OS X Malware
I have a PowerMac G4, OS X 10.4.11. There seem to be software, or perhaps hardware, defects.
I. Display of a jpg file.
I had the pages for a Web site in my computer. In the source code of many pages of that site, there was a link to a graphics file Graphic1.jpg. It was in a directory which was in another directory. I removed the file. The link still worked. This should have been impossible. I removed every copy of that graphics file from the computer, and I disconnected the computer from the Internet. The link still worked. In other words, the graphic file still displayed. The link worked regardless of browser.
I changed the source code to call for a non-existent graphic file which also was not in the directory. Correctly, thqt second file did not display. The inexplicable display was present only with Graphic1.jpg, not any other file.
I did not find a .htaccess file.
How did that file appear when nothing with that name was in the computer (much less, in the correct directory)?
2. Problem with text in links in source code.
Links do not work on a certain Web page.
The links are written correctly (for hypothetical example, IANA — Example domains=). The source code in the file in the Web server is right if I look at the file using the browser's "View: Page Source" pulldown menu option (for hypothetical example, a URL is IANA — Example domains=).
However, if I download the file using the broswer's "Save As: Comphete Page" pulldown menu option, and then look at the downloaded file's links, I see that every link in that file has "www.x.com/" inserted into its beginning (for example, www.x.com/www.example.com). There is no such URL at x.com domain, so a 404 results.
I will now give a detailed, hypothetical example.
When I use the browser to look at the file's source code (View: Page Source), I see the following link:
<a href="http//query.n.com/g/" target="_blank">G</a>.
Notice that "www.x.com" is not in the URL in the source code. This is as it should be.
However, when I download the page and look at it using the browser's "Save As: Complete Page" pulldown menu option, and then look at the code in the downloaded file, I see:
<a href="http://www.x.com/http//query.n.com/g/" target="_blank">G</a>.
Notice that "www.x.net" is at the beginning of the URL. There is no such URL at x.com domain, so x.com issues a 404 error notice.
This problem affects every link on that page.
Uploading a new page did not solve the problem.
This is a problem only for that page of the Web site, not for any other.
How is that, for that one page only, bad code appears regardless of what I upload?
In theory, one possibility is that ftp client is not uploading the file I tell it to upload. Instead, it is uploading some file I don't even know about. This might be analogous to the graphic display problem mentionned above, where a brrowser diplays a file taht could not be the one specified in the source code.
In theory, another possibility is that a bad page is substituted for the good one I designated the ftp client to upload, and that this substitution occurs after the page leaves my computer.
When I futilely uploaded replacement pages, I made a few changes in ordinary text, chages that had nothing to do with links. The bad page did not have the changes. There was an unchanging, bad page that appeared regardless of what good page I tried to upload.
In any event, I solved the problem by giving the problem page a slightly different URL.
What caused the problem?
The two problems described above (display of a jpg not in the computer, links) involved the same computer. That computer is in a room which few people have access to. If the problem was caused by someone in the room, there are only a tiny number of possibilities.
I had telephone service from one company, then switched to another. Then, I stopped getting telephone calls from customers of the first company. The callers thought that my phone was ringing with no answer but it really wasn't ringing. The second company said that it was the first company's fault. For months, callers from the second company couldn't reach me. That problem was solved. This suggests the possibility that the computer problems wre caused by someone with access to telephone company computers. The phone problem could be a coincidence, unrelated to everything else on this page.
Someone malicious occasionally has blocked my telephone service at will, both ordinary voice (analog, I guess) and VOIP. That person may also have blocked telephone access to the Internet.
Sometimes, when I try to connect to the Internet after a multi-hour pause when the computer has been turned off, the browser tells me that it cannot find the domain I seek. I disconnect my computer from the tlephone connection to the Internet, then re-connect the computer to the phone connection, then the computer can connect to the Internet.
Below is guessing.
Perhaps someone, not necessarily on a real-time basis, can see the windows that I see when I use that computer.
Perhaps it is posible for a cracker to find out what I do on my computer even when it is not connected to the Internet, although the cracker may not find out until later.
Perhaps my computer may be part of a network, perhaps connected to the rest of the network by Airport or some other system. I have at least one telephone number I don't use. I have its number written down somewhere. Airport or some other system may connect my computer to the rest of the network either directly or through one of my telephone numbers.
This is speculation.
|All times are GMT -4. The time now is 01:57 PM.|
Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.