that feeds our homes.
>
Several decades ago, a "transformer" was installed on such a pole
(why was it SUDDENLY needed, there?) outside from a business that
sold "growing supplies" to folks who were suspected of being marijuana
growers.
>
The joke was that the transformer had NO wires (primary or secondary)
attached to it.  And, a large, rectangular region that resembled a
"window" -- on the side facing the business.
>
"Gee, wanna bet that's a (really poorly disguised) camera??"  :>

It must have been powered by something, even if everything else was wireless.

>
 



Date Sujet#  Auteur
9 Dec 24 * Win11 explorer bug?58john larkin
9 Dec 24 +* Re: Win11 explorer bug?50Martin Brown
9 Dec 24 i`* Re: Win11 explorer bug?49john larkin
10 Dec 24 i `* Re: Win11 explorer bug?48Martin Brown
10 Dec 24 i  `* Re: Win11 explorer bug?47john larkin
10 Dec 24 i   `* Re: Win11 explorer bug?46Martin Brown
10 Dec 24 i    `* Re: Win11 explorer bug?45john larkin
10 Dec 24 i     `* Re: Win11 explorer bug?44Martin Brown
10 Dec 24 i      `* Re: Win11 explorer bug?43john larkin
10 Dec 24 i       `* Re: Win11 explorer bug?42Martin Brown
11 Dec 24 i        `* Re: Win11 explorer bug?41john larkin
11 Dec 24 i         `* Re: Win11 explorer bug?40Martin Brown
11 Dec 24 i          +- Re: Win11 explorer bug?1Don Y
11 Dec 24 i          `* Re: Win11 explorer bug?38john larkin
12 Dec 24 i           `* Re: Win11 explorer bug?37Martin Brown
12 Dec 24 i            +* Re: Win11 explorer bug?35Don Y
12 Dec 24 i            i+* Re: Win11 explorer bug?26Carlos E.R.
12 Dec 24 i            ii`* Re: Win11 explorer bug?25Don Y
12 Dec 24 i            ii +* Re: Win11 explorer bug?2Carlos E.R.
12 Dec 24 i            ii i`- Re: Win11 explorer bug?1Don Y
12 Dec 24 i            ii +* Re: Win11 explorer bug?10Edward Rawde
12 Dec 24 i            ii i`* Re: Win11 explorer bug?9Don Y
12 Dec 24 i            ii i `* Re: Win11 explorer bug?8Edward Rawde
12 Dec 24 i            ii i  `* Re: Win11 explorer bug?7Don Y
12 Dec 24 i            ii i   `* Re: Win11 explorer bug?6Edward Rawde
12 Dec 24 i            ii i    `* Re: Win11 explorer bug?5Don Y
13 Dec 24 i            ii i     `* Re: Win11 explorer bug?4Edward Rawde
13 Dec 24 i            ii i      `* Re: Win11 explorer bug?3Don Y
13 Dec 24 i            ii i       `* Re: Win11 explorer bug?2Edward Rawde
13 Dec 24 i            ii i        `- Re: Win11 explorer bug?1Don Y
12 Dec 24 i            ii `* Re: Win11 explorer bug?12Jeroen Belleman
12 Dec 24 i            ii  `* Re: Win11 explorer bug?11Carlos E.R.
12 Dec 24 i            ii   `* Re: Win11 explorer bug?10Joe Gwinn
12 Dec 24 i            ii    +- Re: Win11 explorer bug?1Carlos E.R.
12 Dec 24 i            ii    `* Re: Win11 explorer bug?8Don Y
12 Dec 24 i            ii     +- Re: Win11 explorer bug?1Don Y
13 Dec 24 i            ii     `* Re: Win11 explorer bug?6Edward Rawde
13 Dec 24 i            ii      `* Re: Win11 explorer bug?5Don Y
13 Dec 24 i            ii       `* Re: Win11 explorer bug?4Edward Rawde
13 Dec 24 i            ii        `* Re: Win11 explorer bug?3Don Y
13 Dec 24 i            ii         +- Re: Win11 explorer bug?1Edward Rawde
13 Dec 24 i            ii         `- Re: Win11 explorer bug?1Edward Rawde
12 Dec 24 i            i`* Re: Win11 explorer bug?8john larkin
12 Dec 24 i            i +* Re: Win11 explorer bug?3Carlos E.R.
12 Dec 24 i            i i+- Re: Win11 explorer bug?1Don Y
13 Dec 24 i            i i`- Re: Win11 explorer bug?1Joe Gwinn
13 Dec 24 i            i `* Re: Win11 explorer bug?4Martin Brown
13 Dec 24 i            i  `* Re: Win11 explorer bug?3Don Y
13 Dec 24 i            i   `* Re: Win11 explorer bug?2john larkin
13 Dec 24 i            i    `- Re: Win11 explorer bug?1john larkin
12 Dec 24 i            `- Re: Win11 explorer bug?1john larkin
9 Dec 24 +* Re: Win11 explorer bug?3Joe Gwinn
9 Dec 24 i`* Re: Win11 explorer bug?2john larkin
9 Dec 24 i `- Re: Win11 explorer bug?1Joe Gwinn
9 Dec 24 +- Re: Win11 explorer bug?1Edward Rawde
9 Dec 24 `* Re: Win11 explorer bug?3Martin Rid
9 Dec 24  `* Re: Win11 explorer bug?2Jeroen Belleman
11 Dec 24   `- Re: Win11 explorer bug?1Carlos E.R.

Haut de la page

Les messages affichés proviennent d'usenet.

NewsPortal