|
Bruno Sprecher wrote: it is better to know what mischief is driven to protect themselves from
Yes - however the only way one learns that is by actively pursuing it. Thus although you might not pursue it you wouldn't learn anything unless you were reading posts by those that were doing it.
|
|
|
|
|
I agree, I'd like to see some articles on virusses and worms. How the hell do they make that stuff and why can't I simply remove them? I had a virus once that made me re-install my entire computer!
I'm not at all interested in ruining other peoples day (or even days, and if stuff like that happens on a work computer, well... best have some backups!), but just out of curiosity I'd like to know.
That said, when CP teaches people how to create stuff like that it may hurt CP's good name. Because there are people out there who will use such knowledge for baaaad stuff. And if the next person who hacks into the White House claims he "got some script off CP" CP may even be considered a dangerous website by governments and may be banned (worst case scenario, of course). In any case, lawsuits are likely to follow.
Now DEFENSE against the dark arts, that would be completely legal
And here is one defense tip: Don't use Norton, piece of #@$@&^*%) is worse than the malware it protects you from
My blog[ ^]
public class SanderRossel : Lazy<Person>
{
public void DoWork()
{
throw new NotSupportedException();
}
}
|
|
|
|
|
Quote: That said, when CP teaches people how to create...
No, CP does not teach how to do it CP would teach how to recognize. The more this stuff is open the more one can recognize and defend.
Thank you for your comment
Bruno
modified 19-Jan-21 21:04pm.
|
|
|
|
|
Bruno Sprecher wrote: CP would teach how to recognize Unfortunately, you can't recognise malicious code unless you know how to write it.
The 'signature' that malicious code leaves is by its very nature the code, or the calls the code makes, itself, if only code had a smell we could train dogs to sniff out malicious code.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
|
|
|
|
|
If your functions or variables have the word 'scam' or 'MUWHAHAHA' anywhere in the name it's a pretty good indication that the code is actually malicious.
Also, if after debugging your code you've lost some thousands of dollars on your bank account you may be dealing with malicious code.
My blog[ ^]
public class SanderRossel : Lazy<Person>
{
public void DoWork()
{
throw new NotSupportedException();
}
}
|
|
|
|
|
Please adjust the Quote and stay fair!
modified 19-Jan-21 21:04pm.
|
|
|
|
|
Bruno Sprecher wrote: Please adjust the Quote and stay fair! Okay sorry about that, here goes:Bruno Sprecher did not write: Plz give me codez to take over the world, mwahahahaha!
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
modified 22-Feb-15 9:14am.
|
|
|
|
|
You are not worth it, writing manipulated quotes is "is bottom of the Barrel!
modified 19-Jan-21 21:04pm.
|
|
|
|
|
It is highly problematic - it's like teach a dog to smell drugs. You have to feed the dog with drugs...
Skipper: We'll fix it.
Alex: Fix it? How you gonna fix this?
Skipper: Grit, spit and a whole lotta duct tape.
|
|
|
|
|
I only run Widows Defender on my Windows 8 machine and it works - sort of. But it does not provide 100% protection. For complete protection I take an Acronis image of my systems drive about once a month. This means that I can always restore my system to what it was at a prior date. Acronis has saved my bacon on a number of occasions and helped prevent a complete system re-build. What is more: You can get a free Western Digital Acronis version from the WD website, but this version only works if it sees a WD drive attached to the machine.
|
|
|
|
|
Windows Defender does the job for me too.
Luckily I've never had to do a system rebuild, save for that one time (which is well over ten years ago, it was an MSN thing I believe).
The only thing I'd really hate losing is my digitalized music collection. I listen to a lot of underground music that's not available on Spotify etc. so I keep a lot on my PC and iPod. I've got that backed up on an external HD though together with some photo's etc.
Other than that I'm not much into backups. There's worse stuff than losing my files.
My blog[ ^]
public class SanderRossel : Lazy<Person>
{
public void DoWork()
{
throw new NotSupportedException();
}
}
|
|
|
|
|
Quote: Luckily I've never had to do a system rebuild
Quickly: Knock on wood!
|
|
|
|
|
A friend of mine once told a teacher his computer crashed (which it had not), so he lost his assignment that was due for that day (Dutch class). The teacher was understanding and gave him an extra day to finish his assignment. When my friend came home his computer actually crashed! The next day he told the teacher the truth, that he lied, but that it kind of backfired. I believe the teacher could laugh about it, but still gave my friend a point deduction from his final grade
That was about ten years ago... I don't think my friend ever lied again. Fun fact, he and I have the same first name, we are still good friends and he is one of the best IT people I know
My blog[ ^]
public class SanderRossel : Lazy<Person>
{
public void DoWork()
{
throw new NotSupportedException();
}
}
|
|
|
|
|
I have to agree with Guy: this is a site for professionals, and there are things professionals don't want to do, or be associated with. There are plenty of sites for hackers, script kiddies, and related idiots - if this site became known for that kind of material, it wouldn't get through Corporate Net Policies that easily and could quickly become unavailable to the people that it wants to attract. Heck, do you want your company to blacklist CP?
And I'm not happy that my expertise would be used to create something malicious, either.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
And why professionals should not know about the dark side and be aware to defend? I don't get your Point!
Everybody is talking about, nobody knows the details and prate about it. Professinal should know the Details to fight against to it...I think.
Thank you for your comment
Bruno
modified 19-Jan-21 21:04pm.
|
|
|
|
|
Because we are professionals, but not professional anti-virus writers. Not professional key-logger detectors. Not professional Trojan seekers. Not ...
If I wanted to be one of those, then yes, I would need to know - but I would need to know the latest that is going on, and there are almost certainly sites for that. And I'm pretty sure they don't let script kiddies login!
All providing the data here would do it make it more available to morons, and promote the production of "protection" software that doesn't protect that well in practice! (Look at some of the "anti-virus" writing questions we already get periodically in QA.)
How would you rather protect your PC? With antivirus and firewall from a company with the resources to put serious effort into it (and keeping it updated) or from me: a one-man-band with not enough time to do what actually pays?
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
To be a professional is also to know when to stop to do things by yourself...Or in other words - to know when you do not know...
Skipper: We'll fix it.
Alex: Fix it? How you gonna fix this?
Skipper: Grit, spit and a whole lotta duct tape.
|
|
|
|
|
I think two reasons:
1. Most of us despite such activities as non-professional behavior...
2. CodeProject can gain a name of a non serious site, even one that support harmful activity...
Skipper: We'll fix it.
Alex: Fix it? How you gonna fix this?
Skipper: Grit, spit and a whole lotta duct tape.
|
|
|
|
|
Quote: 1. Most of us despite such activities as non-professional behavior...
Professionals who don't know how to defend, because they don't know how, because they don't know the details.
How you can name them "professionals"?
Thank you for your comment.
Bruno
modified 19-Jan-21 21:04pm.
|
|
|
|
|
I do not talk about knowing or not, but to publishing it...As it will go, for certain, to the wrong hand...
Now you ask how one can learn if we do not want to publish? That's what we call 'Catch 22'...
I think you have to do with the dark-sites to discover the dark-side...It will make no good for CP...
Skipper: We'll fix it.
Alex: Fix it? How you gonna fix this?
Skipper: Grit, spit and a whole lotta duct tape.
|
|
|
|
|
Knowing and Publishing? Do you think it is contrary? From where you get your knowledge? I think from the published things....
The only small thing I know about these stuff is sync attack and how one can defend against it. Why I know it? Because I read an artcile about it (CT www.heise.de). This Special case is not very usefull for me because I don't drive a Server. But recognizing faked links would be very usefull for me....but without knowledge, no Chance
Bruno
modified 19-Jan-21 21:04pm.
|
|
|
|
|
I understand your problem, but still I think that publishing such things is no good for CP...
As for sources - you have to do the research for yourself (I did it when I wanted to understand things - and bought books too)...
But if all your point is to stay protected, then use software from a reliable - large - company, that done a lot of research - with a lot of money, and stay up-to-date. Any other way will eventually fail (I do this and had no virus problem for over a decade)!
Skipper: We'll fix it.
Alex: Fix it? How you gonna fix this?
Skipper: Grit, spit and a whole lotta duct tape.
|
|
|
|
|
My Computers are protected by this "large companies"....in my case it is Sophos. But my idea is to sensitize all of us. Remove uncertainty means knowledge. To get knowlegde in some subversive Forums, I think it is not the good way.
Bruno
modified 19-Jan-21 21:04pm.
|
|
|
|
|
Defence against the Dark Arts is a vital skill. Using the Dark Arts, on the other hand...
If you have an important point to make, don't try to be subtle or clever. Use a pile driver. Hit the point once. Then come back and hit it again. Then hit it a third time - a tremendous whack.
--Winston Churchill
|
|
|
|
|
Once again: How to defence if one has not the knowledge about, and this includes of course how to use it...?
Conceal unfortunately you know from your history
Bruno
modified 19-Jan-21 21:04pm.
|
|
|
|