CPAPtalk.com

BleepingBeauty wrote:

montana wrote:Just a slight contradiction.

Personally, I have McAfee and Spybot Search & Destroy running at all times; also have Ad-Aware and Malwarebytes, which I run weekly. Overkill? Maybe. But I use caution with online activities and feel relatively safe. So far, so good.

BB, Sure makes me feel better to know I'm doing exactly what you do and I've never had a problem. I'm very careful and not much of a surfer anyway. But I have one of my "stories". My nephew is an unemployed CPA executive with a large stockbroker firm and asked my permission to list me as a reference on a reputable headhunter site that he has had many personal interviews with and has already received some legitimate job prospects. Of course I said yes and received an "invitation" from this company to be listed as a reference, I clicked OK and you know the rest, my computer went down, my good friend who is very computer savvy could not fix it and McAfee charged me $100 on their virtual technician site to repair it. They told me it came from the headhunter site. I got a call from my nephew but too late,telling me that all his contacts who clicked OK also got viruses.

Josef, sorry to hijack your thread, but please reconsider and stay with us. It just sounds like a misunderstanding.

Sorry McAfee charged you $100. McAfee should have caught it . That is what IT friend says they (McAfee ) does. They are sneaky . If you can afford to get Kaspersky Anti Virus next time. It would have probably caught that Nasty thing. Not being negative just helpful. I know from experience with McAfee ..

I am an IT Administrator for a block of Bell stores and my #1 job is keeping the network (including all subnets) CLEAN. It is by no means an easy task and even with DES level protection in place we still have the occasional 'glitch' that finds its way in and it is amost always from a TRUSTED SITE. So when you are approving or selecting a site as being 'trusted' be very concerned that THEY have their game together.

One of the packages that we run (and I cannot discuss what is on our mission critical servers for obvious reasons) is Computer Associates; funny enough they seem to have bought and packaged some stuff that used to be freeware and are now charging big dollars for it.

Nontheless, my friends, I have to tell you that those that believe that MAC's are not vulnerable are living in la-la land. I will accept that it is more difficult to find a successful attack on a MAC but they are by no means free and clear of intereference. How do I know? Simple. Both PC's and MAC's are on the network(s). The reason that PC's seem to be a whole lot more vulnerable has something to do with the fact that they have a larger chunk of the market... there are more networks and machines to infect or to be infected. The hackers concentrate on (a) what they know best; and (b) where they will get the most bang for the buck (or hour).

There is a whole protocol to be followed by administrators all the way down to end users that reduces the possibility of infection by a huge factor. The latest infections picked up by the untrained is one called "Security Tool" as well as one called "Antivirus" - supposedly tough as nails to get rid of but not so. You simply need to know what you are doing.

Anyone opening attachments from unknown users, downloading unknown applications even from trusted sites and so on deserves what they get nailed with. DON'T DO IT! Even attachments from trusted users should not be opened unless you are expecing it.

In any event, there is ALWAYS some sort of cyberattack underway so warnings to be aware are moot. Protect yourself at all times. It's like carrying a concealed firearm (where legal) or having a spare tire.... you need to take steps to keep yourself protected at all times and be aware of what's going on around you.

I could go on for hours but I will let it go at that. Have a quality protection package running on your machine and up to date. We update every HOUR for example. And we don't share files that we don't have to. And we have a firewall running that keeps us as hidden as possible. And we don't permit incoming files to be written to any drives that are critical. If you are going to save something, we give you your own drive that you can mess up on your own - and we shadow it and back it up nightly on a 30 day rotating cycle and on a monthly rotating cycle both to RAID arrays and to tape. So even if we do manage to get infected we try to mitigate the damage in advance and this can be easily done for a home system as well. A 1.5 TB drive sells at Walmart for something like $189 these days... that's part of our protection scheme as well at home instead of tape (we do a revolving backup as well as ongoing mirror). And RAID 5 for our main data drive with hot swappable drives.

Good luck. It's a dangerous world out in cyberspace these days.

Unless I missed something, I think only ONE person in this thread stated that there were no viruses for Macs. That's a "person" not "people," at least as far as this thread is concerned.

Anyway, I'm not on here often, and I'm finding out a little more information about the original topic of this thread such as the origin of the software mentioned. With that in mind, might it be possible that whatever is happening to the OP's computer originated from the pirated software? One of the possibilities is that it allowed remote access to the OP's computer. That and a multi-source cyber attack are possible, but in my experience a lot people I know who download pirated copies of music, videos, and/or software got a virus, trojan, or worm at least once. With a cyber attack, it can also happen from just one person, intentional or unintentional, from a single e-mail attachment or a link to a webpage that installed a virus. I guess the three possibilities that I see are: 1) one cyber attacker, 2) a lot of cyber attackers, 3) infected pirated software.

torontoCPAPguy wrote:...
There is a whole protocol to be followed by administrators all the way down to end users that reduces the possibility of infection by a huge factor. The latest infections picked up by the untrained is one called "Security Tool" as well as one called "Antivirus" - supposedly tough as nails to get rid of but not so. You simply need to know what you are doing.

Good luck. It's a dangerous world out in cyberspace these days.

Toronto,That's the one,"Security Tool". As I watched the Virtual Technician do his thing, I can't even recall all the places it had embedded itself but he seemed to know what he was doing even though it took several hours to fix. The whole experience was a nightmare and I was very peeved about McAfee's extra charge but they knew they had me over a barrel. I wrote a letter, got no reply as yet. A friend of mine is using Verizon's security package and Verizon's claim is that their infection rate is so non-existent that they include infection removal as part of their package. Thanks for all the info (even though I didn't understand all of it! )

Josef sorry your feelings were hurt as that was not my intent. While now your tone is that of soliciting for help, you original post came off as knowing what you were doing when obviously you don’t. There is no absolute protection against malware except not to use the web, hardly a solution. And just like with driving ones automobile, your safety has more to do with your actions then your hardware configuration. I have helped dozens here obtain their needed software with none of the hassles with which you speak so please if you need any help with PC issues there are many of us here who happily help, if you just ask.

josef wrote:
I have thought about this very long and hard, I'm not real sure I understand what he thinks he's trying to say. I'm not even sure it was meant to be so extremely rude and condescending as it appeared to me. Instead of offering helpful advice, it came across as a hateful personal attack. Worse yet, the list of people supporting me was extremely short. Just what am I missing here. If my help is not wanted, (as poor as it is) I can certainly leave. I am a senior citizen, Vietnam Veteran who has had many and numerous bouts with my maker and here in mt twilight years, I am beginning to feel true peace for the first time in over 40 years and this Dude does this hateful thing. What am I missing here. I feel sure that the at the end of the message doen't stand for Lots of Love.

Really Really Upset in South Texas.

Hello, I am a former computer consultant. For what it is worth, I doubt that any hacker would spend the time and energy to single out your machine for attack. The hacker would not have prior knowledge of valuable information available on your machine to motivate them to do the work. It is more likely that you unwittingly installed a back door Trojan which had as part of its code the means to disable or fool your anti virus software. Once the Trojan was installed it reported back to its originator via the back door connection through the firewall on your computer and provided the means to do the other mischief.

The installation of Trojans is hit or miss in that it takes some social engineering trickery to get you to install the malicious software in the first place. The best and simplest analogy I can suggest is “spreading bird seed on the ground and waiting for the birds to start eating it.” The computer term is “Phishing.” Examples of “birdseed” are free smiley emoticons, screen savers, specialized utility programs, bootleg software, unsolicited email and websites with bogus offers of goods, information or services that link to malicious scripts. Most of the offers involve some illicit aspect. Virtually all modern websites run scripts automatically. The difference is that most do not run malicious scripts. You need to set your computer security to prevent these scripts from running automatically when you go surfing in uncharted waters.

I was frustrated too with Respironics refusal to provide supporting software for my new biPAP Auto SV Advanced and went looking for sites on the web to obtain a bootleg copy. Each time I would download the “free” version and scan it for viruses, I found them. This is what I meant by “social engineering trickery.” Some malicious individual realized the vacuum created by Respironics policy and decided to exploit that by offering to supply Encore Pro for free.

Viruses are programs that need to be run to become active. If you save a file containing the virus before running the program, you can scan it with an anti-virus program and catch the virus before you install it. For that reason I never install software directly from any source on the internet unless I went to the site directly and I trust the site completely.

AaronM

Although, in all fairness, I am seeing more generic attempts to breach my firewall in the past few months than I'ld seen in years. I suspect some of the bot networks have become much more sophisticiated than in the past. So, while it may not have been directed at one individual, I fear we are now seeing other avenues being exploited (not just trojans and/or viruses) to infiltrate even fairly secure home networks.

It is always depressing to hear this happen, I have been using computers since 1974 and have repaired hundreds of peoples computers from infections. the pain and sense of violation this causes is unbelievable.
My wife is a realestate agent and even though I have our home behind a decent firewall, have her update her virus protection (advast) twice a day along with spybot, she has two or three "incidents" a year. The main reason is because the agents have to exchange so many documents and pictures and most of them are not as careful or diligent. as us. The best protection I can recommend is doing regular backups on a plug in drive. I personally run linux behind a second personal firewall and I still do backups. I guess the old adage never open popups or links or download files unless you trust where the come from, but even then beware

I'll jump in here as the author of a book on software security testing and a former member of a software security group.

Windows-based PCs currently have more viruses because they are a bigger return on investment for the people writing or profiting from the viruses. Macs are NOT invulnerable and as they get a bigger marketshare, more attacks will follow. The bottom line is that any machine that connects to anything else IS vulnerable - you cannot have access without some level of risk.

That said, you should run reasonable security software on all machines but one of the most important things is to develop a healthy dose of paranoia. Don't open emails you don't recognize, don't click on links you don't know. Quite a few vulnerabilities have the door opened to exploit via social engineering - basically tricking users into clicking on a link, opening an email or somehow trusting something.

The biggest choice with platform is what you can afford and what you are comfortable using. Because of my industry and my job, I run Mac and Windows both at my house and there are definitely give and take to both.

There is no one true ideal solution - just a solution that works for the individual.

- maura

Just thought I'd add this rather scary link about how a particular school was using MAC computers to check on students at both school and home, by briefly activating the web cam built into the mandatory MAC computers the students were made to use. The school issued denials as to why the webcam activation lights were coming on saying it was a known glitch.

The link goes on to say how

http://strydehax.blogspot.com/2010/02/s ... -high.html


Below is an extract (it was a recent update to the post - look at the date)

DSM



>>
update 2/23/2010 6:00pm

If you haven't already, you must watch this PBS Documentary - How Google Saved a School. At five minutes in, you can see all these same features in use, in a school setting, by a principal. Remote surreptitious observation. Remote camera use. All used by a principal to observe kids and make sure they're working. There are a lot of school districts, administrators, IT professionals, and security professionals who see nothing wrong with this documentary. They see remote administration software in use in this way and they don't think it's wrong, and they don't think it's spyware. Some of them even believe that the extension of this functionality into the home doesn't make it spyware, or even wrong. But this is my personal blog, and it's my personal opinion that they're wrong. As an expecting parent, I don't ever want my kids on the business end of Remote Desktop Curtain Mode, even at school. I'm a security professional, and a big part of my education and my professional development was tinkering and tearing apart computer systems to gain understanding, learn how they work, and change their use. I believe that computer security is knowledge in practice; it's using your knowledge to protect yourself. These kids are learning that security is something that happens to you. That's backwards. DARPA thinks we're not raising a generation with applicable security skills. I think they're right; I think this is a recipe for the next generation of phishing victims. I'd like to see a school system where a kid can bring in x64 Ubuntu or Haiku OS that he secured him/herself. I'd like to see a school system where kids teach each other how to defend against remote webcam use. Instead, we've got kids who can't run Terminal. Not my kids.
<<

In reviewing my antivirus logs, I am shocked also at the constant barrage of attacks my computer has to repulse.

JohnBFisher wrote:Although, in all fairness, I am seeing more generic attempts to breach my firewall in the past few months than I'ld seen in years. I suspect some of the bot networks have become much more sophisticiated than in the past. So, while it may not have been directed at one individual, I fear we are now seeing other avenues being exploited (not just trojans and/or viruses) to infiltrate even fairly secure home networks.

dsm wrote:Just thought I'd add this rather scary link about how a particular school was using MAC computers to check on students at both school and home, by briefly activating the web cam built into the mandatory MAC computers the students were made to use. The school issued denials as to why the webcam activation lights were coming on saying it was a known glitch.

The link goes on to say how

http://strydehax.blogspot.com/2010/02/s ... -high.html


Below is an extract (it was a recent update to the post - look at the date)

DSM



>>
update 2/23/2010 6:00pm

If you haven't already, you must watch this PBS Documentary - How Google Saved a School. At five minutes in, you can see all these same features in use, in a school setting, by a principal. Remote surreptitious observation. Remote camera use. All used by a principal to observe kids and make sure they're working. There are a lot of school districts, administrators, IT professionals, and security professionals who see nothing wrong with this documentary. They see remote administration software in use in this way and they don't think it's wrong, and they don't think it's spyware. Some of them even believe that the extension of this functionality into the home doesn't make it spyware, or even wrong. But this is my personal blog, and it's my personal opinion that they're wrong. As an expecting parent, I don't ever want my kids on the business end of Remote Desktop Curtain Mode, even at school. I'm a security professional, and a big part of my education and my professional development was tinkering and tearing apart computer systems to gain understanding, learn how they work, and change their use. I believe that computer security is knowledge in practice; it's using your knowledge to protect yourself. These kids are learning that security is something that happens to you. That's backwards. DARPA thinks we're not raising a generation with applicable security skills. I think they're right; I think this is a recipe for the next generation of phishing victims. I'd like to see a school system where a kid can bring in x64 Ubuntu or Haiku OS that he secured him/herself. I'd like to see a school system where kids teach each other how to defend against remote webcam use. Instead, we've got kids who can't run Terminal. Not my kids.
<<

Help! Where's my abacus ?





http://news.bbc.co.uk/2/hi/uk_news/educ ... 523807.stm

mars wrote:

dsm wrote:Just thought I'd add this rather scary link about how a particular school was using MAC computers to check on students at both school and home, by briefly activating the web cam built into the mandatory MAC computers the students were made to use. The school issued denials as to why the webcam activation lights were coming on saying it was a known glitch.

The link goes on to say how

http://strydehax.blogspot.com/2010/02/s ... -high.html


Below is an extract (it was a recent update to the post - look at the date)

DSM





>>
update 2/23/2010 6:00pm

If you haven't already, you must watch this PBS Documentary - How Google Saved a School. At five minutes in, you can see all these same features in use, in a school setting, by a principal. Remote surreptitious observation. Remote camera use. All used by a principal to observe kids and make sure they're working. There are a lot of school districts, administrators, IT professionals, and security professionals who see nothing wrong with this documentary. They see remote administration software in use in this way and they don't think it's wrong, and they don't think it's spyware. Some of them even believe that the extension of this functionality into the home doesn't make it spyware, or even wrong. But this is my personal blog, and it's my personal opinion that they're wrong. As an expecting parent, I don't ever want my kids on the business end of Remote Desktop Curtain Mode, even at school. I'm a security professional, and a big part of my education and my professional development was tinkering and tearing apart computer systems to gain understanding, learn how they work, and change their use. I believe that computer security is knowledge in practice; it's using your knowledge to protect yourself. These kids are learning that security is something that happens to you. That's backwards. DARPA thinks we're not raising a generation with applicable security skills. I think they're right; I think this is a recipe for the next generation of phishing victims. I'd like to see a school system where a kid can bring in x64 Ubuntu or Haiku OS that he secured him/herself. I'd like to see a school system where kids teach each other how to defend against remote webcam use. Instead, we've got kids who can't run Terminal. Not my kids.
<<

Help! Where's my abacus ?





http://news.bbc.co.uk/2/hi/uk_news/educ ... 523807.stm

Mars, so the blog I linked to is now an international incident

Must admit my 1st thought was Hmmmm - activating the webcam in the students homes (esp of the female students) - MAJOR scandal brewing here !!!

Looks like you have found one of the 1st waves of international outrage.

The US can seem strange to many of us outside it --- 9/11 changed a lot !. Authorities are getting away with a lot more than we ever dreamed they might.

DSM

-2

This is what MARS linked to ...

>>
Parents in the US have accused a school of spying on children by remotely activating webcams on laptops.

A couple from Pennsylvania have filed a lawsuit against a school district which gave laptops to its high school pupils.

They say their son was told off by teachers for "engaging in improper behaviour in his home" and that the evidence was an image from his webcam.

Lower Merion School District says it has now deactivated a tracking device installed on the laptops.

It says the security feature was only used to track lost, stolen and missing laptops.

But it was deactivated on Thursday and would not be re-instated without informing students and families, the district said.

'Stages of undress'

The Lower Merion School District gave the laptops to all 1,800 students at its two high schools with the aim of giving them access to school resources around the clock, according to its website.

Michael and Holly Robbins are suing the district on behalf of their child and all the children in the district issued with the laptops.

They allege the school district invaded their privacy and are guilty of "wiretapping" by putting children under covert surveillance.


Images captured may consist of minors and their parents or friends in compromising or embarrassing positions, including in various stages of dress or undress
Lawsuit claims

In their lawsuit, they claim the webcams were activated remotely and images were taken which could have included anything going on in a room where the laptop was placed.

The legal papers say: "As the laptops were routinely used by students and family members at home, it is believed that many of the images captured and intercepted may consist of images of minors and their parents or friends in compromising or embarrassing positions, including in various stages of dress or undress".

On Thursday, the Lower Merion School District posted a letter to parents on its website saying it had always "gone to great lengths" to protect the privacy of its students.

In it, the Schools Superintendent Christopher McGinley gives details of the security feature, which he said was activated only if a laptop was reported lost, stolen or missing.

"The security feature's capabilities were limited to taking a still image of the operator and the operator's screen," he wrote.

"This feature was only used for the narrow purpose of locating a lost, stolen or missing laptop. The District never activated the security feature for any other purpose or in any other manner whatsoever."

However, the district had carried out a preliminary review of security procedures and had disabled the security-tracking program, he added.

The district would now conduct a thorough review of the existing policies for student laptop use and look at any other "technology areas in which the intersection of privacy and security may come into play".

"We regret if this situation has caused any concern or inconvenience among our students and families, " he said.

<<

Yup, the cyber security at 'Lower Merion School District' is rapidly becoming an international incident.

http://news.yahoo.com/s/ap/20100218/ap_ ... n_students

http://www.philly.com/philly/news/homep ... d=15585797

http://news.bbc.co.uk/2/hi/uk_news/educ ... 523807.stm

http://www.mercurynews.com/peninsula/ci_14457138


Gotta tell you that we Aussies love you over there, for the entertainment from hollywood, life, dems vs repubs, gun lobby, the lack of any purposeful ending to the mason-dixon divide, & to cap it off - the dramas of the cpap therapy industry (FDA, Health Insurance, brand wars )

Keep it coming

Esp the rollout of Sarah Palin as a serious presidential candidate - RestedGal, I bet you just love her

DSM