173 posts • joined 18 Jul 2012
Re: admin password needed
Nope. The worst thing about this attack is that it doesn't need administrative intervention to install itself. The infection vector is a deliberate security hole introduced by Apple to facilitate their automatic security updates! A great example of shooting oneself in the foot.
The moral is (as we've said about MS since the 1980s) that "ease of use" shouldn't ever compromise security - MS made a whole series of stupid "ease of use" decisions which bite them to this day. Apple have now done the same and will suffer for it.
Re: Borked my PC
My time's too valuable to waste fighting faulty software. That's why I stopped using anything from
Microsoft over 20 years ago!
Remember - Microsoft have NEVER released any product that works properly!
Re: I, too,
I just wish we had some councils here in the UK who'd tell Virgin where to go.....
It's trivially easy to get rid of anything Microsoft - I did back in the early 90s. The company I work for got rid of everything Microsoft in the mid-90s..... We now refuse to deal with any company that still tries to send us MS-format files, and we've even stopped dealing with one bank because of their reliance on the MS brokenware - if they care that little for the security of data, they don't care about the security of your money!
Re: Pirate product keys in comments
The Americans still fondly believe that their "Laws" apply to the rest of the world too!
WAKE UP USA! You're NOT the world's policemen and your silly laws don't apply to the rest of us who live in truly free democracies.
Marketing Droids get "put on hold" - they get as much Radio 3 down the phone as it takes to realise that they've been "forgotten".... The record (that we're aware of) is over half an hour!
As far as Plod's concerned, Ethics is just North-East of London.....
Re: You mean that isn't "normal" for EE?
It's deliberate. EE have crippled their 2G and 3G facilities in an effort to FORCE their users to move to more expensive 4G plans. This is a dirty, underhanded tactic and is contrary to the terms of their licence. OFCOM claim to be "investigating" but I wouldn't trust them to find knockers on Page 3....
EE deserve to be stripped of their licences and have their infrastructure forcibly divided up between the remaining networks.......
I can answer that - practically zero.
Re: Headline should read "Note 3 Twice as Strong as iPhone 6"
You can be certain that Apple will wriggle out of repairing / replacing these sub-standard efforts. They will invoke some tiny-print sub-clause in their warranty agreement that absolves them of any blame for poor design or manufacturing flaws.
They obviously discovered that their prototypes were too expensive to make and too heavy to sell, so decided to compromise the mechanical rigidity of the product in an effort to maximise their profits - after all, Apple fanbois are notoriously uncritical and very defensive of their favourite products!
In this first week, I've seen these bricked by flawed updates, killed by defective batteries (they partially charge once than fail to re-charge), bent, with cracked screens straight out of the box, and just simply not working from new....
Apple need to recall these things, admit they got it very wrong, and ship a new product that addresses all the flaws as soon as possible. This might allow them to retain some of their market share....
MS products frequently fail to work with modern hardware, and MS's worthless and expensive "certification" process doesn't make it any more likely that a third-party driver will actually work. MS' marvellous clipbook algorithms are copied wholesale from Gnome circa 2003....
MS are (roughly) five years behind Apple and more than ten years behind Linux and BSD. They will continue to play "catch up" for the rest of their (short) existence. Large corporations, governments and other institutions are now asking why they are blindly paying exhorbitant licence fees to MS for products that NEVER work properly - ever more of them are migrating away from Windows.....
Just remember: Microsoft have NEVER released ANY product that works properly.
Re: Great...just what the world needs...
Go to the front desk and complain that their nearest competitor offers free wi-fi - why don't they? I have never failed to get free wi-fi in any hotel I've stayed in by this ruse.
Hotels are slowly beginning to realise that this isn't a viable revenue stream any more. Some that I've stayed in lately have made great play of the "now we have free wi-fi" selling point. It will become ubiquitous in time....
I got so fed up with morons yelling "I'm On The Train / Bus / Tram etc" that I now carry a small, homemade mobile jammer. It has a range of about 15m, and now I can travel on Public Transport in peace and quiet. it's also useful in meetings, at the cinema or theatre and so on. It's (sort of) antisocial I suppose, but a lot less antisocial than being assailed by the usual racket made by mobe users in public places.
When will people learn.....
There is no reason to "run" any version of the MS brokenware. Migrate to a proper operating system....
Re: I'm getting stabbed...
I'm uploading a particularly nasty version of the old CIH virus to these scammers. It spreads via local ethernet as well, and after thirteen reboots, it re-writes the BIOS rendering the target machine un-bootable. I don't know how many of these clowns have received this yet, but the USB sticks I sent to a few people have been used (and duplicated) very widely. Let's hope a lot of their machines are now paperweights.....
Re: They've got you...
As far as the plods are concerned, using any electronic equipment makes you a terrorist suspect
Using anything other than Apple or Windoze turns you into an arch-hacking criminal. I had a couple of Scotland Yard's finest Defectives maliciously impound two of my computers - simply because they ran OpenBSD in one instance and Mint Linux in the other.
After a few days, I got a phonecall from their "computer forensics" department demanding user passwords (they couldn't work out how to circumvent them themselves) - I pointed out that if they couldn't achieve something as trivial as recovering a user password, then their "forensic" skills wouldn't be up to analysing the contents of the machines anyway. I got both machines back a few days later with their hard drives wiped with a tape demagnetiser!
I sued. I won. I got very substantial damages out of the Met and the Defectives don't work there any more. The machines were restored from back-ups, of course!
It's scary how incompetent these clowns are!
For Crying Out Loud.....
MS have no idea whatsoever about security. They never have, and never will.
Their idea of "security" is to obsfuscate their abysmally poor code and cross their fingers......
The truly worrying thing about this whole mess is that the 'mericans believe that they have jurisdiction over OFFSHORE servers. Once again, the USA want to meddle in the affairs of another country - since when was Ireland a state of the USA? They seem to fondly believe that their "Laws" apply to the rest of the world!
The US Government can request the data from the Irish Government, but will probably be told where they can stick their request!
It's also rather worrying that MS can claim to have any kind of data security - everyone knows that this is complete nonsense.
Here come more Cryptolocker attacks!
Another nail in Microsoft's coffin.
Re: Still doing the rounds
Some of the fakes are quite convincing these days. There's fake McAfee, AVG and Avira - install any of these free "anti-virus" efforts, and the machine is effectively trashed. One of them was particularly malicious and corrupted the machine's BIOS once it had spread further - this was obviously designed to trash a company's computers, but got into the wild!
The only real cure to this virus nonsense is to run (almost) anything other than Windoze, and make sure that you're running as a "normal" user. As ever more people leave the M$ malware for proper Operating Systems, the prevalence of these viruses will reduce.....
The truth of the situation is significantly different to this bizarre "survey". The Mobile Network Operators (MNOs) make extensive use of user and call classification to determine how likely you are to get service. The more you pay each month, the higher up the priority list you are. The MNOs claim that they do not do this, but it's very interesting to compare the quality (and reliability) of service for someone on an old "Orange" account against a much higher-priced 4G "EE" user.
It's an easy test to do - get two identical telephones (we most recently used two Samsung Galaxy S3s for this experiment), one on 3G "Orange" at £17 per month and the other on 4G "EE" at £48 per month. The "Orange" phone struggled to obtain even voice and text connections in most areas (we tested in both cities and rural areas). We swapped the SIMs between phones to eliminate the possibility of a defective handset. The "EE" phone had (mostly) flawless service....
When EE were questioned about this, they persisted - right up to board level - in claiming that they did not do this. However, the evidence is damning. This same experiment has been widely carried out with other pairs of handsets and on other accounts. In all cases the quality of service is invariably proportional to monthly charge. This is (of course) contrary to the terms of their licence, but getting OFCOM to actually do any work is impossible, so they're getting away with this.
A final proof was to do a little hacking of the SIM and of the phone firmware to (effectively) fool the networks by spoofing the mobile equivalent of the "user agent" - it's possible to get truly flawless service with a 3G-only phone on EE, but only by making what are probably illegal changes to the way the handset operates.....
EE know exactly who I am, and I'd welcome the time in court to defend my "libel", but they won't do it, so my friends and I will continue to use hacked handsets and get premium serice at a budget price.
Interestingly, O2 and Vodafone have similar user classification (if you're on "Tesco Mobile", you're SOL) but the differences are a bit less striking.....
I had two clueless Scotland Yard defectives (they really were "dicks") try to steal my computers because they didn't run Windoze or anything else they recognised: I must have been up to no good....
The error of their ways was explaned to them by my (very expensive) legal eagle, and my successful damages claim ran to six figures.
I don't think they're defectives any more - they'll be lucky to be directing traffic.
Re: Proud Windows Idiot
"Proud Windows Idiot"? You certainly are.
Hopefully this will be the end of this Windoze nonsense. If there's any residual sense in Redmond, MS will licence BSD and put their useless shiny stuff on top (like Apple did some years ago).
Unfortunately, the "Proud Windows Idiots" of this world will still manage to give the scammers their credit card details and continue to send their money to Nigerians in the hopes of big payouts......
Re: Treacle OS
"Linux becomes bedevilled with the issues Windows has now.
That's the price you pay for going mainstream."
I'll use small words, so that the Windows users can understand:
Linux is so basically different that the many kinds of malware that afflict all versions of Windows cannot work. To infect a Linux machine with a virus (yes, it is possible), you actually have to deliberately install it yourself! Even then, it will only affect your own files - not the underlying system or other user's files.
Hopefully, this will end this Windows nonsense for good!
Re: This is silly.
"I think MalwareBytes has been looking into hidden register values for years."
You're wrong. It might look at a few of the normally readable Registry entries, but won't get to the system-level stuff - which is where the malware gets concealed.
This and the next couple of Cryptolocker attacks are going to render Windows entirely useless.
Sell your stock now!
Re: No files ?
"AV programs have been scanning the registry for some time now."
Only the parts that are readable to you. They can't read the larger part of the Registry because it's deliberately obsfuscated. The malware is written to the obsfuscated part of the Registry, of course.
Remember - all "Anti-Virus" software is reactive and will invariably lag months behind the development of new malware. Remember too that it's trivially easy to write malware for Windows - it's always been (effectively) Open Season, because the fundamental structure of the "OS" is entirely wrong.
A series of stupendously stupid decisions made by the infamously stupid Bill Gates back in the 80s - placing "Ease Of Use" above every other possible value - has made every version of Windoze vulnerable to simple attack.
[Sue me if you disagree, Bill - you know where I am!]
Re: "Registry tidying tools seem to break a lot more than they fix."
"It would seem to me that if there's something lurking in the Registry, a utility such as CCleaner would easily find it and fix it. Trivial."
Sadly, no. Besides - do you really want the innermost workings of your "Operating System" exposed to third-party software?
Re: "a tool Microsoft uses to hide its source code from being copied"
Or scan the Registry - which many AV tools can do anyway.
Errrr.... No. There is deliberate obsfuscation in the Registry in an effort to conceal some of the inner workings of this sorry excuse for an Operating System. There are no AV Tools that can decrypt the Registry to a sufficient extent to be able to find (and eliminate) the malicious code. Furthermore - who'd want some AV software altering the contents of the most vulnerable parts of the "Operating System"?
Incidentally, this isn't really new - there was credit-card detail stealing software that was hiding itself in the Windows 98 Registry. It was just kept quiet because it showed just how useless the AV Software actually is.....
Re: Not wanting to defend plod, but
I had plod take away several computers. most returned damaged in one way or another (they'd frequently tried to remove the hard drives with the wrong screwdrivers). I sued and won. I now own several very high specification machines paid for by the clueless Metropolitan Police. The two "defectives" who insisted that the machines "had to be impounded" are no longer employed by plod.
The stupid plods assumed that any computer that required a password for access must be harbouring something illicit. When they were granted access to a guest account on the machines, they couldn't understand that there was no "Word" or "Internet Explorer". They didn't understand that they were Linux (Mint) desktop machines. They had this gently explained to them, but decided that "Linux is only used by hackers" and the computers had to be impounded.
The fundamentally stupid thought processes of these two clowns were breathtaking. They also felt the need to arrest all the registered users of the machines for unspecified "cybercrimes" - obviously something they'd read about in the "Sun"......
Re: @Daniel Palmer
Daniel seems to be particularly unlucky with his hardware. Perhaps he should replace his nylon carpets and start wearing leather soled shoes and clothes without "man-made" fibres.
I've used dozens of Rpi machines of various types for any number of functions. They have all been entirely reliable and many are in continuous use. My only real hardware-related gripe is that it would be nice to have some more RAM to play with. However, at the price, these little machines are amazing!
MS are just beginning to realise that the have no viable product for over 90% of their previous userbase. Users don't want Windoze 8 - it's a tacky, unstable, bloated resource-hog that won't run most legacy software and looks like a toddler's toy. Windows 7 nearly got it right, but rather than sort out the problems, they decided to ditch it in favour of their brightly-coloured computer game.
In terms of underlying software issues - their products are still based on the nasty, flawed, unstable NT kernel - they still haven't had a better idea. Unless they wake up, realise where their core business comes from and redesign their offerings from the ground up, they're dead. They just haven't stopped twitching yet.....
MS got rid of the real programming talent in the last round of job cuts (that's where Google got many of theirs). They really have dug themselves a very large hole!
Just one more reason to avoid Windoze.......
...and then try to run SCADA system on Windows machines - just how many points of vulnerability do you need?
The utter stupidity of the beancounters who won't countenance anything other than Microsoft OS purchases, the beancounters trying to run technologically sophisticated enterprises without the slightest understanding of what the company does or how it does it - no wonder so many tech companies fail.
As long as we have beancounters valued more highly than engineers, these stupidities will continue. People need to understand that book-keeping is trivially simple - I can teach anyone to do it in an hour - and an "accountant" is just a book-keeper in a suit. They should be paid accordingly.
OTOH, engineers actually ADD VALUE to a company, and so should be well paid - ideally with some kind of profit-share as real motivation. They should also have the majority of input into technical products.
Thank goodness that Windoze is banned from most nuclear sites!
Re: well minted
Unfortunately for the malware writers, a user really has to want to bork a Linux machine. Users don't run with admin rights, so users can't install executables. It's a simple concept, but one that continues to elude Microsoft.
MS took a bunch of decisions in the late 80s which still haunt their operating systems to this day. There is no way to make a Windows machine secure - other than switching it off.
The Windows apologists and fans around here who sneer at the apparently small market share conveniently forget that their routers, Tivos, internet service providers and their favourite websites all run Linux (and couldn't work as effectively with any other OS.
Windows is just a pi$$-poor, insecure, slow, bloated and expensive client for a Unix world!
Re: It just boggles the mind
Perhaps you should read the article a little more closely - it infects Windoze only. What a surprise!
Re: Might consider this
There's no accounting for the stupidity of some users. A teapot would be too technically taxing for that clueless AC!
Re: Might consider this
The clue is in the name.... "Windows phone". Of course it crashes. It's a Microshaft product. It's certain not to work properly.
Interesting fact of the day: Microsoft have NEVER released ANY product that has worked properly. That's a 100% failure rate.
Re: 512MB of Ram not enough
The organisation I work for bought several of these efforts recently. All the users have ended up dropping them from a high place, losing them in a river "accidentally" or hurling them at a wall. In common with every other Microsoft product, they just don't work. Worse - they don't work in a very bad way - they seem like they're going to work..... then don't.
Re: Is ActiveX fixed yet?
Every time I look at Windows "latest and greatest" I find further flaws. It's still very open to abuse.
There are many of the old, quite trivial attack vectors still available. MS seem either unwilling or unable to fix the many problems. They've been given plentiful details of the attacks, but ignore the reports and concentrate in putting ever more shiny stuff in place.
They seem to hope that the look of their OS will divert attention away from the fundamental flaws.
Polish that turd, guys!
Re: Harden your browser
Harden your SYSTEM - delete Windoze and install a proper Operating System
Re: Why Windows in the first place?
So, before you decide to repeat your importunate and ill-advised commentary, I urge you to spare a thought for those less well-off than yourself and for those organisations who struggle daily against a sea of government iniquity to make a genuine difference in people's lives.
Why? I have yet to see any charity that does not have some ulterior motive lurking behind the do-gooding. It's usually religious and therefore to be avoided at all costs.
Oxfam proudly announce that they've reduced infant mortality in Sierra Leone to <5%, but entirely fail to broadcast the fact that mortality between 2 and 10 years old approaches 60% - they "save the babies" just to have them starve later.....
They cannot see the fundamental flaw in their meddling.
Re: Things are hidden :-(
Re: Things are hidden :-(
@Bert...My WiFi is set up with MAC address filtering (so the neighbours can't use it to download pirate grumble flics).......etc etc...
The issue isn't Windows, it YOU. If you rely on a MAC filtering, which is SHIT, instead of WPA2, then, trust me, no OS is going to help.
Errrr.... No. WPA2 is trivially crackable - if you know what you're doing - and using MAC filtering is very effective on top of WPA2 - it makes spoofing a legitimate-looking network device more difficult (but not impossible). If you want to sort-of secure your wireless network, you also have to turn off the SSID broadcast and use yet another level of encryption on top of WPA2 - even then it's not totally secure!
Re: Incredible timing from Microsoft PR.
It's actually very funny: TfL are in the latter stages of migrating EVERYTHING they do away from proprietary software! Open Source now rules the roost. Boris couldn't believe the multi-million IT bills that TfL (Traffic for Losers) run up, so an edict was issued, and desktops are getting a strange, corporate Ubuntu spin.
Windows (and everything Microsoft) is seen by TfL as expensive, unreliable and insecure. They've recently had an IT security audit that made them panic.....
..... you can see why this troll is anonymous!
No version of IIS is in any way secure. Every version, even with every possible patch installed, is as leaky as a sieve.....
MS now have NO viable products. Win 8 is useless for business (and fails to run many games), their server products are so broken and insecure that they are a nightmare to even try to administer.... Even Win 8 for phones is broken!
Re: This sort of thing doesn't happen
Correct that - this may actually be the current state of Windoze computing.
Re: You run IE on Windows??
Unfortunately, for the vast majority of the clueless Windows XP users, the big blue "E" IS "the Internet". Getting them to change browser is virtually impossible. I've even heard "IT professionals" describe Internet Exploder as "essential for compatability"...
This particular can of worms is just going to get worse and worse. XP "users" will continue to be abused and exploited - it's just easier now!
Re: Fair dues...
Apple really screwed the pooch by suing Samsung. They now have to pay full price for their screens (Galaxy rejects, incidentally), full price for their memory and wildly inflated prices for their processors. Samsung really loved the terms of the Californian "settlement" - it gave them all the excuse they needed for a more aggressive pricing policy.....
The validity of Windows signatures has long been suspect. It's just that the suspicions are now supported by facts.
Moral? Don't use Windows for anything to do with finances, business or personal communications. It might be OK for games, but watch out for those in-game purchases!
Re: So, let me get this right...
Systemd sends excessive data to the kernel logging system to the point where it either hangs or crashes, right?
So it's a bug in the kernel then.
Errr..... No. If a routine is flooding the kernel with spurious nonsense, it needs to be shut up. The kernel actually does that. Sadly, the programme that causes the problem is fundamental to the boot routines of a couple of Linux distros. The dingbat who wrote the faulty code should fix it. If he can't, he should admit his inability, and ask for help.
You can bet your bottom Dollar that those w*nkers will be using Windoze.
Game Over before they even start!
- +Comment Trips to Mars may be OFF: The SUN has changed in a way we've NEVER SEEN
- Vid Find email DIFFICULT? Print this article out and give it to someone 'techy'
- Back to the ... drawing board: 'Hoverboard' will disappoint Marty McFly wannabes
- Pic Forget the $2499 5K iMac – today we reveal Apple's most expensive computer to date
- Google+ goes TITSUP. But WHO knew? How long? Anyone ... Hello ...