Slashdot Mirror


User: Reziac

Reziac's activity in the archive.

Stories
0
Comments
15,747
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 15,747

  1. Re:How would this affect EFI-based computers... on Boot Sector Viruses & Rootkits Poised For Comeback · · Score: 1

    It doesn't matter. All a BSV or rootkit needs is a small amount of hidden free space -- on the HD (isn't EFI essentially BIOS-type code but located on the HD?) or as others have pointed out, in any system ROM, such as the BIOS on your video card.

    Considering that some video cards and most HDs can be used in either PC or Mac... a smart virus need only check which type of system it's in, and configure itself accordingly.

    I foresee a return to jumper-based write-protection for system ROMs. (A flag in software can be flipped as easily by a virus as by yourself in setup.)

  2. Re:Even worse threats on the horizon... on Boot Sector Viruses & Rootkits Poised For Comeback · · Score: 1

    And even simpler, the hidden "recovery partitions" that are now so common on OEM machines. (Or the 7mb hidden partition that Partition Magic creates on every HD that isn't set up with an active partition.)

    Point being, free space is free space, and there is always some way INTO that free space.

    I imagine some protection might be achieved for a BIOS by filling the leftover space with spurious data, but it only takes one clever virus writer to figure out how to delete the junk data...

    As to write-protection, if that's just a flag in the BIOS, which is set by code in said BIOS, don't you think that flag can be flipped by a virus just as easily? So the only reliable write-protection would be via jumper.

    Also see above where I mutter about how to reliably detect a BSV, you MUST boot from an external OS, not from the compromised system itself. BUT... if a virus takes up residence in the system BIOS, the external boot is defeated, because the system is already compromised by the time it finishes POST, before any OS loads from ANY source. I don't see any good way around that, other than flashing the BIOS (and gods help you if the virus sets the BIOS to read-only).

    Great, now I've got to add another layer to my tinfoil hat, and it's all your fault. :)

  3. The same reasons it worked in the DOS era on Boot Sector Viruses & Rootkits Poised For Comeback · · Score: 1

    I predicted a comeback of the BSV (boot sector virus) immediately following the end of the DOS-based antivirus apps that could run from a floppy boot, and here we are today... as to WHY:

    1) Wonderful place to hide your spyware. The MBR space is about 5k. Of this only about 500 bytes is typically in use; the remainder is large enough to host compact spyware with its own SMTP server (there are already malwares out there with these functions packed into only 3k of code).

    2) Blackmail. Encrypting BSVs were at one time a serious issue. They'd encrypt your HD, and if you removed the BSV your data was toast. If you didn't remove the BSV, it infected every writeable media or networked machine that your machine touched. If you wanted your data back AND the virus removed, you had to pay the BSV's owners. I see no reason why this scam can't make a comeback. Imagine it hitting a bank or credit card company!!

    3) Immunity from antivirus scanners. Once an OS -- and it doesn't matter what OS it is -- is loaded from the hard disk, it's too late to detect the BSV. It does you no good to install your AV into Windows or Linux of an already-compromised machine; you HAVE to boot from an OS that is independent of the machine itself.

    Once the machine POSTs, the BSV can hide itself from the OS that loads from the hard disk. So to reliably detect a BSV, the OS *must* be on removeable media, and the simplest way to do that is the DOS floppy boot. (Not every machine will reliably boot from a CD, even today.) Once you've booted into DOS, or DamnSmallLinux, or what-have-you that runs from a WRITE-PROTECTED floppy or CDROM, then you can run your AV app from another floppy or CDROM, and reliably detect the BSV. Remember that a BSV and a rootkit are *functionally* the same thing.

    The only reason BSVs fell out of favour is because trading floppies (the old-fashioned way to get a BSV) went out of fashion. People began trading internet stuff instead, so that's where the virus writers went. Now that a significant percentage of internet users are protected from email and drive-by-download viruses, and since antivirus apps that protect against such have become routine (often at the server, so the user's ignorance was not an issue), it was time to go back to a less-easily-detected type of virus.

    The modern BSV/rootkit has all the advantages: the stealth of an old-fashioned DOS-era BSV, and the massive distribution potential of the internet. Either way, BSVs win.

    Antivirus companies, I plead with you -- make a floppy-bootable or at least CD-bootable version of your AV app available, so we can scan for and clean these otherwise largely-invulnerable modern BSVs. Detection and cleaning CANNOT be *reliably* accomplished by booting from the compromised system, no matter HOW good your AV app is otherwise.

  4. Re:Has "succeed" written all over it on How Microsoft Plans To Get Its Groove Back With Win7 · · Score: 4, Insightful

    Apparently you didn't RTFA in its entirety. How does M$ plan to handle the backward-compatibility issue? by including a Virtual Machine to run all your legacy apps... exactly what Apple did with "Classic" for OSX.

    This is exactly what I've been suggesting for some time now -- a modular version of Windows (consisting of core OS, drivers, networking, and a basic browser suitable for downloading a better browser with) where I can install as much or as little of it as I wish, and a VM to run my old shit that won't work with this new modular Windows.

    Also, it's a great razor-and-blades marketing opportunity for M$: make the core OS cheap or even free, and charge for various levels of "Plus Packs" suitable for people who WANT a monolithic software experience.

    The big OEMs can make hay from that too -- basic machines with the core OS only would be cheap, while "complete solutions" (with all the Plus Packs) would be proportionally more expensive. And I'm sure the OEMs could make a good enough deal with M$ for bulk licenses that they could make a hefty profit -- exactly as they do now with preinstalled software.

    If M$ were to include VMs for both WinXP and Win98-atop-DOS, everything would be covered, including old games (maybe even DOS games!), old apps, old installers, old drivers...

    Also, there is some security imposed by running potentially vulnerable OSs/apps in a VM, if only because it's harder for malware to reach. A few malicious apps can "jump across" into a VM, but most can't.

    Also, at a guess the new core OS will be more UNIX-like or even *NIX-based, which ought to make y'all happy.... after all hasn't "*NIX is better" been the mantra around here since forever??

  5. Re:That's outrageous on Administration Claimed Immunity To 4th Amendment · · Score: 1

    Our gov't has become a paranoid schizophrenic :( And true to that, it's not happy unless everyone else buys into its twisted worldview, AND considers everyone ELSE to be the nutcases.

    Seriously, if you look at the list of symptoms for the various paranoia and schizoid-family disorders, doesn't it sound like our gov't today?!

    How's the rephrased old saw go? "Nowadays misery doesn't just love company; it *insists* on it."

    I don't know what to do about it either. Neither major party remembers (let alone respects) We The People, and the minor parties tend to be populated with nutjobs that prevent any worthwhile message from being heard. -- I actually tend to vote for as little "change" as possible, since wrt gov't, as a rule stasis is better than change -- being that change usually is for the worse.

    I *have* reached the conclusion that after a certain point (too many people, and not enough universal education) democracy simply doesn't work, as it becomes mob rule, which is to say, rule by whoever can make the mobs run in their desired direction. Maybe we'd be better off with a modified feudal system, where officials at every level are not only *directly* responsible to those above them, but also are NOT rewarded unless those under them (ie. We The People) are doing well. And if you abuse your position, you get unelected by torch and pitchfork.

  6. Re:No its the document that allows them to govern on Administration Claimed Immunity To 4th Amendment · · Score: 1

    I don't know, but they are interesting in principle.. Is there a Constitutional scholar in the house??

  7. Re:No its the document that allows them to govern on Administration Claimed Immunity To 4th Amendment · · Score: 1

    The Articles of Confederation

    Agreed to by Congress November 15, 1777; ratified and in force, March 1, 1781

    Article II. Each state retains its sovereignty, freedom, and independence, and every power, jurisdiction, and right, which is not by this Confederation expressly delegated to the United States, in Congress assembled.

  8. Re:Police State on Administration Claimed Immunity To 4th Amendment · · Score: 1

    And I'm glad you did. Archived for use in future discussions!!

  9. Re:Police State on Administration Claimed Immunity To 4th Amendment · · Score: 1

    "I ask, Sir, what is the militia? It is the whole people. To disarm the people is the best and most effectual way to enslave them." George Mason, Co-author of the Second Amendment, during Virginia's Convention to Ratify the Constitution, 1788
    ==========

    Kinda puts an end to the debate over who the 2nd Amendment applies to and what constitutes a "militia", don't it??

  10. Re:Well, this is an issue... on Administration Claimed Immunity To 4th Amendment · · Score: 1

    In fact, it's being interpreted more and more like the old Soviet jape: "All things not compulsory are forbidden."

    BTW your sig gets cut off... but I'd rephrase it further: "Oh, so you think you're a terrorist? Try it, punk."

  11. MOD PARENT UP on Administration Claimed Immunity To 4th Amendment · · Score: 1

    This is much what I was getting at when up above I said that it's not that our leaders are power-mad dictators, but rather that they're behaving like paranoids, and the only way a paranoid can control his fear is by controlling everything (and everyone) around him.

  12. Re:That's outrageous on Administration Claimed Immunity To 4th Amendment · · Score: 1

    Power-hungry? Not as the goal in and of itself. But remember that paranoia leads to control-freakery, because only if you control everything can you control your own fear.

    Hence I DO think our gov't, at all the higher levels, has bought into its own "OMG FEAR OF TERRORISTS" crap, and they only way they can feel secure is if everyone else is as afraid of "terrorists" as they claim to be. And the only way everyone else will be that afraid is if our gov't makes us be that afraid.

    (Okay, this is probably overstated, but I think it's a component that needs to be looked at, rather than just dissing 'em all as power-mad dictators.)

  13. Re:Well duh on Feds Overstate Software Piracy's Link To Terrorism · · Score: 1

    "I hate the anxiety culture horseshit that the media's forcing on us. Kids need to grow up. Getting hurt and making mistakes is a part of that."

    Exactly! Kids fall off bicycles and out of trees, and next time they're more careful, or learn to ride or climb better. They burn their fingers and learn that stoves can be hot, but they still learn to cook. They flunk a test and figure out that maybe next time they'd better study instead of goofing off. They learn to be *responsible*. Not all at once, but as *THE* fundamental process of growing up.

    And if they become responsible adults, they also learn that not everything is directed at [insert bogeyman here]. Every time you fall off your bike isn't a conspiracy by street maintenance. Every time you fail to sell your product isn't due to someone else robbing you. Every time some lunatic commits an atrocity isn't a sign that we should all hide in our basements and let the nanny gov't take care of us.

    As I write this, it occurs to me that if our nanny state hadn't taken all the self-responsibility out of growing up, we wouldn't even THINK in terms of "terrorists". We'd just kick the ass of whoever tried it, and that would be the end of the matter. Cowering behind the terrorism bogeyman is, in that way, a national failure to grow up and gain personal responsibility.

  14. Re:Well duh on Feds Overstate Software Piracy's Link To Terrorism · · Score: 1

    Just as I suspected :(

    The Wikipedia article further says,
    =========
    This tactic is used when the matter in question is either uncontroversial or paradoxically when the matter at hand is quite controversial and participants wish to enjoy "political cover."
    =========

    Suspicious minds think alike :/~

  15. Re:Well duh on Feds Overstate Software Piracy's Link To Terrorism · · Score: 1

    Exactly so. There is no excuse for criminalizing a whole generation over what should remain a civil offense. But copyright law has swung so far in favour of the big content owners, there's absolutely no balance anymore, and laws like this proposal just go to demonstrate that. If you're REALLY "thinking of the children" (an evil phrase, but...) you should think of how ordinary kids will be deemed criminals for ordinary kid activities, and how it will affect their lives in the long term.

    Upon reading your comment and refitting my tinfoil hat, I had this further thought:

    When prisons are privately-run, for-profit entities, you've gotta wonder about the incentives and perhaps the lobbying behind bills that increase the numbers of nonviolent, relatively easy-to-maintain prisoners (who've got to be higher profit than difficult, violent prisoners, plus there are a lot more nonviolent offenders available!) Prison lobbies may be a small thing compared to RIAA lobbies, but Congress listens to volume, and two thriving industries make that much more noise than one thriving industry.

  16. Re:Wait, excuse moi? on Feds Overstate Software Piracy's Link To Terrorism · · Score: 1

    Exactly my (sarcastic) point a couple posts upstream. It's all phantom money until someone actually BUYS something.

    WordPerfect Corp did it right, back when -- they even provided free tech support to pirated copies, under the theory that if you're using WP you're NOT using something else, and when you DO buy, you'll go with the product you know and that has made you feel loved. They didn't call it losses; they called it free samples. And it worked -- everyone I knew who had an illicit copy of 5.1 BOUGHT 6.x. Funny thing, WP didn't start *seriously* losing marketshare until they halted that support policy, thus removing pirates' incentive to stick with WP when they upgraded.

  17. Re:Well duh on Feds Overstate Software Piracy's Link To Terrorism · · Score: 1

    [laughing] Yeah... I like children, but I can't eat a whole one!

  18. Re:Well duh on Feds Overstate Software Piracy's Link To Terrorism · · Score: 1

    So I did remember correctly, lo these many decades later :)

    Do voice votes require any sort of record of who voted which way? if not, they're just a way of ducking accountability. "Oh no, I wasn't in the group shouting against your rights!" Well, prove it!

  19. Re:Well duh on Feds Overstate Software Piracy's Link To Terrorism · · Score: 1

    I don't think there IS a way to "finish what we started" in Iraq. Guerilla wars, in terrain that's impossible to take and hold, have that problem -- there's not a defined enemy to fight or a defined line of battle, and you wind up taking the same ground over and over with no way to hold it. The conflict just sortof goes on forever with no end in sight, and meanwhile things get worse for the citizens instead of better, and they come to hate you more than they do their former oppressors.

    We SHOULD have learned that from VietNam. We SHOULD have learned that from the USSR's equally failed campaign in Afghanistan.

    Yes, you have to support your troops in the field no matter what. But if Congress had any balls, they'd have funded a withdrawal, not an escalation.

    And as to the factions in Iraq, sometimes you CAN'T impose a solution. Sometimes they just have to fight it out for themselves, and if you impose peace, the moment your back is turned the combatants go at it with greater zeal than before (post-Communist Yugoslavia is a good example of that!)

    "Democracy imposed from without is the severest form of tyranny." -- Lloyd Biggle Jr.

  20. Re:Wait, excuse moi? on Feds Overstate Software Piracy's Link To Terrorism · · Score: 1

    There, ya see? We consumers could make equally good use of these phantom billions -- why waste them on terrorists? Or for that matter, on software. ;)

  21. Re:Wait, excuse moi? on Feds Overstate Software Piracy's Link To Terrorism · · Score: 1

    A trivial point. After all, the billions and billions that the software industry "loses" due to piracy have to go *somewhere* -- and terrorists can make as good of use of this phantom money as anyone else!!

  22. Re:sneak-and-peek on Feds Overstate Software Piracy's Link To Terrorism · · Score: 1

    Thank the war on drugs; it's spawned no end of such highly questionable and outright unconstitutional procedures.

    Animal Control also uses it -- there's a case going on in Littleton CO right now where the upshot is that the guy's house is being condemned for minor code violations, secondary to his being over the limit for numbers of dogs (show dogs, not a collection of mutts). Due to new statutes on animal care in the SFBay area (the city now dictates what are "approved" diets and bedding, I shit you not) that area is at specific risk, since anyone can report you for "abuse", leading to a visit from not just animal control, but also the police. And do you think they'll go away empty-handed once they're in the door??

  23. Re:Well duh on Feds Overstate Software Piracy's Link To Terrorism · · Score: 4, Insightful

    Yeah... it's all "Think of the Children!" and "Prevent Terrorism!" Why aren't you supporting this bill? You must hate children and support terrorism!!

    So long as politicians can be un-elected by such accusations, the problem will continue. :(

    Maybe we need a new slogan:

    Won't anyone think of the Citizens??!

  24. Re:Oh, the irony! on Feds Overstate Software Piracy's Link To Terrorism · · Score: 1

    "Tech Museum of Innovation".

    Isn't a museum somewhere that you preserve samples of stuff that no longer exists in the world at large??

  25. Re:Tired of all this 'terrorism' rhetoric. on Feds Overstate Software Piracy's Link To Terrorism · · Score: 2, Informative

    Well, dunno about you, but MY purchasing power has plummeted in the past few months like I've never seen before, and I struggled my small business through the Carter years, so I'm not new at this. In just the past year my costs have gone up 40% while my sales have dropped to 1/5th of normal -- and in total effect, this *functionally* differs not at all from the dollar being worth only half what it was a year ago.