|May the source be with you, but remember the KISS principle ;-)|
|Contents||Bulletin||Scripting in shell and Perl||Network troubleshooting||History||Humor|
October 09, 2011 | Moon of Alabama
As the Chaos Computer Club, a 25 year old hacker organization which promotes privacy, found, the "Federal Trojan" software the police uses for sniffing into Skype calls allows full manipulation of the hosting PC. The software can install additional programs and it can upload, download and manipulate files."This refutes the claim that an effective separation of just wiretapping internet telephony and a full-blown trojan is possible in practice or even desired," commented a CCC speaker. "Our analysis revealed once again that law enforcement agencies will overstep their authority if not watched carefully. In this case functions clearly intended for breaking the law were implemented in this malware: they were meant for uploading and executing arbitrary code on the targeted system."
Even worse, the software is written on an amateur level, uses unsecured communication methods and, once installed, leaves the computer open to be manipulated by anyone on the Internet.
October 11, 2011 | Slashdot
CSHARP123 writes "In a move that's sure to raise some eyebrows, Microsoft today debuted a new web site designed to raise awareness of security issues in web browsers. When you visit the site, called Your Browser Matters, it allows you to see a score for the browser you're using. Only IE, Chrome, or Firefox are included - other browsers are excluded. Not surprisingly, Microsoft's latest release, Internet Explorer 9, gets a perfect 4 out of 4. Chrome or Firefox do not even come close to the score of 4. Even though the web site makes it easy for users to upgrade to the latest version of their choice of browser, Roger Capriotti hopes people will choose IE9, as it blocks more malware compared to Chrome or Firefox." Of note in the Windows Team post is that the latest Microsoft Security Intelligence Report discovered that 0-day exploits account for a mere tenth of a percent of all intrusions. Holes in outdated software and social engineering account for the majority of successful attacks.
NoScript blocks more malware than either.
I've seen the same data from Mcafee, and it was really something. For every computer exploited using a Windows flaw, 100 are exploited using Flash. Acrobat Reader and Java are the other major culprits.
In a lot of ways, browser security itself has never been better. There's several highly capable ones out there in this area. The weak link is some truly terrible plugins.
It might have been informative. Seriously, when you accuse Chrome of not meeting the requirement, "Does the browser help protect you from websites that are known to distribute socially engineered malware?" when google's anti-malware service is the basis for at least two browsers, and predates IE's effort by at least a year (probably more like 2), it sort of hampers your credibility.
Get Adobe Flash player
This page requires Flash Player version 10.2.0 or higher.
My browser only scored a 2 out of 4, yet was able to keep me from seeing most of the malicious content on the linked page.
NoScript and AdBlockPlus, thank you.
My browser: 1 Microsoft FUD: 0
Moving along, now... so much more internet to see, so little time.
Why does everyone fall back on attacking Microsoft for press releases like this? Statistically, IE HAS been safer than other browsers in certain respects nowadays. It's silly to dismiss their complete turnaround in taking security seriously just because it's fun to hate on the company.
Of course there's going to be some marketing thrown into it as well. But what company doesn't? Why isn't everyone attacking Apple when they claim Safari is the fastest and safest browser? Or Mozilla, which has made the same claims for years too? It's not true for either of those, and they certainly can't both be right at the same time. Everyone lets that slide, because it's not cool to hate on them, despite their own terrible histories with security/vulnerability problems.
I haven't used IE for years (stopped for security reasons, in fact), but that doesn't change the fact that I can still offer them kudos for helping keep the web a safer place, especially when they still provide the dominant browser. The less infected machines on the internet is beneficial to ALL of us.
Even though the site is the usual mix of MS inaccuracies, one thing it does do a good job pointing out is that Firefox is the odd man out right now when it comes to sandboxing. IE has it, Chrome has it, Safari on the Mac has it. Yet Firefox as the #2/#3 browser in the world lacks it. And while it's of limited use in protecting against attacks on plugins (which are the most common vector), it means it's easier to exploit the browser itself.
The FF devs should be working on getting Firefox appropriately sandboxed, even if it's Windows-only at the start. It would go a long way towards bringing it up to par with Chrome, which is Firefox's real competition.
Security Threat Research News
...Typosquatting is a popular Internet behavior that generates domain names based upon misspelling famous brand names. It is often abused by scammers to host malware and phishing content on these misspelled domains. Apparently, the Anticybersquatting Consumer Protection Act(ACPA) was enacted in 1999 to fight against any illegal intention of registering or using a domain confusingly similar to a trademark or famous name. As we know, it has been 13 years since Google was founded in1998.
Scammers have taken this opportunity to spread spyware through typosquatting on google.com, claiming that you can win an iPad on Google's 13th birthday.
Here is an example of a Google typosquatting: googole.com. Users will happen to get to the fake domain if they mistype google.com.
NEW YORK - Google is issuing this warning to people who try to click on links to sites with spyware and other malicious code: "The site you are about to visit may harm your computer!"
Users can search again, learn more about malicious code at the site StopBadware.org or proceed to the suspect site anyhow - at their own risk, of course.
Google Inc. said its initiative is just starting and is by no means comprehensive.
"To begin we'll only be identifying a small number of sites, but we'll be expanding our coverage over time," the company said in a statement. "Finding new and better ways to protect our users is a perpetual project, and we'll continue to work hard in this area."
Google is one of the main sponsors of StopBadware.org, a project that researchers from Harvard and Oxford universities are hoping to turn into a clearinghouse for information on spyware and other malicious software.
So far, StopBadware has identified only one site as malicious, and efforts to reach that site from Google worked normally Wednesday. But Google has identified other sites as problems and is offering warnings for those.
The company said the sites have been identified using software algorithms and verified with outside experts.
XP Antivirus 2012 is a fake anti-spyware program that is well known for promoting purchase of a full edition of XP Antivirus 2012 through vigorous Windows attention notifications. The XP Antivirus 2012 pop-up messages look very convincing which is why many PC users have succumb to the XP Antivirus 2012 program by paying upwards of $80 for it not knowing that it will not live up to its promises.
What does XP Antivirus 2012 do?
XP Antivirus 2012 was created with the main purpose of extorting money from computer users. This process is accomplished after the installation of XP Antivirus 2012 occurs. The installation of XP Antivirus 2012 may come automatically through a Trojan horse that is installed on a PC user's system without their knowledge. Sometimes surfing a free porn site will allow this to happen. In other cases PC users may have downloaded some type of software from a P2P (peer 2 peer) network not knowing it was laced with malware.
After XP Antivirus 2012 starts to load during startup of Windows, it presents users with a plethora of alert notifications that look rather legitimate to the untrained eye. These notices along with system scan results, are all fabricated by the XP Antivirus 2012 program. After the trust of XP Antivirus 2012 is gained through these bogus messages and system scan results, the computer user is apt to click on one which may redirect them to a purchase site for XP Antivirus 2012. If purchased, XP Antivirus 2012 will not remove any type of malware nor will it resolve previously stated PC issues. The best thing to do when presented with XP Antivirus 2012 is to take immediate action to remove it.
How Can You Remove XP Antivirus 2012?
XP Antivirus 2012 can be very difficult to manually remove if you are an inexperienced computer user. Not to mention, XP Antivirus 2012 has been known to populate the Windows Registry with many different entries and removing the wrong entries could render a PC damaged or useless
Feb 28, 2010 | AntiVirus Software
Akaashath Member Join Date: Feb 2010 Posts: 360
Re: What is Mega antivirus 2012 and how to remove it
Mega Anti Virus 2012 is a rogue security program that is supported by the use of the Trojan, which are as bright updates or video codecs to mask that requires to be considered on an on-line video. If Mega Antivirus 2012 runs, it scans your PC and non-existing virus identified, but you are not allowed to try to remove it unless you first purchase the program. These acknowledged malware files do not survive even from your PC. Please do not purchase Mega Anti Virus 2012, when it is just a trick.
#4 23-02-2011 Aashirya Member Join Date: Feb 2010 Posts: 359
Re: What is Mega antivirus 2012 and how to remove it
Mega Antivirus 2012 shows fake security warnings and windows on your desktop while you use the computer. These security alerts comprise notifications stating that your computer is under attack from a remote PC, or that frequent malware has been noticed. Like the forged scan results, these alerts and cautions, if all are ignored. Mega Anti Virus 2012 chunks task manager and additional utilities also. As you can observe, Mega Antivirus 2012 was intended to allow you believe that your PC is infected. If you have previously bought the program, contact credit card corporation name and talk about the charges. Make use of your physical removal directions from any website otherwise search Mega Anti Virus 2012 and related malware removal tool.
[Jul 17, 2011] Remove XP Antivirus 2012, removal instructions
They mention kdn.exe process, but the name can be any combination of three letters. Also registry keys mentions does not correspond those that I observed.XP Antivirus 2012 is a deceptive and quite sophisticated rogue anti-spyware program which applies the basic tricks of scams from this category. Though it declares to be a powerful virus remover, keep in mind that this program is the only one that needs to be eliminated because it reports invented viruses. To be more precise, XP Antivirus 2012 firstly will create numerous harmless files that it will drop in the infected computer's system. Then this scam will pretend to scan your computer and immediately will report numerous viruses that in reality are nothing else but these earlier created files. Some of its alerts may state about Trojan-BNK.Win32.Keylogger.gen threat for making you scared to death and push into purchasing its license which will be offered additionally. Pay attention to the fact, that XP Antivirus 2012 is dangerous and has nothing to do with computer's protection!
XP Antivirus 2012 program has been manipulating people into believing it is useful software. However, this rogue anti-spyware mostly penetrates into a random computer system without the user's knowledge and approval and opens the backdoor of the system to let more threats or allow the scammers to reach your personal information. All this is done with a help of Trojans that infect vulnerable systems through fake video codecs and flash updates. As you can see, you should not believe XP Antivirus 2012 and its spyware detection reports as they are fabricated and have in fact nothing to do with the true condition of machine. Don't buy this software though it will definitely promise to fix your computer, but remove XP Antivirus 2012.
Fanbox.com, formerly known as sms.ac, is one of the most annoying and sleaziest spams and misrepresentations going right now. Here's how to stop receiving this spam.
If you are receiving email list this, we urge you to forward them to the federal Trade Commission. If they receive enough complaints, perhaps they'll get off their lazy government backsides and do something about the scum behind this scam:
How to Block Fanbox Emails or Cancel Your Account
Don't click on the link to cancel your account. That will only confirm to these scum that your email address is being used and ensure MORE spam. And since you never signed up for it, you haven't got an account to cancel. They are just trying to trick you into clicking on a link and confirming your information!
Instead, put fanbox.com, fanboxapps.com, and sms.ac in your junk / blocked senders, junk email or spam list in your email program (eg., Outlook junk mail list)
Report these spammers to the government:
To forward unwanted or deceptive spam to the Federal Trade Commission; send it to firstname.lastname@example.org,
Also see the FTC and here to Report Porn Spam. In California, also use email@example.com. In Missouri, use firstname.lastname@example.org. In Virginia, use email@example.com.
If you think you have been taken advantage of by a spam scam, file a complaint with the FTC online at www.ftc.gov. Complaints will help the FTC find and stop people who are using spam to defraud consumers.
How their scam works:
When you sign up for FanBox, it asks for your permission to email everyone in your address book. After you give them your password (DON'T do it!) it will start spamming everyone in your contact list / address book. It will send them these stupid ":____ asked you a question" spams.
We've received them here; and verified that the senders had no intention of sending them to us, or "asking" a question. They felt victimized.
For detailed discussion of this scam see these links:
1. Fanbox is the new plaxo
2. Spamhuntress.com: sms.ac turns into fanbox/
3. Steve Riley: faxbox, the latest in password scams
4. Fanbox: do not touch it
First you get a letter from one of your friends that looks innocent and pretty plausible, for example
I set up a profile where I can post photos, connect and share.
Do me a favor and confirm our relationship here .
<name of your friend>
If you click the link (very bad idea :-) it will propose you to login to this social networking site using any of your existing Webmail accounts (hotmail, gmail, yahoomail, etc). It also asks you to send an invitation to your friends.
What it does next is harvesting all your emails addresses in Web address book (it understands various formats) and send invitation to those on the list like regular email virus does. Pretty neat trick... Sending fake invitations to all addresses collected from your account address book make them a dangerous spammers.
The malware seems to have been on a Linux machine @ Badgered
The answer to your question is in the link provided by Vaughan-Nichols.
The term 'malware compromised PC' is something that Vaughan-Nichols simply made up (as he tends to do), unless he's posted the wrong link. The link he posted makes no reference to a PC. Rather, it states that a trojan was discovered on 'HPA's personal colo machine' -- a 'personal machine', not a 'PC'.
More importantly, the source also states that a 'trojan startup file was added to rc3.d'. As anyone familiar with Linux will know, 'rc3.d' is a directory containing start-up scripts for run level 3. The Linux run level scheme was copied from Unix, and as anyone familiar with Windows will know, Windows does not use run levels, nor has it ever.
In short, what Vaughan-Nichols calls a 'malware compromised PC' was apparently a 'personal co[-]lo[cation] machine' running Linux. It was apparently infected, along with several other Linux machines, by a trojan that targets Linux. It was Linux malware, full stop.
Anyone who's puzzled by a high-profile infection of Linux systems should consider the following:
1. Every production operating system contain bugs
2. Every user/administrator makes mistakes (much more important than 1)
3. Containing user/administrator mistakes and managing problems caused by bugs requires considerable resources
4. It's exceedingly unlikely that the Linux Kernel Organization, a non-profit, can match the resources of large commercial firms
5. Despite the myths spread by the technically inept, Linux isn't inherently more secure than Windows (indeed, as Charlie Miller has pointed out, Linux desktops are probably easier to hack than Windows desktops)
To those who haven't the first clue about security and think Linux is magically protected by pixies (i.e. most Linux zealots), the fact that hackers were able to compromise kernel.org and apparently remain undetected for some time must come as a shock. To anyone who actually understands the Linux, Unix and Windows security models, however, it isn't the least bit surprising.
Rocky my boyfrend received faxbox invitation from a girl into hotmail account. This invitation was relating to his fanbox login. He says that he did not register himself in fanbox. His fanbox nickname is like his skype name or hotmail messanger nickname. Is that possible that he did not registered himself or he is lying?
He almost certainly did not register with Fanbox/Faxbox. According to this article, they get people's names and addresses from other victims, and then spam the new victims. They try to make it look like they have an account, and it can be canceled/unsubscribed/shut down. But, they ignore your request for removal and add you to a verified "good email account" list.
Softpanorama hot topic of the month
FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in our efforts to advance understanding of environmental, political, human rights, economic, democracy, scientific, and social justice issues, etc. We believe this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit exclusivly for research and educational purposes. If you wish to use copyrighted material from this site for purposes of your own that go beyond 'fair use', you must obtain permission from the copyright owner.
ABUSE: IPs or network segments from which we detect a stream of probes might be blocked for no less then 90 days. Multiple types of probes increase this period.
Groupthink : Two Party System as Polyarchy : Corruption of Regulators : Bureaucracies : Understanding Micromanagers and Control Freaks : Toxic Managers : Harvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Neoliberalism : The Iron Law of Oligarchy : Libertarian Philosophy
War and Peace : Skeptical Finance : John Kenneth Galbraith :Talleyrand : Oscar Wilde : Otto Von Bismarck : Keynes : George Carlin : Skeptics : Propaganda : SE quotes : Language Design and Programming Quotes : Random IT-related quotes : Somerset Maugham : Marcus Aurelius : Kurt Vonnegut : Eric Hoffer : Winston Churchill : Napoleon Bonaparte : Ambrose Bierce : Bernard Shaw : Mark Twain Quotes
Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient markets hypothesis : Political Skeptic Bulletin, 2013 : Unemployment Bulletin, 2010 : Vol 23, No.10 (October, 2011) An observation about corporate security departments : Slightly Skeptical Euromaydan Chronicles, June 2014 : Greenspan legacy bulletin, 2008 : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Financial Humor Bulletin, 2010 : Inequality Bulletin, 2009 : Financial Humor Bulletin, 2008 : Copyleft Problems Bulletin, 2004 : Financial Humor Bulletin, 2011 : Energy Bulletin, 2010 : Malware Protection Bulletin, 2010 : Vol 26, No.1 (January, 2013) Object-Oriented Cult : Political Skeptic Bulletin, 2011 : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law
Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds : Larry Wall : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOS : Programming Languages History : PL/1 : Simula 67 : C : History of GCC development : Scripting Languages : Perl history : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history
The Peter Principle : Parkinson Law : 1984 : The Mythical Man-Month : How to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Haters Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite
Most popular humor pages:
Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor
The Last but not Least
Copyright © 1996-2016 by Dr. Nikolai Bezroukov. www.softpanorama.org was created as a service to the UN Sustainable Development Networking Programme (SDNP) in the author free time. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License.
Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.
FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to advance understanding of computer science, IT technology, economic, scientific, and social issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided by section 107 of the US Copyright Law according to which such material can be distributed without profit exclusively for research and educational purposes.
This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...
|You can use PayPal to make a contribution, supporting development of this site and speed up access. In case softpanorama.org is down you can use the at softpanorama.info|
The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.
Last modified: September, 19, 2017