In fact, it's even easier than ever!
https://www.youtube.com/watch?v=X6R8cveFz74
#ITsec #InfoSec #OpSec #ComSec #AirGapping #AirGap #hacking #USB #malware #BadUSB
#AirGapping
And yes, #hacking #AirGapped systems isn't impossible...
https://www.youtube.com/watch?v=44N1Gsrkywg
#ITsec #InfoSec #OpSec #ComSec #AirGapping #AirGap #hacking #USB #malware #BadUSB
Mattermost Overview + Air Gapping
@NebulaTide @Sascha wer #GAFAM-Dienste nutzt hat wegen #CloudAct ohnehin keine #Privatsphäre, daher ist ein bricking schlechter Software IMHO kein ernsthaftes Problem.
- Wer staatliche Angreifer mitsamt #Diebstahl von Geräten und #Hardwareangriffe|n als Gefahrenmodell hat, hat sowieso kein #Mobiltelefon zu nutzen bzw. muss eh auf #airgapping, #MeatProxies, #DataMules und #OfflineComputing setzen...
https://www.youtube.com/watch?v=mZoWksRnJac
Aber das dürfte auf die wenigsten Leute zutreffen...
El lado del mal - Air Gapping Comms para Robots "Malignos" https://www.elladodelmal.com/2025/03/air-gapping-comms-para-robots-malignos.html #AirGapping #Tempest #Esteganografía #Cifrado #Robots #criptografía #hardware #makers #IA #AI #GenAI #LLMs #InteligenciaArtificial
@Chiquidrakula @COSAntiFascists @iris @Em0nM4stodon @cryptoparty@mastodon.earth @cryptoparty@chaos.social
Now if you don't trust @monocles nor @protonprivacy (which IMHO is fair and correct!) and you can't use @thunderbird or something because you have no private computer with internet access [i.e. only a work-issued laptop you can't use for anything non-work - related] and you can't just boot into @tails_live / @tails / #Tails or a portable #Linux #Desktop distro at all then the real "#GalaxyBrainChair" - level "#BigThink" you can do is go the "#OfflinePGP" route and thus encrypt & decrypt your messages on a different device entirely.
- The main problem may be that you'd then have to get that to the machine from which you can send it, which as we all know from the #MattKC video means you gotta "keep it brief" [as in 2.944 bytes short] if you want to do the webcam & screen method of #airgapping...
I just didn't have time to get the "Airgapped Transfer Protocol" done, but setting the *"Barcode Scanner" App into bulk mode makes it less tedious to import stuff to an Android device...
THIS is NOT how #AirGapping works, you dipshits!
This story is from 2017. But how many #CriticalInfrastructure systems and #NuclearPowerPlants still use outdated software that's vulnerable to #Malware attacks!
Windows 95, 98 And XP Still Power Much Of The Pentagon’s Critical Infrastructure
by Brittany Goetting — Saturday, April 29, 2017, 05:28 PM EDT
"Microsoft ended support for #WindowsXP in 2014, but the Pentagon currently pays Microsoft to continue providing support for the outdated OS. The majority of the computers equipped with Windows XP or older are thankfully not connected to the internet. The computers are nevertheless vulnerable to cyber attacks, especially if they are connected to other computers with internet access.
"Haegley is currently working on transitioning all the devices to Windows 10 and pushing for an extension of their bug bounty program. Last spring the Department of Defense released a list 138 vulnerabilities and offered roughly $150,000 USD to bug bounty hunters. Haegley hopes that senior staff within the Pentagon will be supportive of the program. He noted, 'The best and brightest could help us get through that'.
"As of last spring, the Department of Defense still uses Compass. This system is a command and control system that is used for deliberate and crisis action planning, strategic mobility analysis, and mobilization and deployment movement execution. It runs on a #Windows2008 Server and is programmed in Java. It also uses a 2009 Oracle 11g database. The United States nuclear force still runs on IBM Series/1 computers and uses #FloppyDisks designed in the 1970's to coordinate some of its functions. These operational functions include intercontinental ballistic missiles [#ICBMs], #nuclear bombers, and tanker support aircraft."
#Cyberattack #CyberWarfare #AirGapping #USBStick #NoNukes #NoWar #NoNuclearWeapons
Still the case in 2024!!!
6 Things You Won't Believe Still Run #WindowsXP
By Sydney Butler
Published Jul 20, 2024
"Industrial control systems operate and monitor large systems like #NuclearPower plants, automated production lines, #WaterPurification plants, and so on. Windows XP might still be used in some of these large systems for a few reasons. For one, many of these systems can't be taken offline for long, since they provide critical services or goods. There may also be a massive loss of income if they go offline to be updated. Especially given how there are likely to be bugs in new software and operating systems. It might also be necessary to replace perfectly working hardware to work with new software.
"Upgrade plans for major industrial systems can take years to plan and execute, and if everything is working just fine, there's little incentive to do it. Many of these systems aren't even connected to outside networks.
"This is why it was necessary to sneak #USBDrives into facilities to infect them with #malware like Stuxnet. This is a practice known as '#AirGapping' and if your system doesn't need to be online, it shouldn be seen as a basic security measure."
https://www.howtogeek.com/things-you-wont-believe-still-run-windows-xp/
#Stuxnet #CyberWarfare #CriticalInfrastructure #NoNukes #RethinkNotRestart
@ravirockks I've had not read them yet but I'd say that one should always archive dependencies and aim to only have reproducible builds.
Something that I work on OS/1337.
Now granted @os1337@inforsec.exchange is NOT built with security in mind at all, but that's due to it's specific goals.
But archiving releases and mirroring repos is an important way to keep things secure.
And in high-security envoirments #airgapping and #CodeAudits should be mandatory to the point that only #FLOSS and no #CCSS are legal.
@wanderspieler @autonomysolidarity @torproject
Ja doch, weil es nicht möglich ist ohne #Govware - #Backdoors und die sind bei #FLOSS nicht undedektoeirbar möglich...
Und selbst wenn: #Airgapping funktioniert!
Gibt es Kundenstimmen zu #CloudNordicAttack & entstandenem Datenverlust?
Welche Methoden zur Härtung von #Backup-Systemen & -Prozessen kennt Ihr?
Würdet Ihr bei Cloudnutzung auf eigenes #offsiteBackup verzichten?
#ransomware #cloudnordic #backupandrestore #itsec #itsecurity #rechenzentrum #wiederanlaufplan #wiederherstellungsplan #isolation #snapshots #systemarchitektur #Angriffsvektoren #airgap #airgapping #airwall #worm #revisionssicher #ire #recovery #backupandrecovery #offsite #devops
@Joseph @deviantollam nope.
They can only seize data they can access...
Never heard of #airgapping?
It's so common most of my employers/clients did and still do so to this day...
https://mstdn.social/@kkarhan/110690278519286340
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst