Domain: computercops.biz
Stories and comments across the archive that link to computercops.biz.
Comments · 13
-
Firefox drive wiping bug took one year to fix?
Recently I learned of a bug in Windows Firefox versions prior to 1.01 which was fixed in this version. This bug wipes user's hard disks. I've located 15 users who've suffered from this bug.
Why did it take over *one year* to fix this serious bug?
http://forums.mozillazine.org/viewtopic.php?t=2257 31
The bug only occurs when a user uninstalls Firefox. A user who uninstalls version 1.0 to prepare for installing version 1.01 is vulnerable. Why has the Firefox homepage not been updated to warn all users about this fact, and to offer a safe remedy?
At least 15 people reported the bug. Assuming that 5% of victims would post publicly about it, this would leave around 300 actual victims. Even 5% is probably too high; a 1% estimate would leave around 1,500 total victims. Since the bug only occurs when Firefox is uninstalled, many hundreds or perhaps even thousands of potential future victims exist.
The bug was reported in bugzilla and discussed without fixing for over *one year*. At one point a developer didn't remove the dangerous code because he said "This is not an acceptable solution to force on all users because some people make bad assumptions and then don't read dialogs." Is Firefox truly ready for "the masses" when developers maintain this sort of attitude towards users?
(copy, remove spaces, and paste bugzilla links since they won't work from Slashdot)
Original bugzilla bug:
https://bugzilla.mozilla.org/show_bug.cgi?id =23362 5
Firefox advocate ivanii attempts to raise concern about this bug (10/07/2004)
http://www.spreadfirefox.com/?q=node/view/2808
Here's links to a few people who suffered from this bug:
1.http://computercops.biz/postp82180.html
Thu Feb 12, 2004
"Using the Firefox uninstaller has deleted almost everything in the Program Files directory..."
2.http://www.terryfrazier.com/1391
10/5/2004
"What idiot writes an uninstall routine that wipes out everything in the parent folder?!"
"This is not some minor issue. This is a show stopper. I mean, damn!"
"..every last vestige of that vile firefox has been eradicated from my registry. "
3.http://sillydog.org/forum/viewtopic.php?p=4062 6
04 Aug, 2004
"After un install Firefox lost all ,MBX Eudora mail files"
4.http://forums.mozillazine.org/viewtopic. php?t=64 871&sid=2d93836acbfea243769078b48c3eff90
2004-03-28
Also posted on Bugzilla as user "Cy"
"This is not a minor inconvience. This is CARNAGE!!! Uninstalling a browser and ending up wiping out almost your entire hard drive."
"This is ruining mozilla's reputation. I now have a distrust of any win installer release by mozilla"
5.rajarajan.sampath final bugzilla victim to post.
2005-02-04
"The uninstaller wiped off, 2/3rd of my programs. This shouldnt be the case, no matter what."
6. Thomas Passin (original buzilla poster)
2004-02-09
"This is DANGEROUS."
7.https://bugzilla.mozilla.org/show_bug.cgi?id=2 42 118
2004-04-29
"...I uninstaled the whole directory "E:/Program Files"!! It wasn't very nice for me..."
8. https://bugzilla.mozilla.org/show_bug.cgi?id=26969 9
2004-11-13
"All my backups and irreplaceble files are now lost.....Thank you for making a shitty uninstaller....i fucking hate you now"
9.https://bugzilla.mozilla.org/show_bug.cgi?id=2 71 805
2004-11-25
"Firefox will deleted all my other program in c:\program files. very unlucky,I did it!!"
10. https://bugzil -
Account of iSearch malware/spyware damage
Here is a frightening account of iSearch's damage to someone's computer: click here. "Spyware" is too innocuous a term for this. It's not a spy: it is a file assassin.
-
Re:Well...
i know what you're talking about, i suppose i didn't make it clear though.
anyway, i can bypass both those screens in sp2. it was reported as a bug and is now mentioned as a way to run things for distributers. Reportedly, there is no accept screen at all, and the activex is allowed to run.
I have not tested this but it's coverage suggests that activex can run without permission thanks to this. A lot worse than "just clicking yes" if true.
-
Something no one else has mentioned yet-
Definetly, DEFINETLY try all of the above mentioned things first and as directed AND THEN if you *STILL* can't get it off (and are sick of my all caps), THEN:
1)Select one of the following spyware removal discussion boards
http://www.wilderssecurity.com/
http://forums.spywareinfo.com/
http://forums.net-integration.net/
http://www.computercops.biz/forums.html
2)READ THEIR FAQS THOUROUGHLY
3)Create an account and post your story along with supporting documents outlined in their FAQ to their board.
4)Wait patiently and a real life antiscumware security expert will help you.
The people on those forums hate scumware more then anyone and devote their spare time to helping rid the world of it. They have created custom tools to remove almost all kinds of spyware and with your help will diagnose your particular infection and send you the proper tools to get rid of it.
These guys are the best so treat them with respect: do your own spyware scans before you bother them. But I think in your case you are qualified to talk to them now :)
Good luck! -
Proxomitron baby
This sounds like a job for the Proxomitron. All we need is someone who knows about these things to write a suitable site-specific filter, and it'll all be automatically 'fixed' for us. I'm sure there's plenty of people here who, with a few minutes thought, could post working code for us to paste into our filter files.
-
Computer Cops
Check this out. Computercops is a site which can answer most of your questions, plus there are utilities writeen for almost every kind of spyware removal.
-
The solution to every web problem in WindowsLayers of protection.
Base: An up to date host file. This can probably block 95% of web nasties, regardless of source, yet is overlooked by most people.
Second: Proxomitron. The second browser-independent tool, it's a relatively little-known local proxy that filters the crap (including more ads than virtually every other solution) from a webpage before feeding it to your browser. Also handily removes most of the ActiveX and Javascript that causes these exploits. I simply cannot recommend it enough. In addition, it's fully configurable, and there are plenty of people out there who will write custom filters to get rid of any sort of ad that slips through.
Third: Firefox. I hesitate to suggest Opera because I don't feel it's as high a quality a product, and is closed-source, meaning it could be almost as susceptible to this stuff as Internet Explorer, should the bad guys aim their sights on it.
Fourth: In-browser plugins such as Adblock, which probably won't do much to stop this particular problem, but are nice to have around regardless. -
How Long?
Okay so how long before someone writes a malicious virus/trojan/spyware and sends it to everyone? *sigh* What is it with these programmers that they become so disgruntled that they write malicious code, anyway? I've just been spending the last few days cleaning off my wife's computer after some really nasty spyware got lodged on it; you know the Golden Palace Casino? Well they had dug themselves into her computer pretty much like a tick sucking on the last living thing in all of Texas! There should be some vigilante justice against anyone who would code something malicious, if you ask me. Sadly all we do is remove it and wait till the next batch...
:-(
Not even Ad Aware could clean what they put on... I think I finally cleaned it, thankfully, but what a pain in the arse. -
Re:Small Issues
Have you checked to see if it's piggy-backing on any extensions? Check in registry editor under HKEY_CLASSES_ROOT and look under
.com and .exe. This link will help you out too. A simple google search brought that up. If you do a search for "shim.exe" on google it finds shim.exe with variable words in front of shim.exe. The program may be duplicating and rewriting itself just like a virus. This this, and this might help too. Of course this site and this site will always help. -
Facts about the law-firm Newman and NewmanDerek Newman of Newman and Newman is a real slimy lawyer and is well known in Seattle. He previously represented Seattle porn king Seth Warshavsky
For the last couple of years his specialty has been defending spammers against the WA spam law, including setting up corporate structures to avoid liability for spam, as shown when one his clients was sued by Microsoft.
Newman also represents SpamArrest, the Seattle spamming anti-spam company.
Basically Newman and Newman chases any dot com ambulance they can find. Their track record however is remarkably poor, and if you look at the record of their spam cases they have lost almost all of them.
-
Re:AIM
Funny I was just looking that up for a friend.
This is not MyDoom.
This link may help.
Check that out, may help. -
Obligatory Opera comment
I must say I am impressed... I had never thought Opera would be eclipsed in cool features, but there it is. Many of these things Opera should be doing right now.
Workspaces, for example. Opera has an integrated system for easily saving and restoring web sessions, and even features an undo for closing windows (yay!). But this feature is buried in a menu somewhere, requires an open / save dialog box, and generally could be a lot more intuitive. Despite having been in several iterations of the browser, few people have found it.
Site-specific preferences. People have wanted this for a long time now, and I'm glad to see someone is implementing it. Pity it wasn't Opera. Opera supports preference sets, and many of them contain site-specific information, but in no way can all preferences be set on a site-specific basis. From the description it sounds like you could, for example, set your Slashdot home page to be your user page. I may be reading this wrong... only February will tell.
Adding searches... This is just plain cool. While opera allows you to use one of many pre-defined searches through a variety of means (including typing "g " + subject into the address bar), adding any search would be a powerful and useful ability. Of course, Opera's more flexible interface would have to find ways to deal with this (an individual search bar? the agregate search bar? the address search method?), but it shouldn't be too difficult.
Sharing bookmarks on a LAN is both great and troublesome. How do you implement this easily and quickly in a Windows environment without Rendezvous?
Tabs aren't as big of a deal, honestly. Usually either you have few enough pages open that you can keep track of them by name, or you have so many open that thumbnails would be too cumbersome to use.
I've always been envious of OmniWeb's History Search ability, website update notifications, and inline spell checker. That latter is being addressed in opera 7.5, along with a few nifty other features. While I will continue to use Opera, not the least of which because I have a PC, OmniWeb appears to be shaping up to quite the must-have app. OmniWeb was originally slated to ship as the default browers for OSX. Now it looks like that was a great idea. -
What I run when I have to use Windows
Mozilla Firebird
Proxomitron filtering proxy
WinKey Killer (Other free apps on this somewhat dated site)
IrfanView
SysInternals monitoring apps
Other have already mentioned Cygwin, AVG, Anti-Vir and Ad-Aware. Still use an older version of Kerio Personal Firewall before it became shareware.