Kneber Botnet Strikes, Targets Gov't Agencies

Batblue writes "A botnet fingered for stealing a treasure trove of information last year has struck again, harvesting sensitive documents from dozens of government agencies and contractors, according to a pair of security experts. The botnet, dubbed 'Kneber' by Alex Cox, principal research analyst at NetWitness, was behind a campaign of fake Christmas e-mails waged two weeks ago against government workers. NetWitness deals in advanced threat detection technologies, and conducts post mortem network forensics for firms that have been hit with attacks or data breaches."

Ambiguous

[Monkeedude1212]

The botnet, dubbed "Kneber" by Alex Cox, principal research analyst at NetWitness, was behind a campaign of fake Christmas e-mails waged two weeks ago against government workers.

I'm pretty sure they are saying the Botnet was behind a campaign of fake Christmas emails waged two weeks ago, but when you feel the need to interject information twice with commas it gets confusing.

At first glance I thought they might be saying Alex Cox, the principal research analyst, was beind a campaign of fake Christmas emails. To which I thought "Well thats odd, why doesn't the summary say he's been arrested an charged then?"

Re:Ambiguous

[julesh]

I don't think it's actually ambiguous. I can't see a correct way of parsing it like you did (the only way I get to your interpretation results in an unterminated phrase that begins "the botnet, dubbed Kneber" but doesn't ever get a verb and is therefore invalid), but I can see how it can result in a backtrack, which is somewhat confusing.

The problem is, we use commas for two different syntactic purposes: to introduce a subordinate clause, and to introduce a parenthetical clause. It's use for both here. Illustrating by using '/' for parenthetical commas and '+' for the subordinate comma:

The botnet / dubbed "Kneber" by Alex Cox + principal research analyst at NetWitness / was behind a campaign of fake Christmas e-mails waged two weeks ago against government workers.

This is probably a good reason to prefer parentheses over commas for parenthetical phrases, but for some reason I've never really understood this tends to be discouraged in formal writing. Rewriting the sentence using this punctuation style, it's perfectly clear:

The botnet (dubbed "Kneber" by Alex Cox, principal research analyst at NetWitness) was behind a campaign of fake Christmas e-mails waged two weeks ago against government workers.

Re:Ambiguous

[blueg3]

Alternately:

The botnet, which was behind ..., was dubbed "Kneber" by Alan Cox, principal ...

The sentence used in the original isn't technically ambiguous, since there aren't two gramatically-correct readings, but it is confusing, because it's easy to misparse the sentence.

It'd be even better to split it into two sentences or drop the information about who named it "Kneber".

Re:Ambiguous

[Monkeedude1212]

This is probably a good reason to prefer parentheses over commas for parenthetical phrases, but for some reason I've never really understood this tends to be discouraged in formal writing. Rewriting the sentence using this punctuation style, it's perfectly clear:

The botnet (dubbed "Kneber" by Alex Cox, principal research analyst at NetWitness) was behind a campaign of fake Christmas e-mails waged two weeks ago against government workers.

Yes, exactly.

When you are talking to a programmer, and this site is literred with them, we eventually start to view the English language syntactically like we would any programming language.

Having a subordinate clause inside a parenthetical clause works fine when they don't use the same identifier. Otherwise they appear mismatched or unclosed.

Re:Ambiguous

[Farmer+Tim]

...when you feel the need to interject information twice with commas it gets confusing.

This one sentence will make your head explode.

Re:Ambiguous

"literred", you say? Good show, sir!

Re:Ambiguous

[mcgrew]

Taco and batblue are nerds, not writers. Not that one can't be both...

Re:Ambiguous

[kdemetter]

...when you feel the need to interject information twice with commas it gets confusing.

This one sentence will make your head explode.

Do something the Queen doesn't like and suffer the consequences ?

Re:Ambiguous

[Farmer+Tim]

No, the "something" and consequences are quite specific, and it's not just Mrs Betty Windsor (if it helps, she doesn't like being called that, but I'm in no danger of being arrested for just typing it). The shortest summary I can think of is five words, or three and a number.

Re:Ambiguous

[ginbot462]

Here, Here! Up with parentheses! Parens are your friends!

Also, since comma meant a slight pause in reading, I always looked at parentheses as a slight lowering/change of the voice (or maybe as "air quotes" (does one put quotes around the word "air quotes"?) .. or maybe as Groucho tapping his cigar).

Re:Ambiguous

What I find interesting is the "within New South Wales or without" bit. So, if I - a non-Australian - advocate the abolition of the UK monarchy, I've broken this NSW law?

Re:Ambiguous

[Farmer+Tim]

Only if you advocate use of force as a means of achieving it. Advocating it via legislative process is perfectly legal, and in fact Australia had a referendum on the matter in 1999 (the process was gamed by a monarchist prime minister, so we ended up with a proposed government model so odious not even the hard core republic supporters wanted to touch it).

The odd part about the monarchy in Australia is that the Queen is basically a rubber stamp, the duties are actually performed by the Governor General. There's an excellent article about this and the implications of an Australian republic here if you're interested.

Can we be done with governments already?

Governments are archaic relics of a time when we didn't have an internet. Let's get with the program and evolve already.

Re:Can we be done with governments already?

[YrWrstNtmr]

The fact that you're proposing to run the world's business and decisions over the Internet, in reply to an article about people and computers on the Internet getting pwned via botnet, is especially funny.

Re:Can we be done with governments already?

The article isn't about the Internet getting owned, it is about government agencies (controlled by politicians, managed by bureaucrats, maintained by hapless government workers and contractors) getting owned.

Politicians, bureaucrats, government workers, and government contractors are the problem, not just a random sideshow.

Re:Can we be done with governments already?

[YrWrstNtmr]

The article isn't about the Internet getting owned, it is about government agencies

I never said 'the internet getting owned', but rather people. The same people who would be involved in any decision made, be it in a city council office or over the internet. You know...regular people.

Re:Can we be done with governments already?

Government people are owned already: by the corporations who pay for them. That makes them a lot less reliable compared to regular folk.

Given a choice to put your fate in the hands of a crowd of 1,000 random people or say, Rod Blagojevich, who would you choose?

Kneber?

[hohokus]

All hail the Keebler elfnet.

Too early to dupe

[Desler]

Isn't a bit early to already dupe this story? You're supposed to wait at least a week or two before duping something, Taco.

Re:Too early to dupe

[Monkeedude1212]

You're supposed to wait at least a week or two before duping something, Taco.

You know the site is going downhill when the editors can't even follow the proper rules for duping articles.

Re:Too early to dupe

[MichaelKristopeit350]

slashdot = stagnated

Re:Too early to dupe

[Chapter80]

How do you moderate the story as -1 Redundant.

Maybe this one's not a dupe, the last one was a Precognition!

Re:Too early to dupe

i'm michael kristopeit. i live at 4513 brittany ct. eau claire, wi 54701. my phone number is 715-514-0916.

Can you prove that?

Re:Too early to dupe

[dougisfunny]

What would be really amusing would be if someone else registered MichaelKristopeit360-399 and started arguing with MichaelKristopeit300-353, that you are in fact not MichaelKristopeit, and you are hiding behind his name. Cower some more/completely pathetic/completely offtopic/completely troll/etc etc.

Re:Too early to dupe

[tibman]

Do you ever get phone calls from slashdotters?

Re:Too early to dupe

you = proof is full of stupid idiots.

Re:Too early to dupe

[tibman]

I get that but if you are implying that anyone who sees your phone number and doesn't call it is a coward, that's crazy. I was just asking if anyone randomly calls you to discuss your comments?

Re:Too early to dupe

[MichaelKristopeit341]

an intended act can never be random.

you're an idiot.

Re:Too early to dupe

[Monkeedude1212]

an intended act can never be random.

Why not?

I intended to flip this coin... is the outcome not random?

I believe tibman was asking if it ever seems out of the blue to you specifically, as in you were not expecting a phone call, but received one anyways, specifically from slashdotters.

If you don't want to answer the question, than just say you don't want to answer the question. Otherwise it comes off a bit... cowardly.

Re:Too early to dupe

[MichaelKristopeit337]

do you need me to explain the concept of intent to you? how could anyone be found guilty for randomly robbing a bank? you're an idiot.

what does the outcome of an act have to do with the act itself?

you're an idiot

how can a hypocritically ignorant question be answered truthfully?

i only bring the truth.

cower behind your chosen pseudonym some more, feeb.

you're completely pathetic.

Re:Too early to dupe

[tibman]

I called that number and you hung up on me, twice. So, i'm doubting it's really your number.

I wanted to discuss why you thought people are cowards for not calling you.

For anyone curious, it went like this:
Him: Hello?
Me: Hi, is this Michael from slashdot?
Him: I'm on a do not call list.
Me: Ok, but i'm just calling about your post on slashdot..
Him: bye *click*

Re:Too early to dupe

[mcgrew]

How do you moderate the story as -1 Redundant.

In the firehose.

Re:Too early to dupe

[MichaelKristopeit337]

me: hello
you: is this michael kristopeit?

you did not say hi... you instead opened with demands for information in an extremely rude tone. i have no reason to continue the call... i hang up.

so you call back... pathetically cowering behind your caller id block...

me: hello
you: (pathetically realizing your faux pas in a girlish tone) HIIII! is this michael?

again, you do not identify yourself or ask to speak to michael kristopeit. you make demands. i do not recognize your right to make demands of me.

me: i am on THE do not call list (there is a national registry master list... i claimed to be on THE list, not "a list")

you: (pathetically backpedaling...) well, i just called this number...
me: BYE.
"i just called this number."...

you just do a lot of things. you just act as an ignorant hypocrite.

cower some more, feeb.

you're completely pathetic.

Re:Too early to dupe

[tibman]

My question to you was: Do you ever get phone calls from slashdotters?
Your answer: cowards tend to cower.
Then just incase there was a misunderstanding i re-asked: I get that but if you are implying that anyone who sees your phone number and doesn't call it is a coward, that's crazy. I was just asking if anyone randomly calls you to discuss your comments?
Your answer: an intended act can never be random. you're an idiot.

And i did say from slashdot to whoever is at that phone number.

You seem to only see the negative in everyone around you and attack anyone that comes within arms reach. Your account is pretty new and odds are you'll have to make another soon because nobody will be able to see your posts anymore. Ah, just then it dawned on me and i searched your name. It appears you have dozens if not hundreds of accounts. That's a sad trail of digital corpses you've left behind.. all just as horrible and ignorant as you appear to be. Bye.

Re:Too early to dupe

The no-call list only applies to telemarketers. Did you think he was trying to sell you something?

Re:Too early to dupe

[MichaelKristopeit341]

he sold me on the fact that he didn't know me, and did not take the opportunity to introduce himself.

why do you cower? what are you afraid of?

you're completely pathetic.

Re:Too early to dupe

[tibman]

Aww, cute. I do call back if someone just hangs up without saying bye. Random hangup is usually a d/c.

You do read a lot into my phone call, i'm glad it was memorable for you. If you want me to ever call back, you'll have to ask nicely though. Night.

Re:Too early to dupe

[MichaelKristopeit341]

you're a liar. you put words into the mouths of others... the act of a coward.

you call others and demand identification while actively blocking your own identification from offering.

you're an ignorant hypocrite.

cower some more, feeb.

you're completely pathetic.

Re:Too early to dupe

[tibman]

Hah, you are borderline crazy man. I didn't demand identification from you, i asked the person on the other end of a number i've never called before if he was the person i thought he was. Ask != Demand

ID blocking is a basic feature that almost every phone has. Not everyone is so cavalier with their phone number as you. Feel free to do as you please. I do.

Anything else batshit insane you'd like to discuss? We could get back on topic and talk about botnets perhaps?

If you get lonely, you can post your phone number again. But i doubt it will go very well, you are verbally abusive and wouldn't even let me know if i had the right number. On second thought, i'm just going to -5 you and be done with this. Maybe the next incarnation of your account won't be so violent and crazy. Good luck in life.

Re:Too early to dupe

[MichaelKristopeit341]

keep blocking your outgoing calls while demanding information from strangers.

keep putting words in the mouths of others and then attack them for those words.

you're an ignorant hypocrite.

cower in my shadow some more, feeb.

you're completely pathetic.

Re:Too early to dupe

[MichaelKristopeit341]

not everyone hypocritically cowers while attempting to connect with others.

ur mum's face are verbally abusive and wouldn't even let me know if i had the right number.

cower some more, feeb.

you're completely pathetic.

Re:Too early to dupe

[MichaelKristopeit341]

you mark an account i operate on an internet website chat room message board as your "foe"?

this is how you deal with the people you actively seek to offend?

cower some more, feeb.

you're completely pathetic.

Re:Too early to dupe

[dougisfunny]

are you sure you're Michael Kristopeit, and MichaelKristopeit352 isn't?

Re:Too early to dupe

[dougisfunny]

why do you cower? what are you afraid of?
Michael Kristopeit is stagnated.

Re:Too early to dupe

[MichaelKristopeit332]

doug is an ignorant hypocrite.

cower behind your chosen pseudonym some more, feeb.

you're completely pathetic.

This Just In!

[Lifyre]

This just in! The weakest link in the information security chain is the user! More at Eleven!

These are the people who run our government

[MoldySpore]

Yes, the same people that run our government are the same noobs who click fake eCards and run random .exe files attached to emails. Can ANYONE still wonder why our government is so screwed up, especially when it comes to technology and the laws/policies surrounding it?

Re:These are the people who run our government

While I agree in part with your sentiment, the government employee pool is one and the same with the private sector pool. Target this attack to a private sector company and I'd bet similar results would occur.

Re:These are the people who run our government

The people in high places are old, old people don't understand these things.

We're going to need to wait another 20 or 30 years before IT can begin to expect non-IT staff to know whether their computer is "broken" or merely unplugged, let alone how to identify a risky file that shouldn't be executed.

Re:These are the people who run our government

Yes, the same people that run our government are the same noobs who click fake eCards and run random .exe files attached to emails that their IT department allowed through against all reasonable and standard security practices Can ANYONE still wonder why our government is so screwed up, especially when it comes to technology and the laws/policies surrounding it?

FTFY.

Someone should be managing those networks to keep users away from shit like this, don't you think?

Re:These are the people who run our government

[couchslug]

That's because our culture is bitterly anti-knowledge. Our masses enjoy shiny objects, but not being bothered with how they work.

Our government will remain fucked up because most of our people deserve that.

Re:These are the people who run our government

[John+Hasler]

Yes, the same people that run our government are the same noobs who click fake eCards and run random .exe files attached to emails.

Yes, because the people that run our government are human. There exists no way to select superhumans to give power to nor any way to arrange for those who acquire power to become superhuman. People with political power suffer from all the failings and foibles of those without [1], which is why we should be wary of giving anyone power no matter how persuasive the argument for doing so. He governs best who governs least because he is human.

[1] But they don't really suffer because they tend to be shielded from the consequences of their actions, thus leading them farther astray. People do not abuse political power because they are inhuman: quite the contrary.

Re:These are the people who run our government

[MoldySpore]

Agreed. But these are "government employees and contractors who work on cybersecurity matters." Meaning they are the ones who are supposed to be the ones stopping that stuff. Or, at least, they are in the IT industry. I'm a network engineer so I know what it takes to secure against this type of thing and it isn't hard. It's also not hard to KNOW, as an end user, what not to click on when it comes to spam and phishing attacks.

these are contractors and employees who work for the government on CYBER SECURITY and they got sensitive information taken because they clicked an eCard. If this happened to me at my job I'd be fired for incompetence.

Re:These are the people who run our government

"CYBER SECURITY"

Heh.

They are the very same type of people as those who flooded college forensics programs after CSI came out.

Re:These are the people who run our government

[Nadaka]

I had a coworker that read an article on this and entered the example malicious url into her browser, a few minutes later IT came in and took her laptop away. She is the lead of our QC department. So yes, even smart and capable people do dumb things occasionally.

Re:These are the people who run our government

[tibman]

A lot of people don't really know what they are talking about. In my organization everyone is required to take annual training about these things.. even if you aren't important. Here is the anti-fishing training: http://iase.disa.mil/eta/phishing/Phishing/launchPage.htm

You have to complete that training and print a certificate annually or you lose access to the network. The government does take these things seriously. It's a small percentage of individuals who aren't paying attention to the training or don't care. Even a simple mind could listen to these directions and follow them.

Re:These are the people who run our government

Was this example supposed to be proof of "smart and capable" people? I see several things in there that indicate otherwise.

Re:These are the people who run our government

[Nadaka]

No, it is an example of dumb things. She is otherwise very good at her job.

Re:These are the people who run our government

So was she verifying the IT dept. worked as intended, or the exploit, or both?

Re:These are the people who run our government

[yuna49]

The way to solve this problem is not to deliver infected emails in the first place. After all these years of development of systems for scanning email, no one should be getting infected attachments. I don't blame the endusers, but the IT staffs that fail to protect their users, and their organizations, from obvious threats.

Re:These are the people who run our government

[Sardaukar86]

yes, people who are capable of faltering on the side of trust have their fingers on the missile launch buttons that could destroy us all.

you'd rather some paranoid recluse who cowers behind a chosen pseudonym be given the responsibility?

cower some more feeb

...so said whilst cowering behind another ten sock-puppet accounts. In case it isn't obvious, this makes you the 'feeb'.

Oh, and as an aside, I always get a chuckle out of seeing your use of the word 'hypocrite'. It's almost as if the word was invented solely for your own personal, clueless use.

MichaelKristopeit's ignorance FTW!

Re:These are the people who run our government

[MichaelKristopeit400]

i am michael kristopeit. if any account can be construed as a puppet, then all accounts are puppets. you're an idiot.

cower behind your chosen pseudonym some more, feeb.

you're completely pathetic.

Re:These are the people who run our government

[Sardaukar86]

People do not abuse political power because they are inhuman: quite the contrary.

Very well said.

It's interesting when an individual's humanity is questioned in response to their heinous actions.. such as a comment I heard spoken to a reporter who was garnering local feelings on the Egyptian Christian church bombing that happened recently.

The woman being interviewed said something to the effect that '[the terrorist bombers] aren't human, they're just animals'.

Although I wouldn't say our species is worthless, personally I find it a bit shameful that we (still) collectively consider ourselves superior to the other lifeforms on this planet.

Why?

[present_arms]

I really have to ask this, but why the fuck do governments run any iteration of windows? seriously there are more secure OS's out there that than cope with anything the Gov needs, OSX, Linux, BSD. I've notice that in the world of operating systems, you get more the less u pay :D

Re:Why?

[KillaGouge]

The same reasons companies still use Windows, vendor specific software that requires windows to run.

Re:Why?

[erroneus]

Because Microsoft pays taxes... ...no? They don't? Oh. Then it's because Microsoft employs a lot of people who pay taxes... ...no? They send a lot of work overseas? Then it's because Microsoft uses lobbyists and other forms of influence peddling/meddling to keep government addicted to windows and microsoft products.

Re:Why?

[MoldySpore]

Because in the end, it all comes down to $. Even though the product costs less (or is free in the case of Linux or something equally open-source) the man hours and cost of retraining an entire company, or the entire government in this case, would far outweigh the ease of just continuing the use Windows and getting to click on "OMGTHESEPICSOFYOUARESOFUNNY.EXE" every once in a while.

Re:Why?

A UID of less than a million....aren't you over karma whoring?

If you really are serious about what you said, you need to turn in your geek card

Re:Why?

Because they have contracts with Microsoft.

Re:Why?

[present_arms]

yup all about the $$$ and back handers eh, oh well, I'm in the UK, I just know my private data in Government is safe (uh huh) and we all worry about FB and google, they have nothing compared to our relative Govs :P (our == UK, USA)

Re:Why?

[tibman]

It doesn't just start with the gov though. You should also ask why universities teach mostly windows software and OSs. C# is taught over C++/Java/PHP/Python/whatever. Education is based on the windows platform.

Re:Why?

Because in the end, it all comes down to $. Even though the product costs less (or is free in the case of Linux or something equally open-source) the man hours and cost of retraining an entire company, or the entire government in this case, would far outweigh the ease of just continuing the use Windows and getting to click on "OMGTHESEPICSOFYOUARESOFUNNY.EXE" every once in a while.

In other words... the next crack rock costs less than a rehabilitation program. Tell me, have you thought about how this plays out in the long-term?

Re:Why?

[mcgrew]

Bashing Microsoft is by no means karma whoring, and in fact may harm your karma. Hell, I've been modded troll and flamebait for daring to ask why anybody would buy anything from Sony after XCP and the linux removal gaffe, and Sony is far more evil than MS.

Lots of folks in Redmond get mod points. Bashing MS (or any company, sadly) is quite dangerous to your karma.

Re:Why?

Then it's because Microsoft uses lobbyists and other forms of influence peddling/meddling to keep government addicted to windows and microsoft products.

Ding! Ding! Ding! Ding! Give that man a cigar.

Most people aware enough of security to know the true, inner state of Microsoft operating systems have slightly less than zero decision making influence.

Re:Why?

[Theotherguy_1]

It doesn't just start with the gov though. You should also ask why universities teach mostly windows software and OSs. C# is taught over C++/Java/PHP/Python/whatever. Education is based on the windows platform.

Honestly, during my university education in computer science I haven't once been taught a Microsoft language. On the contrary, since my earliest intro classes I've been required to code in a Linux environment (my intro to C class even required me to code in either Vim or Emacs!). The languages I've been required to use are as follows: C, C++, Python, Java, SML, Perl, and Shell, all in a Linux environment.

In fact, the UNIX environment is emphasized so heavily at my university that in my free time I learned .NET just because I felt that I wasn't getting a well rounded education!

welcome to the past 40 years

Last I checked, it was 2011. Computers are not brand fucking new. So why are we still seeing "PC pwnage" stories? Who is still stupid enough, in 2011, to run shit that jacks their machines, or to let web sites or email programs run things behind their backs?

Look, we've had personal computers for over 35 years now. We've had viruses and malware since *at least* the 16 bit days, and probably even longer than that. That's the entirety of some people's lifetimes! You can't be arsed to realize that "the world contains malware" when it's been there for your whole bloody lifetime?

So why the FUCK are people still getting infected? In two thousand and fucking eleven? Are these people who live in caves and have never seen news before? Malware makes the damn *headline story* on the BBC and CNN on a regular basis. You pretty much have to be willfully ignorant to not be aware that it exists.

Is there ever going to be a time where people go, "OOOH! Malware exists!! Hey, maybe I should not run SexyHotXXXChristmasGirls.jpg.exe..." Where they say, "Running any random script from any random web site hasn't really worked out that well so far this decade?" How many *thousands* of times does it have to happen before people wake the fuck up?

At some point, we need a fucking license to use a computer, just like you need to drive, and if you repeatedly jack up your own box and/or run your car into pedestrians, you don't get to play in the same sandbox as the rest of us any more. We will take your toys away unless you play nicely.

Re:welcome to the past 40 years

[couchslug]

Government should run locked-down machines and give their users orders to conform to proper security standards.

We should remember that Federal employment is desirable, that anyone who has a job is fortunate, and that if they don't like their marching ORDERS they can get the fuck out.

The UCMJ provides for punishment for military personnel, and IMO we should run ALL Federal employees under a military-style chain of command and under military regulations. Don't like to serve the public as a professional?

We should force all government users to run secure operating systems in a secure manner, hammer the shit out of those who don't.

Federal employee unions would be an obstacle, so government should be structured to weaken collective bargaining by outsourcing. Just as military contractors are now required to obey the UCMJ in some theaters of war, Federal contract employees could be both held accountable yet outsourced so they can be shitcanned.

Re:welcome to the past 40 years

[tsm_sf]

Your ideas sound like a great way to drive the truly competent government employees into the private sector.

You'll end up with a work force that matches the military population:

10% devastatingly clear-headed people
10% fantastically apathetic people
80% angry drunks

Re:welcome to the past 40 years

[mcgrew]

We've had viruses and malware since *at least* the 16 bit days, and probably even longer than that.

If I remember a book I read about twenty years ago correctly (and I probably don't), the first virus was written on a mainframe sometime around 1970 as a programming exercise.

Malware makes the damn *headline story* on the BBC and CNN on a regular basis. You pretty much have to be willfully ignorant to not be aware that it exists.

People are ignorant and apathetic. That computer at work? Who cares, it's not my computer, and it's IT's job to keep viruses out. Home computer? Who cares if it sends spam?

They truly don't realise the consequences, because we have been ineffective in teaching them. It's OUR fault.

Re:welcome to the past 40 years

[couchslug]

If we get the same efficiency as the military, I'd gladly take the trade.

Re:welcome to the past 40 years

[AHuxley]

The US military lost track of ~2.3 trillion US $.
http://www.youtube.com/watch?v=OTwCRuwJc34
Now data is going too due to an addiction to MS via 75,000 computers.

Re:Wikileaks fault!

I wonder how much Slashdot made for including that last sentence of the summary. If I click the Disable Advertising checkbox, will it be removed?

Security, lol

[MacGyver2210]

Further evidence that computer security is a myth.

Your ability to protect information from unauthorized consumption will always be inversely proportional to the desire of determined individuals to know that information.

If you really want to protect files, keep them unconnected to the internet. The only way to win is not to play.

Spam News

Nice advertisement disguised as news

Not if the user uses custom HOSTS files... apk

See my subject-line above, & these host/domain names, blocked off (via the 0.0.0.0 blocking "IP Address"):

---

0.0.0.0 xtremedefenceforce.com
0.0.0.0 elvis.com.au

---

SOURCE: http://krebsonsecurity.com/2011/01/white-house-ecard-dupes-dot-gov-geeks/

Also, since this thing is allegedly suspected to be a ZEUS variant:

---

PERTINENT QUOTE/EXCERPT:

"A 75GB cache of stolen data shows that the botnet, which is a variant of Zeus, has been used to steal a wide range of information, including tens of thousands of login credentials -- mainly for financial accounts

SOURCE: http://www.computerworld.com/s/article/9158778/Kneber_botnet_hit_374_U.S._firms_gov_t_agencies

---

?

This MAY come in very "handy" as well:

---

ZEUS TRACKER:

https://zeustracker.abuse.ch/monitor.php?filter=online

---

Symantec uses it

---

http://www.symantec.com/connect/blogs/zeus-king-underground-crimeware-toolkits

PERTINENT QUOTE/EXCERPT:

"Sites such as Abuse.ch Zeus tracker have for some time now been doing an excellent job in tracking Zeus command & control (C&C) servers and hosts of Zeus files."

---

So do I... because it allows you to "keep up/keep current" vs. that botnet C&C servers this thing utilizes.

"Blacklists" (which HOSTS files can function as, but also as "whitelists" too), especially in THIS situation? Work!

APK

P.S.=> So - Simply add those host/domain names, blocked off as shown, to your OWN hosts file (typically located in %WinDir%\system32\drivers\etc, on modern Windows OS, & /root/etc on Linux variants), & what you can't touch, cannot touch (or harm) you - simplest idea for protection in the world! apk

Don't laugh too soon, because this works vs. this

See my subject-line above, & these host/domain names, blocked off (via the 0.0.0.0 blocking "IP Address"):

---

0.0.0.0 xtremedefenceforce.com
0.0.0.0 elvis.com.au

---

SOURCE: http://krebsonsecurity.com/2011/01/white-house-ecard-dupes-dot-gov-geeks/

Also, since this thing is allegedly suspected to be a ZEUS variant:

---

PERTINENT QUOTE/EXCERPT:

"A 75GB cache of stolen data shows that the botnet, which is a variant of Zeus, has been used to steal a wide range of information, including tens of thousands of login credentials -- mainly for financial accounts

SOURCE: http://www.computerworld.com/s/article/9158778/Kneber_botnet_hit_374_U.S._firms_gov_t_agencies

---

?

This MAY come in very "handy" as well:

---

ZEUS TRACKER:

https://zeustracker.abuse.ch/monitor.php?filter=online

---

Symantec uses it

---

PERTINENT QUOTE/EXCERPT:

"Sites such as Abuse.ch Zeus tracker have for some time now been doing an excellent job in tracking Zeus command & control (C&C) servers and hosts of Zeus files.

SOURCE: http://www.symantec.com/connect/blogs/zeus-king-underground-crimeware-toolkits

---

So do I... because it allows you to "keep up/keep current" vs. that botnet C&C servers this thing utilizes.

"Blacklists" (which HOSTS files can function as, but also as "whitelists" too), especially in THIS situation? Work!

APK

P.S.=> So - Simply add those host/domain names, blocked off as shown, to your OWN hosts file (typically located in %WinDir%\system32\drivers\etc, on modern Windows OS, & /root/etc on Linux variants), & what you can't touch, cannot touch (or harm) you - simplest idea for protection in the world! apk

"Gee, We wonder who the ac is?" Not!

"you = nigger" - by Anonymous Coward on Thursday January 06, @01:03PM (#34779526)

Will wonders never cease! It's the same posting style clone53421 (1310749) uses:

"Mmm, yeah, niggard me harder, you filthy nigger you!" - by clone53421 (1310749) on Wednesday December 29, @03:40PM (#34702996) Journal

Source - http://slashdot.org/comments.pl?sid=1928730&cid=34702996

"N"-word and all.

Re:"Gee, We wonder who the ac is?" Not!

you = APK

clone caught trolling as ac, again?

I'm not sure who you're referring to, but you can be assured that by this point we're all convinced it's you clone (under your clone53421 (1310749) registered account, rather than your other registered account of clone52431 (1805862). Seems that Michael K here is doing the same and giving you a dose of your own medicine, as he posts here using many multiple registered accounts, just like you clone. It appears you have caused yourself a problem clone, and it doesn't look good here http://slashdot.org/comments.pl?sid=1929880&cid=34773824

i have on multiple occasions formally accused you of federal felony copyright violations and conspiracy to commit murder. you're an ignorant hypocrite. you stole my photographs and redistributed them unaltered with a call for my murder attached.
you are most certainly a felon. JUSTICE IS COMING. your ".40" that you claim you'll be waiting with will not be as effective as it is in your psychotic dreams. cower some more, feeb. you're completely pathetic. MichaelKristopeit347 (1968128)