AVG Antivirus 2011

There is a phony version of AVG Antivirus 2011 going around. It tries to trick users into paying a license fee to avoid the annoying popups it produces. The real hack is that it also adds some registry entries that make most major browsers run the fake program instead.

If you want to get around this, rename your browser executable file names. Get rid of "avg.exe: that is located in C:\Program Files\AVG Antivirus 2011. You should also delete C:\Windows\system32\iesafemode.exe. A good antivirus such a Spyware Doctor can help rid you of this nuisance.

How does the program hijack the other browsers? It adds some registry keys in HKEY LOCAL MACHINE. Specifially there is an ImageFileExecution Options location in the registry that allows you to redirect iexplore.exe, chrome.exe, firefox.exe, and any other executable name. The fake AVG Antivirus 2011 intercepts these and all other popular web browsers. What an effort.

Use for Old Computers

I just read an article on the many uses of old computers. The best ideas seemed to be ways to allow your computer to be used by others over the net. One obvious use is to let the old computer serve up torrent files. Even a lanky old Pentium came server this purpose.

Another noble use for your old PC is to have is join the TOR network. This essentially allows users to hide their location and identity. It makes it harder for somebody to track their internet traffic. The goal of this system is to provide personal freedom. The software is open source. It is good for IRC, Instant Messaging, and web browsing.

Finally you can install the BOINC client on your computer. It lets you choose worthy projects for your computer to work on during idle processing. For example, you can help the search for extra terrestials by choosing the SETI project. If your old computer has a graphics processing unit (GPU), it will help the effort even more. Now there is no need to junk that old PC. Put it to good use.

Two Tales of a Hacking

Markus Frind, founder of dating web site Plenty of Fish, says his site got hacked last week. The hacker got away with user email addresses, user names, and passwords. Plenty of Fish has since reset the passwords.

Frind accuses Chris Russo as the hacker. He said it took Russo 2 days to break into their system. Then Frind states that Russo called Frind's home to extort him. He says that Russo is a 23 year old from Argentina. Frind says Russo wanted access to all the source code from Plenty of Fish, as well as unspecified money for "security services".

Chris Russo, on the other hand, says he only reported a bug. He discovered a vulnerability that affected all 28 million Plenty of Fish user accounts. The vulnerability was fixed. Russo goes on to say that Plenty of Fish wanted to hire him as a security professional.

The specifics of the vuln were based on a Microsoft SQL Server injection hole. It allowed a hacker to make a full backup of the database. You combine that with the fact that Plenty of Fish stores user passwords in plain text, and you get disaster. So who are we going to believe here? I bet like most cases, both sides are telling some truth, and are also adding some lies. It really seems like a mess.

Anonymous was not Really Anonymous

I saw an interesting article on Arstechnica about the FBI raiding people in the Anonymous group. However the real gem was all the reader comments on the post.

Here is what went down. In the USA, the FBI raided the houses of a number of members in the group called Anonymous. They must have been a part of a recent DDOS attack, and used their own computers in their houses. In other words, they got tracked down.

Anonymous says they launched the DDOS as a method of protest. They used the low orbit ion cannon app to blast some web sites. Well if you are going to protest, you got to be ready for the cops to round you up and cuff you.

People are calling the Anonymous DDOS team a bunch of script kiddies. Whatever they are, it looks like the FBI literally was busting down their doors. Couldn't these so called hackers have used some unsecure WiFi that belonged to someone else?

Nope. It looked like they downloaded "loic.exe" onto their own computers and ran it. The thing that is strange is that the FBI usually does not kick down doors when following up on white collar crime like DDOS attacks. Perhaps the Anonymous crew was exaggerating a bit.