272 replies to this topic

[rotwhip]

In response to post #12667693.

anyone can upload a virus to pretty much any site, it has nothing to do with the site in question, just the nature of download sharing... its a fickle thing

[matortheeternal]

In response to post #12620702. #12621112, #12621592, #12622432, #12622682, #12624352, #12630543, #12632403, #12645533, #12646528, #12647793, #12650258, #12662378, #12664298, #12665133 are all replies on the same post.

@Vicalloise:
http://xkcd.com/936/

Also, someone should make a family board game with computer security as the central theme. Players could start out by coming up with a password and then other players do various things in the board game to attempt to get it (e.g. "brute force" card, "system upgrade: CUDA" card, "rainbow table" card, "MD5 hashed and salted" card, etc.). It'd really teach you about what is a secure password and what isn't.

Also, changing your password "on a regular basis" is something that only extremely security paranoid people do. Most people can't do that because it just isn't feasible. It's better to have levels of security. E.g. bank account & email -> financial/personal (e.g. facebook, paypal) -> primary forums/services/games -> rarely visited/used sites/services/games. Thus you change the highest tier passwords often (~once every 3 months), and the lower tiers rarely. You can also share passwords between lower tiers if you want, though I recommend inserting the output of a non-trivial algorithm applied to trivial information at the beginning, end, or inside of a base password.

Or you could just use the xkcd method I listed above. That's pretty family friendly.
correcthorsebaterystaple!

[matortheeternal]

In response to post #12620702. #12621112, #12621592, #12622432, #12622682, #12624352, #12630543, #12632403, #12645533, #12646528, #12647793, #12650258, #12662378, #12664298, #12665133, #12672953 are all replies on the same post.

oh, also:
article about password restrictions
https://defuse.ca/pa...ll-of-shame.htm

[LarryBurstyn]

Speaking as an EX-hacker. I can say I first did it just because I was curious about what people were doing on their computer and IF I could actually break into their systems. As it turns out for me it was easy but I was never a "destroyer" in that I never put anything into another persons system that would harm it or any program they were using. And I never stole anything from them except DATA. And even then I was careful that even the data I looked at did not compromise their funds except for one time when I informed everyone for a company that they were paying people different amounts for the same work based on sex and race--that led to a major EEO lawsuit against the company.
edit
I left hacking when the Congress starting passing laws making it ILLEGAL.
endedit


After that I worked with companies as a computer security advisor. I have also worked as a beta tester (for PAY). I must inform everyone I work for where I have access to the computer system that I was once a hacker. And for some reason I must not use or reveal my hacker name. I revealed my id when I reported a "hole" in the defense departments network (MILNET) in the late 1970's.

Edited by LarryBurstyn, 08 March 2014 - 04:13 PM.

[zcul]

Thank you for sensitizing us ....

[bben46]

If you are suspicious of a file - you can run it through VirusTotal - It uses 40 something antivirus programs to check a file - and it can do it from a url - so you don't even have to open it on your computer. It's FREE and uses many of the most popular antivirus programs as well as a few more obscure ones.

Link: https://www.virustotal.com/

 

This is not a stand alone antivirus and cannot be installed on your computer to watch for viruses. It scans one file at a time that you send it. This is good for cross checking false positives as most of the time a false positive will only show up on one or two antivirus programs and not a dozen. While an actual virus makes it light up across the board with 20 or more hits.

 

The last actual virus I found with it it showed 34 out of 41 'hits'  - that means that out of the 41 antivirus programs that it used, 34 flagged that file as a possible virus, but 7 missed it entirely. Of those that missed, several were well known. Out of curiosity, I scanned that same file a day later and got 40 hits with only one obscure program still not detecting it.

[tonyold1]

Thank you for the information re the files, it is sad that scumbags like them use a great site like this for their own twisted idea of fun or money making be vigilant folks & if you spot them let's all dump on them!!!! Long live Skyrim Nexus.

[adelinadragonborn]

Thanks for Warning!

But honestly i downloaded the one called MO v1.2 just to check what it contains, and when i found only one executable file, I check it with my NOD32 AV, but it was clean (old virus bases, i suppose).

Even after that I didn't run it. I knew it was kinda virus or harmful software...

[RadoGamer]

In response to post #12673808.

Sweet!!!

[TheLeaky]

In response to post #12663568. #12666668 is also a reply to the same post.

A lot of Anti Virus software have added internet security (rather than just scanning and detecting things after they infect/infiltrate your computer) that use a firewall to catch/block things before they get chance to get in. If you don't have a security suite that features this I'd suggest getting one but also keep a few anti-virus systems installed*.

*for instance you could have Avast/Kaspersky etc as your main internet security and MalwareBytes/SuperAntiSpyware etc as a separate system to just scan your PC when you aren't using it... or when you are, depending on the power of your PC.

This way it you'll only have one monitor program so it won't slow down your PC and the use of 2-3 virus/malware databases to clean up your computer.

TL;DR Internet security probably has a firewall, don't just settle for anti-virus software)