FromTheRafters wrote:
> "~BD~"<BoaterDave@hot.mail.co.uk> wrote in message
> news:8aydnQR6ar0tr0DWnZ2dnUVZ8oKdnZ2d@bt.com...
>> FromTheRafters wrote:
>>> "~BD~"<BoaterDave@hot.mail.co.uk> wrote in message
>>> news:156dnS2rcsGUg0HWnZ2dnUVZ8o6dnZ2d@bt.com...
>> [...]
>>>> *What if* ....... ?
>>>>
>>>> One or more of those 'trusted' malware cleaning forums (or even a
>>>> trusted software programme) could, surely, download such a programme
>>>> onto a user's machine so that, forever afterwards, whatever is done
>>>> on
>>>> that machine may be monitored by an outside agency.
>>
>> Thank you for responding FTR!
>>
>>> That's not very likely,
>>
>> But .... *I* believe that it is *possible*!
>> ********
>>
>> As I've said elsewhere ..........
>>
>> "What a super ruse it would be, eh? - to clear a machine of everyone
>> else's 'nasties' but then, perhaps, leave their own package installed
>> on the user's machine. No one would ever suspect, would they?"
>>
>>> such a trojan would soon be discovered and dealt
>>> with - very bad for the 'trusted' source's reputation.[...]
>>
>> Now this is where we seem to have a *real* difference of opinion, FTR!
>>
>> Just *who* would discover such covert malware. With today's high-speed
>> and powerful machines a *user* is highly *unlikely* to discover that
>> they have become part of a botnet! If their /cleaned/ machine is
>> performing *better* that it had in a long while, why would the *user*
>> suspect anything untoward?
>
> Bigger picture:
>
> Remember the quote about how you can fool some of the people some of the
> time, but you can't fool all of the people all of the time?
“You may fool all the people some of the time, you can even fool some of
the people all of the time, but you cannot fool all of the people all
the time.” Abraham Lincoln
> Malware like
> that relies on the first part of that quote. It doesn't care about the
> second part because there is no shortage of fools. Such software does
> eventually get discovered, but usually cannot be traced back to a single
> source - there are many sources and they change location often. If
> someone has a *real firewall* then this type of commercial malware's
> activities can soon be discovered.
>
> So asking "who would" is the wrong question - the individual is
> insignificant in comparison to the whole. Instead you must ask yourself
> if *anybody* would discover the hidden function, and what that would
> mean to an otherwise legitimate (contactable) business.
OK. Let' use an example.
I do not consider Aumha.net to be a business (do you?)
Let's say someone goes there for the cleaning of their machine and all
seems to go to plan. Is there *any* company/organisation which makes
random checks on such 'help' sites to ensure that nothing untoward,
along the lines which I've described, is happening - to ensure that they
are *not* compromising the machines of naive 'customers'?
>> My limited understanding of matters is that once a machine is under
>> the control of a botmaster, all personal control is effectively lost.
>>
>> Do you dispute this?
>
> Yes, but I may be reading it differently than you are. It would depend
> on how much control is still afforded you by the nature of the offending
> program.
Perhaps you are. I meant that an outside agency may do whatever they
wish - whenever they wish - with the owner of the machine being
completely unaware of the 'intruder'. This may only be achieved if the
user can still carry out whatever he/she wishes to do and does not
become suspicious in any way.
HTH
--
Dave
Reply With Quote
oOdnQEbf6P_6EPWnZ2dnUVZ8kudnZ2d@bt.com...
D