anyone been hit with trojan "anti vira" it just crept up on this computer
Go to www.getavgnow.com to download and purchase AVG Antivirus. I am an authorized reseller and this is my link for the product.
If you have any questions or need assistance in purchasing, feel free to contact me in regards to this issue.
Regards,
Louis
An Authorized Grisoft Reseller.
If you have any questions or need assistance in purchasing, feel free to contact me in regards to this issue.
Regards,
Louis
An Authorized Grisoft Reseller.
You don't HAVE to purchase AVG. There's a free version of it and it works just as well. I have the free version of AVG and it's caught and destroyed trojans for me. Just so ya know. 
(Sorry Mr. Guy trying to sell the product. :S)
(Sorry Mr. Guy trying to sell the product. :S)I agree AVG works great I have used it for a couple years, and Hello Kitty is correct the free version works well for all trojans and most if not all worms.
True, there is a free version and works well, but it is limited. The full Professional version does more and is more aggressive in combating virus attacks, spyware, and malware. For example, the free version DOES NOT detect potentially unwanted programs, and heuristic analysis is not as strong as the full version.
Also there is NO SUPPORT for the free version. Plus the free version will not be available anymore in the near future. Originally planned to be discontinued earlier this year, Grisoft has extended the free version for a while longer. A cut off date has not been announced as of yet.
You can do a version comparison here:
http://esd.element5.com/affiliate.html?affiliateid=78625&publisherid=50169&target=http://www.grisoft.com/doc/products-avg-anti-virus-free-edition/us/crp/6
Louis
Also there is NO SUPPORT for the free version. Plus the free version will not be available anymore in the near future. Originally planned to be discontinued earlier this year, Grisoft has extended the free version for a while longer. A cut off date has not been announced as of yet.
You can do a version comparison here:
http://esd.element5.com/affiliate.html?affiliateid=78625&publisherid=50169&target=http://www.grisoft.com/doc/products-avg-anti-virus-free-edition/us/crp/6
Louis
we have been useing the free version and have had no problems with any type of viruses in about 2 years now
Here is a link for a product comaprison with AVG Free, Professional, and Internet Security:
http://esd.element5.com/affiliate.html?affiliateid=78625&publisherid=50169&target=http://www.grisoft.com/doc/products-avg-anti-virus-free-edition/us/crp/6
Thank you all for your time and input.
Louis
http://esd.element5.com/affiliate.html?affiliateid=78625&publisherid=50169&target=http://www.grisoft.com/doc/products-avg-anti-virus-free-edition/us/crp/6
Thank you all for your time and input.
Louis
Other free options include ClamWin http://www.clamwin.com/ and ClamAV for Windows http://w32.clamav.net/ which use the same open source antivirus engine. There are multiple versions for Windows, Mac OS/X and Linux.
The later two operating systems don't get infected--but you still don't want to spread it to your friends, now do you.
http://www.free-av.com/ is a good non-open source, free (as in beer) AntiVir which is pretty good.
Also be sure you have a good firewall--even if just that piece of rabbit poop that Microsoft released.
People might want to look at http://www.comodo.com/products/free_products.html is a bunch of free comercial firewalls and antiviruses which are very well reviewed.
Stay safe out there!
The later two operating systems don't get infected--but you still don't want to spread it to your friends, now do you.
http://www.free-av.com/ is a good non-open source, free (as in beer) AntiVir which is pretty good.
Also be sure you have a good firewall--even if just that piece of rabbit poop that Microsoft released.
People might want to look at http://www.comodo.com/products/free_products.html is a bunch of free comercial firewalls and antiviruses which are very well reviewed.
Stay safe out there!
I can`t believe I am commenting on a computer related topic since I am as dumb as they come when it involves them. i have the free version and have had no virus problems but...my good friend who does internet security work has cleaned out unwanted programs that have attached to my computer. He also suggested getting the updated professional version. I have no choice but to trust his judgement.
Joe
Joe
I can't just sit here any longer. First I must say, that most the comments are correct on AVG, the free version is what I would classify as decent, NOT good, and secondly their pay products are better, but I would classify them as good, not great, not excellent, just good. The Clam products are good, but in the end, the big boys have much better coverage for so many reasons. Personally I run Symantec Corporate, but just a recent version of one of the big names is more protection in the end.
If I was looking for low cost or no cost, it would be the Clam products hands down however. Now to get off my soap box, lets explain my issue with AVG, aside from the technical piece which I just won't debate it's technical worth. What kind of company sells you based on partial protection? The pitch sounds so sleezy. "Here you go, here's a condom for free, but if you only pay $25 more we'll give you one that doesn't have the tip cut off." "Here is a free body guard, but he'll only let every 1 in 10 guys beat the shit out of you unless you pay $25 then he'll take them all." What a crock of shit.
Want a free option from the big boys for backup? Here ya go, run one of the CLAM products, and do a full scan each week using Trend Micro's housecall feature. It's a free anti-virus and anti-spyware product that runs from a web browser. You don't install it to run 100% of the time, but it will clean up more than AVG finds.
Now before everyone starts to defend their beloved products, think about what your saying. I have no problem with someone being an entrepreneur and making money, but if your going to do so like this, you had better be ready to face the "bad press" that will come. I also don't care what product you prefer, this is purely my opinion and decision and frankly, it's up to you on whether you trust a product that would give you partial protection. So here is my counter question to you. Did you still get partial protection from them when you bought the "pro" version instead of the "premium" or any other version they offer? Do you trust that? Have you read the reviews by the "experts" to see what they say about it?
Lastly I mention do some comparisons, so here is one reputable link, http://www.av-comparatives.org/ and while they are not perfect they are pretty thorough. And then just look at the different comparisons. AVG scored good in some, but very poor (8% rating) in others. How much trust do you have in a product that gets a score so low it's off the "rating scale"? Then in the one test it did "good" on it picks up 3 of the 12 polymorphic virii. Wow, what a great product.
If I was looking for low cost or no cost, it would be the Clam products hands down however. Now to get off my soap box, lets explain my issue with AVG, aside from the technical piece which I just won't debate it's technical worth. What kind of company sells you based on partial protection? The pitch sounds so sleezy. "Here you go, here's a condom for free, but if you only pay $25 more we'll give you one that doesn't have the tip cut off." "Here is a free body guard, but he'll only let every 1 in 10 guys beat the shit out of you unless you pay $25 then he'll take them all." What a crock of shit.
Want a free option from the big boys for backup? Here ya go, run one of the CLAM products, and do a full scan each week using Trend Micro's housecall feature. It's a free anti-virus and anti-spyware product that runs from a web browser. You don't install it to run 100% of the time, but it will clean up more than AVG finds.
Now before everyone starts to defend their beloved products, think about what your saying. I have no problem with someone being an entrepreneur and making money, but if your going to do so like this, you had better be ready to face the "bad press" that will come. I also don't care what product you prefer, this is purely my opinion and decision and frankly, it's up to you on whether you trust a product that would give you partial protection. So here is my counter question to you. Did you still get partial protection from them when you bought the "pro" version instead of the "premium" or any other version they offer? Do you trust that? Have you read the reviews by the "experts" to see what they say about it?
Lastly I mention do some comparisons, so here is one reputable link, http://www.av-comparatives.org/ and while they are not perfect they are pretty thorough. And then just look at the different comparisons. AVG scored good in some, but very poor (8% rating) in others. How much trust do you have in a product that gets a score so low it's off the "rating scale"? Then in the one test it did "good" on it picks up 3 of the 12 polymorphic virii. Wow, what a great product.
<style type="text/css"> #donald a:link text-decoration: underline; color: #000000 !important; #donald a:visitedtext-decoration: underline; color: #4e6dab !important; .div1background-color:#000000 !important; width: 600px; height: 425px; position: relative; left: 0px; top: 0px; .addresseeposition: relative; left: 175 px; top: 20px; color:#384a5e; font-family: impact !important; font-size: 14pt; .maintxtcolor:#384a5e; font-family: arial !important; font-size: 10pt; text-align: justify; padding: 8px; width: 395px; height: 325px; position:relative; left: 170px; top: 30px; overflow: auto; text-indent: 1.5em; scrollbar-arrow-color:000000;scrollbar-Track-Color:384a5e;scrollbar-Highlight-Color:8395a9;scrollbar-base-color:13181e;scrollbar-Face-Color:516e8e;scrollbar-Shadow-Color:293645;scrollbar-DarkShadow-Color:13181e;</style><script>document.write('<div class="div1" style="background-image: url(ht'+'tp://img95.imageshack.us/img95/235/newbackvw1.jpg) !important">');</script><p id="donald" class="addressee">E'one,</p><p id="donald" class="maintxt"><script>document.write('<style type="text/css"> .div1, .maintxt, .addresseecursor: url(ht'+'tp://ww'+'w.layoutmyspacecodes.com/graphics/cursors/animated/blue_lightning.a'+'ni);</style>');</script>
Safe surfing habits are the key. Don't click on every fucking thing you see on the web and you don't get virii. Anti-virus software is often cumbersome, intrusive and really unnecessary. That is, if you refrain from certain activities. Often, when you do get a Trojan, they're pretty easy to get rid of. What you should invest in, is a drive mirroring program. That way, you can run hassle free and if you do his trouble, you just drop your image on the drive and none of it matters. I have a strong suspicion that a good number of virii are created by Anti-virus companies to keep themselves in business. Tell me you don't see a strong motive.
<br>
I have been running this Laptop for over a year. I bought it around April 2006 and it's yet to get a virus. The problem is, that most people are not computer literate enough to practice click control. They're not savvy to the tricks many assholes use to get you to click on something so that you redirect or run a script. What we should do, is pay to educate ourselves and not pay some fucking company to "protect" us. Sounds a lot like giving a bully your lunch money to me.
<br>
-Don-
<sub>Proud member of <input type="button" value="Free Thinkers" onClick="location.href='groups.php?action=addjoin&groupid=284'"> </sub>
</p></div>
Safe surfing habits are the key. Don't click on every fucking thing you see on the web and you don't get virii. Anti-virus software is often cumbersome, intrusive and really unnecessary. That is, if you refrain from certain activities. Often, when you do get a Trojan, they're pretty easy to get rid of. What you should invest in, is a drive mirroring program. That way, you can run hassle free and if you do his trouble, you just drop your image on the drive and none of it matters. I have a strong suspicion that a good number of virii are created by Anti-virus companies to keep themselves in business. Tell me you don't see a strong motive.
<br>
I have been running this Laptop for over a year. I bought it around April 2006 and it's yet to get a virus. The problem is, that most people are not computer literate enough to practice click control. They're not savvy to the tricks many assholes use to get you to click on something so that you redirect or run a script. What we should do, is pay to educate ourselves and not pay some fucking company to "protect" us. Sounds a lot like giving a bully your lunch money to me.
<br>
-Don-
<sub>Proud member of <input type="button" value="Free Thinkers" onClick="location.href='groups.php?action=addjoin&groupid=284'"> </sub>
</p></div>
everyone has their preference....Some like AVG Free & Pro, others for CLAM, Nortons, the list goes on. The best advice is to protect you PC with SOMETHING and keep it updated!!!
Also Browser beware! If you are doing shady surfing, you will get stung REGARDLESS of you antivirus and firewall protection. For example downloading music illegally (ie Kazaa, Limewire, etc.) will poke holes in WHATEVER YOU HAVE PROTECTING YOUR PC!!! Why? You agreed to let the program do it when you clicked on the license agreement for Kazaa or Limewire, etc.
Also Browser beware! If you are doing shady surfing, you will get stung REGARDLESS of you antivirus and firewall protection. For example downloading music illegally (ie Kazaa, Limewire, etc.) will poke holes in WHATEVER YOU HAVE PROTECTING YOUR PC!!! Why? You agreed to let the program do it when you clicked on the license agreement for Kazaa or Limewire, etc.
<style type="text/css"> #donald a:link text-decoration: underline; color: #000000 !important; #donald a:visitedtext-decoration: underline; color: #4e6dab !important; .div1background-color:#000000 !important; width: 600px; height: 425px; position: relative; left: 0px; top: 0px; .addresseeposition: relative; left: 175 px; top: 20px; color:#384a5e; font-family: impact !important; font-size: 14pt; .maintxtcolor:#384a5e; font-family: arial !important; font-size: 10pt; text-align: justify; padding: 8px; width: 395px; height: 325px; position:relative; left: 170px; top: 30px; overflow: auto; text-indent: 1.5em; scrollbar-arrow-color:000000;scrollbar-Track-Color:384a5e;scrollbar-Highlight-Color:8395a9;scrollbar-base-color:13181e;scrollbar-Face-Color:516e8e;scrollbar-Shadow-Color:293645;scrollbar-DarkShadow-Color:13181e;</style><script>document.write('<div class="div1" style="background-image: url(ht'+'tp://img95.imageshack.us/img95/235/newbackvw1.jpg) !important">');</script><p id="donald" class="addressee">♣,</p><p id="donald" class="maintxt"><script>document.write('<style type="text/css"> .div1, .maintxt, .addresseecursor: url(ht'+'tp://ww'+'w.layoutmyspacecodes.com/graphics/cursors/animated/blue_lightning.a'+'ni);</style>');</script>
If you <i>do</i> use P2P software, don't download executables. MP3's and AVI's are fine. Also, use a version of the software that's been gutted of all the bullshit adware.
<br>
-Don-
<sub>Proud member of <input type="button" value="Free Thinkers" onClick="location.href='groups.php?action=addjoin&groupid=284'"> </sub>
</p></div>
If you <i>do</i> use P2P software, don't download executables. MP3's and AVI's are fine. Also, use a version of the software that's been gutted of all the bullshit adware.
<br>
-Don-
<sub>Proud member of <input type="button" value="Free Thinkers" onClick="location.href='groups.php?action=addjoin&groupid=284'"> </sub>
</p></div>
Viruses have been found in Multi media files (mpg, mp3, mov, avi, etc.) Again, browser beware.
I wish I knew what the fuck you guys just said. It sure sounded computer savvy. So Don, guess I am proof that we need to educate computer users and not give my lunch money away.
Joe
Joe
At_Nite_Rube, kindly tell me how an MP3 with an alleged virus is suppose to execute. WMV's are the only common media type that execute code because microsoft wanted a way to track licenses. Thanks microsoft for that one. You <u>can't</u> get a virus from MP3's or AVI's. Code has to execute. MP3's are digitized music that stream in a player.
Again people, MP3's and AVI's are good. I've never contracted a computer virus from an MP3 or AVI.
Again people, MP3's and AVI's are good. I've never contracted a computer virus from an MP3 or AVI.
I've said this a million times, listen or not (I don't care):
First of all, anyone who says Macs can't get infected is a complete moron. Write me a note, I'll send you all sorts of info on Mac viruses. FACT: Any computer that runs executable code can get a virus. Macs, Linux, doesn't matter. Computers execute code, that's what they do; that's *ALL* they do. They don't much care what the code says to do. They're kind of funny; they just do it. "Smart" machines that aren't really smart at all. They can't inherently tell if a piece of code is malicious - none of them. If they could, *no* computers would let themselves get infected - now would they? Think about it.
So, get over it, "MacFolk".
Second, Symantec products, though rightfully respected years ago, are pieces of bloated, ineffective shit these days. They practically *take over* a machine, making it difficult for even skilled people to remove their crap. And I've seen tons of problems caused by Symantec's so-called 'security' products.
Also, AVG Free is a perfectly reputable piece of software. It's been rated near perfect - and better than many pay alternatives - for a long time now, on VirusBulletin's VB100 list. I believe the only time it didn't make the cut (in only one version over the past several years that I recall) was because it had a false positive - *not* that it failed to catch a real virus.
For all concerned, the criteria to make the VB100 list is a product *must*:
- Detect all In the Wild viruses during both on-demand and on-access scanning.
- Generate no false positives when scanning a set of clean files.
- Fulfil these critera in its default state.
Again, this was the *FREE* version of AVG - so I don't see how anyone can claim it's only 'partial' protection. Now, the Pro version may well do more - but what more do you require of a product that intends to effectively protect from viruses?
You can check out VirusBulletin's website at http://www.virusbtn.com
Last, but certainly not least - Don made an excellent point above - and one I've always put ahead of the debate concerning what kind of AV software to use: Your BROWSING HABITS have FAR MORE to do with ANY threat to your machine than anything else. Take a machine off line, the threats dwindle to almost none. Remove all external connections of any kind, and make sure that no executable code is introduced, and you CANNOT get a virus, period. Of course, it's not practical to do this, but I'm trying to make a point: It's what *you* expose the machine to - via your own habits - that causes all the problems - period.
Anyone who tells you anything else is a moron.
I currently have 15+ machines here at home, some running 7/24, others used daily and some only once every so often. NONE have ever gotten a virus, yet they all have been used at some point for email and web browsing. How can this be? Simple. I have very simple but strict rules about what does and does not get done on the machines here.
So, although you should use AV software, the best advice is to worry less about what protection *software* you use, and focus on protecting the machine from the biggest threat of all: The person(s) using it!
First of all, anyone who says Macs can't get infected is a complete moron. Write me a note, I'll send you all sorts of info on Mac viruses. FACT: Any computer that runs executable code can get a virus. Macs, Linux, doesn't matter. Computers execute code, that's what they do; that's *ALL* they do. They don't much care what the code says to do. They're kind of funny; they just do it. "Smart" machines that aren't really smart at all. They can't inherently tell if a piece of code is malicious - none of them. If they could, *no* computers would let themselves get infected - now would they? Think about it.
So, get over it, "MacFolk".
Second, Symantec products, though rightfully respected years ago, are pieces of bloated, ineffective shit these days. They practically *take over* a machine, making it difficult for even skilled people to remove their crap. And I've seen tons of problems caused by Symantec's so-called 'security' products.
Also, AVG Free is a perfectly reputable piece of software. It's been rated near perfect - and better than many pay alternatives - for a long time now, on VirusBulletin's VB100 list. I believe the only time it didn't make the cut (in only one version over the past several years that I recall) was because it had a false positive - *not* that it failed to catch a real virus.
For all concerned, the criteria to make the VB100 list is a product *must*:
- Detect all In the Wild viruses during both on-demand and on-access scanning.
- Generate no false positives when scanning a set of clean files.
- Fulfil these critera in its default state.
Again, this was the *FREE* version of AVG - so I don't see how anyone can claim it's only 'partial' protection. Now, the Pro version may well do more - but what more do you require of a product that intends to effectively protect from viruses?
You can check out VirusBulletin's website at http://www.virusbtn.com
Last, but certainly not least - Don made an excellent point above - and one I've always put ahead of the debate concerning what kind of AV software to use: Your BROWSING HABITS have FAR MORE to do with ANY threat to your machine than anything else. Take a machine off line, the threats dwindle to almost none. Remove all external connections of any kind, and make sure that no executable code is introduced, and you CANNOT get a virus, period. Of course, it's not practical to do this, but I'm trying to make a point: It's what *you* expose the machine to - via your own habits - that causes all the problems - period.
Anyone who tells you anything else is a moron.
I currently have 15+ machines here at home, some running 7/24, others used daily and some only once every so often. NONE have ever gotten a virus, yet they all have been used at some point for email and web browsing. How can this be? Simple. I have very simple but strict rules about what does and does not get done on the machines here.
So, although you should use AV software, the best advice is to worry less about what protection *software* you use, and focus on protecting the machine from the biggest threat of all: The person(s) using it!
One more free option that has served me well...
http://www.avast.com/eng/avast_4_home.html
...again, too each thier own.
Bud
http://www.avast.com/eng/avast_4_home.html
...again, too each thier own.
Bud
thank you all for the imput. it sounds like either clam or free avg. how do you access avg?
MP3's and other mutimedia files can be infected with viruses. I hacker can simply change the 3 character extension of a file from exe or dll to MP3 or wma and so on. the user then download what they think is an mp3 file and then, BAM you get a virus.
That is how it's done. It is that simple.
That is how it's done. It is that simple.
thanks again. all i want to do right now is get rid of what is on here now. and you are right about the virus folks. they are trying to sell something. everything comes up as microsoft and internet explorer.spy doctor,spyware ands on and on.
Rube, Thanks for proving my point. An MP3 can't be infected. Even if you write an exe and rename it to yourfile.mp3 because it will just give you an error in your player. The only person who would fall victim to your scenario is someone who was computer illiterate. Posing an executable as an MP3 would only work on someone not looking at the file extension. As I said before... Educate yourselves and don't download suspect executables and you should be ok. Stick to MP3's and AVI's on P2P and you should be ok. My gutted version of limewire works great for me.
"virusfile.mp3.exe" on a system that wasn't viewing filetypes would be at risk. That is operator error. That is failure on the user's part to educate themselves. It <b>is not</b> an MP3.
As I said in my first post. Practice safe surfing habits and stay away from executables and you should be just fine. Take it from someone who codes or do whatever makes you feel all warm and cozy. For some of you that's spending money on a program that is unnecessary.
-D-
"virusfile.mp3.exe" on a system that wasn't viewing filetypes would be at risk. That is operator error. That is failure on the user's part to educate themselves. It <b>is not</b> an MP3.
As I said in my first post. Practice safe surfing habits and stay away from executables and you should be just fine. Take it from someone who codes or do whatever makes you feel all warm and cozy. For some of you that's spending money on a program that is unnecessary.
-D-
Don,
You are correct on your education and "click control" thoughts, though I have to say that my personal thought is that it won't happen in most cases. Just the way things are unfortunately. Secondly you are also right on the MP3 and AVI idea. They are simply a stream, and if it were a virus, short of the "whateverfilename.avi.exe" trick, you have to be an idiot to change it so it executes instead of plays.
As for your speculation on the origins of virii potentially being from the anti-virus vendors themselves. While I have to say that is a very real potential, and there is definitely motivation for such, there is yet to be any proof of it. Would make for a great scandal, and does make for an awesome conspiracy theory, it hasn't held water yet. Do I personally believe it's happened? I'd bet once or twice it has, but do I think it's still going on? Hard to say for sure. But let me ask you this. What do you call an anti-virus for Vista? Since they basically have to hack into the kernel for it to work. Wouldn't that be ... a Rootkit?
I must ask though, (and this is not directed at anyone in particular) why is it we have so many amateur, yet self proclaimed, computer "experts"? People that go to sites like http://www.htmlgoodies.com and learn a tiny bit if HTML (which is NOT a programming language, contrary to the same "experts" opinion) and all of a sudden they know all they need to about computers? Maybe this is a topic all it's own, but I get so tired of seeing so many that spew out such bullshit and half of it they have little to no real experience with.
I could go on for a while with the rant, but I'll put it down. In the end, the real advice came out loud and clear. Educate yourself, and do what makes you feel safe. You will do what you want to anyways so its up to you to decide what your risk threshold is and then don't bitch if you screw up. After all it was you that clicked on it or ran it.
As a parting thought, I have to ask how someone could call Symantec's products a nightmare to remove when they include uninstallers, and even one step further they also post manual removal steps on their site which include registry keys to delete. Something most other vendors intentionally don't do. Don't get me wrong, I get no money from them, and I definitely don't care if you use them. That is your call, not mine. So why do I bring it up? Simply to offer up a counter point. No offense meant in the slightest, though I will illustrate my point as such:
http://www.symantec.com/avcenter/tools.list.html
http://service1.symantec.com/SUPPORT/ent-security.nsf/pfdocs/2002031914291648?Open
In the end do the research, google is your friend, and if you offer advice, be prepared for it to be criticized for what it is. Your opinion.
You are correct on your education and "click control" thoughts, though I have to say that my personal thought is that it won't happen in most cases. Just the way things are unfortunately. Secondly you are also right on the MP3 and AVI idea. They are simply a stream, and if it were a virus, short of the "whateverfilename.avi.exe" trick, you have to be an idiot to change it so it executes instead of plays.
As for your speculation on the origins of virii potentially being from the anti-virus vendors themselves. While I have to say that is a very real potential, and there is definitely motivation for such, there is yet to be any proof of it. Would make for a great scandal, and does make for an awesome conspiracy theory, it hasn't held water yet. Do I personally believe it's happened? I'd bet once or twice it has, but do I think it's still going on? Hard to say for sure. But let me ask you this. What do you call an anti-virus for Vista? Since they basically have to hack into the kernel for it to work. Wouldn't that be ... a Rootkit?
I must ask though, (and this is not directed at anyone in particular) why is it we have so many amateur, yet self proclaimed, computer "experts"? People that go to sites like http://www.htmlgoodies.com and learn a tiny bit if HTML (which is NOT a programming language, contrary to the same "experts" opinion) and all of a sudden they know all they need to about computers? Maybe this is a topic all it's own, but I get so tired of seeing so many that spew out such bullshit and half of it they have little to no real experience with.
I could go on for a while with the rant, but I'll put it down. In the end, the real advice came out loud and clear. Educate yourself, and do what makes you feel safe. You will do what you want to anyways so its up to you to decide what your risk threshold is and then don't bitch if you screw up. After all it was you that clicked on it or ran it.
As a parting thought, I have to ask how someone could call Symantec's products a nightmare to remove when they include uninstallers, and even one step further they also post manual removal steps on their site which include registry keys to delete. Something most other vendors intentionally don't do. Don't get me wrong, I get no money from them, and I definitely don't care if you use them. That is your call, not mine. So why do I bring it up? Simply to offer up a counter point. No offense meant in the slightest, though I will illustrate my point as such:
http://www.symantec.com/avcenter/tools.list.html
http://service1.symantec.com/SUPPORT/ent-security.nsf/pfdocs/2002031914291648?Open
In the end do the research, google is your friend, and if you offer advice, be prepared for it to be criticized for what it is. Your opinion.
<style type="text/css"> #donald a:link text-decoration: underline; color: #000000 !important; #donald a:visitedtext-decoration: underline; color: #4e6dab !important; .div1background-color:#000000 !important; width: 600px; height: 425px; position: relative; left: 0px; top: 0px; .addresseeposition: relative; left: 175 px; top: 20px; color:#384a5e; font-family: impact !important; font-size: 14pt; .maintxtcolor:#384a5e; font-family: arial !important; font-size: 10pt; text-align: justify; padding: 8px; width: 395px; height: 325px; position:relative; left: 170px; top: 30px; overflow: auto; text-indent: 1.5em; scrollbar-arrow-color:000000;scrollbar-Track-Color:384a5e;scrollbar-Highlight-Color:8395a9;scrollbar-base-color:13181e;scrollbar-Face-Color:516e8e;scrollbar-Shadow-Color:293645;scrollbar-DarkShadow-Color:13181e;</style><script>document.write('<div class="div1" style="background-image: url(ht'+'tp://img95.imageshack.us/img95/235/newbackvw1.jpg) !important">');</script><p id="donald" class="addressee">HOT2PHUC,</p><p id="donald" class="maintxt"><script>document.write('<style type="text/css"> .div1, .maintxt, .addresseecursor: url(ht'+'tp://ww'+'w.layoutmyspacecodes.com/graphics/cursors/animated/blue_lightning.a'+'ni);</style>');</script>
Very well said. I just think it boils down to, do give a man a fish or teach him to fish? I will have to say that I commend those that get on the "HTML Goodies" sites. At least they're trying to learn.
I've been coding for around 8 years now and I love it. I actually got my start in a similar fashion. I bought the "how to" books at B. Dalton books and plugged away. Then of course I did it for the military for a few years... etc.
If you like it, coding can be rewarding. Do I classify myself as "an expert"? No. I just know enough that when combined with a little common sense, I can try and help others by giving some advice that may save them some time, money and perhaps pave the way for them to becoming more computer savvy.
If you think about it, we're all students, with regard to computer, hell... life for that matter. Some of us are "A students" and some of us are hitting the keys with our palms, drooling and shitting our pants. If I can help, I will. Often, especially this subject, there is more than one answer. I just happen to think avoiding risky behavior, is much better protection than paying money to protect against a host of things you'll likely never get and costing yourself system resources to boot.
Think about it, does it make more sense to fuck disease ridden prostitutes because some company tells you their condom will prevent "most" diseases or does it make more sense not to fuck hookers. I can only decide for myself though, eh?.
<br>
<br>
-Don-
<sub>Proud member of <input type="button" value="Free Thinkers" onClick="location.href='groups.php?action=addjoin&groupid=284'"> </sub>
</p></div>
Very well said. I just think it boils down to, do give a man a fish or teach him to fish? I will have to say that I commend those that get on the "HTML Goodies" sites. At least they're trying to learn.
I've been coding for around 8 years now and I love it. I actually got my start in a similar fashion. I bought the "how to" books at B. Dalton books and plugged away. Then of course I did it for the military for a few years... etc.
If you like it, coding can be rewarding. Do I classify myself as "an expert"? No. I just know enough that when combined with a little common sense, I can try and help others by giving some advice that may save them some time, money and perhaps pave the way for them to becoming more computer savvy.
If you think about it, we're all students, with regard to computer, hell... life for that matter. Some of us are "A students" and some of us are hitting the keys with our palms, drooling and shitting our pants. If I can help, I will. Often, especially this subject, there is more than one answer. I just happen to think avoiding risky behavior, is much better protection than paying money to protect against a host of things you'll likely never get and costing yourself system resources to boot.
Think about it, does it make more sense to fuck disease ridden prostitutes because some company tells you their condom will prevent "most" diseases or does it make more sense not to fuck hookers. I can only decide for myself though, eh?.
<br>
<br>
-Don-
<sub>Proud member of <input type="button" value="Free Thinkers" onClick="location.href='groups.php?action=addjoin&groupid=284'"> </sub>
</p></div>
Let me address what was clearly addressed toward me, equally with 'no offense intended':
My experience is that Syamntec products are bloated, and can be very difficult to remove, as I stated. I doubt I'd have much trouble finding a *lot* of people with similar experiences.
You call it opinion if you want, I'm telling you what it is: experience. And it's not just mine. Maybe with newer products, they've changed things, but - as of when I quit using them (like *many* others) - there were good reasons for the decision to find something else.
I guarantee you that, while you may find plenty of people who don't have a problem with Symantec's products now, you can also find many who won't use them, and with good reasons based on their own experiences. And, I'll go a step further: Of the people who dislike them, the same issues I mentioned will be a factor in at least half the cases. So, call it my opinion if you want.
Now, as for the 'expert comment - albeit not necessarily directed at me, let me assure you: I'm not a 'web-ucated' mark-up language genius wanna-be; I don't even do html or any of that other stuff - mostly because I don't care to. There are already too many web-wonders out there for my taste. I know a little about software, having learned originally back in the days of assembly language and, much more recently, VB. But, I am not a 'coder', a ' hacker' or whatever the hell else. I'm not anything of the sort. In fact, my discipline proper is hardware. Educated therein, entirely in a 10-year stint courtesy of the US Navy.
However, as above - you learn from experience - and it's still one of the best teachers there are. I don't need certificates or degrees in anything to learn from what I've seen countless times. The truth speaks for itself, and it gets louder the longer you listen.
One thing for sure: Everyone makes their own choices about this (like most everything else), and everyone lives with those choices. My choice is to learn to avoid problems, because I have better shit to do than deal with them (unless someone's paying me to do so - which it happens, they do).
I am not an 'expert', necessarily, but I am a professional (meaning I am compensated for my opinions on these matters - at a professional level).
Initially, I run the same risk as anyone else of being wrong about my beliefs. But, because my livelihood depends on my expertise, if I'm wrong too severely or too often, I starve. Simple enough.
I don't recall being hungry for quite some time now. Just sayin'.
Best,
2
My experience is that Syamntec products are bloated, and can be very difficult to remove, as I stated. I doubt I'd have much trouble finding a *lot* of people with similar experiences.
You call it opinion if you want, I'm telling you what it is: experience. And it's not just mine. Maybe with newer products, they've changed things, but - as of when I quit using them (like *many* others) - there were good reasons for the decision to find something else.
I guarantee you that, while you may find plenty of people who don't have a problem with Symantec's products now, you can also find many who won't use them, and with good reasons based on their own experiences. And, I'll go a step further: Of the people who dislike them, the same issues I mentioned will be a factor in at least half the cases. So, call it my opinion if you want.
Now, as for the 'expert comment - albeit not necessarily directed at me, let me assure you: I'm not a 'web-ucated' mark-up language genius wanna-be; I don't even do html or any of that other stuff - mostly because I don't care to. There are already too many web-wonders out there for my taste. I know a little about software, having learned originally back in the days of assembly language and, much more recently, VB. But, I am not a 'coder', a ' hacker' or whatever the hell else. I'm not anything of the sort. In fact, my discipline proper is hardware. Educated therein, entirely in a 10-year stint courtesy of the US Navy.
However, as above - you learn from experience - and it's still one of the best teachers there are. I don't need certificates or degrees in anything to learn from what I've seen countless times. The truth speaks for itself, and it gets louder the longer you listen.
One thing for sure: Everyone makes their own choices about this (like most everything else), and everyone lives with those choices. My choice is to learn to avoid problems, because I have better shit to do than deal with them (unless someone's paying me to do so - which it happens, they do).
I am not an 'expert', necessarily, but I am a professional (meaning I am compensated for my opinions on these matters - at a professional level).
Initially, I run the same risk as anyone else of being wrong about my beliefs. But, because my livelihood depends on my expertise, if I'm wrong too severely or too often, I starve. Simple enough.
I don't recall being hungry for quite some time now. Just sayin'.
Best,
2
Oh, and one other thing...I believe you offered a 'case in point' regarding Symantec and removal...
Well, indulge a question, then: If the damned uninstallers they so generously provide worked so freakin' well, why do you suppose they'd *need* to provide all that manual removal instruction stuff online, hmm?
Oh, and what if the only machine you *have* is so jacked up by their "Internet Security" crap that most common user-folks can't even get it back online? Guess you won't be 'manually uninstalling' shit then, will you? Well, at least not until you can get online on some other machine.
I guess old Peter Norton finally took a hint from all the geniuses who decided that 'online manuals' and website FAQ's would be OK instead of decent printed documentation and in-person tech support. Well, it's a helluva lot cheaper to provide, anyway, huh?
Well, indulge a question, then: If the damned uninstallers they so generously provide worked so freakin' well, why do you suppose they'd *need* to provide all that manual removal instruction stuff online, hmm?
Oh, and what if the only machine you *have* is so jacked up by their "Internet Security" crap that most common user-folks can't even get it back online? Guess you won't be 'manually uninstalling' shit then, will you? Well, at least not until you can get online on some other machine.
I guess old Peter Norton finally took a hint from all the geniuses who decided that 'online manuals' and website FAQ's would be OK instead of decent printed documentation and in-person tech support. Well, it's a helluva lot cheaper to provide, anyway, huh?
<style type="text/css"> #donald a:link text-decoration: underline; color: #000000 !important; #donald a:visitedtext-decoration: underline; color: #4e6dab !important; .div1background-color:#000000 !important; width: 600px; height: 425px; position: relative; left: 0px; top: 0px; .addresseeposition: relative; left: 175 px; top: 20px; color:#384a5e; font-family: impact !important; font-size: 14pt; .maintxtcolor:#384a5e; font-family: arial !important; font-size: 10pt; text-align: justify; padding: 8px; width: 395px; height: 325px; position:relative; left: 170px; top: 30px; overflow: auto; text-indent: 1.5em; scrollbar-arrow-color:000000;scrollbar-Track-Color:384a5e;scrollbar-Highlight-Color:8395a9;scrollbar-base-color:13181e;scrollbar-Face-Color:516e8e;scrollbar-Shadow-Color:293645;scrollbar-DarkShadow-Color:13181e;</style><script>document.write('<div class="div1" style="background-image: url(ht'+'tp://img95.imageshack.us/img95/235/newbackvw1.jpg) !important">');</script><p id="donald" class="addressee">Fellas,</p><p id="donald" class="maintxt"><script>document.write('<style type="text/css"> .div1, .maintxt, .addresseecursor: url(ht'+'tp://ww'+'w.layoutmyspacecodes.com/graphics/cursors/animated/blue_lightning.a'+'ni);</style>');</script>
What I find funny is that you guys are trivializing a computer language like HTML, when most people don't know it and those that do, only know how to make text bold or change it to a different color. HTML, CSS, XML, Javascript, Actionscript, PHP and many other webscripting languages are just as complex, if not more than C++ or Visual Basic. In fact, javascript is syntaxically similar and loosely based on Java, a high-level language like C, C++, C- Sharp and Visual Basic.
Let me ask you fellas something. If web scripting is so insignificant, would you be up for a challenge? Let's say, we get have a contest. You interested? Perhaps something like this:
1) Change your profile using all CSS classes available.
2) Add a music player to your profile without using the comment blocks sent by another user.
3) Create an aesthetically pleasing forum post using HTML, CSS and Javascript, not unlike the this very post.
You see the thing is, once anyone gets a basic grasp of the syntax, <b>anyone</b> can code in any language. It doesn't matter if you read it online, have it read to you in a classroom, or you buy a book and read it on your couch. What matters is that you enjoy it.
When I first started coding, I learned actionscript 1.0 from books and because it's almost indentical to javascript in syntax, I naturally became interested in it. BTW, the trivial web languages you guys are speaking of create websites like this:
http://www.2advanced.com
I think it would be cool to see what you guys can come up with. I think I have already met the challenge on more than one occasion. I would like to see more than just you two participate in the contest, anyone is welcome, but instead of all the chest puffing, let see you two put your money where your mouths are. After all, they are just web scripting languages. I mean this sincerely, what better to get along and have fun than to experiment with code and learn from each other. There is no need for pissing contests. Let just fuckin code. LOL! People are too damn thin-skinned here. So how about it fellas? Shall we educate ourselves?
<br>
<br>
-Don-
P.S. HOT2PHUC, HTML <b>is</b> a programming language. It's function is very limited, but it serves a purpose. Whether you respect it as one, is irrelevant. It programs the browser how to display content. FYI, it take more than HTML to make these forum posts. Try HTML, CSS and javascript combined. LOL! Take the challenge, seriously.
P.S.S. Anyone interested, you have 2 days to come up with your forum entries. The profile, take a week. The clock starts Oct 6, 2007 @ 1200 hours. Make me proud fellas.
<sub>Proud member of <input type="button" value="Free Thinkers" onClick="location.href='groups.php?action=addjoin&groupid=284'"> </sub>
</p></div>
What I find funny is that you guys are trivializing a computer language like HTML, when most people don't know it and those that do, only know how to make text bold or change it to a different color. HTML, CSS, XML, Javascript, Actionscript, PHP and many other webscripting languages are just as complex, if not more than C++ or Visual Basic. In fact, javascript is syntaxically similar and loosely based on Java, a high-level language like C, C++, C- Sharp and Visual Basic.
Let me ask you fellas something. If web scripting is so insignificant, would you be up for a challenge? Let's say, we get have a contest. You interested? Perhaps something like this:
1) Change your profile using all CSS classes available.
2) Add a music player to your profile without using the comment blocks sent by another user.
3) Create an aesthetically pleasing forum post using HTML, CSS and Javascript, not unlike the this very post.
You see the thing is, once anyone gets a basic grasp of the syntax, <b>anyone</b> can code in any language. It doesn't matter if you read it online, have it read to you in a classroom, or you buy a book and read it on your couch. What matters is that you enjoy it.
When I first started coding, I learned actionscript 1.0 from books and because it's almost indentical to javascript in syntax, I naturally became interested in it. BTW, the trivial web languages you guys are speaking of create websites like this:
http://www.2advanced.com
I think it would be cool to see what you guys can come up with. I think I have already met the challenge on more than one occasion. I would like to see more than just you two participate in the contest, anyone is welcome, but instead of all the chest puffing, let see you two put your money where your mouths are. After all, they are just web scripting languages. I mean this sincerely, what better to get along and have fun than to experiment with code and learn from each other. There is no need for pissing contests. Let just fuckin code. LOL! People are too damn thin-skinned here. So how about it fellas? Shall we educate ourselves?
<br>
<br>
-Don-
P.S. HOT2PHUC, HTML <b>is</b> a programming language. It's function is very limited, but it serves a purpose. Whether you respect it as one, is irrelevant. It programs the browser how to display content. FYI, it take more than HTML to make these forum posts. Try HTML, CSS and javascript combined. LOL! Take the challenge, seriously.
P.S.S. Anyone interested, you have 2 days to come up with your forum entries. The profile, take a week. The clock starts Oct 6, 2007 @ 1200 hours. Make me proud fellas.
<sub>Proud member of <input type="button" value="Free Thinkers" onClick="location.href='groups.php?action=addjoin&groupid=284'"> </sub>
</p></div>
Hehe, wow. It's rare that I get to call the Don wrong, but I do enjoy doing it when I can. 
First: Yes, a virus can be embedded in an MP3 file. Can also be embedded in an avi, a doc, a txt, or hell, actually any file on a computer can potentially contain a virus. Don does make a valid point: if it can't execute, it can't do anything. How do you 'execute' a txt file? Well... hehe, you open it in Notepad on windows, right?
Well, lets take notepad as an example, and we'll pretend that it wasn't written to support chinese. Just good ol' american english, and some of our punctuation. So, the 254 basic ASCII characters... What would happen if I embeded a chinese (unicode) kanji (letter)?
Well, I'll tell you. Either 1) it displays some garbage, 2) it gives an error when you try to open the .txt file, or 3) it overflows the text render buffer.
Buffer wha?
This is where things get really complex. Programming is basically dealing with 3 elements: syntax, logic, and variables. Syntax is how you say it, logic is what you said, and variables is where you put it while you say it. Well, variables are buffers in computer memory. When I write a text editing program, I need to create buffers to store the text while I display each character to the screen. If I only set aside 255 bits for 1 character, and I attempt to load a 1024 bit character into that space, it just ain't gonna fit. Try pouring a gallon of milk into a 1oz thimble some time. What's it do? It overflows.
So, in case 3 it overflows the buffer. So what? The computer will often use 'null' values in memory to say "the buck stops here". Well, if you just spilled milk all over that line, your computer no longer knows where to stop reading. What does this mean to you? Well, if you're lucky, your program just crashes because the bits it read next didn't tell it to do anything meaningful. If you're not lucky, it reads past the end of the buffer into the overflow.. out of the thimble and onto the table... and where-ever a would be hacker tells it to go.
At this point, I've demonstrated how the most basic of files can contain a virus. The trick is targetting. Chances are that if a buffer overflow exploit is found in notepad, it's gonna be patched really quick. But notepad is stupid simple. What about .. oh ... I don't know .... Windows Media Player? That's an exceptionally complex piece of software, with a TON of low level unmanaged code for efficiency... What if they made a mistake in their MP3 decoding algorithm such that if I pass in too big a frame size, it overflows.... I just infected your computer via music.
Or... oh... lets say Java (http://secunia.com/advisories/23757/) . I couldn't infect your computer with my profile pic, could I? ... maybe I can...
Or.. I don't know. Lets say something primitive, and basic... part of windows... perhaps the (http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx) GDI? Now, the GDI is a core element of windows. You can barely write software of any type for windows without using the GDI. Surely microsoft would have spent the time, effort, money, and research into ensuring the GDI wasn't vulnerable to something as simple as ... oh ... a jpeg buffer overflow? Congratulations. You looked at my profile picture, and I just took control of your computer.
**********************************************************
The point? Can you put a virus in a picture? (http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx) HELL YES
Click control is -not- enough to keep you from getting viruses. Period, Dot, End of Sentence. The only SURE way to be -ABSOLUTELY CERTAIN- that you don't get a virus is an Air Gap firewall, an impregnable LEAD safe, and 24 hour surveilance... oh, and don't plug it in either.
As of right now, if you install windows xp (not sp1 or sp2) on your computer, and connect to the internet to download the security patches to protect your machine in the first place, you will be infected with a virus. No. Shit. Blaster, and Code Red from 95 are still circulating out there folks, and you can infect a computer with a virus without any interaction from the user what so ever. Sasser will pick off an unpatch XP computer on average within 19 seconds from connection to a wide open internet.
Just because your virus scanner hasn't reported a virus doesn't mean you don't have one. It means your virus scanner hasn't caught one. I've got news for ya folks. The virus writers aren't out there to crash your hard drive, or scare you by making your computer do stupid unpredictable shit. They're out there to silently install a piece of software on your machine that allows them to control it without you knowing (see (http://en.wikipedia.org/wiki/Botnet) botnets). They want to (http://en.wikipedia.org/wiki/Spyware) steal your identity and money. They sure as -hell- don't want you to know that they've succeeded.
What do you suppose the first thing is that most viruses do when they infect your machine? (http://en.wikipedia.org/wiki/Computer_virus#Stealth) HIDE THEMSELVES FROM THE ANTI-VIRUS!
There is no guarantee of safety. At best, you balance your available resources with what you consider acceptable risk. There is -no- guarantee.
With that in mind, for free, I recommend (http://www.free-av.com/) AntiVir. It doesn't bog down your system with AV-Overkill, is fairly effective at detection, and costs only the annoyance of the occasional popup asking you to get the pay version.
For pay, I recommend (http://www.kaspersky.com/) Kaspersky. Sleek, efficient, uninstalls cleanly, and most importantly, does not require an entire processor to itself, and 512mb of ram JUST TO SLEEP IN THE BACKGROUND (like Norton, or McAfee).
And I do say this as a professional. Network security is what has put bread on my table for the last 8 years.
~That 0ne Darc guy
-------------------------------------------------
Edit:
Oh, and No. HTML is -not- a "programming" language. It is a Markup language. In order for a language to be a "programming" language, it must have logic constructs (if, then,else,and,or,xor) Explicitly, to be a programming language it must control flow of execution.
Css would also not be considered a programming language.. at least not the specs as supported. There is room in there for logic constructs, but none of the major implementations support them (it's hard enough to even get them to support the core selectors...). .. unless you consider the hover decorators to be logic constructs.. but most in the industry don't.
JavaScript, definitely a programming language, based on ECMA standards.
C ... about the most low level programming language in current use. I'd only consider this a "high level" language when compared to .. oh .. Mips assembly.
C++ Slightly higher than C, because of the STL and object orientation.
All others, yup. programming languages.
-------------------------------------------------
Re-edit:
Don said "computer language" not programming language. Way too tired, heh.
First: Yes, a virus can be embedded in an MP3 file. Can also be embedded in an avi, a doc, a txt, or hell, actually any file on a computer can potentially contain a virus. Don does make a valid point: if it can't execute, it can't do anything. How do you 'execute' a txt file? Well... hehe, you open it in Notepad on windows, right?
Well, lets take notepad as an example, and we'll pretend that it wasn't written to support chinese. Just good ol' american english, and some of our punctuation. So, the 254 basic ASCII characters... What would happen if I embeded a chinese (unicode) kanji (letter)?
Well, I'll tell you. Either 1) it displays some garbage, 2) it gives an error when you try to open the .txt file, or 3) it overflows the text render buffer.
Buffer wha?
This is where things get really complex. Programming is basically dealing with 3 elements: syntax, logic, and variables. Syntax is how you say it, logic is what you said, and variables is where you put it while you say it. Well, variables are buffers in computer memory. When I write a text editing program, I need to create buffers to store the text while I display each character to the screen. If I only set aside 255 bits for 1 character, and I attempt to load a 1024 bit character into that space, it just ain't gonna fit. Try pouring a gallon of milk into a 1oz thimble some time. What's it do? It overflows.
So, in case 3 it overflows the buffer. So what? The computer will often use 'null' values in memory to say "the buck stops here". Well, if you just spilled milk all over that line, your computer no longer knows where to stop reading. What does this mean to you? Well, if you're lucky, your program just crashes because the bits it read next didn't tell it to do anything meaningful. If you're not lucky, it reads past the end of the buffer into the overflow.. out of the thimble and onto the table... and where-ever a would be hacker tells it to go.
At this point, I've demonstrated how the most basic of files can contain a virus. The trick is targetting. Chances are that if a buffer overflow exploit is found in notepad, it's gonna be patched really quick. But notepad is stupid simple. What about .. oh ... I don't know .... Windows Media Player? That's an exceptionally complex piece of software, with a TON of low level unmanaged code for efficiency... What if they made a mistake in their MP3 decoding algorithm such that if I pass in too big a frame size, it overflows.... I just infected your computer via music.
Or... oh... lets say Java (http://secunia.com/advisories/23757/) . I couldn't infect your computer with my profile pic, could I? ... maybe I can...
Or.. I don't know. Lets say something primitive, and basic... part of windows... perhaps the (http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx) GDI? Now, the GDI is a core element of windows. You can barely write software of any type for windows without using the GDI. Surely microsoft would have spent the time, effort, money, and research into ensuring the GDI wasn't vulnerable to something as simple as ... oh ... a jpeg buffer overflow? Congratulations. You looked at my profile picture, and I just took control of your computer.
**********************************************************
The point? Can you put a virus in a picture? (http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx) HELL YES
Click control is -not- enough to keep you from getting viruses. Period, Dot, End of Sentence. The only SURE way to be -ABSOLUTELY CERTAIN- that you don't get a virus is an Air Gap firewall, an impregnable LEAD safe, and 24 hour surveilance... oh, and don't plug it in either.
As of right now, if you install windows xp (not sp1 or sp2) on your computer, and connect to the internet to download the security patches to protect your machine in the first place, you will be infected with a virus. No. Shit. Blaster, and Code Red from 95 are still circulating out there folks, and you can infect a computer with a virus without any interaction from the user what so ever. Sasser will pick off an unpatch XP computer on average within 19 seconds from connection to a wide open internet.
Just because your virus scanner hasn't reported a virus doesn't mean you don't have one. It means your virus scanner hasn't caught one. I've got news for ya folks. The virus writers aren't out there to crash your hard drive, or scare you by making your computer do stupid unpredictable shit. They're out there to silently install a piece of software on your machine that allows them to control it without you knowing (see (http://en.wikipedia.org/wiki/Botnet) botnets). They want to (http://en.wikipedia.org/wiki/Spyware) steal your identity and money. They sure as -hell- don't want you to know that they've succeeded.
What do you suppose the first thing is that most viruses do when they infect your machine? (http://en.wikipedia.org/wiki/Computer_virus#Stealth) HIDE THEMSELVES FROM THE ANTI-VIRUS!
There is no guarantee of safety. At best, you balance your available resources with what you consider acceptable risk. There is -no- guarantee.
With that in mind, for free, I recommend (http://www.free-av.com/) AntiVir. It doesn't bog down your system with AV-Overkill, is fairly effective at detection, and costs only the annoyance of the occasional popup asking you to get the pay version.
For pay, I recommend (http://www.kaspersky.com/) Kaspersky. Sleek, efficient, uninstalls cleanly, and most importantly, does not require an entire processor to itself, and 512mb of ram JUST TO SLEEP IN THE BACKGROUND (like Norton, or McAfee).
And I do say this as a professional. Network security is what has put bread on my table for the last 8 years.
~That 0ne Darc guy
-------------------------------------------------
Edit:
Oh, and No. HTML is -not- a "programming" language. It is a Markup language. In order for a language to be a "programming" language, it must have logic constructs (if, then,else,and,or,xor) Explicitly, to be a programming language it must control flow of execution.
Css would also not be considered a programming language.. at least not the specs as supported. There is room in there for logic constructs, but none of the major implementations support them (it's hard enough to even get them to support the core selectors...). .. unless you consider the hover decorators to be logic constructs.. but most in the industry don't.
JavaScript, definitely a programming language, based on ECMA standards.
C ... about the most low level programming language in current use. I'd only consider this a "high level" language when compared to .. oh .. Mips assembly.
C++ Slightly higher than C, because of the STL and object orientation.
All others, yup. programming languages.
-------------------------------------------------
Re-edit:
Don said "computer language" not programming language. Way too tired, heh.
"As of right now, if you install windows xp (not sp1 or sp2) on your computer, and connect to the internet to download the security patches to protect your machine in the first place, you will be infected with a virus.
...you can infect a computer with a virus without any interaction from the user what so ever"
Well, let's see, I count two interactions in the very statement you made:
1. "you install windows xp (not sp1 or sp2) on your computer"
2. "connect to the internet to download the security patches"
Both were elective actions on the part of the user. Neither are necessary to have a working machine. The computer can do neither by itself.
Try again to find an example of how someone winds up with a virus with 'no interaction from the user whatsoever'. Mind you, you might come up with one - but the one you just cited ain't it.
Don,
I'm going to infer I'm one of the two you referred to , and graciously decline the challenge you offered. As I said, I don't do any of that html stuff. Just not my thing. I think it's great for those who do, and none of my comments were intended to offend.
Now, if you want simple chest-pounding, let's get down to some micro-miniature board work *hehe* I don't wanna brag here, but since we are pounding our chests, let me say this: If the good Lord almighty wanted to learn how to do micro-min work, he'd come down here and ask me to teach him He'd probably also stay long enough to awe at some of the million or so other way cool things I've done with hardware and computers in my time
How's that for braggin'? *lol*
...you can infect a computer with a virus without any interaction from the user what so ever"
Well, let's see, I count two interactions in the very statement you made:
1. "you install windows xp (not sp1 or sp2) on your computer"
2. "connect to the internet to download the security patches"
Both were elective actions on the part of the user. Neither are necessary to have a working machine. The computer can do neither by itself.
Try again to find an example of how someone winds up with a virus with 'no interaction from the user whatsoever'. Mind you, you might come up with one - but the one you just cited ain't it.
Don,
I'm going to infer I'm one of the two you referred to , and graciously decline the challenge you offered. As I said, I don't do any of that html stuff. Just not my thing. I think it's great for those who do, and none of my comments were intended to offend.
Now, if you want simple chest-pounding, let's get down to some micro-miniature board work *hehe* I don't wanna brag here, but since we are pounding our chests, let me say this: If the good Lord almighty wanted to learn how to do micro-min work, he'd come down here and ask me to teach him
He'd probably also stay long enough to awe at some of the million or so other way cool things I've done with hardware and computers in my time How's that for braggin'? *lol*
I know there are alot out there that prefer the bigger virus protection like norton and mccafee.
and for the most part i agree, they are well established companies and have been making good stuff for years. Since they are the most common however, 90% of viruses are designed and built to get around them. never hurts to have a little not so well known backup plan
and for the most part i agree, they are well established companies and have been making good stuff for years. Since they are the most common however, 90% of viruses are designed and built to get around them. never hurts to have a little not so well known backup plan
SNS2N1, now you're just getting into semantics. The act of purchasing a computer is an interaction. Ownership of a computer by it's very procurement is an interaction. Your statement is worthless towards any point, because all you're basically saying is "You have to interact with your computer in order to use it!"
Congratulations. I'm glad you've figured this out.
But, I guess I can't expect every reader to draw implicit lines, so I'll be explicit:
--------------
A user does not need to commit an action that would under normal circumstances be generally accepted to cause malicious logic to execute upon their machine in order to have said malicious logic execute upon their machine.
--------------
or, you could just slightly restate my original axiom:
--------------
you can infect a computer with a virus without any interaction from the user what so ever
--------------
As
--------------
you can infect a computer with a virus without any interaction from the user ... with the virus, or it's writer.. what so ever
--------------
Or even better
--------------
A user need not affect any action to a machine except to turn it on for it to be a potential for virus infection.
--------------
If you do nothing more than remove your computer from the box in which it came, and set it up in accordance with the manuals that accompanied it, you may get a virus (this is of course considering that most user manuals instruct the user to plug the internet connection into the LAN connection). Now, I'm not saying open Internet Explorer at any point. I'm also not saying to click on anything that didn't ship with the machine in the first place. The mere fact that the machine is exposed to the internet in any way makes it vulnerable to remote exploitation.
And here's an example of the machine getting infected with zero interaction from the user. Machine gets infected with the SASSER virus.
There, no interaction with the user. User isn't even mentioned. The machine was online, and so the virus took advantage of a vulnerable implementation of LSASS, thereby compromising the integrity of the machine.
Or hell, if you want to argue that "Well, the fact that the computer was on the internet was an interaction, .. uh .. and duh.. uh .. since it was turned on at all, that's an interaction too!" I would argue that if you cannot turn the machine on, it is not a working machine. It is the very definition of non-working: the fucker is powered down.
Here's a more salient one for you. HP for the longest time has shipped it's laptops with WiFi enabled, and network auto-discovery enabled by default. What does this mean? You turn the computer on, and if it picks up a WiFi signal, it connects to the internet. All the user does is press the power button.
So, in our little scenario, you end up being dead wrong. Your statement:
"Both were elective actions on the part of the user. Neither are necessary to have a working machine. The computer can do neither by itself."
becomes explicitly incorrect for one simple sentence: "Neither are necessary to have a working machine"
Yes, my friend. In order to have a working machine, it needs to be turned on. I'm not sure if that statement is too far above you, so let me grab the definition of work:
"cause to operate or function; "This pilot works the controls"; "Can you work an electric drill?""
If it is not "operating" or "functioning" it is not "working".
Gaah..
Sorry everyone, don't mean to be an ass... but nothing pisses me off more than pedantry.. unless it's blatantly false pedantry that misleads one to a false sense of safety.
Congratulations. I'm glad you've figured this out.
But, I guess I can't expect every reader to draw implicit lines, so I'll be explicit:
--------------
A user does not need to commit an action that would under normal circumstances be generally accepted to cause malicious logic to execute upon their machine in order to have said malicious logic execute upon their machine.
--------------
or, you could just slightly restate my original axiom:
--------------
you can infect a computer with a virus without any interaction from the user what so ever
--------------
As
--------------
you can infect a computer with a virus without any interaction from the user ... with the virus, or it's writer.. what so ever
--------------
Or even better
--------------
A user need not affect any action to a machine except to turn it on for it to be a potential for virus infection.
--------------
If you do nothing more than remove your computer from the box in which it came, and set it up in accordance with the manuals that accompanied it, you may get a virus (this is of course considering that most user manuals instruct the user to plug the internet connection into the LAN connection). Now, I'm not saying open Internet Explorer at any point. I'm also not saying to click on anything that didn't ship with the machine in the first place. The mere fact that the machine is exposed to the internet in any way makes it vulnerable to remote exploitation.
And here's an example of the machine getting infected with zero interaction from the user. Machine gets infected with the SASSER virus.
There, no interaction with the user. User isn't even mentioned. The machine was online, and so the virus took advantage of a vulnerable implementation of LSASS, thereby compromising the integrity of the machine.
Or hell, if you want to argue that "Well, the fact that the computer was on the internet was an interaction, .. uh .. and duh.. uh .. since it was turned on at all, that's an interaction too!" I would argue that if you cannot turn the machine on, it is not a working machine. It is the very definition of non-working: the fucker is powered down.
Here's a more salient one for you. HP for the longest time has shipped it's laptops with WiFi enabled, and network auto-discovery enabled by default. What does this mean? You turn the computer on, and if it picks up a WiFi signal, it connects to the internet. All the user does is press the power button.
So, in our little scenario, you end up being dead wrong. Your statement:
"Both were elective actions on the part of the user. Neither are necessary to have a working machine. The computer can do neither by itself."
becomes explicitly incorrect for one simple sentence: "Neither are necessary to have a working machine"
Yes, my friend. In order to have a working machine, it needs to be turned on. I'm not sure if that statement is too far above you, so let me grab the definition of work:
"cause to operate or function; "This pilot works the controls"; "Can you work an electric drill?""
If it is not "operating" or "functioning" it is not "working".
Gaah..
Sorry everyone, don't mean to be an ass... but nothing pisses me off more than pedantry.. unless it's blatantly false pedantry that misleads one to a false sense of safety.
SNS2N1, it was meant for you and anyone else that wants to code. I was not offended at all by what you wrote. :-) The challenge was for fun and to try and turn a pissing match into something fun. I was trying to be a diplomat. I took no offense by anything that was being said. As I said before, I've got 8+ years coding experience in multiple languages. My dick is big enough in my own mind, that I'll not take part in this ego sword fight. I was just trying to get too guys that were bickering to put their money where their mouths were and show their shit. Do reconsider, this could be fun man. Hell, I can even help you guys out. ;-)
Alex, if you look, I didn't deny that an MP3 could "carry" the virus. I <b>did</b> say that it has to be executed. Look at the next post. You can rename any file to anything, but you'd have to be retarded to execute it. You can hide files within files as well. There are plenty of programs that allow you to hide data within JPG's with an unlock key.
If MP3 buffer virii were an issue, I would be getting virii all the time on my p2p (limewire). Most of the Buffer Overrun / stack overflow vulnerabilities were dispatched ages ago. If it were possible with today's patches in place, people would be doing it now. It just doesn't and can't happen with people smart and motivated enough to avoid it. So unless you can convince people to rename their file with an .exe, I think you are shit out of luck. :-) Again, 16 months virus free here. No anti-virus here.
Regarding "languages", I think it's a matter of perspective. "Programming" is issuing commands to the computer. By definition, when you tell the browser to make the font on a page red, you are giving it a command.
http://www.cs.tut.fi/~jkorpela/prog.html
While the author of the article above sides with your stance ultimately, he/she states that mark-up language can be considered and is often referred to as a programming language. Because in some aspects it does execute commands. It's all a matter of perspective. HTML is by no means anywhere near C++ or Java in regard to complexity and because it's function is to display text and content in a browser and not execute higher processes like math, dynamic layout or even a compiled, self-contained, independently executing program. However, HTML does program or command the browser to display data as described in the code. If one were a fox (HTML) and the other a wolf (C++), they're both still dogs. One is just bigger and meaner than the other.
-D-
Alex, if you look, I didn't deny that an MP3 could "carry" the virus. I <b>did</b> say that it has to be executed. Look at the next post. You can rename any file to anything, but you'd have to be retarded to execute it. You can hide files within files as well. There are plenty of programs that allow you to hide data within JPG's with an unlock key.
If MP3 buffer virii were an issue, I would be getting virii all the time on my p2p (limewire). Most of the Buffer Overrun / stack overflow vulnerabilities were dispatched ages ago. If it were possible with today's patches in place, people would be doing it now. It just doesn't and can't happen with people smart and motivated enough to avoid it. So unless you can convince people to rename their file with an .exe, I think you are shit out of luck. :-) Again, 16 months virus free here. No anti-virus here.
Regarding "languages", I think it's a matter of perspective. "Programming" is issuing commands to the computer. By definition, when you tell the browser to make the font on a page red, you are giving it a command.
http://www.cs.tut.fi/~jkorpela/prog.html
While the author of the article above sides with your stance ultimately, he/she states that mark-up language can be considered and is often referred to as a programming language. Because in some aspects it does execute commands. It's all a matter of perspective. HTML is by no means anywhere near C++ or Java in regard to complexity and because it's function is to display text and content in a browser and not execute higher processes like math, dynamic layout or even a compiled, self-contained, independently executing program. However, HTML does program or command the browser to display data as described in the code. If one were a fox (HTML) and the other a wolf (C++), they're both still dogs. One is just bigger and meaner than the other.
-D-
Don, thanks, but I really don't get into it all that much. I admire people who exhibit skill in that area, and have often thought I'd have a go...but, I haven't as yet. Maybe when I do, I'll come back and learn some things here.
Darc, what you said was pretty damned explicit, and I busted your ass on it. Stop fucking whining about it.
And, now who's playing fucking word games, sport? You said:
"A user need not affect any action to a machine except to turn it on for it to be a potential for virus infection".
I noticed you slid the word "potential" in there...nice. When you used "potential" in your statement, you're speculating. Unfortunately, you're still wrong, in essence: There is no definite threat until some further action is taken by the user.
So, I can play word games too - by simply stating that a computer is *NOT* at risk *just because* it's fucking turned on.
All computers, dickhead, have the "potential" to be infected by a virus by nature of their function - a point I made far earlier in this thread. You'd know this, if you'd have bothered to read it.
My mother was a English teacher. Let me assure you: I know semantics, and what I said is *not* simply sematic. You're just pissed I caught you making a stupid statement. Get over it.
I also said far earlier "Remove all external connections of any kind, and make sure that no executable code is introduced, and you CANNOT get a virus, period".
The point you're trying so hard to deny me was made far earlier in the thread. Maybe you should read the whole of someone's comments before judging.
My point is completely meaningful toward the concept that the human interaction is exactly what causes the fucking machine to experience the problem.
So, please - shut the fuck up if you have nothing meaningful to contribute that hasn't already been stated.
Darc, what you said was pretty damned explicit, and I busted your ass on it. Stop fucking whining about it.
And, now who's playing fucking word games, sport? You said:
"A user need not affect any action to a machine except to turn it on for it to be a potential for virus infection".
I noticed you slid the word "potential" in there...nice. When you used "potential" in your statement, you're speculating. Unfortunately, you're still wrong, in essence: There is no definite threat until some further action is taken by the user.
So, I can play word games too - by simply stating that a computer is *NOT* at risk *just because* it's fucking turned on.
All computers, dickhead, have the "potential" to be infected by a virus by nature of their function - a point I made far earlier in this thread. You'd know this, if you'd have bothered to read it.
My mother was a English teacher. Let me assure you: I know semantics, and what I said is *not* simply sematic. You're just pissed I caught you making a stupid statement. Get over it.
I also said far earlier "Remove all external connections of any kind, and make sure that no executable code is introduced, and you CANNOT get a virus, period".
The point you're trying so hard to deny me was made far earlier in the thread. Maybe you should read the whole of someone's comments before judging.
My point is completely meaningful toward the concept that the human interaction is exactly what causes the fucking machine to experience the problem.
So, please - shut the fuck up if you have nothing meaningful to contribute that hasn't already been stated.
Easy fellas. This issue is a matter of preference. There is no "right" or "wrong". Everyone has their way of doing shit. However, if you guys are going to continue, let me pop some corn. LOL!
-D-
-D-
Wow...I'm totally kicking myself in the ass, and I'm gonna be doing it yet again after the first kick (because I'm actually responding to this).
Yet another 5 minutes of my life that I will never get back after reading this thread; there is nothing useful or constructive, but alot of wall-washing with testosterone paint going on. Despite what the originator of the thread had intended, it has yet been dragged down to the depths of machisimo.
Maybe I'll look for a thread about nail polish color or the latest cross-stitching techniques. I'd probably not feel it such a loss....
Yet another 5 minutes of my life that I will never get back after reading this thread; there is nothing useful or constructive, but alot of wall-washing with testosterone paint going on. Despite what the originator of the thread had intended, it has yet been dragged down to the depths of machisimo.
Maybe I'll look for a thread about nail polish color or the latest cross-stitching techniques. I'd probably not feel it such a loss....
thoughtgarden. thanks for pointing out that the original question was totally lost in the bullshit. i still dont have a sensible answer. symantec is the firewall here and it doesnt seem to do the job.
<blockquote>
<p style="margin-bottom: 0">
<!--StartFragment-->
<em>Darc, what you said was pretty damned explicit, and I busted your ass on it. Stop fucking whining about it.</em></p>
</blockquote>
<p> I'm guessing that you and I have two widely disparate definitions of "whining". Miriam-Webster's tells us that whining, when used in this case as a transitive verb, means:
to utter or express with or as if with a whine. Now, I have children.. I know what whining sounds like. Now if you're reading the words I've written, and you're hearing a whining tone, either you're a whiney person yourself (because we tend to frame people in terms of ourselves), or you spend a lot of time listening to whiney people.</p>
<blockquote>
<p>
<em>I noticed you slid the word "potential" in there...nice. When you used "potential" in your statement, you're speculating.</em> </p>
</blockquote>
<p>Nice straw man here. The use of the word "potential" is generally implied when dealing with computer security. A person rarely says "You will get a virus if you don't use anti-virus" and means "You will absolutely beyond the shadow of a doubt get a virus ..." The term "exceptionally high probability" ends up being implied. Hell, there's hardly anything that anyone says that isn't a matter of probability, as opposed to certainty; even though the syntax of their words imply certainty.</p>
<p>It's funny though that you say "potential" implies speculation. Like saying, "voltage implies that current might flow... but we're not really sure." Potential is the capacity for something to happen, not the speculation that it might. As the child of an English teacher, I'd think you would know that. </p>
<blockquote>
<p><em>Unfortunately, you're still wrong, in essence: There is no definite threat until some further action is taken by the user.
</em></p>
</blockquote>
<p>No further action is generally required on the part of the user. With Vista, lately, it hasn't been as much of a problem. But purchasing a machine with windows XP about 2 years ago, following the manual, and turning it on generally meant you had an "exceptionally high probability" of getting a virus. This is because the manual in almost all cases instructs you on how to connect the machine to your broadband. If your OEM image on the hard drive is Windows XP SP2, with no security roll-up disk, connecting your computer to your broadband in accordance with the manual will expose you to an "exceptionally high probability" of infection. That's without you even bothering to create your initial user account; and as such committing further action after turning it on. To get more spun up on this, as you could clearly use it, get yourself a copy of the Metasploit Framework (http://www.metasploit.com/), and play around with a prefab (like Dell, or HP) computer with Windows XP. Just wipe it back to factory, and see how easy it is to infect just by turning it on, and plugging it in to the network (being connected to the network is part of the machine's core functionality. Sure, you can use it without connecting to the network, but it's not fully working if you don't have network access. If you don't believe me on this, turn off your spouse's network access and try explaining to them that their computer works just fine.)</p>
<p>As a matter of fact, action is required on part of the user to mitigate the threat. If you turn on a computer that has a deprecated lsass.dll, there's an "exceptionally high probability" that you will get a virus. That's why anti-virus exists. It's not there to keep stupid people from opening files of unknown origin (though it is increasingly being used and marketed as such). </p>
<blockquote>
<p>
<em>So, I can play word games too - by simply stating that a computer is *NOT* at risk *just because* it's fucking turned on. </em></p>
</blockquote>
<p>Actually, a computer *IS* at risk, merely because it's turned on; as I demonstrated in the earlier post. You would know this if you'd synthesized the information presented. There are some more elegant attacks out there that enable you to compromise a machine using electromagnetic induction, but that's less of a computer virus vector; though it could be used as such. All you need in order to execute such an attack is for the machine to be on. </p>
<blockquote>
<p>
<em>All computers, dickhead, have the "potential" to be infected by a virus by nature of their function - a point I made far earlier in this thread. You'd know this, if you'd have bothered to read it.</em> </p>
</blockquote>
<p>Are you just contradicting yourself for fun here? Or are you hoping that your statement here actually makes sense in light of what you just said?</p>
<p>-...a computer is *NOT* at risk *just because* it's fucking turned on ...</p>
<p>-...All computers ... have the "potential" to be infected by a virus by nature of their function ...</p>
<p>Is this some kind of weird attempt at a Jedi mind trick? Or maybe this is some kind of affectation to
Kurt G
<p style="margin-bottom: 0">
<!--StartFragment-->
<em>Darc, what you said was pretty damned explicit, and I busted your ass on it. Stop fucking whining about it.</em></p>
</blockquote>
<p> I'm guessing that you and I have two widely disparate definitions of "whining". Miriam-Webster's tells us that whining, when used in this case as a transitive verb, means:
to utter or express with or as if with a whine. Now, I have children.. I know what whining sounds like. Now if you're reading the words I've written, and you're hearing a whining tone, either you're a whiney person yourself (because we tend to frame people in terms of ourselves), or you spend a lot of time listening to whiney people.</p>
<blockquote>
<p>
<em>I noticed you slid the word "potential" in there...nice. When you used "potential" in your statement, you're speculating.</em> </p>
</blockquote>
<p>Nice straw man here. The use of the word "potential" is generally implied when dealing with computer security. A person rarely says "You will get a virus if you don't use anti-virus" and means "You will absolutely beyond the shadow of a doubt get a virus ..." The term "exceptionally high probability" ends up being implied. Hell, there's hardly anything that anyone says that isn't a matter of probability, as opposed to certainty; even though the syntax of their words imply certainty.</p>
<p>It's funny though that you say "potential" implies speculation. Like saying, "voltage implies that current might flow... but we're not really sure." Potential is the capacity for something to happen, not the speculation that it might. As the child of an English teacher, I'd think you would know that. </p>
<blockquote>
<p><em>Unfortunately, you're still wrong, in essence: There is no definite threat until some further action is taken by the user.
</em></p>
</blockquote>
<p>No further action is generally required on the part of the user. With Vista, lately, it hasn't been as much of a problem. But purchasing a machine with windows XP about 2 years ago, following the manual, and turning it on generally meant you had an "exceptionally high probability" of getting a virus. This is because the manual in almost all cases instructs you on how to connect the machine to your broadband. If your OEM image on the hard drive is Windows XP SP2, with no security roll-up disk, connecting your computer to your broadband in accordance with the manual will expose you to an "exceptionally high probability" of infection. That's without you even bothering to create your initial user account; and as such committing further action after turning it on. To get more spun up on this, as you could clearly use it, get yourself a copy of the Metasploit Framework (http://www.metasploit.com/), and play around with a prefab (like Dell, or HP) computer with Windows XP. Just wipe it back to factory, and see how easy it is to infect just by turning it on, and plugging it in to the network (being connected to the network is part of the machine's core functionality. Sure, you can use it without connecting to the network, but it's not fully working if you don't have network access. If you don't believe me on this, turn off your spouse's network access and try explaining to them that their computer works just fine.)</p>
<p>As a matter of fact, action is required on part of the user to mitigate the threat. If you turn on a computer that has a deprecated lsass.dll, there's an "exceptionally high probability" that you will get a virus. That's why anti-virus exists. It's not there to keep stupid people from opening files of unknown origin (though it is increasingly being used and marketed as such). </p>
<blockquote>
<p>
<em>So, I can play word games too - by simply stating that a computer is *NOT* at risk *just because* it's fucking turned on. </em></p>
</blockquote>
<p>Actually, a computer *IS* at risk, merely because it's turned on; as I demonstrated in the earlier post. You would know this if you'd synthesized the information presented. There are some more elegant attacks out there that enable you to compromise a machine using electromagnetic induction, but that's less of a computer virus vector; though it could be used as such. All you need in order to execute such an attack is for the machine to be on. </p>
<blockquote>
<p>
<em>All computers, dickhead, have the "potential" to be infected by a virus by nature of their function - a point I made far earlier in this thread. You'd know this, if you'd have bothered to read it.</em> </p>
</blockquote>
<p>Are you just contradicting yourself for fun here? Or are you hoping that your statement here actually makes sense in light of what you just said?</p>
<p>-...a computer is *NOT* at risk *just because* it's fucking turned on ...</p>
<p>-...All computers ... have the "potential" to be infected by a virus by nature of their function ...</p>
<p>Is this some kind of weird attempt at a Jedi mind trick? Or maybe this is some kind of affectation to
Kurt G
<blockquote>
<em>
<p>
anyone been hit with trojan "anti vira" it just crept up on this computer
</p>
</em>
</blockquote>
<p>
No, I haven't had any experience with this trojan. A quick google seems to show that "anti vira" is commonly used as the plural form of anti virus. Are you sure anti vira is the trojan name?
</p>
<em>
<p>
anyone been hit with trojan "anti vira" it just crept up on this computer
</p>
</em>
</blockquote>
<p>
No, I haven't had any experience with this trojan. A quick google seems to show that "anti vira" is commonly used as the plural form of anti virus. Are you sure anti vira is the trojan name?
</p>
<blockquote>
<p><em>Alex, if you look, I didn't deny that an MP3 could "carry" the virus. I <strong>did</strong> say that it has to be executed. Look at the next post. You can rename any file to anything, but you'd have to be retarded to execute it. You can hide files within files as well. There are plenty of programs that allow you to hide data within JPG's with an unlock key. <br />
</em><br />
<em>If MP3 buffer virii were an issue, I would be getting virii all the time on my p2p (limewire). Most of the Buffer Overrun / stack overflow vulnerabilities were dispatched ages ago. If it were possible with today's patches in place, people would be doing it now. It just doesn't and can't happen with people smart and motivated enough to avoid it. So unless you can convince people to rename their file with an .exe, I think you are shit out of luck. Again, 16 months virus free here. No anti-virus here. <br />
<br />
</em></p>
</blockquote>
<p>Don, buffer overflows and stack smashing are the bread and butter of not only exploits of ages past, but of today. Sure, there have been a preponderance of trojans these days (mostly due to social networking, and the fact that the uninitiated are the norm), but the buffer overrun/overflow is the golden standard. Hell, here are a few recent buffer overflow/overrun attack vectors:</p>
<ul>
<li>http://www.securityfocus.com/bid/25938/info disclosed 10/05/2007</li>
<li>http://www.securityfocus.com/bid/25831/info for you linux folks, disclosed 10/05/2007</li>
<li>http://www.securityfocus.com/bid/19793/info For mobile and PSP users, disclosed 8/31/2006 and still open... with working exploits in the wild (like the iPhone) </li>
</ul>
<p>And, just for fun, here's an Mp3 buffer overrun vulnerability allowing arbitrary code execution: http://www.securityfocus.com/bid/6427/info . Sure, it was published in 2002, and corrected shortly thereafter: but it's not corrected in Windows XP SP1 or prior. Take a look at some OS usage statistics, and you'll find there are plenty of people still using XP and XP SP1, which makes this a current and valid vulnerability. No, this is not some social engineering hack that "tricks" you into opening a file thinking it's an mp3, but really it's an exe. This is using a malformed mp3 file that triggers a flaw in Windows, which allows it to execute arbitrary code.. meaning whatever code a hacker wants it to execute. Now, before you go on about executing code, opening a file of any kind is executing code. Nice thing about this particular vulnerability is that you don't even open the file: windows does it for you automagically. You just have to have it on your computer, and browse to the directory it lives in. No clicking on the file is even necessary. </p>
<p>Now, the astitute reader will note that with the above, there are no known exploits for the vulnerability. What this means is that if someone managed to take advantage of this security hole, they were never caught. It doesn't mean no one took advantage of it. </p>
<p>But this one is even better, and just a few months ago even. What's better than that? It's still open, and there is example exploit code available for anyone to use. http://www.securityfocus.com/bid/23756/exploit . Now, Don, you don't by chance have the Atomix MP3 player available at http://www.atomixmp3.com/ do you? Because if you do, in a few short minutes I can send you an mp3 file that, should you be unfortunate enough to find it in your posession, will install a virus on your PC when you try to play it. Note, I'm not saying when you double click on it. I'm saying when you open Atomix MP3, and it automatically finds the mp3's on your computer for you, and hits this particular one during a random shuffle. This exploit was discovered in May of 2007. Seems pretty recent to me. Go ahead and grab Atomix Mp3, Don. It can be the first time you've ever contracted a virus from an Mp3 file. </p>
<p>For those who don't deal with network security very often, a vulnerability is just that: a vulnerability. It means that you could be attacked at that point. The virus that performs the attack is inconsequential, because you could rewrite nearly any virus to use an existing vulnerability. It's all based on whether the thing fits in the available memory. </p>
<p>Trojans aren't generally based on vulnerabilities. They're based on tricking you, the user, into doing something you think is innocuous, but really isn't. Such as renaming TakesControlOfYourComputer.exe to TheBestMp3.mp3.exe. It looks like an mp3, but it's an exe. No, that's a social engineering hack, and the vulnerability is you, the user.</p>
<p>Vulnerabilities, and the code that exploits them are much more fun: because they take advantage of the fact that user interaction isn't necessary. With the SASSER worm, the exploit was beautiful because it spread across the net without people even knowing they had it. These people didn't get tricked into clicking something, they just made the mistake of leaving their computers connected to the internet with port 139 or 445 open. </p>
<p>How many of you normal computer users knew that you should close ports 139 and 445? They are, after all, open by default.</p>
<p>The effects of this particular worm were cataclysmic. It was a beautiful thing. The wikipedia article is worth the read, but not much of a substitute for actually dealing with the thing spreading on your own network. (because all patches had to be vetted by the NOSC before being applied, and we got hit before they were done vetting).</p>
<p>Why do I talk at such length on subjects like this? Because talk is cheap: experience is expensive. I talk in the hopes that I'll save someone else that reads this the experience. Having your identity stolen isn't fun (hasn't happened to me, but has to a family member who didn't believe me that JPG files could contain viruses) </p>
<p><em>Alex, if you look, I didn't deny that an MP3 could "carry" the virus. I <strong>did</strong> say that it has to be executed. Look at the next post. You can rename any file to anything, but you'd have to be retarded to execute it. You can hide files within files as well. There are plenty of programs that allow you to hide data within JPG's with an unlock key. <br />
</em><br />
<em>If MP3 buffer virii were an issue, I would be getting virii all the time on my p2p (limewire). Most of the Buffer Overrun / stack overflow vulnerabilities were dispatched ages ago. If it were possible with today's patches in place, people would be doing it now. It just doesn't and can't happen with people smart and motivated enough to avoid it. So unless you can convince people to rename their file with an .exe, I think you are shit out of luck. Again, 16 months virus free here. No anti-virus here. <br />
<br />
</em></p>
</blockquote>
<p>Don, buffer overflows and stack smashing are the bread and butter of not only exploits of ages past, but of today. Sure, there have been a preponderance of trojans these days (mostly due to social networking, and the fact that the uninitiated are the norm), but the buffer overrun/overflow is the golden standard. Hell, here are a few recent buffer overflow/overrun attack vectors:</p>
<ul>
<li>http://www.securityfocus.com/bid/25938/info disclosed 10/05/2007</li>
<li>http://www.securityfocus.com/bid/25831/info for you linux folks, disclosed 10/05/2007</li>
<li>http://www.securityfocus.com/bid/19793/info For mobile and PSP users, disclosed 8/31/2006 and still open... with working exploits in the wild (like the iPhone) </li>
</ul>
<p>And, just for fun, here's an Mp3 buffer overrun vulnerability allowing arbitrary code execution: http://www.securityfocus.com/bid/6427/info . Sure, it was published in 2002, and corrected shortly thereafter: but it's not corrected in Windows XP SP1 or prior. Take a look at some OS usage statistics, and you'll find there are plenty of people still using XP and XP SP1, which makes this a current and valid vulnerability. No, this is not some social engineering hack that "tricks" you into opening a file thinking it's an mp3, but really it's an exe. This is using a malformed mp3 file that triggers a flaw in Windows, which allows it to execute arbitrary code.. meaning whatever code a hacker wants it to execute. Now, before you go on about executing code, opening a file of any kind is executing code. Nice thing about this particular vulnerability is that you don't even open the file: windows does it for you automagically. You just have to have it on your computer, and browse to the directory it lives in. No clicking on the file is even necessary. </p>
<p>Now, the astitute reader will note that with the above, there are no known exploits for the vulnerability. What this means is that if someone managed to take advantage of this security hole, they were never caught. It doesn't mean no one took advantage of it. </p>
<p>But this one is even better, and just a few months ago even. What's better than that? It's still open, and there is example exploit code available for anyone to use. http://www.securityfocus.com/bid/23756/exploit . Now, Don, you don't by chance have the Atomix MP3 player available at http://www.atomixmp3.com/ do you? Because if you do, in a few short minutes I can send you an mp3 file that, should you be unfortunate enough to find it in your posession, will install a virus on your PC when you try to play it. Note, I'm not saying when you double click on it. I'm saying when you open Atomix MP3, and it automatically finds the mp3's on your computer for you, and hits this particular one during a random shuffle. This exploit was discovered in May of 2007. Seems pretty recent to me. Go ahead and grab Atomix Mp3, Don. It can be the first time you've ever contracted a virus from an Mp3 file. </p>
<p>For those who don't deal with network security very often, a vulnerability is just that: a vulnerability. It means that you could be attacked at that point. The virus that performs the attack is inconsequential, because you could rewrite nearly any virus to use an existing vulnerability. It's all based on whether the thing fits in the available memory. </p>
<p>Trojans aren't generally based on vulnerabilities. They're based on tricking you, the user, into doing something you think is innocuous, but really isn't. Such as renaming TakesControlOfYourComputer.exe to TheBestMp3.mp3.exe. It looks like an mp3, but it's an exe. No, that's a social engineering hack, and the vulnerability is you, the user.</p>
<p>Vulnerabilities, and the code that exploits them are much more fun: because they take advantage of the fact that user interaction isn't necessary. With the SASSER worm, the exploit was beautiful because it spread across the net without people even knowing they had it. These people didn't get tricked into clicking something, they just made the mistake of leaving their computers connected to the internet with port 139 or 445 open. </p>
<p>How many of you normal computer users knew that you should close ports 139 and 445? They are, after all, open by default.</p>
<p>The effects of this particular worm were cataclysmic. It was a beautiful thing. The wikipedia article is worth the read, but not much of a substitute for actually dealing with the thing spreading on your own network. (because all patches had to be vetted by the NOSC before being applied, and we got hit before they were done vetting).</p>
<p>Why do I talk at such length on subjects like this? Because talk is cheap: experience is expensive. I talk in the hopes that I'll save someone else that reads this the experience. Having your identity stolen isn't fun (hasn't happened to me, but has to a family member who didn't believe me that JPG files could contain viruses) </p>
That's why we use Linux
First off, I'm with ThoughtGarden that I shouldn't even respond to this yet again, but one or two things prompt me to.
First, TR, thanks for the challenge, but at this point, I will have to turn it down for now. I may take it up in the near future, but I will say that just the fact that it's possible on this site concerns me due to a very real likelyhood for exploitation of a cross site scripting vulnerability similar to Myspace and other sites that got torn up by them. That said, I'll drop that topic as I personally feel it's not one sites issue only, and needs to be dealt with by O/S vendors and all others involved.
Now as for SNS, your issue and offense is solely yours as all I did is offer a counter argument. As such, I am much like TR that I prefer a debate where no offense is taken or meant and if your feelings are hurt, it's not my intent and I will not feel bad for doing so. Your opinion is noted, and I respect it for what it is. You yourself even said your a hardware kind of person and as such, I will give your hardware knowledge all it's due. I do have to say though I find it sad that you must resort to name calling just because you felt slighted. But I know what I equate that to in my mind and I feel no shame in my handling of the situation.
Darc, your points are valid, and did not go unheard, however to hide from every potential vulnerability out there is counter productive and as someone that stated they are in network security I expect you to know this. That doesn't mean I discount your statements, you obviously are no dummy and I respect your knowledge, but please don't forget to insert sanity back into the fray. Don't forget you may not be speaking to an audience that has security experience and as such much of this becomes FUD instead of a well round risk threshold for the users of systems. If all you do is scare the shit out of all the system owners you work your way right out of a job.
Next, Darc and TR are both right, HTML is a computer language but not a programming language. The semantics of that distinction I don't care to debate, but it is true regardless. Now bear in mind I don't trivialize HTML, it's purpose is clear and it isn't something that is hard to learn, but bear with me on one point on it's "language status". Learning it offers very little insight into the actual operations of a system, vice learning how to actually take input and render output in an executable. Web coding caries value, and I do not diminish that fact. It is a mainstay in our economy now as a matter of fact. My only point is that someone who can code a web page is not what I am looking for when I am interviewing for system admins and security professionals. In fact I personally feel there is 3 types of IT folk, those that can sys admin, those that can code, and those in between that can do both.
I can say both TR and Darc I would love to meet in person someday, as I feel a fun and healthy debate would be had by all. I particularly like the sword play comment made by TR in that I have no ego that needs stroked in this forum. I have coded in many languages, and have no need to prove so. I also agree that the "pissing match" itself is bogus, however should it continue, I'm more than happy to watch it as a form of entertainment.
Lastly, I'm sure someone with get all pissed because I somehow slighted them, and if so, I am sorry. But I offer this as purely clarification to an already muddled topic. No offense meant, and none taken.
First, TR, thanks for the challenge, but at this point, I will have to turn it down for now. I may take it up in the near future, but I will say that just the fact that it's possible on this site concerns me due to a very real likelyhood for exploitation of a cross site scripting vulnerability similar to Myspace and other sites that got torn up by them. That said, I'll drop that topic as I personally feel it's not one sites issue only, and needs to be dealt with by O/S vendors and all others involved.
Now as for SNS, your issue and offense is solely yours as all I did is offer a counter argument. As such, I am much like TR that I prefer a debate where no offense is taken or meant and if your feelings are hurt, it's not my intent and I will not feel bad for doing so. Your opinion is noted, and I respect it for what it is. You yourself even said your a hardware kind of person and as such, I will give your hardware knowledge all it's due. I do have to say though I find it sad that you must resort to name calling just because you felt slighted. But I know what I equate that to in my mind and I feel no shame in my handling of the situation.
Darc, your points are valid, and did not go unheard, however to hide from every potential vulnerability out there is counter productive and as someone that stated they are in network security I expect you to know this. That doesn't mean I discount your statements, you obviously are no dummy and I respect your knowledge, but please don't forget to insert sanity back into the fray. Don't forget you may not be speaking to an audience that has security experience and as such much of this becomes FUD instead of a well round risk threshold for the users of systems. If all you do is scare the shit out of all the system owners you work your way right out of a job.
Next, Darc and TR are both right, HTML is a computer language but not a programming language. The semantics of that distinction I don't care to debate, but it is true regardless. Now bear in mind I don't trivialize HTML, it's purpose is clear and it isn't something that is hard to learn, but bear with me on one point on it's "language status". Learning it offers very little insight into the actual operations of a system, vice learning how to actually take input and render output in an executable. Web coding caries value, and I do not diminish that fact. It is a mainstay in our economy now as a matter of fact. My only point is that someone who can code a web page is not what I am looking for when I am interviewing for system admins and security professionals. In fact I personally feel there is 3 types of IT folk, those that can sys admin, those that can code, and those in between that can do both.
I can say both TR and Darc I would love to meet in person someday, as I feel a fun and healthy debate would be had by all. I particularly like the sword play comment made by TR in that I have no ego that needs stroked in this forum. I have coded in many languages, and have no need to prove so. I also agree that the "pissing match" itself is bogus, however should it continue, I'm more than happy to watch it as a form of entertainment.
Lastly, I'm sure someone with get all pissed because I somehow slighted them, and if so, I am sorry. But I offer this as purely clarification to an already muddled topic. No offense meant, and none taken.
<b>HOT2PHUC</b>, XSS is a concern, only if you make it one. I've been coding on this site for awhile and it's never been a concern. There is a word amongst the honorable called "integrity". I have no reason or motive to exploit site vulnerabilties and if that is your intent, it shouldn't be an issue.
<font color="#ff0000">My apologies for misreading your post. wrote this post when I was really tired and I responded to something that was not even directed toward me and for that I do apologize. If you ever make it south, I owe you a beer.</font>
<b>Alex,</b> You bringing up examples of old vulnerabilities (SP1 and prior) and non-mainstream players, solidifies my point. For one, those are not safe surfing habits and perfect examples of a lack of web education as I stated. It also proves my point in that by downloading the service pack and click control with software you know little about (the mp3 player), you can avoid vulnerability and not rely antivirus programs. A much better way to manage your system is practice common sense, educate yourself and mirror your drive, that way in the rare event that you do get a virus, you can quickly recover and not have your system taxed by some high-level anti-virus program that interferes with your system and hog resources. Again, it's a preference thing. So keep double wrapping your dick with condoms and wearing bunny suits to fuck prostitutes and I will continue fucking clean pussy and only worry about the occasional lying whore with my get out of jail free spare penis.
Think about this, if a person is not smart enough to download the latest service pack with security updates, what makes you think they will be smart enough to download the latest virus definitions for an anti-virus program? A person that downloads any and every little piece of software from the web without researching the risks and benefits of the software deserves a fucking virus. In your example, the Atomic Mp3 player (exe) was the issue, not the mp3.
Regarding you Sasser worm comment... Again, software updates (service packs and hotfixes) fix worms just as effectively as anti-virus definitions. Worms are effective just as long against anti-virus programs without a definition of them as with a machine without a hotfix. New Trojans, worms and other virii beat anti-virus programs because they are vulernerable before the become known and added to the definitions database. Once a virus is known that exploits a security hole, there is a hotfix that will prevent it just as much as the anti-virus capability. Both methods are of the johnny come lately variety I just choose to spend less money.
Regarding JPG's... if there were an effective way to deploy a virus in a jpg and it were such a huge concern... Everyone having to scan every image on every website that is downloaded from every website we surf, would seriously degrade our surfing speed and further deplete our system resources. Why bother when the threat is so insignificant that I've never even heard of it until you mentioned your family member.
However, if you wish to continue the advocation of anti-virus software and lining the pockets of those that most likely make over 50% of all the virii and 90+% of the world wide spread worms and other bugs to drum up a larger customer base, then by all means. However, I would rather take my chances and not help Norton, McCaffey, Kapersky or any other large corporation get any richer through their use of internet terrorism.
<b>FREE123PLAY,</b> If Linux were the world monopoly, it would be just as attacked as MS. Malicious code can be written in any language. :-)
-D-
<font color="#ff0000">My apologies for misreading your post. wrote this post when I was really tired and I responded to something that was not even directed toward me and for that I do apologize. If you ever make it south, I owe you a beer.</font>
<b>Alex,</b> You bringing up examples of old vulnerabilities (SP1 and prior) and non-mainstream players, solidifies my point. For one, those are not safe surfing habits and perfect examples of a lack of web education as I stated. It also proves my point in that by downloading the service pack and click control with software you know little about (the mp3 player), you can avoid vulnerability and not rely antivirus programs. A much better way to manage your system is practice common sense, educate yourself and mirror your drive, that way in the rare event that you do get a virus, you can quickly recover and not have your system taxed by some high-level anti-virus program that interferes with your system and hog resources. Again, it's a preference thing. So keep double wrapping your dick with condoms and wearing bunny suits to fuck prostitutes and I will continue fucking clean pussy and only worry about the occasional lying whore with my get out of jail free spare penis.
Think about this, if a person is not smart enough to download the latest service pack with security updates, what makes you think they will be smart enough to download the latest virus definitions for an anti-virus program? A person that downloads any and every little piece of software from the web without researching the risks and benefits of the software deserves a fucking virus. In your example, the Atomic Mp3 player (exe) was the issue, not the mp3.
Regarding you Sasser worm comment... Again, software updates (service packs and hotfixes) fix worms just as effectively as anti-virus definitions. Worms are effective just as long against anti-virus programs without a definition of them as with a machine without a hotfix. New Trojans, worms and other virii beat anti-virus programs because they are vulernerable before the become known and added to the definitions database. Once a virus is known that exploits a security hole, there is a hotfix that will prevent it just as much as the anti-virus capability. Both methods are of the johnny come lately variety I just choose to spend less money.
Regarding JPG's... if there were an effective way to deploy a virus in a jpg and it were such a huge concern... Everyone having to scan every image on every website that is downloaded from every website we surf, would seriously degrade our surfing speed and further deplete our system resources. Why bother when the threat is so insignificant that I've never even heard of it until you mentioned your family member.
However, if you wish to continue the advocation of anti-virus software and lining the pockets of those that most likely make over 50% of all the virii and 90+% of the world wide spread worms and other bugs to drum up a larger customer base, then by all means. However, I would rather take my chances and not help Norton, McCaffey, Kapersky or any other large corporation get any richer through their use of internet terrorism.
<b>FREE123PLAY,</b> If Linux were the world monopoly, it would be just as attacked as MS. Malicious code can be written in any language. :-)
-D-
Don,
I'm not sure that it does solidify your point. The unfortunate reality is that "old vulnerabilities" are still effective. Using Windows, you will, in all probability, have to reformat your machine in order to keep it useable. Even the most advanced of users reformats back to factory spec. It's the rare user that actually maintains a slipstream Windows XP SP2 disk, that has all the patches up to current... just in case they have to reformat. Which means they probably have to connect to the internet to get the necessary updates. During the time they're downloading updates, if they don't have a hardware firewall, chances are they will be infected by one of the numerous remote exploit worms out there.
If you're unfortunate enough to have a virused Mp3 sitting on a separate hard drive, and you reformat, even looking at the directory it's contained in could infect your system.
With the Atomix Mp3 player, just because you haven't heard of it, doesn't make it obscure. Atomix mp3 distributes with Virtual DJ 2, which quite a few of the synth geeks I know use. It's obscure to you, the graphics geek, but to the synth geek it's common. Just like an exploit in Photoshop CS3 would probably not matter to a synth geek.
Another point that was less direct is that, YES, an mp3 can contain a virus. It's not even an ancient trick that was long since burried. The Atomix mp3 player is a shining example of that. These folks create mp3's as their bread and butter. If they can leave a buffer overflow open in their mainstream product, so can anyone else. So has pretty much everyone else. Even Microsoft has left a buffer overrun in their mp3 implementation. They just found it earlier. There may be more they haven't found.
It use to be common knowledge that pictures are safe, and that images don't contain viruses. If you take a look on Security Focus's website, you'll find that a staggering number of current vulnerabilities have to do with buffer overflows while parsing images. I have used the GIF vulnerability in J2SE update 9 and prior to remotely exploit a machine as a proof of concept. That was 4 months ago, and at the time it was still unpatched. Everyone had Java. The fact that there wasn't a massive outbreak via that vector is simply amazing.
What's more is that with the GIF vulnerability in J2SE, not a whole lot of people knew about it. It wasn't in the news like the GDI vulnerability was. Which meant people were ripe for the picking. It could be embedded in an applet, so you didn't even have to "click here to activate this control". These vulnerabilities are being found daily. It's naive to think that just because a type of vulnerability was discovered and fixed 4 years ago, that another similar vulnerability doesn't exist. Hell, the image buffer overrun proof of concept was demonstrated back in Windows 98... oddly enough, in GDI. Yet still, this year, a virus circulated using an exploit that was supposed to have been patched over 6 years ago. Using the same exploit code no less.
One thing I am curious about though, Don. How do you know that you don't have a virus? If you have no anti-virus.. how can you know? The fact that your machine isn't behaving oddly? Most current viruses are designed to be completely invisible to the user. They don't show up in Task Manager, they don't show up on the task bar, and they utilize so little memory that they don't even show in a memory usage map. How do you know? About the only way you could know is if you've set up an external system with a packet analyzer to check all your outgoing traffic, and verify that it's not consistent with known virus communications patterns.. and even then, all you know is that your system doesn't have a current and common virus. If it's a custom designed beast, it won't show up on your packet analyzer as an oddity.
If all you use is an ActiveX scanner, that runs from the internet, it's relatively trivial for a virus to modify the virus patterns it uses after they're loaded into memory. If the system is compromised, and the scanner runs on the system, then the scanner is probably compromised. The only way an internet based scanner could be absolutely effective would be to stream the entire contents of your hard drive to the scanner site to be scanned on their systems. That's not how they work. An ActiveX control works just like an exe. The only difference is that one is designed to be distributed over the internet.
So, again, how do you know you don't have a virus?
I'm not sure that it does solidify your point. The unfortunate reality is that "old vulnerabilities" are still effective. Using Windows, you will, in all probability, have to reformat your machine in order to keep it useable. Even the most advanced of users reformats back to factory spec. It's the rare user that actually maintains a slipstream Windows XP SP2 disk, that has all the patches up to current... just in case they have to reformat. Which means they probably have to connect to the internet to get the necessary updates. During the time they're downloading updates, if they don't have a hardware firewall, chances are they will be infected by one of the numerous remote exploit worms out there.
If you're unfortunate enough to have a virused Mp3 sitting on a separate hard drive, and you reformat, even looking at the directory it's contained in could infect your system.
With the Atomix Mp3 player, just because you haven't heard of it, doesn't make it obscure. Atomix mp3 distributes with Virtual DJ 2, which quite a few of the synth geeks I know use. It's obscure to you, the graphics geek, but to the synth geek it's common. Just like an exploit in Photoshop CS3 would probably not matter to a synth geek.
Another point that was less direct is that, YES, an mp3 can contain a virus. It's not even an ancient trick that was long since burried. The Atomix mp3 player is a shining example of that. These folks create mp3's as their bread and butter. If they can leave a buffer overflow open in their mainstream product, so can anyone else. So has pretty much everyone else. Even Microsoft has left a buffer overrun in their mp3 implementation. They just found it earlier. There may be more they haven't found.
It use to be common knowledge that pictures are safe, and that images don't contain viruses. If you take a look on Security Focus's website, you'll find that a staggering number of current vulnerabilities have to do with buffer overflows while parsing images. I have used the GIF vulnerability in J2SE update 9 and prior to remotely exploit a machine as a proof of concept. That was 4 months ago, and at the time it was still unpatched. Everyone had Java. The fact that there wasn't a massive outbreak via that vector is simply amazing.
What's more is that with the GIF vulnerability in J2SE, not a whole lot of people knew about it. It wasn't in the news like the GDI vulnerability was. Which meant people were ripe for the picking. It could be embedded in an applet, so you didn't even have to "click here to activate this control". These vulnerabilities are being found daily. It's naive to think that just because a type of vulnerability was discovered and fixed 4 years ago, that another similar vulnerability doesn't exist. Hell, the image buffer overrun proof of concept was demonstrated back in Windows 98... oddly enough, in GDI. Yet still, this year, a virus circulated using an exploit that was supposed to have been patched over 6 years ago. Using the same exploit code no less.
One thing I am curious about though, Don. How do you know that you don't have a virus? If you have no anti-virus.. how can you know? The fact that your machine isn't behaving oddly? Most current viruses are designed to be completely invisible to the user. They don't show up in Task Manager, they don't show up on the task bar, and they utilize so little memory that they don't even show in a memory usage map. How do you know? About the only way you could know is if you've set up an external system with a packet analyzer to check all your outgoing traffic, and verify that it's not consistent with known virus communications patterns.. and even then, all you know is that your system doesn't have a current and common virus. If it's a custom designed beast, it won't show up on your packet analyzer as an oddity.
If all you use is an ActiveX scanner, that runs from the internet, it's relatively trivial for a virus to modify the virus patterns it uses after they're loaded into memory. If the system is compromised, and the scanner runs on the system, then the scanner is probably compromised. The only way an internet based scanner could be absolutely effective would be to stream the entire contents of your hard drive to the scanner site to be scanned on their systems. That's not how they work. An ActiveX control works just like an exe. The only difference is that one is designed to be distributed over the internet.
So, again, how do you know you don't have a virus?
Alex, yet again you solidify my point. By not taking an active stance in your surfing habits and educating yourself as to what you put on your machine and updating your software, you are asking for a virus.
Saying that an unpatched OS is vulnerable to the security issues that the patch fixes is just like saying that a PC is vulnerable to virus that are in the latest definitions list that you have yet to download.
Again the MP3 player you mentioned has a fix??? If not, the software company are retards. Failure to update your software to fix issues is a user error. Again an MP3 by itself is no threat unless you are using software that is under supported and not widely known or supported. Again, research the benefit and risk of any software. I would also like to reiterate that you, as an anti-virus software advocate, are only protected by what your anti-virus program knows about. You are not protected against initial attacks.
The smart thing to do is to keep your OS with your base software installations backed up in a mirror unattached from the system recover if and when you have something attacking the system and you can't recover through removal.
You ask me how I know whether I know if I have one or not? How do you know if you have one or not. After all, no anti-virus program stops them all and even anti-virus program can be circumvented through modifications to the virus code that were previously stopped hence the multiple versions of virus out there.
You wrote: <i>"If all you use is an ActiveX scanner, that runs from the internet, it's relatively trivial for a virus to modify the virus patterns it uses after they're loaded into memory. If the system is compromised, and the scanner runs on the system, then the scanner is probably compromised. The only way an internet based scanner could be absolutely effective would be to stream the entire contents of your hard drive to the scanner site to be scanned on their systems. That's not how they work. An ActiveX control works just like an exe. The only difference is that one is designed to be distributed over the internet."</i>
The same applies to you if you are running Norton or the like, on your machine and you are attacked by the latest greatest bug that hasn't been updated on the definitions list.
and you wrote:
<i>
"What's more is that with the GIF vulnerability in J2SE, not a whole lot of people knew about it. It wasn't in the news like the GDI vulnerability was. Which meant people were ripe for the picking. It could be embedded in an applet, so you didn't even have to "click here to activate this control". These vulnerabilities are being found daily. It's naive to think that just because a type of vulnerability was discovered and fixed 4 years ago, that another similar vulnerability doesn't exist. Hell, the image buffer overrun proof of concept was demonstrated back in Windows 98... oddly enough, in GDI. Yet still, this year, a virus circulated using an exploit that was supposed to have been patched over 6 years ago. Using the same exploit code no less. "</i>
All these vulnerabilities, you as an anti-virus user, are susceptible to until your software's engineers are made aware of the viruses that exploit said holes. When the viruses are witten and the problem is faced, Anti-virus makers update their definitions and software companies patch the hole. The truth is, there will always be holes in every OS and every software program and even with the best anti-virus software with all the latest definitions, you are still prone to viruses.
The thing is Al, my good man, is that your way is really no more effective than mine. I look at it this way... If we were both in a foot race through a labrynth with dangers of projectiles and traps etc. My protection (method) would be to wear leather armor and try and avoid most traps, but I get to keep my speed and agility. While yours would be to wear full plate mail and lumber through. While you are protected more than I, from all the known traps, you are overly encumbered by your heavy armor and still vulnerable to a lightning damage because your mage hasn't enchanted your armor with the latest protective spells. LOL! It's a preference thing my man... While you choose to sacrifice your system resources for the added protection, and I will not deny it is safer, I do not because I refuse to pay the bully my lunch money for protection. It hasn't been a problem yet. If it does, I'll just format my drive and load the fresh image over to it. :-)
-D-
Saying that an unpatched OS is vulnerable to the security issues that the patch fixes is just like saying that a PC is vulnerable to virus that are in the latest definitions list that you have yet to download.
Again the MP3 player you mentioned has a fix??? If not, the software company are retards. Failure to update your software to fix issues is a user error. Again an MP3 by itself is no threat unless you are using software that is under supported and not widely known or supported. Again, research the benefit and risk of any software. I would also like to reiterate that you, as an anti-virus software advocate, are only protected by what your anti-virus program knows about. You are not protected against initial attacks.
The smart thing to do is to keep your OS with your base software installations backed up in a mirror unattached from the system recover if and when you have something attacking the system and you can't recover through removal.
You ask me how I know whether I know if I have one or not? How do you know if you have one or not. After all, no anti-virus program stops them all and even anti-virus program can be circumvented through modifications to the virus code that were previously stopped hence the multiple versions of virus out there.
You wrote: <i>"If all you use is an ActiveX scanner, that runs from the internet, it's relatively trivial for a virus to modify the virus patterns it uses after they're loaded into memory. If the system is compromised, and the scanner runs on the system, then the scanner is probably compromised. The only way an internet based scanner could be absolutely effective would be to stream the entire contents of your hard drive to the scanner site to be scanned on their systems. That's not how they work. An ActiveX control works just like an exe. The only difference is that one is designed to be distributed over the internet."</i>
The same applies to you if you are running Norton or the like, on your machine and you are attacked by the latest greatest bug that hasn't been updated on the definitions list.
and you wrote:
<i>
"What's more is that with the GIF vulnerability in J2SE, not a whole lot of people knew about it. It wasn't in the news like the GDI vulnerability was. Which meant people were ripe for the picking. It could be embedded in an applet, so you didn't even have to "click here to activate this control". These vulnerabilities are being found daily. It's naive to think that just because a type of vulnerability was discovered and fixed 4 years ago, that another similar vulnerability doesn't exist. Hell, the image buffer overrun proof of concept was demonstrated back in Windows 98... oddly enough, in GDI. Yet still, this year, a virus circulated using an exploit that was supposed to have been patched over 6 years ago. Using the same exploit code no less. "</i>
All these vulnerabilities, you as an anti-virus user, are susceptible to until your software's engineers are made aware of the viruses that exploit said holes. When the viruses are witten and the problem is faced, Anti-virus makers update their definitions and software companies patch the hole. The truth is, there will always be holes in every OS and every software program and even with the best anti-virus software with all the latest definitions, you are still prone to viruses.
The thing is Al, my good man, is that your way is really no more effective than mine. I look at it this way... If we were both in a foot race through a labrynth with dangers of projectiles and traps etc. My protection (method) would be to wear leather armor and try and avoid most traps, but I get to keep my speed and agility. While yours would be to wear full plate mail and lumber through. While you are protected more than I, from all the known traps, you are overly encumbered by your heavy armor and still vulnerable to a lightning damage because your mage hasn't enchanted your armor with the latest protective spells. LOL! It's a preference thing my man... While you choose to sacrifice your system resources for the added protection, and I will not deny it is safer, I do not because I refuse to pay the bully my lunch money for protection. It hasn't been a problem yet. If it does, I'll just format my drive and load the fresh image over to it. :-)
-D-
Don,
Regarding the Atomix Mp3 player: no, it hasn't been patched. Much like the myriad of other vulnerabilities that remain unpatched for weeks to months on end. Microsoft, up until recently, was one of the biggest examples of unpatched vulnerabilities. They've gotten better since they've taken a much more security focused design stance. But their patches still fail to apply.. silently.. and new problems are found every day. A great example would be the patch for the vulnerability in VML. If the patch fails due to WFP, it never tells you it failed. It also won't try to install again later. We found that out through our internally developed patch verification system. I'm just waiting for something to take advantage of that little bug.
The point I'm making here is that without proper mitigation, it may not even be possible to get updates without getting an infection. If connecting to the internet to download patches is what causes you to be exposed, then how do you get the patches? The answer is on a different system, or behind a properly configured firewall. That's too much to ask Joe User to do. And to say Joe User deserves a virus because he's not technologically minded enough to perform a proper firewall setup, or to use the MBSA to find out what patches he needs so he can download them somewhere else is wrong minded. That's saying your parents don't deserve to be on the internet because they didn't grow up in a culture where computer knowledge was chic. Microsoft is still the dominant platform precisely because they cater to people who aren't tech savvy. Vista is a -massive- improvement over XP as far as security is concerned... but it may be too secure for mom and pop.
You said: <em>The smart thing to do is to keep your OS with your base software installations backed up in a mirror unattached from the system recover if and when you have something attacking the system and you can't recover through removal.</em>
Then the problem becomes... how often do you back up? If it's daily, chances are your backup is infected. Do you rotate your backup? Just in case the original is infected? The Chernobyl virus was in the wild in January, and had infected most systems that were affected by not much later. Of course, it didn't actually erase your bios until April. Since most viruses specialize in not being detectable, you may have had it for months before you found it. That's why most backup software backs up primarily your data, secondarily your programs.
So the general workflow is: Install OS, install Software, update OS/Software, restore data. Seems simple enough, but doing it out of order at all puts you at risk. Software installs it's own dlls, so if you do the updates to the os before installing software, you roll back updates. If you load your data before loading updates, you run the risk of infection in your old data.
Then you also get to worry about how you get the patches to your system in the first place. If you download directly, you need a hardware firewall.. or need to hope that the software one you have is current enough. If you download from somewhere else, you need MBSA (microsoft baseline security analyzer).
With all that in mind, this is what I recommend to the average user:
<b>Hardware Firewall
Antivirus of some kind
Live Update active
</b>
That way, you can safely erase your entire drive and restore it without much risk of infection. If you have no anti-virus, you're really just hoping you didn't get anything. With antivirus at least you pick up on the common stuff. To further Don's analogy, even if I fuck clean pussy, I use a condom. I avoid anything non-clean altogether; and I have myself regularly checked for infection by a source I trust. Just because she said it was clean, doesn't mean it was. (Not too long ago, a DNS vulnerability allowed hackers to arbitrarily redirect people from a commercial site to theirs, where they served up a virus infected copy of the software.. which they trusted from the company, but didn't know it wasn't coming from them).
Computer viruses mirror biological viruses in a lot of ways. Many people don't know that herpes can be spread regardless of having an external outbreak, and also don't know that oral and genital herpes are the same virus. Most people don't know that pictures can contain viruses, or that a virus may not have an outward effect on their system... at least that they notice.
You said: <em> The thing is Al, my good man, is that your way is really no more effective than mine. </em>
Not quite true, because you don't know what my way is. This is overkill, just so as you are all aware, but... well, you don't get to be a security systems analyst by not being paranoid.
1) Kaspersky AV on my desktop, automatically updating 3 times daily, if updates are avail
2) Portable ClamAV, updated on a separate network, to which the machine can only access the update website. Automatic checking against update signatures
3) Weekly scans by booting to Read Only media, using a usb key with up to date virus signatures to do the scan.
4) Quarterly remove the hard drives, move them to an external system for scanning
Like I said, overkill. But I have been infected. Twice. The ClamAV scans picked them up, and I wiped and restored the system using a slipstream disk that I keep up to date for work. I haven't found a virus yet during my quarterly scans.. but I would have, if my weekly didn't pick them up. Add this to the fact that I am paranoid, and you get an idea of how easy it is to get infected.
Regarding the Atomix Mp3 player: no, it hasn't been patched. Much like the myriad of other vulnerabilities that remain unpatched for weeks to months on end. Microsoft, up until recently, was one of the biggest examples of unpatched vulnerabilities. They've gotten better since they've taken a much more security focused design stance. But their patches still fail to apply.. silently.. and new problems are found every day. A great example would be the patch for the vulnerability in VML. If the patch fails due to WFP, it never tells you it failed. It also won't try to install again later. We found that out through our internally developed patch verification system. I'm just waiting for something to take advantage of that little bug.
The point I'm making here is that without proper mitigation, it may not even be possible to get updates without getting an infection. If connecting to the internet to download patches is what causes you to be exposed, then how do you get the patches? The answer is on a different system, or behind a properly configured firewall. That's too much to ask Joe User to do. And to say Joe User deserves a virus because he's not technologically minded enough to perform a proper firewall setup, or to use the MBSA to find out what patches he needs so he can download them somewhere else is wrong minded. That's saying your parents don't deserve to be on the internet because they didn't grow up in a culture where computer knowledge was chic. Microsoft is still the dominant platform precisely because they cater to people who aren't tech savvy. Vista is a -massive- improvement over XP as far as security is concerned... but it may be too secure for mom and pop.
You said: <em>The smart thing to do is to keep your OS with your base software installations backed up in a mirror unattached from the system recover if and when you have something attacking the system and you can't recover through removal.</em>
Then the problem becomes... how often do you back up? If it's daily, chances are your backup is infected. Do you rotate your backup? Just in case the original is infected? The Chernobyl virus was in the wild in January, and had infected most systems that were affected by not much later. Of course, it didn't actually erase your bios until April. Since most viruses specialize in not being detectable, you may have had it for months before you found it. That's why most backup software backs up primarily your data, secondarily your programs.
So the general workflow is: Install OS, install Software, update OS/Software, restore data. Seems simple enough, but doing it out of order at all puts you at risk. Software installs it's own dlls, so if you do the updates to the os before installing software, you roll back updates. If you load your data before loading updates, you run the risk of infection in your old data.
Then you also get to worry about how you get the patches to your system in the first place. If you download directly, you need a hardware firewall.. or need to hope that the software one you have is current enough. If you download from somewhere else, you need MBSA (microsoft baseline security analyzer).
With all that in mind, this is what I recommend to the average user:
<b>Hardware Firewall
Antivirus of some kind
Live Update active
</b>
That way, you can safely erase your entire drive and restore it without much risk of infection. If you have no anti-virus, you're really just hoping you didn't get anything. With antivirus at least you pick up on the common stuff. To further Don's analogy, even if I fuck clean pussy, I use a condom. I avoid anything non-clean altogether; and I have myself regularly checked for infection by a source I trust. Just because she said it was clean, doesn't mean it was. (Not too long ago, a DNS vulnerability allowed hackers to arbitrarily redirect people from a commercial site to theirs, where they served up a virus infected copy of the software.. which they trusted from the company, but didn't know it wasn't coming from them).
Computer viruses mirror biological viruses in a lot of ways. Many people don't know that herpes can be spread regardless of having an external outbreak, and also don't know that oral and genital herpes are the same virus. Most people don't know that pictures can contain viruses, or that a virus may not have an outward effect on their system... at least that they notice.
You said: <em> The thing is Al, my good man, is that your way is really no more effective than mine. </em>
Not quite true, because you don't know what my way is. This is overkill, just so as you are all aware, but... well, you don't get to be a security systems analyst by not being paranoid.
1) Kaspersky AV on my desktop, automatically updating 3 times daily, if updates are avail
2) Portable ClamAV, updated on a separate network, to which the machine can only access the update website. Automatic checking against update signatures
3) Weekly scans by booting to Read Only media, using a usb key with up to date virus signatures to do the scan.
4) Quarterly remove the hard drives, move them to an external system for scanning
Like I said, overkill. But I have been infected. Twice. The ClamAV scans picked them up, and I wiped and restored the system using a slipstream disk that I keep up to date for work. I haven't found a virus yet during my quarterly scans.. but I would have, if my weekly didn't pick them up. Add this to the fact that I am paranoid, and you get an idea of how easy it is to get infected.
Again anti-virus programs installed on your computer, is unnecessary. You are just as vulnerable to an attack with it as without it. It is just as easy to get patches that fix vulnerability as it is anti-virus updates. Not to mention your anti-virus program can be fooled and attacked directly as well. It is only as good as your latest definitions if you've even updated.
You can argue differently all you want, but you can't deny what I am saying is true. I agree with the firewall stance, but you can get that with windows XP, it's on as a default or your router at no extra charge. As I've said, I also agree with software updates.
I would also like to say again that the MP3 player is an exe and without it, you would not be able to execute the virus in the MP3. You can get infected with viruses created to exploit this vulnerability with or without anti-virus program if the virus is written to fool or attack the anti-virus program and it's not in your definitions. There are countless articles regarding virii that attack and fool anti-virus programs.
The truth is, most anti-virus programs are cumbersome and shitty and rarely prevent infection from the latest viruses because they are no definitions until enough people fall victim that it pops up on the radar.
The "parents not deserving to use computers" analogy was inaccurate. What's more on par is you should expect to cause more accidents while driving a car, after buying it, if you first do not learn to drive it and maintain it. I would say you would deserve the consequence for your negligence.
Your infected pussy analogy based upon my own was also flawed because you are saying that norton is a trusted source to check if you are clean, when in fact, that's if they have the lastest info on the virus being used and you bothered to get the latest definitions. Again, avoiding strange pussy is the key. That's just me :-)
-D-
P.S.
http://www.zdnet.com.au/blogs/securifythis/soa/Why-popular-antivirus-apps-do-not-work-/0,139033343,139264249,00.htm
here's a quote:
<i>"However, the actual reason why the top selling antivirus applications don't work is because malware authors are specifically testing their Trojans and viruses to make sure they can bypass these applications before releasing them in the wild.
"The most popular brands of antivirus on the market
You can argue differently all you want, but you can't deny what I am saying is true. I agree with the firewall stance, but you can get that with windows XP, it's on as a default or your router at no extra charge. As I've said, I also agree with software updates.
I would also like to say again that the MP3 player is an exe and without it, you would not be able to execute the virus in the MP3. You can get infected with viruses created to exploit this vulnerability with or without anti-virus program if the virus is written to fool or attack the anti-virus program and it's not in your definitions. There are countless articles regarding virii that attack and fool anti-virus programs.
The truth is, most anti-virus programs are cumbersome and shitty and rarely prevent infection from the latest viruses because they are no definitions until enough people fall victim that it pops up on the radar.
The "parents not deserving to use computers" analogy was inaccurate. What's more on par is you should expect to cause more accidents while driving a car, after buying it, if you first do not learn to drive it and maintain it. I would say you would deserve the consequence for your negligence.
Your infected pussy analogy based upon my own was also flawed because you are saying that norton is a trusted source to check if you are clean, when in fact, that's if they have the lastest info on the virus being used and you bothered to get the latest definitions. Again, avoiding strange pussy is the key. That's just me :-)
-D-
P.S.
http://www.zdnet.com.au/blogs/securifythis/soa/Why-popular-antivirus-apps-do-not-work-/0,139033343,139264249,00.htm
here's a quote:
<i>"However, the actual reason why the top selling antivirus applications don't work is because malware authors are specifically testing their Trojans and viruses to make sure they can bypass these applications before releasing them in the wild.
"The most popular brands of antivirus on the market