Dustin wrote:
> You said that Tony told you I was fired.
Cite the MID, Dustin
Dustin wrote:
> You said that Tony told you I was fired.
Cite the MID, Dustin
On Tue, 11 Oct 2011 23:52:16 +0100, ~BD~ wrote:
> Dustin wrote:
>> You said that Tony told you I was fired.
>
> Cite the MID, Dustin
LOL. Back-pedalling ****.
--
America is the only country that went from barbarism to decadence without
civilization in between. - Oscar Wilde
~BD~ <~BD~@nomail.afraid.org> wrote in news:j72hb0$uij$2@dont-email.me:
> Dustin wrote:
>> You said that Tony told you I was fired.
>
> Cite the MID, Dustin
I don't need to do so. You think you're coy with the inference, but you've
bragged on more than one occasion you had a source that said I was let go.
I wasn't.
You, lied.
--
I am a sinner
Hold my prayers upto the sun
I am a sinner
Heaven's closed for what I've done.
On Tue, 11 Oct 2011 23:51:38 +0000, Dustin wrote:
> ~BD~ <~BD~@nomail.afraid.org> wrote in news:j72hb0$uij$2@dont-email.me:
>
>> Dustin wrote:
>>> You said that Tony told you I was fired.
>>
>> Cite the MID, Dustin
>
> I don't need to do so. You think you're coy with the inference, but
> you've bragged on more than one occasion you had a source that said I
> was let go.
>
> I wasn't.
>
> You, lied.
IAWTP.
**** me, Dustin- you're really on a roll these days.
:-)
--
America is the only country that went from barbarism to decadence without
civilization in between. - Oscar Wilde
Dustin wrote:
> ~BD~<~BD~@nomail.afraid.org> wrote in news:j72hb0$uij$2@dont-email.me:
>
>> Dustin wrote:
>>> You said that Tony told you I was fired.
>>
>> Cite the MID, Dustin
>
> I don't need to do so. You think you're coy with the inference, but you've
> bragged on more than one occasion you had a source that said I was let go.
>
> I wasn't.
>
> You, lied.
I'm only human, Dustin.
We interpreted the given information differently, obviously.
Translation: damn you caught me.
"~BD~" <~BD~@nomail.afraid.org> wrote in message
news:j72f00$gln$1@dont-email.me...
<shrug>
So you lied yet again.
Give it up you lying *******.
"~BD~" <~BD~@nomail.afraid.org> wrote in message
news:j71d9r$t8f$1@dont-email.me...
~BD~ wrote:
[....]
> I'll see if I can find anything regarding TechAngel on WayBack Machine.
> It was a great place to play that I found on the Annexcafe User2User web
> site when I first went there some five years ago.
No success as yet, but she did exist!
"Dustin" <bughunter.dustin@gmail.com> wrote in message
news:Xns9F79E70342F2FHHI2948AJD832@no...
> "FromTheRafters" <erratic.howard@gmail.com> wrote in
> news:j6td40$86m$1@dont-email.me:
>
>> LoJack for Laptops comes closer to being a virus than does Mebromi.
>
> They're about the same. The same technology. However, atleast with
> lojack they have bios vendor support and cooperation so aren't reduced
> to including 3rd party utility to flash one style of BIOS only.
I was looking at it more from a computer science angle. If the persistence
module contains the modified MBR code (and overwrites the MBR if it is
found to be unmodfied), and the MBR supports the agent, and the agent
(perhaps through a network resource) can detect that the BIOS has been
unmodified (flashed without the LoJack code) and it can reflash the BIOS,
it appears to me that it qualifies as a virus.
The computer science virus definition makes no restriction on how the
process plays out, only the result is important. Mebromi doesn't have
that two-way guardian aspect - it only flashes the BIOS during the
installation and it is thereafter un-guarded. So Lojack comes closer,
and in fact may even qualify as a virus.
> Membromi is a compilation of tools and a bit of coding, but generally
> trojan.. asshat level work.
>
>> I think that soon there will be a virus that infects the BIOS and
>> have always thought so, but it may not behave like your typical
>> malware virus.
>
> I would be inclined to agree. However, the viral code must replicate.
>Persistance alone doesn't qualify.
Right, but do you see where I'm coming from where viral code is the
means for the implementation of the persistence? Two "programs"
(BIOS routine, MBR/code in partiton gaps/agent/network) that
are basically looking for infection markers and re-infecting if found
missing. The only thing missing is the obvious spreading (lack of
sneakernet vector for BIOS and harddrives) which isn't really a
requirement for a virus in the comp-sci arena - it is only required
that it doesn't overwrite its parent.
>> Those security specialists should explain to me how Mebromi
>> qualifies as a virus. While it is a PE file infector, I don't see
>> any recursive replication
>> going on overall. Before any discussion with them, I'd have to
>> ascertain whether or not they subscribe to the "all worms are
>> viruses" idea - and *then* ask them to explain how Mebromi even
>> qualifies as a worm once that idea is despensed with.
>
> It's not a file infector.
It's not a file infecting virus, but it does infect PE files according to the
write-up. The infection is not aimed at replication, but is only a means
of attaching to the startup axis without using the registry I think.
> The modified files will not "spread" code to
> other files. It's modifying two PE files to ensure it gets an
> opportunity to startup another module included with it.
Yes, so I take it you refuse to adopt the idea that "infection" can be used
to mean that particular type of file modification even if it is not viral?
That's okay, as long as I remember your take on it.
BTW, I found this about droppers, it appears that I have used older
terminology than you have on this one.
"A Dropper is a standalone program that drops a virus to a system.
Usually a dropper for a file virus is a very small program (a few bytes)
infected by a virus.
A dropper for a boot virus is usually a program that writes the image
of a boot sector virus stored inside it to a hard or floppy drive.
Virus droppers are no longer widespread as malware with the same
capabilities integrated are becoming more common. Malicious
programs with dropper-like capabilities are now identified as
Trojan-Droppers.."
http://www.f-secure.com/v-descs/other_w32_dropper.shtml
and this
"A DROPPER is a program that has been designed or modified to "install" a
virus onto the target system. The virus code is usually contained in a
dropper in such a way that it won't be detected by virus scanners that
normally detect that virus (i.e., the dropper program is not *infected*
with the virus). While quite uncommon, a few droppers have been
discovered. A dropper is effectively a Trojan Horse (see B3) whose
payload is installing a virus infection. A dropper which installs a
virus only in memory (without infecting anything on the disk) is
sometimes called an "injector"."
http://stason.org/TULARC/security/co...ter-virus.html
They seem to agree with my view that a zeroth iteration virus is actually a
dropper.
Unfortunately, these two are opposed on the idea that a virally "infected" file
is a dropper.
[...]
FromTheRafters wrote:
> "Dustin"<bughunter.dustin@gmail.com> wrote in message
> news:Xns9F79E70342F2FHHI2948AJD832@no...
>> "FromTheRafters"<erratic.howard@gmail.com> wrote in
>> news:j6td40$86m$1@dont-email.me:
>>
>>> LoJack for Laptops comes closer to being a virus than does Mebromi.
>>
>> They're about the same. The same technology. However, atleast with
>> lojack they have bios vendor support and cooperation so aren't reduced
>> to including 3rd party utility to flash one style of BIOS only.
>
> I was looking at it more from a computer science angle. If the persistence
> module contains the modified MBR code (and overwrites the MBR if it is
> found to be unmodfied), and the MBR supports the agent, and the agent
> (perhaps through a network resource) can detect that the BIOS has been
> unmodified (flashed without the LoJack code) and it can reflash the BIOS,
> it appears to me that it qualifies as a virus.
>
> The computer science virus definition makes no restriction on how the
> process plays out, only the result is important. Mebromi doesn't have
> that two-way guardian aspect - it only flashes the BIOS during the
> installation and it is thereafter un-guarded. So Lojack comes closer,
> and in fact may even qualify as a virus.
>
>> Membromi is a compilation of tools and a bit of coding, but generally
>> trojan.. asshat level work.
>>
>>> I think that soon there will be a virus that infects the BIOS and
>>> have always thought so, but it may not behave like your typical
>>> malware virus.
>>
>> I would be inclined to agree. However, the viral code must replicate.
>>
>
> Right, but do you see where I'm coming from where viral code is the
> means for the implementation of the persistence? Two "programs"
> (BIOS routine, MBR/code in partiton gaps/agent/network) that
> are basically looking for infection markers and re-infecting if found
> missing. The only thing missing is the obvious spreading (lack of
> sneakernet vector for BIOS and harddrives) which isn't really a
> requirement for a virus in the comp-sci arena - it is only required
> that it doesn't overwrite its parent.
>
>>> Those security specialists should explain to me how Mebromi
>>> qualifies as a virus. While it is a PE file infector, I don't see
>>> any recursive replication
>>> going on overall. Before any discussion with them, I'd have to
>>> ascertain whether or not they subscribe to the "all worms are
>>> viruses" idea - and *then* ask them to explain how Mebromi even
>>> qualifies as a worm once that idea is despensed with.
>>
>> It's not a file infector.
>
> It's not a file infecting virus, but it does infect PE files according to the
> write-up. The infection is not aimed at replication, but is only a means
> of attaching to the startup axis without using the registry I think.
>
>> The modified files will not "spread" code to
>> other files. It's modifying two PE files to ensure it gets an
>> opportunity to startup another module included with it.
>
> Yes, so I take it you refuse to adopt the idea that "infection" can be used
> to mean that particular type of file modification even if it is not viral?
>
> That's okay, as long as I remember your take on it.
>
> BTW, I found this about droppers, it appears that I have used older
> terminology than you have on this one.
>
> "A Dropper is a standalone program that drops a virus to a system.
> Usually a dropper for a file virus is a very small program (a few bytes)
> infected by a virus.
>
> A dropper for a boot virus is usually a program that writes the image
> of a boot sector virus stored inside it to a hard or floppy drive.
>
> Virus droppers are no longer widespread as malware with the same
> capabilities integrated are becoming more common. Malicious
> programs with dropper-like capabilities are now identified as
> Trojan-Droppers.."
>
> http://www.f-secure.com/v-descs/other_w32_dropper.shtml
>
> and this
> "A DROPPER is a program that has been designed or modified to "install" a
> virus onto the target system. The virus code is usually contained in a
> dropper in such a way that it won't be detected by virus scanners that
> normally detect that virus (i.e., the dropper program is not *infected*
> with the virus). While quite uncommon, a few droppers have been
> discovered. A dropper is effectively a Trojan Horse (see B3) whose
> payload is installing a virus infection. A dropper which installs a
> virus only in memory (without infecting anything on the disk) is
> sometimes called an "injector"."
>
> http://stason.org/TULARC/security/co...ter-virus.html
>
> They seem to agree with my view that a zeroth iteration virus is actually a
> dropper.
>
> Unfortunately, these two are opposed on the idea that a virally "infected" file
> is a dropper.
>
> [...]
You are *SO* clever! :-)
On Wed, 12 Oct 2011 20:04:58 +0100, ~BD~ grovelled to FromTheRafters:
> You are *SO* clever!
You are *SUCH* a brown-nosing ****.
--
America is the only country that went from barbarism to decadence without
civilization in between. - Oscar Wilde
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote