~BD~ wrote:
> FromTheRafters wrote:
>> "~BD~"<BoaterDave@hot.mail.co.uk> wrote in message
>> news:8aydnQR6ar0tr0DWnZ2dnUVZ8oKdnZ2d@bt.com...
>>> FromTheRafters wrote:
>>>> "~BD~"<BoaterDave@hot.mail.co.uk> wrote in message
>>>> news:156dnS2rcsGUg0HWnZ2dnUVZ8o6dnZ2d@bt.com...
>>> [...]
>>>>> *What if* ....... ?
>>>>>
>>>>> One or more of those 'trusted' malware cleaning forums (or even a
>>>>> trusted software programme) could, surely, download such a programme
>>>>> onto a user's machine so that, forever afterwards, whatever is done
>>>>> on
>>>>> that machine may be monitored by an outside agency.
>>>
>>> Thank you for responding FTR!
>>>
>>>> That's not very likely,
>>>
>>> But .... *I* believe that it is *possible*!
>>> ********
>>>
>>> As I've said elsewhere ..........
>>>
>>> "What a super ruse it would be, eh? - to clear a machine of everyone
>>> else's 'nasties' but then, perhaps, leave their own package installed
>>> on the user's machine. No one would ever suspect, would they?"
>>>
>>>> such a trojan would soon be discovered and dealt
>>>> with - very bad for the 'trusted' source's reputation.[...]
>>>
>>> Now this is where we seem to have a *real* difference of opinion, FTR!
>>>
>>> Just *who* would discover such covert malware. With today's high-speed
>>> and powerful machines a *user* is highly *unlikely* to discover that
>>> they have become part of a botnet! If their /cleaned/ machine is
>>> performing *better* that it had in a long while, why would the *user*
>>> suspect anything untoward?
>>
>> Bigger picture:
>>
>> Remember the quote about how you can fool some of the people some of the
>> time, but you can't fool all of the people all of the time?
>
> “You may fool all the people some of the time, you can even fool some of
> the people all of the time, but you cannot fool all of the people all
> the time.” Abraham Lincoln
>
>> Malware like
>> that relies on the first part of that quote. It doesn't care about the
>> second part because there is no shortage of fools. Such software does
>> eventually get discovered, but usually cannot be traced back to a single
>> source - there are many sources and they change location often. If
>> someone has a *real firewall* then this type of commercial malware's
>> activities can soon be discovered.
>>
>> So asking "who would" is the wrong question - the individual is
>> insignificant in comparison to the whole. Instead you must ask yourself
>> if *anybody* would discover the hidden function, and what that would
>> mean to an otherwise legitimate (contactable) business.
>
> OK. Let' use an example.
>
> I do not consider Aumha.net to be a business (do you?)
>
> Let's say someone goes there for the cleaning of their machine and all
> seems to go to plan. Is there *any* company/organisation which makes
> random checks on such 'help' sites to ensure that nothing untoward,
> along the lines which I've described, is happening - to ensure that they
> are *not* compromising the machines of naive 'customers'?
>
>>> My limited understanding of matters is that once a machine is under
>>> the control of a botmaster, all personal control is effectively lost.
>>>
>>> Do you dispute this?
>>
>> Yes, but I may be reading it differently than you are. It would depend
>> on how much control is still afforded you by the nature of the offending
>> program.
>
> Perhaps you are. I meant that an outside agency may do whatever they
> wish - whenever they wish - with the owner of the machine being
> completely unaware of the 'intruder'. This may only be achieved if the
> user can still carry out whatever he/she wishes to do and does not
> become suspicious in any way.
>
> HTH
>

boater Dave, You are so full of $hit my monitor stinks when I see your
messages. Try a slow boat to anywhere but these newsgroups. OK?

--
JD..