It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
SCI: Tech Fears Arise Over Norton and Pifts.exe
page: 9share:
The whole board was down for me, I hadnt registered an account though.
Now I refresh and I get a
Lithium logo and
Now I refresh and I get a
Lithium logo and
_javascript:quote()
The Forums Are Closed For Maintenance The forums are currently undergoing maintenance. We apologize for any inconvenience this may cause. Please try again later.
Just a reminder for those joing the thread:
We don't advocate spamming of other sites, nor do we "boast" about it. I doubt if spamming/upsetting the Norton mods will get any answers (sooner). Should you decide to spam Norton in any case, please don’t bring it over to ATS as board wars are forbidden in the Terms & Conditions Of Use
We don't advocate spamming of other sites, nor do we "boast" about it. I doubt if spamming/upsetting the Norton mods will get any answers (sooner). Should you decide to spam Norton in any case, please don’t bring it over to ATS as board wars are forbidden in the Terms & Conditions Of Use
2g.) Board Wars: You will not use these boards to organize "attacks" on other boards, blogs, or discussion groups, and similarly, you will not organize such attacks against this board. Doing so will result in removal of your post(s) and immediate termination of your account.
Originally posted by wylekat
Well... this seals it for me... I have AVAST!, Spybot, Cccleaner, and a couple other freebies- and when someone hands me their older computer- I am slapping Ubuntu on it and I a going to learn how to use it. When I have mastered it, I am putting it on this beast here, WINE, and goodbye, Windows.
This is why people should use Linux. Ghostware for Linux is much more robust and unobtrusive than Ghostware for Windows.
reply to post by thebox
It's back up with loads of pifts threads,think traffic keeps crashing it.
Still no response from norton.
It's back up with loads of pifts threads,think traffic keeps crashing it.
Still no response from norton.
Originally posted by youri
Hey guys, we're making some breakthroughs on what this little bugger does over here in the comments. Someone ran a strings on it and found some interesting information that symantec didn't know could be gleaned from their backdoor. For example look at this string in the file
: d:\perforce\entiredepot\consumer_crt\patchtools\patch021809db\release\PIFTS.pdb
got laymens terms? for the not so tech savvy?
Can I assume based on the first 4 pages and these last few posts that people still aren't entirely sure of what it does?
If they aren't I might try to reverse engineer it a bit to see what the hell that file is supposed to do.
Because afaik all the things I've seen was random bantering thrown around to ''act'' smart. (Oh look there's an IP and omg it says this string! aaaaah!)
I'll be posting a more elaborate schematic pretty soon. (I hope)
If they aren't I might try to reverse engineer it a bit to see what the hell that file is supposed to do.
Because afaik all the things I've seen was random bantering thrown around to ''act'' smart. (Oh look there's an IP and omg it says this string! aaaaah!)
I'll be posting a more elaborate schematic pretty soon. (I hope)
I'm a new poster, but thought I'd include a screen shot as well to prove that this is real:
I searched the internet for pifts after a Norton popup told me that pifts was trying to access the internet earlier this morning. I didn't want to block a program that I might want to allow to connect.
One thing that I'm not sure has been mentioned yet concerns the way Norton automatically tries to handle this. If you are familiar with Norton, you may know that there is a dialog box at the bottom of the window that pops up when an exe tries to connect to the internet. The dialog box make a recommendation as to whether or not Norton thinks you should allow it.
In this case, Norton suggested that the exe be blocked as the default setting. This makes it less likely, in my mind at least, that Norton is trying to collect personal information or browsing history. Why would they let you know it was trying to connect an then recommend that you block it?
I searched the internet for pifts after a Norton popup told me that pifts was trying to access the internet earlier this morning. I didn't want to block a program that I might want to allow to connect.
One thing that I'm not sure has been mentioned yet concerns the way Norton automatically tries to handle this. If you are familiar with Norton, you may know that there is a dialog box at the bottom of the window that pops up when an exe tries to connect to the internet. The dialog box make a recommendation as to whether or not Norton thinks you should allow it.
In this case, Norton suggested that the exe be blocked as the default setting. This makes it less likely, in my mind at least, that Norton is trying to collect personal information or browsing history. Why would they let you know it was trying to connect an then recommend that you block it?
Pift = Probabilistic Information Filtering Tool
Maybe there are people interested in flagging people searching for certain phrases on google?
Google Books Link to research paper
[edit on 10-3-2009 by SeanU]
Maybe there are people interested in flagging people searching for certain phrases on google?
Google Books Link to research paper
[edit on 10-3-2009 by SeanU]
I wouldn't say people are trying to 'sound smart' most of what I have seen is ideas being thrown around, about this very very strange situation,
and, the plot thickens.... so to speak;
Originally posted by kuhl
It's back up with loads of pifts threads,think traffic keeps crashing it.
Still no response from norton.
How ironic that a company devoted to internet security and the prevention of spam are unable to block a 5 letter word on their OWN forum.
i think all it does at the most is take your cookies and and internet history and then sends this information to stats.norton.com! Why would they want
to do this?
It has no rootkit functionality!
It does NOT drop any other exe files!
It does not create an auto start entry in the registry!
So from what i can see this phones home once and then that is it...
It has no rootkit functionality!
It does NOT drop any other exe files!
It does not create an auto start entry in the registry!
So from what i can see this phones home once and then that is it...
reply to post by thebox
Norton never could block anything! i used to experiment with Trojan horses and viri... Norton was ALLWAYS the easiest out of them ALL to bypass!
Norton never could block anything! i used to experiment with Trojan horses and viri... Norton was ALLWAYS the easiest out of them ALL to bypass!
Originally posted by tommyboy1981So from what i can see this phones home once and then that is it...
Agreed, but it's once per execution - so all the time then once it's past your firewall.
-m0r
For what it's worth, if you Google search pifts.exe there aren't many 'cached pages' options for any of the sites listed. I'm sure there are many
factors involved as to why a certain page is cached or not.
Just a thought is all.
Just a thought is all.
reply to post by m0r1arty
But there is no autorun added to the registry so once it has been executed there is no way to execute it again unless the main components call PIFTS.exe each time they run.
I have no way to check this out though because i dont run junk on my PC lol
But there is no autorun added to the registry so once it has been executed there is no way to execute it again unless the main components call PIFTS.exe each time they run.
I have no way to check this out though because i dont run junk on my PC lol
Could this be a failed attempt to make nortons ready for when they want to start the attacks on the net, to trick us into accepting internet2 ?
The Internet is not safe, but we have the answer and its Internet2 where we can protect you by only allowing you to visit "trusted" sites.
The Internet is not safe, but we have the answer and its Internet2 where we can protect you by only allowing you to visit "trusted" sites.
reply to post by tommyboy1981
That part of the program could have been installed in the previous version of the update.
That part of the program could have been installed in the previous version of the update.
reply to post by tommyboy1981
I don't run junk either - but I'd imagine whatever called up PIFTS.EXE could do so again, and by the looks of it I'm guessing it was this mornings update that executed it.
So tracking customer viewing habits each update is what I surmise at the moment.
See Norton's forums are down again.
Not a good move spamming it in my opinion - gives credence to any counterclaim they make that it's internet abuse that caused the whole thing.
-m0r
I don't run junk either - but I'd imagine whatever called up PIFTS.EXE could do so again, and by the looks of it I'm guessing it was this mornings update that executed it.
So tracking customer viewing habits each update is what I surmise at the moment.
See Norton's forums are down again.
Not a good move spamming it in my opinion - gives credence to any counterclaim they make that it's internet abuse that caused the whole thing.
-m0r
Originally posted by Echo007
Could this be a failed attempt to make nortons ready for when they want to start the attacks on the net, to trick us into accepting internet2 ?
Didnt you know.
Heard it straight from the horses mouth.
Cmon man, move with the times
You sound familiar, "Nortons"?
jk
[edit on 10-3-2009 by XXXN3O]
reply to post by m0r1arty
next they will be employing people that wear bright yellow outfits and come round to raid your bins! sad [snip]!
Mod Edit: Profanity/Circumvention Of Censors – Please Review This Link.
[edit on 10-3-2009 by 12m8keall2c]
next they will be employing people that wear bright yellow outfits and come round to raid your bins! sad [snip]!
Mod Edit: Profanity/Circumvention Of Censors – Please Review This Link.
[edit on 10-3-2009 by 12m8keall2c]
new topics
-
Putin, Russia and the Great Architects of the Universe
ATS Skunk Works: 2 hours ago -
A Warning to America: 25 Ways the US is Being Destroyed
New World Order: 6 hours ago
top topics
-
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies: 12 hours ago, 29 flags -
A Warning to America: 25 Ways the US is Being Destroyed
New World Order: 6 hours ago, 12 flags -
Las Vegas UFO Spotting Teen Traumatized by Demon Creature in Backyard
Aliens and UFOs: 17 hours ago, 7 flags -
Is AI Better Than the Hollywood Elite?
Movies: 13 hours ago, 3 flags -
Maestro Benedetto
Literature: 13 hours ago, 1 flags -
Putin, Russia and the Great Architects of the Universe
ATS Skunk Works: 2 hours ago, 1 flags
active topics
-
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues • 40 • : WeMustCare -
Cats Used as Live Bait to Train Ferocious Pitbulls in Illegal NYC Dogfighting
Social Issues and Civil Unrest • 24 • : NoviceStoic4 -
A Warning to America: 25 Ways the US is Being Destroyed
New World Order • 13 • : 2025yuga -
Is AI Better Than the Hollywood Elite?
Movies • 19 • : GENERAL EYES -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media • 271 • : CriticalStinker -
Weinstein's conviction overturned
Mainstream News • 27 • : brodby -
ChatGPT Beatles songs about covid and masks
Science & Technology • 24 • : iaylyan -
The Acronym Game .. Pt.3
General Chit Chat • 7754 • : bally001 -
Nearly 70% Of Americans Want Talks To End War In Ukraine
Political Issues • 96 • : andy06shake -
Rupert Murdoch engaged at 92
People • 8 • : brodby