Search for military installed backdoors on laptop

Question

My laptop was confiscated by the military institute of my country and they made me to give them all my passwords (I cannot tell you the name of my country). They did not give it back to me for one week (yes, it was out of my sight for a while). I wiped the whole system in order to start over from a fresh installation, but I just realised that it was on sleep state for 2 days and not in shutdown state, so it was connected to my modem via wifi. Does it need to be worried about?

and

I need to make sure if they have added something to monitor my activities or steal my data or not? And if they have done that, what should I do to prevent them.

I have double checked the laptop physically and there is no sign of screw or plastic deformation. Is that still possible that they have compromised its hardware?

Comments are not for extended discussion; this conversation has been [moved to chat](https://chat.stackexchange.com/rooms/87365/discussion-on-question-by-posse-search-for-military-installed-backdoors-on-lapto). — Rory Alsop, Dec 21 '18 at 15:52

forest · Accepted Answer · 2021-02-22T04:15:44.383

If the device left your sight for any amount of time, replace it. It can no longer be trusted.

The cost to assure it can still be trusted significantly exceeds the cost of getting a new one

There is effectively no way to verify that the hardware has not been tampered with without significant expertise and employing non-trivial resources. The only solution is to replace the laptop and all associated components. Without knowing your country or other aspects of the situation you are in, there is no way for me to comment on the likelihood of this, only on the technical feasibility.

If you do need to verify the integrity of the laptop, there are a few things to check (non-exhaustive):

Weight distribution - Verify the precise weight of each component (ICs, PCB, etc). Weight distributions can be analyzed using gyroscopic effects. This requires having uncompromised equipment nearby for comparison. Extremely precise measuring equipment is required. You'll need to be aware of the different tolerances each part has in order to know what is anomalous.
Power consumption - Verify the power consumption of each component over time. Backdoors often use power, and their presence can sometimes be detected with a power analysis attack. Do not rely on this however, as integrated circuits can use extremely little power nowadays.
PCB X-ray inspection - Use X-rays to view the circuit board internals. This requires expensive equipment for a multi-layer printed circuit board such as a laptop motherboard. It also requires many man hours of intensive inspection of each square micrometer of the device. This is probably the easiest to do, although still takes specialized equipment and skills.
IC inspection - Physically remove the various layers on integrated circuits ("decapping") and analyze the internal die. For anything much more complicated than an 8051 microcontroller, this will require significant expertise and is not possible without a high level of domain knowledge and a lab. But this would have to be done for everything from the main chipset to every CPLD on the board. Do you have a full-face respirator and a fume hood for all the acid you'll need to use?

Sounds excessive? It is, but this is what you would have to do to have a good level of confidence that no malicious hardware modifications have been made. It will be cheaper just to buy a new laptop. Note that this is not intended to be practical advice, and it is not even close to complete even if it was. It's meant only to illustrate this near-impossibility of searching for sophisticated hardware implants.

I nuked it from orbit but I just realised that it was on sleep state for 2 days and not in shutdown state, so it was connected to my modem via wifi. Does it need to be worried about?

In theory, compromised hardware or firmware would be made to compromise your wireless access point or other devices listening in. While a suspended state (sleep mode) normally also disables the NIC, you cannot make that assumption if the hardware is compromised. However, while this is theoretically possible, it would require a far more targeted attack, and most military groups will not want to give away their 0days by shooting them at any random nearby wireless devices.

Unfortunately, it is also theoretically possible that your modem has been compromised. If that is the case though, I think it'd be incredibly unlikely that it was done by your exploited laptop, as they could have just taken over your modem through your internet connection (TR-069 is a bitch), assuming they can control or compromise your ISP. If they have tampered with your hardware, it's much more likely that they have only done so for surveillance purposes, not to spread some silly worm.

I have double checked the laptop physically and there is no sign of screw or plastic deformation. Is that still possible that they have compromised its hardware?

Absolutely. There are many ways to open a laptop without that fact being apparent. While many sophisticated chassis intrusion detection mechanisms exist (some that even detect small changes in air pressure that would indicate a person messing with it), there are some "ghetto" techniques which you may be able to use in the future. One technique is to sprinkle nail polish with glitter on the joints of the system, inside and out. Take a high-resolution photo of this (and don't store the photo on the computer!). If the device is opened, the precise layout of the glitter will be disrupted, and it will become exceptionally difficult to put it back in place. You can compare it with the stored photo and look for subtle differences. This is sufficient to detect tampering by most adversaries, if done right.

The term for this is tamper-evidence, which is any technique that makes it difficult to tamper with a device without that fact being noticeable. More professional options would include bespoke tamper-evident security tape or holographic stickers. There are lots of epoxy potting solutions too (but beware of overheating!). Unfortunately, this can only help you in the future and will obviously be incapable of protecting your system retroactively. But consider how likely it is that they really compromised it.

Comments are not for extended discussion; this conversation has been [moved to chat](https://chat.stackexchange.com/rooms/87376/discussion-on-answer-by-forest-search-for-military-installed-backdoors-on-laptop). — Rory Alsop, Dec 21 '18 at 19:45
Replacing the device might be a threat of equivalent force in this case. OPs country could stealthily take control of the computer supply chain and infect a significant supply within its borders. — redbow_kimee, Dec 22 '18 at 23:04
@redbow_kimee That's **extremely** unlikely due to how quickly it would become known. — forest, Dec 23 '18 at 03:09
Surprised you don't mention malicious firmware (for the main motherboard, or for any of the devices). x86 System Management Mode allows nearly-undetectably doing things behind the back of the OS. (There is a performance counter (AMD) or MSR (Intel) that counts System Management Interrupts, though, so you could check for suspiciously-high SMI activity. [Is there an equivalent register to Intel's MSR\_SMI\_COUNT on AMD architecture?](https://stackoverflow.com/q/51055831)) — Peter Cordes, Dec 23 '18 at 18:11
Ok, that makes it even worse. That leaves you with performance experiments with (regular) interrupts disabled, e.g. in a kernel driver, to try to detect excessive SMIs. Or some other way to try to rule out other causes of some timed intervals being longer than expected, at least statistically. — Peter Cordes, Dec 24 '18 at 03:30
@PeterCordes That can be avoided as well, since timers can also be spoofed. The firmware has absolute control over software, so there's nothing that can be done to detect it with a good level of certainty. Plus it could be made to enter SMM only very rarely to avoid tripping any alarms, or even run malicious firmware on the CSME, which is a separate processor and so would not impact the performance of the primary x86 CPU. — forest, Dec 24 '18 at 03:31
I wasn't sure SMM could convincingly adjust both RDTSC and performance counters in a way that's consistent down to a couple cycles with what out-of-order execution would have done for any given loop that gets interrupted. Loops that don't touch memory, just ALU dependency chains, can be extremely repeatable, but the cost of an interrupt in the middle can depend on how much the loop was benefiting from out-of-order execution overlapping work on multiple iterations. Or if the loop does store to memory, then the cost of an interrupt can include flushing the store buffer. — Peter Cordes, Dec 24 '18 at 03:36
@PeterCordes The RDTSC continues counting even in SMM. You're right that there would still be ways to detect it if you really wanted to (assuming it wasn't designed to get around the mechanism you used), but malicious firmware can set SMI to trigger on only rare events, enough that it's very unlikely that you'd ever detect it, short of using an `inc` and `jmp` loop as a counter maxing out on all cores. — forest, Dec 24 '18 at 03:38
But yeah, only entering SMM very rarely is much more likely, and would probably be nearly impossible to pick out from the background noise of other things that can cause timing spikes, maybe even in an interrupts-disabled loop in kernel mode. — Peter Cordes, Dec 24 '18 at 03:38
I *think* there's a way to change the TSC, which OSes used to have to use to try to sync the TSC across cores before the `constant_tsc` feature made HW do that for you across cores in one socket. I know there's TSC manipulation stuff for VT-X to present a scaled/offset TSC to the guest, which isn't available when not using HW virt, but I think there's a way to just set the TSC. And yeah, I was talking about repeatedly timing something that runs for ~200 cycles or so, with `lfence; rdtsc` to start and `rdtscp; lfence` to stop. Or better, `rdpmc` to count core cycles, not ref cycles. — Peter Cordes, Dec 24 '18 at 03:42
VT-x doesn't allow manipulating the TSC directly, it just makes it possible to trigger a VMEXIT on instructions that access the TSC (so the hypervisor can modify GPRs before resuming the VM). — forest, Dec 24 '18 at 03:46
https://www.intel.com/content/dam/www/public/us/en/documents/white-papers/timestamp-counter-scaling-virtualization-white-paper.pdf documents the scaling feature (added after the offset feature), which allows efficient migration of a VM between hardware with different TSC frequencies. Offset and scaling are configured with VMCS fields, and don't require a VM exit. (In fact, this feature only works for rdtsc and rdtscp if it's set so they don't cause a VM exit. It still applies to RDMSR on the `IA32_TIME_STAMP_COUNTER` MSR, and PEBS / PT timestamps, though) — Peter Cordes, Dec 24 '18 at 06:41
Make sure you have that photo at a place outside the computer, though. — Paŭlo Ebermann, Dec 26 '18 at 02:35
Why waste 0days when the password to the Wi-Fi router admin UI was most likely saved in the browser? Or admin:admin or something known to the ISP. — Roman Odaisky, Dec 26 '18 at 23:19
@forest Regarding controlling the supply chain being extremely unlikely, didn't the NSA do something like this when it intercepted components en-route from suppliers to customers? AFAIK that wasn't revealed until the Snowden leaks — Jon Bentley, Dec 27 '18 at 06:30
@JonBentley Yes, but that's a completely different threat model. If they want to get OP, they aren't going to be confiscating his laptop, they'll interdict it as it's being delivered. — forest, Dec 27 '18 at 06:56

score 72 · Answer 2 · edited Dec 27 '18 at 16:09

The main information we are lacking is your threat model.

Is it likely that the military targets you specifically, and would be willing to expend some resources on you? We don't need to know the details, but the answer changes depending on whether what happened is more or less standard procedure for your country, or you are being singled out.

And we don't know what secrets you are protecting. If you have personal data and communications, that's a different game than being an active element in a political opposition movement or other activity that might get you murdered if they get the data. There are countries in the world where being a human rights activist can get you on a death list.

If this is standard procedure, and your data isn't life-or-death, you can take the usual precautions, complete OS reinstall, firmware flashing, if you want to go the extra mile, replace components such as the Ethernet port and whatever else is replaceable. Then operate under the assumption that you might have missed something more deeply embedded, but your chances are better than average that you are clear.

The same is true for the active network connection. It is likely that your adversary did standard attack patterns. If your network is secured, and you don't see any signs of intrusion on the inside (firewall logs, IDS if you have, etc.) you could be fine.

If it is more likely that you received special attention, I would strongly suggest using the machine in some innocent ways (surfing the web, etc.) somewhere and then leaving it out in the open when you go to the toilet. Or in other words: Make it get stolen. That way nobody can blame you, the adversary cannot tell for sure if you intentionally "lost" the device and in any case can't prove it, and it's the only way to be sure. Even if you had it sitting nearby powered off, there could still be a microphone hidden inside that monitors you. So getting rid of it is the only safe option.

For the details, I can't do better than forest in his answer to show how deeply stuff could be hidden inside. They could've even switched out components with seemingly identical ones, plus backdoors. There are things you can do to hardware that the manufacturer would have trouble finding.

The same is unfortunately true for your network. There is always one more 0-day out there, and backdoors in network devices aren't exactly unheard of as well. If you are a high-profile target, you need to assume that the network has been compromised.

However, all of this advanced stuff isn't free or cheap. That is why the threat model is important. It is unlikely the military would use its best stuff on a random search.

score 55 · Answer 3 · answered Dec 18 '18 at 16:33

Methodology aside, just assume that the laptop and anything within audio and visual reach of the laptop is compromised and therefore subject to monitoring as well as the activity on the computer itself.

Searching for, tampering with, or removal of the computer/monitoring devices might well be detected and seen as a criminal act. Also, complete destruction of the laptop or pointedly not being used can also be viewed with extreme suspicion.

All you can really do is continue to use the laptop, but with the knowledge that activity is being monitored (so only do "legal" stuff on it). Visual/audio monitoring devices need not involve the laptop being powered up.

Invest in a nice, secure, padded (and soundproof) laptop bag to store the laptop in when not in use.

Comments are not for extended discussion; this conversation has been [moved to chat](https://chat.stackexchange.com/rooms/87377/discussion-on-answer-by-snow-search-for-military-installed-backdoors-on-laptop). — Rory Alsop, Dec 21 '18 at 19:46

shellster · Answer 4 · 2019-01-10T17:10:30.540

In addition to what others have mentioned about detecting hardware changes (chiefly that it is nearly impossible), you should recognize that the most likely vector of compromise would be the installation of software, especially if they only had your device for a fairly limited period of time.

To have a reasonable level of certainty that your device is clean from software exploits you should throw out the hard drive and start with a fresh one and a fresh install. Many of the more practical (and easy) low-level rootkits modify the firmware on hard drives to prevent a normal format from removing the malware. This is also one of the easiest ways to alter a system fairly quickly and "undetectably". If your laptop has a replaceable network card, this would also be something to consider replacing as it is also another fairly useful place to deploy a hardware implant.

Any malware likely needs to phone home eventually. Start up your computer and any common applications you run. Connect it to an external router (this is important as you cannot trust software running on the laptop) that records all traffic. Let the laptop sit unused for at least 24 hours. Now, painstakingly validate all the IP's via ARIN or other registries, to see if any of them look suspicious. You will almost certainly have several that you cannot validate, even if the machine is not compromised, but this may give you some confidence-level of compromise. Do be aware that nation-states often possess the ability to inject traffic into legitimate streams from legitimate locations, and also may compromise legitimate services or use existing legitimate services (such as docs.google.com where any user can create documents of arbitrary data). In addition network traffic on any network protocol is suspect and should not be discounted while trying to validate the traffic.

Lastly, think of your risk profile. Is your nation known for hacking devices and monitoring them? Are you a victim of bad luck or are there legitimate reasons why they should or did suspect you? A certain level of paranoia is healthy, but be practical with your assessment. Custom hardware implants are not cheap, and the cost of discovery can be both embarrassing and expensive. If you are not a likely suspect and of some significant importance, the most likely implant will be software/firmware based, if anything was implanted at all. As others have pointed out, any credentials you had on your machine/that you provided/or any active browser cookies, and any files on the system should now be considered compromised.

I don't understand why this answer is not the most-upvoted. Software backdoors are a million times more likely than a hardware one, for all sorts of reasons. I blame the effectively-debunked Bloomberg piece for the undue hype around hardware backdoors. — Angelo Schilling, Dec 26 '18 at 19:42

score 14 · Answer 5 · answered Dec 19 '18 at 23:01

Given what you've told us, you need to assume that not only is the laptop irrecoverably compromised, but so is your entire home network, everything connected to it, and every account you have anywhere that was ever accessed from the laptop or from another device connected to your home network.

Physically destroy the laptop, preferably by melting/burning it rather than simple shredding or pulverisation.
Do the same for every single component of your home network.
Do the same for every device that was connected to said network during the time after the laptop was "returned".
Close and delete every account that you have on every website that you have ever accessed from the laptop or from any of the devices in step 3.
Cancel and physically destroy any and all credit/debit/gift cards that you have ever made payments from via the laptop or via any of the devices in step 3. Also cancel any payments that were made using any of those cards during the time after the laptop was "returned".
Close all your bank accounts, withdrawing their entire contents in cash. Destroy any paperwork in your possession associated with any of those accounts.
I cannot emphasise strongly enough the importance of fleeing to a country with better protections against these sorts of abuses by arms of the government.

This seemed really *really* excessive, but it all made sense leading up to the final point, so +1. Except maybe sell the devices instead of destroy them. And I'd guess this may be good advice too: **DON'T TRY TO LEAVE A COUNTRY LIKE THAT WITH LOTS OF CASH, THEY'LL JUST TAKE IT AT THE BORDER** — Xen2050, Dec 22 '18 at 15:55
Destroying the machine would only confirm the monitor's suspicion - continue using it, but only use it for stuff that would give nothing but wasted time and boredom to a would-be spy! — rackandboneman, Dec 22 '18 at 19:54
Also, I would assume a government-authorized organisation that means business would not need to do one single thing to an individuals home computer to compromise their internet connection, bank accounts or communications accounts. In any country. — rackandboneman, Dec 22 '18 at 19:57
Unless you want to burn two laptops instead of one, you should probably do #4 before #1. — Fax, May 23 '19 at 12:33

score 12 · Answer 6 · answered Dec 18 '18 at 20:20

12

If they have all your passwords, as you say, and had possession of the laptop, the laptop, its operating system and software installed are all suspect. As suggested, nuke from orbit.

I would also be concerned that any software that might possibly have been implanted could (and would) attempt to compromise other computers on connected networks. Do not connect this machine to an ethernet, nor power it on near any WiFi networks if it has WiFi (nor around Bluetooth devices though I know little about this).

It may not be possible to wipe it even under safe conditions due to compromised firmware.

If they had the laptop for, say, 30 minutes (or less), the drive could (and would) have been imaged/copied. Its secrets are no longer yours alone.

You also have some work ahead of you to change all your passwords: you might want to nuke the accounts for extra safety. Delete all content (if possible) and close the account. Good luck with that. Information may have already been collected, however.

There have been answers regarding hardware modification, and while this is a possibility, clearly software tampering should be high on your mind.

answered Dec 18 '18 at 20:20

newyork10023

184
6

2

Forget compromised firmware, if they're serious about monitoring the OP, how about a compromised Ethernet port, or a compromised monitor cable? – Mark Dec 19 '18 at 00:45
2

...or a compromised memory bank? There's no limit to the shenanigans you can play with hardware. – Tom Dec 19 '18 at 13:36
2

@Tom I think it would be _very_ hard to compromise the DIMM (if that's what you mean by memory bank) without the implant being extremely obvious. Modern DRAM operates at such blindingly fast speeds and with such extreme sensitivity to latency that a fairly large, bulky logic analyzer is required to even so much as analyze the commands being sent to the DRAM modules. Humanity simply lacks the technological capability to create a small implant that's capable of actually monitoring memory in that way. – forest Dec 21 '18 at 04:07
@forest - yes, you would have to go above the individual module. And you won't get much logic. I was more thinking about a simple copy, similar to a monitoring port. – Tom Dec 21 '18 at 09:45
@Tom I'm not sure if it'd be able to simply copy data either. At those speeds, the electrical characteristics of wires begins to matter. – forest Dec 21 '18 at 09:52
@forest - you might be right for modern RAM. The last time I worked on the hardware level was when we were just starting to feel quantum effects. It's been a few years. – Tom Dec 21 '18 at 10:08
@forest A device with access to the memory bus would a perfect place to introduce contraband firmware into the system, though! – rackandboneman Dec 22 '18 at 19:52
More information I found out (in chat) about monitoring DIMMs: https://chat.stackexchange.com/transcript/message/57116733#57116733 – forest Feb 23 '21 at 02:52

usr-local-ΕΨΗΕΛΩΝ · Answer 7 · 2018-12-22T08:54:47.857

7

I need to make sure if they have added something to monitor my activities or steal my data or not

Consider that they have all your data already. You surrended all your passwords, so even data that is not on your laptop (e.g. mail, cloud) is now in their hands. Extended comment: if you were not under arrest you could always change as many passwords as you could after giving them, but we want to assume our attacker has so much resources and efficiency that they grabbed an entire copy of all your online activities by the second you wrote down your password on a piece of paper. Pessimistic approach.

As pointed out by @forest, you can do something to try to prove they did it, but it is so expensive that you better go BestBuy as fastest as possible to get a new laptop. Unless your goal is to whistleblow your government is spying on you and how.

And if they have done that, what should I do to prevent them.

I assume you asked "what should I do to prevent them in the future?". Please edit if not. Getting a new laptop and implementing proper security measures is good, just as we others are doing.

Full disk encryption, plausibly-deniable hidden volumes and complex passwords are the basic tools. A military corp targeting an individual can have so many resources (including 0-days) that you can not prevent them to hack you forever, but you can still protect yourself and make it a painful time for them.

Remember, you said you gave them the passwords. This is where TrueCrypt/VeraCrypt come handy. I recommend you to take a look at this QA. Remember to use the cover OS often. Once in the future you will be questioned again for your passwords, give them the decryption key for the "outer" OS. They are not stupid, they will try their best to extort you that you are running a hidden OS too. For example, just that you are using VeraCrypt instead of stock Windows BitLocker or stock Linux LVM, that might be grounds for questioning/extortion.

You may also want to carefully and safely copying documents from the old hard drive using a USB adapter. Documents, not executables. And, out of paranoia, who can tell if some PDF documents were altered to exploit a 0day in one of the popular readers?

You may want to escape from that country as soon as possible, for what concerns me.

edited Dec 22 '18 at 08:54

answered Dec 20 '18 at 12:25

usr-local-ΕΨΗΕΛΩΝ

5,310
2
17
35

6

Leaving the country really is the best advice. – Gherman Dec 20 '18 at 15:01
3

It is important to note that in such a situation, trying to deceive the military who is trying to break into your computer might introduce serious consequences. Lying to them outright is a recipe for disaster. – schroeder Dec 20 '18 at 19:24
5

There's an interesting idea about "plausible deniability" and encryption - [TrueCrypt's Plausible Deniability is Theoretically Useless](https://defuse.ca/truecrypt-plausible-deniability-useless-by-game-theory.htm) - *"It's also a strictly dominant strategy for the government to keep torturing you... So no matter if you're using a hidden volume or not, the government gets the highest reward by continuing to torture you. So if you and the government are both rational and self-interested, then you are going to use a hidden volume, and the government is going to keep torturing you."* – Xen2050 Dec 22 '18 at 16:51
The more interesting question is, if that military organisation would have found anything that interested them in the first place, would they have returned the laptop at all and left the owner at large? – rackandboneman Dec 22 '18 at 20:01
1

@Xen2050 That website has an extremely naïve understanding of elementary game theory. TrueCrypt's plausible deniability is useful in a _large_ number of threat models. Now, whether or not it's easy to maintain an outer volume that has convincing metadata (timestamps indicative of genuine access) is a different story. – forest Dec 24 '18 at 03:43
@forest, it's *impossible* to maintain an outer volume that has convincing metadata. If I wanted to prove someone was using an inner volume, I'd open the outer volume up in a suitable low-level filesystem viewer and look for a large region of unused disk space. – Mark Mar 13 '19 at 00:49
@Mark Hidden volumes don't work in a way that you can find it by looking for unused disk space. That's a common misconception. Assuming the security of the underlying cipher, it is physically impossible to prove the existence of a hidden volume. You can conclude that it likely exists if the opened volume is "suspicious" (e.g. the filesystem is very stale), but even then it's only circumstantial. – forest Mar 13 '19 at 07:57
@forest, when did TrueCrypt/VeraCrypt make this breakthrough? Every time I've checked, the "hidden volume" feature worked by making part of the outer volume "off limits" to the outer filesystem. Sure, you can't mathematically prove that the huge, contiguous chunk of random data that isn't part of any file is, in fact, a hidden volume, but to someone who's a forensic expert rather than a mathematician, it looks *really damn suspicious*. – Mark Mar 13 '19 at 08:40
@Mark There is no huge, contiguous chunk. The outer volume is created first, just as if there was no hidden volume at all. Only _after_ it is created are the unallocated regions (which are heavily fragmented) used to hide the hidden volume. The one and only difference between a real volume without a hidden volume and the outer, dummy volume is that one of them has unallocated space that is randomized, and the other has unallocated space that has encrypted data. For a modern cipher like the ones used in TrueCrypt/VeraCrypt, it is impossible to distinguish ciphertext from uniform random data. – forest Mar 13 '19 at 08:43
@Mark One way to think about it is that a volume _always_ has a hidden volume of sorts, but a "real" hidden volume is encrypted with a key derived from your password. If you don't configure a hidden volume, it contains nothing and is encrypted with a throwaway key (for a CSPRNG). – forest Mar 13 '19 at 08:47
Please move extensive comment to chat – usr-local-ΕΨΗΕΛΩΝ Mar 13 '19 at 10:28

score 1 · Answer 8 · answered Dec 18 '18 at 22:22

1

A backdoor still has to communicate to the attacker, so watching network chatter via your router should suffice. Wiping a harddrive and reinstalling an OS may not be enough, they had it for a week, they could've taken it apart, installed a network tap device and put it back together.

That's not all there is either, there may be no network activity and the program/device may be silently collecting data for somebody to physically retrieve later, probably via a knock on your door.

A new laptop is in order, however I'd keep the old one, maybe even put it on a DMZ so it can't talk to other devices on your home network and it goes without saying, it can't be used for anything sensitive ever again.

answered Dec 18 '18 at 22:22

RandomUs1r

145
4

13

You probably should look at a copy of the NSA's hardware implant catalog that leaked a few years back. They've got backdoors that can communicate in all sorts of ways, including by modulating an externally-transmitted radio signal. – Mark Dec 19 '18 at 00:43
17

@RandomUs1r - the adversary here is the **military**, not some run-of-the-mill cybercriminal with a backdoor he copied from some darknet forum. There are **plenty** of ways to send out data in ways that even most cybersecurity professionals would not detect. Some of my friends would approach a device like this with an oscilloscope. There's half a dozen documented ways to get data into and out of machines that are seemingly not connected to any network. There's plenty of ways to hide network, system and memory activities. – Tom Dec 19 '18 at 11:44
2

Or the malware does not communicate at all, but just stores the data until the laptop is searched again. – allo Dec 20 '18 at 14:11
A trained user with an oscilloscope would only stand any chance if they knew roughly what they are even looking for. – rackandboneman Dec 22 '18 at 19:58

Basile Starynkevitch · Answer 9 · 2018-12-27T11:59:18.740

The main issue is to have a good threat model. Perhaps the military are just doing routine things. Perhaps they have been ordered to spend a lot of specific efforts to spy you.

If you suppose that the military is doing routine (unsophisticated) things (then they probably installed some malware, probably one that most software tools won't detect, and have copied all the contents of your laptop on their servers), you could consider clearing all the disk (that is, reformatting it completely) and installing (for example) some Linux distribution on your computer (however, doing that might make you suspicious, but that is a different issue). Copying all the contents and adding a malware is, from the military point of view, very easy (it could take 5 minutes of human work, and 1 hour to wait for the copy to complete).

How to clear all the disk is a different matter. On Linux I would dd if=/dev/zero of=/dev/sda bs=4k for example which fills the sda disk with zero bytes. Of course, all the data is lost (on SSDs, something could remain) and you need to reformat (technically to repartition) the disk. And you could just replace the disk (it costs a few dozens of euros and can easily be changed).

As commented, you should perhaps reinstall the firmwarev(e.g. BIOS) of your laptop.

If you suppose that the military deploy specific efforts against you they could have physically embedded some microphone, some GPS, some other hardware inside the laptop to spy you (and then no software solution exists; and, unless you are a hardware expert, you won't be able to notice). Changing the hardware is less easy (could take hours or days). In that case you'll better destroy the laptop.

Know that overwriting the disk in that way is unsafe on solid state drives. — forest, Dec 27 '18 at 08:40
Firmware malware/backdoors are just as easy and would survive each of your suggestions. — schroeder, Dec 27 '18 at 11:58

score -1 · Answer 10 · answered Dec 27 '18 at 03:35

Install an AP in your cellar, or alternatively, put the laptop in a metal box. The goal is to make it impossible to communicate with radio signals, except the AP which is provided by you.

Inside that metal box, put your own AP. So, the laptop should see a total radio silence, his only way to communicate to the external world should be your AP.

The uplink of your AP should be one of your external machines. Start a network packet listener and analyzer on it.

You might try to trigger their eavesdropping by doing some tricky things. For example, you could search for the political enemies of your state, or you should try seeming trying to contact them.

Beware, such people are highly paranoid and they are not affected by arguments like "I did not try to contact country X, I only tried to look it so" or "If I had really tried to communicate with country X, I hadn't done it with your bugged laptop". They are strong arguments for you, but nothing for them. You will be sued for contacting country X and nobody will be interested your arguments. Your only way to avoid punishment if you don't do it. Now consider the case that you can play with them.

The laptop should be continously online, you should continuously do things on it (of course nothing illegal).

Then check the traffic of your AP, your own AP, what it communicated and where.

Unfortunately it can have only positive answer: if the laptop didn't communicate, you have no way to know that it is because it was not bugged, or that it was bugged, but not active. If it communicates, you will know how many traffic did it made and where.

If you played enough, zero out the hard drive and sell the laptop on the internet.

If you will later talk to them, you don't know anything, you just sold your laptop because you wanted a stronger hardware, and you didn't even think on that it might be bugged.

score -5 · Answer 11 · edited Dec 29 '18 at 12:39

-5

If the laptop is a Windows 10 due to secure boot, Windows virtual memory, driver signing- you can ensure the machine is trustable. This doesn't rule out malicious applications installed and set to run and access the computer's resources, however, they would have virtually no way to access other applications or processes which don't "put themselves out there".

Windows virtual memory addressing essentially scrambles memory of user-mode applications. So if a virus tries to access memory through hacked methods it's not able to discern what's what. So every process has its own 2 gb or so virtual memory that it uses which is translated by Windows to real address space. Process memory is basically private to that process. They can share memory with handles. But I believe this would require the cooperation of both processes.

Additionally malicious software set to run can see network traffic but that can be viewed by anyone also once it's broadcasted on a network.

So basically, securely written applications can't be easily dropped. Unless the "military" had access to OEM, Windows, or Intel/AMD and they make that ability available to them, or they have realized vulnerabilities not yet known to exist.

edited Dec 29 '18 at 12:39

schroeder

123,438
55
284
319

answered Dec 20 '18 at 11:22

marshal craft

97
7

4

I disagree. Trusted boot prevents the genuine UEFI firmware to run untrusted software (i.e. software cannot be tampered). It does not prevent tampered hardware to boot the genuine OS. Your assertion on virtual memory is correct, but nobody prevents a military corp with enough resoruces to replace the UEFI firmware with a hypervisor on top of which the OS runs. Then you have ring-0 control over machine. – usr-local-ΕΨΗΕΛΩΝ Dec 20 '18 at 12:07
Intel management engine is the starting point, intel needs to provide the oem with information and tooling to use the secure execution processor, which windows uses. There was a recent exploit with macs, but this was with the secure execution engine not used and configured which is done by oems, Windows would not boot under such an environment, and this still would require intels tools. – marshal craft Dec 20 '18 at 12:33
"Windows won't boot". That's new for me, I will research on thah. Thank you. Yes, a TPM module can validate hardware and refuse to issue the key if the hardware is compromised, but that's something different from the OS to validate the hardware. An example is Magisk for Android. Magisk operates with unlocked bootloader but is capable of tricking Android into thinking that the hardware and the OS are intact. From what I have learned, Magisk is mostly invulnerable. So Android *cannot* refuse to boot. This justifies my surprise in your sentence. This is a very interesting topic – usr-local-ΕΨΗΕΛΩΝ Dec 20 '18 at 12:39
In the Magisk example: the locked phone will refuse to boot Magisk because hardware checks the OS. But when the software (e.g. SafetyNet) tries to assess the hardware, Magisk creates a layer of smoke that makes the software think the hardware is sane. Surely, Android vs Magisk is just a bare example, I don't know what Windows does to validate hardware when hardware is capable to provide a fake attestation – usr-local-ΕΨΗΕΛΩΝ Dec 20 '18 at 12:41
Basically the oem sets fuses in m.e. Which are used to verify firmware was signed usinng cryptography. The oem can update firmware etc, but keeps the system locked down. Also the oem works with Windows and uefi to pass on trust to those components. Also windows doesn't itself use uefi drivers normally. Though it can as worst case plug and play feature where it cant find a driver I think. Obviously this would be a hole in its driver signing mechanism. So I'm not sure how it is handled but presume it is. – marshal craft Dec 20 '18 at 12:46
Im talking about windows pcs, not phones. Windows is not only fully designed to use secure boot, it requires it! Also intel atom x86 soc will only run in a limited state with out management engine correctly configured, let alone it could run mac o.s. Let alone windows. – marshal craft Dec 20 '18 at 12:49
Sorry, I was talking in general about hardwares and kernels. I mean that what *can* be done in Windows can be done in Linux, Android, Mac and Rasbperry Pi potentially – usr-local-ΕΨΗΕΛΩΝ Dec 20 '18 at 12:57
2

Let us [continue this discussion in chat](https://chat.stackexchange.com/rooms/87325/discussion-between-usr-local--and-marshal-craft). – usr-local-ΕΨΗΕΛΩΝ Dec 20 '18 at 12:57
@usr-local-ΕΨΗΕΛΩΝ If you have physical access, defeating TPM is **trivial**. In fact, for SRTM at least which is what is being described here, all you need to do to defeat it is replace the BIOS chip with one that does not have a locked bootblock (CRTM). SRTM is only useful for detecting firmware modifications, not hardware. – forest Dec 21 '18 at 04:10
@ forest its called flash descriptor, see intel trusted execution engine which is what management engine is called lately (2017?). It is certain at least the new firmware would have to have intel support to get by Microsoft, ounce this is done sure it can do many things like use wifi while the pc is turned of in s0 sleep states unbenounced to Windows or drivers. Intel supplies core component binaries which uefi requires. Not source but binaries. It is quite possible a government could turn to any domestic company and demand they turn over these tools. – marshal craft Dec 21 '18 at 20:39
@marshalcraft I am not talking about the CSME flash descriptor, I am talking about the BIOS bootblock which holds the CRTM on the flash chip. It is usually read-only in hardware and is used to bootstrap measured boot along with the TPM. The CRTM reads the rest of the BIOS flash into PCR0 before jumping to it and executing. Because of that, you can bypass it simply by replacing the flash chip. – forest Dec 22 '18 at 02:17
Also, the Trusted Execution Engine (TXE) is _not_ what the Management Engine (CSME) is called. – forest Dec 22 '18 at 02:18
Txe seems to be replacement for the technology called management engine. Many aspects are the same like the flash descriptor, which acts like a table of contents describing the size and spi flash memory mapped locations of mandatory sections. Txe additionally provides secure processing unit. Wikipedia is way out of date on this topic. – marshal craft Dec 22 '18 at 17:57
@marshalcraft That is incorrect. TXE is a module that is _part of_ the CSME. They even have different virtual PCIe interfaces, with the former being TEXI and the latter being HECI. Related, but not the same. – forest Dec 23 '18 at 04:17
Well it's intel documentation is private so I can't really say anything more on the matter, which is unfortunate. This has literally turned x86/64 pc based architecture into a private closed door arena. The days of American pc ingenuity of American megatrends, os writers bill gates and Paul Allen, dell, etc. are gone, instead we have bugged and tapped microprocessors... and "applications" replacing the standard .exe take away efficiently priced fully programmable pc. It's pretty obvious where were going analogous to the dark ages after the roman empire. – marshal craft Dec 23 '18 at 05:15
@marshalcraft While their internal content service database may be private, documentation regarding TXT and CSME is absolutely public. It's not something you need to sign an NDA to get. – forest Dec 23 '18 at 05:34
@usr-local-ΕΨΗΕΛΩΝ Actually his statement on virtual memory is incorrect. Just because memory is "scrambled" does not mean firmware will be unable to see what is what. It has the page tables, after all... – forest Dec 28 '18 at 09:07
And yes you do have to sigh an nda. – marshal craft Dec 29 '18 at 05:12
Also I was correct I can guarantee that either the contents of my windows application say a variable called a flag, can't be known the contents outside of that application, specifically due to windows virtual addressing. Or you could be using your mathematical knowledge for better things. – marshal craft Dec 29 '18 at 05:15
@marshalcraft I have no idea what you're talking about. And basic information about the CSME does _not_ require signing an NDA. Yes, getting detailed OEM programming information or the toolchain does, but simply knowing the basic interfaces it uses (HECI and TEXI)? Not whatsoever. Why would it? – forest Dec 29 '18 at 10:25
Anyway, secure boot is meant to verify software, but it presumes uncompromised firmware. As OP had his laptop confiscated, it's very possible that the _firmware_ was modified, which even SRTM cannot defeat (given the fact that you can just replace the CRTM/BIOS boot block with physical access). I think BootGuard might help a little, but even it is not perfect. So your idea that secure boot will secure the system? Laughable. – forest Dec 29 '18 at 10:28
And what quick Google searches are you referring to? I didn't have to look _any_ of this up, as you can see by my existing questions and answers. Regardless, if you are now getting to the point where you claim you are the only sane person in a world of lunatics and that "everyone can see that" (I wonder why you are -7 then?), then there's nothing I can do to teach you, sorry. Please realize that some of us actually do this for a _job_. We aren't just hobbyists who are having fun speculating. Many of us are professionals. – forest Dec 29 '18 at 10:30
@marshalcraft I'm having trouble advocating for the idea that this actually answers the question. Whether the facts are true or not, how does this address the questions raised? Can you connect the dots a little better? – schroeder Dec 29 '18 at 13:06

Search for military installed backdoors on laptop

11 Answers11

Linked

Related