CIA Hacking Notepad++

For everything that's not in any way related to PureBasic. General chat etc...
DarkDragon
Addict
Addict
Posts: 2218
Joined: Mon Jun 02, 2003 9:16 am
Location: Germany
Contact:

Re: CIA Hacking Notepad++

Post by DarkDragon »

Jan2004 wrote:On stackoverflow.com Notepad ++ is considered normally: questions, answers - as always. Nothing has changed.
http://stackoverflow.com/search?tab=new ... epad%2b%2b
Stackoverflow doesn't allow discussions. It is simple and straight: ask a polite and objective question, get a polite and objective answer. Also whoever is able to replace this DLL can also replace notepad++ and I really doubt that this makes sense in any way for usual hacking attacks. Normally you would monitor the accessed/changed files and transfer these globally, not via replacing just one program.
bye,
Daniel
User avatar
Keya
Addict
Addict
Posts: 1891
Joined: Thu Jun 04, 2015 7:10 am

Re: CIA Hacking Notepad++

Post by Keya »

i was just wondering about this and i think main advantage of replacing DLL instead of EXE is there wont be an alert about "Unknown Author" if it's not signed. Which makes me think it's probably a good thing for EXE's to manually check for themselves that the DLL's they're about to load are signed and signed by the correct company (themselves)? we could protect our apps from hijack then - they'd have to replace the EXE?
DarkDragon
Addict
Addict
Posts: 2218
Joined: Mon Jun 02, 2003 9:16 am
Location: Germany
Contact:

Re: CIA Hacking Notepad++

Post by DarkDragon »

Keya wrote:i was just wondering about this and i think main advantage of replacing DLL instead of EXE is there wont be an alert about "Unknown Author" if it's not signed. Which makes me think it's probably a good thing for EXE's to manually check for themselves that the DLL's they're about to load are signed and signed by the correct company (themselves)? we could protect our apps from hijack then - they'd have to replace the EXE?
Yes but why only hook into notepad++? I also think there is a way to disable the check easily if you are already on the system.
bye,
Daniel
User avatar
Keya
Addict
Addict
Posts: 1891
Joined: Thu Jun 04, 2015 7:10 am

Re: CIA Hacking Notepad++

Post by Keya »

Keya wrote:its hardware like routers and modems i don't trust!
and microwaves that turn into cameras
User avatar
tj1010
Enthusiast
Enthusiast
Posts: 623
Joined: Mon Feb 25, 2013 5:51 pm
Location: US or Estonia
Contact:

Re: CIA Hacking Notepad++

Post by tj1010 »

DarkDragon wrote:
Keya wrote:i was just wondering about this and i think main advantage of replacing DLL instead of EXE is there wont be an alert about "Unknown Author" if it's not signed. Which makes me think it's probably a good thing for EXE's to manually check for themselves that the DLL's they're about to load are signed and signed by the correct company (themselves)? we could protect our apps from hijack then - they'd have to replace the EXE?
Yes but why only hook into notepad++? I also think there is a way to disable the check easily if you are already on the system.
This is all frivolous discussion: Notepad++ devs aren't even remotely responsible for exploit mitigation or preventing rootkits and viruses.. Their response which was checking the signature was very charitable.. By the way devs of high-security stuff usually static link or load from resource-section and use obfuscation and signing at most. Userland utilities aren't responsible for host security..

By the way I like the -Signal can't be monitored on a jailbroken Android or IOS device- debate a lot better just because it's so obviously wrong.. If you can flash chip firmware and a new ROM I don't think manipulating userland sandboxes from kernel is going to be a problem.. Not sure how Signal became immune to technical fact but this is what's being pushed by a lot of anti-wikileaks media and figures.. FACT: You can memory scrape Signal defeating 100% of it's security from root on both Android and IOS.
The truth hurts.
Post Reply