Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: PSI reporting vulnerabilities / attack vectors as Green

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
goscuter1 PSI reporting vulnerabilities / attack vectors as Green
Member 30th Jun, 2011 13:54
Ranking: -62
Posts: 17
User Since: 26th Apr, 2011
System Score: N/A
Location: TH
Over a month ago, I was subjected to an outrageous and indefensible injustice on this forum. The perpetrators of the despicable censorship of a polite request for advice / assistance (which - I only later learned - coincidentally proved the PSI / CSI program has colossal flaws which produces stunningly unacceptable and FALSE output) have not been held to account or fairly sanctioned.

A reputable forum of any kind, would hold such offenders to account, and fairly sanction them.

This is the thread that was nauseatingly censored by mods who refused to even look at the evidence I was frantically submitting and offering to submit, without a single reservation or exclusion.

http://i.imgur.com/yxNaA.png

I reported this outrageous injustice to Secunia and received a lukewarm and, in hindsight, altogether unacceptable half-hearted apology with an offer to repost my CENSORED and DELETED polite thread / question again. Desperate for assistance, I was in the mood to let injustices slide in the hope I might pay someone / employ someone at Secunia for assistance. My request was ignored. As I do not believe that Secunia is utterly devoid of staff with the requisite skill-sets, so incapable and incompetent that they were simply unaware of what I was able to identify and recognise myself in mere weeks, with the assistance of nothing but Google searching documentation widely available in the public domain (from a state of near computer literacy) over the next six weeks...this unfortunately leaves only one alternative, that I can see?

Unless Secunia is actually devoid of anyone with a clue, in which case their Mission Statement - whilst admirably intended - will be laughably ineffectual; or...the alternative is Secunia is (at least partially) corrupted. And if so, that Mission Statement must come down. To allow false claims of policy to remain, whilst injustices of the nature I provide evidence of in this thread are not subjected to appropriate sanction...would amount to nothing more than an insult to decency.

In light of what appears to be despicable hypocrisy which effectively renders Secunia's entire stated ethos simply bogus; I am no longer in the mood to let injustices slide.

Secunia will address these injustices or Secunia will produce evidence of illegitimacy and corruption. No third option that I can see...?

---------------

In the thread above which was censored for no legitimate reason, deleted forever from view by one "Maurice Joyce", I was politely asking why Secunia's PSI program was saying Windows Mail (and other attack vectors used by the criminals who have complete control over their deployed images on my ten [10] corrupted and destroyed systems) was GREEN "thumbs up". It seemed a valid question, at the time.

It was a valid question, at the time. Incredibly valid, in ways I (at the time) could not have expected to realise.

It was a valid question when Maurice Joyce DELETED / CENSORED the thread to cover up what I'm quite certain he clearly identified.

It is a valid question now.

PSI still gives my hacked, corrupted operating systems (possibly the most corrupted OS's on the face of the planet) the GREEN tick of approval. And PSI continually rates provably malicious attack vectors (non-default, and loaded by hackers to ensure ongoing remote control) as GREEN and 'SAFE'.

Secunia needs to address this issue. Until it is addressed, the PSI program is effectively corrupted, producing false / deceitful output. It will not be addressed by censoring polite questions querying the nature of why the program reports such attack vectors as GREEN and normal.

----------------

After zero-filling my hard drive for the 130th time (specifically, Seagate but Western Digital and Toshiba are even worse) with Seagate's FULL ERASE zero-filling utility (included in Seagates Tools for DOS)...I installed the Final Media Refresh Windows 7 Ultimate SP1_U 64x from MSDN.

For the 130th time in succession, I did nothing but trigger a silent unattended deployment of a corrupted image which has been hacked in ways that are breath-taking and horrific. Five months of my life has been spent trying to clean my drives in order to install GENUINE ADVANTAGE Windows 7 Ultimate, which I've paid over $800 for (I have 5 Genuine Advantage discs).

Upon request, I can provide evidence of the corruption, in the form of videos taped in real time, as well as any form of documentary evidence one could possibly desire / request / be curious about.

The only hidden executable files in this corrupt image are as follows (at least, the only non-encrypted hidden .exe files...the below result is the output of a C:> dir *.exe /A:H /S /Q command line):

Volume in drive C has no label.
Volume Serial Number is 7AFE-F8BA

Directory of C:\Program Files\Windows Mail

07/14/2009 08:39 AM 398,848 NT SERVICE\TrustedInstaWinMail.exe
1 File(s) 398,848 bytes

Directory of C:\Program Files (x86)\Windows Mail

07/14/2009 08:14 AM 396,800 NT SERVICE\TrustedInstaWinMail.exe
1 File(s) 396,800 bytes

Directory of C:\Windows\winsxs\amd64_microsoft-windows-mail-app _31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f6966 39a2

07/14/2009 08:39 AM 398,848 NT SERVICE\TrustedInstaWinMail.exe
1 File(s) 398,848 bytes

Directory of C:\Windows\winsxs\x86_microsoft-windows-mail-app_3 1bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c8 6c

07/14/2009 08:14 AM 396,800 NT SERVICE\TrustedInstaWinMail.exe
1 File(s) 396,800 bytes

Total Files Listed:
4 File(s) 1,591,296 bytes
0 Dir(s) 104,361,459,712 bytes free


----------------------------------------

My thread (in the screenshot link at the top of this post) was DELETED. For asking why PSI was saying non-default attack vectors were GREEN.

That...is censorship, of the most despicable kind (commercially-motivated). The censor's username is "Maurice Joyce" and there is an accomplice who should not be allowed to slime his way through, unnoticed.

I could not understand why my polite questions were being attacked, at the time. I know why, now. These guilty moderators must be immediately dismissed, or someone should explain to me why there is a case to be made for an alternative path of action.

----------------

Anyone who wishes to do so, might also have a crack at making a case which explains this corruption, as well:

http://www.box.net/shared/static/hatumj8f0lrcemu0m...

I'm not talking about a corrupt OS, although every single one of my last 130 almost-identically corrupt Windows installations has been corrupted beyond belief; literally perfectly designed to ensure persistent hacker access with default Firewall inbound rules (hundreds set to Allow, zero set to permit Override) merely a single example of the hundreds of non-default maliciously manipulated settings.

I'm talking about Microsoft being corrupt. I produced, in real time, whilst Microsoft Technical Support (who had the nerve to charge me $600 for their 'time' and 'expertise') remote accessed my desktop...with all three of us sharing control of my desktop and whilst they watched in real time, I reproduced (and can reproduce ad nauseum) evidence of MSSE force downloading hacker Hotfix's onto my system in spite of all settings firmly locked to "NEVER" download / install Windows Updates. Reproduced. The first instance occurred in late January / early Februrary. I reported the incident to Microsoft and submitted all the evidence proving it, politely requesting advice on what steps to take to remedy the security breach caused by their failure to control (or is it actually 'failure'?) their own Windows Updates feed.

The filthy turd accused me of lying. This is after I submitted the evidence to https://support.microsoft.com successfully.

I then submitted the evidence proving I had submitted it successfully, and he launched a tirade of abuse, killing the chat. I have evidence, for all of this - of course.

The $600 Tech Support experts who I reproduced the incident for, and then uninstalled both and reproduced again, in real time...? They had no comment. This is because their incompetence is either not incompetence at all (in which case, they should be arrested to face criminal charges) or their incompetence is so vast, they should be arrested as it is of a nature beyond mere "criminal incapacity". Oh hey, how about that. Another LACK of a third option.

------------------------

Secunia will address the outstanding issues and injustices here, or Secunia will CENSOR another thread. I hope, for the sake of decency in its perennial struggle against EVIL, that Secunia chooses the former instead of the latter.

No doubt, Maurice is rooting for the latter. It will be a shame, if EVIL wins and Maurice is allowed to continue to censor polite requests for advice, as if this were China and comments which politely query the nature of the Politburo's decisions are unacceptably 'divisive' or 'impolite'.

Secunia must address the unacceptable exploit that is remote deployed imaging by hackers using Microsoft (and other) Endpoint / Enterprise functionality, onto innocent and unsuspecting home users' systems; as per Secunia's Disclosure Policy http://secunia.com/research/policy/

Secunia must address the unacceptable design flaws in its PSI / CSI program that (somewhat stupidly, if we're being frank) relies on the reading of corrupted metadata to 'adjudicate' the acceptability or otherwise of potentially corrupted applications and patches.

It would be inappropriate to leave PSI, OSI and CSI active in the interim, when they are provably producing deceitful falsely reassuring output.

Secunia must immediately dismiss all moderators who are found to have been deleting and censoring threads which are polite, balanced, fair and objective - even to the point of being helpful, for heaven's sake!

Secunia must release a public statement explaining why they have not addressed the six-week-old reports of vulnerabilities and moderators censoring threads discussing those vulnerabilities. You know, because we're talking about a forum ostensibly dedicated to spreading information about vulnerabilities.

Secunia must do all these things, and a great deal more; or someone will kindly explain to me how or why a claim to legitimacy can be maintained by a company which has behaved contrary to almost every single 'promise' / 'commitment'; as stated on secunia.com.

http://secunia.com/community/commitment/

Our Commitment
Secunia has always believed that reliable vulnerability intelligence and tools to aid identifying and fixing vulnerabilities should be freely available for consumers to ensure that users, who care about their online privacy and security, can Stay Secure.


Censorship, is probably not the optimal method of achieving the above goal.

In fact, we believe that the software vendors themselves should take responsibility for the security of their programs on end-user systems. However, only few vendors address vulnerabilities in a proper way and help users get updated and Stay Secure. End-users (whether private individuals or businesses) are otherwise left largely alone, and this is why Secunia strives to be your first choice for independent and reliable vulnerability intelligence.

Is that belief, in fact, a fact? We shall shortly see. Or one more vendor can join the xx million corrupt vendors in this industry, in failing to address vulnerabilities in their products when despicably censoring polite reports of those vulnerabilities is just so much...easier.

Vulnerability Research
Conducting vulnerability research is absolutely essential to ensure that software vendors and programmers fix the vulnerabilities in their software before it is being exploited by criminals. Secunia is not only dedicated to reporting about vulnerabilities discovered by others, but is also deeply committed to discovering new vulnerabilities, focusing on popular, widely used enterprise and end-user software used by the community. When discovered, these vulnerabilities are always reported to the vendors with whom we work to get the vulnerabilities fixed according to our responsible disclosure policy.


I have categorically proven that, in one glaring instance at least, Secunia has done the exact opposite of the above. Surely purely coincidentally, the vendor in question was Secunia.

I implore Secunia to abide by the stated policies, as listed / claimed on Secunia.com.

Secunia Forum
Secunia hosts a very active forum, which is used to discuss vulnerabilities, software, the Secunia PSI, Secunia OSI, and Secunia CSI. As such, there is no limits to what can be discussed, as long as it is related to IT-security in general.


No limits? Unless reporting vulnerabilities in PSI, OSI and CSI? It would appear very much as if this was the case, if one objectively analyses the evidence I have submitted.

Secunia support staff frequently participates in threads to help with issues related to updating software and how to use and interpret the results of the Secunia PSI and Secunia OSI.

Support staff who are indistinguishable from corrupt / incompetent frauds must be dismissed. There is not a sane individual on the face of the planet who would be able to make a coherent argument for why the two moderators in question should retain their accounts; let alone retain the ability to CENSOR reports of vulnerabilities.

The ball is in your court, Secunia. I have been turning the other cheek to this industry, for far too long. Five months too long, in fact...but who's counting.

ddmarshall RE: PSI reporting vulnerabilities / attack vectors as Green
Dedicated Contributor 30th Jun, 2011 18:16
Score: 1209
Posts: 961
User Since: 8th Nov 2008
System Score: 98%
Location: UK
Hi, goscuter1, I thought you'd switched to Linux.

Purpose of the Secunia PSI
The Secunia PSI is an invaluable tool for you to use when assessing the security patch state of software installed on your system. It constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application when available.

It is NOT the purpose of the Secunia PSI to detect whether your system has already been compromised or if local changes, settings, or missing requirements could cause the Secunia PSI to report incorrect results. The Secunia PSI relies on the meta-data of executables and library files. The Secunia PSI does NOT conduct an integrity check of the individual files, rather, it checks whether a specific program is vulnerable according to the reported version numbers and not whether the files have been compromised or replaced by other users or programs.

The Secunia PSI is not a replacement for other security measures such as anti-virus or personal firewalls, the Secunia PSI is a great supplement to other security measures such as anti-virus and personal firewalls as it helps preventing exploitation of often overlooked exposures.

Additionally, it is important to understand that the process of identifying insecure software installations on any system involves many different factors and, in rare cases, may result in incorrect detections. Should you encounter such a situation, please send us your feedback and all relevant information at support@secunia.com




--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+4
-0

goscuter1

RE: PSI reporting vulnerabilities / attack vectors as Green
[+]
This reply has been minimised due to a negative Relevancy Score.
This user no longer exists RE: PSI reporting vulnerabilities / attack vectors as Green
Member 8th Jul, 2011 16:19
The purpose of the Secunia Personal Software Inspector is to scan your
system, detect which programs are installed and which version the
installed programs are at, and then inform the user of any missing
security patches or updates.

That is all.

So if the PSI scans a system that is already hacked, and detects a
version of program that has version information equal to the latest "Secure"
version (by the definition of "Secure" being that all available
patches fixing known vulnerabilities are installed) it considers the
program to be secure.

This is well defined in the documentation for the PSI, and Secunia
never claimed (or intended) to detect programs that have been corrupted.
Was this reply relevant?
+0
-0

goscuter1

RE: PSI reporting vulnerabilities / attack vectors as Green
[+]
This reply has been minimised due to a negative Relevancy Score.
Anthony Wells RE: PSI reporting vulnerabilities / attack vectors as Green
Expert Contributor 9th Jul, 2011 19:10
Score: 2437
Posts: 3,330
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 9th Jul, 2011 19:16
Hi there goscuter , long time no hear ,

on 9th Jul, 2011 17:57, goscuter1 wrote:
Hi Emil, thank you for sticking with me - it is appreciated. I understand the point you're trying to make, but I guess my point isn't being heard.

But I was ignorant and looking for advice / help. And I was providing evidence that my systems were actually hacked. Had Maurice simply said, "Your systems might be compromised, in which case PSI cannot be expected to deliver 100% correct output - you should read about IE Active Setup and read about deployed components, and check X and Y for Z and ZZ, which will tell you A or B is the case."

Man, I would owe that guy so much.

.


If you reread your "deleted/censored/whatever" thread , I was hoping to make the above point by suggesting PSI was doing it's best and asking whether you could actually find hacker tracks and whether you had checked your hardware , wiring and such like for keyloggers (or similar) . You did not respond to me but continued your war of words with Maurice .

I did not get chance to add that no one in their right mind would download a block of files , as you were offering , from a complete stranger , however well meaning her/his intentions , even if they were using a sandbox .

You were asking on a PSI Forum to help explain your ignorance and did not seem wiling to understand the responses , as applied to the PSI .

It is interesting to read about/discuss security issues , but most of your problems seem to be because you are hacked or you do not like the way Windows works . I'm not sure anyone here has as much knowledge as you do concerning the ins and outs of your machine and if , as you say , the techs from Microsoft are also "corrupt" , then , if I were you , I would try to ensure that my hardware and internet connexions are not hacked and move to Apple or a Linux Distro*** . Not being technical I could not comment on specific points .

Take care

Anthony

PS*** : maybe the new Chrome netbook thingy will offer you some solace .


--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0

goscuter1

RE: PSI reporting vulnerabilities / attack vectors as Green
[+]
This reply has been minimised due to a negative Relevancy Score.
Anthony Wells RE: PSI reporting vulnerabilities / attack vectors as Green
Expert Contributor 12th Jul, 2011 14:44
Score: 2437
Posts: 3,330
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Salut ,

Your presumptuous assumptions concerning me - bearing in mind Assume makes an ASS of U and ME - and your consequent unasked for/unsolicited subjective value judgements of me seem to come from a troubled mind .

I have neither the time nor the inclination to respond to your rambling diatribe in detail , but if you "assume" the opposite of most of your dribblings about me , then you would be closer to whatever passes for (your) reality concerning me and perhaps more able to dialogue calmly with intelligent people , albeit complete strangers .

I do not know if it is acute paranoia or some kind of medication which is blinding you to what is so obvious and in plain view for all to see .

Do not bother to reply to me as I have nothing further to add which might help you .

Do try and take better care of yourself .

Bonne Journée .

Anthony



--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+6
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability