Even when I did not clicking on it, or selected "No," the fake scan of my hard drive began. About a year ago, I ran across one of those scareware anti-virus advertisements on my Linux computer, while using Firefox. The advertisement claimed that they had detected viruses and spyware on my computer. If I remember the details more or less correctly, when I tried to close the tab or pop-up, their webpage reappeared and claimed that it was scanning my drive C.
It then claimed that it had found two viruses on drive C and also spyware in my registry (neither of which Linux actually has). It asked me to purchase their anti-virus product, to fix the problems. When I again attempted to close a pop-up or tab, a pop-up appeared asking me which program it should use to attempt to open the Windows executable file which their webpage was trying to send to me. It also gave me the option of saving the executable file to my hard drive, or canceling the download.
Still, the webpage would not give up pestering me, so I unplugged my Ethernet cable, then shut down my browser and then rebooted. Afterwards, I edited my hosts file so that the URL would be diverted to my loopback address, instead of to their website. When I then returned to the website, I did not get the advertisement again.
I am not an expert or computer professional, and do not know if that would still happen with that latest version of Firefox and latest security updates for everything else or not. But, my impression is that "Don't click on it," might or might not be enough. Well, at least by educating your users, maybe you can keep them from pulling out their charge card and purchasing it, and then deliberately downloading and installing it.
I recently installed AdBlock Plus an NoScript for Firefox on both my Linux computer and my Windows XP computers, at home. On my Windows XP computer I am also now sandboxing my default browser (Firefox) with Sandboxie. It also probably helps, that I almost never use my Windows XP computer on the Internet, and also do not use it to receive email.
But anyway, here is something you might want to show your various users:
I do not know about your examples, but the ones I have encountered were all clearly giving totally bogus results for my Linux computer. In each case I was browsing the Internet while using Linux and Firefox. This is one example of the examples:
I have never heard of a Linux virus actually successfully circulating in the wild, but despite that, here was this advertisement telling me that they had detected viruses and spyware on my computer. When I attempted to close the pop-up or tab, their webpage reappeared and, without permission, said that they were scanning my drive C. It even had a progress bar. That seemed totally bogus since Linux does not use drive letters for partitions or hard drives like Windows does.
About 60 seconds later they said they had finished scanning my hard drive, and had found two viruses on drive C and spyware in my registry. Well, not only does Linux not have a drive C, but it does not have anything called a registry either, so their claims had to be bogus. Besides that, how did they supposedly scan my 500 GB hard drive in 60 seconds.
They listed the two viruses that I supposedly had. I looked those up elsewhere on the Internet and found that they were Windows only viruses.
When I refused to purchase their anti-virus product and tried to close the tab or pop-up or whatever, they tried to send a Windows executable to my computer anyway. I rejected the windows executable file they were attempting to have me download. Even after supposedly scanning my hard drive, they did not yet realize that I did not have a Windows computer, and were trying to send me a Windows version of their anti-spyware program instead of a Linux version.
Below, is a link to an article which clearly demonstrates how bogus one one of these scareware on-line anti-virus scanners is:
About a year ago, a pop-up advertisement pretended to scan my hard drive remotely (without my permission) and then claimed to find two viruses on drive C and also spyware in the registry of my Linux computer. I have encountered those scareware anti-virus advertisements several times over the last several years while using Firefox and Linux.
Typically, a window pops up telling me that their website has detected a virus and spyware on my computer. The website suggests that I let them scan my hard drive for viruses and spyware. When I try to close the window, a window with a progress bar appears, announcing that they are scanning my drive C for viruses. After only about thirty seconds, they have supposedly finished scanning my entire 500 GB hard drive and announce that they have found two viruses on drive C, and also spyware in my registry. That seems bogus, since Linux does not designate hard drives or partitions with drive letters and also not have a registry.
The then asked me to purchase their anti-virus product, to fix the problem. Despite again attempting to close a pop-up and a tab, I soon had a pop-up from Firefox, asking me which program it should use to try to open a Windows file that ended in.EXE. Was that an attempted drive-by download of malware? They did not even attempt to make me download a Linux version of their fake anti-virus program.
I have never heard of a Linux virus successfully circulating in the wild. But, they did give the names of the two viruses my computer was supposedly infected with, so I looked those two names up on a more legitimate anti-virus website, and it listed them as both being Windows only viruses.
I have recently started using both the AdBlock Plus and NoScript extensions for Firefox on both my Linux computer and my Windows XP computer. On my Windows XP computer I have also recently started running Firefox sandboxed with Sandboxie. Hopefully, I will not be bothered by those fake anti-virus advertisements again.
My understanding is that, if a sufficiently long and random key is used with WPA2-PSK, there is currently no publicly known practical way to break the encryption. But, I am not an expert. One article claimed that the encryption is still secure if the key is sufficiently long and random, and also includes at least a few numbers and punctuation symbols.
On the other hand I am not disagreeing that in general, layers of security are good.
One practical use for the special paint, which the article does not mention, might be for the problem of eavesdroping on the radio signals coming from most monitors and keyboards. I vaguely recall a Slashdot discussion which said that most ordinary keyboards have that problem, not just wireless keyboards. I wonder if the special paint would block the frequencies which those devices are unintentionally emitting signals on.
Unless more resistant keyboards and monitors are made available to the average consumer, a special paint might be the only easily available solution for that problem.
First, the author seems to be suggesting that painting your home or business with special paint would be easier than enabling WPA2-PSK encryption on your existing hardware. Then he goes on to say that "presently, most companies have to invest in complicated encryption software to deter hackers." Why would they need to invest in complicated encryption software, when then most devices already have WPA or WPA2 capability already built in?
It seems to me that they would just need to take the time to figure out how to properly enable WPA or WPA2 on their existing hardware.
Any older devices which only support WEP should be replaced with something that WPA2. The longer and more random the password is, the better. Ideally the password should also include at least a few numbers and punctuation characters too. Of course they should also change the well know default password on their wireless router.
The article does not mention what they plan to do to keep the radio waves from passing through windows. Were they planning to install special screens or shutters over the windows or what?
What are they planning to do about the keeping the signals from getting through the windows? Are they going to install screens on the windows which will block those frequencies? Are they going to paint the curtains? Are they going to install interior or exterior shutters, and then paint them too with the anti-WiFi paint which contains aluminium-iron oxide.
I am not an expert, but it seems to me that they would need careful attention to details such as those, to adequately block the signals. For example, I know someone who was recently able to use a campground's free WiFi from withing his old aluminum Airstream trailer. My guess was that the signal was coming in through the window, or possibly through the floor.
However, even if the blocking of signals is not perfect, the anti-WiFi paint might be useful, if that is only one of several other protection measures that are being used. That would especially be true if someone has is parked out front and is using a directional yagi or other type of antenna, hidden in something like a Pringles can. For instance, they probably still should use WPA or WPA2 with a sufficiently long and random password that also includes numbers and punctuation. It would be best to also change the well know default password on the wireless.
Do you have a link to an article, or a specific example, which talks more about the problem of demanding payment for some non-existing debt, which you mention?
I do not actually use PayPal very much, except for occasionally using that as the method of payment on web sites which offer PayPal as an optional method of paying. I have never actually yet tried using PayPal to purchase something from another individual over the Internet (which is probably what most people use PayPal for). I really have not yet used PayPal very much, so despite have the security key, I do not yet know very much about PayPal.
Do you have any specific tips for how to minimize the risk of that happening?
Apparently they are starting to see man-in-the-middle attacks and trojan attacks being used against two factor authentication. I just noticed where maladroit's post had a link to where Bruce Schneier talks about how those types of attacks are being used against two-factor authentication.
Bruce suggests authenticating the transaction instead of authenticating the user, although at least in the article below, he does not give any details about how exactly to do that.
I decided to reply to my own post, to say that does somewhat weaken the argument for two factor authentication being the primary solution to the problem, by itself.
I have a PayPal security key on my key chain, which I use whenever paying for something by PayPal. Most people do not realize that PayPal offers the option of using a security key. That multi-factor identification, which is where I need to know something and I also need to have something, to access the account. The security key generates a different 6-digit number every 30 seconds. So if someone managed to steal my password through a keystroke logger or a phishing email message, they would not have the security key that I keep in my pocket. If someone found my security key laying on the ground, they would not know my password.
https://www.paypal.com/securitykey
As for the alternative of getting in my answering the security questions for the account, I have used very hard to guess made up answers for the stupid security questions (I did not use real information).
An employee at the bank, where I have my checking account, recently suggested that I should do online banking. First I asked him if that would work with my computer which runs Linux, intead of Windows. He said Linux would work just fine. I then mentioned my concerns about security and the fake phishing emails that I get, which claim to be about my online banking account at their bank. I said, you know the ones that want me to click on some long complicated looking URL going to some foreign country, and then probably have me log-in and give them my user name and password. He said, "yes just ignore all of those fake email messages."
I also mentioned my concerns about keystroke loggers, although I added I have probably managed to secure my Linux computer, better than most average computer users do. However, a keystroke logger might still a slight possibility, even for my Linux computer, so I knew I wanted the additional protection of multi-factor authentication. I pulled my security key out of my pocket, and asked him if they offer two-factor authentication, using something like this. He said the did not offer anything like that. I told him that I would not feel comfortable doing online banking with them, because they do not offer multi-factor authentication.
Two-factor authentication may not be totally perfect, because most forms might still be vulnerable to a man-in-the-middle attack, but it would still be a major upgrade to their security. The cell phone plus 6-digit number in an SMS text message technique, that you said Bank One is using, also sounds great.
I learned to both print and write cursively, when I was growing up in the 1960s. For me cursive was faster, although it always seemed to take more mental effort for me to write legibly, with cursive, than when printing or typing. In college classes, almost everyone was always rapidly taking lots of detailed notes in cursive as the instructor spoke. Most of the students could write very rapidly in cursive, while still paying good attention to the instructor.
For me, unfortunately it always seemed to take way too much mental effort to write legibly in cursive at that speed. If I tried to take such detailed notes, I always found myself paying way too much attention to the mechanics of writing things, word by word. That usually kept me from actually being able to pay much attention to what he or she was saying. I could either pay attention and take relatively few notes, or I could take detailed notes while not really listening to what was being said. However, that did not seem to be true of most other students, as they busily scribbled away.
But even cursive did not seem fast enough, so I seriously considered learning shorthand, as a way to write much faster. Of course shorthand was something that only secretaries used when taking dictation, and then later typing up what was said.
http://en.wikipedia.org/wiki/Shorthand
I do type quite rapidly, but since I had never seen anyone typing on a laptop in class, I was not sure if the distracting sound of someone clicking away, while taking notes, might not be allowed.
Despite my ineptness at taking decent notes while listening, I still managed to get nearly all A's in the Junior College classes which I took after the age of 30 (but not the earlier classes). Unfortunately, I always had to take the time to read each assigned chapter of the textbook to do that.
I still remember how my first grade teacher would frequently run towards my desk screaming, and quickly grab my handwriting practice, an rip it up, while screaming that my "O"s were not oval enough. She frequently screamed and ripped up the other boys sheets of paper too, but almost never did that to the girls. One day she did actually rip up a girls picture, during art practice, while screaming at her that her picture was not pretty enough. Me and the other boys cheered, because she had actually torn up a girls sheet of paper, for once. That was in the first grade, at a public school in Southern California, in the early 1960s.
My own ears serve as a fairly reliable "Gaydar," for detecting homosexual men. Over the years, I have noticed that most gay men usually have a just barely noticeable distinctive characteristic to their voices. For some reason, I have not ever heard anyone else mention noticing that.
I first noticed that, several decades ago, when I would occasionally a hear gay men being interviewed on TV. They nearly always had that same distinctive quality to their voices. Whenever I would occasionally encounter someone who also sounded like that, my suspicions were sometimes later confirmed, by something I eventually heard or saw.
One of the few exceptions for my "Gaydar" is Rock Hudson. I have never noticed that gay quality to his voice.
I am probably somewhat better than average at picking up on subtle qualities to sounds. There are several people whose cars I hear a couple of times per day, and I can usually reliably recognize each of their vehicles as they pull up, without looking. I hear quite a few other vehicles throughout the day, yet I can usually tell the difference between the sound of their vehicles and all the other vehicles. That is despite the fact that some of the other vehicles, which I hear throughout the day, are of the same make, model, and possibly even the same engine type. I have also heard that many dogs can recognize the sound of their owners car from part way down the street. I wonder if blind people might have noticed what I am referring to. They frequently have a very well developed awareness of sounds.
My auditory "Gaydar" only works for detecting gay men, not for detecting lesbian women. I have not had enough good tests for my "Gaydar" to say precisely how accurate it is. I am just wondering how many other people have been noticing the same thing about most gay men's voices.
I do not feel any desire to go around "outing" people, or to possibly say something about someone which might turn out not be true, so I have always kept those observations to myself. Surely what I am describing must already be obvious to other people too.
When slowly passing through a crowded parking lot, I could warn pedestrians of my approach, with the sound the Martian spaceships made in the original 1953 version of War of The Worlds. The Martian spaceships made an eerie, but not too loud, sound as they slowly moved forward while flying low at about 20 MPH, while searching for targets. People on the ground could hear them slowly approach and see a beam of light coming from their external cobra like appendage, as the beam of light scanned side to side, while looking for targets.
Whenever the Martian spaceship spotted humans, the sound changed ominously, for a couple of seconds, as they prepared to fire their disintegration ray.
An electric car with the sound of a 1950s Martian spaceship slowly approaching, should be ample warning for pedestrians. The beam of light slowly scanning back and forth, would also warn them that something ominous and dangerous is approaching them from behind.
If that does not get their attention, the changing pace of the scanning beam of light and the sound, would be warning that I have found a target and am preparing to honk my horn.
When annoying pedestrians are no longer around, I would probably switch back to the softer and less ominous flying car sound and turn off the scanning/targeting beam of light. The Martian spaceship sound and scanning beam would mostly just be used in crowded parking lots or in school zones to warn pedestrians of my approach. Perhaps, I would not use the full pedestrian warning system that I described, very often.
That reminds of when, a few years ago, I was sitting around a campfire, with several friends, in a remote area in the mountains here in Arizona. Off in the distance, we could hear a track driven vehicle headed our way, driven by several drunken young guys, who were whooping and hollering wildly. In the darkness, we could tell by the sound, that the slow moving vehicle, was headed our way. The clickety-clacky noise, and the wild drunken whooping and hollering, just kept getting louder and louder and closer and sounded like it was headed directly towards our camp site.
Finally, it passed by about 200 feet away, but due to the darkness and the trees and bushes blocking our view we did not get to see what kind of track-driven vehicle it was. The wild drunken guys just continued their whooping and hollering and shouting as they disappeared into the night and never came back.
It did not sound quite like a large modern bulldozer, at least not one that had been manufactured in recent decades. I am guessing that it was something else, but I am not sure what. It probably was some very old piece of track-driven equipment that some rancher or miner has had on his property, for decades. It might conceivably even have been some kind of old WWII war surplus vehicle. It sounded rather large, but slightly lighter than most modern bulldozers.
At least we did not have any bears visit our campsite, although we did see a sknunk along the creek nearby. An Apache indian and his dog, from the neighboring camp site, visited with us for a while around the camp fire, on the second night.
I have sometimes thought about putting a fake label on my computer, that would suggest to computers that this is an obsolete computer, not worth stealing. I would like to get a sticker that says something like "386 SX with Windows ME inside." I could use that instead of the "Linux inside" nameplate, which my computer currently has.
With my computer's heavy steel case, lifting my computer is about like lifting a bag of cement. But perhaps I should make it even heavier and harder to steal, buy having a few hundred pounds of very thick steel plates welded onto the inside and/or outside of the case.
I am also troubled by the fact, that he did not steal the computer. But perhaps, he might have had a potential problem of carrying a large computer past the neighbors without being noticed..
I also wonder if the computer had an expensive flat screen monitor or just a large heavy old CRT monitor instead, or what. If he passed up the chance to steal an expensive, easy to carry 20-inch flat screen monitor, that would seem odd. But leaving behind a large heavy old CRT monitor, would not be surprising, at all.
I would also like to know if this was a semi-obsolete computer, or not. Perhaps, he was testing the computer to see if it was too slow to be worth stealing.
I have heard of burglars who have connections for only getting rid of certain types of items, but not other types of items. Perhaps, he did not know how to get rid of a stolen computer, or the computer parts, for a worthwhile amount of money.
There is also the testimony of the friend, who said that "Parker asked him if he wanted to help break into the victim's home." Of course, that is assuming the friend was not the hypothetical person who was trying to frame him.
By the way, back in the early 1970s, a burglar broke through the window of the master bedroom, of my parents home, but did not steal anything.. Mom was not much into fancy jewelry and our 13-inch black and white TV, probably was not worth stealing. With dad being a high paid executive, it was surprising at our lack of small, valuable items, worth stealing.
I would like to correct one thing that I said. It looks like I was wrong about Islands of Dangers being a text game. As I look at it again, they actually just look like simple graphics.
I recently used a self-booting floppy disk to run DOS and play a few old late 1980s DOS games on my fairly new AMD 64 computer.
I changed the BIOS settings on my AMD-64 X2 4200+ computer, so that it would boot from a floppy disk. I then booted up my computer using the PC-DOS 2000 installation floppy disk #1. While running DOS from the floppy, I used the format command to create several more self-booting floppy disks. I had to swap disks in the process, since I only have one floppy drive. I could not use my hard disk, since DOS did not recognize the Linux EXT3 partitions on my SATA hard disk. I made sure to format the floppy disks as a self-booting floppy and also made sure not to accidentally format my 500 GB hard drive as a 1.44 MB self booting DOS floppy disk (if that is even possible).
IBM PC-DOS 2000 was a minor Y2K upgrade to PC-DOS 97, which surprisingly, could still be purchased up until several years ago.
I then copied several old shareware games and one old commercial game, onto each of the old floppy disks. Then I rebooted the computer and played a few of the old games for several hours. I was surprised to see that my 20 inch Dell flat screen monitor could actually do 640 x 480 resolution, which was the standard resolution for a VGA monitor used back then. CGI and EGA monitors had an even lower resolution.
For a couple of days, I played some old games such as Commander Keen, Galactic Battle and Island of Danger. Island of Danger, is a text mode game where a capital letter "I" is my hover craft and it fires asterisks at the missile launchers and other targets. I forget what letter of the alphabet was used as missiles. The text characters used to create the scenery came in several colors. The other two games actually ran in graphics mode, with better graphics.
I also created a self-booting FreeDOS boot disk, at one point, and ran another game from it. FreeDOS is still available from FreeDOS.org for free. I could have also used my old Microsoft DOS 3.3 or DOS 5.0 or DOS 6.0 floppies to create self-booting floppies.
After removing the floppy disk, my computer was still able to boot up into Linux just fine. So, I had not messed anything up on my hard drive or the boot sector of my hard drive. I then installed the Linux version of DOSBox, under Linux, and was then able to play those same old shareware DOS games full screen from within Linux.
Someday, I might get around to trying out a game or two, which was made sometime later than the late 1980s. It would be interesting to see how the newer games compare. But, it is good to know that there are still ways to play the old DOS games, on newer computers.
A couple of years ago, I briefly actually had FreeDOS and then later PC-DOS 2000, installed on a FAT16 primary first partition, of a parallel ATA hard drive, on my AMD 64 computer. I also had Linux installed on another partition. But, in a later experiment, I was not able to install it successfully on a SATA hard drive, which I was later using instead. I mention that, just in case someone here feels the urge to install DOS on their computer, for some reason.
Dial-up was all that I could get until about 2 or 3 years ago. I had two telephone lines so that I could access the Internet on one line and still receive calls on the other telephone line.
With my Internet provider, I did not notice any difference between peak times and how it performed at other times. So what you aunt described must have been a peculiarity of her local Internet provider.
The telephone lines in my neighborhood were only good for 26.4k. So even though I had a 56k modem, I could only connect at 26.4k. I almost never succeeded in connecting at 28.8k either, but if I was unlucky, I sometimes was only able to connect at 24k. DSL only became available in my neighborhood about 2 or 3 years ago.
We are sometimes a little slow to get the latest technology here. For instance, we still have several analog TV channels coming from the translator where I live here up in the mountains in Arizona (and only one digital channel). The digital transition for television has not yet occurred here. There are other places in the country where that is also still true.
When I was on dial-up, I blocked advertisements as much as possible, so that the graphics would not use up unnecessary bandwidth. Tabbed browsing was also very helpful, because while still looking at one page, I could have another page loading in another tab. When going to get a cup of coffee, I would also always have it loading the next page while I was gone. It also helped when web pages would load text before the advertisements and other graphics. When web pages that did that, I could start reading while the pictures were still loading. I actually got by OK on dial-up, but I am happy now that I have 1.5M/800k DSL instead (for only slightly more money).
When reinstalling Windows 2000 from scratch on dial-up, about 5 years ago, it took many hours to download all of the security patches. Despite already having a firewall and anti-virus software installed, my un-patched vulnerabilities seemed to be under relentless attack for many hours while downloading the security updates from Microsoft. Every several minutes, a pop-up would appear which suggested my computer was already infected with spyware and that Microsoft supposedly wanted me go to some obscure URL to purchase some little know anti-virus product which would supposedly fix that. It was only many hours later, after the security updates had been applied, and the computer rebooted, that the constant barrage of pop-ups stopped. If I had been on a high speed Internet connection, that probably would not have happened.
That is why I chose to use a steel case for my computer. I was hoping that the case would act somewhat like a Faraday cage. That is also why I did not choose a case with a window. I also wanted my computer case to be fire proof. Of course aluminum would have also worked well, for both purposes.
I once had my ceiling start to leak just above my computer (when it was not running). I have also spilled coffee on the case once. Fortunately the components on the inside stayed dry, both times. Would a cardboard case have turned into wet cardboard?
I have also occasionally had mice chewing on things behind my desk. A family of mice might choose to chew their way into the cardboard computer case, and turn it into their nest and then start chewing on the wires and cables inside. It has been annoying enough with the pack rats building a nest under my truck's air cleaner, on two occasions over the years. Some of my neighbors have had the wiring and even a heater hose on their cars chewed up by pack rats repeatedly, on several occasions over the years. That makes me wonder what mice could do to a computer, if they ever got inside. I would also not want one of the local 7 inch long by almost 1 inch wide centipedes, to get inside my computer case, and possibly damage something.
Call me old fashioned, but I like heavy duty steel or aluminum components. When I grew up, coffee came in a steel can and even band aids usually came in a steel container. I once tripped while getting out of bed, and the sudden weight of my 250 lb. body on top of the computer case did not damage the case.
When I upgraded the motherboard, I reused the old steel case. I suppose you could call that recycling it. I did not see anything obsolete about the case. I also reused my old keyboard and monitor.
The computer is surprisingly heavy. Moving it is about like lifting a bag of cement. Perhaps I should add several thick steel plates welded to the inside, to make it so heavy that it would be difficult to steal.
It would probably be possible to use an antenna design which radiates less in his direction. Another option might be to locate the antenna in a place where there is a small hill between his farm and the antenna. That way only a small number of his closest neighbors would be stuck on dial-up.
By the way, dial-up was all that I was able to get, up until about 2 years ago. As if that was not bad enough, the local telephone lines were not good enough for either 56K, 32K or 28.8K dial-up. The local telephone lines were only good enough for 26.4K dial-up. Security updates for Windows or Linux sometimes took all night. Then finally DSL arrived and I now have a 1.5Mb/800K DSL connection. What is surprising, is that I live in a small city in the U.S., not in a rural area, and could not get high-speed Internet until about 2 years ago.
Back in the 1970s, one of the Motorola plants in the Phoenix area installed a small microwave antenna on their roof for transmitting computer data to another location. Shortly afterwards, one of the neighbors stopped by to complain that radiation from the antenna was making him feel ill. They told him that they had not yet started using the antenna yet, but to let them know how it is affecting his health next month after they turn the antenna on.
Aspirin is another example. Aspirin was originally derived from a chemical which is found in the bark of willow trees. Somewhere between 460 B.C. and 377 B.C. Hippocrates made a powder from the bark of Willow trees used to treat headaches, pains and fevers. In 1829 scientists discovered that the compound salicin was the ingredient which gave pain relief. I do not know much about chemistry, but apparently they eventually ended up with salicylic acid, which we now call aspirin.
Both Oprah Winfrey and Howard Lyman were sued by the Cactus Feeders Inc. in Texas, for disparaging food on an episode of the Oprah Winfrey show about mad cow disease, food production and the rendering process. The lawsuit alleged Lyman and Oprah had violated a Texas law which forbids someone from "knowingly making false statements" about agricultural business. After almost 6 years of legal bills, Oprah Winfrey and Howard Lyman won. The trial took place in Amarillo, Texas in front of a jury from Texas cattle country. The verdict was that Oprah and Howard were not liable for the statements they had made.
Slashdot Mirror
Even when I did not clicking on it, or selected "No," the fake scan of my hard drive began. About a year ago, I ran across one of those scareware anti-virus advertisements on my Linux computer, while using Firefox. The advertisement claimed that they had detected viruses and spyware on my computer. If I remember the details more or less correctly, when I tried to close the tab or pop-up, their webpage reappeared and claimed that it was scanning my drive C.
It then claimed that it had found two viruses on drive C and also spyware in my registry (neither of which Linux actually has). It asked me to purchase their anti-virus product, to fix the problems. When I again attempted to close a pop-up or tab, a pop-up appeared asking me which program it should use to attempt to open the Windows executable file which their webpage was trying to send to me. It also gave me the option of saving the executable file to my hard drive, or canceling the download.
Still, the webpage would not give up pestering me, so I unplugged my Ethernet cable, then shut down my browser and then rebooted. Afterwards, I edited my hosts file so that the URL would be diverted to my loopback address, instead of to their website. When I then returned to the website, I did not get the advertisement again.
I am not an expert or computer professional, and do not know if that would still happen with that latest version of Firefox and latest security updates for everything else or not. But, my impression is that "Don't click on it," might or might not be enough. Well, at least by educating your users, maybe you can keep them from pulling out their charge card and purchasing it, and then deliberately downloading and installing it.
I recently installed AdBlock Plus an NoScript for Firefox on both my Linux computer and my Windows XP computers, at home. On my Windows XP computer I am also now sandboxing my default browser (Firefox) with Sandboxie. It also probably helps, that I almost never use my Windows XP computer on the Internet, and also do not use it to receive email.
But anyway, here is something you might want to show your various users:
http://www.theregister.co.uk/2008/08/22/anatomy_of_a_hack/print.html
I do not know about your examples, but the ones I have encountered were all clearly giving totally bogus results for my Linux computer. In each case I was browsing the Internet while using Linux and Firefox. This is one example of the examples:
I have never heard of a Linux virus actually successfully circulating in the wild, but despite that, here was this advertisement telling me that they had detected viruses and spyware on my computer. When I attempted to close the pop-up or tab, their webpage reappeared and, without permission, said that they were scanning my drive C. It even had a progress bar. That seemed totally bogus since Linux does not use drive letters for partitions or hard drives like Windows does.
About 60 seconds later they said they had finished scanning my hard drive, and had found two viruses on drive C and spyware in my registry. Well, not only does Linux not have a drive C, but it does not have anything called a registry either, so their claims had to be bogus. Besides that, how did they supposedly scan my 500 GB hard drive in 60 seconds.
They listed the two viruses that I supposedly had. I looked those up elsewhere on the Internet and found that they were Windows only viruses.
When I refused to purchase their anti-virus product and tried to close the tab or pop-up or whatever, they tried to send a Windows executable to my computer anyway. I rejected the windows executable file they were attempting to have me download. Even after supposedly scanning my hard drive, they did not yet realize that I did not have a Windows computer, and were trying to send me a Windows version of their anti-spyware program instead of a Linux version.
Below, is a link to an article which clearly demonstrates how bogus one one of these scareware on-line anti-virus scanners is:
http://www.theregister.co.uk/2008/08/22/anatomy_of_a_hack/print.html
About a year ago, a pop-up advertisement pretended to scan my hard drive remotely (without my permission) and then claimed to find two viruses on drive C and also spyware in the registry of my Linux computer. I have encountered those scareware anti-virus advertisements several times over the last several years while using Firefox and Linux.
.EXE. Was that an attempted drive-by download of malware? They did not even attempt to make me download a Linux version of their fake anti-virus program.
Typically, a window pops up telling me that their website has detected a virus and spyware on my computer. The website suggests that I let them scan my hard drive for viruses and spyware. When I try to close the window, a window with a progress bar appears, announcing that they are scanning my drive C for viruses. After only about thirty seconds, they have supposedly finished scanning my entire 500 GB hard drive and announce that they have found two viruses on drive C, and also spyware in my registry. That seems bogus, since Linux does not designate hard drives or partitions with drive letters and also not have a registry.
The then asked me to purchase their anti-virus product, to fix the problem. Despite again attempting to close a pop-up and a tab, I soon had a pop-up from Firefox, asking me which program it should use to try to open a Windows file that ended in
I have never heard of a Linux virus successfully circulating in the wild. But, they did give the names of the two viruses my computer was supposedly infected with, so I looked those two names up on a more legitimate anti-virus website, and it listed them as both being Windows only viruses.
I have recently started using both the AdBlock Plus and NoScript extensions for Firefox on both my Linux computer and my Windows XP computer. On my Windows XP computer I have also recently started running Firefox sandboxed with Sandboxie. Hopefully, I will not be bothered by those fake anti-virus advertisements again.
My understanding is that, if a sufficiently long and random key is used with WPA2-PSK, there is currently no publicly known practical way to break the encryption. But, I am not an expert. One article claimed that the encryption is still secure if the key is sufficiently long and random, and also includes at least a few numbers and punctuation symbols.
On the other hand I am not disagreeing that in general, layers of security are good.
One practical use for the special paint, which the article does not mention, might be for the problem of eavesdroping on the radio signals coming from most monitors and keyboards. I vaguely recall a Slashdot discussion which said that most ordinary keyboards have that problem, not just wireless keyboards. I wonder if the special paint would block the frequencies which those devices are unintentionally emitting signals on.
Unless more resistant keyboards and monitors are made available to the average consumer, a special paint might be the only easily available solution for that problem.
First, the author seems to be suggesting that painting your home or business with special paint would be easier than enabling WPA2-PSK encryption on your existing hardware. Then he goes on to say that "presently, most companies have to invest in complicated encryption software to deter hackers." Why would they need to invest in complicated encryption software, when then most devices already have WPA or WPA2 capability already built in?
It seems to me that they would just need to take the time to figure out how to properly enable WPA or WPA2 on their existing hardware.
Any older devices which only support WEP should be replaced with something that WPA2. The longer and more random the password is, the better. Ideally the password should also include at least a few numbers and punctuation characters too. Of course they should also change the well know default password on their wireless router.
The article does not mention what they plan to do to keep the radio waves from passing through windows. Were they planning to install special screens or shutters over the windows or what?
What are they planning to do about the keeping the signals from getting through the windows? Are they going to install screens on the windows which will block those frequencies? Are they going to paint the curtains? Are they going to install interior or exterior shutters, and then paint them too with the anti-WiFi paint which contains aluminium-iron oxide.
I am not an expert, but it seems to me that they would need careful attention to details such as those, to adequately block the signals. For example, I know someone who was recently able to use a campground's free WiFi from withing his old aluminum Airstream trailer. My guess was that the signal was coming in through the window, or possibly through the floor.
However, even if the blocking of signals is not perfect, the anti-WiFi paint might be useful, if that is only one of several other protection measures that are being used. That would especially be true if someone has is parked out front and is using a directional yagi or other type of antenna, hidden in something like a Pringles can. For instance, they probably still should use WPA or WPA2 with a sufficiently long and random password that also includes numbers and punctuation. It would be best to also change the well know default password on the wireless.
Do you have a link to an article, or a specific example, which talks more about the problem of demanding payment for some non-existing debt, which you mention?
I do not actually use PayPal very much, except for occasionally using that as the method of payment on web sites which offer PayPal as an optional method of paying. I have never actually yet tried using PayPal to purchase something from another individual over the Internet (which is probably what most people use PayPal for). I really have not yet used PayPal very much, so despite have the security key, I do not yet know very much about PayPal.
Do you have any specific tips for how to minimize the risk of that happening?
Apparently they are starting to see man-in-the-middle attacks and trojan attacks being used against two factor authentication. I just noticed where maladroit's post had a link to where Bruce Schneier talks about how those types of attacks are being used against two-factor authentication.
Bruce suggests authenticating the transaction instead of authenticating the user, although at least in the article below, he does not give any details about how exactly to do that.
http://www.schneier.com/blog/archives/2009/09/hacking_two-fac.html
I decided to reply to my own post, to say that does somewhat weaken the argument for two factor authentication being the primary solution to the problem, by itself.
I have a PayPal security key on my key chain, which I use whenever paying for something by PayPal. Most people do not realize that PayPal offers the option of using a security key. That multi-factor identification, which is where I need to know something and I also need to have something, to access the account. The security key generates a different 6-digit number every 30 seconds. So if someone managed to steal my password through a keystroke logger or a phishing email message, they would not have the security key that I keep in my pocket. If someone found my security key laying on the ground, they would not know my password.
https://www.paypal.com/securitykey
As for the alternative of getting in my answering the security questions for the account, I have used very hard to guess made up answers for the stupid security questions (I did not use real information).
An employee at the bank, where I have my checking account, recently suggested that I should do online banking. First I asked him if that would work with my computer which runs Linux, intead of Windows. He said Linux would work just fine. I then mentioned my concerns about security and the fake phishing emails that I get, which claim to be about my online banking account at their bank. I said, you know the ones that want me to click on some long complicated looking URL going to some foreign country, and then probably have me log-in and give them my user name and password. He said, "yes just ignore all of those fake email messages."
I also mentioned my concerns about keystroke loggers, although I added I have probably managed to secure my Linux computer, better than most average computer users do. However, a keystroke logger might still a slight possibility, even for my Linux computer, so I knew I wanted the additional protection of multi-factor authentication. I pulled my security key out of my pocket, and asked him if they offer two-factor authentication, using something like this. He said the did not offer anything like that. I told him that I would not feel comfortable doing online banking with them, because they do not offer multi-factor authentication.
Two-factor authentication may not be totally perfect, because most forms might still be vulnerable to a man-in-the-middle attack, but it would still be a major upgrade to their security. The cell phone plus 6-digit number in an SMS text message technique, that you said Bank One is using, also sounds great.
I learned to both print and write cursively, when I was growing up in the 1960s. For me cursive was faster, although it always seemed to take more mental effort for me to write legibly, with cursive, than when printing or typing. In college classes, almost everyone was always rapidly taking lots of detailed notes in cursive as the instructor spoke. Most of the students could write very rapidly in cursive, while still paying good attention to the instructor.
For me, unfortunately it always seemed to take way too much mental effort to write legibly in cursive at that speed. If I tried to take such detailed notes, I always found myself paying way too much attention to the mechanics of writing things, word by word. That usually kept me from actually being able to pay much attention to what he or she was saying. I could either pay attention and take relatively few notes, or I could take detailed notes while not really listening to what was being said. However, that did not seem to be true of most other students, as they busily scribbled away.
But even cursive did not seem fast enough, so I seriously considered learning shorthand, as a way to write much faster. Of course shorthand was something that only secretaries used when taking dictation, and then later typing up what was said.
http://en.wikipedia.org/wiki/Shorthand
I do type quite rapidly, but since I had never seen anyone typing on a laptop in class, I was not sure if the distracting sound of someone clicking away, while taking notes, might not be allowed.
Despite my ineptness at taking decent notes while listening, I still managed to get nearly all A's in the Junior College classes which I took after the age of 30 (but not the earlier classes). Unfortunately, I always had to take the time to read each assigned chapter of the textbook to do that.
I still remember how my first grade teacher would frequently run towards my desk screaming, and quickly grab my handwriting practice, an rip it up, while screaming that my "O"s were not oval enough. She frequently screamed and ripped up the other boys sheets of paper too, but almost never did that to the girls. One day she did actually rip up a girls picture, during art practice, while screaming at her that her picture was not pretty enough. Me and the other boys cheered, because she had actually torn up a girls sheet of paper, for once. That was in the first grade, at a public school in Southern California, in the early 1960s.
My own ears serve as a fairly reliable "Gaydar," for detecting homosexual men. Over the years, I have noticed that most gay men usually have a just barely noticeable distinctive characteristic to their voices. For some reason, I have not ever heard anyone else mention noticing that.
I first noticed that, several decades ago, when I would occasionally a hear gay men being interviewed on TV. They nearly always had that same distinctive quality to their voices. Whenever I would occasionally encounter someone who also sounded like that, my suspicions were sometimes later confirmed, by something I eventually heard or saw.
One of the few exceptions for my "Gaydar" is Rock Hudson. I have never noticed that gay quality to his voice.
I am probably somewhat better than average at picking up on subtle qualities to sounds. There are several people whose cars I hear a couple of times per day, and I can usually reliably recognize each of their vehicles as they pull up, without looking. I hear quite a few other vehicles throughout the day, yet I can usually tell the difference between the sound of their vehicles and all the other vehicles. That is despite the fact that some of the other vehicles, which I hear throughout the day, are of the same make, model, and possibly even the same engine type. I have also heard that many dogs can recognize the sound of their owners car from part way down the street. I wonder if blind people might have noticed what I am referring to. They frequently have a very well developed awareness of sounds.
My auditory "Gaydar" only works for detecting gay men, not for detecting lesbian women. I have not had enough good tests for my "Gaydar" to say precisely how accurate it is. I am just wondering how many other people have been noticing the same thing about most gay men's voices.
I do not feel any desire to go around "outing" people, or to possibly say something about someone which might turn out not be true, so I have always kept those observations to myself. Surely what I am describing must already be obvious to other people too.
When slowly passing through a crowded parking lot, I could warn pedestrians of my approach, with the sound the Martian spaceships made in the original 1953 version of War of The Worlds. The Martian spaceships made an eerie, but not too loud, sound as they slowly moved forward while flying low at about 20 MPH, while searching for targets. People on the ground could hear them slowly approach and see a beam of light coming from their external cobra like appendage, as the beam of light scanned side to side, while looking for targets.
Whenever the Martian spaceship spotted humans, the sound changed ominously, for a couple of seconds, as they prepared to fire their disintegration ray.
An electric car with the sound of a 1950s Martian spaceship slowly approaching, should be ample warning for pedestrians. The beam of light slowly scanning back and forth, would also warn them that something ominous and dangerous is approaching them from behind.
If that does not get their attention, the changing pace of the scanning beam of light and the sound, would be warning that I have found a target and am preparing to honk my horn.
When annoying pedestrians are no longer around, I would probably switch back to the softer and less ominous flying car sound and turn off the scanning/targeting beam of light. The Martian spaceship sound and scanning beam would mostly just be used in crowded parking lots or in school zones to warn pedestrians of my approach. Perhaps, I would not use the full pedestrian warning system that I described, very often.
http://www.amazon.com/War-Worlds-Gene-Barry/dp/6305350221/ref=sr_1_7?ie=UTF8&s=dvd&qid=1253442887&sr=8-7
That reminds of when, a few years ago, I was sitting around a campfire, with several friends, in a remote area in the mountains here in Arizona. Off in the distance, we could hear a track driven vehicle headed our way, driven by several drunken young guys, who were whooping and hollering wildly. In the darkness, we could tell by the sound, that the slow moving vehicle, was headed our way. The clickety-clacky noise, and the wild drunken whooping and hollering, just kept getting louder and louder and closer and sounded like it was headed directly towards our camp site.
Finally, it passed by about 200 feet away, but due to the darkness and the trees and bushes blocking our view we did not get to see what kind of track-driven vehicle it was. The wild drunken guys just continued their whooping and hollering and shouting as they disappeared into the night and never came back.
It did not sound quite like a large modern bulldozer, at least not one that had been manufactured in recent decades. I am guessing that it was something else, but I am not sure what. It probably was some very old piece of track-driven equipment that some rancher or miner has had on his property, for decades. It might conceivably even have been some kind of old WWII war surplus vehicle. It sounded rather large, but slightly lighter than most modern bulldozers.
At least we did not have any bears visit our campsite, although we did see a sknunk along the creek nearby. An Apache indian and his dog, from the neighboring camp site, visited with us for a while around the camp fire, on the second night.
Here is one other thoughtI had.
I have sometimes thought about putting a fake label on my computer, that would suggest to computers that this is an obsolete computer, not worth stealing. I would like to get a sticker that says something like "386 SX with Windows ME inside." I could use that instead of the "Linux inside" nameplate, which my computer currently has.
With my computer's heavy steel case, lifting my computer is about like lifting a bag of cement. But perhaps I should make it even heavier and harder to steal, buy having a few hundred pounds of very thick steel plates welded onto the inside and/or outside of the case.
I am also troubled by the fact, that he did not steal the computer. But perhaps, he might have had a potential problem of carrying a large computer past the neighbors without being noticed..
I also wonder if the computer had an expensive flat screen monitor or just a large heavy old CRT monitor instead, or what. If he passed up the chance to steal an expensive, easy to carry 20-inch flat screen monitor, that would seem odd. But leaving behind a large heavy old CRT monitor, would not be surprising, at all.
I would also like to know if this was a semi-obsolete computer, or not. Perhaps, he was testing the computer to see if it was too slow to be worth stealing.
I have heard of burglars who have connections for only getting rid of certain types of items, but not other types of items. Perhaps, he did not know how to get rid of a stolen computer, or the computer parts, for a worthwhile amount of money.
There is also the testimony of the friend, who said that "Parker asked him if he wanted to help break into the victim's home." Of course, that is assuming the friend was not the hypothetical person who was trying to frame him.
By the way, back in the early 1970s, a burglar broke through the window of the master bedroom, of my parents home, but did not steal anything.. Mom was not much into fancy jewelry and our 13-inch black and white TV, probably was not worth stealing. With dad being a high paid executive, it was surprising at our lack of small, valuable items, worth stealing.
I would like to correct one thing that I said. It looks like I was wrong about Islands of Dangers being a text game. As I look at it again, they actually just look like simple graphics.
I recently used a self-booting floppy disk to run DOS and play a few old late 1980s DOS games on my fairly new AMD 64 computer.
I changed the BIOS settings on my AMD-64 X2 4200+ computer, so that it would boot from a floppy disk. I then booted up my computer using the PC-DOS 2000 installation floppy disk #1. While running DOS from the floppy, I used the format command to create several more self-booting floppy disks. I had to swap disks in the process, since I only have one floppy drive. I could not use my hard disk, since DOS did not recognize the Linux EXT3 partitions on my SATA hard disk. I made sure to format the floppy disks as a self-booting floppy and also made sure not to accidentally format my 500 GB hard drive as a 1.44 MB self booting DOS floppy disk (if that is even possible).
IBM PC-DOS 2000 was a minor Y2K upgrade to PC-DOS 97, which surprisingly, could still be purchased up until several years ago.
I then copied several old shareware games and one old commercial game, onto each of the old floppy disks. Then I rebooted the computer and played a few of the old games for several hours. I was surprised to see that my 20 inch Dell flat screen monitor could actually do 640 x 480 resolution, which was the standard resolution for a VGA monitor used back then. CGI and EGA monitors had an even lower resolution.
For a couple of days, I played some old games such as Commander Keen, Galactic Battle and Island of Danger. Island of Danger, is a text mode game where a capital letter "I" is my hover craft and it fires asterisks at the missile launchers and other targets. I forget what letter of the alphabet was used as missiles. The text characters used to create the scenery came in several colors. The other two games actually ran in graphics mode, with better graphics.
I also created a self-booting FreeDOS boot disk, at one point, and ran another game from it. FreeDOS is still available from FreeDOS.org for free. I could have also used my old Microsoft DOS 3.3 or DOS 5.0 or DOS 6.0 floppies to create self-booting floppies.
After removing the floppy disk, my computer was still able to boot up into Linux just fine. So, I had not messed anything up on my hard drive or the boot sector of my hard drive. I then installed the Linux version of DOSBox, under Linux, and was then able to play those same old shareware DOS games full screen from within Linux.
Someday, I might get around to trying out a game or two, which was made sometime later than the late 1980s. It would be interesting to see how the newer games compare. But, it is good to know that there are still ways to play the old DOS games, on newer computers.
A couple of years ago, I briefly actually had FreeDOS and then later PC-DOS 2000, installed on a FAT16 primary first partition, of a parallel ATA hard drive, on my AMD 64 computer. I also had Linux installed on another partition. But, in a later experiment, I was not able to install it successfully on a SATA hard drive, which I was later using instead. I mention that, just in case someone here feels the urge to install DOS on their computer, for some reason.
Dial-up was all that I could get until about 2 or 3 years ago. I had two telephone lines so that I could access the Internet on one line and still receive calls on the other telephone line.
With my Internet provider, I did not notice any difference between peak times and how it performed at other times. So what you aunt described must have been a peculiarity of her local Internet provider.
The telephone lines in my neighborhood were only good for 26.4k. So even though I had a 56k modem, I could only connect at 26.4k. I almost never succeeded in connecting at 28.8k either, but if I was unlucky, I sometimes was only able to connect at 24k. DSL only became available in my neighborhood about 2 or 3 years ago.
We are sometimes a little slow to get the latest technology here. For instance, we still have several analog TV channels coming from the translator where I live here up in the mountains in Arizona (and only one digital channel). The digital transition for television has not yet occurred here. There are other places in the country where that is also still true.
When I was on dial-up, I blocked advertisements as much as possible, so that the graphics would not use up unnecessary bandwidth. Tabbed browsing was also very helpful, because while still looking at one page, I could have another page loading in another tab. When going to get a cup of coffee, I would also always have it loading the next page while I was gone. It also helped when web pages would load text before the advertisements and other graphics. When web pages that did that, I could start reading while the pictures were still loading. I actually got by OK on dial-up, but I am happy now that I have 1.5M/800k DSL instead (for only slightly more money).
When reinstalling Windows 2000 from scratch on dial-up, about 5 years ago, it took many hours to download all of the security patches. Despite already having a firewall and anti-virus software installed, my un-patched vulnerabilities seemed to be under relentless attack for many hours while downloading the security updates from Microsoft. Every several minutes, a pop-up would appear which suggested my computer was already infected with spyware and that Microsoft supposedly wanted me go to some obscure URL to purchase some little know anti-virus product which would supposedly fix that. It was only many hours later, after the security updates had been applied, and the computer rebooted, that the constant barrage of pop-ups stopped. If I had been on a high speed Internet connection, that probably would not have happened.
I frequently use ixquick.com instead of google anyway. I like the fact that ixquick is a search engine which does not record the user's IP address.
I forgot to mention the possibility of possibly having termites or carpenter ants in the cardboard.
That is why I chose to use a steel case for my computer. I was hoping that the case would act somewhat like a Faraday cage. That is also why I did not choose a case with a window. I also wanted my computer case to be fire proof. Of course aluminum would have also worked well, for both purposes.
I once had my ceiling start to leak just above my computer (when it was not running). I have also spilled coffee on the case once. Fortunately the components on the inside stayed dry, both times. Would a cardboard case have turned into wet cardboard?
I have also occasionally had mice chewing on things behind my desk. A family of mice might choose to chew their way into the cardboard computer case, and turn it into their nest and then start chewing on the wires and cables inside. It has been annoying enough with the pack rats building a nest under my truck's air cleaner, on two occasions over the years. Some of my neighbors have had the wiring and even a heater hose on their cars chewed up by pack rats repeatedly, on several occasions over the years. That makes me wonder what mice could do to a computer, if they ever got inside. I would also not want one of the local 7 inch long by almost 1 inch wide centipedes, to get inside my computer case, and possibly damage something.
Call me old fashioned, but I like heavy duty steel or aluminum components. When I grew up, coffee came in a steel can and even band aids usually came in a steel container. I once tripped while getting out of bed, and the sudden weight of my 250 lb. body on top of the computer case did not damage the case.
When I upgraded the motherboard, I reused the old steel case. I suppose you could call that recycling it. I did not see anything obsolete about the case. I also reused my old keyboard and monitor.
The computer is surprisingly heavy. Moving it is about like lifting a bag of cement. Perhaps I should add several thick steel plates welded to the inside, to make it so heavy that it would be difficult to steal.
http://en.wikipedia.org/wiki/Faraday_cage
It would probably be possible to use an antenna design which radiates less in his direction. Another option might be to locate the antenna in a place where there is a small hill between his farm and the antenna. That way only a small number of his closest neighbors would be stuck on dial-up.
By the way, dial-up was all that I was able to get, up until about 2 years ago. As if that was not bad enough, the local telephone lines were not good enough for either 56K, 32K or 28.8K dial-up. The local telephone lines were only good enough for 26.4K dial-up. Security updates for Windows or Linux sometimes took all night. Then finally DSL arrived and I now have a 1.5Mb/800K DSL connection. What is surprising, is that I live in a small city in the U.S., not in a rural area, and could not get high-speed Internet until about 2 years ago.
Back in the 1970s, one of the Motorola plants in the Phoenix area installed a small microwave antenna on their roof for transmitting computer data to another location. Shortly afterwards, one of the neighbors stopped by to complain that radiation from the antenna was making him feel ill. They told him that they had not yet started using the antenna yet, but to let them know how it is affecting his health next month after they turn the antenna on.
Aspirin is another example. Aspirin was originally derived from a chemical which is found in the bark of willow trees. Somewhere between 460 B.C. and 377 B.C. Hippocrates made a powder from the bark of Willow trees used to treat headaches, pains and fevers. In 1829 scientists discovered that the compound salicin was the ingredient which gave pain relief. I do not know much about chemistry, but apparently they eventually ended up with salicylic acid, which we now call aspirin.
http://inventors.about.com/library/inventors/blaspirin.htm?rd=1
Both Oprah Winfrey and Howard Lyman were sued by the Cactus Feeders Inc. in Texas, for disparaging food on an episode of the Oprah Winfrey show about mad cow disease, food production and the rendering process. The lawsuit alleged Lyman and Oprah had violated a Texas law which forbids someone from "knowingly making false statements" about agricultural business. After almost 6 years of legal bills, Oprah Winfrey and Howard Lyman won. The trial took place in Amarillo, Texas in front of a jury from Texas cattle country. The verdict was that Oprah and Howard were not liable for the statements they had made.
http://www.madcowboy.com/01_BookOP.000.html