No – I’m not dead yet!!

This is a final post at Tigerstail.wordpress.com because I am tired of seeking knowledge and bitching about that which is. It is time to use my skills to develope the solutions to all of the problems I have discovered.

Join Me at jimmicap.wordpress.com

I have never actually visited Bangalore, India but I have really gotten to know the people who live there very well over the last three months.

You see, that is where the Dell Help Center is located.  Whether you want to talk to a live IT tech or chat with one on line, they are all housed in Bangalore.  Three months ago I purchased a new Dell Inspiron 1525 laptop custom designed by my salesperson with my input over the phone.  My salesperson was very personable and was located in Texas.  I felt very comfortable with my purchase.  Little did I know that he was the last person in the USA I would be able to talk to.

Two months after receiving my laptop, it started to freeze up after five minutes of use.  No matter what I did, the mouse and keyboard would freeze up and all of my work would be lost. 

So, I called the Dell Help Center.  The Help Center is a huge office lined with cubbies in which heavily accented techs try to maintain there cool while dealing with irate Americans who are struggling with their Dells.  I talked with Chandrika, Harpreet, Preeti, Sachin, and so many others whose names I did not record.

To talk to one of the techs, I had to remain on hold for twenty minutes.  When a tech named “Ronnie” finally answered and took my information, I was well into my 17th game of Spider Solitaire.  Ronnie kept me on the phone for four and one half hours.  Yes, you read that right! 4.5 hours.  He told me I had completely wipe out my computer and reinstall the operating system and all of the software. 

It seems the problem was the PC -cillin antivirus software that I was sold by my Dell salesperson to ‘protect’ my computer.  It was interfering with my laptop’s functioning.   Huh? Don’t they know about this problem at Dell??   Can I get my money back? Yes, but I have to call a separate number and ship the disc back.  Oh brother!

I spent hours and hours, on this problem, reinstalled all my software, downloaded programs I didn’t have the discs for and Voila! My laptop was working again.

Two weeks later…I turned on my laptop as usual and I had a Black Screen with an error message.  It would not boot.  This time I went to Dell’s Live Chat for help.  I was connected to 3 separate IT techs and each time was ‘accidently’ disconnected.  So, I bit the bullet and called the tech support phone line. 

Great news!  I was told by Preeta that the only thing I could do was completely wipe out my computer and reinstall the operating system and all of the hardware.  Sound familiar?? 

I was not as calm as I was with the first go around.  I asked to speak to a supervisor,  I wanted a replacement laptop as this was evidently a lemon.  Nope!  It’s a software problem not a hardware problem so Dell doesn’t offer replacements, especially not after 21 days of purchase. 

Do other people have this problem with Dells? Oh, yes, I was told,  some people have had to reconfigure their laptops 3 times in one week.  So, my problem of two times in two weeks was nothing.

It wasn’t “nothing” to me!  Aaarrgghhhhh!!!!!

Let’s start with basics, Vista Security is an oxymoron – It simply doesn’t exist.

I finally hacked an installation on a brand new machine and worked at putting an anti-virus on the machine. At the time, everything I tried was incompatable or my downloads were blocked. I tried Zone Alarm, PCcillin and Kaspersky. So I ended up with One Care which the whole world is condemning for being a weak system. I also attempted to install my Malware protection but every time I ran Spybot Search and Destroy, my computer locked up and AdAware wouldn’t update without locking up my machine.

I have now reached the end of my one month trial period for One Care so decided to check my machine and see how outside suppliers rate it. One Care says I’m at risk because I won’t let that cancerous back up program operate and I haven’t paid them. I tried running PCcillin House Call and was told that they couldn’t really check some operating systems. I tried Kaspersky on Line service and it told me I looked OK but there were 150 blocked files that they were incapable of inspecting.

I would have felt better if I was told that they inspected everything and I was clean.

I tried reinstalling Spybot Search and Destroy but it locked up when I tried to update it and I couldn’t get it to run. I tried to run it a few more times. It identified a couple of problems and shut down saying I aborted the process. AdAware refuses to update and stalls. When you force it a few more tries a screen pops up saying the update is complete without telling you what was updated. When I ran it, it took 18 minutes to get half way and finished in one more minute. I removed the cookies I found but don’t really trust the results.

If the Vista machine were used for anything more than surfing and writing an occasional post, I wouldn’t know what to do. I have no idea what kind of bug is on the machine nor do I trust any tools that are supposed to help me find and eliminate it.

Vista Security, Truly an Oxymoron.

How often should I update Windows?

Every hour until you get it right!

One of the reason I like PcCillin is because of its independent search for windows vulnerabilities. Where this tool comes in handy is when my machine starts slowing down for no reason. I mean I did an online virus check and found no virus at all. The caveat of course was that it failed to check about 20 blocked files. I tied running AdAware but found that updates were blocked. So I know I wont trust that result no matter what.

When I did the PcCillin test, I found one vulnerability ms05-04. Since I really didn’t have a clue on trapping my pet bug, I decided to close the vulnerability knowing in the long run it was a fools game.

Keep in mind that this is a fully protected and updated computer just one month ago but yeah I do write some stuff that probably cause me to be spied on by Military Strength Malware.

The first step is to run a Windows update and it told me I needed the latest update module for it to be effective. Naturally, I clicked update and everything was successfully installed so I must be done since this is a very old bug.

Wrong!

Another PcCillin check is run and of course, ms05-04 is still there. So I run update again and get prompted for IE 7 and one other update. I download the one and reject the installation of IE7 so I should be done with this very old bug.

Wrong!

So the next time, I download and accept everything since my default browser is Firefox and I don’t really care which Explorer is not being run. Now I think I ‘m done so I check with PcCillin.

Wrong!

The original bug is gone but a new one ms07-?? has appeared so I download a fix, but now I’m really paranoid so I run PcCillin again to make sure I’m safe.

Wrong!

The new check of PcCillin shows that I now have six vulnerabilities and I run update again. Finally, I run PcCillin and it shows perfect protection

Right??????????

Now this reminds me that at trial, the prosecution says the machine was updated so its protected. Obviously, everybody accepts that updating closes all vulnerabilities but nothing could be further from the truth. The other problem I have is what happened to the bug that opened this vulnerability in the first place. Is it dormant, is it dead will it reappear the next time I visit a government honeypot.

Remember, pictures, documents, logs, records and files are never really destroyed but can still be recovered by forensic tools so not only is everything I’ve done in the past being stored but everything I’m doing in the futer is also being stored waiting for the bugs return.

Over the past several blogs, I’ve been reporting on netstat as a tool to find out who is connecting to my machine. I assumed up until yesterday that all of the Microsoft connections were beneficial updates and not data mining excursions. Now I know different. I was using both netstat and X-netstat 5.1 and in addition to (198.65.147.194) which I reported on in three different posts (1, 2, 3), I decided to check the rest of the connections from some sites.

First, I went to fatsavage.wordpress.com and found the ever present carnivore which you really can’t do much about. In addition there was the wordpress-Akamai services, the Snap tool, Google statistics and ltdomains.com which is also related to WordPress. In addition, there were connections from unknown.level3.net and Panther Express which is a direct competitor of Akamai and certainly wasn’t invited by ether them or I

When I went to this site (Tigerstail.wordpress.com), there were two connections from unknown.level 3 and Panther Express was gone. I went to a fairly non confrontational site and nobody bothered to monitor me except Google stats which is everywhere. I than went to fatsavage.com, home of the Fatsavage Shitlist of Law Enforcement Honeypots, and netstat lit up like a meteorite self destructing over Tunguska.

There were the normal connections by my blog host and Amazon and most of them used multiple connections to speed up the content feed but nothing like Carnivore from my local ISP. It tapped into my machine on 63 different ports at the same time. This is like the previously described hitbot on speed and I’m sure it was looking for hashed kiddie porn pictures which would identify the visitor as a pedophile instead of a libertarian protesting domestic spying.

This is not the first time I’ve witnessed VMP. I caught one site connecting on over 100 ports but was so stunned that I wasn’t quick enough to catch it on a hard copy.

VMP stands for Vile Machine Probes but is a direct tribute to Dr. Spock and the technical capabilities of the Vulcan Mind Probe. Of course the original VMP’s were dangerous because there was always a sharing of information and also a chance of physical damage to the weaker species. The same is true today.

By the way, I use a Firefox Browser on a Windows XP machine with updated PCcillin anti-virus and firewall. Once your using a Windows operating system, it’s splitting hairs to argue about who has the best antivirus.

Now I’m pretty sure that I have Military Strength Malware on the machine that went wild, so I changed anti Virus to PCcillin. Yeah, I know it’s not the best, but at least it does a good job of documenting known and even unknown Microsoft Vulnerabilities. I did the install off line and then updated as soon as I went online. The installation seemed large as disc usage rose from
3,801,989,120 bytes to 4,101,541,888 bytes.

I then went to tigerstail.wordpress.com and entered netstat through a dos command while the page was loading and it lit up like a Christmas tree. There were connections on 85 different ports. There were alot of internal connections but I will focus on the external connections trying to probe my computer memory. I used Firefox Browser and Ccleaner before I started.

The connections delivering the material and probing my machine were:

One (1) from layered technology, the original host for WordPress.
One (1) from Google which does a lot of stat work and tracking.
three (3) from Akamai who is the new distributed hosting company for big sites

Now all of those are expected along with snap.com who provides that cool mouse over service to show what other web pages look like before you go there.

Regular readers will know that the FBI spy tools are hosted by your ISP and it,s not surprising to find 17 connections to my computer from an IP number owned by my Virgin Islands ISP.

Saving the best for last, It’s unexpected but not unbelievable to find two connections from unknown.leve3.com. These are the fine people who are profiting from serving domestic kiddie porn and I have presented evidence of their involvement in domestic spying.

So while I’ really didn’t expect them it’s also no big surprise.

The excessive number of connections from the same visitors is reproducible. I can shut the browsers and return with more or less the same visitors with the same multiple connections.

Seems like as long as netstat works, Its going to be hard for people spying on you to do it anonymously and at least I can document domestic spying.

Cool Tool – Netstat!!!!

This is a tough post to title. First off Microsoft Updates are different than Windows Updates. In the classic Windows Update, you patched your Windows operating system and the other software was left alone. Unfortunately people started exploiting all the bugs in all of the rest of the software and this gave Microsoft the excuse it needed for a total “Microsoft Update” of all MS software where the legality of every program could be checked.

The problem is the same with all new Microsoft Products, when first introduced it doesn’t work. But for that matter the simple Windows Update doesn’t work as you would expect.

One of the very best features of PCcillin is it keeps track of all of the vulnerabilities in Microsoft software better than Microsoft does. On the brand new XP machine, PCcillin catches 57 Microsoft vulnerabilities before either XP or PCcillin is updated or the machine put on line. If you choose to update the machine and the antivirus software before activiting windows which you have 30 days to do before they shut you down, you get a message that your machine has been successfully updated. Guess what, all the updates have introduced 40 more vulnerabilities and you are actually worse off.

Seems like Microsoft’s way of getting even for your not activating your copy of Windows is to open up even more holes and lie about what they have done.

Now this is an easy experiment to do. The next time you install windows, choose the option that says you will activate windows later, and install PCcillin. Check for vulnerabilities before you go on line. Update both PCcillin and Microsoft online while refusing to activate your copy of Windows. After you have successfully updated both programs run a PCcillin scan and you will find almost 100 unpached vulnerabilities.

Now, activate Windows and do a Windows update and do another PCcillin scan and you will find all your vulnerabilities closed.

I can’t recall reading that in the fine print. That’s like purchasing a leaky life vest and the manufacturer refusing to patch it until it is registered and the location of where it will be used documented.

While on the topic avoid Microsoft Updates for now. This program automatically installed IE 7 and the PCcillin scan showed a vulnerability which the Microsoft Update failed to patch. When you did a knowledge base search, Microsoft acknowledged the existence of the named vulnerability (MS07-16) but when you install the suggested patch, the system becomes unstable and IE 7 acts weirder than normal.

No wonder Vista refuses to cooperate with PCcillin. they don’t want you to know how bad Vista is.

OK so this time I did it by the book. I formatted the last aborted install of the Vista “Upgrade” on the brand new XP machine, and then reinstalled the XP operating system. I chose PCcillin anti-virus for reasons that will be discussed separately, put the machine online activated the Windows national identity number and and updated all software and ran all scans. The machine was a prefect installation of Windows XP with everything working perfectly.

So like a demon possessed, I attempted my third installation of The Windows Vista Upgrade (form Office Max) and did everything by the book including installing online and accepting every recommendation. I didn’t care that it still hated my printer and IM. It even hates PCcillin and warned it won’t work after the “upgrade” which has to be a very abused word. (Change is beginning to seem more accurate.) . Hell, there are other anti virus programs out there and I was feeling this compulsive need to open the Vista to my future world of the Internet.

I once again made it past the screen that said this update would take hours and the machine would restart several times. When I returned, the machine was froze on the same Blue Screen of Death that made Microsoft so Famous.

I’m beginning to understand Microsoft’s marketing strategy for China where they have discounted the Chinese Version to $69.00. If they had to pay to bury all the returns in a landfill, they would go broke because there are already billions of copies on the street. By repackaging with a patch and a Chinese character set, they can offload this crap in a remote market and recover some of their costs associated with this abortion.

Actually, it makes good short term economic sense.

It’s a good thing that the grandkids are visiting and I’m getting used to very bad summer reruns on TV. I’ve spent about 15 hours trying to install a $100 Vista “upgrade” on two different machines. If I spend 2 more hours, I would have been better off working at McDonald’s for $7 per hour and throwing this crap out. Oh well, the Blue Screen of Death has allowed me to reminisce about the past as old people are prone to do so it’s sort of like a few more wasted hours watching very stupid summer reruns.