* Posts by Sub Wrath

10 posts • joined 29 Jun 2009

HMRC warns (again) over tax refund phishing scams

Sub Wrath

had one yesterday

think it was going on about "cash windfall bonus" payments or something along those lines.

more chance of winning the lottery without playing, really.

ROBOT COP scatters LIVE GRENADES in San Francisco STREET

Sub Wrath

skynet averted then

shame, was looking forward to being eaten by the toaster.

Sony PS3 rootkit rumours rubbished

Sub Wrath

accuracy, where art thou?

"he was blasting bittorrent while praising MS's own propitiatory P2P client over it.... he also got an MVP award from Microsoft, hmmm..."

aside from thinking a microsoft award would make him more inclined to bash a rival than defend it (or at least show some restraint before jumping on the "omg ps3 virus incoming" bandwagon), if youre gonna mention well known adware stories from the past couple of years at least do more than skim related articles then post incorrect information.

you must be refering to this http://www.pcmag.com/article2/0,2817,1829724,00.asp where john dvorak brought up the MS p2p system that had not been mentioned anywhere in relation to that story - nor did anyone "bash bittorrent", numerous researchers including boyd, pcpitsop and other sites highlighted potentially illegal content mixed up in supposedly legit adware bundles from some of the biggest adware companies of the day http://www.pcpitstop.com/spycheck/badtorrent.asp

dvoraks article was so silly that eweek called him out on it. http://www.eweek.com/c/a/Security/There-Is-No-Conspiracy-Against-BitTorrent/

to my knowledge, nobody involved in that research then or since ever mentioned avalanche besides dvorak. so no, nobody "bashed bittorent" and five minutes reading would have brought you to the same conclusion.

"First of all, anyone here with a brain knows how useless and baseless a TOS or EULA is"

EULAs go to court all the time, and many lawyers work with it all the time like these guys http://www.aftab.com/

whether you complain about a EULA afterwards or not the damage is done, and console provider / software creator has probably already done what they wanted to do, or has the power to do it unless you take some drastic action. after the fact is too late, agree and go into it or refuse and go elsewhere. if you're not aware of eula / ToS / contract law going into court on a regular basis, you should probably stop commenting on it right now.

"Second, he basically confirmed that there IS a rootkit, so how has this "rumor" been "debunked" exactly?"

most of the comments i can see from him here were lifted from informal discussions with others on twitter where the basis was IF this exists, then it probably isn't a big deal - but if it does, there's not much you can do about it but you're not going to end up with your console exploding. mashing unrelated comments from elsewhere out of context and combining with whatever he said to the register causes some confusion imho, but its not particularly hard to work out.

btw did you miss above that the matheiu guy who first mentioned this has now said he never claimed a rookit shipped? mass hysteria over NOTHING.

"Finally, once it's inner workings are disassembled, and they will be, ANYONE can send a command through "the tubes" and wreck havoc, and SONY will be the one to blame for putting this backdoor in there on purpose in the first place."

take a deep breath, then clearly highlight how someone will send "a command through the tubes" to do something malicious to my PS3. if you can't do this, you're pulling ideas out of the sky.

"I would not be surprised if Sony paid off this guy, he has shown to be arguing for the sake of whoever gives him recognition or money in the past. "

you're back to your incorrect assumptions about the bittorrent thing, aren't you? but i'll play ball:

1) he often complains about microsoft on his various blogs, and has been very vocal in the security shortcomings of both their console and their operating systems at conferences and elsewhere. it seems the "bias" extends to you picking and choosing what to highlight.

2) who has "given him money in the past"?

Sub Wrath

no, you try again

"You really can't be serious saying that I should not care what a networked piece of equipment in my house is doing?"

Unless you're hacking your console to bits with mod tools, please explain what ANYBODY who isnt a modder knows what the inner workings of their console is doing. as evidenced by the reaction to this, people seem to think consoles work with magic pixie dust.

if you care so much, pop it open, see for yourself then stay offline if you disagree or buy something else. the constant modding & cracking leaves sony little choice at this point.

"what on earth do you think sony are going to do to your console or data?"

"Well, they can stop the console from playing a specific game, for example - remember 1984 on Kindle? Or kill your console altogether, if they want to for some concocted "intellectual property" violation."

Wait, this is getting silly now. consoles in the current gen have ALWAYS been able to out and out ban a username from a specific game, or indeed ban the console forever if evidence of cheating and / or piracy has been found. ps3, xbox, have done this for YEARS. 1984 and kindle has absolutely no relevance at all to someone having their console banned if they trip enough checks and flags for cheating.

and if you don't want to be pulled for "IP violation", the solution is simple: DON'T GO ONLINE WITH A MODDED BOX.

other than preventing your online access I'm struggling to see what danger there is to your data - most (or all) of which is stored on the PSN, outside of your console and effectively outside of your control if someone happens to hack your PSN account while you're tucked up in bed.

and as mentioned elsewhere, the person who first started this on IRC has now said he didn't claim there was a rootkit, just that he'd seen "some evidence" of remote activity.

still don't see the big deal.

Sub Wrath

someone answered that one above

cut and paste time:

"1 there is NO WAY to run code that isn't approved by sony on the latest firmware, because although its been opened up it hasn't been cracked. so people worrying about malicious signed pretending-to-be-sony code is just as pointless as worrying about malicious unsigned creeped-out-of-the-gutter code.

so it goes back to being an issue of not getting on PSN for modders who can't update. nobody is going to somehow magically send your PS3 some dodgy code and make it blow up, signed, unsigned or co-signed which is what most of the crying and shouting seems to be about.

2 see above. i'd imagine the majority of people who arent modding don't care what sony runs on their console. do they know what the console has been doing / running the last six months or a year that they've had their console for? of course they don't, they haven't got a clue other than it comes on when they press the power button."

what on earth do you think sony are going to do to your console or data? what information do you have stored on the console that is so terrifying to you? as far as i can remember, everything like payment information & personal details are stored on the playstation network, NOT the console - so what is the problem if you're not modding?

has everyone just suddenly woken up from a deep sleep and realised "holy cow, we have no idea how these consoles sitting in our front room the last 5 years work"?

Sub Wrath

lost in translation

boyd has talked a lot about this on twitter, and i think semantics do play a part here, along with the heaped confusion of what people are talking about - not helped by the hysterical reporting which went from "is there a rootkit" to "console ships with rootkit" in the space of a few days. he seems to be saying the main thing that people are shouting about..."why should sony be able to do things to my console"....has always been in the T&Cs, but IF this is a new addition to the consoles functionality it shouldn't be compared to the 2005 rootkits whether related directly to those sections in the T&Cs or some other aspect of monitoring / changing the system.

all sony seem to be doing is trying to keep the PSN free of modding, which seems fair enough to me and a task made more difficult by all the system exploration going on.

seeing people shriek about "ps3 viruses" and botnets based on some IRC chatter that isn't even confirmed is laughable...and the person who first mentioned this in IRC has even said he was misinterpreted.


"I said on irc that I saw small hints of possible remote execution code in 3.56, not the code itself, people should stop miss-interpreting." "I am tired of seeing sentences I write on irc being somewhat modified and then newsed all over way out of proportion..."

Course, unless his IRC chat was heavily modified he said "3.56 pretty much has a built in psn rootkit" and i'm not sure how else anyone could take that - seems like he's now backpedalling.

Xbox Live billing site snubs Firefox

Sub Wrath

calm down love, take your pills

all he did was confirm you get an "invalid cert" message in firefox, which is exactly what it does for me.

No-good scareware varmints exploit Wild West game

Sub Wrath

more successful than youd think

gamers have been targets from scams for years, they fall for them just as much as anyone else. afaik the game itself is only on console, and just because you own a console doesn't mean you're particularly clued up about dodgy scareware or hacked websites touting trojans. looking at some posts on games forums makes me think quite the opposite, actually.

Everything you ever wanted to know about Xbox hacking

Sub Wrath

Not really...

"find old lady (prefrably a grandmother) , insert egg into mouth, instruct said geriatric lady on the way to suck inserted egg....."

not exactly teaching people to suck eggs, given that so many people continue to fall for console related scams. Everyone I know (and see on xbox forums) that says they've saved their CC dets into the system for things like renewals etc always use their main card, and tend to save them in the system.

and if you want proof of how many people continue to fall for incredibly basic phishing scams, go look at the number of hijacked account posts on the official forums, or see how many phish links are floating around youtube and elsewhere. just because you're aware of the danger doesn't mean the people most likely to fall for these scams are, or else there'd be no need to warn people about these threats in the first place.

Cyber security minister ridiculed over s'kiddie hire plan

Sub Wrath


".. I'd be a little bit peeved at the implication that I used to be some kind of a crim."

the real lack of knowledge on display is shown through his extremely cliched idea that the very first place they'll go looking is amongst the naughty boys, because (of course) theres this myth that ONLY bad guys can do this kind of work. sorry white hats, your skills aren't required unless you choose to go break into something and...er...get caught?


Biting the hand that feeds IT © 1998–2021