World's most advanced rootkit penetrates 64-bit Windows

Started by Gary, Nov 16, 2010, 09:56:35

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

D-Dan

Before anyone accuses me of being a Linux fanboy here, I'm simply trying to clear up the common misapprehension that because Linux is free it won't do what you want it too. In recent years Linux has matured to a level where if you can do it in Windows, you can do it in Linux (and more - compiz and emerald for Windows, anyone - and don't mention the resource hog that is WindowBlinds, since that doesn't do all that compiz and emerald can).

I use both Mint 10 and Windows 7 interchangably. In some cases I have the same programs sharing their resources on both OS's (Thunderbird on both uses the same profile folder, for example, so any changes or customisations on one OS apply to the other as well, and no need to synchronise).

Granted, some things are more difficult in Linux than in Windows, and some things are just different. Having said that, the majority of hardware just works in Linux without having to go hunting for drivers and rebooting 3 times before your printer will work, for example. And updates in Linux cover all installed apps as well as the OS, as opposed to Windows where you have to update the apps separately and individually, so the opposite is also true.

I'd simply like the naysayers to open their minds (and maybe give it a go, possibly using VirtualBox on Windows. If you decide to switch, you can always install Windows using VirtualBox on Linux to get your Windows fix ;)

Steve
Have I lost my way?



This post doesn't necessarily represent even my own opinions, let alone anyone else's

D-Dan

Quote from: Rik on Nov 16, 2010, 13:13:03
It was never true if you tried to use them on a Mac, Steve.

Mac is a closed system, Linux is an open system. The difference means that anyone using Linux who needed to use those fonts themselves could have written the necessary software to do so and released it to the community. One of the joys of open source - if it's broke someone will fix it, and if it's missing someone will make it.

Steve
Have I lost my way?



This post doesn't necessarily represent even my own opinions, let alone anyone else's

armadillo

Quote from: D-Dan on Nov 16, 2010, 13:11:12
There's a wealth of calibration tools for Linux - http://en.wikipedia.org/wiki/Linux_color_management

Steve

Quote from: from the Wikipedia link
# Many hardware devices for color calibration lack drivers and proper supporting software on Linux.
# Some necessary software such as LUT loaders can seldom be found in the package repositories of even the major Linux distributions.

And also this strange advice:

Quote from: from the Wikipedia link
For mainstream monitors, a couple of options exist. BasICColor software, which works with most colorimeters on the market, allows one to adjust display output via the monitor interface, and then to choose a "Profile, do not calibrate" option. By doing this, one can create a profile that does not require video card LUT adjustments

which is all very well, but unless the monitor is DDC capable, all that does is to produce a correct profile for an incorrectly calibrated monitor. BasICColor is the software I actually use and, with LUT tables it is one of the very best.

The trouble with all the juggling is that it is not necessary when using the huge choice of working code developed for Windows.

Windows may not be great but it is much less heavy going than jumping through the Linux hoops unless you enjoy that.

armadillo

Quote from: DorsetBoy on Nov 16, 2010, 12:54:24

No excuse not to change then  ;D

Yes, you're right.

I just love systems that make me input commands like

sh winetricks msxml6 gdiplus gecko vcrun2005

when I want to instal software :)

D-Dan

Quote from: armadillo on Nov 16, 2010, 13:54:26
Yes, you're right.

I just love systems that make me input commands like

sh winetricks msxml6 gdiplus gecko vcrun2005

when I want to instal software :)


Don't believe everything you read. The exact same thing can be achieved using the package manager with a couple of mouse clicks. The problem with online Linux help is that it's written by the geeks who prefer to use the commandline. Most average users will never need to go near it.

Steve
Have I lost my way?



This post doesn't necessarily represent even my own opinions, let alone anyone else's


D-Dan

Have I lost my way?



This post doesn't necessarily represent even my own opinions, let alone anyone else's

armadillo

Maybe not tonight. I might give it a go if I ever get to a point where I would need to reinstal Windows or move away from XP. I built this PC in 2004.

Time taken to choose and order components - approx 20 hours over elapsed 2 weeks
Time to build PC - 4 hours
Time to instal Windows XP - one hour
Time to instal and configure my programs - approx 270 hours over an elapsed 3 months

Repeating step 4 in a different OS, and even a new version of Windows would count as that, is not something I will undertake lightly.

For as long as I can continue in XP on this machine, for which I also have spare parts for every component, I am unlikely to be trying out Linux. Equally unlikely to try Windows 7.

Rik

Quote from: armadillo on Nov 16, 2010, 15:16:06
Time to instal and configure my programs - approx 270 hours over an elapsed 3 months

I know just how you feel, Dill. Once it's working, I don't want to play any further, just get on with the job.
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

D-Dan

Quote from: armadillo on Nov 16, 2010, 15:16:06
Maybe not tonight. I might give it a go if I ever get to a point where I would need to reinstal Windows or move away from XP. I built this PC in 2004.

...

Time to instal Windows XP - one hour
Time to instal and configure my programs - approx 270 hours over an elapsed 3 months


Conversely, time to install Linux Mint - approx 20 - 30 minutes.
Time to install and configure programs (assuming a reasonable internet speed) - less than 24 hours. I installed and configured my system in 8 hours.

It is helped somewhat on Linux by having a central repository for all software, being able to simply choose all the programs that you want, and let Linux get on with it whilst you do something more productive with your time, many essentials being installed with the OS (OpenOffice, CD/DVD Burning, graphics, media players etc.), and by and large not having to worry about sourcing and installing the majority of drivers.

As an example of my last point, I have a TV USB Dongle that didn't just work out of the tin on Linux. To get it going I had to download the firmware file (10 seconds) and copy it to a folder. Job done. No messy installation scripts. Conversely, it took me two days to get the same dongle working on Win 7.

Steve
Have I lost my way?



This post doesn't necessarily represent even my own opinions, let alone anyone else's

Rik

Serves you right, Steve, you shouldn't be wasting your time on TV.  :evil:
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

armadillo

Quote from: D-Dan on Nov 16, 2010, 16:37:53
Conversely, time to install Linux Mint - approx 20 - 30 minutes.
Time to install and configure programs (assuming a reasonable internet speed) - less than 24 hours. I installed and configured my system in 8 hours.

Most of my time was configuring. I do not think I needed internet access for any of it. I have about 160 installed Windows programs, about 30 stand alone programs that do not need installing, just runnable as free standing exe with or without configuring. I also make use of a wonderful free, opensource windows scripting language (autohotkey) in which I have written a couple of hundred scripts to work with various programs. I have around 150 desktop icons. I think it would take me more than 8 hours to explain what all my programs are, never mind configure them!

So you see, if I were to ditch windows, I would have to find replacements for all that lot. And I can see no benefit in doing so, even though it might all be possible. I have no problems at all with my Windows machine.

D-Dan

LOL - I have 3 desktop icons on each of my Windows and Linux desktops. I hate all that clutter.

I also have my start menu configured into categories and sub-categories so that I can easily find what I want.

Maybe I'm just anal lol.

Steve
Have I lost my way?



This post doesn't necessarily represent even my own opinions, let alone anyone else's

Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

armadillo

Quote from: D-Dan on Nov 16, 2010, 17:12:40
LOL - I have 3 desktop icons on each of my Windows and Linux desktops. I hate all that clutter.

:rofl:


Quote
I also have my start menu configured into categories and sub-categories so that I can easily find what I want.

So is mine. But it is so big that it does not fit on the screen!

Quote
Maybe I'm just anal lol.

Well, you're certainly not like me with my 26 years worth of empty boxes in my attic. I am a clutter addict. I love it.



Rik

Quote from: armadillo on Nov 16, 2010, 17:19:04
Well, you're certainly not like me with my 26 years worth of empty boxes in my attic. I am a clutter addict. I love it.

24 here. :)
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Gary

I can't look, I fear Justina has removed some when I have been asleep  :eyebrow:
Damned, if you do damned if you don't

Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

DorsetBoy

Back on topic  ;D

How it works >>

http://sunbeltblog.blogspot.com/2010/11/how-tld4-rootkit-gets-around-driver.html


And how to remove it >>

TDSS Killer

http://support.kaspersky.com/viruses/solutions?qid=208280684

Perhaps we should all have a copy of this to hand, you wont be able to download it after the event.


Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

mrapoc

Wow things are really get hard to prevent now! As to linux i installe mint on my sisters laptop in about twenty minutes. Within ten minutes i had the network printer installed and the wireless by clicking here and there. No code. No downloading firmware and building etc. My kind of distro :) oh and everythin works from flash to dvd

armadillo

Thanks Dorset. Out of interest, I downloaded and ran it. Of course, it found nothing and was not followed by any suspicious activity.

How would we know that such a scanner had not itself been targeted by hackers in such a way as to make it instal the rootkit we thought we were scanning for? After all, rogue AV works by tricking users into running it.

I would guess the absence of any activity afterwards would be reassuring after the event as was scanning it with Nod32 before executing it.

I also notice that Kaspersky do not describe any symptoms other than ones which it takes a great deal of geek knowledge to understand (using special scanners to look for weird processes). Have you (or anyone) seen any links which describe symptoms that normal users would recognise?

DorsetBoy

http://en.wikipedia.org/wiki/Alureon

http://www.symantec.com/security_response/writeup.jsp?docid=2008-091809-0911-99&tabid=2

http://www.techsupportforum.com/security-center/virus-trojan-spyware-help/inactive-malware-help-topics/136675-alureon-family-virus-moved-xp.html

Pop ups, redirected searches, slow performance, BSOD and restarts and unexpected network activity are just a few of the signs. Get tools /utilities only from trusted sources and double check them with other AV/Malware scanners is all you can do.

armadillo

Thanks Dorset. Just the usual symptoms of Trojans then. The Symantec link is nice and detailed and still intelligible. Trusted sources and scanning the tools with other checkers is what I always do too. I also check out direct links to software by searching for it from the host website's home page. So for example, for that Kaspersky scanner, I searched the Kaspersky KB from their own home page.