Windows reality - The Torpig botnet and LOTS of others out here

Jeff Richards wrote:
So what you are now saying is that the point of your post was to warn that
Rootkits and KeyLoggers are dangerous, are difficult to deal with, have
caused a lot of trouble for security people, have resulted in significant
losses for some banks, and will continue to be a problem because PC
operating systems have inherent vulnerabilities that have proved very hard
to remove.

That's hardly news. In fact, it's very old news. It's barely relevant in a
newsgroup concerned with an operating system. But in any case your post
doesn't say anything like that. It simply lists a bunch of sites, many of
them quite old, and most of them relating to threats that cannot affect W98.
The comments you have attached to some of the references do not offer any
explanation as to why the information at those sites might be relevant to
the message you were trying to send.

Also, please note that much of your analysis is either wrong or
unsupportable.

For instance: "The governments, Microsoft, and the like are all struggling
to determine HOW and WHY, though the supposed signatures are known, the
supposed IPs and prior methods have been addressed, and all of the known
aspects have basically been taken care of, they still can't control or
re-take control of infected systems, nor deter the infection of others."
Where is the evidence for this? The sites you have posted make it quite
clear that at least some people understand quite clearly why they still
can't control or re-take control of infected systems or prevent new
infections, and there is no reason to believe that this understanding is not
widespread. That they have not been able to counter it does NOT demonstrate
that they do not understand the reasons for their difficulties.

Or this: " The morphings continue and the attacks are effectuated at the
whim of the controllers. The billions in financial enrichment that is being
enjoyed should AT LEAST cause reviewers to have come to the understanding
these parties are NOT stupid." The sites you have referenced indicate
clearly that the reviewers do not regard "these parties" as stupid They
repeatedly comment about how clever the code is. They sometimes comment
that some of the code is blindly copied without thorough checking, but their
acknowledgement for the cleverness of these people is a recurring theme.

Also: "Unless the method is extended to include ALL variables, there will be
no success. The sophistication of these botnets and "worms" demands a
different method of analysis. Thinking within the box leaves one WITHIN that
box. Dismissing the historical usage of other OSs certainly leaves a viable
usage and connection un-address. As as I have said befo "Appearances can
be and generally are deceiving"." This is just vacuous grandstanding. Post
these comments in a security group and watch the response. There is no way
that you can assess the extent to which those addressing the problem have
unnecessarily limited their thinking or restricted the scope of their
analysis. There is no way that you can reasonably assert that the history
of past attacks on other operating systems has been dismissed. In fact, it
appears that problems in porting the specific attacks that you mention -
Sinowal and Torpig - to Vista indicate that MS has learned some very
worthwhile lessons. And I have no idea what you are trying to say in that
last sentence.

But your last comment says it all. Anyone who is unable to penetrate your
convoluted phraseology, obscure references, emotional insults and irrelevant
commentary to winkle out what you are actually trying to say must, by your
definition, be incapable of protecting themselves from hackers. Yet another
leap of logic that I have a great deal of difficulty in following


WRONG as usual.

Let me put it like this, people such as you and 98 Guy are so frakken
intelligent you want the materials posted upon the web so every "kiddie
hacker" and "Nigerian I.D. theft ring" can get their hands on it.
Then when some new form appears, you can't understand WHY it has...

It isn't that you would be able to really understand the import of
what you could review, discussions such as this prove that point. Though
I HAVE provide enough that proper direction has been placed, you are so
intellectually capable, you argue away the very materials that provide
the answer and necessary materials.

I have handled the issue in the form it should be... I shouldn't need
to supply what form that might be so others are advised *you* should be
able to figure that out, though your continued responses also PROVE that
isn't the case.


--
~
--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Diagnostics, Security, Networking
http://peoplescounsel.org
The *REAL WORLD* of Law, Justice, and Government
_______