From: Dustin Cook on
"Ant" <not(a)home.today> wrote in
news:HvKdnUrh5o0HVEHWnZ2dnUVZ8tEAAAAA(a)brightview.co.uk:

> "~BD~" wrote:
>> Tell me, then, about the expertise and 'qualifications' of Mr
>> Lipman. I suspect that he's a 'professional' but seems reluctant to
say
>> so. You talk as if you *know* him!
>
> How do you get the impression I know him from my previous post when I
> never mentioned or referred to him?
>
> As it happens, both he and I are long-time contributors to acv and
> acav, he offers advice to help people clean their machines and
> provides a useful tool to do that in the form of Multi-AV. So yes,
> I know him on usenet and from a private forum of researchers and
> anti-malware people and have corresponded with him in email. I don't
> know what he does for a living or what qualifications he has and
> neither do I care because the advice he gives is sound. All
> indications are that he has a wide knowledge of computer security,
> viruses and other malware.
>
> As for my expertise, I've previously mentioned I'm a long-time
> programmer with a particular interest in reverse engineering
> malicious code. I know about the capabilities of most currently
> circulating malware and popular exploits as you may have noticed from
> other posts I've made to these groups. Of course, in this field it's
> a constant learning experience as computer systems and software evolve
> and the bay guys try out new methods.
>
> I tend not to dispense advice about security or AV software because
> that's not my area of interest or expertise and I don't use such
> applications. If I have to clean infected systems I use my low-level
> system knowledge and basic or specialist tools.

+1


--
"Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh.. nudge
this boulder right down a cliff." - Goblin Warrior

From: ~BD~ on
FromTheRafters wrote:
> "~BD~"<BoaterDave(a)hot.mail.co.uk> wrote in message
> news:JOSdndli_pDIk0HWnZ2dnUVZ8vqdnZ2d(a)bt.com...
>
> [...]
>
>> At that link it says - quote:-
>>
>> "When you run the fdisk command to create, delete, or change a
>> partition, all of the data on that partition is permanently deleted".
>>
>> I've always understood that to mean that any malware would be
>> destroyed too!
>
> Bad sectors (or sectors *marked* as bad) in this case might be
> considered "outside" any partition.
>
> [...]
>
>> That is my understanding too. My niggling concern has always been that
>> malware (call it what you will) might remain 'somewhere' within a box
>> ready to continue with it's malicious activity even though it's been
>> flattened and windows reinstalled (or even if a *new* hard disk has
>> been installed!).
>
> Warning - - an analogy follows:
>
> Some vaguely described monster has finally been *killed* by the monster
> hunter and you have an uneasy feeling that the monster can rise from the
> blood at the scene of the killing. Well, it ain't gonna happen, but when
> you asked an expert if an entity like that could be resurrected from its
> blood - he said yes and told you about DNA and sheep, cats, etc...
>
> The thing is, the expert wasn't asked if the entity could self-resurrect
> from the blood left behind after the killing of the monster.
>


You should try your hand at writing stories for children, FTR! :)
From: ~BD~ on
Dustin Cook wrote:

>
> Wouldn't this be more appropriate in another newsgroup? This one, and the
> ones I see you've set as followup don't really apply...
>

You are probably right, Dustin :)

Which group(s) do you suggest?

BD
From: Max Wachtel on
On Sun, 02 May 2010 04:23:31 -0400, ~BD~ <BoaterDave(a)hot.mail.co.uk> wrote:

> Which group do you suggest?

alt.usenet.kooks -you'll find some real charmers in there.
--
This post was created using Opera(a)USB: http://www.opera-usb.com
Virus Removal Instructions
http://sites.google.com/site/keepingwindowsclean/home
Max's Favorite Freeware
http://sites.google.com/site/keepingwindowsclean/freeware
From: ~BD~ on
Ant wrote:
> "~BD~" wrote:
>> Tell me, then, about the expertise and 'qualifications' of Mr
>> Lipman. I suspect that he's a 'professional' but seems reluctant to say
>> so. You talk as if you *know* him!
>
> How do you get the impression I know him from my previous post when I
> never mentioned or referred to him?

I had a son who was a computer guru - he's an angel now. He guides me!

> As it happens, both he and I are long-time contributors to acv and
> acav, he offers advice to help people clean their machines and
> provides a useful tool to do that in the form of Multi-AV. So yes,
> I know him on usenet and from a private forum of researchers and
> anti-malware people and have corresponded with him in email. I don't
> know what he does for a living or what qualifications he has and
> neither do I care because the advice he gives is sound. All
> indications are that he has a wide knowledge of computer security,
> viruses and other malware.

Thank you. What you say holds no surprises!

> As for my expertise, I've previously mentioned I'm a long-time
> programmer with a particular interest in reverse engineering
> malicious code. I know about the capabilities of most currently
> circulating malware and popular exploits as you may have noticed from
> other posts I've made to these groups. Of course, in this field it's
> a constant learning experience as computer systems and software evolve
> and the bay guys try out new methods.
>
> I tend not to dispense advice about security or AV software because
> that's not my area of interest or expertise and I don't use such
> applications. If I have to clean infected systems I use my low-level
> system knowledge and basic or specialist tools.

You sound much like the cyber-friend I made on the Kaspersky forums!

P2U is/was Dutch, Married to a Russian woman and lives(d) in Moscow. I
'met' him on the Kaspersky forums after I had bought KAV7 a few years
ago. Amongst other things he specialised in computer forensics and was
trying to help me investigate how 'bad guys' do things.


Here is a past PM conversation:

QUOTE (by me! BD)

If I type http://www.annex.com into IE7, my AOL browser or Firefox - it
works as expected (or should I say as I might expect?).
I wouldn't be surprised if you told me something was not quite right,
even at first base!

REPLY

I understand that googlesyndication and google-analytics are there
asking to execute scripts and to drop cookies, but what the **** are
live.com and msn.com doing there?!?
OK. I'll register later today as p2u. I have to go and see a student
right now. I'll be back in an hour or three.

Paul

_____________________________________________________________________

Regrettably, little further progress ensued. Here's the reason why.

Message from Paul, 27.09.2008 05:50

Hi, Dave!

Yes, I owe you an explanation, but I couldn't find the strength to write
you about it. At the end of last year, I was diagnosed with a swelling
in the pancreatic area. I've been through hell all this time. Life
expectancy is not much; at most 2 years. The problem is that the
swelling was benign, but is turning into a malignant one. An operation
means almost certain death. I'm not afraid of dying, not for myself - I
just wonder how my little son is going to take this.
I hope you understand, that in such a state of mind I'm not eager at all
to communicate with anyone. This is nothing personal. I hope you
understand that. That's also the reason why I rarely appear on this
forum - the 'how-are-you' stuff scares me. I don't know how I am and why
this is happening to me...

Kind regards,

Paul
_______________________________________________________________________


There is more information here should you be mildly interested.

http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.security&tid=7f8b4469-dc0f-4b3a-97b9-bff300db8714&cat=&lang=&cr=&sloc=&p=1

Or http://snurl.com/vy6sc

It is basically an extract of posts I 'stored' on Jenn's BB but folk
would have to register to read same there. http://pqlr.org/bbs/

If I'm wasting your time, forgive me. My only ambition is to help, in
any small way, to ruffle the feathers of the bad guys to which you
refer. I seek only the truth.

--
Dave