hooking LSASS or WINLOGON means there is a registry setting involed which can easily be deleted.
Stop the process or thread using Process Explorer
Delete the Registry key
Reboot
Delete the file
Reboot
Magic
My question is simple, How can the command and control servers for botnets stay up?
Wouldn't their hosting provider and/or IP block owner not want to end up on blacklists and thus kick them off, thus cutting off all infected systems from further contact.
If IE's not just a monopoly-reinforcement tool for other MS products, why can't we get it for Solaris, OS X, and AIX? Lots of other browser vendors with fewer resources support a much wider array of targets. It'd be great to see IE for Linux, too, but we know that's too much to ask.
I would say that it is extremely unreasonable to expect Microsoft to port Internet Explorer to other Operating Systems. They obviously did not write the program using an abstraction layer capable of running on multiple Operating Systems.
While we're on the subject of Firefox, whose bright idea was it to solve the memory leaks in 2.0.0.8 or so by making 2.0.0.11 use more and more processor time instead of more memory? Seriously, it's easy enough to kill a 200 MB Firefox instance and reopen the browser, but this 97% processor usage is just a pain in the ass. Infinite loops are not progress. I don't have to worry about that particular problem in any version of IE I've ever seen from 3.0 to 7.0 inclusive.
IE solves the problem of caching pages by caching to the hard drive extensively. Firefox decided to use memory instead of the hard drive. There are advantages and disadvantages to both solutions. Using memory requires that the algorithm that determines the amount of memory used is very well written to keep other applications responsive. Using the hard drive is slow and puts strain on the hard drive. The only right answer here is to have the user decide what they want to use, but that means the user has to decide something that requires actual knowledge. Lets be real Users will never have actual knowledge:P
If you read the article properly you will find that the evidence they destroyed was never collected, they did not destroy it they just didn't save it in the first place... EXACTLY
The evidence that TorrentSpy "destroyed" was the IP addresses of those visiting the site, stored in RAM. The information ws never saved, they merely rebooted.
The measurement that really matters then is latency, obviously it can process a ton of data relatively quickly but how fast can it process a small amount of data?
I understand that they're mailing out to millions of people and count on a high level of rejection, but how many people are stupid enough to open something that says, "5PL1t H3R 1n HALF WYTH YORE HUGE ORGAN"? According to this CNet article from 2004 the volume of email in North America alone was 31 Billion messages each day, approximately 90% of email is spam.
So that is 27.9 Billion spam messages a day (in 2004). Let's be forgiving and say that only 5% of spam gets through filtering. That is 1.395 Billion spam messages a day get through to the inbox. If only 1 in 100,000 people responded that would still be over 10,000 responses daily. And these are the numbers from 2004.
So that leaves what percentage of the population stupid enough to open one of these things and infect their computers with something vile? Um the vast majority of people who use computers have absolutely no clue how they work nor do they care.
And if they're that stupid, how likely is it that they have a bank account worth looting? Most spammers are looking to sell real items, drugs and knock off watches seem popular recently.
And every time someone says, "Let corporations pay for that," they really mean, make us all pay for that, because where do corporations get their money? That's right! It comes out of your pocket Lets follow your logic here.
Expenses increase
Corporation has less money
Corporation increases prices
Consumers pay more
Seems like airtight logic right?
But what is the corporation is already making so much money that the loss doesn't actually produce need to increase prices?
Your logic will only really follow when CEO's stop being paid billions of dollars.
Nuclear power, first through fission and then through fusion, is perfectly capable of sustaining our energy consumption for millenia, if we can just get over our stupid, misinformed objections to it. fixed that for ya
Oh, for fuck's sake. Everything will eventually run out. At some point, the sun will go dark, and even your "renewable" sources like wind and solar will be useless. Hell, hydroelectric power isn't renewable either - it's slowly sapping energy from the moon. Hydroelectric is essentially concentrated solar power already converted to physical energy for us.
Sun heats ocean
Water evaporates
Water condenses forming clouds
Rain falls producing rivers
Dam stops river
Water is forced through turbines
Turbines power generators which produce electricity
The moon has nothing to do with hydroelectric, maybe you meant tidal energy?:P
They say that if you're doing nothing wrong, you've got nothing to fear, but everyone does something wrong (e.g. downloading music). With the surveillance nation, you could theoretically be caught for wrongdoings that you didn't even realize were wrong. Ignorance isn't a defense in law, but to know every stupid little law is impossible. The solution to have "stupid little law[s]" is not the have selective enforcement but rather is to have those laws changed!
Selective enforcement of laws is a method that oppressive governments use. Very strict laws are put on the books with a non-written promise that they will only be used on the "bad guys". The problem is that the government has now given itself nearly limitless power to arrest those who it chooses.
While I do agree with you that the difference between human beings and other animals (specifically a dog) is the neural capacity I would argue that the difference in neural capacity is so great that the two cannot be rightly called the same.
For example my toy helicopter relies on the same basic principles as a full size freight helicopter, but they are no where near similar.
Gathering evidence that would be readily available to a police officer in the same place as the camera is not profiling.
The problem occurs when people start to be harassed and/or arrested because they do not fit the normal patterns of society, which is precisely what these computer systems are determining.
Slashdot Mirror
Well that sounds great but what happens when all of the IRC servers shut them out?
Now all of the clients are cut off from the master and have no way of connecting back.
Well if you have modified system binaries they will all show up in autoruns because if verifies signatures.
You'll then know to repair windows and possibly to delete all other executables on the system and reinstall all applications.
hooking LSASS or WINLOGON means there is a registry setting involed which can easily be deleted. Stop the process or thread using Process Explorer Delete the Registry key Reboot Delete the file Reboot Magic
My question is simple, How can the command and control servers for botnets stay up?
Wouldn't their hosting provider and/or IP block owner not want to end up on blacklists and thus kick them off, thus cutting off all infected systems from further contact.
Alternatively
Really this is not that complicated unless a MBR payload is used.
not many attorneys can fix a memory issue :D
No it doesn't proof
I would say that it is extremely unreasonable to expect Microsoft to port Internet Explorer to other Operating Systems. They obviously did not write the program using an abstraction layer capable of running on multiple Operating Systems.
While we're on the subject of Firefox, whose bright idea was it to solve the memory leaks in 2.0.0.8 or so by making 2.0.0.11 use more and more processor time instead of more memory? Seriously, it's easy enough to kill a 200 MB Firefox instance and reopen the browser, but this 97% processor usage is just a pain in the ass. Infinite loops are not progress. I don't have to worry about that particular problem in any version of IE I've ever seen from 3.0 to 7.0 inclusive.IE solves the problem of caching pages by caching to the hard drive extensively. Firefox decided to use memory instead of the hard drive. There are advantages and disadvantages to both solutions. Using memory requires that the algorithm that determines the amount of memory used is very well written to keep other applications responsive. Using the hard drive is slow and puts strain on the hard drive. The only right answer here is to have the user decide what they want to use, but that means the user has to decide something that requires actual knowledge. Lets be real Users will never have actual knowledge :P
I specifically said "most people" because i know that there criticl applictions where the performance reduction is significant.
But lets be honest nybody using wireless in a serious environment is just stupid.
The evidence that TorrentSpy "destroyed" was the IP addresses of those visiting the site, stored in RAM. The information ws never saved, they merely rebooted.
The measurement that really matters then is latency, obviously it can process a ton of data relatively quickly but how fast can it process a small amount of data?
WiFi refreshes so often that most people dont notice the significant proformance drop
their internet connection is almost always the real choke point anyways.
The problem is one that has not occurred on a single computer ever.
BECAUSE ITS NOT TURNED ON!
Vista will downgrade video quality of ACAP protected HD-DVDs IF they are set to do that!
So theres the issue, but the problem is really that it's all crap anyways.
It should be noted that the problems the NYSE is dealing with are very remote from those that the average desktop user is.
Now I know this seems obvious, but the "WOW if the NYSE is doing it!" crowd should try and control themselves at least a little.
So that is 27.9 Billion spam messages a day (in 2004). Let's be forgiving and say that only 5% of spam gets through filtering. That is 1.395 Billion spam messages a day get through to the inbox. If only 1 in 100,000 people responded that would still be over 10,000 responses daily. And these are the numbers from 2004. So that leaves what percentage of the population stupid enough to open one of these things and infect their computers with something vile? Um the vast majority of people who use computers have absolutely no clue how they work nor do they care. And if they're that stupid, how likely is it that they have a bank account worth looting? Most spammers are looking to sell real items, drugs and knock off watches seem popular recently.
In San Francisco they use flashing red lights a lot during the middle of the day in low traffic areas, cuts down on congestion a lot.
Seems like airtight logic right?
But what is the corporation is already making so much money that the loss doesn't actually produce need to increase prices?
Your logic will only really follow when CEO's stop being paid billions of dollars.
Even nuclear probably originates with the sun :P
wife...? what is this 'wife' that you speak of
The moon has nothing to do with hydroelectric, maybe you meant tidal energy?
Selective enforcement of laws is a method that oppressive governments use. Very strict laws are put on the books with a non-written promise that they will only be used on the "bad guys". The problem is that the government has now given itself nearly limitless power to arrest those who it chooses.
While I do agree with you that the difference between human beings and other animals (specifically a dog) is the neural capacity I would argue that the difference in neural capacity is so great that the two cannot be rightly called the same.
For example my toy helicopter relies on the same basic principles as a full size freight helicopter, but they are no where near similar.
You have perfectly identified the slippery slope.
Gathering evidence that would be readily available to a police officer in the same place as the camera is not profiling.
The problem occurs when people start to be harassed and/or arrested because they do not fit the normal patterns of society, which is precisely what these computer systems are determining.