1) Software defined radio. You basically hook up a IMSI backed by a internet connection.
2) That is a good example. Much harder to execute. I would argue in that case that everything is totally compromised. But if the hardware vendors provided a low level interface where one could read and write firmware etc. directly. One could do simple binary comparison analysis.
The point still stands. Figuring out what malware is doing is hard. Detecting that there is something in your system that wasn't there before shouldn't be hard. If the hardware vendors wanted to provide low level mechanisms to make the process easier. Its totally in the realm of the possible.
E.g. the main responder to this thread makes it seem like a impossible task even for dedicated security defense groups. But with just two mechanisms 1) network analysis 2) low level ability to read and write firmware/persistent storage. Its totally possible and straightforward.
2) That is a good example. Much harder to execute. I would argue in that case that everything is totally compromised. But if the hardware vendors provided a low level interface where one could read and write firmware etc. directly. One could do simple binary comparison analysis.
The point still stands. Figuring out what malware is doing is hard. Detecting that there is something in your system that wasn't there before shouldn't be hard. If the hardware vendors wanted to provide low level mechanisms to make the process easier. Its totally in the realm of the possible.
E.g. the main responder to this thread makes it seem like a impossible task even for dedicated security defense groups. But with just two mechanisms 1) network analysis 2) low level ability to read and write firmware/persistent storage. Its totally possible and straightforward.