Convinced a "friend" is monitoring my browsing habits

Maybe tell him to fuck off?

>>322561

I intend to cut contact with this person. That still doesn't solve the issue of them doing this though.

They don't have physical access to my computer btw. They must be doing this remotely.

>>322560
From least to most effective

-Check processes with ProcessExplorer and autostarts.
-Reinstall system
-Install Linux
-Linux live system, guaranteed uninfacted

New laptop is unneeded though, at most a format and new setting up the system is enough.

>>322569
>guaranteed uninfected
Provided your Intel Management Engine isn't backdoored, and there's no rootkits in your BIOS.

>>322569

Hey thanks for the reply

I'm on Windows 10 fwiw. So providing I do a full system restore, that should do the trick?

In regards to backing my files up, as long as I have them thoroughly scanned by malware bytes and avg, they should be ok to put back on afterwards, right?

Just thought I'd add that this person knows my mobile number, email address, IP address and physical address. Not sure how that helps them in this specific circumstance. I'm going to change all my online passwords.

>>322560
>has given me strong reason to believe

>>322561
if this doesn't work, contact the police to report a stalker

Unless he's the NSA or your service provider he would need to have had physical access to your computer a one point. I'd highly recommend doing a full system restore and only save photos and videos that are irreplaceable.

>>322586

If they are non executables it is highly unlikely that they could carry sth. over. It is in theory possible but I'd assume it's just a normal piece of malware, not super advanced jpg-embedded BIOS infecting 100000 dollar trojan used to spy on some unimportant "friend"...

>>322593

About three years ago they gave me a keyboard which I'm still using. They haven't had physical access to this computer in almost two years and it's only in the last two months they've indicated certain information that gives me huge reason to suspect them. Also, they've only worked at this government contractor for the last year.

I've swapped out the keyboard but that seemed far fetched desu. Not sure how easy spyware or key logger would be to put in a keyboard, have no idea about any of this stuff.

>>322598
Whenever you do do a full restore, change all your passwords

>>322598

Doable.
Every USB device can register itself as an other device and then run malicious drivers, that's an oversight in the USB standard.
But i find that a bit far fetched that years ago they gave you a prepared keyboard (doing that is nothing a simple even technically advanced person can do, you need to remake the controller chip for that, in other words you need a manufacturing plant or manufacturer support...) for... no reason whatsoever except couriousity?

File: 4L_6gSx4dM1.jpg (383KB, 1200x900px) Image search: [Google]

383KB, 1200x900px

>>322623
>you would need a manufacturing plant.
Like fuck would you.

All you need is a $5 microcontroller, such as a Arduino. It sits between the keyboard's controller and the PC, and it simply passes through to the keyboard whenever it isn't being evil.

When it is being evil (for instance when you've been away for an hour or so) it doesn't even need to turn into another device, it can just stay a keyboard, open a terminal window, and use telnet.exe to send its payload to the mothership, and close it again.

But if you were feeling fly, you'd drop another $5 on a Bluetooth module and exfiltrate your data wirelessly. The total footprint for this kind of thing would be that of a postage stamp, easily concealed in something as large as a keyboard.

>>322631

That's concerning.

Tangentially related, around the time I suspect they started this snooping, my google chrome "clear browsing history" started taking a *long* time to complete which it has never done before in years if use. It also makes the computer sound like it's having a anxiety attack, the fan motoring at full capacity for over a minute. Can anyone shed any light on why that might be happening (not saying it's to do with the main topic).

Oh, also, the fan is going full tilt when downloading something as cpu intensive as a 2mb jpg. Never used to do that. Loooooads of HD space left. Something's not right with that.

>>322648

Mind opening up the keyboard to look if there is sth that dos not look like it belongs there?
The keyboard is now gone but you could still have a little friend left behind by it. If it was the keyboard. I still would find that hard to believe that all the way back three years this "friend" never really was a friend and was just trying to infect your stuff via manipluated hardware... that would be quite the thing.
Normally it at first is real friendship and then eventually turns the other way, hence the advice to NEVER give passwords etc to even your BESTEST EVER friend. it can turn around faster one might think.
But that that guy could have been planning that for whole THREE years, dammit, that's hardly believable...

[popping popcorn]

Okay, somebody already brought up keyloggers.

How do you access the Internet? Cable modem / router? Factory reset, new admin password (after updating the firmware).

At what level do they imply they know what you're browsing? Site? Exact page?

Anybody on your network (check router) that don't belong?

>>322560
>They do not however work for any NSA type organisation.
Well, if he did, or knows someone who does, he could just get your browsing history straight from your ISP.

System wipe and OS reinstall will take care of any spyware, less it's something really fancy that infected your gateway's firmware or some shit. ...or, you know, he just has your wireless key.

Obviously there's more malicious shit that maybe involved discussed elsewhere in the thread, but it seems increasingly unlikely.

Curious... What, exactly, did he say that makes you think he knows your browser history? I mean, he could just guess. We all know you masterbate to CP, Anon.

>>322700

Checked the network, all seems above board.

>>322701

Lol. Well, two separate things, one relating to employment, the other to medical history/interest. Both strongly and rather specifically referred to right after the time of the search.

Some of this browsing has taken place on my iphone but I was under the impression ios was very secure (outside of govt agencies of course).

>>322705
>Some of this browsing has taken place on my iphone

Why do you just tell this now?
Then why are we here still sitting thinking about hightech-spyware and BIOS infecting keyboard trojans when a completely different device had the same results?
Compromised wireless key now sounds much more reasonable.

>>322705
It's almost impossible to backdoor an iPhone. If you've got a way, there are several agencies that'll pay significant amounts for your method (enough to buy a very nice house), or if you want worldwide acclaim, you can publish it as a jailbreak.

What this means is you need to throw your router in the bin, as if your phone is clean, your router must be compromised.

File: Capture.png (100KB, 432x325px) Image search: [Google]

100KB, 432x325px

>>322705
Have you ever logged into Facebook or something from this "friend"'s PC?

As you know, many sites track where you go afterwards. If I buy something online, every other site I go to shows me ads for similar merchandise.

I don't know if FB, et al are smart enough to discontinue the collecting, even if you change your password.

Pic related. I didn't even book with them, and I didn't reuse the browser tab either.

>>322712
I'm not sure how that's relevant: if you logged on to your Facebook in his browser, then when he used his browser *your* Facebook would be tracking *him*.

>>322713
They're collating your browsing habits on every PC you use, based on whatever identifying data they can get. In this example, a FB ID.

Just to spitball this paranoid fantasy:
-Bad guy "allows" the mark to check FB from his burner laptop.
-Bad guy uses laptop only to see where the mark is going online.
- F5
- [ad for rootkit checker]
- Oh, he's checking out anti-malware programs, is he?

Pretty unlikely, but really low-tech and easily accomplished.

>>322709

Yep, apologize for that, bulk of my browsing is done on pc but some on phone also.

Forgive my ignorance but what do you mean by wireless key? Probably not what you mean but it can't be via my wifi as we live several hundred miles apart.

>>322712

Haven't used their pc before

File: Dear FBI - How To Unlock iPhone 6 in 2016 in 1 min.webm (3MB, 640x480px) Image search: [Google]

3MB, 640x480px

>>322710
You actually believed the FBI when they said they couldn't crack an iPhone, didn't you?

>>322721
If you keep using your Facebook account on a different machine, it logs you out on the first one.

>>322724

Yes the Wifi and your router.
When he really knew so many details that it is clear he knew what was browsed on that IPhone there is only thepassibility of either some online site like FB that is still logged into your account and can be accessed from his computer or that he has access to your Wifi network, meaning sometimes he does and did a nice trip to your location...
Curiousity and strong feelings can make people do strange things.

Or the router itselfis compromised but for that he would have had to have physical access at least once so taht would work remotely.

>>322710
Why would anyone pay for that, when the backdoor is already built into the device?

https://threatpost.com/researcher-identifies-hidden-data-acquisition-services-in-ios/107335/

>>322728
>Or the router itselfis compromised but for that he would have had to have physical access at least once so taht would work remotely.
No... Especially if he hasn't changed the default password and settings on the device. There's plenty of linux based packet sniffers out there that can break WEP and even WEP2 fairly quickly, and then it's just a matter of knowing what model the router is at that point. You can generally guess the IP of the router's config page, since it tends to be one of two or three local ones, and that'll get you the model. The seeds they use for default configuration "randomness" are often very formulaic, and there's lots of shady software out there for generating such keys for a lot of shitty routers. (Particularly the sort of gateways popular ISPs tend to provide.)

If he's gotten into it once, one some of them, it means he can do it again, unless you hold that tiny reset button for awhile and then custom configure it.

File: image.jpg (43KB, 579x344px) Image search: [Google]

43KB, 579x344px

>>322725
Holy crap, I've not seen iOS 7 in a while. Or an iPhone 4S for that matter.

Anyhoo, that brings up the multitasking menu, but even if you could use the menu to bypass the lockscreen (you can't; notice he doesn't try), that doesn't reenter the code in the hardware crypto engine, which means you'd have unlocked the UI but not the SSD, and any attempt to read any user file would fail.

Fair enough, that's an information leak of the screenshots of the apps the last time you used them, but it would have been worthless to the FBI, not least because the bug was fixed years ago.

>>322731

No I meant remotely, meaning he can access the router from his 100s of miles away location. For that a sending device would be needed to be hidden in the router and for that acced to it would have been required.

>>322733
That's an iPhone 6.

Go take your locked iPhone 7 to a data recovery center. They'll charge you ~$100 to crack it. We do it every day here. Though we use a NAND mirror setup, cuz we're paranoid like that.

Fucking Apple fans, I swear...

>>322735
If it's a wireless router (which it would have to be for the phone to use), he just needs to get within ~300 feet. I used to get free wi-fi passwords with a little bootable USB utility stick all the time that way (not exactly darknet stuff - 5 mins on google will find you one), and getting into the router is just one, much smaller, step beyond that. Granted, now free wi-fi is so common I don't bother and the magic has kinda gone out of it.

File: image.jpg (36KB, 590x380px) Image search: [Google]

36KB, 590x380px

>>322738
It's not a fucking iPhone 6. This is an iPhone 6, and it doesn't look anything like the phone in the video.

Why would you even assert that when anyone interested can watch the video and see it's an iPhone 4s?

Why should anyone believe the rest of what you wrote when the first part is so obviously wrong?

>>322739

Yes, again the thing are the 100s miles, OP has ruled out the WIFI possibility because the "friend" lives so far away, so either he would have to take trips to ~100m around OP's router or have manipulated the router to be able to access from his own home 500+ miles away, and for that he would have had to have at least once physical access to it.

>>322745
Cuz you're wrong, that's an iPhone 6. The same one I happen to have in front of me right now.

>>322747
Well, no, he only has to get with ~300ft, once. After that he can set it up for remote access, in most cases.

>>322729
"Sync phone" can sync phone, story at eleven.

All the chicken-little things described in the article can only be done by a computer you've granted syncing (i.e. the ability to access any and all data and software on the phone) to already. It's a debugging interface used by XCode, but obviously tech "journalists" are not smart people, and it will totally look like a backdoor if you try it on your PC (which you've authorised) and it works, and you then don't do your job and assume it will work on any PC (which it won't, because they've not got a key trusted by lockdownd).

If you don't want a computer doing that to your phone, don't press "trust this computer" when you've connected it ahead of time with your phone unlocked.

tl;dr: don't press 'trust this computer' if you don't trust this computer.

>>322750
Are you stupid or something?

Anyone can, right now, google "iphone 6" and "iphone 4s" and see what the two phones look like, and which one it is in the video.

>>322726
Facebook and their partners continue to track you, even when you are logged out. They're not impossible to evade, but if you are unaware...

>>322780
Of course they do. The point is, though, if he doesn't have your password and it's logged itself out, he can't see what's going on anymore, and if he uses that PC, it's not tracking his mark, it's tracking him.