Comments for etix's weblog http://blog.l0cal.com Random ♺ stuff Tue, 27 Sep 2011 05:45:12 +0000 hourly 1 http://wordpress.org/?v=3.3.1 Comment on These companies that mislead our users by Peter http://blog.l0cal.com/2011/07/07/these-companies-that-mislead-our-users/comment-page-1/#comment-538 Peter Tue, 27 Sep 2011 05:45:12 +0000 http://blog.l0cal.com/?p=326#comment-538 VLC.de hijack the browser IE and Firefox! Look here: http://www.trojaner-board.de/66529-warnung-vor-vlc-player-von-vlc-de-adware-und-mehr.html VLC.de hijack the browser IE and Firefox!

Look here: http://www.trojaner-board.de/66529-warnung-vor-vlc-player-von-vlc-de-adware-und-mehr.html

]]> Comment on These companies that mislead our users by Ronald http://blog.l0cal.com/2011/07/07/these-companies-that-mislead-our-users/comment-page-1/#comment-424 Ronald Thu, 21 Jul 2011 10:26:52 +0000 http://blog.l0cal.com/?p=326#comment-424 This blog has been also linked at in the newsletter from 2011/07/21 by Bürger-CERT (http://www.buerger-cert.de/) by the German Ministry for Security in the Information Technology: http://www.buerger-cert.de/newsletter_archiv.aspx?param=Zxo7YT%2f0plfW0EHbCemqzA%253d%253d But as long as there are people clicking on those sites and downloading fake and malware programs without having any idea of security, sites like the mentioned ones above will exist! This blog has been also linked at in the newsletter from 2011/07/21 by Bürger-CERT (http://www.buerger-cert.de/) by the German Ministry for Security in the Information Technology: http://www.buerger-cert.de/newsletter_archiv.aspx?param=Zxo7YT%2f0plfW0EHbCemqzA%253d%253d

But as long as there are people clicking on those sites and downloading fake and malware programs without having any idea of security, sites like the mentioned ones above will exist!

]]> Comment on These companies that mislead our users by gibbon_ http://blog.l0cal.com/2011/07/07/these-companies-that-mislead-our-users/comment-page-1/#comment-416 gibbon_ Mon, 18 Jul 2011 10:02:13 +0000 http://blog.l0cal.com/?p=326#comment-416 The binaries contain some kind of "AdWare" like Software that can be deselected during installation. Its not guaranteed, that the rest of the installation does not do unwanted modifications, if you deselect the AdWare. It though looks like the custom installer launches the official VLC installer after installing the AdWare (wrapped installation). So far so bad :(. The binaries contain some kind of “AdWare” like Software that can be deselected during installation. Its not guaranteed, that the rest of the installation does not do unwanted modifications, if you deselect the AdWare. It though looks like the custom installer launches the official VLC installer after installing the AdWare (wrapped installation). So far so bad :( .

]]> Comment on These companies that mislead our users by Thomas C. http://blog.l0cal.com/2011/07/07/these-companies-that-mislead-our-users/comment-page-1/#comment-414 Thomas C. Mon, 18 Jul 2011 04:15:51 +0000 http://blog.l0cal.com/?p=326#comment-414 more sites?! http://www.vlc.de/ http://www.vlcmediaplayer.org/ http://www.vlc-download.de/ http://www.vlc-media-player.biz/ more sites?!
http://www.vlc.de/
http://www.vlcmediaplayer.org/
http://www.vlc-download.de/
http://www.vlc-media-player.biz/

]]> Comment on These companies that mislead our users by etix http://blog.l0cal.com/2011/07/07/these-companies-that-mislead-our-users/comment-page-1/#comment-412 etix Mon, 18 Jul 2011 00:42:05 +0000 http://blog.l0cal.com/?p=326#comment-412 AFAIK most of these alerts came from their heuristic that detects some VLC modules (that contains assembly code) as some sort of trojan. AFAIK most of these alerts came from their heuristic that detects some VLC modules (that contains assembly code) as some sort of trojan.

]]> Comment on These companies that mislead our users by etix http://blog.l0cal.com/2011/07/07/these-companies-that-mislead-our-users/comment-page-1/#comment-411 etix Mon, 18 Jul 2011 00:33:30 +0000 http://blog.l0cal.com/?p=326#comment-411 Sadly most (if not all) of our user base on Windows don't check for md5 signatures after they download VLC. Doing something more "user-friendly" (other than md5sum on the downloaded file) won't work because these fake could easily bypass the security check as they don't touch VLC binaries but only the installer. Sadly most (if not all) of our user base on Windows don’t check for md5 signatures after they download VLC. Doing something more “user-friendly” (other than md5sum on the downloaded file) won’t work because these fake could easily bypass the security check as they don’t touch VLC binaries but only the installer.

]]> Comment on These companies that mislead our users by Chris http://blog.l0cal.com/2011/07/07/these-companies-that-mislead-our-users/comment-page-1/#comment-410 Chris Mon, 18 Jul 2011 00:11:51 +0000 http://blog.l0cal.com/?p=326#comment-410 You have been cited on www.heise.de - this should make an impact on the evil clones.... at least in Germany, Austria & Switzerland (german speaking countries). The article is here: http://www.heise.de/newsticker/meldung/VLC-kaempft-mit-Luecken-und-betruegerischen-Klonen-1279867.html Greetings! You have been cited on http://www.heise.de – this should make an impact on the evil clones…. at least in Germany, Austria & Switzerland (german speaking countries).

The article is here: http://www.heise.de/newsticker/meldung/VLC-kaempft-mit-Luecken-und-betruegerischen-Klonen-1279867.html

Greetings!

]]> Comment on These companies that mislead our users by Aragorn2 http://blog.l0cal.com/2011/07/07/these-companies-that-mislead-our-users/comment-page-1/#comment-408 Aragorn2 Sun, 17 Jul 2011 15:26:31 +0000 http://blog.l0cal.com/?p=326#comment-408 Why do you not implement code-signing for your distributed executables? At least for the criminals primary target OS family, for Windows. Use code-signing, maybe from CaCert.org can prove the VLC is genuine. A prominent menu-entry can simply do a self-check (SHA2/Whirlpool-checksum). If this menu-item is not present, this is a strong hint, it is a badware. Why do you not implement code-signing for your distributed executables? At least for the criminals primary target OS family, for Windows. Use code-signing, maybe from CaCert.org can prove the VLC is genuine. A prominent menu-entry can simply do a self-check (SHA2/Whirlpool-checksum). If this menu-item is not present, this is a strong hint, it is a badware.

]]> Comment on These companies that mislead our users by eumel_1 http://blog.l0cal.com/2011/07/07/these-companies-that-mislead-our-users/comment-page-1/#comment-407 eumel_1 Sun, 17 Jul 2011 11:05:53 +0000 http://blog.l0cal.com/?p=326#comment-407 The site VLC.de gives you Malware to download: Filesize VLC 1.1.10 from original (videolan.org): 21.022.914 Bytes Filesize VLC 1.1.10 Fake from this website: 21.131.264 Bytes any more questions? Also the 0180 telephone number is very suspect The site VLC.de gives you Malware to download:
Filesize VLC 1.1.10 from original (videolan.org): 21.022.914 Bytes
Filesize VLC 1.1.10 Fake from this website: 21.131.264 Bytes
any more questions?
Also the 0180 telephone number is very suspect

]]> Comment on These companies that mislead our users by rura http://blog.l0cal.com/2011/07/07/these-companies-that-mislead-our-users/comment-page-1/#comment-406 rura Sun, 17 Jul 2011 10:16:59 +0000 http://blog.l0cal.com/?p=326#comment-406 I have a case where google cashed in close to 1 MILLION €uros from german cybercrime for adwords for fake online shops! I have a case where google cashed in close to 1 MILLION €uros from german cybercrime for adwords for fake online shops!

]]>