Author Topic: Malware Update/Apology  (Read 21800 times)

0 Members and 1 Guest are viewing this topic.

Ehelldame

  • Administrator
  • *****
  • Posts: 2792
  • I'm evil personified to the terminally crass.
    • Etiquette Hell
Malware Update/Apology
« on: December 29, 2011, 11:25:09 AM »
First,  I want to apologize to the readers of this forum for my recent unprofessional behavior in regards to this matter.   I was profoundly frustrated and offended at the emails and public comments from a few individuals who crossed the line into accusations that were not reflective of what was actually happening behind the administrative scene or who exploited this issue to push personal agendas that had no relevance to this issue.   I, in turn, expressed myself very angrily to a number of people that probably did not deserve it and for that I am sorry.

2.  There will soon be forthcoming a Malware FAQ to address issues of how to safeguard your computer, how to remove rogue antivirus viruses and other virus, how to report possible problems coming from this site.   If there are several tech savvy members who would be willing to volunteer to help people, please PM me. 

3.  I will continue to post updates on this issue to the forum.  It is within this forum that the AV alerts have been seen.  No one has reported seeing an AV alert while on the two blogs.   Also, Facebook is probably more likely to have malware than Ehell.   http://blogs.technet.com/b/mmpc/archive/2011/11/17/keep-your-facebook-friends-close-and-your-antivirus-closer.aspx
http://www.geeknewscentral.com/2011/07/18/facebook-malware-application-posing-at-google-invite/
http://blogs.wsj.com/digits/2011/03/29/app-watch-the-deadly-sins-of-facebook-malware/
Or this study indicating that as many as 1/5th of Facebook users are exposed to malware:  http://news.cnet.com/8301-13577_3-20023626-36.html

I repeatedly get the "Update your Adobe Flash Player" while on Facebook.  It may be a legitimate link to Adobe but since this is a known scam for infecting computers with rogue antivirus malware, I'm not clicking on it.   Other avenues that Facebook has delivered malware is via "who is poking me", "who is looking at my profile", Google Plus link, links to videos are all ways FB users have been tricked into downloading malware. 

4. In the past I have shared quite openly any information concerning malware issues that affect members or readers of Ehell.   The most recent event was late last year when a few individuals reported their AV was alerting while on Ehell which turned out to be a false positive by one particular AV software company both readers had.   Another was in April 2010 when a Curves ad delivered through Google Adsense was found to be have malware in it.  http://www.etiquettehell.com/smf/index.php?topic=77113.15 


5. About 20 people have reported AV activity while on Ehell.  Most of those have had a virus/trojan intrusion blocked by their AV software and therefore nothing more needs to be done.  You are protected.   Three, maybe four have reported being infected with Win 7 Security 2012 or Vista 2012.  What Norton tech support has told me is that this virus is delivered either by a "drive-by download" from an infected or malicious domain  but that 90% of infections come about by the user clicking on a link or pop up.  There is no evidence that Ehell is infected or is a "drive by download" site according to Google Diagnostics and numerous scans.  Given the nature of the virus, it can lie quietly in your computer until some event triggers it.  For all we know, a discussion on Ehell about technology and viruses is enough to wake up the virus on an infected computer and tell the user it is infected and they need to buy software to remove it. 

Three Norton users reported having "Malicious Toolkit 4" blocked while on Ehell.  I filed a request with Norton that they check to see if this was a false report since no one else's AV was finding the same virus and in particular, to scan the forum.  Here is the content of the email from Norton:

We are writing in relation to your submission through Symantec's on-line Security Risk / False Positive Dispute Submission form for your site being detected by Symantec Software. We have been unable to reproduce this detection. Can we please ask you to ensure that you are using Symantec's latest virus definitions for detection? They can be found using live update or alternatively from the URL below.

http://securityresponse.symantec.com/avcenter/defs.download.html
Due to not being able to reproduce this issue we require the additional information below to progress the dispute.

* The message or a screen shot of the message received

* Exact instructions on how to recreate issue

* Symantec product and version being used for detection

Sincerely,
Symantec Security Response



As you can see, Norton cannot find the problem either and needs the same kind of information I have been requesting, i.e. screen shots, browser and AV version information to further investigate.  And users advised to update to the latest definitions.

6.   It is possible the server has been hacked although thorough scans have not revealed that and if it were, a clean reinstall of the forum software on December 24th should have eliminated it.  Over the years I have been threatened on rare occasions that someone's hacker boyfriend was hack into the server but those are pretty obsessed, disturbed people.   

In the early hours of December 23rd, SMF (the forum's software) released a security patch update which we installed within hours.   Hackers often exploit vulnerabilities in software that is not updated.   There is a reason why there are virtually no modification packages added to the forum since each one, if not updated, exposes a vulnerability.  The software running on the site has and is current and up to date.

Sigs will be reenabled within a day or two but some of you may find that your sig content isn't displaying correctly or not at all.  We have disabled all php and script coding that can come through a sig file.   If you suspect someone's sig contains something hinky, report it via the "Report to Moderator" link on the post. 

7.  Google ads have been known to deliver malware via AdSense ads before.  Google is currently being very slow in responding to my reports, perhaps in part because we don't know exactly which ad it could be that is infected or if the malware is coming from AdSense.   Nonetheless, I have blocked ads displaying on Ehell from these domains which several people have reported as having been identified as "attacking URLs":

zarerd.com/news
knalds.com/news
static-host.net

8.  While we have an obligation on our end to keep the server and the software updated to eliminate vulnerable openings for malware to exploit, each person has a responsibility to guard their own computers by updating to more modern, less buggy browsers; buying more reliable, well rated AV software rather than relying on free AV; keeping browsers/AV software/AV definitions/Apps like Adobe Flash updated and current; becoming knowledgeable about the latest ways malware can attack your computer; and be very cautious about clicking on links and pop ups, even if they are disguised to look like your browser or AV software.   Being safe online means you need to be diligent.     It's a sad state of affairs that we all have to gird ourselves and be suspicious when surfing lest cyber criminals "wolves" dressed as sheep deceive into infecting with viruses.   

Ceallach

  • Hero Member
  • ***
  • Posts: 4780
    • This Is It
Re: Malware Update/Apology
« Reply #1 on: December 29, 2011, 05:42:49 PM »
Thank you.  It's not surprising that amongst such a large user base there will be viruses, and that this site may seem to be the common link among them.  It sounds as though you're well across the risks and protecting eHellions as much as within your power to do so. 
"Nobody can do everything, but everybody can do something"


artk2002

  • Super Hero!
  • ****
  • Posts: 12984
    • The Delian's Commonwealth
Re: Malware Update/Apology
« Reply #2 on: December 29, 2011, 08:03:16 PM »
Something for people who make the automatic assumption that "I had EHell open last, therefore EHell gave me the virus": Post hoc ergo propter hoc. It's a logical fallacy -- one that's very easy to fall into, but a fallacy nonetheless.
Twenty years from now you will be more disappointed by the things that you didn't do than by the ones you did do. So throw off the bow lines. Sail away from the safe harbor. Catch the trade winds in your sails. Explore. Dream. Discover. -Mark Twain

Wonderflonium

  • DO NOT BOUNCE
  • Super Hero!
  • ****
  • Posts: 9091
  • I have a PhD in horribleness.
Re: Malware Update/Apology
« Reply #3 on: December 29, 2011, 08:30:45 PM »
Art, that doesn't apply here. From your link:

Quote
The fallacy lies in coming to a conclusion based solely on the order of events, rather than taking into account other factors that might rule out the connection.

We aren't coming to the conclusion based soley on the order of events. We are basing the conclusion on multiple factors. The 2 main ones are the fact that the virus tried to download when we were only on eHell (not just that it appeared when we had eHell open, but that it was actively blocked from loading onto formerly clean computers when only eHell was open) and the fact that it was the ONLY site that we all had in common.

Of course correlation doesn't prove causation, but at the same time, Occam's Razor (and common sense) should be considered.
The status is not quo!

TheBardess

  • Member
  • **
  • Posts: 668
  • I would not, could not with a goat...
    • Books in My Head
Re: Malware Update/Apology
« Reply #4 on: December 29, 2011, 08:45:29 PM »
Art, that doesn't apply here. From your link:

Quote
The fallacy lies in coming to a conclusion based solely on the order of events, rather than taking into account other factors that might rule out the connection.

We aren't coming to the conclusion based soley on the order of events. We are basing the conclusion on multiple factors. The 2 main ones are the fact that the virus tried to download when we were only on eHell (not just that it appeared when we had eHell open, but that it was actively blocked from loading onto formerly clean computers when only eHell was open) and the fact that it was the ONLY site that we all had in common.

Of course correlation doesn't prove causation, but at the same time, Occam's Razor (and common sense) should be considered.

There's also the fact that several people got the virus more than once- and each time they got it, it was while browsing EHell (sometimes only EHell).

I do, however, appreciate the efforts that have been made to ensure that the site is clean and its users safe.
"Follies and nonsense, whims and inconsistencies DO divert me, I own- and I laugh at them whenever I can." -Jane Austen

Literary Adventures! http://thebooksinmyhead.blogspot.com

EduardosGirl

  • He's thinking about you right now...
  • Member
  • **
  • Posts: 519
Re: Malware Update/Apology
« Reply #5 on: December 29, 2011, 10:53:20 PM »
I don't know, but this seems like the very soul of a qualified apology. I can certainly understand being under a lot of personal pressure but it is how we conduct ourselves in times of stress that defines us, not how pleasant we can be when the world is all rainbows and fruit cups. I am truly sorry that you have been going through difficult times, but that does not excuse the invective and poor behaviour exhibited towards a number of people who did *not* deserve it.

In addition to hot_shaker being banned for, at best, a throw away joke on a Facebook group which has members exceeding 200, or at worst for questioning on the Facebook page which was removed, I know of a number of very long term posters who have decided to not return to the forum after this, including some who were essentially called liars for reporting they had been attacked by a virus at all. I'm not speaking for them but I can't say I blame them. I myself did not appreciate being called a bald faced liar in the now deleted malware thread.

I do sincerely hope the stressors in your personal life will resolve themselves promptly and happily.

Shoo

  • Super Hero!
  • ****
  • Posts: 16393
Re: Malware Update/Apology
« Reply #6 on: December 29, 2011, 11:31:35 PM »
I don't know, but this seems like the very soul of a qualified apology. I can certainly understand being under a lot of personal pressure but it is how we conduct ourselves in times of stress that defines us, not how pleasant we can be when the world is all rainbows and fruit cups. I am truly sorry that you have been going through difficult times, but that does not excuse the invective and poor behaviour exhibited towards a number of people who did *not* deserve it.


So now you're criticizing her apology?

EduardosGirl

  • He's thinking about you right now...
  • Member
  • **
  • Posts: 519
Re: Malware Update/Apology
« Reply #7 on: December 29, 2011, 11:35:29 PM »
I don't know, but this seems like the very soul of a qualified apology. I can certainly understand being under a lot of personal pressure but it is how we conduct ourselves in times of stress that defines us, not how pleasant we can be when the world is all rainbows and fruit cups. I am truly sorry that you have been going through difficult times, but that does not excuse the invective and poor behaviour exhibited towards a number of people who did *not* deserve it.


So now you're criticizing her apology?

I'm taking issue with a non-apology. How often has it been stated on the boards that if you apologise and sincerely mean it, then you apologise. You don't add disclaimers or qualifiers. "I made a mistake, I handled it poorly, I apologise." That is my point.

Shoo

  • Super Hero!
  • ****
  • Posts: 16393
Re: Malware Update/Apology
« Reply #8 on: December 29, 2011, 11:37:15 PM »
I don't know, but this seems like the very soul of a qualified apology. I can certainly understand being under a lot of personal pressure but it is how we conduct ourselves in times of stress that defines us, not how pleasant we can be when the world is all rainbows and fruit cups. I am truly sorry that you have been going through difficult times, but that does not excuse the invective and poor behaviour exhibited towards a number of people who did *not* deserve it.


So now you're criticizing her apology?

I'm taking issue with a non-apology. How often has it been stated on the boards that if you apologise and sincerely mean it, then you apologise. You don't add disclaimers or qualifiers. "I made a mistake, I handled it poorly, I apologise." That is my point.

It certainly wasn't a non-apology.  I found it to be very sincere.  Just because she included background information doesn't invalidate her apology.

You're just looking for offense now.  It's obvious.

O'Dell

  • Hero Member
  • ***
  • Posts: 4372
Re: Malware Update/Apology
« Reply #9 on: December 29, 2011, 11:38:37 PM »
I don't know, but this seems like the very soul of a qualified apology. I can certainly understand being under a lot of personal pressure but it is how we conduct ourselves in times of stress that defines us, not how pleasant we can be when the world is all rainbows and fruit cups. I am truly sorry that you have been going through difficult times, but that does not excuse the invective and poor behaviour exhibited towards a number of people who did *not* deserve it.


So now you're criticizing her apology?

I'm taking issue with a non-apology. How often has it been stated on the boards that if you apologise and sincerely mean it, then you apologise. You don't add disclaimers or qualifiers. "I made a mistake, I handled it poorly, I apologise." That is my point.

I read an apology, not a non-apology. Maybe you should take this up with the Dame personally.
Do I contradict myself? Very well, then I contradict myself, I am large, I contain multitudes.
Walt Whitman

EduardosGirl

  • He's thinking about you right now...
  • Member
  • **
  • Posts: 519
Re: Malware Update/Apology
« Reply #10 on: December 29, 2011, 11:40:55 PM »
I don't know, but this seems like the very soul of a qualified apology. I can certainly understand being under a lot of personal pressure but it is how we conduct ourselves in times of stress that defines us, not how pleasant we can be when the world is all rainbows and fruit cups. I am truly sorry that you have been going through difficult times, but that does not excuse the invective and poor behaviour exhibited towards a number of people who did *not* deserve it.


So now you're criticizing her apology?

I'm taking issue with a non-apology. How often has it been stated on the boards that if you apologise and sincerely mean it, then you apologise. You don't add disclaimers or qualifiers. "I made a mistake, I handled it poorly, I apologise." That is my point.

It certainly wasn't a non-apology.  I found it to be very sincere.  Just because she included background information doesn't invalidate her apology.

You're just looking for offense now.  It's obvious.

I can assure you I'm not looking for offence. I apologise if that is how you've perceived it but it's not the case.

I did also sincerely offer my hopes that the Dame's issues are quickly resolved to her satisfaction. I don't wish her ill, but the fact remains that damage has been done and the statements just feel like too little too late.

Ceallach

  • Hero Member
  • ***
  • Posts: 4780
    • This Is It
Re: Malware Update/Apology
« Reply #11 on: December 29, 2011, 11:51:17 PM »
I don't know, but this seems like the very soul of a qualified apology. I can certainly understand being under a lot of personal pressure but it is how we conduct ourselves in times of stress that defines us, not how pleasant we can be when the world is all rainbows and fruit cups. I am truly sorry that you have been going through difficult times, but that does not excuse the invective and poor behaviour exhibited towards a number of people who did *not* deserve it.


So now you're criticizing her apology?

I'm taking issue with a non-apology. How often has it been stated on the boards that if you apologise and sincerely mean it, then you apologise. You don't add disclaimers or qualifiers. "I made a mistake, I handled it poorly, I apologise." That is my point.

It certainly wasn't a non-apology.  I found it to be very sincere.  Just because she included background information doesn't invalidate her apology.

You're just looking for offense now.  It's obvious.

I can assure you I'm not looking for offence. I apologise if that is how you've perceived it but it's not the case.

I did also sincerely offer my hopes that the Dame's issues are quickly resolved to her satisfaction. I don't wish her ill, but the fact remains that damage has been done and the statements just feel like too little too late.

You are very publically critical of the dame, both on this and other threads.  I assume you have also taken up your concerns with her in private and had a mature, private dialogue about your issues, rather than just constant public criticism?  Because I personally think that would be the polite approach given the highly insulting nature of the accusations and concerns you have expressed.  Otherwise it appears as though you are simply trying to cause trouble, which is how it comes across to many of us.
"Nobody can do everything, but everybody can do something"


Dindrane

  • Super Hero!
  • ****
  • Posts: 15401
Re: Malware Update/Apology
« Reply #12 on: December 29, 2011, 11:54:34 PM »

I can assure you I'm not looking for offence. I apologise if that is how you've perceived it but it's not the case.

I did also sincerely offer my hopes that the Dame's issues are quickly resolved to her satisfaction. I don't wish her ill, but the fact remains that damage has been done and the statements just feel like too little too late.

The bolded is a classic non-apology.  I don't think the Dame's sounded like that.  The fact that her post covered multiple topics does not negate the sincerity of the apology offered in the first section.  Whether or not you agree that it was sincere, you don't really help your case when you call her out for it publicly.  There is always a private way to express that you think serious damage has been done without being adequately addressed.  If you still feel that way, you might be better off using a PM.


EduardosGirl

  • He's thinking about you right now...
  • Member
  • **
  • Posts: 519
Re: Malware Update/Apology
« Reply #13 on: December 30, 2011, 12:01:54 AM »
I don't know, but this seems like the very soul of a qualified apology. I can certainly understand being under a lot of personal pressure but it is how we conduct ourselves in times of stress that defines us, not how pleasant we can be when the world is all rainbows and fruit cups. I am truly sorry that you have been going through difficult times, but that does not excuse the invective and poor behaviour exhibited towards a number of people who did *not* deserve it.


So now you're criticizing her apology?

I'm taking issue with a non-apology. How often has it been stated on the boards that if you apologise and sincerely mean it, then you apologise. You don't add disclaimers or qualifiers. "I made a mistake, I handled it poorly, I apologise." That is my point.

It certainly wasn't a non-apology.  I found it to be very sincere.  Just because she included background information doesn't invalidate her apology.

You're just looking for offense now.  It's obvious.

I can assure you I'm not looking for offence. I apologise if that is how you've perceived it but it's not the case.

I did also sincerely offer my hopes that the Dame's issues are quickly resolved to her satisfaction. I don't wish her ill, but the fact remains that damage has been done and the statements just feel like too little too late.

You are very publically critical of the dame, both on this and other threads.  I assume you have also taken up your concerns with her in private and had a mature, private dialogue about your issues, rather than just constant public criticism?  Because I personally think that would be the polite approach given the highly insulting nature of the accusations and concerns you have expressed.  Otherwise it appears as though you are simply trying to cause trouble, which is how it comes across to many of us.

I am responding to the Dame's public actions. If we perceive rude or even egregious behaviour, is it not sometimes better to politely call on it in the same forum? I don't believe this is retaliatory rudeness, nor is it inflammatory. The Dame has made statements in public that I strongly disagree with, including statements of negative repute against my friends. Yet I should only address that in PM? If my friend - or myself - is publicly called a liar, I shall address that publicly.

I can assure you I am not trying to cause trouble. My criticism makes up a very tiny proportion of my thoughts and actions regarding the forum. But, again, I felt my concerns warranted speaking up. You don't have to agree with them, but that doesn't make them invalid.

EduardosGirl

  • He's thinking about you right now...
  • Member
  • **
  • Posts: 519
Re: Malware Update/Apology
« Reply #14 on: December 30, 2011, 12:04:24 AM »

I can assure you I'm not looking for offence. I apologise if that is how you've perceived it but it's not the case.

I did also sincerely offer my hopes that the Dame's issues are quickly resolved to her satisfaction. I don't wish her ill, but the fact remains that damage has been done and the statements just feel like too little too late.

The bolded is a classic non-apology.  I don't think the Dame's sounded like that.  The fact that her post covered multiple topics does not negate the sincerity of the apology offered in the first section.  Whether or not you agree that it was sincere, you don't really help your case when you call her out for it publicly.  There is always a private way to express that you think serious damage has been done without being adequately addressed.  If you still feel that way, you might be better off using a PM.

I used that as an example. That is how the Dame's apology read to me.