I hope you updated your PC and turned on automatic updates (service pack 2 + recommended updates, automatic updates set to advise but not to install, better do that on your own for me). And yes, you could have done everything without a reinstall. My opinion didn't change from the start of this thread, as long as you know what you are doing reinstalls are not necessary.
The 'other' software you're using as firewall could be the key. It may not be doing everything needed, or it may crash. I had, for instance, some problems with old versions of Outpost firewall, which prevented (hanged) big downloads.
Software from Sysinternals help you understand what's going on in your computer: TCPView, Autoruns, Process Explorer, Filemon. These programs are free and not harmful (just don't delete Autoruns key without knowledge).
The 'other' software you're using as firewall could be the key. It may not be doing everything needed, or it may crash. I had, for instance, some problems with old versions of Outpost firewall, which prevented (hanged) big downloads.
Software from Sysinternals help you understand what's going on in your computer: TCPView, Autoruns, Process Explorer, Filemon. These programs are free and not harmful (just don't delete Autoruns key without knowledge).
I did sense a comedic factor. Anyway I find the melody irritating and lyrics far from being witty, so it's just a matter of tastes, I believe. It's just too didascalic for me.
I thought. You're still wrong.
Self-defence expresses itself immediately. If you think death penalty is a form of self-defense that avoids future crimes you open up a legal can of worms while you're declaring the total inability of a state to protect citizens without touching an unalienable right.
Prisons suffice. If they don't, make better prisons, don't twist the logic. For instance no one yet escaped from the new high security prison in Aachen, Germany. It's virtually impossible.
This may be apparently true but in reality when you put it in a wider set of rules (the rules that apply to so called 'states of rights') it becomes false.
Let's take an example from Wikipedia:
In 1776, the United States Declaration of Independence declared that "life" is one of the unalienable rights, implying that all persons have the right to live and/or exist. The Declaration of Independence continues that a government has the obligation to secure the unalienable rights of its people. When a government no longer respects this fundamental reason for its existence, it is the "right" and "duty" of the people to overthrow it.
Ironically the state can alienate lives, while people can do so only for self-defense, unless you consider the death penalty a form of self-defense applied by the state... which is not.
And this right to alienate lives is preemptive: you accept that the state can take away anyone's life.
I consider this a form of abuse that some people willingly accept.
And just to be clear on my part, I believe that most people in the world - in the democratic world - surrender their will in the hands of people they shouldn't trust.
This happens everywhere. It's not American, it's not Italian, it's not English or European.
This happens everywhere. It's not American, it's not Italian, it's not English or European.
Update: Kenneth Foster will not be executed.
Funny you should say that, Breizh. The first occurrence of the word "americans" in this page is in your post.
Edit: and in case you didn't understand, my family had an active role in the Italian Resistance. They were part of a minority at the time. I can distinguish positions. I have to. But you can't deny most part of the American people supported the war. It's a fact. Go read the polls and stop hinting at antiamericanism. This isn't the first time you do such a thing because you don't like something.
Edit: and in case you didn't understand, my family had an active role in the Italian Resistance. They were part of a minority at the time. I can distinguish positions. I have to. But you can't deny most part of the American people supported the war. It's a fact. Go read the polls and stop hinting at antiamericanism. This isn't the first time you do such a thing because you don't like something.
Last edited by Albieg, .
In one thing Vietnam cannot be compared to Iraq, and that is the all-volunteer basis of the US Army we have today. No draft means - theoretically - that all the soldiers who went to Iraq knew there was a possibility, and they accepted it, unless you accept Ehren Watada's ideas as valid (and for the record I do, the history of my family is deeply rooted in the Italian Resistance to fascism and this has a large influence on my ideas).
The absence of a draft is a major distinction in this case.
No compensation, not even a moral one, will ever be paid by the US to Iraq. The US expect their enemies play by the book, but they don't. A twisted notion of sovereignty and the historical lack of interest in foreign affairs shields the general public from the form of self-criticism that both Germany's and Italy's social textures had to endure.
And just to be clear, I'm not comparing the extent of the crimes of nazism, fascism or stalinism to the extent of the violations of International laws (which are - not only in my opinion - still crimes) committed by the US. I know they are completely different things and that the US is a fully formed democracy, but the same rules apply. "We didn't know" is hardly a good justification when someone simply didn't care to listen to the words of the IAEA. They had to know better and now everybody knows they knew better, but the documents were there at the time. Uranium from Niger? How the hell could someone believe to such a blatant Italian intelligence forgery that was ruled out as bull by the Italian investigative press immediately (except of course from Panorama, owned by Berlusconi)?
Powell regrets his stunt at the UN as a painful "blot" in his career, but estimates made by people who were really in the know (and acknowledged worldwide to be so) were already widely available at the time.
The reputation of people who knew what they were doing has been smeared, and since then restored to the shame of all the falling heads in the US government. May Powell's blot hunt him in his nightmares for all his life to come.
The absence of a draft is a major distinction in this case.
No compensation, not even a moral one, will ever be paid by the US to Iraq. The US expect their enemies play by the book, but they don't. A twisted notion of sovereignty and the historical lack of interest in foreign affairs shields the general public from the form of self-criticism that both Germany's and Italy's social textures had to endure.
And just to be clear, I'm not comparing the extent of the crimes of nazism, fascism or stalinism to the extent of the violations of International laws (which are - not only in my opinion - still crimes) committed by the US. I know they are completely different things and that the US is a fully formed democracy, but the same rules apply. "We didn't know" is hardly a good justification when someone simply didn't care to listen to the words of the IAEA. They had to know better and now everybody knows they knew better, but the documents were there at the time. Uranium from Niger? How the hell could someone believe to such a blatant Italian intelligence forgery that was ruled out as bull by the Italian investigative press immediately (except of course from Panorama, owned by Berlusconi)?
Powell regrets his stunt at the UN as a painful "blot" in his career, but estimates made by people who were really in the know (and acknowledged worldwide to be so) were already widely available at the time.
The reputation of people who knew what they were doing has been smeared, and since then restored to the shame of all the falling heads in the US government. May Powell's blot hunt him in his nightmares for all his life to come.
Really, really strange...
If you managed to keep the old LFS executable (I always keep no longer active suspect files until analysis is finished) you could compare the two with fc from a command prompt to see if there's a difference.
If you managed to keep the old LFS executable (I always keep no longer active suspect files until analysis is finished) you could compare the two with fc from a command prompt to see if there's a difference.
Stop telling others to listen, start listening, stop hiding behind a finger. You did something stupid. Maybe this doesn't transform you in a bad person, but this transforms you in a programmer I'd manage to get fired instantly.
Denying responsibility isn't professional either, muhaa.
Moreover muhaa failed to keep track of the time passed between the discovery of the security issues and of his disclosure, he spread a poc in the wild, he didn't take into account the fact that LFS isn't so widespread. I see no professionality in this.
They keep this database as a form of advertising for their worldwide security chapters: a bit of shame for the defaced, a bit of fame for the defacers and tah-dah! You need zone-h. We'll secure your website, but maybe a zone-h founder will wiretap you. Not now, for sure
.Edit: and they fail to mention that Ghioni is in deep trouble with justice... No full disclosure in this case.
LFS stops working (maybe). That's all.
If this is real, he just lost a lot of respect from me.
Edit: nice to know that muhaa... I can't condone what Ghioni has done.
+1. Proofs of concept are considered a good practice, although spreading them in the wild isn't justifiable.
Anyway, all of this reminds me of the wonderful words of Thomas Hesse, Sony BMG's president: "Most people, I think, don't even know what a rootkit is, so why should they care about it?"
By the same logic if you don't know what cancer is, you shouldn't care about it. That's stupid. I prefer to know. I prefer to be warned about risks. As a software user I have a right to know and take action to prevent abuses from those who have the know-how.
Alright Sam, you know I respect your ideas. But let's get a fact straight: there may be black, grey and white hats out there, but there isn't any sure border.
You quote a page in zone-h, a defacement database site. They teach security, they enforce security, they warn about criminal activities. They MUST be good, after all...
Well, not all of them. One of the two founders, Ghioni, is in jail. He's involved in breaching into the computer of the president of Rizzoli - Corriere della Sera, he was the leader of the tiger team of Telecom Italia, he's presumably involved in the illegal wiretapping of thousands of persons, there are pending investigations that tie him to the Italian military secret service and to the persons who were responsible for the kidnap of an imam in Milan, who was abducted by CIA agents who were subsequently investigated.
This is an international scandal involving someone who's presumed to be a white hat. He's been rotting in jail for months, and probably he's safer there than out, given the number of secrets he knows. He talks very little to investigators, and it's easy to understand why.
If you want different examples (Mitnick anyone?) there are tons of not so good people turning bad, and tons of not so bad people turning good. That's the norm.
My position is generally for full disclosure, but I do not condone any kind of attack, disruptive or not. I'm for research in a controlled environment, or after having obtained permission to do so. I respect the job of the people who disclose their discoveries and don't keep their knowledge for themselves for illegal activities.
Edit: full disclosure after an acceptable amount of time. Read the story about Robin Hood and Friar Tuck here:
http://www.retrologic.com/jargon/meaning-of-hack.html
Last edited by Albieg, .
Nothing should really change, the md5 hash you see on Jotti is calculated on the whole file, and if the hash is the same there's no reason to believe the files are different. You should have the same results if the md5 hash is the same.
Having the same hash with different files is possible (although extremely rare), but I think I can safely rule out this possibility in this case.
Edit: I add the results of my online scan for reference.
File: LFS.exe
Status:
POSSIBLY INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) (Note: this file was only flagged as malware by heuristic detection(s). This might be a false positive. Therefore, results of this scan will not be stored in the database)
MD5: e0c2f6ca50eb7e9007071c163f9f0474
Scan taken on 28 Aug 2007 14:45:22 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found DLOADER.Trojan (probable variant)
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Rising Antivirus Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing
Last edited by Albieg, .
That's a false positive, something in LFS.EXE exhibits code which is similar but not equal to a trojan. This happens with heuristic scans, that's why some antiviruses have a better recognition than others.
(but they're prone to false positives
)
Update: I installed Antivir on Vista and updated it. I scanned LFS.EXE with both low, mid and high heuristic recognition and no problem whatsoever was signalled with the executable. Mmmm. I then submitted LFS.EXE to Jotti. The files have the same md5 hash, so they should be exactly the same file. The scan results are the same. This is a false positive, although I cannot tell exactly why since Antivir has a different behaviour on your computer and on mine: it may be different updates, different OSes or an interaction with other resident protection tools.
(but they're prone to false positives
)Update: I installed Antivir on Vista and updated it. I scanned LFS.EXE with both low, mid and high heuristic recognition and no problem whatsoever was signalled with the executable. Mmmm. I then submitted LFS.EXE to Jotti. The files have the same md5 hash, so they should be exactly the same file. The scan results are the same. This is a false positive, although I cannot tell exactly why since Antivir has a different behaviour on your computer and on mine: it may be different updates, different OSes or an interaction with other resident protection tools.
Last edited by Albieg, .
Really looks like a false positive to me. Antivir is over-zealous in this case, it must be the heuristic recognition. Ignore the threat, set Antivir to ignore LFS.EXE or the whole folder or disable heuristics.
False positive or not?
Don't take immediate action. Take note of the full path of the executable. Use the search if necessary. Take note if different versions of the same file are available. Then look at file properties: dimensions, last accessed, last modified. Compare the dimensions to a clean LFS.EXE (I'm at work, I cannot give the right dimensions). If last modify is not the last day in which you updated your LFS version, it's suspicious. It may also be a false positive (it happens).
To have a better insight, go to http://virusscan.jotti.org . Wait in line till the server allows you to upload. Upload LFS.EXE and take a look at the results. Post it here if you like, I can have a look at them for you. Please, just the text.
Edit - That file seems to be somewhere in your Documents and Settings folder. This is in no way a correct location for LFS, although you may have installed it there. Take a look at the path of LFS you usually run.
Re-Edit: the dimension of LFS.EXE should be 1.728.512 byte.
Don't take immediate action. Take note of the full path of the executable. Use the search if necessary. Take note if different versions of the same file are available. Then look at file properties: dimensions, last accessed, last modified. Compare the dimensions to a clean LFS.EXE (I'm at work, I cannot give the right dimensions). If last modify is not the last day in which you updated your LFS version, it's suspicious. It may also be a false positive (it happens).
To have a better insight, go to http://virusscan.jotti.org . Wait in line till the server allows you to upload. Upload LFS.EXE and take a look at the results. Post it here if you like, I can have a look at them for you. Please, just the text.
Edit - That file seems to be somewhere in your Documents and Settings folder. This is in no way a correct location for LFS, although you may have installed it there. Take a look at the path of LFS you usually run.
Re-Edit: the dimension of LFS.EXE should be 1.728.512 byte.
Last edited by Albieg, .
I have a long term experience with Avast and I'm far from happy with it.
This comparison chart confirms what I read somewhere else and what I experienced first-hand.
That's what most Italians think about their politicians, all of them. But for me that's a sort of daydreaming, so I take a different approach: maybe those politicians are perfect representatives.
FGED GREDG RDFGDR GSFDG