Outragious behavior of moderators :(

Discussion in 'other anti-trojan software' started by johny23, Sep 18, 2003.

Thread Status:
Not open for further replies.
  1. johny23

    johny23 Guest

    When I posted the "paper" about vulnerablities in the trojan hunter 3.0 program. It was ment to inform people that this program is NO good and can be easy bypassed. so they can take precautions.

    Now I see this thread is "under investigation" and closed. Why ?

    The info in the paper is correct and working.

    Why not keep users informed about it ?

    I also see that this locked post is now made by "Wizard" > so he's running with the credits in discovering a major flaw in the TH3 program.

    If this is the way these post are handled > thanks but no thanks. You really upset me. What's the point of posting papers with bugs into this forum anyway then ?

    I'm so upset, i'm gonna post the same paper in to other well known forums also.

    So people know atleast the truth. And are not being kept blind. and thinking they got a good trojan defence.

    Johny23
     
  2. waldo

    waldo Registered Member

    Joined:
    Jun 30, 2003
    Posts:
    14
    That's correct Johny ! The thread should have been open and naked into this forum. > i saw it yesterday evening, and it's scaring, and sad. :'(

    But please keep it in the forums !

    So that in the meanwile people can take precautions or buy another AT because Trojan hunter is completely compromised.Waldo
     
  3. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :D hi johny23 i know exactly how you feel and been in the same boat i posted stuff befor and was spank very hard.

    :)but now when i look back i actualy kinda deserve most of it.

    johny23 dont take it personaly i think you took it the wrong way.

    see here at wilders when you bring some major major news like you did on exploits when they say under investigation.

    what there doing is checking in to your story by literly testing it out them selfs to see if its true.

    there not being evill mean or out to get you they just want to make sure.

    now i know right about now if your anything like me your thinking but why?


    well johny23 alot of the programers to all the security applications hang out here and we dont want finachaly damageing posts like that if theres a chance that there no truth to it could be sued and stuff.

    but if there is truth your post usealy goes back up and your names back on it or they ask you to repost it.

    then they usealy contact the programer and make them alware of the exploit so they can fix it

    but i was very surprised the mod didnt explaine this he probably was to tired or forgot

    so dont take it personaly

    im loved by alot here or i like to think so and i get the same thing you get when i post like that.

    basicly they just want to be sure and let the vendores defend there product or give them a chance to fix it
     
  4. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    Threads reporting software integrity faults are often, and rightly, locked while the moderators investigate them. The is in order to prevent propagation of exploits by publishing exposures and ensure validity of claims so that legal action by affected parties can be avoided. The mods will, typically, check the validity of the claims, advise the vendor so that a fix can be made available, and reopen the thread.

    All perfectly reasonable and honourable, and happens from time to time.
     
  5. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    Outrageous behaviour of moderators, or outrageous behavior of script kiddies making childish posts?

    The moderators are just doing their job, and a good one at that. The two 'articles' that attack those two scanners are very amateurish and have the credibility of a chain letter.

    There are places where responsible vulnerability disclosure occurs, where vulnerability discoverers work alongside the developers to release a fix for the patch. The discovered is accredited with the discovery, a patch is made available, and everyone's happy.

    The author(s) of those articles seem intent only on one thing - trying to make a program look as bad as they can. They've failed, and only succeeded in making themselves look stupid, which probably explains why they're hiding behind anonymous logins and posting via public proxy servers so they can't be traced -- they don't want to be discovered.

    Justify their posts at your own peril.
     
  6. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :D yup just what check out said usealy its perty speedy because they check out the info then contact the programer with an e-mail

    then they repost or ask you to post it up algain some times regardless if the vendor fix it or not because the vendor might just not fix it at all so wilders did there job by makeing them alware of the problem.

    if there to lazy to fix it then people really need to be alware of the vunrablitys and thats why this bords here to make sure all us newbies are safe

    the team here dont want us useing faulty software or recomending faulty software

    thats why wilders is the best
     
  7. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :eek: :doubt: whoa wayne upset that not good did some one say something bad about tds or something?


    :doubt:hmmm youthink wayne wouldnt get mad he usealy has to deal with stuff like that all the time because tds is the best lots of people mainly badys are jealiouse of the sucess of tds

    wayne this is normal because when your at the very top of food chaine every one wants your spot as number one.

    shouldnt take it personaly should feel complimented that they all want your spot lol

    plus you deal with this stuff alot

    shouldnt let people get to you like that.

    every one who knows and uses tds will they all know its the best

    the mods take care of the rest every one gets a fair hand shake
     
  8. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    > whoa wayne upset
    You misinterpreted my post then. I saw the thread, rolled my eyes, and that was pretty much that.

    Anyway, back to work ...
     
  9. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :D there we go lol
     
  10. illukka

    illukka Spyware Fighter

    Joined:
    Jun 23, 2003
    Posts:
    633
    Location:
    S.A.V.O
    this is old news, wonder why they dug it up again? same names posted these @ dslreports. you can read magnus' response to an earlier posting of the same stuff here: http://www.dslreports.com/forum/remark,5921894~root=security,1~mode=flat
     
  11. Andreas Haak

    Andreas Haak Guest

    Don't use KAV, cause its completely compromised.
    Don't use McAfee, cause its completely compromised.
    Don't use BOClean, cause its completely compromised.
    Don't use IKARUS, cause its completely compromised.
    Don't use NAV, cause its completely compromised.
    Don't use ANTS, cause its completely compromised.
    Don't use TDS-3, cause its completely compromised.

    Every product that is a little bit known is already completely compromised ... you just have to know where the information about the product are :).
     
  12. waldo

    waldo Registered Member

    Joined:
    Jun 30, 2003
    Posts:
    14
    So, Andreas, if all these well known programs are compromised in one way or the nother....

    Why don't you recommend me a program that is know to be safe (until proved otherwise offcourse). I do like to be secure you know.

    Thanks,


    Waldo
     
  13. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    100% of of all existing products including Human Being is vulnerable to something. Nothing is safe 100%.


    tECHNODROME
     
  14. waldo

    waldo Registered Member

    Joined:
    Jun 30, 2003
    Posts:
    14
    Offcourse not, this is discussion is held already TO many times.

    But i was just curious what utulity that Andreas would mention, known to be safe and uncompromised...

    Waldo
     
  15. Andreas Haak

    Andreas Haak Guest

    You simply don't understand the rule. Its not a question if a product is good or bad. Its a question of popularity. If I give you a name it will become more and more popular. That means: More and more script kiddies will search for weaknesses. It would only cost a few days until they break through the encryption of the database and know what the program is looking for (like in the case of KAV or McAfee for example).
     
  16. Why hasn't anyone noticed that the report pertains to TH 3.0., and TH is now at 3.6? :mad:
     
  17. Andreas Haak

    Andreas Haak Guest

    Cause signatures are still working the same :). The algorithms to generate the fingerprints is changed only in version 4.0 - not in the other versions.
     
  18. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    This thread cracks me up..just like the one you posted earlier and waldo's idea of posting it all at DSLR again.

    Main reason..as you all play around with words and your private lab tests since that dumb exploit was posted back in Jan 2003...

    HOW MANY ACTUAL USERS OF TH WERE EVER COMPROMISEDo_O?
    None :D

    If you have proof otherwise...post it or forget it. Not only back then but Now.

    All this proof of concept crap turns out to be an Urban Legend and to now jump on all the Security Forum moderators just because you can not play the game with cat in the hat's toy every 2 or 3 month or so is a credit to all Security Forum who know when you are trying to sell a bucket of rotten fish.
     
  19. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :DDon't use air, cause its completely compromised.
    Don't use internet, cause its completely compromised.
    Don't use any operating system, cause its completely compromised.
    Don't listhen to blaze , cause he's completely compromised.
    Don't look at porn on net , cause its completely compromised.
    Do use ANTS, cause its not completely compromised.
    Don't use call out or eat any fast food, cause its completely compromised.

    Every product that is a little bit known is already completely compromised ... you just have to know where the information about the product are such as the parnoyed times,the examiner, and let not forget about the one paper with alien babys and mothers who love them lol
     
  20. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    If you all want to go back further in time..start posting this one... :D :D


    It never hurt a fly on the real world...but it was fun.


    *****************************
    Number of macros: 1 (German version of Word)
    2 (Any other version of Word)
    Encrypted: Yes
    Macro names: LoneRaider (LoneRaiderTwo)
    Size of macros: 3463 Bytes
    Place of origin: Germany
    Date of origin: Unknown
    Destructive: No
    Common In-The-Wild: No

    Target activates when the assigned key (SPACE) is pressed. Target
    is an attempt to fool heuristic macro virus scanners. Its virus macros
    do not contain the command to copy viruses. Instead it creates a
    second macro (LoneRaiderTwo) and copies all the commands for activation
    and infection into it. After execution the second macro is deleted.
    As a result, some heuristic scanners do not flag Target as suspicious.
    When Target is activated from a non-German version of Microsoft Word it
    will not spread and the second macro will not be deleted.

    Upon pressing "SPACE" on January 1st of each year, Target creates a new
    document with the following text in it:

    " Enjoy the first F/WIN Killer! "
    " LoneRaider! "
    " Nightmare Joker "
    " 1996 "

    When Target was released to the public, F-WIN Heuristic Anti-Virus,
    written by Stefan Kurtzhals, was unable to detect Target due to the
    reasons above. This was changed immediately and every up-to-date
    Anti-Virus program should be able to catch this virus.
     
  21. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
  22. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,617
    Location:
    Canada
    Primrose, thanks for your reply. ;)

    I fully agree with you. :)
     
  23. Dan Perez

    Dan Perez Retired Moderator

    Joined:
    May 18, 2003
    Posts:
    1,495
    Location:
    Sunny San Diego
    At last!!! A voice of reason!!! :D :D :D
     
  24. illukka

    illukka Spyware Fighter

    Joined:
    Jun 23, 2003
    Posts:
    633
    Location:
    S.A.V.O
    blaze compromised... jeeez i second that.. maybe he should be patched, runtime packed/crypted or something
     
  25. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    >> blaze compromised... jeeez i second that...

    No, that's only an issue if you don't use Blaze v2.0, the Wilders approved version. ;)
     
Thread Status:
Not open for further replies.