Date: Mon, 25 Feb 2019 23:12:31 +0100 From: =?UTF-8?B?QWxiaW4gTGlkw6lu?= <albin.liden@gmail.com> To: =?UTF-8?B?QWxiaW4gTGlkw6lu?= <albin.liden@gmail.com>, freebsd-questions@freebsd.org, linus.torvalds@linux.org Subject: The illusions of The Matrix Message-ID: <CAB4busuDQOoynRiG-1duj6_NgCgCjfS-acSR7ZF0Jah%2BS%2BCbAw@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Please send this to the right team! And please, do think about this as a project... and a beginning of another era of computer security. Do know: This is just a proposition and still an idea and abstract concept. Here goes: Hello you developers and govs of BSD and Linux This is a proposal to a new security layer for *NIX systems Please do read and ponder if it will be doable? Could we create this "security mechanism" called ILLUSION with a security application suite called "The Matrix"? [ NONE REAL PRINCIPALS ARE INCLUDED IN THIS DOCUMENT, PLEASE REFER TO TECHNICAL DOCUMENTATION INSTEAD, THIS IS ONLY THE CONCEPT/IDEA. ] [ THE TECHNICAL TERMS AND DOCUMENTS WILL BE EMAILED LATER ]. Here it is: >>>>>>>>>>>>>>>>>>>>>>>>>>The Matrix<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< A security suite program including the ILLUSION lock-mechanism Having utilities/tools such as websion <- localhost webbased configuration of the Matrix [ apache localhost port 1337 ] illcontrol <- ILLUSION control utility [ commands from console ] and tons of config files ILLUSIONd A service/daemon to govern security principals applied to localhost These principals arent documentated here, please think of them as: well kind of, internal OS-"firewall rules" Upon installing the Matrix a GUID will be automatically generated (yes such as in a database). This Guid is the password that is needed to inactivate the protection/disable the daemon With Matrix installed * Users are unable to break the security principals currently applied by admins of The Matrix Accounts and rights to the Matrix, it's utilities and functionalities * Mopheus: the root user installing the security suite (can shutdown with right guid, anytime). * Smith: >> Administrator of the "Illusion-lock-mechanism" and full access and use of its utilities >> Can temporaily disable the matrix for X seconds (being logged) but NOT uninstall it (ILLUSION is reenabled again, after a reboot). * Agent (in three levels) >> Agent Gold: >> full control of the software principal variables >> Can promote 1 user account on localhost to Neo >> Agent Silver: can customize and apply some of the security principals and create the "bronze agent". >> Agent Bronze: can APPLY FOR a change of security principals (which is then applied by gold agent) >> Agents cannot disable ILLUSION(d) * Neo >> Access custom rules withinin ILLUSION >> Accessable with webbrowser to localhost/apache * Someone: Regular user which is under the control of The Matrix and its ILLUSIONS (not Pwned yet) >> Can see being restricted in illusion and what way * Nobody >> Pwned by the ILLUSION of The Matrix, looks like every other system (well, it is not). This group of user accounts will see another netstat, ps-list, installed programs, another userslist, uptime, uname etc). Because the ILLUSION is setup that way and the admins wants the user handled by being restricted in such manner. Special Users: * INFILTRATOR >> Someone secret which can shutdown matrix instantly by having the password to CMOS >> Gets 3 password/GUID-guesses then the computer will LOG and shutdown * casper Being a "friendly holy ghost" having access to spectate everything within matrix security logs (Only spectate, realtime). * spook [ this user is an important "shadow" that should be impossible to find/spawn after the ILLUSION is up ] >> spook will be the spectator of the real and the ILLUSIONIZED system. In a ILLUSIONIZED system the users will be "seeing double": (meaning ps axu, uname, uptime and so on will be unhonest/inaccurate but look VERY authentic). The whole OS wont even be traced to being under the influence of ILLUSION, since The Matrix doesnt show if you havn't got the right clerance level * Tux is a user with access to the REAL ps axu/top/processlist. And can therefor see what PID The Matrix and its ILLUSIONd really has PID-Modes: This number are the PID of the Matrix. * 7 being a code for a possible hacker (matrix has sensed hostile present) * 1337 being a code for a healthy running Illusion system (everything works just fine) * ? will be the PID of the Matrix seen by the restricted users !But for Tux a special guest of honor, the real PID of ILLUSIONd will be seen! The daemon/illusiond can be shutdown with the "operator take me out of the matrix"-technique By: # kldunload ILLUSION --OAO (as in: over and out) <Installed_GUID> Runninglevels: 1 Complicated >> The Matrix being a type of jail with a utility for management, it will be running as a daemon. 2 Sophisticated >> Having Illusion load with kldload and unload with kldunload 3 Spooky >> Booting this version of the kernel will always activate it's security principals (ILLUSION is the kernel). NOT undoable nor shutdownable 4 NULL >> Run it another way, have it your way Here are some special tricks: >> Putting Illusion in the Void-mode This will put ILLUSION in a state of trance, pausing it, for later operation (eat, sleep, rave. repeat). Can only be done with PID, GUID and Smith access. >> Workaround/Hack (using command KILLALL u need password to CMOS to just end the suffering of ILLUSION). # killall <REAL-CMOS-PASSWORD> if CMOS has no password, this WONT work [END NOTE: Concerning CAPS-LOCK, well developers, have it your way]. [MORE TO COME: Everything ILLUSION will protect, see next document]. Thanks for your time and please ponder.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAB4busuDQOoynRiG-1duj6_NgCgCjfS-acSR7ZF0Jah%2BS%2BCbAw>