Saturday, August 13, 2005

Why do they do it

Once upon a time ago, I got tired of the spyware/whatever that was globbing up the machine we used as a bridge to our internet connection. My wife used that machine, so did the kids. So, I got a really cheap machine just to do this one thing, and it had to run windows (requirement of the satellite stuff we use for broadband).

Everything was going good for about a year, then symantec tells me I have “Backdoor.Mosuck” (thank you very much). Symantec cannot get rid of it (it is running).  Funny thing is – this is a clean machine, nothing going on, no extra services – firewalled. No idea how it got there (everyone promises “no I did nothing on that machine” :)

So, shutdown, boot in safe mode, move the file that is the root cause, go to clean it out with symantec.  But – wait.  Not allowed to use taskmgr.  Not allowed to use regedit.  Many things cut off by “the administrator” (hey, I thought that was, well, me and I didn’t do that).

So, google around, figure out how to get back into my own machine – which is now pretty wacked out.

So, only a couple of hours lost time. No internet bridge. Much scratching of head.

I just wonder what people that don’t work with computers do sometimes. Really. And I totally don’t get the virus writing mentality.

Why.

POST A COMMENT

38 Comments:

Anonymous Eddie Awad said....

I just wonder what people that don’t work with computers do sometimes

They call people who work with computers. That's how people who work with computers make money.

And I totally don’t get the virus writing mentality

I don't get it either. I also don't get the mentality of data dictionary updaters, DDL in SP creators, ...

Sat Aug 13, 09:43:00 PM EDT  

Blogger Robert said....

kid coders these days....
<<shake head >>

Sat Aug 13, 09:57:00 PM EDT  

Anonymous Holger said....

Well, looks like Windows strikes again... there's just too much of that junk out there in the wild, but since almost all of it only attacks MS systems, I avoid surfing using a Windows machine whenever possible (means at home I use my Mac instead, which sits behind the firewall)...

Remember the good old times of C64, Amiga, Atari? Funny enough - I never had a virus on any of them back then, though it already started those days, as I simply didn't trust software from unknown sources and mainly just used them to make music and get familiar with databases ;-) It's getting harder to protect the machines today though, all and everything being connected to the internet 24x7...

Happy hunting,

Holger

Sun Aug 14, 05:08:00 AM EDT  

Blogger Noons said....

Isn't it wonderful it is this sort of system most people use to do their online banking/shopping?

Sun Aug 14, 06:53:00 AM EDT  

Blogger Rachel said....

I think, unfortunately, we promote that mentality these days -- we don't punish, we reward people for idiocy (the woman who got money from McDonald's because she put the hot cup of coffee she bought there between her legs, then drove and got burned -- they should have told her it was hot?)

We give fame (infamy perhaps but attention nonetheless) to those who create these things.

Sun Aug 14, 07:07:00 AM EDT  

Blogger David Aldridge said....

I think the McDonalds cofee lawsuit has been given a bad reputation ... if we learn anything from it then it should be that it's not just Oracle that has myths:

http://tinyurl.com/9l7f

Back on topic, I am very pleased with Microsoft's anti-spyware tool. This seemed to be a job that was poorly done and I used to run three anti-spyware tools to try and mop all the infections up. It always seemed that Tool A and B would always leave something that only Tool C would clean up. MS's tool seems to get them all, and so far hasn't cost me a cent.

I've been running Norton Anti Virus for three years and in all that time it's caught exactly zero viruses. Maybe it's my caution over email attachments and refusal to use Internet Explorer or MS email clients, but now that I need to renew my subscription to NAV the natural cheapskate in me is hesitating.

Sun Aug 14, 09:23:00 AM EDT  

Anonymous Gary said....

I have to respond to Rachel's comment about the "idiocy" of the woman who sued McDonald's. There is a lot more to this case than most people hear from our "news" media and the rumor mill. The woman in question suffered 3rd degree burns over 6% of her body, and during discovery more than 700 claims from other people burned by their coffee (at 185 degrees F) were revealed.

There is more at http://www.everything2.com/index.pl?node_id=1107089 . You can also try googling

"McDonald's" coffee lawsuit "skin graft"

Call me old-fashioned, but I want the right to sue somebody if I'm injured by them.

Sun Aug 14, 10:30:00 AM EDT  

Anonymous Rob H said....

Seriously, get a mac. They'll give you all the same apps and don't get hit by virus' or spyware.

Sun Aug 14, 02:20:00 PM EDT  

Anonymous DvE said....

Call me old-fashioned, but I want the right to sue somebody if I'm injured by them.

That's normal. Just don't put your cup of coffee between your legs.
It's these kinds of stupid lawsuits which makes America look derailed or something (to me at least)

Sun Aug 14, 02:33:00 PM EDT  

Anonymous Eric said....

Direcway also has a new modem that does not require the software to be loaded on a PC.

Sun Aug 14, 06:18:00 PM EDT  

Blogger Gary Myers said....

"And I totally don’t get the virus writing mentality."
Occasionally I have a look at the firewall log to see how many hits it has had and from where. There's a lot, mostly from different machines connected to the same ISP.
So there's people with a vested interest in finding 'holes' so they can take over PCs for sending out spam (and for finding more machiens to send spam).
Then there's kids who Mum/Dad has set them up with a non-administrator account on Windows but who wants to run a game that only works if it is run as an administrator, so he looks for a hack that cen get them the role. [Why you need an admin account to run a game, I have no idea, but you do. It would be like logging in as root to run vi]

There's probably some who are Microsoft haters and feel they are getting some sort of revenge against them.
And some just have the same mentality as 'real-world' vandals and graffiti artists.

Sun Aug 14, 06:44:00 PM EDT  

Blogger Tom Best said....

Call me old-fashioned, but I want the right to sue somebody if I'm injured by them.

Me too. So, if the owners of the McDonalds Corporation ever hold me down and pour hot coffee on me, I will definitely sue them.

Sun Aug 14, 07:28:00 PM EDT  

Anonymous Gary S said....

Me too. So, if the owners of the McDonalds Corporation ever hold me down and pour hot coffee on me, I will definitely sue them.

Thank you for that truly Lincolnesque bit of humor. I can imagine you making your point in a frontier courtroom in your understated homespun way, your pithy aphorisms concealing the probing intelligence and keen legal mind that would one day lead you to the highest office in the land.

To return to the facts, however. One of the points that the lawsuit made was that the coffee that McDonald's was serving was dangerously hot. Anyone who chooses to sell coffee (or anything else) from a drive-through window has a responsibility to ensure that it can be used safely by someone in a moving car. Anyone who sells enough coffee from a drive through window has to expect that some of it will unavoidably end up in somebody's lap. Keeping the coffee at a temperature of 185 degrees F was irresponsible.

I think that the reason the personal responsibility crowd hates lawyers so much is that lawyers actually make people live up to their responsibilities instead of just jawing about them.

Sun Aug 14, 08:00:00 PM EDT  

Blogger Thomas Kyte said....

Direcway also has a new modem

Yeah, the people next door have that -- the dw6000.

I'm cheap :) it was cheaper to buy an entire computer rather than retrofit my existing hardware setup.

And I keep praying for something lower latency, so not willing to invest too much...

Sun Aug 14, 08:22:00 PM EDT  

Blogger Thomas Kyte said....

about the hot coffee

If what I read is correct (the above referenced links), then I totally agree with the law suit.

If it was "i spill coffee on me and got red from it, it burnt", it would be one thing.

This sounds a tad more extreme. Perhaps it is our past experience (who hasn't spilt coffee on themselves in the past, normally it doesn't hurt much) clouding our expectations here.

We think "what is a little coffee spilt on yourself, besides looking silly if you have to wear it for the day".

This is perhaps a unique situation, we are not exposed to coffee that gives 3rd degree burns regularly - so we are not expecting that to be the case.

Another reason why ROT is ROT (rules of thumb = ROT). It fails us at the strangest times, you need to combine ROT with YOE (years of experience) to make it usefull -- and even then, when I use my internal ROT, we guess wrong sometimes.

Sun Aug 14, 08:41:00 PM EDT  

Anonymous eric said....

Just in case you haven't heard of them, there is a new satellite provider that is just launching. It is Wildblue... http://www.wildblue.com

Has anyone one else heard about them? I wonder if their technology has less latency than Directway?

Sun Aug 14, 10:53:00 PM EDT  

Anonymous Von said....

I think the people who write virus codes just want to prove a point to the world. On the contrary, companies like Symantec and Mcafee would be out of business without these guys..I mean
to have a solution you need to have a problem right?? These are the guys who point out the flaws in the technology..I am not supporting these people either...

Sun Aug 14, 10:57:00 PM EDT  

Blogger Noons said....

"I've been running Norton Anti Virus for three years and in all that time it's caught exactly zero viruses. "

Well, there you go! Stop pandering to the herd mentality and save money. I've had this same argument with "hackers" and a number of security "experts". Usually the thing goes: "install an anti-virus and sleep well". AKA: "keep behaving stupidly so we can keep milking you for updates".

Folks, I've been using PCs since 89, MACs and Wintel. NEVER ever have I suffered a virus. NEVER ever have I installed an anti-virus package in my systems.

The rules are simple and David just enumerated a few: do NOT open anything that you did not ask for, use safe and legal software, install a router/firewall for ALL your external connections.

Break any of these rules and start paying...

Sure, I've missed out on all the latest fads of downloading frenzy. Hasn't made me any less while keeping all my systems safe. And no: I do NOT run wireless nor ever will.

PS: Yes, I've checked my systems and still do. Even when I dared hackers come in and stuff them around, it has never happened. Wonder why. Oh yes: they have tried!
But I still wish not so many people used computers for banking: it is a disaster waiting to happen, anti-virus or not.

Sun Aug 14, 11:31:00 PM EDT  

Blogger Robert said....

hey Tom I noticed that under your
"Blogs I read..." the href URLs
are not enclosed in double-quotes
~ Code-Nazi

Mon Aug 15, 12:28:00 AM EDT  

Blogger Niall said....

Gary S wrote Anyone who chooses to sell coffee (or anything else) from a drive-through window has a responsibility to ensure that it can be used safely by someone in a moving car

This is my second big bugbear with drive through restaurants. Eating a meal in a moving car cannot be done safely. Safe enough that most of the time it can be done - yes. Safe compared with not eating it. No.

The first big bugbear of course, is take some time guys - meals are for eating, talking and interacting. The mere existence of a drive-thru restaurant is a clue that we've got our lifestyles out of whack.

On the law thing, the problem that I have is not with the damages that are awarded for the incident - but with the idea of punitive damages. Awarding compensation for civil liability is one thing punishment seems to me quite another.

Mon Aug 15, 01:28:00 AM EDT  

Blogger Peter K said....

Going off topic, aren't we? :D In Canada, we refer to those "sue everyone" mentality as an American thing. :D :D

Tom said...And I totally don’t get the virus writing mentality.

Coz they can and also mostly for bragging rights.

Mon Aug 15, 02:22:00 AM EDT  

Anonymous Anonymous said....

This is my second big bugbear with drive through restaurants. Eating a meal in a moving car cannot be done safely.

Scary thought: she's eating a burrito with one hand, yakking on a cell phone with the other, and steering that huge Ford Expedition with her knees ....

Mon Aug 15, 12:01:00 PM EDT  

Anonymous Anonymous said....

Anyone who chooses to sell coffee (or anything else) from a drive-through window has a responsibility to ensure that it can be used safely by someone in a moving car.

I thought it was supposed to be "hot coffee?" I guess they should have two temperatures for coffee; a cool one for stupid people who pour the coffee in their lap and a hot one for people who know they have hot coffee and take appropriate care.

The coffee was always bad at McDonalds, but now that it is lukewarm (thanks to you know who), it is even worse!

It would be nice if people actually started taking some personal responsibility for their actions instead of trying to blame, and enrich themselves from, large corporations.

Mon Aug 15, 12:07:00 PM EDT  

Anonymous Mark from NY said....

Who Writes Malicious Programs and Why? I once read a virus writer's blog, wherein he claimed machines were replacing people and so he wanted to destroy them!

Mark

Mon Aug 15, 12:19:00 PM EDT  

Anonymous Gary S said....

The coffe discussion is off topic, perhaps. Or perhaps all of the stories we hear about "dumb lawsuits" are a sort of virus (or meme) in themselves, designed to get people to acquiesce to the loss of their right to use the court system to get compensated for injuries. (Does that seem a bit strained to you, too ...?)

I think it is interesting that people who are all hot (tee hee!) about "dumb lawsuits" usually talk about how "stupid" or "idiotic" the plaintiffs are. But a company that sells to a mass market is, by definition, going to be selling to a statistically significant proportion of the population at large. And that means that for any trait you care to measure, whether it be intelligence, dexterity, or ability to read "Warning! Beverage is Hot!" directives, you will be dealing with people from every section of the bell curve. That is the reality. Making generalizations ("stupid," "noble," "polka-dotted") about people who have accidents (itself a large enough number to be statistically significant) is inaccurate and clouds the real issues at hand.

Myths are harmful, in the technical field and in every other field as well. I think the premise that society is being derailed by a rash of frivolous lawsuits is a myth. By the way, who remembers the time that McDonald's sued some vegetarians for libel for leafleting outside of their stores?

McDonald's sued and the 1994-1997 trial, widely known as the "McLibel" case, lasted 314 court days-- the longest civil or criminal trial in English history.

It ended with the two vegetarian activists receiving fines worth the equivalent of about $140,000 for libelling the restaurant chain.


Who weeps for the poor, poor vegetarian activists? Hmmm?

Mon Aug 15, 01:47:00 PM EDT  

Anonymous Rob H said....

In regards to Nuno Souto said....

"I've been running Norton Anti Virus for three years and in all that time it's caught exactly zero viruses. "


Run Ad-Aware or some spyware checker, I dare you. You'd be surprised how easily that can get on a machine, no matter how good you are. Spyware and adware can be just as harmful as a virus (or worse, constantly using up resources). I'm sure you don't have a virus, but I'd be stunned if you had 0 spyware....

Stop using IE......

Mon Aug 15, 01:48:00 PM EDT  

Blogger David Aldridge said....

"In regards to Nuno Souto said...."

That was me ... like I said I use MS Anti-Spyware, and it catches and removes everything that AdAware and others did and more.

I'm making a switch over to WhiteBox Linux EE at the moment ... that ought to cut down on problems!

Apparantly people aren't absorbing the details of the MdDonalds coffee case ... must be a literacy problem.

Mon Aug 15, 03:05:00 PM EDT  

Blogger Thomas Kyte said....

wherein he claimed machines were replacing people and so he wanted to destroy them!

Hmm, they must have been
reading this

Mon Aug 15, 03:20:00 PM EDT  

Blogger Niall said....

Gary S said
McDonald's sued and the 1994-1997 trial, widely known as the "McLibel" case, lasted 314 court days-- the longest civil or criminal trial in English history.

It ended with the two vegetarian activists receiving fines worth the equivalent of about $140,000 for libelling the restaurant chain.

Who weeps for the poor, poor vegetarian activists? Hmmm?


Up to a point Lord Copper.

It rather misses that, in the trial you refer to, held rather oddly for UK libel law, without a jury the Judge held that McDonalds

exploit children with advertising
were culpably responsible for animal cruelty
were antipathetic to union rights
and were a low pay employer

or put another way the libel occurred because the defendants overstated their case against powerful exploiters of children and animals.

oh - and this trial appears to have been unfair and against the human rights of the defendants.

Mon Aug 15, 03:55:00 PM EDT  

Anonymous Gary S said....

Niall, The point I was trying to make is something like: "It's ironic that the company that pulled this stunt in the UK is also the poster child for a lot of the 'big companies oppressed by dumb lawsuits' rhetoric that is floating around these days." The McLibel case became synonymous with "dumb lawsuit" if I recall correctly.

I also think that McDonald's chose these particular activists because they were unemployed at the time-- probably hoping to set a precedent that would have a chilling effect on other people who wanted to take them on in public. Talk about abusing the court system!

Mon Aug 15, 04:33:00 PM EDT  

Blogger Niall said....

Then I misread you entirely. Sorry.

Tue Aug 16, 03:37:00 AM EDT  

Anonymous Pierre M said....

Last Friday, I also got infected with some spyware (DesktopHijack).

I took it positively: I patiently removed it with Norton and by hand and I have to confess that the entire process took me a good 3-4 hours. But I learned a lot (I'm no Windows specialist)! I was surprised to discover all these possibilities to hack a PC through its registery, through IE. I was really amaze by the knowledge and the tricks necessary to those who designed this stupid spyware (but like Tom, I don't understand why they use this knowledge to harm others...). But when you know these paths into a system, it's not too difficult to try them until one works.

We are computer litterate. We understand virus, spyware, and how to prevent them. But I really feel sorry for those who don't understand what happens when they are infected and why they got that at the first place.

I switched to Mac. (I still have a PC for just a few soft that don't exist on Mac yet.)

Tue Aug 16, 05:44:00 AM EDT  

Anonymous Franco said....

Next time i'll get my tongue burned by my mother's "lasagne", I call my lawyer :-))

Tue Aug 16, 07:18:00 AM EDT  

Blogger Noons said....

"Run Ad-Aware or some spyware checker, I dare you. You'd be surprised how easily that can get on a machine, no matter how good you are. Spyware and adware can be just
"

Oh believe me: I do run Ad-Aware. And Firefox as well. And I still get the occasional spyware. But those are nowhere near as vicious as a virus. And they mostly affect the browser itself, not everything else.

The point I was making is that if one is minimally careful and always behind well-configured firewalls, the need for a specific anti-virus is minimal if ever.

Microsoft would be the LAST company I'd ever run anything anti-virus from, free or not! Besides, I doubt it will ever do anything for Firefox or my Linux notebook... ;)

Tue Aug 16, 08:49:00 AM EDT  

Anonymous Anonymous said....

WWMMD?

What would my mother do? That's the test I always apply to Windows software, and it usually fails. If I can't fix it, what would my 70 year-old mother do?

I truly believe that for surfing the web, she'd be better off with Linux and Firefox/Opera.

Jerry in Fairfax, VA.

Tue Aug 16, 09:10:00 AM EDT  

Blogger Joel Garry said....

Nuno wrote: The point I was making is that if one is minimally careful and always behind well-configured firewalls, the need for a specific anti-virus is minimal if ever.

Well-configured firewalls? Well, that rules out a lot of places.

I was just out in the mountains for a few days, come back to news that a worm has shut down the county computers, including the courts.

David and Gary: Thanks for a bit of rationality on the lawsuit issue. There is some insanity in the US libel system, but it is fortunately rare and extreme (and there are periodic efforts for reform). But there is a lot of irrationality with the "personal responsibility" folk.

I find the over-ruling of the Bill of Rights much more disturbing.

With respect to Niall's comment about punishment: google for the Ford Pinto "crispy critters" case. The point is, Ford knew saving a few dollars per car would result in horrible flaming agonizing deaths, and had already decided it would be worth it. Threat of economic punishment is necessary to tilt companies away from such decisions.

Thu Aug 18, 02:51:00 PM EDT  

Anonymous Chris said....

I find Mark Russinovich's Autoruns tool invaluable for removing viruses, spyware, etc. It rjavascript:void(0)
Publish Your Commentuns in Safe Mode and allows you to disable very quickly any nasty looking autostarts.
Of course, like anything that powerful if you're not sure what you're doing you can easily turn off the wrong thing and render the machine unusable.

Tue Apr 03, 10:30:00 AM EDT  

Anonymous Hans said....

I used to have Windos XP but it drove my up the wall to see my PC invected everytime you went on the internet.

Now i use Linux and i have no problems anymore with spyware, M$ Windos is one big Swiz cheese and that is why peopl will always find a way to get their spyware junk in.

Hans

Fri Apr 13, 02:37:00 AM EDT  

POST A COMMENT

<< Home