Today, it appears Youtube’s codex are being used to insert new tailored access capabilities. That’s been going on for over a week...
Avoiding clicks on Google links seems it avoids the problem.
Post SolarWinds, the ongoing “legitimate” yet oddly desperate hacking of your systems by Microsoft “services” and its partners, whether “legitimate” or “accidental” continues unchecked... sustaining the inability of most users to ensure rudimentary privacy or any security.
Sandboxing Google still results in Google obtaining access, not just in spite of the sandbox, but in spite of all other comms than the one open link enabled with a public face being curtailed. The sandbox does throttle performance which is worth noting.
Shutting down open links using legitimate MSFT systems files results in new links being crafted using other system files, all with full permissions.
The problem is clearly in the maladaptive control over permissions, that function now identical to that previously outlined in relation to the re-routing of sourcing in “updates” with the spoofing of system file update locations, paired with changes in comm routing...
Now, they’re spoofing permissions, and internal functions instead of exogenous external links...
Only, now the issue is direct: the “legitimate” control is the source of the “spoof”...
It’s not Russia... unless Russia pawnd / owns the entire “legitimate” infrastructure.
China / Google as the bad actors makes way more sense.
All users should continue to assume that everything done on a computer, even without any overt connections being acknowledged, is “monitored”.
That applies equally to the use of Tor (which “they” created anyway), etc., assuming both keyboard level access and open comms exist without indications... and that the Tor routing is not random. But, for now, every other “secure” system, including those in government, should be assumed to be “not secure”... even with air gaps.
Well structured and functional faraday cages should still work... however, the extent of the issue in the “social” aspect of the hack should create a clear awareness that OPEN vulnerability exists in the staffing of facility management, where excess trust in “legitimate” sources likely survives.
The breakdown in trust structures extends into the human element within ALL “secure” operations... as the model previously outlined still pertains: the hack is structured to ensure security risk is dependent on avoiding even a single point of failure... while potential points of failure are expanded, each working inside the trust structure, human and technical.
Sniffing packets between a machine and comms on throttled access single point linkages may still prove instructive... however, without air gaps in power sources/filters and outside a faraday cage, assuming you know all the comm links that exist is error.
However, in monitoring a well throttled link, without certainty in primary control over securing the entire system, you also cannot assume integrity in the network is not bypassed.
Basically, every computer is a brick... until the problem is fixed. It is not fixed.
For now, at least, “monitoring” rather than direct obstruction seems it is the focus, again, post SolarWinds.
The only “likely to be secure” means of communication thus are reduced to dependence on “non technical” modes inherent in the innovation typical in the evolution of language.
Speak jive to non-jive speakers... is your only hope, Obi-Wan.
Let them know you know, by clicking on the link:
WARNING: SECURITY RISK AHEAD
Barbara Billingsley on speaking “jive” in “Airplane” - YouTube
https://www.youtube.com/watch?v=gUw2fIa0dSI
Microsoft’s Dism Host Servicing Process is exploitable malware.