Almalieque wrote:
That's only if you consider "efficient" as being dumb.
Something can be both efficient *and* dumb.
Quote:
Now provide me real life scenarios where this is CURRENTLY a need where it would be worth the resources to create. That's the logic part you're not grasping.
Huh? You've never seen those coin collection machines that you dump a bunch of loose coins into, it sorts them, calculates how much money it adds up to, and then spits out that money (with a fee subtracted) in the form of paper currency? That's a real world example where someone found value in creating a machine that can count coins far faster than a human could by hand. WTF?
Same deal here. It takes a ton of time for a human to rummage through someone's data (much less a large number of people's data) to look for patterns that might indicate some criminal or terrorist activity. Thus, prior to the arrival of very large very fast datastorage, it was infeasible to collect vast amounts of data and try to look through it for such patterns. Intelligence agencies did do what you are saying: They start with suspects and leads and clues, and then follow them to wherever they lead. Today? They can just dump massive amounts of data into a database and then do arbitrary searches on that data after the fact. Because it's now efficient and fast to do it that way.
I've explained this several times. Are you actually just flat out denying that the technology exists to do this? Or are you arguing that it does, but for some strange reason, no one would bother to use it? To follow the analogy, someone has already invented a machine you can dump a bucket of coins into and count it for you, but we continue to do it by hand anyway? That's... dumb.
Quote:
Gbaji wrote:
And despite you claims, that's exactly how it would be done. I get that you don't actually understand the technology. And that's fine. But please, for the love of all that is holy, stop making claims about how a hypothetical attempt to obtain mass private information by the government might be done.
Again, according to the logic that you have provided, we should never give anyone any power ever, because those people will abuse it and society will be unable to do anything about it. That is literally your argument. "Don't use banks because the CEOs will run off with your money and buy mansions". "Better not get Internet, because the ISP will steal all of your information". "Better not use cloud service, because the provider will steal and sell your information".
I honestly have no clue why you think that is a response to what I wrote. I'm talking about how mass data collection would be performed and you respond with... a screed about whether people will abuse power? Did you just quote the wrong statement? I'm not seeing the connection.
Quote:
If this is what you do for a living, then you must understand that PEOPLE are involved. So, quit acting like a person wouldn't be involved in an automated scenario.
Yes. I'm one of those people. One of the things I do is write automation scripts for a whole host of different things. And yes, there's a process involved. For those of us who are actually involved in developing said processes, we first figure out all the steps needed to accomplish some task. We document those steps. We follow those steps again (repeating said process until complete) until we know it works every time. Then we automate the steps in code. Then we hand it to someone to use, so that they don't have to take 500 steps to do something, but can just type one command (or click one button, plug it into some automated trigger based service, etc).
You're asking me what "command" I use to do that. Which is like asking an engineer what tool he uses to build a car. It's... nonsense.
Quote:
Yes, the command. I can present a command that will scan the entire subnets. It's one sentence. I'm asking you to logically speak what type of command (commands) would you use to get this done. What would you scan? What would be your parameters? I'm curious to know what type of scan would present you results in a timely fashion and go unnoticed. When I scan my VMware, my actual PC picks up the IP and blocks it.
Why the heck did you trim out the rest of that paragraph where I listed off like 5 different commands that are used to collect different types of information on a network? I honestly have no clue what you are asking for here because I don't know what operating system you're using, or what level of experience you have using it and thus what "command" you might be thinking of. I'm not going to play 20 questions here. For all I know, you're waiting for me to say "ping".
And I'll point out (again) that a hacker is not going to use standard tools and commands (well, a good one wont). He's going to piggy back his hacks on other normal looking network traffic. So a standard http query that looks all normal and whatnot, will contain some extra code that'll do something else. Or what looks like a dhcp broadcast is really a cover for a subnet scan. There's as many different ways to do this as there are packet types. I already mentioned a simple way to listen into a subnet for broadcast traffic (which is sufficient to find most if not all systems on your subnet, even if they have a complete firewall in place, since it merely waits for the system to do a broadcast routing request). There are a host of other more obvious and invasive tools as well.
And I also told you an easy way to get, not just every single ip address on a subnet, but the mac addresses of every system as well (pinging the broadcast address and grabbing the arp table). Useful if, for example, you've turned on a device that uses dhcp to grab an IP, but that has no local interface (like, say ancient jet direct cards you'd attach to a serial printer to turn it into a lan printer). You scan the subnet for mac addresses that match the vendor code for the device (first 3 hex pairs usually work), and can usually find it (assuming in this case, you don't have too many lan printers on one subnet).
I'll repeat that I've probably forgotten more network tricks than you will ever know. I'm not even getting into things like editing TCP packets to modify their behavior. Or just changing datagram sizes to allow for arbitrarily large packets (which may overrun your subnet MTU size, which can do some "interesting" things). Or tricking routers into breaking up packets into different sizes to change header start points (often in conjunction with other tricks). There's a ton of ways to do things on IP based network, and many more ways to disguise what you are doing (and a bunch that put out big glaring alarms as well).
Scanning your VMWare? Really?
Edited, Jul 19th 2016 7:53pm by gbaji