Cycling and bicycle discussion forums. 
   Click here to join our community Log in to access your Control Panel  


Go Back   > >

Electronics, Lighting, & Gadgets HRM, GPS, MP3, HID. Whether it's got an acronym or not, here's where you'll find discussions on all sorts of tools, toys and gadgets.

User Tag List

Reply
 
Thread Tools Search this Thread
Old 08-17-08, 05:09 PM   #1
UncleStu
Senior Member
Thread Starter
 
Join Date: Jan 2008
Location: Far NorthEast Texas
Bikes: Trek SU200, old Wards Hawthorne 3-speed
Posts: 87
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Beware: Don't click link in "CREE XR-E P4 bike light" thread

Don't click the link(supposedly to something on ebay) in the "CREE XR-E P4 bike light" thread, posted under username joelw135. Probably best not to open that post at all. When I clicked the link, it locked up my computer, & I had to shut it off to get free. When restarted, my computer showed a strong warning from my antivirus about "Trojan Horse" something or other. And now, my Windows toolbar at the top of the screen is gone. Admins, it's your call, but I think it might be best to delete that post.

Now if I can figure out how to get my toolbar up again- I need my "Favorites" list back!
UncleStu is offline   Reply With Quote
Old 08-17-08, 06:50 PM   #2
n4zou
Scott
 
n4zou's Avatar
 
Join Date: Jun 2006
Bikes: Too Many
Posts: 2,393
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Linux will solve your windoze problems.
http://www.ubuntu.com/
n4zou is offline   Reply With Quote
Old 08-17-08, 07:07 PM   #3
dorkypants
Senior Member
 
dorkypants's Avatar
 
Join Date: Feb 2006
Bikes:
Posts: 424
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Perhaps an unfortunate coincidence? I copy-pasted the URL referenced by the link into Firefox 3 Mac and got an eBay listing for a CREE LED XR-E P4 light.
dorkypants is offline   Reply With Quote
Old 08-17-08, 09:20 PM   #4
UncleStu
Senior Member
Thread Starter
 
Join Date: Jan 2008
Location: Far NorthEast Texas
Bikes: Trek SU200, old Wards Hawthorne 3-speed
Posts: 87
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
No habla Linux, not really an option for me. And maybe so, but it messed with my computer badly, and did so the instant I clicked on the link. It's still not acting normally. If it looks like a duck, etc...
UncleStu is offline   Reply With Quote
Old 08-17-08, 10:01 PM   #5
mechBgon
Senior Member
 
mechBgon's Avatar
 
Join Date: Jul 2002
Bikes:
Posts: 6,957
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Smile

Quote:
Originally Posted by n4zou View Post
Linux will solve your windoze problems.
http://www.ubuntu.com/
...or maybe securing Windows properly would be worth a try? Because there's plenty of exploits available for the bad guys to use against Linux systems, too.



Whatever platform you prefer to use, you should secure it, maintain your security patching on the OS and all installed software, and run stuff at the lowest privilege level you can.

I'll check out the allegedly-hostile link and see what's going on.

Update: I don't see any outright hostile stuff in the page's source code. The listing does use Flash menus, which holds various possibilities. For example, the server hosting the Flash stuff might've been compromised, and the innocent Flash might've been replaced with maliciously-rigged Flash that launches exploits (yes, even on Linux systems, if they have a vulnerable Flash Player installed).

Anyhow, UncleStu, if you need any help, feel free to drop me a PM. What was the exact name of the Trojan Horse that your antivirus reported? Your AV logs/reports should say. I strongly recommend checking your system with the free Secunia PSI utility, which will help you fix vulnerabilities in stuff like Flash Player, QuickTime Player, Adobe Reader, etc.

Last edited by mechBgon; 08-17-08 at 10:41 PM.
mechBgon is offline   Reply With Quote
Old 08-17-08, 11:10 PM   #6
n4zou
Scott
 
n4zou's Avatar
 
Join Date: Jun 2006
Bikes: Too Many
Posts: 2,393
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Quote:
Originally Posted by mechBgon View Post
...or maybe securing Windows properly would be worth a try? Because there's plenty of exploits available for the bad guys to use against Linux systems, too.



Whatever platform you prefer to use, you should secure it, maintain your security patching on the OS and all installed software, and run stuff at the lowest privilege level you can.

I'll check out the allegedly-hostile link and see what's going on.

Update: I don't see any outright hostile stuff in the page's source code. The listing does use Flash menus, which holds various possibilities. For example, the server hosting the Flash stuff might've been compromised, and the innocent Flash might've been replaced with maliciously-rigged Flash that launches exploits (yes, even on Linux systems, if they have a vulnerable Flash Player installed).

Anyhow, UncleStu, if you need any help, feel free to drop me a PM. What was the exact name of the Trojan Horse that your antivirus reported? Your AV logs/reports should say. I strongly recommend checking your system with the free Secunia PSI utility, which will help you fix vulnerabilities in stuff like Flash Player, QuickTime Player, Adobe Reader, etc.
You can never fully secure windoze. You can only secure it from known threats. New threats are accepted until found and anti virus software is updated in an attempt to prevent that specific threat. Linux has far fewer threats than windoze or MAC. All hackers use Linux to create windoze and MAC virus and trojans so they typically do not write virus and trojans for there own OS. Even if you manage to get one with Linux it's no where near as hard to recover from one. You simply boot your Live-CD and reinstall your Linux OS. There are no keys to type in or calling a tech to reload your windoze or MAC OS simply because it's all open source and free for everyone to use.
n4zou is offline   Reply With Quote
Old 08-17-08, 11:15 PM   #7
Yan 
BeaverTerror
 
Yan's Avatar
 
Join Date: Jan 2006
Location: Shanghai, China
Bikes: 1995 Kestrel 4000; 2013 True North Touring; 1989 Miele Tivoli; 1979 Colnago Sport
Posts: 1,812
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 33 Post(s)
I saw your post and couldn't help but click on that link

Nothing happened. It's just a regular ebay page for me. I'm using Firefox 3.0.1 on Windows XP.
__________________
Yan
Yan is offline   Reply With Quote
Old 08-17-08, 11:22 PM   #8
mechBgon
Senior Member
 
mechBgon's Avatar
 
Join Date: Jul 2002
Bikes:
Posts: 6,957
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Smile

Quote:
Originally Posted by n4zou View Post
You can only secure it from known threats. New threats are accepted until found and anti virus software is updated in an attempt to prevent that specific threat.
I'm sorry, but that is fundamentally incorrect. To name some examples of defending Windows from unknown threats, I can mention Software Restriction Policy and disabling AutoPlay, as well as low-rights operations, full hardware-enforced Data Execution Prevention (a feature of all recent CPUs), and the use of UAC and Protected Mode on Vista. This has nothing at all to do with antivirus software. It might be the realm of a HIPS, and some antivirus software does have HIPS-like features nowdays, but the basic idea is to start with the security capabilities of the OS and hardware themselves. They're extremely effective.

If you'd like a real-world example, complete with screen-capture video and a thorough explaination of the results, check my research on a WMF Exploit file using low-rights and/or Software Restriction Policy. That can be found here: http://www.antisource.com/forums/viewtopic.php?t=128 Enjoy!

Last edited by mechBgon; 08-18-08 at 12:43 AM.
mechBgon is offline   Reply With Quote
Old 08-18-08, 05:25 AM   #9
joelw135
Member
 
joelw135's Avatar
 
Join Date: Feb 2006
Location: Kendall Park, New Jersey
Bikes: ActionBent Trike
Posts: 30
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
There is nothing wrong with the page as I have gone there many times. You have a problem with your computer. It opens better in iE than in Firefox. You shouldn't start blaming people for posting a bad link unless you are certain.
joelw135 is offline   Reply With Quote
Old 08-18-08, 05:29 AM   #10
maximushq2
Senior Member
 
maximushq2's Avatar
 
Join Date: May 2005
Bikes: Specialized Stumpjumper FSR Comp, Specialized Rockhopper Comp, Gt Timberline
Posts: 282
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
I just use firefox w/ noscript that seems to keep a lot of nasties away, also of course use updated a/v and firewall. If I was gonna go surf some place shady I would look into using a sandbox for browsing also such as sandboxie. I missed my chance to check out your link, but if you still are having issues and think you have a trojan or other you can head over to http://www.wilderssecurity.com/ forums and some knowledgable people there can probably help you out.
maximushq2 is offline   Reply With Quote
Old 08-20-08, 09:03 PM   #11
Zero_Enigma
Senior Member
 
Zero_Enigma's Avatar
 
Join Date: May 2006
Location: North of the 49th Parallel (GPS grid soon)
Bikes: MTB Peugoet Canyon (forgot the model), Nikishi? roadbike, MTB custom build,
Posts: 1,765
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Quote:
Originally Posted by UncleStu View Post
Don't click the link(supposedly to something on ebay) in the "CREE XR-E P4 bike light" thread, posted under username joelw135. Probably best not to open that post at all. When I clicked the link, it locked up my computer, & I had to shut it off to get free. When restarted, my computer showed a strong warning from my antivirus about "Trojan Horse" something or other. And now, my Windows toolbar at the top of the screen is gone. Admins, it's your call, but I think it might be best to delete that post.

Now if I can figure out how to get my toolbar up again- I need my "Favorites" list back!

It could be that there is a web browser incompatibility much like how some websites are optimized for say Internet Explorer while some are optimized for FireFox. I've never used FireFox extensively myself. I'm a primary winblows user myself however I would like to point out that I am a Linux noob with no unix/linux background and yet I have found Ubuntu to work like a charm. I have messed around with Knoppix Linux and RedHat Linux before but I have to saw the easiest version right out the box is Ubuntu. It's like you're using winblows but on a linux OS so the familiarity feel curve is about 5-10mins and you're rocking. Umm... even my friends 65yr old mother using it for the first time with no couching being a windows user was able to figure it out in about upper 12min range if that says anything.

I highly recommend if you have a CD burner to go to www.ubuntu.com (direct link DL link here. http://www.ubuntu.com/getubuntu/download ) and get the full version for free. All the linux titles I've mentioned above are free and are liveCD's. What a liveCD means is that you can use the program as if it was fully installed on your computer but never installing a thing on your computer. What you do is burn Ubuntu to a CD then reboot your computer with it in the CD bay. Ubuntu will automatically run FROM THE CD BAY. First time I used Ubuntu it automatically detected the internet router and network settings so right out the get go I was able to surf the web. The printer setup I admit took me about 10mins to figure out () which on windows would have taken me about 2-3 mins to setup but now that I know I can set it up anytime. All the changes you make while running the liveCD will NOT be saved (I'm sure there is a way to but I don't know right now) and are only temporary personalized settings. The moment you reboot your computer and take out the Ubuntu CD your computer will reboot back to your previous OS (windows in your case) and nothing was ever installed on your computer.

I say keep that Ubuntu CD handy because if/when (it's only a matter of when) windows ever crashes and you can't access the drive because of some boot sector error blue screen you have two options.

1. Take out your HD drive and put another HD in that has an OS on it already and boot from the new HD and put your old HD in as a 'slave' so you can hoefully see the files (I was able to see my files when that happened) or

2. Use Ubuntu or any other linux distro to boot up and see the files on your damaged HD and with a ext. HD copy all the files stuck on the drive to your portable HD and redo the OS on the old HD.


Given that Ubuntu does not install anything on your computer, it's free full version DL, and it works right out the box for this linux noob means you've got nothing to lose but to try it out and expand your skills. I personally didn't have any problems using basic simple web surfing and messing around with the Open Office Suite software for the spreadsheet/doc. If I can do it (not to mention my friends 65yr old mother) anyone can.
Zero_Enigma is offline   Reply With Quote
Old 08-20-08, 09:17 PM   #12
Zero_Enigma
Senior Member
 
Zero_Enigma's Avatar
 
Join Date: May 2006
Location: North of the 49th Parallel (GPS grid soon)
Bikes: MTB Peugoet Canyon (forgot the model), Nikishi? roadbike, MTB custom build,
Posts: 1,765
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Ok, I clicked on Joel's website ( http://cgi.ebay.com/New-200-Lumens-C...QQcmdZViewItem ) and I was able to load it ok.

I'm using Windows XP SP2 with Internet Explorer (IE version v7.0.5730.13) with Google popup ad blocker. The only thing I can think of that caused your system to lock up was that when I was on that link it did have a blocked out pop up message stating Ebay's Skype (internet phone) wanted to run some plugin or something which is probably what caused your system to go bonkers on you.

Anyways this is what you would see on that website if you were able to go there. I took a screen capture with the blocked message for you all to check out.

http://www.flickr.com/photos/49184877@N00/2783296994/ This is my site of crazy lighting, testing, and is work safe. Well the last one might be debatable as someone before said my how-to's to build a light looked like a how-to make a bomb which I was like 'WTF!? '. I'm sure to the technical people they'll know it's not a bombsite for the untechs and just fearing-a-la-on-the-news-everything-is-going-to-kill-you-and-is-a-bomb then yah they'll think otherwise but 5-10mins of just looking at the page clearly shows it's a FRIGGING LIGHT.
\
\

Sorry for the vent. I go now for dinner.
Zero_Enigma is offline   Reply With Quote
Old 08-20-08, 10:15 PM   #13
chainstrainer
lube addict
 
Join Date: Jan 2008
Location: Central coast California
Bikes: Specialized FSR-XC, Optima Baron, Bianchi Pista, Strida 5.0
Posts: 515
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
No problem here either - typical eBay listing. (OSX in Safari. Windows is in my past - I try not to re-visit bad memories.)
chainstrainer is offline   Reply With Quote
Old 08-20-08, 11:44 PM   #14
znomit
Zoom zoom zoom zoom bonk
 
znomit's Avatar
 
Join Date: Sep 2006
Location: New Zealand
Bikes: Giant Defy Composite,Trek 1.7c, Specy Hardrock, Nishiki SL1, Jamis Commuter
Posts: 3,309
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 3 Post(s)
I get this now in safari:
Safari can’t open the page “http://cgi.ebay.com/New-200-Lumens-C...QcmdZViewItem”. The error was: “cannot decode raw data” (NSURLErrorDomain:-1015)
I did manage to load it when this thread first appeared... just wanted to say I like the look of the battery pack!
znomit is offline   Reply With Quote
Old 08-21-08, 10:38 AM   #15
aliensporebomb
Senior Member
 
Join Date: Jul 2001
Location: minneapolis, mn
Bikes:
Posts: 304
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
The main problem is that IE's design by its very nature stinks to high heaven: the whole idea of
using a "temporary internet files" location because microsoft believes 90% of the USA is still on
dial-up is the cause. 98% of viruses get their start from the temporary internet files location.

The worst deal is you cannot shut this off. It's a case of corporate thinking gone bonkers.

Since I do this for a living I also see that the vast majority of viruses are either coming from
(1) visiting compromised websites with IE or (2) unsafe surfing behavior (porn, gambling,
software piracy/hacking sites, gaming sites with shady connections) also visiting with IE.

Firefox is less likely to be compromised but when the OS is designed the way it is, you'll
sooner or later encounter the crud.

I've got Mac and Linux boxes at home thank God (OS X and Xandros actually).

On Windows machines I ALWAYS ALWAYS ALWAYS do casual browsing with Firefox rather than
Internet Explorer. Internet Explorer is to network security as a screen door with a hole in it is
to "having a safe home".

Also, recommendations:

-Malwarebytes Anti-Malware.
It's replaced Adaware and Spybot S&D in my arsenal of removal tools.

-CCleaner (formerly Crapcleaner).

-And whatever you do, be careful out there!
aliensporebomb is offline   Reply With Quote
Old 08-21-08, 11:03 PM   #16
mechBgon
Senior Member
 
mechBgon's Avatar
 
Join Date: Jul 2002
Bikes:
Posts: 6,957
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Quote:
On Windows machines I ALWAYS ALWAYS ALWAYS do casual browsing with Firefox rather than
Internet Explorer. Internet Explorer is to network security as a screen door with a hole in it is
to "having a safe home".
Having done a great deal of actual malware hunting with IE7, I really don't agree with your generalization Both browsers should definitely be run at non-Admin user level, however, because neither browser will ever be perfect, and the bad guys will occasionally beat the good guys to the punch. Depriving the browser of Admin powers severely limits the impact of a successful exploit, if one does occur. And not just in the browser, but also the browser's add-ons and extensions. Without Admin rights, the bad guys can forget about installing rootkits, placing or modifying files in the Windows or Program Files directories, etc. I certainly support your option to run whatever browsers you prefer, but if the browser is being run with Admin-level privilege on the system, you're still playing with fire

In today's world, vulnerable third-party browser add-ons and extensions are the bigger threat. Flash Player, Adobe Reader, RealPlayer, QuickTime, WinAmp, WinZip... these are a few of the third-party goodies that can usually be reached through your browser. Your browser can be secure, and still be used to call up e.g. Flash Player to exploit your system that way. On that note, I recommend the Secunia PSI utility to help fix as much vulnerable stuff as possible: https://psi.secunia.com

For the power user who's converted to a non-Admin user account, Software Restriction Policy is also quite nifty. http://www.wilderssecurity.com/showthread.php?t=200772

Last edited by mechBgon; 08-21-08 at 11:25 PM.
mechBgon is offline   Reply With Quote
Old 08-23-08, 03:21 AM   #17
sonicj
Senior Member
 
sonicj's Avatar
 
Join Date: Jan 2008
Bikes:
Posts: 98
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
back up your data regularly!

win, linux, mac... catastrophic hardware failures do not discriminate!
sonicj is offline   Reply With Quote
Old 08-23-08, 07:22 AM   #18
al-wagner
Happy old man
 
al-wagner's Avatar
 
Join Date: Sep 2004
Location: West coast of New England
Bikes: Trek 4500 mountain bike, Trek 7500fx disk, and Trek 2200 Road bike
Posts: 622
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
I just went to the site using IE and Vista and had NO PROBLEM
__________________
http://www.thegmbc.com/
http://www.gmaa.net/

In New England we have nine months of winter and three months of damned poor sledding.
al-wagner is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT -6. The time now is 12:26 AM.