Just now I followed a link from BakaBT to ANN, and instead I got this address:
security-alert.norton.com.pc-okok.com
Which was a page that told me I was infected with some virus, and put up a popup advising me to call some phone number or other. (This is a common tack for malware: the people on the phone number will then tell me how to download a program that "fixes" the problem and also makes me part of their botnet.) Dismissing the popup made it appear again, meaning I couldn't close the tab. The only way to recover was to use the process manager to kill IE.
Obviously the first thing to do, which I just did, was to tell Windows Security Essentials to do a scan, and it didn't find anything.
The second thing was to clear the browser cache.
The third thing was to add "pc-okok.com" to the reject file in Proxomitron, so that I can't ever load it again. But I still want to know how my access was hijacked.
I'd also like to know how my browser found the site. "pc-okok.com" doesn't resolve through DNS, so what address is it?
UPDATE: Ah. The entire URL does resolve through DNS to 23.3.75.25, which is "a23-3-75-25.deploy.static.akamaitechnologies.com". Think I'll be sending them some email... UPDATE: Man, I think they don't want to hear from anyone. What a clumsy web interface, which I don't think worked.
When that URL was created, someone did a reverse DNS on my IP in order to learn that I'm on Comcast Commercial. So I assume there was some other site in between, but the IE browser history doesn't show anything that makes any sense.
The only possibility I can see is that ANN's server has been corrupted.
UPDATE: Actually, I just remembered that this kind of thing has happened before, and it was a seedy advertiser coming in via a fairly respectable ad server.
This is apparently some new code for a classic attack; I've had two hijacks like this in the last two days after not having one for a year or so.
Posted by: Steven Den Beste at February 25, 2015 06:44 PM (+rSRq)
2
Yeah, pretty classic one to sneak into an ad-server.
Reminds me of the only time I ever got a virus. I was trying to diagnosis a problem on my sister's computer, and ended up hitting a similar link. (Was a Java exploit attack)
And there's a reason I run Adblock Plus & Ghostery/Disconnect. I have sympathy for the sites I visit, that it removes ad-revenue. But not enough for exposing myself to potential attack.
Posted by: sqa at February 26, 2015 05:32 AM (pNJS8)
I can't change the default player for MP3 files. It's set to "Windows Media Player" and frozen.
I can't uninstall Windows Media Player. It doesn't show up in the "Uninstall or change program" frame in the Control Panel.
I can't run WMP without going through a whole bunch of crap that's supposed to get me to subscribe to title-lookups and setting up playlists and buying stuff from the Microsoft music store and being part of weird social media shit.
This is how it feels:
So all I can do is to remember that I have to drag my MP3 files into Media Player Classic in order to avoid all that. It just plays the file; it doesn't do anything strange. That's what I want, but I can't make MPC my default MP3 player.
It shows up under the Windows Components for me. I've not tried to uninstall it, because I use it for mp4 files, and it only asked me once about the social media stuff and never again.
Heck, are you sure it's actually WMP and not some lookalike?
Posted by: CatCube at February 21, 2015 06:19 PM (fa4fh)
4
You're right! It never occurred to me that it would be treated as a Windows component instead of an application. So now my MP3 files show up with no association -- but I still can't associate them with MPC! I guess I'll have to let Zoom Player handle them.
Posted by: Steven Den Beste at February 21, 2015 06:54 PM (+rSRq)
5
Well, I'll have to live with it. I don't actually listen to MP3 files very often, so isn't really a big deal.
Posted by: Steven Den Beste at February 21, 2015 07:01 PM (+rSRq)
6
Hrmm... strange one. MPC has the ability to set association with MP3 files (View > Options > Formats), but Win 7 is preventing that from working? That's a pain in the butt.
Posted by: sqa at February 21, 2015 07:19 PM (pNJS8)
7
I'm able to just right click on an MP3 file, go to "Open With..." on the context menu, and down at the bottom is Choose Default Program. MPC is one of the options I get there.
Posted by: David at February 21, 2015 08:08 PM (+TPAa)
MPC doesn't show up on mine. It's MPC-HC 64 version 1.7.8.
Also, if I use the "search for app" mechanism and find MPC's exe file and click on that, it gets ignored.
Posted by: Steven Den Beste at February 21, 2015 10:28 PM (+rSRq)
9
And SQA gets a button. Using that menu, AND RUNNING AS ADMINISTRATOR, I can checkmark MP3, and now that association works correctly.
Posted by: Steven Den Beste at February 21, 2015 10:30 PM (+rSRq)
10
But I bet if WMP was still installed, that wouldn't have worked either. (I'm not going to experiment to find out, though.)
Posted by: Steven Den Beste at February 21, 2015 10:43 PM (+rSRq)
11
Getting a good, popular program to operate "normally" takes excessive work, but cruftware & adware can practically take over the computer with 1 misbegotten "Yes" click.
I loathe OSes sometimes.
Posted by: sqa at February 22, 2015 02:11 AM (pNJS8)
Reportedly, KB3004394 (which rolled out Tuesday) was crap and Microsoft says people should uninstall it.
UPDATE: I'm usually pretty good about checking for updates each Tuesday, but it looks like I didn't do it this week. I guess there are benefits to procrastination.
Of course, anyone who has "automatic update" enabled got screwed. Automatic Update is evil.
1
I have AU to only notify me but I did installed it. Thankfully it seems nothing bad happened until today, when I got the new update to remove the previous broken one. Still, I'll keep this in mind next time I roll an AMD update.
Posted by: Jaked at December 12, 2014 08:45 PM (UGgm0)
The latest Flash upgrade automagically installs Google Chrome and the Google Toolbar. There wasn't any place to opt out of it that I noticed.
That really stinks.
And uninstalling each of them opened a web page at Google asking all kinds of questions about me and how long I'd been using them and why I was disabling them.
Posted by: Siergen at June 16, 2014 03:43 PM (8/vFI)
4
Sounds like it's gotten worse. The last time I upgraded Flash, it was:
CLICK HERE to INSTALL FLASH
(disclaimer: clicking there authorizes all the google crap. It also gives google naming rights to your firstborn son, and a nine percent share of your immortal soul.)
...
...
...
(or click here to install without all the google crap. But seriously, they own half your soul by now, anyway, why fight it?)
Posted by: Mikeski at June 16, 2014 03:45 PM (Zlc1W)
5
This didn't happen when I updated on Friday. I've got it set to notify
but not automatically install - just went to the page, unchecked the
McAfee box (snort), and didn't have anything else pushed at me. Wonder
what was different?
Posted by: Avatar_exADV at June 16, 2014 05:54 PM (zJsIy)
6
Maybe there was a place to refuse the Google crap and I didn't notice it.
7
Probably, but I would swear Google switched my YouTube account over to Google+ without my consent (which they say they don't do). They just asked every time I logged in to switch to Google+, then one day they didn't ask, and I was on Google+.
Since then, my rule of thumb has been "if the installer doesn't ask me to install unwanted extra crap, exit the installer and start over because you missed it."
8
The worst example of this I've seen was with the Java updater, which installed the Ask Toolbar alongside a critical security patch.
Given how often Java has critical security bugs, and that they pull this stunt every single time, I'm surprised it hadn't happened to me before.
Posted by: Pixy Misa at June 17, 2014 07:03 AM (PiXy!)
9
Even better, for existing Chrome users Google just automatically disabled any third party Chrome extensions that are not offered through the Google Store, and won't let you re-enable them.
Because Google knows what's best for us idiots, apparently.
Posted by: wahsatchmo at June 17, 2014 08:05 AM (r4uXE)
10
Does anybody else remember when Google used the motto "Don't be evil?"
Posted by: CatCube at June 17, 2014 10:02 AM (pem+N)
Anyone hear any hints about why BakaBT went down yesterday? Server problems?
UPDATE: Suddenly it seems like a lot of things are gone. FunBlog isn't there any more. And AniNouto is missing in action. And for a while Ambient Irony was crashed, but that's fixed now.
Your link resolves to my link, which remains a 404. (Clear your browser cache and try it again.)
Posted by: Steven Den Beste at February 02, 2014 11:33 AM (+rSRq)
3
Your link doesn't work for me for FunBlog, but Don's does, and it doesn't resolve to yours.
Posted by: RickC at February 02, 2014 11:37 AM (swpgw)
4
OK, that's strange. When I copy Don's link and put it into Firefox, it works fine. But when I use it with IE, it resolves to my link, and fails.
Posted by: Steven Den Beste at February 02, 2014 11:52 AM (+rSRq)
5
I switched to a dynamic IP so the "~" address won't work anymore but the regular http://bugfox.net/fun/ should be fine. Maybe you need to clear IE's cache?
Posted by: Jonathan Tappan at February 02, 2014 12:37 PM (IgcpA)
Posted by: Jonathan Tappan at February 02, 2014 12:50 PM (IgcpA)
7
There's some service changes going on with the Aniblogger hosted sites, I gather, and an automated re-direction isn't presently working for Ani-nouto. It is still online though -
Posted by: DiGiKerot at February 02, 2014 01:04 PM (mrs0K)
8
That animeblogger.jp stuff is nonsense, I'm not going to accept it (meaning I'm not going to update). If URL is changed even this much, it's a new URL, so links to Ani-nouto are all broken anyway. So, why wouldn't I change to my own server, then? Result is the same: a migration.
I'm working on a migration right now, and unless Gotta and Akai restore normal URL where it was, it is going to go live.
Posted by: Pete Zaitcev at February 02, 2014 05:07 PM (RqRa5)
1
And I think the question zooms out to ask 'Why would anyone want to have their house connected to the internet for remote locking/control purposes?'
Posted by: Tom Tjarks at January 18, 2014 11:42 AM (T5fuR)
2
Well, for the house, I imagine it would be useful for monitoring the smart house functionality. If you realize you forgot to turn down the thermostat after leaving for a trip, you can do so from any connected computer. If a relative needs to get in while your away, they call you, you log in, click "open door", etc.
My two responses:
1. While smart houses are a nice idea, nothing remote access can get you is worth exposing your house controls to the greater internet. Maybe after someone comes up with a way to ( relatively ) hack proof them. Otherwise, its bait for thieves and vandals.
2. Why the hell would you need a smart fridge, anyway? What possible useful feature would this provide?
Posted by: metaphysician at January 18, 2014 12:57 PM (3GCAl)
3
One of my co-workers uses his smart thermostat to override the energy-consumption decisions his wife and kids make when he's not home.
-j
Posted by: J Greely at January 18, 2014 01:48 PM (7CyNp)
4
Obviously the internet connection is so you can make instant blog posts
when you have one of your "refrigerator moments" about an anime you just
watched...
Posted by: Siergen at January 18, 2014 05:19 PM (c2+vA)
It's been a year for my phone, and I've always recharged it when the battery hit about 45%, so I decided it was time to do a full discharge/recharge cycle. It's good for the battery to do that now and again.
So I had the phone down to 14%, and then I got a notification that Verizon wanted to roll out a patch. Oh, dear. Am I about to be bricked?
Fortunately for me, they recognized the danger of trying to install a patch when you have low battery, and gave me an error message. So I popped the phone onto the wireless charger and, eventually, let it install the patch.
Patches. Two of them.
The first one upgraded my phone from Android 4.1.1 to 4.2.2.
The second one implemented something called "Sense 5", which turns out to be a redesign of the GUI. Which wasn't broken, and didn't need to be fixed.
I haven't played with it much, but I've already noticed a couple of things. First, the look of the icons has changed. Weirder, it handles multiple screens differently than before.
I had five, and it used to be that you could scroll around the circle as many times as you wanted. When it reached the last one it would wrap around to the first. It doesn't any more, and I have no idea why they decided to change it.
They got rid of the ring, by which I mean the thing you sweep to confirm that you want to turn on the screen. Instead there's a version of the clock at the bottom of the screen, and you sweep that. ??
The camera app looks strange; they changed the look of all the controls.
Are they trying to make it look like an iPhone? In some cases it almost looks like Windows 8.
What was HTC thinking?
UPDATE: The new Accuweather app is ugly. And what is "Blinkfeed"?
I upgraded to IE11 when it hit Windows Update, and I wish I hadn't. My biggest complaint is that a lot of the time it is very slow loading pages, for no obvious reason.
My home page is on my local server, and in every previous version of IE, and in Firefox, it loads quite rapidly. There's no reason why it shouldn't.
But maybe three quarters of the time when I start IE11 it takes as much as 30 seconds for the page to show up. It makes me think that IE11 is trying to access something else and timing out before loading normally.
This also happens sometimes when I am already running and access a new page, or when I open a new tab. There's really no obvious reason for it. I'm thinking of backing it out again, but I'm not sure that's possible.
If you haven't already installed IE11, I recommend that you wait.
1
It's probably trying to mirror your entire browser session onto an NSA server, and hitting a bottleneck there...
Posted by: Siergen at December 14, 2013 02:01 PM (c2+vA)
2
Unfortunately, the only way for me to get rid of it is to retreat to a set point from November 26, and I really don't want to go back that far. So I'll have to put up with it and hope they figure out the problem and fix it.
Posted by: Steven Den Beste at December 14, 2013 02:43 PM (+rSRq)
3
Interesting that it didn't create a restore point before installing itself. I suppose we could be cynical and assume that's deliberate because they don't WANT us going back.
Posted by: RickC at December 14, 2013 06:17 PM (swpgw)
4
It did create a restore point, back on November 26 when I installed it. But I don't feel comfortable retreating that far.
Posted by: Steven Den Beste at December 14, 2013 07:22 PM (+rSRq)
5
Ah. I assumed that it didn't make one for some reason and that you would have had to go back further.
Posted by: RickC at December 14, 2013 09:24 PM (swpgw)
6
There should be some way to figure out if it's trying to load something up (A default home page that you've got blocked). You could even employ a network tool like Wireshark to see what it's doing.
Posted by: Mauser at December 15, 2013 12:26 AM (TJ7ih)
7
There is. I'm using an HTTP sniffer and trying to catch the event.
Posted by: Steven Den Beste at December 15, 2013 06:07 AM (+rSRq)
There was a long pause before IE11 sent out its first request, and then my server responded rapidly. I have no idea what IE11 was doing.
Posted by: Steven Den Beste at December 15, 2013 08:50 AM (+rSRq)
9
Just now, I was able to just uninstall the IE11 update and get the previous version back.
As for the problem, maybe corruption in the anti-phishing database, or IE failing to resolve hostnames correctly? I see a lot of stuff on forums about IE11 slowdowns, and they seem to fall into two major camps: disable/update all add-ons, or reset explorer. Plus some folks who've already tried both and had no luck, and others who successfully reverted to previous versions.
-j
Posted by: J Greely at December 15, 2013 10:50 AM (+cEg2)
10
Where did you find the "uninstall" option? It doesn't show up for me in the "installed programs" and in the Windows Update applet there's no such choice.
Posted by: Steven Den Beste at December 15, 2013 10:55 AM (+rSRq)
11
On the Windows Update control panel, bottom left, "Installed Updates". It was right near the top of the list along with all the security patches I've gotten recently. (Win7 64-bit)
-j
Posted by: J Greely at December 15, 2013 11:00 AM (+cEg2)
You have to go to Windows Update again after that, to install a big IE10 update.
Posted by: Steven Den Beste at December 15, 2013 11:54 AM (+rSRq)
14
In my experience, a consistent 30 second delay means a DNS lookup failure. But that doesn't tell you what or why. And if you have to go to extremes to make it work, you're better off just reverting to IE10 anyway.
Posted by: Pixy Misa at December 15, 2013 09:38 PM (PiXy!)
15
A DNS lookup fail doesn't make any sense because "denbeste.nu" (the base for my home page) is in my "hosts" file.
Posted by: Steven Den Beste at December 16, 2013 05:42 AM (+rSRq)
16
No, I think it does make "sense". This is IE we're talking about. Routing a connection through China 3 times for no apparent reason will make sense to certain versions.
Posted by: sqa at December 16, 2013 06:57 AM (BHEa5)
17
What I suspect it's doing is looking for something else entirely - checking on a plugin, maybe - before it even begins loading the web page, and that's what's failing. But since it helpfully also fails to tell you what it's doing or what the problem is, you can't do anything to fix it.
Posted by: Pixy Misa at December 16, 2013 07:16 AM (PiXy!)
18
Well, you can check on the load impact or whatever you call it of plugins, but that's about it. I find that helps improve startup time, but works best for me is simply changing the start page to about:blank; any other page I use as the start page seems to take a really long time to load, and the stop button doesn't really work for several seconds.
Posted by: RickC at December 16, 2013 12:55 PM (A9FNw)
My phone is an HTC Android "DNA" (AKA "Butterfly") from Verizon. It's a very nice phone which was absolutely the latest thing when I got it a year ago, and now Verizon doesn't sell it any more. I guess "new" gets old pretty quickly in this market. (Worse than when I was a phone designer.)
It only has one connector on it, a micro-USB. (The EU issued a regulation requiring all phones and similar devices to use that from now on. I generally am no fan of EU "design from the top by bureaucrats" regulations but this one made sense, with the idea being that it was stupid for every device to have to have its own charger, with a different unique connecter. So the charger that came with my first Kindle Fire works to charge the second one, and also works to charge my phone.
Part of why I bought a second Fire was that the connector on the first one broke, and it won't charge any more. And since I have had to plug my phone in twice a week, I've been afraid of the same thing happening to it.
A few days ago I heard someone referring to "wireless recharging" and it occurred to me that although such a thing is pretty new, maybe my phone is new enough to do it.
Well, it turns out it can. The keyword turned out to be "Qi" and it's a standard for wireless chargers. I just put in an order for one from NewEgg and it should arrive sometime next week. Once I have it, I should be able to charge my phone just by leaving it sitting on the charger pad.
One thing I'll be curious about: when I plug the phone in, there's an LED that turns amber while it charges, and turns green when it's finished. Will the same thing happen with a wireless charge? My guess is "yes".
1
My new Nexus 7 suddenly refused to charge one day - unless, I found after some experimentation, I shut it down first. After a few days it decided to behave again. (Asus say that a static charge can prevent the USB controller from going into charge mode, and that it will fix itself in due course. Since it did fix itself, that may well have been the cause.)
Anyway, I can get data on and off the thing via USB, WiFi, mobile network or Bluetooth, and if any one of those components fails, it would be a nuisance rather than a disaster. But if the USB charging fails... Actually, it turns out that it's Qi-compatible too. I might have to pick up one of those chargers.
Posted by: Pixy Misa at December 06, 2013 12:10 AM (PiXy!)
2
My Kindle's USB port is starting to get a little loose (and I've had it less than a year, and haven't had to charge it much) so I'm getting a bit worried as well.
Posted by: Mauser at December 06, 2013 02:38 AM (TJ7ih)
3
If you are willing to open the Fire, you just need to push the charging connector back in place and it should be fine. Because of issues with my hands, I can't do this and found a local repair shop that was willing to epoxy it in to place for a small fee.
(My concerns about opening the backplate are due to plastic clips along the sides. I just can't seem to work something in there gently enough to click them open, and I don't want to break them.)
Posted by: Tom Tjarks at December 06, 2013 06:59 AM (76G0j)
4
I lost my old Fire too quickly for a lose connector to become a problem, and Fire HD seems to hold well to use.
By the way, for a small bit of irony, the USB Consorcium is mulling the so-called "C" connector: the ultimate USB connector that will replace the old "A" and "B" (and mini-B and micro-B). It is going to be orientation-independent, so you can plug it in any side up. It supports USB 3.0 gigabit speeds and potentially faster clocks. All around superior connector.... But the Europe has already ordered micro-B as the standard. Oops.
Posted by: Pete Zaitcev at December 06, 2013 07:04 AM (RqRa5)
5
The C connector sounds great, particularly next to the horrible USB 3 micro-B connector. 10Gbit speeds, up to 60W power (I think), and no Spin-½ problem.
Posted by: Pixy Misa at December 06, 2013 07:41 AM (PiXy!)
6
The EU directive was stupid both for the reason Pete mentioned, which was something that they should have foreseen, and also because Europe and the US had already begun widely transitioning to the micro B connector.
Posted by: RickC at December 06, 2013 08:09 AM (A9FNw)
7
I use a Nexus 4 phone, and I charge it on a Qi charger every night– an Energizer branded two-position pad. (My fiancée's Motorola Droid X goes on the other position.) Our phones do light up their little "charging" lights while on the charge pad, so I would imagine your phone will do the same.
Posted by: Boviate at December 06, 2013 08:42 PM (CeQ+R)
I can't charge my phone at night because it has to sit on the bed next to my pillow, just in case I have another stroke while asleep. (Which is how it happened last time.) If I wake up and have a hard time moving, I'm going to need it and it won't do me any good if it's across the room sitting on a charger.
So I charge it during the day while I'm using my computer, and that will continue to be the case.
My phone is always within reach, no matter where I am or what I'm doing. Fortunately, I haven't needed it. But when that time comes (I hope never) I'll need it badly to call 911.
Posted by: Steven Den Beste at December 06, 2013 09:04 PM (+rSRq)
