Delivery-Date: Mon, 23 Nov 2015 20:29:42 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	LOTS_OF_MONEY,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id C9A981E0F9E;
	Mon, 23 Nov 2015 20:29:40 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 7FE1B3827B;
	Tue, 24 Nov 2015 01:29:34 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id EE175380DC
 for <tor-talk@lists.torproject.org>; Tue, 24 Nov 2015 01:29:30 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id m6HsdhDr5Q1I for <tor-talk@lists.torproject.org>;
 Tue, 24 Nov 2015 01:29:30 +0000 (UTC)
Received: from millet.cc.columbia.edu (millet.cc.columbia.edu [128.59.72.250])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id C6A44372AE
 for <tor-talk@lists.torproject.org>; Tue, 24 Nov 2015 01:29:30 +0000 (UTC)
Received: from hazelnut (hazelnut.cc.columbia.edu [128.59.213.250])
 by millet.cc.columbia.edu (8.13.8/8.13.8) with ESMTP id tAO1Q3ru007333
 for <tor-talk@lists.torproject.org>; Mon, 23 Nov 2015 20:29:28 -0500
Received: from hazelnut (localhost.localdomain [127.0.0.1])
 by hazelnut (Postfix) with ESMTP id 5886B6D
 for <tor-talk@lists.torproject.org>; Mon, 23 Nov 2015 20:29:28 -0500 (EST)
Received: from paneer.cc.columbia.edu (paneer.cc.columbia.edu [128.59.29.4])
 by hazelnut (Postfix) with ESMTP id 4396D6D
 for <tor-talk@lists.torproject.org>; Mon, 23 Nov 2015 20:29:28 -0500 (EST)
Received: from mail-vk0-f51.google.com (mail-vk0-f51.google.com
 [209.85.213.51])
 by paneer.cc.columbia.edu (8.14.4/8.14.3) with ESMTP id tAO1TRx4002784
 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
 for <tor-talk@lists.torproject.org>; Mon, 23 Nov 2015 20:29:28 -0500 (EST)
Received: by vkfr145 with SMTP id r145so1763333vkf.0
 for <tor-talk@lists.torproject.org>; Mon, 23 Nov 2015 17:29:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=columbia-edu.20150623.gappssmtp.com; s=20150623;
 h=message-id:date:from:user-agent:mime-version:to:subject:references
 :in-reply-to:content-type:content-transfer-encoding;
 bh=7pZsHLBkUPcXKfAihZ0A4kaexPEDQJytm6WH61B7h1k=;
 b=R2UqQjBNK2UE/uAq2TFClq5MNmbHa+Zx902oPzpE82sIK+p3phAYKuQHTUw/gSYI2e
 bCwxWK7Vxf/A6Sa6WLi2bEiloz57S4IxYSAEDZjZ07Vba4MPqW3CYA0NnLSgJV7WfxmO
 B4pJUbUzIf70PGqowi2gKBPmEhEEOtyTqsMwnJr71ij3eVRADqCRCVpD54cRBXFPIqFa
 HW0qRxy0pwjal1bavK5t0f40AX+BPHxyZwwJ9xB2h95d0YqYm1vrA4LFv0PGXFpenHx3
 tqcYM9W/O9g7pcaWeiMLs0MJdRZgCcl+qY7VQ5XZGvnK336XflENjZLlq4khelCNZGBd
 IqFA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to
 :subject:references:in-reply-to:content-type
 :content-transfer-encoding;
 bh=7pZsHLBkUPcXKfAihZ0A4kaexPEDQJytm6WH61B7h1k=;
 b=RoHdOsPgWoELhFgrmuXxRRkhx58ipE3IVafH3R2rwQlw2Y21DiWFBR0TV5fCJXYRgw
 6shkSKbWvf+FdAt8y1xDAo2eVp61KeDWbFhcUMQCs/l3mNWlqXGhQxas6ijnA76i2lR5
 W9yUNlVaqOBLtlw8aBGygqQCOACHLgk7Gme5+lZCp72cGvkZSqjVCKJ+B8dIGWe5jm3e
 DZAqv7JkYkSrYhylxJOgyU/FdGksCqBqnh309DrQlcU0xGBzp8reMn73d35kfTfIq5dn
 VkxGUsaMV2pTv+wkoTYF1Ck2RByt3H2TCEW8aly+xWFmXSR613nQLiehBOAw3VL00CEg
 m/xQ==
X-Gm-Message-State: ALoCoQnN6zzDzj/KufAg3Jry00Ng8bZe1MuUgkRmsB06/0S7ObR1c8qBC+AzGWfqyq7QR18t2G/zmaGpNMQN4d/TduxrJ35pJ4YmAii1v41zqCzNd5U3W83P0U/hBhX8fMHQxVMyABkKzxRjQuNSiglrf9rVUY5C4Q==
X-Received: by 10.31.50.13 with SMTP id y13mr22511156vky.128.1448328567671;
 Mon, 23 Nov 2015 17:29:27 -0800 (PST)
X-Received: by 10.31.50.13 with SMTP id y13mr22511138vky.128.1448328567361;
 Mon, 23 Nov 2015 17:29:27 -0800 (PST)
Received: from [192.168.1.47] (pool-108-21-7-207.nycmny.east.verizon.net.
 [108.21.7.207])
 by smtp.gmail.com with ESMTPSA id x185sm12972691vkd.12.2015.11.23.17.29.26
 for <tor-talk@lists.torproject.org>
 (version=TLSv1/SSLv3 cipher=OTHER);
 Mon, 23 Nov 2015 17:29:26 -0800 (PST)
Message-ID: <5653BD75.60909@columbia.edu>
Date: Mon, 23 Nov 2015 20:29:25 -0500
From: "William H. Depperman" <whd2@columbia.edu>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
 rv:1.9.1.7) Gecko/20100111 Thunderbird/3.0.1
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <56527DBA.6000904@columbia.edu>
 <CAMYxE2vAEp6GbJc7BN+HRtpNJ5dijVRAHH8P4DA6pvpn2yoWfQ@mail.gmail.com>
In-Reply-To: <CAMYxE2vAEp6GbJc7BN+HRtpNJ5dijVRAHH8P4DA6pvpn2yoWfQ@mail.gmail.com>
X-No-Spam-Score: Local
X-Scanned-By: MIMEDefang 2.68 on 128.59.29.4
Subject: Re: [tor-talk] Removing viruses from the BIOS Chip to Vladimir and
 Matthew Kaufman
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

To Rick Evans:

             I am not a Hacker. You seem to be writing just to be 
writing. I have to have a precise explanation written "for dummies." I 
do not know how to do what you wrote either. And I think you probably 
know that, Rick. So, back up and try to put it into terms which I can 
easily understand. You say, shall we say disingenuously: "As far as ANT 
goes the Idea has been around for a long time." Huh? Yeah, right! What I 
wrote regarding the NSA Secret Police ANT Program as stated is based on 
Snowden's released documents. I am sending you a copy. Your attempt to 
trivialize it falls completely FLAT! Sorry about that Rick. What you 
have written would be helpful, which it is not in a practical sense, but 
only in the sense intended which is apparently to intimidate for who's 
benefit? You say: "Xp was found to have a class ID named NSAkey buried 
deep in it's code." Duh! We couldn't guess that, right. The point is to 
pinpoint it and give simple "for dummies" practical steps to eliminating 
that access key.

Depperman








On 11/23/2015 2:45 AM, Rick Evans wrote:
> What the guy was talking about was to use your own custom loadable driver
> to handle access to Interrupts 21 and 9.  There are drivers already in
> place in the bios that normally handle this function.  At the hardware
> level in the bios though if these routines happen to be malware then any
> use of the keyboard can be monitored through Int 21h and any access to
> hardware, like disk drive access ect could also be interfered with.  If
> every bios and computer is rigged then there is no escape except to rewrite
> those routines and check on a regular basis so that they don't get replaced
> by the built in ones.  Some types of malware have built in defenses.  As
> far as ANT goes the Idea has been around for a long time.  I have noticed
> that even with network sharing specifically disabled some stuff would crawl
> around in the network from box to box and you had to swat them one at a
> time with all other boxes disconnected until you cleaned them all.  I knew
> one guy who found the stuff hidden in the printer character memory.  The
> company replaced all their computers with new ones and of course still had
> expletives coming from their printers.  A former employee had his revenge.
> Another software developer from another company had gotten gypped out of
> payment for his work.  You have no Idea what that cost them and their
> customers.  Now we call such software windows and pay for "upgrades" that
> are as defective as their predecessors. Xp was found to have a class ID
> named NSAkey buried deep in it's code..  Now I wonder what that could be
> for?  Windows is hopeless.  Old Motorola 68000 based Amigas and Macs might
> be ok.
>
> On Sun, Nov 22, 2015 at 8:45 PM, William H. Depperman<whd2@columbia.edu>
> wrote:
>
>    
>> To Vladimir:
>>
>> Hi Vladimir,
>>
>>              You did not reply through regular email so the NSA may have
>> blocked my incoming email. In fact today I received virtually NO email from
>> TOR. Obviously what you sent me appears to be a genuine response. But I
>> showed your response to a friend who knows how to program but he could not
>> understand what you were telling me to do. So there is still a problem for
>> me but not for you. _*Here are your responses to me asking how to remove
>> BIOS Chip computer viruses: *_
>>
>>              1.) "see doc. on INT 9h (hardware interrupt)  and INT 21h
>> (BIOS keyboard)"
>>
>>              2.) Trace(debugger) from INT 9 vector - and see all...
>>
>>              3.) Use loadable INT 9/21h driver - and any viruses can't have
>> control...
>>                   (checked debugger in mem int 9 -->  our driver).
>>
>>              4.) Virus can't be detected, if signature not in
>> antivirus-collection, but
>>                    debugger show all...
>>
>>              5.) Also use not connected to network computer for typing and
>> removable FD/flash...
>>
>>              I need step by step instructions on to precisely accomplish
>> this meaning that I need more information on how to do what you said.
>> Remember YOU are a Hacker already! I am NOT! So Big difference! So please
>> imagine you are writing a book: _*"Removal of NSA Computer viruses placed
>> on the BIOS CHIP FOR DUMMIES*_
>>
>>              Thanks very much. I hope you liked what I sent you and have
>> decided to send it out to your complete mailing list. Thanks again and I
>> hope to hear from you in the very near future. (Once again TOR does not
>> permit attachments.)
>>
>> Bill Depperman
>> whd2@columbia.edu
>>
>> _*And to Matthew Kaufman I wrote:*_
>>
>> Hey,
>>
>>              Do you know how to or have you ever removed a virus from the
>> BIOS Chip? Attacking the BIOS Chip is how it is done these days by NSA.
>> Apparently they do not bother with the hard drive and go directly to the
>> mother board. Here is what I wrote on the ANT Program described by Edward
>> J. Snowden. See the bottom of *_page 8_*. I also recently completed the
>> _*Materialist Analysis of Theoretical Astrophysics*_. It is
>> self-explanatory. Before we meet to talk please read these 2 documents and
>> at least read the first several pages of the second document and tell me
>> what you think. If we are are going to talk it is good to know what is to
>> be discussed.
>>
>> Bill Depperman
>> whd2@columbia.edu
>>
>>
>> On 11/21/2015 11:27 PM, Matthew Kaufman wrote:
>>
>>      
>>> Hey,
>>>
>>> Are you in New York city? I will meet you.. to talk!
>>>
>>>
>>>        
>> Here is what I wrote in the Materialist Analysis of Edward G. Snowden
>>
>> *"_ANT!_"*
>>
>> *"_ANT_"* (*_Access Network Technology!_*) is the *_NSA_* Special Division
>> which has surreptitiously installed an entire catalogue, an "*_NSA_*
>> toolbox," of hardware products into computer networks and computers
>> worldwide (*/Der Spiegal/*, December 30, 2013), penetrating their digital
>> firewalls through special "back doors." *_ANT_* has burrowed into all
>> security architecture made by major network and computer companies e.g.
>> such as CISCO Systems, Junipur Networks and the Chinese Huawei and also
>> Dell, HP and all the rest! For example, the name of the so-called "digital
>> lock pick" for Junipur Networks is *_FEEDTROUGH Malware_* (Oy!) and is used
>> to */_permanently_/* implant *_NSA_* surveillance programs into even
>> mainframe computers, spy programs which can even withstand "across reboots
>> and software upgrades." The specialists at *_ANT_*, the *_ANT PEOPLE_*,
>> work in the *_NSA's_* department for *_Tailored Access Operations_*
>> (*_TAO_*). The *_ANT_* hardware is very expensive but the costs are all
>> taken care of in the *_Black Budget!_* No problem! A targeted monitor cable
>> that allows "TAO personnel to see what is displayed on the targeted
>> monitor" costs only $30.00, but an "active GSM base station" that mimics a
>> mobile phone tower, which can monitor cell phones costs $40,000.00. The
>> *_USB_* computer-bugging devices mentioned above, which are capable of
>> sending and receiving data undetected via radio come in packs of 50 for
>> over $1 Million! The *_ANT_* people (!) develop and preferentially plant
>> malware in the *_BIOS chip_* on the motherboard. This makes is invisible to
>> anti-virus or anti-malware programs. And even if the hard drive is
>> completely erased and a new operating system is installed the *_ANT_*
>> malware continues to function and ensures that new spyware can again be
>> loaded onto what was thought to be a "clean computer!" The *_ANT_*
>> developers call this *"_Persistence_,"* which simply means *_NSA_* has
>> permanent access to the computer. Another (nameless?) program attacks the
>> hard drives of Western Digital, Seagate, Maxtor and Samsung undermining the
>> security of both American companies and *_ALL_* companies! Other *_ANT_*
>> programs target Internet large-scale routers and hardware firewalls
>> intended to protect company networks. Many digital attack weapons are
>> "remotely installable" over the Internet, while others require a direct
>> attack, which the *_NSA_* calls an *"_interdiction_"* in order to install
>> it. This writer has had his computer completely taken over by *_NSA-ANT._*
>> The NSA has installed its software in the *_BIOS CHIP_* of both computers
>> so "anti-virus" and "anti-malware (e.g. Malwarebytes)" is totally useless.
>> This writer has keystroke-by-keystroke real time team monitoring&  open
>> harassment. If the *_ANT_* software was removed it could be immediately
>> re-installed!
>>
>> --
>> tor-talk mailing list - tor-talk@lists.torproject.org
>> To unsubscribe or change other settings go to
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>
>>      


-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

