PC Motherboard Chipsets and Parts Vendors

Re: PC Motherboard Chipsets and Parts Vendors

"Soundhaspriority" <nowhere@nowhere . com > wrote in message
news:WMWdnXYGm7wZ3rPVnZ2dnUVZ_qvinZ2d@giganews . com
> "Arny Krueger" <arnyk@hotpop . com > wrote in message
> news:bsCdnYN7l9dlubPVnZ2dnUVZ_gmdnZ2d@comcast . com ...
>> "Soundhaspriority" <nowhere@nowhere . com > wrote in message
> [snip]
>>
>>> Sorry to hear about your misfortune. What was ths
>>> spyware? If it got you, it could get a lot of people.
>>
>> The spyware was composed of several distinct kinds of
>> malware. There was a trojan that I cleaned up in the heat of
>> battle, whose name I've already forgotten.
>>
>> The main infection was fixed with SMITFRAUDFIX. The
>> version I had was known as XPAntivirus. This was a
>> large-scale trojan that infected both XP and IE.
>>
>> I cleaned up a nasty piece of spyware known as
>> WLCtrl32.exe by hand. It also targeted XP and IE.
>>
> [snip]
>
> Interesting. According to this site,
> * w w w .bleepingcomputer . com /forums/index.php?automodule=blog&blogid=1341&showentry=1278
>
> the mode of infection (as of 4/24/08) was unknown. Any
> guesses?

Huh?

XP Antivirus:

* w w w .symantec . com /security_response/writeup.jsp?docid=2007-101010-0713-99

* w w w .bleepingcomputer . com /startups/XP_antivirus-20140.html


WLCtrl32:

* w w w .bleepingcomputer . com /startups/WLCtrl32.dll-22064.html

Re: PC Motherboard Chipsets and Parts Vendors


"Chel van Gennip" <chel-news@vangennip.nl> wrote in message
news:6928sjF2voe9mU1@mid.individual . net ...
[snip].
>
> The basic problem is that the MS OS and supporting applications are
> flawed, so everything that comes in should be checked against an ever
> increasing number of threats.
>
> --
> Chel van Gennip (chel vangennip nl)
> Visit Serg van Gennip's site * w w w .serg.vangennip . com

But all OSes have this problem. See
* w w w .infoworld . com /article/08/03/27/Gone-in-2-minutes-Mac-gets-hacked-first-in-contest_1.html

Bob Morein
(310) 237-6511

Re: PC Motherboard Chipsets and Parts Vendors

Soundhaspriority wrote:
> "Chel van Gennip" <chel-news@vangennip.nl> wrote in message
> news:6928sjF2voe9mU1@mid.individual . net ...
> [snip].
>> The basic problem is that the MS OS and supporting applications are
>> flawed, so everything that comes in should be checked against an ever
>> increasing number of threats.
>>
>
> But all OSes have this problem. See
> * w w w .infoworld . com /article/08/03/27/Gone-in-2-minutes-Mac-gets-hacked-first-in-contest 1.html
>

Was it a virus? No! Does it result in a need to (virus)check every byte
you transfer from a network drive, removable drive etc.? No!

--
Chel van Gennip (chel vangennip nl)
Visit Serg van Gennip's site * w w w .serg.vangennip . com

Re: PC Motherboard Chipsets and Parts Vendors


"Chel van Gennip" <chel-news@vangennip.nl> wrote in message
news:692sv9F2usa1bU1@mid.individual . net ...
> Soundhaspriority wrote:
>> "Chel van Gennip" <chel-news@vangennip.nl> wrote in message
>> news:6928sjF2voe9mU1@mid.individual . net ...
>> [snip].
>>> The basic problem is that the MS OS and supporting applications are
>>> flawed, so everything that comes in should be checked against an ever
>>> increasing number of threats.
>>>
>>
>> But all OSes have this problem. See
>> * w w w .infoworld . com /article/08/03/27/Gone-in-2-minutes-Mac-gets-hacked-first-in-contest_1.html
>>
>
> Was it a virus? No! Does it result in a need to (virus)check every byte
> you transfer from a network drive, removable drive etc.? No!
>
> --
> Chel van Gennip (chel vangennip nl)
> Visit Serg van Gennip's site * w w w .serg.vangennip . com

The description of the exploit was a little vague. If it included "social
engineering", to cause the user to open something on the website, then it
was a trojan, not a virus. On the other hand, if merely viewing the page was
enough to cause malicious code to execute, I would call it a virus. This
page defines something called a "blended threat":
* w w w .carroll-ramsey . com /detect.htm

Now, as to whether Windows software are flawed -- the Mac uses a microkernel
based on Mach, so some claim it is "theoretically more secure." In a
microkernel, each process runs in it's own memory space, so this sounds
reasonable. But it is quite feasible to hack a kernel with a bad system
call. All computers look like Swiss cheese to the virus maker.

The problem is spread across all computer manufacturers and architectures
because hardware range checking of every system call and array reference is
not part of a typical CPU. Software range checking has a lot of overhead.
Sure, Java, C#, and Microsoft's whole "managed code" "dotnet" do this, but
the performance hit is substantial.

It seems to me there is no point in labeling Microsoft the "bad boy" on
this, because it is a universal problem. Microsoft surely is to blame for
the concept of downloading applets, and buffer overrun exploits that are
externally accessible via the web, but not the virus. They had a challenge:
to make software that would run at reasonable speed given the constraints of
available processor power.

But I will agree with you that it should not be this way. Let's hope for
hardware based solutions in the future.

Bob Morein
(310) 237-6511

Re: PC Motherboard Chipsets and Parts Vendors

Soundhaspriority wrote:

> The problem is spread across all computer manufacturers and architectures
> because hardware range checking of every system call and array reference is
> not part of a typical CPU. Software range checking has a lot of overhead.
> Sure, Java, C#, and Microsoft's whole "managed code" "dotnet" do this, but
> the performance hit is substantial.

Processors since the 80-ties (VAX) have some hardware support for range
checking. My experience with e.g. Pascal is that if you do range
checking in a sensible way, the performance penalty is only a few % (or
if compared with CPU performance evolution: you need a CPU develloped
only weeks later). The penalty we pay now: scanning all data that enters
the system for suspect patterns is less effective and more costly.

> It seems to me there is no point in labeling Microsoft the "bad boy" on
> this, because it is a universal problem. Microsoft surely is to blame for
> the concept of downloading applets, and buffer overrun exploits that are
> externally accessible via the web, but not the virus. They had a challenge:
> to make software that would run at reasonable speed given the constraints of
> available processor power.

MS system tend to enable flaws to compromise system integrity. This
results in situations where even unopened emails can execute code with
system privileges. This broken system design results in viruses.

> But I will agree with you that it should not be this way. Let's hope for
> hardware based solutions in the future.

Hardware should do what hardware does, and detect when things go wrong,
like ECC check on disk, tape and memory. Software should work well, but
it is not up to the hardware to correct software errors.

Anyhow I am using Unix based desktops for about 2 decades now. The last
decade Linux, and I have not encountered these kind of problems yet.

--
Chel van Gennip (chel vangennip nl)
Visit Serg van Gennip's site * w w w .serg.vangennip . com

Re: PC Motherboard Chipsets and Parts Vendors


"Chel van Gennip" <chel-news@vangennip.nl> wrote in message
news:6935b4F2uvf7mU1@mid.individual . net ...
> Soundhaspriority wrote:
>
>> The problem is spread across all computer manufacturers and architectures
>> because hardware range checking of every system call and array reference
>> is not part of a typical CPU. Software range checking has a lot of
>> overhead. Sure, Java, C#, and Microsoft's whole "managed code" "dotnet"
>> do this, but the performance hit is substantial.
>
> Processors since the 80-ties (VAX) have some hardware support for range
> checking. My experience with e.g. Pascal is that if you do range checking
> in a sensible way, the performance penalty is only a few % (or if compared
> with CPU performance evolution: you need a CPU develloped only weeks
> later). The penalty we pay now: scanning all data that enters the system
> for suspect patterns is less effective and more costly.
>
>> It seems to me there is no point in labeling Microsoft the "bad boy" on
>> this, because it is a universal problem. Microsoft surely is to blame for
>> the concept of downloading applets, and buffer overrun exploits that are
>> externally accessible via the web, but not the virus. They had a
>> challenge: to make software that would run at reasonable speed given the
>> constraints of available processor power.
>
> MS system tend to enable flaws to compromise system integrity. This
> results in situations where even unopened emails can execute code with
> system privileges. This broken system design results in viruses.
>
I don't believe this is true any more. Certainly there were exploits in the
HTML rendering engine.


>> But I will agree with you that it should not be this way. Let's hope for
>> hardware based solutions in the future.
>
> Hardware should do what hardware does, and detect when things go wrong,
> like ECC check on disk, tape and memory. Software should work well, but it
> is not up to the hardware to correct software errors.
>
> Anyhow I am using Unix based desktops for about 2 decades now. The last
> decade Linux, and I have not encountered these kind of problems yet.
>
Unix systems are famously vulnerable. Apache runs on Unix. One of the major
exploits these days is code injection, directly into the website. Unix
itself has a history of "elevation of privilege" holes. A Unix system call
is just as vulnerable to poison arguments.

My personal opinion: Microsoft is the target because it is Politically
Correct to attack Microsoft systems. Personally, I am rather happy that
virus hackers exist, because they have raised the level of awareness and
forced attention to this issue. But when Organized Crime wants to get into
your computer, they will, regardless of whether it is Windows, Linux, System
V, Berkeley, Mach, et al.

Bob Morein
(310) 237-6511

Re: PC Motherboard Chipsets and Parts Vendors


"Chel van Gennip" <chel-news@vangennip.nl> wrote in message
news:6935b4F2uvf7mU1@mid.individual . net ...
> Soundhaspriority wrote:
>
[snip]
>
> Anyhow I am using Unix based desktops for about 2 decades now. The last
> decade Linux, and I have not encountered these kind of problems yet.
>
> --
> Chel van Gennip (chel vangennip nl)
> Visit Serg van Gennip's site * w w w .serg.vangennip . com

* blogs.zdnet . com /security/?p=1064

Bob Morein
(310) 237-6511

Re: PC Motherboard Chipsets and Parts Vendors

Soundhaspriority wrote:
> "Chel van Gennip" <chel-news@vangennip.nl> wrote in message
> news:6935b4F2uvf7mU1@mid.individual . net ...
>> Soundhaspriority wrote:
>>
> [snip]
>> Anyhow I am using Unix based desktops for about 2 decades now. The last
>> decade Linux, and I have not encountered these kind of problems yet.
>>
>
> * blogs.zdnet . com /security/?p=1064
>

You are comparing apples with oranges:

I read things like:
CVE-2007-6694
Cyrill Gorcunov reported a NULL pointer dereference in code specific to
the CHRP PowerPC platforms. Local users could exploit this issue to
achieve a Denial of Service (DoS).

Well that sounds like an error of last year, where on some PPC systems a
logged-in user could create an exploit that could result in a Denial of
Service.

IMHO these threats are no real threat to me, because:

- I am the only local user and I can compromise my own system without
needing the holes. In fact the manufacturer of popular desktop systems
even blames the logged-in users for almost every error that enables
external attacks (You just should not open any email or website
containing a virus)

- This error can not exist on any system I ever had, because it is
specific for an architecture I have never used.

- The errors were discovered and fixed before a workable exploit was
created.

- The result of the error (DOS) is rather harmless for a desktop
system, in fact on many desktop systems a DOS is rather common and
solved with a CTRL-ALT-DEL key combination, now known to most people as
a solution for often occurring DOS situations.

Read Arny's story about the infection he got while he was fixing serious
OS problems yesterday to understand what I mean when I speak about
"these kind of problems" I did not have during the last decades.

The latests vendor update he installed (he installed it, after being
warned that google shows half a million reports of problems, without
making a backup first!) turned out to be a DOS attack (crashing during
start-up is a nasty DOS situation), while he was fixing that (difficult,
because he only had a "fairly" recent backup, and the update was hard to
undo) a virus entered his system.

--
Chel van Gennip (chel vangennip nl)
Visit Serg van Gennip's site * w w w .serg.vangennip . com

Re: PC Motherboard Chipsets and Parts Vendors


"Chel van Gennip" <chel-news@vangennip.nl> wrote in message
news:697larF318tldU1@mid.individual . net ...
> Soundhaspriority wrote:
>> "Chel van Gennip" <chel-news@vangennip.nl> wrote in message
>> news:6935b4F2uvf7mU1@mid.individual . net ...
>>> Soundhaspriority wrote:
>>>
>> [snip]
>>> Anyhow I am using Unix based desktops for about 2 decades now. The last
>>> decade Linux, and I have not encountered these kind of problems yet.
>>>
>>
>> * blogs.zdnet . com /security/?p=1064
>>
>
> You are comparing apples with oranges:
>
> I read things like:
> CVE-2007-6694
> Cyrill Gorcunov reported a NULL pointer dereference in code specific to
> the CHRP PowerPC platforms. Local users could exploit this issue to
> achieve a Denial of Service (DoS).
>
> Well that sounds like an error of last year, where on some PPC systems a
> logged-in user could create an exploit that could result in a Denial of
> Service.
>
> IMHO these threats are no real threat to me, because:
>
> - I am the only local user and I can compromise my own system without
> needing the holes. In fact the manufacturer of popular desktop systems
> even blames the logged-in users for almost every error that enables
> external attacks (You just should not open any email or website containing
> a virus)
>
> - This error can not exist on any system I ever had, because it is
> specific for an architecture I have never used.
>
> - The errors were discovered and fixed before a workable exploit was
> created.
>
> - The result of the error (DOS) is rather harmless for a desktop system,
> in fact on many desktop systems a DOS is rather common and solved with a
> CTRL-ALT-DEL key combination, now known to most people as a solution for
> often occurring DOS situations.
>
The link I provided "proves" nothing. It is a warning about overconfidence.
Over the last decade, very intelligent people have made mistakes in both the
design and use of these systems. Five or six years ago, Windows XP received
U.S. government Orange Book certification. What a joke that was!

I guess you are safer, but I think most of that is because:
1. virtually nobody attacks linux desktops, because the money isn't there.
2. Your pattern of use.

The Linux kernel is monolithic, running in ring 0, same as Windows. Here's
plenty more on linux security problems:
* w w w .linuxsecurity . com /

Without looking at user experience, how would we compare OSes? Use a point
system for each hole or feature? There is no rational way to do it, because
any hole in the boat would sink it. The C-M Mach kernel is claimed to be
theoretically more secure than either Windows or Linux, but it's a
meaningless statement. It shoud read, "With a microkernel, it is easier to
mitigate security vulnerability."

Are you of age to remember or be concerned with the sinking of the
battlecruiser H.M.S. Hood?
* en.wikipedia.org/wiki/Battleship_Hood A study in overconfidence!

Bob Morein
(310) 237-6511

Re: PC Motherboard Chipsets and Parts Vendors

Soundhaspriority wrote:

> The link I provided "proves" nothing. It is a warning about overconfidence.
> Over the last decade, very intelligent people have made mistakes in both the
> design and use of these systems. Five or six years ago, Windows XP received
> U.S. government Orange Book certification. What a joke that was!

I just try to temper "overconfidence" from XP users a bit. In this
thread we have an example of someone who wrote "Clearly the OS itself
has become far more robust" and "my experience that a MS PC connected to
the internet can run uncompromised for years" and reported within 24
hours thereafter that an OS update had ruined one of his systems and
another system was infected by a combined virus/spyware attack.

One just should know that computers do fail, so you have to do some
extra effort to keep your data safe.

One should know that any system that does need a virus scanner
intrinsically is unsafe. The mere fact a virusscanner should update its
scanlist more than once a day, is a strong indication that a
virusscanner scans against publicly known exploits. The huge amount and
daily expansion of publicly known exploits is a strong indication
exploits that are not publicly known (yet) are a real danger.

As computers do enter our life more and more, the dangers we are facing
are increasing. Here the potential danger is present to lose a day, a
month or even a lifetime of valuable recordings. Elsewhere the danger is
e.g. a complete failure of power grids, like we have seen on the east
coast (that was related to computer software failure and even a virus
attack).

It is important to see the dangers and to prevent those dangers to hurt
you. Even today, when one can buy a 500GB backup drive for less than
€100, university students loose a year of thesis work, because it is on
a laptop in a burning university:
* nl.youtube . com /watch?v=ABWV7ZrF4M4&feature=related
Safety starts with awareness.

--
Chel van Gennip (chel vangennip nl)
Visit Serg van Gennip's site * w w w .serg.vangennip . com

Re: PC Motherboard Chipsets and Parts Vendors


"Chel van Gennip" <chel-news@vangennip.nl> wrote in message
news:698n61F3101ajU1@mid.individual . net ...
> Soundhaspriority wrote:
>
>> The link I provided "proves" nothing. It is a warning about
>> overconfidence. Over the last decade, very intelligent people have made
>> mistakes in both the design and use of these systems. Five or six years
>> ago, Windows XP received U.S. government Orange Book certification. What
>> a joke that was!
>
> I just try to temper "overconfidence" from XP users a bit. In this thread
> we have an example of someone who wrote "Clearly the OS itself has become
> far more robust" and "my experience that a MS PC connected to the internet
> can run uncompromised for years" and reported within 24 hours thereafter
> that an OS update had ruined one of his systems and another system was
> infected by a combined virus/spyware attack.
>
[snip]
Yes, I agree with everything you've said in this post.

I find it an almost impossible job to educate users about the hazards,
because they visualize the computer in three dimensions. They frequently
tell me, "But I have a firewall, so I'm safe." Then I make the analogy of
digging tunnels under the walls of a castle, or submarine sinkings, where
pipes carrying seawater inside the hull of the vessel can fail, even if the
hull remains intact. And still, they don't understand it, unless they have
have had an unfortunate experience. And sometimes, not even then.


> One just should know that computers do fail, so you have to do some extra
> effort to keep your data safe.
>
> One should know that any system that does need a virus scanner
> intrinsically is unsafe. The mere fact a virusscanner should update its
> scanlist more than once a day, is a strong indication that a virusscanner
> scans against publicly known exploits. The huge amount and daily expansion
> of publicly known exploits is a strong indication exploits that are not
> publicly known (yet) are a real danger.
>
And they won't be, because now organized crime is paying for engineered
exploits. They choose their targets carefully, avoiding detection by the
"honeypots" of commercial antivirus companies. Custom crafted viruses with
limited distribution are now the most dangerous threat.


> As computers do enter our life more and more, the dangers we are facing
> are increasing. Here the potential danger is present to lose a day, a
> month or even a lifetime of valuable recordings. Elsewhere the danger is
> e.g. a complete failure of power grids, like we have seen on the east
> coast (that was related to computer software failure and even a virus
> attack).
>
> It is important to see the dangers and to prevent those dangers to hurt
> you. Even today, when one can buy a 500GB backup drive for less than €100,
> university students loose a year of thesis work, because it is on a laptop
> in a burning university:
> * nl.youtube . com /watch?v=ABWV7ZrF4M4&feature=related
> Safety starts with awareness.
>
> --
> Chel van Gennip (chel vangennip nl)
> Visit Serg van Gennip's site * w w w .serg.vangennip . com

Bob Morein
(310) 237-6511

Re: PC Motherboard Chipsets and Parts Vendors

"Mike Rivers" wrote ...
> Arny Krueger wrote:
>
>> I have 3 computers in routine use, one with 2 GB of DDR2-800 RAM and the
>> other two with 4 GB. Their CPUs are 3000+ single core, and 4000+ & 6000+
>> dual core. Every month or two one might get a little goofy and get
>> rebooted when it has nothing else going on.
>
> What's chances that "getting goofy" is a result of a memory error?
> Generally we blame Windows, but maybe Windows is really OK and all of its
> quirks are a result of memory errors. Maybe Microsoft is right?

That's what they would like you to think. OTOH, They likely have
uncounted thousands of known bugs in their code (mostly unmanaged
"buffer overrun" vulnerabilities, etc.) They roll out annother patch
every time someone outside Microsoft blows the whistle on them.

But if they can make you think that the reason your computer crashes
is because of cosmic rays, then they're off the hook. But we likely see
10,000 Microsoft-caused problems for every cosmic-ray induced SER.
IMHO, it is a classic case of FUD.

Re: PC Motherboard Chipsets and Parts Vendors

"Mike Rivers" <mrivers@d-and-d . com > wrote in message
news:DsJWj.17750$%X1.15921@trnddc08

> Arny Krueger wrote:

>> I have 3 computers in routine use, one with 2 GB of
>> DDR2-800 RAM and the other two with 4 GB. Their CPUs are
>> 3000+ single core, and 4000+ & 6000+ dual core. Every
>> month or two one might get a little goofy and get
>> rebooted when it has nothing else going on.

> What's chances that "getting goofy" is a result of a
> memory error?

Could be. Or, it could be the hard drive. Hard drives don't give back much
bad data, but they can fail to give back anything at all and just leave
things hanging. Usually my machines start failing to complete random
functions when they get goofy.

BTW, if a PC gets kinda flakey, one thing that can help is to run a
full-options error check on the hard drive(s). This can take the better part
of a day, but it can also make a machine amazingly faster.

> Generally we blame Windows, but maybe
> Windows is really OK and all of its quirks are a result
> of memory errors.

LOL!

All non-trivial software is a mass of errors just waiting for the right
combination of data and operations to make it freak out. If MS wants to put
on airs about having error-free code, they should explain what Service Packs
are. ;-)

> Maybe Microsoft is right?

I think they do a pretty fair job, but their software is hardly error-free.

I was thinking about the ratio between memory errors and erroneous lines of
code that pass through that memory. In the end all programming traces back
to humans, and making mistakes is one thing that humans do very well.

Re: PC Motherboard Chipsets and Parts Vendors

Mike Rivers wrote:
> Arny Krueger wrote:
>
>> IOW, the error rate in a computer with 4 GB of 2008 DDR RAM is more like
>> ONE PER MONTH.
>
> What's the symptom or consequence of these soft errors? How would I know
> if I had one? My computers don't crash, so what else happens?
>

Anything ranging from nothing to crashing and file system corruption
might happen. Murphy's law predicts the loss of your most important
recording.

Some say, you don't make important recordings that often, so it won't
matter, others say a few $ to exclude a source of random errors is worth
the money.

--
Chel van Gennip (chel vangennip nl)
Visit Serg van Gennip's site * w w w .serg.vangennip . com

Re: PC Motherboard Chipsets and Parts Vendors

Chel van Gennip wrote:

> Some say, you don't make important recordings that often, so it won't
> matter, others say a few $ to exclude a source of random errors is worth
> the money.

But all ECC does is correct a single-bit error. It doesn't guarantee a
safe landing all the time. If a cosmic ray can hit one bit, it can hit
two. There are probably real statistics about this, but I probably
couldn't understand them even if I found them.



--
If you e-mail me and it bounces, use your secret decoder ring and reach
me here:
double-m-eleven-double-zero at yahoo -- I'm really Mike Rivers
(mriv...@d-and-d . com )