On Mon, 11 Dec 2023 09:58:30 -0000 (UTC)
jon <jon@nospam.cn> wrote:

I wonder sometimes just how critical some of these viruses are to
general activities. I have one computer that is absolutely rotten, if
you believe malwarebytes, but it has a number of indispensable
applications on it that I just can't replace without anti-virus
software deleting them. I do nothing important on this computer such
as money activities and storing important passwords, but I need to
keep it running as a daily workhorse.

A good anti malware application would be a program that actually
cleans the files instead of just deleting them.

This reminds me of the saying: "One man's freedom fighter is another
man's terrorist".

--
Davey.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

I wonder sometimes just how critical some of these viruses are to general activities. I have one computer that is absolutely rotten, if you believe malwarebytes, but it has a number of indispensable applications on it that
I just can't replace without anti-virus software deleting them. I do
nothing important on this computer such as money activities and storing important passwords, but I need to keep it running as a daily workhorse.

A good anti malware application would be a program that actually cleans
the files instead of just deleting them.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 11/12/2023 10:01, Davey wrote:

On Mon, 11 Dec 2023 09:58:30 -0000 (UTC)
jon <jon@nospam.cn> wrote:

I wonder sometimes just how critical some of these viruses are to
general activities. I have one computer that is absolutely rotten, if
you believe malwarebytes, but it has a number of indispensable
applications on it that I just can't replace without anti-virus
software deleting them. I do nothing important on this computer such
as money activities and storing important passwords, but I need to
keep it running as a daily workhorse.

A good anti malware application would be a program that actually
cleans the files instead of just deleting them.

This reminds me of the saying: "One man's freedom fighter is another
man's terrorist".

"We've scanned your computer and you have malware. Download our software
AT ONCE."

I they really scanned your computer, they ARE malware.

--
Max Demian

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 11/12/2023 09:58, jon wrote:

I wonder sometimes just how critical some of these viruses are to general activities. I have one computer that is absolutely rotten, if you believe malwarebytes, but it has a number of indispensable applications on it that
I just can't replace without anti-virus software deleting them.

So create exceptions in the AV software to tell it that you are aware of
the potential risk, but would like to accept it.

Have you checked what software it is complaining about and why?

You also need to distinguish between classes of malware. Many system
level utility programs may be classed as Potentially Unwanted Programs -
but it all depends on context.

Say your AV platform warns you about a potential hacking application
like an encrypted password recovery tool. It might be because you
downloaded MailPass from Nirsoft to recover your forgotten password from outlook. Or it might be that you have remote access trojan installed
that you did not know about, and the bot herder driving it has decided
to do a full scan of your PC to recover any passwords and account
details it can find.

How you feel about the associated risk may very significantly - so don't
shoot the messenger.

I do
nothing important on this computer such as money activities and storing important passwords, but I need to keep it running as a daily workhorse.

Does it need to be connected to the internet? If not, keep it "air gapped".

A good anti malware application would be a program that actually cleans
the files instead of just deleting them.

Yeah right... think about that for a moment! How does it repair an
altered file back to its initial state? Using an infinite database of
every version of every executable from every manufacturer?


--
Cheers,

John.

/=================================================================\
| Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk | \=================================================================/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 11-Dec-23 15:48, John Rumm wrote:

On 11/12/2023 09:58, jon wrote:

I wonder sometimes just how critical some of these viruses are to general
activities. I have one computer that is absolutely rotten, if you believe
malwarebytes, but it has a number of indispensable applications on it
that
I just can't replace without anti-virus software deleting them.

So create exceptions in the AV software to tell it that you are aware of
the potential risk, but would like to accept it.

Have you checked what software it is complaining about and why?

You also need to distinguish between classes of malware. Many system
level utility programs may be classed as Potentially Unwanted Programs -
but it all depends on context.

Say your AV platform warns you about a potential hacking application
like an encrypted password recovery tool. It might be because you
downloaded MailPass from Nirsoft to recover your forgotten password from outlook. Or it might be that you have remote access trojan installed
that you did not know about, and the bot herder driving it has decided
to do a full scan of your PC to recover any passwords and account
details it can find.

How you feel about the associated risk may very significantly - so don't shoot the messenger.

I do
nothing important on this computer such as money activities and storing
important passwords, but I need to keep it running as a daily workhorse.

Does it need to be connected to the internet? If not, keep it "air gapped".

A good anti malware application would be a program that actually cleans
the files instead of just deleting them.

Yeah right... think about that for a moment! How does it repair an
altered file back to its initial state? Using an infinite database of
every version of every executable from every manufacturer?

I have occasionally had an anti-virus scan which picked up a new
high-profile virus/trojan horse.
The files it points at are tucked away on an 'archive' HDD, approx 10
years old, and haven't been run in nearly as long.
Hmm.

--
Sam Plusnet

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 11/12/2023 19:07, Sam Plusnet wrote:

On 11-Dec-23 15:48, John Rumm wrote:

On 11/12/2023 09:58, jon wrote:

I wonder sometimes just how critical some of these viruses are to
general
activities. I have one computer that is absolutely rotten, if you
believe
malwarebytes, but it has a number of indispensable applications on it
that
I just can't replace without anti-virus software deleting them.

So create exceptions in the AV software to tell it that you are aware
of the potential risk, but would like to accept it.

Have you checked what software it is complaining about and why?

You also need to distinguish between classes of malware. Many system
level utility programs may be classed as Potentially Unwanted Programs
- but it all depends on context.

Say your AV platform warns you about a potential hacking application
like an encrypted password recovery tool. It might be because you
downloaded MailPass from Nirsoft to recover your forgotten password
from outlook. Or it might be that you have remote access trojan
installed that you did not know about, and the bot herder driving it
has decided to do a full scan of your PC to recover any passwords and
account details it can find.

How you feel about the associated risk may very significantly - so
don't shoot the messenger.

I do
nothing important on this computer such as money activities and storing
important passwords, but I need to keep it running as a daily workhorse.

Does it need to be connected to the internet? If not, keep it "air
gapped".

A good anti malware application would be a program that actually cleans
the files instead of just deleting them.

Yeah right... think about that for a moment! How does it repair an
altered file back to its initial state? Using an infinite database of
every version of every executable from every manufacturer?

I have occasionally had an anti-virus scan which picked up a new
high-profile virus/trojan horse.
The files it points at are tucked away on an 'archive' HDD, approx 10
years old, and haven't been run in nearly as long.
Hmm.

Yup false positives are a problem with all AV tools.


--
Cheers,

John.

/=================================================================\
| Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk | \=================================================================/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 11/12/2023 15:48, John Rumm wrote:

I do
nothing important on this computer such as money activities and storing
important passwords, but I need to keep it running as a daily workhorse.

Does it need to be connected to the internet? If not, keep it "air gapped".

I'll second that. I wouldn't want a computer that failed AV tests on the network. If it's unconnected to anything, that's much less of an issue.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 11 Dec 2023 20:28:02 +0000, John Rumm wrote:

On 11/12/2023 19:07, Sam Plusnet wrote:

On 11-Dec-23 15:48, John Rumm wrote:

On 11/12/2023 09:58, jon wrote:

I wonder sometimes just how critical some of these viruses are to
general activities. I have one computer that is absolutely rotten, if
you believe malwarebytes, but it has a number of indispensable
applications on it that I just can't replace without anti-virus
software deleting them.

So create exceptions in the AV software to tell it that you are aware
of the potential risk, but would like to accept it.

Have you checked what software it is complaining about and why?

You also need to distinguish between classes of malware. Many system
level utility programs may be classed as Potentially Unwanted Programs
- but it all depends on context.

Say your AV platform warns you about a potential hacking application
like an encrypted password recovery tool. It might be because you
downloaded MailPass from Nirsoft to recover your forgotten password
from outlook. Or it might be that you have remote access trojan
installed that you did not know about, and the bot herder driving it
has decided to do a full scan of your PC to recover any passwords and
account details it can find.

How you feel about the associated risk may very significantly - so
don't shoot the messenger.

I do nothing important on this computer such as money activities and
storing important passwords, but I need to keep it running as a daily
workhorse.

Does it need to be connected to the internet? If not, keep it "air
gapped".

A good anti malware application would be a program that actually
cleans the files instead of just deleting them.

Yeah right... think about that for a moment! How does it repair an
altered file back to its initial state? Using an infinite database of
every version of every executable from every manufacturer?

I have occasionally had an anti-virus scan which picked up a new
high-profile virus/trojan horse.
The files it points at are tucked away on an 'archive' HDD, approx 10
years old, and haven't been run in nearly as long.
Hmm.

Yup false positives are a problem with all AV tools.

Malwarebytes detects 192 infected files, but superspyware with a 175MB up
to date database, only detects one and that is an adware tracker, all
seems a bit arbitrary to me. I know the antivirus companies want to make
money, but wonder how much they use scare tactics.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 11 Dec 2023 09:58:30 +0000, jon wrote:

I wonder sometimes just how critical some of these viruses are to
general activities.

Running linux can relieve of some of that thought.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 12/12/2023 07:21, Jethro_uk wrote:

On Mon, 11 Dec 2023 09:58:30 +0000, jon wrote:

I wonder sometimes just how critical some of these viruses are to
general activities.

Running linux can relieve of some of that thought.

+10001

I am fairly certain I have been emailed at least 200 suspect attachments
and downloaded many hundreds of suspect items on Linux in the last 20
years.

I have never had an issue.

I run no virus scanners. I don't know whether there are any, for Linux.


--
“I know that most men, including those at ease with problems of the greatest complexity, can seldom accept even the simplest and most
obvious truth if it be such as would oblige them to admit the falsity of conclusions which they have delighted in explaining to colleagues, which
they have proudly taught to others, and which they have woven, thread by thread, into the fabric of their lives.”

― Leo Tolstoy

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, 12 Dec 2023 09:07:20 +0000, The Natural Philosopher wrote:

On 12/12/2023 07:21, Jethro_uk wrote:

On Mon, 11 Dec 2023 09:58:30 +0000, jon wrote:

I wonder sometimes just how critical some of these viruses are to
general activities.

Running linux can relieve of some of that thought.

+10001

I am fairly certain I have been emailed at least 200 suspect attachments
and downloaded many hundreds of suspect items on Linux in the last 20
years.

I have never had an issue.

I run no virus scanners. I don't know whether there are any, for Linux.

clamav ?

Although that is mainly used where I am to scan attachments to and from *Windows* PCs.

Some people think it's a weight of numbers issue. If 90% of the world ran
linux desktops, then maybe they'd be as vulnerable.

For myself, I think it's more fundamental than that. Linux was built from
the ground up (like *nix) with a damn good model of security and
understanding that the user at the console is more likely than not, *not*
an admin.

However having just wasted half a day with a ****ing wifi issue with
Jammy Jellyfish that may not ever be fixed, I don't think we are there
yet.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, 12 Dec 2023 19:58:21 -0000 (UTC)
Jethro_uk <jethro_uk@hotmailbin.com> wrote:

On Tue, 12 Dec 2023 09:07:20 +0000, The Natural Philosopher wrote:

On 12/12/2023 07:21, Jethro_uk wrote:

On Mon, 11 Dec 2023 09:58:30 +0000, jon wrote:

I wonder sometimes just how critical some of these viruses are to
general activities.

Running linux can relieve of some of that thought.

+10001

I am fairly certain I have been emailed at least 200 suspect
attachments and downloaded many hundreds of suspect items on Linux
in the last 20 years.

I have never had an issue.

I run no virus scanners. I don't know whether there are any, for
Linux.

clamav ?

Although that is mainly used where I am to scan attachments to and
from *Windows* PCs.

Some people think it's a weight of numbers issue. If 90% of the world
ran linux desktops, then maybe they'd be as vulnerable.

For myself, I think it's more fundamental than that. Linux was built
from the ground up (like *nix) with a damn good model of security and understanding that the user at the console is more likely than not,
*not* an admin.

A lot of Windows users run with admin privileges, which saves them
time and allows malware to be installed on their machines. Apart from
some Ubuntu users, most Linux users have more sense.

However having just wasted half a day with a ****ing wifi issue with
Jammy Jellyfish that may not ever be fixed, I don't think we are
there yet.

I did say *some*.

--
Joe

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 12/12/2023 19:58, Jethro_uk wrote:

However having just wasted half a day with a ****ing wifi issue with
Jammy Jellyfish that may not ever be fixed, I don't think we are there
yet.

Odd hardware?

--
I was brought up to believe that you should never give offence if you
can avoid it; the new culture tells us you should always take offence if
you can. There are now experts in the art of taking offence, indeed
whole academic subjects, such as 'gender studies', devoted to it.

Sir Roger Scruton

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 12/12/2023 21:50, Joe wrote:

On Tue, 12 Dec 2023 19:58:21 -0000 (UTC)
Jethro_uk <jethro_uk@hotmailbin.com> wrote:

On Tue, 12 Dec 2023 09:07:20 +0000, The Natural Philosopher wrote:

On 12/12/2023 07:21, Jethro_uk wrote:

On Mon, 11 Dec 2023 09:58:30 +0000, jon wrote:

I wonder sometimes just how critical some of these viruses are to
general activities.

Running linux can relieve of some of that thought.

+10001

I am fairly certain I have been emailed at least 200 suspect
attachments and downloaded many hundreds of suspect items on Linux
in the last 20 years.

I have never had an issue.

I run no virus scanners. I don't know whether there are any, for
Linux.

clamav ?

Although that is mainly used where I am to scan attachments to and
from *Windows* PCs.

Some people think it's a weight of numbers issue. If 90% of the world
ran linux desktops, then maybe they'd be as vulnerable.

For myself, I think it's more fundamental than that. Linux was built
from the ground up (like *nix) with a damn good model of security and
understanding that the user at the console is more likely than not,
*not* an admin.

A lot of Windows users run with admin privileges, which saves them
time and allows malware to be installed on their machines. Apart from
some Ubuntu users, most Linux users have more sense.

However having just wasted half a day with a ****ing wifi issue with
Jammy Jellyfish that may not ever be fixed, I don't think we are
there yet.

I did say *some*.

Not running as root but having a simple and defined method to raise user priviliges is a decent compromise, which is why it is the linux default.

--
I was brought up to believe that you should never give offence if you
can avoid it; the new culture tells us you should always take offence if
you can. There are now experts in the art of taking offence, indeed
whole academic subjects, such as 'gender studies', devoted to it.

Sir Roger Scruton

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 12/12/2023 4:50 PM, Joe wrote:

On Tue, 12 Dec 2023 19:58:21 -0000 (UTC)
Jethro_uk <jethro_uk@hotmailbin.com> wrote:

On Tue, 12 Dec 2023 09:07:20 +0000, The Natural Philosopher wrote:

On 12/12/2023 07:21, Jethro_uk wrote:

On Mon, 11 Dec 2023 09:58:30 +0000, jon wrote:

I wonder sometimes just how critical some of these viruses are to
general activities.

Running linux can relieve of some of that thought.

+10001

I am fairly certain I have been emailed at least 200 suspect
attachments and downloaded many hundreds of suspect items on Linux
in the last 20 years.

I have never had an issue.

I run no virus scanners. I don't know whether there are any, for
Linux.

clamav ?

Although that is mainly used where I am to scan attachments to and
from *Windows* PCs.

Some people think it's a weight of numbers issue. If 90% of the world
ran linux desktops, then maybe they'd be as vulnerable.

For myself, I think it's more fundamental than that. Linux was built
from the ground up (like *nix) with a damn good model of security and
understanding that the user at the console is more likely than not,
*not* an admin.

A lot of Windows users run with admin privileges, which saves them
time and allows malware to be installed on their machines. Apart from
some Ubuntu users, most Linux users have more sense.

We can divide the Windows users into three groups.

1) Most users don't know how to use the computer.
They can get the browser open. And that gives a feeling of accomplishment.
Some will manage to click the UAC prompt, but they may lack
the ability to discriminate when they should *refuse* such a request.
UAC only works, if the user knows when to click Cancel.

2) Some users learn things. Here is my Notes file entry.

net user administrator /active:yes # This enables the "Real Administrator" account
Set a password # Guess what. No additional privs are the result.
Doesn't really help # Uh huh.

What the users notice, is this does not help in the least.
There are still lots of things, that don't "tip over" when
you "bump them as the Administrator".

This attempt, to "do a Windows 98" to the OS, simply does not work.
The results are disappointing.

A user in this environment, can use DropMyRights, to return
an operation to the unelevated state. You can run inverted this
way, in your Sopwith Camel.

DropMyRights.exe Firefox.exe # Run Firefox un-elevated, from the Real Administrator account

3) Applications like psexec and RunFromToken, are the next level.

psexec64.exe -hsi cmd <=== 64 bit OS, opens SYSTEM cmd.exe window

RunFromToken.exe trustedinstaller.exe 1 cmd <=== Opens a TrustedInstaller window. Run Regedit from here.
This does not work, unless you start the msiexec service
less than five seconds before issuing the command.
TrustedInstaller is not a real account, and exists as a token.

When a permission problem arises (even the Registry has permissions inside), there are ways to get there. I think the last time I tried to use
psexec there was a problem with it.

Since these methods (3) are transient, there is little risk of the
user starting Firefox as TrustedInstaller. It's (2), where a dumbass
can get in a lot of trouble. And there really aren't that many people headstrong enough to stay at (2). There is one IT level guy who does
this (2) though <eyeroll!>. I don't think you get a Cert doing that.

I would dispute that the number of (2) people is significant.
I know that many have tried. But there's really no reason
to continue running that way.

*******

To tip over a Windows machine with malware *does not* require Administrator. The malware is perfectly capable of defeating all protections. It's
the *users* who cannot operate their own machine, because of the
security features is has. The malware cares not about such foolishness.

Linux has repeatedly had exploits. The community values the quick repair
to fix such things, as a means of looking Lilly White later. But if there
was money involved in tipping over Linux users, we would get a real measure
of the holes. After all, we had some idiots prove how easy it was to
infiltrate kernel.org work.

While the concept of "many eyes" and open source is attractive,
it does not actually scale. The first program I got off the Internet
that was FOSS, I read the entire 1 megabyte of source files. I did it,
to see "what does it take to be a many-eyes". Today, Firefox has something
like four hundred thousand text files. And a single human could not
read all of them, before passing from old age. The kernel, similarly,
has a large footprint.

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 13/12/2023 02:51, Paul wrote:

But if there
was money involved in tipping over Linux users, we would get a real measure of the holes.

There *is* money and there *are* attacks on big linux servers, but guess
what, they are not administered by windows numpties.
Windows are a target for three reasons
- there are lots and lots of pcs on the internet running it
- its users are generally just as technically clueless as MAC users
- its built to sell, not to work, or be secure.

Contrariwise Linux is less prevalent, far harder to crack and its users
tend to be able at least to do a basic install.

And ALL the flaws are made public immediately so that users can watch
out, patch, , reconfigure, or upgrade.

Just look at 'the register' ..

It is simply that Linux demands a little competence to install and use,
has nothing to lose and everything to gain by patching vulnerabilities
quickly, and is late to the table and incorporates all the (Unix)
lessons learnt from script kiddies on campus abusing their telnet logins
etc. And, today, as it is THE Big Iron operating system of choice - and
Big Blue's - its damn well tested to make sure it is safe.

We get it free on the desktop, but IBM , Red Hat and others spend
millions of pounds a year making it work better, on the understanding
that they too, can use it for free.

A hobbyist's platform it is not.


--
To ban Christmas, simply give turkeys the vote.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 12/12/2023 9:40 PM, The Natural Philosopher wrote:

On 12/12/2023 21:50, Joe wrote:

On Tue, 12 Dec 2023 19:58:21 -0000 (UTC)
Jethro_uk <jethro_uk@hotmailbin.com> wrote:

On Tue, 12 Dec 2023 09:07:20 +0000, The Natural Philosopher wrote:

On 12/12/2023 07:21, Jethro_uk wrote:

On Mon, 11 Dec 2023 09:58:30 +0000, jon wrote:
  

I wonder sometimes just how critical some of these viruses are to
general activities.

Running linux can relieve of some of that thought.

+10001

I am fairly certain I have been emailed at least 200 suspect
attachments and downloaded many hundreds of suspect items on Linux
in the last 20 years.

I have never had an issue.

I run no virus scanners. I don't know whether there are any, for
Linux.

clamav ?

Although that is mainly used where I am to scan attachments to and
from *Windows* PCs.

Some people think it's a weight of numbers issue. If 90% of the world
ran linux desktops, then maybe they'd be as vulnerable.

For myself, I think it's more fundamental than that. Linux was built
from the ground up (like *nix) with a damn good model of security and
understanding that the user at the console is more likely than not,
*not* an admin.

A lot of Windows users run with admin privileges, which saves them
time and allows malware to be installed on their machines. Apart from
some Ubuntu users, most Linux users have more sense.

However having just wasted half a day with a ****ing wifi issue with
Jammy Jellyfish that may not ever be fixed, I don't think we are
there yet.

I did say *some*.

Not running as root but having a simple and defined method to raise user priviliges is a decent compromise, which is why it is the linux default.

Isn't there one though, that doesn't do that ?

Maybe Debian ? No sudoers set up ? When that happens,
you get to learn how to set up sudoers (like you would
in the old days).

And there is one distro, with a red Terminal icon on the
taskbar, and you run as root. Which is fine, as long as you
know enough about 'nix to recognize the flora and fauna.
That's a distro intended only for live usage, and not
really intended for hard drive install.

And the Wifi modules, like some new RealTek one, they eventually get
drivers. It all depends on how cooperative the hardware company
is, to how quickly that gets resolved. People who reverse-engineer,
they need samples of hardware, to do their best work.

Some hardware has "too many" drivers, and the secret to
end-user bring-up is blacklisting the drivers that don't belong.
Only certain people have big enough brain-pans to memorize
all these quirk-cases. If I were to expect trouble, maybe it
would be a Broadcom.

Whereas Atheros, used to have a good reputation in the Linux
community. And they have been acquired by Qualcomm (the Borg).

Any time smaller companies are bought, and passed between
larger companies like after-dinner mints, that's when the
driver situation for the hardware goes to hell. No web page
any more, no easy driver downloads, and so on. One semiconductor
company, it might have had four or five owners by now, and
"everyone owns it for two years, for the tax writeoff".

It does mean the occasional bit of hard work. It builds character.

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Wed, 13 Dec 2023 02:37:52 +0000, The Natural Philosopher wrote:

On 12/12/2023 19:58, Jethro_uk wrote:

However having just wasted half a day with a ****ing wifi issue with
Jammy Jellyfish that may not ever be fixed, I don't think we are there
yet.

Odd hardware?

Well not so odd that Windows - for all it's flaws - has zero problems
with it.

Luckily in this case the bug manifests itself by the wifi adapter being incapable of getting an IP address - and in my case we are using fixed
IPs. But it would have made it useless for general use.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 13/12/2023 04:25, Paul wrote:

On 12/12/2023 9:40 PM, The Natural Philosopher wrote:

On 12/12/2023 21:50, Joe wrote:

On Tue, 12 Dec 2023 19:58:21 -0000 (UTC)
Jethro_uk <jethro_uk@hotmailbin.com> wrote:

On Tue, 12 Dec 2023 09:07:20 +0000, The Natural Philosopher wrote:

On 12/12/2023 07:21, Jethro_uk wrote:

On Mon, 11 Dec 2023 09:58:30 +0000, jon wrote:

I wonder sometimes just how critical some of these viruses are to >>>>>>> general activities.

Running linux can relieve of some of that thought.

+10001

I am fairly certain I have been emailed at least 200 suspect
attachments and downloaded many hundreds of suspect items on Linux
in the last 20 years.

I have never had an issue.

I run no virus scanners. I don't know whether there are any, for
Linux.

clamav ?

Although that is mainly used where I am to scan attachments to and
from *Windows* PCs.

Some people think it's a weight of numbers issue. If 90% of the world
ran linux desktops, then maybe they'd be as vulnerable.

For myself, I think it's more fundamental than that. Linux was built
from the ground up (like *nix) with a damn good model of security and
understanding that the user at the console is more likely than not,
*not* an admin.

A lot of Windows users run with admin privileges, which saves them
time and allows malware to be installed on their machines. Apart from
some Ubuntu users, most Linux users have more sense.

However having just wasted half a day with a ****ing wifi issue with
Jammy Jellyfish that may not ever be fixed, I don't think we are
there yet.

I did say *some*.

Not running as root but having a simple and defined method to raise user priviliges is a decent compromise, which is why it is the linux default.

Isn't there one though, that doesn't do that ?

I cant recall one off hand.

Maybe Debian ? No sudoers set up ? When that happens,
you get to learn how to set up sudoers (like you would
in the old days).

If there is no default sudoer access applied to the initial system and
no root password, then root access is impossible. And you cant set up
sudoers.

And there is one distro, with a red Terminal icon on the
taskbar, and you run as root. Which is fine, as long as you
know enough about 'nix to recognize the flora and fauna.
That's a distro intended only for live usage, and not
really intended for hard drive install.

And the Wifi modules, like some new RealTek one, they eventually get
drivers. It all depends on how cooperative the hardware company
is, to how quickly that gets resolved. People who reverse-engineer,
they need samples of hardware, to do their best work.

That remains one of the issues. I am not majoring on very vanilla ex
commercial refurbed HP desk and laptops. They use bog standard chips,
and linux 'just worked' on them to date.

I had problems in the past with Broadcomm hardware on older machines
from the noughties. As well as video hardware from that era, but stuff
from 2010 onwards all seems to play nice.

Some hardware has "too many" drivers, and the secret to
end-user bring-up is blacklisting the drivers that don't belong.
Only certain people have big enough brain-pans to memorize
all these quirk-cases. If I were to expect trouble, maybe it
would be a Broadcom.

That was my experience 15 years ago, not today. Linux Mint, in
particular has spent time and effort eliminating all that with
intelligent 'driver select' software .
If it needs need drivers you run that, it scans the system and say 'yep.
we have proprietary drivers for that that are recommended'

Whereas Atheros, used to have a good reputation in the Linux
community. And they have been acquired by Qualcomm (the Borg).

Fuck the 'linux community'

That's as specious a bunch of wankers as the 'transgender community'


The fact is that Linux at the core kernel and base level system apps is maintained by very serious money and its streets ahead of toy OSes like
Windows or OSX.

However they don't put time into making it noob friendly. Mint and
Ubuntu did and do.

You have to have fairly peculiar hardware or be extremely fat fingered
to not be able to install those successfully.


Linux isn't a geeks hobby any more. Its the no 1 operating system in the
world, for phones, tablets, servers, embedded hardware, routers, supercomputers..all the way from a £6 Pi Zero to a million pound Cray.
It's designed to work, because hardware manufacturers make no money out
of selling it, only their hardware, so naturally its in their interest
to make sure it showcases that hardware optimally.

Since there is no money to be made from it, no one in the consumer world
is interested in selling it preinstalled on domestics PCs, when they can
make more selling windows or Macs. Only Chromebooks have it by default.

So it simply isn't widely known among that target market. Except as
android, on phones.

--
Truth welcomes investigation because truth knows investigation will lead
to converts. It is deception that uses all the other techniques.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 13/12/2023 07:27, Jethro_uk wrote:

Luckily in this case the bug manifests itself by the wifi adapter being incapable of getting an IP address - and in my case we are using fixed
IPs. But it would have made it useless for general use.

Ahah. I cane across that recently in my Pi.

It was an obscure default in systemd that wants to rename the wireless interface to something obscure, which then isnt recognised by other
parts of the system, namely the DHCP client side.

look here
/lib/systemd/network/ and you may see some files

tell me what's there and what is in them, and how the wifi is connected
- is it usb?

--
Those who want slavery should have the grace to name it by its proper
name. They must face the full meaning of that which they are advocating
or condoning; the full, exact, specific meaning of collectivism, of its
logical implications, of the principles upon which it is based, and of
the ultimate consequences to which these principles will lead. They must
face it, then decide whether this is what they want or not.

Ayn Rand.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 12/12/2023 21:50, Joe wrote:

On Tue, 12 Dec 2023 19:58:21 -0000 (UTC)
Jethro_uk <jethro_uk@hotmailbin.com> wrote:

On Tue, 12 Dec 2023 09:07:20 +0000, The Natural Philosopher wrote:

On 12/12/2023 07:21, Jethro_uk wrote:

On Mon, 11 Dec 2023 09:58:30 +0000, jon wrote:

I wonder sometimes just how critical some of these viruses are to
general activities.

Running linux can relieve of some of that thought.

+10001

I am fairly certain I have been emailed at least 200 suspect
attachments and downloaded many hundreds of suspect items on Linux
in the last 20 years.

I have never had an issue.

I run no virus scanners. I don't know whether there are any, for
Linux.

clamav ?

Although that is mainly used where I am to scan attachments to and
from *Windows* PCs.

Some people think it's a weight of numbers issue. If 90% of the world
ran linux desktops, then maybe they'd be as vulnerable.

For myself, I think it's more fundamental than that. Linux was built
from the ground up (like *nix) with a damn good model of security and
understanding that the user at the console is more likely than not,
*not* an admin.

A lot of Windows users run with admin privileges, which saves them
time and allows malware to be installed on their machines. Apart from
some Ubuntu users, most Linux users have more sense.

While probably true prior to Windows Vista, it is uncommon these days
where widows UAC applies a similar security model as *nix with temporary elevation for privileges.

Linux on the desktop will be more secure since it represents such a
small target group of users. At the server level though it is routinely compromised.

Many vulnerabilities don't even occur in the OS anyway - but elsewhere
in the software stack.

In the last pwn2own contest (2021) there were successful compromise
attempts against Windows, MacOS, Ubunto, and various virtualisation environments.



--
Cheers,

John.

/=================================================================\
| Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk | \=================================================================/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 13/12/2023 07:27, Jethro_uk wrote:

On Wed, 13 Dec 2023 02:37:52 +0000, The Natural Philosopher wrote:

On 12/12/2023 19:58, Jethro_uk wrote:

However having just wasted half a day with a ****ing wifi issue with
Jammy Jellyfish that may not ever be fixed, I don't think we are there
yet.

Odd hardware?

Well not so odd that Windows - for all it's flaws - has zero problems
with it.

Luckily in this case the bug manifests itself by the wifi adapter being incapable of getting an IP address - and in my case we are using fixed
IPs. But it would have made it useless for general use.

I have had that on recent versions of raspbian... might be worth
checking if the fix for that applies to yours:

If you edit:

/lib/dhcpcd/dhcpcd-hooks/10-wpa_supplicant

search for "nl80211,wext"

Change it to:

"wext,nl80211"





--
Cheers,

John.

/=================================================================\
| Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk | \=================================================================/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 12/13/2023 2:27 AM, Jethro_uk wrote:

On Wed, 13 Dec 2023 02:37:52 +0000, The Natural Philosopher wrote:

On 12/12/2023 19:58, Jethro_uk wrote:

However having just wasted half a day with a ****ing wifi issue with
Jammy Jellyfish that may not ever be fixed, I don't think we are there
yet.

Odd hardware?

Well not so odd that Windows - for all it's flaws - has zero problems
with it.

Luckily in this case the bug manifests itself by the wifi adapter being incapable of getting an IP address - and in my case we are using fixed
IPs. But it would have made it useless for general use.

I connected my Wifi in a Zoran(Ubuntu) VM and the connection to the
"weird SSID" on the right of the line of text below, was made OK.

That SSID, is a Windows 10 Mobile Hotspot, where the Wifi on that machine
is put in AP Mode, and bridged to the Ethernet. It's a one-button click,
but the status of the Hotspot did not come up properly initially.

The machine name is GREGORE. In the Mobile Hotspot in settings, it
says one connection is made, and the IP is 192.168.137.205/24 . If I
change the IP address too much, then I would have to widen the netmask
on the subnet there.

I think you can do that from Powershell (but I don't know if I made
any notes from the last time -- there's some enumeration number you
have to know in Powershell, to tell it which one to adjust). When
you adjust it that way, the computer does not remember that adjustment
on the next boot.

In any case, each SSID you connect to in Linux, has a file created . And if
you edit the file, the claim is you can reuse it. Right now, method=auto
but method=manual might work.

sudo cat /etc/NetworkManager/system-connections/'GREGORE 1651.nmconnection'

[ipv4]
method=auto # Like Windows, this is the DHCP option Zoran/Ubuntu used.

This document explains a bit how you would replace method=auto .

https://people.freedesktop.org/~lkundrak/nm-docs/nm-settings-keyfile.html

method=manual
dns=8.8.8.8;8.8.4.4;
address1=192.168.137.101/24,192.168.1.1 <=== apparently you can have more than one address???
gateway=192.168.137.1

Someone claims they had to reboot for the new saved values in the
file to take, as "restarting NetworkManager did not work". It's possible systemctl applied to whatever controls the Wifi, would make the
computer suck-up the new info. Maybe if you kill NetworkManager,
it just comes up and sniffs that "everything is working" and so it
does not hammer anything.

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 12/13/2023 7:28 AM, The Natural Philosopher wrote:

On 13/12/2023 07:27, Jethro_uk wrote:

Luckily in this case the bug manifests itself by the wifi adapter being
incapable of getting an IP address - and in my case we are using fixed
IPs. But it would have made it useless for general use.

Ahah. I cane across that recently in my Pi.

It was an obscure default in systemd that wants to rename the wireless interface to something obscure, which then isnt recognised by other parts of the system, namely the DHCP client side.

look here
/lib/systemd/network/ and you may see some files

tell me what's there and what is in them, and how the wifi is connected - is it usb?

You can install the package for ifconfig, if you want
to get back the traditional convenience.

It listed my Wifi as a systemd string with about 20 characters
in it. When the articles on the web might refer to a Wifi as "wlan0".

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 13/12/2023 20:39, Paul wrote:

On 12/13/2023 7:28 AM, The Natural Philosopher wrote:

On 13/12/2023 07:27, Jethro_uk wrote:

Luckily in this case the bug manifests itself by the wifi adapter being
incapable of getting an IP address - and in my case we are using fixed
IPs. But it would have made it useless for general use.

Ahah. I cane across that recently in my Pi.

It was an obscure default in systemd that wants to rename the wireless interface to something obscure, which then isnt recognised by other parts of the system, namely the DHCP client side.

look here
/lib/systemd/network/ and you may see some files

tell me what's there and what is in them, and how the wifi is connected - is it usb?

You can install the package for ifconfig, if you want
to get back the traditional convenience.

It listed my Wifi as a systemd string with about 20 characters
in it. When the articles on the web might refer to a Wifi as "wlan0".

There is the possible issue.

Systemd renames interfaces according to their MAC addresses, sometimes.

Few other packages have caught up with this and are still looking for
'wlan0' or 'usb0' etc.

Paul

--
Future generations will wonder in bemused amazement that the early
twenty-first century’s developed world went into hysterical panic over a globally average temperature increase of a few tenths of a degree, and,
on the basis of gross exaggerations of highly uncertain computer
projections combined into implausible chains of inference, proceeded to contemplate a rollback of the industrial age.

Richard Lindzen

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, 12 Dec 2023 19:58:21 +0000, Jethro_uk wrote:

However having just wasted half a day with a ****ing wifi issue with
Jammy Jellyfish that may not ever be fixed, I don't think we are there
yet.

Many thanks for the suggestions here. Because this is work, not play, I
just needed it to *work* - so fixing the IP doing the trick is fine by
me. At least I know I can leave it forever now. Unlike the Windows box it replaced which regularly flooded the hard drive with updates until it ran
out of space. Presumably preventable if your GPO-fu is deep. However
casual reading of support forums suggests that even when you disable
updates, MS sneak shit in and eventually you will run out of disk.

Regarding weird-named adapters, I thought that came in a few years back ?
I know I did an install and wlan0 and eth0 weren't there. The change
being a mild layer of security in that an attacker can no longer be
certain of the network adapter name (it had always been possible to
rename them, but no one did). This would break a virus/malware that in
order to be small and fleet did not have additional code to deal with
such cases. However that isn't the problem in this particular case.

The WiFi on my HP laptop running Mint 20.3 has been rock-solid, while the
WiFi on my (work) Dell Win10 machine has had the odd wobble (it hasn't
happened for a while now, but out of nowhere the wireless adapter would
just disappear, and Windows would never see it again until the (same)
drivers were reinstalled a few times.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)