the ultimate in spyware
March 10, 2013 9:01 PM Subscribe
Meet the men who spy on women through their webcams - "If you are unlucky enough to have your computer infected with a RAT, prepare to be sold or traded to the kind of person who enters forums to ask, "Can I get some slaves for my rat please? I got 2 bucks lol I will give it to you :b" At that point, the indignities you will suffer—and the horrific website images you may see—will be limited only by the imagination of that most terrifying person: a 14-year-old boy with an unsupervised Internet connection."
If MetaFilter is the best of the internet, surely, this is the worst.
posted by smirkette at 9:07 PM on March 10, 2013 [16 favorites]
posted by smirkette at 9:07 PM on March 10, 2013 [16 favorites]
(Um, not this post, but the subject.)
posted by smirkette at 9:08 PM on March 10, 2013 [1 favorite]
posted by smirkette at 9:08 PM on March 10, 2013 [1 favorite]
mathowie: "Whoa, super creepy."
Understatement, sir, a blatant understatement, I say.
posted by Samizdata at 9:10 PM on March 10, 2013 [1 favorite]
Understatement, sir, a blatant understatement, I say.
posted by Samizdata at 9:10 PM on March 10, 2013 [1 favorite]
So, I have an online female freind who has sworn that this was the case for years. I feel like a dick now for telling her that her conspiracy-theory world-view was overly paranoid.
posted by PareidoliaticBoy at 9:13 PM on March 10, 2013 [8 favorites]
posted by PareidoliaticBoy at 9:13 PM on March 10, 2013 [8 favorites]
On the flip side, though, this gives me some ideas to help my best friend's sister out. There's been some highly questionable activities with her unemployed husband using one of their computers (which is technically hers) and she is wondering, wondering, wondering. She also pays for their internet connection.
posted by Samizdata at 9:16 PM on March 10, 2013 [1 favorite]
posted by Samizdata at 9:16 PM on March 10, 2013 [1 favorite]
Excuse me, I have to strategically apply some duct tape to my laptop.
Dammit, when I heard of this before I thought it was the same tired paranoia that made certain people I knew hang coats over hotel television sets because they thought the government was using TVs to spy on people.
posted by bunderful at 9:17 PM on March 10, 2013 [2 favorites]
Dammit, when I heard of this before I thought it was the same tired paranoia that made certain people I knew hang coats over hotel television sets because they thought the government was using TVs to spy on people.
posted by bunderful at 9:17 PM on March 10, 2013 [2 favorites]
Remember, kids, this sort of thing is only legal if it's your school system.
Also, I remember reading people's comments online about however much it cost for a slideable webcam cover add-on to the effect that it was too much for a little piece of plastic and "nobody wants to watch you undress anyway." Wonder if they've seen this? Or maybe were wondering about "rat" programs themselves?
posted by Halloween Jack at 9:18 PM on March 10, 2013 [10 favorites]
Also, I remember reading people's comments online about however much it cost for a slideable webcam cover add-on to the effect that it was too much for a little piece of plastic and "nobody wants to watch you undress anyway." Wonder if they've seen this? Or maybe were wondering about "rat" programs themselves?
posted by Halloween Jack at 9:18 PM on March 10, 2013 [10 favorites]
This is why I have a piece of masking tape over my web cam whenever it's not in use. I never understood why webcams don't come with a manual shutter or a cover. Seems like this type of thing was only a matter of time and its such a simple fix that would have deterred this kind of crap from ever starting.
posted by whoaali at 9:20 PM on March 10, 2013 [10 favorites]
posted by whoaali at 9:20 PM on March 10, 2013 [10 favorites]
Post-it notes on the webcam. yep.
posted by dabitch at 9:24 PM on March 10, 2013 [7 favorites]
posted by dabitch at 9:24 PM on March 10, 2013 [7 favorites]
Yeah, I've got a corner of a post-it note over my webcam. I don't want it, I don't use it, and I don't need it, but there it is, looking at me everytime I sit down to the computer at home. This kind of dickishness just seems par for the course with anonymity. People do horrible things they'd never do if people could put a name to them. Then again, the more and more comfortable they get with awful behavior, there's a good chance they'll just start doing the same shit in the open.
Technology, enabling our utopia!
posted by Ghidorah at 9:26 PM on March 10, 2013 [1 favorite]
Technology, enabling our utopia!
posted by Ghidorah at 9:26 PM on March 10, 2013 [1 favorite]
I really can't wait until I can install Genode on this thing and get away from the default permissive insanity that is Windows (or Linux for that matter).
Ughhh... now I'll have nightmares until then.
posted by MikeWarot at 9:27 PM on March 10, 2013 [1 favorite]
Ughhh... now I'll have nightmares until then.
posted by MikeWarot at 9:27 PM on March 10, 2013 [1 favorite]
Yeah, I just got a webcam for some work stuff. And it's got a bright blue light for when it's on. And I still physically unplug it when I'm not using it, just in case.
posted by Ghostride The Whip at 9:28 PM on March 10, 2013 [2 favorites]
posted by Ghostride The Whip at 9:28 PM on March 10, 2013 [2 favorites]
Remember, kids, this sort of thing is only legal if it's your school system.
Aaron's furniture rental allegedly spied on customers renting PCs too.
Plus, if you have a work laptop, there's probably this kind of remote administration software installed on it, and you have no way of knowing who in IT (or people your IT contracts with!) might be able to toggle it on. I disable my webcam in the device manager *and* cover the the damn thing with a post-it.
I guess someone could still turn on the computer's mic and listen, but I have to hope no one is bored enough to want to listen to me talk to the dog...
posted by Blue Jello Elf at 9:30 PM on March 10, 2013 [1 favorite]
Aaron's furniture rental allegedly spied on customers renting PCs too.
Plus, if you have a work laptop, there's probably this kind of remote administration software installed on it, and you have no way of knowing who in IT (or people your IT contracts with!) might be able to toggle it on. I disable my webcam in the device manager *and* cover the the damn thing with a post-it.
I guess someone could still turn on the computer's mic and listen, but I have to hope no one is bored enough to want to listen to me talk to the dog...
posted by Blue Jello Elf at 9:30 PM on March 10, 2013 [1 favorite]
The webcam access is only one of the troubling aspects here... okay, being spied on in real time is pretty cringe-worthy, true, but a post-it isn‘t going to stop someone from looking at pictures on your hard drive, or trying to get passwords, or any of the other fun side-effects of someone havingcomplete control over your computer.
*shiver*
Now, if you‘ll excuse me, I‘m off to yank my phone line out of the wall...
posted by Jughead at 9:35 PM on March 10, 2013 [5 favorites]
*shiver*
Now, if you‘ll excuse me, I‘m off to yank my phone line out of the wall...
posted by Jughead at 9:35 PM on March 10, 2013 [5 favorites]
The article mentioned that many webcam models include an "active" light, and at the end of the article, there's a general recommendation for those worried about becoming a "slave" via RAT:
posted by filthy light thief at 9:35 PM on March 10, 2013 [4 favorites]
Those who don't want to end up being toyed with in a YouTube video are advised to take the same precautions that apply to most malware: use a solid anti-malware program, keep your operating system updated, and make sure plugins (especially Flash and Java) aren't out of date. Don't visit dodgy forums or buy dodgy items, don't click dodgy attachments in e-mail, and don't download dodgy torrents. Such steps won't stop every attack, but they will foil many casual users looking to add a few more slaves to their collections.It was also interesting that the note on the Syrian government using "off-the-shelf" RAT software to spy on Syrian activists.
posted by filthy light thief at 9:35 PM on March 10, 2013 [4 favorites]
While the masking tape over the web cam thing is cheap it's only a minor solution. Remember that the software exposes all your files too which probably includes pictures of yourself and others; some of which are going to be more personal than whatever is glean from a web cam. Plus encryption is only a partial solution to keeping those things private.
posted by Mitheral at 9:36 PM on March 10, 2013
posted by Mitheral at 9:36 PM on March 10, 2013
Jughead: "Now, if you‘ll excuse me, I‘m off to yank my phone line out of the wall..."
ObSF: John Varley, Press Enter _
posted by Chrysostom at 9:37 PM on March 10, 2013 [7 favorites]
ObSF: John Varley, Press Enter _
posted by Chrysostom at 9:37 PM on March 10, 2013 [7 favorites]
Wow. Did I just lsof -i? Yes, yes I did.
posted by eustacescrubb at 9:42 PM on March 10, 2013 [9 favorites]
posted by eustacescrubb at 9:42 PM on March 10, 2013 [9 favorites]
Also, this article is another reminder that "computer education" classes would be quite valuable in elementary schools, if not something taught at every 4th year of schooling.
I missed it on my first read, but the OP article notes that one of the first RAT/malware programs of this sort came out 15 years ago, and a year after it was released, some half-million PCs were infected world-wide.
posted by filthy light thief at 9:44 PM on March 10, 2013
I missed it on my first read, but the OP article notes that one of the first RAT/malware programs of this sort came out 15 years ago, and a year after it was released, some half-million PCs were infected world-wide.
posted by filthy light thief at 9:44 PM on March 10, 2013
so hey guys I hear that there are operating systems other than Windows out there that might actually even have some benefits compared to etc.
posted by DoctorFedora at 9:48 PM on March 10, 2013 [4 favorites]
posted by DoctorFedora at 9:48 PM on March 10, 2013 [4 favorites]
Hope these guys like cat butts, 'cause that's what randomly tapping in to my webcam is likely to get them.
Speak of the devil, suddenly I can't see my screen. Hello, cat. Please, make yourself at home.
posted by maryr at 9:50 PM on March 10, 2013 [32 favorites]
Speak of the devil, suddenly I can't see my screen. Hello, cat. Please, make yourself at home.
posted by maryr at 9:50 PM on March 10, 2013 [32 favorites]
Well, I'm creeped out.
posted by jacquilynne at 9:51 PM on March 10, 2013 [1 favorite]
posted by jacquilynne at 9:51 PM on March 10, 2013 [1 favorite]
DoctorFedora: "so hey guys I hear that there are operating systems other than Windows out there that might actually even have some benefits compared to etc."
Freaking communist! All good 'Muricans use Windows! Anything else is evil!
(quickly changes windows manager theme to look like Windows 95)
See?
(Epistonyrical, BTW. If I misspelled it, I don't care.)
posted by Samizdata at 9:52 PM on March 10, 2013 [3 favorites]
Freaking communist! All good 'Muricans use Windows! Anything else is evil!
(quickly changes windows manager theme to look like Windows 95)
See?
(Epistonyrical, BTW. If I misspelled it, I don't care.)
posted by Samizdata at 9:52 PM on March 10, 2013 [3 favorites]
Now I feel totally validated for the YEARS I put tape on my webcam when I wasn't using it.
posted by nile_red at 9:53 PM on March 10, 2013 [2 favorites]
posted by nile_red at 9:53 PM on March 10, 2013 [2 favorites]
And, if someone wants to see me naked on webcam, all they have to do is ask nicely. Although it might suck as my DSL is rather slow.
Interestingly enough, things like this don't work without bandwidth. Wonder how they would work on dialup...
posted by Samizdata at 9:54 PM on March 10, 2013
Interestingly enough, things like this don't work without bandwidth. Wonder how they would work on dialup...
posted by Samizdata at 9:54 PM on March 10, 2013
People like this are the reason why national governments around the world want to censor the internet.
posted by justinleon at 9:57 PM on March 10, 2013 [2 favorites]
posted by justinleon at 9:57 PM on March 10, 2013 [2 favorites]
*more seriously* I had a bad experience with this sort of thing. The boyfriend of a roommate used to hang out all the time at our place, even when she wasn't around, and it was no big deal. We were all pretty chummy, but there was something creepy about the guy and I never quite warmed up to him. Fast forward a few years and she discovers a folder on his harddrive with mine and many of my friends' erotic pictures, which were not shared and had never been. In one case he had pictures someone had only had on their computer for hours. He had a collection of most of my friends naked. She thought I'd somehow intentionally been sending him my photos until she found other folks we knew. They're still together.
posted by nile_red at 9:57 PM on March 10, 2013 [1 favorite]
posted by nile_red at 9:57 PM on March 10, 2013 [1 favorite]
Linux and no webcam. Also, male. I think I'm safe... ish.
This is why, when you are pretty sure you have a virus, the first thing you do is unplug from the damn internet and flip the hardware switch on your wifi off.
You do have a hardware- oh. Hum. Turn it off, pull out the wifi ca- oh, it's soldered in? Hmm...
posted by BungaDunga at 10:04 PM on March 10, 2013 [1 favorite]
This is why, when you are pretty sure you have a virus, the first thing you do is unplug from the damn internet and flip the hardware switch on your wifi off.
You do have a hardware- oh. Hum. Turn it off, pull out the wifi ca- oh, it's soldered in? Hmm...
posted by BungaDunga at 10:04 PM on March 10, 2013 [1 favorite]
Yeah when BO was first released it was pretty impressive, then there was NetBus and BO2k. I worked with a few sysadmins that used BO or NetBus for legit reasons to admin NT4 but it is pretty clear based on the fact that unlike something like DameWare they are totally silent, and can be used with rootkits and automated droppers that they are clearly for nefarious purposes.
Yeah, windows sucked bigtime, in addition to RATs there were dozens of remote SMB exploits if you were going to drop an unpatched 98 or nt4 machine online you were going to have a bad time. People conveniently forget unix had 30 years of daily 0 day exploits. Sendmail and bind had remote exploits almost every release. Unix security was a nightmare for many years.
posted by Ad hominem at 10:05 PM on March 10, 2013 [3 favorites]
Yeah, windows sucked bigtime, in addition to RATs there were dozens of remote SMB exploits if you were going to drop an unpatched 98 or nt4 machine online you were going to have a bad time. People conveniently forget unix had 30 years of daily 0 day exploits. Sendmail and bind had remote exploits almost every release. Unix security was a nightmare for many years.
posted by Ad hominem at 10:05 PM on March 10, 2013 [3 favorites]
You know, I wonder about the mentality behind stuff like this. Are any of these people full-on peeping toms IRL? Somehow, I doubt it. After all, only a sexless loser would hang out in the bushes under a window, right? And it‘s not as if there are groups of perverts meeting anywhere offline to exchange helpful tips on how to be a peeper (yeah, man, get a black hoodie, it‘ll make you harder to spot!) Take the computer out of the equation, and the whole thing just seems ridiculous.
It would seem the available technology is making this not only easier from a practical standpoint, but an ethical one as well...
posted by Jughead at 10:08 PM on March 10, 2013
It would seem the available technology is making this not only easier from a practical standpoint, but an ethical one as well...
posted by Jughead at 10:08 PM on March 10, 2013
Ha, the joke's on you! You see, I already knew people are awful, so this article totally failed to shatter my faith in humanity more than it already had been.
posted by wolfdreams01 at 10:13 PM on March 10, 2013 [29 favorites]
posted by wolfdreams01 at 10:13 PM on March 10, 2013 [29 favorites]
Tell me there isn't a way to do this with my phone camera. . . Please?
posted by peppermind at 10:13 PM on March 10, 2013 [1 favorite]
posted by peppermind at 10:13 PM on March 10, 2013 [1 favorite]
Wow, peppermind, you should wear more earth tones, that bright green sweater really doesn‘t suit you...
Sorry.
posted by Jughead at 10:16 PM on March 10, 2013 [6 favorites]
Sorry.
posted by Jughead at 10:16 PM on March 10, 2013 [6 favorites]
Tell me there isn't a way to do this with my phone camera. . . Please?
The security models on phones are significantly better, but it's perfectly possible. Anything that you can get root on can be backdoored.
posted by jaduncan at 10:18 PM on March 10, 2013
The security models on phones are significantly better, but it's perfectly possible. Anything that you can get root on can be backdoored.
posted by jaduncan at 10:18 PM on March 10, 2013
Yes it can be done to your phone. Also to your Mac.
posted by humanfont at 10:32 PM on March 10, 2013
posted by humanfont at 10:32 PM on March 10, 2013
I totally agree with the keeping your plugins up to date. And as for Java, only have it installed it you absolutely, positively, cannot work without it. Having it installed it like a bootstrapping agent for these things.
posted by BustedCatalyzer at 10:36 PM on March 10, 2013
posted by BustedCatalyzer at 10:36 PM on March 10, 2013
Speaking as an obese old guy, this is exactly why I code naked.
posted by Tell Me No Lies at 10:48 PM on March 10, 2013 [67 favorites]
posted by Tell Me No Lies at 10:48 PM on March 10, 2013 [67 favorites]
Read this piece a while back. Was thinking a resourceful business-person could easily make a killing selling small flaps with a self-adhesive sticker or something to cover web-cams on laptops. You put the flap down for most of the time; the time you want to have a video conference, you put the flap up and speak. For added marketability, you could even sell "premium" flaps with pictures of Hello Kitty, Angry Birds, the outline PSY or a logo particularly favoured by kids these days.
I got nothing beyond this. Creepy, sad and makes you angry.
posted by the cydonian at 10:50 PM on March 10, 2013 [2 favorites]
I got nothing beyond this. Creepy, sad and makes you angry.
posted by the cydonian at 10:50 PM on March 10, 2013 [2 favorites]
In November there was an Ask Metafilter question about phone spying, with answers that might be interesting to people here. I contributed what I know about publicly-available commercial spy software for iPhones - there are tools that can transmit already-taken photos (such as Mobile Spy and InnovaSpy), but they don't remotely activate the camera. It wouldn't be too hard for a person to write something like that though, so we can guess that somebody has already done it.
posted by dreamyshade at 10:51 PM on March 10, 2013 [5 favorites]
posted by dreamyshade at 10:51 PM on March 10, 2013 [5 favorites]
Why does this article link to sites where you can buy spy software? Including spy software that can admittedly steal credit card information?
And that's after scrolling past like 50 photos of beautiful women with their faces blurred out in a row - way more than are actually needed to illustrate the article.
I came away almost feeling like I was being encouraged to do something illegal. I hope this is an FBI set up. Otherwise, "ethical" journalist, heal thyself.
posted by subdee at 11:06 PM on March 10, 2013 [14 favorites]
And that's after scrolling past like 50 photos of beautiful women with their faces blurred out in a row - way more than are actually needed to illustrate the article.
I came away almost feeling like I was being encouraged to do something illegal. I hope this is an FBI set up. Otherwise, "ethical" journalist, heal thyself.
posted by subdee at 11:06 PM on March 10, 2013 [14 favorites]
At that point, the indignities you will suffer—and the horrific website images you may see—will be limited only by the imagination of that most terrifying person: a 14-year-old boy with an unsupervised Internet connection.
How do people not notice that their kids are total assholes? I know my parents spent an enormous amount of time with their pre-teen and teen kids making sure we didn't grow up to be amoral little fucks who believe in trickle down economics and spying on people through their webcams. They took our moral development kind of seriously as I recall.
posted by fshgrl at 11:07 PM on March 10, 2013 [24 favorites]
How do people not notice that their kids are total assholes? I know my parents spent an enormous amount of time with their pre-teen and teen kids making sure we didn't grow up to be amoral little fucks who believe in trickle down economics and spying on people through their webcams. They took our moral development kind of seriously as I recall.
posted by fshgrl at 11:07 PM on March 10, 2013 [24 favorites]
fshgrl: "At that point, the indignities you will suffer—and the horrific website images you may see—will be limited only by the imagination of that most terrifying person: a 14-year-old boy with an unsupervised Internet connection.
How do people not notice that their kids are total assholes? I know my parents spent an enormous amount of time with their pre-teen and teen kids making sure we didn't grow up to be amoral little fucks who believe in trickle down economics and spying on people through their webcams. They took our moral development kind of seriously as I recall."
Because, I think, they think that if their kid is an asshole, that they themselves are assholes by failing parenting enough to raise an asshole.
posted by Samizdata at 11:09 PM on March 10, 2013 [2 favorites]
How do people not notice that their kids are total assholes? I know my parents spent an enormous amount of time with their pre-teen and teen kids making sure we didn't grow up to be amoral little fucks who believe in trickle down economics and spying on people through their webcams. They took our moral development kind of seriously as I recall."
Because, I think, they think that if their kid is an asshole, that they themselves are assholes by failing parenting enough to raise an asshole.
posted by Samizdata at 11:09 PM on March 10, 2013 [2 favorites]
This is the creepiest fucking thing I have heard about in a long time.
posted by Scientist at 11:09 PM on March 10, 2013 [1 favorite]
posted by Scientist at 11:09 PM on March 10, 2013 [1 favorite]
Anything that you can get root on can be backdoored.
Not having any idea what this means, it sounds filthy.
posted by Bookhouse at 11:17 PM on March 10, 2013 [22 favorites]
Not having any idea what this means, it sounds filthy.
posted by Bookhouse at 11:17 PM on March 10, 2013 [22 favorites]
"I know my parents spent an enormous amount of time with their pre-teen and teen kids making sure we didn't grow up to be amoral little fucks"
This is what is known as a sheltered upbringing. If you don't know about the crap that is happening around you, you generally don't recognize what exactly is occurring.
posted by Ardiril at 11:25 PM on March 10, 2013
This is what is known as a sheltered upbringing. If you don't know about the crap that is happening around you, you generally don't recognize what exactly is occurring.
posted by Ardiril at 11:25 PM on March 10, 2013
And as for Java, only have it installed it you absolutely, positively, cannot work without it. Having it installed it like a bootstrapping agent for these things.
Everything mentioned in the article was a trojan. Java exploits are entirely unrelated to "these" things.
posted by flaterik at 11:36 PM on March 10, 2013 [2 favorites]
Everything mentioned in the article was a trojan. Java exploits are entirely unrelated to "these" things.
posted by flaterik at 11:36 PM on March 10, 2013 [2 favorites]
I guess I was pretty much an amoral fuck. Would I have messed with people by opening and closing their cd-rom tray, making the windows TTS system say stuff, or play freaky sounds when I was 14? I would have probably killed to get A remote admin tool on my school's computers.
Would I have spied on random people with webcams? I doubt it, it seems way too creepy and mostly boring.
Then again, I knew about BO when it came out because I knew people in cDc, and I never did anything illicit with it so maybe there is some hope for me. I guess my parents did ok after all.
posted by Ad hominem at 11:46 PM on March 10, 2013 [2 favorites]
Would I have spied on random people with webcams? I doubt it, it seems way too creepy and mostly boring.
Then again, I knew about BO when it came out because I knew people in cDc, and I never did anything illicit with it so maybe there is some hope for me. I guess my parents did ok after all.
posted by Ad hominem at 11:46 PM on March 10, 2013 [2 favorites]
haha, yeah we definitely did NOT have a sheltered upbringing, especially by American standards (I did not grow up in the US). That's more of a totally hilarious mis-interpretation than an uncharitable one.
We did get to spend a lot of time listening to my Mom lecturing us about not being jerks though.
posted by fshgrl at 12:02 AM on March 11, 2013 [2 favorites]
We did get to spend a lot of time listening to my Mom lecturing us about not being jerks though.
posted by fshgrl at 12:02 AM on March 11, 2013 [2 favorites]
"Imagine your sister is being posted right here, how would you feel?" wrote one poster, which sounds like an exhortation to stop ratting. But the poster immediately concluded that the only real rule is not to hack "nice gurls."
This just made me so sad. And tired. Feminism in general, and education of young boys in particular, is really failing here.
posted by lollusc at 12:34 AM on March 11, 2013 [27 favorites]
This just made me so sad. And tired. Feminism in general, and education of young boys in particular, is really failing here.
posted by lollusc at 12:34 AM on March 11, 2013 [27 favorites]
I couldn't imagine not feeling like I was crossing some line into "creep doomed to a life of creeping about and never getting laid for real" if I were to engage in such a thing at any age past 12. I remember my first and only foray into malware and incidentally recursive programming; I didn't realize that's what I was doing at the time, but I wrote a program that would go into the root of C: and recursively delete every folder on the hard drive (DOS 5 / 6 era, 1993) including hidden and system files, leaving nothing but itself and an ominous "sorry bro" text file behind. I never tested it but thought it through over and over and fancied an opportunity to let it rip.
I tricked the sysop of a local bulletin board into running it by uploading it as a new anonymous-ish user to his BBS with an enticing FILE_ID.DIZ file using fancy extended ASCII characters (hollah!), but he quickly figured it out it was me, as we went to the same high school and I was too proud of my exploits not to have told anyone else. He was somewhat of a douchey know it all guy who earned my ire for sharing the same name as me and disliking me for sharing some of his hobbies, though I suspect he felt the same way and we just never hit it off so we found reasons to dislike each other. Also, we both liked Nine Inch Nails, so there you go, only one of us could remain. I should add here that to make this feel sufficiently intriguing at the time I deleted all traces of the source code from my own computer using repeated pass "file shredding" and had only a crumpled printout of the dastardly ~80 lines of code as a sole record of its existence.
It was kind of awkward explaining the concepts of deleted file recovery...I had an "ah ha" moment where I realized I knew more about this stuff than he did and shouldn't be all competitive with him about silly computer stuff because he's probably just intimidated by my awesome knowledge and simultaneously realized he was within his rights to punch me and I didn't need to point this out to him in any tactless way, so I nicely explained and what it effectively meant to have all of your files deleted "DEL *.*" style back then with the resources he had available to him when he asked me if there was some magical way to reverse the effects of the wily game gone wild. He demanded to see the source code to determine if he could reverse its evil effects but remember, the source no longer existed (intrigue!) and he didn't have the chops to reverse engineer the executable and find out that it just uses the ATTRIB and DIR and DEL comments as I explained already. Now that I think back I figure he probably understood it all perfectly well and just figured I wasn't that much of a dick that I'd actually delete his shit.
I think UNDELETE didn't hold up well once you were dealing with an entire missing folder structure, and he just started over with a new bulletin board, "part II."
posted by lordaych at 12:54 AM on March 11, 2013
I tricked the sysop of a local bulletin board into running it by uploading it as a new anonymous-ish user to his BBS with an enticing FILE_ID.DIZ file using fancy extended ASCII characters (hollah!), but he quickly figured it out it was me, as we went to the same high school and I was too proud of my exploits not to have told anyone else. He was somewhat of a douchey know it all guy who earned my ire for sharing the same name as me and disliking me for sharing some of his hobbies, though I suspect he felt the same way and we just never hit it off so we found reasons to dislike each other. Also, we both liked Nine Inch Nails, so there you go, only one of us could remain. I should add here that to make this feel sufficiently intriguing at the time I deleted all traces of the source code from my own computer using repeated pass "file shredding" and had only a crumpled printout of the dastardly ~80 lines of code as a sole record of its existence.
It was kind of awkward explaining the concepts of deleted file recovery...I had an "ah ha" moment where I realized I knew more about this stuff than he did and shouldn't be all competitive with him about silly computer stuff because he's probably just intimidated by my awesome knowledge and simultaneously realized he was within his rights to punch me and I didn't need to point this out to him in any tactless way, so I nicely explained and what it effectively meant to have all of your files deleted "DEL *.*" style back then with the resources he had available to him when he asked me if there was some magical way to reverse the effects of the wily game gone wild. He demanded to see the source code to determine if he could reverse its evil effects but remember, the source no longer existed (intrigue!) and he didn't have the chops to reverse engineer the executable and find out that it just uses the ATTRIB and DIR and DEL comments as I explained already. Now that I think back I figure he probably understood it all perfectly well and just figured I wasn't that much of a dick that I'd actually delete his shit.
I think UNDELETE didn't hold up well once you were dealing with an entire missing folder structure, and he just started over with a new bulletin board, "part II."
posted by lordaych at 12:54 AM on March 11, 2013
"Imagine your sister is being posted right here, how would you feel?" wrote one poster, which sounds like an exhortation to stop ratting. But the poster immediately concluded that the only real rule is not to hack "nice gurls."
This just made me so sad. And tired. Feminism in general, and education of young boys in particular, is really failing here.
I agree with the general sentiment, but really? How is this a failure of feminism?
posted by moody cow at 12:54 AM on March 11, 2013 [3 favorites]
This just made me so sad. And tired. Feminism in general, and education of young boys in particular, is really failing here.
I agree with the general sentiment, but really? How is this a failure of feminism?
posted by moody cow at 12:54 AM on March 11, 2013 [3 favorites]
I feel sane again.
Thank you madamjujujive for this link that just informed me that the events of 3 years ago were not "me losing my mind" ...
*wipes single tear*
posted by infini at 12:56 AM on March 11, 2013
Thank you madamjujujive for this link that just informed me that the events of 3 years ago were not "me losing my mind" ...
*wipes single tear*
posted by infini at 12:56 AM on March 11, 2013
It's a failure of feminism because feminists demand to be treated equally which means there's nothing wrong with stalking women and doing horrible stuff because I'm a guy and if some chick was spying on me I'd be flattered bro.
posted by lordaych at 12:59 AM on March 11, 2013 [1 favorite]
posted by lordaych at 12:59 AM on March 11, 2013 [1 favorite]
I don't think anyone doing this would not know that they're doing something wrong. Also something illegal just about anywhere, I think.
posted by Joe in Australia at 1:11 AM on March 11, 2013 [1 favorite]
posted by Joe in Australia at 1:11 AM on March 11, 2013 [1 favorite]
Last night I saw a guy with his laptop in a cafe and he had the webcam taped up with a piece of paper. I guess this is why. Creepy.
posted by molecicco at 1:18 AM on March 11, 2013
posted by molecicco at 1:18 AM on March 11, 2013
How do people not notice that their kids are total assholes? I know my parents spent an enormous amount of time with their pre-teen and teen kids making sure we didn't grow up to be amoral little fucks who believe in trickle down economics and spying on people through their webcams. They took our moral development kind of seriously as I recall.
my mom was too busy working three jobs for 100 hours a week to be able to do this for me. fortunately i had enough smart and nice people around me oti to make sure i turned out ok, but i was lucky.
posted by p3on at 1:47 AM on March 11, 2013 [2 favorites]
my mom was too busy working three jobs for 100 hours a week to be able to do this for me. fortunately i had enough smart and nice people around me oti to make sure i turned out ok, but i was lucky.
posted by p3on at 1:47 AM on March 11, 2013 [2 favorites]
How do people not notice that their kids are total assholes? I know my parents spent an enormous amount of time with their pre-teen and teen kids making sure we didn't grow up to be amoral little fucks who believe in trickle down economics and spying on people through their webcams. They took our moral development kind of seriously as I recall.
Lots of parents don't have an enormous amount of time to do that. They have a reasonable amount of time to police their children's activities and try to teach them what's right and wrong. Beyond that is madness (and helicopter parenting).
posted by pracowity at 1:51 AM on March 11, 2013 [2 favorites]
Lots of parents don't have an enormous amount of time to do that. They have a reasonable amount of time to police their children's activities and try to teach them what's right and wrong. Beyond that is madness (and helicopter parenting).
posted by pracowity at 1:51 AM on March 11, 2013 [2 favorites]
Sorry, I realise that could be ambiguous. I didn't mean it in the sense of "we feminists have done something wrong", or "feminism is insufficient". I meant "feminism has failed to permeate society in the way that it really should have by now". Society is failing at being feminist, not feminists are failing at society.
posted by lollusc at 2:25 AM on March 11, 2013 [25 favorites]
posted by lollusc at 2:25 AM on March 11, 2013 [25 favorites]
My mother grew up with no brothers and really had no idea what boys would get up to. Dad did know but was busy elsewhere.
I'm not someone who likes pranks or messing with people at all, but I am one curious individual. I poked around my share of computer systems at that age. It was exciting! There I was bored out of my skull in high school and here was a window into whole other worlds. The fact that those worlds turned out to be stupefyingly boring was okay; We were all having a lot more fun pretending that the Feds were watching our every move and just waiting to pounce on us.
At that time only business computers were really accessible though, and home computers had no permanent storage anyway.
A few years later I cut my teeth on the Appletalk network stack by writing a program to remotely turn on my housemate's microphone and stream the output to me. My housemate was fully aware of it though; In any case at that time and place I would have paid a great deal *not* to know what was going on in his room.
So now we have video cameras and root kits everywhere, and as I've watched the situation develop I've thought many times of making use of it. I usually couch it in terms of art ("An Exploration of Humans And Technology", "How We Look When No One Is Looking", "The Other Side Of The Internet Conversation") but in truth I just think it would be really cool to get a peek into private places.
I don't of course: I have too much respect for people now. But that bored, bored 14 year old me probably would have poked around just for the thrill of it.
posted by Tell Me No Lies at 2:42 AM on March 11, 2013 [1 favorite]
I'm not someone who likes pranks or messing with people at all, but I am one curious individual. I poked around my share of computer systems at that age. It was exciting! There I was bored out of my skull in high school and here was a window into whole other worlds. The fact that those worlds turned out to be stupefyingly boring was okay; We were all having a lot more fun pretending that the Feds were watching our every move and just waiting to pounce on us.
At that time only business computers were really accessible though, and home computers had no permanent storage anyway.
A few years later I cut my teeth on the Appletalk network stack by writing a program to remotely turn on my housemate's microphone and stream the output to me. My housemate was fully aware of it though; In any case at that time and place I would have paid a great deal *not* to know what was going on in his room.
So now we have video cameras and root kits everywhere, and as I've watched the situation develop I've thought many times of making use of it. I usually couch it in terms of art ("An Exploration of Humans And Technology", "How We Look When No One Is Looking", "The Other Side Of The Internet Conversation") but in truth I just think it would be really cool to get a peek into private places.
I don't of course: I have too much respect for people now. But that bored, bored 14 year old me probably would have poked around just for the thrill of it.
posted by Tell Me No Lies at 2:42 AM on March 11, 2013 [1 favorite]
In a Venn diagram of those who are totally squicked out by this "ratting" and those who spend of their time on Chatroulette, there is doubtless some overlap.
As for this, from subdee:
And that's after scrolling past like 50 photos of beautiful women with their faces blurred out in a row - way more than are actually needed to illustrate the article.
I totally agree. This is like one of those tabloid articles that runs a story about a tearful supermodel upset about topless paparazzi photos JUST LIKE THESE ONES HERE.
posted by chavenet at 3:25 AM on March 11, 2013 [1 favorite]
As for this, from subdee:
And that's after scrolling past like 50 photos of beautiful women with their faces blurred out in a row - way more than are actually needed to illustrate the article.
I totally agree. This is like one of those tabloid articles that runs a story about a tearful supermodel upset about topless paparazzi photos JUST LIKE THESE ONES HERE.
posted by chavenet at 3:25 AM on March 11, 2013 [1 favorite]
Society is failing at being feminist, not feminists are failing at society.
posted by lollusc
Thanks for the clarification. And I couldn't agree more.
posted by moody cow at 3:27 AM on March 11, 2013 [1 favorite]
posted by lollusc
Thanks for the clarification. And I couldn't agree more.
posted by moody cow at 3:27 AM on March 11, 2013 [1 favorite]
how do people not notice their kids are total assholes?
Many parents are also total assholes.
They think it's normal, par for the course, funny, admirable or unimportant. Many, many foolish, unreflective, immoral and/or downright awful people exist in this world and a lot of them have children. Life's not an after school special where parents are mature, wise and benevolent champions of morality, love and decency.
Becoming a parent doesn't automatically make someone a good person and a lot of people frankly don't give a shit about their kids' character because they have poor character themselves. In many cases, I believe it doesn't even occur to them to be concerned about their kids' character as such (their kids' actions and consequenses and well being, perhaps. But not their character in a larger sense).
I think that not knowing this is what another poster might have meant by "sheltered".
posted by windykites at 3:34 AM on March 11, 2013 [12 favorites]
Many parents are also total assholes.
They think it's normal, par for the course, funny, admirable or unimportant. Many, many foolish, unreflective, immoral and/or downright awful people exist in this world and a lot of them have children. Life's not an after school special where parents are mature, wise and benevolent champions of morality, love and decency.
Becoming a parent doesn't automatically make someone a good person and a lot of people frankly don't give a shit about their kids' character because they have poor character themselves. In many cases, I believe it doesn't even occur to them to be concerned about their kids' character as such (their kids' actions and consequenses and well being, perhaps. But not their character in a larger sense).
I think that not knowing this is what another poster might have meant by "sheltered".
posted by windykites at 3:34 AM on March 11, 2013 [12 favorites]
Even creepier : Police officer 'used criminal intelligence system as dating agency'
posted by jeffburdges at 4:08 AM on March 11, 2013 [2 favorites]
posted by jeffburdges at 4:08 AM on March 11, 2013 [2 favorites]
This is where I note that RAT's are out there for the Mac - most (if not all) of them require you to enter your system password. When you see that prompt, think carefully about the software you're installing, where you downloaded it from, and if it seems legit - the dialog box has no misspellings and a cancel button. If there's no cancel button, force-quit from the apple menu. Apple's security model is pretty good, but it needs you to be aware of trojans - don't eat hotdogs from gas stations, don't install software from a Torrent or Usenet or a sketchy download site, and definitely not anything sent to you in email.
posted by Slap*Happy at 4:53 AM on March 11, 2013 [8 favorites]
posted by Slap*Happy at 4:53 AM on March 11, 2013 [8 favorites]
Curious over-emphasis on the importance of images here. "Capturing" an image of someone makes them your "slave", does it? I knew those cameras were stealing my soul...
And then apparently merely covering the lens makes it alright? They can't see you, so no further need to worry about them controlling your computer....
posted by Segundus at 4:56 AM on March 11, 2013 [2 favorites]
And then apparently merely covering the lens makes it alright? They can't see you, so no further need to worry about them controlling your computer....
posted by Segundus at 4:56 AM on March 11, 2013 [2 favorites]
so no further need to worry about them controlling your computer....
They're actually working on DRAGON, the next stage after RAT - they'll control your fingers themselves on your keys through signals sent directly to your muscles and nerves... the camera will be the least of the worries.
posted by infini at 5:19 AM on March 11, 2013 [1 favorite]
They're actually working on DRAGON, the next stage after RAT - they'll control your fingers themselves on your keys through signals sent directly to your muscles and nerves... the camera will be the least of the worries.
posted by infini at 5:19 AM on March 11, 2013 [1 favorite]
This just happened to one of my students. She's in her last semester of college and just doesn't have time to try to figure out what's going on and fix it. Someone had given her an iPad, so she's now writing all of her papers on that in Pages. I was already angry on her behalf before I read this--now I'm furious.
posted by hydropsyche at 5:20 AM on March 11, 2013 [3 favorites]
posted by hydropsyche at 5:20 AM on March 11, 2013 [3 favorites]
I'm glad all my teenage nephews got up to online were elaborate shill bidding schemes on eBay (which abruptly ended when one of the car parts sold was a lemon).
posted by mippy at 5:26 AM on March 11, 2013
posted by mippy at 5:26 AM on March 11, 2013
In the comments to the article, there's much discussion about the images. Some were offended or thought one image would have made the point. Others say that although disturbing, they really drive home the gravity and the violation of privacy in a way that a text article on hacking mightn't.
The creative director at Ars Technica discusses the images
One other complaint was that the article relied so heavily on the criminals' word choice of "slave" and say that if used, it would have been better put in quotes.
Also, there were several calls for follow-up stories with prevention tips or tips for how to handle things if it happens.
Wolvenmoon wrote:
Could you do a follow-up for all of us that do tech support for family on friends on how to legally have a ratter's ass on a silver platter? Preferably some tips on how to detect RAT traffic, record evidence, block proxy access/force the ratter into exposing their real IP address, then possibly a quick rehash on triangulating someone's physical location by using pings to well known, well established Internet landmarks in a geographic area as well as their IP address (am thinking of research I read about awhile back)?
In other words - would you please unleash a legion of cats?
posted by madamjujujive at 5:44 AM on March 11, 2013 [5 favorites]
The creative director at Ars Technica discusses the images
One other complaint was that the article relied so heavily on the criminals' word choice of "slave" and say that if used, it would have been better put in quotes.
Also, there were several calls for follow-up stories with prevention tips or tips for how to handle things if it happens.
Wolvenmoon wrote:
Could you do a follow-up for all of us that do tech support for family on friends on how to legally have a ratter's ass on a silver platter? Preferably some tips on how to detect RAT traffic, record evidence, block proxy access/force the ratter into exposing their real IP address, then possibly a quick rehash on triangulating someone's physical location by using pings to well known, well established Internet landmarks in a geographic area as well as their IP address (am thinking of research I read about awhile back)?
In other words - would you please unleash a legion of cats?
posted by madamjujujive at 5:44 AM on March 11, 2013 [5 favorites]
When I was last laptop shopping, I really wanted one without a camera, for exactly this reason. I wasn't able to find one.
The model I got does have a bright indicator light near the camera. If that's implemented in hardware (rather than as a driver-controlled feature) then it should be a hackproof indicator that the camera is on. Of course, I have no way of knowing how it's implemented.
However, for some reason there is no similar indicator for the laptop's microphone. Even the camera's indicator could trivially be made even more obvious if it blinked, as so many other video recording devices have done for decades.
Oddly enough, the laptop's wifi can be disabled with a simple (presumably unhackable) mechanical switch. This is a common feature. I think it would be great if the camera and microphone had something similar, and I can't see any reason why no laptop I've heard of has such a thing.
posted by Western Infidels at 5:55 AM on March 11, 2013 [4 favorites]
The model I got does have a bright indicator light near the camera. If that's implemented in hardware (rather than as a driver-controlled feature) then it should be a hackproof indicator that the camera is on. Of course, I have no way of knowing how it's implemented.
However, for some reason there is no similar indicator for the laptop's microphone. Even the camera's indicator could trivially be made even more obvious if it blinked, as so many other video recording devices have done for decades.
Oddly enough, the laptop's wifi can be disabled with a simple (presumably unhackable) mechanical switch. This is a common feature. I think it would be great if the camera and microphone had something similar, and I can't see any reason why no laptop I've heard of has such a thing.
posted by Western Infidels at 5:55 AM on March 11, 2013 [4 favorites]
BTW, if you only have the free version of Malwarebytes, consider the one-time $25 for a paid version that will run in real time. I had contracted one of those damn Google redirect viruses a few years ago -- ugh -- I used the free Malwarebytes to rid me of it. But the full version offers much more security. It's not bloated and resource-intensive the way some of the AV programs are -- and I've watched it block potentially malicious or nuisance-y things several times.
posted by madamjujujive at 5:57 AM on March 11, 2013 [6 favorites]
posted by madamjujujive at 5:57 AM on March 11, 2013 [6 favorites]
1. Behold: what actually happens when people get something like the Ring of Gyges.
2. Sad and pathetic. Some (nominally) human beings are a crazy, evil lot.
3. Apparently this is largely adolescent males? I guess most of them grow out of it? That's better than the obvious alternative, I guess...
3. Not a failure of feminism any more than it's a failure of a zillion other views, as there's nothing about the condemnation of this that's specifically feminist. Basically every non-psychotic moral code and political view would condemn this.
posted by Fists O'Fury at 6:33 AM on March 11, 2013 [2 favorites]
2. Sad and pathetic. Some (nominally) human beings are a crazy, evil lot.
3. Apparently this is largely adolescent males? I guess most of them grow out of it? That's better than the obvious alternative, I guess...
3. Not a failure of feminism any more than it's a failure of a zillion other views, as there's nothing about the condemnation of this that's specifically feminist. Basically every non-psychotic moral code and political view would condemn this.
posted by Fists O'Fury at 6:33 AM on March 11, 2013 [2 favorites]
Also:
What's with all the pics of the victims in the article? The most charitable characterization I can think of of that is weird...
And what's with refering to them as "slaves"? For chrissake, even if that's the lingo of these psychopaths, you don't continue to use it. It's disrespectful, demeaning, inaccurate, and fans the flames of this grotesque insanity.
And where are the white hats on this? It cannot be that difficult to detect this stuff and trace the IP address that's getting the data.
posted by Fists O'Fury at 6:43 AM on March 11, 2013 [3 favorites]
What's with all the pics of the victims in the article? The most charitable characterization I can think of of that is weird...
And what's with refering to them as "slaves"? For chrissake, even if that's the lingo of these psychopaths, you don't continue to use it. It's disrespectful, demeaning, inaccurate, and fans the flames of this grotesque insanity.
And where are the white hats on this? It cannot be that difficult to detect this stuff and trace the IP address that's getting the data.
posted by Fists O'Fury at 6:43 AM on March 11, 2013 [3 favorites]
Okay - is there any way to definitively tell whether you've got one of these things on your system? Is this something a virus scan would pick up? Or something?
Just a bit paranoid, but I've not seen anywhere - either in the article or in here - instructions for how anyone can screen to see whether they are thus infected.
posted by EmpressCallipygos at 6:48 AM on March 11, 2013
Just a bit paranoid, but I've not seen anywhere - either in the article or in here - instructions for how anyone can screen to see whether they are thus infected.
posted by EmpressCallipygos at 6:48 AM on March 11, 2013
'Slaves' made me think that this was some kind of blackmail initiative - the RAT people get compromising images/data, and use the power from this as a way to get the victim to do things for them. But the article didn't clarify this and it took me a while to realise they were using the RAT argot.
I removed a keylogger on my computer by virus-scanning it when it had been used by someone else who visited a bunch of sketchy sites and left me with enough popups to do a thorough clean. It sounds like these guys are one step ahead of what Malwarebytes (and Spybot Search and Destroy, which caught the keylogger) can so.
posted by mippy at 6:56 AM on March 11, 2013
I removed a keylogger on my computer by virus-scanning it when it had been used by someone else who visited a bunch of sketchy sites and left me with enough popups to do a thorough clean. It sounds like these guys are one step ahead of what Malwarebytes (and Spybot Search and Destroy, which caught the keylogger) can so.
posted by mippy at 6:56 AM on March 11, 2013
whenever I hear the "wild west" metaphor trotted out, it's to push an agenda that relates to making things less "wild", it is kind of a sinister dog whistle
in the future you'll have to get a job with the feds and then you can spy on people and steal their porn
really though, computer security should be taught in high school, and I could question the wisdom of having to have permanent always-on internet connectivity but that's luddite crazytalk
posted by This, of course, alludes to you at 7:14 AM on March 11, 2013 [3 favorites]
in the future you'll have to get a job with the feds and then you can spy on people and steal their porn
really though, computer security should be taught in high school, and I could question the wisdom of having to have permanent always-on internet connectivity but that's luddite crazytalk
posted by This, of course, alludes to you at 7:14 AM on March 11, 2013 [3 favorites]
Where's Hothead Paisan when you really need her?
posted by Zed at 7:17 AM on March 11, 2013 [2 favorites]
posted by Zed at 7:17 AM on March 11, 2013 [2 favorites]
Wow, jesus. I remember finding a program like this when I was maybe 12, and I pretty much just emailed it to one of my mates and opened his CD drive a lot. I think I kept up the pretence of being a psychic for nearly a full ten minutes. I'm glad I never ran in circles which would have given me darker ideas.
posted by lucidium at 7:26 AM on March 11, 2013
posted by lucidium at 7:26 AM on March 11, 2013
Oddly enough, the laptop's wifi can be disabled with a simple (presumably unhackable) mechanical switch. This is a common feature. I think it would be great if the camera and microphone had something similar, and I can't see any reason why no laptop I've heard of has such a thing.
There's enough compelling uses for Wifi that they don't have to worry about you switching it off permanently and cutting them out of any web-based upsells. Once turned off, a switch for webcam and microphone would never be turned back on again by a pretty large number of wallets that you can sell video conferencing, video blogging, VOIP, etc. to. Or possibly I'm being cynical.
posted by Lentrohamsanin at 7:28 AM on March 11, 2013
There's enough compelling uses for Wifi that they don't have to worry about you switching it off permanently and cutting them out of any web-based upsells. Once turned off, a switch for webcam and microphone would never be turned back on again by a pretty large number of wallets that you can sell video conferencing, video blogging, VOIP, etc. to. Or possibly I'm being cynical.
posted by Lentrohamsanin at 7:28 AM on March 11, 2013
Now with the magic of the internet, every woman on earth can have a shitty little brother, if not hundreds!
Ugh.
posted by Uther Bentrazor at 7:40 AM on March 11, 2013 [1 favorite]
Ugh.
posted by Uther Bentrazor at 7:40 AM on March 11, 2013 [1 favorite]
Lentrohamsanin, no one's talking about a permanent feature kill switch. Rather the wifi switch is something like this that allows you to turn the wifi cababilities of your laptop on or off. In theory it's the wireless equivalent of unplugging the cable.
Same for the camera/mix. Takes half a second to re-enable it when you need it, otherwise you could make it inactive when you don't.
posted by Nonsteroidal Anti-Inflammatory Drug at 7:41 AM on March 11, 2013 [1 favorite]
Same for the camera/mix. Takes half a second to re-enable it when you need it, otherwise you could make it inactive when you don't.
posted by Nonsteroidal Anti-Inflammatory Drug at 7:41 AM on March 11, 2013 [1 favorite]
Lentrohamsanin, no one's talking about a permanent feature kill switch
No I get that, I'm saying if I had such a feature on my laptop, there would never be a compelling reason to flip it back to "on", like there is with the Wifi switch.
posted by Lentrohamsanin at 7:44 AM on March 11, 2013
No I get that, I'm saying if I had such a feature on my laptop, there would never be a compelling reason to flip it back to "on", like there is with the Wifi switch.
posted by Lentrohamsanin at 7:44 AM on March 11, 2013
I'm honestly surprised that these scumbags are having a hard time hacking the webcam indicator light. I pessimistically assumed those lights were a software feature, like the CapsLock light, and would be easily bypassed. How do they really work? Were the designers smart enough to hardwire the light to the camera power?
Early WebCams like the SGI Indycam did have physical shutters for privacy. I think it's a shame modern cameras don't, although I can see how it'd be hard to build it into a slim laptop bezel or the like. A piece of tape works to deprive a sociopath the pleasure of looking at your shocked face, but it still leaves your microphone open and everything else on your computer.
Once again the desktop security model is failing its users. Something as radical as a remote desktop management control should have some better protection from being enabled by accident, something that requires the user actively type text into a dialog box on screen, maybe (in Windows) via the Ctrl-Alt-Del handler. Of course if the whole machine was already rooted, maybe it's already a lost cause.
posted by Nelson at 8:06 AM on March 11, 2013
Early WebCams like the SGI Indycam did have physical shutters for privacy. I think it's a shame modern cameras don't, although I can see how it'd be hard to build it into a slim laptop bezel or the like. A piece of tape works to deprive a sociopath the pleasure of looking at your shocked face, but it still leaves your microphone open and everything else on your computer.
Once again the desktop security model is failing its users. Something as radical as a remote desktop management control should have some better protection from being enabled by accident, something that requires the user actively type text into a dialog box on screen, maybe (in Windows) via the Ctrl-Alt-Del handler. Of course if the whole machine was already rooted, maybe it's already a lost cause.
posted by Nelson at 8:06 AM on March 11, 2013
cydonian: Was thinking a resourceful business-person could easily make a killing selling small flaps with a self-adhesive sticker or something to cover web-cams on laptops. .... For added marketability, you could even sell "premium" flaps with pictures of Hello Kitty, Angry Birds, the outline PSY or a logo particularly favoured by kids these days.
Sorry, but I am just going to buy a sheet of "puffy-sticker" temporary earrings like my 5-year old wears.
The center of my laptop's screen bezel will sport a colorful star, Hello Kitty head, or little rainbow, depending on my mood -- which will usually be elevated thanks to the sight of the cheerful stickers!
posted by wenestvedt at 8:08 AM on March 11, 2013 [1 favorite]
Sorry, but I am just going to buy a sheet of "puffy-sticker" temporary earrings like my 5-year old wears.
The center of my laptop's screen bezel will sport a colorful star, Hello Kitty head, or little rainbow, depending on my mood -- which will usually be elevated thanks to the sight of the cheerful stickers!
posted by wenestvedt at 8:08 AM on March 11, 2013 [1 favorite]
I'm honestly surprised that these scumbags are having a hard time hacking the webcam indicator light. I pessimistically assumed those lights were a software feature, like the CapsLock light, and would be easily bypassed. How do they really work? Were the designers smart enough to hardwire the light to the camera power?
Short version: yes, and by design. It avoids software dependencies, lowers driver complexity, and is good for security. It's generally on the same power circuit as the CCD sensor.
posted by jaduncan at 8:11 AM on March 11, 2013 [6 favorites]
Short version: yes, and by design. It avoids software dependencies, lowers driver complexity, and is good for security. It's generally on the same power circuit as the CCD sensor.
posted by jaduncan at 8:11 AM on March 11, 2013 [6 favorites]
The creative director at Ars Technica discusses the images
Liked the article, but Aurich Lawson's justification for not bothering to obscure the faces of the victims is ridiculous and fundamentally wrong:
To begin with, I simply wasn't comfortable running with the faces not obscured, that didn't seem right. The problem is, all of these photos are freely available online, utterly uncensored. I felt it was important to make sure they weren't clear enough for identification while reading our piece, while emphasizing the fact that they were real people who's identities are *not* hidden at all with even a casual search.
Um, if he felt it wasn't right to run the faces clearly, how is it right to run the faces only slightly less clearly but still recognizable? What's the difference? The point is simple: he's introducing the victims' pictures to a new audience, and since there is no journalistic reason to add to their embarrassment he shouldn't have done so. And the "we needed to make clear these were real people" is silly; we would have gotten that these were real people even if he'd used black bars over their faces.
Let's hope Lawson changes his mind about further embarrassing victims of privacy violations in the future.
posted by mediareport at 8:16 AM on March 11, 2013 [1 favorite]
Liked the article, but Aurich Lawson's justification for not bothering to obscure the faces of the victims is ridiculous and fundamentally wrong:
To begin with, I simply wasn't comfortable running with the faces not obscured, that didn't seem right. The problem is, all of these photos are freely available online, utterly uncensored. I felt it was important to make sure they weren't clear enough for identification while reading our piece, while emphasizing the fact that they were real people who's identities are *not* hidden at all with even a casual search.
Um, if he felt it wasn't right to run the faces clearly, how is it right to run the faces only slightly less clearly but still recognizable? What's the difference? The point is simple: he's introducing the victims' pictures to a new audience, and since there is no journalistic reason to add to their embarrassment he shouldn't have done so. And the "we needed to make clear these were real people" is silly; we would have gotten that these were real people even if he'd used black bars over their faces.
Let's hope Lawson changes his mind about further embarrassing victims of privacy violations in the future.
posted by mediareport at 8:16 AM on March 11, 2013 [1 favorite]
One thing that could help would be home routers which could give traffic reports and other kinds of feedback. It would at least lower the tech competance required for protecting oneself.
posted by wobh at 8:17 AM on March 11, 2013
posted by wobh at 8:17 AM on March 11, 2013
Not a failure of feminism any more than it's a failure of a zillion other views, as there's nothing about the condemnation of this that's specifically feminist. Basically every non-psychotic moral code and political view would condemn this.
I don't disagree with you that any moral code should condemn this, but can I riff on the feminism thing a little?
As I was reading this, I kept thinking about another article I read this morning, an Al Jazeera preview of a UN report coming out in July. According to the article, "Four UN agencies interviewed 10,000 men across seven countries in the Asia-Pacific.... One in four said they had raped a woman or girl, while one in 25 admitted to taking part in gang rape." Then there's an account from a documentary producer:
posted by jhc at 8:26 AM on March 11, 2013 [48 favorites]
I don't disagree with you that any moral code should condemn this, but can I riff on the feminism thing a little?
As I was reading this, I kept thinking about another article I read this morning, an Al Jazeera preview of a UN report coming out in July. According to the article, "Four UN agencies interviewed 10,000 men across seven countries in the Asia-Pacific.... One in four said they had raped a woman or girl, while one in 25 admitted to taking part in gang rape." Then there's an account from a documentary producer:
We had reached the end of the interview and the length of the stare between us became uncomfortable - very uncomfortable. Then he looked away for a second, and his bravado evaporated. To me, he seemed almost pitiful.Socially awkward and lonely men abusing women, supported by their peers, motivated by sexual entitlement, anger, punishment and fun, despite the fact that it goes against any moral code they might admit to? We're talking about the same beast in different form, right? And it gets at the idea that having a moral code has never stopped men from maintaining the sexual order with violence. That's what feminism contributes. The moral failure has always been implicit, but feminism brings it into focus -- helping us to see and pull ourselves out of the toxic brew described in both of these articles.
Perhaps with the exception of this man, none of the gang rapists I spoke to during the filming of the 101 East programme It’s a man’s world, struck me as especially evil people. They were just ordinary men. Some had slight physical disabilities, seemed a bit socially awkward and a little lonely, but above all else they wanted to fit in with their friends, even if it was at the expense of women.
“What are they like?” A friend of mine asked when she contacted me during the filming of this difficult story, “Are they like a pack of rabid dogs?” While many would like to think that gang rapists are in some way psychopathic, they are actually just like other men. They have mothers, sisters, wives, daughters, girlfriends and every one of them told me they would not want the same thing to happen to the women in their own families. ...
The reasons men say they rape are complex. The majority feel sexually entitled, but in Cambodia which has one of the highest rates of gang rape, anger, punishment and fun featured more prominently as reasons than in other countries. Interestingly, alcohol played less of a role than many previously thought.
posted by jhc at 8:26 AM on March 11, 2013 [48 favorites]
It sounds like these guys are one step ahead of what Malwarebytes (and Spybot Search and Destroy, which caught the keylogger) can so.
I think those programs can indeed be pretty effective if coupled with a AV program and if they are running live. I would imagine some of the browser add-ons might be helpful too - I am running NoScript and it is so effective at blocking things I am almost ready to jettison it because it blocks everything.
Stuff can happen to anyone, but I am gonna think the vast majority of the people doing this are looking for easy opportunities. And I would venture to guess that most people don't do the basic security things to prevent problems...some of my family members don't know a browser from a webpage, they click on the first search results they come to, click on any shiny object, and their kids download from or play games at all kinds of dodgy places. And don't even get me started on the general understanding or awareness of phishing. Plus they never do updates.
I'm not very techie, but I don't think you have to be too geeky to be relatively safe. (Knocking on a lot of wood as I speak - if a real pro, Anonymous or China decides to come after you, all bets are off. )
posted by madamjujujive at 8:40 AM on March 11, 2013 [1 favorite]
I think those programs can indeed be pretty effective if coupled with a AV program and if they are running live. I would imagine some of the browser add-ons might be helpful too - I am running NoScript and it is so effective at blocking things I am almost ready to jettison it because it blocks everything.
Stuff can happen to anyone, but I am gonna think the vast majority of the people doing this are looking for easy opportunities. And I would venture to guess that most people don't do the basic security things to prevent problems...some of my family members don't know a browser from a webpage, they click on the first search results they come to, click on any shiny object, and their kids download from or play games at all kinds of dodgy places. And don't even get me started on the general understanding or awareness of phishing. Plus they never do updates.
I'm not very techie, but I don't think you have to be too geeky to be relatively safe. (Knocking on a lot of wood as I speak - if a real pro, Anonymous or China decides to come after you, all bets are off. )
posted by madamjujujive at 8:40 AM on March 11, 2013 [1 favorite]
And what's with refering to them as "slaves"?
You are a big fat LOL for them. Before you figure out what is going on, and especially if there's subtler social engineering going on, they can make you "dance to their tune" in response to what the computer is doing. When the keys are weighted down in certain ways while you type, it can indeed come across as a means of communication, and if you're in a work environment where there's a lot of R&D then anything goes.
Yes, smartphones are as feasible and easily doable. Particularly if the location you're in is the heart of where the fundamental R&D for your own brand of mobile is being conducted. Don't underestimate the power of GPRS in the testing labs themselves and their campus environs.
I felt like a puppet on strings being pulled this way and that, screaming to be released. It certainly wasn't as simple as what is described here with pics and stuff, no, that wouldn't have pushed my emotional buttons the way they were able to with me.
And its there, you can completely wipe out your entire laptop but within a couple of days they're back, especially if they've triangulated your location - the combination of smartphone tecnology, location based R&D, GPRS and a humble little Windows netbook is an easily accessible toy for those who wish to misuse it for the lulz.
My financial losses weren't as much, in retrospect, only 10,000 euros or so, but the price I paid in emotional and mental trauma I've only just begun to come out of in the past 6 months of radio silence. Now, whenever I feel the keyboard tremble - they've gotten bored of late - I just shut the PC down immediately and leave.
Will it ever end? I don't know but at least they don't have me bashing the keys, laughing their heads off, till my fingers bled.
Its rape.
posted by infini at 8:45 AM on March 11, 2013 [3 favorites]
You are a big fat LOL for them. Before you figure out what is going on, and especially if there's subtler social engineering going on, they can make you "dance to their tune" in response to what the computer is doing. When the keys are weighted down in certain ways while you type, it can indeed come across as a means of communication, and if you're in a work environment where there's a lot of R&D then anything goes.
Yes, smartphones are as feasible and easily doable. Particularly if the location you're in is the heart of where the fundamental R&D for your own brand of mobile is being conducted. Don't underestimate the power of GPRS in the testing labs themselves and their campus environs.
I felt like a puppet on strings being pulled this way and that, screaming to be released. It certainly wasn't as simple as what is described here with pics and stuff, no, that wouldn't have pushed my emotional buttons the way they were able to with me.
And its there, you can completely wipe out your entire laptop but within a couple of days they're back, especially if they've triangulated your location - the combination of smartphone tecnology, location based R&D, GPRS and a humble little Windows netbook is an easily accessible toy for those who wish to misuse it for the lulz.
My financial losses weren't as much, in retrospect, only 10,000 euros or so, but the price I paid in emotional and mental trauma I've only just begun to come out of in the past 6 months of radio silence. Now, whenever I feel the keyboard tremble - they've gotten bored of late - I just shut the PC down immediately and leave.
Will it ever end? I don't know but at least they don't have me bashing the keys, laughing their heads off, till my fingers bled.
Its rape.
posted by infini at 8:45 AM on March 11, 2013 [3 favorites]
I'm fine with the blurred images in the article.
It drives the point home to Everytown USA, and as far as I could see it's not like there's a bill lying around in the background with an easily identifiable address like, say, you might find in Reddit porn shots.
I have covered my laptop camera since day one (never use it), but the idea the mic might be switched on worries me. More for my friends' computers than mine. They don't take me seriously when I freak out about privacy and google glasses and such. The screen shots in this might help.
posted by Mezentian at 8:45 AM on March 11, 2013 [1 favorite]
It drives the point home to Everytown USA, and as far as I could see it's not like there's a bill lying around in the background with an easily identifiable address like, say, you might find in Reddit porn shots.
I have covered my laptop camera since day one (never use it), but the idea the mic might be switched on worries me. More for my friends' computers than mine. They don't take me seriously when I freak out about privacy and google glasses and such. The screen shots in this might help.
posted by Mezentian at 8:45 AM on March 11, 2013 [1 favorite]
(Knocking on a lot of wood as I speak - if a real pro, Anonymous or China decides to come after you, all bets are off. )
Yes. Russia, Estonia, China. Primarily. Then the nordics in this order - fi, se, dk
posted by infini at 8:46 AM on March 11, 2013
Yes. Russia, Estonia, China. Primarily. Then the nordics in this order - fi, se, dk
posted by infini at 8:46 AM on March 11, 2013
Jesus, now I am paranoid. What process, tools and methods should be considered? I am willing to contemplate a nuke from space if someone tells me how my back-up data could be jacked as well. BTW this is to help my students as well. Unfortunately, my students are less aware of how vulnerable they could be.
I just had a student, in a course, who described being cyber stalked and yes, web cam hacked by an ex. It is troubling and I feel that I should help spread information on good practices and preventatives. Explain it to be REAL simply.
posted by jadepearl at 8:55 AM on March 11, 2013 [1 favorite]
I just had a student, in a course, who described being cyber stalked and yes, web cam hacked by an ex. It is troubling and I feel that I should help spread information on good practices and preventatives. Explain it to be REAL simply.
posted by jadepearl at 8:55 AM on March 11, 2013 [1 favorite]
I did some absolutely horrible things with Back Orifice as a teenager in the 90s. Webcams were far less prevalent but I don't doubt we would have abused them if they had been there. We certainly abused every other peripheral from microphones to keyboards to printers. Some things I regret, some still make me laugh.
posted by mike_bling at 9:02 AM on March 11, 2013
posted by mike_bling at 9:02 AM on March 11, 2013
Abuse of power comes as no surprise
posted by mike_bling at 9:03 AM on March 11, 2013 [2 favorites]
posted by mike_bling at 9:03 AM on March 11, 2013 [2 favorites]
BTW, if you only have the free version of Malwarebytes, consider the one-time $25 for a paid version that will run in real time. I had contracted one of those damn Google redirect viruses a few years ago -- ugh -- I used the free Malwarebytes to rid me of it.
I had a Google redirect virus a few years ago, and while the free Malwarebytes was unable to dig it out, a volunteer on their forums spent some time going back and forth with me, sending me software or instructions and having me send him the resulting logs, and was able to fix it.
posted by straight at 9:07 AM on March 11, 2013
I had a Google redirect virus a few years ago, and while the free Malwarebytes was unable to dig it out, a volunteer on their forums spent some time going back and forth with me, sending me software or instructions and having me send him the resulting logs, and was able to fix it.
posted by straight at 9:07 AM on March 11, 2013
Because this FPP has given me something extremely valuable - being able to share the experience of "my computer is communicating with me but indirectly and I don't know whom" - without feeling crazy, psychotic (my BFF called the hospital the first time I tried to share the experience with another person), and isolatedly alone, here is my ask. I hope this thread can help others the way it has me today.
*exhales*
posted by infini at 9:15 AM on March 11, 2013 [2 favorites]
*exhales*
posted by infini at 9:15 AM on March 11, 2013 [2 favorites]
They have mothers, sisters, wives, daughters, girlfriends and every one of them told me they would not want the same thing to happen to the women in their own families. ...
Damn. Thanks for the links.
posted by ersatz at 9:32 AM on March 11, 2013
Damn. Thanks for the links.
posted by ersatz at 9:32 AM on March 11, 2013
So, can Malware Bytes tell you if you have one of these programs on your system?
posted by EmpressCallipygos at 9:38 AM on March 11, 2013
posted by EmpressCallipygos at 9:38 AM on March 11, 2013
What process, tools and methods should be considered? [...] Explain it to be REAL simply.
It just plain isn't real simple. There are some simple basic guidelines... have separate user and admin accounts and don't use the admin account except where absolutely necessary. Keep your OS and security apps and important apps like web browsers up to date. Subscribe to security alert mailing lists for your OS and important apps. Don't install things you don't need (especially if they're frequently targeted things like Java in the browser or Adobe Acrobat or Reader.) Configure your browsers to never run anything automatically and your OS to not auto-run things on USB drives or CDs (I'm out of the loop on Windows, so I don't know if there are finally sensible defaults for these, in which case these aren't relevant.) Never ever ever install or even run random crap you download from the net -- assume it's all hostile.
Assuming hostility is not paranoia in this realm -- most likely, no one's targeting you personally, but there really are a million computers out there always scanning for vulnerable computers, and millions of opportunities for you to compromise your own computer by running malware.
If you suspect a compromise, turn off the computer, buy a new hard drive, re-install the OS and start from scratch. (You can selectively restore data from the old hard drive after scanning it with a security app from your new computer.)
posted by Zed at 9:43 AM on March 11, 2013 [4 favorites]
It just plain isn't real simple. There are some simple basic guidelines... have separate user and admin accounts and don't use the admin account except where absolutely necessary. Keep your OS and security apps and important apps like web browsers up to date. Subscribe to security alert mailing lists for your OS and important apps. Don't install things you don't need (especially if they're frequently targeted things like Java in the browser or Adobe Acrobat or Reader.) Configure your browsers to never run anything automatically and your OS to not auto-run things on USB drives or CDs (I'm out of the loop on Windows, so I don't know if there are finally sensible defaults for these, in which case these aren't relevant.) Never ever ever install or even run random crap you download from the net -- assume it's all hostile.
Assuming hostility is not paranoia in this realm -- most likely, no one's targeting you personally, but there really are a million computers out there always scanning for vulnerable computers, and millions of opportunities for you to compromise your own computer by running malware.
If you suspect a compromise, turn off the computer, buy a new hard drive, re-install the OS and start from scratch. (You can selectively restore data from the old hard drive after scanning it with a security app from your new computer.)
posted by Zed at 9:43 AM on March 11, 2013 [4 favorites]
can Malware Bytes tell you if you have one of these programs on your system?
Maybe, but you shouldn't count on it. If your system has been compromised, you can't count on anything running on that system to give you the right answer to anything.
posted by Zed at 9:46 AM on March 11, 2013
Maybe, but you shouldn't count on it. If your system has been compromised, you can't count on anything running on that system to give you the right answer to anything.
posted by Zed at 9:46 AM on March 11, 2013
So to reiterate my earlier question - is there a way to tell whether you have something like this on your system?
(Things seem to be fine, I'm just REALLY paranoid right now.)
posted by EmpressCallipygos at 9:48 AM on March 11, 2013
(Things seem to be fine, I'm just REALLY paranoid right now.)
posted by EmpressCallipygos at 9:48 AM on March 11, 2013
Oh good. As if worrying about raising a son who wouldn't snap girls' bras in the hallway wasn't enough, now I get to add this to my list of Adolescent Hijinx Fears.
I really feel like it's going too easy on parents to say "they don't have time" to not raise assholes. It's not about watching your kid every second, it's about raising the kind of kid who by age 14 thinks controlling someone else's computer is possibly a BAD idea, or at the very least, not a good one.
posted by sonika at 9:49 AM on March 11, 2013 [5 favorites]
I really feel like it's going too easy on parents to say "they don't have time" to not raise assholes. It's not about watching your kid every second, it's about raising the kind of kid who by age 14 thinks controlling someone else's computer is possibly a BAD idea, or at the very least, not a good one.
posted by sonika at 9:49 AM on March 11, 2013 [5 favorites]
is there a way to tell whether you have something like this on your system?
In a word, no. You could know that you've taken precautions that make it very unlikely. You could have an external firewall that could alert you to suspicious net traffic from your computer. If an expert removed your hard drive and examined it from another computer, there are good odds said expert could see the evidence of known exploits. But what you couldn't do, even if you're the expert, is know about unknown exploits.
posted by Zed at 10:10 AM on March 11, 2013 [1 favorite]
In a word, no. You could know that you've taken precautions that make it very unlikely. You could have an external firewall that could alert you to suspicious net traffic from your computer. If an expert removed your hard drive and examined it from another computer, there are good odds said expert could see the evidence of known exploits. But what you couldn't do, even if you're the expert, is know about unknown exploits.
posted by Zed at 10:10 AM on March 11, 2013 [1 favorite]
So to reiterate my earlier question - is there a way to tell whether you have something like this on your system?
The basic approach would be to download an up-to-date, bootable virus scanner on another computer, put it on a CD or flash drive, and boot your system from that. This will make it near-impossible for any malware on your system to interfere with the virus scanner. (Small caveat: I seem to recall there are theoretically exploits that could hide in the firmware -- the software responsible for kicking off the boot process from the hard drive, CD, usb drive etc. -- but it's much-much less likely.)
I don't have any product recommendations -- anyone else? -- but I think most of the antivirus vendors offer something like this. Ironically, you of course need to be particularly careful to download a reputable product here.
Another caveat: When the article talks about "fully undetectable" malware, they mean recently-modified malware that isn't currently recognized by antivirus scanners. If you had that, then even the bootable scanner wouldn't recognize it. But it's unlikely that there's malware that's simultaneously widely used and unknown to virus scanners -- part of their job is to be the first ones infected -- so that shouldn't be a large risk as long as the scanner is up to date. Mostly I suspect we're talking about victims running out-of-date software here -- there's a big difference in the technical sophistication and market price of software that can fool a fully-up-to-date system, and software that can fool a system that's missing a couple years of security patches.
It would be a cool thing if more technically-unsophisticated people were running user-friendly bootable virus scanners once a month, actually. "Plug this in, restart your computer, click the 'update & scan' button, it's like getting your oil changed" would get most people pretty far. Is that a thing that exists yet? Especially a low-cost version using one of the free virus scanners?
posted by jhc at 10:10 AM on March 11, 2013 [1 favorite]
The basic approach would be to download an up-to-date, bootable virus scanner on another computer, put it on a CD or flash drive, and boot your system from that. This will make it near-impossible for any malware on your system to interfere with the virus scanner. (Small caveat: I seem to recall there are theoretically exploits that could hide in the firmware -- the software responsible for kicking off the boot process from the hard drive, CD, usb drive etc. -- but it's much-much less likely.)
I don't have any product recommendations -- anyone else? -- but I think most of the antivirus vendors offer something like this. Ironically, you of course need to be particularly careful to download a reputable product here.
Another caveat: When the article talks about "fully undetectable" malware, they mean recently-modified malware that isn't currently recognized by antivirus scanners. If you had that, then even the bootable scanner wouldn't recognize it. But it's unlikely that there's malware that's simultaneously widely used and unknown to virus scanners -- part of their job is to be the first ones infected -- so that shouldn't be a large risk as long as the scanner is up to date. Mostly I suspect we're talking about victims running out-of-date software here -- there's a big difference in the technical sophistication and market price of software that can fool a fully-up-to-date system, and software that can fool a system that's missing a couple years of security patches.
It would be a cool thing if more technically-unsophisticated people were running user-friendly bootable virus scanners once a month, actually. "Plug this in, restart your computer, click the 'update & scan' button, it's like getting your oil changed" would get most people pretty far. Is that a thing that exists yet? Especially a low-cost version using one of the free virus scanners?
posted by jhc at 10:10 AM on March 11, 2013 [1 favorite]
Having dealt with a colleague's security issues recently:
Your computer will come with some security settings. Some of these are kind of annoying. People will tell you to turn them off. You will want to turn them off. "How do I stop this message coming up when I want to install a new program?" "How do I make it so I don't have to type a password to log in?" They will piss you off, and helpful people will tell you to disable the features and show you how.
For the love of God, leave the features on. Clever people at Microsoft or Apple or whatever put them in for a reason.
Specifically, for Windows Vista and Windows 7 and Windows 8: leave User Account Control turned on. It puts up a special message when you - OR SOMETHING EVIL - tries to change your system. The screen also greys out. It's an extra click whenever you install or uninstall something. So if you're not trying to install or uninstall something or change user settings, but it appears, then SOMETHING bad is up and you click Cancel and it will stop. Phew!
Secondly, whenever you see a security message like User Account Control, or from your web browser when it says something like "Do you want to run this thing?" then look for a Publisher (signed) indication. None? Unknown publisher? Click cancel and get out.
On Apple, I believe the latest versions won't let you run programs that aren't in the Apple store. I think that's brilliant too.
Leave these security features on. You'll be safer.
If you're on Windows, I also suggest moving to Windows 8, which has a built-in antivirus and also its own PDF reader, so you don't have to use Adobe Reader.
posted by alasdair at 10:13 AM on March 11, 2013 [7 favorites]
Your computer will come with some security settings. Some of these are kind of annoying. People will tell you to turn them off. You will want to turn them off. "How do I stop this message coming up when I want to install a new program?" "How do I make it so I don't have to type a password to log in?" They will piss you off, and helpful people will tell you to disable the features and show you how.
For the love of God, leave the features on. Clever people at Microsoft or Apple or whatever put them in for a reason.
Specifically, for Windows Vista and Windows 7 and Windows 8: leave User Account Control turned on. It puts up a special message when you - OR SOMETHING EVIL - tries to change your system. The screen also greys out. It's an extra click whenever you install or uninstall something. So if you're not trying to install or uninstall something or change user settings, but it appears, then SOMETHING bad is up and you click Cancel and it will stop. Phew!
Secondly, whenever you see a security message like User Account Control, or from your web browser when it says something like "Do you want to run this thing?" then look for a Publisher (signed) indication. None? Unknown publisher? Click cancel and get out.
On Apple, I believe the latest versions won't let you run programs that aren't in the Apple store. I think that's brilliant too.
Leave these security features on. You'll be safer.
If you're on Windows, I also suggest moving to Windows 8, which has a built-in antivirus and also its own PDF reader, so you don't have to use Adobe Reader.
posted by alasdair at 10:13 AM on March 11, 2013 [7 favorites]
fwiw, the laptop was looked over by a computer security guy, the types who open a small shop full of computer parts and stuff and fix things for you, at least twice. Once the entire disk was wiped clean and we reinstalled the OS completely from scratch. That allowed for about 3-4 days before they were back. What I couldn't control was the R&D facilities network itself. My little boys were the grad students in the labs. Hence the subtlety of it all, I was in the same campus/building. The boss didn't give a fuck when I went with what little I had (screenshots, some text, some mangled docs and emails, my mobile's sms that ended up in drafts etc).
"Gotta see it to believe it" is a dangerous policy sometimes imo.
posted by infini at 10:14 AM on March 11, 2013
"Gotta see it to believe it" is a dangerous policy sometimes imo.
posted by infini at 10:14 AM on March 11, 2013
OK ... so where does your average computer user go to learn how to stay on top of this sort of thing? Are there classes? websites? podcasts?
Failing that, what do you google to learn about basic security, beyond "how to create a secure password"?
posted by bunderful at 10:18 AM on March 11, 2013
Failing that, what do you google to learn about basic security, beyond "how to create a secure password"?
posted by bunderful at 10:18 AM on March 11, 2013
Yikes.
posted by homunculus at 10:22 AM on March 11, 2013
posted by homunculus at 10:22 AM on March 11, 2013
OK ... so where does your average computer user go to learn how to stay on top of this sort of thing? Are there classes? websites? podcasts?Websites and podcasts are probably the best places to go to stay current. That said, now and again there are good radio shows that keep on top of this stuff. I'd say that the stuff on Leo Laporte's Twit.tv is generally helpful, and his weekend radio show is generally the kind of show I'd recomend.
Also, on the Windows side, I got a lot of mileage out of techsupportalert.com for tool reccomendations.
And if nothing else, repeat after me:
"There's no such thing as a dumb computer question"
posted by ZeusHumms at 10:28 AM on March 11, 2013
Apparently the forum discussed in the article is run by a stay-at-home father of 4 in Las Vegas, unless there's another Jesse LaBrocca in Las Vegas.
posted by akgerber at 10:33 AM on March 11, 2013
posted by akgerber at 10:33 AM on March 11, 2013
Are you saying you think someone was able to alter how difficult it was to physically press keys on your keyboard?
That is one way of interpreting it, yes.
If these tools can make your CD drive (as cited in the article) open, can they not be worked to control the keyboard?
posted by infini at 10:40 AM on March 11, 2013
That is one way of interpreting it, yes.
If these tools can make your CD drive (as cited in the article) open, can they not be worked to control the keyboard?
posted by infini at 10:40 AM on March 11, 2013
Or to open a PDF or .doc a couple of days later to find there have been changes to the text?
posted by infini at 10:42 AM on March 11, 2013
posted by infini at 10:42 AM on March 11, 2013
And it‘s not as if there are groups of perverts meeting anywhere offline to exchange helpful tips on how to be a peeper (yeah, man, get a black hoodie, it‘ll make you harder to spot!)
Oh, you poor innocent soul. (NSFW)
posted by Drinky Die at 10:54 AM on March 11, 2013
Oh, you poor innocent soul. (NSFW)
posted by Drinky Die at 10:54 AM on March 11, 2013
Benefit of the doubt on infini's issue - it's quite possible to mess with keyboard settings such that keys repeat more slowly or quickly, register or don't in an arbitrary way, etc. This could easily have the effect of making keys less responsive or misbehave.
I'm not having much luck finding a quick feature list for RAT tools, but it would shock me if a capability to "annoy the user by making their keyboard randomly unresponsive" didn't exist.
Unfortunately, it's also true that computers do sometimes have weird behaviors that have nothing to do with malware or malice of any kind, and humans tend to learn helplessness quickly when faced with unpredictable behaviors like that.
posted by abulafa at 10:55 AM on March 11, 2013 [1 favorite]
I'm not having much luck finding a quick feature list for RAT tools, but it would shock me if a capability to "annoy the user by making their keyboard randomly unresponsive" didn't exist.
Unfortunately, it's also true that computers do sometimes have weird behaviors that have nothing to do with malware or malice of any kind, and humans tend to learn helplessness quickly when faced with unpredictable behaviors like that.
posted by abulafa at 10:55 AM on March 11, 2013 [1 favorite]
(Oh, you said offline, carry on)
posted by Drinky Die at 10:56 AM on March 11, 2013
posted by Drinky Die at 10:56 AM on March 11, 2013
Socially awkward and lonely men abusing women, supported by their peers, motivated by sexual entitlement, anger, punishment and fun, despite the fact that it goes against any moral code they might admit to? We're talking about the same beast in different form, right? And it gets at the idea that having a moral code has never stopped men from maintaining the sexual order with violence. That's what feminism contributes. The moral failure has always been implicit, but feminism brings it into focus -- helping us to see and pull ourselves out of the toxic brew described in both of these articles.
We probably don't disagree over much of substance here.
But it seems to me that (a) this isn't really a problem specifically afflicting women--despite the title--though it sounds like they're the primary targets, and (b) feminism has both moral and political components, and neither seem unique in the relevant respect. I mean, if other types of moral admonishment can be ignored, then so can feminist-based admonishment. And as for the political stuff...god knows how that would play into this... Presumably there are already laws against this sort of thing...
None of this is to deny that feminism can't/doesn't emphasize some things that ought to be emphasized--I agree with your claim that it brings certain things into sharper focus. But I don't see that it's these RAT psychos vs. feminism. It's these RAT psychos vs. humanity and very decent set of moral ideas in existence.
posted by Fists O'Fury at 11:06 AM on March 11, 2013
We probably don't disagree over much of substance here.
But it seems to me that (a) this isn't really a problem specifically afflicting women--despite the title--though it sounds like they're the primary targets, and (b) feminism has both moral and political components, and neither seem unique in the relevant respect. I mean, if other types of moral admonishment can be ignored, then so can feminist-based admonishment. And as for the political stuff...god knows how that would play into this... Presumably there are already laws against this sort of thing...
None of this is to deny that feminism can't/doesn't emphasize some things that ought to be emphasized--I agree with your claim that it brings certain things into sharper focus. But I don't see that it's these RAT psychos vs. feminism. It's these RAT psychos vs. humanity and very decent set of moral ideas in existence.
posted by Fists O'Fury at 11:06 AM on March 11, 2013
If these tools can make your CD drive (as cited in the article) open, can they not be worked to control the keyboard?
Not unless you have a specially-built keyboard with small motors in/around the keys and specialized firmware to control them via USB. If this sort of thing even exists, it would be very, very expensive to buy and probably a pain in the ass to maintain. Have you ever cleaned the crumbs and hair and so on out of a keyboard? A motor built small enough to control the keys would choke on that stuff after a few weeks.
posted by griphus at 11:12 AM on March 11, 2013
Not unless you have a specially-built keyboard with small motors in/around the keys and specialized firmware to control them via USB. If this sort of thing even exists, it would be very, very expensive to buy and probably a pain in the ass to maintain. Have you ever cleaned the crumbs and hair and so on out of a keyboard? A motor built small enough to control the keys would choke on that stuff after a few weeks.
posted by griphus at 11:12 AM on March 11, 2013
It doesn't matter. I should not have typed that out loud. Forget it. Whatever, must have imagined the whole thing. Bye. I retract everything.
posted by infini at 11:19 AM on March 11, 2013
posted by infini at 11:19 AM on March 11, 2013
I find it plausible that for a given laptop screwing with the hard drive and/or fans in some specific way could make the keyboard tremble. And that that's something an attacker intent on gaslighting could have pursued.
posted by Zed at 11:19 AM on March 11, 2013
posted by Zed at 11:19 AM on March 11, 2013
Perhaps tremble was the wrong word, it was closer to the keys getting stuck or lllllll kind of thing changing speed - each of which is in the control panel, no?
posted by infini at 11:20 AM on March 11, 2013
posted by infini at 11:20 AM on March 11, 2013
Perhaps tremble was the wrong word, it was closer to the keys getting stuck or lllllll kind of thing changing speed - each of which is in the control panel, no?
That seems plausible to me.
posted by shothotbot at 11:23 AM on March 11, 2013 [3 favorites]
That seems plausible to me.
posted by shothotbot at 11:23 AM on March 11, 2013 [3 favorites]
*grins* I gave up shooting for plausibility when I found my so called booked flight ticket reservation didn't exist the following morning. Believe what you will, I think that each RAT is different and each slave has a different experience. The article is far more sensational and positioning it as a lulz teen thing. Take that whole concept up a notch in the context of an R&D facility and imagine the worst.
k, time to take a walk. Hope the story helps someone else who finds themself with a misbehaving computer that seems impossible by "known" technology of the day.
posted by infini at 11:31 AM on March 11, 2013 [3 favorites]
k, time to take a walk. Hope the story helps someone else who finds themself with a misbehaving computer that seems impossible by "known" technology of the day.
posted by infini at 11:31 AM on March 11, 2013 [3 favorites]
Perhaps tremble was the wrong word, it was closer to the keys getting stuck or lllllll kind of thing changing speed - each of which is in the control panel, no?
Crappy keyloggers will sometimes do this, absolutely.
posted by Slap*Happy at 11:36 AM on March 11, 2013
Crappy keyloggers will sometimes do this, absolutely.
posted by Slap*Happy at 11:36 AM on March 11, 2013
When I was last laptop shopping, I really wanted one without a camera, for exactly this reason. I wasn't able to find one.
Yeah, again, curious overemphasis on images. I could care less if someone were watching my webcam. Recording my keystrokes?! That could be trouble.
I'm glad I never ran in circles which would have given me darker ideas.
Yeah, and for all the moralizing about shitty parents, a lot of it is luck of the draw. Aside from the few sociopaths, these people know they are doing something "wrong" and still do it for one reason or another, mostly peer pressure.
posted by mrgrimm at 11:49 AM on March 11, 2013 [1 favorite]
Yeah, again, curious overemphasis on images. I could care less if someone were watching my webcam. Recording my keystrokes?! That could be trouble.
I'm glad I never ran in circles which would have given me darker ideas.
Yeah, and for all the moralizing about shitty parents, a lot of it is luck of the draw. Aside from the few sociopaths, these people know they are doing something "wrong" and still do it for one reason or another, mostly peer pressure.
posted by mrgrimm at 11:49 AM on March 11, 2013 [1 favorite]
Yeah, again, curious overemphasis on images. I could care less if someone were watching my webcam. Recording my keystrokes?! That could be trouble.
I agree, the access to my financial accounts or my business dealings would be far more devastating than the humiliation I would feel about photos or whatever. They'd just be me looking bad, vacant, or swearing at my computer...maybe wearing my jammies, burlap bathrobe & draped in quilts, how sexy. I'm always too cold to wear anything skimpy.
But I can imagine if I did have sexy photos accessed - and I knew that a stranger had those pics and was posting them online who knows where or mailing them to everyone in my mail list or whatever, well that ain't no small thing - there have been teen suicides over that kind of thing. Plus, some victims said they were being blackmailed. And the idea that you think you are safe in your own home but someone was watching you. Well that has an incalculable creep & horror factor. That's chapter one in a Stephen King book.
Beyond the initial violation in any crime, the residue is the theft of your sense of safety, security, and trust in others. That may be the real offense.
posted by madamjujujive at 12:07 PM on March 11, 2013 [2 favorites]
I agree, the access to my financial accounts or my business dealings would be far more devastating than the humiliation I would feel about photos or whatever. They'd just be me looking bad, vacant, or swearing at my computer...maybe wearing my jammies, burlap bathrobe & draped in quilts, how sexy. I'm always too cold to wear anything skimpy.
But I can imagine if I did have sexy photos accessed - and I knew that a stranger had those pics and was posting them online who knows where or mailing them to everyone in my mail list or whatever, well that ain't no small thing - there have been teen suicides over that kind of thing. Plus, some victims said they were being blackmailed. And the idea that you think you are safe in your own home but someone was watching you. Well that has an incalculable creep & horror factor. That's chapter one in a Stephen King book.
Beyond the initial violation in any crime, the residue is the theft of your sense of safety, security, and trust in others. That may be the real offense.
posted by madamjujujive at 12:07 PM on March 11, 2013 [2 favorites]
So, is the consensus then to assume that your system is already compromised and run anti-virals from a bootable USB or CD? Alternative is popping the hard drive and do a scan from another machine while the drive is mounted as an external?
Which anti-virals should be loaded on the bootable? Taking a quick google I got Kaspersky and the software on this list. Taking a look at the list it is more Windows than OSX.
Oh yeah, also put puffy sticker on camera hole.
posted by jadepearl at 12:16 PM on March 11, 2013 [1 favorite]
Which anti-virals should be loaded on the bootable? Taking a quick google I got Kaspersky and the software on this list. Taking a look at the list it is more Windows than OSX.
Oh yeah, also put puffy sticker on camera hole.
posted by jadepearl at 12:16 PM on March 11, 2013 [1 favorite]
Fists O'Fury: We probably don't disagree over much of substance here.
Yes! I more wanted to bounce off your comment to explore some issues I was struggling with about the article (and the other article I dragged in) -- always tricky to do politely. Not looking to score any points here.
My chain of thought here is something like ... what's up with a community that rejects every moral system you and I know of, resulting in something you could loosely think of as violence (griefing/bullying/privacy invasion etc.), directed primarily by men at women, often with explicit sexual overtones? And then I see the conversation about not doing this to "nice girls," and I think, oh yeah, this again. Legal and moral systems have so often rejected sexual violence only conditionally. Laws that said rape was impossible between people who were married? That a woman hadn't been raped unless she struggled the whole time? That consensual sex with other people was admissible evidence against rape? Laws today that make rape virtually impossible to prosecute because only men can testify? Women killed for being raped, sometimes for religious reasons?
How has all of this been accepted and endorsed for thousands of years, accepted and endorsed until very recently in the United States, under religious/moral/legal systems that by all rights should condemn it? That's what I'm struggling with, because it seems to connect back to understanding the stuff that's going on in this article -- or at least they both baffle and depress me in the same way.
So feminism offers a couple of tools to help. One is, suppose your culture views women as property in some ways rather than as full-fledged human beings. Then you can apply any moral system you want, but you end up condemning violence by a man against a woman only to the extent it hurts some other man who possesses her -- because your moral system is unlikely to grant inherent rights to property. Another is, suppose your culture (like 1950s America) depends on a legal/social caste system in which women are mostly a lower caste than men. Then you might condemn violence that undercuts the system, but not violence that supports it -- and your moral system might agree, for the same reason it supports just wars.
Both of those tools can go some way to explain all the laws I mentioned above, and I bet if you could stand to spend much time in those forums you could hear both of them echoing through some of the comments and viewpoints. They don't totally capture what's going on here, but I find them helpful. And I guess as depressing as it is, I find this a hopeful viewpoint, because those tools have been working -- our underlying moral systems have started to kick in on behalf of women, and the room for violence has been narrowing as a result.
posted by jhc at 12:24 PM on March 11, 2013 [6 favorites]
Yes! I more wanted to bounce off your comment to explore some issues I was struggling with about the article (and the other article I dragged in) -- always tricky to do politely. Not looking to score any points here.
My chain of thought here is something like ... what's up with a community that rejects every moral system you and I know of, resulting in something you could loosely think of as violence (griefing/bullying/privacy invasion etc.), directed primarily by men at women, often with explicit sexual overtones? And then I see the conversation about not doing this to "nice girls," and I think, oh yeah, this again. Legal and moral systems have so often rejected sexual violence only conditionally. Laws that said rape was impossible between people who were married? That a woman hadn't been raped unless she struggled the whole time? That consensual sex with other people was admissible evidence against rape? Laws today that make rape virtually impossible to prosecute because only men can testify? Women killed for being raped, sometimes for religious reasons?
How has all of this been accepted and endorsed for thousands of years, accepted and endorsed until very recently in the United States, under religious/moral/legal systems that by all rights should condemn it? That's what I'm struggling with, because it seems to connect back to understanding the stuff that's going on in this article -- or at least they both baffle and depress me in the same way.
So feminism offers a couple of tools to help. One is, suppose your culture views women as property in some ways rather than as full-fledged human beings. Then you can apply any moral system you want, but you end up condemning violence by a man against a woman only to the extent it hurts some other man who possesses her -- because your moral system is unlikely to grant inherent rights to property. Another is, suppose your culture (like 1950s America) depends on a legal/social caste system in which women are mostly a lower caste than men. Then you might condemn violence that undercuts the system, but not violence that supports it -- and your moral system might agree, for the same reason it supports just wars.
Both of those tools can go some way to explain all the laws I mentioned above, and I bet if you could stand to spend much time in those forums you could hear both of them echoing through some of the comments and viewpoints. They don't totally capture what's going on here, but I find them helpful. And I guess as depressing as it is, I find this a hopeful viewpoint, because those tools have been working -- our underlying moral systems have started to kick in on behalf of women, and the room for violence has been narrowing as a result.
posted by jhc at 12:24 PM on March 11, 2013 [6 favorites]
Hey, you guys, seriously, please stop expressing skepticism about specific parts of infini's experience.
I know you don't mean it to sound this way, but from the outside, it sounds like you're using those specific tiny examples to invalidate her entire experience. Which - I think it's clear - is a thing that actually happened.
If you are trying to unravel the entire thing as a fraud or delusion on infini's part, then please just keep it to yourself. This is neither the time nor the place, and she is obviously still feeling it quite acutely.
posted by ErikaB at 12:24 PM on March 11, 2013 [14 favorites]
I know you don't mean it to sound this way, but from the outside, it sounds like you're using those specific tiny examples to invalidate her entire experience. Which - I think it's clear - is a thing that actually happened.
If you are trying to unravel the entire thing as a fraud or delusion on infini's part, then please just keep it to yourself. This is neither the time nor the place, and she is obviously still feeling it quite acutely.
posted by ErikaB at 12:24 PM on March 11, 2013 [14 favorites]
accepted and endorsed until very recently in the United States
"Until very recently"? In the last two weeks, more than half of the elected members of the national Republican party voted against re-authorizing the Violence Against Women Act. Their vice-presidential candidate (and presumable 2016 candidate) partnered with their "legitimate rape" spokesperson on a bill to reclassify rape as "forcible" and as far as I know has never recanted that support. This kind of shit is very much alive and implicitly and explicitly accepted and endorsed by a lot of people in power and their supporters.
posted by zombieflanders at 12:34 PM on March 11, 2013 [2 favorites]
"Until very recently"? In the last two weeks, more than half of the elected members of the national Republican party voted against re-authorizing the Violence Against Women Act. Their vice-presidential candidate (and presumable 2016 candidate) partnered with their "legitimate rape" spokesperson on a bill to reclassify rape as "forcible" and as far as I know has never recanted that support. This kind of shit is very much alive and implicitly and explicitly accepted and endorsed by a lot of people in power and their supporters.
posted by zombieflanders at 12:34 PM on March 11, 2013 [2 favorites]
"slaves" is probably used because whoever made the RAT used the slave/master terminology instead of client/server. When talking about slaves, they're most likely referring to the part of the software installed on a victim's PC, not the victim itself.
posted by ymgve at 12:42 PM on March 11, 2013 [2 favorites]
posted by ymgve at 12:42 PM on March 11, 2013 [2 favorites]
I forget who it is, but there's a Mefite whose user page included step-by-step guidelines for making your computer safer from this kind of thing. Would someone who remembers who it is please post that here? Might help folks.
posted by mediareport at 1:06 PM on March 11, 2013
posted by mediareport at 1:06 PM on March 11, 2013
It really sounds like "slaves" are the victims, not the software:
"Most of my slaves are boring," wrote one aspiring ratter. "Wish I could get some more girls with webcams. It makes it more exciting when you can literally spy on someone. Even if they aren't getting undressed!"posted by gladly at 1:07 PM on March 11, 2013
As another poster put it in a thread called ☆ ShowCase ☆ Girl Slaves On Your RAT, "We are all going to hell for this..." But he followed it with a smiley face.
"A lot of times the slave will download pics from their phone or digital camera and I watch on the remote desktop to see where they save em to and that's usually where you'll find the jackpot!"
And if even this handholding isn't enough, more successful ratters sometimes rent out slaves they have already infected. In other cases, they simply hand them off to others in a "Free Girl Slave Giveaway."
Another described testing DarkComet on a male slave and activating the man's webcam.
One popular thread, running for more than a year, with 59 pages of comments, asks people to "Post your ugly slaves here.
Matt, can we get puffy stickers in MF Blue or AskMe Green?
posted by wenestvedt at 1:15 PM on March 11, 2013 [1 favorite]
posted by wenestvedt at 1:15 PM on March 11, 2013 [1 favorite]
(Serves me right for not reading that far into the article)
The simplest way to protect yourself is to get an antivirus program, and remember to keep it updated. Microsoft Security Essentials is free and surprisingly good, and you can get it for Windows 7 and Vista too. Malwarebytes is a good addition too.
Also, uninstall Java, unless you need it for something. Get an alternative PDF reader, like SumatraPDF or Foxit. Find a plugin for your browser that makes Flash click-to-run (I think Firefox will enable this by default in the next version).
If you're still paranoid, get your local geek to do an offline scan, or if you're really really paranoid, set up some network monitoring equipment. No matter how well the software is hidden on your system, it can't conceal its communication with the outside world.
posted by ymgve at 1:17 PM on March 11, 2013 [2 favorites]
The simplest way to protect yourself is to get an antivirus program, and remember to keep it updated. Microsoft Security Essentials is free and surprisingly good, and you can get it for Windows 7 and Vista too. Malwarebytes is a good addition too.
Also, uninstall Java, unless you need it for something. Get an alternative PDF reader, like SumatraPDF or Foxit. Find a plugin for your browser that makes Flash click-to-run (I think Firefox will enable this by default in the next version).
If you're still paranoid, get your local geek to do an offline scan, or if you're really really paranoid, set up some network monitoring equipment. No matter how well the software is hidden on your system, it can't conceal its communication with the outside world.
posted by ymgve at 1:17 PM on March 11, 2013 [2 favorites]
Man, once upon a time, there was a string you could search for to return unsecured webcams. When I was just getting started on intarwebs as a high schooler, my buddies and I used to search for those religiously. The same with security cams. Never went this far, but it's alarmingly easy to see the progression.
But that was back when Jennycam was novel too.
posted by klangklangston at 1:22 PM on March 11, 2013
But that was back when Jennycam was novel too.
posted by klangklangston at 1:22 PM on March 11, 2013
Got them (thanks, taz):
deezil's Malware Fighting Toolkit Redux, updated just last week, if you've think you've been infected
samsara's Malware Prevention Guide v1.1, last updated 10/2011, for general prevention tips
posted by mediareport at 1:30 PM on March 11, 2013 [11 favorites]
deezil's Malware Fighting Toolkit Redux, updated just last week, if you've think you've been infected
samsara's Malware Prevention Guide v1.1, last updated 10/2011, for general prevention tips
posted by mediareport at 1:30 PM on March 11, 2013 [11 favorites]
I forget who it is, but there's a Mefite whose user page included step-by-step guidelines for making your computer safer from this kind of thing. Would someone who remembers who it is please post that here? Might help folks.
I don't know if you were referring to these specific profile pages, but there is samsara's and deezil's which should give folks as good a place to start as any.
posted by AElfwine Evenstar at 1:30 PM on March 11, 2013 [1 favorite]
I don't know if you were referring to these specific profile pages, but there is samsara's and deezil's which should give folks as good a place to start as any.
posted by AElfwine Evenstar at 1:30 PM on March 11, 2013 [1 favorite]
or what mediareport said...
posted by AElfwine Evenstar at 1:30 PM on March 11, 2013
posted by AElfwine Evenstar at 1:30 PM on March 11, 2013
Man, once upon a time, there was a string you could search for to return unsecured webcams.
That brings me back. I'd probably feel worse about experimenting with inurl:viewerframe searches if we ever turned up anything more interesting than a moderately busy office break-room. I suppose I should feel mildly uneasy about what we might have done with access to today's software, but thankfully I'm not philosopically equipped to answer that question.
posted by Lorin at 1:40 PM on March 11, 2013
That brings me back. I'd probably feel worse about experimenting with inurl:viewerframe searches if we ever turned up anything more interesting than a moderately busy office break-room. I suppose I should feel mildly uneasy about what we might have done with access to today's software, but thankfully I'm not philosopically equipped to answer that question.
posted by Lorin at 1:40 PM on March 11, 2013
Do Android devices need security software? I've seen answers from "no" to "yes".
posted by jiawen at 3:22 PM on March 11, 2013
posted by jiawen at 3:22 PM on March 11, 2013
I honestly don't know the specifics of how to write a keylogger for windows. I imagine you would want to write a kernel mode keylogger to run in ring 0. I also imagine you want to patch other parts of the kernel to hide your keylogger and log files. I can imagine a kernel hook or a driver running slowly or causing all kinds of problems.
posted by Ad hominem at 3:28 PM on March 11, 2013
posted by Ad hominem at 3:28 PM on March 11, 2013
Always assume Androids, iOS, etc. security is much worse than desktop security, jiawen. You know those NYT, facebook, etc. apps you installed because their mobile site lacked polish? Assume they contain spyware with root kits. I'd assume the your browser's security model is inferior to desktop browsers too, certainly desktop browsers with plugins like adblock and ghostery. Also, your question should be do mobile devices even have any security software? And can you trust it not to be spyware itself? In this case though, there is the redeeming feature that phones point up or down when not in use, so nothing for them to see.
posted by jeffburdges at 3:37 PM on March 11, 2013
posted by jeffburdges at 3:37 PM on March 11, 2013
There's a current thread about how a senior British politician will be going to jail because he tried to avoid a speeding ticket. He falsely put his wife's name on a form and as a consequence his political career is probably over. I don't think at the time he could have imagined the possible consequences, but in the eyes of the law he was conspiring to pervert the course of justice - quite a serious crime.
It's worrying that these offenders also don't seem to realise that they're committing some very serious crimes such as illegal computer access, fraud, potentially blackmail, and depending on the age of their victims perhaps possession and trafficking in child pornography. They're also committing civil offenses that could lead to them being sued - and civil damages don't go away when you turn 18. Our sympathies belong with their victims, but we seem to have failed in our duty to teach the offenders people about the law and how it regards their actions.
posted by Joe in Australia at 4:50 PM on March 11, 2013 [4 favorites]
It's worrying that these offenders also don't seem to realise that they're committing some very serious crimes such as illegal computer access, fraud, potentially blackmail, and depending on the age of their victims perhaps possession and trafficking in child pornography. They're also committing civil offenses that could lead to them being sued - and civil damages don't go away when you turn 18. Our sympathies belong with their victims, but we seem to have failed in our duty to teach the offenders people about the law and how it regards their actions.
posted by Joe in Australia at 4:50 PM on March 11, 2013 [4 favorites]
madamjujujive: "It sounds like these guys are one step ahead of what Malwarebytes (and Spybot Search and Destroy, which caught the keylogger) can so.
I think those programs can indeed be pretty effective if coupled with a AV program and if they are running live. I would imagine some of the browser add-ons might be helpful too - I am running NoScript and it is so effective at blocking things I am almost ready to jettison it because it blocks everything.
Stuff can happen to anyone, but I am gonna think the vast majority of the people doing this are looking for easy opportunities. And I would venture to guess that most people don't do the basic security things to prevent problems...some of my family members don't know a browser from a webpage, they click on the first search results they come to, click on any shiny object, and their kids download from or play games at all kinds of dodgy places. And don't even get me started on the general understanding or awareness of phishing. Plus they never do updates.
I'm not very techie, but I don't think you have to be too geeky to be relatively safe. (Knocking on a lot of wood as I speak - if a real pro, Anonymous or China decides to come after you, all bets are off. )"
Well, I did a little research and I quote this off of the DarkComet site...
Very importantly this software is detected by almost all Antivirus engines, even Windows Defender.
Of course it is not en will not ever be infected by any kind of viruses/malwares/spywares. It is simply a false positive detection because antivirus software does not to consider the possibility that a piece of software is able to perform such actions and should to be not detected.
If you want to use DarkComet-RAT you will unfortunately need to disable your antivirus program or install anoth antivirus program that does not detect DarkComet-RAT as malware.
And, while researching the infidelity edge case I listed above, I noticed even legit monitoring software like Spector Software tools being noticed by Microsoft Security Essentials.
What makes me wonder a bit is how these people get these things. I mean, metaphorically speaking, sleep around a lot with no protection then complain you have herpes? If even the authors of one of the cited RAT tools say that every AV program can find them?
I guess I just see being online with Windows with an AV as a lot like the sleeping around unprotected thing. I mean there are legit free tools like MSE and Panda Cloud AV that work well. I guess I just think that having a computer means being at least a little responsible for taking some steps to protect yourself.
posted by Samizdata at 5:12 PM on March 11, 2013
I think those programs can indeed be pretty effective if coupled with a AV program and if they are running live. I would imagine some of the browser add-ons might be helpful too - I am running NoScript and it is so effective at blocking things I am almost ready to jettison it because it blocks everything.
Stuff can happen to anyone, but I am gonna think the vast majority of the people doing this are looking for easy opportunities. And I would venture to guess that most people don't do the basic security things to prevent problems...some of my family members don't know a browser from a webpage, they click on the first search results they come to, click on any shiny object, and their kids download from or play games at all kinds of dodgy places. And don't even get me started on the general understanding or awareness of phishing. Plus they never do updates.
I'm not very techie, but I don't think you have to be too geeky to be relatively safe. (Knocking on a lot of wood as I speak - if a real pro, Anonymous or China decides to come after you, all bets are off. )"
Well, I did a little research and I quote this off of the DarkComet site...
Very importantly this software is detected by almost all Antivirus engines, even Windows Defender.
Of course it is not en will not ever be infected by any kind of viruses/malwares/spywares. It is simply a false positive detection because antivirus software does not to consider the possibility that a piece of software is able to perform such actions and should to be not detected.
If you want to use DarkComet-RAT you will unfortunately need to disable your antivirus program or install anoth antivirus program that does not detect DarkComet-RAT as malware.
And, while researching the infidelity edge case I listed above, I noticed even legit monitoring software like Spector Software tools being noticed by Microsoft Security Essentials.
What makes me wonder a bit is how these people get these things. I mean, metaphorically speaking, sleep around a lot with no protection then complain you have herpes? If even the authors of one of the cited RAT tools say that every AV program can find them?
I guess I just see being online with Windows with an AV as a lot like the sleeping around unprotected thing. I mean there are legit free tools like MSE and Panda Cloud AV that work well. I guess I just think that having a computer means being at least a little responsible for taking some steps to protect yourself.
posted by Samizdata at 5:12 PM on March 11, 2013
Downloaded Dark Comet on my Linux partition and unzipped the installer to Windows and Panda Cloud AV found the installer as a threat and nuked it. And that was without installation.
posted by Samizdata at 5:25 PM on March 11, 2013
posted by Samizdata at 5:25 PM on March 11, 2013
JHC said this above, but "we should only do this to nice gurls" trips all kinds of feminist alarm bells. It's the she-was-asking-for-it argument.
How do you tell a "nice gurl" from a "bad gurl" (whom, it's implied, it's okay to spy on)? By how sexually active she is? By how attracted to her you are? By whether or not she has a protective older brother?
Since the topic came up in a thread about "what if your younger sister was being messed with" you gotta imagine it's largely the last one. Which means that the harm done to older brothers is valued more than the harm done to girls. Which means that women's experiences are being devalued.
So it's a human being problem, but also definitely a feminist problem.
posted by subdee at 6:08 PM on March 11, 2013 [3 favorites]
How do you tell a "nice gurl" from a "bad gurl" (whom, it's implied, it's okay to spy on)? By how sexually active she is? By how attracted to her you are? By whether or not she has a protective older brother?
Since the topic came up in a thread about "what if your younger sister was being messed with" you gotta imagine it's largely the last one. Which means that the harm done to older brothers is valued more than the harm done to girls. Which means that women's experiences are being devalued.
So it's a human being problem, but also definitely a feminist problem.
posted by subdee at 6:08 PM on March 11, 2013 [3 favorites]
If these tools can make your CD drive (as cited in the article) open, can they not be worked to control the keyboard?
Opening and closing a CD drive remotely is easy, because all that's required is remote triggering of the same software that runs when you right-click a drive in Windows Explorer and choose "Eject".
There is no way I know of, on any commercially available keyboard, to control physical keystroke feel directly with software. What can certainly be done, though, is controlling or at least degrading keyboard responsiveness.
There is always some delay between pressing a key on the keyboard and seeing something change on the screen as a result. Software can alter that delay - either explicitly by messing with keyboard I/O, or implicitly by keeping the computer very busy which makes it less responsive generally.
Remote control software needs to inject keystroke events and, if badly designed, might do so in a way that has perceptible response effects on the local keyboard. A race between a remote controller and the local keyboard might also cause the computer to miss the occasional key-down or key-up event, resulting in either a complete lack of response to a keypress or a key behaving as if it were temporarily stuck down.
I would expect some people to react to keyboard unreliability by pressing the keys harder and/or for longer, in a kind of unconscious physical parallel to speaking louder and more slowly to people who don't understand you. I would also expect unreliable keyboard response to make the normal wear-induced differences between the touches of individual keys much more noticeable. Either of these effects could easily make a keyboard feel different when remote control software was active.
posted by flabdablet at 10:08 PM on March 11, 2013 [3 favorites]
Opening and closing a CD drive remotely is easy, because all that's required is remote triggering of the same software that runs when you right-click a drive in Windows Explorer and choose "Eject".
There is no way I know of, on any commercially available keyboard, to control physical keystroke feel directly with software. What can certainly be done, though, is controlling or at least degrading keyboard responsiveness.
There is always some delay between pressing a key on the keyboard and seeing something change on the screen as a result. Software can alter that delay - either explicitly by messing with keyboard I/O, or implicitly by keeping the computer very busy which makes it less responsive generally.
Remote control software needs to inject keystroke events and, if badly designed, might do so in a way that has perceptible response effects on the local keyboard. A race between a remote controller and the local keyboard might also cause the computer to miss the occasional key-down or key-up event, resulting in either a complete lack of response to a keypress or a key behaving as if it were temporarily stuck down.
I would expect some people to react to keyboard unreliability by pressing the keys harder and/or for longer, in a kind of unconscious physical parallel to speaking louder and more slowly to people who don't understand you. I would also expect unreliable keyboard response to make the normal wear-induced differences between the touches of individual keys much more noticeable. Either of these effects could easily make a keyboard feel different when remote control software was active.
posted by flabdablet at 10:08 PM on March 11, 2013 [3 favorites]
Zed: "What process, tools and methods should be considered? [...] Explain it to be REAL simply.
It just plain isn't real simple. There are some simple basic guidelines... have separate user and admin accounts and don't use the admin account except where absolutely necessary. Keep your OS and security apps and important apps like web browsers up to date. Subscribe to security alert mailing lists for your OS and important apps. Don't install things you don't need (especially if they're frequently targeted things like Java in the browser or Adobe Acrobat or Reader.) Configure your browsers to never run anything automatically and your OS to not auto-run things on USB drives or CDs (I'm out of the loop on Windows, so I don't know if there are finally sensible defaults for these, in which case these aren't relevant.) Never ever ever install or even run random crap you download from the net -- assume it's all hostile.
"
Just a heads up, Secunia PSI is pretty handy at helping you keep things updated. And free to boot!
posted by Samizdata at 12:17 AM on March 12, 2013
It just plain isn't real simple. There are some simple basic guidelines... have separate user and admin accounts and don't use the admin account except where absolutely necessary. Keep your OS and security apps and important apps like web browsers up to date. Subscribe to security alert mailing lists for your OS and important apps. Don't install things you don't need (especially if they're frequently targeted things like Java in the browser or Adobe Acrobat or Reader.) Configure your browsers to never run anything automatically and your OS to not auto-run things on USB drives or CDs (I'm out of the loop on Windows, so I don't know if there are finally sensible defaults for these, in which case these aren't relevant.) Never ever ever install or even run random crap you download from the net -- assume it's all hostile.
"
Just a heads up, Secunia PSI is pretty handy at helping you keep things updated. And free to boot!
posted by Samizdata at 12:17 AM on March 12, 2013
jeffburdges, that was not a helpful response. First, please don't assume I've installed any particular apps. I don't use Facebook, partially because of security concerns, nor do I have any website-specific apps installed on my Android devices. Second, my main browser for Android is Firefox, which has Adblock, script blocking, cookie control, etc. Third, please don't tell me what my question "should be". I've seen much better-informed answers than what you provided, from "probably no, but be careful" to "probably yes, but be careful". I was asking for clarification, not patronizing FUD.
posted by jiawen at 12:45 AM on March 12, 2013 [2 favorites]
posted by jiawen at 12:45 AM on March 12, 2013 [2 favorites]
Secunia PSI is pretty handy at helping you keep things updated
As is Ninite.
posted by flabdablet at 2:25 AM on March 12, 2013
As is Ninite.
posted by flabdablet at 2:25 AM on March 12, 2013
Just a note, fwiw: The thing is, if its only the computer activity, its manageable. What you have to be careful about is if its folks who already know you and they integrate the PC crap with stuff IRL - harassment - that's when its hard to identify the gaslighting etc. I was a minority of one who was chased out of Dodge using this combo.
Also, thank you to all of you who mailed.
posted by infini at 9:14 AM on March 12, 2013
Also, thank you to all of you who mailed.
posted by infini at 9:14 AM on March 12, 2013
the basic problem is found in peoples perception of owning a computer/smartphone/etc. it's a perception given by consumerism. "if i buy this, i can do that. i don't need to understand anything, and i especially don't have to learn anything".
so hey, anyone wanna buy 13 years worth of IM chat logs with madamjujujive? :-)
posted by quonsar II: smock fishpants and the temple of foon at 11:19 AM on March 12, 2013
so hey, anyone wanna buy 13 years worth of IM chat logs with madamjujujive? :-)
posted by quonsar II: smock fishpants and the temple of foon at 11:19 AM on March 12, 2013
What makes me wonder a bit is how these people get these things.
It's in the article. Porn torrents for men; Sims 3 torrents for women.
Honestly, as a heavy Windows user, I'm not too concerned (knock on plastic). I was hit by a drive-by install once long ago (i.e. visiting a Web site installed malware), but it seems harder to do now. Dunno. I won't be covering my Webcam with a post-it, regardless.
I'm surprised no one has mentioned HJT - HijackThis yet. I thought that was pretty much the standard malware diagnostic: run a HJT scan and post the log to bleeping computer (that was probably 5 years ago ...). It's no longer supported, but still useful, I think ...
I know the serious, serious stuff (e.g. secret government shit) and rootkits can avoid detection, but is it really that easy for this RAT stuff to hide?
posted by mrgrimm at 12:28 PM on March 12, 2013
It's in the article. Porn torrents for men; Sims 3 torrents for women.
Honestly, as a heavy Windows user, I'm not too concerned (knock on plastic). I was hit by a drive-by install once long ago (i.e. visiting a Web site installed malware), but it seems harder to do now. Dunno. I won't be covering my Webcam with a post-it, regardless.
I'm surprised no one has mentioned HJT - HijackThis yet. I thought that was pretty much the standard malware diagnostic: run a HJT scan and post the log to bleeping computer (that was probably 5 years ago ...). It's no longer supported, but still useful, I think ...
I know the serious, serious stuff (e.g. secret government shit) and rootkits can avoid detection, but is it really that easy for this RAT stuff to hide?
posted by mrgrimm at 12:28 PM on March 12, 2013
so hey, anyone wanna buy 13 years worth of IM chat logs with madamjujujive? :-)
Save your money folks - here is the abridged version:
2001 - Holy shit, wtc
2002 - George Bush is such an ass
2003 - Jackass got us into a war
2004 - Holy shit, tsunami
2005 - Dick Cheney is such an ass
2006 - Holy shit Abu Ghraib
2007 - Dick Cheney is an even bigger ass
2008 - Palin is such an ass
2009 - woah - can you believe we elected a black guy
2010 - Teaparty - such asses
2011 - Holy shit, Japan earthquake; holy shit Bin Laden
2012 - Mitt Romney is such an ass
posted by madamjujujive at 1:39 PM on March 12, 2013 [14 favorites]
Save your money folks - here is the abridged version:
2001 - Holy shit, wtc
2002 - George Bush is such an ass
2003 - Jackass got us into a war
2004 - Holy shit, tsunami
2005 - Dick Cheney is such an ass
2006 - Holy shit Abu Ghraib
2007 - Dick Cheney is an even bigger ass
2008 - Palin is such an ass
2009 - woah - can you believe we elected a black guy
2010 - Teaparty - such asses
2011 - Holy shit, Japan earthquake; holy shit Bin Laden
2012 - Mitt Romney is such an ass
posted by madamjujujive at 1:39 PM on March 12, 2013 [14 favorites]
In the mid-80's I worked as a maintenance carpenter at an apartment complex in Houston, replacing doors or cabinets or whatever else, getting places ready when they were rented out, new tile floors, whatever needed done. Hard times in Houston, not much of a job but I was lucky to have it. Anyways, this one guy moved out of his largish apartment (2 BR, upstairs and downstairs) and for whatever reason, one of his bathroom mirrors was broken. We took it down to replace it and found out that this guy was creative.
He'd cut holes in the drywall behind his mirror, large enough to poke his head in and take a look around. Then he'd carefully cut through the drywall on his adjoining neighbors wall, and then scratched some of the backing off the mirror in the neighbors apartment, two places, one high and one low, off to one side of the mirror, small but large enough to see through, for sure. Turns out that he'd done this behind another mirror, too, in the downstairs bedroom bathroom, looking into another adjoining apartment, and the same thing, two scratched places in the adjoining mirror, high and low.
Had to be that he sat there in the dark, doors closed lights off, poking his head through that common wall, gaping at his neighbors. With the lights off and the smallish scraped parts not centered in the mirror, most wouldn't notice his pervy eye and no one did, we'd not have known ourselves except that he'd broken the mirror -- likely one of the many times he put it up and down -- and we had to replace it as part of that make-ready.
People are fucked up.
posted by dancestoblue at 8:28 PM on March 12, 2013 [5 favorites]
He'd cut holes in the drywall behind his mirror, large enough to poke his head in and take a look around. Then he'd carefully cut through the drywall on his adjoining neighbors wall, and then scratched some of the backing off the mirror in the neighbors apartment, two places, one high and one low, off to one side of the mirror, small but large enough to see through, for sure. Turns out that he'd done this behind another mirror, too, in the downstairs bedroom bathroom, looking into another adjoining apartment, and the same thing, two scratched places in the adjoining mirror, high and low.
Had to be that he sat there in the dark, doors closed lights off, poking his head through that common wall, gaping at his neighbors. With the lights off and the smallish scraped parts not centered in the mirror, most wouldn't notice his pervy eye and no one did, we'd not have known ourselves except that he'd broken the mirror -- likely one of the many times he put it up and down -- and we had to replace it as part of that make-ready.
People are fucked up.
posted by dancestoblue at 8:28 PM on March 12, 2013 [5 favorites]
Ars Technica:
“Stop the Cyborgs” launches public campaign against Google Glassposted by XMLicious at 11:09 PM on March 22, 2013 [1 favorite]
“In generation two, when you've got better battery life and apps that do better face recognition—maybe we're crying wolf a little early to a certain extent—but [what happens when] you get to competing products?” Adam said. “The idea that you'll have recognition of objects and infrared tags so it will always know what you're looking at—that kind of thing, it will be gathering information. It's more the face recognition stuff that changes society. You're never going to see a stranger as a stranger again.”
...
"Google Glass simply lowers the transaction costs of taking photos and videos and learning about your surroundings," the law professor said. "If Glass has a high adoption rate, it will significantly increase the likelihood of information that was assumed to be obscure or ethereal being discovered, recorded, and subject to publication. The law has yet to figure out how to unravel the fact that there are many situations where individuals expect privacy in public. So perhaps the best approach to this, at least initially, is a vocal, context-based opposition."
Man I just thought of a killer app for Google Glass for me; keeping track of the prices of food and where the cheapest price for that item is. No more trying to recall whether Kraft dinner was cheapest at Costco or Super Store and ditto on hundreds of items including stuff that I've never bought before but suddenly need (like yesterday and leeks).
posted by Mitheral at 11:11 AM on March 23, 2013 [2 favorites]
posted by Mitheral at 11:11 AM on March 23, 2013 [2 favorites]
But Mitheral, that would deprive you of the joy of active bargain hunting. It's like trivia - it's no fun if you can just look the answers up.
posted by maryr at 2:52 PM on March 23, 2013
posted by maryr at 2:52 PM on March 23, 2013
Mitheral, that is one fantastic idea. In fact someone could write an app that does that automatically: anyone walking through a supermarket will constantly have bar codes and prices in their frame of view, which would be recognised and added to a real-time database so that everyone knows what the prices in that store are, all the time.
Scary for shop owners, though, and they'll probably try to obfuscate things.
posted by Joe in Australia at 4:18 PM on March 23, 2013 [1 favorite]
Scary for shop owners, though, and they'll probably try to obfuscate things.
posted by Joe in Australia at 4:18 PM on March 23, 2013 [1 favorite]
Aren't there hoards of Android applications that check prices online whenever you scan a barcode? In some cases, you could simply pull the local retail store prices from online too. If the retail store doesn't publish their prices, they'll never receive customers through these apps.
I'd want an Android barcode scanner app that reported the prices for the product on places potentially cheaper than amazon, like ebay, aliexpress, etc., maybe search these sites for the product description too.
posted by jeffburdges at 5:11 AM on March 24, 2013
I'd want an Android barcode scanner app that reported the prices for the product on places potentially cheaper than amazon, like ebay, aliexpress, etc., maybe search these sites for the product description too.
posted by jeffburdges at 5:11 AM on March 24, 2013
“Stop the Cyborgs” launches public campaign against Google Glass
Google Glass and the Golden Age of Creepshots
Related thread.
posted by homunculus at 10:43 AM on March 24, 2013 [1 favorite]
Google Glass and the Golden Age of Creepshots
Related thread.
posted by homunculus at 10:43 AM on March 24, 2013 [1 favorite]
I remember a news story from back in the late nineteen hundreds where an MIT freshman had constructed an enormous-by-modern-standards backpack computer with camera and HUD monocle and had loaded it with the data from the yearbooks and freshman directory the school published so that he could walk around campus and know immediately what everyone's name and favorite hobbies were before he was even introduced to them.
It seems to me as though an even greater consequence than Google-Glass-type devices being used for taking creepshots is that, once the properly-indexed image databases/search engines are more widely available, then every person who walks past you on the street can get a popup displaying all of the creepshots of you and other embarrassing photos and dirty laundry based on a lookup via facial recognition.
As a silver lining, maybe this will have a democratizing "I'll laugh at you before you can laugh at me" ass pennies effect^ in that no matter how badass or intimidating anyone you meet acts you can immediately see pictures of them in their underwear or tripping and taking a faceplant into the bushes because they weren't watching where they were walking while texting.
posted by XMLicious at 11:19 AM on March 24, 2013
It seems to me as though an even greater consequence than Google-Glass-type devices being used for taking creepshots is that, once the properly-indexed image databases/search engines are more widely available, then every person who walks past you on the street can get a popup displaying all of the creepshots of you and other embarrassing photos and dirty laundry based on a lookup via facial recognition.
As a silver lining, maybe this will have a democratizing "I'll laugh at you before you can laugh at me" ass pennies effect^ in that no matter how badass or intimidating anyone you meet acts you can immediately see pictures of them in their underwear or tripping and taking a faceplant into the bushes because they weren't watching where they were walking while texting.
posted by XMLicious at 11:19 AM on March 24, 2013
« Older Muppet Musicians of Bremen | Projectors de cinema infantil Newer »
This thread has been archived and is closed to new comments
posted by mathowie at 9:06 PM on March 10, 2013 [4 favorites]