Posted on 11/28/2001 1:28:10 PM PST by Don Joe
Oh, I see your point... let's trivialize one of the largest IT research firm in the world.
I agree with you.
I agree 100%. Unfortunately not everyone understands that... hence the OS Holy Wars that erupt every now and then.
"Why, flashing bios is nothing difficult for a virus. I don't see the difficulty in flashing an additional controller driver into bios."
Neither do I. I do see a problem with the BIOS booting after you put the bullet in its head. (See my DTK adventure for reference.)
I've heard of badware trashing CMOS. I've never heard of badware installing drivers into it, let alone doing so and retaining the ability to boot (let alone adding badware code to the BIOS too, so that it could install the driver onto a hard drive!).
On a suspect 440BX-2 motherboard I put in a blank HD that had been stored for 11 months then loaded DOS 6.22, then Windows 3.1. In both installs I found two comm.drv files of differing sizes and dates. 3.1's install was buggy so I went to '98. When I upgraded to '98 I had dual instances from kernal32 and the OS installed the hardware twice. Once on one boot, then again on a second boot. Both the comm.drv's were in '98 as well. At the second boot the CPU usage would spike to almost 100%. It was rather straight-forward. In '98 I checked the properties of the newer driver and it identified itself as the "NT5" version. This occured via a blank HD and write-protected archive media that hadn't been used in years. In any event to be sure about what I'd found I isolated the worm to a CDR and after cleaning the network chose a machine to recreate the problem. I infected and cleaned it 3 times to be sure of the infection course and how to clean it. Trend, Symmantic, AVG, and McAffee all reported the sytstem was 'clean' when it was infected with the driver and/or the virtual root trojan. The fix was a bit drastic but it worked: 1) write 0s to the drive, power off, remove the HD. 2) Flash the bios, power off and remove the CMOS battery for a min. 3) Reconnect, reinstall. That's the only thing I found which worked. If I just zeroed the HD it would load up with the NT5 comm.drv sending calls to the OS, ergo it was in bios. You do know the NT5 comm.drv is a network comm.drv? I had no intention of that owning my NT4 machines.
Now that you've described it, it seems fairly obvious that the badware took over some area of the hard drive that was normally invisble (i.e., blocks of "bad" sectors, a micro-partition, etc.), and stored it's crapload there. When you flashed your BIOS, you probably cleared out the drive table which was probably modified by the badware to hide an area on the hard drive.
BTW, why was your BIOS left in writeable condition? Don't most motherboards come with the jumper defaulted to the R/O position?
You are very arrogant. So was Bill Clinton.
Why do you insist on playing the pointless-points game?
Wow, that's quite the epiphany!
Does this mean that Hizbollinux will be calling off the Jihad any time soon?
"I agree with you."
It's an immutable law of nature. When the rabbit population skyrockets, so does the coyote population. When cities outlaw the right to carry a pistol, armed robberies skyrocket. The prey-predator relationship is carved into the fabric of creation. The idea that the proliferation of a standard OS would not result in it being targetted by predators is absurd.
Let's say some program Microsoft wrote had a security problem, and the software ran on Windows and Macintosh. Would you blame the Macintosh or Windows operating system? No, it's a software bug.
What you are saying is because it comes with Linux, then it appears to a novice that it's a Linux problem? Sure, the same goes for Windows when someone gets a Word virus, it seems like a Windows problem.
You, however, claim to be knowledgable about computers. You know that a security problem with ICQ or IIS is not, stricly speaking a problem with the operating system. Surely you see that a buffer overflow vunderability in WU-FTP is not a Linux problem.
It would be nice if you were to tone down your posts, too.
I'm not the type to quietly take a beating without making it at least equally costly to the initiator.
You mean pointless point scoring like this?
Don Joe to Blade:
Don't forget to take your Dramamine!
Are you related to Casey Stengle?
Yup, it's Binary Blade, the Sailor! (Sung to the tune of Barnacle Bill...)
BTW, you forgot the part about shooting the kid.
Barnacle, I'm afraid you Just Don't Get It. But don't feel bad.
The syndrome is common to the Eunichs community. Perhaps hormone injections might help? :)
Don Joe, you're a joke. Style over substance, just like Bill.
Coming from you, that's quite the compliment.
IOW, dig yerself, man.
Are all the u-weenies such pathetic can-dish-it-out/can't-take-it lusers?
My granddaddy used to say if you wrestle a pig, all you do is get dirty and make the pig happy. Want to participate in Unix vs. Windows flame wars? Go read comp.os.linux.advocacy. You don't win arguments by stooping to your adversary's level.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.