MobileRead Forums - View Single Post

macallik · 11-06-2024, 05:15 PM

I can DM you the output file if you' like to investigate further. LLM's analyses are not infallible, so it might be misinterpreting something. I don't recall seeing any attempts to phone the potential DGA domains but I was admittedly more focused on following instructions instead of scanning the logs.

The only other quirk that comes to mind was that I sent my device in for a screen fix last month. It's possible that is when the malware exposure happened if it's new, but that's just conjecture. I ran hypatia and it didn't find any malware. Is the assumption therefore that the malware runs from a system level instead of a scannable level, or is it too soon to tell?

For the time-being, the LLM walked me through blocking outgoing traffic for Boox, and I will eventually use it to figure out how to create a VLAN and isolate the device further, while still allowing it to sync w/ syncthing.

11-06-2024, 05:15 PM	#25
macallik Member Posts: 20 Karma: 10 Join Date: May 2020 Device: Samsung s5e	I can DM you the output file if you' like to investigate further. LLM's analyses are not infallible, so it might be misinterpreting something. I don't recall seeing any attempts to phone the potential DGA domains but I was admittedly more focused on following instructions instead of scanning the logs. The only other quirk that comes to mind was that I sent my device in for a screen fix last month. It's possible that is when the malware exposure happened if it's new, but that's just conjecture. I ran hypatia and it didn't find any malware. Is the assumption therefore that the malware runs from a system level instead of a scannable level, or is it too soon to tell? For the time-being, the LLM walked me through blocking outgoing traffic for Boox, and I will eventually use it to figure out how to create a VLAN and isolate the device further, while still allowing it to sync w/ syncthing. Last edited by macallik; 11-06-2024 at 05:23 PM.