Slashdot Mirror
Controversy Surrounds Huge IE Hole
Suchetha wrote in with a Wired News bit talking about
security hole
in IE that allows malicious web pages to reformat a hard drive. The Wired
talks
more about bugtrack's handling of the whole thing, and how it essentially posted working
code for the exploit. Was it irresponsible or not?
The Wired talks more about bugtrack's handling of the whole thing...
Dude; since when did Lain start writing technical articles?
It might be my sadistic side, but I prefer for working exploits to be posted by the security sites... It gives you a way of checking to see if you are vulnerable.
In the case of M$ bugs, it also puts more pressure on the company to come up with a fix for the problem quickly.
Those who think, "We should give MS a couple months to find an appropriate patch" are sadly misguided. Do you think a script kiddie or hacker is going to wait? Do you think they're going to say "Oh, I shouldn't do this because microsoft is a big company." Wake up people, the only way a company is going to put their top programmers on the job to fix the bug is when the threat moves from "possible" to "real". As much as I wish companies too exploits more seriously, the reality is they don't until it is percieved as a "real immediate threat."
Posting as Anon since I don't need the Karma:
n ee ring/issues/ie.shtml#opt
----------
Serious Internet Explorer Defect
This is a developing issue and the information presented here is preliminary in nature and subject to frequent changes. Last significant update - 11/08/02-1830
SUMMARY
A simple way to exploit an unfixed defect in Internet Explorer has been discovered that allows malicious web sites, and possibly malicious email messages read with Outlook or Outlook Express, to take control of a computer. All you would need to do is click a web link and the owner of the web site could take almost any action they desired on your computer.
Simple, working exploit software was recently published to a public mailing list.
There is no patch to fix the problem. Anti-virus and personal firewall software will not prevent an exploit. It is hoped that Microsoft will provide a patch to fix this defect in the near future.
It is impossible to predict how, when, or even if someone will take advantage of this but due to the ease with which bad things can be accomplished it was decided to post an announcement. Nothing at all may happen. Or someone could write a virus or put up a malicious web site to take advantage of the situation at any time. The last time a defect exploit with similar characteristics was published, it was quickly incorporated into many email viruses making it unnecessary to click an attachment to get infected.
The following practices are recommended for users of Internet Explorer, Outlook, and Outlook Express until more information becomes available:
1. Users of Outlook and Outlook Express should perform the following simple, unobtrusive procedure to disable scripts from executing in email messages:
Click the Tools menu item and select Options
Click the Security tab
In Outlook Express, make sure the Virus Protection security zone is set to Restricted site zone as shown in the window below:
In Outlook, make sure the Secure Content Zone is set to Restricted Sites as shown in the window below:
These are the default settings for Outlook 2002 and Outlook Express 6. Users of earlier versions should change the setting to Restricted.
2. Indiscriminate browsing of untrusted or questionable web sites should be avoided or scripting should be disabled as described in the additional security measures below. Note that hyper links sometimes appear in email or instant messages. If these messages are from malicious individuals, they could lead you to a malicious web site.
3. Indiscriminate clicking of hyper links in unexpected or suspect email messages, instant messages, and peer sharing resources should be avoided or scripting should be disabled in Internet Explorer as described in the additional security measures below.
ADDITIONAL SECURITY MEASURES AND INFORMATION
There is only one technical defense against an exploit at the present time and that is to disable scripting in Internet Explorer, Outlook, and Outlook Express. Instructions for disabling scripting in the mail clients were included in the recommendations above and should have little or no effect on day to day use.
Unfortunately, disabling scripting in Internet Explorer will adversely affect the operation of many web sites including E-campus and the Windows Update Site. There is, however, a way to specify trusted web sites that are are allowed to use scripting and disable it for all others. Users desiring to decrease risk may follow the instructions at the following web site under the section titled "Optional Internet Explorer Security Measures":
http://www.jmu.edu/computing/info-security/engi
Risk associated with this exploit and most others can be somewhat reduced by using a non-Administrative Windows account when browsing the web, reading email, and other day to day computer use.
The defect has been verified in Internet Explorer 5.5 and 6 SP1 running on Windows 98 and XP SP1 respectively. It is likely all varieties of 5.5 and 6 are vulnerable. A quick attempt on a Windows 95 computer running IE 5.0 was unsuccessful but not enough research was done to know why.
A possible symptom of an exploit is a Window similar to the one below suddenly appearing on your screen after clicking a hyperlink or opening an email message. The exact appearance of the Window may vary depending upon the version of Internet Explorer and operating system. Note that this window will appear if you click Help and under that circumstance the window appearance is not an indication of an exploit. If you are affiliated with James Madison University and see this window unexpectedly appear after clicking a web hyperlink or reading an email message, please contact Gary Flynn at x82364 ASAP. People affiliated with James Madison University can find my home number in the local directory and are encouraged to call me at home if such an event takes place after normal working hours.
a.) Run Microsoft exclusively (only want to see Microsoft bugs)
b.) Run Microsoft exclusively (don't want to see Microsoft bugs)
c.) Want to find any reason to bash Microsoft... (only want to see Microsoft bugs
d.) Don't run Microsoft at all (don't care about Microsoft bugs)
BugTraq is a mailing list dedicated to full disclosure. Before I get modded down for being redundant, let me explain how/why this is relevant. In a list dedicated to full disclosure, it becomes up to the person who drafts the advisory to be responsible for it's content. Many companies believe that vendor notification before releases is standard procedure, and yet there are others (ISS) who seem to believe that having one non-vulnerable version (bind 9) means that they can release an advisory that affects other versions that currently have no patches (bind 8, 4).
On the other hand, there are "independents" such as GOBBLES and other security goons who believe that posting the advisory with full exploit code the second they discover it is a good idea. I'm not going to disagree with that, because without such wake-up calls, many people would never update their systems, remaining vulnerable for days/months/years. It's pretty ridiculous how many people do.
It's not really up to BugTraq to decide which is the better course of action, it's up to the analysts and the community. If the community chooses to ostracize a member for using such tactics, they can do so. I'm sure that a commercial security vendor would encounter exactly that for releasing an advisory with exploit code and no vendor notification.
Though, in all fairness, most people have known about this IE exploit for months, and I can be reasonably sure that among "most people" "Microsoft" is included. Microsoft doesn't exactly have the worlds best track record working with people to resolve security issues, or even releasing timely patches.
In short, BugTraq good, security good, black hats bad.
If there is a God, you are an authorized representative. - Kurt Vonnegut Jr.
Now all we need is a way to embed an ISO image of a Linux system into the web page and use the same exploit to install an alternative operating system. Just think of the banner ads! "Click here to Install Linux!" and "Get That Windows Monkey Off Your Back! Hit the Monkey to Try!" and "Eliminate Windows Instabilities Forever. Click Now!". Then it won't be malicious. It'll be setting all those people FREE!
Curmudgeon Gamer: Not happy
Secondly, I'd rather *know* what an exploit looks like, and thus be able to create a filter to prevent exploit packets incoming rather than just hoping that an exploit doesn't exist (because if it does, the black hats will have it, and the script kiddies will get hold of it).
Thirdly, I have enough knowledge to help join in the effort to fix the bug; I'm not the only person with that sort of knowledge. In the situation you describe, I can attempt to tackle bugs that affect me; I'm not dependant on someone else doing it for me. Even if I was dependant on other people, I'd still prefer them to have the extra visibility into the problem that an exploit provides. I've had to debug similar errors before, and while the debugging is the hardest part, the second hardest is creating a useful test case; in your situation, I have a test case already.
I appear to have a blog. Odd.
It's not that simple I think. True that active content is overused, but it can really be helpful when you don't want to roundtrip to the server just to calc some numbers, and twiddling settings is annoying for the user, if they choose to turn it off and on. It would be better if the thing was secure. The problem IE has in particular is they try to "zone" thing, local zone, trusted zone, internet zone, secure zone, etc. They do this so that you can have stuff in the local zone executre programs or virtually do anything on the system. And that's the problem, by trying to make javascript in to a generic scripting language, they've opened up the local zone to anyone that can break through the zone barrier.
Most exploits involve one javascript generating a second window which comes into the local zone and posting content to that, though I think that's somewhat patched now, they can also use ActiveX controls to screw you. There is obviusly something flawed with the model, and had they just made javascript a web only scripting language like it was designed, none of this would have happened.
Free Online Woodworking Resources Directory
I just tried using the exploit code on my Mac OS X box running Internet Explorer and it didn't work. My hard disk was not formatted. I am disappointed. Why is Microsoft treating Mac users different than Windows users? Its not often that Mac OS X users get to use those nice 'Recovery CDs' that get shipped with Macs. We pay top dollar for our computers, we might as get to use everything that comes with them. Thanks a lot Microsoft! Just for leaving me out, I'm switching to Mozilla where are all the security problems and bugs are cross platform!
Strange women lying in ponds distributing swords is no basis for a system of government.
ssh into your box, su to root, then fsck your harddrive
I wouldn't be so pissed as long as the attacker did this often. It's such a hassle to wait for my system to do a monthly e2fsck when the partitions have readched their maximal mount count.
Withdrawal before climax is very ineffective and those who try this are usually called "parents."
Here's some more info... click this link it's ok.. you can trust it... go on.. you know you want to.
Nothing to fear. Just a link.
I'm not sure about the details of the current case, but there is a very good reason for publishing full technical details about an exploit before patches come out. That is that it may be possible in many circumstances for aware and knowledgeable system administrators to prevent the exploit from affecting machines within their control either at a central point, like a firewall or proxy, or by disabling software features until a patch is available.
For example a web proxy might be able to scan for the presence of the malicious code in question, but if that code is not available to the sysadmins, then how can they make appropriate filters? Also being aware of the ways in which these exploits work could allow sysadmins to make more general security policy decisions in terms of what users / processes are allowed to access what areas, etc. I'm not saying that it could be done in this case, but could in many others.
This could save a company a lot of time and money, and is therefore a good thing. It is not true to say that only the party responsible for producing a patch needs to see the actual code for security reasons.
There are a thousand forms of subversion, but few can equal the convenience and immediacy of a cream pie -Noel Godin
The article is stupid and wrong.
The sploit paper says that MS was contacted about the combined exploit October 4, which is not in November, and that they have closed the issue with a "will not be patched because XYZ" statement, which is not to be investigating the issue.
Two critical wrongs in fact out of two possible. I just felt a sudden urge to trust the rest of the article so much more...
Umm...
But until a large percentage of the population gets screwed royally by a security hole... a large percentage of the population hasn't gotten screwed royally by a security hole!
Don't get me wrong, MS should be faster to patch their security holes, but where are your priorities? If you were confronted by someone who had just lost a bunch of important data because of this exploit, do you really think they'd be impressed if you said "But I was trying to make a very important point to Microsoft!".
While I agree with you in principal, and I'm sure we share the bond of 360k floppies with zipped copies of viruses, I have to disagree with the details.
I remember a time when the source code for some vulnerabilities was disclosed, but with errors. If you didn't know how to fix the error, you couldn't use the vulnerability. This way, it was kept OUT of the hands of script kiddies, but put INTO the hands of those with a clue on how to fix the problem.
I'd be willing to bet 95% of the break-ins on the internet are plain old script kiddies. IMHO, there isn't any more port scanning going on, there isn't any more social engineering of the average joe's desktop pc. That sort of work is left to the 'expert' black hats, trying to get into the 'treasure chest'. The rest are lamers just running what they found.
IMHO, if BugTraq is going to post vulns, they need to be non-working, and the user has to have the knowledge to fix them. Especially on closed platforms, it does less good release exploits for code you can't fix, because you're not fixing the problem, you're just working around it.
"I can't give you a brain, so I'll give you a diploma" - The Great Oz (blatently stolen sig)
Found the code, made a web page and verified the exploit with ie5 win200...
Tried it on WINE using CrossOver Office.
and was very disappointed to find that WINE once again did not live up to it goal of being bug for bug compatible with windows.
All i got was HTML help and a script error. No files written to my "C:" and no exploit.
*sigh* Guess WINE still needs some work.
What's a worse situation? A bug that goes completely unnoticed by the general population, but is quietly exploited for months by hackers that have done their homework....or...maybe a few more script kiddies find out about it but now Joe Public is WELL aware of it, due in no small part to the discussions that happen on boards like this.
And riddle me this, how is Symantec possibly irresponsible in this matter? They have no responsiblity whatsoever towards Microsoft or any of their products; they're both separate corporations. They both pursue their own separate agendas as they see fit. The good that comes of this is that maybe the public gets a little more aware of the situation.
MS has its own side to this, Symantec has its own side, they both have valid points to their arguments, but what winds up happening is the general public gets caught in the middle. If just one more person wakes up and realizes that because of this, then there's the real benefit.
Right, because script kiddies don't hang out on IRC and get this stuff before Bugtraq. Also, the sky is not blue and there is no porn on the internet.
The most sensible thing I've ever read about this kind of question is crptogram article last year by Bruce Schneier.
Prime numbers are exactly what Alan Greenspan says they are -S. Minsky
What if we changed the scenario a little bit. Imagine that 50% of the world is using Mozilla on Linux (or even that there is a large body of non-technical using Open Source Software). Say that a bug was revealed that allowed a website to maliciously delete data from a user's Linux/Mozilla installation. In the Open Source world, this bug would probably be patched very quickly, probably more quickly than MS would. However, keep in mind that you average non-technical user is not going to be checking for frequent patches. When someone (who should be more responsible) releases code to exploit that hole, you have potential average users who may be losing very valuable data. Are these users getting what they deserve? The point is that no one should be helping the script kiddies screw up other people's machines. If you believe in that then you're not a productive part of the technology community.
If you had a nice apartment in the middle of New York, and you constantly left the front door unlocked, and then one day somebody walked in stole your stereo, I'd feel bad for you. But, you know, not too bad.
But it's not like that at all. It's more like I lock my front door. I ask my super "am I secure?" and the super replies "yes, absolutely."
Then I learn there's a fire escape. I say "The fire escape was unlocked." and the super replies "oh, yes, it was unlocked." So I lock the fire escape.
Then I find a closet door isn't a closet at all, but leads directly to the next apartment. I lock that. Suddenly, a section of all turns out to have a door that's been wallpapered over. Under the rug there's a trapdoor leading to the apartment below me. Hidden behind the fridge is a dumbwaiter. The entire fireplace rotates ala Indy Jones. I cry in exasperation to my super, who just says "well, aside from all those holes, your apartment is secure."
-- If god wanted me to have a sig, he'd have given me a sense of humor.
If Linux had an exploit that allowed someone to ssh into your box, su to root, then fsck your harddrive, and a patch wasn't released yet, would you be pissed off that bugtraq posted the code to exploit the bug?
No, and here's why; if I have working code that roots my box, I can start looking for ways to prevent it from running. Know yourself. Know your enemy. The easiest way to beat something is to study it.
Now, that isn't an option in the case of IE, but I don't run it anyway. Still, there is at least some value in being shown how to exploit a vulnerability; it proves that it is real. I could send out an email tomorrow saying "Mozilla has a huge security bug that allows arbitrary execution of malicious VBScript," but unless I show you how, most (technical) people will assume I am blowing smoke. If I put up some code that demonstrates it, though, most (technical) people will say "crap, better 1. stop using Mozilla, or 2. get to hacking out a fix."
Thomas Galvin
Ok, I expected that more people read bugtraq.. which is obviously not the case.
Their version of november is not actually the real november. From Andreas Sandblads mail:
"Microsoft was initially contacted 2002-10-04."
Go ahead, shoot Messenger. It's had its fair share of bugs too...
Whoopsie
Daisy
I like music
If you were confronted by someone who had just lost a bunch of important data because of this exploit, do you really think they'd be impressed if you said "But I was trying to make a very important point to Microsoft!".
Instead of that, you should say "By not fixing the bug, Microsoft was trying to make a very important point to you!"
Then they will at least be angry at the right entity.
If you read Sandblad's actual BugTraq posting you will see that he had notified Microsoft more than a month before posting the details of the exploit. Quoting:
Microsoft was initially contacted 2002-10-04. After several mail exchanges, their final response were that the technique used to run programs with parameters from the "Local computer zone" was no security vulnerability. A fix should instead be applied for all possibilities for content in the "Internet zone" to access the "Local computer zone".
How much time does a company have to actually fix a problem this serious? When somebody takes the trouble to notify a company about a defect, they've already demonstrated helpfulness and responsibility. It would make sense for the company to take that helpful, responsible person into the loop, and at least update them periodically about what is being done about the problem. That would give a helpful person like Sandblad a basis for continuing to wait. In this case Microsoft gave no indication that they were doing anything about the problem or intended to do anything about it. Continuing to sit on the information certainly wouldn't give them any further incentive. Sandblad reported this problem, got a thanks-but-no-thanks, then after a month of no news went over their heads to the public. I would say he handled it very responsibly.
Frankly, the fact that there is an exploit to reformat peoples hard drives is a GOOD thing IMHO. As a matter of fact, I hope it bites tons of people. The fact that "the average user" doesn't check for updates and maintain their machine NEEDS TO CHANGE.
The auto is a great example. If you didn't maintain your car (change the tires, fix the brakes, etc.) when it needed to be done, YOU are a danger to yourself and others around you.
People who don't maintain their machines are a big problem on the net. They are responsible for being DDOS agents, virus distributers, etc. MS (and other software vendors including open source) being slow at releasing patches is ALSO an enabler for distructive issues on the net.
Back to the article, it IS irresponsible to release exploits when the vendor hasn't had a reasonable amount of time to fix the bug and distribute the patch. There is an indjustry accepted time frame for this. If the vunerability is already well known in the wild however, keeping it a secret from the public does NO GOOD WHATSOEVER. The script kiddies keep in touch via IRC, and other mechanisms so they will know about the vunerability anyway. Not releasing the info only harms the public as they will have no chance to be prepared. Admins can add filters to their proxies for example, but they need to know details about how the exploit works in order to do so.
Keeping secrets about vunerabilities that are already known to the black-hats only harms the rest of us.
Since it's free and extraordinarily easy, why not? Most distros have single click or single commandline (often both) commands to update, with all security upgrades occuring, and offering new features.
And it's that second part that makes me think people *will* be upgrading. Unlike many commercial software packages (and all of Microsoft's software), where you have to pay for the next version with the next features, it's free and automatic to upgrade and get more features. Your CD burning software suddenly supports VCDs, your KWord suddenly has mailmerge wizards, and... oh, that hole in SSH was fixed as well. People don't care about the latter, but they care about the features, and that pushes the bug fixes and security fixes along.
--
Evan
"$30 for the One True Ring. $10 each additional ring!" -- JRR "Bob" Tolkien
But this begs the question: Can MSFT be held responsible (in spite of the EULA) in a situation like this where a user "removed IE" (remember the US DOJ ruling, they have to provide the option) and didn't use Outlook or Outlook express, if they were to get infected? I only use Mozilla for email and browsing, but it occurred to me that IE is so "entrenched" in the core Windows code that even if it's its removed do they remove the dangerous parts or just the UI? Mozilla is my default browser, yet when I click on a link from Y! messenger, it spawns IE.
Basically, my question is this: Can Microsoft be held accountable for negligence if I removed IE and still got wiped out by this thing because they didn't remove all of IE, as per the Court's ruling (on making it an optional component)?
Wouldn't negligence in this regard supercede the EULA and make MSFT liable?
Any legal beagles out there have any insight? (IANAL)
Don't think that a small group of dedicated individuals can't change the world. It's the only thing that ever has.
So I figured that I could avoid this by just deleting the key in my registry for IE help so that the OCX would never load and the exploit wouldn't work. I did that and it solved the problem! But wait... Windows is now trying to "help" me by putting that registry key back the way it was! Thank you so much Windows for saving me from myself and reopening the door to my harddrive. What would I do without you?
Your analogy is totally off. Publishing a how-to isn't "committing a crime", it's journalism. A few years ago I saw a TV news spot on car break-in/theft in which they showed a car thief disabling several anti-theft devices. Was the TV news breaking the law or simply alerting people to how false their sense of security really was?
This is why, in these cases, I think the argument would be well-served if people avoided analogies altogether. It's difficult enough to attempt to clarify the assumptions and facts so that symbolic logic can be applied to reach sensible conclusions without muddying the waters with literary devices.
MS is recklessly endangering your computer and your data with their shoddy attention to security prior to release. I think BugTraq is doing us all a favor by pointing it out.
I do not have a signature
After reading the proof-of-concept script at http://online.securityfocus.com/archive/1/298748, I now know at least to avoid blind links.
Also, I've come up with this possible solution:
In IE, bring the potentially malicious page to the front, then press Ctrl-O to get the Open prompt. Enter this:
javascript:void(location.replace=null)
then click OK. Now anytime that a javascript on that page tries to do a location.replace command will now instead issue a null command (no command at all). (Assuming the script hasn't already been activated, under an onLoad event or something)
This works with annoying exit pop-up ads too:
javascript:void(window.onunload=null);
You can do this with all sorts of javascript commands that get abused. Find some offensive pages, look at their source, and disable the commands you see used often. (onunload is probably the worst and most often used).
Major inspiration from this cnet builder page.
$8.95/mo web hosting
This way the vendor knows the clock is ticking, and ance you've published the puzzle and the encrypted exploit no ammount of legal manuvering can put the cat back in the bag, so to speak. Basically, it allows you to put pressure on the vendor while still being responsible and giving the vendor a month (for instance) head start. You can put decent bounds on how long it will take the fastest consumer machines to solve the puzzle. There's currently a puzzle running that's supposed to get completed shortly before the MIT Laboratory for Computer Science's 70th b-day, for instance.
Copyright Violation:"theft, piracy"::Anti-Trust Violation:"thermonuclear price terrorism"<-Overly dramatic language.
Riiighhhhtttttt ... so "Joe Public" is reading /. and Wired now is he(/she)? :)
No -- nobody is committing a crime yet. This is more like if Joe Whistleblower were to say, "My town's police are lazy and resistant to change their ways, so I am going to publically talk about their problems. The public needs to be warned for their safety, and the PD needs to get their a** in gear."
Well, after Joe says that, some residents may take extra precautions to protect themselves. Also, some potential criminals now know have information that police response time is bad, and they may take advantage of this by breaking the law.
Whose fault is that? The police, for failing to keep the town secure in the first place? JW, for letting potential criminals know about the flaw in the system? Or was it the criminal's fault because he was the one breaking the law?
I believe that it's mostly the fault of the criminal when crimes are committed, and some blame should also go to the police if they have failed to protect. Joe was just doing his duty.
But comparing MS to the police is too much of a frightening thought, time for the happy pill...
-=Ivan
Pointing out the existence of the bug is a service. Giving how-to lessons about using it to wreck havoc is irresponsible. Maybe you may call it journalism, but it is irresponsible journalism. The public's need to be alerted about auto theft was in no way enhanced by actually showing how to defeat the devices. Similarly the public's need to know about caring about security holes in software is in no way enhanced by showing them how to exploit the holes maliciously.
It's much more like the local newspaper publishing the limited routes the cops actually patrol, thereby allowing crooks to rob the places that aren't adaquetely protected. Sure, criminals will read the paper and know where they can strike, but the idea is that everyone who lives or does business in such an area is venuerable will learn that they are at risk and put pressure one the cops to clean up their act. One of the biggest factors in making a value judgement in a case like that is what level of effort was made with the cops before widely publishing their weaknesses.
Remeber that Andreas Sandblad contacted Microsoft about this problem on Oct 4 (Wired didn't even read the bugtraq posting they reported). That's six weeks ago... even longer than the 1 month period that Microsoft has suggested is necessary from discovery to disclosure. He published only after Microsoft said they didn't think it was a bug. Since Microsoft essentially claimed it wasn't a problem, the announcement needed to prove otherwise to have any chance of success.
One more quote....
You do realize that it isn't the laziness of MS that *actually* does harm, but the fact that it allows malicious people to do bad things?
Are you suggesting that Microsoft's inaction and refusal to fix the problem when they first learned of it six weeks ago was not harmful?
You probably also believe the infamous exploding gas tanks on the Ford Pinto wasn't harmful, and the deaths and injuries were purely the fault of drivers hitting Pintos. Ford's "laziness" (cheaper to settle out of court with victims than the recall and improve the cars) when they knew of the problem and did not fix it probably wouldn't be an issue for you, would it?
Back to Microsoft... who didn't fix the problem when they learned of it 6 weeks ago... does their inaction ever become harmful in your world view? How about when systems are compromised on a small scale? What about when a virus/worm is released with the ability to exploit it? (and what if someone had made a big stink about it in the press and forced them to fix it before that virus/worm was written) It's all the faults of those hackers, and Microsoft's "laziness" (when they knew of the problem in advance) never receives any of the blame? Yet someone who attempts to force the issue with a high profile public announcement, only after first having made an attempt to get them to fix it, is somehow as guilty in your little world as the actual attachers and at the same time the vendor who refused to fix the problem with advanced notice is not to blame at all?
PJRC: Electronic Projects, 8051 Microcontroller Tools
You will have a hard time proving this, because all of your data would be gone...