Boydo's Tech Talk

Today, a work colleague and friend of mine had an issue with her computer being overcome by a nasty piece of malware formally known as PolyCrypt and commonly disguised as “Security Master AV” (which looks a lot like the Windows Security Centre). The computer was still operational and remote accessible via LogMeIn (which I have covered in a prior blog post).

These days, there are so many vectors for malware to get into a computer. Not only do we have to think about the media that we insert into the computer like floppies (if anyone still uses them), optical discs, external hard drives and USB sticks but things that arrive over the Internet like e-mail, webpages, torrents and instant messages. Long gone are the days where we had computers operate in complete isolation.

Malware can easily overrun your system by taking advantage of unplugged or undiscovered security holes in the software you use including your browser, e-mail client and operating system. It only takes one piece of software to succumb to a security exploit despite the rest being fully patched and all bets are off. That’s why it is really important to do accept the Windows Update notifications at a minimum.

Anyway, the malware in question had disabled McAfee (the resident antivirus) and had also suppressed Windows Defender (the resident anti-spyware software). I was not prevented from accessing the registry but I think this was due to the User Interface Privilege Isolation (UIPI) functionality in Windows Vista. This function prevents lower privileged processes (such as the malware) from controlling higher privileged ones. Internet Explorer would also close as soon as it would attempt to load a webpage but I found a way around this by right clicking on it then clicking on “Run as administrator” (which was then insulated from the malware as a result of UIPI).

Eventually, I found the manual steps for removing PolyCrypt but thought that the system really needed a thorough inspection. Since the already installed anti-spyware was non-functional I had to find an alternative.

Enter Malwarebytes’ Anti-Malware.

I used the free version in this instance which provides access to the on-demand malware removal functionality but if you stump up for a license at US$25 unlocks real-time protection as well as scheduled scanning and updating. It can scan an entire system fairly quickly and provides detailed logs as to what was found as well as the steps it took to remove any discovered malware. It has yet to let me down when a system is riddled with viruses and other rubbish.

At any rate, the affected system was back up and running later this morning (after a System Restore to fix the broken networking). However, you can only ever truly guarantee that a system is clean by reformatting and reinstalling from scratch or restoring from a known good back up (you are backing up, aren’t you?). however, to get by until that can be carried out then Malwarebytes’ Anti-Malware is very useful.

In news today, AAPT has launched an unlimited ADSL2+ broadband plan according to Australian IT. In the past, ISPs have been caught short for using the term “unlimited” with the ACCC with fine print about usage caps, speed throttling, peak and off peak quotas, etc. Otherwise, those who have been brave enough to offer truly unlimited plans have been torn to shreds for network congestion, traffic prioritisation or delivering a substandard service on the whole.

Now, I can’t speak for the quality of the AAPT network and products but I would be really interested to see how things go over the next couple of months. Personally, I use TPG on a 150GB plan (40GB peak and 110GB off peak) and find that satisfies my needs so long as I schedule those larger downloads to start in the wee hours of the morning. If I’m lucky, I’ll have a extra peak data to play with at the end of the billing cycle. Generally speaking though, I find my speeds are acceptable ( syncing at about 17mbps and sacrifice 3mbps for IPTV which has come in handy). I will say though, if you are one to rely on customer service, TPG is probably not the ISP for you.

I do have to wonder whether or not offering an unlimited plan will truly disrupt the market and force other players to play their cards. This almost has the hallmarks of the original mobile phone cap plans in Australia several years ago which triggered a race to the bottom. Whilst these plans were great for consumers they also eroded the profit margins for the mobile carriers and were clearly unsustainable. At least in my opinion, cap plans have gradually decreased in value compared to the original ones (some of which offered “per second billing”). AAPT might carve out some incremental market share as a result of this offer but I can’t see the other established players following suit very quickly.

In Australia, the majority of data is effectively imported from overseas, predominantly the US. Sourcing data from overseas isn’t cheap and has been one of the primary reasons that download quotas have existed in our country. I am sure this will be a sore point for AAPT when people start to give their connections some extra heavy duty use. 24/7 torrents anyone?

The other drawback with this plan is only available on a 24 month contract as a bundle which could make it an expensive exercise to terminate if you are unhappy with part or all of the service. If you aren’t afraid of putting all your eggs in one basket then this might be for you but I would steer clear until the dust settles and the capability and reliability of the AAPT network is proven over the next three to six months.

Just don’t be surprised if this offer disappears in the not too distant future.

Another saga that has been closely watched by the technology community for the last fourteen months has been the case between AFACT (Australian Federation Against Copyright Theft) and iiNet (a national ISP based in Perth).

In a nutshell, AFACT (comprising of the big six members of the MPAA in the US plus Village Roadshow, Seven Network and hangers-on) filed a suit against iiNet for failing to reprimand its customers for copyright infringements based upon allegations from AFACT.

The suit comprised three main components, specifically:

• iiNet had authorised the breaches,
• iiNet was liable for said breaches,
• whether or not iiNet was protected by safe harbour provisions within the Copyright Act, 1968.

Justice Chowdroy made the following statement in his judgement today (courtesy of The Age):

“iiNet is not responsible if an iiNet user uses that system to bring about copyright infringement … the law recognises no positive obligation on any person to protect the copyright of another.”

This judgement sets a precedent for Australia that will also have widespread effect for the rest of the world.

What will be interesting to see is whether or not AFACT will appeal the decision. From my point of view, AFACT would be like a dog with a bone who has a master that owns an abattoir. If AFACT doesn’t exhaust all avenues of appeal I would be very surprised to say the least.

The MPAA in the US have been relentless in their pursuit of individuals for ridiculous amounts of money and has been openly carefree about its perception by the public. I’m sure that similar actions will commence down under as an alternative measure once the appeals process for the current case has run its course.

The next test will be whether or not the account holder of a particular Internet connection can be held responsible for the activity on the connection if they themselves did not commit the offence. This will be particularly interesting in situations where poorly secured wireless networks are exploited for the purpose of copyright infringement and whether or not sufficient evidence can be found.

So whilst this chapter has been closed for the time being, the saga is far from over and will be something that would be worth close attention.