Sunday, December 04, 2005

File not found; Flaw not found

Edward L. Chiarini Jr. is losing the plot. So much for his security expertise. He claims to have infected my machine with files that cannot be found. The reason why they can't be found is that they really aren't there. He wants me to simply believe that LimeWire can accept "placed" files and can display them in Ed's copy of LimeWire, but not anyone else's, and that LimeWire can hide an uploaded file using rootkit technology, and execute an arbitrary .htm file remotely, just by downloading it. That's asking a bit much!

"I placed 1 file containg the virus (note size 0.8kb) then poked it, so it duplicated two more infected files (note size 5.1KB)

(Click on the image for more detail)

"If you cant see them is probably because their [sic] invisible. When I say invisible, it means not even if you turn on invisibles, or show system files settings in your options, will you see them either.

"Run uninstall whatever antivirus you have running, then install Mcafee via their web site. Run it, and eliminate the infections. Also install Webroot’s free 15day spysweeper and run it also. Uninstall them both if you want, then reinstall your old antivirus (if you want)."

I fully understand what a rootkit is, and how it works. Ed, my dear fellow, if they really are that invisible, then a program like Rootkit Revealer with find them. It doesn't.

(Click on the image for more detail)

Neither does McAfee or Spysweeper, or NOD32 or Ad-Aware. Booting up off a CD that supports NTFS will also find the files, if they are there, of course. Nothing showed up.

(Click on the image for more detail)

Also, Ed hasn't been able to tell me what the names of the 2 files I'm sharing are. That's because he hasn't connected to my PC. He just spoofed the IP numbers in his screen shot (top picture) in the vain hope that I would be gullible enough to take his word for it. He keeps forgetting I'm a software engineer.

Update: I installed an old version (4.8.1) of LimeWire on a test machine (image below). It looks remarkably similar to the "proof" screen that Ed keeps rambling on about (top image). Notice how the bottom left corner of the application displays the connection type and number of files shared in the 4.8 format. Now compare it to the same display in the 4.9 format (above). So once again, Ed, you've been caught out ("Every time I use Limewire I download it from the site (free version) and when I'm finished using it I uninstall it along with all its registry changes. A small price to pay for the safety of my machine." Funny, the screen shot you sent was of an old, paid version.
"I actually went into the studio with a clean machine and downloaded the free version that was on their site. As current as it gets." Not according to the video image, which showed the paid version.)

(Click on the image for more detail)

Ed challenged me: "Go ahead, put your money where your mouth is. Give me your IP, let me look around for your contacts, or take a quick glance of your tax records. Or do you still want to hide behind your spamcops.com [sic]? Oooohhhhhhh, lets be real, give me your IP and 5 minutes I'll make your machine two step like we do it here in TX." So let's be real, Ed: you failed to do anything to my machine. You failed to prove that you even connected to my machine. I guess you have some explaining to do to Dan Ronan and WFAA TV.

Related entries: Abort, Retry, Fail | Go Ahead, Hack My LimeWire

2 comments:

Anonymous said...

Hey Donn, like I said before. Or did you not hear me due to your head being stuck in the sand. (Or somewhere else)

I don’t have time for this chit chat any longer. What are the 11 files McAfee found? Please show us all of them.

Believe what you want, I know the file you say you put there were not there. I know the files I put there, are there.

What you did with them? Who cares. What you think of me? Who cares. What you post to your BLOG? WHO CARES? Not me.

I have no time to play hide and seek with your files. At the end of the day all that matters to me is my client’s safety, not you’re BLOG. I’ve been in the public eye since I was 15 year old, illustrating "High Treason” my first best selling book, then again at 18 with my second "The Killing of a President". "High Treason" later turned into JFK the Oliver Stone Movie. So if you think this little game of yours is hurting my creditability, think again.

Software Engineer = MCSE?? Please give us some history. Other than your first time to use an overhead projector or OHP as you so creatively call it.

How many software engineers does it take to replace a light bulb?
Four. One to design the change, one to implement it, one to document it, and one to maintain it afterwards.

Put that on your OHP.

Anonymous said...

Gentlemen, please try not to stray too far from the topic. It seems to me that if you can't answer the question you should rather not say anything at all than prattle on acout MCSE's and JFK books.