jansson_mark
Markus Jansson
Premium
join:2001-08-05
Finland
| reply to Name Game
Re: Acer puts Active X hole on laptops
said by Name Game  :My advice to anyone who buys a new PC or laptop especially some of those Dell's  would be to wipe it clean, reformat the whole drive and then have a tech reinstall the OS.. Unfortunally some manufactorers/resellers do NOT provide you with clean install XP cdroms, but rather their OWN restore cdroms...or in some cases simply some bizarre "recovery feature" (like hidden image stored in unpartitioned hdd space) that can only be activated with some bizarre programX inside the computer. This sucks. Really.
All what I want from manufactorer is XP:s install cdrom and possibly the drivers disk (or simply mentions about what drivers are needed). Thats all I need. 
--
My computer security & privacy related homepage »www.markusjansson.net Use HushTools or GnuPG/PGP to encrypt any email before sending it to me to protect our privacy. |
|
novaflare
The Dragon Was Here
Premium
join:2002-01-24
Barberton, OH
| said by jansson_mark :said by Name Game :My advice to anyone who buys a new PC or laptop especially some of those Dell's would be to wipe it clean, reformat the whole drive and then have a tech reinstall the OS.. Unfortunally some manufactorers/resellers do NOT provide you with clean install XP cdroms, but rather their OWN restore cdroms...or in some cases simply some bizarre "recovery feature" (like hidden image stored in unpartitioned hdd space) that can only be activated with some bizarre programX inside the computer. This sucks. Really. All what I want from manufactorer is XP:s install cdrom and possibly the drivers disk (or simply mentions about what drivers are needed). Thats all I need. Know what you mean. The restore info isnt so much on unpartioned space its on a hidden (only from windows) partion. Its visable on most through good old fdisk if not fdisk its visable from a linux boot or live cd. Been a while sense i used fdisk but i beleive it has a option in there some where to create a hidden partion. Or maybe you simply leave them as a inactive partion.
The so called restore cds are more often than not the program x you mention and all the restore data or at least most is on the partion.
The single biggest problem with such partions is even though windows do not see them some truely nasty little viris and trojans do and because these are almost never more than fat 32 partions no security rules effect the partion. Non admins have full read right delete access to said partion.
So basically you execute viri x as non admin limited user and nothing happens then one day you decide youve got to much crap on your comp and restore to factory default. Now this viri x gets installed during restore and your screwed.
Lucky for all of us these little nasties are few and far between. Ive seen 3 examples of them in something like 8 years of cleaning up infections.
As for the whole not including a xp/os disk that just pisses me off. Personally i dont care one way or the other. I can get xp pro full retail version for 150. The guy who i buy from will be selling the vista ultimate edition just as relitivly cheap when its released same for all other versions. When i bought my xp pro i paid 199 instead of 299 so i fully expect vista ultimate to be about 200 cheaper from him than any where else.
Want cheap and 100% legal copies of windows oses shop the mom and pop shops. Forget online sales forget big retailers go mom and pop shops. The way such shops see it if they can cut you a great deal on a computer or hardware or software youll bring them all your buissness. Then they can make more of your hard earned money even when something might be a little more expensive.
--
Evil does exist and it has a face to often that face is one that should look on their child with love in their eyes.
Instead only hate exists in those eyes. |
|
severach
join:2002-09-12
Jackson, MI
| reply to jansson_mark
You can make your own disk for any brand. You only need to run that infested OEM install just long enough to grab a few things. My Acer doesn't have that malware.
»www.msfn.org/board/index.php?showtopic=63258 |
|
La Luna
Surviving Ashraful
Premium
join:2001-07-12
Warwick, NY
clubs:
 ·Optimum Online
 ·Vonage
| said by severach :You can make your own disk for any brand. You only need to run that infested OEM install just long enough to grab a few things. My Acer doesn't have that malware. » www.msfn.org/board/index.php?showtopic=63258 Comparatively speaking, Acer puts a lot less crap on their OEM's than many other brands. They didn't even pre-install Norton AV that came with mine, like so many others do.
This appears to be more of an error on their part, rather than a purposeful "malware" install.
--
~~Well, I think you're crazy, I think you're crazy, I think you're crazy, just like me...~~
|
|
javaMan
Premium,MVM
join:2002-07-15
San Luis Obispo, CA
| said by La Luna :. . . This appears to be more of an error on their part, rather than a purposeful "malware" install. Certainly true but it does demonstrate the vulnerability inherent in ActiveX. Well, maybe not so much ActiveX as the trustworthiness of the those who use it. Which, in the end, is perhaps really the same thing.
--
Woe unto them that call evil good, and good evil; that put darkness for light, and light for darkness. . . Isa. 5:20 |
|
La Luna
Surviving Ashraful
Premium
join:2001-07-12
Warwick, NY
clubs:
·Optimum Online
·Vonage
| said by javaMan :said by La Luna :. . . This appears to be more of an error on their part, rather than a purposeful "malware" install. Certainly true but it does demonstrate the vulnerability inherent in ActiveX. Well, maybe not so much ActiveX as the trustworthiness of the those who use it. Which, in the end, is perhaps really the same thing. Well, I think most of us already knew about ActiveX vulnerabilities (didn't we? ).
I'm glad they at least patched this pretty quickly, once they were alerted to it.
--
~~Well, I think you're crazy, I think you're crazy, I think you're crazy, just like me...~~
|
|
sharpy merc
join:2003-01-28
England
1 edit | said by La Luna :I'm glad they at least patched this pretty quickly, once they were alerted to it. What do you mean alerted to it. They put it on the bloody thing in the first place!
Kinda like "oops we forgot...Sorry people our bad."
more like " Oh crap we got caught!" |
|
javaMan
Premium,MVM
join:2002-07-15
San Luis Obispo, CA
| said by sharpy merc :said by La Luna :I'm glad they at least patched this pretty quickly, once they were alerted to it. What do you mean alerted to it. They put it on the bloody thing in the first place! Kinda like "oops we forgot...Sorry people our bad." more like " Oh crap we got caught!" I think in reading about it there was a note somewhere that mentioned that it wasn't even being used anymore and apparently no one had bothered to follow up and remove it. It was just being installed for no reason other than to serve as a possible vector for disastrous abuse. 
--
Woe unto them that call evil good, and good evil; that put darkness for light, and light for darkness. . . Isa. 5:20 |
|
La Luna
Surviving Ashraful
Premium
join:2001-07-12
Warwick, NY
clubs:
·Optimum Online
·Vonage
| reply to sharpy merc
said by sharpy merc :said by La Luna :I'm glad they at least patched this pretty quickly, once they were alerted to it. What do you mean alerted to it. They put it on the bloody thing in the first place! Kinda like "oops we forgot...Sorry people our bad." more like " Oh crap we got caught!" Tinfoil anyone?
Please read the article. 
--
~~Well, I think you're crazy, I think you're crazy, I think you're crazy, just like me...~~
|
|
