It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

SCI: Tech Fears Arise Over Norton and Pifts.exe

page: 9
267
<< 6  7  8    10  11  12 >>

log in

join
share:

posted on Mar, 10 2009 @ 09:32 AM
link   
The whole board was down for me, I hadnt registered an account though.
Now I refresh and I get a
Lithium logo and



The Forums Are Closed For Maintenance The forums are currently undergoing maintenance. We apologize for any inconvenience this may cause. Please try again later.
_javascript:quote()




posted on Mar, 10 2009 @ 09:32 AM
link   
Just a reminder for those joing the thread:

We don't advocate spamming of other sites, nor do we "boast" about it. I doubt if spamming/upsetting the Norton mods will get any answers (sooner). Should you decide to spam Norton in any case, please don’t bring it over to ATS as board wars are forbidden in the Terms & Conditions Of Use



2g.) Board Wars: You will not use these boards to organize "attacks" on other boards, blogs, or discussion groups, and similarly, you will not organize such attacks against this board. Doing so will result in removal of your post(s) and immediate termination of your account.



posted on Mar, 10 2009 @ 09:33 AM
link   

Originally posted by wylekat
Well... this seals it for me... I have AVAST!, Spybot, Cccleaner, and a couple other freebies- and when someone hands me their older computer- I am slapping Ubuntu on it and I a going to learn how to use it. When I have mastered it, I am putting it on this beast here, WINE, and goodbye, Windows.


This is why people should use Linux. Ghostware for Linux is much more robust and unobtrusive than Ghostware for Windows.




posted on Mar, 10 2009 @ 09:34 AM
link   
reply to post by thebox
 



It's back up with loads of pifts threads,think traffic keeps crashing it.

Still no response from norton.



posted on Mar, 10 2009 @ 09:35 AM
link   

Originally posted by youri
Hey guys, we're making some breakthroughs on what this little bugger does over here in the comments. Someone ran a strings on it and found some interesting information that symantec didn't know could be gleaned from their backdoor. For example look at this string in the file

: d:\perforce\entiredepot\consumer_crt\patchtools\patch021809db\release\PIFTS.pdb



got laymens terms? for the not so tech savvy?



posted on Mar, 10 2009 @ 09:37 AM
link   
Can I assume based on the first 4 pages and these last few posts that people still aren't entirely sure of what it does?

If they aren't I might try to reverse engineer it a bit to see what the hell that file is supposed to do.

Because afaik all the things I've seen was random bantering thrown around to ''act'' smart. (Oh look there's an IP and omg it says this string! aaaaah!)

I'll be posting a more elaborate schematic pretty soon. (I hope)



posted on Mar, 10 2009 @ 09:38 AM
link   
I'm a new poster, but thought I'd include a screen shot as well to prove that this is real:



I searched the internet for pifts after a Norton popup told me that pifts was trying to access the internet earlier this morning. I didn't want to block a program that I might want to allow to connect.

One thing that I'm not sure has been mentioned yet concerns the way Norton automatically tries to handle this. If you are familiar with Norton, you may know that there is a dialog box at the bottom of the window that pops up when an exe tries to connect to the internet. The dialog box make a recommendation as to whether or not Norton thinks you should allow it.

In this case, Norton suggested that the exe be blocked as the default setting. This makes it less likely, in my mind at least, that Norton is trying to collect personal information or browsing history. Why would they let you know it was trying to connect an then recommend that you block it?



posted on Mar, 10 2009 @ 09:42 AM
link   
Pift = Probabilistic Information Filtering Tool

Maybe there are people interested in flagging people searching for certain phrases on google?

Google Books Link to research paper

[edit on 10-3-2009 by SeanU]



posted on Mar, 10 2009 @ 09:42 AM
link   
I wouldn't say people are trying to 'sound smart' most of what I have seen is ideas being thrown around, about this very very strange situation, and, the plot thickens.... so to speak;




posted on Mar, 10 2009 @ 09:42 AM
link   

Originally posted by kuhl

It's back up with loads of pifts threads,think traffic keeps crashing it.

Still no response from norton.


How ironic that a company devoted to internet security and the prevention of spam are unable to block a 5 letter word on their OWN forum.



posted on Mar, 10 2009 @ 09:43 AM
link   
i think all it does at the most is take your cookies and and internet history and then sends this information to stats.norton.com! Why would they want to do this?

It has no rootkit functionality!

It does NOT drop any other exe files!

It does not create an auto start entry in the registry!

So from what i can see this phones home once and then that is it...



posted on Mar, 10 2009 @ 09:44 AM
link   
reply to post by thebox
 


Norton never could block anything! i used to experiment with Trojan horses and viri... Norton was ALLWAYS the easiest out of them ALL to bypass!



posted on Mar, 10 2009 @ 09:48 AM
link   

Originally posted by tommyboy1981So from what i can see this phones home once and then that is it...


Agreed, but it's once per execution - so all the time then once it's past your firewall.

-m0r



posted on Mar, 10 2009 @ 09:50 AM
link   
For what it's worth, if you Google search pifts.exe there aren't many 'cached pages' options for any of the sites listed. I'm sure there are many factors involved as to why a certain page is cached or not.

Just a thought is all.



posted on Mar, 10 2009 @ 09:52 AM
link   
reply to post by m0r1arty
 


But there is no autorun added to the registry so once it has been executed there is no way to execute it again unless the main components call PIFTS.exe each time they run.

I have no way to check this out though because i dont run junk on my PC lol



posted on Mar, 10 2009 @ 09:52 AM
link   
Could this be a failed attempt to make nortons ready for when they want to start the attacks on the net, to trick us into accepting internet2 ?

The Internet is not safe, but we have the answer and its Internet2 where we can protect you by only allowing you to visit "trusted" sites.



posted on Mar, 10 2009 @ 09:53 AM
link   
reply to post by tommyboy1981
 


That part of the program could have been installed in the previous version of the update.



posted on Mar, 10 2009 @ 09:56 AM
link   
reply to post by tommyboy1981
 


I don't run junk either - but I'd imagine whatever called up PIFTS.EXE could do so again, and by the looks of it I'm guessing it was this mornings update that executed it.

So tracking customer viewing habits each update is what I surmise at the moment.

See Norton's forums are down again.

Not a good move spamming it in my opinion - gives credence to any counterclaim they make that it's internet abuse that caused the whole thing.

-m0r



posted on Mar, 10 2009 @ 10:00 AM
link   

Originally posted by Echo007
Could this be a failed attempt to make nortons ready for when they want to start the attacks on the net, to trick us into accepting internet2 ?



Didnt you know.



Heard it straight from the horses mouth.

Cmon man, move with the times

You sound familiar, "Nortons"?



jk

[edit on 10-3-2009 by XXXN3O]



posted on Mar, 10 2009 @ 10:01 AM
link   
reply to post by m0r1arty
 


next they will be employing people that wear bright yellow outfits and come round to raid your bins! sad [snip]!




Mod Edit: Profanity/Circumvention Of Censors – Please Review This Link.

[edit on 10-3-2009 by 12m8keall2c]



new topics

top topics



 
267
<< 6  7  8    10  11  12 >>

log in

join