But something has happened lately that makes a pretty good story, so I thought I would share it with you all.
Please bare with me, I had a very long day and I'm very tired.
I am in the process of going to sleep when I am writing this so there might be some spelling errors.
Anyway, so I am currently in a big graduation project on the university in Sweden called "Technological Institute of Blekinge".
Blekinge being the place where I currently live.
In this project, we work for the largest telecom company in Sweden to make a product for them.
But due to NDA (None Disclosure Agreement) I can't talk that much about it, but it doesn't really matter, as the story is not about that.
In our project we are 8 people, most of us are very highly educated in different computer science areas and we also like to fuck around with each others stuff.
We sit in the same room 8 hours a day, 5 days a week so there is always time for fucking stuff up.
One member started a dangerous war a month ago by installing a python script on another members computer that did some nasty stuff to his machine, he forgot to lock the machine, thus opening up to this opportunity. The script changed a bunch of stuff all the time, like redirected web pages to nasty stuff and such.
The guy who got his machine "hacked" wanted revenge, and installed a very creative kind of "virus" on the other guys machine when he forgot to lock it as well.
He got to ask one yes/no question each day to get clues on what it was, but it took him a month to solve it.
The virus would at totally random times write some stuff in any active window he had.
Some of the clues he got were the following;
1: It does not run in user space.
2: They did not have access to a root shell while doing it.
3: Running a live CD does not prevent it from running.
So eventually he DID figure it out, but it took him a very long time.
However, the others told him to not tell anyone else about what it really was, because they wanted to be able to use it again on someone else if needed.
Anyway, so as some of you know, I am pretty paranoid at times.
So the setup on my working computer at the Uni is as follows;
*BIOS is password protected with a strong password, no one can boot any OS nor can they go into the BIOS settings.
*The case is locked
*The machine is running Debian with only two partitions, one ext4 with the system and one swap, both of which are heavily encrypted.
*I have a strong password on the system, and I always lock it when I leave if I don't shut it down.
*So in total there are 4 passwords that they would need to bypass if they wanted to restart it and boot some rescue CD or a live CD.
I wanted to piss them of a bit since my security is rather well planned (except that they can reset the BIOS pass if they just have a key, which is pretty common on the Uni, but they still need the other passwords). So I took a screenshot of my desktop and wrote with large red text "LOOK CLOSELY GUYS, BECAUSE THIS IS AS CLOSE AS YOU ARE GOING TO GET ;D" and put it as my screensaver and locked the computer when I left yesterday (I have an interview for a job so I left early).
I got what I deserved I guess, because they managed to install the virus on my system, which printed "GO BACK TO WORK YOU LAZY SCRIPT KIDDIE" and "I CAN'T SECURE MY SYSTEM
" to my screen all the time. Pretty annoying, and I get rather annoyed when they call me script kiddie As far as they knew, I didn't do anything to try and remove it today when I came back and noticed that they had "hacked" it.
They said that I deserve that it got hacked after being that cocky.
In reality I was putting the pieces and clues together during the 8 hours I had over the day while they were there, and when they left I executed my plan.
It took me less than 5 minutes to solve it since I had so much time to think about all the things around the hack.
1: My system was very secure, I know how to secure my system.
2: The guy who installed the virus on the first guys computer, likes to play around with hardware on his free time and he has helped me before with some electrical engineering stuff.
3: He got a key for the machines about a month ago (that he didn't show to the others, but I saw when he had it at his desk once)
So, the "virus" that they had was in reality this
[Schematic]
Not sure if that is the schematic that they used, but it's something similar.
I opened up my machine and indeed there was a small chip plugged into the motherboard.
I have dealt with this stuff before and built my own stuff, so I could see that it was home made.
A very creative trick indeed.
But it results in 3 things really ...
1: They didn't actually break into my system like they said, so my security was still good. And it's pretty hard to defend yourself if they get the damn key for the machine and start messing around with it.
2: I wont tell them that I solved it for a while, as I want to make them wonder why it's not working as it should (I left the chip in my case and locked it again, but it's unplugged and the memory on it has been reset, just for revenge)
3: I now have plenty of time to plan my revenge, and oh yes it's going to be big.
Hope you liked my story
Now, bed time ... night folks
