Ubuntu 12 booted from Distro CD allows india staffing companies to break into computer and spy while online

Asked by John Prudence on 2014-04-29

I had a problem with indian staffing companies breaking into ubuntu from outside my firewall
and spying on my computer all day long while i'm apply to computer science jobs online.
They use information my computer to call me up and
tease me on the phone. These india badboys easdroppers all seem to be afilliated with the following companies:

Wipro, iGATE, HCL, Patni, Sasken, Mindtree, Zensar, L&T, Global logic, Symphony, Mistral, Aricent, Persistent, Infosys, Tech Mahindra, Tata Elixsi, KPIT, Smartplay or Synapse is preferred.

Is there something bad hidden on Ubuntu that is allowing hackers to break in
and spy on your computer if they have your ip address?
I noticed they call your home phone like crazy
trying to fish around until they can get your location
and ip address by filling out some phony webforms
or word documents. before they attack your computer
with easedropping espinage attack.

I think this is a very serious security problem that somebody needs to locate
we can have indians breaking into people's computer trying
to block them from computer science related jobs.
they are already a big enough pest when trying
to appy to normal companies in the united states without
some hidden backdoor in ubuntu helping them.

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu linux Edit question
Assignee:
No assignee Edit question
Last query:
2014-04-29
Last reply:
2014-04-30
michael (yellupcm-gmail) said : #1

Which firewall are you using?

Thomas Kr├╝ger (thkrueger) said : #2

Well, on once hand every operating system can be attacked, but on the other Ubuntu is one of the systems that are rather hard to attack successfully. Also the amount of resources needed to attack an individual computer is too high just to retrieve some personal data of maybe one or two persons. It is more likely, that your data has been provided by some website or company you gave it too. Either they sold it or they have been attacked. Both happens a lot.

If you still think your computer has been compromised. Please explain in more details what the symptoms are, other then just suspicions.

John Prudence (w-john-l) said : #3

I don't know... maybe theres some extra device driver that's loaded when booted live off the distro that allows them to break in that's not loaded when installed ... change some tcp/ip fields for some protocal and get a response back with unlock keys piggie backed on an invalid part address in the packet...

I've suspected for years that a certain group of people that are secretly hiding bugs in device drivers for the purpose of breaking into computer systems world wide. all they need to do is id your computer to somehow query your operating system, make and model of your computer (to know which device driver exploit to use) and the IP address where to send the attack protocal packets that exploit the driver...

find out the ip and location and model of your computer is actually easy to do if the hackers are talking with your in a trust relationship such as a empolyment agency that can ask you to fillout forms on line or open special word documents with macro virues to log your computer ip, make and model so that you email them your information back to the corrupt empolyment staffing company in your job application form without even realizing that you are giving everything they need to activate the bug tied to your computer system.

and what's with all the intel vpro stuff? i can't beleive they would embed a remote administraton tool at the hardware level that is completly out of direct control of the operating system... and decide to start putting their IC's in everybody's computer without telling them... that sounds like an exploit waiting to happen.

John Prudence (w-john-l) said : #4

and let's not forget... that reading somebody's webpage actally gives them your ip address...
when i talk to an empolyment agency... there are only a few people a day that talk to them...
they know its you, when you click on their webpage and look at their website...
now they know where to send attack packets...

John Prudence (w-john-l) said : #5

and ohh btw, guess where many companies outsourcing device driver development:

Wipro, iGATE, HCL, Patni, Sasken, Mindtree, Zensar, L&T, Global logic, Symphony, Mistral, Aricent, Persistent, Infosys, Tech Mahindra, Tata Elixsi, KPIT, Smartplay or Synapse.

(if you can find a bug in the messy strange code these people write... you are better than me...)

Can you help with this problem?

Provide an answer of your own, or ask John Prudence for more information if necessary.

To post a message you must log in.