I edited my thread to make the correction Porteus is a slackware remix.
To answer brokenman's question, Porteus System Information listed: bluedevil-1.3.1-i486-1, bluez-4.99-i486-1ftm, bluez-firmware-1.2-i486-1, broadcom-sta-6.30.223.248-i486-1ftm and obex-data-server-0.4.6-i486-1ftm, obexd-0.46-i486-1ftm, openobex-1.5-i486-1
Brokenman, thank you for advising xfce desktop does not enable bluetooth daemon by default. I will build and download porteus xfce and check whether bluetooth becomes activated. This week, I shipped my flashblu flashdrive #1 and Asus 1005HA netbook to a forensics volunteer. I will need to wait to receive them back or purchase an older laptop no later than Intel GMA 900 chipset.
Fathom, thank you for advising bluetooth service is enabled by default in KDE4 desktop and how to disable it. I will disable bluetooth and check whether bluetooth becomes activated.
Brokenman, the infiltration is a stealthy manner and does breach the firmware of hardware. BadBIOS infects BIOS, videocard, etc. BadUSB infects USB firmware.
http://www.reddit.com/r/badBIOS/comment ... s_so_does/
Hackers infected my removable media with badUSB. The code is encrypted and inside multiple hidden partitions on my internal hard drive and removable media including MP3 players and smartphones. Disk hex editor dumped encrypted code. Disk hex dumps of hidden partitions are at:
http://www.reddit.com/r/badBIOS/comment ... agnostics/
http://www.reddit.com/r/badBIOS/comment ... y_western/
http://www.reddit.com/r/badBIOS/comment ... _flashblu/
http://www.reddit.com/r/badBIOS/comment ... image_and/
http://www.reddit.com/r/badBIOS/comment ... ntfs_boot/
http://www.reddit.com/r/badBIOS/comment ... ifi_video/
My removable media infect what ever computer they are connected to. Public Windows computers have infected my removable media only with conficker worm which is easy to see and remove in linux.
Conficker
I used a public computer to download porteus because I had air gapped my netbooks and laptops due to hacking. I could have used an USB network adapter to connect to a wifi hotspot but that would make performing forensics harder as that would blur the distinction between hacking 'air gapped' netbooks on battery power vs online hacking. Unfortunately, computers with an Intel chipset 950 or later cannot be air gapped due to Intel's secret bluetooth mesh.
Hackers tampered with the porteus ISO. The download was not the custom build that I had created. I rebuilt several times. Each download was not the custom built I created. For example, KDE has two file managers (Caja and Dolphin), two partition managers (Gparted and KDE partition manager) and two system monitors (GNOME and KDE).
Caja file manager offers the option of ticking a delete setting. Instead of trash going into a trash folder on removable media, trash is deleted. I ticked the delete setting. However, my trash was still going into a trash folder.
Hackers tampered with KDE partition manager and Gparted to circumvent partitioning my new Patriot micro SD card to ext2. They have done this in other linux distros.
Previously, hackers attached a fork or alternate data stream to my personal files on FAT32 removable media. The alternate data streams and forks are hiding in the slack space of my personal files. Their cluster size is much larger than FAT32 default cluster size. File hex editors dumped substantial slack space after every file, null terminated string, etc.
http://www.reddit.com/r/badBIOS/comment ... _by_fat32/
http://www.reddit.com/r/badBIOS/comment ... er_end_of/
http://www.reddit.com/r/badBIOS/comment ... text_text/
http://www.reddit.com/r/badBIOS/comment ... ices_have/
http://www.reddit.com/r/badBIOS/comment ... ack_space/
http://www.reddit.com/r/badBIOS/comment ... _performs/
http://www.reddit.com/r/badBIOS/comment ... converted/
Disk hex editor detected my FAT32 removable media have a hidden HFS partition and a hidden NTFS partition. HFS partitions enable forks. NTFS enable alternate data streams.
Western Digital Lifeguard Diagnostics was the only tool that wiped all the hidden partitions including the GPT protective partition:
http://www.reddit.com/r/badBIOS/comment ... y_western/
http://www.reddit.com/r/badBIOS/comment ... ard_drive/
http://www.reddit.com/r/badBIOS/comment ... agnostics/
http://www.reddit.com/r/badBIOS/comment ... ry_little/
http://www.reddit.com/r/badBIOS/comment ... d_mbr_and/
However, I cannot format the wiped removable media nor brand new removable media to only ext2. I need to move my personal files to an ext2 formatted removable media to break up the forks and alternate data streams. Hackers tampered with KDE Partition Manager and GParted in Porteus and MIniTools Partition Wizard in Windows XP causing them to freeze while they recreate hidden partitions.
http://www.reddit.com/r/badBIOS/comment ... as_secret/
After I deleted porteus ISO on my SanDisk SD card, Hackers converted porteus ISO to a portable app .exe inside the trash folder and then made it a hidden file inside the trash folder. See the analysis by VirusTotal.com.
http://www.reddit.com/r/badBIOS/comment ... _exe_that/