Slashdot Mirror

Are you saying that I am a spyware maker/malware maker?

(Yes or No is the only answer needed)

----

"LOL, I find it hilarious that the SPYWARE AUTHOR is accusing me of libel!" - by clone53421 (1310749) on Monday April 05, @01:46PM (#31736694)

So, again: Are YOU calling ME, a SPYWARE MAKER? Yes or No, is all I need.

And, yes, my apps' still there (zero threat levels though - it CAN be "misused" though, this happens to the "best of us", see below in fact)

http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=51276

They list it - with ZERO threat levels... EVEN THOUGH I PASSED EVERY ONE OF THEIR 21 QUESTIONS FOR REMOVAL!

(It happens - Just as they do to others' wares, such as Nir Sofer's wares (he has this happen ALL THE TIME, wrongfully, because his apps are good, & just like PING could issue a "ping of death"? His apps may be a 'double-edged sword' is all - same thing's happened to a former "colleague" of mine (mid 1990's for Sunbelt Software in Dr. Mark Russinovich of Microsoft, when he & I both made wares for them back then)).

In any event?? Have some balls, answer the question, that's all!

APK

P.S.=> You answer yes to your saying I am a malware maker? You'll be VERY surprised at what will happen after that... apk

LOL, I find it hilarious that the SPYWARE AUTHOR is accusing me of libel! I didn’t call you ANYTHING, I’m just QUOTING many sources as I described above, which call your shitty software suite (or should I call it a “software shite”, LOL) “spyware” and say that it should be UNINSTALLED — despite your claims that it has been proven not to be spyware and that CA now finds it to have NO THREAT LEVELS (which is FALSE, as I quoted, their website STILL lists it as a THREAT! http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=51276 ... right there! I suggest you contact them again, LOL)... just more lies from the spyware author, but what do we expect? Too, too predictable.

LOL, very, VERY lofty claims for someone who writes SPYWARE!

Yes, that’s right, as quoted on MANY sources:

http://www.spywaredb.com/remove-apkapp2backgrounddaemonprocessengine/

http://www.pestpatrol.com/zks/pestinfo/a/apkapp2backgrounddaemonprocessengine.asp

http://www.spycheck.co.uk/genera.php?processfile=apkapp2backgrounddaemonprocessengine.exe&dir=a&pag=50

http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=51276 ...& many, MANY more!! LOL

According to the second article, it has been fixed.

Please Note:The legitimate hacked website was contacted and informed about its participation in the Zeus bot activity and accordingly has stopped serving the malicious variant.

Hitting Google is apparently easier than doing research. I went through the articles on your "osx+virus+in+the+wild" link, and what I found on the first pages was...

• 4 pages on Leap-A: A Trojan that requires one to give an admin password after opening what's supposed to be an image file. It propagates itself via iChat file transfers, but it still requires an idiot to give a password upon opening a file that shouldn't require one.
• 1 forum post by someone worried about an unidentified Mac virus in the news around the same time as Leap-A.
• 1 page on Inqtana-B: A false positive from an AV package.
• 1 blog post by someone bragging about how there aren't any self-propagating Mac viruses in the wild.
• 1 nigh-incomprehensible wiki article on AV software for Macs.
• 2 articles on Inqtana-A: (See below.)

None of these (except possibly Inqtana-A) would be a threat to semi-competent users, and the only article that isn't from 2006 is the garbled wiki page.

Now if you want some actual research on Mac OS X viruses, you can check a vendor's site:
http://www.sophos.com/security/analyses/viruses-and-spyware/search-results/?search=OSX&action=search&x=0&y=0

Interestingly, what the site won't tell you is that most (if not all) of these viruses are phantom menaces; you have to Google each one yourself for that kind of detail. Many are proof-of-concept never seen in the wild, and most exploit holes already patched in the OS. All are trojans that require serious PEBKAC to run, even the only two known "worms" for the plantform -- Inqtana and Tored.

Inqtana, a virus one that got some notoriety and media attention is an example of all three -- a proof of concept (with an expiration date) that attacked an old hole in the Bluetooth stack and which required victims to consent to accept the download from an infected machine. Tored was an email worm that required you to execute an attachment on a very stupid looking spam email payload. Both are basically glorified trojans -- nothing on par with Conficker.

Now, trojans aren't complete non-issues, but savvy computer users currently have very little to fear from running a Mac w/o AV software since there are currently no self-instantiating viruses for the platform in the wild. Don't download pirated software (and risk something like iWorkS which hides itself in installers for certain programs), and don't trust installers where none should be present.

And another thing the "article" (and by "article" I mean "infomercial") didn't mention was how many of those malware apps successfully *infected* the machine.

Out of the 10, 2 threw an error and crashed, 8 "ran". Whats his criteria for "ran". I'm betting that means "didn't crash and burn horribly with an error message shown to the user."

I looked up the details on the first virus sophos listed (troj/fakeAV) here and apparently one of its actions is to add a link to the all users start menu folder here:

%Documents and Settings%\All Users\Start Menu\Programs\XP_Antispyware\Uninstall.lnk

I know for a fact you can't write to this folder without UAC elevation on vista/7, so I'd say it is more likely than not that when the malware ran it tried to write to this folder, failed, and *caught the exception*. The machine was NOT infected.

I'm not going to check each of the 8 malware apps he ran "successfully" but I'd be surprised if any of them were able to "infect" the pc in any meaninful way with UAC enabled, or if the user was running as non-admin.

In other words 8/10 malware apps are probably well written enough to have some sort of error handling that eats any errors that may occour without alerting the user.

Per my subject-line above? THANKS FOR GIVING YOURSELF AWAY arstech troll... lol, too transparent (you're doubtless modding this down, but, your mod downs don't work vs. the facts & tests I put out, now do they?? Who do you think you are fooling @ THIS point, with an attempt @ an ad-hominem attack on myself???)

Ah, hilarious, but here we go (time to make you "eat your words" for what? Around the 5th time this week as I have in other threads where you tried this????)

"But you try and justify it all by talking about security so I figured hey, I'll see what this guys credentials are. Well, a quick search turned this up:

http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=51276 [ca.com]

A piece of software that can arbitrarily run applications invisibly? Sorry what, did you really try and throw such a security threat onto consumer's PCs??" - by Anonymous Coward on Monday July 13, @05:00AM (#28673669)

AHEM, another test (readers, you're going to LOVE this one) PLUS, proofs as is usual from me vs. my "naysayers/detractors" like this one all thru this thread & others:

I want you to write NIR SOFER, or Dr. Mark Russinovich even of MS fame, & ask them if THEIR wares have been detected as malwares as mine has falsely!

(Nir & I have a conversation going on this too by the by)...

YES - soon, we're going to make another "break thru", with Nir's help & possibly the "good doctor's" also... in regard to 'false positives' by AV & AntiSpyware companies so please - do write NIR SOFER of Nirsoft fame...

AND, By the by?

My app is LISTED WITH ZERO THREAT LEVELS

(Fact is, almost to this day last year? I approached Greg Jensen about this, took their removal test, 21 questions? I do NOT violate even 1 of them (but, my program, like Dr. Russinovich's PSExec & other PsTools? Can be misused, unfortunately))

Now, they also list it & have since 2004 when a fool named "THOR SHROCK" (schmuck is more like it) put it up there as "Peter Kowalski", so I would never find it by querying google... all others removed it from their lists mind you, but not Thor SCHMUCK or CA.

(Fact is - I wrote it, in GOOD faith & with GOOD intent, for a forums person @ NTCompatible.com & decade ago or more, to launch Apache server for Windows "invisibly" since it would not by default in older models back then on Windows is all... but, like a gun (or ping even)? It can be misused, depending on parameters used (like ping of death) OR, what is loaded into it).

I can't control people, or how they use a program, anymore than I can with what folks do with guns which are useful, but also, deadly... & guns? Guns do NOT kill folks, people do.

APK

P.S.=> You seem "bent on discrediting me", ad-hominem, & apparently after you reading ALL my proofs above, & challenges above to my 'naysayers' which none dare to 'bite on' or try by this point?

WELL, this is ALL you are left with?

LOL... ok, fine, it's enough for me to see you "reduced to that", lol, but now? My turn (as to accomplishments of mine that help folks):

HOW TO SECURE Windows 2000/XP/Server 2003 & VISTA even, + make it "fun-to-do", via CIS Tool Guidance (& beyond):

http://www.tcmagazine.com/forums/index.php?s=e4473be2a007d388932bb27882f6f31c&showtopic=2662 [tcmagazine.com]

TESTIMONIALS OF ITS EFFECTIVENESS:

----

http://www.xtremepccentral.com/forums/showthread.php?s=97c1e368dad75689a8da7df5a0e97418&t=28430&page=3 [xtremepccentral.com]

"Its 2009 - still trouble free!

I was told last week by a co worker who doe

So I've never heard of you before, but you seem to like throwing your initials round APK, or Alexander Peter Kowalski.

Your initial comments seemed idiotic, you were complaining about your 15mb+ hosts file being slow to load. Sorry, but what the fuck? You have a 15mb+ hosts file? are you really that clueless about IT?

But you try and justify it all by talking about security so I figured hey, I'll see what this guys credentials are. Well, a quick search turned this up:

http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=51276

A piece of software that can arbitrarily run applications invisibly? Sorry what, did you really try and throw such a security threat onto consumer's PCs??

But wait, it appears you didn't stop there, I also found this:

http://www.thorschrock.com/2008/05/19/how-to-respond-when-people-threaten-to-sue-you-on-the-web/

So not only do you produce an app. that is a massive security risk, not only do you fail to see why it has been validly categorised as such, but you throw a hissy fit and threaten to sue? Not only that, but continue to spam the comments section of that site for over a month continuing to whine?

People make mistakes though so fair enough, I figured I'm sure there's more to this guy. I found this:

http://www.thenewtech.com/forums/chit-chat/today-4378/index32.html

Er, a program built entirely around breaking the hosts file using it for purposes it is simply not intended? Again, do you have any idea about the subject you preach? Do you realise that your very own programs pose a security risk? Do you realise how trivial it would be for Malware to hide malicious redirects in hosts files of the size you are talking meaning yet another one of your programs is a vessel for anti-security?

And there's more:

http://episteme.arstechnica.com/eve/forums/a/tpc/f/51009562/m/3680937305

Threatening to sue again on online forums because people didn't like the fact you were using them to advertise your dodgy Delphi programs?

Other than that, all I could find was a couple of dead web pages of yours and mention of a couple of long obsolete Delphi programs.

Your complaint is about the performance of using the hosts file for something it's never meant to be used for and the resultant performance drops of reading such a large file.

The fact that using the hosts file so incorrectly inherently severely decreases performance of DNS lookups anyway seems lost on you.

You talk of security yet you produce applications that are security threats.

You threaten to sue anyone who points out that your applications are security threats, you threaten to sue people who do not like you using technical forums to advertise your programs.

You complain here about how people obviously aren't programmers because they disagree with you yet your language of choice is object pascal via Delphi, hardly the language of choice for an expert programmer and second only to pre-.NET Visual Basic for the horifically bad bloatware it results in.

Do us all a favour, quit posting anything to the internet, spend a few years updating your knowledge to learn a worthwhile language like C++, Java or one of the .NET languages. Get a clue about security and understand why your applications are a far bigger security risk than anything you talk of and finally, stop threatening to sue anyone you disagree with.

Published Nov 29 2007, 11:39 PM by Stefan Berteau

It was already posted on Slashdot. http://yro.slashdot.org/article.pl?sid=07/12/03/0656205 That's two dupes in a row guys! Care to go for three?

TFA's source [corrected] indicates FB gives their affiliates javascript to include in the page that connects to a FB server for cookie exchange. Pretty sneaky. I wonder if google does something like that with google analytics.

Corrected Link! This is why one should not slashdot before one's midday coffee. Please mod parent down, or something. That's a very small server and it will die.

TFA's source [corrected] indicates FB gives their affiliates javascript to include in the page that connects to a FB server for cookie exchange. Pretty sneaky. I wonder if google does something like that with google analytics.

Corrected Link! This is why one should not slashdot before one's midday coffee. Please mod parent down, or something. That's a very small server and it will die.

Also, here's the actual CA article.

My temptation was excessively high. I got the shaft for no good reason, and I was told that either I'd resign or they'd sue me for some kind of breach of contract: they didn't want to have to pay my unemployment, so they made this threat...I can't even remember what it was about now, but I do remember that the PHB...

Oh wait, I remember, it was an Arcview application that had never gotten completed because the demographic data was hung up at the state level, and he kept calling it Arcserve. So yea, I'm sitting there listening to this fat idiot with the bad hairpiece threatening me with a breach of contract dealing with a Windows backup program which we didn't even sell.

What a moron.

Anyway the "contract" was a complete handshake agreement, no paper work, no actual project specs, nothing, and the ball was in the clients court anyway, and in my opinion, they had no real interest in it in the first place. Basically he was trying to force me out to isolate one of the partners (my actual boss), and he was a real asshole about it.

So I had a moment, when I realized I had basically unlimited access, where I was tempted. I'm not a fuckup like the guy in San Fran either; I could have set shit in motion that would never have been caught, and I knew the state their backups were in.

But I'm a professional, and while I never would have been caught, I wouldn't have felt like I could be trusted with the big systems, wouldn't have been able to sit in an interview and say that my personal integrity matters more to me than just about anything.

Agreed, 110%, so they can simply say "We find more things than our competitors" - even though it is blatantly false advertising.

E.G.: I wrote a program back in the year 2000 called apkapp2backgrounddaemonprocessengine.exe that Computer Associates (CA) lists on their SPYWARE databases, here:

http://ca.com/ca/en/securityadvisor/pest/pest.aspx?id=51276#top

It shows NO threat levels whatsoever, in their graphs of those things there (4 categories with progress bars on the right side of that page) & yet is listed there!

All that program does, is allow a user to launch a program invisibly! How someone uses it is beyond my control, & with what programs too...

(My program's description clearly notes this, as it was designed for folks that had older version of Apache webserver installed (I built it for a gent on a forums who complained about the inability of Apache to run as a service, as IIS does) so they could have it run unobtrusively in the background))

By itself, the program bears NO payload, & if you do not select an application to run, it merely tells you it is shutting down, & it then closes.

(THIS IS DANGEROUS? THIS IS A SPYWARE/MALWARE/TROJAN/VIRUS etc. et al??)

I don't think so... heck, I KNOW NOT!

PING.EXE (std. part of any OS that has a Tcp/IP stack) is more dangerous (capable of "ping of death"), but I don't see CA listing that there... they don't dare, Microsoft & other OS vendors would probably crush them into the ground in lawsuits!

The worst part is, it has been listed there since 2004, & they (I feel intentionally so) MISSPELLED MY NAME THERE, as "Peter Kowalski", when in fact it is "Alexander Peter Kowalski" in full (hence, the "apk" @ the start of this program's name)) & I consider it libelling myself. I never search for anything but my FULL NAME online (& I think they KNOW that is why they did that).

So, I spoke to an attorney about pursuing this legally: He said to FIRST pursue this according to THE BULLCRAP CA "RULES"...

Which means I have to fill out this 21 point questionnaire (which I have & my program does NOT violate a single point in it) & send it back to:

vendorappeals@ca.com

Who made CA the "lords of the internet" you know, & gave them the right to libel others as they have myself in this case?

Additionally, I had to deal with a sanctimonious CA asshole named Greg Jensen (their "product manager", another know-nothing who has his job in this field, God knows why) who is going to be named when I sue that company for libel, because once I am done getting my program removed from their Spyware/Threat Database list online this week (in process now)? I have proof that their info. has misled 3-4 other sites into listing my ware as well. 3 of them removed it thusfar no less.

APK

P.S.=> The problem is the idiots @ the wheel in these companies... they're NOT computer scientists, they're "money grubbing soulless freaks" (greedy morons that take advantage of those that actually KNOW this field, & use them, to make money for themselves & pay those who actually know & do the job, peanuts/scraps)... out with the scum in this industry & others I say, out... apk

It has been tried. The media was quick to get alerted about it. A special thank you for horrible Java implementation of Windows that time which sent a "heads up" to Sun and every geek/professional having something to do with Java :)

http://forum.java.sun.com/thread.jspa?threadID=405425&messageID=1966682

http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453059998

It was based on Java, was distributed by Java P2P application. One should be glad that Macs were still not that popular that time.

Actually, it's much more nepostistic and unsettling than that. The company who provides the tracking software, called comScore, is not new to spyware. http://www.benedelman.org/news/062907-1.html

The Sears VP responsible for this is a former VP of comScore. http://community.ca.com/blogs/securityadvisor/archive/2008/01/02/2nd-response-to-rob-harles-vp-of-sears-shc-community.aspx (last paragraph of the post).

Somethin' sure does smell funny round bouts here.

IDK about identity theft, but you should read the comment that "heather" left on the CA blog about "managemyhome.com," another Sears web site. Apparently all you need is a name, address, and phone number and you can log on as that person and view purchase history from Sears for, what I would surmise, is the big ticket items like refrigideezers and washers.

Now that's almost criminal.

Finally, while we can't draw any conclusions from this, an old comScore press release shows that before becoming VP in charge of Sears' tracking program, Rob [Harles] was the senior vice president for comScore - the creator of the Sears spyware and the registrants of the domains to which the Sears spyware data is sent.

You might want to look here for more details on the procedure, but yes, it involves cookies. I would guess that if you clear cookies from your browser before buying online, you are pretty much protected against having your name (through your facebook ID) associated with your purchase information, if I understood TFA correctly.

CA received a statement from Facebook following their blog entries, which speaks to the use of this data.

The problem is that Facebook is lying about it, and doing so repeatedly.

1. Zuckerberg led the press and advertisers to believe that Beacon would be opt-in (it would publish only with the user's consent) but launched Beacon as an opt-out feature (it published without the user's consent).
2. Both the original design and the current design of Beacon announce to the user that a story is being sent to their profile. They do not present themselves as a choice; they do not ask for consent; they present themselves as a notification that something is already occurring.
3. Even though the new design is "opt-in", the notification has only one clearly emphasized button: "Okay". A design that offered a true choice would offer two equally clear buttons (e.g. "Publish" and "Cancel"). Again, the design is crafted to give users the impression that they have no choice.
4. Facebook collects information about its users' activities on other sites through Beacon despite public statements to the opposite. According to Stefan Berteau, Facebook does this even when you are logged out and even when no notification is displayed.
5. Facebook did not give its users reasonable advance notification that it would start publishing information about their activities on other sites. It just went ahead and did it. And Facebook is still not being upfront about the fact that it is collecting this information.
6. Facebook continues to refuse to let users just turn off Beacon. Instead users have to individually refuse Beacon for each partner site, and they cannot do this in advance; they can only do it at the moment a partner site is about to publish a story on Facebook. Again, they are clearly trying to maintain as many obstacles as possible for users who simply don't want this information shared.
7. Facebook's official response is disingenuous and insulting. The problem is not that Beacon "can be kind of confusing"; it is obviously designed to mislead. Facebook's Paul Janzer wrote:

   While we know "global opt-out" seems like the easiest solution, we believe that if we provide you with full control over your information, you and your friends can get the full benefit of sharing information and connecting on Facebook.

   Of course, if they really wanted to provide users "full control over [their] information" they would let users turn Beacon off.

From microsofts own webiste.
List of know applications that service pack 2 broke
Untest updates are always bad for business.

OL Toolbar 1.13.2 AOL 32-bit and 64-bit (NX) http://www.aol.com/ The Information Bar blocks access to the tool's edit boxes.
PhotoShop CS 8.0 Adobe 64-bit (NX) http://www.adobe.com/products/photoshop/main.html Program installs, but will not start.
BlackICE 3.6 crj Internet Security Systems 64-bit (NX) http://www.iss.net/ When you use this program, you may receive a Stop error that causes the program to quit.
BootSkin All Stardock 32-bit and 64-bit (NX) http://www.stardock.com/ When you restart your computer during the Windows XP SP2 Setup program, a Stop error occurs. For more information, see the following Microsoft Knowledge Base article: http://support.microsoft.com/default.aspx?scid=kb;%5Bln%5D;873159.
Command Antivirus 4.9 Authentium 32-bit and 64-bit (NX) http://www.authentium.com/ This program does not start.
Encyclopedia Britannica 2000 Deluxe 1 Encyclopedia Britannica 32-bit and 64-bit (NX) http://www.britannica.com/ Java rendering does not function after you install this program.
eTrust EZ Armor 1 Computer Associates 64-bit (NX) http://www.ca.com/ The EZ Firewall part of this program generates a Stop error during installation.
Freedom Force 1 Electronic Arts 32-bit and 64-bit (NX) http://www.ea.com/ When you start the program, a message appears that points you to the following EA Web site: http://techsupport.ea.com./
Kaspersky Anti-Virus (German) 4.5 and 5.0 Kaspersky Labs 64-bit (NX) http://www.kaspersky.com/ Real-Time scanning does not work in version 4.5 or 5.0. The vendor's Web site has available product updates that are designed to address this issue.
Live Motion 1 Adobe 32-bit and 64-bit (NX) http://www.adobe.com/ This program displays various errors that prevent typical operation.
MapSend DirectRoute 1.0 Magellan 32-bit and 64-bit (NX) http://www.magellangps.com/ When you start the program, a message appears that points you to the following Web site: http://www.magellangps.com/en/support.
MPEGcraft DVD All Canopus 32-bit and 64-bit (NX) When you try to save an MPEG file, you receive a "Failed to Edit" error, and the file cannot be saved.
NBA LIVE 2000 1 Electronic Arts 32-bit and 64-bit (NX) http://www.ea.com/ This program does not start in certain systems.
NOD32 for Microsoft Windows 2.000.11 Eset 64-bit (NX) http://www.eset.com/ When this program is started on an AMD64-based computer, all network connectivity is lost. To resolve this issue, upgrade to NOD32 version 2.12.2 or higher.
Norman Personal Firewall 1.4 Norman 32-bit and 64-bit (NX) http://www.norman.com/ Norman Personal Firewall Assistant will not start.
Norman Personal Firewall 1.4 Norman 64-bit (NX) After this program installs and restarts, the desktop does not load correctly
Norton AntiVirus 2003 Symantec 32-bit and 64-bit (NX) http://www.symantec.com/ At system startup, Scheduled Tasks in Norton AntiVir

CA has a very good product for backup (CA ARCserve Backup - http://ca.com/us/products/product.aspx?ID=263). Take a peek - it might suit your needs.

1. Trend Micro's OfficeScan -- http://housecall.trendmicro.com/ 2. ArcServ -- http://ca.com/us/products/product.aspx?ID=4536 Trend has done some great work: 1. Sponsor HiJackThis 2. OfficeScan uses less resources than SAV(.exe(Trend) vs Rtvscan.exe(Symantec); .exe wins!) We used to use both of these products.

This has been enough of a problem for the Nmap Security Scanner that we warn about McAfee specifically and suggest better alternatives on the Nmap Download Page (See the Windows section). More details about the problems we've encountered are posted here. I've spoken with McAfee executives at conferences and they say they want to fix the problem, but then it just gets lost in their bureaucracy. Sigh.

Also, it is annoying when free software gets wrongly listed on spyware databases. For example, check out the "Spyware Encyclopedia" entry on Nmap, which says "NMap belongs to the Port Scanner spyware category. It's[SIC] presense[SIC] means that your computer is infected with malicious software and is insecure." WTF? Similarly, Nmap has an entry in the "CA Spyware Information Center". If they want to warn about Nmap because it can be used for network discovery, fine. But it shouldn't be called spyware, adware, or anything like that.

-Fyodor
Insecure.Org

Zango is adware that displays pop-up/pop-under advertisements

http://www3.ca.com/securityadvisor/pest/pest.aspx? id=453094136

So what?

Yep you can order the Oracle 10g posters from CA here:
http://www3.ca.com/solutions/Collateral.aspx?CID=3 4584&ID=2851

Pretty lame though considering when using Firefox/Mozilla reading Oracle online doco is far quicker than scanning a poster! and up to date too.

I know you only listed three choices but I recently downloaded a free, resident version of Computer Associates http://ca.com/ virus software and it is working well for me. When I downloaded it I was given a free, one year subscription to the AV software. I just did a quick check of the site and couldn't find the link. If I didn't have to go to work I'd do a better job of looking, but y'all should be able to find it if it's still there.

I agree with you, unfortunately, you will probably get flamed to hell because you said that Windows too can be secure. Its sad, so many people call us Windows fanboys, when in fact, all the people doing the flaming are just Linux fanboys themselves and don't want to acknowledge they too can be wrong from time to time. I have only had one virus in my life of computers. Just one. I run E-Trust EZ-Antivirus from Computer Associates http://www.ca.com/. Its great, cheap and updates every time you turn your computer on. And there are always daily updates. I run a router with the firewall enabled. It works great and I even have several ports open for specific software titles I use. If you know where to and not to go, you will have a good computing experience. I can't remember the last time I had an issue with my desktop and it runs 24/7 running a Team Speak server and soon to be a FTP repository for me and a few select others to use.

It never went away. We're currently working on a big project with over 100 people using Cool:Gen (i think its called Allfusion:Gen nowadays). Its a 4th generation language that doesnt require much knowledge of mainframes or any knowledge of cobol. Most of our programmers (im not a programmer though) dont know a line of cobol yet they do code for mainframe. Debugging and tracing can be done without cobol knowledge too. See http://www3.ca.com/solutions/Product.aspx?ID=256 (disclaimer: i do not work for Computer Associates)

The issue you highlight is one of implementation of a practice, not within the practice itself. ITIL-based Service Management practices bring a high degree of process management and process maturity to an IT organization when implemented correctly. I would strongly caution against denegrating a product or practice when in actuality the problems lie elsewhere.

Also note that ITIL bills itself as a best-practice theory; think of it as the "logical" structure, not necessarily the "physical" structure. There are plenty of large IT companies that can work with your organization on successfully implementing an ITIL-based service management process framework, along with sophisticated products to back their processes up; Computer Associates (now CA) and IBM are two of the most prominent ones that come to mind.

We've decided to 'implement' Computer Associates ServiceDesk.
Do. Not. Use. This. Product.
Go to http://www.bestpractical.com, download RT3 and ask them about support if you need it.

We have a penalty for blatant ignorance. This results in a two year internet privilege suspension and an additional beating around the ears with an Internet for Total Fucking Dummies book. PLease step away from the keyboard and assume the position!

Symantec Antivirus Center
Computer Associates Virus Information Center"
McAfee Virus Library
Kaspersky Virus Encyclopedia
Panda Software Virus Encyclopedia
Sophos virus analyses
BitDefender Virus Encyclopedia

For those that will argue that these search engines do not behave as the article requested; it is simply a matter of searching for the right symptoms. If you accurately describe the behavior of the virus, all of these search engines give you the answer.

The fact of the matter is that the very best solution is simply to use a commercial antivirus solution. If you are infected with a 0hour virus, simply wait an hour and run the update utility. Such a product will at least see the virus and tell you its name, even if it is unable to clean it. Worst case you have to use a bootable CD-ROM OS to catch/clean it.

What isn't mentioned is that this would probably ruin many small businesses who depend on open-source software because they can't afford large expensive distributions such as Oracle

Yeah, because no other similiar solutions exists. Right?

Wouldn't oracle mode firebird or maxdb or ingres be a bigger threat to oracle them mysql?

What would killing mysql accomplish when ther are a plethora of great open source databases that are fully transactional, full featured and proven in some of the largest companies in the world?

On top of which, they are offering a service which can be obtained for free. AVG do a free edition of their anti-virus which updates itself with new signatures automatically, or you can just go here and scan your computer online.

Add to that the fact that the majority of PC's are sold with AV software pre-installed, so who is going to buy this nonsense? Furthermore are they likely to find themselves in trouble for this implied conflict of interest?

Thanks for the heads up - looks like an interesting product. For some reason, I just have a mental block about CA.

I find their price schedule pretty funny, though. The difference between their "Enterprise Maintenance" and "Value Maintenance" support packages appears to be that the first gets you 24x7 phone support, while the second only gives you 12x5. How much do you have to pay to get the additional 108 hours of weekly coverage? Two dollars.

You've forgotten Computer Associates eTrust Antivirus . It's available for Windows, OSX and Linux. We're using it at work. I believe the trial version keeps on working on the Mac after the trial period ends.

http://stj.msn.com/br/om/js/s_code.js
thats actually flagged by anti-spyware programs as a threat
you know ?, from the same company that was involved in the verisign wildcard redirect webbug, and you think Doubleclick is bad,

and they want you to bookmark their site ? , iam more likely to add them to the firewall, the thing isnt even finished yet and already Microsoft want to track and bug your everymove as if cross site cookie exploits are not enough.

Trust is a bitch to regain, anything to do with MSN is a privacy and security risk (see where msie goes to first (only once) after a fresh install on windows) and should be treated with same contempt as they have for you

anything MS do on the web is cold, hence they "dont get it"

--$

Computer Associates does. As does Microsoft Defender. I couldnt find anything about Lavasoft. Also I didnt see anything on Symantec, other than that Sony is an OEM partner

Have you ever run Linux? Or OSX? While running these operating systems, have you ever received any spyware? If so, please list the name of the said spyware program, along with a link to an information resource about said spyware. If you can't find one, I'd be glad to list information resources that contain such information for Windows:

Spyware Guide
Spyware Encyclopedia
Spyware Database

Each of these contains thousands of listed spyware programs for Windows. Considering Linux and OSX are the next most popular OSes after Windows, why wouldn't hackers be motivated to write spyware or viruses? The source code is open source, after all.

A good source of tips could be asking CA employees about recent events. IMO CA excels at laying off / firing many competent people and keeping the chaff (yes, I worked there and no, I wasn't fired or laid off, I got out before they figured out I wasn't chaff :P )

A good source of tips could be asking CA employees about recent events. IMO CA excels at laying off / firing many competent people and keeping the chaff (yes, I worked there and no, I wasn't fired or laid off, I got out before they figured out I wasn't chaff :P )

It is not hard to detect the Sony/XCP rootkit using a simple script. Even in its cloaked state, several telltale signs peek through. For example, it only hides keys that start with $sys$ and Windows requires a few keys where that string is not at the start of the key. One of these is LEGACY_$sys$drmserver. See the CA writeup for details on the keys and where to find them.

Well, there's editing the registry, or installing something like TweakUI. Those are really the only ways to disable autorun. You CAN disable autoplay in the CDROM properties dialog, but that's not the same thing.
In order to disable autorun, "editing of the windows registry is necessary."

http://opensrcd.ca.com/opensource/OpenDLM/Advantag e%20Ingres%20r3%20ClusterConfiguration.pdf

will it show up as "Sony.CDcopyprotection.malware"?

Close... it's described as XCP.Sony.Rootkit on the Computer Associates website, who have classified it as a trojan. I approve... Let's hope some major vendors catch on soon.

from the link:

Reasons For Retention
Installs without user permission, presenting only a vague and misleading EULA
Changes system configuration without user permission at time of change.
Defends against removal of, or changes to, its components
Silently modifies other programs' information or website content as displayed.
Includes mechanisms to thwart removal by security or anti-spyware products.
Cannot be uninstalled by Windows Add/Remove Programs and no uninstaller is provided with application.

Pestpatrol ad/spyware remover now detects and removes sony's DRM rootkit hats off to eTrust for that.

(Note - some content cross posted from the recent MSSQL2005 posting I made)

I take issue with the number of tools.

Postgresql has a great variety of tools, both OSS and commercial that work great. I've been working on an updated list of all the tools. Here are a few of the most popular admin tools:

PGadminIII
http://www.sqlmanager.net/products/postgresql/mana ger [sqlmanager.net]

DBvisualizer
http://www.minq.se/products/dbvis/ [www.minq.se]

EMS Postgresql Manager
http://www.sqlmanager.net/products/postgresql/mana ger [sqlmanager.net]

PHPpgadmin
http://sourceforge.net/projects/phppgadmin [sourceforge.net]

Sybase Power Designer
http://www.sybase.com/products/enterprisemodeling/ powerdesigner [sybase.com]

ERWIN data modeller
http://www3.ca.com/Solutions/Product.asp?ID=260 [ca.com]

CASE Studio 2
http://www.casestudio.com/enu/default.aspx [casestudio.com]

Postgresql has a vibrant tool community. If you want more info on Postgresql tools see
http://techdocs.postgresql.org/v2/Guides/PostgreSQ L%20GUI%20Tools/document_view [postgresql.org]