Personal computing discussed

Moderators: David, mac_h8r1, Nelliesboo

 
chuckula
Gold subscriber
Gerbil Jedi
Topic Author
Posts: 1572
Joined: Wed Jan 23, 2008 9:18 pm
Location: Probably where I don't belong.

Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Tue Sep 12, 2017 4:18 pm

So there's been a pretty serious set of flaws found in the Bluez Bluetooth stack that is used by Linux and, probably more importantly, Android.

You can read about the issues here.

In brief, the vulnerabilities appear to involve a kernel-level buffer overflow that can be triggered remotely by sending malicious messages via Bluetooth to a target device. The devices do not have to be paired already for the attack to work, which makes this even more serious. Turning Bluetooth off in your mobile devices so that there's not even anybody listening for the malicious packets appears to be the best workaround right now until Android vendors get fixes out into the wild.

Forewarned is Forearmed Gerbils!
4770K @ 4.7 GHz; 32GB DDR3-2133; GTX-1080; 512GB 840 Pro (2x); Fractal Define XL-R2; NZXT Kraken-X60
--Many thanks to the TR Forum for advice in getting it built.
 
Topinio
Graphmaster Gerbil
Posts: 1346
Joined: Mon Jan 12, 2015 9:28 am
Location: London

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Tue Sep 12, 2017 4:50 pm

Android vendors get fixes out into the wild? :oops:
Desktop: E3-1270 v5, X11SAT-F, 32GB, RX Vega 56, 250GB BX100, 2TB Ultrastar, Xonar DGX, XL2730Z + G2420HDB
HTPC: i5-2500K, DH67GD, 6GB, GT 1030 SC, 250GB BX100, 1.5TB Barracuda, Xonar DX
Laptop: MacBook6,1
 
End User
Gold subscriber
Minister of Gerbil Affairs
Posts: 2454
Joined: Fri Apr 16, 2004 6:47 pm
Location: Upper Canada

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Tue Sep 12, 2017 4:53 pm

The title of your post is lacking key information.
Threadripper 1950X build parts have arrived - i'm procrastinating on the build :(
 
whm1974
Gerbil Elder
Posts: 5468
Joined: Fri Dec 05, 2014 5:29 am

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Tue Sep 12, 2017 5:10 pm

Apply updates and turn off Bluetooth.
 
just brew it!
Gold subscriber
Administrator
Posts: 49743
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Tue Sep 12, 2017 5:31 pm

End User wrote:
The title of your post is lacking key information.

That could probably be said of 95% of the posts on this forum. Why complain specifically about this one?
Nostalgia isn't what it used to be.
 
Dposcorp
Silver subscriber
Minister of Gerbil Affairs
Posts: 2665
Joined: Thu Dec 27, 2001 7:00 pm
Location: Detroit, Michigan

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Tue Sep 12, 2017 7:06 pm

just brew it! wrote:
End User wrote:
The title of your post is lacking key information.

That could probably be said of 95% of the posts on this forum. Why complain specifically about this one?

lol
 
chuckula
Gold subscriber
Gerbil Jedi
Topic Author
Posts: 1572
Joined: Wed Jan 23, 2008 9:18 pm
Location: Probably where I don't belong.

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Tue Sep 12, 2017 7:13 pm

End User wrote:
The title of your post is lacking key information.


No, I mentioned Jack Bauer.
4770K @ 4.7 GHz; 32GB DDR3-2133; GTX-1080; 512GB 840 Pro (2x); Fractal Define XL-R2; NZXT Kraken-X60
--Many thanks to the TR Forum for advice in getting it built.
 
Waco
Gold subscriber
Minister of Gerbil Affairs
Posts: 2034
Joined: Tue Jan 20, 2009 4:14 pm
Location: Los Alamos, NM

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Tue Sep 12, 2017 10:36 pm

I should just go buy a cabin in the woods.
Z170A Gaming Pro Carbon | 6700K @ 4.5 | 16 GB | GTX Titan X | Seasonix Gold 850 | XSPC RX360 | Heatkiller R3 | D5 + RP-452X2 | Cosmos II | Samsung 4K 40" | 480 + 240 + LSI 9207-8i (128x8) SSDs
 
just brew it!
Gold subscriber
Administrator
Posts: 49743
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Tue Sep 12, 2017 10:44 pm

Waco wrote:
I should just go buy a cabin in the woods.

...it's the only way to be sure.[/Ellen Ripley]
Nostalgia isn't what it used to be.
 
Flying Fox
Gerbil God
Posts: 25419
Joined: Mon May 24, 2004 2:19 am
Contact:

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Tue Sep 12, 2017 11:26 pm

Waco wrote:
I should just go buy a cabin in the woods.

Cabin with electricity and running water? Then you are still not completely off grid.
The Model M is not for the faint of heart. You either like them or hate them.

Gerbils unite! Fold for UnitedGerbilNation, team 2630.
 
just brew it!
Gold subscriber
Administrator
Posts: 49743
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Tue Sep 12, 2017 11:34 pm

Flying Fox wrote:
Waco wrote:
I should just go buy a cabin in the woods.

Cabin with electricity and running water? Then you are still not completely off grid.

Solar/wind and your own well?
Nostalgia isn't what it used to be.
 
Flying Fox
Gerbil God
Posts: 25419
Joined: Mon May 24, 2004 2:19 am
Contact:

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Tue Sep 12, 2017 11:38 pm

just brew it! wrote:
Flying Fox wrote:
Waco wrote:
I should just go buy a cabin in the woods.

Cabin with electricity and running water? Then you are still not completely off grid.

Solar/wind and your own well?

Unless you can make your own panels, turbine blades, and generator, you can still be tracked. Not to mention a large enough panel array and/or turbines can be seen by satellites.
The Model M is not for the faint of heart. You either like them or hate them.

Gerbils unite! Fold for UnitedGerbilNation, team 2630.
 
just brew it!
Gold subscriber
Administrator
Posts: 49743
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Tue Sep 12, 2017 11:48 pm

Flying Fox wrote:
just brew it! wrote:
Flying Fox wrote:
Cabin with electricity and running water? Then you are still not completely off grid.

Solar/wind and your own well?

Unless you can make your own panels, turbine blades, and generator, you can still be tracked. Not to mention a large enough panel array and/or turbines can be seen by satellites.

Depends what you're worried about. This Bluetooth vulnerability isn't about being tracked (since Bluetooth has a very short range anyway). It is about nearby "bad actors" compromising your devices over Bluetooth and stealing sensitive personal info.

Seems like a cabin in the woods, solar/wind power, a well, and a shotgun (if you're worried about physical attacks) would provide a reasonable degree of protection.
Nostalgia isn't what it used to be.
 
End User
Gold subscriber
Minister of Gerbil Affairs
Posts: 2454
Joined: Fri Apr 16, 2004 6:47 pm
Location: Upper Canada

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Wed Sep 13, 2017 1:29 am

just brew it! wrote:
End User wrote:
The title of your post is lacking key information.

That could probably be said of 95% of the posts on this forum. Why complain specifically about this one?

It does apply to ever end user.
Threadripper 1950X build parts have arrived - i'm procrastinating on the build :(
 
DrCR
Gerbil Team Leader
Posts: 229
Joined: Tue May 10, 2005 7:18 am

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Wed Sep 13, 2017 3:26 am

End User wrote:
just brew it! wrote:
End User wrote:
The title of your post is lacking key information.

That could probably be said of 95% of the posts on this forum. Why complain specifically about this one?

It does apply to ever end user.

There's more than one of you?
 
End User
Gold subscriber
Minister of Gerbil Affairs
Posts: 2454
Joined: Fri Apr 16, 2004 6:47 pm
Location: Upper Canada

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Wed Sep 13, 2017 3:29 am

DrCR wrote:
End User wrote:
just brew it! wrote:
That could probably be said of 95% of the posts on this forum. Why complain specifically about this one?

It does apply to ever end user.

There's more than one of you?

We are everywhere!
Threadripper 1950X build parts have arrived - i'm procrastinating on the build :(
 
steelcity_ballin
Gerbilus Supremus
Posts: 12011
Joined: Mon May 26, 2003 5:55 am
Location: Pittsburgh PA

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Wed Sep 13, 2017 6:23 am

Interesting. I skimmed the article but didn't see anything about how the attack works beyond the overflow. I'm far from an android expert but I would hope that the only thing an open BT connection is looking for is specific connection requests and *anything* else is discarded if it's not paired. So then, if that was true, then I'd expect the exploit to target something here. I was admittedly pretty ignorant to the BT tech as a whole; very surprised to learn the range is close to that of what an average wifi signal is - though I'm not sure of the wavelength and how good it is at penetrating structures.

For something as large as an ecosystem as android, I'm really surprised this wasn't found sooner. You'd think that vendors/partners would be paying hand-over-fist for elite talent to try and find these things.
Corsair 600T | ASUS P8P67 PRO | Intel 2500k @ 4.4Ghz | Asus 1080GTX | G.SKILL Ripjaws Series 8GB | Corsair HX650 650W | Asus ROG Swift Gsync 27"
 
just brew it!
Gold subscriber
Administrator
Posts: 49743
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Wed Sep 13, 2017 8:28 am

steelcity_ballin wrote:
For something as large as an ecosystem as android, I'm really surprised this wasn't found sooner. You'd think that vendors/partners would be paying hand-over-fist for elite talent to try and find these things.

You mean like Equifax did to protect the credit data of everyone in the frikkin' country? Oh, wait...

Pick pretty much any OS or large application/service, and it has probably had serious vulnerabilities that went undiscovered for months or years. Security is often an afterthought (if it gets any thought at all). The quality of a lot of production software is shockingly, horrifyingly bad.

That line about how you don't want to see how laws or sausage get made? It applies to software too. In spades. Closed vs. Open source doesn't make much difference either.
Nostalgia isn't what it used to be.
 
Glorious
Gold subscriber
Grand Admiral Gerbil
Posts: 10303
Joined: Tue Aug 27, 2002 6:35 pm

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Wed Sep 13, 2017 8:42 am

JBI wrote:
That line about how you don't want to see how laws or sausage get made? It applies to software too. In spades. Closed vs. Open source doesn't make much difference either.


That's for sure.

There's a big imbroglio right now in bitcoinland because someone disclosed a theoretical implementation vulnerability "without following proper disclosure practices" just three or so days ago.

But, uh, he pre-public notified all of the relevant maintainers months before. And he did the disclosure doing a conference literally entitled "breaking bitcoin".

Despite this, a prominent developer of the foremost implementation was angrily denouncing him during Q&A, because, I don't know, he didn't specifically agree to a timeline of release? The moderator had to call for a break because, as he even said, he didn't want a fight to break out.

The kicker? The prominent developer I mentioned who was attacking the presenter? Yeah, earlier this year he publicized a remote crash bug in a competing implementation over twitter, with no warning whatsoever.

It's ugly even AFTER the sausage gets made.
 
the
Gold subscriber
Gerbil Elite
Posts: 851
Joined: Tue Jun 29, 2010 2:26 am

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Wed Sep 13, 2017 9:07 am

steelcity_ballin wrote:
For something as large as an ecosystem as android, I'm really surprised this wasn't found sooner. You'd think that vendors/partners would be paying hand-over-fist for elite talent to try and find these things.


The elite talent is already employed by the NSA already to do just that. Not sure about this particular example but they have been known to hang on to numerous vulnerabilities they find for years before they are discovered in the public sphere.
Dual Opteron 6376, 96 GB DDR3, Asus KGPE-D16, GTX 970
Mac Pro Dual Xeon E5645, 48 GB DDR3, GTX 770
Core i7 3930K@4.2 Ghz, 32 GB DDR3, GA-X79-UP5-Wifi
Core i7 2600K@4.4 Ghz, 16 GB DDR3, GTX 970, GA-X68XP-UD4
 
Captain Ned
Gold subscriber
Global Moderator
Posts: 26476
Joined: Wed Jan 16, 2002 7:00 pm
Location: Vermont, USA

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Wed Sep 13, 2017 9:40 am

the wrote:
The elite talent is already employed by the NSA already to do just that. Not sure about this particular example but they have been known to hang on to numerous vulnerabilities they find for years before they are discovered in the public sphere.

They burned about 6 or so zero-days to make Stuxnet.
If the Earth were flat, cats would have pushed everything off of it by now.
 
just brew it!
Gold subscriber
Administrator
Posts: 49743
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Wed Sep 13, 2017 9:56 am

the wrote:
steelcity_ballin wrote:
For something as large as an ecosystem as android, I'm really surprised this wasn't found sooner. You'd think that vendors/partners would be paying hand-over-fist for elite talent to try and find these things.

The elite talent is already employed by the NSA already to do just that. Not sure about this particular example but they have been known to hang on to numerous vulnerabilities they find for years before they are discovered in the public sphere.

...and most of the elite talent that isn't working for the NSA has more interesting things to do than vet old code that someone else wrote for bugs.
Nostalgia isn't what it used to be.
 
steelcity_ballin
Gerbilus Supremus
Posts: 12011
Joined: Mon May 26, 2003 5:55 am
Location: Pittsburgh PA

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Wed Sep 13, 2017 10:26 am

just brew it! wrote:
the wrote:
steelcity_ballin wrote:
For something as large as an ecosystem as android, I'm really surprised this wasn't found sooner. You'd think that vendors/partners would be paying hand-over-fist for elite talent to try and find these things.

The elite talent is already employed by the NSA already to do just that. Not sure about this particular example but they have been known to hang on to numerous vulnerabilities they find for years before they are discovered in the public sphere.

...and most of the elite talent that isn't working for the NSA has more interesting things to do than vet old code that someone else wrote for bugs.


I'd argue that this is more of a result of companies not offering fair bounties for smaller bugs, or large enough bounties for potential 0-day vulnerabilities. Bug in a browser that screws up a specific brand of screen reader? Sure, that's going to get a smaller bounty if it's known in the wild and not a real exploit. Known, or Unknown 0-day stuff should be millions of dollars. If you offered 1 million after taxes USD for exploiting some major interface like this, I promise you that **** would get patched so fast (or sold off to a higher bidder, heh)- Then keep the door open for anyone else to do similar and get a similar reward. You probably spend a small fraction of what it's going to cost you when it's exploited in the wild and you have a major class-action lawsuit on your hands. And I'd bet that the NSA doesn't pay their top talent *that* well.

I think that people who are out there today looking to break things in order to sell it off would likely prefer a legal, ethical, and profitable means of reporting/solving this. I think what you have is tight-ass execs who don't want to pay for it, but they will sooner or later. Give good hackers a chance to do good and profit from their work fixing your buggy mess. Lots of people like doing this.
Corsair 600T | ASUS P8P67 PRO | Intel 2500k @ 4.4Ghz | Asus 1080GTX | G.SKILL Ripjaws Series 8GB | Corsair HX650 650W | Asus ROG Swift Gsync 27"
 
just brew it!
Gold subscriber
Administrator
Posts: 49743
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Wed Sep 13, 2017 10:51 am

steelcity_ballin wrote:
I'd argue that this is more of a result of companies not offering fair bounties for smaller bugs, or large enough bounties for potential 0-day vulnerabilities. Bug in a browser that screws up a specific brand of screen reader? Sure, that's going to get a smaller bounty if it's known in the wild and not a real exploit. Known, or Unknown 0-day stuff should be millions of dollars. If you offered 1 million after taxes USD for exploiting some major interface like this, I promise you that **** would get patched so fast (or sold off to a higher bidder, heh)- Then keep the door open for anyone else to do similar and get a similar reward. You probably spend a small fraction of what it's going to cost you when it's exploited in the wild and you have a major class-action lawsuit on your hands. And I'd bet that the NSA doesn't pay their top talent *that* well.

I think that people who are out there today looking to break things in order to sell it off would likely prefer a legal, ethical, and profitable means of reporting/solving this. I think what you have is tight-ass execs who don't want to pay for it, but they will sooner or later. Give good hackers a chance to do good and profit from their work fixing your buggy mess. Lots of people like doing this.

I think there's some serious potential for abuse there though. If you do that, you'll have people intentionally putting exploitable bugs in released software, then secretly splitting the bug bounty with a co-conspirator who "finds" the exploit.
Nostalgia isn't what it used to be.
 
Glorious
Gold subscriber
Grand Admiral Gerbil
Posts: 10303
Joined: Tue Aug 27, 2002 6:35 pm

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Wed Sep 13, 2017 10:52 am

 
just brew it!
Gold subscriber
Administrator
Posts: 49743
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Wed Sep 13, 2017 11:02 am

Glorious wrote:
http://www.underhanded-c.org/

Heh. That article mentions "NaN poisoning attack" as an interesting potential exploit vector. That one hadn't occured to me.

On a semi-related note, a few months ago the "Service Alerts" section of the Metra (Chicago area commuter rail system) web site was showing the timestamps of the notices they were posting as "NaN". :lol:
Nostalgia isn't what it used to be.
 
steelcity_ballin
Gerbilus Supremus
Posts: 12011
Joined: Mon May 26, 2003 5:55 am
Location: Pittsburgh PA

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Wed Sep 13, 2017 11:24 am

just brew it! wrote:
I think there's some serious potential for abuse there though. If you do that, you'll have people intentionally putting exploitable bugs in released software, then secretly splitting the bug bounty with a co-conspirator who "finds" the exploit.


Ideally, the enterprise you work for can afford a competent team that enforces source control and code reviews/audits of anything that gets added for merging to production. Even then, there's breadcrumbs to show who did what and when, should that ever happen. We can't do anything where I work without it leaving a laundry list of breadcrumbs as to what was changed. If you can't trust your employees to do their job correctly and with integrity, I'd say you have bigger problems. Then again, I do love me a good fraction-of-a-penny-rounding-scheme.

Glorious wrote:
http://www.underhanded-c.org/

Cool - Not surprised at all that this exists. Code reviews should be mandatory, pair-programming can be a useful tool too early on for jr devs to learn the ropes, but also to switch pairs around to keep the style of code consistent, and the quality high and honest. Any source control software is going to have a way to track everything anyone has ever done. I know TFS isn't loved by many, but it does have options (as do many other solutions) for preventing any code merges to active branches without a trusted reviewed signing off on it. Not a perfect solution but better than nothing. Bad people are going to do bad things. The best we can do is try to catch them; Anti virus will never catch up to the most advanced heuristics (who even uses AV anymore heh). You can't outpace the devious creator, only try to be prepared.
Corsair 600T | ASUS P8P67 PRO | Intel 2500k @ 4.4Ghz | Asus 1080GTX | G.SKILL Ripjaws Series 8GB | Corsair HX650 650W | Asus ROG Swift Gsync 27"
 
Glorious
Gold subscriber
Grand Admiral Gerbil
Posts: 10303
Joined: Tue Aug 27, 2002 6:35 pm

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Wed Sep 13, 2017 11:51 am

steelcity_ballin wrote:
Ideally, the enterprise you work for can afford a competent team that enforces source control and code reviews/audits of anything that gets added for merging to production.


hahahahahahah

*breathes*

hahahahahahahahhahahahahahahahah

*breathes*

*sighs*

*groans*

*frowns*

I work in industrial automation with stuff that can kill people, and the closer you get to the stuff that directly controls the fatality potential, the less controls seem to exist.

I am not joking, there are ladder-logic programmers who come in on contract from vendors/project management companies, who do god knows what with zero documentation, zero control, zero oversight, and this happens all the time.

I directly worked with someone who, futzing around with a level 1 system, completely violated LOTOTO and could have easily killed someone if all the factors had coincidentally lined up.

He was promoted. This is a Fortune 250 company.

steelcity_ballin wrote:
If you can't trust your employees to do their job correctly and with integrity, I'd say you have bigger problems.


If someone is being offered half-a-million dollars to "make a mistake", a "mistake" that will likely never lead to any actual losses because they're in cahoots with someone who's going to take another half-million dollar payday to privately disclose it before anyone else discovers it, what's the "bigger problem?"

Because that's.... as big as it is realistically going to get for anyone, right? What other kind of ethical concerns about code maintainership have anywhere near that kind of temptation behind them?

steelcity_ballin wrote:
Code reviews should be mandatory, pair-programming can be a useful tool too early on for jr devs to learn the ropes, but also to switch pairs around to keep the style of code consistent, and the quality high and honest.


OK. So your node.js or whatever crap is great. Perfect, fact. Best ever.

Who cares? What about libraries? Layered software? Environment control?

I mean, in this particular case, it's blueZ, right? An open-source bluetooth stack?

What does a company do about that?

steelcity_ballin wrote:
Any source control software is going to have a way to track everything anyone has ever done.


In theory.

In actuality, you tend to find that you can't always build what's in it. Or, when you can, it doesn't exactly match what's currently in production. Who knows? The guy with commits doesn't, or she doesn't even work there anymore. Or it turns out that he didn't write it, someone else did. It was code snippet from stackexchange, cargo code from somewhere else internally. They can't explain what it did when they wrote it the first time, let alone now. Worse case, you fire them. What a great place to work!

This is not a simple problem, and the moral hazard that JBI is talking about is precisely why bug bounties are almost exclusively offered by 1) best-in-class makers of 2) ubiquitous and broad-facing software and 3) virtually only ever claimed by an informal community of well-known participants.

Making the practice universal confounds all three.
 
freebird
Gerbil
Posts: 45
Joined: Thu Aug 31, 2006 4:03 pm

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Wed Sep 13, 2017 12:55 pm

Flying Fox wrote:
just brew it! wrote:
Flying Fox wrote:
Cabin with electricity and running water? Then you are still not completely off grid.

Solar/wind and your own well?

Unless you can make your own panels, turbine blades, and generator, you can still be tracked. Not to mention a large enough panel array and/or turbines can be seen by satellites.


What's do you have against WATER power?
http://www.askaprepper.com/homemade-wat ... generator/

As to satellites, what CAN NOT be seen by them? unless you live in an evergreen forest, then they probably would have a hard time seeing you.
 
DrCR
Gerbil Team Leader
Posts: 229
Joined: Tue May 10, 2005 7:18 am

Re: Turn Off Bluetooth. [Jack Bauer]DO IT NOW![/Jack Bauer]

Thu Sep 14, 2017 2:28 am

freebird wrote:
Flying Fox wrote:
just brew it! wrote:
Solar/wind and your own well?

Unless you can make your own panels, turbine blades, and generator, you can still be tracked. Not to mention a large enough panel array and/or turbines can be seen by satellites.


What's do you have against WATER power?
http://www.askaprepper.com/homemade-wat ... generator/

As to satellites, what CAN NOT be seen by them? unless you live in an evergreen forest, then they probably would have a hard time seeing you.

if you live underground, then maybe would have a hard time seeing you. Spy satellites surely use more than visible light.
There's such a thing as a healthy sense of paranoia then it comes to security. But if spy satellite factors transition from paranoia to reality, then your goose is already cooked, something along these lines: https://www.xkcd.com/652/

Who is online

Users browsing this forum: Yahoo [Bot] and 1 guest