OT: anti-malware progs ineffective

[Rich Grise]

On Sun, 30 Jan 2005 20:20:02 -0800, Robert Monsen wrote:

If you are going to bother to learn a system to hack it, why not go for
one that is on 100 or 1000 times more desktops, and has a reputation for
terrible security as well?

Because it's stupid to try to attack a system that's actually designed to
resist attack? Like with permissions?

And with Doze helping them out, the scriptkiddies don't actually have to
learn anything. One would have to be a competent programmer to even
_begin_ to try to find a vulnerability in a modern Linux system.

Cheers!
Rich

 

[Keith Williams]

In article <ctm54v$pm0$3@blue.rahul.net>, kensmith@green.rahul.net
says...

In article <pan.2005.01.31.20.08.10.112852@neodruid.net>,
Pig Bladder <pigbladder@neodruid.net> wrote:
[...]
Boy, you people sure do seem to want to jump through a bunch of hoops, to
achieve the privelege of continuing to kiss Uncle Bill's ass.

You've got it wrong. Its the challenge of trying to make Windows nearly
good as Linux that is attacting us. It is a little like trying to figure
out the steps required to convert a steam tractor to make it useful for
space travel.

....more like a moth trying to get warm by the fire.

--
Keith

 

[Ken Smith]

In article <pan.2005.01.31.20.08.10.112852@neodruid.net>,
Pig Bladder <pigbladder@neodruid.net> wrote:
[...]

Boy, you people sure do seem to want to jump through a bunch of hoops, to
achieve the privelege of continuing to kiss Uncle Bill's ass.

You've got it wrong. Its the challenge of trying to make Windows nearly
good as Linux that is attacting us. It is a little like trying to figure
out the steps required to convert a steam tractor to make it useful for
space travel.


--
--
kensmith@rahul.net forging knowledge

 

[Fred Abse]

On Sun, 30 Jan 2005 11:57:03 -0800, Robert Monsen wrote:

Even linux, with it's macrokernel and loaded dlls that run in the kernel,

Not sure what you mean there, Robert. Are you referring to loadable kernel
modules? That's all I can imagine you mean, since the kernel does not use
shared libraries.

It would be quite a feat to insinuate malicious kernel modules, run
depmod, then get modprobe to load them.


--
Then there's duct tape ...
(Garrison Keillor)

 

[YD]

On Sun, 30 Jan 2005 16:28:01 +0000 (UTC), kensmith@green.rahul.net
(Ken Smith) wrote:

Once the system is brough back to a base install of Win-ME, I'd like to be
able to update it before hooking onto the net. Microsoft has now made
that imposible for me to do. I can't download the updates onto my Linux
box.

--

Burn the latest version of Zone Alarm on CD and install it before even
plugging in the net cable. You can also proxy through a properly
protected box. Forget about MS Internet sharing, use FreeProxy or some
such, much better control over who does what. Use nonroutable IPs for
the internal network.

- YD.

--
Remove HAT if replying by mail.

 

[YD]

On 28 Jan 2005 11:09:25 -0800, fred_stevens@hotmail.com wrote:

I personally believe that the Windows operating system was deliberately
designed to allow
spyware to work. I cannot imagine that even Microsoft (no matter how
technically incompetent everyone says they are) is not capable of
developing an OS that is closed to this kind of activity, considering
that a huge amount of good OS sourcecode has been available for study
for two decades already. I don't think I'm being paranoid and I'm not a
conspiracy theorist, but I always seem to come back to the same
conclusion as I continue to think about it!

Fred.

Not trying to defend M$ or anything, but if you look at the history of
Windows it was never designed with networking in mind. When Novell and
Eagle started wiring businesses M$ saw an opportunity and hopped on to
it with a vengeance, coming out with Microsoft Network. This was for
small local networks, a rather benign environment where security
wasn't supposed to be an issue.

BG pooh-poohed the whole concept of the Internet until WWW came along,
when he saw the light simply tacked a crappy TCP/IP stack onto it.

Since then Windows security and WAN handling has been a hotch-potch
mess impossible to fix without breaking backwards compatibility and
compromising future developments. In short, they (and we) are stuck
with an overgrown mess that really should be torn down and rebuilt
from the ground up.

- YD.
--
Remove HAT if replying by mail.

 

[Jim Thompson]

On Fri, 28 Jan 2005 17:39:49 +0100, "SioL" <Sio_spam_L@same.net>
wrote:

"Anthony Fremont" <spam@anywhere.com> wrote in message news:vwtKd.76917$_56.25133@fe2.texas.rr.com...

I remove allot of this junk all the time for people and the problem is
only getting worse day by day. These things engrain themselves so
deeply into windos that it's virtually impossible to get them out. I
also see allot of WTools and WebRebates on machines, this is a real bad
thing. They generally run as 2 parallel processes so terminating them
is next to impossible as the sibling will simply respawn the one you
kill. Since windos tells the process that you are trying to end task on
it to give it a chance to terminate normally, most spyware naturally
takes advantage of this as well.

Maybe publicly identifying people who write this crap (with a picture, name
and address) would take care of this problem. I'm sure many pissed off users
would love to "personally congratulate" the authors.

And than perhaps an amnesty for any "crime" involved in congratulating.

Burn 'em on the stake!

S

ISTR a case where a spammer's place of business was torched.

...Jim Thompson
--
| James E.Thompson, P.E. | mens |
| Analog Innovations, Inc. | et |
| Analog/Mixed-Signal ASIC's and Discrete Systems | manus |
| Phoenix, Arizona Voice480)460-2350 | |
| E-mail Address at Website Fax480)460-2142 | Brass Rat |
| http://www.analog-innovations.com | 1962 |

I love to cook with wine. Sometimes I even put it in the food.

 

In <cplmv0peaq86dicbg41qifdaboimtmbp17@4ax.com>, on 01/29/05
at 09:45 AM, Terry Pinnell <terrypinDELETE@THESEdial.pipex.com> said:

Am I misusing PrefBar or expecting too much for it to handle
http://www.accuradio.com/# like MSIE6 did? I chose 'IE 6.0 WinXP' from
that UA drop-down, went to the page, but cannot get a station to play.

Some web sites interrogate your browser to learn what version and brand,
while most just check the browser ID. Prefbar fakes the browser ID, so it
is not always possible to 'fool' the web page.

Most wet-behind-the-ears web designers just look at the ID and make
choices based on that, so you can fool most, but not all, web sites.

There is still software that must be available for some features to work,
and Mozilla-based browsers don't alway support everything.

John

 

[john jardine]

"Jim Thompson" <thegreatone@example.com> wrote in message
news:07hqv05bg7k37v64i3dme4n4gc1gbkcrq6@4ax.com...

On Sun, 30 Jan 2005 17:32:43 -0000, "john jardine"
john@jjdesigns.fsnet.co.uk> wrote:


Rubicon> wrote in message news:41fdb5a4.2546132@news.netaccess.co.nz...

John,

I've only just gotten rid of it myself.

Spybot was useless but didn't crash on my machine. Ad-Aware SE
Personal combined with the trial version of Spy Sweeper along with the
new AVG Free and all with the latest definitions finally managed to do
it.

The Spyware/Adware/Malware/Spam E-Mail just seems to be getting worse.
I'm becomming more and more reluctant to go online because of the
immense frustration at trying to get rid of them afterwards.

Good luck.

Andrew.


Pleased to know it's actually possible to get rid of the f***ing thing.
I've just downloaded those 3 software items and will give 'em a try. What
I'm ill at ease with, is paying for anti-virus software. The cynical part
of
me is suspecting I'd then be actively propping up the whole nightmare.

Past day or so I've been using Firefox as the browser which has been no
problem. But the major scumware component is still present somewhere in
windows and I'm seeing the Internet-Explorer browser opening up over the
top
of Firefox (or this outlook express) every 6 minutes or so and
advertising
crap. Even has the cheek to rattle my a: floppy disc drive and then put
up
an antivrus advert.

Even have my own f***ing bank advertising with coolWWW, so am having to
pursue with vigour and extreme predjudice, the bank's marketing people.
Each
hour megabytes of scumware programmes are self installing all over the
hard
disc, along with scum porn and ringtone icons littered everywhere.
They'll
continously alter the 'host.TXT' file, the start up prog list, the active
running progs,the home page, the IE addons and numerous registry entries.
In addition to this, the scumware also enjoys auto-altering certain
"permissions" on IE (an oxymoron if ever I saw one) so I can't close it
down
or get at the 'options tab etc. Have now to run another prog called
'permissions' to reset a number of IE check boxes before I can even start
removing the rubbish that's come in.
Even tried to remove IE itself http://www.litepc.com/ieradicator.html
but
this prog is worthless.
I tried reinstalling windows, but no joy as it assumes existing files are
OK. There's only a couple of self supporting virus/trojan files at work
but
windows is littered across 1000's of files so manually finding 'em is
damned
near impossible. Can't even just delete all the windows files as any
normal
software install will bung masses of unknown .exes, .dlls, junk, etc, in
among the windows stuff. Jesus H Christ, windows is a f***ing mess.
'Spybot', 'miniremoval', 'CWshredder', 'Hijackthis', 'Win patrolExplorer'
(and about 4 others!), have proved useless and I just hope that your
suggestions will work for me.
If not, then I'm looking to manually dismantle as much of Internet
Explorer
as I can without unduly crippling windows (or Firefox).

10/10 for whoever wrote this POS. I just wish the major software
companies
would make their products as reliable.

regards
john


Knocking on wood... I'm very impressed with Mozilla Firefox. NO
adware since I switched from IE. And I don't need StopZilla or Cookie
Pal anymore.

...Jim Thompson
--
| James E.Thompson, P.E. | mens |
| Analog Innovations, Inc. | et |
| Analog/Mixed-Signal ASIC's and Discrete Systems | manus |
| Phoenix, Arizona Voice480)460-2350 | |
| E-mail Address at Website Fax480)460-2142 | Brass Rat |
| http://www.analog-innovations.com | 1962 |

I love to cook with wine. Sometimes I even put it in the food.

Same here Jim. I'm very pleased.
Although I emptied the IE cache store every week, there were usually about
50-100 'tracking cookies' to be found in it.

Also, looks like 'Ad-Aware SE Personal' has managed to kill 'CoolWWW' !!!.
It wasn't just-a-couple of files like I thought, but 39 separate CoolWWW
*.DLLs files, 58 registry changes, plus 44 other *.exe and *.DLL scumwares
belonging to 5 other sales outfits. Big problem was a counterfeit MStask.exe
running as if normal. It took 3 locks ups and 2 crashes before Ad-Aware
winkled them all out. All this grief is the result of my visiting a porn
site two weeks ago. Let one in and they hold the door open for the rest.

I'll give it a couple of days and hope I can thank Andrew for the recommend.
regards
john

 

[Fred Abse]

On Mon, 31 Jan 2005 20:41:03 +0000, Ken Smith wrote:

In article <pan.2005.01.31.20.08.10.112852@neodruid.net>, Pig Bladder
pigbladder@neodruid.net> wrote: [...]
[quoted text muted]

You've got it wrong. Its the challenge of trying to make Windows nearly
good as Linux that is attacting us. It is a little like trying to figure
out the steps required to convert a steam tractor to make it useful for
space travel.


ROFL!

--
Then there's duct tape ...
(Garrison Keillor)

 

[Pat Ford]

"Fred Abse" <excretatauris@cerebrumconfus.it> wrote in message
newsan.2005.02.01.18.49.19.411938@cerebrumconfus.it...

On Mon, 31 Jan 2005 18:33:44 -0800, Robert Monsen wrote:

Fred Abse wrote:
This leads to allowing users root
access, leanding to security holes. A microkernel is far less likely to
allow this sort of exploit.

I agree about microkernels. Sadly, as you said yourself, nobody has yet
made a usable system out of one.

..........

--
Then there's duct tape ...
(Garrison Keillor)

I was with you right upto where I snipped. QNX 4.25 was a great microkernel,
and was very usable. I "think" QNX 6 is a micro kernel, is was in it's early
stages.
Pat

 

[JeffM]

I tried a version of RedHat...
I didn't use WiNE or any other translator.
Mark Jones

Some folks think wine is an emulator--it's not.
WINE is a recursive acronym
which stands for Wine Is Not an Emulator.

wine is a reverse-engineered set
of Windows Application Programming Interfaces
that will run under Linux.
It is meant to be a REPLACEMENT for the Windoze APIs.

 

[john jardine]

<Rubicon> wrote in message news:41fdb5a4.2546132@news.netaccess.co.nz...

John,

I've only just gotten rid of it myself.

Spybot was useless but didn't crash on my machine. Ad-Aware SE
Personal combined with the trial version of Spy Sweeper along with the
new AVG Free and all with the latest definitions finally managed to do
it.

The Spyware/Adware/Malware/Spam E-Mail just seems to be getting worse.
I'm becomming more and more reluctant to go online because of the
immense frustration at trying to get rid of them afterwards.

Good luck.

Andrew.

Pleased to know it's actually possible to get rid of the f***ing thing.
I've just downloaded those 3 software items and will give 'em a try. What
I'm ill at ease with, is paying for anti-virus software. The cynical part of
me is suspecting I'd then be actively propping up the whole nightmare.

Past day or so I've been using Firefox as the browser which has been no
problem. But the major scumware component is still present somewhere in
windows and I'm seeing the Internet-Explorer browser opening up over the top
of Firefox (or this outlook express) every 6 minutes or so and advertising
crap. Even has the cheek to rattle my a: floppy disc drive and then put up
an antivrus advert.

Even have my own f***ing bank advertising with coolWWW, so am having to
pursue with vigour and extreme predjudice, the bank's marketing people. Each
hour megabytes of scumware programmes are self installing all over the hard
disc, along with scum porn and ringtone icons littered everywhere. They'll
continously alter the 'host.TXT' file, the start up prog list, the active
running progs,the home page, the IE addons and numerous registry entries.
In addition to this, the scumware also enjoys auto-altering certain
"permissions" on IE (an oxymoron if ever I saw one) so I can't close it down
or get at the 'options tab etc. Have now to run another prog called
'permissions' to reset a number of IE check boxes before I can even start
removing the rubbish that's come in.
Even tried to remove IE itself http://www.litepc.com/ieradicator.html but
this prog is worthless.
I tried reinstalling windows, but no joy as it assumes existing files are
OK. There's only a couple of self supporting virus/trojan files at work but
windows is littered across 1000's of files so manually finding 'em is damned
near impossible. Can't even just delete all the windows files as any normal
software install will bung masses of unknown .exes, .dlls, junk, etc, in
among the windows stuff. Jesus H Christ, windows is a f***ing mess.
'Spybot', 'miniremoval', 'CWshredder', 'Hijackthis', 'Win patrolExplorer'
(and about 4 others!), have proved useless and I just hope that your
suggestions will work for me.
If not, then I'm looking to manually dismantle as much of Internet Explorer
as I can without unduly crippling windows (or Firefox).

10/10 for whoever wrote this POS. I just wish the major software companies
would make their products as reliable.

regards
john