Hacker Claiming He Can Exploit Windows Update

Status
Not open for further replies.

nonoitall

Distinguished
Apr 30, 2006
119
0
18,680
0
Unless this fellow managed to acquire Microsoft's private update signing keys, I'd say he's just looking for attention. (Does Microsoft even distribute updates via SSL? It seems like it would be a massive waste of server CPU time when updates don't really contain sensitive information.)
 

dioxholster

Distinguished
Jan 18, 2009
56
0
18,630
0
trying so hard to work for FBI. why are they all such attention whores, you have skills, you took the time and effort to acquire them, why end up acting like a child? Whats the purpose of it? someones got stop this insanity, its the wild west here. gov should interfere, freedom isnt worth this annoyance.
 

amk-aka-Phantom

Distinguished
Mar 10, 2011
3,004
0
20,860
31
Cool story. That's why I have Windows Updates off - not needed. It's one more reason to like Win7 - it works out of the box. No updates needed. And if I'll ever, for some bizarre reason, need an update, I'll just download it manually.
 

husker

Distinguished
Oct 2, 2009
943
16
18,985
0
[citation][nom]amk-aka-phantom[/nom]Cool story. That's why I have Windows Updates off - not needed. It's one more reason to like Win7 - it works out of the box. No updates needed. And if I'll ever, for some bizarre reason, need an update, I'll just download it manually.[/citation]
It seems to me like this hacker is saying these things to convince people that windows updates are a bad thing, and you are falling for it. He is employing an old tactic, in which the threat itself is empty, but the reaction he hopes to get from people is what counts. In this case those who believe the threat are made vulnerable to other more real attacks because they are not getting regular security updates.
 
[citation][nom]cookoy[/nom]boy what a pompous self-conceited prick even his parents would steer clear of him coz he'll hack their bank accounts[/citation]

Yup I absolutely agree, Hackers aren't so kiddish.
Grow up man, become a hacker, don't publicize it, just do it like nike says.....

I guess his 15 Seconds of fame are up eh...........
 

amk-aka-Phantom

Distinguished
Mar 10, 2011
3,004
0
20,860
31


I don't care about security updates or whatever scary things hackers or antivirus companies tell us. I have logic and I know how computers work; you can't just "infiltrate" or "hack into" a machine like they scare you. Unless I download and run a harmful executable, there will be no harm done to my computer. Proven by 3 years of malware/antivirus-free experience. Best antivirus is common sense; if you don't have it, nothing will help (unless you wanna slow down your PC to a moronic extent, lol, like having UAC asking you about literally EVERY action or something).
 

SoiledBottom

Distinguished
Feb 4, 2006
257
0
18,780
0
"freedom isnt worth this annoyance."

AUTHOR: Thomas Jefferson (1743–1826)
QUOTATION: The tree of liberty must be refreshed from time to time with the blood of patriots and tyrants. It is it’s natural manure.
 

schmich

Distinguished
Sep 17, 2009
284
0
18,780
0
[citation][nom]een54[/nom]Why dont dearest comrade hackers like this use their "skills" for something useful?So gay that theyre always trying to stir shi*The technology world could be an awesome place if we all worked towards the greater good, which is obv conveyer belt paths EVERYWHERE![/citation]
I agree with you but to answer your question: money. You can get a TON of money by selling exploits on the black/criminal market.
 

christop

Distinguished
Sep 30, 2008
3,079
0
20,960
80
Why not use your skills to get a killer job and make money or is it you have like 5 0days and a bank full of cash and don't care. I will guess this guy didn't get enough attention from his parents as a kid.
 

drapacioli

Distinguished
Dec 6, 2010
530
0
19,160
69
[citation][nom]amk-aka-phantom[/nom]I don't care about security updates or whatever scary things hackers or antivirus companies tell us. I have logic and I know how computers work; you can't just "infiltrate" or "hack into" a machine like they scare you. Unless I download and run a harmful executable, there will be no harm done to my computer. Proven by 3 years of malware/antivirus-free experience. Best antivirus is common sense; if you don't have it, nothing will help (unless you wanna slow down your PC to a moronic extent, lol, like having UAC asking you about literally EVERY action or something).[/citation]

So then I guess you don't use the internet right? Because every time another program (Not limited to just web browsers) accesses the internet, it has some authority to run and download other files. Not all viruses are .exe files, and many types of malware can infiltrate your computer simply by visiting a webpage. Every time you "view" a web page, your web browser is downloading files to your hard drive. Whenever Windows, Adobe, your web browser, Java, or games download updates, there is a potential to be hacked. Programs are not written perfectly, people can use exploits to distribute viruses and obtain personal information without you knowing about it. Every time you install security updates you have to give administrative permission to do so, but not installing the updates makes it even easier to be hacked, so you can't ignore them Whenever a file not originating from the PC is written to the hard drive (even from CDs and flash drives, or memory cards), there is a potential for malware, spyware, or viruses. In fact, through exploits using flash drives and other physical media, it is possible to become infected without ever being connected to the internet at all. Because people are constantly finding loopholes through programs like web browsers, Flash, and product updates (Even "safe" products), common sense alone will not prevent viruses. In fact, common sense says install an anti-virus, something you aren't doing, correct? If you really need to squeeze every bit of performance out of your computer, either upgrade it or find a minimal antivirus program. There are plenty out there that do not hog resources, not ever antivirus acts like Norton.
 

amk-aka-Phantom

Distinguished
Mar 10, 2011
3,004
0
20,860
31


My programs don't connect to the Internet. (Clarification for slowpokes: they're prevented from connecting/updating by their settings and the firewall.) I don't need to squeeze every bit of performance out of my computer... at least the main one. Thing is, if I ever install an antivirus, it NEVER finds anything. That's enough for me to consider my method a success. And as I said, I never update anything unless I NEED it, in which case I download an update manually.

USB drives: switch off Autorun; done. You have to know what kind of files you're copying; I don't know what kind of USB devices YOU are dealing with, but the worst thing I've ever seen on a USB was an autorun virus (a few different ones), and if Autorun is off, you can delete them manually. Again, if there's something evil on the USB device, it'll be an executable. Don't run executables that you don't trust.

Viruses are a bogeyman to make people who don't know enough about their computers give the antivirus companies their money. I agree that there're loopholes, however, it's very easy to close them. I've heard too much BS about scary viruses that allegedly infect every Windows machine once it's connected to the net; I'm tired of hearing it all over.

Every piece of software that doesn't improve the way I work with my computers is useless for me. Antiviruses are exactly that.
 

dread_cthulhu

Distinguished
Dec 7, 2010
185
0
18,680
0
[citation][nom]SoiledBottom[/nom]"freedom isnt worth this annoyance."AUTHOR: Thomas Jefferson (1743–1826)QUOTATION: The tree of liberty must be refreshed from time to time with the blood of patriots and tyrants. It is it’s natural manure.[/citation]

YES! Thank you, Soiled! Mr. Jefferson, I salute you!
 
G

Guest

Guest
I know it can be done, examples of this are the games cracked servers,even without user intervention,i have disabled automatic updates and guess what,Tuesday update do install by himself.
 
G

Guest

Guest
[citation][nom]amk-aka-phantom[/nom]I don't care about security updates or whatever scary things hackers or antivirus companies tell us. I have logic and I know how computers work; you can't just "infiltrate" or "hack into" a machine like they scare you. Unless I download and run a harmful executable, there will be no harm done to my computer. Proven by 3 years of malware/antivirus-free experience. Best antivirus is common sense; if you don't have it, nothing will help (unless you wanna slow down your PC to a moronic extent, lol, like having UAC asking you about literally EVERY action or something).[/citation]

So for 3 years you have run without antivirus, What a big clever boy you are, and you are virus free and un-hackable you say! So if you have now anti-virus software, how do you know you are not infected, run through the millions of lines of code yourself?

Its idiotic statements like this that create mis-conceptions as to what common sense is! For goodness sake man install a free antivirus suite now and scan your machine, then update it! THAT is common sense!
 
G

Guest

Guest
@amk-aka-phantom: Windows Updates not needed? You're running the single most vulnerable operating system on the market, and you dont think that updating it is needed? Sorry friend, but unless your computer never touches an internet connection, you're asking to be Metasploited by some script kiddie.
 
G

Guest

Guest
amphantom: While it may be fun to rag on Ubuntu's occasional update-of-death, Windows and OSX both have worse track records of screwing up PCs with updates. Even on the very mature XP has had several updates to completely take down PCs en masse, even in the brief time since SP3 was released.

To the not-understanding-networking-at-all-but-considering-self-hacker-savvy crowd: Assuming you have your PC behind a somewhat respectable router and not plugged into a modem directly, it's almost impossible to get directly hacked without initiating the communication. Unfortunately, Windows is still the most vulnerable OS on the planet. It is STILL possible to get a virus installed on your PC just by clicking on a link, without even being prompted by UAC(that legendary faux Window Explorer to faux antivirus virus is a good example).

Linux hacks are still mostly limited to screwing up your ill-programmed web application being served on your ill-configured Apache server, anything else requires you to somehow actually steal somebody's actual credentials and log in as them(locally, and possibly remotely if SSH is installed), via phishing, etc...
 

amk-aka-Phantom

Distinguished
Mar 10, 2011
3,004
0
20,860
31
Some malware is coded such as when you scan, it will not detect it, once it's infected no AV will do anything to save you, only way would be scanning with an external machine with a different OS, so you might indeed have a bunch of malware in your system right now
Well, in this case antivirus wouldn't help anyway, right? :D And since I'm not annoyed by anything, even if there IS malware on this machine, I couldn't care less, it's blazing fast... faster than ever, in fact.

@all of you who accuse me of needing attention: Lol, cool story... except that you forgot that we're in News Comments section and it's for opinions. My opinion gives you butthurt? Goal achieved, then, but don't be such pathetic whiners :kaola:
 
Status
Not open for further replies.

ASK THE COMMUNITY