From: Ant on
"~BD~" wrote:
> 1. The "False Authority Syndrome"
>
> Don't believe everything. Some people talk or write about viruses as if
> they were an authority in this field, but in fact they are often not.
>
> Ref: http://www.claymania.com/info-fas.html

The link to vmyths (for more about FAS) on that page is out of date.
Use this: http://vmyths.com/fas/ which redirects to a PDF written by
Rob Rosenberger. It's a bit dated now, talking about old msdos viruses
and bulletin boards, but the wisdom is still sound.

"The U.S. Air Force highlights the concept of False Authority Syndrome
in Tongue & Quill, their official publication on effective writing:

Nonexpert opinion or assumed authority - Don't be swayed (or try to
sway someone else) based on the opinion of an unqualified authority.
The Air Force is chock-full of people who, because of their position
or authority in one field, are quoted on subjects in other fields
for which they have limited or no experience.

(As this Air Force publication notes, False Authority Syndrome can
attack people in all fields of expertise.)".

> My niggling concern has always been that
> malware (call it what you will) might remain 'somewhere' within a box
> ready to continue with it's malicious activity even though it's been
> flattened and windows reinstalled (or even if a *new* hard disk has been
> installed!).
>
> I suspect such thoughts came about from my contact and discussion with
> our then High Tech Crime Unit - who recommended that I *destroy/trash*
> the machine involved in my identity theft encounter.

See the quote above. Police units dealing with computer crime are not
authorities on malware. Their expertise is in gathering evidence
(computer forensics) for possible prosecutions. They need to know
where and what to look for on the system and, before they start, how
to preserve or not corrupt that information. Sure, they may employ or
consult experts who know something about particular malware in certain
cases but did you communicate with one of these experts? More likely
it was some desk sergeant or other front man whose job is not to
educate the public about the finer points of fraudulent or malicious
software but simply to give the safest and most general advice; i.e.
trash the machine. In fact, that sounds like pretty dumb advice from
anyone claiming to be an expert on malware.

> The implication was
> that there is much more going on 'behind the scenes'- things that the
> authorities do not want the public to know about!

There's no such implication - just your paranoid fantasies and
conspiracy theories at work.


From: David H. Lipman on
From: "Ant" <not(a)home.today>

| "~BD~" wrote:
>> 1. The "False Authority Syndrome"

>> Don't believe everything. Some people talk or write about viruses as if
>> they were an authority in this field, but in fact they are often not.

>> Ref: http://www.claymania.com/info-fas.html

| The link to vmyths (for more about FAS) on that page is out of date.
| Use this: http://vmyths.com/fas/ which redirects to a PDF written by
| Rob Rosenberger. It's a bit dated now, talking about old msdos viruses
| and bulletin boards, but the wisdom is still sound.

< snip >

You don't see Robin on Usenet as much lately. For a short while he was posting malware
humour.

I was communicating with him offline not too long ago and I was pleasingly surprised that
Robin and I have something in common.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


From: John Mason Jr on
On 5/1/2010 7:19 AM, ~BD~ wrote:
> Dustin Cook wrote:
>>
>> If the article claims an infection in the bios or eeprom vs corruption;
>> then the article is indeed, wrong. BD.
>
> Thank you, Dustin.
>
>>> Take a step outside the box, David.
>>
>> Google bios and eeproms David. You might find it somewhat enlightening.
>
> I've done much research!
>


So ask specific questions based on your research, if you post links to
where the information was obtained folks can look at the original material.

Many folks have told you that in their opinion, and experience this
behavior has not been observed in the wild.

If you don't want the opinion of folks in the newgroup why would you
continue to ask for it?

John





From: ~BD~ on
Ant wrote:
> "~BD~" wrote:
>> 1. The "False Authority Syndrome"
>>
>> Don't believe everything. Some people talk or write about viruses as if
>> they were an authority in this field, but in fact they are often not.
>>
>> Ref: http://www.claymania.com/info-fas.html
>
> The link to vmyths (for more about FAS) on that page is out of date.
> Use this: http://vmyths.com/fas/ which redirects to a PDF written by
> Rob Rosenberger. It's a bit dated now, talking about old msdos viruses
> and bulletin boards, but the wisdom is still sound.
>
> "The U.S. Air Force highlights the concept of False Authority Syndrome
> in Tongue& Quill, their official publication on effective writing:
>
> Nonexpert opinion or assumed authority - Don't be swayed (or try to
> sway someone else) based on the opinion of an unqualified authority.
> The Air Force is chock-full of people who, because of their position
> or authority in one field, are quoted on subjects in other fields
> for which they have limited or no experience.
>
> (As this Air Force publication notes, False Authority Syndrome can
> attack people in all fields of expertise.)".

Thank you for the revision, Ant. The Conclusion in that document says,
quote:-

"I DON�T WANT to dispel any particular computer virus myths someone may
have told you � that�s not my goal here. Rather, I want you to question
a person�s expertise if he or she claims to speak with authority on
computer viruses."

>> My niggling concern has always been that
>> malware (call it what you will) might remain 'somewhere' within a box
>> ready to continue with it's malicious activity even though it's been
>> flattened and windows reinstalled (or even if a *new* hard disk has been
>> installed!).
>>
>> I suspect such thoughts came about from my contact and discussion with
>> our then High Tech Crime Unit - who recommended that I *destroy/trash*
>> the machine involved in my identity theft encounter.
>
> See the quote above. Police units dealing with computer crime are not
> authorities on malware. Their expertise is in gathering evidence
> (computer forensics) for possible prosecutions. They need to know
> where and what to look for on the system and, before they start, how
> to preserve or not corrupt that information. Sure, they may employ or
> consult experts who know something about particular malware in certain
> cases but did you communicate with one of these experts? More likely
> it was some desk sergeant or other front man whose job is not to
> educate the public about the finer points of fraudulent or malicious
> software but simply to give the safest and most general advice; i.e.
> trash the machine. In fact, that sounds like pretty dumb advice from
> anyone claiming to be an expert on malware.

You may well be right!

>> The implication was
>> that there is much more going on 'behind the scenes'- things that the
>> authorities do not want the public to know about!
>
> There's no such implication - just your paranoid fantasies and
> conspiracy theories at work.


Maybe so. Tell me, then, about the expertise and 'qualifications' of Mr
Lipman. I suspect that he's a 'professional' but seems reluctant to say
so. You talk as if you *know* him!

--
Dave
From: FromTheRafters on
"~BD~" <BoaterDave(a)hot.mail.co.uk> wrote in message
news:JOSdndli_pDIk0HWnZ2dnUVZ8vqdnZ2d(a)bt.com...

[...]

> At that link it says - quote:-
>
> "When you run the fdisk command to create, delete, or change a
> partition, all of the data on that partition is permanently deleted".
>
> I've always understood that to mean that any malware would be
> destroyed too!

Bad sectors (or sectors *marked* as bad) in this case might be
considered "outside" any partition.

[...]

> That is my understanding too. My niggling concern has always been that
> malware (call it what you will) might remain 'somewhere' within a box
> ready to continue with it's malicious activity even though it's been
> flattened and windows reinstalled (or even if a *new* hard disk has
> been installed!).

Warning - - an analogy follows:

Some vaguely described monster has finally been *killed* by the monster
hunter and you have an uneasy feeling that the monster can rise from the
blood at the scene of the killing. Well, it ain't gonna happen, but when
you asked an expert if an entity like that could be resurrected from its
blood - he said yes and told you about DNA and sheep, cats, etc...

The thing is, the expert wasn't asked if the entity could self-resurrect
from the blood left behind after the killing of the monster.