www.microsoft.ie this morning.
Hi everyone,
I'm starting this thread because I'm looking for some information on the retention and security of my data. Like everyone else in this country, I have a mobile phone and have had the same number for 4 years now.
But I often wonder about my mobile network (meteor)'s handling of my data. I'm sure it is very secure but its something I've just become interested in finding out more about. I've read their privacy policy but its very long and contains legal language I cant get my head around sometimes!
Does anyone know:
1. Exactly how long meteor holds your data for and for what purposes (in layman's terms!)?
2. What does it do with the data when finished with it?
3. Does it have access to the data it must hold for 3 years (due to legal reasons)?
4. Does anyone know how secure our data is - can just about anyone go and access the data that is only there for 3 years in case the gardai need to access it?
By the way, I e-mailed meteor about this but the person who deals with data protection wont be back until January so said I'd ask on here.Has anyone encountered this elephant of a malware.It was ingrained into the
microsoft updates, (so it seemed) and was impossible to remove.
It was the intelligent thinking of mate who did a system restore on the computer to a earlier date that finally removed it safely from the system.Ive found this using Spybot S&D:
Win32.ciadoor.cj
It seems to be coming from here :
HKEY_LOCAL_MACHINESYSTEMControlSet003ServicesXPROTECTOR
It is seriously increasing the time it takes me to get online after boot up.From clicking the Internet Explorer icon to being able to use a website is taking 2 or 3 minutes !
Ive ran FULL scans on AVG ,SpyWare Blaster CCCleaner,EasyCleaner etc and deleted many start up programs
Heres my Hijack This Log:
Logfile of HijackThis v1.99.1
Scan saved at 02:15:02, on 20/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Running processes:
G:WINDOWSSystem32smss.exe
G:WINDOWSsystem32winlogon.exe
G:WINDOWSsystem32services.exe
G:WINDOWSsystem32lsass.exe
G:WINDOWSsystem32Ati2evxx.exe
G:WINDOWSsystem32svchost.exe
G:WINDOWSSystem32svchost.exe
G:WINDOWSsystem32Ati2evxx.exe
G:WINDOWSsystem32spoolsv.exe
G:Program FilesCreativeShared FilesCTAudSvc.exe
G:WINDOWSExplorer.EXE
G:Program FilesCreativeVolume PanelVolPanlu.exe
G:WINDOWSSYSTEM32CTXFISPI.EXE
G:WINDOWSsystem32CTXFIHLP.EXE
G:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe
G:WINDOWSsystem32ctfmon.exe
G:Program FilesSpybot - Search & DestroyTeaTimer.exe
G:Program FilesATI TechnologiesATI.ACECore-Staticccc.exe
G:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
G:Program FilesBonjourmDNSResponder.exe
G:WINDOWSsystem32svchost.exe
G:Program FilesJavajre6binjqs.exe
G:Program FilesCommon FilesLightScribeLSSrvc.exe
G:WINDOWSSystem32svchost.exe
G:WINDOWSSystem32svchost.exe
G:WINDOWSsystem32PnkBstrA.exe
G:WINDOWSsystem32svchost.exe
G:Program FilesToniArtsEasyCleanerEasyClea.exe
G:Program FilesInternet Exploreriexplore.exe
G:Program FilesInternet Exploreriexplore.exe
G:Program FilesHPDigital ImagingSmart Web Printinghpswp_clipbook.exe
G:Program FilesInternet Exploreriexplore.exe
G:Program FilesInternet Exploreriexplore.exe
G:Documents and SettingsJohn HDesktopHIJACK THISHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.eircom.net/email
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
O2 - BHO: HP Print Enhancer - [Macro error: Can't compile this script because of a syntax error.] - G:Program FilesHPDigital ImagingSmart Web Printinghpswp_printenhancer.dll
O2 - BHO: Spybot-S&D IE Protection - [Macro error: Can't compile this script because of a syntax error.] - G:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - [Macro error: Can't compile this script because of a syntax error.] - G:Program FilesJavajre6binssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - [Macro error: Can't compile this script because of a syntax error.] - G:Program FilesJavajre6binjp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - [Macro error: Can't compile this script because of a syntax error.] - G:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O2 - BHO: HP Smart BHO Class - [Macro error: Can't compile this script because of a syntax error.] - G:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll
O4 - HKLM..Run: [VolPanel] "G:Program FilesCreativeVolume PanelVolPanlu.exe" /r
O4 - HKLM..Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM..Run: [StartCCC] "G:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun
O4 - HKCU..Run: [CTFMON.EXE] G:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [SpybotSD TeaTimer] G:Program FilesSpybot - Search & DestroyTeaTimer.exe
O9 - Extra button: HP Smart Select - [Macro error: Can't compile this script because of a syntax error.] - G:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll
O9 - Extra button: (no name) - [Macro error: Can't compile this script because of a syntax error.] - G:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - [Macro error: Can't compile this script because of a syntax error.] - G:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra button: (no name) - [Macro error: Can't compile this script because of a syntax error.] - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - [Macro error: Can't compile this script because of a syntax error.] - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra button: Messenger - [Macro error: Can't compile this script because of a syntax error.] - G:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - [Macro error: Can't compile this script because of a syntax error.] - G:Program FilesMessengermsmsgs.exe
O10 - Unknown file in Winsock LSP: g:program filesbonjourmdnsnsp.dll
O16 - DPF: [Macro error: Can't compile this script because of a syntax error.] (MUWebControl Class) - http://update.microsoft.com/microsof...?1229726699437
O20 - Winlogon Notify: !SASWinLogon - G:Program FilesSUPERAntiSpywareSASWINLO.dll
O21 - SSODL: WPDShServiceObj - [Macro error: Can't compile this script because of a syntax error.] - G:WINDOWSsystem32WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple Inc. - G:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - G:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - G:WINDOWSsystem32ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - G:Program FilesBonjourmDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - G:Program FilesCommon FilesCreative Labs SharedServiceCTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - G:Program FilesCreativeShared FilesCTAudSvc.exe
O23 - Service: iPod Service - Apple Inc. - G:Program FilesiPodbiniPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - G:Program FilesJavajre6binjqs.exe" -service -config "G:Program FilesJavajre6libdeployjqsjqs.conf (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - G:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 - Service: NBService - Nero AG - G:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 - Service: NMIndexingService - Nero AG - G:Program FilesCommon FilesAheadLibNMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - G:WINDOWSsystem32PnkBstrA.exe
How bad is this infection?Can it be removed?Is it an issue using Ebay ,Paypal etc?Should I reformat?I make a point of clearing all my cookies ,history etc on the basis that these might be 'transmitted' by the Trojan ?Is there any point in this ?When a photo is taken on some of the newer phones they add a geotag or whatever to the photo.
How is it possible to read this information on a PC? How do you use it?
Also, how is it possible to ensure your photos don't contain any of this info?
ThanksSSL certificates - root certificate exploit.
SSL certificates that use the MD5 hash are open to an exploit, which allows fake certificates to be issued to any website.
You can check the certificate signature algorithm in the certificate details box to see if MD5 hash was used. eg https://www.verisign.com uses sha-1. www.trustcenter.de uses MD5 - if you follow links to one of their secure pages to buy a certificate. (I'm not suggesting that trustcenter.de are involved in fake certificates - simply that they are using MD5 as of when I am posting this).
More:
http://securosis.com/2008/12/30/what...ority-exploit/Damage Control - third party gains access to emails.
What would you do if a third party had access to your emails? They only had read access and could not send / delete any. They could read all sent and received emails.
They may have had access for up to 6 months.
This email account contained all personal emails - i.e. things like Ryanair confirmations, discussions with an mobile provider about accounts, confirmatins of various online orders, all the usual stuff etc
What's your first step after you've changed the password and made sure the same thing can't happen again?
Do you try and go back through all the emails you've sent / received to see if anything crucial was there?
Do you just change every password for every online service you ever had?
Do you just hope for the best and assume any damage that could have been done is done already?
Do you start asking for new flight confirmation references? Emailing anyone who might have emailed you something important?
Any feedback welcomed.HKC alarm saab strobe and internal bell not working.
sorry wrong forumQuick question for anyone who knows - it seems to me that anyone can trace an IP back to a general location like a city or whatever - does anyone know if you can trace one to an exact location like a street? I tried entering in mine into various IP locating sites but every time it traces back to Dublin city/Mespil Road area (google map) - which is not where I live at all. Lets say I want to send an email to someone but I don't want them to be able to track me to my house number for various reasons..........I know there are various forms of anti-IP locating software but I would be just happier to know that anyone in Dublin is traceable ONLY and every time back to this Dublin City/Mespil road area location.....because then there's no worries.........any thoughts............and for god sake don't geek me out of it with correction to my terminology or with a whole load of jargon coz I will be forced to come down to Dublin City/Mespil road area and kick your asses : )
thanksStandards for collection & storage of banking information?.
Does anyone know of any industry standards similar to PCI-DSS that exist around the area of collection and storage of bank account details?http://www.wired.com/techbiz/people/...?currentPage=1
The man who tried to become the kingpin of CC fraud, and how it all fell apart.Acrobat 8 passwords more secure than Acrobat 9.
"actually security level is determined by the weakest link. In case if strong cryptography is used, the weakest link is a password - it could be guessed much easily than encryption key. Computers become faster every year. And common practice is to increase complexity of password testing process in new versions of software. But Adobe decided to make password testing faster."
They are going from a 128 bit system to a 256 bit encryption which is 1,000's of times easier to brute force :rolleyes:
http://blogs.zdnet.com/security/?p=2271&;tag=rbxccnbzd1Quote:
Q: Compared to Adobe Reader 8.0, how has your brute force rate improved by taking advantage of the flaw in numbers?
A: In Acrobat versions from 5 to 8, it was needed to make 51 MD5 calls and 20 RC4 calls, making password verification relatively slow, and so brute-force attacks were not effective — only about 50,000 passwords per second on modern Intel processor, so even 6-character password was strong enough.
In Acrobat version 9, password checking routine consist of just one call to SHA256 hash function. That function can be implemented really effectively on all modern CPUs with SSE2 instruction set, with linear scalability on multi-core and multi-CPU systems, allowing to reach the speed from 5 to 10 million passwords per second. Moreover, SHA256 algorithm fits really good to stream processors such as ones used in NVIDIA video cards, reaching the speed of up to 100 million passwords per second on a single GPU, again with a linear scalability to multi-GPU systems and Tesla. That makes even 8-character password (mixed uppercase and lowercase letters) not secure.
To be more precise, Q6600 - iCore 4 cores on 2.4GHz :
Acrobat 8 ~ 56 700 p/s for user password
Acrobat 9 ~ 5 100 000 p/s for user password on one core
Acrobat 9 ~ 20 350 000 p/s on Q6600 (4 cores)
GPU GTX260 has 192 stream processors:
Acrobat 9 ~ 74 500 000 p/s
Refresh.