I've seen to many programmers who get way over there head with Visual Basic and think they are ready to jump into more powerful programs.
I think I see a representation of what he was talking about a lot. Even here I see it in the responses. "I wanted to draw a circle on the screen. So I figured out how to do it in BASIC and I did." and they kept on with this attitude, never considering what the memory issues are and communication issues. So they right code on 16GB RAM with the RAID 0 15000 RPM SCSI with the latest 3.x CPU's and look like dear in headlights when they have their resulting code bomb on a 1.7 GHz processor with 2GB of ram.
I simplify, but from where I sit that's what it looks like to me.
Don't get me started on stuff I've seen come out of LabView. (You mean there's a limitation on a Southbridge?).
The next news story is a large group of people in Colorado are uncontrollably chasing cars. Didn't these stem cell researchers learn anything from Toyota?
We are pointing fingers at Chinese and Energizer for this.
What I want to know is where were our army of nerds that are supposedly looking for these types of trojans or viruses and why did it take 2.5 years to find out about it?
Surely some of the big companies selling us anti-virus and anti-trojans had some of there products on infected machines. Why weren't they able to catch on to this? I'd assume that some of them were using heuristic algorithms
What I would assume is that a lot of people saw the sign but didn't act on the problem (open 7777 ports)?
But it also may be that this trojan didn't effect that many computers and that is why it wasn't seen for a long time.
When someone complained about this software and reported as a possible trojan/virus this is the answer that was given in a "Windows User Group" in 2008
I found this DLL comes from Enegizer USB Charger: http://www.energizer.com/usbcharger/language/english/download.aspx
Aside from causing reported problems, this is not a trojan.
So really looking at it, I see it as a failure of our community.
Did snort ever detect an infected machine as having malicious activity?
Why didn't we catch this sooner and how many more like this are out there?
We have now given the recipe for having a non-detectable root-kit, use something that isn't going to be used by a lot of people and infected a small number of computers, use these as stations to infect others.
(No, I didn't read the article)
I wouldn't worry about it, politicians don't read the technical details of the laws they pass either.
Think of all those poor Brits who are going to be sued or imprisoned because they have a browser cache.
Yeah, I was thinking the same thing. Give it a proper send off like a lost brother of the "Banditos". Yes you increased my billable hours, but now I'm on salary, so hear is to you.
Re:Jeezus H. Christ INAL
on
Window Pain
·
· Score: 1
But that isn't the correct way to submit a copyright.
You could have at least spelled viscious correctly or did you mean a popup had a sticky, thick flow.
Jeezus H. Christ
on
Window Pain
·
· Score: 2, Funny
What the F#$%.
Are we practicing for April Fools. Is that it?
I mean I hate the way that with MS you have to press 2 buttons to shutdown your computer. You know I press shutdown and I it asks me if I want to Restart, or Shutdown. I mean really now, why can't I just press the button that says shutdown and the f$%^ing thing just shuts down.
Oh, sorry. Did I digress? Oh, excuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuussssssssssssssssssse me. Yeah, we got that viscous popup issue that everyone seems to have figured out the solution to, except "The Last Retard" (TLR @copyright JumpDrive). But I did happen to notice there were more than one of you, that had to jump into this, thinking this was an issue the cyber police should handle, you being one of it's elite members using IE and Norton.
I mean Jeeeesus H. Christ, WE ARE TECHNICAL GURUS, WE HAVE IMPORTANT SHIT TO DISCUSS. What would happen if we got distracted and missed an update on the latest splash screen changes on a linux distribution? And dam it man, there could be a game that is or isn't going to be produced? What if somebody had heard a rumor about "Duke Nukem Forever" coming out in 1Q of 2011? Holy shit, the force is definitely not with you.
I have to agree strongly with this last part. 'build a pilot operation at home'.
Back many years ago I worked for a company that was a Microsoft shop. We built networks, apps, websites all using MS products.
I started using linux at home and after a few months of working on it came in telling them that this linux stuff was really stable. The answer was always 'No, No , No We can only trust MS'. I'd go away and come back and tell them you know this MySQL stuff is fast, you know I mimicked that last app we had and I got twice as many transactions per minute vs SQL Server. 'No, No, No, we can only trust MS and Oracle'. I'd go away and come back and tell them you know this PHP and perl stuff works really well. I redid our latest app using PHP and perl and it works just fine, maybe we should take a look at this Apache on linux thing 'No, No, No we can only trust MS IIS '. So I went away.
Then one week a patch came out and screwed up a app that was written in VB. Then the following week we were hit with a storm of viruses. Then we had to pull developers off of projects to help the guys who did maintenance. Then there was the realization that network admin and developers have a completely different skill set. But this went on patches breaking things and worms and viruses. After about 2 months of this everyone was tired and I was being asked about this linux stuff and open source solutions.
After 3 months of testing and a lot of hard work, we had moved all new development over to linux and all of our codebase was being tested on ASP on linux. First the IIS servers went , then the SQL Server, then the PDC servers and we became a linux house. We lost some people who just couldn't do without their MS shiny baubles and always wanted to return to those days. Including my boss. Guess who became the head of IT. Yep, and don't think I don't know that there are technicians who go home and practice with their AD server every night. (I've been known to do that also). But in these last few years we have sales people call trying to sell us stuff and they are always incredulous that we have no MS Servers. I keep waiting for the day when a sales rep won't be shocked to find that out.
But anyway you have to work with the internals to learn it. Just to give you an idea, I don't hire people because they have updated there home desktop to the latest version of Ubuntu or Fedora for the last 2 years. Red Hat or Canonical may hire you, but good luck with that.
The main reason I don't buy an eReader is a cost vs functionality. Most of the books I read, can be obtained in pdf format. So buying a computer with ability to read pdf format is more cost effective. Now if the functionality were to be increased so that I could take a pdf document and bookmark pages, scribble notes on it and such I would be happier with an eReader. There are some versions of eReaders which have this functionality, but in some cases I've heard you can lose this information. Maybe they should be thinking about eBooks being a lot cheaper or how about transitional marketing. Something where if you buy the hard copy you can obtain the electronic copy for free. Then I could better determine whether it's right for me. But then we are back to the entry level cost and the difference in cost between an eBook vs paper. Some of the books I have seen are advertised as $47 for paper and $44 for the electronic copy. So where do I come out ahead, yeah if most of my reading was fiction then it would be okay, but 90% of my reading is technical.
While watching parts of this it became obvious that this was a scripted show and had no basis in reality. They had certain talking points that they wanted to get out and test on the American public, this was the show in which they set it up to do it. It was unbelievably stupid and showed incompetence of a highest order.
Obama should address this scenario and flat out bitch slap them for using this FUD to float trial balloons to further erode our constitution.
Well for one the VP of Technology in our Company.
But I think it is more a personality issue with him. Basically you can tell him he shouldn't do something for any number of reasons. He will spend days trying to figure out why he has to do something exactly the way you asked him not to it. I just cringed when someone told him he couldn't use Adobe Reader on his MacBook. Sure enough a week later it was installed.
My high school physics teacher 20 years ago pointed out this negligence on the part of the committee that the people actually recommending the books did not have to have a background in natural sciences. Not one person back then had a degree in physics or hard sciences. Later when I was in college a friend got me involved in working on some of the curriculum aspects of Texas education in physics. One request was to review a proposed competency test for physics to be used in Texas High Schools. I looked at the exam and couldn't answer half the questions.. Most of the questions appeared to be taken from a some kind of test for a master electrician and involved reading some complex circuit diagrams for a building or house. It looked like someone wanted to revamp AP physics and replace it with a Vocational Electricians school.
So basically this is nothing new to the Texas school system. It's just amazing that there are a number of people who actually do succeed at getting a good education in the Texas Public School System. A lot of this has to do with renegade teachers who throw the text books out and basically teach from the chalk board.
hopefully your question won't get washed out in the noise here on/. , because this is what I wanted to know. Because it really seems kind of silly that everybody would have to create this application.
I'm talking between 1 and 500 users. Anything over 30 users becomes a nightmare to Administer without network control. A large number of these companies work on government contracts requiring a certain level of monitored security.
We currently have over 30 employees and have a computer to user ratio of almost 4 to 1. Most of our employees will be using 5 to 10 client computers a day and connected to 3 or more file servers. It is much easier to maintain and monitor user access if this is being done on a centralized server.
Slashdot Mirror
I've seen to many programmers who get way over there head with Visual Basic and think they are ready to jump into more powerful programs.
I think I see a representation of what he was talking about a lot. Even here I see it in the responses. "I wanted to draw a circle on the screen. So I figured out how to do it in BASIC and I did." and they kept on with this attitude, never considering what the memory issues are and communication issues. So they right code on 16GB RAM with the RAID 0 15000 RPM SCSI with the latest 3.x CPU's and look like dear in headlights when they have their resulting code bomb on a 1.7 GHz processor with 2GB of ram.
I simplify, but from where I sit that's what it looks like to me.
Don't get me started on stuff I've seen come out of LabView. (You mean there's a limitation on a Southbridge?).
Ahh, saw where I looked at the wrong graph, but I still think they have the hours wrong and there's a whole population of people I don't know about.
I still think they amplified the results.
I think they did this poll outside a gamestop.
Really, you actually believe 72% of people over 50 play MMO games.
Geez, you think that maybe someone at gameindustry.com may have an incentive to exaggerate the numbers, just maybe
The next news story is a large group of people in Colorado are uncontrollably chasing cars. Didn't these stem cell researchers learn anything from Toyota?
We are pointing fingers at Chinese and Energizer for this.
What I want to know is where were our army of nerds that are supposedly looking for these types of trojans or viruses and why did it take 2.5 years to find out about it?
Surely some of the big companies selling us anti-virus and anti-trojans had some of there products on infected machines. Why weren't they able to catch on to this? I'd assume that some of them were using heuristic algorithms
What I would assume is that a lot of people saw the sign but didn't act on the problem (open 7777 ports)?
But it also may be that this trojan didn't effect that many computers and that is why it wasn't seen for a long time.
When someone complained about this software and reported as a possible trojan/virus this is the answer that was given in a "Windows User Group" in 2008
I found this DLL comes from Enegizer USB Charger: http://www.energizer.com/usbcharger/language/english/download.aspx
Aside from causing reported problems, this is not a trojan.
So really looking at it, I see it as a failure of our community.
Did snort ever detect an infected machine as having malicious activity?
Why didn't we catch this sooner and how many more like this are out there?
We have now given the recipe for having a non-detectable root-kit, use something that isn't going to be used by a lot of people and infected a small number of computers, use these as stations to infect others.
Is he sure that was MARS Express and not his next door neighbors high speed power drill?
Are we sure he did an off axis test? ( I saw that in a movie once)
(No, I didn't read the article)
I wouldn't worry about it, politicians don't read the technical details of the laws they pass either.
Think of all those poor Brits who are going to be sued or imprisoned because they have a browser cache.
dang, that really takes the fun out of it.
so here is to you,
Yeah, I was thinking the same thing. Give it a proper send off like a lost brother of the "Banditos". Yes you increased my billable hours, but now I'm on salary, so hear is to you.
But that isn't the correct way to submit a copyright.
did you mean you are grammar? hahaha
Oh yeah , you're grammar is atrocious.
You could have at least spelled viscious correctly or did you mean a popup had a sticky, thick flow.
What the F#$% .
Are we practicing for April Fools. Is that it?
I mean I hate the way that with MS you have to press 2 buttons to shutdown your computer. You know I press shutdown and I it asks me if I want to Restart, or Shutdown. I mean really now, why can't I just press the button that says shutdown and the f$%^ing thing just shuts down.
Oh, sorry. Did I digress? Oh, excuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuussssssssssssssssssse me. Yeah, we got that viscous popup issue that everyone seems to have figured out the solution to, except "The Last Retard" (TLR @copyright JumpDrive). But I did happen to notice there were more than one of you, that had to jump into this, thinking this was an issue the cyber police should handle, you being one of it's elite members using IE and Norton.
I mean Jeeeesus H. Christ, WE ARE TECHNICAL GURUS, WE HAVE IMPORTANT SHIT TO DISCUSS. What would happen if we got distracted and missed an update on the latest splash screen changes on a linux distribution? And dam it man, there could be a game that is or isn't going to be produced? What if somebody had heard a rumor about "Duke Nukem Forever" coming out in 1Q of 2011? Holy shit, the force is definitely not with you.
I have to agree strongly with this last part. 'build a pilot operation at home'.
Back many years ago I worked for a company that was a Microsoft shop. We built networks, apps, websites all using MS products.
I started using linux at home and after a few months of working on it came in telling them that this linux stuff was really stable. The answer was always 'No, No , No We can only trust MS'. I'd go away and come back and tell them you know this MySQL stuff is fast, you know I mimicked that last app we had and I got twice as many transactions per minute vs SQL Server. 'No, No, No, we can only trust MS and Oracle'. I'd go away and come back and tell them you know this PHP and perl stuff works really well. I redid our latest app using PHP and perl and it works just fine, maybe we should take a look at this Apache on linux thing 'No, No, No we can only trust MS IIS '. So I went away.
Then one week a patch came out and screwed up a app that was written in VB. Then the following week we were hit with a storm of viruses. Then we had to pull developers off of projects to help the guys who did maintenance. Then there was the realization that network admin and developers have a completely different skill set. But this went on patches breaking things and worms and viruses. After about 2 months of this everyone was tired and I was being asked about this linux stuff and open source solutions.
After 3 months of testing and a lot of hard work, we had moved all new development over to linux and all of our codebase was being tested on ASP on linux. First the IIS servers went , then the SQL Server, then the PDC servers and we became a linux house. We lost some people who just couldn't do without their MS shiny baubles and always wanted to return to those days. Including my boss. Guess who became the head of IT. Yep, and don't think I don't know that there are technicians who go home and practice with their AD server every night. (I've been known to do that also). But in these last few years we have sales people call trying to sell us stuff and they are always incredulous that we have no MS Servers. I keep waiting for the day when a sales rep won't be shocked to find that out.
But anyway you have to work with the internals to learn it. Just to give you an idea, I don't hire people because they have updated there home desktop to the latest version of Ubuntu or Fedora for the last 2 years. Red Hat or Canonical may hire you, but good luck with that.
The main reason I don't buy an eReader is a cost vs functionality. Most of the books I read, can be obtained in pdf format. So buying a computer with ability to read pdf format is more cost effective. Now if the functionality were to be increased so that I could take a pdf document and bookmark pages, scribble notes on it and such I would be happier with an eReader. There are some versions of eReaders which have this functionality, but in some cases I've heard you can lose this information. Maybe they should be thinking about eBooks being a lot cheaper or how about transitional marketing. Something where if you buy the hard copy you can obtain the electronic copy for free. Then I could better determine whether it's right for me. But then we are back to the entry level cost and the difference in cost between an eBook vs paper. Some of the books I have seen are advertised as $47 for paper and $44 for the electronic copy. So where do I come out ahead, yeah if most of my reading was fiction then it would be okay, but 90% of my reading is technical.
Yes, you must realize that stupid people need jobs also.
With Intellectual in the title. That should be enough to tell you that they have no intelligence whatsoever.
While watching parts of this it became obvious that this was a scripted show and had no basis in reality. They had certain talking points that they wanted to get out and test on the American public, this was the show in which they set it up to do it. It was unbelievably stupid and showed incompetence of a highest order.
Obama should address this scenario and flat out bitch slap them for using this FUD to float trial balloons to further erode our constitution.
Well for one the VP of Technology in our Company.
But I think it is more a personality issue with him. Basically you can tell him he shouldn't do something for any number of reasons. He will spend days trying to figure out why he has to do something exactly the way you asked him not to it.
I just cringed when someone told him he couldn't use Adobe Reader on his MacBook. Sure enough a week later it was installed.
My high school physics teacher 20 years ago pointed out this negligence on the part of the committee that the people actually recommending the books did not have to have a background in natural sciences. Not one person back then had a degree in physics or hard sciences. Later when I was in college a friend got me involved in working on some of the curriculum aspects of Texas education in physics. One request was to review a proposed competency test for physics to be used in Texas High Schools. I looked at the exam and couldn't answer half the questions.. Most of the questions appeared to be taken from a some kind of test for a master electrician and involved reading some complex circuit diagrams for a building or house. It looked like someone wanted to revamp AP physics and replace it with a Vocational Electricians school.
So basically this is nothing new to the Texas school system. It's just amazing that there are a number of people who actually do succeed at getting a good education in the Texas Public School System. A lot of this has to do with renegade teachers who throw the text books out and basically teach from the chalk board.
hopefully your question won't get washed out in the noise here on /. , because this is what I wanted to know. Because it really seems kind of silly that everybody would have to create this application.
Can you give us a little more information on how you discovered these rootkits?
I'm talking between 1 and 500 users. Anything over 30 users becomes a nightmare to Administer without network control.
A large number of these companies work on government contracts requiring a certain level of monitored security.
We currently have over 30 employees and have a computer to user ratio of almost 4 to 1. Most of our employees will be using 5 to 10 client computers a day and connected to 3 or more file servers. It is much easier to maintain and monitor user access if this is being done on a centralized server.