Author Topic: For the computer geeks amongst us  (Read 1301 times)

Offline ethercat

  • Global Moderator
  • High Value Target
  • Posts: 3,768
For the computer geeks amongst us
« on: May 31, 2009, 12:28 »
Use Trend Micro's PC-cillin Internet Security package? 

In my reading, I happened upon a fascinating (to me, anyway) story posted to a web hosting company's forum: http://www.lunarforums.com/lunarpages_web_hosting_email_pc_security/hacked_maybe-t34159.0.html

It started out as someone with mysterious entries in their web logs, which showed evidence of someone retrieving files from the person's web server that were not linked anywhere, or known to anyone other than the person who created them, i.e. secret files, and the person's attempts to track down what was going on. 

It got particularly interesting when the person ran some tests to figure out what was going on: http://www.lunarforums.com/lunarpages_web_hosting_email_pc_security/hacked_maybe-t34159.0.html;msg257743#msg257743

In a nutshell:
The person's security software, PC-cillin Internet Security 2006, was keeping track of the webpages he had visited in a file on his computer, and during updates, was shipping the file containing the list to Trend Micro.  Presumably in an effort to "protect" the user, Trend Micro was visiting the site and requesting the "secret" files from the web server, generating the entries in his logs. 

I have no idea if the more recent versions of the software do this.

This was interesting to me because I sometimes will put a file on my web server temporarily for someone in particular to download, assuming because I only gave the link to the person I intended the file for, that they will be the only ones to know about it.  I don't use Windows, so I don't use PC-cillin, but I'm not in the habit of asking other people what software they use before I give them a link.  I will have to be more diligent about removing such "temporary" files from my server.

Sheesh!  Security, or security?
   Narconon Reviews
   Independent Reviews of the Narconon Drug Rehab Programs
   Answers to Frequently Asked But Seldom Answered Questions

Offline Stutroup

  • Supressive Person
  • Posts: 436
Re: For the computer geeks amongst us
« Reply #1 on: May 31, 2009, 17:14 »
Sheesh!  Security, or security?

I can't think of a way to add "scare" to it besides SCARE-URITY!

Offline Lorelei

  • Hill 10 Situation
  • Posts: 895
  • I can haz ferret.
Re: For the computer geeks amongst us
« Reply #2 on: June 02, 2009, 07:36 »
Seems like there was a similar story recently, but I've been racking my brains since you posted this, and darn if I can recall what the particular offending program / file was. It was a big stink, however, and the company issuing the program aggressively blocked any discussion of the suspicious "phone home" file on their forums.

I do know Anonymous took it on as a cause briefly (not "our" Anons, though.)

It's possible this is the same issue.

Will keep poking around, and try to remember.
"Once the foundation of a revolution has been laid down, it is almost always
in the next generation that the revolution is accomplished." -- Jean d'Alembert

The Human Wiki.
"I spend hours surfing the web for information, so you don't have to!"