Forum Viruses? Options

[uuf6429]

[sarcasm]Wow thats so smart of you, i wish i could be like you some day[/sarcasm]

Some people around here can do what I'm trying to do.
Others show of their knowledge on how certain sites pick up quickly reports about malware.
While the majority of the others try to show of their intelligence by being ignorant.

If only you checked who found about this problem and our starting discussion on how it would be fixed, you'd be less sceptic.

[Jumpey]

@uuf6429: You obviously don't get how browser security works. Whether or not a particular browser can view the iFrame or not, it depends on the browser's security holes. It's like what you posted about Chrome, some browsers have some security problems others don't. This uses an ActiveX control, which is only supported in IE, so there is reason to believe it is only a problem in IE. However because there is also something to do with Java, it could easily still be a problem with other browsers. Also, calm down.

[uuf6429]

@uuf6429: You obviously don't get how browser security works. Whether or not a particular browser can view the iFrame or not, it depends on the browser's security holes. It's like what you posted about Chrome, some browsers have some security problems others don't. This uses an ActiveX control, which is only supported in IE, so there is reason to believe it is only a problem in IE. However because there is also something to do with Java, it could easily still be a problem with other browsers. Also, calm down.

Absolutely not true.
An iframe can't be "insecure" other wise, you can't login gmail or GA (because it uses an iframe) or see certain sites.
For example, some sites use Iframes as index/page such as phpmyadmin or the online MSDN another example is several CMS and web panels like cPanel and Parallels.
And no, this particular hack isn't just one.
On firefox it tries crashing it with various tachniques or using a jar file (which work for all browsers).
As I said, ActiveX is just a part of all the hacks.
You'd be a complete idiot to believe a browser is secure as long as it's not IE.
No browser is 100% secure.

My suggestion is never trust a browser which says it's highly secure (unless it is verified).

Also, I've been using IE most of the time, without ever being infected. For the simple reason that I use common sense and not accepting anything that pops up.

This post has been edited by uuf6429: Sep 8 2008, 09:26 AM

[cambesa]

won't this forum just fix the problems instead of all user searching for new browsers?
i guess it could easily be solved by the programer's of the forum.
im using a proxy server now but normally i used the newest firefox.

[Dangerous_Dave]

won't this forum just fix the problems instead of all user searching for new browsers?
i guess it could easily be solved by the programer's of the forum.
im using a proxy server now but normally i used the newest firefox.

Problem is the only people with access to the source code aren't online. That's what we are all waiting for.

[uuf6429]

Jumpey - Also, your point doesn't make sense.

If iframes are insecure, why not just remove them? What makes a browser determine if an iframe is good or bad?
It's just as if you entered a url in the address bar. How does the browser know if it's good or not?
If iframes where bad, they would have been pulled out from browsers, but in fact they are not.

This post has been edited by uuf6429: Sep 8 2008, 09:31 AM

[Jumpey]

@uuf6429: You obviously don't get how browser security works. Whether or not a particular browser can view the iFrame or not, it depends on the browser's security holes. It's like what you posted about Chrome, some browsers have some security problems others don't. This uses an ActiveX control, which is only supported in IE, so there is reason to believe it is only a problem in IE. However because there is also something to do with Java, it could easily still be a problem with other browsers. Also, calm down.

Absolutely not true.
An iframe can't be "insecure" other wise, you can't login gmail or GA (because it uses an iframe) or see certain sites.
For example, some sites use Iframes as index/page such as phpmyadmin or the online MSDN another example is several CMS and web panels like cPanel and Parallels.
And no, this particular hack isn't just one.
On firefox it tries crashing it with various tachniques or using a jar file (which work for all browsers).
As I said, ActiveX is just a part of all the hacks.
You'd be a complete idiot to believe a browser is secure as long as it's not IE.
No browser is 100% secure.

My suggestion is never trust a browser which says it's highly secure (unless it is verified).

Also, I've been using IE most of the time, without ever being infected. For the simple reason that I use common sense and not accepting anything that pops up.

The thing is, it isn't an iFrame issue, the iFrame is just a tool to use the virus. The virus is what can be 'insecure', if you know what I mean. I know that browsers other than IE are also insecure, just in different ways. I love IE, I use it every day.

[uuf6429]

So what is your point?!

If I found the exploit, I found where it is - that is, from the actual code, I wrote two reports about it one to YYG and one to Google, does that automatically make me ignorant on how browsers work?
I would rather say the opposite.

Also, you are incorrect there.
The virus is not in the iframe; the iframe leads to three others.
Last I checked, one of them was empty, another had the virus/hacks in a lot of obfuscated javascript (of course I do know how to change it back) and the last one had some XSS exploits which can be exploited from any browser.
The only difference with IE is the hack with ActiveX. But I can't see why people pick on IE when other browsers are just as insecure.
And by the way, all of this ActiveX stuff is nonesense. If you'd been anywhere near developing browser plugins, you'll find that ActiveX can be run just as well in browsers like firefox.

This post has been edited by uuf6429: Sep 8 2008, 09:42 AM

[t3mp3st]

This uses an ActiveX control, which is only supported in IE, so there is reason to believe it is only a problem in IE. However because there is also something to do with Java, it could easily still be a problem with other browsers. Also, calm down.

I wouldn't count on any particular browser being completely safe. I normally use Firefox, and was playing with Chrome. Unfortunately, Firefox's warning seems to break certain forum tools for me, such as an IP search. Chrome is worse, as any search I attempt with it always seems to trigger flood control. Eventually, I ended up using Opera last night as it was the only browser I could actually moderate with. Note that all that time, while I received browser warnings, there was no antivirus warnings triggered. Also, a full scan last night came up fine.

This morning though, I received one as soon as I came here, with Opera, now quarantined. In a case like this, I think it's security settings that are more relevant than what browser is actually used.

[Jumpey]

So what is your point?!

If I found the exploit, I found where it is - that is, from the actual code, I wrote two reports about it one to YYG and one to Google, does that automatically make me ignorant on how browsers work?
I would rather say the opposite.

My point is that, this is wrong:

Do not come up with ideas of "this browser is better then that". This system is exactly what iframes where designed for - and it is not in the least harmfull.
Plus, if your browser doesn't support iframes, and is immune to this, it is not at all good as iframes are very important in web design.
So does not getting warnings/errors of any kind, can count there browser as ****.

Because the iFrames aren't the problem. We don't really know what browsers are effected by this, do you want to give it a try? I don't think so.

I wouldn't count on any particular browser being completely safe.

Trust me I know, I tell people that all the time.

[uuf6429]

Because the iFrames aren't the problem. We don't really know what browsers are effected by this, do you want to give it a try? I don't think so.

Can you please just try and read the other posts?
As I said, most browsers are suspectible to attacks include:
Internet Explorer, Firefox, Opera, Safari, Chrome...
Please note that some browsers can block the attack including IE Firefox and Chrome.
Also please change that "we" to "I". Seriously you can't expect everyone not to read anything but just write up things like you do?!

As t3mp3st said, it is a matter of configuration not browser.

Trust me I know, I tell people that all the time.

No I don't.
So you know that a browser is completely safe, but you don't know a thing about web coding?
Then you must be a genius! Or the opposite... Fair is fair.

This post has been edited by uuf6429: Sep 8 2008, 10:16 AM

[Jumpey]

Because the iFrames aren't the problem. We don't really know what browsers are effected by this, do you want to give it a try? I don't think so.

Can you please just try and read the other posts?
As I said, most browsers are suspectible to attacks include:
Internet Explorer, Firefox, Opera, Safari...
Also please change that "we" to "I". Seriously you can't expect everyone not to read anything but just write up things like you do?!

As t3mp3st said, it is a matter of configuration not browser.

Trust me I know, I tell people that all the time.

No I don't.
So you know that a browser is completely safe, but you don't know a thing about web coding?
Then you must be a genius! Or the opposite...

I wasn't talking about the other posts in that situation, you're the one that keeps bringing that up over and over. Simply iFrames are not the virus, got that right? So let's move on already.

And by the way, all of this ActiveX stuff is nonesense. If you'd been anywhere near developing browser plugins, you'll find that ActiveX can be run just as well in browsers like firefox.

That is completely wrong, Firefox does not support ActiveX natively.

Trust me I know, I tell people that all the time.

No I don't.
So you know that a browser is completely safe, but you don't know a thing about web coding?
Then you must be a genius! Or the opposite...

What? I wasn't directing that at you. And I know browser security. They all have security holes, just different ones. And I am a website developer, with XHTML, CSS, JavaScript, PHP, MySQL and SQLite. I also use C++ and GML, but enough about qualifications. Anyway, look in my sig, see that userbar, I'm a moderator there. That's where we discuss things like this. We also discuss them at 110mb, I know this stuff and as far as I can see, you basically agree with me, so I don't get what the problem is.

[uuf6429]

I wasn't talking about the other posts in that situation, you're the one that keeps bringing that up over and over. Simply iFrames are not the virus, got that right? So let's move on already.

Didn't you say you don't know where is the problem?
I outlined it exactly.
Thanks for repeating my words! That's very usefull!
I know where's the problem you said it is because of the iframe - I outlined where the iframe leads to rather "then it's the virus" as you said.

That is completely wrong, Firefox does not support ActiveX natively.

It does not do that natively. But there are a lot of quirks to do that.
In fact I know about 3 of them, one of which is my own proud invention. This sort of thing can be done:
-Using one of the several IE extensions (IE render/IE tab)
-Overriding buffers to make the browser execute binary code
-Using java jars to run system dlls, executables and of course even activex.

What? I wasn't directing that at you. And I know browser security. They all have security holes, just different ones. And I am a website developer, with XHTML, CSS, JavaScript, PHP, MySQL and SQLite. I also use C++ and GML, but enough about qualifications.

Great. Sorry, got that wrongly.

Anyway, look in my sig, see that userbar, I'm a moderator there. That's where we discuss things like this. We also discuss them at 110mb, I know this stuff and as far as I can see, you basically agree with me, so I don't get what the problem is.

Me either. But rather then a discussion forum, I discuss facts with wildlist.org and some other advisory organizations .

This post has been edited by uuf6429: Sep 8 2008, 10:15 AM

[uuf6429]

Just got an email back!

It seems the guys at Yoyo are trying to fix this. Horay!
Let's cheer them up!!

[Jumpey]

I wasn't talking about the other posts in that situation, you're the one that keeps bringing that up over and over. Simply iFrames are not the virus, got that right? So let's move on already.

Didn't you say you don't know where is the problem?
I outlined it exactly.
Thanks for repeating my words! That's very usefull!

Yeah, but I said it first.

I know where's the problem you said it is because of the iframe - I outlined where the iframe leads to rather "then it's the virus" as you said.

I never said that the iFrame was the virus. Either you have me mixed up with someone else, or you have to reread my posts. I have been saying the opposite of that since the start.

That is completely wrong, Firefox does not support ActiveX natively.

It does not do that natively. But there are a lot of quirks to do that.
In fact I know about 3 of them, one of which is my own proud invention. This sort of thing can be done:
-Using one of the several IE extensions (IE render/IE tab)
-Overriding buffers to make the browser execute binary code
-Using java jars to run system dlls, executables and of course even activex.

I was only saying that as an example, and most people probably don't have that add-on. By the way, thanks for repeating what I said, lol.

[uuf6429]

Yeah, but I said it first.

Said what? I never mentioned that sort of thing!
I've been saying how it exactly is and people keep saying I'm inventing stuff!
If you don't want to believe me, check it yourself!
I never said the iframe is a virus - I've been saying this from the start! I said the iframe leads to a virus.

I never said that the iFrame was the virus. Either you have me mixed up with someone else, or you have to reread my posts. I have been saying the opposite of that since the start.

So why did you say:
-You have no idea where there is the problem
-You have no idea which browsers are affected
You're just manipulating what I keep saying to your needs!

I was only saying that as an example, and most people probably don't have that add-on. By the way, thanks for repeating what I said, lol.

ARE YOU DUMB ARE WHAT?! A virus maker uses the working "exceptions" or "quirks".
The point is, this can be done, period.

This post has been edited by uuf6429: Sep 8 2008, 10:33 AM

[Jumpey]

I'm beginning to think you don't understand English very well, either that or you read too fast. Because everything you said in your previous post was misinterpreting what I said.

Yeah, but I said it first.

Said what? I never mentioned that sort of thing!
I've been saying how it exactly is and people keep saying I'm inventing stuff!
If you don't want to believe me, check it yourself!
I never said the iframe is a virus - I've been saying this from the start! I said the iframe leads to a virus.

What? I said I said it first, not you said it first. And I wasn't talking about that. For the last time, we both agree.

I never said that the iFrame was the virus. Either you have me mixed up with someone else, or you have to reread my posts. I have been saying the opposite of that since the start.

So why did you say:
-You have no idea where there is the problem
-You have no idea which browsers are affected
You're just manipulating what I keep saying to your needs!

Those are just small clips of what I said, they mean nothing without context. And with context, they did not mean that. I have always said that the iFrame is not the virus. For the last time again, I agree with you.

I was only saying that as an example, and most people probably don't have that add-on. By the way, thanks for repeating what I said, lol.

ARE YOU DUMB ARE WHAT?! I virus maker uses the working "exceptions" or "quirks".
The point is, this can be done, period.

I know it can be done, I said it can be done first, period.

[Aragon1029]

In FireFox I have no issues when looking around. On IE McCaffee alerts me and says "Trojan removed" and IE blocks some addon "Remote Service Control". (Oh and IE crashed lol)



This post has been edited by Aragon1029: Sep 8 2008, 10:42 AM

[death-droid]

I get lots of problems first it comes up with the reported attack site warning thing then since i just happened to of had AVG installed it comes up with warning saying that it has Exploits Java Obfuscation and another warning saying Exploits Web Attacker.



This post has been edited by death-droid: Sep 8 2008, 10:48 AM

[uuf6429]

I was only saying that as an example, and most people probably don't have that add-on. By the way, thanks for repeating what I said, lol.

ARE YOU DUMB ARE WHAT?! I virus maker uses the working "exceptions" or "quirks".
The point is, this can be done, period.

I know it can be done, I said it can be done first, period.

That is completely wrong, Firefox does not support ActiveX natively.

Where did you say you said it first?
Doing that is what the Firefox team has been doing.

Why the hell did you say that Firefox doesn't natively support ActiveX?

I mean, this sort of thing is like saying "I'll stick a knife through your heart but not kill you!".
Oh yeah, it makes sense, people today would believe that.


Also, if you are so knowledgable, tell me exactly what does this attack lead to. That is which parts are being attacked, or if not exactly which parts, just say what is being done.

This post has been edited by uuf6429: Sep 8 2008, 10:52 AM