Help ATS with a contribution via PayPal:
learn more

The antivirus software conspiracy

page: 9
68
<< 6  7  8    10 >>

log in

join

posted on May, 15 2008 @ 07:01 AM
link   
I should also point out that there is great concern right now over hardware viruses. We (the United States) have been concerned about this for quite a while since we opened our first Intel fab plant in China. It is not hard in this day and age to program a computer to "phone home" (have a built-in trojan) in hardware. And Intel is of course a GSO provider. In fact, the concern is that some of these chips (if their design is altered to insert a trojan) will find their way into sensitive areas, such as the Pentagon, the National Laboratories, and other Federal Government agencies.

This is fundamentally a problem of opaqueness in the supply chain for the computer that sits on your desk or powers whatever is on your desk. I think I even saw a Popular Science or Popular Mechanics article intimating the same thing... let me see if I can find it...

Popular Mechanics Article on This Threat...



When a software problem is detected, thousands or millions of computers can be fixed within hours with a software patch. Discover a malevolent hardware component, however, and machines need to be fixed one by one by one. On a large network it could take months—if the problem were detected at all.

"There are a whole bunch of functions inside each chip that you have no direct access to," says Stephen Kent, chief information security scientist for BBN Technologies and a member of the Intelligence Science Board, which advises U.S. intelligence agencies. "We passed the point a long time ago when you could combinatorially test all the possible inputs for a complex chip. If somebody hid a function that, given the right inputs, could cause the chip to do something surprising, it's not clear how you could test for that."


What they are talking about, in the section on "combinatorially testing" each possible input into a chip, is called an "OpCode". There is a level that is much higher than root (called CPL0, Control Protection Level 0) at which the kernel runs (whether Windows or Linux or any OS). From CPL0 (if you know how to write a stub into the kernel in C or assembly) you can test different OpCodes to see what they do. It was in this way that the undocumented OpCodes for the performance counters where found in the Intel 80486, the precursor to the Intel Pentium, in which these were documented. I worked a lot on these OpCodes (actually writing the first library for Linux that used these for performance monitoring - on the 486
).

Anyway, one could try combinations of OpCodes (which is how these "secret" functions were found - there used to be a web page of undocumented OpCodes, let me see if it still exists...) And then you tried to figure out what they did. Nowadays there are too many OpCodes and besides, almost all CPUs are "user programmable" to some extent (too complex to get into, but fascinating stuff).

... I cannot find the old site that used to document so-called "illegal OpCodes" in the Intel Pentium line of chips. Should I chance upon it, I will post it if anyone is interested.

The point is - these hardware trojans CANNOT be found by modern software-based detection methods in a reliable manner. So, if you've got one (even from, say, the government, pray tell) then your just hosed. So hold onto those old chips, whose architecture was known not to have such threatening things. (And yes - these hardware trojans can be on anything - including new pop-in components for your PCI or even older ISA and VESA buses).

Happy computing!

Woody

EDIT: Added reference to "assembly" along with "C".

[edit on 15-5May-08 by WoodyAcres]




posted on May, 15 2008 @ 01:55 PM
link   
reply to post by WoodyAcres
 


Amazing. Thanks for the valuable input.



posted on May, 15 2008 @ 02:16 PM
link   
I would think since the BIOS boots the PC and inventories devices, it could very well be coded to open ports for intrusion before the software loads. Guess thats why they will be doing away with the BIOS in future productions. Pentium IIIs had that open CPU that reported on your processor when online. I would bet your checks they still have a function open to all PCs. Like the recent MS live onecare debacle for XP/Vista.



posted on May, 15 2008 @ 02:22 PM
link   
reply to post by WoodyAcres
 


Well my friend you just opened up a whole new can of worms and one that paranoid persons like myself have always feared. I was once into a hobby that required purchasing chips and soldering them on boards in order to perform specific functions.

What I found interesting is that multiple chips can be used to perform the identical functions, so when one chip we needed wasn't available we would just substitute another which had more functions available than we needed or used.

So, I've always thought how one could create a motherboard or CPU even and create uses for those unused and thus undocumented functions. Essentially you could build a machine hidden within a machine. It no doubt would be something that those interested in spying would take part in.



[edit on 15-5-2008 by verylowfrequency]



posted on May, 16 2008 @ 09:56 AM
link   
Hey guys.

I am a computer programmer and a hacker, and this is my perspective / opinion on it.


Firstly, hacking is usually done for several main reasons. All of these reasons are significant and widespread:

1. For fun
Yes, a lot of hackers create viruses and such just for fun. Just to see how it'll work, just to see how many computers they can infect, just for the sheer thrill and excitement of it.

2. Out of hate
Many hackers really really hate Microsoft. The reasons for this are beyond this thread, but because we really hate them, we create viruses to disadvantage the people who use their software, so they'd switch to something better, make Microsoft look like a joke ( goal accomplished), etc.

3. Status / Bragging rights
There are a lot of hacker groups and organisations. They frequently take down large websites, and create complex malware, for the sole purpose of gaining status, being known, etc - fame if you will.

4. Sabotage
Quite a few competing companies use proxy companies to hire skilled hackers, to take down their competition's websites, to make malware for their software, to exploit security holes in it, etc.
One widely known example of this (within the hacker community), is the RIAA creating a proxy company to hack The Pirate Bay.

5. Financial Gain
A lot of hackers create specific viruses which steal things like personal details, credit cards, website & bank account info, etc, etc - solely for financial gain.


Now I come to the interesting part. Let me explain it very carefully.

When you purchase an expensive (or any) piece of software, you expect it to work. You expect it to work, and you expect it to get the job done, as specified and advertised. You never expect it to do something completely unexpected, and you would certainly never expect spending large amounts of money on other software, just to use that original, expensive piece of software - especially since such an arrangement was never made known to you.

Imagine a company, who's very expensive software is very widely used. They make a lot of money from it, but due to fierce competition from the open source side of things, their profit margins and corporate customer base are dropping.
Now, ideally, the company would overhaul it's software, to enable it to compete more aggressively with it's competition...but suppose that this option is impossible by the very nature of their software, because it must be proprietary, because they must make a lot of money from it, to make a lot of deals, to monopolise the market to create the insane profits they had in the first place.

Something must be done though, they need to make more money - they need to grow. If only there was some way to suck more juice from their software without it appearing so?

Well hang on...what if they purposely create problems with their software, and what if these problems can be easily fixed not by the software itself - but by another piece of software, which they sell separately, for yet another high price.

Now we're thinking like businessmen!


I am of course talking about Microsoft Windows. Who thought, that in today's day and age, you could buy something so expensive, and not be able to use it, without another very expensive piece of software, called a security suite. Nowhere - absolutely nowhere, on the windows box, documentation, product info, etc does it say that you need this other software to use it, and yet we all know the obvious fact that you do.



How did people become so complacent about this over-time? How is it not obvious, what Microsoft has been doing over the last few years, releasing their own very insecure operating systems and security software side by side - but as two separate products, with two separate price tags, designed to be ran together.

How can nobody see who gains the most from this? How has it not become obvious, as more and more security problems were invented?

At first there were just viruses, then firewalls, then adware, then spyware and keyloggers, now a typical security suite contains dozens and dozens of different security tools - and a price tag to match.



The morale of the story is to of course not use any Microsoft software, nor any proprietary software where possible.

The best software is free software. The best free software is open source.

[edit on 16-5-2008 by Manincloak]



posted on May, 27 2008 @ 11:11 AM
link   
UPDATE:

Ha Ha, what a joke. Someone said try the Sygate firewall. I did, it was a bunch of popups so I deleted it. Almost as soon as I did that, I got infected. Big biohazard sign or something came up, everything pretty much crashed except "YOU MUST GET THIS PROGRAM!!!!!" It said I had 42 viruses and needed to immediately download these programs to get rid of them.

I said heck with that, just redid my XP.

My question is, how come I never was told about the first 41 viruses that I was "infected" with.

Either I have to redo my XP every six months or so or I have the choice of spending money on a program that will just make my computer run like crap. I'll still stick with the free route. I may lose my bookmarks every few months but that's all I keep in here for the most part. No movies, music and what not so I'm not losing much. Still, it's a pain to go through that.

Another question: Why do the programs only quarantine a virus, not delete them? Makes little sense to me but I am no computer expert. That probably is obvious.



posted on May, 27 2008 @ 11:17 AM
link   
reply to post by TheLoony
 


Just download whatever firewall/virus program comes with your ISP. They probably have one.

And though it probably wouldn't be necessary, there is nothing wrong with formatting every 6 months or so. It is very healthy for your computer.



posted on May, 27 2008 @ 11:38 AM
link   
reply to post by Sublime620
 


Yeah, I probably could get something from Cox, but they are really ticking me off right now. I've called them twice to stop sending me junk mail trying to get me to sign up for digital phone service - I don't even have a land based type phone and after two years of letters I don't think I'll ever get a phone from them. Now they have taken to calling me, trying to get me to do some kind of review of their upgraded digital cable. I don't have digital cable, just a wire out of the wall, no box. These calls sometimes have no one on the other end, I answer and there's nothing there, no one there at all. In my eyes that's harassment. It irritates me to no end. So, how can I trust their firewall or anything from them to work any better? If they can't take me off their mailing list after repeated calls then how am I supposed to trust them?

As for reformatting, it ain't all that bad. That is, if I do it right. I hope I have but I know nothing. At least this thing is working and there aren't bunches of popups all over the place. That just drives me nuts when I'm trying to do something and I can't because I keep getting derailed by idiotic programs that aren't helping. Bad enough all the popups on the net, I don't need them from a program in my computer also.



posted on May, 27 2008 @ 04:18 PM
link   
reply to post by Manincloak
 


While I agree that Microsoft products are bloated and over priced by a factor of 10, don't forget when they were originally created DOS and then Windows was made for stand alone computers or terminals. I remember Windows version 3 or 3.11 was the first version you could network without 3rd party software.

In Microsoft's defense, remember they had to make their OS backwards compatible with both hardware and software with every revision. It is not perfect, but It's been years since I've had to deal with BSOD's that were once common place and the only virus's I ever get are though my own stupidity.

With the logic you use to justify attacks by virus authors & hackers, do you and those like you throw roofing nails on the roadways in order to tell car & manufactures how vulnerable their vehicles tires are to sharp objects on the roadway? After all why should we have to pay 50k for a car that we need to buy tires from somebody else in order that they continue to function properly?

That's what I think of your logic.



posted on May, 28 2008 @ 05:15 AM
link   
In my experience, AVG does well to block all major infections from even taking hold of a PC. Besides, AVG can be downloaded without purchasing it, as there's a free version that does all that I need it to do.

Just my opinion though...

TheBorg



posted on Jun, 20 2008 @ 06:04 PM
link   
Oh definite conspiracy on a corporate lvl. Every year when i had norton before id update to the next year id have malicious problems with my comp. after upgrading to the next years version id find the virus's even though my sub to the previous year hadnt run out and i still got updates to the previous years version. Makes me wish i kept a list...hmmm might still be on my artifical life form pc...

AVG free

projectemule.net geat site for literature and computer freeware



posted on Jun, 21 2008 @ 06:40 PM
link   
This is no secret, and it was made illegal a few decades ago.

If you are around 30-40 and working within the IT industry, you would recall one of the the first computer viruses was made by a company who also sold a removal program to clean the infected computer. This business practice became illegal.



posted on Jun, 24 2008 @ 12:32 AM
link   
I did mention Linux earlier. I have now set up Linux Ubuntu 8.04 and Windows XP on my computer. Using Wine, I was fairly easily able to install Windows software.

Heck, and so far the games I have installed seem to work quite well. Perhaps even better than they ran on Windows. I think Windows has too many things going on.

The point. Perhaps Linux is a good option for those who don't want to be plagued with viruses and such.

Troy



posted on Aug, 2 2008 @ 10:49 PM
link   
very, very very very very nice post. i hadn't even considered this, which i find to be surprising (as i hate most software corporations in general to already as it is). this is definitely worth looking into, and once if i find out anything juicy you'll be the first to know.

peace.



posted on Aug, 3 2008 @ 02:19 AM
link   
As far as I know I don't have any virus software funning on Ubuntu. I get security updates regularly.

The funny thing about Windows, XP anyway. It installs so you are the Administrator from the beginning. Hence, I have had machines get infected as soon as I was finished reformatting and opened up Internet Explorer.

Installing Linux Ubuntu wasn't this way. I was set up with a user account "without" Admin privileges from the beginning. You don't have the privileges without the Admin password.

All I can say is that I use Linux more than Windows now. Ubuntu doesn't run all my Windows games, or completely to my liking, but it does a lot. Hopefully in time Ubuntu will be just as friendly as Windows. It's pretty close. Installing software is confusing to me sometimes, with the stuff that isn't set up like Windows installs.

Ubuntu isn't perfect, but heck Windows isn't either.

Troy



posted on Aug, 19 2008 @ 08:41 PM
link   
Heres my story. My first three computers had mcafee, and norton, and i had no virus attacks then, but plenty of adware, and spyware. of course the operating system was too old to even have a virus left that could attack it.

4th comp. had pccillin. got a couple of viruses although it was up to date and i got a bunch of adware and spyware. then as i was playing an online game, i got this virus that attacked the bios. i had to then restart and reset the bois, and scan the comp. no virus showed up with pccillin. on my next comp i got avg, and played the same game. but this time, i got a warning and it shut the virus down quickly.

you dont have to pay for your computer protection. it should be free.

on a side note, if you wanna completely remove norton from your computer, it takes forever!



posted on Aug, 19 2008 @ 08:53 PM
link   
One thing I find puzzling is how much confidence people put into software firewalls. It's software just like yur virus scanner, and can crash, fail, or be manipulated in the same way.

With a hardware firewall, the task of compromising it is much harder. It's much more secure, not that much more expensive, yet people don't use them??


I'm also amazed at the number of people who constantly run anti-spyware apps, who seem to get spyware all the time. It's too common for it not to be related!!

[edit on 19-8-2008 by mirageofdeceit]



posted on Aug, 20 2008 @ 01:02 AM
link   
Wouldn't it be better to just have a firewall device outside the computer, that takes care of things and takes that load off of the computer?

Imagine if all of those virus, malware, virus, computational tasks were taken care of outside of the computer itself. I guess it's like how a graphics card takes care of the graphical rendering of the machine, and speeds the machine up.

Imagine everything being filtered before it can even make it to your computer. Like a whole separate computer system outside the one you are using. It's sole purpose being, not letting anything bad in.

I know there is firewall hardware already.

Troy



posted on Aug, 20 2008 @ 01:10 AM
link   
reply to post by ZindoDoone
 


Exactly...Watching you under the guise of protecting you. Whether you set these PC security systems to scan automatically or manually....they are relaying your info to a remote location.

I finally realized pc security programs have nothing to do with keeping your privacy and everything to do with 1 of many vehicles they use for surveillance.
However it is kinda neat to see your directories scan by at warp speed with a little radar animation going round and round



posted on Aug, 23 2008 @ 11:55 AM
link   
reply to post by Skyfloating
 


I haven't read all of this thread so excuse me if this has already been said; I do not disagree with your theory it makes perfect sense and I wouldn't be surprised in the least if this is actually happening.

Just wanted to add that although its highly unlikely that virus writers go around writing and spreading viruses "just for fun" but theres actually a huge amount of work/programming etc involved in creating a virus.

The virus writers relish the challenge of creating a technically, superior virus and aim to infect & damage as many systems as a reflection of their intellect & computer knowledge.

I can understand the mindset that they have i.e. spending weeks, months maybe even years trying to create the "perfect" virus and they releasing it into "the wild" Theyre going to be delighted if their creation damages 100,000+ computers, thats the ultimate reflection of their skill!

"Im soo clever MY virus damaged tens of thousands of systems and no one could stop it" - It's kind of like an ego boost.





new topics

top topics



 
68
<< 6  7  8    10 >>

log in

join