Path: csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!us.feeder.erje.net!feeder.erje.net!eu.feeder.erje.net!newsfeed.datemas.de!rt.uk.eu.org!aioe.org!.POSTED!not-for-mail
From: Roedy Green <see_website@mindprod.com.invalid>
Newsgroups: comp.lang.java.programmer
Subject: Re: U.S. warns on Java software as security concerns escalate
Date: Tue, 15 Jan 2013 14:34:40 -0800
Organization: Canadian Mind Products
Lines: 37
Message-ID: <holbf89f6sftjet40kuk6i7bg288o4rst7@4ax.com>
References: <kcrlqe$noj$1@speranza.aioe.org> <c54af8l2r5sh74tcm04urnblc81qgjl5lk@4ax.com> <wO2dndBej5Rx9mjNnZ2dnUVZ_qednZ2d@earthlink.com>
Reply-To: Roedy Green <see_website@mindprod.com.invalid>
NNTP-Posting-Host: K2Qzzs3EAqXk5RLzfhxcSw.user.speranza.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
X-Notice: Filtered by postfilter v. 0.8.2
X-Newsreader: Forte Agent 6.00/32.1186
Xref: csiph.com comp.lang.java.programmer:21419

On Tue, 15 Jan 2013 06:47:13 -0800, Patricia Shanahan <pats@acm.org>
wrote, quoted or indirectly quoted someone who said :

>The scary thing about this is how much it could cost in support service
>fees for an ordinary computer user who does not know how to boot in safe
>mode etc.

After I had done that I ran a Security Essentials which detected it
and removed it.  I did not run that right off figuring it might
trigger its revenge. The full story is at
http://mindprod.com/jgloss/scareware.html

My next line of defence would have been  to boot from a different disk
and run the security scan from there. Getting rid of it turned out to
be one of the easiest computer problems I ever solved. The very first
thing I tried worked. I have backups of all my data and
configurations, so the threat of a formatting was not all that
terrifying, just onerous reinstalling.

I am still puzzled how it got in.  I am used to hearing scare stories
about Java vulnerabilities, which are just theoretical holes that no
one actually got around to exploiting. This one could well be just
that. I have my security level low to let me run my own Applets.
Security does not distinguish between local, trusted and untrusted
sites.

It is not on my room mate's machine.

Microsoft has a rogues' gallery.  They had it described to a T with
screenshots, but it did not discus how it attacks.

-- 
Roedy Green Canadian Mind Products http://mindprod.com
The first 90% of the code accounts for the first 90% of the development time.
The remaining 10% of the code accounts for the other 90% of the development 
time. 
~ Tom Cargill  Ninety-ninety Law