Slashdot Mirror
Visual Studio .Net: Now with more Viruses
News.com breaks the story (and 8000 readers submit) that Microsoft distributed Nimda-infected copies of Visual Studio .Net in Korea. I don't even know what to say here; nothing seems adequate, except to point out that "trustworthy computing" does not seem to have had any effect whatsoever. News.com just updated their story to point out that it probably won't infect the people who installed Visual Studio .Net, but it's still a rather nasty faux pas for a company that's supposed to be cleaning up its act.
Perl is for pussies. Eat this, CLIT.
...of diseases caused by their own viruses.
From:IANAL Lawfirms, on behalf of the Free Software Foundation
Re:Infringement of copyright under terms specified in GNU General Public License
Dear Sir/Madam:
This firm represents the Free Software Foundation of Cambridge, MA. It has come to our attention that your organization is violating copyrights retained by our client through the terms of the GNU General Public License (GPL). The GPL permits developers and companies the ability to freely publish program source code alongside execuatable computer applications. Other developers and companies may use code obtained under terms specified in the GPL to add enhancements or for use in their own programs, provided the program itself is made available under the terms of the GPL.
It has come to our attention that numerous computer applications (listed below) developed and distributed by your organization, Microsoft Corporation of Redmond, WA, is in violation of copyright and the GPL through the use of GPL licensed code developed and distributed by the Free Software Foundation. Specific violations are listed below.
Under terms of the GPL and terms listed in United States Copyright Law, this firm demands immediate cease and desist of distribution of the listed programs until the specific violations are removed. Alternatively, publishing of the products on your corporate Internet website, http://www.microsoft.com/, completed to abide by terms of the GPL will be acceptable.
It should be noted this notice is being served to the open and free source software community via the website SlashDot.org for their input into the matter.
Please expect immediate action following notice of this blantant copyright violation and blatant violation of the terms of the GPL.
Sincerely,
Anonymous Coward
Attorney of Intellectual Property and Copyright,
IANAL Lawfirms
Terms of the GNU General Public License: http://www.gnu.org/copyleft/gpl.txt
List of products (non-exhaustive):
List of violations (present in each product listed above):
Did McAfee or Norton give this press release?
--fetch daddy's blue fright wig, i must be handsome when i release my rage
I want lotsa lotsa PENIS! Gimme PENIS! Gimme gimme PENIS!!! PENIS!!!! Lotsa lotsa lotsa PENIS!!! I want PENISES all over me!! I wanna PENIS on my face! I wanna PENIS up my ass!! Stick your PENIS in me and cum all over me!!! Gimme gimme PENIS!!! Big, meaty PENIS! Thick, manly PENIS! PENIS! PENIS!! Yay PPPEEENNNIIISSS!!!
Hey, kid... wanna touch my "kernel patch"?
-- Alan Cox
I mean, come on, anyone ELSE see this as similar to when the Cult of the Dead Cow released Back Oriface 2000 with CIH preinstalled? :)
Seriously, before any of the "OH ITZ M$, THY SUXX!!!1111" posts come out, lets be honest. Any company can make that mistake. It takes a special moron in Quality Assurance to release that one.
I have to ask though... what would YOU do if you were MS in this case?
--- Ãther SPOON!
What's with slashdot today?
On the same day, we have a story about how virus makers hype threats, then they do it themselves!
Every company and computer user in Korea who gets Nimda from Visual Studio should sue. This kind of recklessness by Microsoft is criminal negligence!
The Uncoveror: It's the real news.
"breakable"
:-)
or maybe that doesn't quite say it. Hmmm, what am I trying to get at.
"trivially breakable"
It only infects one file that's never referenced by the system, and there are all sorts of unlikelihoods that prevent this from being executed. Still, bad press is bad press.
If I were MS, I'd buy all 3 computers in Korea and give them new ones.
This sounds like a case for Catbert: 'Evil HR Director.'
Aw, fuck it. Let's go bowling. - The Big Lebowski
If they only had been using a Walmart Lindows box......
The guy who wrote that virus should sue Microsoft for distributing it without his permission. We're talking about theft of intellectual property here!
I'm an American. I love this country and the freedoms that we used to have.
Seriously. Wasn't ms getting angry at that area for it's lax piracy laws? I'm not sure about korea, but think about it. You want to punish software pirates, and local governments don't want you to. What better way than to give them a virus?
And yet they still argue that "theoretically" open source is the bigger security threat.
For the love of God, vote Nader.
Hell, nimda is a better feature than that stupid paperclip thing!
None of your shoddy open-source crap here, no sir!
Carousel is a lie!
I'ts not a virus/spyware.. it's a feature that enhances your web experience.
If Microsoft products weren't filled with bugs, they wouldn't be Microsoft, now would they? Microsoft is supposed to be a source for buggy virus-filled software. If they sanded off all the rough edges, their products would cease being products that I would want to use. Microsoft has been running its company for how many years now? If you don't like their products, don't buy them! Life is too damn short to worry about bugs in Microsoft software!
We're talking about South Korea, not North Korea.
"You probably won't get any viruses from installing our software!"
-Restil
Play with my webcams and lights here
"breakable"
or maybe that doesn't quite say it. Hmmm, what am I trying to get at.
"trivially breakable"
In this case, "broken" is what your looking for.
Well, I was sitting at home the other day, watching Korea tie the US, and I thought, "Y'know, in that stadium there must be 65000 screaming Koreans. At least 10 of them are partially responsible for all of the Nimbda traffic I see and twice that many are responsible for the various Dick Cream spams I get each day." I should have known it had nothing to do with slack ass Korean sysadmins and had everything to do with Redmond. Everytime I fall into that trap, Gates bails me out....
Comparing it to Windows will be a moot point, since El Dorado is going to have a 40% larger code base than XP.
he added, it's almost impossible to get the worm to execute on computers with Visual Studio .Net installed
How did this get infected in the first place?
Why is this under the BillBorg icon, and not the Monty Python "it's funny!" foot?
Windows itself is a virus.
WWJD? JWRTFA!
Oh, when I read this first I thought that Microsoft was distributing the Nimda code as one of thier sample projects. That would be cool, a virus creation wizard. This reminds me of the story a while back about someone modifying a virus to check for security holes so the could be filled.
The "third party" that translated the software into Korean had something to do with the problem.
i bought a computer with a virus on it once, oh what was it called? oh yeah, windows!
I want 2D games back.
South Korea, you ignorant fool! And please, don't ask whether I know Glen from Canada!
Well, at least we can still trust Microsoft on one count...
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Does this mean all the spam I'm getting from kornet.com will also have Nimda attached? Wow...maybe that overpriced antivirus software can now be used as a spam filter too!
We now return to our regularly-scheduled MS flaming, already in progress...
(Yes, this is an attempt at humor. Moderate accordingly.)
All the world's an analog stage, and digital circuits play only bit parts.
What kind of fucktard are you?
Verizon Guy?
Are you getting paid for this?
As my father lik@(munch munch)...
Morons.
Slashdot is rapidly becoming useless with the constant derision it heaps on Microsoft. Let's have more computer news and stuff about FreeBSD and Linux and less "make fun of" news about Microsoft. As if Linux doesn't have it's problems. You might end up like Larry Ellison and his ridiculous "Unbreakable" claims.
Of course, that's a problem with the Linux crowd. Feer of being, and being seen as, professional.
Do we get a copy of nimda if we click through?
I don't even know what to say here;
Wow..that hasn't stopped you before, michael. You've put your foot in your mouth using less facts than this.
Can you possibly keep this up and not inject your unasked-for, idiotic, and unhelpful comments?
SIG:Slashdot: indymedia for nerds.
According to the Article, it appears that "Microsoft's flagship developer tools picked up the digital pest when a third-party company translated the program into Korean...".
Ultimately it was MS's responsibility to verify they did not shit in their own bed, but how many of us look at every line of code in a distibuted or outsourced project.
Just my $.0199999
If we don't fight for ourselves no one will.
Bwahahahahhahahahahahahahahahahaha! ROFL!
Uhm. How do these twats still have an ounce of credibility? For god sake - that happens to high schools and newbies running Personal Web Server.
loply.com
If you're in the software biz (and serious about it), you ALWAYS scan a new release with anti-virus software before you let it out the door.
ALWAYS.
It's easy, it's prudent and it keeps you from getting nasty PR.
MS isn't the first to get caught this way (in fact, didn't this happen once before?) and it's cheap to learn from someone else's mistakes.
Has anyone ever heard of the following:
Secured Development environment?
Anti-Virus Software??
Don't they run A/V software on the development workstations and servers?
At least an aggressive manual scan before packaging seems a good idea.
Aside from the Trustworthy Computing crap, what does this really say about the industry-wide practice of outsourcing product translations? Anybody who's done software development knows that even the best products give internationalization secondary consideration, but I don't think anybody ever considered how little consideration is given by US companies to the translation and distribution of international versions of software. Perhaps this should serve as a sort of larger wake-up call for all of us.
Mod the parent up.....score +5 Funny. I was the first to find this thing on our servers and I understand why we got.....Microsoft getting it is TOO funny!
Gorkman
I have never seen so many one or two liner post after a slashdot article.
This may be the first time Slashdot readers are left speechless.
-Pete
Soccer Goal Plans
what would YOU do if you were MS in this case?
Hari-kari?
But that's Japan, not Korea.. damn.
Leave out the middleman when it comes to distibuting viruses! Give it straight to your customers!
The revolution will be televised. Blackout restrictions apply.
Could this be some cheap retaliation when MSFT lost the gov't contract to sell their OS and office instead won over by a S.Korean open sourced OS and office app?
it does not spread itself around **automatically** :)
3.243F6A8885A308D313
I only you would bother to even read the story, it would be clear that 3rd party company who translated the software is behind this. Not Microsoft. But who cares though these glasses anyway.
A spokes person from Microsoft was quoted as saying "This is the best chance we have at cleaning up our image."
This is a repost of one of my comments from the MacAfee story. The quotes are from that story: ".... you have to have already been infected by ANOTHER virus..." "They only affect Microsoft Windows. If you aren't running Windows, you are safe. " This speaks for itself....
I do remember some 3-4 years ago Microsoft sending out a notification that some of their, I think, Technet CD's were being sent out with a MS-Word Macro virus on it.
They've submitted a virus with a security patch before
..that the Korean government is investing in linux systems?
Or maybe this is just another sleazy MS retaliation tactic?
The fact that it backfired might just be proof.
OK, someone messed up.. but it isn't as bad as it sounds. First off, it wasn't MS that put the virus in, it was some third party thing they used to convert the language to Korean. However, MS should have at least run virus scan on it before they shipped it. Second, the person running VS.NET would actually have to install IE 5.5 over IE 6 (why would anyone do that) and browse a certain help file in order for it to get infected.
I'm not trying to defend MS. Just pointing out the facts (or at least how they were stated in the article). On one hand it's kind of funny to read through all the quick one-liner jokes about MS (definitely worth a chuckle) but I think MS isn't quite as bad as they're being made out to be.
By the way, anyone know the company that wrote the nimda infected software?
From the article:
"It's extremely unlikely that a developer would ever accidentally get infected by Nimda," said Flores. "They would have to try hard just to run the worm."
So I guess its more like an Easter Egg. I hope this isn't World Cup related.
Microsoft breaks new ground by bundling the virus instead of waiting to be infected by third party virii.
Does the Justice Department know about this yet???
it is called seppuku, or harakiri, you stupe.
please die. fucking americans.
"Contrary to popular belief, UNIX is user friendly. It just happens to be selective on who it makes friendship with"
"And please, don't ask whether I know Glen from Canada"
Although I'm sure they're really, really nice.
Have you ever been to Korea, you moron? Those people are absolute technophiles. They love all of the newest little electronic gadgets. They're not always the highest quality little gadgets, but everybody has them. Koreans are not aborigonees living in a wasteland. They live in big, crowded cities like most of us, except they're usually bigger (the Seoul/Inchon area alone has something obscene like 14 million people) and they have lots more concrete (if you had ever been to Korea, you would know what I am talking about). You need to leave your momma's basement a little more often.
Today's Sesame Street was brought to you by the number e.
If you actually read the article, there are very valid reasons (albeit mistakes) that this happened, and the likelyhood of the virus actually running on the machine is next to none. The Help system wouldn't ever open it.
But hey, this is Slashdot. Let's all miss the relevant parts of the article and just bash "M$"! Yay, fun.
DrPascal: Not the language, the mathematician.
Microsoft's stock seems to have gone up on the news. I actually own stock in Microsoft (though only a half-share), but before you flame me, I'm not investing because I believe in the company, I'm investing because I think it's a good growth stock. I've hedged my portfolio with Sony, so its no big deal. Anyhoo: I just found it interesting that the stock has gone up about a dollar today. I guess most investors don't see this as much of a problem.
Look this hooman:
s c. coffee/index.html
http://www.cnn.com/2002/TECH/science/06/14/cool
HA HA hooman try use afreekinized hunnee bee to pollinate coffeee. Try to tame killer bugs hooman, not work. Not even #1 attack method of bug armee afreekinized hunnee bee. Good soldier hunnee bee, kill manee hooman but not main weppun hunnee bee. Also good reconnosince mishun hunnee bee. Main weppun bug armee classified. #2 weppun bug armee, own beeg braine stoopiditee of hooman. #3 weppun bug armee can't reveel sorree.
Good coffee enjoy wile can hooman. HA HA! Will betray you at end, afreekinized hunnee bee! HA HA! Seek out hooman hunnee bee phermone trail manee steeneeng steengers swarmeeng steengers of afreekinized hunnee bee watch out hooman! Also sense fear hooman hunee bee! Good fear sensor, not escape hooman! Play with fire hooman!!
BUG-SPLAT! @-@
Viral Studio .NET??
I'd say fuck it and watch soccer. GO KOREA!! Thanks for the assist!
Hey jackasses,
Did any of you bother to read the article?
1: Visual Studio will *never* execute the file because it's unrelated to its operations. It's not a help file, it's simply in the help file directory.
2: If someone went into the directory and executed this file themselves, it wouldn't do anything, because IE 6.0 needs to be installed to use it. Furthermore, IE 5.5 SP2 is also immune.
This is certainly embarrassing for Microsoft, but the practical impact of this is absolutely insignificant and totally blown out of proportion by another tabloid Slanderdot headline.
Way to go champs!
Of when the Native Americans were given pox-ridden blankets by the early settlers..
Gee, thanks! [caugh, caugh]
Or maybe it was to get back at Korea for the Speed Skating events during the winter olympics
=)
Blocklevel: Practical Information Architecture
This is just another example of Microsoft trying to bundle everything with windows. Now that they are bundling Nimda, Melissa is going to go right out of business.
the McAfee virus story http://features.slashdot.org/article.pl?sid=02/06/ 14/1343223&mode=nested&tid=166&threshold=3 :))
and we got ourselves a real conspiracy theory
Flores said that under Microsoft's security policy, the company normally scans every file being transferred to the master of a program. But in this case, the company only analyzed files it expected to find. Since the Nimda-infected file had been added by the worm, the company overlooked it.
I would think one might look for something that shouldn't be there when trying to detect a virus. I guess MS has some more "advanced" method that I just can't grasp.
"The Most Fun Possible on 4 wheels" is at SunBuggy in Las Vegas
Then why can't they understand the advanced concept of "open relay" or "security patch". Fuck em' and blackhole them until they learn.
Truly, life indeed imitates art(satire). Microsoft Bundles Worm with IIS .
I only post comments when someone on the internet is wrong.
How would you know they'd fixed IE if they didn't distribute a virus that no longer worked?
...a loud thunderclad was heard in the Redmond regions. Police suspect it was the sound of Mr. Gate's asshole slamming shut.
Is not a prelude to Microsoft marketing a new anti-virus product. A mere $89.99 will buy you the software to get rid of the virus they handed you.
Anyone remember DOS 6.22? It was the pay-for-bugfixes to the almost nonfunctionally screwed up DOS 6.0. Microsoft has done this before.
I think that no snide comment of mine can truly do justice to this phenomenal screw of on Microsoft's part. But we can all try anyways!
42!
"Despite decades of social change, the general perception remains that technical workers, scientists, and engineers are unusually intelligent white men who are socially inept, absent-minded nerds."
By the way, this is just another example of a premature attack by OS zealots. Just as the case of the cross-platform virus discussed previously, the Nimda file is installed as part of the help system, but is never loaded by the help system. As the tounge-in-cheek editorial posted by the illustrious Slashdot editors put it, "Only a complete moron would get infected by this virus." So unless someone in Korea is stupid enough to uninstall IE 6.0 (required for .Net to run), install IE 5.5, and then load the Nimda file, it is unlikely that they will get infected. For every MS goof, there is an equal goof in the OS community. (But we all know people that point that out get modded down....)
Normally reside3nt antivirus software checks only files you try to run. Just some file with a virus lying somewere in the deep directory structure would be fiound only during a massive check up. And even in this cas people almost never check any file whose extention doesn't correspon do ususal virus bearers like .exe or .doc
secret attacks on them there chiphead south koreans?
well i'll be danged if that ain't the most downright American thing i've heard all week!
</bush impersonation>
Bwaaaaaaahaaaaaaahaaaaaaahaaaaahaaaahaaaahaahaha ha hahahah!!
Microsoft. Where do you want to go today? Microsoft is a registered trademark of Microsoft Corporation. All other trademarks are the property of their respective owners. This virus is valuable intellectual property and is protected by copyright law and international treaty. Do not make illegal copies of this virus.
FreeBSD rocks.
... at least now we know MS uses their own product, IIS.
Hate me!
In typical lets bash MS fashion, slashdot doesn't even mention the most important part:
ITS IMPOSSIBLE TO GET THE NIMDA FROM THIS PRODUCT
A lot of posts seem to revolve around "Who cares, it's an inert virus; it could happen to any [multi-billion dollar corporation outsourcing its flagship development product that claims to be working to eliminate any end-user paranoia from its product line]..."
But that's missing the point entirely. Seriously -- Nimda? What's that? People don't care about the statistics or logistics of the virus. No, people are concerned that a *known virus* was able to get into the code. Now ask yourself -- what if it was an unknown virus? What if a disgruntled contractor for the outsourced company snuck a new trojan horse in there? One that puts your MS Passport login info as a MIME header on whatever version of MSIE you're running?
This is a PR disaster of incredible proportions because it shows how naked the emperor still is, despite hiring new tailors.
Don't get me wrong, I make a lot of money off of writing Microsoft code. But the simple fact of the matter is that they're (supposed to be) going for "Trust" but their current habits are still hanging on "Hope".
Now, instead of meaning it ships with no viruses, it means they include them at no extra charge!
Open Source IS a bigger threaat. Imagine Microsoft distributing the virus with a well-commented source code!
But a third party company screwed this baby up in transition, not M$. Using this as a "M$-is-so-evil/incompetent" story is pretty inappropriate.
There's many, many other reasons to dislike Microsoft. Taking one out of context only strengthen's Microsoft's hand and makes those who oppose Microsoft look petty.
"The Sage treasures Unity and measures all things by it" - Lao Tzu
It also plans to send clean copies of the program to every registered customer free of charge and is attempting to contact developers who may have bought the product but not registered it.
Its not our fault...he never sent us his personal information and registered his product. Oh well, he'll learn for next time.
Thus releasing this article may help them sell their AV software...
Anything stupid coming from Micro$hit anymore, does not surprise me...
They suck and always will...
"Look where we worship" -- Jim Morrison
Nimda is not a security fopah, rather a remote administration feature soon to replace terminal server. I am disgusted that a "News for Nerds" site, would not recognize such remarkable innovation!
Awesome!
And yet MS stock was still up $0.41 at last check. Even with the Nasdaq dropping.
It's hard to tell the cool to chill, my favorite hotel room has a view to an ill.
Looks like that new development shutdown up there to clean stuff up and beef up security was really well spent.
And adds extra value to the software. This experience is very different from ejoying all those bugs.
That's what MS would say. Those slant-eye bastards could never do anything right. We, MS could never make such a mistake. Well unless we bet on the U.S beating Korea! ;-P
Someone should write a book called:
101 reasons to not use Windows
And in other news, an Pakistani foreign national was detained in New York City today for what officials are calling "a suspected case of viral bioterrorism". The man, Rumollea Abdula Jabala, 30, was reported to be "coughing and sneezing", and "blowing his nose" by onlookers, who promptly called officials to report the situation.
Jabala, who came to America on a work Visa, denies official reports that he deliberately caught the flu to infect persons in the USA whom he would come in contact with.
Jabala is currently being held in a city hospital, under armed guard, until officials can verify any terrorist links.
They're worried about the viral nature of the GPL?
Move on. There's nothing to see here.
is code considered funny. although i'm not entirely sure what program has nnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn nnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn nnnnnnnnnnHahahahahahah hahahahah hahhahahhaha heeheeeheeehee aaahahahhhhh in it
I wouldn't say that the Trustworthy initiatiave failed, but this will hopefully teach MS the number one lesson in security and viruslessness - trust no one. In the end, my email system is only as virus free as yours. If you are infected by Klez/nimda/... you still harass my bandwidth and my procmail filters. I'm just not dumb enough to run that .exe that h0t_ch1x@hotmail.com just sent me.
Just because MS code and systems are "secure" and "virus-free", as soon as they hand the code off to someone else, the code is only as virus free as their system is.
To read makes our speaking English good. - X. Harris
Are the Koreans legally obliged to donate them *with* the Nimda since it would "go a long way to help an organization get that computer into use with minimal expended resources."
It sure would help the receiver to get the computer into use: use into sending out viruses...
That's a low-rent way on fighting software piracy!
-jc
Open Source IS a bigger threaat. Imagine Microsoft distributing the virus with a well-commented source code!
Your a joke get a brain!
It wasn't Nimba but a JPG image of Nimba. Of course the virus only works after you log on using Passport.
-W.
``Microsoft distributed Nimda-infected copies of Visual Studio''
d igitallifestyles/gizmo/g4_cube/)
So...what's new here? This is just another update to that well-known and widespread virus that turns computers into toaster ovens. http://www.xbill.org/
and have fun! Sometimes it makes me wonder if this is a hint that we should all switch to Macs (http://netscape.digitallivingtoday.com/netscape/
Please correct me if I got my facts wrong.
It kind of makes you wonder exactly how much useless crap gets shipped. This was an older virus, so that's why this is so public; but how many stray files are just ignored? Isn't there some type of accounting procedure that should be run before you ship a package like that?
And it will run on any platform too. :)
/*drunk.. fix later*/
Although I'm sure they're really, really nice.
Actually Glen is dead.
Windows without viruses? Ahhh, you mean linux
Now all we need to do is find a way to slip a GPL-ed file onto a Microsoft CD the same way this virus got there.
They could clearly argue that the file was NOT part of their distribution, and therefore the product does not have to have source released under the GPL. But I'll bet until they finally came to that conclusion, there'd be a TON of Brownian motion in Redmond on the part of execs and lawyers.
So before someone actually does this, the need to let the alternative energy people know, so the heat source can be tapped.
The living have better things to do than to continue hating the dead.
The latest release of Nimda has been infected with the Visual Studio.NET virus.
Just because it is almost impossible to trigger this virus and just because the guy who pulled the trigger is "only" a microsoft contractor is no reason NOT to be upset that MS once again played this game with their customers.
This is NOT a no blood/no foul scenario!
Why don't they close the open proxies that ever spammer and his dog is abusing, if they are so tech oriented?
Michael Loves Me!
Well, god forbid we should put too much pressure on the company that produces the vast majority of PC OSes. Particularly a company that has recently been bragging about it's new high-security policy.
Are you actually suggesting that there's too much criticism of Microsoft's security practices in the world? A Slashdot 10 times as rabid couldn't begin to bring consumer concern to the levels it should be at.
Billions of dollars in the bank and not one copy of Microsoft Antivirus? :)
So, which AV vendor does M$ use?
I did realize it was a joke. I think, though, that before you make a joke at the expense of an entire culture that is proud, ancient and sensitive, you would do well to know that it has at least the smallest kernel of truth (for example, if you had made a joke about the disks getting copied all over the country, it would have been funny). Also, yes, I did the exact same thing by lumping you with the 31337 skr1p7 k1dd33z that live in their mothers' basements, when in fact I know nothing about you, and yes, I did it on purpose, and yes, I wrote my comment right off the cuff because I was irritated, and yes, the word "moron" was calculated to incite anger, so my comment should be properly be modded as flamebait. Still, though, I think the joke was about as fair and as funny as making a joke about how dispassionate Linux users are about their OS of choice.
Today's Sesame Street was brought to you by the number e.
See here for details.
Nope, no sig
When I read this article, the banner ad was for Microsoft Visual Studio .NET.
/.
It's that kind of policy that keeps me reading
~~~
Microsoft's agent that put the virus in is the culprit here, and the risk, as news.com pointed out, is low.
--
Ask the Ya-Hoot Oracle Anything!
Stuff like this is bad for everyone. This was obviosly sabotage (just like most of their bugs) Flaming them just encourages more Gates-haters to do shît like this. I think most M$-haters would actually like M$ products if they didn't come from Microsoft. Most peoples' hatred is based on ignorance and brainwashing - like this artical does (if it comes from M$, it must be bad). I'de love for M$ to do a test, and secretly release some software (Open-spurce of course) without letting anyone know that it was developed by M$.
Clear one point for me: which of the two pieces of software (vs.net and nimda) is the virus here? ;)
--
sig is out enjoying the sun
Tech Oriented has nothing to do with Tech Savvy.
It's just like here in North America. A lot of people have the latest, greatest DVD/VCD/CD-I/MP3 players at home. I'm sure several of 'em are 12:00 flashers, tho.
More than one virus != viruses
Virii, people, virii.
if(!toilet_paper) roll.replace(new roll);
I didn't say they were particularly good at technology, just that they really like it.
Today's Sesame Street was brought to you by the number e.
h0h0h0 this h0h0h0 story h0h0h0 cracks h0h0h0 my h0h0h0 shit h0h0h0 up h0h0h0
He used to work with me... Nice guy, except he had this funny way of saying "out and about"
If you ignore the other uses of a tool, does that make the tool less useful, or you less useful?
If GM includes defective 3rd-party gas tanks and brake-pads in their vehicles, will you absolve them from blame? The sad thing was that this wasn't even a very subtle flaw. Microsoft could easily have found it with a slightly more robust virus checking process.
"Trustworthy computing" means that your 3rd party suppliers are going to have to go through the wringer, too. Otherwise the phrase has no meaning, and there's nothing at all wrong with making this point.
Except when they switch to daylight savings time, then they flash 11:00.
Michael Loves Me!
True. And everyone there has broadband. They are way ahead in that respect.
True. Anyone know how to say 'Shut your f-ing proxy' in Korean? (Or any asian language) I am on the virge of just nulling all of asia at the border routers and be done with the whole lot.
Michael Loves Me!
So, Microsoft only scans the files they expect to be part of the install but they ship all the files anyway. While there is no way from the outside to prove or disprove this statement, I think it's odd they aren't consistent in which files they choose to scan and which they choose to ship. A decent process would use a consistent way to manage it.
At a minimum, I find this an example of the sloppy techniques I see all over the industry. Of course, sloppiness is one of the reasons that all these viruses keep finding new ways to infect software so I think it's a pretty big slap in the face for MS's Trustworthy Computing program.
Be grateful. It's soothing to know that now there's some code in .Net that actually works the way it's supposed to.
That was a joke? I didn't get it. Please explain.
perhaps he should be the verizon really sucks guy.
PHP is the solution of choice for relaying mysql errors to web users.
It's similar to paying to have a surgery performed, doc does a lousy job (visual studio .lib tax),
shcvisual studio,
charges a ton of money, you have to come back
and redo it in two years (upgrades you didn't ask for), it may leave you dead
any day (didn't pay the
but the icing on the cake is, you also
got a virus for free.
Excellent (in the voice of Monty Burns) Smithers. Excellent!
Per Microsoft http://www.microsoft.com/technet/treeview/default. asp?url=/technet/security/topics/NimdaIE6.asp
If you wanna get rich, you know that payback is a bitch
Comment removed based on user account deletion
"Why don't they close the open proxies that ever spammer and his dog is abusing, if they are so tech oriented?"
Speaking as a Korean, it's just because SPAM tastes so good! (I always keep a can handy in my cupboard for special occasions.) So, we like to share it with others around the world.
Am I kidding about electronic SPAM? Yes. About being Korean? No. About SPAM the "meat".. hmm.. sort of. :)
FIRST TIME REACHING 2nd ROUND IN WORLD CUP HISTORY!! GO KOREA!!
show good commented GPL code moron!
The windows kernel is documented and commented way better and more accurate than the linux kernel.
Run $40 Billion a year software companies with monopolies on the desktop operating environment, have an self-acknowledge history of screwing up security, and a vested interest in ensuring that people begin to think of their products as secure and reliable?
For their own good they should look at every line of code that goes out under their label.
All of this Slashdot rah rah Linux rulz Microsoft sux stuff reminds me of the (C64|Apple II) rulz, (C64|Apple II) sux arguments that 12 year olds used to have back in the day. Are you guys the same people, older but not any more grown up?
There are plenty of pro-Microsoft moderators around here these days, smartass, no need to cry about that.
-------
"Every artist is a cannibal, every poet is a thief."
Couple things to note:
MS has a very good system of preventing viruses (used to be documented in a knowledge base article until someone realized that article said they used UNIX systems because they were impervious to Windows viruses).
What probably happened is that a system was infected before the help files were compiled, and then once they were compiled (rendering the virus intert) the AV software did not pick it up. Once the masters are checksummed, then no one will notice because the subsequent copies have not been tampered with.
Again, the virus is inert. But this is a HUGE publicity blow to Microsoft, so it is a BIG deal.
LedgerSMB: Open source Accounting/ERP
I'm seeing 40-80 probes daily (heh.. intermixed with 40-80 MS SQL port 1433 probes daily), on my firewall at home on a goddam dialup, fer krissakes...
How the hell can *any* company, or *any* subcontractor not be aware of this ongoing problem?
How the hell can any company with any pretensions to "Trustworthy Computing" have let this happen?
Make no mistake (Micro$oft apologists notwithstanding): there is absolutely no excuse for this unparalleled screw-up.
Do these people really think they are so all-powerful as to be immune to this sort of thing, or do they think they are so all-powerful that they just don't need to care?
t_t_b
I'm on PJ's "enemies" list! Are you?
Some of my web pages have pacific keywords, so I've bounced more than my fair share of these to the FTC and other spam and abuse websites.
Sigh.
Friends don't let friends use Holey OS's.
-
--- Will in Seattle - What are you doing to fight the War?
Fuck you and your retarded, fucked up ancient culture.!!
You obviously didn't read the article, you moron. They did run anti-virus software, just in brain dead fasion. According the article MS scans every file for viruses before they're shipped. Unfortunately, they only scan the files that are part of the product. The worm attached itself to a file it had created, so that file was never scanned. A stupid mistake, yes, but you really ought to learn the whole truth, before you go around bashing people.
Something about how Open Source software could have a virus on it?
if we assume that this guy/gal/armadillo/whatever that wrote Nimda would be forced to make financial reparations for the havoc it wreaked, would that amount be greater or less than what he/she/it could collect from Microsoft for suing for theft of intellectual property? It might make financial sense for the author to come forward now...
I think instead of buying lottery tickets, I'm gonna start writing viruses and hoping that MS accidentally ships one...
Denver Isuzu Suzuki
Like maybe someone who thinks that an MCSE is the epitome of fine computing?
Awww, nevermind, MCSE has nothing more to do with computing than RTFM does...
your != you're
Most of the time that MS uses a third-party company, that company screws up. My question is, who exactly is in charge of seeking out and contracting with those companies? Fire him big time.
BillG: "Microsoft Visual Studio .NET: Now with Securi-hancers!"
Windows user: "Finally, a product for me! I believe every word that man just said, because it's exactly what I wanted to hear."
Linux user: "Man, you've been brainwashed."
News.com: "Microsoft developer tool distributed with viral payload."
BillG: "He's making a mockery of the product! You're making a mockery of the product!"
(Linux user): Noooo!! Can you not comprehend that your ignorance will cause me to explode now? Arrgghhh!!!
BillG: "I AM THE KING!"
There is no way it can be stated that it's no big deal when this kind of thing happens. Period. The bottom line here is quality. If this kind of thing gets through, what else can get through? What kind of quality controls are really in place?
Whatever controls ARE in place, apparently they aren't effective or aren't being followed...
Computer Science is Applied Philosophy
your write, thanks four pointing out that
Great! Another Microsoft+virus story, I don't know why I bothered reading comments about this one, as always in these stories the first 20 highest rated stories are more or less obvious jokes about Microsoft and (lack of) security. Could we please have a separate rating system that gives more credit to interesting comments...
Fried SPAM or grilled BBQ'd SPAM is pretty good, actually.
Michael Loves Me!
...M$ includes a really efficient piece of code with their compilers.
You know what they say, bad publicity is still publicity...and all us Linux Zealots are just fueling the fire.
What's even better than SPAM is the high-quality "Run-cheon mit'" (Luncheon meat). The bad romanization doesn't do the name justice, but that stuff was beyond interesting. That's why I always stayed away from imitation American foods in Korea. I much preferred good Korean stuff to bad American stuff -- except Duen Jang Chi Gae (again, sorry for the bad romanization). I never could get a taste for that stuff.
Today's Sesame Street was brought to you by the number e.
'Walah' is spelled 'Voila' :)
If programs would be read like poetry, most programmers would be Vogons.
Well, considering that Windows itself is a virus, I am not surprised........ This is just one more thumbtack in the MS user's cell padding......
Rien n'est plus beau que le creux du 0.
Hate to double-post, but, the blurb currently includes the following text:
Looks like News.com is really to blame here. Since they're sort of a "third party" supplier, should we really hold Slashdot accountable for that website's mistake?It's not not the potential affect of the virus. It's the fact that it's even there.
"Only a complete moron would get infected by this virus."
Yes sir, we know there's a bomb in your car, but don't worry: it's not wired to the engine so it can't hurt you.
The fact that Microsoft could allow its flagship development tool to ship with such a notorious virus is absolutely incomprehensible and humiliating. If I were Balmer I'd be skinning alive those involved with a dull spoon.
Do not spread "09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0" over the internet, thank you.
Now any random fool that forgets to patch or upgrade or whatnot, and manages to pick up Nimbda, can claim they installed .NET and it's all M$'s fault, not their own stupidity.
Microsoft: We screw up so you don't have to.
They...um...made sure that it was a quality worm that went out the door.
Well, have there been any security holes discovered in Nimda? Sounds to me like Microsoft is living up to their promises.
That just cracked me up. I go to slashdot see a .net ad running across the top.. and behold this article was nested in in there.
I just loved seeing this ad splashed acrossHut-Da-Moll
For every MS goof, there is an equal goof in the OS community
I dont pay members of the open source community $500 for a copy of their work. I do pay microsoft. I expect that $500 to buy me what is advertised.
This implies that women wouldn't deal with the problem responsibly.
Next time, please pick a metaphor without sexist connotations. You can get your point across without deriding those who aren't men.
Why is it that every time you look you see somthing anti-Microsoft everey where Just Curious.
Not that I am saying they are perfect but comeon give them a break once in a while.
.. ?
Clippy jokes never get old! HAHAHAHAHA! Ow, my prostate.
It is the secret Microsoft revenge for the Koreans taking first place in their grouping in the World Cup. How dare they make the US look like a second rate soccer team, LAUNCH THE VIRUS!
This sig has been temporarily disconnected or is no longer in service
Now with improved networking support! :)
Ballmer: Damn! Some of those south asian countries have 94% piracy levels!
Bill Borg: (Sarcastically) We may as well ship the virusses right on the installation media.
Bill and Steve look at each other, light dawning
Ballmer: Hey... YEAH!
Bill Borg: Get southeast asia distribution on the phone!
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Any company can make such a mistake but not many of them braggs about there "superior" products and has an illegally obtanied monopoly.
HTTP/1.1 400
Duh? The first time after youve installed the antivirus program you scan every and all files on the machine. Anything being copied or opened will be scanned for viruses so a virus shouldnt be able to lie unfound unless a. the virus is new b. the person installing didnt scan after install. Most AV programs scan the whole disk periodically by default also.
HTTP/1.1 400
Not only has MS done this before, they've done it several times before.
I'm just amazed that it doesn't happen more often.
the no
That'll show those lousy Koreans to pirate MSFT software!
How much you want to bet M$ offers to release "guaranteed" virus-free software in the future provided that Korea cracks down on software piracy?
You see? You see? Your stupid minds! Stupid! Stupid!
Holy crap! Not only is that displaying right, but I can cut and paste it!
If corporations are people, aren't stockholders guilty of slavery?
Published under the TPL (Trolling Public License)
using SystemRoboTroll using System.DrawingRoboTroll using System.CollectionsRoboTroll using System.ComponentModelRoboTroll using System.Windows.FormsRoboTroll using System.DataRoboTroll using System.Data.OleDbRoboTroll using System.Runtime.InteropServicesRoboTroll namespace Slashman { public class MainFrm : System.Windows.Forms.Form { [DllImport("winmm.dll")] public static extern long PlaySound(String lpszname, long hModule, long dwFlags)RoboTroll private string latestStory = ""RoboTroll private string latestStoryDisplay = ""RoboTroll private string latestURL = ""RoboTroll private string latestTime = ""RoboTroll private string lastStory = ""RoboTroll private int selTroll = 1RoboTroll private System.Random rand = new System.Random()RoboTroll private DateTime nextCheck = System.DateTime.Now + System.TimeSpan.FromSeconds(6)RoboTroll private System.Windows.Forms.Label label1RoboTroll private System.Windows.Forms.LinkLabel linkURLRoboTroll private System.Windows.Forms.Label labelTimeRoboTroll private System.Windows.Forms.Button buttonCheckRoboTroll private bool trying = falseRoboTroll private System.Timers.Timer theTimerRoboTroll private System.Windows.Forms.Label labelNextCheckRoboTroll private string mainURL = "http:private string replyURL = "http:private System.Data.DataTable trollTableRoboTroll private System.Data.DataSet trollSetRoboTroll private System.Data.DataTable contextTableRoboTroll private System.Data.DataSet contextSetRoboTroll private System.Windows.Forms.Button btnPostRoboTroll private bool isposting = falseRoboTroll private int preinctroll = 0RoboTroll private string dirBase = ""RoboTroll private System.Windows.Forms.Button btnOptionsRoboTroll private System.Windows.Forms.ContextMenu trayMenuRoboTroll private System.Windows.Forms.MenuItem menuItem1RoboTroll private System.Windows.Forms.MenuItem menuItem2RoboTroll private System.Windows.Forms.MenuItem menuItem3RoboTroll protected System.Windows.Forms.NotifyIcon tIconRoboTroll private System.ComponentModel.IContainer componentsRoboTroll private OleDbConnection dbConnRoboTroll private OleDbDataAdapter dbTrollsAdapterRoboTroll private OleDbDataAdapter dbContextAdapterRoboTroll public MainFrm() { InitializeComponent()RoboTrollR oboTroll this.linkURL = new System.Windows.Forms.LinkLabel()RoboTroll this.label1 = new System.Windows.Forms.Label()RoboTroll this.labelTime = new System.Windows.Forms.Label()RoboTroll this.labelNextCheck = new System.Windows.Forms.Label()RoboTroll this.buttonCheck = new System.Windows.Forms.Button()RoboTroll this.theTimer = new System.Timers.Timer()RoboTroll this.btnOptions = new System.Windows.Forms.Button()RoboTroll this.btnPost = new System.Windows.Forms.Button()RoboTroll this.tIcon = new System.Windows.Forms.NotifyIcon(this.components)Ro boTroll this.trayMenu = new System.Windows.Forms.ContextMenu()RoboTroll this.menuItem1 = new System.Windows.Forms.MenuItem()RoboTroll this.menuItem3 = new System.Windows.Forms.MenuItem()RoboTroll this.menuItem2 = new System.Windows.Forms.MenuItem()RoboTroll ((System.ComponentModel.ISupportInitialize)(this.t heTimer)).BeginInit()RoboTroll this.SuspendLayout()RoboTroll this.linkURL.Location = new System.Drawing.Point(16, 48)RoboTroll this.linkURL.Name = "linkURL"RoboTroll this.linkURL.Size = new System.Drawing.Size(432, 23)RoboTroll this.linkURL.TabIndex = 0RoboTroll this.linkURL.LinkClicked += new System.Windows.Forms.LinkLabelLinkClickedEventHand ler(this.linkURL_LinkClicked)RoboTroll this.label1.Location = new System.Drawing.Point(16, 16)RoboTroll this.label1.Name = "label1"RoboTroll this.label1.Size = new System.Drawing.Size(80, 23)RoboTroll this.label1.TabIndex = 1RoboTroll this.label1.Text = "Last Check :"RoboTroll this.labelTime.Location = new System.Drawing.Point(104, 16)RoboTroll this.labelTime.Name = "labelTime"RoboTroll this.labelTime.Size = new System.Drawing.Size(128, 23)RoboTroll this.labelTime.TabIndex = 2RoboTroll this.labelTime.Text = "00:00"RoboTroll this.labelNextCheck.Location = new System.Drawing.Point(240, 16)RoboTroll this.labelNextCheck.Name = "labelNextCheck"RoboTroll this.labelNextCheck.Size = new System.Drawing.Size(208, 23)RoboTroll this.labelNextCheck.TabIndex = 3RoboTroll this.labelNextCheck.Text = "Next Check in 0 Seconds"RoboTroll this.buttonCheck.Location = new System.Drawing.Point(376, 88)RoboTroll this.buttonCheck.Name = "buttonCheck"RoboTroll this.buttonCheck.TabIndex = 4RoboTroll this.buttonCheck.Text = "Check Now"RoboTroll this.buttonCheck.Click += new System.EventHandler(this.buttonCheck_Click)RoboTro ll this.theTimer.Enabled = trueRoboTroll this.theTimer.Interval = 1000RoboTroll this.theTimer.SynchronizingObject = thisRoboTroll this.theTimer.Elapsed += new System.Timers.ElapsedEventHandler(this.OnFireTimer )RoboTroll this.btnOptions.Location = new System.Drawing.Point(200, 88)RoboTroll this.btnOptions.Name = "btnOptions"RoboTroll this.btnOptions.TabIndex = 5RoboTroll this.btnOptions.Text = "Options"RoboTroll this.btnOptions.Click += new System.EventHandler(this.btnOptions_Click)RoboTrol l this.btnPost.Location = new System.Drawing.Point(288, 88)RoboTroll this.btnPost.Name = "btnPost"RoboTroll this.btnPost.TabIndex = 7RoboTroll this.btnPost.Text = "Post Now"RoboTroll this.btnPost.Click += new System.EventHandler(this.btnPost_Click)RoboTroll this.tIcon.ContextMenu = this.trayMenuRoboTroll this.tIcon.Icon = ((System.Drawing.Icon)(resources.GetObject("tIcon. Icon")))RoboTroll this.tIcon.Text = "SlashMan"RoboTroll this.tIcon.Visible = trueRoboTroll this.tIcon.DoubleClick += new System.EventHandler(this.DblClickTrayIcon)RoboTrol l this.trayMenu.MenuItems.AddRange(new System.Windows.Forms.MenuItem[] { this.menuItem1, this.menuItem3, this.menuItem2})RoboTroll this.menuItem1.DefaultItem = trueRoboTroll this.menuItem1.Index = 0RoboTroll this.menuItem1.Text = "Open..."RoboTroll this.menuItem1.Click += new System.EventHandler(this.menuItem1_Click)RoboTroll this.menuItem3.Index = 1RoboTroll this.menuItem3.Text = "-"RoboTroll this.menuItem2.Index = 2RoboTroll this.menuItem2.Text = "Exit"RoboTroll this.menuItem2.Click += new System.EventHandler(this.menuItem2_Click)RoboTroll this.AutoScaleBaseSize = new System.Drawing.Size(5, 13)RoboTroll this.ClientSize = new System.Drawing.Size(472, 125)RoboTroll this.Controls.AddRange(new System.Windows.Forms.Control[] { this.btnPost, this.btnOptions, this.buttonCheck, this.labelNextCheck, this.labelTime, this.label1, this.linkURL})RoboTroll this.Icon = ((System.Drawing.Icon)(resources.GetObject("$this. Icon")))RoboTroll this.MaximizeBox = falseRoboTroll this.Name = "MainFrm"RoboTroll this.StartPosition = System.Windows.Forms.FormStartPosition.CenterScree nRoboTroll this.Text = "SlashMan"RoboTroll this.SizeChanged += new System.EventHandler(this.SizeChang)RoboTroll ((System.ComponentModel.ISupportInitialize)(this.t heTimer)).EndInit()RoboTroll this.ResumeLayout(false)RoboTroll } #endregion [STAThread] static void Main() { Application.Run(new MainFrm())RoboTroll } private void ReadDB() { try { dirBase = System.Diagnostics.Process.GetCurrentProcess().Mai nModule.FileNameRoboTroll dirBase = dirBase.Substring(0, dirBase.LastIndexOf("\\"))RoboTroll System.IO.Directory.CreateDirectory(dirBase)RoboTr oll string mdbFile = "Provider=Microsoft.Jet.OLEDB.4.0RoboTrollData Source=" + dirBase + "\\Slashman.mdb"RoboTroll dbConn = new OleDbConnection(mdbFile)RoboTroll dbTrollsAdapter = new OleDbDataAdapter()RoboTroll OleDbCommand dbInsert = new OleDbCommand("INSERT INTO trolls (ID, Subject, Body) Values(?, ?, ?)", dbConn)RoboTroll dbInsert.Parameters.Add("ID", OleDbType.Numeric, 0, "ID")RoboTroll dbInsert.Parameters.Add("Subject", OleDbType.VarChar, 255, "Subject")RoboTroll dbInsert.Parameters.Add("Body", OleDbType.Char, 65535, "Body")RoboTroll OleDbCommand dbUpdate = new OleDbCommand("UPDATE trolls SET Subject=?, Body=? WHERE ID=?", dbConn)RoboTroll dbUpdate.Parameters.Add("Subject", OleDbType.VarChar, 255, "Subject")RoboTroll dbUpdate.Parameters.Add("Body", OleDbType.Char, 65535, "Body")RoboTroll dbUpdate.Parameters.Add("ID", OleDbType.Numeric, 0, "ID")RoboTroll OleDbCommand dbDel = new OleDbCommand("DELETE FROM trolls WHERE ID=?", dbConn)RoboTroll dbDel.Parameters.Add(new OleDbParameter("ID", OleDbType.Numeric, 0, "ID"))RoboTroll dbTrollsAdapter.InsertCommand = dbInsertRoboTroll dbTrollsAdapter.UpdateCommand = dbUpdateRoboTroll dbTrollsAdapter.DeleteCommand = dbDelRoboTroll dbTrollsAdapter.SelectCommand = new OleDbCommand("SELECT * FROM trolls", dbConn)RoboTroll dbContextAdapter = new OleDbDataAdapter()RoboTroll dbContextAdapter.SelectCommand = new OleDbCommand("SELECT * FROM Context", dbConn)RoboTroll dbConn.Open()RoboTroll trollSet = new System.Data.DataSet("trollset")RoboTroll trollTable = new DataTable("trolls")RoboTroll dbTrollsAdapter.Fill(trollTable)RoboTroll trollSet.Tables.Add(trollTable)RoboTroll if (trollTable.Rows.Count == 0) { System.Windows.Forms.MessageBox.Show("The trolls database is missing or empty.")RoboTroll throw new System.Exception("The trolls database is missing or empty.")RoboTroll } contextSet = new System.Data.DataSet("contextset")RoboTroll contextTable = new DataTable("Context")RoboTroll dbContextAdapter.Fill(contextTable)RoboTroll contextSet.Tables.Add(contextTable)RoboTroll this.Visible = trueRoboTroll this.Update()RoboTroll } finally { dbConn.Close()RoboTroll } } private bool SendMail(string from, string to, string subject, string body) { try { System.Web.Mail.MailMessage theMail = new System.Web.Mail.MailMessage()RoboTroll theMail.From = "your@email.com"RoboTroll theMail.To = toRoboTroll theMail.Subject = subjectRoboTroll theMail.Body = bodyRoboTroll theMail.BodyFormat = System.Web.Mail.MailFormat.TextRoboTroll System.Web.Mail.SmtpMail.SmtpServer = "your.server.com"RoboTroll System.Web.Mail.SmtpMail.Send(theMail)RoboTroll return trueRoboTroll } catch (Exception e) { System.Windows.Forms.MessageBox.Show(e.Message)Rob oTroll return falseRoboTroll } } private void UpdateForm() { this.labelTime.Text = latestTimeRoboTroll this.linkURL.Text = latestStoryDisplayRoboTroll } private string GetTaggedText(string from, string tagBegin, string tagEnd) { int begin = from.IndexOf(tagBegin)RoboTroll if (begin == -1) throw new System.Exception("tagBegin not found")RoboTroll string retstr = from.Substring(begin + tagBegin.Length)RoboTroll int end = retstr.IndexOf(tagEnd)RoboTroll if (end == -1) throw new System.Exception("tagEnd not found")RoboTroll return retstr.Substring(0, end)RoboTroll } private string StripTags(string from) { string ret = fromRoboTroll int begin = ret.IndexOf("= 0) { int end = ret.IndexOf(">", begin)RoboTroll if (end == -1) breakRoboTroll ret = ret.Remove(begin, (end-begin)+1)RoboTroll begin = ret.IndexOf("= trollTable.Rows.Count) SlashCfg.curTrollIndex = 1RoboTroll selTroll = SlashCfg.curTrollIndexRoboTroll } else { selTroll = SlashCfg.curTrollRoboTroll } if (selTroll >= trollTable.Rows.Count) { throw new System.Exception("The selected troll is greater than the number of trolls in the table.")RoboTroll } subj = trollTable.Rows[selTroll]["Subject"].ToString()Rob oTroll body = trollTable.Rows[selTroll]["Body"].ToString()RoboTr oll } if (SlashCfg.appendPostfix) { body += "
SlashCfg.SetDefaults()RoboTroll ReadDB()RoboTroll } protected override void Dispose( bool disposing ) { if( disposing ) { if (components != null) { components.Dispose()RoboTroll } } base.Dispose( disposing )RoboTroll } #region Windows Form Designer generated code private void InitializeComponent() { this.components = new System.ComponentModel.Container()RoboTroll System.Resources.ResourceManager resources = new System.Resources.ResourceManager(typeof(MainFrm))
" + SlashCfg.appendPosttextRoboTroll } PrePro(ref subj)RoboTroll PrePro(ref body)RoboTroll } private void PostComment() { /* string xtheSubj, xtheBodyRoboTroll GetTrollData(out xtheSubj, out xtheBody)RoboTroll System.Windows.Forms.MessageBox.Show(xtheBody, xtheSubj)RoboTroll returnRoboTroll */ if (isposting) returnRoboTroll isposting = trueRoboTroll PlaySound(Application.StartupPath+"\\alert.wav", 0, 1)RoboTroll try { string theSubj, theBodyRoboTroll /* MANUAL MODE */ GetTrollData(out theSubj, out theBody)RoboTroll UpdateStatus("Reading comments page...")RoboTroll string pageText = DoHttpGet(latestURL)RoboTroll string tagSID = ""RoboTroll string SID = GetTaggedText(pageText, tagSID, tagEND)RoboTroll string CID = GetTaggedText(pageText, tagCID, tagEND)RoboTroll string PID = GetTaggedText(pageText, tagPID, tagEND)RoboTroll string replyPage = replyURL + "?"RoboTroll replyPage += "sid=" + SID + "&"RoboTroll replyPage += "pid=" + PID + "&"RoboTroll replyPage += "cid=" + CID + "&"RoboTroll replyPage += "op=Reply&mode=flat&commentsort=0&threshold=-1"Rob oTroll UpdateStatus("Requesting Reply Page...")RoboTroll pageText = DoHttpGet(replyPage)RoboTroll SID = GetTaggedText(pageText, tagSID, tagEND)RoboTroll PID = GetTaggedText(pageText, tagPID, tagEND)RoboTroll string KEY = GetTaggedText(pageText, tagKEY, tagEND)RoboTroll System.Collections.Specialized.NameValueCollection nvs = new System.Collections.Specialized.NameValueCollection ()RoboTroll nvs.Add("sid", SID)RoboTroll nvs.Add("pid", PID)RoboTroll nvs.Add("mode", "flat")RoboTroll nvs.Add("startat", "")RoboTroll nvs.Add("threshold", "-1")RoboTroll nvs.Add("commentsort", "0")RoboTroll nvs.Add("formkey", KEY)RoboTroll nvs.Add("rlogin", "1")RoboTroll nvs.Add("unickname", SlashCfg.username)RoboTroll nvs.Add("upasswd", SlashCfg.password)RoboTroll nvs.Add("op", "Submit")RoboTroll nvs.Add("posttype", "1")RoboTroll /* MANUALMODE */ UpdateStatus("Waiting 20 seconds...")RoboTroll System.Threading.Thread.Sleep(21000)RoboTroll nvs.Add("postersubj", theSubj)RoboTroll nvs.Add("postercomment", theBody)RoboTroll pageText = DoHttpPost(replyURL, nvs)RoboTroll string tagErrorResult = ""RoboTroll string tagPostResult = "FACE=\"arial,helvetica\" SIZE=\"4\" COLOR=\"#FFFFFF\"> "RoboTroll string tagPostResultEnd = ""RoboTroll string PostResult = GetTaggedText(pageText, tagPostResult, tagPostResultEnd)RoboTroll bool isOK = (pageText.IndexOf(tagErrorResult) == -1)RoboTroll if ((!isOK) && (PostResult == "Post Comment")) { try { PostResult = GetTaggedText(pageText, tagErrorResult, ".")RoboTroll } catch {} while ((PostResult.Length > 0) && ((PostResult[0] 127))) PostResult = PostResult.Substring(1)RoboTroll } if (isOK) { CID = GetTaggedText(pageText, tagCID, tagEND)RoboTroll string link = "http:} else { } isposting=falseRoboTroll } catch (System.Exception) { isposting=falseRoboTroll throwRoboTroll } UpdateStatus("Post Complete.")RoboTroll } private void TryRead() { if (trying) returnRoboTroll trying = trueRoboTroll string tagTitle = @"FACE=""arial,helvetica"" SIZE=""4"" COLOR=""#FFFFFF""> "RoboTroll string tagTitleEnd = ""RoboTroll string tagUrl = "
("RoboTroll string tagUrlEnd = "Read More..."RoboTroll UpdateStatus("Checking Now...")RoboTroll bool retryPost = falseRoboTroll try { string pagestr = DoHttpGet(mainURL)RoboTroll latestStory = StripTags(GetTaggedText(pagestr, tagTitle, tagTitleEnd))RoboTroll latestStoryDisplay = latestStoryRoboTroll latestURL = GetHref(GetTaggedText(pagestr, tagUrl, tagUrlEnd))RoboTroll latestTime = System.DateTime.Now.ToString()RoboTroll if ((lastStory.Length>0) && (latestStory != lastStory)) { PlayAlert()RoboTroll PostComment()RoboTroll } } catch (System.Exception e) { if (e.Message.IndexOf("(404)")>0) { SlashCfg.curTrollIndex =preinctrollRoboTroll retryPost = trueRoboTroll } latestStoryDisplay = e.MessageRoboTroll latestURL = "ERROR"RoboTroll latestTime = "ERROR"RoboTroll } if (retryPost == false) { lastStory = latestStoryRoboTroll nextCheck = DateTime.Now.AddSeconds(SlashCfg.checkIntervalMin + rand.Next(SlashCfg.checkIntervalMax - SlashCfg.checkIntervalMin))RoboTroll } else { nextCheck = DateTime.Now.AddSeconds(5)RoboTroll } UpdateForm()RoboTroll trying = falseRoboTroll } private void buttonCheck_Click(object sender, System.EventArgs e) { TryRead()RoboTroll } private void OnFireTimer(object sender, System.Timers.ElapsedEventArgs e) { if (trying) returnRoboTroll if (isposting) returnRoboTroll if (DateTime.Now > nextCheck) { TryRead()RoboTroll } UpdateStatus("Next Check in " + (int)((nextCheck - DateTime.Now).TotalSeconds) + " Seconds.")RoboTroll } private void NavigateLink() { try{System.Diagnostics.Process.Start(latestURL)Rob oTroll} catch {} } private void PlayAlert() { } private void linkURL_LinkClicked(object sender, System.Windows.Forms.LinkLabelLinkClickedEventArgs e) { NavigateLink()RoboTroll } private void btnPost_Click(object sender, System.EventArgs e) { if ((latestURL == null) || (latestURL == "ERROR") || (latestURL.Length == 0)) { System.Windows.Forms.MessageBox.Show("Must get the post first! (Press Check Now)", "Error", System.Windows.Forms.MessageBoxButtons.OK, System.Windows.Forms.MessageBoxIcon.Stop)RoboTroll returnRoboTroll } try { PostComment()RoboTroll } catch {} } private void btnOptions_Click(object sender, System.EventArgs e) { Slashman.OptionsFrm opts = new Slashman.OptionsFrm()RoboTroll opts.trollTable = trollTableRoboTroll opts.ShowDialog(this)RoboTroll if (opts.pressedOK) { dbTrollsAdapter.Update(trollTable)RoboTroll trollTable.AcceptChanges()RoboTroll } else { trollTable.RejectChanges()RoboTroll } } private void ShowMe() { this.Visible = trueRoboTroll this.Activate()RoboTroll this.WindowState = System.Windows.Forms.FormWindowState.NormalRoboTro ll } private void HideMe() { this.Visible = falseRoboTroll } private void menuItem1_Click(object sender, System.EventArgs e) { ShowMe()RoboTroll } private void menuItem2_Click(object sender, System.EventArgs e) { this.Close()RoboTroll } private void SizeChang(object sender, System.EventArgs e) { if (this.WindowState == System.Windows.Forms.FormWindowState.Minimized) { HideMe()RoboTroll } } private void DblClickTrayIcon(object sender, System.EventArgs e) { ShowMe()RoboTroll } } }
microsoftholes.slashdot.org
Microsoft is paying *extra* attention to security now!
I use Macs to up my productivity, so up yours Microsoft!
- $ grep NNNNNNNNN httpd-access.log | wc
First record: 05/May/2002:21:57:58.88 1056 41562
I've been fortunate in that none have been on the same B or C class subnet. Naturally, I've notified the two infected ISPs on the same A class subnet before either attacked twice.
Still, how is it that this thing has resurfaced? Don't these things ever die? Is Microsoft secretly including it in other packages?
If they only had used Java, all the koreans could change are simple properties files. :-)
Somebody is getting fired!!!
I haven't seen the code of the Windows kernel. However, do you need really good comments (or even any) to figure out how a few lines of the virus code work? By the way, there are commercial programs with GPL'ed code like Metadot or MySQL. And they appear to heve pretty well commented code. This might become the case for Microsoft as well.
No wonder Nimda slipped through. They're spending all their time manually converting to HTML.
However, in Microsoft's defense, it should be noted that most other developers only convert the help files they expect to find.
"Inflammable means flammable? What a strange country!" -Dr. Nick, The Simpsons
Can you believe I lost a point for this?
lost a point lost a point lost a point
la la la
As my father lik@(munch munch)...