![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Images from a flat spin.
Feb. 18th, 2009 05:24 pmMother-in-law/Landlord got her Land Tax bill today. Last year it was $8500 or so. This year it is over $20,000. She is, somewhat understandably, a little freaked. And as our low rent is dependant on her ability to subsidise us, so are we.
There are several varieties of virus/trojan/worm going around which have in common that they use the autorun.inf file as vector. The first time I ran into this, once I figured out what was going on, I was a little impressed. Now I just want to find 1. everyone responsible for making this possible, and 2. everyone who takes advantage of (2)'s culpable stupidity, and beat them all to a fine paste. Like Microsoft, I will put forward a reward to my finding these people. The reward is that you get to help me in the aforementioned beatings. There was one yesterday for which the user was continually in my face (“it's still not working. It's still not working. It's still not...”), until I re-ghosted his machine: completely nuked it fresh. This morning, he comes in saying that it's infected again. His USB key, the one I had scanned and thought was OK, had reinfected him. It had the autorun.inf on the key, and the infection itself was hidden as a boot-time system file, one set in \WINDOWS\ini (this directory should not exist), and the other in \WINDOWS\Fonts (there should be no executables in there, no *.exe, no *.dll. And the usual hidden dlls in \WINDOWS\SYSTEM32\ and \WINDOWS\SYSTEM32\DRIVERS. I really have better things to do with my life.
Why, in the name of all that's holy, does the autorun.inf have the power to insert arbitrary dlls into Windows Explorer (and thus effectively the kernel) just by sticking a disk into a drive? Why the fuck are you able to change the very way the file browser, and by extension, the OS operates simply by inserting a disk, before you've had a chance to agree to anything? Autorun.inf is useful for 1. autostarting a program (if you have decided to allow it to, otherwise either ask every time or simply don't and make people click on a link like they had to in the old days, and 2. changing the favicon for the device. That's it. Whoever decided to make it able to arbitrarily insert dlls into explorer should be strung up by their genitals and beaten like a piñata. Fuck!
And I read today that someone has pointed out that the .desktop files in KDE and Gnome have similar power (although not the all-encompassing power as in Windows, but its bad enough).
Creating the image for the labs continues apace. After an email pointing out that I didn't know where to even find half the things I had to install, and that I could find, I had no idea which bits to install, and what license servers to use, and, and, and... I had people replying that they were putting it in the file store as they were typing, or the precise path in the tangled mess which is the ECR repository where I could find the exact version with the proper hacks needed to work... Each major package adds another 1-2GB to the image. And in the interest of students from anywhere in Engineering being able to work in any lab in Engineering, they all have to be installed everywhere. There are about 10 of them. Give you an idea: one of them is MatLab. And it's not one of the biggest. This is going to be a monster image. Then we (I) have to start figuring out the Default profile, and setting up two of them so that the image can be used if the machine has to be used as a standalone instead of on the AD, and then seeing if all this crap still works when you log on as a user, and, oh christ can I get drunk yet?
On a complete tangent: LUST!
And completely unconnected, “... But that hasn’t stopped neoclassical economists from touting how great their theory is, nor from making pronouncements that indicate they still really don’t get it.” Shorter Steve Keen: NeoClassical Economists don't only not know what they're talking about, they either don't realise that they don't know, or else they're wilfully ignoring anyone who tries to point out that their assumptions are just as often completely insane.
What was once BoltWatch, and then became the Blair/Bolt Watch Project, has expanded its mandate and is now based at Crikey! as Pure Poison. “And you know what? It’s not just a duty - taking these guys on is actually a pleasure. The columnists we’ve been watching - and the ones we’ll be adding to the roll at Pure Poison, from both the left and right - produce volumes of the stuff each week. A lot of it is so disingenuous, misleading, nasty or simply nonsensical that it’s extremely satisfying to send up. All that’s needed is a space in which to do it, and an audience that’s been looking for an antidote to this sort of malevolent intellectual dishonesty.”
There are several varieties of virus/trojan/worm going around which have in common that they use the autorun.inf file as vector. The first time I ran into this, once I figured out what was going on, I was a little impressed. Now I just want to find 1. everyone responsible for making this possible, and 2. everyone who takes advantage of (2)'s culpable stupidity, and beat them all to a fine paste. Like Microsoft, I will put forward a reward to my finding these people. The reward is that you get to help me in the aforementioned beatings. There was one yesterday for which the user was continually in my face (“it's still not working. It's still not working. It's still not...”), until I re-ghosted his machine: completely nuked it fresh. This morning, he comes in saying that it's infected again. His USB key, the one I had scanned and thought was OK, had reinfected him. It had the autorun.inf on the key, and the infection itself was hidden as a boot-time system file, one set in \WINDOWS\ini (this directory should not exist), and the other in \WINDOWS\Fonts (there should be no executables in there, no *.exe, no *.dll. And the usual hidden dlls in \WINDOWS\SYSTEM32\ and \WINDOWS\SYSTEM32\DRIVERS. I really have better things to do with my life.
Why, in the name of all that's holy, does the autorun.inf have the power to insert arbitrary dlls into Windows Explorer (and thus effectively the kernel) just by sticking a disk into a drive? Why the fuck are you able to change the very way the file browser, and by extension, the OS operates simply by inserting a disk, before you've had a chance to agree to anything? Autorun.inf is useful for 1. autostarting a program (if you have decided to allow it to, otherwise either ask every time or simply don't and make people click on a link like they had to in the old days, and 2. changing the favicon for the device. That's it. Whoever decided to make it able to arbitrarily insert dlls into explorer should be strung up by their genitals and beaten like a piñata. Fuck!
And I read today that someone has pointed out that the .desktop files in KDE and Gnome have similar power (although not the all-encompassing power as in Windows, but its bad enough).
Creating the image for the labs continues apace. After an email pointing out that I didn't know where to even find half the things I had to install, and that I could find, I had no idea which bits to install, and what license servers to use, and, and, and... I had people replying that they were putting it in the file store as they were typing, or the precise path in the tangled mess which is the ECR repository where I could find the exact version with the proper hacks needed to work... Each major package adds another 1-2GB to the image. And in the interest of students from anywhere in Engineering being able to work in any lab in Engineering, they all have to be installed everywhere. There are about 10 of them. Give you an idea: one of them is MatLab. And it's not one of the biggest. This is going to be a monster image. Then we (I) have to start figuring out the Default profile, and setting up two of them so that the image can be used if the machine has to be used as a standalone instead of on the AD, and then seeing if all this crap still works when you log on as a user, and, oh christ can I get drunk yet?
On a complete tangent: LUST!
And completely unconnected, “... But that hasn’t stopped neoclassical economists from touting how great their theory is, nor from making pronouncements that indicate they still really don’t get it.” Shorter Steve Keen: NeoClassical Economists don't only not know what they're talking about, they either don't realise that they don't know, or else they're wilfully ignoring anyone who tries to point out that their assumptions are just as often completely insane.
What was once BoltWatch, and then became the Blair/Bolt Watch Project, has expanded its mandate and is now based at Crikey! as Pure Poison. “And you know what? It’s not just a duty - taking these guys on is actually a pleasure. The columnists we’ve been watching - and the ones we’ll be adding to the roll at Pure Poison, from both the left and right - produce volumes of the stuff each week. A lot of it is so disingenuous, misleading, nasty or simply nonsensical that it’s extremely satisfying to send up. All that’s needed is a space in which to do it, and an audience that’s been looking for an antidote to this sort of malevolent intellectual dishonesty.”
