Aces High Bulletin Board
General Forums => Hardware and Software => Topic started by: zack1234 on December 16, 2012, 10:08:29 AM
-
After recent OS update battery lasts for three hours and it gets warm :old:
Delete the email accounts and reinstall, it stops the problem :old:
Appalling really new update cause this :)
-
After recent OS update battery lasts for three hours and it gets warm :old:
Delete the email accounts and reinstall, it stops the problem :old:
Appalling really new update cause this :)
I haven't updated since right before the iPhone 5 came out. Lucky me :D
-
Lucky I didnt switch to 6.0 at all due to the map issues.
-
Too many cooks stirring the pot at Apple I think :)
I have been sniffing around this google OS gizmo's, it said on info no anti virus needed :)
-
Too many cooks stirring the pot at Apple I think :)
I have been sniffing around this google OS gizmo's, it said on info no anti virus needed :)
At least Android is riddled with malware apps.
-
At least Android is riddled with malware apps.
and yet I haven't caught one malware app yet. I'm still waiting on your proof that 15% of the apps are malware.
midway
-
here we go again :D
that said something changed the default page on the internet browser on my android 4.1.2, forwarding me to a pr0n site that forced the phone to download an apk package. I cut the process before the download ended and reinitialized my phone on the spot. Scary.
-
and yet I haven't caught one malware app yet. I'm still waiting on your proof that 15% of the apps are malware.
midway
15% of newly published apps get removed for malware.
You not catching it doesn't mean there aren't any. There are about 2 million Windows viruses and I didn't catch any of them, therefore they don't exist :rolleyes:
Why don't you do yourself a favor and google a little. http://blog.webroot.com/2012/02/17/report-3325-increase-in-malware-targeting-the-android-os/
-
15% of newly published apps get removed for malware.
You not catching it doesn't mean there aren't any. There are about 2 million Windows viruses and I didn't catch any of them, therefore they don't exist :rolleyes:
Why don't you do yourself a favor and google a little. http://blog.webroot.com/2012/02/17/report-3325-increase-in-malware-targeting-the-android-os/
well see the info is given by a company that wants to sell you security programs. and the misleading part here is that according to them "The majority of malicious applications were found on secondary Android application markets, compared to obtaining them from the primary Android Market".
so I am pretty sure if there was a secondary iphone market it would also be ridden with malware. but that is just an excuse by apple to lock down their os. also it's a pretty good excuse for companies to sell you security software. your claim of 15% malware is misleading mrripley.
btw mrripley do you know you can jaibreak your iphone? and there's also secondary markets that have iphone apps? which I am pretty sure also has malware, so according to your own reasoning apple does have and can get malware apps. it's a misleading statement but not different than your 15% claim.
read this I found it funny as hell.
http://nakedsecurity.sophos.com/2012/04/24/mac-malware-study/
midway
-
well see the info is given by a company that wants to sell you security programs. and the misleading part here is that according to them "The majority of malicious applications were found on secondary Android application markets, compared to obtaining them from the primary Android Market".
so I am pretty sure if there was a secondary iphone market it would also be ridden with malware. but that is just an excuse by apple to lock down their os. also it's a pretty good excuse for companies to sell you security software. your claim of 15% malware is misleading mrripley.
btw mrripley do you know you can jaibreak your iphone? and there's also secondary markets that have iphone apps? which I am pretty sure also has malware, so according to your own reasoning apple does have and can get malware apps. it's a misleading statement but not different than your 15% claim.
read this I found it funny as hell.
http://nakedsecurity.sophos.com/2012/04/24/mac-malware-study/
midway
The majority, not all. Of course if Google filters the play store there are going to be less malware infected apps there. But there are known cases where SMS trojans have spread to thousands of users before detected right from the official store.
I'm not dumb enough to start to jailbreak my iPhone and I don't install anything but the most necessary apps on it even from the store obviously.
That Sophos article is a joke - any windows malware that may be found on Mac doesn't affect it at all and originate from windows users. There are less than a handful of known attacks going around for Macs compared to multiple millions for Windows. If a Mac user uses pirated software of course he risks getting infected. But with common sense a Mac is still multitudes safer to use than any windows machine - by using digitally signed apps from the official store and browsing with adblock+noscript.
-
The majority, not all. Of course if Google filters the play store there are going to be less malware infected apps there. But there are known cases where SMS trojans have spread to thousands of users before detected right from the official store.
I'm not dumb enough to start to jailbreak my iPhone and I don't install anything but the most necessary apps on it even from the store obviously.
That Sophos article is a joke - any windows malware that may be found on Mac doesn't affect it at all and originate from windows users. There are less than a handful of known attacks going around for Macs compared to multiple millions for Windows. If a Mac user uses pirated software of course he risks getting infected. But with common sense a Mac is still multitudes safer to use than any windows machine - by using digitally signed apps from the official store and browsing with adblock+noscript.
there it is you just gave the answer to your own misleading statement. anybody dumb enough to go to a secondary android market has a big risk of getting malware just like anybody dumb enough to get iphone apps from a secondary market would.
your statement that 15% of all android apps are malware is misleading as it also would apply to the iphone based on your own logic. even your links and my own link which comes from a company that wants to sell you security software backs up my own misleading statement that the iphone is just as being at risk as the android market. as for my link being a joke, seriously what is different than your own link? let me post another statement that comes from your link.
"Thankfully, Webroot’s diversified portfolio of market propositions, has already released on the market applications aiming to protect end and corporate users from mobile threats like the ones covered in Juniper Network’s report"
so does the above statement makes the the information on that link credible or is the information made more to make users think that it's a big problem and they must buy their software in order to be safe. i think your own statement are made in the same spirit as the y2k the "sky is falling and we are all gonna die" joke.
so unless you have any more misleading links that the android play store has 15% of its apps as malware then you are wrong. but please feel free to post anymore links to back up your claim.
midway
-
The majority, not all. Of course if Google filters the play store there are going to be less malware infected apps there. But there are known cases where SMS trojans have spread to thousands of users before detected right from the official store.
I'm not dumb enough to start to jailbreak my iPhone and I don't install anything but the most necessary apps on it even from the store obviously.
That Sophos article is a joke - any windows malware that may be found on Mac doesn't affect it at all and originate from windows users. There are less than a handful of known attacks going around for Macs compared to multiple millions for Windows. If a Mac user uses pirated software of course he risks getting infected. But with common sense a Mac is still multitudes safer to use than any windows machine - by using digitally signed apps from the official store and browsing with adblock+noscript.
there it is you just gave the answer to your own misleading statement. anybody dumb enough to go to a secondary android market has a big risk of getting malware just like anybody dumb enough to get iphone apps from a secondary market would.
your statement that 15% of all android apps are malware is misleading as it also would apply to the iphone based on your own logic. even your links and my own link which comes from a company that wants to sell you security software backs up my own misleading statement that the iphone is just as being at risk as the android market. as for my link being a joke, seriously what is different than your own link? let me post another statement that comes from your link.
"Thankfully, Webroot’s diversified portfolio of market propositions, has already released on the market applications aiming to protect end and corporate users from mobile threats like the ones covered in Juniper Network’s report"
so does the above statement makes the the information on that link credible or is the information made more to make users think that it's a big problem and they must buy their software in order to be safe. i think your own statement are made in the same spirit as the y2k the "sky is falling and we are all gonna die" joke.
so unless you have any more misleading links that the android play store has 15% of its apps as malware then you are wrong. but please feel free to post anymore links to back up your claim.
midway
-
there it is you just gave the answer to your own misleading statement. anybody dumb enough to go to a secondary android market has a big risk of getting malware just like anybody dumb enough to get iphone apps from a secondary market would.
your statement that 15% of all android apps are malware is misleading as it also would apply to the iphone based on your own logic. even your links and my own link which comes from a company that wants to sell you security software backs up my own misleading statement that the iphone is just as being at risk as the android market. as for my link being a joke, seriously what is different than your own link? let me post another statement that comes from your link.
"Thankfully, Webroot’s diversified portfolio of market propositions, has already released on the market applications aiming to protect end and corporate users from mobile threats like the ones covered in Juniper Network’s report"
so does the above statement makes the the information on that link credible or is the information made more to make users think that it's a big problem and they must buy their software in order to be safe. i think your own statement are made in the same spirit as the y2k the "sky is falling and we are all gonna die" joke.
so unless you have any more misleading links that the android play store has 15% of its apps as malware then you are wrong. but please feel free to post anymore links to back up your claim.
midway
I said repeatedly that 15% of new apps to Play store get removed for having malware - and some always slip past the checks because Google unlike Apple does NOT preview and digitally sign the apps in the store. The apps are first loaded for distribution, then checked. There is a fundamental difference on how the two companies handle distribution. Android is a wild and open field - iOS is locked and secured. That's why you don't see reports on iOS infections and see loads of reports on Android infections.
But I've had enough of this, you're clearly holding your stance very agressively despite opposing facts and taking this any further would be a waste of my time.
-
The IPhone 4 is the best phone ever invented :old:
It will never be bettered :old:
-
I said repeatedly that 15% of new apps to Play store get removed for having malware - and some always slip past the checks because Google unlike Apple does NOT preview and digitally sign the apps in the store. The apps are first loaded for distribution, then checked. There is a fundamental difference on how the two companies handle distribution. Android is a wild and open field - iOS is locked and secured. That's why you don't see reports on iOS infections and see loads of reports on Android infections.
But I've had enough of this, you're clearly holding your stance very agressively despite opposing facts and taking this any further would be a waste of my time.
where do you get this information? I cant find it. 15% of apps with malware? the link you posted only indicates that the "majority of malware apps are in the secondary markets". you would think that being a security company they would have mentioned that 15% of play store apps have malware. heck that's how they make their money.
midway
-
where do you get this information? I cant find it. 15% of apps with malware? the link you posted only indicates that the "majority of malware apps are in the secondary markets". you would think that being a security company they would have mentioned that 15% of play store apps have malware. heck that's how they make their money.
midway
It was widely in the tech news some time ago, unfortunately I couldnt find the link anymore. It reported that around 15-17% of the new apps loaded to the Play store had to be removed for malware. That's not a problem in itself but the cases where SMS trojans have slipped past the checks and gone unnoticed for months, are.
Even Apples checks don't seem to be bullet proof - a malware called 'find and call' has slipped to both Android and Apple stores. On Android the situation is much worse however, it's easy to google for 'sms trojan' or something similar and you'll find a huge amount of reports of trojans that have been distributed through the play store.
If you think security companies can make up stories like this, don't you think they'd get sued in a blink of an eye by Apple if they had no proof? :D
-
People still use iphones :lol
-
Yes
It's fantastic :old:
-
It was widely in the tech news some time ago, unfortunately I couldnt find the link anymore. It reported that around 15-17% of the new apps loaded to the Play store had to be removed for malware. That's not a problem in itself but the cases where SMS trojans have slipped past the checks and gone unnoticed for months, are.
Even Apples checks don't seem to be bullet proof - a malware called 'find and call' has slipped to both Android and Apple stores. On Android the situation is much worse however, it's easy to google for 'sms trojan' or something similar and you'll find a huge amount of reports of trojans that have been distributed through the play store.
If you think security companies can make up stories like this, don't you think they'd get sued in a blink of an eye by Apple if they had no proof? :D
so you have no proof at all to back up your 15% claim. you are very knowledgeable mrrippley nobody disputes that, but there's some things you get stuck on and will try to pass as "truth" when they are just a bunch of misleading statements that you found somewhere to back up something that you think should be done.
I can google iphone problems and come up with a bunch of links about how the iphone is a piece of garbage. does that trully make it a piece of garbage? with the amount of apps I have downloaded (over 300) you would think that if that 15% would be accurate that just based on average I would have found at least 1 piece of malware by now. I have an android phone and an android tablet. my previous phone was also an android. at work most of the guys use android phones some actually ditched their iphones for android. you would think that by now at least 1 of us (about 16 guys) would have found at least one instance of malware. not saying that there arent any but that your claim of 15% malware apps is highly exaggerated.
it's been known for a long time that secondary markets is where the apps with malware are found. that I do believe that the 15% would be accurate. but since i dont go to secondary markets, I wouldnt know about it. actually not totally accurate as I also use the amazon app store, but they have a bit more security than the play store.
midway
-
so you have no proof at all to back up your 15% claim.
First of all: How do you know how many apps are removed from the play store if you didn't see any research articles on it?
I had the article some months ago, now Ive lost the link. If you would keep up with the tech news you would have seen it also. For some reason (perhaps not surprisingly) Google search doesn't find it with the obvious keywords. But I saw the article and read it maybe 6 months ago. I posted the link either here or some other forum too in the past.
Here's an article that is probably based on the same study that article was from: http://techcrunch.com/2011/10/21/37-of-published-android-apps-were-later-removed-compared-to-24-of-ios-apps/
Although Apple regularly cleans up its store from inappropriate or outdated content, its active application share still exceeds that of Android. It is likely that the more rigid application submission requirements prevent developers from publishing multiple trial or low quality applications whereas publishers in the Android Market place a lot of market testing, trials, demo and malware content.
The article pointed that more alarming than the 37% removal rate was that 15% or so of the removed applications on Android store were removed due to malware or other suspicious behaviour compared to removals on Apple store which (untill recently) happened only due to inappropriate content due to policies preventing the launch of the malware in the first place.
Android faces a huge problem with app repackaging, it lacks code signing which means that developers can repackage and update their apps from external sources afterwards and sneak in ad- and malware. The adware is luckily far more common presently than the malware.
-
First of all: How do you know how many apps are removed from the play store if you didn't see any research articles on it?
I had the article some months ago, now Ive lost the link. If you would keep up with the tech news you would have seen it also. For some reason (perhaps not surprisingly) Google search doesn't find it with the obvious keywords. But I saw the article and read it maybe 6 months ago. I posted the link either here or some other forum too in the past.
Here's an article that is probably based on the same study that article was from: http://techcrunch.com/2011/10/21/37-of-published-android-apps-were-later-removed-compared-to-24-of-ios-apps/
The article pointed that more alarming than the 37% removal rate was that 15% or so of the removed applications on Android store were removed due to malware or other suspicious behaviour compared to removals on Apple store which (untill recently) happened only due to inappropriate content due to policies preventing the launch of the malware in the first place.
Android faces a huge problem with app repackaging, it lacks code signing which means that developers can repackage and update their apps from external sources afterwards and sneak in ad- and malware. The adware is luckily far more common presently than the malware.
the article doesnt mention any of the claims you make. actually the article isnt even focused on malware at all. it is focused on the number of apps removed from the markets for any reason.
however it does say that android removed 118,089 apps while apple removed 110,301. so basically when that article was published apple removed nearly as many useless apps as android did. so both markets had as many useless apps. big deal. a quick glance will tell you that the majority of the apps copy each other and that big percentage of the apps in both markets are crap. it doesnt take a genius to notice that. just because apple does "some enhanced research" doesnt mean that a big percentage of their apps posted arent crap just like the ones on android.
crap apps are crap apps no matter what market they're on.
midway
-
the article doesnt mention any of the claims you make. actually the article isnt even focused on malware at all. it is focused on the number of apps removed from the markets for any reason.
however it does say that android removed 118,089 apps while apple removed 110,301. so basically when that article was published apple removed nearly as many useless apps as android did. so both markets had as many useless apps. big deal. a quick glance will tell you that the majority of the apps copy each other and that big percentage of the apps in both markets are crap. it doesnt take a genius to notice that. just because apple does "some enhanced research" doesnt mean that a big percentage of their apps posted arent crap just like the ones on android.
crap apps are crap apps no matter what market they're on.
midway
Of those 118 000 apps on Android store a portion are malware apps. The screening is done after release on Android and prior to release on Apple. This is why iOS has had its first in the wild infection this year despite being the most popular single platform for years.
-
Of those 118 000 apps on Android store a portion are malware apps. The screening is done after release on Android and prior to release on Apple. This is why iOS has had its first in the wild infection this year despite being the most popular single platform for years.
I agree with you but what I disagree is that 15% of all the apps are malware as there is no evidence of it and the definition of malware is stretched by some security companies.
I'll agree that 15% of the apps in the secondary market are malware and probably the percentage is higher but I am just guessing as I never use them. the only secondary market that is highly rated is the amazon app store. so if you stick to the amazon and play stores along with never get an app unless it has been around for a while and it has tens of thousands of users then the chances of getting malware is very small.
midway
midway
-
The IPhone 4 is the best phone ever invented :old:
It will never be bettered :old:
Sarcasm?
-
I agree with you but what I disagree is that 15% of all the apps are malware as there is no evidence of it and the definition of malware is stretched by some security companies.
I'll agree that 15% of the apps in the secondary market are malware and probably the percentage is higher but I am just guessing as I never use them. the only secondary market that is highly rated is the amazon app store. so if you stick to the amazon and play stores along with never get an app unless it has been around for a while and it has tens of thousands of users then the chances of getting malware is very small.
midway
midway
But you also agree that tens of thousands of Android users have been infected with money stealing trojans directly from the official store? Then we're starting to be on the same level.
-
But you also agree that tens of thousands of Android users have been infected with money stealing trojans directly from the official store? Then we're starting to be on the same level.
I dont know about 10s of thousands but on the other hand the 15% of apps having malware is inaccurate. most people that have gotten infected has been thru the secondary markets. that has been known for a while. but very few actually acknowledge that it was their stupidity that caused it. it's like most people deny they got a virus by watching pron, they always claim that they know how to surf correctly and it must have been from a good site.
You also have to remember that some companies sell android phones that have no access to the play store these phones can only get apps thru the secondary market and that is where the tens of thousands of infections happen. but security companies like to mention android infections and play store and malware on the same sentence and then somewhere at the end they will correctly indicate that most of the infections are on these secondary markets.
miday
-
I dont know about 10s of thousands
Yeah it's actually 100s of thousands. Like just in this 1 separate incident: http://arstechnica.com/security/2012/07/more-malware-found-hosted-in-google-android-market/
"Super Mario Bros." and "GTA 3 Moscow City," as the malicious apps were packaged, generated as many as 100,000 downloads,
-
Yeah it's actually 100s of thousands. Like just in this 1 separate incident: http://arstechnica.com/security/2012/07/more-malware-found-hosted-in-google-android-market/
yes and this is from your own link:
"The post appears to say that victims of this malware were at some point still presented with a list of permissions that included "services that cost you money," which would mean that end users who fell prey to this threat shoulder much of the responsibility"
every app that you download has a set of permissions if you fail to review them then you got nobody but yourself to blame.
midway
-
yes and this is from your own link:
"The post appears to say that victims of this malware were at some point still presented with a list of permissions that included "services that cost you money," which would mean that end users who fell prey to this threat shoulder much of the responsibility"
every app that you download has a set of permissions if you fail to review them then you got nobody but yourself to blame.
midway
This was just one example you know well that there are multiple malwares that bypass the security checks. It seems this really is fruitless.. I'll let go.
-
This was just one example you know well that there are multiple malwares that bypass the security checks. It seems this really is fruitless.. I'll let go.
well see my original statement that you claim was that 15% of all apps in the play store have malware. so far you havent given any proof that your statement is accurate. and everytime you post something is to basically to move away from that statement.
not trying to argue with you just to be annoying but being somebody that uses the play market then if you have proof that it is accurate then i want to know because it is in my best interest to know. but if it is based on some obscure document that is long gone then I am skeptical about it.
it is common knowledge that apps do get thru that have malware. but it is also common knowledge that you must approve the security for each app that you download. a game should not have access to direct dial or to text messaging, if it does need it then for the sake of security dont download it. it is that simple.
ultimately you are responsible for your own phone just like you are responsible for what happens to your computer.
midway
-
well see my original statement that you claim was that 15% of all apps in the play store have malware. so far you havent given any proof that your statement is accurate. and everytime you post something is to basically to move away from that statement.
not trying to argue with you just to be annoying but being somebody that uses the play market then if you have proof that it is accurate then i want to know because it is in my best interest to know. but if it is based on some obscure document that is long gone then I am skeptical about it.
it is common knowledge that apps do get thru that have malware. but it is also common knowledge that you must approve the security for each app that you download. a game should not have access to direct dial or to text messaging, if it does need it then for the sake of security dont download it. it is that simple.
ultimately you are responsible for your own phone just like you are responsible for what happens to your computer.
midway
Guncrasher stop wasting my time and do your own research. It's out there. Google it, subscribe to tech news etc. You'll get the picture.
-
Guncrasher stop wasting my time and do your own research. It's out there. Google it, subscribe to tech news etc. You'll get the picture.
sure take the easy way out. make a claim then fail to back it up then blame everybody else for being too stupid to find that researched that "just dissapeared". mrrippley I dont doubt your expertise but I do doubt some of the claims you make. and you keep bringing them over and over without any evidence to back them up.
midwy
-
both iOS and Android are fairly insecure platforms. Under the hood (CLI) they're actually very similar.
I choose android because I have choices in what I can do, like loading an AV app up like LockOut - which apple don't let me do. That and the far better choice in handsets, not to mention 4.1 and 4.2 clobber iOS in features.
-
sure take the easy way out. make a claim then fail to back it up then blame everybody else for being too stupid to find that researched that "just dissapeared". mrrippley I dont doubt your expertise but I do doubt some of the claims you make. and you keep bringing them over and over without any evidence to back them up.
midwy
Google and study. Otherwise stop making an bellybutton of yourself.
-
both iOS and Android are fairly insecure platforms. Under the hood (CLI) they're actually very similar.
I choose android because I have choices in what I can do, like loading an AV app up like LockOut - which apple don't let me do. That and the far better choice in handsets, not to mention 4.1 and 4.2 clobber iOS in features.
The only thing that keeps iOS secure is that all distributable apps are screened and digitally signed before distribution. Android has it reversed, everything is released freely and then attempted to screen - and due to no digital signing the developer can repackage i.e. introduce malware afterwards at will.
-
Here's a writeup for anyone still interested about the OSX/iOS security issues:
http://tidbits.com/article/13461 (http://tidbits.com/article/13461)
iOS -- There’s a short version and a long version of the iOS security narrative. The short version? iPads and iPhones are the most secure consumer computing devices available. They have never suffered any widespread malware, exploits, or successful attacks in their entire history. None. Zero. Zip.
-
Here's a writeup for anyone still interested about the OSX/iOS security issues:
http://tidbits.com/article/13461 (http://tidbits.com/article/13461)
what do you mean zip, zero , zilch nada. didnt you yoursefl just pointed out that a virus got past their screening? and isnt it a fact that thousand of macs are infected by malware that even though it doesnt do anything to the mac it can be transmitted to other users when they use windows?
midway
-
what do you mean zip, zero , zilch nada. didnt you yoursefl just pointed out that a virus got past their screening? and isnt it a fact that thousand of macs are infected by malware that even though it doesnt do anything to the mac it can be transmitted to other users when they use windows?
midway
You have to read correctly - he was speaking about a widespread infection. Even though it slipped past the screen, the impact was marginal. And/or this article was written prior to this discovery which was first of its kind.
Macs are not infected with windows malware because the malware cannot run on the mac. If the mac user has copied files from windows users that are indeed a problem for windows, then naturally the problem may spread. But it's not like macs constantly bombard windows machines with attacks like infected windows machines do.
Many Mac users are totally oblivious to security even to the extent that they believe running windows virtually inside osx makes it somehow 'protected' :) Of course untill recently they have got away with it as virtually no attacks were even attempted against it. Even today the risk of infection is perhaps 0.001% compared to that of an unprotected windows and maybe less than 1% of a protected windows.
-
And yet you quoted something that wasn't entirely true. And the fact that Macs can spread an infection mean they're infected too.
Midway
-
And yet you quoted something that wasn't entirely true. And the fact that Macs can spread an infection mean they're infected too.
Midway
No, having an infected file stored on a drive does not mean the computer is infected. An infection means an active malware running.
Merry Christmas to all!
-
No, having an infected file stored on a drive does not mean the computer is infected. An infection means an active malware running.
Absolutely correct, but in a larger perspective, if a Mac-owner resends an infected e-mail to a Windows-owner, the malware gets spreaded anyway. If the mail is received and resent with an e-mail program, the malware has been stored in the Mac. IMHO it makes no difference if I get infected mail from a Windows user or a Mac user. :salute
-
Absolutely correct, but in a larger perspective, if a Mac-owner resends an infected e-mail to a Windows-owner, the malware gets spreaded anyway. If the mail is received and resent with an e-mail program, the malware has been stored in the Mac. IMHO it makes no difference if I get infected mail from a Windows user or a Mac user. :salute
If a user is stupid enough to send or open chain e-mails in the year 2012 then it's the users own fault if an infection hits him. Besides most e-mail providers already scan e-mails for malware - at least the ones who earn the right to do that kind of business in general.
-
If a user is stupid enough to send or open chain e-mails in the year 2012 then it's the users own fault if an infection hits him.
I am that stupid.
I belong to a bunch of men who bounce e-mails back and forth to schedule a meeting every now and then. I know of and have tried better tools for that, but then again, sometimes we also bounce messages and comments about other things than meetings. This kind of a board would serve us better than e-mailing, but putting up a bbs for bimonthly usage would lead into nobody reading anything ever on it. Plus it would add yet another thing to follow in the already too long a list. We all read e-mail on a daily basis and with various devices even when traveling, so chaining e-mails is the least effort way for us to go.
-
I am that stupid.
I belong to a bunch of men who bounce e-mails back and forth to schedule a meeting every now and then. I know of and have tried better tools for that, but then again, sometimes we also bounce messages and comments about other things than meetings. This kind of a board would serve us better than e-mailing, but putting up a bbs for bimonthly usage would lead into nobody reading anything ever on it. Plus it would add yet another thing to follow in the already too long a list. We all read e-mail on a daily basis and with various devices even when traveling, so chaining e-mails is the least effort way for us to go.
So you bounce an e-mail from sexy Marissa in her santa claus outfit.jpg.exe? Because that's the only way you can get infected through e-mail. Well granted if you still run XP even a .jpg can contain a payload since MS never fixed it for XP.
You have to realize that having an infected file on a hard drive does not equal to spamming it forward to others.
Any e-mail listings etc. should be done through web based e-mails such as hotmail etc. First of all they provide you with a layer of privacy as you don't have to use your real info. Second no e-mail actually comes to your computer and therefore you can't get infected from attachments unless you actually choose to download and run the .jpg.exe :) Third webmail services scan the contents by default.
-
I remember the Blaster worm which sent random material from the infected machine to everyone in its Address Book, even faking the sender. I got the "Last minute Windows98 improvements" text file as an attachment seemingly from a guy I knew. If my antivirus hadn't recognized and deleted the virus, I might have answered to the apparent sender and ask if he had something to ask about it, only having forgot to write the question. Can you tell for sure that such worms can't be coded anymore?
-
Well granted if you still run XP even a .jpg can contain a payload since MS never fixed it for XP.
So what if jpg contains a payload? Unless you're infected with extractor it won't do any harm. Therefore it makes no sense to write malicious code using jpegs for payload because machine would have to be already infected with extractor. Why not putting payload right there to begin with? That's the reason there was nothing like that in the wild, and probably never will be.
-
So what if jpg contains a payload? Unless you're infected with extractor it won't do any harm. Therefore it makes no sense to write malicious code using jpegs for payload because machine would have to be already infected with extractor. Why not putting payload right there to begin with? That's the reason there was nothing like that in the wild, and probably never will be.
Perhaps you should read this: Vulnerability in GDI+ Could Allow Remote Code Execution (2489979) (http://technet.microsoft.com/en-us/security/bulletin/ms11-029)
They never conclusively patched the OS side vulnerability for XP afaik. It's still open despite the multiple patches and was fixed only for Vista and later.
-
I remember the Blaster worm which sent random material from the infected machine to everyone in its Address Book, even faking the sender. I got the "Last minute Windows98 improvements" text file as an attachment seemingly from a guy I knew. If my antivirus hadn't recognized and deleted the virus, I might have answered to the apparent sender and ask if he had something to ask about it, only having forgot to write the question. Can you tell for sure that such worms can't be coded anymore?
Dude, the worm has to run on the computer to send anything. A mac can have 10 of those worms and it won't effect it in any way if they're coded for windows. Therefore they can only spread if the mac user for some reason attaches intentionally the infected file to some e-mail.
-
Dude, the worm has to run on the computer to send anything. A mac can have 10 of those worms and it won't effect it in any way if they're coded for windows. Therefore they can only spread if the mac user for some reason attaches intentionally the infected file to some e-mail.
I know it can't spread by itself in a Mac. But what if I would have had a Mac when I got that infected mail? I wouldn't have noticed it were infected, would I? In that case I might have forwarded it to the person whose name was given as the original sender, asking why he had sent it to me in the first place, thus infecting him. So sending the mail with the attachment would have been intentional but spreading the virus wouldn't. You're still with me?
-
Perhaps you should read this: Vulnerability in GDI+ Could Allow Remote Code Execution (2489979) (http://technet.microsoft.com/en-us/security/bulletin/ms11-029)
They never conclusively patched the OS side vulnerability for XP afaik. It's still open despite the multiple patches and was fixed only for Vista and later.
That applies to WMF/EMF images, has nothing to do with JPEGS.
-
They never conclusively patched the OS side vulnerability for XP afaik. It's still open despite the multiple patches and was fixed only for Vista and later.
Blah, it is very conclusive...
XP SP1 extended support ended on October 10, 2006 (not patched)
XP SP2 extended support ended on July 13, 2010 (not patched)
XP SP3 was patched and the patch works.
http://support.microsoft.com/kb/2412687
http://support.microsoft.com/kb/2659262
Merry X-mas
-
That applies to WMF/EMF images, has nothing to do with JPEGS.
JPEGS have a similar vulnerability its just in an other security bulletin http://technet.microsoft.com/en-us/security/bulletin/ms04-028
-
I know it can't spread by itself in a Mac. But what if I would have had a Mac when I got that infected mail? I wouldn't have noticed it were infected, would I? In that case I might have forwarded it to the person whose name was given as the original sender, asking why he had sent it to me in the first place, thus infecting him. So sending the mail with the attachment would have been intentional but spreading the virus wouldn't. You're still with me?
No I can't see it. First of all you would see immediately on a mac that the file attachment is fake because it doesn't hide the file extensions by default like Windows does. Also if the attachment uses some Outlook vulnerability you wouldn't even realize anything happened, the payload would just execute the second you previewed the e-mail and your machine would be infected. Second everyone (especially you) should know never to forward any files that come by e-mail unless they're 100% garanteed to be business related and you know they're coming from the person in question.
I also repeat that it's a very bad idea to use on machine e-mails for anything but business related affairs in this day and age. All mailing lists, registrations to websites and correspondence with women (especially our mothers) should be done by a web based spam e-mail account. Women are typically sending all these 'cute' chain e-mails which are riddled with viruses or link to spammers. I'm horrified to see that e-mails containing viruses have been spammed to government offices for example - they're stupid enough to use their work e-mails for this kind of crap.
BTW I solved my parents problems with infections by installing linux to all their computers. First they complained a little but now they're using linux happily for the 2nd year already.
-
IIRC the attachments in my example didn't have fake extensions, because I could easily open them in the respective programs - after the antivirus had deleted the malware, of course. Back then, about ten years ago, it was quite easy... One was .txt, the other was .jpg. The .txt file was, as I told, the last minute additions to Win98 file, the .jpg seemingly was a temporary Internet file. The former mail looked just puzzling, the title and message were in Finnish but had no logic with each other or the attachment. Like if someone erroneously sent you a reply to a question someone else has stated. The other mail I got from the same infection was more clearly generated by a virus: Why would a Finnish guy send me an e-mail written in English, the message being: "Look at my beautiful girlfriend" and the attached .jpg showing two models wearing rainclothes.
Both of the mails claimed to come from people who are in my address book and whom I personally know. Because they aren't my business partners, should their mails be treated as potential threats if I read them on machine? What about the fact that I get most spam to the e-mail address of my firm, provided by my ISP? I wouldn't call "business related affairs" those ads whose source for addresses is the public registry of companies...
-
IIRC the attachments in my example didn't have fake extensions, because I could easily open them in the respective programs - after the antivirus had deleted the malware, of course. Back then, about ten years ago, it was quite easy... One was .txt, the other was .jpg. The .txt file was, as I told, the last minute additions to Win98 file, the .jpg seemingly was a temporary Internet file. The former mail looked just puzzling, the title and message were in Finnish but had no logic with each other or the attachment. Like if someone erroneously sent you a reply to a question someone else has stated. The other mail I got from the same infection was more clearly generated by a virus: Why would a Finnish guy send me an e-mail written in English, the message being: "Look at my beautiful girlfriend" and the attached .jpg showing two models wearing rainclothes.
Both of the mails claimed to come from people who are in my address book and whom I personally know. Because they aren't my business partners, should their mails be treated as potential threats if I read them on machine? What about the fact that I get most spam to the e-mail address of my firm, provided by my ISP? I wouldn't call "business related affairs" those ads whose source for addresses is the public registry of companies...
Of course you should treat any e-mail that comes to your computer as a potential threat. If the e-mail contents are in a smallest way suspicious (bad grammar, foreign language) all alarm bells should be howling already. You have to remember also that those e-mails you got didn't necessarily have anything to do with your actual friends. Some infections take the information in the address book and spam e-mails in the name of everyone in the address book, picking random image files from the infected computers harddrive. The senders name can be very easily faked with e-mails you know. Back in 1999 I got an e-mail in my friends name and the attached file was some icon image file from a porn site :D Quite embarrassing.
That's the worst thing about e-mail spreading viruses - the person you appeared to get it from doesn't necessarily have an infection nor know anything about the attack. He just happened to be on someones address book when they got infected. This is yet another reason why I don't give my 'business' e-mail address to any relatives or friends. I have 3 different e-mails. One is totally anonymous and on hotmail and I use it to subscribe to online news and services (and to my mother as she has a nasty habbit of spamming me with circulating cute doggies and cats -emails). Second is a personal 'spam account' I use for friends. Third is a business e-mail which I use strictly for business.
If you get spammed to your business e-mail you probably have published your e-mail on your website without protecting it. Spam bots harvest e-mails using Google searches or by crawling. My business account gets a minute amount of spam (partly because our ISP filters spam even before it gets to the computer and partly because we've kept the address hidden). My 'spam' account then again gets hit by dozens of spam e-mails and attacks daily. Fortunately again my ISP albeit different from my business ISP does AV scans on the incoming e-mails.
-
JPEGS have a similar vulnerability its just in an other security bulletin http://technet.microsoft.com/en-us/security/bulletin/ms04-028
They don't. You can hide data in JPEGS, but you need specific tool to extract that. It's nothing like WMF with function calls to windows GDI.
-
If the e-mail contents are in a smallest way suspicious (bad grammar, foreign language) all alarm bells should be howling already. You have to remember also that those e-mails you got didn't necessarily have anything to do with your actual friends. Some infections take the information in the address book and spam e-mails in the name of everyone in the address book, picking random image files from the infected computers harddrive. The senders name can be very easily faked with e-mails you know. Back in 1999 I got an e-mail in my friends name and the attached file was some icon image file from a porn site :D Quite embarrassing.
That's exactly what happened to me, too, except the attachments were rated child safe. Also the other message looked alright, because it was copied from the mailbox of the infected computer. Actually, it might even have been a message from me, which made the event even more puzzling.
If you get spammed to your business e-mail you probably have published your e-mail on your website without protecting it.
Apparently you didn't read my post or I didn't express myself clearly enough. My business e-mail gets spam from legitimate companies who want to sell me something. They inform clearly in the bottom line, that they've got my address from the Trade Registry by the National Board of Patents and Registration of Finland. You know, they have a free Internet service for finding information about firms whose names you know, or they can sell you a larger piece of database for a nominal price.
-
They don't. You can hide data in JPEGS, but you need specific tool to extract that. It's nothing like WMF with function calls to windows GDI.
OMG read the bulletin - Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987).
-
Apparently you didn't read my post or I didn't express myself clearly enough. My business e-mail gets spam from legitimate companies who want to sell me something. They inform clearly in the bottom line, that they've got my address from the Trade Registry by the National Board of Patents and Registration of Finland. You know, they have a free Internet service for finding information about firms whose names you know, or they can sell you a larger piece of database for a nominal price.
Oh, then its a snafu on your part. You're supposed to leave a info@domainname.fi/com/whatever e-mail for registrations and save your personal e-mail for personal stuff. Of course if you register with your personal e-mail you're going to get bombed with all sorts of trash!
-
OMG read the bulletin - Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987).
How about you read it?
Here to quote it for you: "Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution"
Not only that you quote 8 years old (and irrelevant) bulletin, you don't understand the issue either.
To specify, it was heap overflow due to how gdiplus.dll was interpreting JPEG COMs. It's not JPEG vulnerability, but GDI+. Windows since XP SP2 has built in DEP and in addition, since Vista, ASLR.
-
Oh, then its a snafu on your part. You're supposed to leave a info@domainname.fi/com/whatever e-mail for registrations and save your personal e-mail for personal stuff. Of course if you register with your personal e-mail you're going to get bombed with all sorts of trash!
At the time I started my firm, 8 years ago, I didn't have a domain. When the authorities asked for my e-mail address, I gave them one that was most likely to stand time, not the "bizman##@provider.com" I use for less formal correspondence. Actually the address in their database got outdated, but I updated the information. The address in question is "my.company@myISP.fi", so actually it's not that personal... I suppose my domain contract includes some kind of e-mail services, too, so changing the information in the official database could be an option. On the other hand, that would add one mailbox more to follow. I also guess that my ISP is doing a better job in filtering trash than my server hosting service would do.
-
At the time I started my firm, 8 years ago, I didn't have a domain. When the authorities asked for my e-mail address, I gave them one that was most likely to stand time, not the "bizman##@provider.com" I use for less formal correspondence. Actually the address in their database got outdated, but I updated the information. The address in question is "my.company@myISP.fi", so actually it's not that personal... I suppose my domain contract includes some kind of e-mail services, too, so changing the information in the official database could be an option. On the other hand, that would add one mailbox more to follow. I also guess that my ISP is doing a better job in filtering trash than my server hosting service would do.
If I were you I would go multiple account way. You can check on the 'spammed' account only occasionally and have your real business account for daily use hopefully without all the spam.
You do know you can get a domain name for yourself for only like 10 euros or so? I can help you if you want.
-
I do have multiple accounts. And the most 'spammed' account is the one I've been publishing in every possible printed form starting from visit cards through bills and receipts to advertising material. So that's the very account I can't afford to dump. Nonetheless, the amount of spam is still tolerable, just like the phonecalls I occasionally have received from all over the world.
Thanks for your help offer, though. :salute