Berkeley CSUA MOTD:Entry 31066
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/05/25 [General] UID:1000 Activity:popular
5/25    

2004/6/29-30 [Computer/SW/WWW/Browsers, Computer/SW/OS/Windows] UID:31066 Activity:moderate
6/29    New trojan that steals passwd for banks:
        http://tinyurl.com/29krl
        \_ Infection is via .chm vulnerability, which is patched using
           Windows Update (available since April?), unlike the other thing
           from last week, which from last news reports was "defanged" by
           closing a specific Russian URL but the underlying vulnerability
           remains unpatched. (heck, I could write one serving from soda,
           given the existing code sample I have)
           \_ U K@n 0wn b0x-n?!  UR2 K3\/\/L!@!@!11
        \_ Does that affect Netscape on Windows as well?
2025/05/25 [General] UID:1000 Activity:popular
5/25    

You may also be interested in these entries...
2013/8/22-10/28 [Computer/Companies/Yahoo, Industry/SiliconValley] UID:54732 Activity:nil
8/22    http://marketingland.com/yahoo-1-again-not-there-since-early-08-56585
        Y! is back to #1! Marissa, you are SEXY!!!
        \_ how the heck do you only have 225M uniq vis/month when there
           are over 1 billion internet devices out there?
           \_ You think that every single Internet user goes to Y!?
        \_ Tall blonde skinny pasty, not my type at all -former Y!
	...
2013/6/26-8/13 [Computer/Domains, Computer/Networking, Computer/SW/WWW/Browsers] UID:54697 Activity:nil
6/26    This ones for you psb -ausman
        http://25.media.tumblr.com/027fe67c84c2288cc16e9c85db690834/tumblr_mp0ag8DCQI1qzwozco1_1280.jpg
        \- that's pretty good. i wish someone had put the idea to be before i saw
           it on the internet, so see if i'd have put the 9 justices in the same
           boxes. JOHN PAUL STEVENS >> All the sitting justices. --psb
        \- that's pretty good. i wish someone had put the idea to be before i
	...
2012/4/2-6/4 [Computer/SW/Languages/Java, Computer/SW/RevisionControl] UID:54353 Activity:nil
4/02    We use Perforce at work for revision control. It seems to work okay.
        Lately, a lot of the newer developers are saying that Perforce
        sucks and we should switch to Mercurial or Git. I have done some
        searching on the Internet and some others have this opinion. Added
        advantage is that Mercurial and Git are free. However, there would
        be some work to switch for the sysadmins and the developers.
	...
2012/4/26-6/4 [Computer/Networking] UID:54371 Activity:nil
4/26    I see that soda has an ipv6 address but ipv6 traffic from this box
        doesn't actually work (ping6 <DEAD>ipv6.google.com<DEAD>, ping6 http://www.v6.facebook.com
        Is this expected to work?
        \_ Soda doesn't have a real IPv6 address.  The IPv6 addresses you see
           in ifconfig are just link-local addresses; any IPv6-capable machine
           will autogenerate these, whether or not it's connected to an IPv6
	...
2011/11/8-30 [Computer/SW/Security, Computer/SW/OS/Windows] UID:54218 Activity:nil
11/8    ObM$Sucks
        http://technet.microsoft.com/en-us/security/bulletin/ms11-083
        \_ How is this different from the hundreds of other M$ security
           vulnerabilities that people have been finding?
           \_ "The vulnerability could allow remote code execution if an
               attacker sends a continuous flow of specially crafted UDP
	...
2010/11/1-2011/1/13 [Computer/Networking] UID:54002 Activity:nil
11/1    I'm moving from a home in Fremont to another home within the same ZIP
        code in Fremont, and AT&T customer service says I cannot transfer my
        DSL service because DSL is not available at my new home.  Is that BS?
        Are they just trying to push me to subscribe to their more expensive
        U-verse service?  I'm not asking for any lightening-speed connection.
            \_ could be
	...
2013/3/25-5/18 [Computer/SW/OS/Windows] UID:54639 Activity:nil
3/25    It's strange that only every other Windows version is a hit.
        NT 4.0: hit
        2000:   flop
        XP:     hit
        Vista:  flop
        7:      hit
	...
2013/2/19-3/26 [Computer/SW/OS/OsX] UID:54611 Activity:nil
2/19    I program a lot by sshing to a Linux cluster.  So I'm used to using
        Xemacs to code.  This works fine from a Linux or Windows workstation,
        but sometimes I have to use a Mac.  On Mac, the meta is usually
        bound to option, but that often doesn't work over ssh for some reason.
        This makes using emacs a real pain.  Any suggestions on how to fix it?
        (Other than "use vi")
	...
2012/3/15-6/1 [Computer/SW/Languages, Computer/SW/OS/Windows] UID:54340 Activity:nil
3/15    Why does MS put double-quotes around the '8' in Windows Server 8, like
        the following?
        - Windows 8
        - Windows Server "8"
        \_ Because when they didn't do it, code didn't see the '\0'
           and went over?  Looks better than '8','\0' *shrug*
	...
2012/2/23-3/26 [Computer/SW/OS/Windows] UID:54312 Activity:nil
2/23    fixboot wrote FAT boot sector to my WinXP hard drive.  How can I convert
        the drive back to NTFS?
        \_ Does C:\WINDOWS\system32\convert.exe work?
	...
2011/12/21-2012/2/6 [Computer/HW/Laptop, Computer/SW/Editors/Emacs] UID:54269 Activity:nil
12/21   In Emacs, how do I make it so that it will resize its screen
        when the maximum resolution of my monitor changes? When I
        use my laptop, my emacs is too big (and I can't resize it
        because the bottom-right corner is not accessible).
        \_ Which OS?  Can't you drag the top border (not a corner) to resize
           the height to be smaller?
	...
2011/5/19-7/30 [Computer/SW/Security] UID:54110 Activity:nil
5/19    Uh, is anyone still using this? Please mark here if you post and
        haven't added this yet. I'll start:
        \_ person k
        \_ ausman, I check in about once a week.
        \_ erikred, twice a week or so.
        \_ mehlhaff, I login when I actually own my home directory instead of
	...
2011/2/14-4/20 [Computer/SW/Unix] UID:54039 Activity:nil
2/14    You sure soda isn't running windows in disguise?  It would explain the
        uptimes.
        \_ hardly, My winbox stays up longer.
        \_ Nobody cares about uptime anymore brother, that's what web2.0 has
           taught us.  Everything is "stateless".
           \_ You;d think gamers would care more about uptime.
	...
2011/4/6-20 [Computer/SW/Mail, Computer/SW/Unix, Industry/Startup] UID:54078 Activity:nil
4/6     My company is evaluating version control systems. Our two candidates
        are Perforce and Subversion. Anyone worked with both and have good
        arguments one way or the other? (These are the only two options we
        have.) We're most interested in client performance, ease of use, and
        reasonable branching.
        \_ I'll be 'that guy'. If perforce and subversion are optins, why isn't
	...
Cache (3005 bytes)
tinyurl.com/29krl -> news.com.com/Pop-up+program+reads+keystrokes%2C+steals+passwords/2100-7349_3-5251981.html?tag=nefd.top
A malicious program that installs itself through a pop-up can read keystrokes and steal passwords when victims visit any of nearly 50 targeted banking sites, security researchers warned on Tuesday. context What's new: A malicious program that installs itself by way of a pop-up ad can read keystrokes and steal passwords when victims visit any one of nearly 50 targeted banking sites. Internet Storm Center, a site that monitors network threats. Even though all financial sites use encryption built into the browser to protect log-in data, the Trojan horse program can capture the information before it gets encrypted by the browser software. "The browser does not encrypt data between your keyboard and computer. Sachs said the Trojan horse was first discovered on the computer of "an employee at a major dot-com." The victim apparently picked up the program from a malicious pop-up ad that used a flaw in Internet Explorer's helper server to install itself on the user's PC. In this case, because of the computer's security settings, the installation failed. installed a toolbar on victims' computers that triggered pop-ups. This most recent Trojan horse differs from the attack software used in last week's Web site compromises but could be paired with that technique to spread spyware. Working through the weekend, the security experts reverse-engineered the program and discovered that it targeted a long list of banks and attempted to steal the account information of those institutions' customers. gif file extension, the Trojan horse appears to be a graphic in a compressed format commonly found on the Internet. In reality, it's two programs: a browser helper file that surreptitiously captures usernames and passwords; and a "file dropper" that installs the keyword logger on the victim's computer. The first file attempts to run itself by using an old Internet Explorer flaw, and the second file uses a feature of most major browsers, known as helper files, to intercept data, Sachs said. "Before data goes through your browser, it can be processed by a helper file," he said. "What makes this one really clever is that (it takes) advantage of the ability in all browsers to use helper files and defeat the encryption." Once the Trojan horse captures financial information, it encrypts the data by using a program hosted on an Internet server and sends the data back to the attackers, who appear to be in South America, Sachs said. nipped in the bud Friday, when Internet engineers managed to shut down a Russian server that had been the source of malicious code. Compromised Web sites are still attempting to infect Web surfers' PCs by referring them to the server in Russia, but that computer can no longer be reached. While the latest program is installed on Windows computers using a known vulnerability, the helper file hack exploits a feature, not a flaw, and could work with most major browsers, Sachs said. "Sometimes, there's not much difference between a feature and a flaw," he said.