Ron Paul ToolBar

[adam1mc]

The webmaster has inbedded on his homepage of the toolbar site a malicious link which alledgedly steals credit cards and other details.

Links aren't malicious. Exploits are malicious. Links take you to another page and by themselves don't do anything harmful. In order to steal information from someone's computer a malicious person must exploit the system and silently install a program which actually does the malicious work. This is usually done by making someone visit a link that contains exploits within the body of the code. This side isn't running any scripts that would do this.

Kaspersky may not have come accross the toolbar yet to anylise it yet.

How would they have come across the site and not come across the toolbar? How can you determine that a site is bad if you don't analyze the contents of the page?

If you search the source code of the home page you will find a link which contains "mp3" in it.

So Kaspersky flags sites if they talk about MP3's? Wow, talk about RIAA infiltration!

Also I have seen a number of people claim that the tool bar slows their computer down. An ordinary harmless toolbar should not make a computer lag, unless it was filtering data through a proxy server (thus you have to have blind faith in the author of the toolbar that he is not logging any data).

Agreed, toolbars shouldn't slow down the box. But you are talking about what people have claimed. You can't be certain that they didn't have anything else on their box or that they weren't running a ton of different programs on a PIII with 512 of memory.

I will leave my signiture up until someone can explain to me why people's computers lag.

That's like asking a mechanic to tell you why cars slow down after 100,000 miles. There are a ton of reasons.

Also the person who owns the toolbar needs to provide proof that all of the funds are going to the ron paul campaign.
The burdon of proof is not on me, it is on the creator of the toolbar.

Agreed!

Do you think that antivirus companies are crawling through reading ron paul forums all day long and are even aware of the "ron paul toolbar". I am going to submit the exe to kaspersky.

I AM!!!! As I said, I research and reverse engineer software for a major AntiVirus/AntiSpyware company. I've been sitting in this chair for close to 3 years now and I would say I'm quite competent at my job.

 

[adam1mc]

I'm not trying to argue but 'we' seem so quick to discredit someone's good idea or to call people trolls because of a negative comment. The mentality from the people in this campaign has changed significantly over the past 6 months and I would just like to see people stop trashing others and others ideas just because they may not fully understand.

I think this toolbar is a great idea. The company that created it specializes in creating toolbars for non-profits and directing the revenue towards whatever charity the sponsor decides. While I 100% agree that the sponsor needs to prove that all of the money is going towards the campaign or towards Ron Paul related endeavours , we shouldn't be so quick to shoot down the idea until we have all the facts.

If you have questions, email the guy who set it up. Don't bash his idea behind his back on the very forum that he is looking for assistance.

I'm going to install the toolbar permanent within my Virtual Machine. If there is malicious behavior I will see it.

 

[athlon64bit]

Links aren't malicious. Exploits are malicious. Links take you to another page and by themselves don't do anything harmful. In order to steal information from someone's computer a malicious person must exploit the system and silently install a program which actually does the malicious work. This is usually done by making someone visit a link that contains exploits within the body of the code. This side isn't running any scripts that would do this.

Why would the author of the tool bar website embed a malicious link in his website flagged by kaspersky as a site which steals credit card details, passwords, pin codes etc?

How would they have come across the site and not come across the toolbar? How can you determine that a site is bad if you don't analyze the contents of the page?

By coming across the malicious website link that the author of the toolbar embedded in his website's home page.

So Kaspersky flags sites if they talk about MP3's? Wow, talk about RIAA infiltration!

It flags the site SPECIFICALLY as a phishing site. Please look up the definition of phishing.
http://en.wikipedia.org/wiki/Phishing
If you don't trust the wikipedia page then here is another one.
http://www.microsoft.com/protect/yourself/phishing/identify.mspx
Kaspersky wouldn't flag a site as a phishing site unless it was a phishing site.

Agreed, toolbars shouldn't slow down the box. But you are talking about what people have claimed. You can't be certain that they didn't have anything else on their box or that they weren't running a ton of different programs on a PIII with 512 of memory.

Well, I find it suspicious that several people have said that it slows down their computer, both in private message and on this forum. More of a coincidence to me.

I AM!!!! As I said, I research and reverse engineer software for a major AntiVirus/AntiSpyware company. I've been sitting in this chair for close to 3 years now and I would say I'm quite competent at my job.

Yea but equally the people at kaspersky are experts in malicious software and reverse engineer. So basically you are saying kaspersky's warning that it is a phishing site is nothing to worry about. I disagree. Kaspersky are experts as well.

I'm not trying to argue but 'we' seem so quick to discredit someone's good idea or to call people trolls because of a negative comment. The mentality from the people in this campaign has changed significantly over the past 6 months and I would just like to see people stop trashing others and others ideas just because they may not fully understand.

I think this toolbar is a great idea. The company that created it specializes in creating toolbars for non-profits and directing the revenue towards whatever charity the sponsor decides. While I 100% agree that the sponsor needs to prove that all of the money is going towards the campaign or towards Ron Paul related endeavours , we shouldn't be so quick to shoot down the idea until we have all the facts.

If you have questions, email the guy who set it up. Don't bash his idea behind his back on the very forum that he is looking for assistance.

I'm going to install the toolbar permanent within my Virtual Machine. If there is malicious behavior I will see it.

Well I suggest that the author of the website removes the link to the phishing website and explains why he needed to link to a specific file on a phishing website. I find that suspicious. Also maybe he can explain why so many people find it lags their computer. I am not doing it behind his back. I am posting on a public forum lol that he can come in and read.
If he has a link hidden in his source code which is detected as a phishing website, the fault lies with him not me. I am not the one who embedded a link in the source code to a site known for phishing credit card details. He can explain why he needed to embed that file link to ally people's fears.
His toolbar may or may not be safe (I am still suspicious why it lags people's computer's unless it is redirecting data through a proxy server, possibly the phishing link on his website) but until he explains why he is felt the need to link to a suspicious phishing link, I will remain suspicious.

Another reason I am suspicious is there seemed to be 2 or 3 people who came on posting reassuring people that the toolbar site and file was safe but it looked like it was the same person with multiple accounts. I can't prove that but just makes me suspicious.

 

[athlon64bit]

By the way I used to be a moderator on an internet security forum.

 

[athlon64bit]

Can you show any bit of evidence to back up your claim that this program is malicious? If not, then your signature just makes you look foolish.

Kaspersky antivirus says that it is a phishing website. Also I am saying the site is a malicious phishing website which is the same as what kaspersky says (or a link embedded on the website). Nothing is wrong with my signature.

I have Kaspersky on my side LOL!

 

[Revolution9]

Valid concerns but you have nothing to worry about - the toolbar is digitally signed - you can't get a digital signature with a toolbar that has any sort of adware, virus or spyware on it.

Also, we're using the same toolbar that the Susan G Komen Foundation & Toys For Tots uses.

It's very safe, and it's going to generate a lot of money for the cause =)

Also, you'll get great updates via the toolbar's messenger feature from someone who's been organizing Ron Paul events since day 1

Cool idea. I understand it will not run in Safari? If so and the code is clean then why not as that is a totally compliant browser to standards.

Best
Randy

 

[adam1mc]

By the way I used to be a moderator on an internet security forum.

Well now you're just an idiot. I told you what I do for a living. Either you didn't listen or you don't seem to offer any sort of credibility to my research.

I told you to contact Kaspersky and ask them for a re-evaluation to check to see if it's an FP. I also suggested that you contact the creator and discuss your concerns with him.

And I would also suggest for you to use your moderator powers and search Google for "FreeCause Toolbar" (as in reality it's THEIR toolbar) and see if you can find one single shred of evidence that the toolbar is malicious.


If you can't do those things then you are only bringing negativity to a very cool idea.

Would you like for me to do those things for you?

 

[adam1mc]

Cool idea. I understand it will not run in Safari? If so and the code is clean then why not as that is a totally compliant browser to standards.

Best
Randy

Mozilla and IE and Safari and Netscape all function totally different and need different plugins to function.

Try installing a Safari plugin into IE and see what happens.

 

[adam1mc]

Wouldn't you know it. If you search "FreeCause Toolbar, Virus" the first thing that pops up is the Anti-RP thread. Nothing else about there being a virus.



I can't believe I've wasted so much time on this. How much proof do you need? I documented the changes made by the program. I showed you there weren't any keyboard hooks installed. You can't steal the keystrokes if you aren't hooked into the keyboard. I've posted results from 23 AV companies with updated defs (www.virustotal.com) and not a single credible source says the file is malicious.. even your beloved Kaspersky didn't detect the file.

Here are 176,000 pages which show False Positives (FP's) within the Kaspersky DB. They are FAR from perfect.
http://www.google.com/search?q=kasp...s=org.mozilla:en-US:official&client=firefox-a


Quit spreading negativity until you have credible evidence to back up your claim... and that doesn't entail a Kaspersky (who uses heuristics by the way) phishing filter.


If you are so certain that the program will phish, then download a copy of VMWare. Install a crap version of WinXP with no Service Packs and no updates. Download Wireshark network monitoring and start capturing the packets. Start visiting bank sites (you don't have to use your own info. Just type gibberish), email sites, paypal, ebay, etc and see if Wireshark ever shows a POST back to an unknown location.

If packets are being POSTed to sites other than where they are supposed to go then you will know you have a phisher. If there is no internet communication then you'd be safe to assume that it's not logging and sending information.

 

[athlon64bit]

Well now you're just an idiot. I told you what I do for a living. Either you didn't listen or you don't seem to offer any sort of credibility to my research.

I told you to contact Kaspersky and ask them for a re-evaluation to check to see if it's an FP. I also suggested that you contact the creator and discuss your concerns with him.

And I would also suggest for you to use your moderator powers and search Google for "FreeCause Toolbar" (as in reality it's THEIR toolbar) and see if you can find one single shred of evidence that the toolbar is malicious.


If you can't do those things then you are only bringing negativity to a very cool idea.

Would you like for me to do those things for you?

How do I even know that you are who you say you are? You are telling me to trust you over kaspersky antivirus? I have texted you 3 times. It is up to the owner of the ron paul tool bar site to do all that work. It is his website that they are saying contains phishing links.
Oh incidently, the specific page that he has on his site is flagged as a phishing page. Other pages on mp3assets aren't flagged as phishing pages.
Anyway, the way it goes is this, the guy has a link embedded on his home page which my antivirus says is a phishing web link.
We are not talking about FreeCause toolbar.
It is as simple as this. My kaspersky web antivirus says that the home page of the tool bar contains a link to a phishing website. I was/am concerned that people would potentially be loosing sensitive information if kaspersky web antivirus is correct. I warned people, a few people via private message and on a few threads of what my kaspersky antivirus was telling me.
Kaspersky web antivirus is what detects the phishing link, not sure if the regular desk top detects it as I don't think it scans web sites as they load. I have the whole kaspersky suit.
I don't give a shit what you have to say. I warned people with good merit. It is the responsibilty of the owner of the toolbar website to not embed links to pages which are detected as malicious. They are to blame not me. If it is a false alarm it is up to the owner of the toolbar site to correct the mistake or contact kaspersky or whatnot.

I am a webmaster myself of several sites and if I embedded a link which showed up as a virus, guess what? I would be to blame because I put it there.
Do you think that I should have kept quiet and not warned people that my antivirus showed it as a site which steals creditcard details and passwords?
This is the last time I am gonna try and help people out with warning them of things. I came here to support Ron Paul and follow the movement. I don't need this kind of shit.
I did fuck all wrong. I ain't the person putting links on my site which show up as phishing attack links. You call me an idiot. Maybe you should direct that insult at the person who is putting up a phishing link on his website (according to kaspersky antivirus.
Perhaps the toolbar is harmless and it is a false alarm or perhaps not. I won't be installing it though.

Adios

 

[athlon64bit]

Wouldn't you know it. If you search "FreeCause Toolbar, Virus" the first thing that pops up is the Anti-RP thread. Nothing else about there being a virus.



I can't believe I've wasted so much time on this. How much proof do you need? I documented the changes made by the program. I showed you there weren't any keyboard hooks installed. You can't steal the keystrokes if you aren't hooked into the keyboard. I've posted results from 23 AV companies with updated defs (www.virustotal.com) and not a single credible source says the file is malicious.. even your beloved Kaspersky didn't detect the file.

Here are 176,000 pages which show False Positives (FP's) within the Kaspersky DB. They are FAR from perfect.
http://www.google.com/search?q=kasp...s=org.mozilla:en-US:official&client=firefox-a


Quit spreading negativity until you have credible evidence to back up your claim... and that doesn't entail a Kaspersky (who uses heuristics by the way) phishing filter.


If you are so certain that the program will phish, then download a copy of VMWare. Install a crap version of WinXP with no Service Packs and no updates. Download Wireshark network monitoring and start capturing the packets. Start visiting bank sites (you don't have to use your own info. Just type gibberish), email sites, paypal, ebay, etc and see if Wireshark ever shows a POST back to an unknown location.

If packets are being POSTed to sites other than where they are supposed to go then you will know you have a phisher. If there is no internet communication then you'd be safe to assume that it's not logging and sending information.

Dude listen very very very carefully. I have said this several times, perhaps you will get it this time. Kaspersky detects a malicious link on the HOME PAGE of the WEBSITE of the toolbar site. Not in the toolbar software, that is not to say the toolbar is safe or not because kaspersky probably hasn't even analised it yet. It is the antivirus web scanner which detects malicious code on the website, not the regular desktop scanner. Desktop scanners don't scan for phishing links while surfing the web, it is the web antivirus which does that.
Ok dude have it your way, it is completely safe, everybody download the toolbar. Adam is the expert and he says that it is safe, listen to him, I don't give a shit. Kaspersky web anti virus scanner is wrong about the site being a phishing website and it is a false positive blah blah.

Ross

 

[adam1mc]

How do I even know that you are who you say you are? You are telling me to trust you over kaspersky antivirus?

Here ya go... (edited) I have several more if you want them.

I have texted you 3 times.

Really? Where?

Oh incidently, the specific page that he has on his site is flagged as a phishing page. Other pages on mp3assets aren't flagged as phishing pages.

Here is your 'flagged' url. Nothing about this is malicious
http://www.mp3asset.com/swf/mp3/minime.swf

We are not talking about FreeCause toolbar.

Actually we are. Remember? Ron Paul Toolbar is the name of this thread.

I don't give a shit what you have to say. I warned people with good merit. It is the responsibilty of the owner of the toolbar website to not embed links to pages which are detected as malicious. They are to blame not me. If it is a false alarm it is up to the owner of the toolbar site to correct the mistake or contact kaspersky or whatnot.

Agreed, but notify the creator - not ruin the entire idea behind his back. That doesn't help anyone.

I am a webmaster myself of several sites and if I embedded a link which showed up as a virus, guess what? I would be to blame because I put it there.
Do you think that I should have kept quiet and not warned people that my antivirus showed it as a site which steals creditcard details and passwords?

I don't even think you understand how a virus / phisher functions. And what you should have done is used Google to research your theory to see if there is any sort of validity to it before you destroy the idea.

I did fuck all wrong.

What? That's not my problem.

You call me an idiot. Maybe you should direct that insult at the person who is putting up a phishing link on his website (according to kaspersky antivirus.

Not trying to insult you (and I do apologize) but your inexperience and negativity is destroying an otherwise really good idea. Talk such as this will only ruin an Idea. I'm here for Ron Paul too, as I would imagine most here are. Everyone is entitled to their ideas.

The blimp was a great idea and went up without a hitch. And then everyone came in with their negativity about the company and flight plan and weather and they destroyed the entire deal. The blimp is now grounded. Ron Paul Racing is barely getting off the ground. We NEED these types of ideas to help us remain unique among the grassroots.

All I'm saying is that if you have reservations about something, check them before citing with certainty your opinion.

 

[adam1mc]

Here ya go.. CALL HIM
http://digg.com/2008_us_elections/Download_the_Ron_Paul_Toolbar

you can call me anytime about this toolbar - chris lawton - I run the greer, sc meetup # 281 - THIS IS TOTALLY LEGIT --- 864-325-6400 ...

If his program is malicious, then him posting his number would be a first for any malware author.

 

[nmlifestyles]

Hello From Chris Lawton of the Ron Paul Toolbar

WOW! This was supposed to be a safe, simple, FREE tool to raise money for the grassroots (see http://ronpaultoolbar.com/testimonial.shtml) This month make sure you vote and get your own referral ID and SPREAD THE WORD! We started at ZERO a couple of weeks ago now over 3200+ active users and $1500+ in earnings! Anyone with ANY questions feel free to call me 9-9 EST 864-325-6400.

GO RON PAUL!

Chris Lawton
RP Greer, SC
Meetup Org.

 

[adam1mc]

WOW! This was supposed to be a safe, simple, FREE tool to raise money for the grassroots (see http://ronpaultoolbar.com/testimonial.shtml) This month make sure you vote and get your own referral ID and SPREAD THE WORD! We started at ZERO a couple of weeks ago now over 3200+ active users and $1500+ in earnings! Anyone with ANY questions feel free to call me 9-9 EST 864-325-6400.

GO RON PAUL!

Chris Lawton
RP Greer, SC
Meetup Org.

To satisfy concerns, can you prove that the money raised is in fact being routed to Ron Paul related projects?

 

[darbsllim]

adam1mc, thank you very much.

People have been trying to discredit the Ron Paul Toolbar since day 1 on this forum with wild assumptions and hyperbolic accusations.

Nothing I could have said would have satisfied them, so thank you very much for spelling out exactly WHY this is safe. Hopefully this will put to rest once and for all the accusations.

As for proof that we're sending money to the grassroots - if you look at the link Chris posted, you will see 3 checks for the month of January, thats the proof.

To everyone who's been attacking this project, especially athalon64bit:

We don't need negativity. Do you want to see Ron Paul elected, or do you want to troll forums all day long? Do you want more grassroots projects like the Blimp to fall? Because thats what you are doing.

OPEN YOUR MIND.

Most people attack the toolbar before they even look into it, and I have to defend the project. We'd rather spend our time doing other things than defending the project from these baseless accusations.

There are thousands who actually support the project, but it's the few like you that are ruining the momentum.

This is an amazing grassroots project that has the potential to send multiple 6 figures to the grassroots efforts monthly.

I don't appreciate this, we're putting an extreme amount of effort, getting paid ZILCH to help get Ron Paul elected like millions of other people around the world.

Heck, I'M CANADIAN and I'm putting all of my time and energy into getting Ron Paul elected. So please why don't you think about that before you go around ruining grassroots projects.

This is a brilliant idea, it's an amazing project run by a TOP NOTCH American patriot, and I would ask that you either embrace it, or just leave it alone.

If you're not into this project, then do something else, please don't ruin it.

Thank you again adam1mc - thank you VERY MUCH. You went way beyond the call of duty and I really appreciate it.