Comptuer Virus Help

Discussion in 'Computer Security' started by herbdove, Nov 13, 2006.

  1. herbdove

    herbdove Guest

    Hello all,

    I'm wondering if someone would kindly me with what appears to be a
    virus on my computer.

    I turned on my computer yesterday, and all my bookmarks in Firefox
    disappeared. Other oddities: I am receiving the error message:
    "Error: LiveCode is not defined line:19", certain (but not all)
    graphics on a webpage will not load and sometimes when they do the
    resolution will be bad, spacing on the page will be off, font size will
    be strange, etc. Another oddity--when I will click on a link of any
    sort, or click on an e-mail message, etc., the page that comes up will
    simply be blank. Things are running very slow overall.

    I run Symantec Anti-Virus at all times, and have a firewall through
    ZoneAlarm. I ran Ad-Aware and Spybot, and updated all. When no
    viruses were detected, I downloaded AVG Anti-Virus, and Microsoft
    Baseline Security Analyzer. So luck with these either. I've
    uninstalled Firefox, and re-downloaded it again. Nada.

    Any suggestions on how I should proceed?

    Thanks a million...
    matt
     
    herbdove, Nov 13, 2006
    #1
    1. Advertising

  2. herbdove wrote:

    > I'm wondering if someone would kindly me with what appears to be a
    > virus on my computer.


    It doesn't. It appears like a generic software bug.

    > I turned on my computer yesterday, and all my bookmarks in Firefox
    > disappeared. Other oddities: I am receiving the error message:
    > "Error: LiveCode is not defined line:19", certain (but not all)
    > graphics on a webpage will not load and sometimes when they do the
    > resolution will be bad, spacing on the page will be off, font size will
    > be strange, etc. Another oddity--when I will click on a link of any
    > sort, or click on an e-mail message, etc., the page that comes up will
    > simply be blank. Things are running very slow overall.
    >
    > I run Symantec Anti-Virus at all times, and have a firewall through
    > ZoneAlarm. I ran Ad-Aware and Spybot, and updated all. When no
    > viruses were detected, I downloaded AVG Anti-Virus, and Microsoft
    > Baseline Security Analyzer. So luck with these either. I've
    > uninstalled Firefox, and re-downloaded it again. Nada.
    >
    > Any suggestions on how I should proceed?


    1. Rebuild your Firefox profile. This should fix the issue.
    2. Uninstall Symantec AV and ZoneAlarm, this will protect your computer.
    3. Stop wasting your time with all kinds of scanners for a problem that
    could hardly be related to malware.
     
    Sebastian Gottschalk, Nov 13, 2006
    #2
    1. Advertising

  3. David H. Lipman, Nov 13, 2006
    #3
  4. herbdove

    erewhon Guest


    > 1. Rebuild your Firefox profile. This should fix the issue.


    Ok

    > 2. Uninstall Symantec AV and ZoneAlarm, this will protect your computer.


    Less AV and less firewall = More protected?

    I'm aware they create a false sense of securty for 0days and bespoke code,
    but I think you are full of shit if you think that their removal improve
    security.

    All code has flaws. However, a software firewall (even with possible
    vulnerabilities) is certainly better than a core o.s with NO firewall and
    AV.

    Don't believe this fool - get multiple AV's installed, then be careful what
    you browse and open.

    > 3. Stop wasting your time with all kinds of scanners for a problem that
    > could hardly be related to malware.


    I may be related to malware. It may not. Searching for it, and not finding
    any (since it may slip under the radar) is certainly not a futile excercise.
    Malware is detected more times than not. That's not to say you have no
    malware, just that you have a higher probabilty of finding it if you look
    for it.

    Not looking for it, is akin to sticking your head in the sand.

    Search, but always remain a liittle sceptical that nothing found does not
    always equal nothing present.

    Do not take this fools advice of no protection and no looking to keep
    protected.

    erewhon
    alt.hacker
     
    erewhon, Nov 13, 2006
    #4
  5. erewhon wrote:

    >> 1. Rebuild your Firefox profile. This should fix the issue.

    >
    > Ok
    >
    >> 2. Uninstall Symantec AV and ZoneAlarm, this will protect your computer.

    >
    > Less AV and less firewall = More protected?


    Generally yes. More code = more complexity = insecurity. Beside that
    ZoneAlarm is no firewall.

    Even further, Symantec AV and ZoneAlarm have known unpatched security
    vulnerabilities that make the computer vulnerable in first place, and
    they're totally broken.

    > All code has flaws. However, a software firewall (even with possible
    > vulnerabilities) is certainly better than a core o.s with NO firewall and
    > AV.


    Wrong. Take a secure computer, install such a software, and now you made it
    insecure.

    > Don't believe this fool - get multiple AV's installed, then be careful what
    > you browse and open.


    Believe whatever you want. Reality doesn't care for you unjustified believe
    in virus scanners.

    Real protection against viruses is provided by ACLs, implementing a global
    no-exec policy and by not allowing automatic code execution.

    >> 3. Stop wasting your time with all kinds of scanners for a problem that
    >> could hardly be related to malware.

    >
    > I may be related to malware. It may not.


    Default assumption: It is not related.

    > Do not take this fools advice of no protection and no looking to keep
    > protected.


    Installing pseudo security stuff has nothing to do with protection.
     
    Sebastian Gottschalk, Nov 14, 2006
    #5
  6. herbdove

    erewhon Guest

    >> Less AV and less firewall = More protected?
    >
    > Generally yes. More code = more complexity = insecurity.


    What nonsense. You seem to be mixing quality and quantity. One line of
    vulnerable code is an insecurity. A million lines of non-vulnerable code is
    secure. More code does not equal more complexity hence more insecurity.

    Poorly written code is insecure. Well written code is not.

    Having a good quality AV and firewall product prevents more issues than they
    cause. Of course, a badly written one can introudce ADDITIONAL exploit
    paths, however, not having one at all guarantees vulnerabilty in a o/s with
    many dozens of high severity vulnerabilities, and many more to be found
    before next patch tuesday.

    > Beside that
    > ZoneAlarm is no firewall.


    It is a firewall - although I never stated it was a very good one.

    > Even further, Symantec AV and ZoneAlarm have known unpatched security
    > vulnerabilities that make the computer vulnerable in first place, and
    > they're totally broken.


    No - they make it vulnerable to those attacks which attempt to exploit them.

    The vast majority of exploit and virus code is written to target the largest
    available footprint. Whilst custom code can be used to **** over certain av
    and firewall products, the vast majority of this code targets core o.s or
    browser vulnerabilities. As such, a user should focus their efforts on using
    apps which can sit on top of the o/s and filter, block, detect and remove
    such malware to reduce their exposure.

    As I stated, they are not going to work on 0day code, or the latest bespoke
    code - however, they are certainly better than none at all, contrary to your
    assertion.

    >> All code has flaws. However, a software firewall (even with possible
    >> vulnerabilities) is certainly better than a core o.s with NO firewall and
    >> AV.

    >
    > Wrong. Take a secure computer, install such a software, and now you made
    > it
    > insecure.


    Of course - except there is no 'secure computer' in this context. M$, Linux,
    Mac - all have code flaws which are exploitable. Having protection on top of
    the o/s makes sense. Of course a badly designed app adds to the holes, but
    the type and # of holes it brings are only relevant if they are commonly
    targeted.

    >> Don't believe this fool - get multiple AV's installed, then be careful
    >> what
    >> you browse and open.

    >
    > Believe whatever you want. Reality doesn't care for you unjustified
    > believe
    > in virus scanners.


    The last time I checked, my PC was protected against several thousands of
    viruses esp. those which use vulnerabilities to attain prividge escalation
    or known holes to run. Any one of these viruses that attempts to run on my
    PC will fail due to AV protection. Any PC without AV will not be stopped -
    ACL's or no ACL's.

    > Real protection against viruses is provided by ACLs, implementing a global
    > no-exec policy and by not allowing automatic code execution.


    Nonsense. I could login as run as guest and have o/s policies and setting in
    place to limit the possibility of running certain code. This does NOTHING to
    protect me against malicious code injected into a vulnerable app or via port
    which fails to trap such code, and allows exploit as system. What the hell I
    am logged in as, and ACLs and "a global no-exec policy" will do the square
    root of **** all to prevent a DCOM exploit, if I've got no AV, no vendor
    patch and no firewall.

    >>> 3. Stop wasting your time with all kinds of scanners for a problem that
    >>> could hardly be related to malware.

    >>
    >> I may be related to malware. It may not.

    >
    > Default assumption: It is not related.


    Wrong. Default assumption is to assume nothing, investigate everything.


    >> Do not take this fools advice of no protection and no looking to keep
    >> protected.

    >
    > Installing pseudo security stuff has nothing to do with protection.


    For fear of banging my head against a brick wall - yes it does. Calling it
    "pseudo security stuff" does not your case a valid one.

    erewhon
    alt.hacker
     
    erewhon, Nov 14, 2006
    #6
  7. erewhon wrote:

    >>> Less AV and less firewall = More protected?

    >>
    >> Generally yes. More code = more complexity = insecurity.

    >
    > What nonsense. You seem to be mixing quality and quantity. One line of
    > vulnerable code is an insecurity. A million lines of non-vulnerable code is
    > secure. More code does not equal more complexity hence more insecurity.


    Seems like you're pretty ignorant towards reality.

    > Having a good quality AV and firewall product prevents more issues than they
    > cause.


    On a well-secured computer it can't prevent any issue.

    > Of course, a badly written one can introudce ADDITIONAL exploit
    > paths, however, not having one at all guarantees vulnerabilty in a o/s with
    > many dozens of high severity vulnerabilities, and many more to be found
    > before next patch tuesday.


    And this is a reason why you have to add more vulnerabilities, especially
    known ones.

    >> Beside that ZoneAlarm is no firewall.

    >
    > It is a firewall - although I never stated it was a very good one.


    It is no firewall. It's a host-based packet filter, and a pretty lousy one.
    And it's unsuitable for building a firewall.

    >> Even further, Symantec AV and ZoneAlarm have known unpatched security
    >> vulnerabilities that make the computer vulnerable in first place, and
    >> they're totally broken.

    >
    > No - they make it vulnerable to those attacks which attempt to exploit them.


    So, you admit that there's a problem.

    > The vast majority of exploit and virus code is written to target the largest
    > available footprint. Whilst custom code can be used to **** over certain av
    > and firewall products, the vast majority of this code targets core o.s or
    > browser vulnerabilities. As such, a user should focus their efforts on using
    > apps which can sit on top of the o/s and filter, block, detect and remove
    > such malware to reduce their exposure.


    Bullshit. You should focus on using operating systems with well-supported
    updates on O.S. core components, and vulnerabilities in webbrowser are
    unacceptable.

    > As I stated, they are not going to work on 0day code, or the latest bespoke
    > code - however, they are certainly better than none at all, contrary to your
    > assertion.


    Well, believe whatever you want. Statistics tell otherwise.

    > The last time I checked, my PC was protected against several thousands of
    > viruses esp. those which use vulnerabilities to attain prividge escalation
    > or known holes to run.


    So, was it? Why? Don't tell me that it has anything to do with your virus
    scanner or your you'd-like-it-to-be-a-firewall.

    > Any one of these viruses that attempts to run on my
    > PC will fail due to AV protection.


    What AV protection? Your virus scanner? No, it won't fail.

    > Any PC without AV will not be stopped


    It will. Just implement the relevant policies.

    > - ACL's or no ACL's.


    With correct ACLs the damage is limited. Now that's a real security
    measure.


    >> Real protection against viruses is provided by ACLs, implementing a global
    >> no-exec policy and by not allowing automatic code execution.

    >
    > Nonsense.


    At this point I looked up the headers, and they stated that you're posting
    with Microsoft Outlook Express. Therefore I should simply stop listening to
    you, as you have obviously no idea about real security.

    > I could login as run as guest


    No, you can't.

    > This does NOTHING to protect me against malicious code injected into a
    > vulnerable app


    For the very same reason, you virus scanner fails so blatantly even on
    malware it knows.

    > all to prevent a DCOM exploit,


    OK, you're really too stupid to simply no offer any DCOM services on the
    net?

    > if I've got no AV, no vendor patch and no firewall.


    You obviously are stupid. Of course you should install patches. A virus
    scanner or a firewall won't prevent such an exploit, or at best by luck.

    >>> I may be related to malware. It may not.

    >>
    >> Default assumption: It is not related.

    >
    > Wrong. Default assumption is to assume nothing, investigate everything.


    And as there's no reason to assume that the issue is specifically caused
    the malware...

    >> Installing pseudo security stuff has nothing to do with protection.

    >
    > For fear of banging my head against a brick wall - yes it does.


    No. That's why it's called pseudo.

    > Calling it "pseudo security stuff" does not your case a valid one.


    It's called pseudo because it has no technical background.
     
    Sebastian Gottschalk, Nov 14, 2006
    #7
  8. herbdove

    erewhon Guest


    >> Calling it "pseudo security stuff" does not your case a valid one.

    >
    > It's called pseudo because it has no technical background.


    Oh I see. Symantec. McAfee. They're all in 'it' together. Lying about why we
    need them. Praying on fear and ignorance. Offering zero value.

    It's a conspiracy theory.

    Now I get it.

    You're not stoopid. You're a fucking kook!
     
    erewhon, Nov 14, 2006
    #8
  9. herbdove

    Jim Guest

    herbdove came up with this when s/he headbutted the keyboard a moment ago in
    alt.computer.security:

    > Hello all,
    >
    > I'm wondering if someone would kindly me with what appears to be a
    > virus on my computer.
    >
    > I turned on my computer yesterday, and all my bookmarks in Firefox
    > disappeared.


    That's a bug I've seen before. And reported it.

    > Other oddities: I am receiving the error message:
    > "Error: LiveCode is not defined line:19",


    Not sure what this is: possibly something you're missing in your system
    configuration (.NET?)

    > certain (but not all)
    > graphics on a webpage will not load and sometimes when they do the
    > resolution will be bad, spacing on the page will be off, font size will
    > be strange, etc.


    Misconfigured browser. I have mine set with small fonts (large fonts have a
    tendency to mung the spacing not only between characters but between rows
    as well - depends on how the page is coded), and images from the
    originating site only. Stops a lot of the ads.

    > Another oddity--when I will click on a link of any
    > sort, or click on an e-mail message, etc., the page that comes up will
    > simply be blank. Things are running very slow overall.
    >


    Very possibly a busted Firefox. Try another browser to see if the behaviour
    is repeatable on that.

    > I run Symantec Anti-Virus at all times,


    My experience and observation: Symantec AV is most often at the top of the
    list for malware to disable in any way it can before it delivers its
    payload. A nineteen month old buffer overflow exploit (which still hasn't
    been patched by Symantec) is a favourite vector. Once the exploit is
    triggered, NIS/NAV simply stops working. Apart from that, NAV/NIS is a hog
    anyway; you would be much better off using AVG and something like Panda AV,
    along with Spybot S&D and Ad-Aware.Even those four programs have less of a
    footprint than Symantec's offering, and you will notice a /dramatic/
    difference in the responsiveness of your system. As for a softwall, use the
    one provided with XP. It (surprisingly) does what it says on the tin. You
    don't need Zonealarm or anything like that (which will most likely clash
    horribly with XP's own firewall anyway). Remember, this is experience. Not
    BS.

    > and have a firewall through
    > ZoneAlarm. I ran Ad-Aware and Spybot, and updated all. When no
    > viruses were detected, I downloaded AVG Anti-Virus, and Microsoft
    > Baseline Security Analyzer. So luck with these either. I've
    > uninstalled Firefox, and re-downloaded it again. Nada.
    >
    > Any suggestions on how I should proceed?
    >
    > Thanks a million...
    > matt


    --
    -*- Linux Desktops & Clustering Solutions -*- http://dotware.co.uk
    -*- Registered Linux user #426308 -*- http://counter.li.org
    -*- Linux is like a wigwam: no Windows, no Gates, and Apache inside.
    -*- <discl mode="Boilerplate" />
     
    Jim, Nov 14, 2006
    #9
  10. herbdove

    kurt wismer Guest

    Sebastian Gottschalk wrote:
    [snip]
    > Real protection against viruses is provided by ACLs, implementing a global
    > no-exec policy and by not allowing automatic code execution.


    by acls i imagine you're making a reference to least privilege... fred
    cohen's early experiments with viruses demonstrate fairly unequivocally
    that least privilege does not stop viruses... it is a speed bump, not a
    road block - it will interfere with those viruses that were made with
    the assumption of having admin access and that's about all...

    as for trying to control execution, determining executable data from
    non-executable data is undecidable in the general case...

    they can be valuable additions to a defense in depth approach, but they
    are not, by themselves, a solution to the virus problem...

    --
    "it's not the right time to be sober
    now the idiots have taken over
    spreading like a social cancer,
    is there an answer?"
     
    kurt wismer, Nov 15, 2006
    #10
  11. kurt wismer wrote:

    > Sebastian Gottschalk wrote:
    > [snip]
    >> Real protection against viruses is provided by ACLs, implementing a global
    >> no-exec policy and by not allowing automatic code execution.

    >
    > by acls i imagine you're making a reference to least privilege... fred
    > cohen's early experiments with viruses demonstrate fairly unequivocally
    > that least privilege does not stop viruses... it is a speed bump, not a
    > road block - it will interfere with those viruses that were made with
    > the assumption of having admin access and that's about all...


    ACLs that are set such all write access to binaries is denied will stop
    viruses totally: they can't spread.

    > as for trying to control execution, determining executable data from
    > non-executable data is undecidable in the general case...


    That's why such policies also have to be enforced by programs. If you allow
    the users to execute perl.exe, well, then you have a problem.

    > they can be valuable additions to a defense in depth approach, but they
    > are not, by themselves, a solution to the virus problem...


    They are. Trivially.
     
    Sebastian Gottschalk, Nov 15, 2006
    #11
  12. herbdove

    kurt wismer Guest

    Sebastian Gottschalk wrote:
    > kurt wismer wrote:
    >
    >> Sebastian Gottschalk wrote:
    >> [snip]
    >>> Real protection against viruses is provided by ACLs, implementing a global
    >>> no-exec policy and by not allowing automatic code execution.

    >> by acls i imagine you're making a reference to least privilege... fred
    >> cohen's early experiments with viruses demonstrate fairly unequivocally
    >> that least privilege does not stop viruses... it is a speed bump, not a
    >> road block - it will interfere with those viruses that were made with
    >> the assumption of having admin access and that's about all...

    >
    > ACLs that are set such all write access to binaries is denied will stop
    > viruses totally: they can't spread.


    you must have an interesting definition of 'binaries'...

    >> as for trying to control execution, determining executable data from
    >> non-executable data is undecidable in the general case...

    >
    > That's why such policies also have to be enforced by programs. If you allow
    > the users to execute perl.exe, well, then you have a problem.


    i'm sorry, i obviously wasn't clear... i meant undecidable in the
    computational complexity sense of the word... the computer can't figure
    such things out (which, by the way, is part of the reason why we 'tend'
    to mark executable content with special file extensions in dos/windows
    or execute flags under *nix)...

    perl is not the only complicating factor, many tools are scriptable in
    some sense these days... ms word or alternatively open office are
    susceptible to viruses - are you going to disallow opening documents too?

    >> they can be valuable additions to a defense in depth approach, but they
    >> are not, by themselves, a solution to the virus problem...

    >
    > They are. Trivially.


    it's interesting that you think a problem widely known to be unsolvable
    has such a strait-forward solution...

    --
    "it's not the right time to be sober
    now the idiots have taken over
    spreading like a social cancer,
    is there an answer?"
     
    kurt wismer, Nov 15, 2006
    #12
  13. kurt wismer wrote:

    > perl is not the only complicating factor, many tools are scriptable in
    > some sense these days... ms word or alternatively open office are
    > susceptible to viruses - are you going to disallow opening documents too?


    Let's see. Not just that you can disable macros based on certain
    conditions, these macro languages are not powerful enough to load arbitrary
    code. VBA for example uses Shell32::LoadLibraryEx() to load additional
    modules, which is already covered by Software Restriction Policies.

    >>> they can be valuable additions to a defense in depth approach, but they
    >>> are not, by themselves, a solution to the virus problem...

    >>
    >> They are. Trivially.

    >
    > it's interesting that you think a problem widely known to be unsolvable


    Huh? It's a problem that is known to be trivially solvable.

    > has such a strait-forward solution...


    Indeed, it has. That's why you should wonder why so many people suggest
    totally incompetent, slow and dangerous solutions.
     
    Sebastian Gottschalk, Nov 16, 2006
    #13
  14. herbdove

    Admins Guest

    On 13 Nov 2006 11:52:54 -0800, herbdove wrote:

    > Hello all,
    >
    > I'm wondering if someone would kindly me with what appears to be a
    > virus on my computer.
    >
    > I turned on my computer yesterday, and all my bookmarks in Firefox
    > disappeared. Other oddities: I am receiving the error message:
    > "Error: LiveCode is not defined line:19", certain (but not all)
    > graphics on a webpage will not load and sometimes when they do the
    > resolution will be bad, spacing on the page will be off, font size will
    > be strange, etc. Another oddity--when I will click on a link of any
    > sort, or click on an e-mail message, etc., the page that comes up will
    > simply be blank. Things are running very slow overall.
    >
    > I run Symantec Anti-Virus at all times, and have a firewall through
    > ZoneAlarm. I ran Ad-Aware and Spybot, and updated all. When no
    > viruses were detected, I downloaded AVG Anti-Virus, and Microsoft
    > Baseline Security Analyzer. So luck with these either. I've
    > uninstalled Firefox, and re-downloaded it again. Nada.
    >
    > Any suggestions on how I should proceed?


    ZoneAlarm isn't the best choice in firewall, everyone has an opinion about
    which one's the best but I've always preferred Kerio. It's never leaked
    and doesn't slow down your computer. They charge for it now, but I have
    the free one still available in our software section. You can set up rules
    for it at shields up www.grc.com just say no when you establish rules for
    the probes it will do towards your computer after you start the test.

    Your problem may be malware and it may not. Try another scanner, there are
    3 free ones up in our software section that have been given a high rating
    by PC magazine. If you have the time, download and install a trial version
    of a product called "the cleaner". It's from Moosoft and is specific to
    trojans and worms, it's the best one on the market, but it's not free

    Regards,
    >
    > Thanks a million...
    > matt


    --
    Admin


    * www.privacyoffshore.net (No Logs Internet Surfing)
    * Anonymous Secure Offshore SSH-2 Surfing Tunnels
     
    Admins, Nov 16, 2006
    #14
  15. Admins wrote:

    > ZoneAlarm isn't the best choice in firewall, everyone has an opinion about
    > which one's the best but I've always preferred Kerio.


    D'oh! Choosing the lesser evil...

    > You can set up rules for it at shields up www.grc.com


    Oh please!
     
    Sebastian Gottschalk, Nov 16, 2006
    #15
  16. herbdove

    erewhon Guest


    > Indeed, it has. That's why you should wonder why so many people suggest
    > totally incompetent, slow and dangerous solutions.


    Ok - genius.

    Take XP out of the box.

    Detail the steps YOU claim you need to follow to secure this OS (and default
    installed apps) from all vulnerabilities (known, and unknown), without using
    a third party products....

    I'm genuinely interested.

    I suspect if you can script the steps or drop them all into single .msi then
    the whole AV, firewall and malware industry will be instantly obsolete.

    I await your response....
     
    erewhon, Nov 16, 2006
    #16
  17. Admins wrote:

    > (Kerio) They charge for it now, but I have the free one still
    > available in our software section.


    Kerio works the same now as it did before Kerio sold it to Sunbelt.
    http://www.sunbelt-software.com/Kerio-Download.cfm

    "Sunbelt Kerio Personal Firewall 4 can run in a free mode vs. a full
    (paid) mode. Install it now, and for the first 30 days it will run in
    'full' mode. After that, it shuts down selected features[1], but will
    continue to run in 'free' mode"."

    [1. ad blocking, web page filtering, cookie filtering; minor things that
    modern browsers already do. <g>]

    --
    -bts
    -Motorcycles defy gravity; cars just suck
     
    Beauregard T. Shagnasty, Nov 16, 2006
    #17
  18. herbdove

    Admins Guest

    On Thu, 16 Nov 2006 19:32:47 GMT, Beauregard T. Shagnasty wrote:

    > Admins wrote:
    >
    >> (Kerio) They charge for it now, but I have the free one still
    >> available in our software section.

    >
    > Kerio works the same now as it did before Kerio sold it to Sunbelt.
    > http://www.sunbelt-software.com/Kerio-Download.cfm
    >
    > "Sunbelt Kerio Personal Firewall 4 can run in a free mode vs. a full
    > (paid) mode. Install it now, and for the first 30 days it will run in
    > 'full' mode. After that, it shuts down selected features[1], but will
    > continue to run in 'free' mode"."
    >
    > [1. ad blocking, web page filtering, cookie filtering; minor things that
    > modern browsers already do. <g>]


    Thanks for the information, at one point they had gone to a paid version
    with a free trial that expired out, it's good to see the free product
    version available again. They only charged $15 for the paid version when
    they originally went that direction, but not everyone needs the extra
    features
    --
    Admin


    * www.privacyoffshore.net (No Logs Internet Surfing)
    * Anonymous Secure Offshore SSH-2 Surfing Tunnels
     
    Admins, Nov 16, 2006
    #18
  19. herbdove

    kurt wismer Guest

    Sebastian Gottschalk wrote:
    > kurt wismer wrote:
    >
    >> perl is not the only complicating factor, many tools are scriptable in
    >> some sense these days... ms word or alternatively open office are
    >> susceptible to viruses - are you going to disallow opening documents too?

    >
    > Let's see. Not just that you can disable macros based on certain
    > conditions, these macro languages are not powerful enough to load arbitrary
    > code. VBA for example uses Shell32::LoadLibraryEx() to load additional
    > modules, which is already covered by Software Restriction Policies.


    a) vba only applies to ms word, not to open office...
    b) those were just the most mainstream examples of apps that can be
    turned into operating environments for viruses - some more obscure
    examples include amipro, matlab, and ida pro... again, those are just a
    few more examples - i'll not post an exhaustive list because the apps
    that fall into this category are legion...
    c) even if it were actually possible to block execution of all
    executable content in user writable areas (which i specify because you
    would obviously need to still allow execution from system areas which
    the user would presumably not have write access to) that would
    necessarily impede with any ability the user might have otherwise had to
    automate his/her tasks....

    >>>> they can be valuable additions to a defense in depth approach, but they
    >>>> are not, by themselves, a solution to the virus problem...
    >>> They are. Trivially.

    >> it's interesting that you think a problem widely known to be unsolvable

    >
    > Huh? It's a problem that is known to be trivially solvable.


    according to which recognized expert in the field?

    fred cohen's seminal work in the field revealed that the ability to
    support viral programs is inherent to the general purpose computing
    platform - meaning that there is no way to manipulate a general purpose
    computer (or the os or policies enforced by it), short of making it not
    a general purpose computer anymore, that will stop all possible viruses
    from operating - ergo the problem is not solvable...

    >> has such a strait-forward solution...

    >
    > Indeed, it has. That's why you should wonder why so many people suggest
    > totally incompetent, slow and dangerous solutions.


    the only thing i'm wondering is where you come up with some of the stuff
    you post... i'm getting a strong sense that false authority syndrome is
    at play here...

    --
    "it's not the right time to be sober
    now the idiots have taken over
    spreading like a social cancer,
    is there an answer?"
     
    kurt wismer, Nov 17, 2006
    #19
  20. herbdove

    erewhon Guest


    > the only thing i'm wondering is where you come up with some of the stuff
    > you post... i'm getting a strong sense that false authority syndrome is at
    > play here...


    I'm smelling the same thing....
     
    erewhon, Nov 17, 2006
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Slacker
    Replies:
    1
    Views:
    514
    ┬░Mike┬░
    Jun 4, 2004
  2. Comptuer troubleshooting problems

    , Aug 27, 2004, in forum: Computer Information
    Replies:
    0
    Views:
    400
  3. i-cable

    How can I output comptuer video to TV?

    i-cable, Sep 8, 2005, in forum: Computer Information
    Replies:
    3
    Views:
    369
    Nathaniel Freeman
    Sep 10, 2005
  4. herbdove

    Comptuer Virus Help

    herbdove, Nov 13, 2006, in forum: Computer Support
    Replies:
    1
    Views:
    463
    Walter Mautner
    Nov 13, 2006
  5. Daniel
    Replies:
    2
    Views:
    358
    Daniel
    May 11, 2004
Loading...

Share This Page