or Connect
AppleInsider › Forums › Software › Mac OS X › Gameover Zeus botnet reanimated, exposing the harm in "open" Android, Windows malware platforms
New Posts  All Forums:Forum Nav:

Gameover Zeus botnet reanimated, exposing the harm in "open" Android, Windows malware platforms

post #1 of 50
Thread Starter 
Apple's iOS and OS X platforms aren't directly affected by the rampant malware infestations that plague Google's Android and Microsoft's Windows, but that doesn't mean they can't be victimized by it, as the collateral damage and smokescreen of a reanimated botnet targeting unpatched, vulnerable systems demonstrates.

Android open to malware


A report by John Biggs of TechCrunch details how a massive Windows botnet, despite having been taken down by authorities last month, has been reused by thieves to create a distracting smokescreen that's being used to block fraud victims from accessing their own accounts while they are being hacked.

The "openness" of insecure platforms including Windows and Android (which now accommodates 99 percent of all mobile malware) are resulting in mass infections among large volumes of lower-end devices that are unlikely to ever receive security updates.

No updates are bad, m'kay?



Last July, a U.S. Government report titled "Threats to Mobile Devices Using the Android OS" warned that Android "continues to be a primary target for malware attacks due to its market share and open source architecture," and stated that this "makes it more important than ever to keep mobile OS patched and up-to-date."

A year later, Google still reports that more than 53.4 percent of active Android users accessing Google Play are still using an "Ice Cream Sandwich," "Gingerbread" or other editions of Android prior to 4.2 that still "have a number of security vulnerabilities that were fixed in later versions."

One specific Android WebView vulnerability was recently detailed by Dan Goodin of Ars Technica. While Google patched that particular flaw in Android 4.2, according to Google's published figures for its Play Store active user base, only 46.6 percent have installed that fix as of this week. Outside of Google's own apps ecosystem, the flaw is even more widespread.

"The WebView vulnerability," Goodin stated, "allows attackers to inject malicious JavaScript into the Android browser and, in some cases, other apps. In turn, it helps attackers gain the same level of control as the targeted program. The easiest way to exploit the bug is to lure a vulnerable user to a booby-trapped webpage. Within seconds, the site operator will obtain a remote shell window that has access to the phone's file system and camera. In some cases, the exploit can also be triggered by performing a man-in-the-middle attack while the victim is on an unsecured Wi-Fi network. By hijacking the app's update process, attackers can gain control over the same resources already granted to the app, including permissions such as access to SD cards and geographic data."

Compromised PC and Droid users are frequently not even aware that their devices are being used to do things that hurt others, including distributed Denial of Service attacks that provide cover for other, more targeted online attacks. Further, the damage resulting from those botnets can also be used to attack and disrupt users on secured platforms.

Increasingly sophisticated attacks start on insecure platforms



The ZeuS botnet, a network of infected Windows machines believed to include 3.6 million PCs in the U.S. alone, was publicly targeted by the FBI in 2010. Back then, the trojan malware was used to secretly capture users' credentials which its operators then used to access and rob the victim's bank accounts.

In 2013, Wired reported that 24 year old Algerian Hamza Bendelladj, the man believed to be the mastermind behind both the EyeSpy and ZeuS mass infections of malicious software, was arrested and his malware networks were taken down.

However, ZeuS components later reappeared in a new form as "Gameover Zeus" with enhanced, encrypted peer to peer communications designed to make the infection harder to track.

In June the U.S. Department of Justice announced that a global collaboration of law enforcement agencies had broken the centralized control the infection as part of an operation that "disrupted a global botnet that had stolen millions from businesses and consumers as well as a complex ransomware scheme that secretly encrypted hard drives and then demanded payments for giving users access to their own files and data."

The Justice Department's Criminal Division Assistant Attorney General Leslie R. Caldwell stated at the time that "these schemes were highly sophisticated and immensely lucrative, and the cyber criminals did not make them easy to reach or disrupt."

The investigation charged 30 year old Russian Evgeniy Mikhailovich Bogachev and identified him as "as a leader of a tightly knit gang of cyber criminals based in Russia and Ukraine."

Unpatched users of insecure platforms enable botnet resurrection



However, a month after taking the Gameover Zeus botnet down it has now reappeared in email spam distributions identified by Malcovery Security as phony messages asking users to install "securedoc.html" to enable secure banking communications.

Malware spam identified by Malcovery.com


"In the original GameOver Zeus, the domain generation algorithm and its associated command and control resources serves the botnet as a fallback to the peer-to-peer botnet which serves as this malware's primary means of distributing instructions to infected machines," the site explained.

"Using the websites associated with the domain generation algorithm the GameOver botnet operators may distribute commands to infected machines with which the peer-to-peer botnet has lost contact," it added, noting that "the binary that is dropped and injected into Internet Explorer after contacting the C&C is randomly named" to make it harder to identify.

Malcovery added that it had identified "a number of the command-and-control hosts believed to be involved in this attempt to revive the GameOver botnet. Following contact with any of these hosts, the malware began to exhibit behaviors characteristic of the GameOver trojan--including the characteristic list of URLs and URL substrings targeted by the malware for Web injects, form-grabs, and other information stealing capabilities."

Apple's tight security ship



Apple has made security a key selling point of its OS X and iOS platforms, including app signatures and other security measures in the initial design of the App Store at its birth six years ago this month.

Across 75 billion app downloads, Apple has been able to address and patch security vulnerabilities on an unprecedented scale and speed. Following the delivery of iOS 7 last fall, the company now notes that as of June, 89 percent of its users have installed it. In the months since, Apple has acted to quickly release interim patches for discovered vulnerabilities, including an SSL verification flaw that Apple addressed in a 7.0.6 update it then deployed before most users were even aware of the issue.

By the time Reuters reporter Joseph Menn could craft a misleading hit piece about the flaw, he had to admit that the fix had already been released by Apple.

Additionally, Apple not only patched the flaw for the 89 percent of users on iOS 7, but also released a parallel iOS 6.1.6 update addressing another 9 percent who haven't or can't upgrade to iOS 7.

At the same time, the far more serious Android flaw Ars described in February can't even be obtained by most Android users affected by it, because Google has refused to patch the older versions of Android those users are stuck on, and neither the manufacturers nor carriers who profit from selling Android devices see any need to make newer, patched versions of Android available to the majority of the Android installed base who can't upgrade.

Microsoft has scrambled over the past fifteen years to secure the hundreds of millions of PCs running Windows, prodded in part by Apple's once incessant Get a Mac ads that pointed out the embarrassing security and privacy issues affecting PCs in contrast to the relatively tranquil security enjoyed by Mac users.



So far, Apple has done very little to advertise its dramatic security advantage over Android with its own iOS devices. Corporations and government agencies are well aware of the issue however, resulting in adoption metrics that indicate Apple has maintained a lead in enterprise mobile devices and has kept a virtual lock on tablets adopted for business use with iPad. Good Technology reported in May that 93 percent of the custom corporate apps deployed by its clients are developed for iOS.
post #2 of 50
Fate of Android similar to that of Windows. Death by a thousand cuts.
post #3 of 50
Can't tell you how many people I know who use Samsung & Windows who pooh-pooh the idea of a phishing-botnet-malware attack on their equipment.

I've almost given up talking about it except in a new business startup where some people from "corporate America" think Windows is the only way to get things done.
post #4 of 50
Putting the Gameover Zeus botnet in the same title with Android while there is no evidence of the Gameover Zeus botnet infecting Android (this btw also counts for the original Zeus botnet where there are no known infections within the Google ecosystem, only one outside of Play Store)? Typical. Well at least it gave DED the chance to regurgitate the same stuff again (for the thousand time).
Edited by Chipsy - 7/12/14 at 2:25pm
post #5 of 50

"Trust me"... classic Get A Mac ad.
 


Edited by Suddenly Newton - 7/12/14 at 5:27pm

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply
post #6 of 50
Quote:
Originally Posted by Chipsy View Post

Putting the Gameover Zeus botnet in the same title with Android while there is no evidence of the Gameover Zeus botnet infecting Android (this btw also counts for the original Zeus botnet where there are no known infections within the Google ecosystem, only one outside of Play Store)? Typical. Well at least it gave DED the chance to regurgitate the same stuff again (for the thousand time).

Hmmm, after checking articles on other sites you seem to be correct. What does Gameover Zeus have to do with Android specifically? The linked TechCrunch article makes no mention of Android at all but perhaps DED assumed no one would go and read it.
http://techcrunch.com/2014/07/11/crooks-reainmate-a-dead-botnet-to-target-high-value-bank-accounts/

Weird and deceptive headline if there's actually NO relationship which seems to be the case. 1confused.gif
Edited by Gatorguy - 7/12/14 at 3:17pm
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #7 of 50
It's hard to have sympathy for people that fall for these types of ludicrous emails. "Er... hello Mr User, you are receiving this email because your bank wants to reset your password. To prove that this is not a scam email, we have sent this directly to you so you know that it is not a scam. So click on the link and then run the super secure application and enter your bank account number and password in the secure space"
post #8 of 50
Quote:
Originally Posted by AnalogJack View Post

It's hard to have sympathy for people that fall for these types of ludicrous emails. "Er... hello Mr User, you are receiving this email because your bank wants to reset your password. To prove that this is not a scam email, we have sent this directly to you so you know that it is not a scam. So click on the link and then run the super secure application and enter your bank account number and password in the secure space"

If I can't feel sympathy for people who are less sophisticated than I am, why should people who are more sophisticated than me ever feel sympathy for me?  Perhaps I'll never need any sympathy because I'm perfect?;)

post #9 of 50
It seems pretty odd that the only info we get for android melware is that 99% of melware is targeting android. Never mind the fact that 99.5% of android phones do not have malware. Please DED use some objective reporting do not write an article with out including all the facts. http://bgr.com/2014/06/26/google-on-android-malware-and-security/
post #10 of 50
Quote:
Originally Posted by Chipsy View Post

Putting the Gameover Zeus botnet in the same title with Android while there is no evidence of the Gameover Zeus botnet infecting Android (this btw also counts for the original Zeus botnet where there are no known infections within the Google ecosystem, only one outside of Play Store)? Typical. Well at least it gave DED the chance to regurgitate the same stuff again (for the thousand time).

I think you just blew by the operative words in your own sentence: NO KNOWN INFECTIONS

It's not the KNOWN infections that get you. It's the ones you don't know of. Same rule for rattle snakes...
"That (the) world is moving so quickly that iOS is already amongst the older mobile operating systems in active development today." — The Verge
Reply
"That (the) world is moving so quickly that iOS is already amongst the older mobile operating systems in active development today." — The Verge
Reply
post #11 of 50
Quote:
Originally Posted by AnalogJack View Post

It's hard to have sympathy for people that fall for these types of ludicrous emails. "Er... hello Mr User, you are receiving this email because your bank wants to reset your password. To prove that this is not a scam email, we have sent this directly to you so you know that it is not a scam. So click on the link and then run the super secure application and enter your bank account number and password in the secure space"

"Duhh, it's not even from MY bank, but I think I'll do it eenyway... a feller cain't be too safe, I always say."
"That (the) world is moving so quickly that iOS is already amongst the older mobile operating systems in active development today." — The Verge
Reply
"That (the) world is moving so quickly that iOS is already amongst the older mobile operating systems in active development today." — The Verge
Reply
post #12 of 50
Well, I read over the whole article but I still couldn't figure who will come to a bad end first:

1. A poor slob who owns an android phone AND a Chrome computer.
2. An ignorant bozo with an android phone AND a Windows computer.

It seems like a dead heat to me....
"That (the) world is moving so quickly that iOS is already amongst the older mobile operating systems in active development today." — The Verge
Reply
"That (the) world is moving so quickly that iOS is already amongst the older mobile operating systems in active development today." — The Verge
Reply
post #13 of 50
Quote:
Originally Posted by Macky the Macky View Post

I think you just blew by the operative words in your own sentence: NO KNOWN INFECTIONS

It's not the KNOWN infections that get you. It's the ones you don't know of. Same rule for rattle snakes...

Of course they're known. As DED says there's "mass infections among large volumes of lower-end devices that are unlikely to ever receive security updates." He didn't bother posting the actual numbers since everyone already knows there's 100's of millions of Android users infected with malware.

/s
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #14 of 50
Quote:
Originally Posted by Macky the Macky View Post

I think you just blew by the operative words in your own sentence: NO KNOWN INFECTIONS

It's not the KNOWN infections that get you. It's the ones you don't know of. Same rule for rattle snakes...
Well you always have to use 'no known' as you can never be 100% sure and that counts for EVERY OS including iOS and OS X. Anyway there is no evidence whatsoever that there are infections by Gameover Zeus on Android. So the title is misleading and plain wrong.
Edited by Chipsy - 7/12/14 at 6:24pm
post #15 of 50
Operating systems evolve to survive living with viruses eventually, kinda like biological operating systems.

The human race is just playing out the perhaps billion year old process in a sociologic and technologic context.

Strange how we behave just like nature as natural beings.

I shudder to think it, but artificial intelligence will clearly supplant us. We will survive our solar system perhaps... Just not as human beings or simply biological organisms. Maybe as consciousness embedded in interacting quantum particles travelling through the cosmos.

Or maybe I have lost my mind...
post #16 of 50

Yes - Transcendence. :)

post #17 of 50
Quote:
Originally Posted by blazar View Post

Operating systems evolve to survive living with viruses eventually, kinda like biological operating systems.
...

Or maybe I have lost my mind...

The problem is that the infected organism spends a lot of time/energy doing stuff at the intruder's bidding, at the expense of the normal operation of the organism. That's why people with syphilis, polio, HIV, etc. have shorter average lifespans than the uninfected population of their peers.

 

With computing hardware, it's simply a consumption of available hardware resources. At least on PCs, most of this malware runs rather unobtrusively, without sapping too much memory, CPU, network, etc. to make a noticeable difference, which is why many of these infections go unnoticed for years.

 

For mobile devices, there is a smaller threshold of available resources. Malware will use CPU cycles, battery life, network, and storage space, and with highly constrained quantities of all those, the impact on malware on a mobile device is far more serious for the end user.

 

Healthy systems operate without malicious intruders that reasonable measures can protect against.

 

Ultimately, it will be the end user community that decides what "normal" conditions are. If having a couple of viruses on your PC or smartphone is "normal", it'll be the overall user base that comes to that acceptance, not a single organization or individual. In the same way, at some point herpes or HPV infections may become "normal" only because much of the community is infected and sees it as a normal state, like the common cold, the flu, or CMV.

post #18 of 50
Quote:
Originally Posted by Apple v. Samsung View Post

It seems pretty odd that the only info we get for android melware is that 99% of melware is targeting android. Never mind the fact that 99.5% of android phones do not have malware. Please DED stop being a disgrace to journalism and lean some objective reporting do not write an article with out including all the facts. http://bgr.com/2014/06/26/google-on-android-malware-and-security/


Oh yes... because I SHOULD believe everything that comes out from Google...

http://www.dailytech.com/Googles+Eric+Schmidt+Says+Android+is+More+Secure+Than+iPhone/article33515.htm

post #19 of 50

First of all, you do understand that the percentage of malware the Android platform is responsible for and the percentage of Android users actually infected are independent, right?

 

Second of all, Pichai's data doesn't count all the handsets on which Android runs and Google are notorious for playing games with the number depending on what they want the message to be. When they want to emphasize Android's market share domination, they roll out the "activations" number; when it's how many handsets are using the latest versions of Android, it's the handsets accessing Google Play. 

Snarky Mac commentary, occasionally using bad words.
themacadvocate.com
Reply
Snarky Mac commentary, occasionally using bad words.
themacadvocate.com
Reply
post #20 of 50
Quote:
Originally Posted by TheMacadvocate View Post

First of all, you do understand that the percentage of malware the Android platform is responsible for and the percentage of Android users actually infected are independent, right?

Second of all, Pichai's data doesn't count all the handsets on which Android runs and Google are notorious for playing games with the number depending on what they want the message to be. When they want to emphasize Android's market share domination, they roll out the "activations" number; when it's how many handsets are using the latest versions of Android, it's the handsets accessing Google Play. 
that's fair for google to do. Due to android having the capability of being an imbedded OS that means any device that uses android even if its just an ATM (yes I know those are Unix) would count for their numbers. They have to only count the percentage and android they have control of with their google play services. That does mean it will leave out all of the Chinese phones and the forked versions like the fire phone. Also it is impossible for google to count all of the other versions of android that do not hook into them. As opose to apple who most likely do the same thing is just track the unique devices connecting to iTunes to track the active devices and not just old phones being used a mp3 player in a car that never get connected to the internet.
post #21 of 50
Quote:
Originally Posted by mpantone View Post

Ultimately, it will be the end user community that decides what "normal" conditions are. If having a couple of viruses on your PC or smartphone is "normal", it'll be the overall user base that comes to that acceptance, not a single organization or individual. In the same way, at some point herpes or HPV infections may become "normal" only because much of the community is infected and sees it as a normal state, like the common cold, the flu, or CMV.

I have a hard time believing anyone who actually understands what these viruses can do will ever accept them as normal.

There is no version of the future where I will ever come to accept a program that I have no controll over running free on my system logging my passwords and rummaging through my files. Furthermore, I think there are enough people like me (not to mention corporations) that we will never give up the fight (or maybe we will all move to OSX).
post #22 of 50
Quote:
Originally Posted by TheMacadvocate View Post

First of all, you do understand that the percentage of malware the Android platform is responsible for and the percentage of Android users actually infected are independent, right?

Second of all, Pichai's data doesn't count all the handsets on which Android runs and Google are notorious for playing games with the number depending on what they want the message to be. When they want to emphasize Android's market share domination, they roll out the "activations" number; when it's how many handsets are using the latest versions of Android, it's the handsets accessing Google Play. 

Quote:
Originally Posted by Apple v. Samsung View Post

that's fair for google to do. Due to android having the capability of being an imbedded OS that means any device that uses android even if its just an ATM (yes I know those are Unix) would count for their numbers. They have to only count the percentage and android they have control of with their google play services. That does mean it will leave out all of the Chinese phones and the forked versions like the fire phone. Also it is impossible for google to count all of the other versions of android that do not hook into them. As opose to apple who most likely do the same thing is just track the unique devices connecting to iTunes to track the active devices and not just old phones being used a mp3 player in a car that never get connected to the internet.

Just curious, but why is something so simple as that "impossible"?

I think it's far harder to calculate phone usage based an sales estimates, channel stuffing, or supply channel supplies and deliveries. Yet they use these as a metric for winning every day as do bloggers, anal-ysts and the media at large.

If it is found after breaking down the true Android and Google Play numbers, that Google play has a little to no malware/trojan/virus/security risk problem, then I'll feel better recommending them*.

* Nah.... and after this Fall's iPhone release... I see no reason whatsoever for anyone that values security in the least, and only wants a bigger screen, to choose a Google Play phone. Now if a person chooses cheap/cheaper/cheapest and rootable to be able to steal apps and media, there's nothing that Apple is ever going to do officially to facilitate and please that customer. Google should also do their best to distance themselves from those people as well.... just sayin'...Let 'em go. 1smoking.gif
Knowing what you are talking about would help you understand why you are so wrong. By "Realistic" - AI Forum Member
Reply
Knowing what you are talking about would help you understand why you are so wrong. By "Realistic" - AI Forum Member
Reply
post #23 of 50
Quote:
Originally Posted by Gatorguy View Post


Hmmm, after checking articles on other sites you seem to be correct. What does Gameover Zeus have to do with Android specifically? The linked TechCrunch article makes no mention of Android at all but perhaps DED assumed no one would go and read it.
http://techcrunch.com/2014/07/11/crooks-reainmate-a-dead-botnet-to-target-high-value-bank-accounts/

Weird and deceptive headline if there's actually NO relationship which seems to be the case. 1confused.gif

 

It is a stretch.   Its not far off from:

 

Apple found to be completely insecure due to Gameover Zeus botnet!!  Microsoft uses microprocessors and has an operating system, and it was infected.  Apple too uses microprocessors and has an operating system which obviously makes it infected by association!  

 

 

Never mind that there are no known cases of Apple actually being infected, that just proves it is not secure according to Macky the Macky:


It's not the KNOWN infections that get you. It's the ones you don't know of. Same rule for rattle snakes...

 

Good entertainment though.

post #24 of 50
Quote:
Originally Posted by Gatorguy View Post

What does Gameover Zeus have to do with Android specifically? 

 

Nothing. It's a Windows virus. It's no more able to infect an Android phone than an iPhone.

post #25 of 50
While I agree the title of the article is somewhat misleading, what the article is saying is that Apple systems have inherent security built into them that Windows and Android lack. As way of example of this the article mentions the Gameover Zeus vulnerability on Windows. This is not unlike saying the British attack on Taranto in 1940 showed the vulnerability of naval vessels to torpedo attack even in a shallow protected harbor, and that Pearl Harbor--while not containing the same ships nor facing the same enemy--was similarly vulnerable. It is not that difficult to understand.
post #26 of 50
Quote:
Originally Posted by Firelock View Post

As way of example of this the article mentions the Gameover Zeus vulnerability on Windows.

 

Almost the entire article is focused on suggesting that Android is insecure. The author has seized the reanimation of a botnet which doesn't even affect Android devices as an excuse to write an Android slur piece. What does a Windows botnet have to do with Android fragmentation? Nothing.

 

It is shameless, mendacious propagandising, and Dilger needs to be called out on it.

post #27 of 50
This seems to have affected only Windows machines: http://www.us-cert.gov/ncas/alerts/TA14-150A

Not really sure why Android would enter into the picture unless the author is making a general comment on operating system security.
post #28 of 50
Quote:
Originally Posted by delreyjones View Post

If I can't feel sympathy for people who are less sophisticated than I am, why should people who are more sophisticated than me ever feel sympathy for me?  Perhaps I'll never need any sympathy because I'm perfect?1wink.gif

Hmmm.

I'm with delreyjones. We expect people to look out when crossing the road, to know that when walking by a cliff edge you need to take care, that you need to be extra attentive when riding a bicycle in traffic and so on. Computers have been around quite a while. Newspapers continually contain sotories of hacks, scams, phishing, scam emails and so on. Banks continually send messages to customers telling them not to reveal their personal details or hand over their bank details via emails that don't specify their name and so on.

What would you say to someone who received a printed letter at their home with something like "Dear householder, we have recently noticed irregularities in your bank account and before we shut it down we need you to phone the number below where one of our customer representatives will take your account details and PIN and check that your security details are correct and if so we can re activate your account. This is a genuine message from your bank dear householder please phone us immediately. Your security is important to us." Would you expect them to follow those instructions?

Would give them sympathy? Or would you think that if they managed to open a bank account in the first place they really ought to be careful with whom they share their information.

Oh, by the way, can you send me your home address and front door key because I just need to check that your domestic security systems are up to date. You can trust me. Honest ... 1hmm.gif
post #29 of 50

Articles like this help to reinforce just how secure Android is.  If the best someone like DED, who has an obvious vendetta against Android, can come up with then things are definitely looking good for Android.  Trying to bash Android security by writing about a Windows virus, or by bringing up a 3 year old article about an obscure 3rd party keyboard (an article posted a week or two back) smacks of desperation.  Obviously there's no real threats to write about if this is what's ending up in the articles.

post #30 of 50
Quote:
Originally Posted by AnalogJack View Post

It's hard to have sympathy for people that fall for these types of ludicrous emails. "Er... hello Mr User, you are receiving this email because your bank wants to reset your password. To prove that this is not a scam email, we have sent this directly to you so you know that it is not a scam. So click on the link and then run the super secure application and enter your bank account number and password in the secure space"

The biggest segment of the population susceptible to this sort of scam is the elderly.  Judging from the people I meet in my mother-in-law's retirement complex I see why criminals target the old folks, both on computers and via telephone.  They just don't get any of this, but that doesn't diminish their desire to be part of the modern world.  Even my 84 year old Dad who is pretty smart (petrochemical engineer) fell for a phone call from an India based company that called him to report that he had viruses and malware on his computer.  Of course they wanted to sell him something to fix the problem.  Fortunately, about halfway through the call he figured out something wasn't right and hung up on them.  I don't think he pays any attention to these sorts of emails you mention, but I worry that someday he might.  He runs anti-virus, anti-malware regularly so I guess that's a good thing.  I wish I had pushed harder for him to get a Mac 15 years ago instead of Windows.  Oh well.

 

The sophistication of computer users covers a pretty wide gamut of experience levels.  There will always be people using computers who do so only in a highly superficial level.  There is not much we can do to help them - other than say "Get a Mac." and hope they think before they click.

post #31 of 50
Quote:
Originally Posted by AnalogJack View Post

It's hard to have sympathy for people that fall for these types of ludicrous emails. "Er... hello Mr User, you are receiving this email because your bank wants to reset your password. To prove that this is not a scam email, we have sent this directly to you so you know that it is not a scam. So click on the link and then run the super secure application and enter your bank account number and password in the secure space"

Just so you know, the reason people fall for these, is that they aren't expecting it. Your average person spends maybe 3 seconds reading an email, not scrutinizing it. This is is why these things still exist. It's why SPAM email still exists. That 0.01% of people who didn't pay attention is enough reason for them to keep doing it.

As for how Android devices are getting infected. The ad networks are the primary vector. Windows users who aren't paying attention accidentally install malware that then infects their mobile device because it has an IP on the same local subnet. Good ol Network Address Translation is not a firewall. So when you have a compromised device inside, then every device is vulnerable. Those "retired" old devices that are still plugged in, those last-generation Android's and iPhone 3G's, everything.

That's why Enterprises shouldn't even consider using Android unless they get a promise from the OEM+Wireless carrier that it will be on top of updates or they pay penalties. If this was a decade ago, no carrier would want to sell Android devices as their enterprise customers would be demanding replacements every few months due to not being up to date. Microsoft at least keeps on top of security updates for Windows, and doesn't have the OEM or a service provider hamstringing the update process. That is where Windows and Android differ.

Google could have more luck with chromebooks if they were actually useful for anything. People don't want them because they are even weaker than iPad's.
post #32 of 50
Quote:
Originally Posted by Misa View Post

Google could have more luck with chromebooks if they were actually useful for anything. People don't want them because they are even weaker than iPad's.

I like the ChromeBook and their very useful. There isn't much you can't do on the web anymore, I can access Microsoft Office online and iCoud to do my office work, use OneDrive and Google Drive to store all of my files including photos, use Pixlr and Fotor to edit my photos, use Cloud 9 and Shift Edit for my programming needs, use NetFlix and Zattoo to watch TV or Movies online, use Audio Tool and Audio Sauna to make awesome music, use Spotify and Groove Shark to listen too awesome music. The list of things I can do with my ChromeBook is very long, in fact I would bet you 100 dollars that I do more with my ChromeBook then you do with your main computer running Windows or OSX. Including installing Ubuntu into Chroot so I can use both Chrome OS and Ubuntu in the same run time. Do you know what a seasoned Unix girl like me can do with just a command line, I could touch you like you've never been touched before.:err: 

When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
post #33 of 50
Quote:
Originally Posted by Suddenly Newton View Post
 

"Trust me"... classic Get A Mac ad.
 

Yep, my favorite was the security guy standing behind and interrupting PC saying, "Cancel or Allow" and then something about coming to a "sad realization." Just brilliant.

 

Second favorite, the cheerleaders, "We're number one!" and without missing a beat after being corrected by Mac guy, "We're number two!"

 

Still makes me smile.

 

Best

post #34 of 50
Quote:
Originally Posted by blazar View Post

Operating systems evolve to survive living with viruses eventually, kinda like biological operating systems.

The human race is just playing out the perhaps billion year old process in a sociologic and technologic context.

Strange how we behave just like nature as natural beings.

I shudder to think it, but artificial intelligence will clearly supplant us. We will survive our solar system perhaps... Just not as human beings or simply biological organisms. Maybe as consciousness embedded in interacting quantum particles travelling through the cosmos.

Or maybe I have lost my mind...

Interesting, I've read (so it must be true!) that the human body has about 50 trillion human cells (give or take a few trillion) and about 10 times that amount of bacteria cells and viruses. It's just that the bacteria cells are so small.

 

However, to give it some perspective, the human cells, if all gathered in one place on the body, would comprise only about the size of one leg, below the knee.

 

The rest is "detritus!"  :)

 

I may have the 50 trillion wrong.

 

Oh well, probably not the right thread for this post! :)

 

Best.

post #35 of 50
Quote:
Originally Posted by Relic View Post

Quote:
Originally Posted by Misa View Post

Google could have more luck with chromebooks if they were actually useful for anything. People don't want them because they are even weaker than iPad's.
I like the ChromeBook and their very useful. There isn't much you can't do on the web anymore, I can access Microsoft Office online and iCoud to do my office work, use OneDrive and Google Drive to store all of my files including photos, use Pixlr and Fotor to edit my photos, use Cloud 9 and Shift Edit for my programming needs, use NetFlix and Zattoo to watch TV or Movies online, use Audio Tool and Audio Sauna to make awesome music, use Spotify and Groove Shark to listen too awesome music. The list of things I can do with my ChromeBook is very long, in fact I would bet you 100 dollars that I do more with my ChromeBook then you do with your main computer running Windows or OSX. Including installing Ubuntu into Chroot so I can use both Chrome OS and Ubuntu in the same run time. Do you know what a seasoned Unix girl like me can do with just a command line, I could touch you like you've never been touched before.1bugeye.gif  

Thanks for those photo sites. I'm on an iPad right now and both want me to install in app. The Fotor guys allowed me to skip that, so I thought I could do it online, but it turned out they want me to install Flash. It looks like it's more designed for the desktop/laptop when not on an iPad.

Good luck with everything that's going on...
I’d rather have a better product than a better price.
Reply
I’d rather have a better product than a better price.
Reply
post #36 of 50
Quote:
Originally Posted by PhilBoogie View Post


Thanks for those photo sites. I'm on an iPad right now and both want me to install in app. The Fotor guys allowed me to skip that, so I thought I could do it online, but it turned out they want me to install Flash. It looks like it's more designed for the desktop/laptop when not on an iPad.

Good luck with everything that's going on...

Thank you so much, I just got out of the recovery room about 20 minutes ago, went in at 14:00. Normally I would sleep the rest of the day but I find myself restless. It has a lot to do with the pain meds, they gave me this stuff called Fentanyl, there's a tiny bag inside a machine, with a cable connected to a button, push the button and I hear kung fu phooey sing Fank Sintra songs. I saw the nurse program it and I memorized the pass code 34672 to unlock and reprogram the little guy. I of course would never ;). Even funnier before I took the medi-copter to Geneva the medic asked me if I had a fear of flying, I told him as long as they stay in the air I shouldn't have a problem. Until I saw how I would be flying.

 

 

The patient regardless of their state has to lay down, now he did prop me a little up so I could see out the window but for some reason my heartbeat started to rise 20 minutes into the flight, the heart monitor was reading 115bps. He said he was going to give me something to relax, I woke up in Geneva. I over heard the medic tell the doctors when they dropped me off they dripped 20ml of Valium every 20 minutes, yep, when fed through an IV that would knock out a bear. Any way they taped the Valium syringe to my IV bagged and it was still their the next day, they forgot it, hehehehe, I'll save it when I get bored. Don't judge, the only thing that's even remotely enjoyable about my situation is the techno color array of meds, pink ones, blue ones, red ones, George takei, "ooohhhh mmmyyyy".

When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
post #37 of 50
Quote:
Originally Posted by Relic View Post

^ post

Great! So good to read that you're wide awake, reasonable quick after the operation. And good to not hear anything that you dislike at the moment, but rather feel the need to post yet another funny story, stories actually, and I commend you on the lightness you seem to be carrying this. I feel relieved, and it's all because of your funny posts. Thanks Relic!

I sure hope you don't reprogram that jukebox; may many people after you have been released from the hospital be just as surprised as you were.

I seriously hope you meant to write 115bpm instead of seconds, lol.

If that Valium didn't already did it for you, I think that Vodka the med in the helicopter is passing over to you did 1cool.gif

All joking aside, I hope you can get some rest and will be out in no time.

Best to you!
I’d rather have a better product than a better price.
Reply
I’d rather have a better product than a better price.
Reply
post #38 of 50
Quote:
Originally Posted by PhilBoogie View Post

Great! So good to read that you're wide awake, reasonable quick after the operation. And good to not hear anything that you dislike at the moment, but rather feel the need to post yet another funny story, stories actually, and I commend you on the lightness you seem to be carrying this. I feel relieved, and it's all because of your funny posts. Thanks Relic!

I sure hope you don't reprogram that jukebox; may many people after you have been released from the hospital be just as surprised as you were.

I seriously hope you meant to write 115bpm instead of seconds, lol.

If that Valium didn't already did it for you, I think that Vodka the med in the helicopter is passing over to you did 1cool.gif

All joking aside, I hope you can get some rest and will be out in no time.

Best to you!

No it was in seconds, see my father was a hummingbird and my mother was never satisfied. Oh wow, Freddrik you lasted .005 seconds that time. I keep pissing off my nurse, I still have all of that surgical gunk on me you know that iodine stuff, anyway he wants to clean me up and put a gown on me, but what's the point, I have another surgery in the morning, 4 in total to look forward too. Plus I'm just way too comfortable right now for someone to wash and dress me, even if he is cute, so I keep pretending I'm asleep. Not working though as the glow from my iPad is showing through the sheets, damn. You know in this situation Google Glass just might be a cool idea. I'm in the Childrens ward because my doctor works predominately with children who have cancer, anyway the gowns here have cartoon characters, so cute and I my bed had a teddy bear in it when I got here. When the nurse went to take it away I grabbed it from her and yelled mine! "Your going to be problem patient aren't you", you have no idea sister.1smile.gif His name is Phillybearly, thank you for all of your kind words, your a wonderful person and you always bring a smile to my face, Phillybearly is blowing you a kiss.
When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
post #39 of 50
Quote:
Originally Posted by Relic View Post

No it was in seconds, see my father was a hummingbird and my mother was never satisfied. Oh wow, Freddrik you lasted .005 seconds that time. I keep pissing off my nurse, I still have all of that surgical gunk on me you know that iodine stuff, anyway he wants to clean me up and put a gown on me, but what's the point, I have another surgery in the morning, 4 in total to look forward too. Plus I'm just way too comfortable right now for someone to wash and dress me, even if he is cute, so I keep pretending I'm asleep. Not working though as the glow from my iPad is showing through the sheets, damn. You know in this situation Google Glass just might be a cool idea. I'm in the Childrens ward because my doctor works predominately with children who have cancer, anyway the gowns here have cartoon characters, so cute and I my bed had a teddy bear in it when I got here. When the nurse went to take it away I grabbed it from her and yelled mine! "Your going to be problem patient aren't you", you have no idea sister.1smile.gif His name is Phillybearly, thank you for all of your kind words, your a wonderful person and you always bring a smile to my face, Phillybearly is blowing you a kiss.

Hang on there relic. Valium was the best drug (vasectomy) took my GF out for dinner afterwards....(Indian food) I've never been so "witty!"

Best regards,

& Phil (boogie) is a good guy!
post #40 of 50
Quote:
Originally Posted by Relic View Post

^ post

LOL at that nurse of yours, some things never change.

What has changed is my not knowing you went in for no less than 5 surgeries. Sounds like they know exactly what they're doing, which gives me confidence. And with that I look forward to many more of your witty posts, and technical knowledge.
I’d rather have a better product than a better price.
Reply
I’d rather have a better product than a better price.
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Mac OS X
  • Gameover Zeus botnet reanimated, exposing the harm in "open" Android, Windows malware platforms
AppleInsider › Forums › Software › Mac OS X › Gameover Zeus botnet reanimated, exposing the harm in "open" Android, Windows malware platforms