16 more Win 7 "God" modes

[JohnnyMalaria]

now it true, a knowledgeable person can disable the windows built in firewall and use a third party firewall, but that doesn't do you much good when you can access the remote access service by calling the appropriate dll:

http://msdn.microsoft.com/en-us/library/aa374506%28VS.85%29.aspx

Well, just how else exactly are you supposed to use the Remote Access Service? Do you even have a notion as to what it is? Or how long it has been around for?

[ocgw]

now granted it's not the 30 lines of code that i claimed it would take, but i don't see how anyone can't find it alarming that microsoft decided that it would add a feature to the win 7 api that allows a programmer, from within his app, to turn off the built in firewall without authorization of the user.

i haven't looked through all the other new features but i for one think this represents a major security risk, especially in light of the revamped UAC.

Blindly copying and pasting something that you clearly do not comprehend means nothing. I dare to presume you have not written a COM-based WIN32 application in Visual C++. If you read the associated MSDN content (i.e., to put it in context) then you will see that programmatic access to the Windows Firewall API has been around since XP and that "[a]ll users may read the configuration settings. However, Administrator privileges are required to change Windows Firewall configuration settings." If you run with admin privileges then caveat emptor.

The add security risks that you claim are wholly bogus. But then again you cannot reason with fearmongering.

In plain English: How are you gonna' run code on my firewall (or anything else on my system for that matter) from outside the firewall Einstein?

ocgw

peace

[JohnnyMalaria]

Ah, Einstein is the answer! I'm sure he could make malicious stuff appear before it has even been sent.

[The village idiot]

Whatever. Enjoy that new aluminum foil beanie, guess you better switch to one of the *nix systems and make sure you build it from the source so you know there are no holes that the government put in to grab your thoughts.

[deadrats]

In plain English: How are you gonna' run code on my firewall (or anything else on my system for that matter) from outside the firewall Einstein?

ocgw

peace

am i the only one in this thread that is sober? i'm assuming you have heard of malware, have you not? basically it disguises itself as a benign program and when the end user activates it, it goes to work.

the same with the code i posted, think of it this way:

you have your system configured with the windows firewall enabled, and as you may or may not know, since Vista, the windows firewall stops both inbound and outbound traffic.

i write a virus that's embedded in a media file (i'm assuming you have seen those), the virus is designed to connect to a remote computer and give me access to your data or allow me to use your pc as a bot, but your firewall is preventing the virus from connecting to my pc, so even though your pc is infected and the virus is collecting passwords, personal info, whatever, it doesn't do me any good because it's not leaving your pc any time soon and in all likelyhood your next anti-virus scan will find the virus and remove it. all is well with your pc.

now move to a win 7 pc, i write the same virus, only this time i add 2 additions, one is the aforementioned windows firewall shutdown code and the other is code to enable telnet on your pc. with the firewall shut down the virus is free to collect and send me your personal data and with telnet enabled, and your ip addy (easily retrieved by the virus), i can now remotely connect to your pc, you now have a compromised system, and here's the kick in the ass; assume you run an anti virus scan, discover the virus and remove it, the changes made to your system still exist, i still have access to your pc.

oh, and for the record, i'm not proposing running code "on your firewall", i'm talking about the functionality microsoft built into the win 7 api that allows someone to write an application that when run on a client pc is capable of turning off the security features on said client pc.

keep in mind that all viruses require some level of user action, with win 7 microsoft has increased the potential that the damage can be much greater.

johnny, unfortunately, seems to be part of the problem that prevents microsoft from building a truly secure OS, he's a "programmer" that actually supports turning the OS into swiss cheese so long as it makes his life easier.

and that's the worst kind of "programmer".

[deadrats]

Whatever. Enjoy that new aluminum foil beanie, guess you better switch to one of the *nix systems and make sure you build it from the source so you know there are no holes that the government put in to grab your thoughts.

i actually do use linux from time to time and at one point i actually created my own custom debian based distro. but you don't need to switch to a *nix, just use your brain (which for you may be a bit difficult, but try, i have confidence in you), don't use win 7, don't use the windows firewall, turn off the scripting host, turn off all the remote access services, don't use the bit locker encryption, use open source apps for security whenever you can and your computer can be secure.

or you can blindly trust microsoft and believe that everything will magically be ok, your choice.

[ocgw]

In plain English: How are you gonna' run code on my firewall (or anything else on my system for that matter) from outside the firewall Einstein?

ocgw

peace

am i the only one in this thread that is sober? i'm assuming you have heard of malware, have you not? basically it disguises itself as a benign program and when the end user activates it, it goes to work.

the same with the code i posted, think of it this way:

you have your system configured with the windows firewall enabled, and as you may or may not know, since Vista, the windows firewall stops both inbound and outbound traffic.

i write a virus that's embedded in a media file (i'm assuming you have seen those), the virus is designed to connect to a remote computer and give me access to your data or allow me to use your pc as a bot, but your firewall is preventing the virus from connecting to my pc, so even though your pc is infected and the virus is collecting passwords, personal info, whatever, it doesn't do me any good because it's not leaving your pc any time soon and in all likelyhood your next anti-virus scan will find the virus and remove it. all is well with your pc.

now move to a win 7 pc, i write the same virus, only this time i add 2 additions, one is the aforementioned windows firewall shutdown code and the other is code to enable telnet on your pc. with the firewall shut down the virus is free to collect and send me your personal data and with telnet enabled, and your ip addy (easily retrieved by the virus), i can now remotely connect to your pc, you now have a compromised system, and here's the kick in the ass; assume you run an anti virus scan, discover the virus and remove it, the changes made to your system still exist, i still have access to your pc.

oh, and for the record, i'm not proposing running code "on your firewall", i'm talking about the functionality microsoft built into the win 7 api that allows someone to write an application that when run on a client pc is capable of turning off the security features on said client pc.

keep in mind that all viruses require some level of user action, with win 7 microsoft has increased the potential that the damage can be much greater.

johnny, unfortunately, seems to be part of the problem that prevents microsoft from building a truly secure OS, he's a "programmer" that actually supports turning the OS into swiss cheese so long as it makes his life easier.

and that's the worst kind of "programmer".

So your evil genius only works on idiots that cooperate by download any old crap off the interweb and installing it on their unprotected PC's huh????

rotflmMFao

What was I thinking?, the sky is falling , run for the hills, it is the end of life as we know it

Dude, before you embarress your self further, I regularly connect my PC to clients KNOWN infected HDD's to recover critical data before reformating their drives

pfff....Do i know about viruses? LOL, idiots w/ unprotected PC's downloading crap like there is no tomorrow are paying for my new ranch

btw. since I don't use it remote assistance is disabled on my PC, and I don't rely on Windows Firewall, I use an additional 3rd party software firewall, and I have a hardware firewall

ocgw

peace

[deadrats]

Well, just how else exactly are you supposed to use the Remote Access Service? Do you even have a notion as to what it is? Or how long it has been around for?

remote access, in the simplest terms, as the name implies, allows the client pc to connect to a remote network. it is a major security flaw to have an interface that allows a 3rd party app to interact with the windows remote access service, to enable it despite the the end user having it disabled. if i disable the service it's because i don't want my pc connecting to a vpn, i don't want it connecting to a wan, why the hell should you be able to write a program that by-passes my security settings?

perhaps your intentions are benign, but that doesn't mean everyone's are, if i configure win 7 so that telnet isn't running (it's disabled by default), all the remote registry and remote access services are disabled and the built in firewall is enabled, by what right should your program be able to undo the changes i have made and connect to a remote network without my knowledge?

this is absolutely unreal, with all the viruses that target windows, that people get tricked into downloading and executing on their pc's, you would think microsoft would make it harder for malware authors to wreck havoc, not easier, and guys like you that welcome these changes aren't helping one bit.

[deadrats]

So your evil genius only works on idiots that cooperate by download any old crap off the interweb and installing it on their unprotected PC's????

rotflmMFao

What was I thinking?, the sky is falling , run for the hills, it is the end of life as we know it

are you for real? that's how viruses work, for the most part. it usually requires the end user to run an application he thinks is from a trusted source, perhaps a software demo, a game demo, with vb script you could embed the code within a web site and when the end user visits, the browser executes all the commands embedded within the page, i can think of numerous ways to exploit these features.

[aedipuss]

a wmv(or any other media file) can not contain a virus that executes. it can only try to trick the person playing it to download and run one, usually by announcing a codec or different player is required.

[edit] edited for being overly mean

[ocgw]

So your evil genius only works on idiots that cooperate by download any old crap off the interweb and installing it on their unprotected PC's????

rotflmMFao

What was I thinking?, the sky is falling , run for the hills, it is the end of life as we know it

are you for real? that's how viruses work, for the most part. it usually requires the end user to run an application he thinks is from a trusted source, perhaps a software demo, a game demo, with vb script you could embed the code within a web site and when the end user visits, the browser executes all the commands embedded within the page, i can think of numerous ways to exploit these features.

So now how does Windows 7 change that in any way , form, or fashion??????????????????????????????????????????? ?

ocgw

peace

[deadrats]

Dude, before you embarress your self further, I regularly connect my PC to clients KNOWN infected HDD's to recover critical data before reformating their drives

pfff....Do i know about viruses? LOL, idiots w/ unprotected PC's downloading crap like their is no tomorrow are paying for my new ranch

if you actually did know anything about viruses and how they work you wouldn't have made the stupid statement you just did. your claim that because "regularly connect my PC to clients KNOWN infected HDD's" that somehow means you know all about viruses is the same as when a certain other idiotic snapper head made the claim that she was an expert on Russia because she could see a small piece of land, during certain times of the year, from her front porch.

taking an infected hard drive and connecting it to your pc so you can run a copy and paste data to a backup folder poses absolutely no risk to your pc, primarily because there is zero chance of you actually activating the virus, the virus, just like any other executable, can be copied and paste, decompiled, analysed, whatever you want and it won't do squat to your pc so long as it's not activated.

and for the record, if your first inclination upon being presented with an infected hard drive is to reformat the drive, then i feel sorry for your clients, they should be taking a bulldozer to your ranch, not paying for a new one.

[deadrats]

a wmv(or any other media file) can not contain a virus that executes. it can only try to trick the person playing it to download and run one, usually by announcing a codec or different player is required.

[edit] edited for being overly mean

i am beginning to believe that i am by far the most computer knowledgeable person on this board:

http://www.liewcf.com/archives/2005/05/china-hackers-spread-realplayer-media-files-wit...irus-embedded/

China Hackers are spreading custom encoded .rm media file into Internet. Regardless the media players(e.g.: RealPlayer, WinAmp) you use, your computer is infected secretly once opened the media file.

http://www.softarea51.com/windows/Security_Privacy/Encryption_Utilities/Review-Secret_Media.html

Secret Media uses a specialized technique of hiding information by embedding messages within seemingly harmless media files. It works by embedding invisible bits of data in otherwise normal graphics and audio files (such as JPG, MP3, WMA, GIF, BMP, or WAV). Using this technology, you can hide sensitive or private text messages in virtually any media file.

http://www.theregister.co.uk/2005/01/13/drm_trojan/

Virus writers have subverted digital rights management features in Windows Media Player to spread Trojans and other malware. License-protected movie (.wmv) files infected with the WmvDownloader-A or WmvDownloader-B Trojans have entered circulation on P2P networks, reports Madrid-based antivirus firm Panda Software.

[deadrats]

So now how does Windows 7 change that in any way , form, or fashion??????????????????????????????????????????? ?

if you bothered to read through the links i had posted you wouldn't be asking a question that has already been answered.

microsoft has added new functionality to the win 7 api that greatly simplifies the tasks i have outlined, the links are all through this thread, read them, ignore them, believe whatever you want, the information has already been provided for anyone that is capable of understanding what they read.

[ocgw]

Dude, before you embarress your self further, I regularly connect my PC to clients KNOWN infected HDD's to recover critical data before reformating their drives

pfff....Do i know about viruses? LOL, idiots w/ unprotected PC's downloading crap like their is no tomorrow are paying for my new ranch

if you actually did know anything about viruses and how they work you wouldn't have made the stupid statement you just did. your claim that because "regularly connect my PC to clients KNOWN infected HDD's" that somehow means you know all about viruses is the same as when a certain other idiotic snapper head made the claim that she was an expert on Russia because she could see a small piece of land, during certain times of the year, from her front porch.

taking an infected hard drive and connecting it to your pc so you can run a copy and paste data to a backup folder poses absolutely no risk to your pc, primarily because there is zero chance of you actually activating the virus, the virus, just like any other executable, can be copied and paste, decompiled, analysed, whatever you want and it won't do squat to your pc so long as it's not activated.

and for the record, if your first inclination upon being presented with an infected hard drive is to reformat the drive, then i feel sorry for your clients, they should be taking a bulldozer to your ranch, not paying for a new one.

Wrong!!, when I connect my PC to some ppl's HDD my anti-virus goes nuts blocking multiple infections like crazy

Also ppl bring me PC's that are DEAD, won't boot, and full of virus, I return them clean, fully functioning and fully protected w/ all their data intact, and I do it the easiest way I can saving time so I can save them money and they love it

Any more smart azz remarks son?

ocgw

peace

[ocgw]

So now how does Windows 7 change that in any way , form, or fashion??????????????????????????????????????????? ?

if you bothered to read through the links i had posted you wouldn't be asking a question that has already been answered.

microsoft has added new functionality to the win 7 api that greatly simplifies the tasks i have outlined, the links are all through this thread, read them, ignore them, believe whatever you want, the information has already been provided for anyone that is capable of understanding what they read.

I will "redirect", So are you saying that downloading chit from the world wide web onto a unprotected PC was safe before Windows 7??

if not, what the duck changed?

ocgw

peace

[CobraPilot]

ocgw says . . . .

". . . is the same as when a certain other idiotic snapper head made the claim that she was an expert on Russia because she could see a small piece of land, during certain times of the year, from her front porch."

Sorry, I just can't resist commenting when someone makes a comparison like this, so completely bogus.

The person who made the "Russia from her front porch" comment was Tina Fey portraying Sarah Palin in a "Saturday Night Live" skit, not the much-maligned Gov. Palin herself, as this comment implies.

"Idiotic snapper head", huh? :P

[ocgw]

ocgw says . . . .

". . . is the same as when a certain other idiotic snapper head made the claim that she was an expert on Russia because she could see a small piece of land, during certain times of the year, from her front porch."

Sorry, I just can't resist commenting when someone makes a comparison like this, so completely bogus.

The person who made the "Russia from her front porch" comment was Tina Fey portraying Sarah Palin in a "Saturday Night Live" skit, not the much-maligned Gov. Palin herself, as this comment implies.

"Idiotic snapper head", huh? :P

Dude, wtf? your post makes it look like I was the one that made that retarded remark

ocgw

peace

[Supreme2k]

First, deadrats said that, not ocgw. It was a quote within a quote.

Second, though the quote was changed slightly for comedy, she did say that her foreign policy comes from the fact that you can see Russia from Alaska and they are neighbors. So not completely bogus.

[aedipuss]

a wmv(or any other media file) can not contain a virus that executes. it can only try to trick the person playing it to download and run one, usually by announcing a codec or different player is required.

[edit] edited for being overly mean

i am beginning to believe that i am by far the most computer knowledgeable person on this board:

http://www.liewcf.com/archives/2005/05/china-hackers-spread-realplayer-media-files-wit...irus-embedded/

China Hackers are spreading custom encoded .rm media file into Internet. Regardless the media players(e.g.: RealPlayer, WinAmp) you use, your computer is infected secretly once opened the media file.

http://www.softarea51.com/windows/Security_Privacy/Encryption_Utilities/Review-Secret_Media.html

Secret Media uses a specialized technique of hiding information by embedding messages within seemingly harmless media files. It works by embedding invisible bits of data in otherwise normal graphics and audio files (such as JPG, MP3, WMA, GIF, BMP, or WAV). Using this technology, you can hide sensitive or private text messages in virtually any media file.

http://www.theregister.co.uk/2005/01/13/drm_trojan/

Virus writers have subverted digital rights management features in Windows Media Player to spread Trojans and other malware. License-protected movie (.wmv) files infected with the WmvDownloader-A or WmvDownloader-B Trojans have entered circulation on P2P networks, reports Madrid-based antivirus firm Panda Software.

omg hahaha. i thought it was only my grandfather who believed everything posted, blogged about or emailed to him was true.

[guns1inger]

I think I found your website : http://www.thewisesthuman.com/

[JohnnyMalaria]

johnny, unfortunately, seems to be part of the problem that prevents microsoft from building a truly secure OS, he's a "programmer" that actually supports turning the OS into swiss cheese so long as it makes his life easier.

and that's the worst kind of "programmer".

Firstly, I am a programmer, not a "programmer".

Secondly, since you have resorted to insult and slander, you are an "idiot". You opened this thread with some nonsense about various COM interfaces in Windows 7 opening new opportunities for maliciousness. Then, when accurately rebuked, you change your tune and start on about malware which has been around for ages and will continue to be. The ability to write programs that exploit weaknesses in the API code isn't new. Turning the firewall on and off isn't new. Admin requirements are necessary. If you spread you legs wide open then expect a trip or two to the clinic.

I leave you with a very malicious piece of code that can be put in nothing more than a plain text file and requires no compilation etc:

del *.* /s /q

In this case, perhaps the *'s represent your ears and the . a seamingly vanishing brain due to atrophy from exposure to too many neurotoxins.

[ocgw]

Inside his 100 page sick twisted rant I found a couple of paragraphs where I see what he means

Adults Do Not Teach By Examples, But By Word Scams That Brainwash And Indoctrinate Their Children's Malleable Minds, Destroying Youth.
Rote Education Corrupts Childhood,
Forcing Children To Become Adults.

Did you see the movie Matrix? Actually the
induced night "dream world" is synonymous
with the academic religious induced daytime
"word world" enslavement of humans. Word
has no inherent value, as it was invented as a
counterfeit and fictitious value to represent
natural values in commerce. Unfortunately,
human values have declined to fictitious
word values. Unknowingly, you are living
in a "Word World", as in a fictitious life
in a counterfeit nation - which you could
consider Matrix induced "Dream World".
Can you distinguish the academic induced
"Word World" from the natural "Real
World"? Beware of the change when your
brain is free from induced"Word World"
enslavement - for you could find that the
natural "Real World" has been destroyed.

get this guy on some meds tho' lol

pls tell me this guy isn't walking around unrestrained

ocgw

peace

[lordsmurf]

Firstly, I am a programmer, not a "programmer".

I fall somewhere between the two, I think.

[ocgw]

Firstly, I am a programmer, not a "programmer".

I fall somewhere between the two, I think.

I have never "wrote code" in my life and I can see that deadrats has not discovered some new threat or vulnerablity worthy of a public announcenment or any reason to stick to an older OS "out of fear"

"fear mongers" and their "conspiracy theories" lol

ocgw

peace

[hunter99]

I really love this thread, it's my laugh of the day.
Since I installed a Faraday shield around my property,
I no longer worry about any of this.

[deadrats]

I will "redirect", So are you saying that downloading chit from the world wide web onto a unprotected PC was safe before Windows 7??

if not, what the duck changed?

i'll try this one last time: assume you have 2 pc's, one is running XP 64, the other is running Win 7 64bit, both have remote access disabled, both have the windows firewall enabled, both have the scripting host disabled, both have telnet disabled, neither has an antivirus or any other form of malware protection installed.

you download a virus to both pc's, on the Win 7 pc, thanks to the additions made to the win 7 api, the virus can disable the windows firewall, it can enable telnet, it can can turn on the scripting host service and it can turn on remote access, that same virus can't do that on the XP 64 machine, and for though matter it can't even do that on Vista 64, because even though the Vista api also added some features that ostensibly are meant for easier administration but could be exploited Vista at least had that extremely intrusive UAC that stopped a lot of crap dead in it's tracks, with Win 7 microsoft decided to make it less intrusive and there are tests out there that show as a result Win 7 is way more vulnerable to root kits:

http://www.theregister.co.uk/2009/12/10/win7_vista_security/

microsoft has made win 7 into swiss cheese, not quite as bad as the win 9x days, but still more than a few steps behind it's NT based predecessors. now it's true that you can use 3rd party tools to lock down win 7 fairly tight, but it still annoys me that microsoft felt the need to include in it's api functionality that can harm the vast majority of it's less tech savvy users.

[deadrats]

ocgw says . . . .

". . . is the same as when a certain other idiotic snapper head made the claim that she was an expert on Russia because she could see a small piece of land, during certain times of the year, from her front porch."

Sorry, I just can't resist commenting when someone makes a comparison like this, so completely bogus.

The person who made the "Russia from her front porch" comment was Tina Fey portraying Sarah Palin in a "Saturday Night Live" skit, not the much-maligned Gov. Palin herself, as this comment implies.

"Idiotic snapper head", huh? :P

first things first, i made the comment, not ocgw, and 2, Palin DID make that remark in an interview with Katie Couric, i watched the interview, here's the clip you can see it for yourself:

http://www.huffingtonpost.com/2008/09/25/palin-talks-russia-with-k_n_129318.html

[Nelson37]

I think this guy left the ol' filter mask off one time too many when fumigating.

As for that website, haven't seen anything that crazy in ... Well, never, actually. I am assuming that there is no actual connection to deadrats as even he seems far too sane for that.

[deadrats]

omg hahaha. i thought it was only my grandfather who believed everything posted, blogged about or emailed to him was true.

you're just f*cking with me, right? you can't possibly be that computer illiterate. it's possible to embed an executable within a media file, all a media file consists of is a bunch of bits, just like an executable file, when you view a media file you are basically "executing" it (that's why if you change the permissions on a media file so that the "execute" bit isn't set then the file can't be viewed), it's very easy to append a an executable to the start beginning of a media file, all you need to understand is how the media viewer boot straps the stream and you configure your virus accordingly.

am i the only one that ever studied computer science on this forum?