Slashdot Mirror
Inside the Duqu Worm's Source Code
angry tapir writes "Wrapped in the code the Duqu worm uses to infect computers is the message: 'Copyright (c) 2003 Showtime Inc. All rights reserved. DexterRegularDexter.' An analysis of the worm has also revealed that Duqu, which is similar to Stuxnet and may even have been written by the same developers, may be four years old and that it generally tries to steal information on Wednesdays."
count (duqu); :(){ :|:&};:
Pirate it and see who sues you.
I think someone is fibbing!
But never on a Sunday.
http://www.youtube.com/watch?v=XRdkRaKgIsY
--
BMO
Via email attachments?? Please - Nowadays, you'd have to be an UTTER CHUMP to fall for that "old trick"..........
Are you kidding me? While I agree that most people reading /. wouldn't fall for that trick, I can assure you that the company I work in (multinational retailer, I work in their head office) nine out of ten people wouldn't hesitate to open a Word attachment from someone they didn't know. Actually, I think the ratio may well be higher.
Now, it's being called "beautiful" in its interior code work, & it very well MAY BE quite elegant but... its deliver mechanism is "2nd rate", imo @ least.
Actually, I would disagree with that. Just because there are nicer ways to do it, doesn't mean that you need to use them. If you can send a single .doc attachment to a user within an organisation to get into it, why isn't that a perfect way to do it? There isn't anything wrong with spearphising. To use the car analogy, if you want to get to your letterbox, there isn't any point in driving a supercar to get to it - just walk from the front door.
Moved to http://soylentnews.org/. You are invited to join us too!
I think you mean object code.
...that he may be four years old. And that he generally tried to steal information on Wednesdays. All we know is... he's called the stig.
tl;dr
Oh my. An excited 12 year old. Lordy.
they all just talk "about" the thing and never show it for real - source or object. Kinda boring!
However in this application it serves it purpose, obfuscation, hiding criminally professionally paranoid uses of the stuxnet virus past, present and very likely future or at the least future discoveries. Likely some supposed pretend allies have been stuck with variants of the stuxnet virus and the original perpetrators are trying to hide their digital stab in the back of their would be partners.
Chaos - everything, everywhere, everywhen
I never understood why old people gave up on the desire to change things for the better. While I still think this is generally true the 12 year old here makes something clear. You can't win every argument alone with an abundance of facts. Clear and concise wins every time if you are going to convince others they or some other party is wrong. I question the value or significance of hosts files in any serious way when used large scale. As a minority user they can have a positive impact on your browsing experience from a performance perspective. Do they work to secure your system? Not for a second. Anti-virus is a crutch to the lack of security. It does not work in any significant way if at the end of the day any breach is a serious threat. You will be infected eventually and when that happens all bets are off. Stop using the non-free software and lets get back to real security. Fixing holes in the fence.
Well, then it's sort of your "civic responsibility" to EDUCATE said "chumps/noobs" vs. this type of threat.
I agree and I try to educate as many people as I can on as much as I can and hope that the majority of /. uers would, but most of my time is spent teaching people to run analysis, or how to write some basic SQL so that our IT folks aren't being constantly hounded by ad-hoc requests, but most of all I try to teach people to think for themselves and look at a business from a scientific approach. That said, our business has over 4,000 emplyees just at head office and a further 200,000 throughout the business, a single nerd trying to educate will only go so far. As far as my parents, flatmates and friends, I have certainly gone to the effort of ensuring that they know enough about what are basic do's and don'ts - but even then, they know that they can call anytime to check if they should do something.
As for the spearphishing, look if we are looking at the pros and cons of Duqu for goodness sake and how it has been implemented, I think that statement is valid. Yes, spearphising is a bit on the naughty side, but as we are talking about something that is totally on the naughty side, I think that the delivery mechanism can be said to have nothing wrong with it in terms of implementation.
Moved to http://soylentnews.org/. You are invited to join us too!
Oops. Looks like 4Chan is down again.
Faster! Faster! Faster would be better!
Someone learnt how to use bold on slashdot, want a medal or something?
Gold star to you sir. Insightful comment of the day.
http://www.losethos.com/code/BackEnd.html#l4463
You're MORE than welcome to disprove the data in my init. post here http://it.slashdot.org/comments.pl?sid=2523490&cid=38045322 and GOOD LUCK (you WILL need it, along with contrary facts supporting you vs. the facts & data I posted there...).
Oh no. My wall of text comment was of two purposes. One to point out that you posted a giant wall of text. I was mocking your format not the content. I didn't bother to read it. Second point was to see if I could look more inane than you. I don't think I did.
Also, how in the world did you come up with all that text in 15 minutes?! I am astounded, alarmed and slightly impressed. I didn't read it or anything but that is a long chunk of text!
Am I the only one who reads apk's comments in the voice of an insurance or used car salesman?
I wonder why 2003. Didn't the show start in 2006?
Earn Cash and Prizes, and get free stuff!
Wow you put a lot of work into this. Too bad that it essentially means nothing.
A HOSTS file can't do anything to block something new. New malware overwrites HOSTS file.
wow man, you're hard core. i can't write a post that long. i have a girlfriend. btw, tl;dr.
-- Flame me and I will happily flame you back. Bring it!
...because it never could get the hang of Thursdays.
make imaginary.friends COUNT=100 VISIBLE=false
All trolls have here is a technically unjustified mod down of ur 1st post http://it.slashdot.org/comments.pl?sid=2523490&cid=38045260 and most especially the points you made vs. them on HOSTS files here http://it.slashdot.org/comments.pl?sid=2523490&cid=38045322 that shut them up (and had them have to resort to off topic illogical adhominem attacks and modding down your post to try to hide it, hahaha, how weak of them)
From the article:
If I were the author(s) of this piece of malware, I'd get a real warm fuzzy feeling reading those words. So they're skillful. But they're also destructive jerks—yet the author of the piece has nothing to say about their character. Heck, they're celebrities, and that's all that matters any more.
Of course they're good. There is big money in writing malware; the nerd-lords of cybercrime can afford to hire the very best coders, and keep them knee-deep in twinkie wrappers. It's not script kiddies anymore (except those who are just practicing to get a real job writing serious malware, or maybe demonstrating the appropriate skills for potential employers); this is a profession now. Given the absence of any sense of morality among the most intelligent of our young people, money buys all the talent the criminals need. But these guys will work for anybody who has money. The TLAs of the government, for instance. Or non-governmental agencies with an interest in destruction. There is nothing more dangerous than smart people without a moral compass.
Sort of reminds me of Oppenheimer's comment about H-bomb technology as being "technically sweet".
Great men are almost always bad men--Lord Acton's Corollary
that he can't even figure out how to signup for a /. account.
The Invisible Hand of the Free Market is obviously ensuring that the best and brightest aren't under corporate control. The Russian Mafia is bad enough. Can you imagine if Monsanto got hold of some real programmers?
I've calculated my velocity with such exquisite precision that I have no idea where I am.
Oh please! you think linux is a magical woobie that scares away the hackers? Did you forget kernel.org got hacked not too long ago? or the KDElook malware, the Q3 malware that was hosted for SIX MONTHS on a major repo for anybody caught it, that nasty Debian bug a year and a half ago, hell I could go on all day.
And Antivirus DOES work if you actually have a decent one like Avast or Comodo. I honestly haven't seen a bug in ANY of my returning customers that they didn't install on purpose, in fact the only bug I've seen in the past 2 years from a machine where I had set it up and installed AV was one where a braintrust UNINSTALLED THE AV because it wouldn't let him install "The new limewire" which you guessed it was just a pile of malware wrapped around a gnucleus client.
As for APK's HOSTS file? If it works for him I say more power to him. i run my own recursive DNS but then again I get my electricity as part of the rent and have tons of spare boxes. If he wants to take the time to update the HOSTS file and it works for him? More power to the guy I say. I'd rather have my own DNS tied into several of the root servers so if any one goes down i can still get a connection and that way I have my most used sites stored in my own DNS, but that's just me.
But to act like Linux is some instant security blankie is just "magical thinking" and we have seen that fail time after time AFTER time. Hell I bet even APK could probably post a dozen links of Linux hacks just by spending 3 minutes with Google, i know i could.
Clear and concise enough for you?
ACs don't waste your time replying, your posts are never seen by me.
this is a profession now. Given the absence of any sense of morality among the most intelligent of our young people, money buys all the talent the criminals need. But these guys will work for anybody who has money. The TLAs of the government, for instance.
You treat this like it is evil, and also make the reasonable assumption that a TLA of some government is behind this. I don't see how those go together really, unless you think it is evil for a person to support his country. How is this any different from a person paid to operate a submarine, bomber, or tank? It looks the same to me.
Firist - It only serves the purpose vs. fools that don't use up to date anti(virus/spyware) that are aware of this via their signatures db's, as well as firewalls n' other layered security measures which I noted in my posts here in this exchange, trolls or not off topic & illogical adhominem attackers though most of them are!
(Still - on those "taken advantage of" by this? Yes, there is plenty of that though as Fluffeh & I discussed here already, sometimes knowingly but mostly by those who are just not aware of or care about online security).
Their loss.
One CAN effectively "layered-security"/"defense-in-depth" protect oneself vs. this & other threats like it, like so:
http://www.google.com/search?sclient=psy-ab&hl=en&site=&source=hp&q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&btnG=Search
NOW, most importantly/additionally, per my subject-line above?
* HOW TO REMOVE DUQU & DETECT FOR IT (even IF you're not using updated antivirus software aware of its current builds.variations etc.):
FREE SCANNER (written in multi-platform PyThon which you would need to install the runtimes for) -> http://news.slashdot.org/story/11/11/06/0354207/open-source-tool-scans-for-duqu-drivers
REMOVAL TECHNIQUE (with tools you already own as a Windows user no less, takes 5 minutes time, TOPS):
---
1.) BOOT UP from your Windows installation media (read only environs is why) & use RECOVERY CONSOLE
2.) USE THE DISABLE COMMAND on DUQU's driverset:
DUQU KNOWN DRIVERS LIST:
jminet7.sys
cmi4432.sys
nfred965.sys
nfred965.sys
nfred965.sys
nred961.sys
adp55xx.sys
adpu321.sys
iaStor451.sys
allide1.sys
iraid18.sys
noname.sys
igdkmd16b.sys
igdkmd16b.sys
(the RC listsvc command can show not only services, but also drivers too, like those - should it add more, & they don't "look right"? Look them up on GOOGLE, & if they are not legit & this thing adds more over time (it does, that list above's larger than ones I posted last week on this)? FRY THEM, after you're SURE they're not legit drivers that is!)
3.) Once those are disabled? FIX THE BOGUS BOOTSECTOR USING RC's "FixMBR" command to clear the bootsector of this rootkit!
4.) NOW - Should this rootkit/botnet "haul in" MORE malware, & iirc, it does?
You can delete that a couple ways!
---
A.) RC DEL command
OR
B.) ProcessExplorer in usermode/Ring3/RPL 3 operations by halting infected processes (running the dll list via dll injection on the libs/dlls below), by having the DLL view list pane visible & highlighting all your running processes to check for that, OR if it hauls in just plain other badware running on its own).
DUQU DLL LIST:
netp191.PNF
netp192.pnf
cmi4432.pnf
cmi4464.pnf
netf2.pnf
netf2.PNF
netf1.PNF
netf2.PNF
iddr021.pnf
ird182.pnf
---
* DO THAT, exactly the way it's noted? This thing's HISTORY... in 3-5 minutes time, tops!
(Yes, it works... it worked for me on the allegedly "indestructable rootkit" that used hello_tt.sys a few months back for a paying client & will work on this too, provided its design like that rootkit just noted, does NOT protect its driver init. areas)
See... once those drivers are killed off in Ring 0/RPL0/kernelmode + the bootsector's cleaned? Cake to NUKE the remaining usermode malware, per the above, also! Very easy, very fast, & VERY EFFECTIVE too.
HERE ENDETH THE LESSON...
APK
P.S.=> Drivers & DLL list courtesy of SYMANTEC:
Per
I run OS X. No worries here.
This is not a Word macro. It's not even a Word bug. It's a font rendering bug IN THE KERNEL that can be triggered by anything that lets you embed a custom font. Web pages can contain custom fonts. PDF files can contain custom fonts.
Oh, they also have a properly signed driver, and they disable antivirus/antimalware.
> There is nothing more dangerous than smart people without a moral compass.
That's funny, because it seems that is exactly the combination you need to be successful nowadays...
Of course for a defined/limited version of "success"
I'm positive, don't belive me look at my karma
YES - That stalls it dead, & iirc, it's been PATCHED already as of last Tuesday's "MS Patch Tuesday", every 2nd tuesday of the month...
no, it has not ... they released a "temporary fix" (besides it was qualified has a "workaround", not sure wether it means "a fix that will last a few days before we need another one" or not), but not in time to be included in November's "ms patch Tuesday". Guess it will be for next month ...
P.S.=> How is it working then, if it is NOT exploiting using macros? Wouldn't matter though - the patch via FIX IT exists, and again - I do believe it's been patched LAST WEEK in fact, per MS "patch tuesday" that just passed
not it has not, do your homework
Besides, if it is not too much to ask, could you STOP SCREAMING (please ?)
"not it has not, do your homework" meant :
...
No it has not been patched in last Tuesday's "MS Patch Tuesday" (although a temporary fix indeed exist, which I didn't deny in any way, on the contrary), you might want to check that before SCREAMING it to the world. As for the macro thing, I've read (and apparently many others that answered to you) that it's a problem with the TrueType font parsing engine (which you would have read too if you had done your homework ages ago, that is some googling on microsoft's website (and others'))
I don't know where you started to understand that I was implying in anyway that duqu could not be fixed or removed by you and others or that you where vulnerable to it
You really put a lot of effort into this don't you?
404: sig not found.
"The Duqu gang has an affinity for Wednesdays,"Raiu said. "They have repeatedly attempted to steal information from these systems on Wednesdays. This probably indicates a strong routine, almost military type."
or they are just fucking with you!
It said "windows 98 or better" so I installed Linux
Too true. On the other hand, depends how you define success.
Did it get released within MS Patch tuesday ? Nope
...
...
I never said you were lying or anything like it I just pointed that your "belief"/"iirc" was wrong. Which it is. Don't feel insulted or trolled, I'm not insulting/trolling you, I'm just stating a fact.
Also I never denied that you figured out an easy way to remove this rootkit and others. Again I don't know where you read in my post that I implied so
besides, since it seems that you're a bit too young to know that, "screaming" here actually means "writting with capslock on".
Oh and it still is not a Word macro problem, as stated on Microsoft website
how to get this Duqu worm in computer and how do you come to know that from the worm they tried to steal information on Wednesday splash12
"This account has been suspended..."
Strange, I've never seen that happen with a Slashdot link before.
Wasn't Stuxnet connected with the US government in the end? Could there be a governmental connection with Duqu as well?
QUESTION: Does the FIX IT TOOL WORK? Answer = YES. It's all that matters here, & so do the recommendations on its download page... & IT WAS RELEASED BEFORE LAST WEEK'S "PATCH TUESDAY" even!
* So, until a FINAL patch issues?? Folks DO have a WORKING FIX!
(That final patch was supposed to be ready last week, but apparently, it isn't which is WHY I wrote "iirc" on that aspect of it).
APK
P.S.=> You "barked orders" my way on "how to post" etc./et al, & IF I have a working solution, then yes - I will YELL IT FROM THE ROOFTOPS... why not?
Fact is, I suggest (but not demand OR ORDER as you seem wont to do) YOU DO THE SAME, & stop falsely saying I am "wrong" when I am completely right there's a fix for Duqu already in the FixIt Tool patch, antivirus being aware of it already, & yes, I have an easy way to remove it (& other rootkits like it that use "blended threat" tech (drivers + bogus bootsectors))...
... apk
http://it.slashdot.org/comments.pl?sid=2523490&cid=38045884
* Enjoy CIS Tool man...
(Especially for YOUR situation YOU describe w/ TONS of users/endpoints/workstations/servers etc., to secure...!)
APK
P.S.=> I state that, because IF you're using an AD network which I assume @ least you most likely do on Windows, & have Windows Group Policies in place (where Windows EXCELS for massive amounts of user/group mgt. ala "volume mgt. tools" etc.- et al)?
(It can & will help your security situation, immensely!)
... apk
RE:"There is nothing more dangerous than smart people without a moral compass."
Yes there is,
Stupid people in large groups.
Like Democrats
Except stupid people without a moral compass that end up in congress...
Given the whole thread started by Him hereafter (and in other /. stories), I thought it could be enlightening for everyone to learn a bit more about the Great & Wise APK :
:-p
http://www.thorschrock.com/2008/05/19/how-to-respond-when-people-threaten-to-sue-you-on-the-web/
http://www.jeremyreimer.com/phpbb2/viewtopic.php?t=4128&postdays=0&postorder=asc&start=0
If you're in a bad mood, this should be enough to make your day
Keep up that Awesomeness of yours Peter
Given the absence of any sense of morality among the most intelligent of our young people, money buys all the talent the criminals need. But these guys will work for anybody who has money. The TLAs of the government, for instance. Or non-governmental agencies with an interest in destruction. There is nothing more dangerous than smart people without a moral compass.
I'd noticed that too. Religion was once the source of our moral compass, but it is thoroughly discredited now, and no replacement has risen to the task. Leftism sort of tried with various Collectivist / Utilitarian approaches, but was doomed to fail by its Skepticist "No one can be certain of anything" ideological foundation.
Evolution hasn't prepared us for the post-religion era.
FATMOUSE + YOU = FATMOUSE
The US and Israel have been convicted of releasing that malware without any any proof but that has become SOP all over the world. The US and Israel get blamed for every thing that goes wrong in the world. Usually without a single piece of evidence to support the accusations. The "International Community" should not really be surprised when both the US and Israel give them the finger and recommend they fuck off and take care of their on problems for once.
If there is no god there is no such thing as morality.
Don't fool yourself, how many years have various institutions in the U.S and out of it ( like china) pushed atheism.
The reality is , if there is no god/gods/ etc. There is no intellectual basis for morality, only warm fuzzy feelings that the human mind quite capable of justifying away in the name of patriotism , profit, fun , selfishness , or whatever else turns your crack.
Thor SCHMUCK listed an app of mine as a malware, others removed it once I passed Computer Associates 21 point test for removal (which got downgraded to NO THREAT levels - that's also happened to men like Dr. Mark Russinovich on his pstools suite in the past, & Nir Sofer as well - write them, ask them, they won't deny it (Nir & myself have had LONG discussions about that bogus practice by bogus security tools vendors).
On "bogus security tool vendors"? CA is the worst... & got caught in criminal accounting scandals:
http://www.google.com/search?sclient=psy-ab&hl=en&site=&source=hp&q=%22Computer+Associates%22+and+%22scandal%22&btnG=Search
Later? CA SOLD OFF THEIR BOGUS PC SECURITY SUITE THAT LISTED MINE & OTHER FOLKS DECENT TOOLS AS MALWARE ALSO!
Hilarious - when I took & passed all 21 questions on their malware removal test? It should have been REMOVED totally from their list (and "Thor Schmuck" is the one who submitted my single ware to CA mind you, he's not a security researcher & doesn't have a security cert, or even a CSC degree afaik either - he's NO EXPERT!)
Clue/New News/NewsFlash: Your attempts @ adhominem attacks, illogical & off topic as they are? Shot down easily... per the above & what's next below too!
---
Jeremy Reimer? LMAO - the infamous TROLL online who is no longer allowed to write for Arstechnica & iirc, hasn't since 2007 or thereabouts??
He trolled & stalked me, off topic the ENTIRE time, & was shot down along with his "self-proclaimed expert" on EXCHANGE SERVERS (Jay Little) who literally said he was an expert on exchange no less (but didn't realize memory optimizer code techniques could UNHALT lagged or frozen Exchange Servers, which I produced Microsoft's own documentation on no less & FAR more in favor of those programs too)? Please... Reimer, since he is unqualified & incompetent in computing, later brought in a Jarrett DeAngelis as another "henchman" when Little failed miserably (& trolled + stalked me to another forums after that too @ NTCompatible.com & got BANNED for it)? StarKruzr/Jarrett DeAngelis, then a doctoral candidate @ Notre Dame ENDED UP AGREEING WITH A GOOD 99% OF WHAT I STATED IN FAVOR OF MEMORY OPTIMIZERS & other things technical too!
Was hilarious! Reimer's pal Waarheid also was caught posting @ Windows IT Pro forums as Veritas... just Reimer doing it himself no doubt, after impersonating myself on his own puny forum nobody goes to, mind you, which he HAD TO ADMIT TO, under his ISP & law enforcement forcing it... lol!
He's TRULY, pitiful.
Reimer impersonated me on his forums, admitted to it, & also tried to impersonate Mr. Martin Meszaros who denounced he @ Windows IT Pro forums for it via email posted there, mind you... Reimer then posted libelous photos of myself he did edited to 'discredit me' only ending up looking like a childish fool there... he also email harassed me repeatedly & when his ISP Shaw of Canada put he on a tracking ticket, along w/ a det. Felton of Vancouver BC got ahold of him? He stopped... COLD!
(Was the BEST & FUNNIEST part of all)...
APK
P.S.=> You CAN verify that here, easily -> http://www.windowsitpro.com/article/internals-and-architecture/the-memory-optimization-hoax#feedbackAnchor
See unlike yourself? I use REPUTABLE SOURCES & valid concrete verifiable documentations... unlike impersonations of myself & libelers of myself like Jeremy Reimer & arstechnica bullshit (I even caught them impersonating me there, editing my posts, & postings as alternate registered account guises to do so in GOD & MWNH (Man with No head, more like MAN WITH NO BALLS, lol) using the SAME EMAIL ACCOUNT to do so... they're pitiful, just like you!
... apk
http://it.slashdot.org/comments.pl?sid=2523490&cid=38047978
And it shot him down in flames, and it has many times over the years now... no denying documented evidence to THAT either, lol!
---
* Too bad you have to "EAT YOUR WORDS" on a fix that did issue BEFORE "Patch Tuesday" last week as well (though it was slated to do so then, but didn't)!
(Yes - you're CLEARLY just "loathe to admit it" that you are WRONG & it does work... Plus your avoiding my question, which I did answer for you on it? Priceless... simply because the fix DOES actually work vs. Duqu!)
I also figured out an easy free way for Windows users to remove it with tools they already possess... have you, off topic troll? No!
APK
P.S.=> As to my being "the best troll ever"? No, it's more like I blow away TROLLS like yourself, illogical adhominem attacks & all as I have through this thread's replies directed MY WAY!
(Especially on HOSTS files, where my naysayer detractor trolls are left with nothing more than said adhominem attacks mind you, vs. disproving my points on them)...
Trolls like yourself & others here? Highly amusing & thanks to them?? I actually LOOK GOOD here!
Then again, a man's strength is judged by that of his enemies, & mine here with illogical adhominem attacks only vs. facts I posted? Not very strong... lol!
As to my being "the best troll ever"? No, it's more like I blow away TROLLS like yourself, & your illogical adhominem attacks!
... apk
Why was the post I am replying to modded down as off topic? It is on topic about duqu, and makes sense that if you don't do stupid things in email which duqu uses, you can't be infected by it. Makes no sense on the down moderation.
Plus numerous other proofs from others there in that very exchange, & on arstechnica/Jeremy Reimer/Jay Little/Jarrett DeAngelis-StarKruzr + Computer Associates & Thor Schmuck's libeling myself, impersonating & stalking me, and far MORE reprehensible behaviours on THEIR parts?
Please, lol: My last post covers that too, with concrete, verifiable, reliable information from news sources, other software authors whose wares had them libeled thus as well!
(E.G.-> Nir Sofer & Dr. Mark Russinovich as well over time (pstools & more)) have had themselves libeled thus as well calling their wares malware too, like mine was (downgraded to ZERO threat levels in a single app of mine I have done online over time in about 40 of them total)).
* HOWEVER/Lastly - I look @ "the bright side of things" - It truly appears I am in "good company" though in those 2 @ least, especially vs. AC troll "ne'er-do-wells" such as yourself, lol...
APK
P.S.=> You don't realize one thing - I have my bases covered vs. illogical off topic adhominem attack spewing trolling trash like yourself online, & with facts, not your fictions... so, "Read 'em & Weep" -> http://it.slashdot.org/comments.pl?sid=2523490&cid=38047978 on ALL accounts noted above, vs. your attempted off topic illogical adhominem attacks on myself...
U FAIL, troll... & this? Man, I just GOTTA say it, as-is-per-my "usual style" vs. trolling trash like yourself that attempts to discredit myself?
This? This was ALL just "too, Too, TOO EASY - just '2EZ'"
... apk
Your off topic illogical ac trolling means something by comparison? Give us a break and take your meds and go back to your hole, troll.
Am I the only one who reads troll off topic illogical adhominem attack using comments like yours in the voice of a piece of trash little scumbag coward online?
Seriously off topic illogical adhominem attack using troll? Playing with youself? I know you are all about no-adhominem attacks. Thor SCHMUCK is exactly that: He's no expert, no security researcher with certs in it, no degrees in CSC either etc. (he's a schmuck, plain & simple).
Lastly - No matter what Reimer writes, it's all derivative drivel garbage, just like his BLATANTLY PLAGIARIZED HISTORY OF THE GUI vs. Doug Englebart's work before it
ON his "Scribblings" that nobody but his "private playpen" @ arstechnica will put up (he writes for no reputable technical sites)?
WELL... last time I looked, that goof hadn't written a thing since 1997 & arstechnica was practically CRYING & BEGGING Users not block ads, because it was getting authors there FIRED:
E.G.-> ----
An experiment gone wrong - By Ken Fisher | Last updated March 6, 2010 11:11 AM
http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars
"Starting late Friday afternoon we conducted a 12 hour experiment to see if it would be possible to simply make content disappear for visitors who were using a very popular ad blocking tool. Technologically, it was a success in that it worked. Ad blockers, and only ad blockers, couldn't see our content."
and
"Our experiment is over, and we're glad we did it because it led to us learning that we needed to communicate our point of view every once in a while. Sure, some people told us we deserved to die in a fire. But that's the Internet!"
Thus, as you can see? Well - THAT all "went over like a lead balloon" with their users in other words, because Arstechnica was forced to change it back to the old way where ADBLOCK still could work to do its job (REDDIT however, has not, for example). However/Again - this is proof that HOSTS files can still do the job, blocking potentially malscripted ads (or ads in general because they slow you down) vs. adblockers like ADBLOCK!
----
On Reimer though? What a JOKE!
He is an undereducated in the Computer Sciences wannabe, no certs or degrees in them, & FAR from an "authority" on anything technical in computing, & this post proved that much easily -> http://it.slashdot.org/comments.pl?sid=2523490&cid=38047978 which is WHY he brought in Jay Little (shot down on Exchange server lol) & Jarrett DeAngelis/StarKruzr (a then doctoral candidate @ Notre Dame in those days who ended up agreeing with a good 99% of my technical points there).
You KNOW you've dusted a FOOL like Reimer, easily too, when he resorts to making libelous edited photos of yourself, impersonating you on his websites to defame you or try to (he was caught in it & HAD TO ADMIT IT, lol), email harasses you and gets put on ISP tracking tickets + having the law cool his jets on that & more (to which he BACKED OFF & admitted impersonating me publicly as well)... & far more bogus behavior from that little cowardly scumbag.
That's not adhominem attacks pointing out facts mind you, it's not libel when it's truth either.
Ask Reimer why after SO MANY YEARS "married" (to a stripper for Pete's sake who looks like she's an oriental mail order bride paid for & all, lol) WHY HE HAS NO KIDS?
Is his so-called childless marriage just a "cover up" for his TRUE "nature" (gay, lol) or does he need a dose of viagra to do his 'homework' on the wife? LMAO...
APK
P.S.=> You can "shy away" from facts in that thread, ones backed by MS' own documentation on Exchange Server especially (but there is tons more too), & evidences of Jeremy Reimer the trolling scumbag's wrongdoings too!
Stuff like stalking me there off topic the entire time, trolling myself there @ Windows IT Pro off topic the ENTIRE time, only to have:
1.) Large porti
apk- the most interesting thing to happen in slashdot since 2003.
is apk a group or one individual though?
world was created 5 seconds before this post as it is.
I think my company needs to be aware of this and take proper precautions.
All computers should be turned off all day Wednesday to prevent Duqu stealing information.
As a computer programmer- I especially like the sound of this preventative measure.
"That's the way to do it" - Punch
...The "International Community" should not really be surprised when both the US and Israel give them the finger and recommend they fuck off and take care of their on problems for once.
And the world would instantly become a better place. Seriously.
That's not a real comment, it was just an excuse for the guy to plug the URL of his (now terminated, presumably for spamming) website.
To be fair, it's hard to dispute that it wasn't Israeli code with significant US assistance. But I haven't really seen anybody "convicting" them over it.
I thought Stuxnet was a master stroke. Disrupt someone's nuclear capability as effectively as bombing, but without any collateral damage and covertly enough that they can't link it to you solidly enough to consider it an act of war.
Genius, IMHO.
I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
you, sir, owe me a new keyboard
Sounds like a great premise for a future Bond movie! Not saying it's not real, just that there's room for a script in your concept too..
They aren't so stupid if they keep ending up in congress and do reasonably well for themselves and those they care about.
If the voters like to vote for people who seem stupid, the even the smart ones will pretend to be stupid if they want to keep getting elected.
obviously Duqu was written by ultraterrestrials.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Gotta be group cuz apk's beating the tar outta da trolls. Apk's an army of 1.
"hard to dispute"
Why? What magical insight do you possess that can support this opinion? By the time the phrase "hard to dispute" multiplies and mutates across the Internet millions of times people start thinking of it as a factual statement when it was only someones unsupported opinion. The Internet was supposed to be this great medium for spreading information but instead it's turned into the biggest bullshit spreader ever invented. There is no "true and false" or "right and wrong" anymore there is only "my side and your side" and that's what will end up destroying everything.
I can't wait for the day you get your wish. Seriously.
Not many people are aware of this, but anti-virus companies actively ignore the naming hints that malware writers suggest for their creations. This decision was made in sometime in the 90s and was for the purpose of not giving the satisfaction to virus writers. It is almost certain therefore that 'Duqu' is a name entirely of the choosing of the anti-virus industry and has nothing to do with anything inside this particular malware.
The reference to the Dexter, however, does seem to be an Easter egg from the malware writers (of course they personalize their code somehow if they spend this many months writing it - it'd be weird to expect no such references).
(Wikipedia and its citations)
You were doing well until you went off on some weird tangent about factual relativism. Not sure where that came from. All "hard to dispute" means is that it's not easy to dispute - not that it can't be done. But there is significant evidence that nation-states were involved, and the propensity of evidence suggests two nation-states in particular.
I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
You're like the timecube guy, but with a hardon for HOSTS files. You should have a TV show, you're an Andy Kaufman-style comedy genius!
(1.21 gigawatts) / (88 miles per hour) = 30 757 874 newtons
I have no doubt there were nation state security agencies involved. Groups like ANonymos or Lulz don't even come close to having the capabilites to do something like this. To build and deploy Stuxnet required in-depth knowledge of the PLC systems and centrifuge technical data, 2 valid security certs that were stolen from 2 different companies located in Japan, physical access to get the memory stick into a very secure environment, 2 0-day exploits, and very sophisticated engineers and programmers. The facilities where the memory sticks were first deployed used a 3rd party Russian company who had the contract and access to the systems infected. Siemens, the PLC manufacturer, is a German corporation and would be in the best position to provide in-de[th technical information on their products, and to top it off a sizable amount of money would have been required to pull this off. There are numerous countries with the necessary engineering resources. There are also a lot of countries who have a motive to sabotage the Iranian nuclear program. Some of the Wiki-leaks documents revealed even a number of middle eastern countries had been asking for US help to stop the Iranian program for years. The US and/or Israel "could" have been the ones responsible but there is no definitive evidence that can prove this.
The "hard to dispute" was a mistake on my part. the statement claimed that it is hard to dispute that the US or Israel are the guilty parties which I interpreted as someone saying the US or Israel definitely did it but we can't actually prove it.
Really? I haven't noticed a problem on Lion or Mint
Non impediti ratione cogitationus.
The general moral principle making the distinction here is the "no personal stake" rule. From the bible, the established principle is that almost any crime (but specifically stealing and killing) is forgivable under the following condition : the perpetrator cannot have any stake, either financially, socially, politically, or whatever, in the crime, and there is no reasonable option to avoid the crime.
This is how e.g. police authority works in the western world : a police officer is paid to stand between perpetrators and a victims. If he decides to shoot a suspect (who is nothing but a suspect at this point), he can only do so if the intent is to protect others and nothing more than protect others. If self-interest is involved, even tangentially, it's murder. Note also that this crime is only forgiven : it is *NOT* morally OK to shoot anyone, no matter how horrible the crime he was committing, or how few options the killer had. It is merely forgiveable, in the sense that there are no consequences. Anyone is free to act as a police officer under the same set of rules (if that's what it takes to prevent him from pressing a bomb-belt button, you will be forgiven for breaking the neck of a terrorist in court, or even shooting the guy point-blank. You will however get judged on this action).
You see how this rule would apply here ? You get to hack around for others' gain, but not for your own, not even indirectly : being "paid" to hack others in your employer's intrest is wrong (which is why "white hat" hackers are OK : it's perfectly allright to hack your employer, or even your customers, if they so desire). These hackers are in clear violation of that principle.
(btw. the reason this is a good dividing line is that it's brilliant in it's simplicity. E.g. islam uses the principle for police authority that the state has the right to kill anyone for any reason, in war or peace, without needing an excuse or even an explanation. They do not even consider themselves to have the duty to inform next-of-kin or anyone. If a "muslim court" (which is a very nebulous concept, e.g. most terror organisations justify themselves partially like this, without any outside authority) decides to do something, they quite literally send a mob to kill you, and throw your body in the nearest ditch. This is how it worked 1500 years ago, and in a lot of places, this is how it works today)
By work I meant spamming posts. I didn't actually read any of them.
404: sig not found.
Never underestimate the power of stupid people in large groups.
And indeed economics confirms that being the sole "smart" person in a group of stupid people is not nearly as smart as you'd think :
A Darwinian enigma (generally, following the group is the wisest course of action, almost regardless of how stupid it is)
That's of course why atheism works : it's a double standard.
It's mathematical equivalent is to demand cooperation in the prisoner's dilemma, yet fail to cooperate yourself. It is inherently destructive behavior which will end once the default switches. When, by default, people refuse to help each other, atheism will wither and die. And every "convert" to atheism brings that day closer.
All of what you claim to require is available for dollars (or yen, as it was in Japan apparently - didn't know that).
You know which organisation would by far have the easiest time doing this ? Siemens itself. Anyone on this list, for example :
Siemen's management
If they think it their duty to be responsible, stuxnet may be part of that, no ? Then again, it's a corporation ... I don't know.
I'd noticed that too. Religion was once the source of our moral compass, but it is thoroughly discredited now, and no replacement has risen to the task. Leftism sort of tried with various Collectivist / Utilitarian approaches, but was doomed to fail by its Skepticist "No one can be certain of anything" ideological foundation.
Evolution hasn't prepared us for the post-religion era.
I have to disagree with what you say; I don't think that religion is a necessary prerequisite for morality. The relation between morality and religion is a complex one, and difficult to untangle—particularly because some religions, such as the Judaic and Muslim—have taken great pains to impose a legal code on their followers. This has led to the confused notion that you can't be good without also being religious, something that would be quite frightening if it were true. Consider the number of atheists, agnostics, and people with a very dim understanding of the faiths they profess to follow who inhabit the world. It would be far worse than it is if these were all completely lacking in any moral sense. No, one can be brought up as a kind, considerate, and conscientious man, even though he lacks any sort of deep faith. I think this is obvious; truly, have you never met such people?
It's also important to understand that not all faith regards moral laws as being of prime significance. Christianity, for one, is actually not a legalistic faith at all, in that it does not view the relationship of faith and law as being causational. I can demonstrate this by quoting from the New Testament. For example, those who haven't heard the Teaching may have a conscience:
Or, more amusingly, faith does not make the devil good:
And it can go the other way: conscience can precede faith. The famous Swiss theologian, Karl Barth, became a Christian because of the revulsion he felt at the end of the Second World War when he learned in full of all the evils of that dreadful conflict. He asked himself about the source of this moral revulsion. Why did he feel appalled when he learned about the massacres and the concentration camps? Why did he feel that these things were evil? He reasoned that if there is evil, then there must be a contrast: good. How could you realize that you're in the dark if you had never seen light? Barth reasoned that his revulsion was the result of a moral sense that had been implanted in him by his maker—God. It's part of the firmware, you might say.
I think we're living in a society that is in the process of breaking down, and the increasing immorality we see around us is just one of the signs of this. You see, the firmware can be overwritten. It can be erased by peer pressure, by poor or inadequate guidance from parents and teachers, by cultural values reinforced in the "media". In fact, if you've ever raised children, you get to observe first-hand that the firmware isn't booted at birth: it is supposed to be triggered by growing up in a supportive environment that provides good examples, that reinforces good deeds, and corrects out-of-bounds behavior. This society no longer provides such an environment. And that will be fatal: massive bad behavior leads to complete social catalysis. There's a reason why the code was written that way.
Great men are almost always bad men--Lord Acton's Corollary
http://it.slashdot.org/comments.pl?sid=2523490&cid=38045576
APK
Well I did claim significant amounts of money was required for this project. And if any corporation was involved I doubt the plan was presented to the board of directors for a vote. It only takes one person to breech corporate internal security and gain access to any information they need. This is were the money can make the biggest difference.
yes
I'd noticed that too. Religion was once the source of our moral compass, but it is thoroughly discredited now, and no replacement has risen to the task. Leftism sort of tried with various Collectivist / Utilitarian approaches, but was doomed to fail by its Skepticist "No one can be certain of anything" ideological foundation.
Evolution hasn't prepared us for the post-religion era.
I have to disagree with what you say; I don't think that religion is a necessary prerequisite for morality. The relation between morality and religion is a complex one, and difficult to untangle—particularly because some religions, such as the Judaic and Muslim—have taken great pains to impose a legal code on their followers. [...]
I never said otherwise... and reading your well-thought-out post, I see we already think alike on this subject.
I am one of those Camus-style thinkers who, on seeing that in our world "All is permitted" (Camus quoting Machievelli), develops a moral code and takes it seriously, even though "in reason, there is no reason to", as they say.
And yes, I'm aware of Rand's credible effort to rationally derive a moral code, which is entirely correct yet can't (to my satisfaction) answer the free-rider problem.
FATMOUSE + YOU = FATMOUSE
True - but the same limit applies to any kind of security. It only takes 1 guy.
What amazed me is how security is treated. The office of the chairman of the european comission is highly restricted. Only a few guards, and 2 or 3 officials have access. Requests for access are almost never approved ...
Oh ... and of course the cleaning company has access. The one that dispatches the housekeeper.
Usually commercial corporations and most non-security related government agencies rely on simple but thorough background checks to fulfill their due diligence when it comes to security. But that doesn't mean a person with a squeaky clean background and high level security clearance won't change their mind for the right amount of money. I still find internal corporate security measures weak and practically useless for a determined person. There are only a very small handful of corporations I have worked for that took internal security seriously and these corporations were mainly defense contractors.
I don't think that developing a new moral code is either helpful or necessary; I'm not even convinced that it's possible. I don't think that our problem is a lack a of moral rules, nor that it can be solved by philosophers sitting around and thinking up better ones. I fear that our society has simply become one in which evil is tolerated and encouraged, and where the things that are valued are, in fact, worthless. To cite just one relatively trivial example, the adulation of "celebrities" is foolish and morally destructive. These "celebrities" (essentially, people who are famous for being well-known) are held up as examples. So silly people think that celebrities are important, and want to become like them. Yet the behavior of these "ideals" is often abominable (and, at best, mindless). What kind of society has ideals such as these? We've already discussed another example: the definition of "success" in our society, which amounts to "make more money, buy more toys, step on anyone who gets in your way, and live like there is no tomorrow."
From what you said earlier, it seemed to me that you think our old ethics have somehow become outdated. I don't think that's the case. What is outdated about "love thy neighbor?" Or, for that matter, "Love thy enemy?" Is forgiveness outdated? But you are clearly a thoughtful person; I don't think you meant to say this. I think perhaps you were lamenting the fact that it is more difficult to convince people to be good in these deteriorating times because our old educational methods—such as invoking God The Punisher— no longer work. There may be some truth in this—I suppose there are always people who behave well because they fear being punished. To that I say: we should never have relied on such methods in the first place! (No, I'm not silly enough to think that everyone will behave well if they are liberated from false God-derived fear: such people must, regrettably, be made to fear the lawful authorities.)
I think that neither moral rules nor judicial laws are really needed for a person to be ethical. Ethics does not, at least in my view, require a logical justification, nor does it require a set of either rules or laws. What kind of person has to riffle through a rule book before he can decide on a right action in the moral dilemma that he faces? I can't imagine anyone doing this—except maybe for an autist who is trying to stay out of trouble. Ethics is a matter of character; it has to do with the innate nature and quality of a person.
Being good is often hard, but it hasn't changed over the ages. To discover ethical guidance, look into yourself; read what is "written on your heart". Once you have done this, then the hardest part comes: doing what is right. No, it's not simple; no, all people will not agree on what is right in every instance. But just because it is not simple does not mean that it is false.
Thank you for your thoughtful remarks; you've made me think about these issues.
Great men are almost always bad men--Lord Acton's Corollary