Jump to content

Now also with flight simulators: Installing malware on customer computers

ZachariasX

By ZachariasX
in Free Subject

 Share

Recommended Posts

DetCord12B

DetCord12B

Posted
Posted

The dev responses are beyond cringe worthy. Not only have they violated the law in the EU but have also done so in the US with regards to the CFAA and is criminally prosecutable (felony) offense. Many US States also cover this as a criminal act under fraudulent computer access. You can do jail time for this. Either way, FSL is in deep shit. 

 

It's being picked up by major outlets as well.

 

https://arstechnica.com/gaming/2018/02/flight-sim-devs-say-hidden-password-dump-tool-was-used-to-fight-pirates/

 

https://www.pcmag.com/news/359310/flight-sim-labs-fights-piracy-by-installing-malware

 

https://www.rockpapershotgun.com/2018/02/19/flight-sim-group-put-malware-in-a-jet-and-called-it-drm/

sinned

sinned

Posted
Posted

Nothing wrong did FSL. The pirates deserve to get their computers exposed.

 

 

Piracy deserves no rights and those who are involved just be euthanized.

ZachariasX

ZachariasX

Posted
  • Author
Posted

 

 

Piracy deserves no rights

 

"No rights" for "piracy? You're saying with this that an alleged "pirate" does not need to stand trial, you can just shoot him (or watherver you feel apropriate with the now outlwed creature)? And this on grounds that you personally think he/ she is at least potentially a criminal? Remember, if you have "no rights", you don't have a trial. Trials are only for entities that actually *have* laws. And you think it is ok that you break several laws for such action as well?

CanadaOne

CanadaOne

Posted
Posted

Nothing wrong did FSL. The pirates deserve to get their computers exposed.

 

 

Piracy deserves no rights and those who are involved just be euthanized.

 

Agreed.

 

And I'm sure you will set the example for all of us and allow your computer to be filled with malware that exposes the entire contents of your PC and browsing history to private corporations in order to safeguard copyright laws.

 

Thank you. You're a good guy. :)

Retnek

Retnek

Posted
Posted

Piracy deserves no rights and those who are involved just be euthanized.

At least one honest advocate of open brutality! :dash:

DetCord12B

DetCord12B

Posted
Posted

Hell, this is the same guy (Lefteris) who charged $50 for a driver for the PMDG MD-11 and utilized a program that deleted the SimObj texture folders of pirated (no biggie) versions of the MD and of paying customers (a biggie) when it failed to work properly.

 

Nothing wrong did FSL. The pirates deserve to get their computers exposed.


Piracy deserves no rights and those who are involved just be euthanized.

 

How do you determine who and who isn't a pirate? How do you know this system wasn't abused? How are you able to ensure oversight? How do you know that none of the FSLabs AOC services use the .exe and package it off elsewhere? We don't. We don't know the answer to any of these questions. All we have is Lefteris word, which right now, isn't worth a damn. Ya know, I remember the last time I put my trust in an institution. Then the Snowden leaks happened. So no, I don't trust this man as far as I could throw him.

 

He and his deserve all the future legal pitfalls, both civil and criminal associated with this debacle.

CanadaOne

CanadaOne

Posted
Posted

How do you determine who and who isn't a pirate?

 

 

 

By allowing your PC to be scanned by private companies in order to safeguard copyrighted material.

 

Sinned is going to volunteer to have his PC scanned and his browsing history and passwords recorded on a regular basis as testament to his dedication to preserving DRM protected material.

 

He understands that freedom, privacy, and due process are outdated concepts.

Retnek

Retnek

Posted
Posted (edited)

He understands that freedom, privacy, and due process are outdated concepts.

[Edited]

Edited by Bearcat
Politics/Religion
Lusekofte

Lusekofte

Posted
Posted

Well this is going to demand that we have to have a clean gaming pc and have nothing else on it. Or quit gaming all together. I am not quite comphortable having Russian and US  software developed by people with paranoia tendencies 

CanadaOne

CanadaOne

Posted
Posted

A strong anti-virus, a VPN, and a skeptical mind is the bare Internet minimum these days. And no bloody social media.

ZachariasX

ZachariasX

Posted
  • Author
Posted

 

 

A strong anti-virus

What is that?

CanadaOne

CanadaOne

Posted
Posted

What is that?

 

I suspect you are toying with me, good sir. ;)

216th_Lucas_From_Hell

216th_Lucas_From_Hell

Posted
Posted

I think what Zacharias means is that nowadays AV software can only keep a relatively weak level of threat at bay. If someone is really set on getting information that is on your computer, they are much more likely to find a way than your AV is to stop them.

CanadaOne

CanadaOne

Posted
Posted

I think what Zacharias means is that nowadays AV software can only keep a relatively weak level of threat at bay. If someone is really set on getting information that is on your computer, they are much more likely to find a way than your AV is to stop them.

 

I agree that the perfect anti-virus exists only in the mind of God, but that doesn't mean one should not make what imperfect efforts he can in order to at least try and protect his PC.

ZachariasX

ZachariasX

Posted
  • Author
Posted

I agree that the perfect anti-virus exists only in the mind of God, but that doesn't mean one should not make what imperfect efforts he can in order to at least try and protect his PC.

Well, your suggestion of the „sceptical mind“, brings us very far I think.

 

Now, as working example, if you asked me of thinking up a system that protects from unknown code and I came up with the answer, „make a program with system level priviledges (or preferably a ring below that) that reads and parses ALL incoming code and flags all the results that look like what YOU think is bad“, how would you like that? Good idea?

 

Let me turn that around for you. Suppose you‘re a fiendish hacker, wanting to have a good time on someone elses partitions. And you‘d be too vain for some basic social engineering and let the user do the legwork for you himself. No, you‘d really „break in“. How would you do that? Would you a) attack the OS (that, as bad as it may be technically, is probably some of the better maintained code out there) or b) use the „anti virus thingy“ that you know is provided for free and hardly maintained at all, but runs with system priviledges and reads *everything*.

 

Things that are broken by design cannot be patched. And IF you can touch the fiendish file at all, then you can also upload it to virustotal. And be surprised by the results.

 

Some of the more profilic hackings were done by entering through the AV scanner.

 

Also, there‘s the „web based“ virus scanners. The fancy new stuff to fight evil hackers. What you get with them is you are rootkitting your system that from now on *uploads your data to someone elses computer* („cloud“) and they can do with your files what they feel like doing. Your docs, your spredsheets... Also everything that you wouldn‘t dare storing in Dropbox/iCloud or any other such service where a shake off on users data is seen as fringe benefit. They also can change functionality of that rootkit as they feel like doing. Awesome protection.

 

Which of those is the „good AV“ that you were talking about? There‘s crapware, spyware and scareware out there, and they all slow down your system considerably. But „good“ AV?

CanadaOne

CanadaOne

Posted
Posted

Well, your suggestion of the „sceptical mind“, brings us very far I think.

 

Now, as working example, if you asked me of thinking up a system that protects from unknown code and I came up with the answer, „make a program with system level priviledges (or preferably a ring below that) that reads and parses ALL incoming code and flags all the results that look like what YOU think is bad“, how would you like that? Good idea?

 

Let me turn that around for you. Suppose you‘re a fiendish hacker, wanting to have a good time on someone elses partitions. And you‘d be too vain for some basic social engineering and let the user do the legwork for you himself. No, you‘d really „break in“. How would you do that? Would you a) attack the OS (that, as bad as it may be technically, is probably some of the better maintained code out there) or b) use the „anti virus thingy“ that you know is provided for free and hardly maintained at all, but runs with system priviledges and reads *everything*.

 

Things that are broken by design cannot be patched. And IF you can touch the fiendish file at all, then you can also upload it to virustotal. And be surprised by the results.

 

Some of the more profilic hackings were done by entering through the AV scanner.

 

Also, there‘s the „web based“ virus scanners. The fancy new stuff to fight evil hackers. What you get with them is you are rootkitting your system that from now on *uploads your data to someone elses computer* („cloud“) and they can do with your files what they feel like doing. Your docs, your spredsheets... Also everything that you wouldn‘t dare storing in Dropbox/iCloud or any other such service where a shake off on users data is seen as fringe benefit. They also can change functionality of that rootkit as they feel like doing. Awesome protection.

 

Which of those is the „good AV“ that you were talking about? There‘s crapware, spyware and scareware out there, and they all slow down your system considerably. But „good“ AV?

 

From the sounds of it, you are much smarter on a PC technical level than I am. Perhaps we should just assume, for the sake of brevity, that no matter what I say you will respond with something along the lines of "Ugh!". That's fine, it could well be merited.

 

Maybe it would be best if you told us The Answer. What is the 42 of keeping your PC safe, apart form unplugging it?

unreasonable

unreasonable

Posted
Posted (edited)

From the sounds of it, you are much smarter on a PC technical level than I am. Perhaps we should just assume, for the sake of brevity, that no matter what I say you will respond with something along the lines of "Ugh!". That's fine, it could well be merited.

 

Maybe it would be best if you told us The Answer. What is the 42 of keeping your PC safe, apart form unplugging it?

 

Although what he says may be exactly true, Zacharias is in danger of making the perfect the enemy of the good. If one of the government agencies specifically targeted my PC, I am sure there is little I could do to stop them, the only protection is never to do anything with it which they might be able to use against you. Which is impossible, as they can just put something on there if they want your hide badly enough.  Same goes for serious criminal hacker collectives.

 

The vast majority of threats to my computer, however, are relatively simple malware that try to install crap like Baidu,  trick you into clicking on "Chrome  upgrade" etc. While most of the time an experienced user will see these traps and avoid them, every now when you are drunk or tired, visiting a site you would not tell your mother about,  you put your mouse somewhere you should not and get an infection.  Some combination of MalwareBytes and a registry cleaner almost always solve these sorts of problems, and having MSE up do date will have a prophylactic value.

Edited by unreasonable
Mitthrawnuruodo

Mitthrawnuruodo

Posted
Posted

 

 

What is the 42 of keeping your PC safe, apart form unplugging it?
 

 

In the context of PC gaming, it's best to keep things separate whenever possible.

 

Use your gaming PC for gaming only; assume it has no security thanks to all the programs and mods you've installed.

 

Designate one or two devices (perhaps a phone and a laptop) as 'secure' for email, banking, etc. Don't do anything sketchy there. 

 

Although this will do little against state actors, at least you won't have to worry about annoying crapware, spyware, or ransomware. In a worst-case scenario, you erase a drive and reinstall your game library knowing that all meaningful stuff is safe elsewhere. 

ZachariasX

ZachariasX

Posted
  • Author
Posted (edited)

From the sounds of it, you are much smarter on a PC technical level than I am. Perhaps we should just assume, for the sake of brevity, that no matter what I say you will respond with something along the lines of "Ugh!". That's fine, it could well be merited.

 

Maybe it would be best if you told us The Answer. What is the 42 of keeping your PC safe, apart form unplugging it?

I guess „Ugh“ covers most of what you really can do beyond asking (yourself) twice where you put your fingers. Security is a behaviour, not a technology.

 

But 42 it is.

 

Although what he says may be exactly true, Zacharias is in danger of making the perfect the enemy of the good. If one of the government agencies specifically targeted my PC, I am sure there is little I could do to stop them, the only protection is never to do anything with it which they might be able to use against you. Which is impossible, as they can just put something on there if they want your hide badly enough. Same goes for serious criminal hacker collectives.

 

The vast majority of threats to my computer, however, are relatively simple malware that try to install crap like Baidu, trick you into clicking on "Chrome upgrade" etc. While most of the time an experienced user will see these traps and avoid them, every now when you are drunk or tired, visiting a site you would not tell your mother about, you put your mouse somewhere you should not and get an infection. Some combination of MalwareBytes and a registry cleaner almost always solve these sorts of problems, and having MSE up do date will have a prophylactic value.

As long as you remain sceptical of your helper (not only in the case of Oxfam), caring about your things is a good thing. But again, think first how the smiling one that you let into your house truly finances his living.

 

It comes all down to a matter of trust. Not technology. And in context of my OP, if there is no trust, you cannot accept the offer. Even if it is an Airbus for a sim.

Edited by ZachariasX
JaffaCake

JaffaCake

Posted
Posted

From the sounds of it, you are much smarter on a PC technical level than I am. Perhaps we should just assume, for the sake of brevity, that no matter what I say you will respond with something along the lines of "Ugh!". That's fine, it could well be merited.

 

Maybe it would be best if you told us The Answer. What is the 42 of keeping your PC safe, apart form unplugging it?

 

 

No 42, but pretty good practises :

 

Hardware isolation - Rate the importance of the things you do online and isolate the levels. Gaming, login-less browsing, login-dependent browsing, sensitive logins (email?), critical logins (banks). Have each level at least isolated via VMs, at best on the actual hardware. You can buy external HDD power switches and use those for isolation (as long as you put your UEFI in read-only mode)

 

Read-only file systems for sensitive data - banks / emails / browsing does not require your computer to remember anything. Every restart the system should be completely fresh, based on the image with most recent updates.

 

Also don't forget to tape your web cam. And make sure you aren't using your ISP's router, as its effectively rogue hardware in your house.

 

What else did I miss from Mr.Robot?

CanadaOne

CanadaOne

Posted
Posted

yeah and dont forget some tin foil to dodge the hackers who acces the government mind reading satellites, whay do you think now they make helmets with plastic :)

 

Been doing that for years.

 

I also sit behind the computer screen when I'm typing so that neither I nor the Illuminati know what I'm writing.

ZachariasX

ZachariasX

Posted
  • Author
Posted

Also don't forget to tape your web cam.

 

image.jpg

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...