(Topic ID: 145690)

Pinballlife.com


By maxwell

4 years ago



Topic Stats

  • 307 posts
  • 71 Pinsiders participating
  • Latest reply 4 years ago by Wolfmarsh
  • Topic is favorited by 8 Pinsiders

You

Topic Gallery

There have been 23 images uploaded to this topic. (View topic image gallery).

update.jpg
rick-james-cold-blooded-300x299.jpg
java_installed_on_my_desk.jpg
toooooonnnnnnnny.jpg
HTP.gif
7a7b83bb-999b-438a-8cdf-1e5f350b2c21.jpg
yahoo.jpg
Java.jpg
haxor.jpg
hacked2.png
science-dog1.jpg
image.jpg
image.png
expert.jpg
litter.jpg
Computer_Buttons.jpg

There are 307 posts in this topic. You are on page 3 of 7.
#101 4 years ago
Quoted from maxwell:

But for the record...all I did was type the address, hit enter, and the virus installed itself with the page that came up.

We all understand that is exactly what happened to you, except for a single person who does not have enough computer experience to understand that things like that can happen.

We are all, with the exception of the above mentioned person, grateful that you brought it to Pinside's attention, because many of us frequent the pinballife website.

And your post gives a much needed reminder to the 55% of the web users that still mistakenly have Java turned on - TURN OFF JAVA - NOW!

malware.jpg

-4
#102 4 years ago
Quoted from Aurich:

You mean like the 0-day exploit from July of this year that I posted above that you're conveniently not addressing?
Are you just being stubborn because it's your nature? Or is there something else going on here? I hope JJP's online strategy isn't centered around using a browser-based Java applet or something.

You mean the zero day exploit that is only exploitable if you ACTUALLY accepted the 3 prompts telling you NOT TO accept an unsigned, app from an unknown developer on a site with an invalid certificate?

Yeah that ZERO DAY exploit.

Did you know Aurich that you had to accept the execution of that zero day exploit 3 different (4 if the source is non ssl) times to actually get it to run?

Mark,

You're absolutely correct. They don't actually understand the technology. But they can google with the best of them

We call people who have no real world experience and rely on search results but can't decipher the underlying problem as "Cloudies".

People who's head is in the clouds with no real world experience. And you're right. I shouldn't care because I don't have to support the outcome of these infections

#103 4 years ago
Quoted from markmon:

Sorry but the only writer on ars tech I trust is Erica Sadun. I don't consider this a definitive source.

Erica hasn't written for us in years. And honestly I couldn't care less what you personally think of Ars Technica, we have industry recognized security writers.

Dan Goodin, our security editor who I cited, is a 2 time SANS winner.

http://arstechnica.com/staff/2012/10/ars-it-security-editor-dan-goodin-receives-sans-award/

"The SANS Institute is a cooperative research and education organization for security professionals, and its Top Cyber Security Journalist Award Winners are voted on by a panel of over 110 journalists who write on cybersecurity topics."

Gonna go with that being a slightly better indication of who's a professional over "this guy on internet forum". Which includes me. Don't believe me? Fine. But ignoring the advice of experts on the topic seems myopic.

But by all means, continue to throw in with Alex on this one if you like.

#104 4 years ago

anyone told pinball life yet? that would help more people than a who knows more about viruses competition

#105 4 years ago

Okay, I'll play.

Quoted from markmon:

I have typed that in many times by accident and have never caught a virus from that page.

Can you explain to me *how* you know that you haven't been infected? (And this is a serious question.) Feel free to PM me if necessary.

Quoted from markmon:

They're not qualified to have an intelligent argument with facts about anything technical.

But please, try to use small words for me (you know, two syllables or fewer is always better, and please spell out any acronyms/initialisms that you use).

#106 4 years ago
Quoted from rcbrown316:

anyone told pinball life yet? that would help more people than a who knows more about viruses competition

i just sent them a note

#107 4 years ago
Quoted from rcbrown316:

anyone told pinball life yet? that would help more people than a who knows more about viruses competition

Quoted from rcbrown316:

i just sent them a note

Sorry could you please take this useful and appreciated effort and discussion elsewhere?

We're trying to flex our internet security epeens here on this pinball forum....

458552.gif

#108 4 years ago
Quoted from Pinchroma:

You mean the zero day exploit that is only exploitable if you ACTUALLY accepted the 3 prompts telling you NOT TO accept an unsigned, app from an unknown developer on a site with an invalid certificate?
Yeah that ZERO DAY exploit.
Did you know Aurich that you had to accept the execution of that zero day exploit 3 different (4 if the source is non ssl) times to actually get it to run?

Uh, no. I mean this zero day exploit, that runs malicious code without any of that (the very same one I linked earlier):

http://blog.trendmicro.com/trendlabs-security-intelligence/new-headaches-how-the-pawn-storm-zero-day-evaded-javas-click-to-play-protection/

"Several months ago, we disclosed that Pawn Storm was using a then-undiscovered zero-day Java vulnerability (CVE-2015-2590) to carry out its attacks. At the time, we noted that a separate vulnerability was used to bypass the click-to-play protection that is in use by Java. This second vulnerability (CVE-2015-4902) has now been patched by Oracle as part of its regular quarterly update, with credit given to Trend Micro for the discovery.

Click-to-play requires the user to click the space where the Java app would normally be displayed before it is executed. In effect, it asks the user if they are really sure they want to run any Java code.

Bypassing click-to-play protection allows for malicious Java code to run without any alert windows being shown."

My emphasis added.

If defending Java browser plugins is the horse you really want to ride, have at it. But you're not doing your rep any good by doing so, it's a pretty weird hill to die on.

It's a shame, you're a smart guy, you know a lot about useful topics like powder coating, and I'm sure we'd get along fine in person. But you just can't help but being a needling dick online for whatever reason. You're in the wrong here. No security expert would ever back your play. Places like Trend Micro have been recommending limiting Java for years, long before this last zero day exploit.

http://blog.trendmicro.com/trendlabs-security-intelligence/how-to-use-java-if-you-must/

This isn't exactly secret cutting edge stuff.

#109 4 years ago
Quoted from Purpledrilmonkey:

Sorry could you please take this useful and appreciated effort and discussion elsewhere?
We're trying to flex our internet security epeens here on this pinball forum....
458552.gif

haha good one dude!

#110 4 years ago
Quoted from Aurich:

Uh, no. I mean this zero day exploit, that runs malicious code without any of that (the very same one I linked earlier):

Cue the personal attack on Aurich in 5...4...3...2...

#111 4 years ago
Quoted from rcbrown316:

i just sent them a note

Obviously this has nothing to do with our web site, but I'm honestly not sure who to contact and how to go about contacting anyone to resolve the issue. I'll contact my web host/server tomorrow and see if they can guide me. Again, this is a site trying to grab unsuspecting people entering incorrect URL's. I've seen these before when typing in web addresses incorrectly. I've always just escaped out of them and not given it a whole lot of thought, but being that this one is trying to leach off of our web site in some sort of left handed way I will look into it.
Terry.

#112 4 years ago

Try this...... http://www.pinballlife.com If you Dare!!!!!!

~~~~WARNING~~~~ *Graphic Ghost Nudity*

#113 4 years ago

Okay Alex, you think you know security? But do you know this one?

12289479_10205180042970398_5245454227084567155_n.jpg

(This fight is seeming about as silly, I'm ready to let it go, I don't care who "wins").

#114 4 years ago
Quoted from pinballlife:

Obviously this has nothing to do with our web site, but I'm honestly not sure who to contact and how to go about contacting anyone to resolve the issue. I'll contact my web host/server tomorrow and see if they can guide me. Again, this is a site trying to grab unsuspecting people entering incorrect URL's.

Just making sure you saw the detailed advice here:
https://pinside.com/pinball/forum/topic/pinballlifecom#post-2828475
The request might mean more coming from a direct target of the malware site.

#115 4 years ago
Quoted from SirScott:

Cue the personal attack on Aurich in 5...4...3...2...

You mean the one where he called me a "needling dick?" That personal attack? Nope. Won't stoop that low. However let's see if anything comes of it. Let's see if the golden boy gets a slap.

#116 4 years ago
Quoted from Pinchroma:

Won't stoop that low.

Never stopped you before.

#117 4 years ago

Guys guys guys...how many times do I have to say this? The only way to see whom wins is an old fashioned suck off.
You know it, I know it, let's just get it done.

#118 4 years ago
Quoted from centerflank:

I just rammed my floppy disc into a hard drive a few minutes ago, I downloaded some good data.
Thank you to the show Continuum for a great sex bet with trophy on who the queen of hearts was!

I don't want to say how long I have been involved with computers, but long enough to remember seeing these when they were new!

Brad

Computer_Buttons.jpg

#119 4 years ago
Quoted from Aurich:

Okay Alex, you think you know security?

I can't imagine anyone who knows less about internet security.

#120 4 years ago

Wow! Step away for a day and look what happens.
litter.jpg

#121 4 years ago
Quoted from maxwell:

I normally just read other people's post and don't start topics of my own

And just think.....in the past 3 years......you missed all this!

#122 4 years ago
Quoted from vid1900:

I can't imagine anyone who knows less about internet security.

All of the deadbolts on his house have the knob on the outside of the door.

#123 4 years ago
Quoted from pinballlife:

Obviously this has nothing to do with our web site, but I'm honestly not sure who to contact and how to go about contacting anyone to resolve the issue. I'll contact my web host/server tomorrow and see if they can guide me. Again, this is a site trying to grab unsuspecting people entering incorrect URL's. I've seen these before when typing in web addresses incorrectly. I've always just escaped out of them and not given it a whole lot of thought, but being that this one is trying to leach off of our web site in some sort of left handed way I will look into it.
Terry.

https://en.wikipedia.org/wiki/Cybersquatting

https://en.wikipedia.org/wiki/Typosquatting

There are legal precidents for this situation.

#124 4 years ago

And I heard that The Hobbit was delayed for so long because all the computers at JJP got infected by a 0-day Java browser exploit and all of their computer files were held hostage by Russian Hackers until around August of this year when the ransom was mysteriously paid off.

#125 4 years ago

I'm confused.... what does this have to do with Java?

#126 4 years ago
Quoted from guyincognito:

And I heard that The Hobbit was delayed for so long because all the computers at JJP got infected by a 0-day Java browser exploit

All joking aside, I hope that JJP is smart enough not to have Alex in charge of the security for the 3rd game that is supposed to have online capabilities.

#127 4 years ago
Quoted from Purpledrilmonkey:

I'm confused.... what does this have to do with Java?

It's has to do with Pinball Life possibly taking the misspelled URL for it's own uses.

#128 4 years ago
Quoted from Purpledrilmonkey:

I'm confused.... what does this have to do with Java?

The whole discussion about Java was just a sidebar.

#129 4 years ago

Interesting thread... typically the issue is users who click on the "ok" button on those malware pop-ups rather than dismiss them. Secondarily is the use of Windows and IE, which top all OS's in security holes.. it's just flat out easier to exploit than a *nix environment like Mac and Linux.

Anyway I've had Java installed on my PCs continuously since it was invented... never had a virus/trojan using it. Vid's point is fine, if you don't need java, uninstall it. Flash on the other hand is flawed bloatware... good riddance.

#130 4 years ago

Neither of these seem to apply in this case. Typosquatting deals more with someone trying to imitate a site and get some sort of gain off of it. Cybersquatting, I believe, is owning a domain name that you only have so that you can sell it to the *rightful* owner. I'm no expert, but that is how I understand it.

In our particular case neither of these things are happening. There is no deceit by the offending web site as far as trying to make people believe they are on our web site. It's just one of thousands (millions?) of web sites that try to infect you with viruses if you happen to stumble on them by mistake and click the wrong buttons in a panic. One way to *stumble* onto a web site is to make the URL very close to a *real* URL. In this case they are taking advantage of someone misspelling our web address by 1 letter.

I have contacted ovh.net and have informed them of our site and of this malware/virus site. I'm sure it will all get sorted out soon enough.

In the meantime, please everyone, understand that there is no threat to our web site and absolutely nothing bad will happen when visiting us. This *other* site is a completely different site with a different URL address.

Terry.

#131 4 years ago
Quoted from vid1900:

All joking aside, I hope that JJP is smart enough not to have Alex in charge of the security for the 3rd game that is supposed to have online capabilities.

I just wonder if he's so hot to defend Java because that's what it will be using. It's a weird thing to get all passionate about. I hang out with technical people every day. I doubt I could find a single one that would be willing to defend Java applets in any capacity. Java in browsers has been a joke for ages now. Even when you have to use it for some reason it's a kludge.

#132 4 years ago
Quoted from Baiter:

typically the issue is users who click on the "ok" button on those malware pop-ups rather than dismiss them.

Yeah, but the Pinballllife.com site installs the virus without clicking anything.

......Unless you disabled Java.

#133 4 years ago
Quoted from pinballlife:

In the meantime, please everyone, understand that there is no threat to our web site and absolutely nothing bad will happen when visiting us.

Always the first place I check for parts!

#134 4 years ago
Quoted from vid1900:

It's has to do with Pinball Life possibly taking the misspelled URL for it's own uses.

What? The misspelled web site is absolutely definitely not owned by me.
Terry.

#135 4 years ago
Quoted from vid1900:

Yeah, but the Pinballllife.com site installs the virus without clicking anything.
......Unless you disabled Java.

Let's please not confuse things. The offending web site is using 2 "L"s, not 4.

We own 1 web site, www.pinballlife.com, and it is 100% all safe and squeaky clean.

Terry.

#136 4 years ago
Quoted from pinballlife:

What? The misspelled web site is absolutely definitely not owned by me.
Terry.

If you acquired the offending site, you could have it automatically redirect to your proper site.

#137 4 years ago
Quoted from pinballlife:

it is 100% all safe and squeaky clean

Hmm, of viruses maybe, but those topless anime dolls might not count as squeaky clean!

#138 4 years ago
Quoted from vid1900:

If you acquired the offending site, you could have it automatically redirect to your proper site.

Ah, I see what you meant there. Yes, that would be a good ending, indeed.
Terry.

#139 4 years ago
Quoted from Aurich:

Hmm, of viruses maybe, but those topless anime dolls might not count as squeaky clean!

Sold out!

#140 4 years ago
Quoted from pinballlife:

Neither of these seem to apply in this case. ....

Terry,

I'm no expert either but since I play one on TV...

1) They have stole your content
2) They are misrepresenting themselves as you / your company
3) They are doing so with obvious malicious intent

I think you can quickly get it resolved by contacting their hosting company, stating the above, and showing you own the real site.

#141 4 years ago

I heard Frax has been called to H.R. 37 times due to the anime dolls.

#142 4 years ago
Quoted from altan:

I'm no expert either but since I play one on TV...

Let me guess...

expert.jpg

#143 4 years ago
Quoted from altan:

2) They are misrepresenting themselves as you / your company

I've noticed that the malicious site does something random every time you go to it. Some times it redirects to other sites. But sometimes it does try to mimic a pinball website. Here is a screenshot from my iPhone of one of the times it came up looking kind of like the real site which might trick someone.

image.png

#144 4 years ago
Quoted from TheLaw:

Guys guys guys...how many times do I have to say this? The only way to see whom wins is an old fashioned suck off.
You know it, I know it, let's just get it done.

I'm used to playing cookie cookie, that sorts itself out.

#145 4 years ago
Quoted from altan:

Terry,
I'm no expert either but since I play one on TV...
1) They have stole your content
2) They are misrepresenting themselves as you / your company
3) They are doing so with obvious malicious intent
I think you can quickly get it resolved by contacting their hosting company, stating the above, and showing you own the real site.

And the contact info for their hosting company is in one of my previous posts.

#146 4 years ago

BTW (since I didn't see it posted) does everyone know how to get rid of those virus warning screens that highjack your browser?

On a Windows computer just open up your task manager and shut down your active browser.....done & done. No phone calls to make and no viruses installed.

On a MAC....I have no idea.....never owned one

#147 4 years ago
Quoted from Wolfmarsh:

And the contact info for their hosting company is in one of my previous posts.

Yes, I have called them and emailed them. Everything is hopefully in motion.
Terry.

#148 4 years ago
Quoted from Astropin:

BTW (since I didn't see it posted) does everyone know how to get rid of those virus warning screens that highjack your browser?
On a Windows computer just open up your task manager and shut down your active browser.....done & done. No phone calls to make and no viruses installed.
On a MAC....I have no idea.....never owned one

Drop to a terminal:

Type:

for a in ps -ef |grep -i "safari" |awk 'print $2' ; do kill -9 ${a} ; done

Kills all processes with safari in the name. Replace with chrome or Firefox

#149 4 years ago
Quoted from Aurich:

I just wonder if he's so hot to defend Java because that's what it will be using. It's a weird thing to get all passionate about. I hang out with technical people every day. I doubt I could find a single one that would be willing to defend Java applets in any capacity. Java in browsers has been a joke for ages now. Even when you have to use it for some reason it's a kludge.

I think Vid is getting flak because he said this in his first post:

Quoted from vid1900:

I just tried it and it did not install a virus - BUT I do not have Java installed.
NEVER install Java on your computer, and always disable it if you somehow have it.
Check here if you have Java, if you do, kill it.
https://www.java.com/en/download/installed.jsp

Having Java installed and enabled in your browser are two different things.

The techno geeks pickup on suggestions that aren't very specific . Although pinchroma would make his point better if he aired on the side of being helpful without the dash of attitude.

I would recommend not having Java installed if you don't have an application installed that actively uses it or if you aren't used to troubleshooting computers and software for a living. Also I've been to the misspelled Pinball Life site and I wasn't infected, this must be a new thing.

Also don't use Internet Explorer (aka Internet Exploder)

#150 4 years ago
Quoted from Pinchroma:

You mean the one where he called me a "needling dick?" That personal attack? Nope. Won't stoop that low. However let's see if anything comes of it. Let's see if the golden boy gets a slap.

I did actually, and rightly so, I shouldn't have called you a dick, I apologize.

But I did take issue with your statement that everyone in this thread was clueless. I'm not actually. I've backed up everything I've posted with links and evidence. Including the fact that the zero day exploit for Java entirely bypassed all of the warnings, which is why it was a big deal in the first place.

You've conveniently ignored all of my evidence and links, and just stuck to your guns. Whatever, I said I was over it with my joke image and I'll try and stay that way, no need to make this personal.

Promoted items from the Pinside Marketplace
From: $ 21.95
Apparel - Unisex
Pinball Wheezer
From: $ 220.00
Playfield - Toys/Add-ons
CzTV Mods
$ 229.00
Cabinet - Toppers
Tilttopper
$ 7,499.00
Pinball Machine
Gulf Coast Pinball, LLC
$ 7,599.00
Pinball Machine
Great American Pinball
€ 279.00
Displays
PINBALLSP
$ 85.00
Playfield - Toys/Add-ons
Lermods
From: $ 175.00
Gameroom - Decorations
Pinball Photos
$ 140.00
Playfield - Toys/Add-ons
pinballmod
From: $ 175.00
Gameroom - Decorations
Pinball Photos
$ 35.00
Cabinet - Decals
Pinball Haus
$ 5.00
Playfield - Other
Chrome Candy
$ 69.99
Playfield - Toys/Add-ons
Lighted Pinball Mods
$ 5,799.00
Pinball Machine
Classic Game Rooms
From: $ 9.99
Eproms
Matt's Basement Arcade
€ 60.00
Flipper Parts
Buthamburg
$ 5,999.00
Pinball Machine
Nitro Pinball Shop
$ 19.95
$ 34.95
Playfield - Plastics
Hookedonpinball.com
$ 48.00
Cabinet - Other
ModFather Pinball Mods
$ 119.00
Lighting - Interactive
Hookedonpinball.com
$ 74.00
Cabinet - Armor And Blades
Id Rather Play Pinball
$ 209.99
Lighting - Led
PinballBulbs
$ 65.00
Cabinet - Armor And Blades
Texas Pinball
There are 307 posts in this topic. You are on page 3 of 7.

Hey there! Got a moment?

Great to see you're enjoying Pinside! Did you know Pinside is able to run thanks to donations from our visitors? Please donate to Pinside, support the site and get anext to your username to show for it! Donate to Pinside