Slashdot Mirror
Life-Ruining Browser Hijackers
LehiNephi writes "If you're not diligent enough at whacking malware on your computer, you could end up in jail, whether or not you actually did something wrong. Hijacked browsers can not only annoy you with a never-ending string of pop-ups, they leave a less-than-virtuous browser history behind on your computer. This guy claims that some piece of malware hijacked his home page, opened an unstoppable chain of pop-ups, and filled his cache with porn. He now has to register as a sex offender, even though he denies that he did anything his computer says he did. Makes me glad for built in pop-up blocking in Mozilla."
The Browser made me do it!!!
I would think the justice department would be able to see if all the images in the cache were dated from that one single event or if they were spread over time. If he's telling the truth, it should be easy to prove.
A very convenient excuse.
He was probably looking at porn in the first place. Not that I think that condones him being a register sex offender. But that was probably what started his sexual onslaught. (A lot of the porn sites love browser tricks, just one more reason for the avid geek to use Mozilla.)
Slashdot "libertarians": Small government for me, big government for those I disagree with. -1, I disagree with you
what's the best way to get rid of this crap? some public computers at my job have been taken over by this kind of software...what can i do to fix them?
don't panic
used by many a "real" sex offender.
"Honest, it was a trojan your honour"
Was the guys cache filled with child porn or something?
How does looking at porn make you a sex offender? If it's illegal then arrest me right now.
While I respect this guys rights and wouldn't presume to accuse him of anything, I certainly cannot defend him without reading the court transcripts. ANYONE who was caught in the act of downloading kiddie porn would claim their PC was "hi-jacked" so I don't think this is a defense of any kind, in and of itself. I don't think the feds are technically literate, but I also don't think they're fools. I have a hard time believing they charged someone with downloading kiddie-porn when all that really happened was he saw some pop-ups, like you and I (unfortunately) see a million times a day. Something else took place here.
But now the Transponder gang (ABetterInternet) are making .xpis to install their shit in Firefox/Mozilla.
And yes, CoolWebSearch is a goddamned pain to get rid of. New variants are immune to Merijn's CWShredder; they require specialized tools (pv.exe, TheKillBox) to remove, and some even require booting to a command line (nearly impossible in XP/2000).
One guy at my office accidentally got some CWS variants on his machine, and the IT department - myself included - went through the router logs (school district, have to keep the logs, state law here) to see where he got it. This resulted in his getting fired (free pr0n site, and yes, he was logged in as himself).
In short, these little bastards really _can_ ruin your life and your machine.
Striking fear in the authors of godawful fanfiction, I am here, appearing in darkness, Tuxedo Jack!
try avoiding the popups on that Last Measure site, you'll see how well your "popup blocker" works... I'm not kidding...
I'd think that log files would show you a fast series of "pop-ups" and it should be fairly easy to defend yourself. If true, I'd like to know what his search string was and what search engine.
It could be worse, it could be Monday.
I seriously doubt that anything would be convicted as a sex offender just by a hisory of websites that his browser had been pointed to in the past. There has to be more to this than what we know.
Once again absolute rules screws common sense. If there is no intent, there should be no crime. The man probably didn't want to open up the string of popups, therefor is not responsible for this.
It wasn't me, it was [*]. I'm innocent of any wrong doing. I am a victim. I take no responsability for my actions. Please legislate so that others can aspire to my stupidity.
[*]=whatever
I may be expecting too much here, but it seems logical to me that even the most clueless luser might suspect that something was amiss if a flood of porn started popping up out of nowhere and at least ask a literate friend what's up. Like the first poster, I'm a little suspicious that this type of problem could go unnoticed for very long.
Why can't an end user be subject to the same EULA that the software he/she runs?
We're all human at the end the day....
From the article:
"When I used search engines, sometimes I got a lot of porn pop-ups," Jack said. "Sometimes I was sent to illegal porn sites. When I tried to close one, another five would be opened without my will. They changed my start page, wrote a lot of illegal porn links in favorites. The only way to stop this was turn the (computer's) power off. But when I dialed up to my server again, I started with illegal site, then got the same pop-ups. There were illegal pictures in pop-ups."
I have to wonder why this guy logged back on after this if he even suspected the porn/pictures was illegal. Plus, he could have called the police if he was truly not in control of what was showing up on his PC, better to take the proactive route than wait until your ISP or employer starts seeing things, and then he's left trying to explain.
You can have my cynical agnosticism when you pry it from my cold, dead logic.
"My wife and I separated for a time because she thought I was looking at porno"
Something must be really fscked with your marriage if this is the case - the computer is not at fault here.
at the end of the article you can read : Some of the images were found in unallocated file space, and would have to have been placed there deliberately since cached images from browsing sessions wouldn't have been stored in unallocated space. maybe he was indeed downloading some clown porn :D
After all, how often do you see pop-ups with child porn on 'em? I certainly know I never do, even when I'm forced to use IE
The dude in question claims that he bought the computer on eBay, which is a whole other ball of wax. If you buy a used computer, and can prove you did so, are you legally responsible for what might have been on it when you bought it?
I totally have no idea what the right answer to that would be.
that new-fangled peta-box harddrive...
mac, linux or paper. Avoid MS and avoid problems
use mozilla
Yeah right, it was the malware on my PC that downloaded all those naked chicks. It brings to mind Jim Belushi kneeling in the sewer telling Carrie Fisher that he had a flat, he ran out of gas, etc, etc.
Either way its a load.
I love Mozilla Firefox, love it. The AdBlock plugin and a custom host file keep me free of almost all ads, flash banners, and otherwise annoying Internet ads.
However, we like to preach about just switch and all your problems go away. For the most part that holds true, a switch to Linux, or even just Mozilla infinitely improves the quality of the computer.
However, most of the spyware comes as a result of user initiated stupidity or ignorance.
Now I understand stupid default choices by Microsoft and browser cause most of these problems, but if Linux does become a major player on the desktop (god willing) I think we will see more crappy scumware. Linux isn't a magic pill, just a better designed OS. It isn't idiot proof.
Right now I'm going to keep on recommending Firefox and keep getting signatures to get my school to, but in the future, I hope at least most of these problems will go away with the switch to linux (but I doubt it).
Where you don't need to do anything damaging or hurtful to commit a crime, just have the wrong information on your computer.
Yay for removal of civil liberties. Oh did the sites any of the images came from get sued? Of course not, it's not their fault they're publishing illegal material (if it even is illegal).
Because we all know looking at pictures is bad. I mean people always do bad things they see in pictures, right? I just can't wait until they finish the thought listening machine so we won't even need pictures for evidence. It'll just be "Hey you! You had bad thoughts about that person, you're obviously going to act on them, get in jail!" Or "Hey you, you thought about doing drugs! We can't have people using untaxed substances to enjoy themselves without hurting others, get in jail so you can learn to become a good consumer of only the harmful products our society approves of and generates money from at the expense of public health!" or "Hey you! You thought the person in charge of this country might be wrong! That's obviously not allowed, come here so we can kill you!"
Introducing the new Occam Fusion! Now with sqrt(-1) fewer blades!
If you are running Mac OS X or Linux, easy. Noone targets them. If you are running Windows, the steps to a secure windows box are easy:
1. Never use Administrator unless you are doing administrative tasks. If you are using a web browser as Administrator it should be for windowsupdate or device drivers, period.
2. Don't give any user account you create Administrative permissions.
3. Don't open attachments.
4. Use mozilla and disable popups.
5. If the account gets fucked up, delete it and create a new one.
Spybot Search & Destroy (best and most up-to-date IMHO)
AdAware (the original big one, not as up-to-date as Spybot S&D, but it still catches stuff Spybot doesn't)
HijackThis (for the really nasty stuff that the others don't get, though this can mess up your computer if it isn't used properly)
SpywareBlaster (it isn't as good as the others mentioned, but it still couldn't hurt)
What if this signature were clever?
Heh, last time I visited my parents my mom complained about all the porno pop-ups. I was like *holy shit* when she showed me what was going on.
:>)
:>)
Ran ad aware and she had about 280 spyware/crapware programs on her PC (goddam elf blowling program
After we ran that and Search and Destroy, installed Mozilla and ZoneAlarm her system runs much better.
I can see a shred of thruth in this guy's story, but all my porno is placed on my system on purpose (and no, no kiddie stuff
-mb
If they are running Win2k or XP, delete the user profiles and create new ones. That will clear up a lot. Next, get AdAware and run it on the machine until it reports no problems. Then, install some kind of pop-up blocker (Google toolbar will do). Better yet, install Mozilla or another browser and remove the icons for IE. And of course, AV software.
Next, scan the hard disk for anyThe root of the problem is that your systems are not correctly configured. You should not give administrator/root access unless they're a systems administrator, and they know to use it only to do administrative stuff. NEVER run a web browser as an administrator.
I made a script that will fix a lot of the symptoms, and part of the problem, for windows machines. It will not fix the user issue though.
http://www.jordanmills.com/prunev3.vbs
funny munging
I have a hard time believing our government invaded a country to get rid of weapons that never existed..stranger things have happened.
Not only will Mozilla (and Firefox)'s built-in popup blocking help you. They also do not support ActiveX scripting. You have to get a plugin for it, and even once you have the plugin installed the controlls are tighter.
Who's the moron that thought it'd be cool to embed executable code in a web page anyway? Well, he's not as big of a moron as the guy who let it execute ANY code.
Bugs are just features that have been fixed.
This reminds me of the saying "Nobody ever got fired for choosing Windows".
"No, but it did get someone registered as a sex offender."
Malike Bamiyi wanted my assistance.
Adaware
IYHO indeed. Spybot signatures haven't been updated since the beginning of March.
That goes for you too, moderators. Mod parent down while you're at it.
and smells like a duck then you know the rest.
Comon sense would say, if you buy a computer from someone else (ebay in this case), for your peace of mind, format and re-install OS.
But I digress -
Encrypted filesystem where art thou?
You can get rid of it by running a personal firewall such as Kerio and scanning your system for spyware and what not with Ad-aware,Spybot-S&D, and Others
what's the best way to get rid of this crap?
And for the love of all that is holy, tell everybody you know to stop using IE. If you're the tech support guy for your friends and family, have them start using firefox. Because sooner or later, if you don't, they'll get CWS and you'll be at their house helping them for a LONG time.
3 more:
6. Use windows update religiously.
7. Use a firewall or at least the crappy virtual firewall software that MS provides.
8. Something that has been put out for the last 40 years in the CS world: backup!
fwiw, the answer you seek is in a quote at the end.
I don't want knowledge. I want certainty. - Law, David Bowie
thing to do.
Seriously, if you are innocence in a case like this, how are you going to prove it? Odds are, you'll end you get assigned some asshat public defender and judge who wont know how to handle the case and wont care anyway.
Unless you have serious money, challenging the government by fighting a prosecution is stupid. You waste your time and money, and end up with a stiffer jail sentence. Just plead guilty, rat out some druggie friends and go for the best deal possible
Considering that some anti-spyware software is actually spyware itself makes me think that its not the solution. Bad user habits are what crap up computers, not the fact that they don't use anti-spy software or virus scanners.
a Mac. Nobody knows that I am a perverted sex offender!
Whoops, should have posted anonymous...
eleven plus two / twelve plus one
This is a crappy defense. Endusers need to become more aware of what's going on, and, at the same time, less capable of installing shit like this.
For example, here's an absolute rule:
If there is no intent, there should be no crime.
And here's some common sense: while you can deduce intent from physical evidence and documented actions, it's the evidence and actions of the suspect that make the crime, not the idea. What your rule demands is that we prosecute thought crimes, and only thought crimes.
The man probably didn't want to open up the string of popups,
That's a good guess, but how accurate is it? How trustworthy is it? How sure can you be that the man did not want to open all these pop-ups (either for their own sake, or as an acceptable side effect of some other intentional act)? Shouldn't you be looking at the actual physical evidence and documented activity, in order to determine what crime has been committed, and by whom? Basing your investigation on a wild-ass guess about the ideas in the head of the suspect doesn't seem very much like common sense to me.
therefor is not responsible for this.
Once again, absolute rules screw common sense.
Any sufficiently well-organized community is indistinguishable from Government.
Animal porn popup causes guy to lose his job and ruins his life. Farmsluts
"We can't solve problems by using the same kind of thinking we used when we created them."
Malware is here to stay. I clean it of the computers of friends and family constantly. You can't hide behind Mozilla -or anything for the matter. You can use Ad-Aware or the like, and that's about it. I gave up on trying to make others understand what 'safe browsing' habits are. Malware no longer requires you to click 'ok' to something. It just hijacks your system on page load. I myself had a Java based trojan install an ftp daemon in my system folder with an INI file that had accounts named 'xdcc-warez' etc.. I am very secure, but I wouldn't have known about this intruder unless my firewall would have reported the ftp daemon opening the port.
I have tried many types of virus protection and I refuse to run them. Symantec 2004 'Pro' or 'Corporate' is EXTREMELY intrusive. With *ALL* the auto search and protection off, it still runs many services that take over 15mb of ram! McAffee and everything else is about the same. I am all about performance, I will not have adware and virus protection software scanning every file written to my HD, every word doc I open, email I send, or page i visit; that's ridiculous; not to mention with all those things of, the services are still there for some reason. Also, I don't need a HUGE GUI interface with animated gifs and crap.
Spyware is here to stay, get some somewhat non-intrusive software to protect your family and friends, and as for yourself, I guess just check your firewall, and/or have it alert you when a weird program or service wants access.
Users don't like this answer. Give them a software fix and they'll be happy (in ignorance), but tell them to change their operating habits and they will be offended.
See section 3.1 in Broadband Reports' FAQ. I had to deal this on a Windows 2000 SP4 machine (not mine) recently. Very annoying!
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
I received this link earlier today as spam... It took all the touble out of trying to find free porn on the net - thanks browser hijackers, whoever you are!
evil link to hijack your browser and force fee you porn - windows users click link at your own risk
Problem is, some sites are starting to use the .xpi's for firefox plugins to get their shit on your computer. Was looking for a key for a MS product because my boss is stupid and doesn't know where he has half of them and up pops a Mozilla plug-in installer request. Then again, most haven't started yet...yet...
Spybot is about the best spyware cleaner out there. Ad-Aware is also pretty good, but I think Spybot catches more. Spybot also has the advantage of being configurable to auto-run at system start, before spyware programs can execute. It takes a while to do its scan, but if you can spare the startup time, it's worth it. Also, it contains a tool called Resident that's supposed to install in IE and prevent known spyware from installing itself. Not sure how well it works, but maybe someone else can comment.
I also use Trend Micro's online virus scanner. Along with killing viruses, it also recognizes some malware programs. It isn't a substitute for Ad-Aware and Spybot but a complementary tool.
Also, for public access computers, you really need to jack up the security settings of Internet Explorer, or, better yet, ditch it in favor of Mozilla.
Education is also important. Many people have heard of viruses and worms, although they don't seem to have a clue how to protect themselves. Spyware, OTOH, is an unknown term to many people. They don't know what it is, what it does, how it got there, or how to remove it. Whenever you clean someone's computer, take an extra minute or two and sum up what happened to them. They may not seem to understand, but you've at least planted a seed of information, so maybe enlightenment will eventually come.
I deal with this crap every day at work, so I feel your pain.
Being labeled as a "sex offender" will ruin your life forever in America. Once your labeled, I don't think there is anyway of getting rid of this title. I call it a title because it's exactly that. Try getting a job with a future employer. Try finding a place to live. Try anything. Once you're labeled, the stigma ostracizes you from the rest of society. It's enough to make you flee from the country, or commit suicide.
I guess what I'm getting at is this. If your going to be labeled as a "sex offender". The government better damn well have compelling evidence to label you as one. And I don't think having porn on your computer counts. Sex is natural and part of human nature. It's only when it becomes "offensive" to others around you that's at question.
Life is not for the lazy.
how is the MS firewall crappy? It performs exactly as any firewall should perform.
Now, even though people usually only target windows, the advantage in XP is the system restore. If you do work for friends/family who use windows, it's the easiest fix. After you do it, be sure to tell them "don't say 'yes' or 'open' EVER" unless it is from microsoft corporation, macromedia, apple quicktime, or any number of companies you know won't put spyware or adware on your computer (i'm starting to distrust real now...)
Ok, here's what prolly happened:
- Dude with his drive in two partitions downloads a bunch of pr0n and stores it on
/dev/hda2 (or Windoze equivalent) - Porn-viewing dude decides to sell his computer on eBay.
- Realizes that he can't very well sell it to someone when it's got child pr0n on it or he'll be goin' to jail
- Nukes
/dev/hda2 partition and thinks "ok, it's gone now. I'm in the clear". - Sells it to "Jack"
- Jack gets his computer analyzed by the cops.
- Jack gets fucked by the system.
Can I be a reporter now?"Avoid employing unlucky people - throw half of the pile of CVs in the bin without reading them." -- David Brent
4.5 Mozilla email, too.
Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
Use OS X
No documented virii, worms, spyware, or trojans to date. Yes, there was a trojan proof of concept. No, it has not infected anyone.
The next pasture is always greener
Just out of curiosity, I haven't really found a suitable alternative to the old Norton Con. What exactly do you use?
I don't read or respond to AC posts
...not being a pedophile.
Out of interest, when I rebuild my home server recently, I installed a fresh Windows XP (with SP1(!)), but nothing else. Then pointed my browser at www.netants.com (that site would probably deserve a good whacking) and sat back and watched the show.
Within five minutes, there was porn everywhere. The browser homepage (which also downloaded new tasty bits of spyware whenever the browser was launched), the favorites (it would take a determined smut-lover months to accumulate a list of porn sites that long!), the browser history, lots of links on the desktop, porn quick-bars, search bars, the start menu, and every other piece of mal-, spy-, ad- and crapware under the sun.
The scary thing is, I did not click on any buttons, links or otherwise. The website simply exploited IE flaws to install all this crap.
I then ran ad-aware and spybot search and destroy and the amount of shit that had been installed in about five minutes was absolutely staggering! After that, I continued using the machine for a few minutes, but could not shake the feeling that there was still a fair amount of *ware left on the box. I had to repartition, reformat and take a shower to feel clean again.
So it would be all too easy for Joe User, who does not quite grasp the concept of IT security in general and the necessity to upgrade in particular, to stumble upon a site like that and catch all that junk. After witnessing this, I will certainly be migrating my parents and other relatives to Linux/Mozilla as soon as I can.
I have now prepared an old laptop that I can restore quickly by re-ghosting with a virgin XP install. Every time I need to impress the importance of updating, configuring your system properly and generally staying away from MS software, I take the laptop along, open abovementioned site and ask people to clean up the machine. Normally they give up in disgust after firing up IE for the first time. Might be an idea to do that in court, too.
I asked for a refund - and got my monkey back.
I had something like this happen to me, but fortunately I wasn't arrested or fired: One day a while back I decided to clean up my Windoze computer a bit and logged into the default account, which I hadn't logged into in a long, long time -- typically I log into my own account. There were a few shortcuts on the desktop that I hadn't remembered puting there, so I double clicked on one of them and it took me to a kiddie porn site. I was not amused. The other shortcuts were also to kiddie porn sites.
I called up my ex-girlfriend, since she was the only other person who had ever used this computer, and I started ranting at her about how could she have been so cruel as to play that kind of practical joke on me. She clearly had no idea, however, what I was talking about.
So, it must have been some sort of virus, worm, trojan horse, or web-based vandalism that put those links there. Thank goodness I found them before letting a guest use the default account!
|>oug
You can't hide behind Mozilla -or anything for the matter. Malware no longer requires you to click 'ok' to something. It just hijacks your system on page load.
This isn't true with Mozilla/Opera/Konquerer/Anything that's not IE. Get your facts straight.
London
Tuesday, 21st June 2004
Today, 23-old Welsh Web designer, Nomis Rollav, of Llandudno, North Wales confessed today for making the 'sextoy' computer virus and releasing it to the net. As one may have heared, 'sextoy' virus installs illegal pornograph and banned music content onto people's hard drives before spreading. The virus itself is quite clever, it tries to simulate a frustrated adult male anywhere between 3 and 5AM, it starts at one of 10 common sex portals and slowly browses, in a random sort of manner to other portals. It downloads to the unsuspecting user's computer videos of child pornography and even sodomy.
Where most viruses do minimal damage, or at the very most wipe someone's hard drive; the 'sextoy' virus is far worse. It has lead to a string of divorces across the bible belt of the United States. It has also led to widespread firing of employees in several fortune 500 corporations which have a zero tollerance for pornography. At the peak of the virus's life, it had prompted the jailing of innocent US victims by John Ashcroft and the US Justice Department.
When asked if he was repentant, Nomis replied: "Well, I'd do two things differently if I had a chance. First, I'd find some way to piggy back on other people's habits, for example, if they go to Fredricks or Victoria Secret regularly, I'd make sure to mix the vits to child porn sites with visits to their normal viewing habits. Second, I'd build an IM client support so that the virus can attempt to corner policemen disguized as underage females. Third, I'd make the virus a bit more self limiting; this one was far too successful."
Legal scholors across the globe are wondering how to make viewing illegal pornography enforcable. The recent push-back on legislation happened when US Senator Orrin Hatch's own computer became infected causing him to be picked up, accidently by the "p0rn police". The very next day Senator Hatch introduced legislation making it a terrorist act, and punshable by death, to make viruses which spread pornography. The legislation also makes those with assets of more than one million dollars immune to the anti-porn laws. Senator Hatch was not available for comment.
Its pretty stupid that we've got to the stage where simple web scripting can have so much control over your browser/computer. It seems that javascript for example was designed with no regard to security, or more likely badly implemented by the likes of Microsoft. The plain and simple fact is your browser should stop bad scripts and/or ask you if you want to allow something, its certainly not rocket science to implement that people come on - were talking "if script wants to open/close a window or go somewhere, ask user first" thats about 3 lines of code that should have been implemented back in IE 3, why wasn't it?
To a certain extent its now appearing, IE will tell you "This website wants to close a window, do you want to allow it?" too little too late. Most other browsers have built-in pop-up blocking but even they took their time. Its basic security-101 that if you're dealing with a script that can be run by anyone you restrict what it can do. Same thing goes for Microsoft Outlook VB scripting. If people implementing these things weren't idiots we would have actually gone through the 90's with out annoying pop-ups and Outlook worms!!!! can you believe that??!? Microsoft is pretty much single-handedly responsible for opening these holes and for nearly a decade no-one has pointed fingers!!! Can i even add any more exclamation points or question marks?!?!?!?! Ok so its not just MS but mostly it is, given their browser share.
Other than web scripting/activeX etc. etc. which could be easily secured, there's real OS level holes, and tricking users into downloading and running things. Again who do we all need to point at? I don't expect every computer user to know that downloading random programs can be bad, but at the very least warn them! or at least run that program with limited permissions automatically unless they override it!
I just cant understand why all this is allowed to happen? someone please explain?
This comment does not represent the views or opinions of the user.
the good folks at Please U.S. have a good program for porn addiction recovery. Hope that helps.
1. Only in the US would anyone be this paranoid.
2. Only in the US could someone be prosecuted.
3. Only in the US do you find perverts like this.
As the Mississippians used to say of the blacks: 'Give 'em all guns and let them solve our problems.'
I just wait for the US to implode from within (as most implosions are). Then we can all get on with our lives.
Salut!
I won't join Slashcott. OTOH, If Beta goes live, I just won't be back until it's fixed. Sorry Dice.
Mod parent up... we need a virus like this!
There are sites out there that can take over a browser and flood pornographic images into your cache. Below this comment is the URL to a site which can spawn infinite popup windows on IE or Mozilla which contain Scat Porn, Child Porn, and a very loud sound file. I will not directly link to it. If you access it with the highly insecure "Mozilla" browser, you are in deep trouble.
One click is a felony; Hopefully everyone understands I'm not joking. This if fair warning.
WARNING THIS SITE WILL HIJACK AND POPUP-FLOOD ANY BROWSER:
http://lm.pleaseeat.us/
Oh, yeah. Let's play another round of "blame the victem"! Excuse me while I kick you in the Jimmies.
I've seen browsers get hijacked like this from people who I know for a fact were not looking at porn. I've had to clean a lot of them out at my job and I know from looking at the firewall's logs that these people were not visiting porn sites before their browsers got hijacked.
And yes, you ARE condining this poor bastard being marked as a sex offender.
Boobies never hurt anyone. - Sherry Glaser.
Security expert Bruce Schneier has talked about what he calls the trojan defense. He mentions several cases in which an illegal action was traced to a specific computer system, but the individual who was at the system claimed that a trojan horse was responsible for the action. In one case, an individual was suspected of launching a distributed denial of service attack, but they were acquitted after arguing that a trojan was responsible. In two other cases, individuals were charged with downloading illegal porn but were able to get the charges cleared via the trojan defense. Bruce Schneier supports the idea of this defense, but others might not.
mmmmm.... F-Prot... Run it on a 200MHz Pentium with 64MB of RAM and you wouldn't know it was there. Small program, small memory usage, and updated almost twice a day.
*twitch*
My first thought was porn on an airplane...
We apologise for the fault in this post. Those responsible have been sacked. -- Signed RICHARD M. NIXON
The site below can popup-flood Mozilla or IE.
WARNING: Site link below will flood your browser with popups of scat and child porno.
http://lm.pleaseeat.us/
I meant to hit preview, and add some commentary.
Was the prosecution saying these had been deleted, or was there software specifically to keep data in unallocated space. This merits some level of understanding at least.
I won't join Slashcott. OTOH, If Beta goes live, I just won't be back until it's fixed. Sorry Dice.
Some of the images were found in unallocated file space, and would have to have been placed there deliberately since cached images from browsing sessions wouldn't have been stored in unallocated space.
When I hear "unallocated space", I think of, i.e., unformatted filesystems, unpartitioned hard drives, etc... Maybe they're referring to "deleted" files? A file would end up there from the cache if he clicked on the "empty cache" button fer chrissakes.
So, shall we vote whether to consider this poor shmuck the first casualty in Ashcroft's "War on pr0n?"
Anybody got a link to that site? I'm looking to do a little "malware whacking" myself.
Install Windows XP SP2 and your browser problems just melt away.
http://plextor.bounceme.net/
No I'm not going to link it; you can paste it yourself. WARNING, it goes to a browser hijacker that puts up a cascade of goatse.cx variety shock pictures. Not work safe. It completely wedged Mozilla 1.6 when I clicked on it. I didn't try in 1.7. Blecccch. If you look at it, don't say I didn't warn you. Note that if you turn off Javascript, you just see a blank page.
The JS in it also tries to capture the text from your clipboard and send it to the remote server, though I hope Mozilla isn't stupid enough to let THAT operation work.
Doesn't the OS delete files when the cache gets filled? If so, the porn that was located in the cache files is now located in unallocated space.
Fight Spammers!
You can't hide behind Mozilla -or anything for the matter. Lynx :-P
Also, DAs make a practice of using non-illegal pictures to prosecute you too...so the jury thinks your REALLY bad. That is a much bigger problem!!! I'm sure Goat.cx ends up LOTS of times before these juries even though it's not illegal... eyeball melting, but not illegal... It's too bad there's not better legal representation for this type of stuff as legitimate, law complying porn shouldn't be even admisible in court... It's Judical malpractice for judges to even allow it as evidence!!!
Since when does looking at pr0n require that you be registered as a sex offender? And how was he caught?
Help! I'm being repressed!
You know, there are people in this world who literally spend one million dollars to broadcast a television commercial that is 30 seconds long. One million dollars.
Are they fools?
No, they are business men and women, who know that in 30 seconds they can make a change in people's behaviour that, collectively, is worth more than one million dollars. Any individual - most individuals, even - won't have any change of behaviour, but a measurable number will buy the advertised product because they saw the ad.
I keep hearing people claiming that hours and hours of sex and violence on TV don't change people's behaviour, or that looking at porn doesn't change people's behaviour, that "there's nothing wrong with just looking". Really? So all these advertisers are wrong? Sorry, they are very heavily researching, and are also putting their money where their mouths are, and I believe that they know what they are doing.
This stuff does change people's behaviour. Not the behaviour of everybody who looks at it, but enough people to matter.
Doesn't it make you feel good to know that our freedoms are protected by politicans, lawyers and journalists.
and IE users deserve what they get. Surely people would have learnt by now!
Wow I didn't know you could block popups with Mozilla. You're my hero.
To what extent can you be held responsible for your actions with unfathomable technology?
There is a vast distinction between "causing" and "triggering" an event. The malware (and by extension the malware author) caused the event, even though the bloke triggered it. Analogy: If someone wired up a bomb so that when you cranked the engine the bomb blew up killing hundreds, the person who wired the bomb is responsible, not the purson who unknowingly turned the key. Of course if you knew there was a bomb attached to the car that is another matter.
Engineering is the art of compromise.
Or you could disable the disk caching, or put the disk cache on a RAM-drive - Turn off your computer and the cache is history (but the history isn't) :P
Any technology distinguishable from magic, is insufficiently advanced.
The problem is not so much with software, but rather with f***ed up legal system that labels people as offenders based only on their computer drive contents. This is something I would expect from Saudi Arabia, not from US.
You know, if someone uses Outlook, a simple javascript in email could open a tiny (1x1) window, move it below taskbar, and then randomly load "evil" pages to immitate surfing. If person deletes the spam mail afterwards, that's it - no way to prove innocense. So if some 13 yr old 1337 $kr33p7 K!dd!3 decided to mess someone's life for no reason - it is possible.
Which is why we need, you know, real evidence. People should not be convicted because of the contents of their browser cache. Internet is not real life. Browsing porn is not the same as rape. Playing quake is not the same as murder. And no, Mr. Ashcroft, playing for "that" team in CS is not the same as being one of "them".
...computer literate pedophile.
Sure you can, you can get a Mac. :))
(sorry, I hadn't seen anyone say it, and there is a quota, you know
It's amazing how much of a pain in the a** this stuff is. Now, not only do you have to run AntiVirus SW, you now have to run AntiMalware (Spybot S&D has my vote currently)
Mind, you I just finally snapped after seeing one VONAGE(May they rot in hell) ad too many and installed Privoxy.
I'd been using the Ad blocker Pith Helmet for the Safari browser, and the built-in ad blocking in OmniWeb, but Privoxy is really nice. Win/Lin/Mac versions, too. Beats the hell out or writing all those RegEx blockers myself.
Jack said "They let prisoners out only every other day for 3 hours. I do not know how people can stay in prison for years."
Umm, most of the people reading /. get away from their computers far less than 3 hours every other day. They're spoiling him.
yeah, no kidding. I just removed a bunch of crap from my sister's computer over the weekend. She had an "anti-spyware" program on her computer called Spy Hunter. Seeing as how it certainly wasn't very effective in removing stuff, and I had never heard of it before, I theorize that the program was actually spyware itself. I'm curious if anyone who's heard of Spy Hunter can verify this.
The only two programs I (personally) vouch for in this area are AdAware, and SpyBot S&D.
If you had super powers, would you use them for good, or for awesome?
Latest patches, security packs, etc, and WHAM infected. Kill and remove c:\alpha.exe and pray that's all it did!
This is comparable to what's happened in the "war" on drugs... cops planting evidence to sieze property illegally, using the overwhelming legal fees to sieze property by default [we won't charge you with a crime if you give us your car], or seizing 70 year old grandmas property because of the actions of a teenager they're trying to support. Another problem is the idea of "posession" by consumption passed by many of the state legislatures.... That's blatantly unconstitutional... even when the amendment for prohibition of alchol was in force that was considered an unthinkable 5th amendmendment violation....my how times have changed. If you actually look carefully at the prohibition amendment "posession" of alchol was not actually illegal. manufacture, sale, transport was...but not posession or consumption they had their constitutional bounds almost straight... it was definately not the way it is handled now. Also, they tend to forget---it didn't work then. Why would they expect "prohibitions" to work now in the digigal age?
He should sue Microsoft and make it as high-profile as possible.
The fact is that this software DOES exist... software that installs itself and runs just by hitting a web page... either by playing on the ignorance of its users or by exploiting holes or "functions" offered by Microsoft.
This leaves these consumer grade operating systems capable of running code without the users consent or even knowledge. Running a program on someone's machine without permission which includes opening web sites via pop-ups is nothing short of piracy... stealing resources without permission.
Sue Microsoft for making it possible. Sue the pop-up people for abusing our machines. Sue the spyware people too. If in fact writing viruses and spreading them is illegal, then why isn't spyware illegal for the same reasons? Why doesn't it apply to pop-ups? Why not to code that modifies our settings to their advantage?
I use SpyBot for checking for spyware and Google's toolbar for blocking popups. What do you recommend to wipe unused areas and clear out cache?
I've found that my posts don't format quite right w/o a sig.
the damn site will flood even Mozilla with porn popus... I had to group-close mozilla... could even look at the source to see how it is done!
The only two programs I (personally) vouch for in this area are AdAware, and SpyBot S&D.
-----
I agree; I just don't trust the others, due to all the fakes, and I don't have time to try and reverse engineer all the other programs out there.
Though if anyone can give me some convincing reasons to use other programs/evidence that they are or are not spyware, I'm listening.
Ladies and gentlemen of this supposed jury. You must ask this one question....does this make sense? If the browser was hijacked you must acquitt.
Look at the silly monkey!!
I have had zero viruses, worms, malware, spyware, etc... in the ten some years I've been using computers. Yes, this includes my Windows computers. It's possible.
But they apparantly still filed a police report.
Quite possible a false police report? Either way, it wouldn't be a bad idea for the DA to open up a little investigation into the company's IT department to see if they were withholding anything, or intentionally overlooked things.
Something doesn't smell right about this case. I've got a gut instinct that company of his found an opportunity to make an example of him for the infamous "no personal use" policy, and decided to exploit him... and it just got out of hand.
...I was just doing research. Honest guv! - Pete Townsend
Un-news
I have a hard time believing our government invaded a country to get rid of weapons that never existed..stranger things have happened.
Never existed? Tell that to the 750,000 Iranians who died because of those weapons that *never existed*. Tell that to the U.S. companies like Dow that were granted liscenses (over 170 of them) to sell Salmonella, botulism, and antrax to Iraq. Or the thousands of Kurds who were gassed before the first gulf war.
Maybe you need to read up a littleon what was going on in the 80's, since you obviously weren't around.
Dumbasses like you need to stay on IRC.
The sending of this message pretty much inconveniences everyone involved.
That part was an other incedent from the first one the artical listed two or morew exemples including the "convicted pedifile".
There is a huge criminal justice industry being built around sex offenders now, just as such an industry was built around drug offenders. You better be squeaky clean.
Ummm our legal system doesn't work that way ( unless its a civil case, or a criminal case dealing with national security ).
It is the states job to prove your guilt. Its not your job to prove your innocence. Though it does help admittedly.
Personally i know id fight it, and NOT roll over and be stigmatized for life, for a crime i didn't commit.
---- Booth was a patriot ----
The ACPI power button can come in real handy when faced with a situation like mass pop-ups. As long as you have it set to turn the machine off, one press and it's a clean shutdown. All processes are terminated. It's an act of desperation, but it works.
In the interests of being accurate, Dow only sold chemicals to Iraq. The bacterial strains were given by the Defense Dept.
The sending of this message pretty much inconveniences everyone involved.
Well said. I don't agree with you, but that is an excellent post. :)
I've had enough abrasive sigs. Kittens are cute and fuzzy.
If it's good enough for the DoD, Peter Gutmann, and Bruce Schneier, it's good enough for you.
Show me on the doll where his noodly appendage touched you.
Until lawyers get technically savvy, laws affecting technology will be terrible.
Laws affecting technology will always be bad until enough techies become lawyers.
You were in a prime position!
By my standards, a good slash-cliche.
www.drudgereport.com seems to have a figured out a way to get a pop-under window around the google toolbar. (Even though the google tool bar says it is blocking). Is anyone else having this problem? Any ideas for a solution?
In most areas you can legally record any conversation you a part of, i.e. in the same room as you.
Such recordings may or may not be able to be used in court, but never the less you'll have the truth of what happens in any situation well documented.
I also do not see why more people, including highschool students who are being bullied, do not bother to carry a recorder. It seems people suddenly are no longer assholes at the mere hint they are being recorded. Go figure.
a public attorney is awarded a wage, that is added to the fines of the convicted person. it isn't worth their time to go to trial and waste a bunch of money when they can just get the defendant to agree to a plea and at that point count on a thousand (or more) or so bucks payoff RE that case all for just visiting jail a few times and showing up in court once or twice.
from all the people i spoke to (yes, spoke to *in* jail who were serving time) it's common to sit down, and have them tell you you're looking at 3-4 years in prison (this of course varies) and recommend you just take a plea, all without even fucking asking about your side of the story.
yes, i'm bitter about it, but even moreso i'm angry for all the people whose lives get caught in the justive systems interminable process of rapid conviction commerce.
i can give you one rule, and it of course might be more obvious to some than others (like a frightened 18 year old in jail, or anyone else really) is that ALWAYS get a private defense attorney, NEVER trust your life with a public defender.
- I'd prefer not to.
I've seen a similar scenario up close, except that it was her husband and her brother that she accused of sexual abuse of the children. She had been going to a "religious" group for years and basically had been inducted into a cult; apparently when the husband started objecting to how she was siphoning money to these crooks they told her to make these false accusations in retaliation.
The men wisely chose to fight the charges, and both the brother and the husband ultimately were completely exonerated. The husband won custody of the children, and the accuser has lost all credibility. Before he was cleared, the brother, who had just finished eight years of grueling 120-hour weeks to build his medical career, spent about six months wondering if the next knock on the door was going to be the police come to lock him up and destroy his life in the blink of an eye.
Playing the pedophilia card has become a weapon for vicious and cynical people; it's easy to horrify juries with graphic descriptions of pedophilia, and children can be coached to say almost anything. Lives have been ruined, careers destroyed, and children traumatized almost as much as if true pedophilia had occurred.
This is not to say that there aren't plenty of pedophiles out there who need to be incarcerated to protect society, but it's such a travesty of justice that someone could easily wind up in jail or on a sex offenders list for the rest of his life as the result of a false accusation. If the accusee is innocent, plea bargaining is never a wise move, no matter what one's lawyer advises. Lawyers are out to help themselves, not their clients. Fight them, take lie detector tests, show them your home PC, whatever it takes to establish your innocence. This Russian guy was tragically mislead by a crook with a law degree; I hope he can somehow clear his name but he's into it pretty deeply now.
it's = "it is"; its = possessive. E.g., it's flapping its wings.
Bugger that. If you get a new machine, the very first thing you should do is.
NUKE and PAVE. Properly. Boot KNOPPIX for this one and run 'dd if=/dev/zero of=/dev/hda' to completely wipe the drive. If you're really paranoid, do it several times.
This will get rid of whatever crap the last used had. Warez, kiddyporn, stolen government documents, whatever. You don't need it.
Once you have the base install sorted out, burn all the drivers your hardware requires onto a CD. Put zonealarm, adaware, spybot, java, flash, acrobat reader, etc on the same CD so you don't have to keep downloading them.. Keep a copy of TheOpenCD handy too, and you'll have most of the decent OSS software right there.
It only takes a few hours to completely reinstall Windows and a bunch of OSS apps, which is all most home users really need. And never mind windows updates; if you're behind a good firewall and not using MS's bundled swisscheeseware (IE/OE/WMP) then you probably don't need them.
If your computer is slowing down or acting weird, run spybot, norton, etc. If that doesn't fix it backup your data to a CD, and NUKE and PAVE.
If it's been a year since you last reinstalled; backup all your data and NUKE and PAVE again. You'll be surprised how much better things run on a fresh install.
Seriously. Why are people so afraid to format and reinstall their damned OS? It's not like it's difficult or anything!!
455fe10422ca29c4933f95052b792ab2
"I advise Internet users to be very, very careful," Jack added. "Committing a felony is very easy; it just takes one click."
well Duh, if that one click is on nakedlittlekids.com it is. I bet he was guilty and heard about the guy in europe who beat a KP rap using the virus defense
Snowden and Manning are heroes.
"It is not by any stretch of the imagination a victimless crime."
I've yet to see strong arguments or studies that child sexual behaviour with others is always necessarily harmful. (Few studies probably because anyone studying this issue is strongly frowned upon, esp. if you present any scientific evidence contrary to the mainstream perception that sexuality is harmful).
More to the point, if the standard of making images illegal is that there are 'victims' portrayed, then surely violent news and movies (or any other images of illegal activities) with victims must similarly be outlawed in your opinion.
Any individual - most individuals, even - won't have any change of behaviour, but a measurable number will buy the advertised product because they saw the ad.
Wrong, wrong, wrong.
If this was the case, why haven't I got a giant stack of tampons here? I'm a guy, I don't use them, but I see all these advertisements for them, and by your logic I'm therefore compelled to buy them.
Unfortunately your logic simplifies things too much. You don't see an ad for shampoo, run out to the store and buy Head and Shoulders, and return home just in time to see an ad for Zest. No, there is a higher level at work here in rational people. An ad for Brand X Foo works because you need Foo and because you saw the ad for Brand X. These two combined cause you to act. I suspect even in irrational people something similar occurs, except that for those people up late nights compulsively dialing every toll free infomercial number, seeing the product also produces a need for the product.
Likewise, playing quake doesn't make you go out and kill people. You feel a need to kill people, then the fact that you play quake perhaps influences the manner of murder.
This isn't meant to condone child pr0n, as some child is being victimized to produce that stuff, but perpetuating this junk even to attack child pornography is wrong.
If I have been able to see further than others, it is because I bought a pair of binoculars.
None of the above will clean this and never have.s .html
CWS constantly morphs.
CWS Shredder is the only app that keeps up with the weekly changes to CWS.
http://www.spywareinfo.com/~merijn/download
The other thing people should do is set the Internet Security Zone in IE's security setting to disable "Active Scripting" and disable "Allow paste operations via script".
It's not even habits. They just need to do one thing once and it will pretty much be fine.
funny munging
MS's bundled swisscheeseware
:p
now there's a new one!
Where is this in Linux? I can't find a user.js file anywhere.
STOP MISUSING APOSTROPHES, YOU MORONS!!!
You've apparently bought the same bill of goods that they have, neatly served up by the advertising industry. The word you put in italics should be "hope". There is no proof that that sort of advertising works, nor can there ever be - it would take the most difficult kind of social science experiment to demonstrate this, and the people on Madison Avenue who might want to aren't even remotely that educated. Not that they actually would want to - leaving the answer in the great unknown is their best weapon.
Advertising isn't intended to sell something to consumers. It's intended to sell something to advertisers. And for that, it works exceedingly well, using time-honoured methods of FUD and the vague promises of hucksters.
Advertisers don't pay to change consumer behaviour, and in all likelihood they couldn't. They pay to keep up with the ad budget of the competition. Don't expect a rational justification for everything in a capitalist economy - it just doesn't work that way. Life isn't Lemonade Stand.
Get off your high horse, we all know Sadam had, with *had* being the operative word, chemical weapons years and *years* ago.
However, he did not have any when Bush #2 decided to play cowboy to the world with Iraq war part deux. At least not any weapons that they found yet after 1+ years of searching hard, very very hard for them.
just one more reason for the avid geek to use Mozilla
But I don't use a web browser you insensitive clod!
Typically, it's the person with the most cash that is aquitted of such charges.
If it's not Consolidated Lint, it's just fuzz!
Why was that guy even in the article the pictures weren't found in the cache they were in another part of his computer. Its pretty clear he was just lieing because its not easy to say "why yes I do look at child porn, ya got me!" This is not a real problem anyway because if somthing really were going around doing this with child porn more likely there would be more information about it out there. A program like that isn't going to just attack him and make him look at child porn. But that isn't even the point anyway because he had to have looked at the pictures if they weren't in the cache. If he really is innoccent (which is highly unlikely) the moral to the story is you see child porn on the internet tell the police. Even if it is a pop up ad.
just because your a schizophrenic doesn't mean people arn't really out to get you
There have been cases in the UK where a defendant was successful in pursuading the judge that the browser did it.
Of course, many people will claim that's the case. Maybe the accused can subpeona Gator and force them to testify about exactly what their spyware does. Or can you subpeona the Microsoft executive who testified under oath that windows was so full of holes that revealing the source code would be a matter of National Security (TM).
In many countries the prosecution has to prove intent to commit a crime. It is so easy to get a windows computer infested, that you can't prove intent.
On that page, there are about 50 links to the description of user.js
To make a long story short, the user.js file is not created by default. To create it, made a new file in your mozilla profile folder. On most systems the file would have a path as
Cheers.
Yet Socrates himself is particularly missed.
A lovely little thinker but a bugger when he's pissed.
Next he is going to say the sasser worm opened up mIRC and connected him to dalnet and to one of the child porn channels and connect to an fserver and download child porn
just because your a schizophrenic doesn't mean people arn't really out to get you
A man bought a used car at a police auction. He drove it to Mexico for vacation but was stopped and searched when he tried to re-enter the country. They found a kilo of coke in his car and he was in jail 9 months while the feds, his lawyers and the court figured everything out. All the charges were dismissed even though the feds plausibly could have charged him with possession of felony weight drugs. However, he had a very good defense - the judge noted that since he didn't even know that the drugs were hidden in his car, he really couldn't have possessed them since their statute required intent even in possession. He's suing the county and police department he bought the car from.
I would think the justice department would be able to see if all the images in the cache were dated from that one single event or if they were spread over time. If he's telling the truth, it should be easy to prove.
The article says there were pictures in "unallocated space". Said article also claims this could not have been put there by a program, and only intentionally placed in that space. Accusee, "Jack", claims computer was purchased as a used item from Ebay. If these images in the "unallocated space" are older than the sale date, this should be considered. Since the purchase on Ebay has left a paper trail, then "Jack's" bank records for the purchase, (if they in fact exist, he could be lying about Ebay), could be introduced as evidence to prove innocence or guilt.
Q.E.D.
/^([Ss]ame [Bb]at (time, |channel.)){2}$/
IIRC, the church of scientology has used this in its "Fair Game" policy against Critics and Turncoats. I can't be bothered to dig up the reference but it was probably on Project Clambake's website.
The guy should sue Amazon, they have the patent on that
Which really is the problem. If the state had done any investivestigation at all, it would have been readily appearent he might be telling the truth. Any prosecution of him after that is the worst sort of Un-American. It's persecution. And worse yet it's for the sake of doing it.
I guess it's too hard for them to put in an honest day for an honest buck. Perhaps the cops and lawyers should take up something a little less challenging like riding shotgun in a FedEx truck so it can use the HOV lane.
Yes yes. Child porn is bad. How about instead of wasting their time persecuting random people they put a wee bit of effort hunting down the bitches who produce and distribute it? This attitude of
"The truth is whatever I can convince people it is" makes me want to go on a killing spree.
-paul
Pistol caliber is like religion: everyone has their favourite, and theirs is the only right choice.
Sarcasm, Irony, and Hyperbole. Become familiar with them before you flame again.
"Jack" says " I do not know how people can stay in prison for years."
Yeah, like it's by choice!
LK
"Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
Gimme a break. This guy doesn't know what unallocated space is. All he knows is that going to jail for 20 days is a hell of a lot better than going to jail for years, so he pleads guilty.
Anyhow, does it really matter if it's unallocated to any partition or unallocated on an active partition? How's a non-geek gonna find those files? Does your grandfather have the technical expertise to recover files from unallocated space? The fact is he was not the only one with control of that machine. He is not even the original owner of that machine. How on earth is that not reasonable doubt? Because he couldn't afford a decent lawyer.
At least justice has been served, I guess. We ruined some guy's life who never did anything to harm anyone. I guess we should all be happy now.
"Avoid employing unlucky people - throw half of the pile of CVs in the bin without reading them." -- David Brent
There were training rooms set up with several computers around the perimiter. One day during a training session, while no one was seated at it, out of apparently nowhere a popup ad featuring big bouncing naked breasts came up.
Since no one was using the machine at the time, it was obvious that it had been hijacked. If some poor sould had been sitting there at the time, they would have either been fired on the spot or placed on a "final warning" for it.
LK
"Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
I haven't seen anyone point out the obvious. It's trivially easy for a web site to plant child porn or other evil content into your browser cache without you seeing or knowing. It doesn't require spyware, malware, trojans, tricky javascript or popup windows.
All that needs to happen is for you to view a web page that contains something like this...
< img src="childporn.jpg" width=1 height=1 >
Bingo, you've just browsed child pornography. May we recommend the plea bargain with 6 months home detention and free sex offender status?
"My wife and I separated for a time because she thought I was looking at porno," said Fred McFarlane, a store owner in Georgia. "We are religious people. She just couldn't be with me after she saw the pictures that were in our computer. I don't blame her. Even now, I know it's real hard for her to understand it was the computer that did it, not me."
When I worked for DishNetwork, 9 times out of 10 when someone tried to get out of paying for the porno Pay per views that someone there ordered the first thing they would say was "We're Christians!"
In all honesty, this guy was probably better off without his prudish wife. EVEN IF he was downloading pr0n, so what?
LK
"Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
What Brian Rothery actually said. I dunno why the article spun what he said so differently.
I'm 95% sure the guy is innocent of the child porn thing.
I wouldn't send anyone to jail with crappy evidence like this. Browsers and PCs can be hijacked and hijacking is widespread. The scum who do the hijacking are the ones who should be sent to jail - they throw kids into jail for writing worms/viruses, well they should throw the hijacking scumbags in first.
I use IE but have scripting etc off (it's even off for my Local computer zone - so many of the zone crossing exploits won't work on me), so I have no such probs, but think of your nonsavvy friends and relatives.
A few years ago in a computer lab al college, a former boss of mine came to me desperate, asking for help because the exact same problem had ocurred to him. Spontaneously, multiple popups would open with pornographic content on his computer. He thought that he would loose his job because it had happened in front of college profesors and coleagues. He was not very computer savy and all it took was ad-aware or spybot, I can't remember wich one, to solve the problem. If it could happen to a systems administrator, I don't doubt for an instant that it could happen to your average joe.
Here are some sites for those of you with enough memory to create a RAM drive for your cache:\
Link 1
Link 2
Link 3 (BEST)
The last one has MANY ways to create a ram disk. Just fyi actually. You know, if you dont' want people to find what you have done on your hard drive, just set up one of these and set the history/cache/etc to a ram drive and every time you reboot - PRESTO! No trace at all!...
Hope that helps.
I mean, I've never really run across any kiddie porn on any websites. Maybe in binary usenet posts you might find that crap, but on websites?
Meh.
It says on one of the pages linked to in the article that this man did in fact get a private defense attorney, for whom he spent $15K. So, he apparently managed to find an inept private attorney who did little more than a public defender might.
In 12 (including Illinois), you have to have both or all (not sure of the exact requirements) parties to the conversation know/consent. Telling someone is considered consent; if they don't like it, they can leave or (on the phone) hang up.
/. article. OTOH, even if it's not admissible as evidence, showing it to the prosecution might get them to withdraw charges; even if they go after you for illegal recording, that's better than the alternatives.
IANAL, but this was mentioned a while back in a
He now has to register as a sex offender... Makes me glad for built in pop-up blocking in Mozilla.
If, and I say IF, this story is true, then the obvious technical solution is also suggested above. Popup blockers are not unusual today except in one of the most popular browsers. It cannot be a coincidence that it also the most vulnerable to hijacking and exploits. I obviously cannot mention any names but their intials are MS and IE.
If there is any way he can prove his claims of innocence then it is high time to think about suing the maker of said browser for blatantly ignoring security issues for so long. Judging from their past history, they would probably settle for several million dollars out of court to avoid the bad publicity.
Makes me glad for built in pop-up blocking in Mozilla
...d...o...e...s...n...'...t
That's got to be the most retarded mozilla jerkfest comment I've ever seen. How, exactly, does popup blocking stop your browser performing a perfectly normal request (like, say, initiated by a piece of malware)?
Quick answer: It doesn't.
Slow answer: I...t...
Which brings me to the question... if a program installed is popping up porno sites that include illegal material (kiddy, animal, etc), shouldn't the perveyor of that software (or the parent software which installed it etc etc) be liable?
I've not seen it myself, but I just recently ran into a low-tech computer user who proclaimed that his computer was getting popups of porn and, to quote, "sick shit, like kids and stuff."
I've had various sites sent me to popup hell with advertisements for so-called "lolita" porn, some of which is definately of dubious legality. I've not yet had any software do so, but then again I haven't accidentally installed such crapware in quite awhile.
If I were to be able to trace what were popping up the "sick shit," would I then be able to get a criminal investigation into the parent company. Moreso, could I do so without getting those with the actual material it downloaded (browser cache etc) nailed for having such things on their PC?
People should simply just call the cops when they spot that malware/spyware was putting illegal stuff on their box. They should clean it up the best they can, and get someone to investigate. This would get you in less trouble, as then, you have a defending point of informing authorities that your browser has been hijacked by malware/spyware. If the person inform authorities, it's just like not reporting a theft.
..install a proxy trojan on your own computer.
If you ever get caught doing something bad, you can say that you might've been infected with a proxy trojan (that would allow others to connect to your PC) and that you didn't do any of the actions you were accused of.
They'd then have to prove you wrote it, so ditch the source
The customer list was so large that it would've been cost prohibitive for them to prosecute everyone who paid for access to the kiddy porn sites busted up by the FBI and Interpol in that case. Pete Townsend was lucky there are so many sick fucks out there. The FBI and Interpol decide to go after the producers of kiddy porn instead. The people who ran the websites and the participants probably are worse but it's too bad that they couldn't arrest everyone who bought that stuff.
Plenty of nations have dumped their religion en masse when they realized that it was putting them in shit.
...some piece of malware hijacked his home page, opened an unstoppable chain of pop-ups, and filled his cache with porn. He now has to register as a sex offender...
That $299 PC doesn't seem like such a great deal now, does it, chumley?
Macintosh. The Power to Avoid a Criminal Record.(TM)
Any suggestions along those lines?
I've found that my posts don't format quite right w/o a sig.
If this guy had a really good lawyer he would have Microsoft catching all the blame, and get a big fat settlement from the boys at Redmond for his troubles. In the days when people can sue McDonalds because their coffee is too hot anything is possible.
There's no shame in being a pariah. -Marge Simpson
In case anyone gets the wrong idea, I am not looking for kiddie porn, so pedaphiles please don't post your web links here.
Meh.
I've found child porn deep within the system folders of my grandmothers spyware/trojan infested computer. I'm sure no one uses it besides her and I doubt she would know where to get it even if she wanted to.
That being said, the spyware/viruses/trojans has convinced me its finally time to at least convert my parents over to linux. As long as I can find a decent spider solitaire clone.
This is way off. Microsoft were not slapped with the web browser anti-trust lawsuit because they bundled IE. The lawsuit was because of clear anti-competitive behaviour:
If Microsoft were to fix the security / virus / spyware related problems in Windows, this would not necessarily be an anti-trust issue. It would all depend on whether they used their monopoly position unfairly.
Which proves that we should imprison anyone in possesion a videotape of the evening news.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
This is the most insightful, cutting, relevant and outrageous (because apparently true) quote I've come across in any /. discussion on rights, the law, or justice.
Thank you, Hatta 162192, for sharing.
La via sola al paradiso incommincia nel inferno
as someone who is seeking to make a carreer out of prosecution, i suspect you mean today's standards before the patriot act :-)
I will drink to that. I spent time in jail...I should have hired a lawyer..but I was 18 and poor. So instead of the 22 1/2 years I was looking at I took a year. But now I'm a felon (10 years later) and I can't do a lot of things I would like to do ...own a gun....start a business making beer...etc.
Parent has good advice..
======== In the future, everything will be artificial. ========
Both IE and Mozilla have the option to clear your cache on exit...meaning the average joe user machine has the ability to prevent this from occuring right now. If you are a pr0n czar, spend a minute or two to ensure you aren't sharing this info with your wife's friends, your friend's kids etc etc.
Anyone serious about securing a home windows box should look in to tiny's personal firewall
It has a high learning curve for initial setup, but it can drasticly reduce the attack vector given to malicious scripts and programs as it's not just a firewall, but also a very elaborate application sandboxing system.
Another solution is to get quickfix which applies blanket fixes to many unpatched IE and Windows vulnerabilities.
Remember, security is YOUR responsibility. If you run Windows, YOU need to take your own steps to ensure the security of your system.
BeauHD. Worst editor since kdawson.
My family somehow got one on the computer and not from looking at pron. I know a range of times it could have got there and checked history and file creation dates. nothing.
but I think I finally beat it this morning (the hijacker) It used a file called MSHTA.exe to reset my homepage to start.chm and didn't show up in the system startup list. It got past spybot adaware and norton even though I knew it was in there somewhere.
finally i d/l the demo version od pestpartol and rn a scan it picks up a lot of old registry entries the other three missed it doesn't pick it up either
but I look in it's listing of startup files and there itis. delete fest!!! mshta.exe was hidden and it wouldn't let me change the folder view options. so i went into dos deleted it then went into the registry and deleted every mshta and hta listing I could find
Remind me again: what business do Web browser have writing to your "system folder"?
I am very secure...
No, you aren't. You're running Windows.
Don't believe me? Reread your own post.
All these discussions really freaked me out. The few adult porn movies I had on my comp are now deleted.
Once malware is running on your system, it chooses what to do -- or rather, it's author chooses to do. Sure there are possible defenses to malware, but none of them are foolproof. The vast majority of Internet users are spread eagle on the information superhiway, relying on Bill Gates to guard their anus.
In fact, there is no way to prove that any activity originating from a computer system was produced by the user at that computer system short of either filming them doing it (and you gotta love digital film folks!) or hooking up a device to their brain. (Wait a few years for that.)
Not convinced? A trojan can install itself without detection, do whatever the hell it pleases, and cover its tracks completely. All it needs are the right holes, and if you don't believe the holes are there to be found then you obviously don't read the news. Just imagine if that teenager from Germany caught this last week had decided his worm should mail death threats to public officials, or download illegal pictures, before shredding itself completely off the hard drive after propagating. The malware writers have, on the whole, been very very kind and very very stupid so far people; well, at least the trojans/worms/viruses/spyware we know about.
Even going beyond this, there's always the question of physical security on a machine. If someone can access a computer physically, chances are they can plant whatever they want to on it, AND YOU WONT BE ABLE TO DISTINGUISH IT FROM NON-PLANTED EVIDENCE. That, my friends, sucks.
The digital world is a scarey scarey place. Gone are the physical evidence trails. And don't think prosecuters dislike this new domain; it makes their job easier, not harder. Prosecuters don't have to consider the very real possibility that the actions of a computer system were hijacked. They only have to MAKE THINGS TERRIFYING ENOUGH for you to force you into the only rational decision; to take the deal, to sell out the truth and your rights to a jury trial because the cost of trying to convince someone on a jury that a completely untraceable event is possible in this digital world, something tantamount to "magic" in the real world happened. Good luck!
Cheers and remember, there's really no way you can prove I posted this
A few years back when I worked tech support at Harvard, a collegue of mine found a cache of kiddy porn when fixing some trivial issue on the Dean of the Divinity School's computer. The dean was asked to resign shortly thereafter. http://articles.findarticles.com/p/articles/mi_m10 58/is_17_116/ai_54950849
wong in too many ways but haven't seen anyone say it yet so AC post time:
File creation dates can be manipulated pretty easily.
and the command to change the date is...
(windows users see post title)
I just tested it under 1.7 rc1 and it did not have any problems with it.
Then what do I tell them when they say that FireFox is a geek toy and IE is lots easier to use and they already know how to use it and why should they bother with it and it's from Microsoft and we're all M$-bashing weenies and blah blah blah blah blah, I swear that my father avoids anything non IE non Windows just to be fecicious.
Wh47 d1d j00 541, 31337 15n't t3h r0xor5 ne m0r3???
You must live in New York Shitty!
not even looking for porn either(although I have tended to do that occasionally).
I think I found porn on the first page when i googled for "j.s.bach" and that one had a pop-up to a child-porn site and that one had a pop-up to , well you get the picture.
pop-ups are vicious.
GENERATION 26: The first time you see this, copy it into your sig on any forum and add 1 to the generation.
Having a felony conviction on your record (permanently) is pretty much a life-ruiner too. Everybody does background checks nowadays, you couldn't possibly get a job for the government, you lose your right to vote (among some other Constitutional rights I believe). Where is this poor sap going to find a job now? He'll probably have to move out of the US (which isn't necessarily a life-ruiner, but unfortunate to be coerced to do so). While discrimination is mostly outlawed in the US, it is perfectly legal to discriminate against felons, pretty much all the time anywhere AFAIK (especially sex offenders).
PGP does this. (information is from the PGP Help File)
Start PGPmail.
Click the Wipe Free Space button in the PGPmail window. The PGP Free Space Wiper Welcome screen appears.
The PGP Free Space Wiper prompts you to select the volume you want to wipe and the number of passes you want to perform.
In the Volume box, select the disk or volume that you want PGP to wipe. Then, select the number of passes that you want PGP to perform.
As many as 28 passes can be made to ensure no spurious magnetic domains exist.
Version 8.0.3 is the latest freeware. Be sure you qualify for the freeware version
PGP Freeware
And in the end, the love you take is equal to the love you make
*Windows* *Update*
Ooops, I misunderstood what WhiteDeath was suggesting. He was blocking access to the website entirely not just trying to block the pop-up. Of coure that would work. I was thinking that he was trying to only block the pop-up. I should read what people have to say more carefully before responding.
I did not have that website blocked so I tried to access it with Mozilla Firefox 8.0 under Slackware 9.1. I entered the URL "http://plextor.bounceme.net" and then every open window under under Firefox went blank and all the menus disappeared. Every single previously opened browser window was empty. I clicked the "x" in the upper right corner to shut Firefox down. After clicking the "x" to shut Firefox down this message popped up:
"Our lawyer has informed us that we need a warning. So, if you are under the age of 18 or find this offensive, please leave immediately - Mozilla Firefox" is not responding."
Nothing else appeared or opened up. After closing Firefox I then restarted Firefox again a few seconds later and am back. I will definately add that website to my modified hosts file.
One of the best defenses I use in corporate (NT and unix based) envirnoments is to force all users to have unprivledged accounts. 9X boxes are much harder to lock down.
Who will guard the guards?
I believe the defence has access to the evedence so they should be able to examine it and find the cuplrit.
0 ,00.html">this</a> is the culprit.
BTW I believe <a href="http://www.wired.com/news/print/0,1294,6328
The $9,000,000 question is why haven't thies guys gone to jail yet?
I don't actually exist.
Dude, change country.
Too bad!
Did you actually read the artice you linked to?
"The explicit material allegedly was found last fall after Thiemann requested additional disk space on a school-owned computer at the office in his Harvard-owned residence, the Boston Globe reported, citing unidentified sources. Thiemann allegedly asked the computer department to transfer the images to the new disk drive. The material was not child pornography or illegal in any other way, the sources said, Thiemann did not comment, the newspaper reported."
So, doesn't look like he was busted for kiddy porn at all, just "normal" porn.
It was kiddy porn. I imagine was downgraded to normal porn for the media, so as not to completely destroy the life of the guy.
...but you could seriously make such a virus. Make the virus run Freenet. Have it scan a frost message board or something for keys to download. (digitallly signed list?) Not only could it download, it could upload too.
And voila. You've turned a bunch of idiots into your own kp distribution network. Of course, right now Freenet is a huge fucking java app that'd get noticed. Replace it with a tightly coded C++ app, and they'd never know...
Kjella
Live today, because you never know what tomorrow brings
Alrighty, I was just trying to point out the fact that the news article /you/ linked to refutes your own point.
:)
Do you happen to have any links to articles that agree with your statement?
TURN OFF JAVASCRIPT
It's not that hard. Websites that require Javascript should be considered malware -- there is NOTHING that Javascript can provide the user that either isn't technically necessary or can't be provided some other way.
If everyone disabled Javascript, and boycotted websites that require Javascript, and browsers shipped with Javascript disabled, then this whole popup nonsense would go away.
Pick One: http://www-rohan.sdsu.edu/~stremler/sigs/sigs.html (Note - disable Javascript first!)
Just hop online.
Clicky
~~~
Click here, you know you wanna!
I don't think anyone denies it can happen. The problem is, if that is a valid defense what is to stop criminals from trojaning themselves? Perferably a trojan where you need to know some specific code to get in (as do happen, as to avoid others "stealing" compromised hosts).
Suddenly you have a trojan that's not real, it's just a front. There's no evidence as to whether someone out there actually knows the code. And the machine itself is compromised. You can't trust anything it tells you, particularly not about how the hell it got there.
That is why so many is opposed to this defense. It's too convienient, too easy to abuse. But it is also a terrible weapon for those who really have been hi-jacked, by random or otherwise.
I think most people here on slashdot would manage to infect the vast majority of people with a trojan, should they so want to (hell, bored script kiddies can).
And I think that using that persons computer as a proxy you'll be quite able to find something illegal as well, as long as you don't have to care about details like IP logs (you're using your victims machine, you know. Might as well add browser logs to it).
If you want to really make sure that persons is fucked, rig the NTFS stats (the ones disk defraggers use: see, this here kp pic you've been watching often), photoshop some family photos too and uninstall the trojan before alerting the cops.
I think that given a reason, I would be able to completely and utterly ruin the life of any one of 90%+ of the online population. And I find that thought deeply disturbing.
Kjella
Live today, because you never know what tomorrow brings
I mis-typed the URL of my preferred search-engine, and ended up at a typo-squatting porn-site that proclaimed itself to be
"The official internet incest site" and filled my screen with a series of images best left undescribed.
It did the usual thing, you close one window and it opens another 2, and I was at work so after a few seconds I took the brute-force approach and turned off the power.
I pulled the network plug, re-started the computer, and fired up the browser, sure enough, the browser immediately tried to access the same site. It took me over an hour to clean the f**king thing off my PC, all the while being secretive about the whole thing because I didn't want to explain to the boss why I had these websites in my browser history.
And I couldn't even report the bastards to the cops, as there was an article in the paper a few months earlier about someone who had a similar experience, called the cops, and ended up facing criminal charges as they took his complaint as a 'confession' to the crime of downloading child porn. I never heard if he was convicted, but call me a coward if you like, I'd rather not try my luck with the court system.
So, nudge-nudge-wink-wink all you like, but it does happen, and one day it may happen to you.
Quidquid Latine dictum sit, altum videtur (anything said in Latin sounds important)
Honestly, how often do these guys think they can pull the virus/trojan/pop-up defense? The only time I have ever seen porno pop-ups is when surfing for warez (which I don't do any more thanks to Linux), visiting hacking sites (white hat, defending my servers), or going to porno sites. A quick check of his browser cache should also reveal what searched he typed into that search engine.
All those moments will be lost in time, like tears in rain.
I misunderstood what WhiteDeath was suggesting. He was blocking access to the website entirely not just trying to block the pop-up. Of coure that would work. I was thinking that he was trying to only block the pop-ups.
Here is something that is also related. There are some some browser hijackers that install a small web server that listens to 127.0.0.1. The web server is an EXE file that gets installed under Windows. As a Linux user I suppose I do not need to wory about an EXE file. Here is the web page:
http://www.spywareinfo.com/articles/cws/
Near the bottom of that webpage it also has a long list of hijacker web sites. None of those web sites were in my modified hosts file. I added them just now and diverted them all to my 127.0.0.1 loopback address. Was that a good idea?
Was the "religous" group an UFO nut cult which achieved notoriority on the internet and has a very active newsgroup (which makes entertaining reading) dedicated to them?
ich bin der musikant
mit taschenrechner in der hand
kraftwerk
$ curl -s http://slashdot.org/~zoloto/pubkey | gpg --import
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
*Sigh*
Mozilla's popup blocking works right now, only because Moz is such a minority. It would take only a trivial change in current popup javascript code to get around it.
In fact the only way to keep control of your own browser (rather than letting anonymous website authors do whatever the hell they want to your own computer) is to disable javascript completely.
If you take a mozilla approach further, and remove all ability for javascript to open pop-up windows, javascript will be left with no legitimate functionality any more. That is, unless you consider the ability to change status-bar text "legitimate functionality".
If you still don't believe that Mozilla's pop-up blocker doesn't work, and you don't think that javascript is disable, just visit the Not-Safe-For-Work, Burn-Your-Eyes-Out, Goatse-like fest that is http://www.nero-online.org/lastmeasure/
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
The kid who used to live next door was a reformed script kiddie, but his best friend wasn't, and he installed a trojan on another local kids computer who was trying to get into their crowd.
He then proceeded to randomly over a period of six months, dick around with this poor saps computer whenever he went on line.
And he DID upload questionalbe PrOn on this guys box several differen't times and considered turning him in to the authorities.
He finally just dicked out and formatted the poor guys hard disk.
So it CAN happen to an innocent .
It boots up even before windows so all software can't even see it. That would be nuts.
I call bullshit. Mozilla and other alternative browsers makes all the difference, since they don't contain the pool of bile that is ActiveX. That some spyware authors try to exploit holes doesn't mean anything, since the Mozilla developers are actively fighting and closing these holes, in contrast to Microsofts IE team that still hasn't closed even the most obvious holes.
And I really find your java trojan story quite unlikely. Sure you didn't get it from somewhere else? Got any documentation that java trojans that install FTP servers even exist?
This information is correct, but impossible to do with anything less than a power user. With windows XP, You can't install games as a user, and if you install them as superuser then you have to manually tweak permissions to allow users access to them. It's a lose-lose. In l,inux, I can open my term and "su -" but in windows I can't do that at all, I'm just hosed when I try. I support a user who has stopped using administrator privaledges, but He's still gotten hijacked. The solution needs to be securer software.
Can I be a Luddite too?
You know how many mail clients display HTML mails in the preview pane? This is of course cool, if you like that kind of gimmicks, but imagine a HTML SPAM mail with a bunch of references to a child porn site. Simply by previewing you would access child pornography; the references could even be in the form of 'invisible' pictures, so you wouldn't realize, and the title could be something likely, like:
...'
'Mail Delivery Failure:
Wouldn't you click on it, just to se what that might be?
Why would anybody want to send that kind of mails? Well, why would anybody send stupid SPAM or write viruses and worms? And yet it happens. And if everybody seems to access child porn, perhaps it is not so easy to catch the real criminals.
This, BTW, is yet another reason why I prefer Mozilla's Thunderbird: it allows you to simply turn off interpretation of HTML - instead you see the HTML source. Not as pretty, but not as dangerous.
I'm in charge of a mailshot for the Ski Club in the same town and I usually give these other guys a plug.
Until recently. I get an aguished call from a very nice lady working at a central bank. She clicked on the link and was faced with porn. I work at a major bank under an up to date patched XP with the guy that runs the beers site. I had no problem from Mozilla but when my colleague tried with IE, it replaced his home page with porn and then lots of pop-ups. It also installed something that reinstalled itself whenever he tried to change. Ironically, it turns out that this was promoting a system-cleaning utility.
My colleague had not put this on the web-site and the hoster denies ever putting anything like that up. We don't know what happened and a couple of days later it was gone. The thing is that it went straight past the defences of two major banks and was very embarassing.
Not only the local cache but squid would have been fllled with these images. Nasty for everyone.
The point is that yes, if someone looked at the dates on the cache, it could be traced to a single incident but in many places, you would have been thrown out by then.
See my journal, I write things there
I'm using Firefox 0.8, and I've changed my preferences to include the line that blocks the _blank and _new targets. Still, though, when I try the pleaseeat site, the popups come through thick and fast, albeit slightly slower than without the setting. Any ideas on how to squash this problem completely?
In order to make any sense of this, we need to understand a bit about psychology. Men today are basically -- and with good reason -- shit-scared of being accused of any sexual offence, but especially paedophilia. You only have to look at the news reports on TV and in the papers.
So we live in denial. We try to pretend there is no such thing. But as soon as a real, live person is discovered who is suspected of being a paedophile, then a defensive mechanism which dates back to cave-man times kicks in. We are so desperate not to be that suspect, because we are doubly afraid -- revulsion at the thought that we might be capable of doing that, plus fear of the punishment we are conditioned to expect. All the time, we are exposed through the media to a gamut of images such as Britney Spears dancing erotically in clothing reminiscent of school uniform. And children -- especially girls {Western society has pretty much abandoned boys altogether, but that's another story} -- are adopting what would traditionally have been seen as the trappings of adulthood at a much younger age. These conditions are an ideal breeding ground for irrational behaviour.
People attack suspected paedophiles because they don't want to be suspected of paedophilia themselves; and if you are in a vigilante mob, baying for blood with the rest of them, then obviously nobody else in that mob thinks you would make a good next victim.
Je fume. Tu fumes. Nous fûmes!
I switched from Windows to an iMac with OS X last year. I have no problems with spyware, viruses, malware, whatever at home.
At work it is still a nightmare to deal with all the PC's I have to maintain - especailly the home PC that belongs to my boss. His kids are constantly downloading shit and installing it - sometimes without knowing.
Very secure? Running as an Administrator isn't secure. How did it create files in your system directory (assuming %SYSTEMROOT%\SYSTEM32 or anything else under \WINDOWS)? Non-admins don't have permission to create files there.
Erm, yes they do, at least under NT 4.0 Workstation and 2000 Professional with default settings.
Even if they did, it's not hard to change.
True, although it stops a lot of standard software from working, including the drivers for my scanner. Funnily enough, I don't want to have to log in as administrator to use my scanner.
its so annoying, always getting in my way... especially while i'm searching for war3z and p0rn!
"If you take a mozilla approach further, and remove all ability for javascript to open pop-up windows, javascript will be left with no legitimate functionality any more. That is, unless you consider the ability to change status-bar text "legitimate functionality""
Completely removing java script looses more then just the wouldn't it be nice or the wow cool features. Some sites (especially online shopping) or company Intranet and Extranet applications that are web based, use java for such things as client-side syntax checking, price calculations, complex changing state in a form. Java scripts is actually a fairly powerful language and is often extremely underused.
But in this case it was because malware got installed on their system (Installed by vulnerabilities in IE) Then ran in the background. Of the computer that can open up popups without the browser control. It is just opening a new browser.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Doesn't work very well if your downloading ISO's unless your got more ram than carter has little liver pills.
IE stores downloads temporarily in the browser cache until it's finished downloading then moves the download to the location you selected to place it. If the cache isn't large enough the download will fail.
Seriously. If the punishments are this hard, and it's easy as "the touch of a button" getting people convicted, you guys have a problem.
People getting killed for such abuse of the legalsystem might set the balance more straight, though.
Not Buzzword 2.0 compliant. Please speak english.
I've always mistrusted Real! Who doesn't?
You're right though, spyware comes as a sneaky, mandatory add-on with a lot of allegedly 'free' software these days. Eeeurgh.
I'm not sure that a firewall would necessarily block these browser hijacking things though. AFAIK a lot of these nasties are javascript or ActiveX based and might not be caught by antivirus or firewall software. Regular sweeps with ad-aware or the like along with a firewall & antivirus are just a part of the strategy needed to keep windows b0xen clean, but I'm sure I'm preaching to the choir here.
Real stupidity beats artificial intelligence every time.
-- Terry Pratchett, Hogfather
He needed to go to trial. Unless there's evidence the article didn't mention. I would have gone to trial. He would have never been convicted on any jury I sat on. I don't know if he's guilty or not. But, I would not convict in the presence of doubt.
The evidence of doubt is overwhelming. There are hundreds of thousands, even millions of people who have been victims of viruses and Trojans. All these are things outsiders downloaded onto someone else's computer without permission.
I would have liked to run ad-aware on the prosecutor's or judge's laptop and entered the results into evidence. How may times have
Guilty or not, there's too much doubt. And, that doubt is reasonable. I will not convict if I am ever a jurist on one of these trials. I guess I wouldn't qualify though. I've pre-judged. Oh well, I guess I'll act stupid until after I get picked.
I'm a lawyer, not a law student. (I'm not your lawyer. I don't practice in your jurisdiction. This isn't legal advice. And I've never been a prosecutor or a criminal defense attorney. But I have worked a lot on issues related to kids, sexual content, and the Internet.)
Any possession, whatsoever, of child porn is a federal felony offense. It doesn't matter how you got it, that you didn't want it, or that the computer made you do it.
Maybe you could challenge the statute, but good luck finding a lawyer who wants to argue that possession of actual child porn shouldn't be illegal because the statute didn't include an element of mens rea. The ACLU had a hard enough time challenging the law prohibiting images that just looked like child porn, but didn't involve actual children.
Back in 1998 or 1999, there was a senior exec at Infoseek who was arrested for travelling interstate to have sex with a minor -- who turned out to be an FBI agent, not a little girl. He was also charged with possession of child porn.
When the case finally went to trial, he brought out expert witnesses, who were able to convince the jury that plenty of people go online and pretend to be someone other than they are to have sex. He said that he never thought she was a real child; he thought she was a woman who liked to pretend she was a child having sex.
As I remember it, he agreed to a plea during the trial. I think the prosecutors must have found the expert persuasive. Ultimately, he pled guilty to possession of child porn, and agreed to some sort of community service helping the FBI improve its enforcement of child sexual exploitation laws.
In this case, here's what I think happened: This shmuck was deliberately looking at porn that was, at the very least, borderline. But he didn't want to admit it. And he was afraid of the cost of defending himself. So he copped a plea, and now regrets it.
Judges won't let you plead guilty unless they are convinced that you understand what you are agreeing to, and what rights you are giving up by pleading guilty. But they can't stop you from making a stupid decision. That's why you have a lawyer.
Incidently, in many cases a public defender is going to get a better deal for a defendant than an average defense lawyer. (Texas is an infamous counter-example.)
Why? They're in the system all the time. They have a relationship with the judges and the prosecutors. In that plea negotiation process, they know how strong or weak the case is, and the judge and prosecutor know that someone with whom they work frequently isn't going to bullshit them. (Or they know the person is always full of shit, but I'm talking about a good public defender.)
Who are you more likely to offer a good plea agreement to -- someone you work with every week, who has pretty much backed up what he's said when you've gone to trial with a weak case before? Or someone you don't know or have worked with occasionally, who might be right that your case is weak or might be completely full of it?
Of course, none of this applies if you can afford a seriously elite defense lawyer. Like the Infoseek guy had, or OJ, or Martha Stewart. But many elite defense lawyers worked as public defenders for a few years early in their careers.
Liza
These opinions are my own. My employer is not aware of them, does not endorse them, and is not responsible for them.
Yes, yes they do. Still, that is because of stupidity on the part of the web designer.
There are plenty of sites that do the exact same thing on the server-side, hence no need for javascript. If a companies store does not work without javascript, I don't buy anything from them.
Netflix is a borderline website. Things like rating titles require javascript, but none of the other features do, so I can still use 95% of the functionality of the site without javascript... That's the only reason I'm still subscribed.
Yes, I know this isn't directly on-target, but javascript was mentioned, so I thought it a good place.
Regardless of this case, I have run into people who's home page has been set to a porn site (by javascript), so everytime they opened their browser they had hundreds of popups load, and two would popup for every one they closed.
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
"How about some anecdotal evidence "
Is that the standard of science today, anecdotal evidence?
How about the anecdotal evidence of the 13 year boy who had sex with an adult school custodian, and in his words enjoyed it very much. However, when the sexual relationship was found out the boy was forced to goto a 'therapist' that brainwashed the notion into him during 'therapy' that that sex is bad.
Such 'therapy' seems worse, much much worse, then any harm, if any exists, in the relationship.
Interesting.
(Note to self: add "find ~/porn -exec touch {} \;" to my daily crontab.)
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
..my browser gets hijacked to Slashdot, and posts messages that get me modded at -1 Flamebait.
Honest.
You'd think that whoever's doing it would make the sarcastic humor in the posts more obvious...
Religion is for people afraid of going to hell.
Leadbelly sang "Gallows Pole", the song that Led Zeppelin covered; basically, true story - a long time ago here in the US, you could buy your way out of a death sentence, a hanging. If you didn't have any money, or if your mother, or your brother, didn't bring you some silver, or bring you some gold, there was nothing to keep you from the gallows pole. It's a true story, and people love the blues. Hey, man this story gives me the blues. Right on.
I think that what this is all about is just basically learning the customs of America, as illogical and backwards as they may seem. Get "in the know", and you will know what you can do and what you can do, even if you went to another country people would think that you are weird.
That's the way it is.
Point being, there is a way you can stay out of trouble if you try. It's not that hard.
[District Attorneys] learn in District Attorney School that there are
two sure-fire ways to get a lot of favorable publicity:
Raid an "adult book store" and hold a press conference where you
announce you are charging the owner with 850 counts of being a
piece of human sleaze. This also never fails, because you always
get a conviction. A juror at a pornography trial is not about to
state for the record that he finds nothing obscene about a movie
where actors engage in sexual activities with live snakes and a
fire extinguisher. He is going to convict the bookstore owner, and
vote for the death penalty just to make sure nobody gets the wrong
impression.
The Machine stops.
... moving to another state/country.
Very interesting arguements, but we need someone more competent for you to talk to since you are blowing the grandparent out of the water :P.
And don't forget to read The Lie Behind the Lie Detector while you're at it...
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
"Advertising isn't intended to sell something to consumers"
One theory, by Marshall McLuhan, is that commercials aren't meant for people to *buy* the product, but simply to reassure people who did buy it to buy it again.
As for studies to indicate the effectivenss of advertising, it is somewhat easy to find this out. You take a group of people, randomly split them into two, one gets to watch a blank screen for 30 seconds, the other gets to watch a screen with pepsi on it (with probably some other stimulus for both groups to hide what the experimenter is doing like maybe a short film for both as well). Then you observe both groups to see if there is any differences in behaviour when walking past a pepsi pop machine placed outside the room.
I myself had a Java based trojan install an ftp daemon in my system folder with an INI file that had accounts named 'xdcc-warez' etc..
It sounds like one of the CWS (CoolWebSearch) variants. I'd just like to point out that these exploit a hole in Microsofts Java VM. Rip it out, install Sun's Java!
When the damage is done some of these variants are known to change your trusted site settings for Internet Explorer, enabling them to install even more crap without user intervention via ActiveX. The CWS variants are the most malevolent spyware components to date (they trash your machine and replace executables such as Windows Media Player - again without user intervention). As stated they exploit security vulnerabilities in Microsoft's browser technologies and to some extend the operating system itself.
So, IMHO you can laugh it off if you use other browser alternatives, and you can surely laugh it off if you switch to another OS.
zWhat would an EWOULDBLOCK block, if an EWOULDBLOCK could block would? -- me
Some folks will probably reply that when Linux gets more common, there will be crapware for linux too. This may or may not be the case (depends on whether you buy the "windows gets attacked because it's popular" argument).
I'm increasingly having a hard time believing that argument myself. Compare Apache's 67% market share to Microsoft IIS's 21.5% (it was at 35% back in 2002). IIS's security track record speaks for itself - Code Red anyone?
It's not like Apache is suffering by it's own popularity? Remember, these services are usually openly exposed by default for a huge amount of people to exploit.
zWhat would an EWOULDBLOCK block, if an EWOULDBLOCK could block would? -- me
You're wrong. This is more like his house being broken into, incriminating evidence planted, having his sorry butt hauled away to jail for it - and you wanting to blame the poor sap for not having good enough locks on the doors.
Constitutionally Correct
Why is everyone arguing over the legal stuff from the beginning? We skipped the part about pornography being wrong. We went straight to defending the "victim".
Maybe we should back up and discuss if pornography is wrong before we jump into justification mode.
"Never tell me the odds"
Of course I know about Terminal Services in Windows, but I don't trust those either.
I can highly recommend using VNC together with SSH. Just slap an SSH client on the remote (your parents') machine and have it forward the VNC server's listening port to you. No NAT forwarding or firewall issues either, the connection is established on part of the remote machine (I'm guessing it's ok for the remote machine to establish outgoing connections to TCP port 22).
Of course it requires your parents to login via an SSH client to your SSH server (I'm assuming you have one) and logout when your done, but that's not too difficult.
I use the PuTTY SSH client and the TightVNC VNC server in this scenario. Works great!
zWhat would an EWOULDBLOCK block, if an EWOULDBLOCK could block would? -- me
Watching an ep of The Practice with my wife once got us talking about this situation. Would you lie to make things easier on yourself? We decided if it ever happened to us we'd stick with the truth. The system has perverse incentives. I'd rather take my chances with the jury. One clueful juror* can save your bacon.
(In the story, the incarcerated innocent just had to apologize for "his crime" to the family of the victim, and the parole board would let him out. He stood on principle and refused to admit to a crime he didn't commit.)
*There are four boxes to use in defense of freedom: soap, ballot, jury, ammo. Use in that order.
Constitutionally Correct
Incorrect on both counts. You're right that it's usually games that aren't compatible with newer versions of windows, but that's the fault of a few lazy developers. You can install some games, but for the most part, you should not be able to install software unless you're an administrator (there's a difference between per-user and per-machine installs in NT, I don't know about linux).
You can easily open a terminal as another user in windows, or run another program. All you do is use the secondary logon service. Two ways to do this are using the "runas" command and doing a shift right click and choosing "Run As".
The solution is developers learning how to write software that works with the OS it claims to support.
funny munging
Or just run Linux to begin with. Yeah it is often easiest to just Format a Windows system rather than deal with the seemingly infinite number permutations of problems. Yet with Linux, I still have the same Home partition from 1999. Because of a Hard drive replacement, my Mandrake install only goes back to 8.2. Incremental upgrades of a Gnu/Linux OS versions is about the same as running service packs from MS.
Just a Tuna in the Sea of Life
Am I alone when I say I think this guy is just trying to get out of whatever he got caught with? If the police raided raided your house they probably have good evidence or at least some kind of documents with time stamps or something. If this guy really is a victim of somebody framing him, then he needs to get half a brain in his head and get a better lawyer!
If carrots got you drunk, rabbits would be fucked up. - Comedian Mitch Hedberg R.I.P. 03/30/68-2/24/05
I was in the same bag as you, until last weekend.
I updated Windows, have a NAT firewall on a reasonably secure network, use AVG anti-virus, and voilà! I get Sasser.
Sure gets one to turn off the "if you do the right thing, it won't happen" attitude. Not to mention it was a huge blow to my CS master's ego.
Oh, and INCOMING traffic is not the worst that happens. It is OUTGOING traffic that gets you in trouble.
You're not old until regret takes the place of your dreams.
WHOA... I call troll...
The AC makes a good point, but that "investivestigation" link makes it a troll. Only follow it if you have done the following:
* Disabled images
* Disabled popups (in Opera, that's "Block all pop-ups", not "Block unwanted pop-ups")
* Disabled JavaScript
It's Nero-Online's Last Measure, in case you didn't know.
If the malware really did cause the popups that would send someone to jail, couldn't the person/company that wrote the malware go to jail?
Could this be a way to stop people from writing "official" malware (like GAIN)?
http://www.google.com/profiles/malachid
Sorry - that is not my sig. However, the comments I made regarding my sig (which says essentially the same thing) hold true for that comment as well. It is not out of place - it is the central issue. Lawyers who do not know how to properly investigate facts do clients an EXTREME DISSERVICE. If this guy went to jail because of malware, he has been severely victimized by both the malware and by his lawyer. If however, he is making up this story and he actually knew he had kiddie pr0n, I say he should rot in jail for the rest of his life so he can't contribute to the victimization of more kids.
Laws affecting technology will always be bad until enough techies become lawyers.
Just out of curiosity, as I'm currently an ignorant non-felon, how does having a felony on your record prevent you from starting a business making beer? Is it just preventing you from obtaining a license for offsale, or are you unable to start any business at all?
Please mod this post only if you think others should/n't read this. I have enough ego^H^H^Hkarma. Thanks!
... last year or so...
Farm Sluts
bwahaha!
What if google images indexes an illegal site? Should Google be liable for every possible illegal site that might be out there? Are they distributing it in their thumbnails?
Eat at Joe's.
One big happy sex offender society! lol
Eat at Joe's.
Say, do you know if it's possible to block IE at the firewall?
No matter how many of my rights are taken away, somehow I still don't feel safe. -Frigid Monkey
Just yesterday someone at work overheard me discussing ditching IE and Outlook Express and using Opera instead because of its pop up blocking etc as he had found his computer infected by some browser hijacker. A third person overheard us and volunteered the following story..
Apparently blackmailers have started sending emails with scripts and innocent looking urls to company mailboxes in the hope that someone will click/open a link, and then download a bit of malware/hijacking software which works in the background (secretly downloading kiddie porn etc, and of course maybe propogating itself on to a few more victims)
Then after a few weeks, the victim is contacted and told where to look on their PC to find this stuff and offered an opportunity to reveal passwords/company secrets/pay money or the blackmailer will turn them in to the cops.
When they look at the browser history, because its been secretly going for a few weeks it doesn't just look like a frame up. Even if they don't plant kiddie porn its still bad as many business do operate a "no porn on pain of instant dismissal" policy.
When someone finally spoke out about it at one company they found nine other victims in the same company who had been keeping quiet about it and hoping to handle it on the blackmailer's terms.
Justice is just as much as you can afford.
My wife is finishing out a stretch of prison time
that has gone on for over 9 years now.
Problem? She's innocent.
We didn't have the 90k for an attorney to prove it.
and NO... telling the truth won't get you anywhere.
I want to register as a sex offender too, sounds like a great way to meet similar-minded freaks =)
Seriously this sounds like something out of The Onion gone un-funny. You'd think this person could sue someone to death over such a frivolous accusation. The whole taboo over sex in the northwest is just sickening, and is most likely the cause of all this chaos in the first place. Stop parading sex as the evil of all evils, and people will quickly lose interest in rape because it's no longer "cool" in an "evil" sense.
-Billco, Fnarg.com
Clicking the above link install this worm - here are removal instructions.
n /ms04-004.mspx
c /data/w32.wallon.a@mm.html
c ription&virus_k=125096
W32.Wallon.A@mm is a mass-mailing worm that sends email messages containing a hyperlink to download the worm body from certain URLs. It also harvests the email addresses on the infected machine.
The worm exploits the following vulnerability: Microsoft Security Bulletin MS04-004
http://www.microsoft.com/technet/security/bulleti
Related Web Sites for removal instructions:
http://securityresponse.symantec.com/avcenter/ven
http://us.mcafee.com/virusInfo/default.asp?id=des
No kidding eh?
I work at a VERY large Municipal Govt. in Canada with 16000+ pcs across the whole org.
This crud is popping up all over the place, and the install dialogues wrapped in IE Windows are made to look just like system pop-ups or system windows. Very confusing to the users. It's driving me nearly insane
My main concern are the home users. We get tons of incoming viruses and spam mails generated by accidental home pc invasions and installations. My advice after helping guide users in trying to clean this up is to recommend what's ben mentioned many times in this topic: Linux for the power users or MacOS 9/OS X for the general users.
At 150 to 500.00 per pop (to start with!) to clean the home system of junk that sits next to theior last five years of tax filings and bank records (QuickBooks anyone?). Any premium paid for the Mac is paid off in maintenance costs deferred by not needing massive AV protection or complete firewalling to be usable
My observation is that home PC use (Windows), for my clients, is getting intolerable very quickly
I also clicked on that link and the only thing that happened was that the URL changed and a blank grey webpage appeared. I am using Mozilla Firefox 0.8 under Slackware 9.1 Linux. Does that link only do its thing with Windows computers?
This probably is not relevant but I have also modified my hosts file to divert many advertising related URLs and some other URLs to the 127.0.0.1 loopback address on my computer. That technique blocks some advertising but probably was not why I got a blank grey page when I clicked on the link.
True enough, but I still do it. Why? My Windows partition exists solely to play games. Lots of games are stupid and assume that they can write all of the drive at well. If you want to play arbitrary modern games under WindowsNT/XP, you're doing it as Administrator. I simply accept this.
Interestingly, the opposite is true of Linux. There was a really good looking RSS aggregator I was interested in; good enough that I was considering purchasing it. However, it pretty much demanded to be installed as root and world write permission for its install directories given to any user accounts who was going to use it. I didn't stand for it, I instead used a less mature product that behaved like software should. (Not perfectly mind you; installing it as a user proved to be a mess. However, once installed as root it worked correctly without unusual permissions.)
My brother administrates a research lab of computers. He's asked to keep a wide selection of software packages available for his users. I regularly listen to his tales of woe as he complains that package X assumes write access to C:\Windows, package Y demands write access to sensitive parts of the Windows registry, and the like.
I work with an eclectic selection of specialized physics simulation software that runs on Unix-like systems (mostly Linux these days). Every single piece I've worked with was quite happy to be dumped into a random directory and run directly by the user .
There is an interesting difference in attitude between Windows and Unix-like systems. On Windows lots of developers assume Administrator access. On a Unix-like system assuming root access is gets you dirty looks. Microsoft officially wants software developers to play nice and support user-installed software and user-used software that was installed by Administrator, but developers simply don't take it seriously. The culture of respecting security boundaries doesn't exist. Sure, there are people doing great work on Windows, but there the main masses of Windows programmers doing specialized work just don't think about it. Microsoft needs to lean harder on them.
Search 2010 Gen Con events
This post reminded me of an excellent book I read on the subject by Joseph Hallinan called Going Up the River : Travels in a Prison Nation. A great muckraking book that is both mind boggling and just down right depressing. If you are interested in this I highly recommend it. Link here.
It is not enough to succeed, others must fail. - Gore Vidal
Good post. The culture differences between Windows and UNIX are just like you said. I wish MS would crack down on ignorant developers too, but it really isn't their job; the users should be complaining more. Microsoft's own software is usually pretty good about it. Games are the worst.
UNIX has commands like su to run programs that require extra priveledges. Windows has runas, psexec, and sud.When I find something that doesn't behave as a lesser user, I create a simple shortcut that uses sud to start that one program as admin or some user with just enough access. It's not perfect but it works.
Use the SUD program in the second link to create a shortcut to start only your scanner software as an admin. Something like:
su -u Administrator -p password -c scanner.exe
Or at least run IE specifically as a lesser user.
MOD PARENT UP!!! I have been using Windows since 3.0 and I have never had a problem with trojans, spyware, etc. Things are more sophisticated now with broadband/always on connections so I too run behind a NAT router and a software firewall to inform me of outgoing communications. It is simple, whenever I am asked (or informed by the firewall) that something is to be loaded that I am not completely _sure_ what it is... I do NOT allow it. I am sure someone out there in /land can provide an exception, but this problem is preventable (if only the clicky-clicky mentality was...)
We're all awash in a sea of blood and the least we can do is wave to each other -- Peter Hammill
But isn't that link proof that such a thing can exist? Someone should send that to the prosecutor who persecuted him, the judge who wasn't interested in justice, and the kids of his lawyer who couldn't find the time.
true, but if you use a real download manager like CLI based wget for win32 (Site found here, direct link here , getright or download accellerator that directly downloaded to a directory of choice, you could get around that.
Yes, people aren't going to want to use wget b/c it doesn't have a GUI, but I'm working on a plugin for IE, mozilla and opera that enables a GUI w/options etc for the windows and nix platforms.
-z
In my state if you are a felon you are unable to have any stake what-so-ever in a business that makes distributes alcohol. You can go before the liquor commission and they might give you a green light but its unlikely. I only have 3 more years before I can get the felony wiped from the books though so I'll live I guess.
======== In the future, everything will be artificial. ========
Don't click on internet links?
In a reply to my own post:
Especially ones that say "please eat us" and that you KNOW pop up goatse and scat porn.
I guess you could keep all your files (and drivers) on a different partition and reinstall windows without needing to backup first.
/home and /media which I left unmounted while I did the install. Once I was done I set up /home and /media in fstab, nuked all the .config files (I was running gnome, I've decided I prefer kde) and set it up again how I like. Easy!
Anyhow, I just upgraded from RedHat8 to Debian Sarge. I have two 40G drives for
Sarge kicks ass!
455fe10422ca29c4933f95052b792ab2
Hello, I am the author of Last Measure®
I do not apprecate your libelous statements about our service. Last Measure® does not contain any child pornography. If you don't believe me, Click Here and sample the images yourself.
Please retract your statement immediately or I will be forced to be in contact with the GNAA's legal team.
-Penisbird
Might I suggest you try libcurl? It's a file transfer library with ready to use functions to hook into your plugin. It'd probably be easier than cutting and pasting wget code.
Experts cost $$$$$.
Vampires (I mean Attorneys) Cost $$$$$.
$$$$$ Buys Justice.
Lack of $$$$$--->Flea Bargain
Simple as That.
Welcome to America land of the Free (or is it Flea Bargain).
Personally I feel there should be NO PLEA BARGAINS . IIRC that is a recent invention. This would force the prosecutors to enforce the laws as they are on the books and ensure that everyone has a fair trial (if you can call judgement by a group of uninformed/unknowledgeable peers a fair trial).
And if the the laws are opressive, maybe it'll overwhelm the "Injustice System". (the Flea Bargain System was instituted to prevent just this sort of thing).
That's not to say that innocent people won't still be convicted.
See:
http://www.innocenceproject.com/
But I think it will level the playing field a little and force the "injustice department" to realize that there is a problem that needs to be addressed.
And maybe a few poor fucks won't be railroaded.
Who will guard the guards?
The DA's MO is to charge everyone with the most trumped up bullshit anyone could ever imagine.
Then get you to Flea Bargain down to what you are really guilt of and maybe cut you a break for admitting to it. If you are not Too Big of a Shitbag.
The Facts are: People Lie. Almost everyone does it (almost everyday).
Cops are people. Shitbags are people. Sorting out the truth from the lies is nearly impossible.
When have you ever seen an EU (End User) admit to surfing porn and that is why all this shit is popping up on his/her computer.
Answer: Never
It's always someone else. It was a temp, the other guy, the guy who sold me this computer from ebay, the neighbor's kid (not mine, etc, etc).
I call Bullshit.
Who will guard the guards?
I feel this becoming a flame war, but: When There becomes a difference between "install as Administrator" and logging in as administrator, I say that there's nothing like "su" for windows. And there is a difference. Yes you can run applications as another user, but it isn't as uncomplicated as a super-user term. on the point of "a few lazy developers," Blizzard, Epic, Sierra, and EA are the game developers, perhaps there's only a few of them, but these are the ones I have problems with.
Can I be a Luddite too?
Clicking the magical mouse sequence and moving the pointer in the right pattern is not su. You're right. The direct equivalent of su is: /user:administrator cmd /k"
"runas
funny munging