My first few weeks on the internet have been a security nightmare

Discussion in 'Computer Security' started by privacy.at Anonymous Remailer, Feb 9, 2004.

  1. NOTE: This message was sent thru a mail2news gateway.
    No effort was made to verify the identity of the sender.
    --------------------------------------------------------


    Well to those who beleive I am a troll I say in response that it is very easy
    to send anon posts using a web interface and I actually have been on the net
    before (on webtv) I did not mention this because the cardinal sin, the thing
    that turns off any serious person posting in a tech newsgroup is "oh no, a
    webtv dweeb"!? If I am trolling than this is a piss poor troll don't you think?
    Thanks to the few who answered me but my understanding is there is NO WAY TO
    SUCCESSFULLY WIPE YOUR DISK!
    privacy.at Anonymous Remailer, Feb 9, 2004
    #1
    1. Advertising

  2. privacy.at Anonymous Remailer

    JT Guest

    On Mon, 9 Feb 2004 15:02:22 +0100 (CET), "privacy.at Anonymous Remailer"
    <> wrote:

    >NOTE: This message was sent thru a mail2news gateway.
    >No effort was made to verify the identity of the sender.
    >--------------------------------------------------------
    >
    >
    >Well to those who beleive I am a troll I say in response that it is very easy
    >to send anon posts using a web interface and I actually have been on the net
    >before (on webtv) I did not mention this because the cardinal sin, the thing
    >that turns off any serious person posting in a tech newsgroup is "oh no, a
    >webtv dweeb"!? If I am trolling than this is a piss poor troll don't you think?
    >Thanks to the few who answered me but my understanding is there is NO WAY TO
    >SUCCESSFULLY WIPE YOUR DISK!


    Depends on what you mean by "WIPE YOUR DISK". There are many utilities,
    including many diagnostics from the manufacturer for free that will write
    zeros to every sector on the disk drive, making it blank or WIPING it for
    normal operation. In theory, big brother or deep pocketed evil corporations
    could disassemble the drive and read the minute variations in the zeros
    that would indicate the data that was on the drive before the wipe, but
    even there, free utilities exist that will write multiple passes of random
    data for as long as you desire, which will defeat anyone without a time
    machine or other similar device.

    On the other parts of your original post. you come across as very naive on
    security matters. With the number of virus and trojans and other malware
    out there, and the coverage out there in the news it is naive in the
    extreme to surf with no protection. Relying on an ISP, especially one like
    MSN to do your security thinking for you is also a bit naive. Sounds like
    you went with MSN Broad band (otherwise you tied up your phoneline for
    hours sitting on a website) and just jumped right in with no AV, no
    Firewall (not even the XP built in one enabled, if you are running XP) and
    no critical updates. Might as well have put a flag on the machine saying
    "Infect me, I'm easy". The reallity probably is that with your level of
    experiance, and the possible problems on your machine because of your lack
    of even basic security precautions, a complete wipe of the hard drive and
    reinstall of everything is probably your only sure way of cleaning up the
    mess you have.

    Wipe the drive. Install your system software. Install AV and Firewall. Get
    on the net and Immediately update your AV, Firewall, and OS before you do
    anything else. Do ALL the MS Critical updates.

    The go to http://www.pandasoftware.com/activescan and run their free scan.
    Then go to http://housecall.antivirus.com and run their free scan
    Then go to http://www.trojanscan.com and run their trojan scan.
    Then go to http://www.safer-networking.org and download and install and
    update Spybot S&D. The scan your system with it.

    Repeat the above frequently.

    JT
    JT, Feb 9, 2004
    #2
    1. Advertising

  3. privacy.at Anonymous Remailer

    Hapless Guest

    "privacy.at Anonymous Remailer" <> wrote in
    news::

    > NOTE: This message was sent thru a mail2news gateway.
    > No effort was made to verify the identity of the sender.
    > --------------------------------------------------------
    >
    >
    > Well to those who beleive I am a troll I say in response that it is
    > very easy to send anon posts using a web interface and I actually have
    > been on the net before (on webtv) I did not mention this because the
    > cardinal sin, the thing that turns off any serious person posting in a
    > tech newsgroup is "oh no, a webtv dweeb"!? If I am trolling than this
    > is a piss poor troll don't you think? Thanks to the few who answered
    > me but my understanding is there is NO WAY TO SUCCESSFULLY WIPE YOUR
    > DISK!
    >
    >


    I have read your thread and I do not believe you are a troll. I do believe
    you have read quite a bit about computers and just because you posted an
    intelligent question, but at the same time did not answer your own question
    based on the knowledge presented, you might have a problem as pn one hand
    you present a problem but take no action for yourself.

    In answering I must do so without belief you have no knowledge because the
    answer will run counter to what you have read. First and foremost - a
    computer has two types of memory - ROM (read-only-memory) and RAM (random-
    access-memory). Your ROM is within your Chip (Pentium, Celeron, Athlon,
    etc). This ROM is virtually impossible to compromise. Your RAM can be
    compromised, but only if an instruction to do so exists somewhere.

    The only place code can be introduced is on your HD. Your comment about
    wiping a HD is not correct. A HD can only contain information in binary
    form. If you zero out your HD that means writing a 0 to every portion of
    your HD nothing can exist except zeros. Period. A machine does not have a
    spirit - it is a machine.

    The trouble comes with using Windows programs. Use a DOS program to tell
    every sector of your HD to contain ZERO and ZERO you will get. Windows
    cannot do this as it relies on the HD for its program. Remember DOS means
    Disk Operating System so it exists totally independent of the disk - it
    tells the disk what to do and does not need the disk for anything.

    You have picked up a bad bit of code and it is on your HD. The way to get
    rid of it to drop to DOS from a floppy and ZERO your HD. I would post ZAP
    a program from IBM, but you did not state what type of HD you have. Larger
    HD's (Over 9GB approx) that do not use a standard 13h interface can get
    destroyed by using such - especially SCSI drives. You can use ZAP - I have
    two Seagate Barracuda's 7200 ATA's but you really need to know how to
    handle the internal calls from BIOS.

    The newer HD's are not friendly, but all of them are supported by
    www.jetico.com in the form of BC-Wipe. Download the program and you will
    find a DOS program called BCWIPEPD.EXE. Place this small program on a
    bootable floppy and run it from DOS. It will totally ZERO out your HD and
    unless you really are paranoid one pass is enough. Then re-install your OS
    and use whatever protection you wish.

    But remember you might run into this problem again - so create a dual-boot
    HD if you can and from the alternate system make a zip copy of your
    partition using WinRAR so in future if it happens again, you only need to
    ZAP your drive and reload from a CD if you have a CDR.

    Again, I will not be against you as you stated a serious problem, but you
    stated it so well that folks have trouble thinking you can not see how easy
    it is to resolve. Hope this helps.

    CYa
    Hapless, Feb 10, 2004
    #3
  4. privacy.at Anonymous Remailer

    Hapless Guest

    "privacy.at Anonymous Remailer" <> wrote in
    news::

    > NOTE: This message was sent thru a mail2news gateway.
    > No effort was made to verify the identity of the sender.
    > --------------------------------------------------------
    >
    >
    > Well to those who beleive I am a troll I say in response that it is
    > very easy to send anon posts using a web interface and I actually have
    > been on the net before (on webtv) I did not mention this because the
    > cardinal sin, the thing that turns off any serious person posting in a
    > tech newsgroup is "oh no, a webtv dweeb"!? If I am trolling than this
    > is a piss poor troll don't you think? Thanks to the few who answered
    > me but my understanding is there is NO WAY TO SUCCESSFULLY WIPE YOUR
    > DISK!
    >

    Just an extra note. What I am telling you requires a command of DOS and
    FDISK in particular, a program to partition your HD. To really work
    correctly for your problem you cannot rely on the Microsoft version of
    FDISK as after you totally ZERO your HD it will not be initialized. At
    this very low-level you need really DR-DOS and not MS-DOS. DR-DOS when you
    run FDISK in expanded mode by using the switch /x - FDISK /x will report
    the disk doe not have a boot sector ID and will intialize the disk. Also
    DR-DOS in expanded mode will create virtually any file format available -
    be it NTSF - FAT - FAT32 - SOLARIS - LINUX - etc.

    But do not and I repeat NOT after creating the format allow it to remain.
    After using DR-DOS and FDISK in expanded mode, use MS-DOS to destroy the
    format from the FDISK of MS-DOS and create a new format. You will end up
    with two tables on your HD this way as MS-DOS will not destroy actually the
    DR-DOS table, but in future you will be very protected as only your MS-DOS
    table can be compromised and not your true DR-DOS table, so dropping to DR-
    DOS and running FDISK in expanded mode and telling it to run the option of
    replacing loader code WILL destroy MS-DOS and you will be a happy camper
    again.

    If any of this is scary - I suppose, but remember your disk is only a
    machine. Holler if you want and I will point you to a copy of DR-DOS and
    you will never worry about boot-sector viruses again by using MS-DOS as the
    defense to your disk and giving that up in sacrifice if needed

    CYa
    Hapless, Feb 10, 2004
    #4
  5. privacy.at Anonymous Remailer

    Jim Watt Guest

    On Tue, 10 Feb 2004 06:39:16 GMT, Hapless <> wrote:

    >I have read your thread and I do not believe you are a troll.


    In this newsgroup anyone using an anonymous remailer has something to
    hide.

    >First and foremost - a computer has two types of memory - ROM (read-only-memory)
    >and RAM (random- access-memory). Your ROM is within your Chip (Pentium, Celeron, Athlon,
    >etc). This ROM is virtually impossible to compromise. Your RAM can be
    >compromised, but only if an instruction to do so exists somewhere.
    >
    >The only place code can be introduced is on your HD. Your comment about
    >wiping a HD is not correct. A HD can only contain information in binary
    >form. If you zero out your HD that means writing a 0 to every portion of
    >your HD nothing can exist except zeros.



    Before offering advice like that you need to understand more about
    computer hardware. The BIOS is classically implemented in ROM but
    these days it is in a re-programmable chip. Indeed so is the firmware
    for a lot of devices attached to your computer. This allows the
    manufacturers to correct bugs in their code subsequently.

    There was a virus around a few years ago which cleared the BIOS.

    Zeroing data on a Hard disk is fine, but if the person in question
    really is a newbie they are going to get into problems doing it and
    simply re-installing windows is enough.


    --
    Jim Watt http://www.gibnet.com
    Jim Watt, Feb 10, 2004
    #5
  6. "Jim Watt" <_way> wrote in message
    news:...
    > On Tue, 10 Feb 2004 06:39:16 GMT, Hapless <> wrote:
    >
    > >I have read your thread and I do not believe you are a troll.

    >
    > In this newsgroup anyone using an anonymous remailer has something to
    > hide.


    <snip>

    > Zeroing data on a Hard disk is fine, but if the person in question
    > really is a newbie they are going to get into problems doing it and
    > simply re-installing windows is enough.


    (Minor point) $55 is even better - there's a much greater chance[1] of
    munging the residual field beyond reasonable recovery.

    --

    Hairy One Kenobi

    Disclaimer: the opinions expressed in this opinion do not necessarily
    reflect the opinions of the highly-opinionated person expressing the opinion
    in the first place. So there!

    [1] No, I can't remember the exact values, but it was tested (on an old DEC
    RA-60, where you could probably measure the clusters with hand-held gear ;o)
    Hairy One Kenobi, Feb 10, 2004
    #6
  7. privacy.at Anonymous Remailer

    Jim Watt Guest

    On Tue, 10 Feb 2004 13:23:30 -0000, "Hairy One Kenobi"
    <abuse@[127.0.0.1]> wrote:

    <more snipapge>

    >(Minor point) $55 is even better - there's a much greater chance[1] of
    >munging the residual field beyond reasonable recovery.


    Well, using Fdisk and dos is not going to do that, but there are a lot
    of versions of Fdisk and life is more complicated these days with
    larger media, disk managers etc.

    I begin to think that the secure solution for wiping disks is the
    large hammer, given the time involved in properly wiping them
    and what they cost today.
    --
    Jim Watt http://www.gibnet.com
    Jim Watt, Feb 10, 2004
    #7
  8. "Jim Watt" <_way> wrote in message
    news:...
    > On Tue, 10 Feb 2004 13:23:30 -0000, "Hairy One Kenobi"
    > <abuse@[127.0.0.1]> wrote:
    >
    > <more snipapge>
    >
    > >(Minor point) $55 is even better - there's a much greater chance[1] of
    > >munging the residual field beyond reasonable recovery.

    >
    > Well, using Fdisk and dos is not going to do that, but there are a lot
    > of versions of Fdisk and life is more complicated these days with
    > larger media, disk managers etc.
    >
    > I begin to think that the secure solution for wiping disks is the
    > large hammer, given the time involved in properly wiping them
    > and what they cost today.


    It always has been, TBH.

    Where I used to work (with those RA-60s), we'd overwrite the pack three
    times, and /then/ have 'em crushed.

    A blowtorch does quite a nice job as well, on modern disks (I'd love to give
    the link on "How to Repair an IBM DeskStar" at this point, but I seem to
    have lost it..)

    H1K
    Hairy One Kenobi, Feb 10, 2004
    #8
  9. privacy.at Anonymous Remailer

    Jim Watt Guest

    On Tue, 10 Feb 2004 19:43:51 -0000, "Hairy One Kenobi"
    <abuse@[127.0.0.1]> wrote:

    >A blowtorch does quite a nice job as well, on modern disks (I'd love to give
    >the link on "How to Repair an IBM DeskStar" at this point, but I seem to
    >have lost it..)


    A few years ago we threw out the 400mb disks from our
    AS/400 five racks full. Didn't bother to wipe them at all

    But the other day I was about to bin a laptop and took out
    the 40mb disk, because that is readable. it will be interesting
    to see what is on it.
    --
    Jim Watt http://www.gibnet.com
    Jim Watt, Feb 10, 2004
    #9
  10. privacy.at Anonymous Remailer wrote:

    >NOTE: This message was sent thru a mail2news gateway.
    >No effort was made to verify the identity of the sender.
    >--------------------------------------------------------
    >
    >
    >Well to those who beleive I am a troll I say in response that it is very easy
    >to send anon posts using a web interface and I actually have been on the net
    >before (on webtv) I did not mention this because the cardinal sin, the thing
    >that turns off any serious person posting in a tech newsgroup is "oh no, a
    >webtv dweeb"!? If I am trolling than this is a piss poor troll don't you think?
    >Thanks to the few who answered me but my understanding is there is NO WAY TO
    >SUCCESSFULLY WIPE YOUR DISK!


    Ok, I retract my earlier statement about you being a troll.
    Confession of being a liar and WebTV user duly noted.
    Micheal Robert Zium, Feb 11, 2004
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. hectorcorrector

    Why do favicons disappear after a few weeks?

    hectorcorrector, Jan 22, 2004, in forum: Firefox
    Replies:
    3
    Views:
    5,933
  2. Anonymous
    Replies:
    8
    Views:
    604
    Jim Watt
    Feb 9, 2004
  3. steve
    Replies:
    5
    Views:
    476
    ~misfit~
    Sep 25, 2004
  4. jkozlowski

    Took me a few weeks but...

    jkozlowski, May 22, 2007, in forum: MCSA
    Replies:
    8
    Views:
    262
    Fraser Scott, MCP
    May 24, 2007
  5. EJay05

    Re: Taking the A+ cert in a few weeks

    EJay05, Nov 13, 2005, in forum: A+ Certification
    Replies:
    2
    Views:
    313
Loading...

Share This Page