Computer hacking: how do we uncover online security flaws?

At one time my ISP was renamed to virusnet.

Duncan, there seem to be plenty of public facing websites describing “fileless attacks”, so how exactly can you say this news is “covered up” from the general public? Hidden in plain view might be more accurate…

When I said “covered up ” I mean the mass media – newspapers / TV etc , what do the public watch ?-TV as witnessed by CPCW having massive sales due to, heavy advertising . Where are the newspaper headlines on all the hacks that continually take place in this country or TV headlines for that matter ? You and I can access websites describing methods of scamming/hacking/ malware etc but the general public dont as witnessed by Which giving out warnings and many convos on the subject just because Which advertises it not the other media . Which Convo brings in many complaints about the subject but its got to be put out where the public can see it . This convo is about making people aware of whats out there on the Web I just dont see the media doing the same because they think it will lose sales and profit will drop. At least which is making an effort .

Thanks Duncan. I think “covered up” is a “glass half-empty” viewpoint and the role of mass media is peripheral to the main topic here, which is more about the process of discovering, reporting and fixing vulnerabilities.

As for the (recently coined?) term “fileless attacks”, its prominence does perhaps show that regular antivirus s/w is now quite good at dealing with traditional virus attacks, i.e. where the user must be conned into downloading a file that contains a malicious executable program, before the main thrust of the attack can progress.

In that sense, there is really nothing new about the nature of “fileless attacks”. That said, as you suggest, an alternative name for them (e.g. “hostile websites”) won’t serve to encourage e-commerce for the benefit of Amazon and other business interests. (As we both already know “non-fileless attacks” generally only work against Windows systems, because downloaded files won’t be executable by default on more sensible OSes.)

With regard to the mass media, I think they generally need to pitch their stories so they can be understood by any average school leaver (i.e. with little or no qualifications or life experience), so it is hard for them to get into as much technical detail as we can here.

…primary school leaver, in the case of most tabloids…

Much in the same way as the first operation on many things has to be change the password, it is not beyond the wit of man for this to be a requirement on router installations – and I suggest it is disgraceful that that doesn’t happen where the defaults are empty, admin, 0000 etc. BT at least make their default router passwords unguessable and all different.

Good you brought that up Roger as a BT customer with one of their very reliable routers I cant figure out why they dont publicize it. Its one of the biggest pluses for hackers — get the default password and you get the rest.

In my experience, most ISPs now give you a sensible router passwords like 8d29ebf4 from the get go.

It’s ages since I last bought a new router, but the ones I’ve bought tend to come with default passwords like “admin”.

As Duncan said he does, I also backup passwords to paper records, as I don’t expect those to ever be hackable.

I’ve also recently discovered that saving passwords in web browsers like Chrome is really nasty, because they have to be capable of delivering the plain text version of the password. That probably explains why my banking websites don’t allow those functions to work.

Duncan, where I work similar safeguards are in force, as part of paid for endpoint solutions.

In another convo you recently said “A good commercial firewall AND internet malware/virus protection is definitely required for Windows…”, from the basis that software engineers won’t often work for free, all this has to bought and paid for.

It may be that the costs are too high to encourage these particular solutions from being marketed or sold to the general public.

You might be right Derek but should not the option be openly provided to those who want better security ?

Duncan, I think these services are publically available. A quick look on the Sophos website seems to suggest they claim to provide the kind of capabilities you mentioned above.

Derek what the US defense industry are waffling on about is DMARC . I cant get into Sophos after accessing the website as my blockers wont let me to check the inner detail but it looks like a virus /malware type of blocker but maybe you could add to that , Click on https://blog.returnpath.com/how-to-explain-dmarc-in-plain-english/ thats the simplified version the tech version is much more “brain heating ” .

Duncan, thanks for the info.

According to dmarc.org, anyone can use this protocol.

I think I had to enable script to dive into the Sophos website. As Sophos is the best security software that I’ve ever personally used, I was happy enough to do that.

I’ve often thought that the principle of paying extra on domain registration for anonymity is wrong and that the detailed information should only be available to officialdom – a bit like the DVLA database should be.

Duncan – thanks for that link.

Re “especially removing booting problems associated with Windows” – I agree that booting Windows generally leads to problems 😉

That said, those results show that many common a/v programs – including some free ones – seemed to perform quite well.

Duncan – a piece of software like a hacking app, is just a tool. Of itself, it cannot be either good or evil. So there is no need to make such software illegal.

Hacking software can be put to good uses by “pen testers” and other security consultants, who will find, expose and then fix security flaws on computer systems.

Or, the same software might be used for malicious purposes by criminals intent on stealing data and/or committing fraud.

I didn’t say otherwise Derek , you do understand I posted this to alert the British Public not to alert the “cognitia ” ( yes the word exists ) or if you want more perfection – cognitus, on Which , this is ,after all a Convo on Hacking . You know and so do others the amount of posters on this type of subject complaining of- they know my name/ address/ etc and have hacked my router/modem.

Duncan, you’d said “It took me by surprise that they are not illegal” which struck me as odd, if not surprising, given that you claim to hang out on US hacker forums and such like…

Derek it took me by surprise that they were so easily downloadable on websites , okay some were obscure websites but young people would know them . The US websites I am on have data on them but thats different from having “open-house ” to the apps on the web . The hacking websites inform me of the latest actions by hackers and are not “Dark Web ” inhabitants but are there for good not evil. Show me the UK equivalents ?

So when you said “illegal” you weren’t suggesting it might be a criminal offence to produce, posses or download such software?

Point of law Derek ( US law ) not in the three instances you quote but it is to USE it – the Computer Fraud and Abuse Act (CFAA) , see https://www.pbs.org/wgbh/pages/frontline/shows/hackers/blame/crimelaws.html I have not looked up UK regulations on it but hacking per se I take to be illegal in the UK ( unless you know otherwise ? ) .

Duncan – I agree that was point exactly?

So by “illegal” did mean you thought your ISP or your a/v s/w (if you have any) ought to have blocked those downloads?

Assumptions Derek , I never downloaded anything, why would I download as I dont use Wi-Fi and have it completely disabled in the main programming so that the hardware ( two types ) doesn’t function ? My ISP hasn’t blocked me accessing the website , anybody can , it isn’t political and its American not Russian . As I am also member of three US “freedom of access on the web ” websites I get all the latest action by the US government to control/slow down websites for profit etc I am against restriction and have signed their petitions to Congress , its as I posted the link , its illegal to actually use it . The UK has the same type of laws in other areas – okay to buy ( usually from the USA ) but illegal to use. Read up on Arch Linux , I dont need to download from “iffy ” websites arch contains the largest range of compatible programmes and programming that I have come across because if you install a programme outside its range it usually doesn’t work correctly as you have to allow parts of basic operation programming to make it function properly it also lets you know with BIG warning in red – Warning !! this programme isnt safe/ out of date / not kept up to the latest level security by updates etc -download at YOUR risk of installing infected software and corrupting your system . Then the whole system is constantly re-installed by updates with a new kernel but not the core, unlike Windows where you have to start from scratch with a complete re-installation and other Linux distros . I learned long ago using Windows 7 Prof . the bad side of downloading willy-nilly ( old obsolete expression ) .

Duncan, I wasn’t suggesting that you had downloaded any of those apps, I was just wondering whether or not you would expect any blocking software from stopping you if you had wanted too?

In the past I have experienced Windows Security Essentials did block the download of certain “utilities” that could be used for legal work – or potentially for other things too.

Well you have a point Derek . Arch being different from the rest Blocks normal downloads by default in other words downloading an app/programme doesn’t install it nor is it able to function in any capacity but isolates it leaving you with a good bit of programming to install it. I only have a limited amount of third party programmes mainly audio/hi-fi and even there I had to install libraries etc from Pacman to make them function . But that the beauty of Arch you control it even if you destroy it. I had to remove two small browsers because Arch didn’t like them as they weren’t secure enough. One was a text browser I tried , worked for one day then locked up permanently the second locked up my screen ,as again, Arch wasn’t happy. I would rather have that than an “open to the web ” system.

Here’s one link. https://www.theregister.co.uk/2018/05/18/top_uk_court_agrees_to_review_spy_courts_immunity_from_judicial_review/

Thanks for the link malcolm .

Thanks Duncan and malcolm – that’s interesting. I think it shows the danger of leaving unfixed security flaws around, in case authorities might want to use them as backdoors into systems. The trouble is, if that’s done, then others might also be able to discover and use those flaws.

Duncan – now that this information is out there, won’t Windows anti-virus software just simply block those files from executing?

Windows wont block what you authorise Derek thats how malware gets through , you have got to accept it first , the same as -dont click on that link etc in an email , if Windows anti-virus was that good the world and the UK wouldn’t be full of people getting infected by malware , its because they allow it also just like telephone scammers just do this or that to allow us to deposit our controlling Trojans/malware on your system , MS doesn’t stop that happening its not reached the AI stage yet in intelligence . Its supposed to protect you from yourself but if you okay it it gains entry , in any case this wasn’t some dumb virus easily spotted it was an up to date sophisticated one masquerading as a normal file. They were all packed with different malware strains from different manufacturers and packed as portable ex. files (PE) but all used the same source code . No virus control can boast of 100 % efficiency and hackers arent stupid in this category , no wonder both our government and the USA want to employ them .

Duncan – would I be right in thinking you have no hands-on experience of using Android phones and W10 PCs – either singly or in tandem?

Not Windows 10 Derek and I would never buy Android as its easy to hack . Are you saying Windows virus control will block your commands Derek ?

Duncan, I’m not happy making sweeping general statements from the basis of limited experience.

It concerns me that you have no such inhibitions.

And i think it leads you to post incorrect advice.

Like your recent advice on the use of Windows task manager for a boot- looping Android phone.

Then there was your recent project IT fear advice against the use of USB discs.

Hence, given the allowance for debate on W?C, I do sometimes feel moved to question some of your posts.

Okay prove to me that Windows 10 is “safe ” and that a user cant override the built in virus control . Tell the public its “safe ” Derek , when MVP,s cant answer a question they just repeat their statement leaving no answer , if you have one give it to the public , are you saying thumb drives are safe Derek ?

With intelligent use I don’t see much problem with using flash drives as long as you don’t use them for sensitive data or if you do then treat them as if they were confidential paperwork. I trust that most people are aware that simply deleting a file on a flash drive does not erase the data.

I think it is good to be aware of risks but if they are overstated then readers will just switch off.

Duncan, I agree with wavechange that flash drives are safe to use.

My employer even lets me use them at work, so they think so too.

Duncan, if you are asking me prove to you that Windows 10 is “safe”, then I think you have just validated my position.

I would not even try to “prove” that plastic backed fridge-freezers are “safe”, yet I have one right here that is powered on 24/7/365 and seeing its hottest ever summer.

That said, I am content that the fire risk posed by my fridge freezer is tolerably remote.

I apply similar judgement to my uses of Andriod phones and tablets, Windows PCs and USB disc.

Duncan, I have not taken it upon myself to advise the public via W?C.

I merely question your posts as a member of the public, albeit one with experience that challenges the overall veracity of some of your statements.

The time you advocated ReactOS as a (presumably viable) alternative to Windows was another memorable time when I became aware of the need to challenge the wisdom of one of your posts.

Comparing fridge freezers and Microsoft Window 10 in the same category of public safety says it all to me Derek I dont trust your responses , I hesitate to say – “you cant be serious ” as tennis is in full swing just now . Come on Derek tell the public just how “safe ” Win 10 is in reality ? If you are telling the British public its as safe your fridge freezer I rest my case .

As you refuse to believe me Derek , have you heard of the USB malware -Bad USB ? detected by none other than the Chief Scientist and founder of Security Research Labs -Berlin- Karsten Nohl – quote Most of the USB thumb drives have a major dilemma like several other USB peripherals that they fail to provide protection to their firmware. This refers to that software which is known for running upon the microcontroller which is inside them according to the founder as well as the chief scientist of the Security Research Labs based in Berlin namely Karsten Nohl.This denotes that the firmware on a USB device can be replaced by any malware program with the help of SCSI (Small Computer System Interface) commands. Nohl further claims that it can be made to act as any other piece of hardware.This spoofed piece of hardware can then be used imitate key presses as well as transfer commands in order to download and for the execution of a malware program. This malware then can also be used for reprogramming the other USB drives which are put into the infected computer. This way it becomes a self-multiplying virus. I will stop before the tech detail as its “not approved ” here but of course – he doesn’t know what he is talking about –right ? I have tech website after tech website showing how vulnerable thumb drives are to hacking but of course – “they are all lying ” -yes ?

Duncan, I’m not accusing you of lying. I’m just saying that, from the light of experience, I cannot attribute much value, utility or veracity to the information that you post. I have already explained my reasons, so this is my final post for this thread.