|
Post by silverdragon on Oct 20, 2014 6:52:00 GMT
The myth is that some viruses can break the computer.
In my time, I have seen BSOD, Blue screen of Death, and even BLACK screen of death, I have seen DDos, I have sen some bloody scary stuff, and I have even seen Ransomware.
Thats the stuff that "Locks" your computer until you pay for download of the key.
So how does all of this "Break" the computer.....
The myth is it can break the computer... so does that stand up?...
|
|
|
Post by silverdragon on Oct 20, 2014 6:58:26 GMT
First reply, my own side of the tale, I say Busted.
I cant go into it, but, unless you over-clock the thing too much, software cant physically break a computer..... Not by Download alone. If you download and choose to run something, then its not a true virus.... you are aware of the risks.....
(Writing for all readers, Cant or more truthfully wont go into exacts, as a little knowledge is a dangerous thing, to find the right tools to over-clock, you will have to go through a few sites that will warn you of the dangers, and I would rather you do it that way than give you direct links.....)
If you download something dangerous that allows you to change the clock speeds of your computer and stick it in overdrive mode, thats akin to running an engine at top speed permanently, then something will break. But as of yet, I have not seen in the wild anything that will download and do that maliciously without some form on Human Interface action. As in the users must choose to do so. Its not in the interest of the hacker to break the machine targeted.
But can the rest of the denial of use viruses and remote control actually break your machine?... Define break. Can YOU fix it?... no. Can no one fix it?... well, yes I can, but I cant always tell you how. (To do so would be dangerous?...)
If in dount, use your backups and restore. You dont have backups?...
Well, you do have a set of disks dont you?... You can re-install everything cant you?...
What, you were silly enough to buy a machine with no re-install disks and didnt burn them from the hard drive as instructed when you bought the thing?...
I wont say anything, just how much do you want to pay to have it repaired?...
So far, I have never encountered a problem from downloaded stuff that can truly put the machine beyond repair with anything more than the computer and the right knowledge.
I do carry a memory stick with certain tools on, but thats just to save me the time of having to download them again... the tools I use are Power eraser, BAKU, Spyware Blaster and the like... Nothing no one on here cant find for themselves.
But the right knowledge?... you can google it, again, nothing you cant find for yourself, knowing how to use it, thats the key.
So the myth is, can you go and download something and get a computer beyond recovery.... Go get a computer expert near you to tell you more. I wont be trying this at home, because as of yet, I know.
Rootkit Removal... google that and you will find some useful tools. Bios bugs exist, but, again, flashing the bios is a dangerous thing, if you do that, may the gods be with you, because if you do it wrong, you now have a brick,
Yes you can find stuff to break your computer, but a lot of them are not Viruses, they dont work automatically, you have to choose to do so. And most of them are reversible... most of the time.... Go make a backup. Now.
|
|
|
Post by the light works on Oct 20, 2014 13:27:44 GMT
to clarify the myth: the claim was made that an untrained person, noodling around on the internet, downloaded enough viruses to brick the computer. I don't know if the computer was taken to a repair service, ans knowing the person who made the claim, I suspect not.
so we assume an incompetent user who believes popup ads, and the virus bricking the computer. plausible?
I know historically, people have written malware that has aimed at doing damage by putting peripherals into infinite loops - either wearing them out or wasting resources. (say, printing one character on each page with a printer, or printing black pages, depending on whether you want to waste paper or ink.)
|
|
|
Post by ironhold on Oct 20, 2014 15:29:09 GMT
Some time back, I recall reading an article in a major computer publication (PC World?) in which one of their writers deliberately surfed the web in a brand-new computer w/o virus protection in order to see how long it would take to kill the thing.
IIRC, he had it almost completely bricked up within a single day.
|
|
|
Post by the light works on Oct 20, 2014 15:38:34 GMT
Some time back, I recall reading an article in a major computer publication (PC World?) in which one of their writers deliberately surfed the web in a brand-new computer w/o virus protection in order to see how long it would take to kill the thing. IIRC, he had it almost completely bricked up within a single day. but there is a critical difference between almost bricked and bricked. and the myth is that a virus can do physical damage that would prevent a computer service center from recovering the hardware.
|
|
|
Post by Antigone68104 on Oct 22, 2014 14:25:48 GMT
This may come down to semantics -- if Joe Average can't get his computer to start, he'll say it's "broken". If there's nothing physically wrong with the computer, but Joe's got several different computer virii staging a winner-takes-all cage match on his hard drive, he'll probably still say it's "broken".
|
|
|
Post by the light works on Oct 22, 2014 15:08:55 GMT
This may come down to semantics -- if Joe Average can't get his computer to start, he'll say it's "broken". If there's nothing physically wrong with the computer, but Joe's got several different computer virii staging a winner-takes-all cage match on his hard drive, he'll probably still say it's "broken". and the semantic in this myth is that the computer is damaged to the point that a repair service cannot restore it, even by replacing or wiping the hard drive.
|
|
|
Post by OziRiS on Oct 22, 2014 19:54:44 GMT
But what is "broken"? Is it that the computer won't start at all. Is it that it'll start, but you get a BSOD or it freezes up mid-boot every time? Is it actual physical destruction of hardware, such as the CPU, GPU, HDD or PSU overheating and flat out dying?
What are we talking about here when we say "broken"?
|
|
|
Post by silverdragon on Oct 22, 2014 20:13:21 GMT
And there is the problem... I was called to a "Broken" computer. I got their Windows disk, they were accepting that I may not get any data back, but I reinstalled windows, after I ran a quick Linux boot and transferred all their good "Data" to a spare USB drive, so reinstall, then put all their documents and pictures (After a heafty scan by some anti-virus) back, job done, not "Broken" any more. What they had was a rather nasty BSOD caused by over use of downloading "Dodgy".
If it lights up, and runs the BIOS, I can more than often get "Something".
I also got called to a "Broken", where physical damage had occurred. The hard drive had a few flat spots, punctures if you will, where repeated read-write had worn out the surface. So in with a new drive, re-install, re-register, then run some clever cloning software that recovered all data from the old drive.
Broken, last month I had to look at a machine that ran OK for 10 mins or so then shuts down..... I know before I look whats wrong. The Cooling fan on the main chip. Well, not just that, but the heatsink as well... The clip that holds the heatsink in place was broken. With the help of a heavy duty paperclip, I fashion a new clip, get some cleaning done and re-paste the thing and chipset with Liquid Silver heat transfer paste, put it back together, cross your fingers and plug it in.... £2.50 for the heat transfer paste, 10p for the paperclip, 1hr time, £1,000 saved on replacing the computer.
Broken is not always terminal, and its not always physical damage. But the Myth here is that broken is by download alone, and not physical damage, so it must start. If its a bios fault, thats hardly a download problem, unless thats by downloading a Bios Flash update.
So the myth we are testing is can you download Viruses that can break the computer "Terminally".....
As in, unfixable by inserting the Windows recovery disk and reinstalling everything.
|
|
|
Post by the light works on Oct 23, 2014 2:59:47 GMT
But what is "broken"? Is it that the computer won't start at all. Is it that it'll start, but you get a BSOD or it freezes up mid-boot every time? Is it actual physical destruction of hardware, such as the CPU, GPU, HDD or PSU overheating and flat out dying? What are we talking about here when we say "broken"? I am talking about broken as in not recoverable.
|
|
|
Post by silverdragon on Oct 23, 2014 6:41:10 GMT
But what is "broken"? Is it that the computer won't start at all. Is it that it'll start, but you get a BSOD or it freezes up mid-boot every time? Is it actual physical destruction of hardware, such as the CPU, GPU, HDD or PSU overheating and flat out dying? What are we talking about here when we say "broken"? I am talking about broken as in not recoverable. Define not recoverable.... To the owner, to me, to someone better than me?.... Or not recoverable at all, as in "Brick", spare parts for other machines, well and truly pregnant, FUBAR.
|
|
|
Post by OziRiS on Oct 23, 2014 7:47:25 GMT
But what is "broken"? Is it that the computer won't start at all. Is it that it'll start, but you get a BSOD or it freezes up mid-boot every time? Is it actual physical destruction of hardware, such as the CPU, GPU, HDD or PSU overheating and flat out dying? What are we talking about here when we say "broken"? I am talking about broken as in not recoverable. So we're talking nobody can fix it with software and tech wizardry alone. It has to have hardware, possibly even the entire computer replaced (minus screen, mouse, keyboard and other external parts that aren't affected). Your tower/laptop has to be turned into a very expensive paperweight. I've heard of virii capable of physically killing off a CPU, GPU or motherboard (as in overworking and frying the chips, rendering them completely useless), but I don't know if it's true.
|
|
|
Post by silverdragon on Oct 23, 2014 8:14:49 GMT
Oziris, its a Myth.
Thats the whole point. You can download many things that will kill a CPU, "Overclock", over work, and all that, but, currently, they have to be given permission by the user to run.... Its in the Firmware that you have to "Start" that program... it wont just start on its own... And again, I dont know if its in the interest of any hacker to kill the computer he is targeting?... Servers are different... to do a DDOs denial of service on a Server is of interest to some, but that relies on the fact you CAN remote control a server.
But Wind-Bodge and Linux have done a LOT of work fixing security flaws that would allow remote control of any part of your computer that could cause terminal damage.
At this current time, (and again please take note this means to my knowledge only) to my knowledge which is extensive, I know not of any Viruses that can just attack and destroy your computer with Hardware failure out in the wild that is not covered with basic security. If you have a decent Ant-Virus, you are about 99.9999reocurring) percent "safe" (For any given value of safe) against attack.
Again to my knowledge, the various modus operandi of most viruses are "Known", and Internet Security will watch for their MO's, and block them.
However.....
If you download something and give it permission to run.....
That is not a true virus. It may be spoofware, as in a bogus Flash player update, but, again, those attacks are known, and your anti-virus should complain. Malware may come in many guises, and again, I dont know absolutely everything. But most of the time, unless the user has just blindly given permission without investigation to every popup they have seen to download and install software that is dangerous.......
But who in their right mind would do that?
If you want to brick a computer express, I can tell you how, with a bold warning Do Not Try This At Home
Go find the relevant software to drive your particular chipset. Find the relevant overclocker. Remove the safety. Go into BIOS and allow overclocking (Many CPU's have a switch in the bios these days) Ramp it up to full. Play World of Warcraft......
|
|
|
Post by silverdragon on Oct 23, 2014 8:23:09 GMT
So saying, there is two relevant tests.
Put a "Fresh" computer, maybe an old replaced doorstop that will take a fresh re-install, say wind-woes XP pre service pack 1, put that up, connect to the internet, with ZERO protection, surf the internet.... making note of which sites you are drawn to. If asked to download something, download it.
Take computer two, any O/S, fully protected, and do the same exact web sites number one visited. see what is blocked by the anti-virus, and anti-malware, such as Spybot search and destroy, spyware blaster, and other relevant anti-malware.
Take computer number Three, repeat as above, If asked to download something, only download what you "KNOW" to be safe... as in Adobe Flash etc.... and get that from the genuine site as well, take security advice before you accept any request, go full paranoia against anything that looks questionable. This isnt the test, this is the control, this computer should survive anything thrown at it.........
See which fails first.
See if it can be recovered.
|
|
|
Post by OziRiS on Oct 23, 2014 10:13:06 GMT
I always try to look at MythBusters as a sort of public service show, trying to uncover facts for the masses. From this point of view, wouldn't it be more interesting to the world at large if they (by help of one or more crazy good hackers) tried to do an actual targeted attack on a computer, attempting to physically break it? I think it would be interesting to everyone, not just private users, to find out if that's actually possible.
Why would any hacker want to kill off a system? Well, they might not want to if we're talking about a privately owned computer, but what if we're talking critical infrastructure type stuff? I see huge possibilities for cyberterrorism there and so do others, which is why more and more governments around the world are making an effort to fight that potential risk.
The only problem I see with testing this, is getting permission by the software manufacturers (OS and anti-virus/anti-malware) to publicly show their programs potentially having security flaws exposed and exploited. I suspect this is why all the movies and TV shows never use actual real life software when showing hack attacks. The possibility of customer exodus over even a fictional flaw could potentially cost these companies millions, if not billions.
|
|
|
Post by c64 on Oct 23, 2014 12:13:48 GMT
The question can be narrowed down to "Can software damage or destroy the hardware of a computer?" Yes, it can! In early computing, you could cause tremendous physical damage to a computer. Driving the R/W heads of old HDD systems with a specific frequency could make the HDD crash. This grinds off the top layer of the disc causing physical damage. In the early HDD systems, you could replace the discs since it wasn't that uncommon that those things crash on their own. But you could also rattle the system so violently that the expensive mechanics of the HDD station breaks or even make the entire heavy unit trip over! Of course, the operator would instantly shut it down when it starts to make creepy noises. But even the "microcomputers" for office desks and as home computers could be physically damaged. The manual how to program EGA graphics tells you numerous times to shut down the screen before changing the video mode. I f you don't and switch the graphic mode rapidly, high line frequencies are generated and those feed the HV transformer. Either the transformer burns out or the CRT arcs and the entire monitor can catch on fire. Even the C64 could be damaged. Just switch the Joystick ports to output and then let the user wiggle the Joystick to burn out the I/O chip by causing short circuits. The next generation of the "PET" (CBM 2000 series) also had a problem. Since this was the first wildly used office and home computer, this "hack" became famous as the "Killer POKE": en.wikipedia.org/wiki/Killer_pokeBut even modern systems can be affected. The BIOS can be upgraded by software. Overwriting the BIOS with garbage "bricks" the computer, you need to replace the physical chip in order to "unbrick" it. In the latest systems, a "shadow BIOS" is used and the chips are directly soldered to the board because if the regular update fails, the backup BIOS is used and you can try again flashing the BIOS. But by uploading data which seems to be a valid BIOS, the shadow BIOS won't kick in and the fake BIOS does nothing except e.g. mocking you with messages instead of booting your computer. You can slow down or even stop the fans to reduce the lifetime of a computer by overheating. Even Smartphones can be destroyed easily, this usually happens during "jailbreaks". The most famous "hardware damaging virus" is the computer worm Stuxnet: en.wikipedia.org/wiki/Stuxnet
|
|
|
Post by OziRiS on Oct 23, 2014 14:21:13 GMT
So we know it's possible to kill off hardware with malicious software.
Question now is, can it be done completely by remote operations that don't require the user of the system to do anything, i.e. plug in a USB drive, open an e-mail, run an .exe file and so on? Can you hack directly into the system, place a virus/worm and run it yourself without anyone noticing before hardware starts to go wonky?
|
|
|
Post by the light works on Oct 23, 2014 14:57:33 GMT
I am talking about broken as in not recoverable. Define not recoverable.... To the owner, to me, to someone better than me?.... Or not recoverable at all, as in "Brick", spare parts for other machines, well and truly pregnant, FUBAR. not recoverable at all.
|
|
|
Post by the light works on Oct 23, 2014 15:04:40 GMT
The question can be narrowed down to "Can software damage or destroy the hardware of a computer?" Yes, it can! In early computing, you could cause tremendous physical damage to a computer. Driving the R/W heads of old HDD systems with a specific frequency could make the HDD crash. This grinds off the top layer of the disc causing physical damage. In the early HDD systems, you could replace the discs since it wasn't that uncommon that those things crash on their own. But you could also rattle the system so violently that the expensive mechanics of the HDD station breaks or even make the entire heavy unit trip over! Of course, the operator would instantly shut it down when it starts to make creepy noises. But even the "microcomputers" for office desks and as home computers could be physically damaged. The manual how to program EGA graphics tells you numerous times to shut down the screen before changing the video mode. I f you don't and switch the graphic mode rapidly, high line frequencies are generated and those feed the HV transformer. Either the transformer burns out or the CRT arcs and the entire monitor can catch on fire. Even the C64 could be damaged. Just switch the Joystick ports to output and then let the user wiggle the Joystick to burn out the I/O chip by causing short circuits. The next generation of the "PET" (CBM 2000 series) also had a problem. Since this was the first wildly used office and home computer, this "hack" became famous as the "Killer POKE": en.wikipedia.org/wiki/Killer_pokeBut even modern systems can be affected. The BIOS can be upgraded by software. Overwriting the BIOS with garbage "bricks" the computer, you need to replace the physical chip in order to "unbrick" it. In the latest systems, a "shadow BIOS" is used and the chips are directly soldered to the board because if the regular update fails, the backup BIOS is used and you can try again flashing the BIOS. But by uploading data which seems to be a valid BIOS, the shadow BIOS won't kick in and the fake BIOS does nothing except e.g. mocking you with messages instead of booting your computer. You can slow down or even stop the fans to reduce the lifetime of a computer by overheating. Even Smartphones can be destroyed easily, this usually happens during "jailbreaks". The most famous "hardware damaging virus" is the computer worm Stuxnet: en.wikipedia.org/wiki/Stuxnetso you can, as long as it is not a modern home computer...
|
|
|
Post by OziRiS on Oct 23, 2014 18:15:53 GMT
so you can, as long as it is not a modern home computer... If you can break stuff that's connected via something as (supposedly) secure as a computer in a nuclear plant, I think it would be much easier to do it with a home computer. I think you'll find that the people behind this just aren't interested in breaking Mrs. Johnson's printer...
|
|