hummingbird submitted this idea :
>>
>> I think Ed is dead in the head.
> Ded Mullet?
"Now that's funny I don't care WHO you are..."
Cable Guy
Drumstick
hummingbird submitted this idea :
>>
>> I think Ed is dead in the head.
> Ded Mullet?
"Now that's funny I don't care WHO you are..."
Cable Guy
Drumstick
..oO(Me Here)
>Beauregard T. Shagnasty wrote:
>>
>> Micha already answered the point about how a website hijacking the hosts
>> file isn't possible.
>>
>
>It *IS* possible, that's the point - websites can, and do, do that. Why
>does *his* statement pass without so much as a cite whereas mine is
>required to produce fact (which I gave). Where are *his* cites? Why do
>you believe *his* statement and not mine? Because it supports *your*
>point of view?
Just think logically:
1) What is a website? It's HTML and CSS. It's a document, not a program.
You can display it in various formats, but it can't gain kind of an own
life to do funny things to your computer outside its rendering context.
Logical conclusion: A website alone doesn't do that.
2) A browser is just a viewer to display these HTML documents. Even if
there might be some active content like JS embedded into it, it's run in
a sandbox-like environment inside the browser, which itself runs in user
space and doesn't have anything to do with the operating system nor a
way to manipulate it.
Logical conclusion: A good browser doesn't do that.
3) Even if there might be a way to break out of the browser sandbox due
to a buggy plugin or a broken JS implementation, and even if there would
be a way to download and execute some software without the user taking
notice, there's still the operating system (in the Windows world this
means NT/2k/XP - we don't have to talk about the toys 95/98/ME), which
prevents unauthorized accesses to its most important entrails like libs
and system configuration files. The hosts file is not write-accessible
for any regular user, only the system itself and the admins/root are
granted access to modify it.
Logical conclusion: An appropriate system setup doesn't allow that.
Q.E.D.
Of course if you do your daily work with admin privileges (or root on
*nix), then you should never (really never!) complain about problems
with malware or a screwed-up system. Even though it sounds harsh, it's
mostly your own fault and you get what you deserve. Of course you can
also thank MS for not enforcing the creation of a non-privileged user
account on Windows installation, but that's just a part of the problem.
>> My hosts file is located here: /etc/hosts
>> What host file manager would you recommend I use?
>
>There are several freeware ones I used to use before I changed to
>OpenDNS. Google Hostfile manager and I'm sure you'll find them.
He's not using Windows, but some kind of *nix system. There all system
configuration files are stored in the /etc folder (you can guess where
MS stol^Wgot the name for its hosts directory from ...)
>> And like Micha, I don't have any anti- anything software on my computer
>> either.
>>
>
>It is true, there is a sucker born ever minute. It's only a matter of
>time (if it hasn't happened yet) before you get bent over.
The last virus on my workstation was called Sunday. It's been quite a
while since these old MS-DOS days.
Micha
On Mon, 14 Jul 2008 23:36:48 GMT
***The FORGER Franklin***, using the name hummngbird wrote:
--nothing--
--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)
On Mon, 14 Jul 2008 18:59:49 -0500, Michael Fesser <netizen@gmx.de> wrote:
> Just think logically:
>
> 1) What is a website? It's HTML and CSS. It's a document, not a program.
> You can display it in various formats, but it can't gain kind of an own
> life to do funny things to your computer outside its rendering context.
>
> Logical conclusion: A website alone doesn't do that.
Micha...this premise is just wrong. Websites can and do contain all kinds
of scripts.
--
Bear Bottoms
Freeware website: http://bearware.info
..oO(Bear Bottoms)
>On Mon, 14 Jul 2008 18:59:49 -0500, Michael Fesser <netizen@gmx.de> wrote:
>
>> Just think logically:
>>
>> 1) What is a website? It's HTML and CSS. It's a document, not a program.
>> You can display it in various formats, but it can't gain kind of an own
>> life to do funny things to your computer outside its rendering context.
>>
>> Logical conclusion: A website alone doesn't do that.
>
>Micha...this premise is just wrong. Websites can and do contain all kinds
>of scripts.
Correct, but I consider them just additions to a website. They are
always optional (like images and CSS) and not interpreted by every
browser. But I also mentioned those scripts in my second point.
Micha
Beauregard T. Shagnasty wrote:
> Me Here wrote:
>
>> Beauregard T. Shagnasty wrote:
>>> And like Micha, I don't have any anti- anything software on my
>>> computer either.
>> It is true, there is a sucker born ever minute. It's only a matter
>> of time (if it hasn't happened yet) before you get bent over.
>
> You are apparently assuming I am using a Windows operating system.
>
Tue, probably because Windows is the most prevalent system, however,
that aside, malware is not limited to Windows systems alone. Most are,
but not all.
--
Me Here
Here we have a country whose urban population happily inhales a
bewildering cocktail of combustion fumes on a daily basis; 12 per cent
of whose male population under the age of 35 will die prematurely as a
result of smoking tobacco (a more unpleasant death than anthrax, which
is mostly shock); not to mention that anthrax is harder to contract than
lung cancer, with both a cure and a vaccine. Yet, let one man in Florida
die of that obscure ailment and suddenly war-surplus stores are selling
out of Israeli gas masks at 110 bucks a pop. -- John MacLachlan Gray,
Globe and Mail, October 17, 2001 commenting on the 2001 anthrax scares.
Michael Fesser wrote:
> .oO(Bear Bottoms)
>
>> On Mon, 14 Jul 2008 18:59:49 -0500, Michael Fesser <netizen@gmx.de> wrote:
>>
>>> Just think logically:
>>>
>>> 1) What is a website? It's HTML and CSS. It's a document, not a program.
>>> You can display it in various formats, but it can't gain kind of an own
>>> life to do funny things to your computer outside its rendering context.
>>>
>>> Logical conclusion: A website alone doesn't do that.
>> Micha...this premise is just wrong. Websites can and do contain all kinds
>> of scripts.
>
> Correct, but I consider them just additions to a website. They are
> always optional (like images and CSS) and not interpreted by every
> browser. But I also mentioned those scripts in my second point.
>
> Micha
Sure Micha, I concede a pure HTML/CSS website can't do much in the way
of controlling your computer (when was the last time you ever saw a
"plain" website?), or a properly setup browser, however, that was never
what this was about. We are talking about someone's system (which
obviously *hasn't* been secured properly) being at risk and the user
wanting to know steps to take to secure it. You know as well as I, a
malware site will never be just "plain". Most websites are now
JS/WSH/ActiveX enabled, multimedia light shows all of which require a
user to have some sort of software installed on their computer just to
access them. It's these systems which are at risk *if* they aren't
secured correctly.
My point is, unless you've previously visited a site, you don't know how
it's going to interact with your browser and therefore, you should
always err on the side of caution and ensure your system is secure,
regardless of whatever O/S you run.
--
Me Here
"The biggest threat [to privacy] is public complacency" -- John Gilmore
fighting regulations about having to show ID when flying.
[FORGER] hummingbird wrote:
> hummingbird <hummingbird@127.0.0.1> wrote in
> news:MPG.22e5e45e12ad0cd49896ab@news.x-privat.org:
>> On Mon, 14 Jul 2008 17:58:02 +0100, hummingbird wrote in <g5g43a.8o.1
>> @localhost.127.0.0.1>:
>>> On Mon, 14 Jul 2008 12:05:55 -0400 'Beauregard T. Shagnasty'
>>> wrote this on alt.comp.freeware:
>>>> hummingbird wrote:
>>>>> 'Beauregard T. Shagnasty' wrote:
>>>>>> hummingbird wrote:
>>>>>>> [HEALTH WARNING]
>>>>>>> If you switch off all your security s/w and surf to this website,
>>>>>>> see what happens: xxx.pricelessware.org
>>>>>> Ok, I did. I see a ~1995-coding-style web site with many lists of
>>>>>> free Windows software. What was supposed to happen?
>>>>> Well, several months ago, if you had no security running that
>>>>> website was discreetly transferring you to a URL based in HK and
>>>>> downloading a trojan onto your system and running it to take you
>>>>> over. A recent poster reported a similar problem only a coupla
>>>>> days ago on ACF. I believe a malicious a-frame was installed by
>>>>> hackers. Much debate here about it on ACF at the time.
>>>
>>>> So that was a Windows trojan then?
>>> The one in question is called "trojan.systemposer".
>>>
>>>> Ok, I understand. To become
>>>> infected, you probably needed to be using a Windows OS,
>>> I use XP-Pro. I have no idea if *nix suffers the same problems.
>>> Some people say it's more secure, but that's probably because
>>> the hackers focus on MS s/w.
>>>
>>>> probably Internet Explorer,
>>> I use an IE clone (Avant).
>>>
>>>> probably allowing ActiveX, probably don't have
>>>> patches to stop malicious iframe redirection (which is quite common
>>>> on hacked sites). [I guess you meant iframe, rather than a-frame.]
>>> Sorry, yes I meant i-frame. >>
>>> The problem with banning Active-X across the board in IE browsers
>>> is that some websites simply don't display correctly without it.
>>>
>>>
>>>>> After I got hit by it, I added the URL into my HOSTS file to
>>>>> prevent myself ever going there again in error.
>>>> If you got hit by this trojan, then which of the above were you not
>>>> securing yourself from? Windows/IE/Active X/patches/iframes ?
>>> All, but I took immediate to kill it and recovered within an hour.
>>> I might add that that was the first time ever I got hit, and that
>>> is without running AV s/w and not having a lot of browser patches,
>>> although my browsing security is quite tight.
>>>
>>> I read in the thread that you don't use Windows, so you probably
>>> don't have all these problems. But my earlier point was about them
>>> affecting a majority of users using Windows.
>>>
>> ------FORGERY---------
>>
>
> ---- FORGERY ----
>
> hb
Oh, please stop with the forgories - they aren't fooling anyone who's
taken the time out to setup filters correctly. Everytime you post, you
come up in bright orange in my newsreader so it's not like you can hide
or I'll mistake you for the real hummingbird. Changing the MSG ID line
does nothing, my RegEx filters are smarter than that.
--
Me Here
POLITICS definition: "poly" = many, "tics" = blood sucking parasites. --
L. K. Foltz
hummingbird wrote:
> On Tue, 15 Jul 2008 00:16:33 +1000 'Me Here'
> wrote this on alt.comp.freeware:
>
>> hummingbird wrote:
>>> On Mon, 14 Jul 2008 14:23:03 +1000 'Me Here'
>>> wrote this on alt.comp.freeware:
>>>
>>>> Tom wrote:
>>>>> On Sun, 13 Jul 2008 13:45:20 -0400, C A Upsdell wrote:
>>>>>
>>>>>> If Windows, Ctrl Alt Delete to call up the task manager; select the
>>>>>> browser; kill it.
>>>>> Very inelegant.
>>>>>
>>>>> When you have a dozen tabs open, killing the browser, kills all the tabs.
>>>>>
>>>>> When you restart Firefox, it asks if you want to open all the old tabs,
>>>>> but, of course, that will just open the quicksand site all over again.
>>>>>
>>>>> So, without editing the hosts file and shift reloading, you're forced to
>>>>> say NO to reloading your old tabs ... and you lose them all.
>>>>>
>>>>> That's why you don't kill the browser session.
>>>>>
>>>>> Luckily we found a single-click way to solve the problem (type "start ->
>>>>> run -> hosts, add the offending domain, and shift reload the browser). This
>>>>> turns the quicksand URL into cement. Voila! Thanks to hummingbird!
>>>
>>>> If you have other tabs open that you want to keep viewing, then yes,
>>>> it's a good immediate, albeit 'temporary' solution to the problem. I
>>>> say temporary because using a Hosts file isn't a good solution. Many
>>>> malware sites scan and remove their listings from hosts files (and even
>>>> locking it via the read-only attribute won't protect you). They do it
>>>> by making you log into a benign site first (one that isn't blocked) and
>>>> using that to remove their entry from your Hosts file before redirecting
>>>> you and trapping your browser.
>>> Good point MH. I've never experienced that trick, especially since
>>> I started safe hexing, but I am aware it can happen.
>>>
>>> These days, I seem to be safe with a hosts file to block unwanted
>>> sites, plus a supplementary program or two (SpyWareBlaster etc).
>>>
>>>
>>>> Even running free FireFox addons such as
>>>> NoScript won't protect you unless you've been caught before and know not
>>>> to allow the site access to Java or JS. You should really be running
>>>> an IP blocking program like PeerGuardian or if that is too much hassle,
>>>> do what I do and use OpenDNS. I'm sure there are other solutions, those
>>>> two just spring to mind. My advice, if you don't want this happening
>>>> again and you're the type that's likely to run across sites like these
>>>> often, is to do a bit of research into blocking methods and choose the
>>>> one that best suits your need.
>>>
>> As I said, a hosts file is great, so long as you protect it otherwise it
>> becomes pointless. Many programs out there now protect things like Home
>> pages and hosts files simply because security companies are aware that
>> they are easily hijacked with things like WSH or ActiveX (or even a
>> crappy FF addon).
>
> Yeah, I must think about protecting my own hosts file. I think
> SpyWareBlaster offers this feature.
>
> [rushes off to check]
>
>
Yes it does, I use it myself. Even if you use the stock Hosts file
(with no entries other than 127.0.0.1), you should still lock it down
because malwares sites have been known to add security site IP's to
block them in it in an effort to remain undetected (some people don't
run antivirus software locally but prefer to run "online" scans).
--
Me Here
Don't worry about people stealing your ideas. If your ideas are any
good, you'll have to ram them down people's throats. -- Howard Aiken
On Tue, 15 Jul 2008 11:05:10 +1000 'Me Here'
wrote this on alt.comp.freeware:
>hummingbird wrote:
>> On Tue, 15 Jul 2008 00:16:33 +1000 'Me Here'
>> wrote this on alt.comp.freeware:
>>
>>> hummingbird wrote:
>>>> On Mon, 14 Jul 2008 14:23:03 +1000 'Me Here'
>>>> wrote this on alt.comp.freeware:
>>>>
>>>>> Tom wrote:
>>>>>> On Sun, 13 Jul 2008 13:45:20 -0400, C A Upsdell wrote:
>>>>>>
>>>>>>> If Windows, Ctrl Alt Delete to call up the task manager; select the
>>>>>>> browser; kill it.
>>>>>> Very inelegant.
>>>>>>
>>>>>> When you have a dozen tabs open, killing the browser, kills all the tabs.
>>>>>>
>>>>>> When you restart Firefox, it asks if you want to open all the old tabs,
>>>>>> but, of course, that will just open the quicksand site all over again.
>>>>>>
>>>>>> So, without editing the hosts file and shift reloading, you're forced to
>>>>>> say NO to reloading your old tabs ... and you lose them all.
>>>>>>
>>>>>> That's why you don't kill the browser session.
>>>>>>
>>>>>> Luckily we found a single-click way to solve the problem (type "start ->
>>>>>> run -> hosts, add the offending domain, and shift reload the browser). This
>>>>>> turns the quicksand URL into cement. Voila! Thanks to hummingbird!
>>>>
>>>>> If you have other tabs open that you want to keep viewing, then yes,
>>>>> it's a good immediate, albeit 'temporary' solution to the problem. I
>>>>> say temporary because using a Hosts file isn't a good solution. Many
>>>>> malware sites scan and remove their listings from hosts files (and even
>>>>> locking it via the read-only attribute won't protect you). They do it
>>>>> by making you log into a benign site first (one that isn't blocked) and
>>>>> using that to remove their entry from your Hosts file before redirecting
>>>>> you and trapping your browser.
>>>> Good point MH. I've never experienced that trick, especially since
>>>> I started safe hexing, but I am aware it can happen.
>>>>
>>>> These days, I seem to be safe with a hosts file to block unwanted
>>>> sites, plus a supplementary program or two (SpyWareBlaster etc).
>>>>
>>>>
>>>>> Even running free FireFox addons such as
>>>>> NoScript won't protect you unless you've been caught before and know not
>>>>> to allow the site access to Java or JS. You should really be running
>>>>> an IP blocking program like PeerGuardian or if that is too much hassle,
>>>>> do what I do and use OpenDNS. I'm sure there are other solutions, those
>>>>> two just spring to mind. My advice, if you don't want this happening
>>>>> again and you're the type that's likely to run across sites like these
>>>>> often, is to do a bit of research into blocking methods and choose the
>>>>> one that best suits your need.
>>>>
>>> As I said, a hosts file is great, so long as you protect it otherwise it
>>> becomes pointless. Many programs out there now protect things like Home
>>> pages and hosts files simply because security companies are aware that
>>> they are easily hijacked with things like WSH or ActiveX (or even a
>>> crappy FF addon).
>>
>> Yeah, I must think about protecting my own hosts file. I think
>> SpyWareBlaster offers this feature.
>>
>> [rushes off to check]
>>
>>
>
>Yes it does, I use it myself. Even if you use the stock Hosts file
>(with no entries other than 127.0.0.1), you should still lock it down
>because malwares sites have been known to add security site IP's to
>block them in it in an effort to remain undetected (some people don't
>run antivirus software locally but prefer to run "online" scans).
Thanks MH, I'll ponder that.
--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote