Jump to content

Unofficial updates and modifications


bristols

Recommended Posts

Like just about everyone who visits these forums, I'm very grateful to all those folks who produce patches and modifications to extend the life of 9x. They've helped improve my computing life, no doubt.

But a lot of trust and faith is involved in installing unofficial updates produced by individuals about whom, really, we know nothing - particularly when the updates include modified system files or files that modify system files.

Many of the members here are not programmers, and would have little or no idea themselves about what exactly has been altered in a modified system file.

I'm not suggesting that any person who has posted unofficial updates in these forums has, in doing so, malicious intentions - but it is a possibility. Perhaps more likely is the possibility that infected files might be unintentionally passed on to users through an unofficial patch, when a patch-maker's system is infected.

Am I alone? Do you trust all the unofficial patches and modifications posted here 100%? If so, why?

Link to comment
Share on other sites


.... I pretty much trust anything posted by Maximus Decim, MDGx, Gape, Sporific and Xeno86 .... there are others also and lots of 9x people, like myself, ocassionally post a link. I have never questioned the members mentioned above, if they do release something and it's faulty, they work to get it right. Sorry if I left a few other good names out of this post, those are the names that came to me as I typed this. Others can add to the list.

duffy98

Edited by duffy98
Link to comment
Share on other sites

Anything unofficial is at your own risk. That first. Second, I have no reason to suspect any unofficial updates to be infected or compromised in some way. I never found anything myself. I'm sure if there is a real reason to be suspicious it would have been posted already together with solid proof. I think that there is no question whatsoever about the reliability of sources like MDGx and Tihiy.

Besides, programming something like Uberskin is really not the most efficient way to spread malware or compromise systems. There are less complex ways to do that. And a techie site like MSFN is the wrong place to look for malware victims right :)

But what I don't like is that some "updates" are plugged by their makers without proper information about what the update does and how it must be installed. Advising someone to install your Polish update pack on a English windows is a sin but I've seen it happen.

Unofficial is unsupported offcourse. But some things must be clear before I will install it on my system. First I must be sure what the update is doing and why I should (not) have it. A list of changed files scores extra points. Second, system requirements/dependencies must be clear and also the (in)ability to uninstall.

Link to comment
Share on other sites

Many of the members here are not programmers, and would have little or no idea themselves about what exactly has been altered in a modified system file.

Have you ever thought that in most of the official updates and upgrades the commercial interests of MS are logically the first, being your real needs the last? They fill your computer with a lot of programs whose main end is to keep you in their hands.

Here we only try to help each other the best that we can. Until now I have not found an exception. I have found solutions in this forum which MS would never have delivered to me.

Link to comment
Share on other sites

If you cannot trust 9x people, who then can you trust?

The 9x person is the elite of the human species----willing to go all out for their fellow humanity, even if it puts their own lives at peril, or opens them up to be ostracized by the unenlightened.

These are individuals that have great sympathy and understanding for those stuck with XP and Vista,

And rather than mock them,---they wipe back a tear for those who have not seen the light---and hope for the best.

They forge on, dedicating their time---to improve an already great, now abandoned OS.

They have dared to enter the dark realms of Dos--where many a neophyte has met their ruin (as well their PC)-- and have come out victorious!

Not only that, but look what happened to those who had absolute trust in SP3, thinking it would improve things for XP---not ever expecting, it to bring their computers to screeching halts and endless reboots!

I could go on and on, extolling the virtues of the 9x Gods, but I will close saying only one more thing:

They are worthy of our worship!

Maximus, MDGX, Gape, Tihiy, TheGuy, Xeno86, Sporific, and yes Spplus--who almost forced me to learn Polish, and the rest----can be trusted.

Link to comment
Share on other sites

If you cannot trust 9x people, who then can you trust?

No sarcasms, please.

9x people have the right to enjoy it.

What damage are they doing to you or to mankind?

Many of them know perfectly well not only 9x but all present OS, and use 9x for double booting, to run older programs, or simply to play with it because of its simplicity.

Please live and let live.

Link to comment
Share on other sites

Is it really any different with official updates? When WGA is passed as a security update, how are official updates better? As far as malicious code or backdoors that are deliberately inserted, I'd worry more about the official updates. With the unofficial ones, creating a new vulnerability is possible, especially with KernelEX. It's difficult to determine what vulnerabilities may be created by the added functions. It's largely unexplored territory.

Unofficial updates are no different than user software, official patches, etc. Users systems vary widely, and what works on one might not on another. Most software leaves something behind when it's removed or doesn't put settings back the way they were. On several occasions. MS has had to patch their own patches. There's some risk in every install, every patch, every update, no matter where it comes from.

The better unofficial patches have beta releases for testing, just like user software. Beta releases catch most problems, but not all of them. It's not possible to test any update, official or not, with every possible software combination. Conflicts and incompatibilities will happen. That's what system backups and test systems are for. A user that doesn't have a way to restore their system has only themselves to blame if things go wrong. With system backups available, uninstallers aren't important. Too many users overlook system backups. Even if the backups are several months old, they can still restore your system to a known point in time and save a whole lot of reinstalling and configuring.

I use several unofficial updates and patches. Most of the ones I've tried work properly. That said, nothing gets installed on my primary systems without being tried on a test system first. It doesn't make any difference where it comes from or what it is.

Rick

Link to comment
Share on other sites

I have never questioned [Maximus Decim, MDGx, Gape, Sporific and Xeno86], if they do release something and it's faulty, they work to get it right.
I think that there is no question whatsoever about the reliability of sources like MDGx and Tihiy.

There is a distinction to be made between:

  • the reliability and intentions of those individuals who make unofficial patches
  • the patches themselves, including all files, modified or otherwise.

Just for a moment, imagine that an unofficial patch was found to be 'compromised' in some way. It does not follow that the patch-maker intended it to be that way. It might be that the patch-maker has used files that are compromised, unknown to him/her - maybe because his/her own system is compromised. Also unintentionally, it might be that:

...creating a new vulnerability is possible, especially with KernelEX. It's difficult to determine what vulnerabilities may be created by the added functions. It's largely unexplored territory.

Anyway, we can have some idea about the intentions of patch-makers, but can't really know for sure. It would help if we were all programmers with the time to study patches, or even if patch-makers went into more detail about their work (explaining for example how and why they made changes to a system file).

The above point might seem a pedantic one. And yes:

Unofficial updates are no different than user software, official patches, etc.
Have you ever thought that in most of the official updates and upgrades the commercial interests of MS are logically the first, being your real needs the last?

Yep, most any file could be 'compromised' to work in some way against users' interests, regardless of its origin - whether 'official' (like possible backdoors for example in Microsoft products), from a well-known vendor (like, say, Skype), or from a dedicated open-source project.

Is it really any different with official updates? When WGA is passed as a security update, how are official updates better? As far as malicious code or backdoors that are deliberately inserted, I'd worry more about the official updates.

One difference is that software produced by vendors like Microsoft, Skype, Mozilla, and, say, the VLC media player guys is under much more scrutiny and has much more testing by more (knowledgeable) users and contributors than patches posted here. The patches posted here do not have the same safeguard. How many people 'test' the updates posted here?

@herbalist: I hear your concern about 'official' products, but I know of no evidence. Do you have any evidence to back up your suggestion that MS has inserted backdoors? And for what purpose? On the other hand, most of us believe that there is plenty of malware out there for which Microsoft can't reasonably be held responsible - although that could be a whole 'nother debate. Maybe MS has deliberately engineered Windows to be vulnerable, or is indirectly culpable via neglect? At least, I don't think MS is responsible for, say, the Sinowal/Torpig bank account-stealing trojan:

http://www.theregister.co.uk/2008/10/31/si...l_trojan_heist/

Again, I'm not suggesting that any MSFN member has anything to do with malicious software! I have little reason, no evidence, but most of all, no desire to believe it. But I do have reason to question what exactly any update I apply to my system does, and what it's for.

What I am suggesting, at least, is that patch authors reveal more about the patches they release. I think they should assume that we want to know about exactly what we're installing, including any changes made to system files. Then, the more knowledgeable, curious and time-rich among us could check them out if they wanted to.

This would mean more work for patch-makers. If there is any other reason why more detail can't be supplied, please let us know.

Anything unofficial is at your own risk.
There's some risk in every install, every patch, every update, no matter where it comes from.

Understood. To make it clear: I have been a visitor to these forums for some time and have used many of the unofficial updates posted here. The 'risk' I'm trying to highlight is to do with security, rather than simply something that doesn't work.

Besides, programming something like Uberskin is really not the most efficient way to spread malware or compromise systems. There are less complex ways to do that. And a techie site like MSFN is the wrong place to look for malware victims right :)

Leaving the names of any update out of it, I can easily think of arguments against the ones you outline above. :( Maybe MSFN is a good place to test malware out. If it gets past that relatively 'techie' audience, it's far more likely to thrive in the wild.

Please come back at me with more arguments - I'd like to be wrong about this.

But what I don't like is that some "updates" are plugged by their makers without proper information about what the update does and how it must be installed. Advising someone to install your Polish update pack on a English windows is a sin but I've seen it happen.

Totally agree. Even if the maker made an innocent mistake, he has done no good to the chances of his pack being installed by many people.

Unofficial is unsupported offcourse. But some things must be clear before I will install it on my system. First I must be sure what the update is doing and why I should (not) have it. A list of changed files scores extra points. Second, system requirements/dependencies must be clear and also the (in)ability to uninstall.

We have here the start of a possible set of criteria for the information that patch-makers should include with each patch, update pack or modification that they release. The more detail, the better.

Edited by bristols
Link to comment
Share on other sites

Am I alone? Do you trust all the unofficial patches and modifications posted here 100%?
I stay away from general updates. Don't touch a working system. Le mieux c'est l'ennemi du bien. Updates which I can understand, YES, to solve a specific problem. But updates against problems which I don't have? This is just asking for trouble. And regarding trust: I believe this is a forum of decent people - but one cannot look into the heart of somebody else.
Link to comment
Share on other sites

To create a patch that works (unless one is so incredibly lucky that turning to a lottery ought to be much more profitable), one must be a knowledgeable programmer and/or reverser. It involves long hours of effort and dedication. And many more of plain bitter failure! :yes: It's not as difficult to document what the patched file does. Some patchers do it better than others... And there is always room for improvement, of course.

But to think that a malware/virus developer would turn to the 9x/ME community to use it as a test bed is akin to propose using bicycle races to test tyre rubber formulations for use in Formula 1! :wacko: It makes no sense! A malware/virus will be targetting the XP/Vista machines, because that'll enable the malware/virus its maximum spread. We are less of a target than the Linux/Free BSD users, for the single reason that we're, by now, less than 1% of the total computer user community. Worrying about unintended virus/malware presence in some patch is very paranoid, but tenable. But to dream about scenarios of a deliberate spread is just ludicrous. :whistle:

While I agree that, in Andy Grooves' words, "only the paranoid survive", I think too much paranoia paralyses one completely. Moreover, in my experience, the origin of 95%, at least, of all problems faced by computer users has its origin between the keyboard and the chair. And every client always tells you: "I did nothing unusual..."

Well, I'd better stop here. I guess I'm entering the ranting mode. I intended no offense to anyone, so please don't read what I wrote as any type of it. You all rock! :thumbup

Edited by dencorso
Link to comment
Share on other sites

Regarding KernelEX and the possible introduction of new vulnerabilities, I have to take the position that it is a possibility. By no means am I saying that this is malicious intent, negligence, or anything similar on the part of its developers. It's the nature of the project. The purpose of KernelEX is to make it possible for software that's designed for NT systems to run on 9X systems. It works by adding some of the core functions from NT systems the newer software is designed to use. 98 is in the position of not being affected by a lot of the malicious code that's in circulation, primarily for 2 reasons.

1, The system files and their paths are either different or don't exist on a 9X system at all.

2, 98 doesn't use or understand many of the core functions of an NT system, which is what most malware targets.

By adding these functions to 98, it's entirely possible that some of this malicious code will be able to run on 9X when it couldn't before. In this respect, malware is no different that any other software. KernelEX definitely will not cause 9X to be vulnerable to all the malware that XP has been hit with, but it will have an effect. There's no way to know how much effect unless you have a crew of programmers available that know how to reverse engineer malware and have an in depth understanding of both types of operating systems at a kernel level. Microsoft has plenty of programmers and they can't prevent vulnerabilities in their own products, and they have the source code. KernelEX would have to become a lot more popular before malware writers start looking to write exploit code for it, but the additional functions may allow some of it to work, at least partially, which could lead to some very unexpected behaviors. It's just a potential problem we need to be aware of, one that could become more significant as KernelEX grows. When you get right down to it, this wouldn't be a KernelEX problem. Being targeted by all kinds of malicious code is just reality for NT systems. Adding NT functions to 9X systems gives them some of the NT systems problems.

Regarding my comments about WGA, I wasn't suggesting that it installed a backdoor. I am calling it spyware. It was passed as a security update but does nothing that's even remotely security related. It exists solely to make sure you've given them your money, because MS doesn't trust their customers. As for actual evidence of deliberate backdoors, no I don't have proof, just circumstantial evidence and suspicions. That said, it wouldn't surprise me at all if one was discovered tomorrow.

Maybe MSFN is a good place to test malware out. If it gets past that relatively 'techie' audience, it's far more likely to thrive in the wild.

I'd have to disagree with that logic. IMO releasing the malicious code here would increase the chances of it being discovered. Many of the members here know how 9X systems work in far more detail than members elsewhere. They're much more likely to notice unusual activity. Some of us have some potent security setups in place that don't miss much. These reasons aside, why would a malware writer target such a small percentage of the PCs when there's a much more common OS (XP) with a history of being vulnerable?

Rick

Link to comment
Share on other sites

To create a patch that works (unless one is so incredibly lucky that turning to a lottery ought to be much more profitable), one must be a knowledgeable programmer and/or reverser. It involves long hours of effort and dedication. And many more of plain bitter failure!
Regarding KernelEX and the possible introduction of new vulnerabilities, I have to take the position that it is a possibility. By no means am I saying that this is malicious intent, negligence, or anything similar on the part of its developers. It's the nature of the project.

Most of this is very true with any software you write. There's always the chance of error or of the programmer overlooking something. This is just part of the game, whether it's from Microsoft or someone like myself. Give it enough time, a problem will always crop up somewhere. Most if not all programmers aren't looking to share crap when they share it. They go to the best effort they can, but in being human, there is always the chance of a problem, or something overlooked. Or even if you give it enough time, something may not work that worked before, because something was changed by someone else along the line.

An couple examples of my own. I posted a Screen saver that I was working on for myself. The 0.1 revision worked fine (used it since then with no problems), but when I did the 0.2 revision, it seemed to work fine for me. But when I played with it some more after I put it into the thread and realized that I wasn't detecting the screen coming back up right. Did I do it purposefully or negligently? Definitely not! In fact, I felt very bad that I turned the software out with such a problem. I think you'll find that with most if not all programmers when they turn out something that isn't working right.

Then there's the other thing you can see within that thread as well as this one. There's always something that can be overlooked, or the program be used in a way that you didn't imagine or expect. No negligence again, just simple human error. I couldn't make the screen saver work the way the user in the thread wanted for what Windows does, but I could trap the problem and I hopefully did that in the new version. With the Batch Patcher program, the user found a situation that I didn't think to test for, and (as far as I know, no feedback!) I corrected it.

Of course there is always things that crop up when age and changes are made by others set in. I notice for the Batch Patcher program that the new series of malware scanner (890830) is not detected. So that will probably be changed in a coming version.

That being said, most that would post software of varying kinds in forums like this (myself included) do it just because they did something that was greatly useful for themselves (one guess for you on how I apply patches to my computers - you'll get it right) and wanted to share it with others. To that end, most want their software to work well and even want to improve it. That means any feedback (using and pleased with it? Running into an issue?) you provide is valued and is definitely important to those working on the software. I hope that can be seen within those two threads. Of course, I have unresolved questions that people haven't gotten back to me on when I've directly asked them, but I figure that's part of the game, too.

But also, perhaps something of a difference between companies like Microsoft and people like me (or the others in this forum). Microsoft has employees working around the clock, and inevitably they will always be able to get around quickly on a problem they encounter if it's important to them to fix. For folks like me, real life tends to intrude, since this stuff is a hobby more than anything else. Other obligations, like working for money (school if younger), house work, family issues and other interests are always out there.

Of course, that difference really shouldn't be taken against anyone that does make the effort to try to enrich their own, and others computing experiences. Most if not all will make the best effort with what they do and want others to be pleased in using their software. For what I gather, all those working on this category is no different.

Since I really haven't posted about these two pieces of software in this forum, they work on ME (and likely 98). The original reasons for them grew out of the use of a Windows ME box and therefore it was important for me to have them work there. So feel free to try them (and I'll see if I can repost an older version of the screen saver for the time being).

Edited by Glenn9999
Link to comment
Share on other sites

Please come back at me with more arguments - I'd like to be wrong about this.

More arguments? You give us zero :)

As long as there is no real proof of any bad unofficial updates I simply have to assume that you are wrong. I don't have to proof or argument anything. Remember that any fool can ask more questions than ten wise men can answer. The bare fact that you raise this question doesn't mean that there is any real danger. (please don't understand me wrong, I'm not calling anybody here a fool)

You state something here so it's your job to come up with arguments and proof.

Link to comment
Share on other sites

Most of this is very true with any software you write. There's always the chance of error or of the programmer overlooking something. This is just part of the game, whether it's from Microsoft or someone like myself. Give it enough time, a problem will always crop up somewhere. Most if not all programmers aren't looking to share crap when they share it. They go to the best effort they can, but in being human, there is always the chance of a problem, or something overlooked. Or even if you give it enough time, something may not work that worked before, because something was changed by someone else along the line.

It has nothing to do with programming errors or developer mistakes. System functions and commands aren't good or malicious. They're tools. They're part of the operating system. How they're used decides if they're malicious or not. Even in the simplest of languages, system commands can be used maliciously. Individual DOS commands aren't malicious but using the DELETE command on the system folder would be. It's no different with KernelEX. It adds functions and the ability to understand commands to 9X that it never understood before. In a limited way, it's creating a new operating system that's a hybrid of 9X and NT with characteristics of both, and makes it possible for a 9X system to run software that it never could before. My point is that this could include some malicious code that 9X couldn't run before. The only "fault" here lies with the one who wrote that malicious code, definitely not with the KernelEX developer. I'm strictly pointing out that the new possibilities it opens up might not all be good. It's just something we need to be aware of.

Regarding the testing of unofficial updates, I try the ones that interest me on a testbox, which is equipped with my full security package. I used to beta test quite a bit of software. Anymore, I just don't have the time to test anything in detail, so most of it hasn't gone past my testbox.

Rick

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...