«

On Wed, 02 Dec 2009 20:47:17 +0000, ~BD~
<> wrote:

>How will I ever be able to determine if other folk do/do not get the
>same warnings I do ...... if nobody will 'test' something to find out
>what might happen?

I've heard a theory that if you stick a pin in
your scrotum it hurts. Anyone want to test it?

The original message is so obviously phishing you
just delete it and move on noting you need better
filters.
--
Jim Watt
http://www.gibnet.com

On Dec 3, 8:01*am, ~BD~ <BoaterD...@theobvious.hotmail.co.uk> wrote:
> On 02/12/2009 23:23, Jim Watt wrote:
>
>
>
> > On Wed, 02 Dec 2009 20:47:17 +0000, ~BD~
> > <BoaterD...@theobvious.hotmail.co.uk> *wrote:
>
> >> How will I ever be able to determine if other folk do/do not get the
> >> same warnings I do ...... *if nobody will 'test' something to find out
> >> what might happen?
>
> > I've heard a theory that if you stick a pin in
> > your scrotum it hurts. *Anyone want to test it?
>
> Hahaha! BTDT

> > The original message is so obviously phishing you
> > just delete it and move on noting you need better
> > filters.
> > --
> > Jim Watt
> >http://www.gibnet.com
>
> Too late now - the link no longer works! (It's not easy to find
> examples, you know!)
>
> What I do not understand is why this newsgroup isn't monitored by some
> of the security 'professionals who, presumably, have 'test' rigs upon
> which to make the sort of exploration I requested.
>
> Surely I am not alone in experimenting, knowing that a computer is
> simply a machine which can be reprogrammed at the drop of a hat if/when
> things go wrong?
>
> --
> Dave (Sometimes man stumbles over the truth ...... Sir Winston Churchill)



Interesting (to me, anyway!) is that if one clicks on the link now -
from WITHIN the Google Group thread

http://groups.google.com/group/alt.c...cf6bdf8a265478

It reports:-

Warning - phishing (web forgery) suspected

The site you are trying to visit has been identified as a forgery,
intended to trick you into disclosing financial, personal or other
sensitive information.

Suggestions:

Return to the previous page and pick another result.
Try another search to find what you're looking for.
Or you can continue to http://www.thaisuzuki.co.th/pic_news/IBlogin.html
at your own risk.

If you believe that this site is not actually a phishing site, you can
report an incorrect warning.

********************

As against the message I get when clicking on the link in the Usenet
newsgroup proper when I get this response:-

Not Found

The requested URL /pic_news/IBlogin.html was not found on this server.

**

So it does seem as if folk are now being protected to some extent. I
still don't know what happens when other browsers are used. Time to
experiment further I suspect!

Dave (posting from Google Groups)

~BD~ wrote:

> What I do not understand is why this newsgroup isn't monitored by some
> of the security 'professionals who, presumably, have 'test' rigs upon
> which to make the sort of exploration I requested.
>
> Surely I am not alone in experimenting, knowing that a computer is
> simply a machine which can be reprogrammed at the drop of a hat
if/when
> things go wrong?

You just don't get it.

I guess you are dense or something, or at least it appears to me that
you are behaving that way instead of grasping what is wrong with what
you are doing.

The most important issue here is not 'your issue' - your idea of how to
'experiment' - of how to 'investigate' something - namely your curiosity
about a weblink you found in a spam.

The most important issue here is your insecure daft behavior of letting
spam in and opening spam and clicking on spamlinks - which you should
not do for multiple reasons, some trivial and some large.

Computer security, in the name of this group, is about how people behave
with their computers. You are behaving insecurely and you need to learn
that. You don't need someone to tell you what is at the link you found
in the spam -- that action would simply 'support' your daft behavior
which behavior should not be supported, it should instead be thwarted.

3 reasons you shouldn't handle your spam the way you do: -1- it gets
you more spam -2- it profits spammers -3- it risks your getting phished,
scammed, or infected.

The 2nd and less important issue here is about how your safari phishing
alert system works and doesn't work.

I don't feel like going to the trouble to provide you with excellent
links, so I'm just going to give you one. I don't consider the good and
the bad about the system which alerted you in this case to be a subject
I want to discuss.

http://macmost.com/safari-32-anti-ph...rotection.html The new
version of the Safari Web browser includes a feature that will alert you
if you go to a suspected malicious Web site. Learn more about this
protection and how you can further protect yourself against phishing
attacks.

A third issue is that of a previous alert which you brought up in
another thread in another group - which is google's tool for alerting
about problem websites.

That tool tells me/us that the website link which you found in your spam
has not been reported to the google alert system as being a problem -

http://snipr.com/tjfpz Safe Browsing
Diagnostic page for www.thaisuzuki.co.th/pic_news
What is the current listing status for www.thaisuzuki.co.th/pic_news?
This site is not currently listed as suspicious.
What happened when Google visited this site?
Google has not visited this site within the past 90 days.
Has this site acted as an intermediary resulting in further distribution
of malware?
Over the past 90 days, www.thaisuzuki.co.th/pic_news did not appear
to function as an intermediary for the infection of any sites.
Has this site hosted malware?
No, this site has not hosted malicious software over the past 90
days.

I also don't consider the good and bad about the google system to be a
topic I want to discuss, especially in the context of someone being a
spamreader and clicking on spamlinks.


--
Mike Easter

From: "Mike Easter" <>

| ~BD~ wrote:

>> What I do not understand is why this newsgroup isn't monitored by some
>> of the security 'professionals who, presumably, have 'test' rigs upon
>> which to make the sort of exploration I requested.

>> Surely I am not alone in experimenting, knowing that a computer is
>> simply a machine which can be reprogrammed at the drop of a hat
| if/when
>> things go wrong?

| You just don't get it.

Mike:

He's a dope. He won't get it. Plaese stop wasting your time.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

~BD~ wrote:

> Mike Easter seems to think my experimentation might be
> dangerous. How, exactly?

What I said was:

Mike Easter wrote:
> 3 reasons you shouldn't handle your spam the way you do: -1- it gets
> you more spam -2- it profits spammers -3- it risks your getting
phished,
> scammed, or infected.

I also said that relying on safari browser or google safe browsing
alerts was not a guarantee to not visit a malware site. You are asking
for trouble when you open your spam and click on its links - and the
resultant trouble might be minor or significant as 1-3 above and others.

I also gave a sophos link about websites infecting mac systems.

I also said that your method of 'illustrating' the spam in your first
post was insufficient to determine how, in what obfuscated structure,
the payload of the spam was 'delivered' to you the recipient.



--
Mike Easter

~BD~ wrote:

> Clicking on a link - *any* link - in a newsgroup post is, IMO, *far*
> more dangerous than opening a SPAM message in ones 'in-box'.

Wrong.

All spam is designed to take advantage of the fools who allow it into
their inbox - in one way or another. Sometimes only to deliver more
spam, sometimes only to profit the payload link, sometimes to scam or
phish or deliver malware directly or indirectly. Handling spam the way
you do is always bad; misguided.

In the case of newsgroup posts, you have all kinds of different links.
Some of them are links of friends or goodguys, some of them are links
which belong to usenet spam or usenet malware distribution. Typically
for most people except html foolish, newsgroup reading is done in
plaintext, reducing its potential for direct harm to zero; whereas spam
is most often delivered as html, which greatly enhances its potential
for obfuscated harm.

I don't consider whatever has been your 'experience' in your type of
investigating to have been beneficial to you in enhancing your wisdom,
judgment, or expertise, regardless of how many years you have been doing
it.


--
Mike Easter

~BD~ wrote:

> .. I'd like you to know, though, that I have been experimenting with
> malware detection for almost 10 years

Your posting history would seem to contradict that statement, in my
opinion.

--
-bts
-Friends don't let friends drive Windows

~BD~ wrote:

> Beauregard T. Shagnasty wrote:
>> ~BD~ wrote:
>>> .. I'd like you to know, though, that I have been experimenting with
>>> malware detection for almost 10 years
>>>
>> Your posting history would seem to contradict that statement, in my
>> opinion.
>
> Ah, 'twas designed to fool you, sir!

So it was a lie then. Credibility dips even further into the abyss.

--
-bts
-Friends don't let friends drive Windows

~BD~ wrote:

> You have no idea how I handle SPAM in normal course. You should not
> simply assume that you know what I do in practice.

> *You* have much to learn about the human psyche!

Should I worry about treading on your personal self-pumped up psyche?

You started this thread by your demonstrating a typical newbie behavior
of allowing spam into your inbox, then reading that sapm subject/from,
then further opening that spam and rendering that spam's html and then
further clicking on that spamscam phish's spamlinks. You continued that
insecure ineptitude by illustrating that spam here in a typical newbie
fashion. Thus you instigated an newbie browser approach to a spamlink,
for which you get an alert which you cowered away from like a baby and
came running to this newsgroup for someone to investigate what you
incompetently approached.

Then, and subsequently, at this end of the thread, you are trying to
allege that you are some kind of experienced investigator of such as
spamscams and malware links and also that you control honeypots and have
a decade of experience as some kind of an alleged 'investigator' (in
your dreams) of various spams and scams and malware links.

Your allegations of such expertise are completely and totally
unbelievable. You portray some characteristics of not only an ordinary
troll but also some kind of delusional braggart regarding skills you
don't possess in addition to being a general ordinary and run of the
mill usenet liar.


--
Mike Easter