Looks like I have a new project for next week, once this weeks messy proposals nastiness is out of the way. A staffer at a Russian ISP tipped me off to an old malware company learning a new trick, with essentially a distributed, keyboard-watching spy network turning your typos into gold in the form of misspelled domain registrations leading to portal-potties full of ad-trash. First step is figuring out their program’s nuisance-grade request obfuscation (calling it “encryption” would be like calling a McDonald’s trainee a chef, but I haven’t gotten around to decoding it yet); next step is flooding it with statistically significant bogus requests and seeing if they take the bait. Third step, as you know, is profit!<\/strike> publishing the findings for peer-review, and retaining a lawyer*. <\/p>\n
PS. VMWare Player<\/a> kicks ass. This is free<\/i> (as in beer) virtual machine software that runs on Windoze, Linux and probably a couple others. Free as in catch did you say? Of course there is a catch: it won’t let you create your own virtual machine images (officially…), only download and run pre-made ones. However, here is also a great article<\/a> on creating your own custom images using QEmu, an open-source virtualization program that can write image files in VMWare player’s format. The easiest way to set up a dodgy-software sandbox is create a blank IDE (or SCSI, etc.) drive image using Qemu, start it inside VMWare Player, pop in your favorite** OS install CD, and close VMWare & make a copy of the image files when the OS finishes installing. Viola, you now have a perpetually clean OS copy to run dangerous crap on! When finished, simply close VMWare again and overwrite the now dirty copy with your saved clean one.<\/p>\n *for when theirs inevitably find out that said findings have been published, and raises a hissy. Or, move to Finland and simply thumb nose at malware vendor…<\/p>\n ** as measured by the remaining thickness of the install CD (you reinstalled Windows HOW many times? Gosh, you must love it!).<\/p>\n","protected":false},"excerpt":{"rendered":" Looks like I have a new project for next week, once this weeks messy proposals nastiness is out of the way. A staffer at a Russian ISP tipped me off to an old malware company learning a new trick, with essentially a distributed, keyboard-watching spy network turning your typos into gold in the form of […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_FSMCFIC_featured_image_caption":"","_FSMCFIC_featured_image_nocaption":"","_FSMCFIC_featured_image_hide":"","iawp_total_views":0,"footnotes":""},"categories":[4],"tags":[],"class_list":["post-370","post","type-post","status-publish","format-standard","hentry","category-geek"],"_links":{"self":[{"href":"https:\/\/tim.cexx.org\/index.php?rest_route=\/wp\/v2\/posts\/370","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tim.cexx.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tim.cexx.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tim.cexx.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tim.cexx.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=370"}],"version-history":[{"count":0,"href":"https:\/\/tim.cexx.org\/index.php?rest_route=\/wp\/v2\/posts\/370\/revisions"}],"wp:attachment":[{"href":"https:\/\/tim.cexx.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=370"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tim.cexx.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=370"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tim.cexx.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=370"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}