Otherwise, just don't mess with the shortcuts/hotkeys and I'm happy. I don't really care what kind of interface is used once I have hotkeys mentalized.
Perhaps the developers should focus more on getting people to use hotkeys rather then focus on keeping "clickers" comfortable, especially in an OFFICE environment.
The infection was, indeed, hiding in the BIOS. This was a Dell Inspiron e1505/6400, a machine that has a REALLY simple BIOS re-flash process. You simply download a compressed.exe, run it, and your done. I suspect the virus writer simply used this same process, in some manner, to reflash with their own "custom" BIOS.
What it actually DID was what was interesting.
It ran four separate cmd.exe instances during the XP Install. As I was watching like a hawk, I closed them the moment they popped up preventing the code contained in the BIOS to run. I was able to get the OS working enough to reflash the BIOS. That stopped the XP install weirdness. But the fun wasn't over.
He also had COUNTERFEIT Dell restore discs. The discs that came with the PC when he got it had missing drivers, another virus and did weird stuff with some account settings. No idea how he got them, but they appeared to be genuine discs, possibly slipped in by a reseller?
Anyways, got all the right drivers, used my XP disc to do a repair on the OS, and all is well.
So, in essence, the virus used the reflash process Dell uses to install to the BIOS, then simply corrupted the install after every reformat.
There is however, still, an 8MB area of the disc that the reformat will not clear (listed by Dell as "system" space) and this is enough room to pretty much do the same thing. It just wasn't the case this time.
I can't wait until someone decides to challenge all this crap and puts some of these devices on patrol cars, or even the car of Madison Judge Paul Lundsten, and lets the cops decide how to respond (no, I'm not going to do it. The cops in my neck of the woods are pretty decent folk).
If a warrant is not needed, what is to stop ANYONE from doing this, and doing so LEGALLY?
What law might I be charged with if I were to put one on a patrol car? Why wouldn't that law apply to a cop doing the same thing?
Just because you have the word "Judge" before your name doesn't mean your not an idiot. This entire decision on the judges part completely muddies the water in terms of existing laws that were designed to prevent STALKERS from doing this.
A warrant is a surety that the tracking is being done for legitimate purposes. As it stands, what the cops are doing is NO different then what a stalker might do because there is no assurance of legitimacy.
"That said, if I'm doing a PC repair for someone else, I'll get a USB external drive and pull the contents of My Documents off the HDD with the LiveCD before zapping everything. If it's my machine I'll zap everything and restore from backup..."
Interesting you say that. When I discovered all the above problems, I also noticed that the SP3 version of Windows RETROACTIVELY updates all copies of "Process Explorer" to the most recent version. I can only assume the instructions and data to do this are supplied by the OS, after all, Microsoft now owns controlling interest in Sysinternals.
When I plugged in my thumbdrive, Windows converted my Pre-Microsoft version of "ProcessExplorer" from 10.20 (The last version before MS got their hands on the company) to the 11.something version. No Autorun or Autoplay was involved. It simply over-wrote a file, without permission, on an EXTERNAL drive.
Considering how borked this guys HD was, It was a moot point as I reformatted the Thumbdrive as well after plugging into his machine. It felt "dirty" at that point, if for no other reason, Microsoft had infected it.
Faulty reformat was capitalized upon. And, yes, he DID use the Dell restore disc. The point is that the trojan AND the scam virus survived the reformat.
I am not sure how, nor have I claimed that, but all evidence on this laptop is pointing to another partition not being over-written.
My point is that this, and a thorough nuking of the users OS, makes it a requirement that the user re-enters all his personal information. That is the entire point here, specific to the article. It forced the user to enter information so the trojan can record it.
The first clue I had that something was running from another partition was that IExplorer was running in the background with NO GUI available. If I fired up IE manually, there were two instances of it, but only ONE GUI.
Not sure how root was maintained by the trojan, nor am I sure how, exactly, a partition was created, but I see the outcome. Two instances of IE with no control of/interface with one of them.
Funny thing is, the "Extortion/Spyware scam" appeared to piggy-back the trojan, as the scam was copied over, and still existed, after the reformat.
About to give it another scrubbing, so I will post further findings.
A friend, just last night, showed me his highly-infected laptop (please, being serious here). Not only did he have one of those "Infect the "customer", then sell them a fake cure" scams, but he had what appeared to be an everyday Trojan, with one huge difference.
It had created a hidden partition (I deduced this from HD size discrepency between reported size and actual), copied over enough "Windows" to run as a separate OS, then nuked his normal partition OS. When he reformatted, he wasn't paying attention (didn't know any better) and didn't delete that partition. The trojan was essentially maintained, right through a reformat (albeit, an incomplete one). It was an easy mistake to make considering how many Dell/Compaq built machines come with a separate 10-20GB partition that isn't always deleted on reformat, and for that reason the numbers for HD partition space don't always add up.
Here is where the sneaky part comes in. They nuked his OS, right?
NOW, after he thinks everything is groovy, he starts reinstalling applications, re-entering information and passwords and re-bookmarking sites. All while the trojan watches.
THAT is what the "nuclear winter" is for in these cases, to lull the user into a false sense of security.
This perhaps the single greatest opportunity ever to cross paths with Slashdot!
If we each pitch in a buck a piece...
Can you imagine the fun a few million/.ers can have with this stuff?
Projects/experiments can be decided democratically (!) via the moderating system and we can further fund the entire project from the click-throughs generated by poster signatures.
"but she believes that fines and a seizure of assets belong to the possibilities"
I think by "assets" they mean they hope to find logs of up-loaders.
From what I hear, each threatened lawsuit against up-loaders is worth about $3500 in the US, the average dollar amount that people have been "settling" for when threatened with a lawsuit. If the record companies/RIAA don't WANT to settle, then a HELL of a lot more.
Once again folks, it is all about money. And your letting YOUR governments be USED to make it happen.
"Why there haven't been studies using Lithium isotopes to trace the effects and identify the specific class(es) of condition(s) Lithium can deal with and which it can't, I don't know."
Because there is no patent on it, and thus no protected revenue stream.
In other words, not worth doing unless you possess a soul.
When I lived in San Jose, CA. as a kid, people (quite a few) were shooting at the helicopters that were spraying Malathion all over residential neighborhoods. It was an attempt to simply wipe out a Medfly infestation, yet people were willing to SHOOT at human occupied helicopters to keep them from spraying.
Never underestimate a patriot with a gun, even if they are misguided.
...but was curious what changes might have been made to ABP, I went exploring (I had NoScript installed for a very short time).
FAR more disturbing was all the stuff Microsoft injected (4 different plug-ins) when I opened the Netflix website. Two of them are simply labeled "Microsoft DRM" (like that's supposed to make warm and fuzzy inside) and the others are Silverlight and Dynamic Link Library.
How did all that get there without Firefox asking me about it? And more importantly, what EXACTLY do they do? Has anyone investigated what these plug-ins ACTUALLY do?
Anyone have any ideas, or am I reinstalling Firefox?
I'd rather continue to use IE7 to view Netflix and keep my Firefox clean/trustworthy then be able to view Netflix via Firefox.
All this is planned, thus the term PLANNED obsolescence. It has nothing to do with malice, but rather GREED.
Want another example?
Mercedes ML320. Mass Airflow Sensor. 90% failure rate at the shop I worked at in California, but not until the vehicle rolled over sufficient mileage to be out of warranty. At about 60k miles, 90% of them died. But the odd thing is I ONLY experienced this in California, not here in Washington State. After looking into it, seems the part number is different from one state to another(not surprising, due to the fact the emission controls are different), but here is the catch.
The failure in California turns on the check engine light which means you HAVE to have it fixed in order to pass an emissions test. $350 part that takes 2 mins to install. Dealer price for job? $700-$1000. No repair, no registration tags.
The cops can locate grow-ops FAR easier by tracking electrical usage and using infrared detectors(the heat detected is outside the house, so no warrant needed).
I think what you REALLY have is 1984 flying over your houses, and it ain't just looking for pot. It is CCTV flying around the place, nothing less. What ELSE might they be looking at?
Is that REALLY what you want your cops doing with your taxes?
Considering there is no human on board to generate a murder charge, that little fucker wouldn't last a minute over Los Angeles, but then again, we got guns.
Slashdot Mirror
The real question is whether or not an entire WOW guild can synchronize their shutdown times in order to actually complete a raid.
Call me when I don't have to use my hands.
Otherwise, just don't mess with the shortcuts/hotkeys and I'm happy. I don't really care what kind of interface is used once I have hotkeys mentalized.
Perhaps the developers should focus more on getting people to use hotkeys rather then focus on keeping "clickers" comfortable, especially in an OFFICE environment.
...I'll be needing an address to mail to, please.
Excellent suggestion.
Keep all my "Fix my friends nuked machine" tools on a Micro-SD. Beautiful.
Thanks.
Your pretty much nailed it.
What I found:
The infection was, indeed, hiding in the BIOS. This was a Dell Inspiron e1505/6400, a machine that has a REALLY simple BIOS re-flash process. You simply download a compressed .exe, run it, and your done. I suspect the virus writer simply used this same process, in some manner, to reflash with their own "custom" BIOS.
What it actually DID was what was interesting.
It ran four separate cmd.exe instances during the XP Install. As I was watching like a hawk, I closed them the moment they popped up preventing the code contained in the BIOS to run. I was able to get the OS working enough to reflash the BIOS. That stopped the XP install weirdness. But the fun wasn't over.
He also had COUNTERFEIT Dell restore discs. The discs that came with the PC when he got it had missing drivers, another virus and did weird stuff with some account settings. No idea how he got them, but they appeared to be genuine discs, possibly slipped in by a reseller?
Anyways, got all the right drivers, used my XP disc to do a repair on the OS, and all is well.
So, in essence, the virus used the reflash process Dell uses to install to the BIOS, then simply corrupted the install after every reformat.
There is however, still, an 8MB area of the disc that the reformat will not clear (listed by Dell as "system" space) and this is enough room to pretty much do the same thing. It just wasn't the case this time.
I can't wait until someone decides to challenge all this crap and puts some of these devices on patrol cars, or even the car of Madison Judge Paul Lundsten, and lets the cops decide how to respond (no, I'm not going to do it. The cops in my neck of the woods are pretty decent folk).
If a warrant is not needed, what is to stop ANYONE from doing this, and doing so LEGALLY?
What law might I be charged with if I were to put one on a patrol car? Why wouldn't that law apply to a cop doing the same thing?
Just because you have the word "Judge" before your name doesn't mean your not an idiot. This entire decision on the judges part completely muddies the water in terms of existing laws that were designed to prevent STALKERS from doing this.
A warrant is a surety that the tracking is being done for legitimate purposes. As it stands, what the cops are doing is NO different then what a stalker might do because there is no assurance of legitimacy.
Which version did you crack? The Windows version or the Linux version?
Oh, wait...
I was about to suggest he make sure it fulfills all the requirements of a coffin as well.
Like, maybe, a bell on a string to yank so you can let people know your still alive.
"That said, if I'm doing a PC repair for someone else, I'll get a USB external drive and pull the contents of My Documents off the HDD with the LiveCD before zapping everything. If it's my machine I'll zap everything and restore from backup..."
Interesting you say that. When I discovered all the above problems, I also noticed that the SP3 version of Windows RETROACTIVELY updates all copies of "Process Explorer" to the most recent version. I can only assume the instructions and data to do this are supplied by the OS, after all, Microsoft now owns controlling interest in Sysinternals.
When I plugged in my thumbdrive, Windows converted my Pre-Microsoft version of "ProcessExplorer" from 10.20 (The last version before MS got their hands on the company) to the 11.something version. No Autorun or Autoplay was involved. It simply over-wrote a file, without permission, on an EXTERNAL drive.
Considering how borked this guys HD was, It was a moot point as I reformatted the Thumbdrive as well after plugging into his machine. It felt "dirty" at that point, if for no other reason, Microsoft had infected it.
Actually, this was an XP Home SP3 install bundle from Dell. I think the disc is only SP2 though. I'll know when I filter the MS updates.
Precisely.
Faulty reformat was capitalized upon. And, yes, he DID use the Dell restore disc. The point is that the trojan AND the scam virus survived the reformat.
I am not sure how, nor have I claimed that, but all evidence on this laptop is pointing to another partition not being over-written.
My point is that this, and a thorough nuking of the users OS, makes it a requirement that the user re-enters all his personal information. That is the entire point here, specific to the article. It forced the user to enter information so the trojan can record it.
The first clue I had that something was running from another partition was that IExplorer was running in the background with NO GUI available. If I fired up IE manually, there were two instances of it, but only ONE GUI.
Not sure how root was maintained by the trojan, nor am I sure how, exactly, a partition was created, but I see the outcome. Two instances of IE with no control of/interface with one of them.
Funny thing is, the "Extortion/Spyware scam" appeared to piggy-back the trojan, as the scam was copied over, and still existed, after the reformat.
About to give it another scrubbing, so I will post further findings.
It is far worse.
A friend, just last night, showed me his highly-infected laptop (please, being serious here). Not only did he have one of those "Infect the "customer", then sell them a fake cure" scams, but he had what appeared to be an everyday Trojan, with one huge difference.
It had created a hidden partition (I deduced this from HD size discrepency between reported size and actual), copied over enough "Windows" to run as a separate OS, then nuked his normal partition OS. When he reformatted, he wasn't paying attention (didn't know any better) and didn't delete that partition. The trojan was essentially maintained, right through a reformat (albeit, an incomplete one). It was an easy mistake to make considering how many Dell/Compaq built machines come with a separate 10-20GB partition that isn't always deleted on reformat, and for that reason the numbers for HD partition space don't always add up.
Here is where the sneaky part comes in. They nuked his OS, right?
NOW, after he thinks everything is groovy, he starts reinstalling applications, re-entering information and passwords and re-bookmarking sites. All while the trojan watches.
THAT is what the "nuclear winter" is for in these cases, to lull the user into a false sense of security.
Or in the case of a Hummer, a garden hose.
This perhaps the single greatest opportunity ever to cross paths with Slashdot!
If we each pitch in a buck a piece...
Can you imagine the fun a few million /.ers can have with this stuff?
Projects/experiments can be decided democratically (!) via the moderating system and we can further fund the entire project from the click-throughs generated by poster signatures.
Mod up, please.
VERY good example, and right to the heart of the matter.
I do not recommend this for the "man on the street" journalist.
Aim that at a cop and your more then likely going to get shot.
Personally, I'll stick to cell phones.
The first person that manages to multi-box 5 iPhones running Shamans through arenas wins at WoW.
"but she believes that fines and a seizure of assets belong to the possibilities"
I think by "assets" they mean they hope to find logs of up-loaders.
From what I hear, each threatened lawsuit against up-loaders is worth about $3500 in the US, the average dollar amount that people have been "settling" for when threatened with a lawsuit. If the record companies/RIAA don't WANT to settle, then a HELL of a lot more.
Once again folks, it is all about money. And your letting YOUR governments be USED to make it happen.
"Why there haven't been studies using Lithium isotopes to trace the effects and identify the specific class(es) of condition(s) Lithium can deal with and which it can't, I don't know."
Because there is no patent on it, and thus no protected revenue stream.
In other words, not worth doing unless you possess a soul.
When I lived in San Jose, CA. as a kid, people (quite a few) were shooting at the helicopters that were spraying Malathion all over residential neighborhoods. It was an attempt to simply wipe out a Medfly infestation, yet people were willing to SHOOT at human occupied helicopters to keep them from spraying.
Never underestimate a patriot with a gun, even if they are misguided.
...for the self response.
I just did a little testing and determined that ONLY the Silverlight plugin is required to play Netflix videos.
The two DRM plugins and the Link Library were added for undetermined reasons.
Anyone?
...but was curious what changes might have been made to ABP, I went exploring (I had NoScript installed for a very short time).
FAR more disturbing was all the stuff Microsoft injected (4 different plug-ins) when I opened the Netflix website. Two of them are simply labeled "Microsoft DRM" (like that's supposed to make warm and fuzzy inside) and the others are Silverlight and Dynamic Link Library.
How did all that get there without Firefox asking me about it? And more importantly, what EXACTLY do they do? Has anyone investigated what these plug-ins ACTUALLY do?
Anyone have any ideas, or am I reinstalling Firefox?
I'd rather continue to use IE7 to view Netflix and keep my Firefox clean/trustworthy then be able to view Netflix via Firefox.
Never said a thing about malice.
All this is planned, thus the term PLANNED obsolescence. It has nothing to do with malice, but rather GREED.
Want another example?
Mercedes ML320. Mass Airflow Sensor. 90% failure rate at the shop I worked at in California, but not until the vehicle rolled over sufficient mileage to be out of warranty. At about 60k miles, 90% of them died. But the odd thing is I ONLY experienced this in California, not here in Washington State. After looking into it, seems the part number is different from one state to another(not surprising, due to the fact the emission controls are different), but here is the catch.
The failure in California turns on the check engine light which means you HAVE to have it fixed in order to pass an emissions test. $350 part that takes 2 mins to install. Dealer price for job? $700-$1000. No repair, no registration tags.
Do you REALLY believe this shit?
The cops can locate grow-ops FAR easier by tracking electrical usage and using infrared detectors(the heat detected is outside the house, so no warrant needed).
I think what you REALLY have is 1984 flying over your houses, and it ain't just looking for pot. It is CCTV flying around the place, nothing less. What ELSE might they be looking at?
Is that REALLY what you want your cops doing with your taxes?
Considering there is no human on board to generate a murder charge, that little fucker wouldn't last a minute over Los Angeles, but then again, we got guns.