07-19-2012, 02:39 AM | #1 |
new hand moves = dab
Join Date: Dec 2002
Location: he/they
Age: 33
Posts: 10,094
|
Malware Dev Answers Questions on Reddit
http://www.reddit.com/r/IAmA/comment...developer_ama/
kinda old, but still a good read. plenty of interesting tidbits. the questions and answers range from low-level and generic to highly technical. I'll flesh out this post with some quotes sometime soon. for now, here are some ideas he reinforces which we should already know: • antivirus software can't detect the newest malware • browsers and browser plugins, if not up-to-date, can be easily exploited • Mac and home Linux/Unix users make up a relatively small portion of the Internet's population, so most malware developers don't target these users' systems • Windows XP is hella vulnerable |
07-19-2012, 06:23 AM | #2 |
FFR Veteran
|
Re: Malware Dev Answers Questions on Reddit
I didn't click/read it or anything, but there is one very important point I want to make.
Once you are infected with anything there are two and only two ways to truly remedy that. One such way is to restore from a known good backup (saved on some medium other than the infected one, of course -- backup partitions on an infected hard drive are no good). The other way is to wipe the medium (fully 0-write it) and reinstall everything from scratch. NOTHING apart from one of those two methods can guarantee the malware was removed, despite what anyone else tells you. (Keep in mind the computer repair place just wants your money and will run some programs which will remove some stuff and they'll do what they can but you can never be sure it is 100% except for one of the two above methods) Also, if you have extremely rare firmware malware (in other words, it didn't just write data to your hard drive but it updated firmware in some piece of hardware) then even restoring from a known good backup or 0-writing the drive and reinstalling from scratch won't fix it. That kind of malware is very rare though since it generally can only be written to affect some very specific piece of hardware and unless you had that exact hardware, it does nothing. Removal of firmware malware may/may not be possible depending on the hardware and depending on the infection. |
07-19-2012, 10:25 AM | #3 | |
Custom User Title
Join Date: May 2004
Age: 39
Posts: 1,546
|
Re: Malware Dev Answers Questions on Reddit
Quote:
Give THIS a read. THIS is a sort of walkthrough of the manual removal process. Pretty easy. Last edited by ELRayford; 07-19-2012 at 10:33 AM.. Reason: hungovertypingwat |
|
07-19-2012, 10:37 AM | #4 |
FFR Player
|
Re: Malware Dev Answers Questions on Reddit
I've paid elray hundreds of dollars to remove malware, spyware, desktop icons and I regret nothing. Best 700 dollars I ever spent
__________________
|
07-19-2012, 10:40 AM | #5 |
Custom User Title
Join Date: May 2004
Age: 39
Posts: 1,546
|
Re: Malware Dev Answers Questions on Reddit
|
07-19-2012, 11:34 AM | #6 |
Digital Dancing!
Join Date: Feb 2006
Location: 80 billion club, NE
Age: 31
Posts: 12,980
|
Re: Malware Dev Answers Questions on Reddit
I lolld
__________________
|
07-19-2012, 01:13 PM | #7 | |
new hand moves = dab
Join Date: Dec 2002
Location: he/they
Age: 33
Posts: 10,094
|
Re: Malware Dev Answers Questions on Reddit
thanks for posting the resources, elray. I need to get more comfortable with poking around in the registry. ugh such a pain in the ass.
Quote:
I lol'd at that one too, rushy. a couple more goofy comments: |
|
07-19-2012, 04:13 PM | #8 | |
FFR Veteran
|
Re: Malware Dev Answers Questions on Reddit
Quote:
I'm not saying malware removal services aren't useful -- they are. What I am saying is you can never 100% prove you removed absolutely all malware. Because, remember, the most dangerous malware is intended to be as invisible or undetectable as possible. That includes with using the best tools available. And if you do happen to run into firmware malware, even the two methods I mentioned won't work. |
|
08-18-2012, 12:47 AM | #9 |
I am the liquor
Join Date: May 2007
Location: Where ever evil lurks
Age: 34
Posts: 706
|
Re: Malware Dev Answers Questions on Reddit
That's a level of paranoia that doesn't belong to consumer-level computing
At the enterprise level, yes you have to be super cautious because odds are you're worth hacking into to someone. But if youre just some dinky nerd on a computer trying to chat people up on neopets you've got the protection of anonymity and not being worth a damn Tl;dr Odds are pretty good as long as you're not retarded or running a public server you're not going to run into any attacks/malware If you did get a virus or whatever it's always 100% your fault |
08-18-2012, 03:14 AM | #10 |
FFR Veteran
|
Re: Malware Dev Answers Questions on Reddit
Install WindowsXP original edition (not SP1 or SP2) from official Microsoft installation media on a brand new hard drive and then immediately get the updates (don't browse any websites or install anything else first) and let me know how that works out for you.
10 out of 10 says you'll be infected before you can even get the updates. The "solution" is to block specific ports in a hardware firewall, disable very specific things on WindowsXP prior to ever connecting a network cable, change several other things, and then connect to update and hope it's good enough to be able to get the updates before you get hit with something exploiting that older unpatched version of Windows. And/or download the updates on a different machine, copy them to some media you'll then use on the unpatched machine (external hard drive for example) to patch prior to ever touching the Internet. Mind explaining why that's 100% the user's fault without resorting to lol buy a newer computer or lol buy a newer version of Windows or lol use Linux/Mac or some other non-answer? |
08-18-2012, 01:02 PM | #11 | |
new hand moves = dab
Join Date: Dec 2002
Location: he/they
Age: 33
Posts: 10,094
|
Re: Malware Dev Answers Questions on Reddit
^ wow good call. yeah that's some bullshit really. pretty sure Microsoft doesn't tell its "legacy" customers (aka people who keep things until they stop working) that safely running XP while connected to the internet is basically impossible.
Quote:
gotta say though, I disagree. obviously people are in it for the money. would you rather spend time working on a way to break through corporate network security, or just infect and steal credit card info from a ton of machines operated by incompetent home users? not saying the latter is always more lucrative, but I think it's foolish to assume no one has any interest in going that route. anyway I have my own reasons for being interested in the topic. IT major, yada yada. Last edited by dAnceguy117; 08-18-2012 at 02:43 PM.. |
|
08-19-2012, 03:53 PM | #12 |
Network Security Analyst
|
Re: Malware Dev Answers Questions on Reddit
Just spent 30 minutes writing up a response to this. Then it got deleted when it would post. Saving as a placeholder incase I decide to re-write my responses to all of this. To keep this post worth the space:
Serious question: Does anyone here work with/on this stuff professionally? Anyone else studying this sort of stuff? @dAnceguy117 what are you studying and when do you graduate? |
08-20-2012, 04:12 AM | #13 |
FFR Player
Join Date: Dec 2008
Age: 33
Posts: 6,205
|
Re: Malware Dev Answers Questions on Reddit
I really want to see some malfoyware
__________________
|
08-20-2012, 09:13 AM | #14 | |
¯\_(ツ)_/¯
Join Date: Sep 2007
Age: 34
Posts: 1,837
|
Re: Malware Dev Answers Questions on Reddit
Quote:
see:
__________________
|
|
08-20-2012, 12:36 PM | #15 | |
new hand moves = dab
Join Date: Dec 2002
Location: he/they
Age: 33
Posts: 10,094
|
Re: Malware Dev Answers Questions on Reddit
^ hey cool someone else read this stuff :)
Quote:
just started an internship a month ago. I've done a little bit of web development, but mostly it's been poking around a database using phpPgAdmin plus a bunch of generic desk job tasks. |
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
|
|