GREEN CINE Already a member? login
 Your cart
Help
Advanced Search
- Genres
+ Action
+ Adult
+ Adventure
+ Animation
+ Anime
+ Classics
+ Comedies
+ Comic Books
+ Crime
  Criterion Collection
+ Cult
+ Documentary
+ Drama
+ Erotica
+ Espionage
  Experimental/Avant-Garde
+ Fantasy
+ Film Noir
+ Foreign
+ Gay & Lesbian
  HD (High Def)
+ Horror
+ Independent
+ Kids
+ Martial Arts
+ Music
+ Musicals
  Pre-Code
+ Quest
+ Science Fiction
  Serials
+ Silent
+ Sports
+ Suspense/Thriller
  Sword & Sandal
+ Television
+ War
+ Westerns


Public Discussions

topics
GreenCine Movie Talk
Independent
Talk about the world of independent film.
42

Star Wreck - In the Pirkinning
Topic by: Cugat
Posted: October 2, 2005 - 4:02 AM PDT
Last Reply: October 7, 2005 - 1:38 PM PDT

page  1  2  3  4  5  6      prev | next
author topic: Star Wreck - In the Pirkinning
Cugat
post #101  on October 6, 2005 - 1:20 PM PDT  
On October 6, 2005 - 12:22 PM PDT woozy wrote:
> So my entire computer got seriously hosed last night.
>
> It may have been a bad torrent (although it doesn't seem to me that would be technically possible) or it may have been a a torrent site with a malicious backdoor code.

Some sort of malicious .asx played through Windows Media Player?

Or just the usual "someone drove a truck full of explosives through my Internet Explorer"? (often the result of the .asx bit I imagine)

> Not happy. I'm in my admin safe mode trying to find out whats wrong but looks nasty. (Normal mode I get a message that the window 32 bit system file is not suitable to run windows and nothing works. Hopefully it might just be my personal settings.)

I would religiously keep ports 136-139 and 445 blocked when the system is in the internet's reach.

Ooof, they're discontinuing Kerio Personal Firewall. I hope Microsoft doesn't break it any time soon.

> Man, I hate it when stuff like this happens.

For really bad case scenarios, that Knoppix I keep bringing up is decent for file recovery on non-bootable systems.

(also theres a ritual I developed to snapshot C: which let me revert the system if it ever blew up or just looked at me funny, I got it down to a point where a smart grandmother could manage it)
pooja
post #102  on October 6, 2005 - 2:58 PM PDT  
> On October 6, 2005 - 12:22 PM PDT woozy wrote:
> ---------------------------------
> So my entire computer got seriously hosed last night.

No TV, no computer... I guess you're going to have to gather your family around the radio at night, and take them to the matinee on Saturday...
woozy
post #103  on October 6, 2005 - 8:41 PM PDT  
> Some sort of malicious .asx played through Windows Media Player?
>
don't think so

> Or just the usual "someone drove a truck full of explosives through my Internet Explorer"? (often the result of the .asx bit I imagine)
>
Yeah. Well, basically every single backdoor start this adhooker at startup and grow and use more resourses. Pretty much deleted everything modified after 11 pm last night and whacked the registry (seemed to have created half a dozen hidden userss with startup items. I'm a bit pissed that 1) Nortan anti virus cant find the virus even though its a very common type and 2) these registry changes run even when running in safe or command mood.

I'm about 95% back to normal. Still getting a random popup or two. MS messager keeps starting up and running in background (which as I've never used before is part of the virus) although I thought I had wiped it out of nearly all mention in the registry.


> I would religiously keep ports 136-139 and 445 blocked when the system is in the internet's reach.
>
I think all my ports below 1000 are blocked. Anyhow I'm back behind my firewall now.
woozy
post #104  on October 6, 2005 - 8:42 PM PDT  
> On October 6, 2005 - 2:58 PM PDT pooja wrote:
> ---------------------------------
> > On October 6, 2005 - 12:22 PM PDT woozy wrote:
> > ---------------------------------
> > So my entire computer got seriously hosed last night.
>
> No TV, no computer... I guess you're going to have to gather your family around the radio at night, and take them to the matinee on Saturday...
> ---------------------------------

My tv got fixed today but breaking my computer is heartbreaking. *sob*

pooja
post #105  on October 6, 2005 - 9:35 PM PDT  
> On October 6, 2005 - 8:42 PM PDT woozy wrote:
> ---------------------------------
> My tv got fixed today but breaking my computer is heartbreaking. *sob*

Oh, there there.... at least now you can watch reruns of the Simpsons, not to mention DVDs from GreenCine! I hope the file that gave your computer the clap roasts forever in the deepest level of hell.

This is about as bad as Mac virus news gets...
Cugat
post #106  on October 6, 2005 - 10:05 PM PDT  
On October 6, 2005 - 8:41 PM PDT woozy wrote:
> > Or just the usual "someone drove a truck full of explosives through my Internet Explorer"? (often the result of the .asx bit I imagine)
>
> Yeah. Well, basically every single backdoor start this adhooker at startup and grow and use more resourses. Pretty much deleted everything modified after 11 pm last night and whacked the registry (seemed to have created half a dozen hidden userss with startup items. I'm a bit pissed that 1) Nortan anti virus cant find the virus even though its a very common type and 2) these registry changes run even when running in safe or command mood.

Ow.

Reminds me of the quote...
"In case you didn't notice, the enemy just pulled our shorts up over our head and tied them into a knot."

The people running Microsoft should be shot for maintaining the world's most common home user OS in such a vulnerable and hard to maintain state. How many billions are they sitting on? If it'd take more than 10 million to clean the core OS up I'd be surprised. (instead they gimpify the network stack to throttle the worms spreading a little)

> I'm about 95% back to normal. Still getting a random popup or two. MS messager keeps starting up and running in background (which as I've never used before is part of the virus) although I thought I had wiped it out of nearly all mention in the registry.

Shame its so hard to just axe the executable.
Cugat
post #107  on October 6, 2005 - 10:19 PM PDT  
On October 6, 2005 - 9:35 PM PDT pooja wrote:
> On October 6, 2005 - 8:42 PM PDT woozy wrote:
> > My tv got fixed today but breaking my computer is heartbreaking. *sob*
>
> Oh, there there.... at least now you can watch reruns of the Simpsons, not to mention DVDs from GreenCine! I hope the file that gave your computer the clap roasts forever in the deepest level of hell.

Problem is that just putting a Winbox online and leaving it alone can do this much. It leaves insecure services that cannot be disabled accessable from the net, which is why firewalls are a necessity on Windows.

This probably wasn't a case of him downloading a program and running it to to cause the badness. (which is what you do with a trojan)

> This is about as bad as Mac virus news gets...

Yeah, Apple doesn't want to become the laughing stock Microsoft is in the security scene. Especially since thats a valid reason for consumers to do the switch thing in their favor.

So they have filetype spoofing as an issue now. Pretty old stuff in Windows circles (send funnyvirus.jpg.exe to a windows user, and often it'll show up as just .jpg, an innocous image file obviously, this is one of their smaller mistakes).
pooja
post #108  on October 7, 2005 - 6:08 AM PDT  
> On October 6, 2005 - 10:19 PM PDT Cugat wrote:
> ---------------------------------
> Yeah, Apple doesn't want to become the laughing stock Microsoft is in the security scene.

Well, they're laughing too, all the way to the bank. MS aren't the types to spend any time or money to improve something unless they really really have to. Releasing a new version of Windoze isn't to improve the OS. It's just a way to collect their "tariff" from millions of PC users...
woozy
post #109  on October 7, 2005 - 8:22 AM PDT  

>
> So they have filetype spoofing as an issue now. Pretty old stuff in Windows circles (send funnyvirus.jpg.exe to a windows user, and often it'll show up as just .jpg, an innocous image file obviously, this is one of their smaller mistakes).
> ---------------------------------

Wait a second here. If you don't hide extensions (and I wish windows didn't have that as a default) only files with extensions .exe or .bat run by opening. if something does have a legitimate .jpg extension you can't actually run anything by viewing it in an image viewer, right? I'm not saying it's easy to always be on guard but wouldn't filetype spoofing be easier on a mac as they don't have visible extension associations?

Course one of the problems is Windows (and IE explorer) doesn't go out of their way to stop or warn about batch script viruses (which technically aren't virusus). For example after years of everyone righteously saying you can't get a virus through e-mail (still true, strictly speaking-- you can't get a virus through reading and recieving email) Windows email clients blithely allowed automatic opening of attachements (for a while this was even the default!!) Whatever happened was some stupid popup ad I might have accidently clicked.

Regedit is irritating. If they want to make the registry so hard to find (because it really shouldn't be lightly trifled with) then the shouldn't make it so easy for programs to overwrite it. And if that's a likely problem, they ought to keep dated backups to restore back. Meanwhile there's no way to look at more than one entry simultaneously nor to search for registry keys with certain values. (Files like 180service, and KickSurf 3, where added reg entries all over the place and it'd have been nice to be able to find all keys that refered to them.) Nor is there any recording of when values were changed. (As 80% of the damage was done between 11:03 and 11:20 Oct 5 and the remaining done between 11:20 and 2:30 that would have been *very* useful.) As the registry refers to memory addresses which is just a large number, it was hard to tell which were bad values and which were good.

But don't rest too comfortably in the idea that there are no viruses for macs. That's only because noone has written one. Nor has anyone written a virus protection program for macs. On the other hand windows security to let every thing in is a joke. CHance are pretty good I had another virus for a few years that gave those phony Windows system error windows, but that it only kicks in when I'm not behind a firewall. I got them pretty badly once when I hooked my laptop to my cousins DSL although my cousin never had the problem and I never had it off line or at home. It confused me at the time.

Sheesh, I *really* don't wan't to have to reinstall everything just because theres some 500kb program with an innocous name hiding somewher that says upload a bunch of crap.
pooja
post #110  on October 7, 2005 - 11:09 AM PDT  
> On October 7, 2005 - 8:22 AM PDT woozy wrote:
> ---------------------------------
> But don't rest too comfortably in the idea that there are no viruses for macs. That's only because noone has written one. Nor has anyone written a virus protection program for macs.

Well, when 90% of the world's personal computers are Macs, then I'll start to worry. There ARE Virus/Security software packages for the Mac, but we've never had to install one. My housemate says that we get notifications for OS X security updates all the time, though. She actually reads what the security updates are for and installs them, and helps me with mine, but I've never actually bothered to find out the details myself.

From an epidemiological point of view, it doesn't really make sense to bother to write a Mac virus because it will spread very slowly, if at all.

Sometimes I wonder about the security problems with PCs. It sounds like some unholy alliance, right? I mean, defense contractors need wars to remain profitable. PC consultants and installers rely on viruses and malfunctions for their income. I know a PC user who spent $1500 or so for her computer... since then she's paid double that to have someone come in and troubleshoot her computer, install new software, stamp out viruses, etc. Another guy I know bought a new computer rather than fix an older one that crashed (we managed to get him to switch to a Mac... he calls us for free tech support sometimes, heh heh...) because of a virus or something. You guys obviously wouldn't do that, but the majority of non-technical users would!

I'm just saying that you can't deny there's some profit motive in making sure that there are PC bugs and viruses around. How much of that you believe depends on your paranoia level...
woozy
post #111  on October 7, 2005 - 1:02 PM PDT  

> Well, when 90% of the world's personal computers are Macs, then I'll start to worry.

That just sounds too much Dance of the Red Death to me; the peasants get the plague because they live in squalor while we nobles will be fine here on the hill behind walls.

Actually what I consider *true* viruses, viruses the hide in software code and rewrite software code and maybe infect boot sectors are pretty rare, even on pcs and very easy to avoid. I never had one.

These "backdoor" viruses that work by some script that changes your home page and settings and environmental variables theoretically could be platform independant. Now if Macs have better security that browser settings (an much more importantly, registry files) or alert you to suspicious port traffic ("gee, someone is logging in on port 345, should I tell anyone? No guess not"), I don't know.

Actually, the first of these "script" viruses that I saw *was* on a Mac. Word 6.0 for Mac (and I *think* Word 7.0 for Mac or Windows) allowed one to save documents as documents or ... what'd they call'em, not templates but something like that... Little formatted mini-environments that let you control how windows worked ... I think maybe they were called modules. So you could write a module specifically for business letters where the defaut formatting would be one thing and you'd always be prompted for a business address. Anyhow these modules could be anything you want and you could easily make a module be indistinguishable from a single document (or you could save a document as a module and the mocule would just be that document). Modules could run WordBasic code and word basic code could program the actions your word functions do. So for example you could rewrite word.open() to include ringing a bell so that every time you opened a document in that module a bell would ring. So a coworker sent me a word module and I realized it was a module but I thought he was being sloppy so I opened it with word and didn't really see the point. But its word basic code rewrote how I saved documents so that saving them always saved them as a module that contained the code. I *didn't* notice that for the next week all my docs were being save as modules and noone else did. The coworker asked what I thought of the file and I said I didn't understand it, and he said, "don't you see. If the module can redifine how you save, it could redifine it to delete on your files or anything at all. It's a potential virus." "Uh," I said, "if it's a potential virus, why did you send it to me?" "Why, to discuss it with you of course? Didn't you get that it was a dangerous file to send via e-mail?" "Uh, I do *now*"

Cugat
post #112  on October 7, 2005 - 1:38 PM PDT  
On October 7, 2005 - 8:22 AM PDT woozy wrote:
> > So they have filetype spoofing as an issue now. Pretty old stuff in Windows circles (send funnyvirus.jpg.exe to a windows user, and often it'll show up as just .jpg, an innocous image file obviously, this is one of their smaller mistakes).
>
> Wait a second here. If you don't hide extensions (and I wish windows didn't have that as a default) only files with extensions .exe or .bat run by opening. if something does have a legitimate .jpg extension you can't actually run anything by viewing it in an image viewer, right?

I think I've seen a viewer or two that could stoop that way. I didn't think to test, I had a post-install ritual of combing over all the settings in the OS, thats one that definitely got turned off each time.

> I'm not saying it's easy to always be on guard but wouldn't filetype spoofing be easier on a mac as they don't have visible extension associations?

The metadata versus extension thing isn't my bag. All I know is that I like when filetype is determined by actually reading the first bit of the file.

> Course one of the problems is Windows (and IE explorer) doesn't go out of their way to stop or warn about batch script viruses (which technically aren't virusus).

(however they are a big enough issue that an option to be paranoid would be a good one, and not necessarily paranoid)

> For example after years of everyone righteously saying you can't get a virus through e-mail (still true, strictly speaking-- you can't get a virus through reading and recieving email) Windows email clients blithely allowed automatic opening of attachements (for a while this was even the default!!) Whatever happened was some stupid popup ad I might have accidently clicked.

Yeah, that really ticked me off. I was one of those people who saw, yes, its all text, no client would be dumb enough to autorun attachments, etc. And then Microsoft comes along and SELLS stuff that breaks all those assumptions, and a few more.

> Regedit is irritating. If they want to make the registry so hard to find (because it really shouldn't be lightly trifled with) then the shouldn't make it so easy for programs to overwrite it. And if that's a likely problem, they ought to keep dated backups to restore back. Meanwhile there's no way to look at more than one entry simultaneously nor to search for registry keys with certain values. (Files like 180service, and KickSurf 3, where added reg entries all over the place and it'd have been nice to be able to find all keys that refered to them.) Nor is there any recording of when values were changed. (As 80% of the damage was done between 11:03 and 11:20 Oct 5 and the remaining done between 11:20 and 2:30 that would have been *very* useful.) As the registry refers to memory addresses which is just a large number, it was hard to tell which were bad values and which were good.

I can see that...

0x57FFE429, that looks good.
0x3A0094DB, oops, can't have that one!

> But don't rest too comfortably in the idea that there are no viruses for macs. That's only because noone has written one. Nor has anyone written a virus protection program for macs.

Actually they have Norton too, it drags the system down and doesn't catch anything either. :-)

> On the other hand windows security to let every thing in is a joke. CHance are pretty good I had another virus for a few years that gave those phony Windows system error windows, but that it only kicks in when I'm not behind a firewall. I got them pretty badly once when I hooked my laptop to my cousins DSL although my cousin never had the problem and I never had it off line or at home. It confused me at the time.

I know there are the Windows Messenger popups that is just a service on the system that pops up text messages when anyone asks it to. About that...

> Sheesh, I *really* don't wan't to have to reinstall everything just because theres some 500kb program with an innocous name hiding somewher that says upload a bunch of crap.

I gave up finessing with Windows a long time ago. In my lifetime with it I ended up reinstalling it about once every four months. I developed a means to ghost the system so I could restore it over a half hour's time to a nicely configured state and with vorious core apps installed.

XP is a bigger pain to install though, more reason to ghost I guess. I couldn't tolerate living with a "slightly compromised" system. Next time I had to reinstall due to hardware changes I dropped Windows cold-turkey. Took me three months to have an installed OS of choice, Knoppix let me get away with that though.



On October 7, 2005 - 11:09 AM PDT pooja wrote:
> From an epidemiological point of view, it doesn't really make sense to bother to write a Mac virus because it will spread very slowly, if at all.

Mac is a significant marketshare. And whenever someone sneezes at its security there are news stories.

Blackhats looking for credit could get some on OS X.


Last I saw, Microsoft worms are at the point where they're barely news any more. Business as usual.

> Sometimes I wonder about the security problems with PCs. It sounds like some unholy alliance, right?

It sounds like unholy stupidity.

> I mean, defense contractors need wars to remain profitable. PC consultants and installers rely on viruses and malfunctions for their income. I know a PC user who spent $1500 or so for her computer... since then she's paid double that to have someone come in and troubleshoot her computer, install new software, stamp out viruses, etc.

Shame, do the imaging thing, backup data files, restore, update old files, done. Coddling windows is a deranged activity, if it's infested, burn it down. Gunna miss TV if you keep fighting on their level!

> Another guy I know bought a new computer rather than fix an older one that crashed (we managed to get him to switch to a Mac... he calls us for free tech support sometimes, heh heh...) because of a virus or something. You guys obviously wouldn't do that, but the majority of non-technical users would!

An expensive parallel to my solution.
And I would like a hand-me-down system like that. Where are those systems going?

> I'm just saying that you can't deny there's some profit motive in making sure that there are PC bugs and viruses around. How much of that you believe depends on your paranoia level...

"Never attribute to malice what can be adequately explained by stupidity."



On October 7, 2005 - 1:02 PM PDT woozy wrote:
> > Well, when 90% of the world's personal computers are Macs, then I'll start to worry.
>
> Actually what I consider *true* viruses, viruses the hide in software code and rewrite software code and maybe infect boot sectors are pretty rare, even on pcs and very easy to avoid. I never had one.

Boot sectors are passť. They're not a moving target, and con be detected by the BIOS.

> These "backdoor" viruses that work by some script that changes your home page and settings and environmental variables theoretically could be platform independant. Now if Macs have better security that browser settings (an much more importantly, registry files) or alert you to suspicious port traffic ("gee, someone is logging in on port 345, should I tell anyone? No guess not"), I don't know.

Theoretically they could be multiplatform, if all platforms ran Windows. No other OS to my knowledge has to deal with that other joyous feature of Microsoft, Active X.

> Actually, the first of these "script" viruses that I saw *was* on a Mac. Word 6.0 for Mac (and I *think* Word 7.0 for Mac or Windows) allowed one to save documents as documents or ... what'd they call'em, not templates but something like that... Little formatted mini-environments that let you control how windows worked ... I think maybe they were called modules.

Word macro viruses, another Microsoft innovation.

"Getting a virus from a text document, wow thats even sillier than the concept of an email virus!"
page  1  2  3  4  5  6      prev | next

about greencine · donations · refer a friend · support · help · genres
contact us · press room · privacy policy · terms · sitemap · affiliates · advertise

Copyright © 2005 GreenCine LLC. All rights reserved.
© 2006 All Media Guide, LLC. Portions of content provided by All Movie Guide®, a trademark of All Media Guide, LLC.