It would definately be possible in Linux, with the wrong security permissions, or by surfing as root. That being said, I certainly don't know of any current distributions that run as root by default. Windows basically does this when you set it up with no login, or you end-up running a piece of software that requires admin access because it was coded poorly. That last bit hasn't crept its way into *nix apps as of yet, and hopefully the design makes it more desirable to keep the current paradigm.
Of course I remember a time when most services ran as root before the "nobody" (or is it noone?)user was introduced in the late 90s.
I submitted a story that got rejected regarding this type of "rootkit." Somehow (my girlfriend's daughter uses this system in a reletively locked-down mode) I got something installed on my system that slipped past the Spybot S&D, MS AntiSpyware, AVG antivirus, and ewido.
It was a total b*tch just to find. The thing would build its directory/itself on shutdown (it seemed) and load then delete any trace of itself at startup, even in Safe Mode. It hid itself from Windows Task Manager and every other scan a could run. I ran some Sysinternals apps such as RootkitRevealer and Autoruns, and showed nothing over and above anything I could account for. Suspecting it was a rootkit anyway, I found some good apps such as Process Guard, and F-Secure's Blacklight(stand-alone executable, pretty nice), and a CLI app called RkDetector. Once I had ran PG I could see what was happenning to my poor little PC. Explorer launches a program called ddrssapi.exe from System32, then would go onto to launch mchshisn.exe every 3 seconds or so. At one point Process Guard counted mchshisn.exe loading over 350 times before grinding to a crashing halt!
Googling ddrssapi.exe or mchshisn.exe yields no hits (or at least didn't, now it'll probably link to this thread), so I renamed the former (because I knew where it was). I was hoping that was the app that created the directory at startup so I rebooted to see if things calmed down.
Process Guard makes no mention of ddrssapi, but is still continuously launching mchshisn, and I notice that it says it's launching from Program Files/Weslorer... Takes about 4 minutes to bring the box down to it's knees, but that gave me enough time to realize that I could do nothing to find this mysterious directory (Weslorer).
I boot into Knoppix 4.0 and low and behold there is PF/Weslorer. Unfortunately for me, Knoppix didn't want to play nice with NTFS, so I couldn't delete the dir. Then I remembered that I had build the Windows Ultimate Boot Disk based on BartPE a few weeks ago. Booted into it and removed the Weslorer (which also shows no google hits) directory and ran a Spybot S&D scan for good measure. I rebooted into my XP install and all was well. No more popups (which caused the autopsy in the first place), no more stray process launching hundreds of times. Just a new systray icon for Process Guard. That things going onto every removable media I have.
I know I still don't really know how it got in and what process it was using to launch itself initially, and that bothers me; but I do not have any symtoms and will have to live with the thought that I got pwned.
These days I'm not sure which comes in first more often. Fark often has Slashdot submissions, and they are clearly marked so. Lately it seems that lots of stories/links are showing up on Fark first! Since both sites are basically the same functionally, with a comedy vs. geek thing, I'm not sure it even matters. Just something that I was going to write a joke about until I realized I'm not funny (check my last link for example).
Anyway, when I first saw this on Fark I was hoping to get more of a The Serpent and the Rainbow breakdown of the drugs/herbs/poisons involved in the Haitian voodoo practices. Then I realized pretty much everyone is going for the whole Halloween thing now and ditching "real" articles.
Oh well, time to hit the bottle.
I have two mod points left. God I want to mod you down.
Not because of anything you said, mind you.
Simply because I've never modded a 3-digit UID!
I know, it's sick.
So I decided to write this just to remove the temptation.
That's great, and it works; but I can't seem to be able to do anything useful with it, and can't find any documentation regarding the vmware image on the site. How do I install "links" from the site when wget isn't installed, for example? Any clues from the clueful?
I agree that this is just FF with a skin and some plugins.
If they really want to be a "social" browser, why'd they overlook BitTorrent?
Is this a group that can only make skins? I know there isn't (that I've found) a FF plugin for BT, but would it really be hard for a group that supposes to make a better browser?
Sheesh, how stupid. You measure the stability of your economy by the fact that none of your friends has a financial problem? Have you heard of this thing called a "budget deficit"?
Sheesh, how stupid. You measure the stability of your argument by the fact that none of your friends has a sense of humor? Have you ever heard of this thing called "sarcasm"?
I wonder what the possibilities would be for starting a Steam-like service, but instead of peddling one's own games, instead distributing inexpensive indie games in exchange for a percentage?
I pointed this out elsewhere in the thread, but Steam already does this. Rag Doll Kung Fu just came out, only through Steam. RDKF is an awesome time killer.
Disclosure: I have nothing to do with said game in any way, just really, really impressed.
On October 12th, Rag Doll Kung Fu came out. You know how I know that? They advertised on the Steam network. I spent about 3 hours reading about and watching videos of this very unique game. Then I Pre-Loaded it for a $2 discount on this $14 dollar game. It is awesome. It was developed by one individual (the cut scenes are a rather funny, extremely low-budget kung fu movie he had made with some friends that kicked-started the project).
My point being: Steam let me know about, purchase, and then distributed this great little game that I'm sure will go far. Check it out. This is the future of indie development.
It wouldn't have made sence in the same context he was using it.
If he had said: Only a handful of people wanted to legalize abortions?
Well, if you don't count all the babies.
Dunno but their Start page is quite cool, something like Netvibes but (IMHO) better.
That looks very similar to google.com/ig
However IIRC start.com was around first. Hmm. Was MSFT the "innovator" here?
Nah! Couldn't be!
I don't think this is plausible. I know it's not the same thing as Divx, but it seems to smack of it.
I don't think the consumers are going to go for it. Not to mention the waste it could create.
Maybe I should've put this under my -1 redundant post.
Maybe we'll all get one.
Maybe I'll get -1:Troll
Maybe the bad mods have won
Is that OK? Rhyming one with won? Reminds me of the Pin Pals episode.
(throwing in an obscure Simpsons episode should win-over the mods)
I'm fiending for some attention. Please. Please look at me!
I'm always moderating, never moderated.
Maybe I'm just not hip enough.
Maybe I should just stick to Fark.
Maybe Taco should make me an editor.
Maybe I jumped the shark!
I must've missed the part in the article that was something other than PR. A little light on details; but this is only about getting certified under a certain configuration. I doubt RH will ship Enterprise with this config as the default as it is a bit less than user/admin friendly.
Having said that: Good for them.
I cannot be assed to provide examples, but it's easy for everybody taking having have a clue.
I've never been a grammar nazi; but this befuddles me. I dare say I'm mezmerized even!
To clarify: Samsung has developed a process to create 16Gigabit(2GB) chips that when set in a 8(chips)X16(Gigabit) configuration yields a 16GB flash drive. The 16(chip)X16(Gigabit) configuration yields 32GB flash drives.
Slashdot Mirror
It would definately be possible in Linux, with the wrong security permissions, or by surfing as root. That being said, I certainly don't know of any current distributions that run as root by default. Windows basically does this when you set it up with no login, or you end-up running a piece of software that requires admin access because it was coded poorly. That last bit hasn't crept its way into *nix apps as of yet, and hopefully the design makes it more desirable to keep the current paradigm.
Of course I remember a time when most services ran as root before the "nobody" (or is it noone?)user was introduced in the late 90s.
I submitted a story that got rejected regarding this type of "rootkit." Somehow (my girlfriend's daughter uses this system in a reletively locked-down mode) I got something installed on my system that slipped past the Spybot S&D, MS AntiSpyware, AVG antivirus, and ewido.
It was a total b*tch just to find. The thing would build its directory/itself on shutdown (it seemed) and load then delete any trace of itself at startup, even in Safe Mode. It hid itself from Windows Task Manager and every other scan a could run. I ran some Sysinternals apps such as RootkitRevealer and Autoruns, and showed nothing over and above anything I could account for. Suspecting it was a rootkit anyway, I found some good apps such as Process Guard, and F-Secure's Blacklight(stand-alone executable, pretty nice), and a CLI app called RkDetector. Once I had ran PG I could see what was happenning to my poor little PC. Explorer launches a program called ddrssapi.exe from System32, then would go onto to launch mchshisn.exe every 3 seconds or so. At one point Process Guard counted mchshisn.exe loading over 350 times before grinding to a crashing halt!
Googling ddrssapi.exe or mchshisn.exe yields no hits (or at least didn't, now it'll probably link to this thread), so I renamed the former (because I knew where it was). I was hoping that was the app that created the directory at startup so I rebooted to see if things calmed down.
Process Guard makes no mention of ddrssapi, but is still continuously launching mchshisn, and I notice that it says it's launching from Program Files/Weslorer... Takes about 4 minutes to bring the box down to it's knees, but that gave me enough time to realize that I could do nothing to find this mysterious directory (Weslorer).
I boot into Knoppix 4.0 and low and behold there is PF/Weslorer. Unfortunately for me, Knoppix didn't want to play nice with NTFS, so I couldn't delete the dir. Then I remembered that I had build the Windows Ultimate Boot Disk based on BartPE a few weeks ago. Booted into it and removed the Weslorer (which also shows no google hits) directory and ran a Spybot S&D scan for good measure. I rebooted into my XP install and all was well. No more popups (which caused the autopsy in the first place), no more stray process launching hundreds of times. Just a new systray icon for Process Guard. That things going onto every removable media I have.
I know I still don't really know how it got in and what process it was using to launch itself initially, and that bothers me; but I do not have any symtoms and will have to live with the thought that I got pwned.
These days I'm not sure which comes in first more often. Fark often has Slashdot submissions, and they are clearly marked so. Lately it seems that lots of stories/links are showing up on Fark first! Since both sites are basically the same functionally, with a comedy vs. geek thing, I'm not sure it even matters. Just something that I was going to write a joke about until I realized I'm not funny (check my last link for example).
Anyway, when I first saw this on Fark I was hoping to get more of a The Serpent and the Rainbow breakdown of the drugs/herbs/poisons involved in the Haitian voodoo practices. Then I realized pretty much everyone is going for the whole Halloween thing now and ditching "real" articles.
Oh well, time to hit the bottle.
I have two mod points left. God I want to mod you down.
Not because of anything you said, mind you.
Simply because I've never modded a 3-digit UID!
I know, it's sick.
So I decided to write this just to remove the temptation.
Burninating the peasants, one mod at a time!
It appears ScuttleMonkey didn't just make a typo, but just has no clue that it is actually Stanford not Standford...
It's also the second time today!
That's great, and it works; but I can't seem to be able to do anything useful with it, and can't find any documentation regarding the vmware image on the site. How do I install "links" from the site when wget isn't installed, for example? Any clues from the clueful?
I agree that this is just FF with a skin and some plugins.
If they really want to be a "social" browser, why'd they overlook BitTorrent?
Is this a group that can only make skins? I know there isn't (that I've found) a FF plugin for BT, but would it really be hard for a group that supposes to make a better browser?
Sheesh, how stupid. You measure the stability of your economy by the fact that none of your friends has a financial problem? Have you heard of this thing called a "budget deficit"?
Sheesh, how stupid. You measure the stability of your argument by the fact that none of your friends has a sense of humor? Have you ever heard of this thing called "sarcasm"?
In this case you really could call it Internet Exploder!
I wonder what the possibilities would be for starting a Steam-like service, but instead of peddling one's own games, instead distributing inexpensive indie games in exchange for a percentage?
I pointed this out elsewhere in the thread, but Steam already does this.
Rag Doll Kung Fu just came out, only through Steam. RDKF is an awesome time killer.
Disclosure: I have nothing to do with said game in any way, just really, really impressed.
Yeah, yeah, Preview blah blah blah... Corrected link to Rad Doll Kung Fu!
Once again, mad html skills.
On October 12th, Rag Doll Kung Fu came out. You know how I know that? They advertised on the Steam network. I spent about 3 hours reading about and watching videos of this very unique game. Then I Pre-Loaded it for a $2 discount on this $14 dollar game. It is awesome. It was developed by one individual (the cut scenes are a rather funny, extremely low-budget kung fu movie he had made with some friends that kicked-started the project).
My point being: Steam let me know about, purchase, and then distributed this great little game that I'm sure will go far. Check it out. This is the future of indie development.
It wouldn't have made sence in the same context he was using it.
If he had said: Only a handful of people wanted to legalize abortions?
Well, if you don't count all the babies.
See what I mean.
Or am I missing something?
Dunno but their Start page is quite cool, something like Netvibes but (IMHO) better.
That looks very similar to google.com/ig
However IIRC start.com was around first. Hmm. Was MSFT the "innovator" here?
Nah! Couldn't be!
I don't think this is plausible. I know it's not the same thing as Divx, but it seems to smack of it.
I don't think the consumers are going to go for it. Not to mention the waste it could create.
Maybe I should've put this under my -1 redundant post.
Maybe we'll all get one.
Maybe I'll get -1:Troll
Maybe the bad mods have won
Is that OK? Rhyming one with won? Reminds me of the Pin Pals episode.
(throwing in an obscure Simpsons episode should win-over the mods)
I'm fiending for some attention. Please. Please look at me!
I'm always moderating, never moderated.
Maybe I'm just not hip enough.
Maybe I should just stick to Fark.
Maybe Taco should make me an editor.
Maybe I jumped the shark!
You can!
I thought they already did that.
Hmm... shows what I know.
I must've missed the part in the article that was something other than PR. A little light on details; but this is only about getting certified under a certain configuration. I doubt RH will ship Enterprise with this config as the default as it is a bit less than user/admin friendly.
Having said that: Good for them.
I sell new construction. My employer would like to meet you about the costs of replacing my monitor and keyboard. ;)
Good work
I had a hard time pronouncing Suegle until you put it in context. Then I spewed. Thanks.
Argh! I've been touched by Ye Noodly Appendage!
Yar! Feel the wrath and fear ye Flying Spaghetti Monster!
Yar!
I cannot be assed to provide examples, but it's easy for everybody taking having have a clue.
I've never been a grammar nazi; but this befuddles me. I dare say I'm mezmerized even!
To clarify: Samsung has developed a process to create 16Gigabit(2GB) chips that when set in a 8(chips)X16(Gigabit) configuration yields a 16GB flash drive. The 16(chip)X16(Gigabit) configuration yields 32GB flash drives.