|
|
User Controls
|
New User
|
Login
|
Edit/View My Profile
|
|
|
|
ActiveMac
|
Articles
|
Forums
|
Links
|
News
|
News Search
|
Reviews
|
|
|
|
News Centers
|
Windows/Microsoft
|
DVD
|
ActiveHardware
|
Xbox
|
MaINTosh
|
News Search
|
|
|
|
ANet Chats
|
The Lobby
|
Special Events Room
|
Developer's Lounge
|
XBox Chat
|
|
|
|
FAQ's
|
Windows 98/98 SE
|
Windows 2000
|
Windows Me
|
Windows "Whistler" XP
|
Windows CE
|
Internet Explorer 6
|
Internet Explorer 5
|
Xbox
|
DirectX
|
DVD's
|
|
|
|
TopTechTips
|
Registry Tips
|
Windows 95/98
|
Windows 2000
|
Internet Explorer 4
|
Internet Explorer 5
|
Windows NT Tips
|
Program Tips
|
Easter Eggs
|
Hardware
|
DVD
|
|
|
|
Latest Reviews
|
Applications
|
Microsoft Windows XP Professional
|
Norton SystemWorks 2002
|
|
Hardware
|
Intel Personal Audio Player
3000
|
Microsoft Wireless IntelliMouse
Explorer
|
|
|
|
Site News/Info
|
About This Site
|
Affiliates
|
ANet Forums
|
Contact Us
|
Default Home Page
|
Link To Us
|
Links
|
Member Pages
|
Site Search
|
Awards
|
|
|
|
Credits
©1997/2004, Active Network. All
Rights Reserved.
Layout & Design by
Designer Dream. Content
written by the Active Network team. Please click
here for full terms of
use and restrictions or read our
Privacy Statement.
|
|
|
|
|
|
|
|
Time:
12:12 EST/17:12 GMT | News Source:
InfoWorld |
Posted By: Chris Hedlund |
BankAsh-A malware program tries to steal users' banking passwords
One month after Microsoft released a beta version of its new antispyware software, security researchers at Sophos say they have detected the first malware program that seeks to attack it.
The program, named BankAsh-A, tries to disable Microsoft AntiSpyware and delete all files within its folder, Sophos said. It also tries to steal users' banking passwords by installing a keystroke logger that records information typed into online banking sites, according to the antivirus firm.
The program appears to targets users of U.K. online banks Barclays Bank, Cahoot, Halifax, HSBC Bank, Lloyds TSB Bank, Nationwide, NatWest, and Smile, Sophos said
|
|
#1 By
2960 (156.80.64.60)
at
2/10/2005 1:24:47 PM
|
Welcome back AW.
TL
|
#2 By
15406 (216.191.227.90)
at
2/10/2005 3:00:17 PM
|
#2: Granted that user education is a big goal of the security problem that will never be attained in reality. For every user who suddenly 'gets it', there are 10 more who just bought their first PC and are getting online. My mother-in-law is one of them in the past month. How do you educate a user to not go to a site that will silently install malware via their browser?
I'm surprised you haven't been trumpeting SCO's latest victory over IBM in court. Oh wait, it was a crushing loss, wasn't it? My mistake.
|
#3 By
9589 (68.17.52.2)
at
2/10/2005 3:38:11 PM
|
The article concluded, "Sophos advised Internet users not to download unknown files and to make sure their antivirus software is updated to protect against attack."
Doh!
This post was edited by jdhawk on Thursday, February 10, 2005 at 15:38.
|
#4 By
15406 (216.191.227.90)
at
2/10/2005 4:40:15 PM
|
#4: Perhaps you missed the part where the judge said they basically have no evidence whatsoever, considering their public spewings over the past 2 years? SCO can't even prove they own the copyrights to UNIX that they claim to. Let SCO have what they asked for in discovery -- they'll choke on it. Not that they have the resources to actually go through it all. And everyone in the world knows, based on their behaviour for the past 2 years, that their endless discovery requests are just an excuse to delay the inevitable for as long as possible. How can they tell the world that they have all this evidence, and then go before a judge and tell him that they don't have any evidence which is why they need this mountain of stuff from IBM? Lawyers from IP firms quoted all over the Internet all say it's curtains for SCO and their frivilous lawsuit. I can't wait to see what your new nick is when they eventually get their asses handed to them in defeat.
|
#5 By
3653 (68.54.224.219)
at
2/10/2005 4:54:29 PM
|
Latch - "Perhaps you missed the part where the judge said they basically have no evidence whatsoever"
Not only did LinuxIsTheft miss it, but apparently the JUDGE himself missed it too... which is why the case CONTINUES.
|
#6 By
3339 (64.160.58.137)
at
2/10/2005 5:24:35 PM
|
Mooresa56, are you trying to prove yourself stupider than Parker?
For one thing: what does the SCO v. IBM case have to do with malware that disables MS's antispyware software, deletes the software, logs key strokes, and sends home user account #s? Nothing.
But let's address Parker first:
"He resisted the strong temptation to rule favorably on IBM's Motion only, he writes, because he isn't positive yet that all you need to compare are the Linux kernel and the UNIX code. And he isn't yet persuaded that the discovery concerning AIX and Dynix is irrelevant to the question of whether code in Linux is substantially similar to code in UNIX."
And? By law, he has to allow discovery. Did you miss the part about the "strong temptation to rule favorably on IBM's Motion"? Did you miss the part where he said once discovery is complete they can refile the Summary Motions and if it were based on evidence as of today, it would be granted?
But most importantly you are ignoring the statement:
"Viewed against the backdrop of SCO's plethora of public statements concerning IBM's and others' infringement of SCO's purported copyrights to the UNIX software, it is astonishing that SCO has not offered any competent evidence to create a disputed fact regarding whether IBM has infringed SCO's alleged copyrights through IBM's Linux activities."
Additionally, you are forgetting that SCO already has done discovery on current Dynix and AIX code. What they haven't seen is every iteration of code and code changes throughout 20 years of history. But we still have the judge saying they do not have a single shred of evidence to support their arguments based on their discovery of current AIX and Dynix code.
Now, Mooresa56, how did the judge miss something HE said? The case continues because they are being prudent. At this point, they have stated: "thus far SCO has zero supporting evidence." He now says: because Judge Wells allowed for more discovery, I have to allow that discovery to occur, but if I didn't have to consider this protracted discovery phase, at this point, based on the lack of evidence, I would grant the motions... Thus IBM has full rights to repetition the Court after SCO has completed discovery. He didn't contradict himself. He didn't miss a thing.
This post was edited by sodajerk on Thursday, February 10, 2005 at 17:58.
|
#7 By
3339 (64.160.58.137)
at
2/10/2005 5:38:57 PM
|
"IBM has been stonewalling to prevent turning over the AIX and Dynix code which is at the heart of the case."
Please don't lie, Parker. We all know that Judge Wells just granted the motion for ADDITIONAL discovery on January 19th and it continues to be argued over and appealed.
"If..." "If..."
"If Dynix and AIX code are found in Linux, then IBM is toast. If the programmers notes say they gave AIX, UNIX or Dynix code to Linux, IBM is toast. "
No, if such happens, then SCO only has to prove that the statements and interpretations made of the Amended Agreement by AT&T, by Novell, by old SCO that stated that indepedently developed code could be used by licensees independently as their own products, and only code wholly derived from UNIX code would be consider as a derived work of UNIX, and then they would have to prove that Novell doesn't own the rights or that Novell can't decide how they are going to enforce the contract, etc.... And let's not forget: they've had current versions of AIX and Dynix for a year now. The new code is every change in code ever executed to AIX and Dynix over the last 20 years. And also let's not forget that SCO once was saying System 5 code was directly put into Linux and it was done by IBM. That's gone...
Now SCO has to claim that code IBM created for AIX and Dynix wound up in Linux which means...
...SCO owns the code, despite the derived products clause being firmly interpreted to the contrary by everyone...
...despite the fact that they don't own the code because Novell only sold them the rights to enforce the contracts...
..despite the fact that they own zero copyrights to System 5, etc...
"And I'm assuming IBM already ran it against AIX and Dynix, which is why they didn't want to disclose the code."
SCO has had versions of AIX and Dynix for over a year without proof of a single line of code stolen from them. They did disclose it. What they didn't disclose was every change ever made because the judge originally told them they do not have to do so.
This post was edited by sodajerk on Thursday, February 10, 2005 at 17:45.
|
#8 By
3339 (64.160.58.137)
at
2/10/2005 6:22:51 PM
|
And what do you think Judge Wells says there?
"Under a plausible reading of the [SCO-IBM] contract, it is possible that protections and prohibitions exist for code contributed by IBM to Linux. This code that eventually ended up in Linux may not look similar to the code initially provided to IBM under the contract, but if it was based on modifications, elements or derivations that are protected under the contract then it is clearly relevant. In contrast to IBM's argument this protection may even extend to 'homegrown' code depending on the interpretation of the contract."
All I see her stating is that she wants to follow the law. I don't see anything about any real evidence or possible interpretation on her part about this being a slamdunk for SCO.
'And when SCO gets to review the evidence, IBM may be toast. "
May be? Didn't you say they were toast? Didn't you say they will find code... Didn't you say finding that code will be the end of the case? Now they have to prove that whether or not it is modified it is truly derived, and then they have to prove that such derived code actually constitutes what SCO is calling their UNIX, and then they have to prove that it is their rights being violated and not Novell's right?
IBM is miles away from toast. This is SCOs very last chance to muster any sense of a case. And this is still very likely never to go to trial because SCO has yet to produce zero evidence.
"I personally think it is flattering that MS AntiSpyware is seen as being effective and worth attempting to disable. But to be fair, it also attempts turn off all anti-virus applications as well."
You're on crack, Parker. Not only does your statement not answer the very simple question: what does the SCO v. IBM case have to do with the fact that some simple malware can easily disable Microsoft's antispyware tools, delete them, key log your system, and send your account #s to who knows who? But it's hilariously retarded: the program is effective because it can be made completely ineffective, in fact, dangerous? Ha, ha, ha, ha!!
This post was edited by sodajerk on Thursday, February 10, 2005 at 18:25.
|
#9 By
3339 (64.160.58.137)
at
2/10/2005 7:33:37 PM
|
"But I saw her decide that SCO has a case based on derivative works, which is a huge win for SCO. "
She didn't decide SCO has a case... she decided that further discovery could support a theory. But whatever, Parker, NO ONE thinks you are credible or even interesting as a hilarious fool.
"If you download an exe, and run it, it can do anything within the context of the users rights. This would apply to any OS.
In this case, the malware disables anti-virus products and tries to disable Microsoft Anti-spyware. As Sophos says "The Trojan may also attempt to deny access to a number of security-related and anti-virus websites."
The question was: what the FCK does this story have to do with SCO v. IBM? And that question remains.
And what's up with all these "maybe"s. If you want to quote Sophos, quote Sophos: "While there are a number of malware programs that attempt to steal banking passwords this one is interesting because it seems to single out Microsoft's antispyware software for attack, said Sophos senior technology consultant Graham Cluley. "
"Lots of malware attempt to disable programs that can damage the malware. Its nothing new. "
I thought it was PROOF that MS's product was good?!! Ha, ha, ha!! Now it's nothing special... Make up your mind, Parker.
This post was edited by sodajerk on Thursday, February 10, 2005 at 19:52.
|
#10 By
23275 (68.17.42.38)
at
2/11/2005 12:03:38 AM
|
all that and not one word from any of you about the creeps that write malicious code, commit crimes, injur the innocent and cost all of us many billions...
It is time our collective energy and contempt were properly directed - not at MS, not at inventive people writing new browsers, but at criminals that do nothing but hurt people.
They must be hunted down, prosecuted and caged.
I'd like to see a dedicated Court TV like show in HDTV format where these criminals were publicly prosecuted and sent to prison - where reality TV cameras would follow them around as they progressed from day one to become the "wives" of really big hairy men looking for a date and a bottle of gin.
|
|
|
|
|