A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows 7 » Windows 7 Forum
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Hackers hid malware in CCleaner software



 
 
Thread Tools Rate Thread Display Modes
  #76  
Old September 21st 17, 03:57 PM posted to alt.comp.os.windows-10,alt.comp.freeware,alt.windows7.general
p-0''0-h the cat (coder)
external usenet poster
 
Posts: 114
Default Hackers hid malware in CCleaner software

On Thu, 21 Sep 2017 09:24:47 -0500, Char Jackson
wrote:

On Thu, 21 Sep 2017 10:40:47 +0100, "p-0''0-h the cat (coder)"
wrote:

On Thu, 21 Sep 2017 10:13:48 +0100, "David B."
wrote:

On 21-Sep-17 10:07 AM, p-0''0-h the cat (coder) wrote:
On Thu, 21 Sep 2017 00:01:16 -0500, Char Jackson
wrote:

On Wed, 20 Sep 2017 23:49:34 +0100, "p-0''0-h the cat (coder)"
wrote:

On Wed, 20 Sep 2017 17:26:56 -0500, Char Jackson
wrote:

On Wed, 20 Sep 2017 17:18:13 -0000 (UTC), Blake Snyder
wrote:

On Wed, 20 Sep 2017 17:11:36 -0000 (UTC), in
news
---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus

I thought I removed the errant VPN server but I realized that there was a
duplicate because there it TCP and UDP based configuration files.

So I disabled both the TCP and UDP VPN config file for the VPN server that
adds that Avast sig and header.

I can't promise the *next* VPN service won't do it but 99 out of 100 don't
add that line so most of the time this will work.

Each day there are another hundred servers that get added while another
hundred are deprecated so the list fluctuates daily.

This is a new free VPN server (just added today) so we'll see what it does.

Pretty hard to believe that a VPN server, which typically operates at
OSI Layer 3, would add (or remove) *anything* in the Layer 7 payload.

There's more to the story here. If this so-called VPN server is able to
muck around at Layer 7 for Usenet posts, what else is it doing to your
other traffic? I'd steer far, very far, from that kind of service. VPN
server, they ain't.

Meethinks it's a proxy server list.

VPN Gate clearly doesn't advertise it that way, but I think you're
right. Since the actual VPN servers are just a loose assortment of
privately owned servers running VPN software, there's no telling what
else they do to passing traffic.

I'm tempted to set one up myself, just to see what kind of goodness
passes through on a daily basis. I could free up about 20TB of drive
space to use as temp storage until I can run scripts to find the good
stuff.

On the other hand, nah, forget it.

The bottom line is if you need to use a VPN use a company you pay. With
payment you have a legal contract, and with that the ability to sue.
Pick someone who likely fears being sued and having their reputation
tarnished. So a long time player with a good reputation is ideal. Check
the service they offer in particular retention of log files and AVOID
like the plague any company that even suggests operating outside of the
law. I'd also look for a company that targets business at least as much
as individuals. Businesses are more likely to sue and sue hard if
shenanigans are uncovered.

You only need to use a little imagination to realise quite what you
could do if you had criminal or state surveillance intent.

IAWTP

The same can probably be said about newsservers! ;-)


It depends on the T&Cs of exactly what they offer of course but sure if
they offer privacy and anonymity and deletion of log files after a
lawful period etc and they fail to deliver you have greater recourse to
law with a contract. Proving loss might be more difficult. The service
is more limited and wanting to pay for legal recourse in this case is
unlikely. The fact is though that companies are more likely to work
within the law and provide what they contract to do. There are plenty of
honest people around. No guarantees though, ever. Set up your own
service if you want to approach that.

Don't think I didn't notice the nym shift. One false move and my itchy
paw will descend.


Nym shift? That was just David (resident stalker, but trying to play
nice for now) chiming in.


Well I have these filtered. The term Nym was a little sloppy.

Author: David B
Author: David B.
Author: David B.
Author:

and this one is

David B.

I might be a bit out of date a.k.a too lazy to plonk sooner.

I'm expecting the usual favour to be asked in a mo. My paw is ready.

Sent from my iFurryUnderbelly.

--
p-0.0-h the cat

Internet Terrorist, Mass sock puppeteer, Agent provocateur, Gutter rat,
Devil incarnate, Linux user#666, ******* hacker, Resident evil, Monkey Boy,
Certifiable criminal, Spineless cowardly scum, textbook Psychopath,
the SCOURGE, l33t p00h d3 tr0ll, p00h == lam3r, p00h == tr0ll, troll infâme,
the OVERCAT [The BEARPAIR are dead, and we are its murderers], lowlife troll,
shyster [pending approval by STATE_TERROR], cripple, sociopath, kook,
smug prick, smartarse, arsehole, moron, idiot, imbecile, snittish scumbag,
liar, total ******* retard, shill, pooh-seur, scouringerer, jumped up chav,
lycanthropic schizotypal lesbian, the most complete ignoid, joker, and furball.

NewsGroups Numbrer One Terrorist

Honorary SHYSTER and FRAUD awarded for services to Haberdashery.
By Appointment to God Frank-Lin.

Signature integrity check
md5 Checksum: be0b2a8c486d83ce7db9a459b26c4896

I mark any message from »Q« the troll as stinky

Ads
  #77  
Old September 21st 17, 04:03 PM posted to alt.comp.os.windows-10,alt.comp.freeware,alt.windows7.general
p-0''0-h the cat (coder)
external usenet poster
 
Posts: 114
Default 8.3 filenames (Was Hackers hid malware in CCleaner software)

On Thu, 21 Sep 2017 08:34:18 -0600, H-Man wrote:

On Wed, 20 Sep 2017 21:27:02 -0000 (UTC), Blake Snyder wrote:

On Wed, 20 Sep 2017 15:09:59 -0500, in
, Sam E wrote:

On 09/20/2017 12:11 PM, Blake Snyder wrote:

[snip]

I ask because I have a WINDOWS~ and a WINDOWS~1 that I certainly didn't
create.

WINDOWS~1 has 9 characters, so can't fit into 8.3.

[snip]


Typo.
http://i.cubeupload.com/GFf3Bx.jpg

That is a screenshot of my junk folder which contains the Windows & VIM
temps...

Never do I use capital letters or tildes in file or folder names.


It is at least plausible that the tilde at the end of the folder name has
nothing to do, at all, with 8.3 file naming convention.


According to his screenshot the folder is named WINDOW~ not WINDOWS~
which is seven characters so you may well be right.

Sent from my iFurryUnderbelly.

--
p-0.0-h the cat

Internet Terrorist, Mass sock puppeteer, Agent provocateur, Gutter rat,
Devil incarnate, Linux user#666, ******* hacker, Resident evil, Monkey Boy,
Certifiable criminal, Spineless cowardly scum, textbook Psychopath,
the SCOURGE, l33t p00h d3 tr0ll, p00h == lam3r, p00h == tr0ll, troll infâme,
the OVERCAT [The BEARPAIR are dead, and we are its murderers], lowlife troll,
shyster [pending approval by STATE_TERROR], cripple, sociopath, kook,
smug prick, smartarse, arsehole, moron, idiot, imbecile, snittish scumbag,
liar, total ******* retard, shill, pooh-seur, scouringerer, jumped up chav,
lycanthropic schizotypal lesbian, the most complete ignoid, joker, and furball.

NewsGroups Numbrer One Terrorist

Honorary SHYSTER and FRAUD awarded for services to Haberdashery.
By Appointment to God Frank-Lin.

Signature integrity check
md5 Checksum: be0b2a8c486d83ce7db9a459b26c4896

I mark any message from »Q« the troll as stinky

  #78  
Old September 21st 17, 04:34 PM posted to alt.comp.os.windows-10,alt.comp.freeware,alt.windows7.general
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default Hackers hid malware in CCleaner software

p-0''0-h the cat (coder) wrote:
On Thu, 21 Sep 2017 09:24:47 -0500, Char Jackson
wrote:

On Thu, 21 Sep 2017 10:40:47 +0100, "p-0''0-h the cat (coder)"
wrote:


Don't think I didn't notice the nym shift. One false move and my itchy
paw will descend.

Nym shift? That was just David (resident stalker, but trying to play
nice for now) chiming in.


Well I have these filtered. The term Nym was a little sloppy.

Author: David B
Author: David B.
Author: David B.
Author:

and this one is

David B.

I might be a bit out of date a.k.a too lazy to plonk sooner.

I'm expecting the usual favour to be asked in a mo. My paw is ready.

Sent from my iFurryUnderbelly.


Normally he posts from a Macintosh. Today, for giggles,
he is posting from his Win10 PC. I think this may account
for the nym shift.

By definition, you can't be the same person when you do that.

https://en.wikipedia.org/wiki/File:Getamac.png

Paul

  #79  
Old September 21st 17, 04:39 PM posted to alt.comp.os.windows-10,alt.comp.freeware,alt.windows7.general
p-0''0-h the cat (coder)
external usenet poster
 
Posts: 114
Default Hackers hid malware in CCleaner software

On Thu, 21 Sep 2017 11:34:04 -0400, Paul wrote:

p-0''0-h the cat (coder) wrote:
On Thu, 21 Sep 2017 09:24:47 -0500, Char Jackson
wrote:

On Thu, 21 Sep 2017 10:40:47 +0100, "p-0''0-h the cat (coder)"
wrote:


Don't think I didn't notice the nym shift. One false move and my itchy
paw will descend.
Nym shift? That was just David (resident stalker, but trying to play
nice for now) chiming in.


Well I have these filtered. The term Nym was a little sloppy.

Author: David B
Author: David B.
Author: David B.
Author:

and this one is

David B.

I might be a bit out of date a.k.a too lazy to plonk sooner.

I'm expecting the usual favour to be asked in a mo. My paw is ready.

Sent from my iFurryUnderbelly.


Normally he posts from a Macintosh. Today, for giggles,
he is posting from his Win10 PC. I think this may account
for the nym shift.

By definition, you can't be the same person when you do that.

https://en.wikipedia.org/wiki/File:Getamac.png


I hang with these guys.

https://vignette2.wikia.nocookie.net...20080204174319

Blue crushed velvet gloves. Ohooooooooh.

Sent from my iFurryUnderbelly.

--
p-0.0-h the cat

Internet Terrorist, Mass sock puppeteer, Agent provocateur, Gutter rat,
Devil incarnate, Linux user#666, ******* hacker, Resident evil, Monkey Boy,
Certifiable criminal, Spineless cowardly scum, textbook Psychopath,
the SCOURGE, l33t p00h d3 tr0ll, p00h == lam3r, p00h == tr0ll, troll infâme,
the OVERCAT [The BEARPAIR are dead, and we are its murderers], lowlife troll,
shyster [pending approval by STATE_TERROR], cripple, sociopath, kook,
smug prick, smartarse, arsehole, moron, idiot, imbecile, snittish scumbag,
liar, total ******* retard, shill, pooh-seur, scouringerer, jumped up chav,
lycanthropic schizotypal lesbian, the most complete ignoid, joker, and furball.

NewsGroups Numbrer One Terrorist

Honorary SHYSTER and FRAUD awarded for services to Haberdashery.
By Appointment to God Frank-Lin.

Signature integrity check
md5 Checksum: be0b2a8c486d83ce7db9a459b26c4896

I mark any message from »Q« the troll as stinky

  #80  
Old September 21st 17, 06:10 PM posted to alt.comp.os.windows-10,alt.comp.freeware,alt.windows7.general
Mark Lloyd[_2_]
external usenet poster
 
Posts: 1,756
Default 8.3 filenames (Was Hackers hid malware in CCleaner software)


[snup]

It is at least plausible that the tilde at the end of the folder name has
nothing to do, at all, with 8.3 file naming convention.


The directory has an 8-character field the name must fit in. If the
tilde isn't one of those there would have to be something to distinguish
WINDOWS~1 from WINDOWS1

--
95 days until the winter celebration (Monday December 25, 2017 12:00:00
AM for 1 day).

Mark Lloyd
http://notstupid.us/

"Atheism is not a belief in the same sense that astigmatism, rheumatism,
and botulism are not beliefs."
  #81  
Old September 21st 17, 07:31 PM posted to alt.comp.os.windows-10,alt.comp.freeware,alt.windows7.general
J. P. Gilliver (John)[_4_]
external usenet poster
 
Posts: 2,679
Default 8.3 filenames (Was Hackers hid malware in CCleaner software)

In message , Mark Lloyd
writes:

[snup]

It is at least plausible that the tilde at the end of the folder name has
nothing to do, at all, with 8.3 file naming convention.


The directory has an 8-character field the name must fit in. If the
tilde isn't one of those there would have to be something to
distinguish WINDOWS~1 from WINDOWS1

Or Window~1 from Windows1 (-:
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

'It works for me' is not the same as it isn't broke - Kenn Villegas, 2010-2-19
in
https://rwmj.wordpress.com/2010/02/1...egistry-sucks-
technically/
  #82  
Old September 21st 17, 08:18 PM posted to alt.comp.os.windows-10,alt.comp.freeware,alt.windows7.general
Blake Snyder[_2_]
external usenet poster
 
Posts: 11
Default Hackers hid malware in CCleaner software

On Thu, 21 Sep 2017 10:07:36 +0100, in
, p-0''0-h the cat (coder)
wrote:

You only need to use a little imagination to realise quite what you
could do if you had criminal or state surveillance intent.


I am not going to disagree with your intimation since I know that NK or
Russia or China, for example, has lots of money so what would it be to them
to "volunteer" to set up a few thousand of the free VPN servers (and Tor
entrance and exit nodes).

Especially when the entire vpngate.net premise is to circumvent government
surveillance.

Low latency attackers thrive on this kind of data of culling data from two
servers at the same time.

Of course, we're talking about the government spying on my Usenet posts,
which, if we think a bit more about it, won't be all that revealing to them
because they can read whatever I post right here anyway.

I realize I'm using VPN not for what most people use it for.
.. Most people use VPN to protect their data from prying eyes.
.. Not to protect their VPN server IP address.

I'm the opposite.
.. I don't care to protect the data.
.. I'm trying to hide the IP address from the hoi polloi.

Given my IP address is static and unchanging for the past decade, and given
that I post copiously to Usenet with tremendous detail, anyone who had all
my posts would be able to geolocate me down to the color of my bedsheets.

If you know of a better way to easily change the IP address while at home
for Usenet posts and web forums, please do let me (and everyone) know!

I don't know of a better method that is legal.
  #83  
Old September 21st 17, 08:24 PM posted to alt.comp.os.windows-10,alt.comp.freeware,alt.windows7.general
Blake Snyder[_2_]
external usenet poster
 
Posts: 11
Default Hackers hid malware in CCleaner software

On Thu, 21 Sep 2017 10:13:48 +0100, in news David B. wrote:

You only need to use a little imagination to realise quite what you
could do if you had criminal or state surveillance intent.


IAWTP

The same can probably be said about newsservers! ;-)


You are correct that the news servers also know your IP address and what
you post, where they know what you post from every identity.

That's why my scripts randomize certain things and lock certain things.

For example, if I read a group using a newsgroup, I use a different news
server to read that group than I use to post to that group.

That way each news server gets only half the information that the other
news server has the other half to.

Also I try to lock a VPN address to an identity at any one point in time,
so that the news server sees a consistent IP address - but of course I
can't control that IP address if it goes stale so they see a consistent
"set" of IP addresses.

I never re-use that IP address for another news server, so there shouldn't
be much cross correlation, but of course, since the resulting post is
completely in the clear, then anyone who felt like manually correlating,
would be able to do so.

The good news though with these scripts is that the news server should
never get your real IP address nor do they get your real time zone location
information nor do they get your real news client headers, etc.

But to your point, if an adversary wanted to watch the traffic of two news
servers, the one that you post to and the one that you read from, they'd
see both ends of the equation.

Again, we have to put all this "privacy" into perspective since the end
result is a Usenet message or Web Forum post that is in the clear where the
entire world can see it anyway.

It would be a different story altogether if we were trying to protect our
"data" itself.
  #84  
Old September 21st 17, 08:27 PM posted to alt.comp.os.windows-10,alt.comp.freeware,alt.windows7.general
Blake Snyder[_2_]
external usenet poster
 
Posts: 11
Default Hackers hid malware in CCleaner software

On Thu, 21 Sep 2017 10:40:47 +0100, in
, p-0''0-h the cat (coder)
wrote:

Don't think I didn't notice the nym shift. One false move and my itchy
paw will descend.


I'm not sure whom you're accusing of nym shifting but I'll just state
outright that I never nym shift within a thread or topic, out of principle.

Sometimes it accidentally happens, especially when I move from my Linux
scripts to my Windows scripts, but I try to keep accidents to a minimum.

In this case, if you noticed a nym shift in this thread, it wasn't me.
But of course, if I did nym shift, I'd deny it so I understand that you
wouldn't (and shouldn't) believe that if you were saying that it was I who
did the nym shifting in this thread.

No need to reply as I understand.
  #85  
Old September 21st 17, 08:31 PM posted to alt.comp.os.windows-10,alt.comp.freeware,alt.windows7.general
Blake Snyder[_2_]
external usenet poster
 
Posts: 11
Default Hackers hid malware in CCleaner software

On Wed, 20 Sep 2017 23:54:40 -0500, in
, Char Jackson wrote:

HOWEVER, since the actual servers that VPN Gate steers clients to are
simply volunteered for use by their owners, there could indeed be a
large helping of actual VPN servers in the mix. They don't all have to
be shady.


The good news is that only 1 out of a hundred or two hundred seem to add
those Avast header lines and signature.

Since the Avast header bothers me (because I like to control the header)
and since the Avast signature bothers others (because it just does), I
strive to remove them from the list of six thousand free vpn servers I
currently have.

However a new one can pop up tomorrow since I wget a few hundred a day.

  #86  
Old September 21st 17, 08:38 PM posted to alt.comp.os.windows-10,alt.comp.freeware,alt.windows7.general
Blake Snyder[_2_]
external usenet poster
 
Posts: 11
Default Hackers hid malware in CCleaner software

On Wed, 20 Sep 2017 13:42:39 -0500, in
, Char Jackson wrote:

Of those 6 items, I only (occasionally) do #6. I use a tool called
Duplicate Cleaner Free (https://www.digitalvolcano.co.uk/).
No idea if it's the best, but I apparently like it well enough that I've
been using it for quite a few years without wanting to find a
replacement.

I have no use for the other 6 tasks. Yes, I know what each task is
about, so no need to assume something else.


I remember that name.
I have used it in the past too.
Thanks for reminding me.

One problem with my archival method is that I didn't transfer the WinXP
archives to Win7 and then to Win10 so some of the older stuff is on a disc
somewhere in a huge pile of them.

Thanks for suggesting "DuplicateCleaner" from https://www.digitalvolcano.co.uk
oooops. Is it free?

https://www.digitalvolcano.co.uk/dcdownloads.html
This implies it's not free ... oh ... I see...

Here is the free version
http://download.cnet.com/Duplicate-C...-10584403.html
  #87  
Old September 21st 17, 09:34 PM posted to alt.comp.os.windows-10,alt.comp.freeware,alt.windows7.general
p-0''0-h the cat (coder)
external usenet poster
 
Posts: 114
Default Hackers hid malware in CCleaner software

On Thu, 21 Sep 2017 19:18:46 -0000 (UTC), Blake Snyder
wrote:

On Thu, 21 Sep 2017 10:07:36 +0100, in
, p-0''0-h the cat (coder)
wrote:

You only need to use a little imagination to realise quite what you
could do if you had criminal or state surveillance intent.


I am not going to disagree with your intimation since I know that NK or
Russia or China, for example, has lots of money so what would it be to them
to "volunteer" to set up a few thousand of the free VPN servers (and Tor
entrance and exit nodes).

Especially when the entire vpngate.net premise is to circumvent government
surveillance.

Low latency attackers thrive on this kind of data of culling data from two
servers at the same time.

Of course, we're talking about the government spying on my Usenet posts,
which, if we think a bit more about it, won't be all that revealing to them
because they can read whatever I post right here anyway.

I realize I'm using VPN not for what most people use it for.
. Most people use VPN to protect their data from prying eyes.
. Not to protect their VPN server IP address.

I'm the opposite.
. I don't care to protect the data.
. I'm trying to hide the IP address from the hoi polloi.

Given my IP address is static and unchanging for the past decade, and given
that I post copiously to Usenet with tremendous detail, anyone who had all
my posts would be able to geolocate me down to the color of my bedsheets.

If you know of a better way to easily change the IP address while at home
for Usenet posts and web forums, please do let me (and everyone) know!

I don't know of a better method that is legal.


I understand what you are doing and why you are doing it. Do I know of a
better method well these are my thoughts.

It makes sense to hide your IP from the Usenet provider for many
reasons. Even if they do hide it in the header they leak on occasion and
some of the server operators are let's say sometimes a little too close
to the action.

So you use a VPN. Fine. Not one but many. IMO not so fine.

As shown the VPN server can be a front end to other tech like a proxy
server. Proxies are old tech and there are technologies out there which
can do so much more. Anyway, bottom line here is your IP is known to the
VPN server and that means the content exposed by the proxy can be linked
to the IP address known to the VPN server.

So they gotcha. If that's what they want to do.

Most of these guys [gender non specific] are probably straight up. They
just want to scan whatever you are posting for viruses because they are
just good guys and also perhaps they want to protect themselves from
getting their arses sued etc.

But, by posting through a number of servers you are in fact increasing
the chance of encountering a bad guy.

Compare that to using just the one VPN provider. See my other post about
picking one. If you pick the right one and unfortunately I suspect you
will have to pay for it you have a far greater guarantee that your IP +
content are never linked.

Sent from my iFurryUnderbelly.

--
p-0.0-h the cat

Internet Terrorist, Mass sock puppeteer, Agent provocateur, Gutter rat,
Devil incarnate, Linux user#666, ******* hacker, Resident evil, Monkey Boy,
Certifiable criminal, Spineless cowardly scum, textbook Psychopath,
the SCOURGE, l33t p00h d3 tr0ll, p00h == lam3r, p00h == tr0ll, troll infâme,
the OVERCAT [The BEARPAIR are dead, and we are its murderers], lowlife troll,
shyster [pending approval by STATE_TERROR], cripple, sociopath, kook,
smug prick, smartarse, arsehole, moron, idiot, imbecile, snittish scumbag,
liar, total ******* retard, shill, pooh-seur, scouringerer, jumped up chav,
lycanthropic schizotypal lesbian, the most complete ignoid, joker, and furball.

NewsGroups Numbrer One Terrorist

Honorary SHYSTER and FRAUD awarded for services to Haberdashery.
By Appointment to God Frank-Lin.

Signature integrity check
md5 Checksum: be0b2a8c486d83ce7db9a459b26c4896

I mark any message from »Q« the troll as stinky

  #88  
Old September 22nd 17, 12:11 AM posted to alt.comp.os.windows-10,alt.comp.freeware,alt.windows7.general
Char Jackson
external usenet poster
 
Posts: 10,449
Default Hackers hid malware in CCleaner software

On Thu, 21 Sep 2017 19:31:31 -0000 (UTC), Blake Snyder
wrote:

On Wed, 20 Sep 2017 23:54:40 -0500, in
, Char Jackson wrote:

HOWEVER, since the actual servers that VPN Gate steers clients to are
simply volunteered for use by their owners, there could indeed be a
large helping of actual VPN servers in the mix. They don't all have to
be shady.


The good news is that only 1 out of a hundred or two hundred seem to add
those Avast header lines and signature.

Since the Avast header bothers me (because I like to control the header)
and since the Avast signature bothers others (because it just does), I
strive to remove them from the list of six thousand free vpn servers I
currently have.

However a new one can pop up tomorrow since I wget a few hundred a day.


Since it happens after your data has left your system, I guess there
isn't anything you can do to prevent it except what you're doing.

Personally, the Avast stuff doesn't really bother me, but I know it
bothers others.

This has been an interesting exercise. I had no idea that it was that
easy to become an official VPN gateway and have random people send their
traffic through. Oh, the possibilities.

  #89  
Old September 22nd 17, 12:17 AM posted to alt.comp.os.windows-10,alt.comp.freeware,alt.windows7.general
Char Jackson
external usenet poster
 
Posts: 10,449
Default Hackers hid malware in CCleaner software

On Thu, 21 Sep 2017 19:38:56 -0000 (UTC), Blake Snyder
wrote:

On Wed, 20 Sep 2017 13:42:39 -0500, in
, Char Jackson wrote:

Of those 6 items, I only (occasionally) do #6. I use a tool called
Duplicate Cleaner Free (https://www.digitalvolcano.co.uk/).
No idea if it's the best, but I apparently like it well enough that I've
been using it for quite a few years without wanting to find a
replacement.

I have no use for the other 6 tasks. Yes, I know what each task is
about, so no need to assume something else.


I remember that name.
I have used it in the past too.
Thanks for reminding me.

One problem with my archival method is that I didn't transfer the WinXP
archives to Win7 and then to Win10 so some of the older stuff is on a disc
somewhere in a huge pile of them.

Thanks for suggesting "DuplicateCleaner" from https://www.digitalvolcano.co.uk
oooops. Is it free?

https://www.digitalvolcano.co.uk/dcdownloads.html
This implies it's not free ... oh ... I see...

Here is the free version
http://download.cnet.com/Duplicate-C...-10584403.html


You got it. That's why I referred to it as "... Free" above, to call out
its freeness. In the free version, if you click the menu item to upgrade
to Pro, it gives you a bulleted list of Pro's advantages. So far, the
free version has been good enough for me.

  #90  
Old September 22nd 17, 04:04 AM posted to alt.comp.os.windows-10,alt.comp.freeware,alt.windows7.general
Blake Snyder[_2_]
external usenet poster
 
Posts: 11
Default Hackers hid malware in CCleaner software

On Thu, 21 Sep 2017 21:34:17 +0100, in
, p-0''0-h the cat (coder)
wrote:

It makes sense to hide your IP from the Usenet provider for many
reasons. Even if they do hide it in the header they leak on occasion and
some of the server operators are let's say sometimes a little too close
to the action.


It's interesting that you mention that some of the news servers leak the
nntp posting host accidentally, in the clear, which is an experience I've
had in the past (was it with Ray Bananna's server?)

I think the explanation was that the particular set of newsgroups caused
the nntp posting host to leak but I'd have to delve into the archives to
find which server it was, and why.

Certainly some servers never change their hash (the changing of which is a
basic necessity with any cipher) and others hash only half the header
information (e.g., not the nntp posting account).

If I look in my 10,000-line long obfuscation log file, last I ran tests was
*years* ago, but here's a cut and paste section to give you an idea.

// Mixmin (best for privacy because the posting host hash changes)
// Aioe (not good for privacy because the posting host hash is static)
// Netfront (horrid for privacy because the posting host is cleartext)
// Sunsite.dk (horrid for privacy because the posting host is cleartext)
// Albasani (ok for privacy because hashes change with every post)
// Blueworld (ok for privacy because hashes change with every post)
// Solani (ok for privacy because hashes change with every post)
// Eternal-Sept (terrible for privacy because the hash is constant &
static)
// News4all (ok for privacy because hashes change with every post)
etc.

As I said in another recent thread, I gave up on trusting header hash
obfuscation in favor of changing all the headers (including the account
information and IP address).

The news server header hashing is just gravy on top of my header changing.
If you know of better methods though, I'm all ears.

So you use a VPN. Fine. Not one but many. IMO not so fine.


Actually, I use about six thousand VPN servers.
Well, probably at any one time only about 600 are "active".
And for any one identity, I try to stick with the same IP address.
I do that to blend in with the herd.

As shown the VPN server can be a front end to other tech like a proxy
server. Proxies are old tech and there are technologies out there which
can do so much more. Anyway, bottom line here is your IP is known to the
VPN server and that means the content exposed by the proxy can be linked
to the IP address known to the VPN server.


Yep. Now if I could "doubleVPN" ... that would be nice!
Or if I could proxy on top of VPN (or vice versa) that would be nice.

For just one example, if I am on VPN, and if I reset my Opera unique IDs,
and if I then turn on the Opera VPN (which seems to be a proxy more than a
VPN), then Opera, supposedly, doesn't know who I am.

Does that make sense?

If I could double-vpn all ports, or proxy-vpn all ports, that doubleVPN
would be heaven (although there are always speed costs involved).

So they gotcha. If that's what they want to do.


Understood. But do you know of a better system (cost/benefit)?

Most of these guys [gender non specific] are probably straight up. They
just want to scan whatever you are posting for viruses because they are
just good guys and also perhaps they want to protect themselves from
getting their arses sued etc.


Or they misconfigured their server.

But, by posting through a number of servers you are in fact increasing
the chance of encountering a bad guy.


True dat.
You bring up all good points.
I won't disagree.

I just want good alternatives from a cost/benefit standpoint.

Compare that to using just the one VPN provider. See my other post about
picking one. If you pick the right one and unfortunately I suspect you
will have to pay for it you have a far greater guarantee that your IP +
content are never linked.


You have to pay for it anonymously, but we all know there are ways to do
that (someday I will have a need to learn how to use bitcoin).
 




Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off






All times are GMT +1. The time now is 02:55 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.