[Multibooter]

About 3 weeks ago my laptop got the worst virus infection ever, with the tenga.a virus http://forum.kaspers....php/t7172.html and http://www.f-secure....s/tenga_a.shtml It was much worse than the infection I had 14 years ago with One-Half, which slowly but steadily encrypted cylinders of my HDD.

The tenga.a infection has shattered my mistaken belief that Win98 is not vulnerable to infection anymore, in 2010. Tenga.a came out around 2005 http://www.viruslist...W_never_say_die

Tenga.a infects most .exe files it can find. It has infected all FAT32-based Win98/2k/XP operating systems on my multi-booting laptop. Only one operating system/partition, an NTFS-WinXP rarely accessed, was not infected. The most serious damage was the infection of one 192GB partition of an external 1TB USB HDD, which contained about 100GB of software downloads + installable programs, many not backed up because it was a work disk.

I became aware of the tenga.a infection maybe after 5 hours, when I noticed that the disk access light kept showing activity, even when I was doing nothing on the laptop. But then it was too late, the infection had spread across operating systems/partitions, also to the attached USB HDD.

I still have no idea how I got the virus, with maybe a thousand .exe files infected. Maybe it was my bad habit of double-clicking even on suspicious files in a special test windows, and then restoring a clean test windows. Double-clicking on an infected file may have initiated the infection of a .exe on another partition, of another operating system, and started in this way an infection across operating systems.

Getting the laptop clean again was relatively easy, I had to restore all partitions/operating systems/directories from backup onto a clean virgin HDD. The major problem was to recover the infected installation sources on the USB HDD; some of them may have been lost for good.

Here some lessons I learnt from this infection:
1) Virus infection is still a real danger under Windows 98
2) The only defense against viruses like Tenga.a, if using only occasional on-demand scanning, is a very good backup and recovery procedure.
3) Don't rely on USB HDDs as a backup storage media of software because of their vulnerability to virus infections
4) Backing up installation sources onto write-once media (CD-R, DVD-R) is still an absolute must
5) Installation sources should always be backed up also into an additional .rar or .iso file, which are not as easily infected as .exe
6) It is very important to document the actual download locations of software, in case it has to be downloaded again
7) About 10% of my time with the computer is spent creating, archiving and deleting backups. This is time well spent and has saved my neck already a couple of times.
8) A spare blank HDD, of the same size as in the computer, also comes very handy if a complete HDD has to be restored from backup
9) Maybe I should look again into UDF-formatted HDDs, as supplementary backup devices which can be set to read-only and are therefore not vulnerable to virus infection.

[dencorso]

I'm sorry to hear of your system's infection. And glad to see you were able to recover fast.
I agree with most of the preventive measures you've just spelled out.

I wish to add just two or three more measures to the list:
I)Full disk dumb sector-by-sector current images of the current installation burnt to read-only optical media
(I use multi DVD+R DL images, and intend to move on to Blu-Ray soon), not older than two or three months, six in the worst case. Or that plus monthly dumb sector-by-sector current images of every partition, where feasible.
II)Up to date virus scanner on the XP partition, performing a daily scan of all the partitions (I use AVG 9).

and, if possible

III)A completely independent machine, with its installation backed up on optical media to use as a sandbox.
(I still don't have one, but that's my next move).

[Multibooter]

dencorso, on 20 March 2010 - 03:04 PM, said:

glad to see you were able to recover fast.

Getting all operating systems back to work as before took about 5 hours, from a 4-week-old backup. I am away from the US currently, so I will be able to know for sure whether I lost data on the 1 TB USB HDD when I am back in the US in June. I may have made a backup of the 192GB work partition there, before my trip, but I am not sure, I usually make backups before leaving/entering the US, there are horror stories about confiscated laptops etc.

Quote

I wish to add just two or three more measures to the list:
I)Full disk dumb sector-by-sector current images of the current installation burnt to read-only optical media
(I use multi DVD+R DL images, and intend to move on to Blu-Ray soon), not older than two or three months, six in the worst case. Or that plus monthly dumb sector-by-sector current images of every partition, where feasible.

Yes, a forensic .gho image would be excellent, but storing it onto a USB HDD might be good enough, viruses probably don't infect .gho image files on re-writable media. The tenga.a virus did not infect .iso, .rar, only executable 32-bit .exe files. I have a good .gho image of my desktop in the US, but unfortunately not of my old Inspiron laptop, which got infected, so restoring the internal HDD took quite some time. Creating a .gho image of the recovered laptop is on the top of my list now.

Quote

II)Up to date virus scanner on the XP partition, performing a daily scan of all the partitions (I use AVG 9).

I have up-to-date Kaspersky AVP v6.0.2.621 under both Win98 and WinXP, but I only scan new downloads. The infection happened very quickly, maybe 5 hours before I noticed it and ran Kaspersky, so a daily scan might not have been timely enough. Also, it was a 5-year-old virus, so a current virus signature update was not needed to detect tenga.a. I just don't know how I got tenga.a, and I suspect that only a continuously running virus-scanner could have prevented the infection .

Kaspersky is actually able to disinfect tenga-infected files. Unfortunately, the disinfected files are not identical to the original files. Some .exe files are completely destroyed by tenga, e.g. reduced from 2MB to 30kB, so the disinfected file is of no use. Other disinfected .exe files/archives differ from the original .exe, but extract the identical files as the original .exe.

Quote

III)A completely independent machine.

Yes. I had a 2nd identical Inspiron laptop with me, but only with a HDD which had older software on it, of about 2 years ago. I recovered the infected laptop with the help of this 2nd laptop: I partitioning a blank HDD in a USB enclosure connected to laptop #2, inserted the freshly partitioned HDD into laptop #1, installed DOS from a boot floppy, put the HDD back into the USB enclosure, extracted .rar partition backups (from the infected USB HDD, but the .rars were not infected!) onto the HDD, put the HDD back into laptop #1, re-installed System Commander (from a CD burnt on laptop #2 from a .iso on the infected USB HDD!) Without the 2nd laptop recovery of laptop #1 would have been much more difficult.

[dencorso]

[far away offtopic]
Multibooter, since you have many SDHC cards, you might find interesting this SATA II SDHC RAID:
Sharkoon's Flexi-Drive S2S
[/far away offtopic]

[herbalist]

I'm sorry to hear that you got hit but I am relieved to hear that you've realized that 98 is still vulnerable and not immune to attack. A good backup system for both system and data should be part of any system protection against both infection and hardware failure. That said, neither is any help against malware that steals passwords or logs keystrokes. The other problem with relying on backups is knowing when you're infected. Even on 98, malware is not always visible in process monitors. The only sure solution is default-deny and knowing every process that's allowed on your main system, and install new software on a separate test system first. It's a bit of a hassle, but much less so than cleaning up after an infection.

[Multibooter]

wsxedcrfv, on 20 March 2010 - 08:13 PM, said:

You didn't say which OS was in use at the time of the infection, so unless you know that it was Win-98 then I don't think it's valid to say that win-98 is in "real danger" (practically speaking) from unassisted infection techniques.

I just don't know under which operating system I got infected. I am switching quite frequently between operating systems, but 90% of the time I am using Win98, 10% WinXP. I can definitely exclude that I got the tenga virus via a network under WinXP since I am currently outside of the US and have changed IP settings, passwords, etc only under Win98, not under WinXP; I have currently no network/internet access under WinXP. I have not installed any new software under WinXP since I made the last clean backup and in general don't test-install software under WinXP, only under a special test-Win98. So everything points in the direction of Win98 as the first infected operating system .

Also, a 2nd WinXP on an NTFS partition did not get infected at all, which is kind of a puzzle, maybe because I use this specific operating system selection only very rarely, or because the infection started under Win98 and tenga.a could not see the NTFS partition under Win98, or because I detected the infection early on, before the infected WinXP on the FAT32 partition could infect the not-yet infected WinXP on the NTFS partition.

This tenga.a seems to be an interesting little program. If you want to investigate whether or how Tenga.a infects under Win98, send me a PM, I have enough copies.

Quote

You didn't say if you have an AV solution on the PC in question, nor what you used to identify the malware once you suspected something was wrong.

I did have, and still have, Kaspersky AV v6 with a current signature on Win98. Tenga.a was specifically detected when I ran under Win98 an on-demand scan with Kaspersky of the whole computer (except for the WinXP on the NTFS partition, invisible under Win98).

Unfortunately I initially selected maybe the first 30 infected files to be deleted, instead of having them disinfected or skipping them, so the original culprit may have been deleted. After I got aware of the extent of the infection I selected disinfection, and after a while I just stopped. When I tried to reboot, none of my Win9x/Win2k/WinXP operating system selections worked anymore, too many critical .exe files had been deleted/disinfected, only the NTFS-based WinXP still worked.

I still have the infected internal HDD, now completely disinfected by Kaspersky, and the still-infected external USB HDD (1TB), where I did not let Kaspersky delete or disinfect files. It is very easy to know, without Kaspersky, which files on the external USB HDD are infected, by just looking at the modification date: all .exe files with a modification date between Feb-28 and Mar-3 on the USB HDD are infected with tenga.

Quote

Did you make note of the time and date-stamp of the offending infector files?

There must be more than a thousand infected .exe files on the infected internal HDD and on the infected USB HDD, so it's quite time consuming to find out which .exe file got infected first. What alo complicates matters is that when Kaspersky AV identifies an instance of tenga.a, it changes the modification date of the infected .exe to the current date, even if I selected "skip".

It was very easy to identify with Beyond Compare which .exe files were infected, they all had modification dates between Feb-28 and Mar-3 (Mar-3 was the last time I ran Kasperksy on the infected internal HDD and the external USB HDD, Feb-28 was probably the date of infection). In order to repair the infected installation sources on the USB HDD I first made a copy of them, then replaced on the copy the infected .exe files, as identified with their modification date, with the corresponding .exes from other backups/rars/isos. For about 90% of the infected installation sources I had on the USB HDD also an untainted .rar file containing the whole good installation source rared up as a 2nd instance, so recreating a good installation source from the rars was not a problem. About 10% of the infected installation sources, where I had no 2nd .rar instance, I had to download again from the Internet. This was relatively fast with FlashGet because I usually document the exact download URL (not just the html download page) of files downloaded. Maybe 10 installation sources, however, did not exist anymore under their original download URL, including software purchased from Digital River, and were lost for good, unless I can find backups when I am back in the US.

BTW, I was very careful and did not get re-infected when I worked with the clean restored internal HDD on the attached infected USB HDD and on the infected internal HDD inserted into the right-bay HDD module of my laptop.

Quote

I would have submitted them to virus total and post the result URL here for us to see just which AV packages would have detected it.

Since tenga.a is an old virus, I would assume that all AV packages detect it.

Quote

Tenga spreads between systems by exploiting the RPC vulnerability described by MS03-026. Interestingly, Microsoft lists various NT-based OS's as being vulnerable, but only lists Windows ME as non-vulnerable. Microsoft says nothing about Windows 98 (even though this bulletin is dated July 2003).

When was Tenga detected for the first time? In 2003 or in 2005?

Quote

So Windows 98 is not vulnerable to the worm-like method this virus uses to spread between systems. Either you intentionally ran the infector file by mistake, or your PC was running an NT-based OS that was not patched against MS03-026 (which would mean that you were infected via network connection, possibly from another machine on your own local lan, or from a non-firewalled WAN connection).

I don't know. I usually only double-click on an unknown file after having checked it with Kaspersky, and only in a test-win98 which then gets wiped out + restored from a clean backup. I never use any MS patches, my gut feeling is that the cure is worse than the disease.

I remember having manually deleted a file dl.exe from \Win98\, possibly days before I noticed the tenga infection, because I hadn't seen it before in \Win98\. dl.exe is actually a part of tenga.a. Could it be that tenga.a contains a timer which starts to activate at the end of the month (Feb-28 = end of month), and that the actual infection occurred much earlier?

The infected laptop was connected via a peer-to-peer Win98 wireless network to another identical laptop running eMule under Win98. The eMule laptop was not infected, so the infection could not have come from the WLAN network or the eMule computer. I am using the Tiny Personal Firewall v2.0.14 on both laptops, and Tiny did not inform of any calling out from the infected laptop.

Quote

From what I read about Tenga, it only infects PE files (packed executable) and adds 3kb of additional code to the files. It should be relatively easy to remove those 3kb and restore the files to their pre-infection state. I've also read where it renames all .doc files to .scr.

I checked with Beyond Compare Hex Viewer, Tenga also makes minor changes in the initial part of the file. Kaspersky can disinfect a tenga-infected file, but the disinfected files always differed somewhere from the original uninfected files.

Usually the infected files were about 3kb bigger, with stuff mainly added at the end. Some infected .exe files, however, were really damaged (e.g. reduced from 2MB to 30kb), a few infected files were even a little smaller than the original uninfected file.

[Multibooter]

herbalist, on 21 March 2010 - 12:36 AM, said:

I am relieved to hear that you've realized that 98 is still vulnerable and not immune to attack.

Vulnerable to old viruses like Tenga, but Win98 has probably a very low vulnerability to new malware.

I am still puzzled on how I got this Tenga infection. It's quite unlikely that such an old virus still exists in the wild. The last WildList if have seen which mentions Tenga.a is of March 2007 http://www.wildlist....List/200703.htm , with a stated date of Feb-2006.

I have been fiddling around during the past year with my old software archives, stuff from many years ago. Maybe I got the infection from old stuff in my archives, maybe some Jurassic-Park-type self-inflicted pain. Maybe I was not aware of the danger lurking in old software archives.

In any case this tenga infection shows that an old virus can still be a pain years later. I wonder whether Tenga runs under Vista/Win7. Because of its ability to infect USB HDDs and across operating systems it's still a very dangerous little program.

Quote

The only sure solution is default-deny and knowing every process that's allowed on your main system, and install new software on a separate test system first. It's a bit of a hassle, but much less so than cleaning up after an infection.

This will take a lot of time, and may be good on a system to which few new applications are added. My Win98 may eventually become such a system, but currently I am still installing a lot of new stuff under Win98.

I have budgeted about 5% of my time on the computer for virus-checking and virus-problems, so I view the Tenga infection just as an eventual use of previously budgeted time, and as an interesting intellectual exercise. The time lost getting the laptop back up again was not serious, in contrast to the time lost recovering data on the infected USB HDD.

I am not yet sure how my experience with Tenga will change my precautionary measures against future malware infections; maybe I'll just have to make more frequent backups of new, not-yet-processed downloads stored on my USB HDDs.

This post has been edited by Multibooter: 21 March 2010 - 06:38 AM

[Multibooter]

dencorso, on 20 March 2010 - 06:15 PM, said:

[far away offtopic]
Multibooter, since you have many SDHC cards, you might find interesting this SATA II SDHC RAID:
Sharkoon's Flexi-Drive S2S
[/far away offtopic]

@dencorso, [off topic]I had built myself a similar device a year and a half ago, as an "eMule download station", using a multi-card reader cum hub + 3 SDHC cards. I had used it for about 6 months, then rejected it, because eMule took about 10 minutes to start up and 10 minutes to shut down with it, my download list had between 1000-1500 files, my SDHC cards were just slow (fine during download, even at 200kB/s, but slow during startup and shut down of eMule). A 2nd HDD in the right-bay module of my laptop is much superior, also the regular internal HDD.[/off topic]

BTW, not that far away offtopic, since files damaged by tenga on the USB HDD were on such a device. In the back of my mind I have been pondering whether tenga may have been planted recently onto eMule, to destroy extracted downloads. Some people may have been loading eMule with malware, about 90% of the downloads are now infected, especially shareware stuff, maybe intentionally as a malguided defensive measure.

[Multibooter]

wsxedcrfv, on 21 March 2010 - 09:16 AM, said:

If you had an Anti-virus application running during the acquisition and execution of this virus...

No, I only make ooccasional on-demand scans, I don't have a virus checker running all the time.

Quote

Is it possible that your system was booted into DOS, and you first ran the infected file from that OS - and not windows?

No, I had not booted into DOS around Feb-28.

Quote

The initial infection event must have occurred soon after you acquired some new file or files or moved/copied some new file(s) to your PC - perhaps from external media (CD, floppy disk, etc) or from an internet download, or via lan connection to another local PC, or via RPC exploit while running XP. If you remember coping some files to your PC from an external source just prior to the infection starting, then you should perform an on-demand scan of that source.

On Feb-28 I had moved downloaded files via WLAN under Win98 from the eMule laptop (it's a dedicated laptop running only eMule under Win98, WinXP is hardly ever used there) to the later infected laptop (Win98)

[Multibooter]

wsxedcrfv, on 21 March 2010 - 09:05 AM, said:

In this particular case, Windows 98 is/was immune to direct infection. Tenga leverages a fault in the RPC service to spread between systems. Win9x/me does not have any such service to exploit.

Win98 was not immune to infection. At Win98 startup 2 files infected with tenga were run via the Win98 registry. By infecting most .exe files, and thereby also by chance those which are run thru the Win98 registry at startup, Tenga was active every time Win98 was loaded. I assume the same happened under WinXP and Win2k.

Quote

How exactly the original infector file got onto Multibooter's system is not clear, but there can be only two ways: (1) A desirable file was obtained by Multibooter from the internet (torrent, shareware, freeware, etc) and this file was already infected with Tenga.

Yes. It may also have come from my old software archive on CDs, DVD, HDDs on which I was working around that time. Maybe I had archived stuff years ago, at a time when Kaspersky didn't detect Tenga yet. Eventually I will find out. It may also have come out of some old infected email boxes, which I had tried to clean before archiving, around Feb-28, see my posting http://www.msfn.org/...post__p__912130

Quote

(2) Multibooter was running some NT-based OS on his system (win-2k or XP) - and the OS was not patched for this RPC exploit. The PC would have needed to be connected to the internet - but no web-browsing or any user-directed web-activity would have been required. The exploit would have penetrated the NT-OS and installed itself (perhaps in the autoexec, or the win.ini files of his win-98 system files). Multibooter claims that he doesn't use his XP-side for web-surfing, but he doesn't say if he disconnects the network cable from his PC while he's using XP.

My WinXP is SP2, without any patches added. WinXP was definitely not connected to the Internet, nor was the infected laptop connected to the WLAN router via cable. I am currently away from the US, were most of my computer tools and resources are located, so I always eject the USB 2.0 WLAN card before running WinXP (my old laptop has no built-in WLAN card), to make sure that there is no Internet or network connection under WinXP which could infect WinXP.

The Tenga infection cannot have occurred earlier under WinXP in the US, where the laptop does have internet access under WinXP, because the system backup I made just before leaving was clean.

This post has been edited by Multibooter: 21 March 2010 - 11:43 AM

[dencorso]

I've got two comments:

[ot]The Sharkoon's Flexi-Drive S2S is a true hardware RAID, so it's bound to be fast, if used with the right SDHC cards... I had those SanDisk Extreme III SDHC 16GiB, which are the so called 30 MB/s edition, and that under real world conditions really attain sequential reads of just over 20 MB/s... Under RAID0 that would be 6x times faster, bordering on the limits of the SATA I connection you'd have to use for 98SE to be able to recognize it. Then again, the MTBF would be about 500,000 h, i. e.: 1/6 of that of the individual cards (>3,000,000 h, according to SanDisk).[/ot]

You should consider adding SP3 to your XP. I'm using it since about one month after release, and it's very stable and trouble-free.

[Multibooter]

wsxedcrfv, on 21 March 2010 - 05:07 PM, said:

The fact that he's running XP-SP2 with no additional updates or patches isin't what I'd call smart... I still say that win-98 was "hit" by this Tenga only because the system is occasionally booted with a horribly-vulnerable version of XP.

I beg to disagree. My feeling is that by updating with new patches I mainly update spyware and spyware-vulnerabilities to the newest state. My feeling is that not just a search engine, but many big corporations cooperate with the NSA. I view infections with NSA-induced spyware as dangerous, and infections with a virus like Tenga as an entertaining nuisance.

I am just choosing between the lesser of two evils, and am fully aware of the risks, which I try to reduce by very intensive backups, by using ex-Soviet malware detectors, by having the WLAN-card removed when using WinXP, by using WinXP as little as possible and by installing a minimum of closed-source US-software created after 11-Sept-2001.

Quote

So the system would be vulnerable to Tenga if it had a live (and non-nat'd) internet connection

The router had always NAT on. Tiny Personal Firewall v2.0.14 is always on under Win98 and WinXP and did not report any calling out.

I have checked the still-infected 1TB USB HDD, Tenga.a seems to be a very efficient little program: Tenga infected on one partition 5329 .exe files on the USB HDD on Feb-28 between 9:04 PM and 9:07 PM, i.e. about 1700 files per minutes, with my old 700MHz laptop.

On the infected internal HDD, now disinfected, I have found on C:\ a file DL.exe with the modification date of Mar-1 9:18AM. It was not an exe file, just a renamed ASCII file with the following content:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://utenti.multimania.it/vx9/dl.exe">here</a>.</p>
</body></html>

The URL in my DL.exe differs from the URL listed in http://quickheal.co....rts-tenga-a.asp
[http://]utenti.lycos.it/[REMOVED]/dl.exe
[http://]utenti.lycos.it/[REMOVED]/CBACK.EXE
[http://]utenti.lycos.it/[REMOVED]/GAELICUM.EXE
When I tried to manually download dl.exe from multimania.it, I got a 404; multimania.it had the page title "Lycos Tripod".
I did not find cback.exe or gaelicum.exe on the formerly infected HDD. Maybe Tenga was unable to execute all its work on my laptop.

Here another observation: Just around the time the USB HDD was infected, I was in Win98 and then tried to boot into WinXP, but somehow couldn't, or WinXP didn't come up properly, I don't remember anymore. In any case, I modified boot.ini, and after the 2nd or 3rd attempt WinXP came up Ok again, no idea why. During my attempts to boot into WinXP I most likely had the infected USB HDD connected (but the old BIOS of my laptop does not see USB devices connected at boot time).

Most likely Tenga had started under Win98 and had then infected, under Win98, some critical system files on the FAT32 WinXP partition, so that WinXP had trouble starting up.

On my laptop the various operating systems have common access to standalone programs, i.e. there is a single instance of standalone programs, which are accessed under the various operating systems by creating a destop shortcut there. For example, I am using uptime.exe. I run it under Win98 and under WinXP via a desktop shortcut to C:\MiscUtil\uptime.exe. So if C:\MiscUtil\uptime.exe is infected, the infection will spread to other operating systems whenever I click on the shortcut to Uptime under that operating system. The original idea was to avoid duplicate copies of standalone programs, but this may actually be an unsafe practice in a multibooting environment.

One of my interests in this topic is to explore "How to prevent cross-operating system infections in a multibooting environment". A virus which could encrypt modern HDDs, similar to ancient One-Half http://www.csie.ntu....IN/ONEHAL~1.HTM , which I mentioned in the introduction to this topic, could be just as much of a nuisance as Tenga. BTW, it would be interesting to know whether ancient One-Half can infect modern 1TB HDDs.

Quote

It would have taken user-assistance to execute Tenga on a Win-98 system, by way of running a file that was already infected.

This is also what I suspect, that I must have double-clicked on an infected file. But this is absolutely against my practices, to which I strictly adhere: I ALWAYS check downloads or stuff from my archive with Kaspersky before running it, and Kaspersky does detect Tenga. It is still a puzzle how I got this virus, under which operating system Tenga started and how it spread from one operating system to the next.

[jaclaz]

Multibooter, on 22 March 2010 - 05:11 AM, said:

I beg to disagree. My feeling is that by updating with new patches I mainly update spyware and spyware-vulnerabilities to the newest state. My feeling is that not just a search engine, but many big corporations cooperate with the NSA. I view infections with NSA-induced spyware as dangerous, and infections with a virus like Tenga as an entertaining nuisance.

Do I smell some good ol' conspiracy theory?

There may be "good" and "bad" companies:
http://yro.slashdot....7/07/18/1434229
http://yro.slashdot..../199223&tid=158
http://news.cnet.com..._3-6197020.html
http://news.cnet.com..._3-6196990.html

jaclaz

[Multibooter]

jaclaz, on 22 March 2010 - 07:16 AM, said:

Do I smell some good ol' conspiracy theory?

http://www.mondoraro...targato-regime/
Maybe the Iranian and Chinese governments are not only for censorship, but also want to stop Poodle's data gathering. Paranoid concerns with national sovereignty, seeing data-gathering arms of the NFA everywhere?

BTW, http://news.cnet.com...-police-spyware is 404

Although I don't think it's likely, I have also been considering whether the Tenga infection was a targeted installation. ISPs seem to be able to access connected computers with relative ease, I assume a connected computer is just a client in the ISP's network. I am not sure how much Win98 protects against a snooping ISP.

[jaclaz]

Multibooter, on 22 March 2010 - 08:58 AM, said:

BTW, http://news.cnet.com...-police-spyware is 404

Sure it is.

The makers of the Board software expressly made their parser for posted URL's in such a way as to break them at commas, in order to prevent users from reading pages like:

hxxp://news.cnet.com/Security-firms-on-police-spyware,-in-their-own-words/2100-7348_3-6196990.html

(or maybe it was FBI or NSA forcing CNET to use these malformed URLs? )

Let's see if they got to TinyUrl too:
http://tinyurl.com/cnc3d3

Good , they missed it.

jaclaz

[Multibooter]

Multibooter, on 22 March 2010 - 08:58 AM, said:

Maybe the Iranian and Chinese governments are not only for censorship, but also want to stop Poodle's data gathering.

Huh, what a typo , I surely didn't want to allude to Mao's "the imperialists and their running dogs" http://www.marxists....-book/ch05.htm. I just came by chance across this news from the bbc: "Google provided US intelligence agencies with a record of its search engine results, the state-run news agency Xinhua said." http://news.bbc.co.u...ess/8581393.stm
"On Sunday, state media in China attacked Google for what they described as the company's "intricate ties" with the US government." http://news.bbc.co.u...fic/8582233.stm

This post has been edited by Multibooter: 23 March 2010 - 02:03 AM