I got a pirate copy of Vista that won't accept updates--what's the best form of protection...

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I got a pirate copy of Vista that won't accept updates--what's the best for=
m of protection?

I have Avira freeware for the antivirus program and I have the default Micr=
osoft firewall running.  But updates do not load (since the OS fails the "G=
enuine Vista" test).

But I figure any security breaches will be unbreached by the AV / malware p=
rogram and stopped by the firewall, unless I surf some hacker site, yes?

What are the chances that a hacker will find my PC, breach the modem hardwa=
re firewall and MS software firewall, and the AV program, if I never visit =
a bad site?  Very slim, correct?

Any expert opinion appreciated.  Even from you, Dustin.  Oh I use this PC j=
ust for coding with Visual Studio 2008--legacy code work only--my 'real' PC=
 has all legal s/w on it, etc. (For compatibility reasons I never run simul=
taneous copies of Visual Studio nor of SQL Server of different years / vers=
ions on the same PC--that's why I have this setup).  So this pirate PC is o=
nly for limited work hence I doubt it can realistically be breached by some=
 outside party.

RL

Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?

On Tuesday, July 17, 2012 1:29:16 AM UTC-4, RayLopez99 wrote:
Quoted text here. Click to load it

your best option is an operating system that actually can receive security =
updates.=20

it's possible that your current setup will accept security updates even tho=
ugh it's not genuine. it won't let you update through the microsoft update =
website, but security updates may still come in through automatic updates. =
i'm pretty sure it worked that way with XP and imagine it would with later =
OSes too. as much as microsoft hates pirates, they hate bot infested comput=
ers more.
=20
Quoted text here. Click to load it
"Genuine Vista" test).
Quoted text here. Click to load it

half of the sites that could compromise you aren't hacker sites but rather =
compromised legitimate sites. the old advice about not visiting dodgy sites=
 is obsolete now because there's no such thing as safe sites anymore.

further, an AV can be bypassed pretty easily if the malware is new, and the=
 firewall is really only going to stop incoming connection attempts, not dr=
ive-by downloads or intentional downloads of malware.

Quoted text here. Click to load it
t a bad site?  Very slim, correct?

your chances of encountering malware at all is actually pretty slim, but if=
 you do encounter it, the chances it will get past your defenses  aren't al=
l that slim.

=20
Quoted text here. Click to load it
al' PC has all legal s/w on it, etc. (For compatibility reasons I never=
 run simultaneous copies of Visual Studio nor of SQL Server of different ye=
ars / versions on the same PC--that's why I have this setup).  So this =
pirate PC is only for limited work hence I doubt it can realistically be br=
eached by some outside party.

ok, so here's a suggestion - don't go online from this non-genuine PC. do y=
our browsing from your more defensible/updatable PC.

Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?

On Tuesday, July 17, 2012 7:38:50 AM UTC-4, kurt wismer wrote:
Quoted text here. Click to load it

Update: I got a crack 'activation code' and now I'm getting updates!  Wonde=
r how that works?...if you know please let me know.  I thought every activa=
tion code was a GUID and uniquely linked to just one machine in the world?
=20
Quoted text here. Click to load it
yes?
Quoted text here. Click to load it
 sites is obsolete now because there's no such thing as safe sites anym=
ore.
Quoted text here. Click to load it

Thanks, I've heard that but find it hard to believe.  But it might be true-=
-for a few hours I think.  Nowadays most major sites (like Wall Street Jour=
nal) have anti-virus stuff on their server?  But for 'zero-day' exploits ev=
en those sites would be vulnerable?

Quoted text here. Click to load it
drive-by downloads or intentional downloads of malware.
Quoted text here. Click to load it

RIght.

 visit a bad site?  Very slim, correct?
Quoted text here. Click to load it
9;t all that slim.
Quoted text here. Click to load it

I think that's the key point.  Zero day exploits cannot be defended, ever. =
 That's why the better 'paid' AV programs check for updates every 15 minute=
s, not once a day.

=20
Quoted text here. Click to load it

Not feasible since I browse for free code samples when I'm coding from this=
 machine.  Thanks for the advice.

RL

Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?


I think that's the key point.  Zero day exploits cannot be defended, ever.
That's why the better 'paid' AV programs check for updates every 15 minutes,
not once a day.

***
Point to ponder, Blaster's exploit was *never* zero-day and yet was quite
successful. :o)
***



Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?



Quoted text here. Click to load it

What kind of person is installing malware so rapidly that they need to
scan their system every fifteen minutes?

Quoted text here. Click to load it

Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?

On Tuesday, July 17, 2012 3:28:13 PM UTC-4, RayLopez99 wrote:
Quoted text here. Click to load it
[snip]
Quoted text here. Click to load it
vation code was a GUID and uniquely linked to just one machine in the world=
?

in my experience they aren't guids, but they do look pretty unique. however=
 some are intended to be used more than once. they're used by computer manu=
facturers so that they don't need to put a different one on each and every =
computer they sell.
  
[snip]
Quoted text here. Click to load it
ites is obsolete now because there's no such thing as safe sites anymore.
Quoted text here. Click to load it
urnal) have anti-virus stuff on their server?  But for 'zero-day' exploits =
even those sites would be vulnerable?

a) anti-virus isn't going to alert on a stray iframe. that's usually the ex=
tent of the modification to their site
b) anti-virus isn't going to alert on ad-server code because it's entirely =
legitimate, even though malicious advertisers sometimes infiltrate the ad n=
etwork.

pretty much the only way an anti-virus is going to alert is if you actually=
 browse to the page and something malicious gets downloaded, but major site=
s can have hundreds or even thousands of different pages so that's unfeasib=
le - and even if it weren't, some of the server-side code only serves up th=
e malicious content conditionally. examples of this include the case where =
it's a  malvertisement and only one ad out of their entire rotation is bad,=
 or the server-side code checks the requester's IP address and avoids servi=
ng the malicious content to IP addresses that are known to check for such b=
adness.

[snip]=20
Quoted text here. Click to load it
t all that slim.
Quoted text here. Click to load it

actually they can.

a) if the exploit is used to download and launch other malware, that other =
malware may be stopped by an application whitelist.
b) if the vulnerable application is running in a sandbox then the attacker =
has to not only exploit that vulnerability but also find a way to escape th=
e sandbox (and if they can't predict what kind of sandbox it is, that can b=
e rather difficult)
c) instead of using the vulnerable application, use a lesser known alternat=
ive. there's more money in making exploits for the apps that the majority o=
f people use, so avoiding those apps can be an effective defensive techniqu=
e.

[snip]
Quoted text here. Click to load it

if they're on the same network you could use remote desktop to connect to y=
our defensible PC and browse that way.

alternatively (or perhaps i should say additionally), might i suggest a dri=
ve imaging regimen. i know you have a serial code that works right now, but=
 it might not work forever. sometimes they invalidate ones that they know h=
ave been pirated.

Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?

Thank you kurt wismer, this is very interesting and you clearly know your s=
tuff, unlike some has-beens here, whose name will go unmentioned (Dustbin).=
  Sorry for my broken reply below but Google Groups is once again not worki=
ng.

On Wednesday, July 18, 2012 12:02:44 AM UTC-4, kurt wismer wrote:=20
Quoted text here. Click to load it
hought every activation code was a GUID and uniquely linked to just one mac=
hine in the world?
Quoted text here. Click to load it
puter manufacturers so that they don't need to put a different one on e=
ach and every computer they sell.
Quoted text here. Click to load it

Yes, that's what another forum said. Interesting. GUIDs are cheap to manufa=
cture but not cheap enough I guess.


Quoted text here. Click to load it
ting dodgy sites is obsolete now because there's no such thing as safe =
sites anymore.
Quoted text here. Click to load it
Street Journal) have anti-virus stuff on their server?  But for 'zero-d=
ay' exploits even those sites would be vulnerable?
Quoted text here. Click to load it
e the ad network.



As a part-time coder (I usually do a demo and let a real professional then =
take over, but still) I wonder:  for this to work you have to somehow infil=
trate the index.html page on the server, yes?  So you somehow have to get o=
nto the server's root, yes?  Which means the server must have an easy (or r=
elatively easy) password to crack, yes?  Aside from "poisoned DNS" servers,=
 which are a different tactic altogether, that's the only way I can think t=
his would work.

=20
Quoted text here. Click to load it

[useful stuff deleted]

Quoted text here. Click to load it
ut it might not work forever. sometimes they invalidate ones that they know=
 have been pirated.

SHIT!  I forgot about this altogether, thanks for reminding me.  I will do =
as you say, but would that not necessitate that you restore an image but ha=
ve to set back the PC clock every time?  No big deal if so, just a hassle. =
 In any rate I will backup as you say...they could somehow poison my PC tho=
ugh I've set it to never get Updates from Microsoft so I don't think it's l=
ikely.

BTW, if you have any insight as to the below speculation from alt.comp.hard=
ware.pc-homebuilt, feel free to chime in.  What is "WireShark"?  Some sort =
of virus that captures data incoming and outgoing I take it?=20

RL=20


On Wednesday, July 18, 2012 11:07:23 AM UTC-4, Man-wai Chang wrote:
Quoted text here. Click to load it
an activation code I found on Piratebay.se for Vista worked for me...so it =
raises the question, how?
Quoted text here. Click to load it

So they steal these codes?  But this theory supposes that you can "reuse" c=
odes more than once, which is also what Paul said.=20

And don't you think Microsoft has some sort of antivirus to fight WireShark=
?

Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?


Quoted text here. Click to load it

coder? Are you able to reverse engineer software? At best, you'd be a
programmer. A coder is a step above that. You aren't one if you have to
ask these kinds of questions.

Quoted text here. Click to load it

Ray! Do you mind if I steal this for a tagline?
 
Quoted text here. Click to load it

Ray! Do you mind if I steal this one as well for a tagline? They're kodak
moments man!


--
I called the help line. It was outsourced to Pakistan.
"What's the matter?"  
"I'm depressed."
"Can you drive a truck?"


Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?

On Wednesday, July 18, 2012 9:28:20 PM UTC-4, Dustin wrote:
Quoted text here. Click to load it
=20
I don't know how to reverse engineer code, no.  So I guess I'm a hobby prog=
rammer not a coder--thanks for this distinction I've never heard it before.=
  There is a way to get the IL (pseudo code) that Visual Studio managed (sm=
art pointer / reference not true pointer based) software languages like C#,=
 VB, C++ compilers generate, but I don't know how to read the Intermediate =
Language code generated except for the most trivial of cases, say a simple =
'for' loop.

=20
Quoted text here. Click to load it

sure, you flatter me!  I'm in the big leagues now since Dustin is quoting m=
e!

RL

Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?


Quoted text here. Click to load it

Alas, you're no coder. Barely a programmer by the sounds of things. No
wonder you need to let ehh, professionals take over. ;p

Quoted text here. Click to load it

But of course Ray. I was under the previously mistaken impression that the
regular posters here ALL knew what WireShark was and how to use it. I'll
give you a clue, it's NOT a virus. It's a well known app, hence my desire
to keep your comments as taglines; should be good for many laughs.


--
I called the help line. It was outsourced to Pakistan.
"What's the matter?"  
"I'm depressed."
"Can you drive a truck?"


Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?


Quoted text here. Click to load it

That *was* a pretty funny exchange, but I must vote for the other thread
with RayLopez99 and Virus Guy discussing security as the topper. :o)



Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?


Quoted text here. Click to load it

Well shit.. I'm on the fence now.


--
I called the help line. It was outsourced to Pakistan.
"What's the matter?"  
"I'm depressed."
"Can you drive a truck?"


Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?

On Thursday, July 19, 2012 7:05:14 PM UTC-4, Dustin wrote:
 
Quoted text here. Click to load it
 
Yeah well I use Fiddler when I code. Or shall I say when I program?

RL

Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?


Quoted text here. Click to load it

Script would be more appropriate I think in your case. :)

WireShark... that was just good dude.


--
I called the help line. It was outsourced to Pakistan.
"What's the matter?"  
"I'm depressed."
"Can you drive a truck?"


Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?

On Wednesday, July 18, 2012 7:53:05 PM UTC-4, RayLopez99 wrote:
[snip]
Quoted text here. Click to load it
[snip]
Quoted text here. Click to load it
manufacturers so that they don't need to put a different one on each and ev=
ery computer they sell.
Quoted text here. Click to load it

putting a different one on each computer is much more expensive than simply=
 writing the same image onto all the machines (or at least a large batch of=
 machines).

[snip]
Quoted text here. Click to load it
iltrate the index.html page on the server, yes?  So you somehow have to get=
 onto the server's root, yes?  Which means the server must have an easy (or=
 relatively easy) password to crack, yes?  Aside from "poisoned DNS" server=
s, which are a different tactic altogether, that's the only way I can think=
 this would work.

infiltrating index.html is a very static html way of looking at things. mod=
ern websites are built around CMS's or content management systems. they hav=
e databases containing the content, and the web pages are generated dynamic=
ally out of content pulled out of those databases.

one of the major ways sites have been getting compromised is by attacking t=
hose CMS's and specifically their databases. there have been automated tool=
s that go out on the net looking for vulnerable CMS's to perform SQL inject=
ion attacks on (so-called mass SQL injection attacks, because they can inse=
rt content into hundreds or even thousands of sites at a time).

[snip]
Quoted text here. Click to load it
have to set back the PC clock every time?=20

i've never had to mess with the clock after restoring images.=20

[snip]
Quoted text here. Click to load it
t of virus that captures data incoming and outgoing I take it?=20

not a virus. it's a perfectly legitimate tool for monitoring the contents o=
f your own network traffic. i suppose it might be possible to capture the s=
erial code being sent over the network from a properly licensed windows mac=
hine for use on another machine. if the code happens to be the kind that ca=
n be re-used, that is.

Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?

On Thursday, July 19, 2012 11:15:34 AM UTC-4, kurt wismer wrote:=20
Quoted text here. Click to load it
of machines).
Quoted text here. Click to load it

I guess so.


Quoted text here. Click to load it
w infiltrate the index.html page on the server, yes?  So you somehow have t=
o get onto the server's root, yes?  Which means the server must have an=
 easy (or relatively easy) password to crack, yes?  Aside from "poison=
ed DNS" servers, which are a different tactic altogether, that's t=
he only way I can think this would work.
Quoted text here. Click to load it
ey have databases containing the content, and the web pages are generated d=
ynamically out of content pulled out of those databases.
Quoted text here. Click to load it
d tools that go out on the net looking for vulnerable CMS's to perform =
SQL injection attacks on (so-called mass SQL injection attacks, because the=
y can insert content into hundreds or even thousands of sites at a time).
Quoted text here. Click to load it

Thanks for this CMS information--new to me.  But I find it hard to believe =
that Microsoft has not figured a defense to SQL injection attacks.  If you =
use stored procedures and/or EF/Linq-to-SQL which has this defense built in=
, you are immune from SQL injection attacks.  So the issue is:  how to crac=
k the database password?  


Quoted text here. Click to load it
 but have to set back the PC clock every time?=20
Quoted text here. Click to load it

OK--interesting.  Then it must be like what Dustin implied, in that they ar=
e not using the clock but something more sophisticated.  Maybe to 'disable'=
 your machine, if it is pirate, Microsoft will 'inject' some code into the =
bowels of your boot sector or whatever boots up first on your HD and thereb=
y affect your machine.  Useful to know this--I'll take periodic 'snapshots'=
 of my HD just in case they do this.

Yes I figured out from another forum what Wireshark is and does, thanks.

RL

Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?

On Thursday, July 19, 2012 1:41:18 PM UTC-4, RayLopez99 wrote:
[snip]
Quoted text here. Click to load it

there are plenty of defenses for SQL injection, but it's not something you =
can defend against at the database layer because there's nothing intrinsica=
lly wrong with the queries (they just do something that was not originally =
intended). it has to be at the client application layer, which means micros=
oft can't really do much about it. software vendors who make applications t=
hat connect to databases have to actually use those defenses (which means t=
hey have to know about them and care enough to do it).

Quoted text here. Click to load it
w to crack the database password?  

database passwords are outside the scope of SQL injection.

[snip]
Quoted text here. Click to load it
e' your machine, if it is pirate, Microsoft will 'inject' some code into th=
e bowels of your boot sector or whatever boots up first on your HD and ther=
eby affect your machine.  Useful to know this--I'll take periodic 'snapshot=
s' of my HD just in case they do this.

when it comes to disabling your machine (or at least disabling updates), i =
believe that has something to do with comparing your serial code to the lis=
t of invalidated codes that microsoft maintains. i imagine that check is pa=
rt of the update process so it can't be bypassed without forgoing updates.

Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?

Pardon my post format but Google Groups not working again... perhaps indire=
ctly proving the points you make...

On Friday, July 20, 2012 12:24:38 PM UTC-4, kurt wismer wrote:
Quoted text here. Click to load it
=20
Quoted text here. Click to load it
intrinsically wrong with the queries (they just do something that was not o=
riginally intended). it has to be at the client application layer, which me=
ans microsoft can't really do much about it. software vendors who make =
applications that connect to databases have to actually use those defenses =
(which means they have to know about them and care enough to do it).
Quoted text here. Click to load it

I think some terminology definitions are in order here... I have written so=
me EF/ADO.NET stuff and am aware of the three-tier architecture used in dat=
abase (dB) design, http://en.wikipedia.org/wiki/Multitier_architecture .  S=
o you are saying it's possible that when a user, Joe Public, surfs to the P=
resentation Layer of CNN.COM, that the programmers (but not coders, Dustbin=
!) did not adequately defend against SQL Injection attacks?  Is that it?  I=
f so, fair enough, though I would argue that for most 'reputable' sites the=
 management presumably has paid enough to get competent programmers to defe=
nd against this, though with today's short sighted cost cutting mentality I=
 could be wrong.

Quoted text here. Click to load it
:  how to crack the database password?  
Quoted text here. Click to load it

Yes, I understood.  That's why I said "So the issue is", which means it's a=
 separate issue, though I can see the ambiguity of that phrase.

Quoted text here. Click to load it
39;disable' your machine, if it is pirate, Microsoft will 'inject&#=
39; some code into the bowels of your boot sector or whatever boots up firs=
t on your HD and thereby affect your machine.  Useful to know this--I'l=
l take periodic 'snapshots' of my HD just in case they do this.
Quoted text here. Click to load it
ist of invalidated codes that microsoft maintains. i imagine that check is =
part of the update process so it can't be bypassed without forgoing upd=
ates.

OK thanks, but I now don't see how having an image of your hard drive from =
say one day before this disabling is going to stop Microsoft from doing thi=
s again, once you 'restore' this old image.  If the check is being done on =
their end, restoring an old image of your HD will not solve anything.

RL

Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?


Quoted text here. Click to load it

It will not stop microsoft from doing it again, and again, and again. The
check is done on their end, but your machine receives a command. It *can*
be told to ignore/disregard it. It does have side effects, but you can get
around those too. It's a multi step process.

When you learn to address me properly, I *might* offer to show you some
source code with explanations, etc... I know you're not a coder, but you
can read comments and follow along the code.

Being a smartass with me, when you've got no right, gets you noplace fast
with me.


--
I called the help line. It was outsourced to Pakistan.
"What's the matter?"  
"I'm depressed."
"Can you drive a truck?"


Re: I got a pirate copy of Vista that won't accept updates--what's the best form of protection?

On Friday, July 20, 2012 8:54:06 PM UTC-4, Dustin wrote:
Quoted text here. Click to load it
=20
Well Mr. Dustin, though perhaps you can code a bit better than I (I've done=
 C, back in the days, along with Pascal, but nowadays prefer garbage-collec=
ted managed languages like C#), I would be leery of compiling anything you =
send me, given your hacker background, though if it's well commented I woul=
d like to step through it and maybe lern something, so do feel free to post=
 your source here or email it to me.

Please.  see?  i can be nice.

RL

Site Timeline