Advertise on Bikeforums.net



User Tag List

Results 1 to 18 of 18
  1. #1
    Senior Member
    Join Date
    Jan 2008
    Location
    Far NorthEast Texas
    My Bikes
    Trek SU200, old Wards Hawthorne 3-speed
    Posts
    87
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Beware: Don't click link in "CREE XR-E P4 bike light" thread

    Don't click the link(supposedly to something on ebay) in the "CREE XR-E P4 bike light" thread, posted under username joelw135. Probably best not to open that post at all. When I clicked the link, it locked up my computer, & I had to shut it off to get free. When restarted, my computer showed a strong warning from my antivirus about "Trojan Horse" something or other. And now, my Windows toolbar at the top of the screen is gone. Admins, it's your call, but I think it might be best to delete that post.

    Now if I can figure out how to get my toolbar up again- I need my "Favorites" list back!
    LBS? Here, DNE!

  2. #2
    Scott n4zou's Avatar
    Join Date
    Jun 2006
    My Bikes
    Too Many
    Posts
    2,393
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Linux will solve your windoze problems.
    http://www.ubuntu.com/
    [SIGPIC]http://www.bikeforums.net/image.php?type=sigpic&userid=57360&dateline=1197386754[/SIGPIC]
    It's easier to pick a Yankee tourist than a bail of cotton.

  3. #3
    Senior Member dorkypants's Avatar
    Join Date
    Feb 2006
    Posts
    385
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Perhaps an unfortunate coincidence? I copy-pasted the URL referenced by the link into Firefox 3 Mac and got an eBay listing for a CREE LED XR-E P4 light.

  4. #4
    Senior Member
    Join Date
    Jan 2008
    Location
    Far NorthEast Texas
    My Bikes
    Trek SU200, old Wards Hawthorne 3-speed
    Posts
    87
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    No habla Linux, not really an option for me. And maybe so, but it messed with my computer badly, and did so the instant I clicked on the link. It's still not acting normally. If it looks like a duck, etc...
    LBS? Here, DNE!

  5. #5
    Senior Member mechBgon's Avatar
    Join Date
    Jul 2002
    Posts
    6,957
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Smile

    Quote Originally Posted by n4zou View Post
    Linux will solve your windoze problems.
    http://www.ubuntu.com/
    ...or maybe securing Windows properly would be worth a try? Because there's plenty of exploits available for the bad guys to use against Linux systems, too.



    Whatever platform you prefer to use, you should secure it, maintain your security patching on the OS and all installed software, and run stuff at the lowest privilege level you can.

    I'll check out the allegedly-hostile link and see what's going on.

    Update: I don't see any outright hostile stuff in the page's source code. The listing does use Flash menus, which holds various possibilities. For example, the server hosting the Flash stuff might've been compromised, and the innocent Flash might've been replaced with maliciously-rigged Flash that launches exploits (yes, even on Linux systems, if they have a vulnerable Flash Player installed).

    Anyhow, UncleStu, if you need any help, feel free to drop me a PM. What was the exact name of the Trojan Horse that your antivirus reported? Your AV logs/reports should say. I strongly recommend checking your system with the free Secunia PSI utility, which will help you fix vulnerabilities in stuff like Flash Player, QuickTime Player, Adobe Reader, etc.

  6. #6
    Scott n4zou's Avatar
    Join Date
    Jun 2006
    My Bikes
    Too Many
    Posts
    2,393
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by mechBgon View Post
    ...or maybe securing Windows properly would be worth a try? Because there's plenty of exploits available for the bad guys to use against Linux systems, too.



    Whatever platform you prefer to use, you should secure it, maintain your security patching on the OS and all installed software, and run stuff at the lowest privilege level you can.

    I'll check out the allegedly-hostile link and see what's going on.

    Update: I don't see any outright hostile stuff in the page's source code. The listing does use Flash menus, which holds various possibilities. For example, the server hosting the Flash stuff might've been compromised, and the innocent Flash might've been replaced with maliciously-rigged Flash that launches exploits (yes, even on Linux systems, if they have a vulnerable Flash Player installed).

    Anyhow, UncleStu, if you need any help, feel free to drop me a PM. What was the exact name of the Trojan Horse that your antivirus reported? Your AV logs/reports should say. I strongly recommend checking your system with the free Secunia PSI utility, which will help you fix vulnerabilities in stuff like Flash Player, QuickTime Player, Adobe Reader, etc.
    You can never fully secure windoze. You can only secure it from known threats. New threats are accepted until found and anti virus software is updated in an attempt to prevent that specific threat. Linux has far fewer threats than windoze or MAC. All hackers use Linux to create windoze and MAC virus and trojans so they typically do not write virus and trojans for there own OS. Even if you manage to get one with Linux it's no where near as hard to recover from one. You simply boot your Live-CD and reinstall your Linux OS. There are no keys to type in or calling a tech to reload your windoze or MAC OS simply because it's all open source and free for everyone to use.
    [SIGPIC]http://www.bikeforums.net/image.php?type=sigpic&userid=57360&dateline=1197386754[/SIGPIC]
    It's easier to pick a Yankee tourist than a bail of cotton.

  7. #7
    BeaverTerror Yan's Avatar
    Join Date
    Jan 2006
    Location
    Shanghai, China
    My Bikes
    2013 True North custom touring; 2009 Unicycle.com Club Uni; 1989 Miele Tivoli; 1979 Colnago Sport
    Posts
    1,561
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I saw your post and couldn't help but click on that link

    Nothing happened. It's just a regular ebay page for me. I'm using Firefox 3.0.1 on Windows XP.
    Yan

    2013 True North custom touring; 2010 Novara Randonee; 2009 Unicycle.com Club 24"; 1989 Miele Tivoli; 1979 Colnago Sport

  8. #8
    Senior Member mechBgon's Avatar
    Join Date
    Jul 2002
    Posts
    6,957
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Smile

    Quote Originally Posted by n4zou View Post
    You can only secure it from known threats. New threats are accepted until found and anti virus software is updated in an attempt to prevent that specific threat.
    I'm sorry, but that is fundamentally incorrect. To name some examples of defending Windows from unknown threats, I can mention Software Restriction Policy and disabling AutoPlay, as well as low-rights operations, full hardware-enforced Data Execution Prevention (a feature of all recent CPUs), and the use of UAC and Protected Mode on Vista. This has nothing at all to do with antivirus software. It might be the realm of a HIPS, and some antivirus software does have HIPS-like features nowdays, but the basic idea is to start with the security capabilities of the OS and hardware themselves. They're extremely effective.

    If you'd like a real-world example, complete with screen-capture video and a thorough explaination of the results, check my research on a WMF Exploit file using low-rights and/or Software Restriction Policy. That can be found here: http://www.antisource.com/forums/viewtopic.php?t=128 Enjoy!

  9. #9
    Member joelw135's Avatar
    Join Date
    Feb 2006
    Location
    Kendall Park, New Jersey
    My Bikes
    ActionBent Trike
    Posts
    30
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    There is nothing wrong with the page as I have gone there many times. You have a problem with your computer. It opens better in iE than in Firefox. You shouldn't start blaming people for posting a bad link unless you are certain.
    ActionBent Trike
    My home page and its mirror page:
    http://home.comcast.net/~joelw135
    http://waxman.org/~recumbent
    My recumbent days trike blog.
    http://bentridernj.blogspot.com/

  10. #10
    Senior Member maximushq2's Avatar
    Join Date
    May 2005
    My Bikes
    Specialized Stumpjumper FSR Comp, Specialized Rockhopper Comp, Gt Timberline
    Posts
    281
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I just use firefox w/ noscript that seems to keep a lot of nasties away, also of course use updated a/v and firewall. If I was gonna go surf some place shady I would look into using a sandbox for browsing also such as sandboxie. I missed my chance to check out your link, but if you still are having issues and think you have a trojan or other you can head over to http://www.wilderssecurity.com/ forums and some knowledgable people there can probably help you out.

  11. #11
    Senior Member Zero_Enigma's Avatar
    Join Date
    May 2006
    Location
    North of the 49th Parallel (GPS grid soon)
    My Bikes
    MTB Peugoet Canyon (forgot the model), Nikishi? roadbike, MTB custom build,
    Posts
    1,775
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by UncleStu View Post
    Don't click the link(supposedly to something on ebay) in the "CREE XR-E P4 bike light" thread, posted under username joelw135. Probably best not to open that post at all. When I clicked the link, it locked up my computer, & I had to shut it off to get free. When restarted, my computer showed a strong warning from my antivirus about "Trojan Horse" something or other. And now, my Windows toolbar at the top of the screen is gone. Admins, it's your call, but I think it might be best to delete that post.

    Now if I can figure out how to get my toolbar up again- I need my "Favorites" list back!

    It could be that there is a web browser incompatibility much like how some websites are optimized for say Internet Explorer while some are optimized for FireFox. I've never used FireFox extensively myself. I'm a primary winblows user myself however I would like to point out that I am a Linux noob with no unix/linux background and yet I have found Ubuntu to work like a charm. I have messed around with Knoppix Linux and RedHat Linux before but I have to saw the easiest version right out the box is Ubuntu. It's like you're using winblows but on a linux OS so the familiarity feel curve is about 5-10mins and you're rocking. Umm... even my friends 65yr old mother using it for the first time with no couching being a windows user was able to figure it out in about upper 12min range if that says anything.

    I highly recommend if you have a CD burner to go to www.ubuntu.com (direct link DL link here. http://www.ubuntu.com/getubuntu/download ) and get the full version for free. All the linux titles I've mentioned above are free and are liveCD's. What a liveCD means is that you can use the program as if it was fully installed on your computer but never installing a thing on your computer. What you do is burn Ubuntu to a CD then reboot your computer with it in the CD bay. Ubuntu will automatically run FROM THE CD BAY. First time I used Ubuntu it automatically detected the internet router and network settings so right out the get go I was able to surf the web. The printer setup I admit took me about 10mins to figure out () which on windows would have taken me about 2-3 mins to setup but now that I know I can set it up anytime. All the changes you make while running the liveCD will NOT be saved (I'm sure there is a way to but I don't know right now) and are only temporary personalized settings. The moment you reboot your computer and take out the Ubuntu CD your computer will reboot back to your previous OS (windows in your case) and nothing was ever installed on your computer.

    I say keep that Ubuntu CD handy because if/when (it's only a matter of when) windows ever crashes and you can't access the drive because of some boot sector error blue screen you have two options.

    1. Take out your HD drive and put another HD in that has an OS on it already and boot from the new HD and put your old HD in as a 'slave' so you can hoefully see the files (I was able to see my files when that happened) or

    2. Use Ubuntu or any other linux distro to boot up and see the files on your damaged HD and with a ext. HD copy all the files stuck on the drive to your portable HD and redo the OS on the old HD.


    Given that Ubuntu does not install anything on your computer, it's free full version DL, and it works right out the box for this linux noob means you've got nothing to lose but to try it out and expand your skills. I personally didn't have any problems using basic simple web surfing and messing around with the Open Office Suite software for the spreadsheet/doc. If I can do it (not to mention my friends 65yr old mother) anyone can.
    Zero_Enigma

  12. #12
    Senior Member Zero_Enigma's Avatar
    Join Date
    May 2006
    Location
    North of the 49th Parallel (GPS grid soon)
    My Bikes
    MTB Peugoet Canyon (forgot the model), Nikishi? roadbike, MTB custom build,
    Posts
    1,775
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ok, I clicked on Joel's website ( http://cgi.ebay.com/New-200-Lumens-C...QQcmdZViewItem ) and I was able to load it ok.

    I'm using Windows XP SP2 with Internet Explorer (IE version v7.0.5730.13) with Google popup ad blocker. The only thing I can think of that caused your system to lock up was that when I was on that link it did have a blocked out pop up message stating Ebay's Skype (internet phone) wanted to run some plugin or something which is probably what caused your system to go bonkers on you.

    Anyways this is what you would see on that website if you were able to go there. I took a screen capture with the blocked message for you all to check out.

    http://www.flickr.com/photos/49184877@N00/2783296994/ This is my site of crazy lighting, testing, and is work safe. Well the last one might be debatable as someone before said my how-to's to build a light looked like a how-to make a bomb which I was like 'WTF!? '. I'm sure to the technical people they'll know it's not a bombsite for the untechs and just fearing-a-la-on-the-news-everything-is-going-to-kill-you-and-is-a-bomb then yah they'll think otherwise but 5-10mins of just looking at the page clearly shows it's a FRIGGING LIGHT.
    \
    \

    Sorry for the vent. I go now for dinner.
    Zero_Enigma

  13. #13
    lube addict
    Join Date
    Jan 2008
    Location
    Central coast California
    My Bikes
    Specialized FSR-XC, Optima Baron, Bianchi Pista, Strida 5.0
    Posts
    515
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    No problem here either - typical eBay listing. (OSX in Safari. Windows is in my past - I try not to re-visit bad memories.)

  14. #14
    Zoom zoom zoom zoom bonk znomit's Avatar
    Join Date
    Sep 2006
    Location
    New Zealand
    My Bikes
    Giant Defy Composite,Trek 1.7c, Specy Hardrock, Nishiki SL1, Jamis Commuter
    Posts
    2,833
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I get this now in safari:
    Safari can’t open the page “http://cgi.ebay.com/New-200-Lumens-C...QcmdZViewItem”. The error was: “cannot decode raw data” (NSURLErrorDomain:-1015)
    I did manage to load it when this thread first appeared... just wanted to say I like the look of the battery pack!

  15. #15
    Senior Member
    Join Date
    Jul 2001
    Location
    minneapolis, mn
    Posts
    304
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The main problem is that IE's design by its very nature stinks to high heaven: the whole idea of
    using a "temporary internet files" location because microsoft believes 90% of the USA is still on
    dial-up is the cause. 98% of viruses get their start from the temporary internet files location.

    The worst deal is you cannot shut this off. It's a case of corporate thinking gone bonkers.

    Since I do this for a living I also see that the vast majority of viruses are either coming from
    (1) visiting compromised websites with IE or (2) unsafe surfing behavior (porn, gambling,
    software piracy/hacking sites, gaming sites with shady connections) also visiting with IE.

    Firefox is less likely to be compromised but when the OS is designed the way it is, you'll
    sooner or later encounter the crud.

    I've got Mac and Linux boxes at home thank God (OS X and Xandros actually).

    On Windows machines I ALWAYS ALWAYS ALWAYS do casual browsing with Firefox rather than
    Internet Explorer. Internet Explorer is to network security as a screen door with a hole in it is
    to "having a safe home".

    Also, recommendations:

    -Malwarebytes Anti-Malware.
    It's replaced Adaware and Spybot S&D in my arsenal of removal tools.

    -CCleaner (formerly Crapcleaner).

    -And whatever you do, be careful out there!

  16. #16
    Senior Member mechBgon's Avatar
    Join Date
    Jul 2002
    Posts
    6,957
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    On Windows machines I ALWAYS ALWAYS ALWAYS do casual browsing with Firefox rather than
    Internet Explorer. Internet Explorer is to network security as a screen door with a hole in it is
    to "having a safe home".
    Having done a great deal of actual malware hunting with IE7, I really don't agree with your generalization Both browsers should definitely be run at non-Admin user level, however, because neither browser will ever be perfect, and the bad guys will occasionally beat the good guys to the punch. Depriving the browser of Admin powers severely limits the impact of a successful exploit, if one does occur. And not just in the browser, but also the browser's add-ons and extensions. Without Admin rights, the bad guys can forget about installing rootkits, placing or modifying files in the Windows or Program Files directories, etc. I certainly support your option to run whatever browsers you prefer, but if the browser is being run with Admin-level privilege on the system, you're still playing with fire

    In today's world, vulnerable third-party browser add-ons and extensions are the bigger threat. Flash Player, Adobe Reader, RealPlayer, QuickTime, WinAmp, WinZip... these are a few of the third-party goodies that can usually be reached through your browser. Your browser can be secure, and still be used to call up e.g. Flash Player to exploit your system that way. On that note, I recommend the Secunia PSI utility to help fix as much vulnerable stuff as possible: https://psi.secunia.com

    For the power user who's converted to a non-Admin user account, Software Restriction Policy is also quite nifty. http://www.wilderssecurity.com/showthread.php?t=200772

  17. #17
    Senior Member sonicj's Avatar
    Join Date
    Jan 2008
    Posts
    98
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    back up your data regularly!

    win, linux, mac... catastrophic hardware failures do not discriminate!

  18. #18
    Happy old man al-wagner's Avatar
    Join Date
    Sep 2004
    Location
    West coast of New England
    My Bikes
    Trek 4500 mountain bike, Trek 7500fx disk, and Trek 2200 Road bike
    Posts
    622
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I just went to the site using IE and Vista and had NO PROBLEM
    http://www.thegmbc.com/
    http://www.gmaa.net/

    In New England we have nine months of winter and three months of damned poor sledding.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •