IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New Pwned by The Seattle Times..
An ongoing saga of a worm? other named-beast which commences to eat (as much as 18 GB seen..)

Unaccustomed as I (happily thus far..) am re escaping Windoze-grade repeated fixings, still I had earlier acquainted self with the lovely Activity Monitor
(but not to the extent of finding how to lengthen the horizontal-display Name-section beyond “www.seattletimes..” as its specificity could be a useful clue/or not.)
That was enough clue for moi to nuke the sucker, also the stub? left [0 bytes] of same/similar incomplete-ID.

These deletions restored normalcy, sometimes for hours. I phoned The Rag, imagining that I may not be the first/or only recipient of some bad packet (and also realize that they may not have incorporated the Cause in their scripts, but out in the wild Evul got attached by some other malevolent process.) ie no ‘accusations’—just an effort to find out if They Knew etc.

Alas I ran into two obtuse minions, incapable of comprehending that I wasn’t [Yet..] asking anything of them but could explain my observations in 3-5 minutes to a competent—preferably IT Supervisor. These two likely had no idea of modrin Cookies and the kinds of nefarious schemes they hope to employ to frustrate those who might breach their Paywall … wasted breath, as they were stuck in Bizness-Duh-mindset bereft of any useful IT-knowledge. They wanted moi to send screen shots etc. I had enough of their fecklessness at that point, mentioning how little time, verbally was needed for me to get across a message possibly useful to us both, and the fact that I have no intention of doing n-hours more of their work for them.

Apparently (they have my fone#) the proles there have no info yet, that The Times is chasing any problems of this kind as I’ve not heard back since yesterday. I shall have to schlep this box to Tim (a nearby local fixer with already demonstrated chops re Beastware or OS-X, whom I am fortunate to have found.) OR: possibly pick a suitable diagnostic App (shades-of-M/Soft/ugh). Am I naive? it seems to moi that even a Rag like Seattletimes wouldn’t intentionally loose a memory-assasination thing, even in defense of all-that-free- Paywall-$$$. But then nobody knoze just how far the Dumbth has permeated, esp. in biznessmen. Flip coin.

Any suggestions of the better options out there? Maybe it’s true that OS-X shall henceforth need the overhead of 24/7 Malware Detection—anyone here surrendered that far, yet? If there’s an obvious ‘best’ diagnostic, like the Ferenghi: I’m All Ears.

My guess-attempts included nuking also a couple processes whose URL hinted at The Cloud, (never seen previously) but was an incomprehensible ~code-?-URL-name. There were 2, 3 of these with “0 bytes” as a beacon; these have not recurred always, but a few times is too-many. I quite realize the foolhardiness of nuking-unKnowns, thus was ready to use the Magic-button-behind: to force-quit the mess, if A.M. showing any sign of slouching towards —> Colonel Panic and like that. As I type this I have A.M. above and it’s happily untroubled..



It’s Nice when an iggerant-stab seems to have worked … but this mess Is Recurrent, so there I are. Still.. I am not unappreciative of the fact that, since the 20” iMac arrived from ePay in Jan. ’09 my only similar inconvenience was that bug -in Java was it?- way-back. 10 fussless-YEARS! w/ two iMacs. So this is more of an adventure than cause for unkind epithets re $$Apple. At least I had already played with A. M. sufficiently to recognize that THIS is exactly where one starts, should the sucker start emulating Win-3.0-beta on a ‘90s clone—unless the whole enchilada has already gone daft.

[ PS and fond recall of the missing-Greg :-/ ]
who admonished moi not-to go looking around in Console etc. “It just works, damn it!” I riposted that, ~ if’n I don’t have Some.. idea of what is “normal" there? h.t.f. Could I notice some incipient or perhaps Ugly-gravitational-shift in the OS-X cosmos, eh? But Greg WAS ~99.8% Right, eh? ;^> So glad that we had ~an hour ranging discussion at the time I was sending along that Tek scope; he was fully conversant across electronics and related, as well as IT (about which I concluded that he’d likely forgotten more now-obsolete-stuff than many a modrin IT-person would ever have acquired). Pity.. that his social chops were ..well, you know. I miss him, still. ’Twas such fun to show-off my fledgling Ashto-knoppix chops/pseudo- as they were.. DAMN.)
New I would suspect a bad ad or something.
I use uBlock Origin everywhere (except on my phone - Chrome on Android doesn't allow ad blockers, so I use the Brave browser there) and it works pretty well. But there are some video ads that show up on the sidebar of Balloon-Juice at times that get by it. Lots of manual intervention is required (for me anyway) to get rid of them (for a while).

Are you using Firefox? They changed their plumbing recently and broke a bunch of plugins. But some of the ones that don't work can still load and make things wonky (until they're updated).

You could also try the EFF's Privacy Badger. I've looked at it briefly but never really used it (though I should start).

18GB is extreme, but I suspect it's something broken and not something actually malicious. Just a suspicion, though.

Good luck!

And +1 on the good thoughts for Greg. :-(

Hang in there.

Cheers,
Scott.
New Thanks.. 'jes sleuthin-fer-Gotcha!s or some decent Remover kit.
EFF sez: browser not supported. The fuels! [/Inspector Clouseau]
Can't easily ditch Safari ..it's already a new arm-let within the DNA :-/
Expand Edited by Ashton April 15, 2019, 04:28:55 PM EDT
New That seems to be a legal issue
EFF got heartburn after it read Apple's iOS developer agreement. A lot of that carries over to MacOS if you want to be part of the walled garden.

I'll go with Scott on the cause. This is likely an ad or other script run amok. Javascript is very susceptible to (lack of) optimizations in the JS engine. Safari is tied to the OS version, so that puts you in SOL territory when it comes to sidestepping that particular problem when the hardware falls off Apple's good list.
New Ugh; quandary then.
Can't muzzle JS (I presume.. or shouldn't if you could?)
Wonder though: have steadfastly refused the recent Mudbrick-Tech nags to get their f-ing about-monthly Bug-fix.
Is their product That Bad that ya gots to nuke yer browser/on demand? now.. but..
mayhap their gadgetry (does anyone but BBC still use this for videos?) still. Maybe the leak came from them/somewhere in the packet-making games?

Maybe I should acquiesce and see if it also stops: previous Duh-access bad-code.
Thinking on that.. not enough chops to see if that idea is bollocks. Iggerance is a terrible Thing. (Except where it brings bliss, I heard.)

Thanks for the explanation; Apple be such biz-$$obsessed-Prigs, dealing with ackshul People (kinda like Jobs?)

PS: know what 'mdworker' OS small-process does?
Noted several iterations with consecutive er, serial numbers: nuked all but one last stab, apparently to no ill effect But.. ... (Jeez, and I thought PDP-8/octal was a PITA (what with schlepping 10" (?) tapes, punch-cards to the CDC-6600, just for a change or two.)
Expand Edited by Ashton April 15, 2019, 09:36:18 PM EDT
New Mudbrick Flashplayer?
That thing should be nuked from orbit. It is beyond redemption/salvation/...

Its life support is scheduled for termination next year. Most commercial sites have switched to HTML5. I can't think of any major site, including the Beeb (using the Paris disaster as proof :-( ), which still requires Flash.

However, unless a site contains Flash, it shouldn't rear its head.

mdworker is the indexer (or part thereof) of the Spotlight search facility. It will come back as long as the system thinks there is something left to index.
New Thank you ..Thank you.
I cannot imagine how a one can carry about so much [Useful!] matters in the jelloware.. mdworker is ... free of all criminal intent.

As to Mudbrick; I had thought that its perpetual mediocrity was due to be rendered obsolescent obsolete by 'something'; ah Yess: HTML5 (whose adoption surely must be in full ascension by now). So I shall proceed towards delivering the message to the Mud people:
"Thanks for all the fish; I've gone back to WordStar in CP/M." (now where's that daisy-wheel printer gone?)

You sir, are: that jeweled-left-eye in some Heathen idol. :-)
New ~30 years of trying to stay ahead of this crap. But Google helps. A lot ;-)
New I uninstalled it years ago.
It comes with a price, e.g. no BBC videos, but I've been resolute.
Alex

"There is a cult of ignorance in the United States, and there has always been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that "my ignorance is just as good as your knowledge."

-- Isaac Asimov
New wat
BBC doesn't use flash.

https://www.bbc.co.uk/news/av/world-europe-47941114/notre-dame-fire-hymns-sung-in-the-street-as-cathedral-burns

^^ no Flash. My Chrome doesn't allow it at work (ask first). My Edge at home has it turned off altogether.
New Well, after a second or so I get "This content doesn't seem to be working."
"Try again?" which is a loop with no joy.
Alex

"There is a cult of ignorance in the United States, and there has always been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that "my ignorance is just as good as your knowledge."

-- Isaac Asimov
New This works fine for me on Chrome on Win10.
https://www.bbc.com/news/av/world-asia-47954950/once-destroyed-by-the-taliban-the-buddha-statues-live-again

I don't get a popup asking about Flash (the way I do with the NWS local radar page).

Does it not work for you?

Good luck!

Cheers,
Scott.
New Not on a Mac running Firefox the way I have it set up with NoScript..
It turns out to be that NoScript is the culprit that's killing the video. The video is fine if I temporarily allow all non-BBC scripts.

Problem solved! :)
Alex

"There is a cult of ignorance in the United States, and there has always been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that "my ignorance is just as good as your knowledge."

-- Isaac Asimov
New There's one free online game I like to play that use it
I only allow it on that one site. Haven't noticed the lack anywhere else.
--

Drew
Expand Edited by drook April 16, 2019, 07:11:48 AM EDT
New ~Nailed..(well, if it's made from melted pot-metal pennies.)
I missed.. an instance, a tab within 'Boeing' matters, from Seattle Times, thus the association of source is correct--but hardly dissected/dissectable? Still suspect something Cloud-related (which I ~ need-not--except a few fotos from when I was in thrall to the pocket Attention-monopolizer--which also made phone calls ... occasionally. So nuked a couple of their coded URL-names. (Little idea here of the odds of Cloud-hacking? so why worry pretty-little head..)

It seems--from a couple past, lesser examples--that any long-duration residence of a website like This one can lead to some er, later-on corruption, maybe via the usual Refreshes sent out [??]. I shall attempt more due-diligence ... if the thought isn't driven-out by Today's Latest Orangeness pandemic ..a fucking-Tweet-away 24/7.

Thanks for the tips, esp You, Sir Coenye :-)
And: fie on Thee, Seattle!--just for mondo-obtuseness about matters you Know you don't-know-shit About, but feel you must pretend.. just like the other 40%-Murican assholes do do.



Carrion.. often you make it by grabbing the Salt rather than the Sugar on that bacon-bacon+Bacon recipe.
New Post-mortem: just for the giggles
SO then.. I looked up means for a fussless seppuku for Mud-Flash; decided --with reservations--to go with Door #2: Go-to Mud City and {ugh} Use Their 'removal'-thing==yet another=last brown-ish download.

Did that.

Alas, I could not pre-kill Safari/necessary conduit of my wishes. (circle-jerk?)
And afterwards: MUDbrick had trashed the browser, such that [tl;dr: on the oddities]
Had to reboot thrice altogether! including Kill-via-The-Button.. the third time being the Charm..
It looked pretty bleak re lots of URLs after first two stabs :-/ ... schemes for a server-swamping vengeance?, etc.

Now it's personal re Mudbrick/an hour+ wasted, aka .. n-pins into Mud Doll, then buried in unhallowe'ed ground,
thence pissed upon, to be sure it was Muddy-enough. Got their stock? ..sell short.



All warranted because too: sans the perpetual overhead of that needs-fixing-every-month abortion:
The machine runs reminiscent of virgin first-boot/screens don't evanesce-away . . . Woo HOO
they fucking swap in an augenblick, (I ∆'d nothing besides this deletion.) A.M. just sits there.. with the pretty graphs huddling near-0 re MEM and CPU.

er, :-) :-) ..so far.
New Glad you got it fixed!
The only public site that I visit that still uses Flash is the NWS regional weather radar. (For years they had some beta thing going that was supposed to be new and improved, but it apparently was killed.)

A bunch of our "training" at work still uses Flash though. :-/

I haven't had too much trouble with Flash recently, but it'll be good when it's finally gone.

Cheers,
Scott.
     Pwned by The Seattle Times.. - (Ashton) - (16)
         I would suspect a bad ad or something. - (Another Scott) - (12)
             Thanks.. 'jes sleuthin-fer-Gotcha!s or some decent Remover kit. - (Ashton) - (11)
                 That seems to be a legal issue - (scoenye) - (10)
                     Ugh; quandary then. - (Ashton) - (9)
                         Mudbrick Flashplayer? - (scoenye) - (8)
                             Thank you ..Thank you. - (Ashton) - (1)
                                 ~30 years of trying to stay ahead of this crap. But Google helps. A lot ;-) -NT - (scoenye)
                             I uninstalled it years ago. - (a6l6e6x) - (4)
                                 wat - (pwhysall) - (3)
                                     Well, after a second or so I get "This content doesn't seem to be working." - (a6l6e6x) - (2)
                                         This works fine for me on Chrome on Win10. - (Another Scott) - (1)
                                             Not on a Mac running Firefox the way I have it set up with NoScript.. - (a6l6e6x)
                             There's one free online game I like to play that use it - (drook)
         ~Nailed..(well, if it's made from melted pot-metal pennies.) - (Ashton) - (2)
             Post-mortem: just for the giggles - (Ashton) - (1)
                 Glad you got it fixed! - (Another Scott)

My other car isn't worth talking about.
123 ms