« Have we all lost our minds? | Main | More on Macworld Expo »

i get email...

shit, not even cool shit like PZ. I get lame crazy shit.

so here's what started this, on the Apple client management list...a terribly excited, rather confused woman is convinced she's being hacked. it goes back and forth with some folks, who mean well, but are just amping shit up until she sends this:

Here's where things stand. I erased and installed the OS from a system disk in the DVD drive. Logged back in. Still heard motor racing so checked with lsof command in Terminal. Saw lyld processes, PIPE processes, mDNS (on Leopard) and more alarming things. Checked System Profiler found awake on net set to yes, found Bluetooth on, and other discrepancies. Shut down.
C boot again. From Disk Utility checked file image. In /private/var/ found launchd folder filled with a sock terminal, found folder named mds holding install.lock, lick, mdsDirectory, and object. Found alias folder named run with appfwd.pid, asl_input, com.apple.blued.launchd, config.pid, diskarbitrationd.pid, installer, mDNSResponder, a ppp.confd terminal, syslog, syslog.pid, and utm.px.

Other directory level folders held only a file named com.apple.stackshot.plist.

All these files have been suspects in this investigation, so I figure a kernel level rootkit is usurping the system.

I partitioned, 7-0's erased, and still heard the hard drive racing everytime I began a new operation. Very hard on the drive. Because if the racing drive when no operations required it, I did a lsof again. Dynamic load libraries running amuck. PIPE. The whole host of dementors were still there and still running.

My disk name changed to rdisk1s03. I think the "r" means image file.

I checked the Installer Log from th C drive boot. Found a lot of evidence that includes these unlikely terms: localhost LCA [65]. (this is the villan). Folder Manager create a folder; CPSGetProcessInfo; OSInstaller [144] Folder Manager create a folder;
at this point I get created as localhost Unknown[66]

Lots more bad stuff and then
ENV: DYLD_NO_FIX_PREBINDING=1

ENV: SHLVL=1

ENV: OS_ INSTALL=1

ENV:_=/System/Installation/CDIS/LCA.app/Contents/MacOS/LCA. (you may remember LCA was the first user, so I think we have a point of origin.)

There's much more, but I need a rest. Typing all this from a pad to my iPhone is more labor intensive than my usual style.

I cannot erase the drive. I have to get in at the preBoot level or something. Any ideas?

Also I think we may want reinforcements. Any other expert sites worthy in your eyes. I'm not looking forward to typing on this cute little phone but if I can't save my two compromised notebooks I'm gonna be
doing it for a long time.

Thanks everyone for this afternoon's work. Nap time.

Letha

Letha Deck

On Jan 4, 2010, at 2:50 PM, Steven Kolins
wrote:

>
> On Jan 4, 2010, at Monday 2:23 PM, Letha Deck wrote:
>
>> none of the techniques worked, yet, because they've invaded too
>> deeply into my Mac territories. I cannot change any files or folders.
>
>
> If you have a working Mac somewhere you may be able to gain access
> by putting the machine in target mode. You will need a full firewire
> cord (newer is Firewire 800, so called "9 pin to 9 pin".)
>
> Hold the T key down at boot and the machine will slave out the hd
> out the firewire port to any Mac waiting that is connected by a
> firewire cord. Then you get a r/w version of the hd. Should be safe
> if you don't run executables from the drive - just aim things
> scanner programs at the drive.
>
> = - - - - - - - =
> Steven Kolins

Okay, so she's off in the weeds. DEEP into the weeds now.

I reply:

Okay, hold on, let's slow down and rather than playing "Ready, Fire, Aim", let's actually look at what's going on, so that we separate "I'm not sure what this does" from "OMGHAXX0RZ!!!111"
On 1/4/10 6:34 PM, "Letha Deck" wrote:
> Here's where things stand. I erased and installed the OS from a system
> disk in the DVD drive. Logged back in. Still heard motor racing so
> checked with lsof command in Terminal.

So first thing: "motor racing" has no meaning at all. None. You have to not only be specific, but use terms for whose meaning we can all agree upon.

What do you specifically mean by "motor" in this context. Fan? Optical drive? Hemi?

> Saw lyld processes, PIPE
> processes, mDNS (on Leopard) and more alarming things.

On a brand new OS install, all of those things are absolutely normal.
Completely.

Even on a fully patched system running 10.5.8, I have numerous processes that are using dyld. Since dyld is used with various libraries in the OS, it would be far more frightening to NOT have multiple copies of dyld running.

Again, the same with PIPE. In fact, to check for just PIPE processes with lsof, you have to actually use PIPE.

mDNSResponder and associated processes using mDNS in Leopard, again, perfectly normal by default.

*None of those are alarming*

> Checked System
> Profiler found awake on net set to yes, found Bluetooth on, and other
> discrepancies. Shut down.

Both of those are the correct default values for a new install from the leopard DVD.

>
> C boot again. From Disk Utility checked file image. In /private/var/
> found launchd folder filled with a sock terminal,

Normal for sockets, a rather common Unix tool

> found folder named
> mds holding install.lock, lick, mdsDirectory, and object.

Yep, spotlight processes are normal

> Found alias
> folder named run with appfwd.pid, asl_input, com.apple.blued.launchd,
> config.pid, diskarbitrationd.pid, installer, mDNSResponder, a
> ppp.confd terminal, syslog, syslog.pid, and utm.px.

All of those are normal, and rather critical.

>
> Other directory level folders held only a file named
> com.apple.stackshot.plist.

Yes, that's the facility that the OS uses to capture stack traces for various automatic reasons. 'man stackshot' explains it fully.

>
>
> All these files have been suspects in this investigation, so I figure
> a kernel level rootkit is usurping the system.

Forgive my bluntness, but those are no more indicative of a rootkit than they are of a yeti.

>
> I partitioned, 7-0's erased, and still heard the hard drive racing
> everytime I began a new operation. Very hard on the drive. Because
> if the racing drive when no operations required it, I did a lsof
> again. Dynamic load libraries running amuck. PIPE. The whole host of
> dementors were still there and still running.

As they are rather needed for the OS to operate, that you keep finding them is absolutely unsurprising.

>
> My disk name changed to rdisk1s03. I think the "r" means image file.

Not really. Google /dev/rdisk.

>
> I checked the Installer Log from th C drive boot. Found a lot of
> evidence that includes these unlikely terms: localhost LCA [65].
> (this is the villan). Folder Manager create a folder;
> CPSGetProcessInfo; OSInstaller [144] Folder Manager create a folder;
> at this point I get created as localhost Unknown[66]
>
>
> Lots more bad stuff and then
> ENV: DYLD_NO_FIX_PREBINDING=1
>
> ENV: SHLVL=1
>
> ENV: OS_ INSTALL=1
>
> ENV:_=/System/Installation/CDIS/LCA.app/Contents/MacOS/LCA. (you may
> remember LCA was the first user, so I think we have a point of origin.)
>
> There's much more, but I need a rest. Typing all this from a pad to my
> iPhone is more labor intensive than my usual style.

None of this is abnormal nor evil.

>
> I cannot erase the drive. I have to get in at the preBoot level or
> something. Any ideas?

Yes. First rule of sysadmining: "Just because I don't know what something is does not imply it is bad or useless. It really means I have more to learn.

>
> Also I think we may want reinforcements. Any other expert sites worthy
> in your eyes. I'm not looking forward to typing on this cute little
> phone but if I can't save my two compromised notebooks I'm gonna be
> doing it for a long time.

Based on this, you have great need of education, not panicking. Everyone starts out with that same need. Those of us who do well in this field realize that need never goes away nor diminishes.

Yes, i was in fact being deliberately not snarky. Well, not very.

I then get this shit offlist:

Thanks for the information. I am actually not in your field. I came to your list to learn from experts. I wrote that in my introduction. Your style is rough. I was told about a hostile post or two from others but I am on digest. Just got it. I felt embarassed and humiliated. That part I don't like. You gave me some good information. I appreciate it.
I am not a network. I am a single user at home. My router is not even plugged in for security reasons.

I would feel rather silly describing anything else to you. Thank you for your interest.

Da Fuck? for taking a lot of time with lsof to doublecheck what I already knew and trying to un-panic her, I get this?

oh.fuck.no.

On 1/5/10 3:43 PM, "Letha Deck" wrote:
> Thanks for the information. I am actually not in your field. I came to
> your list to learn from experts. I wrote that in my introduction. Your
> style is rough. I was told about a hostile post or two from others but
> I am on digest. Just got it. I felt embarassed and humiliated. That
> part I don't like. You gave me some good information. I appreciate it.

Your feeling silly or anything else is most certainly not my fault, and your reaction to things is neither my fault, nor unique. Everyone in 'my' field, *everyone* has had a moment of freaking out about something that turned out to be absolutely normal.

We also all felt silly about it. In many cases, various nicknames synonymous with 'crash' were assigned. One place I worked had the "Crash Craddock" award for best screwup of the month. Mildly mean, but not taken personally.

Stop blaming others for this, and your feelings of embarrassment resulting from it, not our fault.

> I am not a network. I am a single user at home. My router is not even
> plugged in for security reasons.

Not that you'll listen, but you're really confusing paranoia and security. Even real security experts plug in their routers. They don't work terribly well otherwise.

> I would feel rather silly describing anything else to you. Thank you
> for your interest.

So let me get this straight: rather than amping up the state of panic you were in, I went through all the things you were rather freaking out about, and pointed out that these are normal things.

Line

By

Line

I pointed out that they were not in fact indicative of a rootkit, nor any other form of malicious attack.

I pointed out that like everyone on that list, including myself, the way to get past the the assumptions that were causing you to panic was to keep educating yourself and to never stop.

And amongst all that, you're angry that I didn't encourage you to panic more in a nice way? Seriously, you'd rather get bad advice that does no good whatsoever, and keeps you in a state of panic for days, rather than endure the pure evil that is light sarcasm, and information that points out your panic is unwarranted, and that you should not approach 'strange' as unknown?

So in your world, nice and wrong beats sarcastic and correct?

You go on with yo' bad self with that attitude, but helping yourself, you are not.

Of course i replied. Duh. So she has to reply back, still whining:

I'm sorry. I couldn't finish reading your email. I saw your website. It seems you have a consistent personal style that offends me to the point where I don't desire to read you so I stop. Some people like that Rush Limbaugh thing you've got going on. The bombastic quality of that communication style isn't compatible with an intellectual bookworm like myself.
From what I did read and scan I found that you are not a careful reader. That makes you unreliable. You are include too many personal admonishments. If I don't respect you why would I respect your lectures on comportment?

I don't want to spend another millisecond considering you or anything you have to say. It's not like you are saying much that can't be heard from a zillion other Joes. I'd rather listen to one with a handsome manner.

Again. Thanks. I'm deleting you. Do the same with me.

So now i'm in the "what are you, fucking 12?" mode...and i just have to have fun with 'literary bookworm'. Pretentious bint:

On 1/5/10 9:20 PM, "Letha Deck" wrote:
> I'm sorry. I couldn't finish reading your email. I saw your website.
> It seems you have a consistent personal style that offends me to the
> point where I don't desire to read you so I stop. Some people like
> that Rush Limbaugh thing you've got going on. The bombastic quality of
> that communication style isn't compatible with an intellectual
> bookworm like myself.

Ah, the "you're rude, so your words have no meaning" technique. Amusing as it is useless. I shall then hazard that you've little Ambrose Bierce in your awesome literary collection, for I imagine the 'bombastic' quality of his bon mots would likely send you to the drawing room with a critical case of the vapors.

>
> From what I did read and scan I found that you are not a careful
> reader. That makes you unreliable. You are include too many personal
> admonishments. If I don't respect you why would I respect your
> lectures on comportment?

You accuse me of being a poor reader, yet you admit to not reading my email. Is 'irony' a word you're familiar with, because that bit is *rich* with it. Oh, if you're going to assume a position of literary superiority, then you might want to grammar-check your missives. "You are include too many personal admonishments" is not the kind of mistake that someone who is truly an "intellectual bookworm" would make.

>
> I don't want to spend another millisecond considering you or anything
> you have to say. It's not like you are saying much that can't be heard
> from a zillion other Joes. I'd rather listen to one with a handsome
> manner.

I'm surprised an 'intellectual bookworm' such as yourself would say that, considering the rich history of evil using fair form, with a handsome manner to deceive the innocent, even as the truth was ignored because it was neither pretty or smooth. Your aspirations of literary familiarity seem a bit shallow.

Of course, it's also too bad I'm the only one who bothered to explain to you what was going on with your computer, or that you weren't being hacked. I should have let you keep wiping out your hard drive and giggled at the waste of time from the sidelines. Instead, I took a bit of pity on you. How sharper than a serpent's tongue is the lack of gratitude.

As I thought, you don't care about the quality of content, only the quality of tone. Kind of like a puppy, in that you can threaten it with dire consequences, but as long as you do so in a cutesy obsequious tone, it thinks you're praising it to the heavens.

>
> Again. Thanks. I'm deleting you. Do the same with me.

Oh emperor? The new outfit? Looks *fantastic*.

Handsome words, weren't they.

Annnnd the reply. shorter now, i think she's getting tired of it:

Really dude. Don't waste your time. I have discipline. Your work is on the trashbin. Save your energy v I can resist you.

Not sure if that was a D&D reference or not. Whatever:

> Really dude. Don't waste your time. I have discipline. Your work is on > the trashbin. Save your energy v I can resist you.
Your continuous replies give lie to that. But you keep saying that. If you say it enough, you may even believe it.

Shouldn't you be wiping your hard drive, the dyld hackers'll getcha!

Yeah, i know, i'm just being a dick at this point, but what the hell, it's fun right?

Then we take the abrupt left into CRAAAAAAAAZYTOWN:

Gee, I hope you didn't send an apology last time because this email is to notify you that I have asked you three times to cease communicating with me, yet you continue to write me.
John, you are harassing me. You need to let go of this and get on with your life.

If you decide not to respect my wish that you stop emailing me at my personal address, I am going to report your behavior to all the appropriate officials of the mailing list.

This is my last request and your only warning.

For the record, do not call or visit or stalk me in any way because I will report you to the police and if necessary, have you prosecuted.

I have to admit to having that 'poleaxed head-cocked puppy' look for a few. Rampant paranoia will do that. But, i have no sense, and less restraint, so:

> Gee, I hope you didn't send an apology last time because this email is > to notify you that I have asked you three times to cease communicating > with me, yet you continue to write me.
You wrote me, privately. You did so to, literally, scold me, and tell me that I was a bad person. I replied.

Lather rinse, repeat

>
> John, you are harassing me. You need to let go of this and get on with
> your life.

Um, you started this with your original email to me, remember? I don't suffer inane emails from someone I mistakenly tried to help.

>
> If you decide not to respect my wish that you stop emailing me at my
> personal address, I am going to report your behavior to all the
> appropriate officials of the mailing list.

Now you're threatening me to the EMAIL LIST? How about YOU stop starting fights and then crying when the other person doesn't run away from your vacuous inane idiocy.

But by all means, go right the hell ahead.

>
> This is my last request and your only warning.

I dare you to report me to the list administrator. I double-dog dare you.

>
> For the record, do not call or visit or stalk me in any way because I
> will report you to the police and if necessary, have you prosecuted.

I don't know, nor do I wish to know your phone number or address. But here's one. How about YOU stop threatening me, and I won't post this entire email chain on my web site so that anyone else who reads your paranoid ramblings on a mailing list knows better than to help you. (actually, since you're threatening me legally, that might be a really good idea on my part, so that this is all out in the open.)

Pro Tip: don't harass people and then get whiny when they don't react well. You emailed me at MY 'private' email address to harass me. Did you really expect me to thank you?

I'm sure there's another part of the internet you can babble at. Run along now and do so.

Gotta give her credit, she took the dare.

When do I get crazy-assed bikini models with sexual addiction issues lurking in the bushes? I think i could handle that. Instead, i get this tripe. sigh.

Categories: Other

Posted by John C. Welch at 23:42 | Permalink

Comments

Warning for Notes users: The commenting system uses HTML.
I know this will be scary for some of you, especially Notes fans. However, open standards, rah-rah.
If you want to use less-than or greater-than signs, or other similar characters that HTML reserves,
you'll simply have to learn to do it the HTML way. Luckily, HTML is kind of popular, no matter what
your re-educators have told you, and you can easily find help on the intertubes.

shit, not even cool shit like PZ. I get lame crazy shit.\n\nso here's what started this, on the Apple client management list...a terribly excited, rather confused woman is convinced she's being hacked. it goes back and forth with some folks, who mean well, but are just amping shit up until she sends this:\n\n

Here's where things stand. I erased and installed the OS from a system disk in the DVD drive. Logged back in. Still heard motor racing so checked with lsof command in Terminal. Saw lyld processes, PIPE processes, mDNS (on Leopard) and more alarming things. Checked System Profiler found awake on net set to yes, found Bluetooth on, and other discrepancies. Shut down.\n\nC boot again. From Disk Utility checked file image. In /private/var/ found launchd folder filled with a sock terminal, found folder named mds holding install.lock, lick, mdsDirectory, and object. Found alias folder named run with appfwd.pid, asl_input, com.apple.blued.launchd, config.pid, diskarbitrationd.pid, installer, mDNSResponder, a ppp.confd terminal, syslog, syslog.pid, and utm.px.\n\nOther directory level folders held only a file named com.apple.stackshot.plist.\n\n\nAll these files have been suspects in this investigation, so I figure a kernel level rootkit is usurping the system.\n\nI partitioned, 7-0's erased, and still heard the hard drive racing everytime I began a new operation. Very hard on the drive. Because if the racing drive when no operations required it, I did a lsof again. Dynamic load libraries running amuck. PIPE. The whole host of dementors were still there and still running.\n\nMy disk name changed to rdisk1s03. I think the \"r\" means image file.\n\nI checked the Installer Log from th C drive boot. Found a lot of evidence that includes these unlikely terms: localhost LCA [65]. (this is the villan). Folder Manager create a folder; CPSGetProcessInfo; OSInstaller [144] Folder Manager create a folder; \nat this point I get created as localhost Unknown[66]\n\n\nLots more bad stuff and then\nENV: DYLD_NO_FIX_PREBINDING=1\n\nENV: SHLVL=1\n\nENV: OS_ INSTALL=1\n\nENV:_=/System/Installation/CDIS/LCA.app/Contents/MacOS/LCA. (you may remember LCA was the first user, so I think we have a point of origin.)\n\nThere's much more, but I need a rest. Typing all this from a pad to my iPhone is more labor intensive than my usual style.\n\nI cannot erase the drive. I have to get in at the preBoot level or something. Any ideas?\n\nAlso I think we may want reinforcements. Any other expert sites worthy in your eyes. I'm not looking forward to typing on this cute little phone but if I can't save my two compromised notebooks I'm gonna be \ndoing it for a long time.\n\nThanks everyone for this afternoon's work. Nap time.\n\nLetha\n\n\n\n\n\n\n\n\nLetha Deck\n\n\nOn Jan 4, 2010, at 2:50 PM, Steven Kolins \nwrote:\n\n>\n> On Jan 4, 2010, at Monday 2:23 PM, Letha Deck wrote:\n>\n>> none of the techniques worked, yet, because they've invaded too \n>> deeply into my Mac territories. I cannot change any files or folders.\n>\n>\n> If you have a working Mac somewhere you may be able to gain access \n> by putting the machine in target mode. You will need a full firewire \n> cord (newer is Firewire 800, so called \"9 pin to 9 pin\".)\n>\n> Hold the T key down at boot and the machine will slave out the hd \n> out the firewire port to any Mac waiting that is connected by a \n> firewire cord. Then you get a r/w version of the hd. Should be safe \n> if you don't run executables from the drive - just aim things \n> scanner programs at the drive.\n>\n> = - - - - - - - =\n> Steven Kolins\n\n

\n\nOkay, so she's off in the weeds. DEEP into the weeds now.\n\nI reply:\n\n

Okay, hold on, let's slow down and rather than playing \"Ready, Fire, Aim\", let's actually look at what's going on, so that we separate \"I'm not sure what this does\" from \"OMGHAXX0RZ!!!111\"\n\nOn 1/4/10 6:34 PM, \"Letha Deck\" wrote:\n> Here's where things stand. I erased and installed the OS from a system\n> disk in the DVD drive. Logged back in. Still heard motor racing so\n> checked with lsof command in Terminal.\n\nSo first thing: \"motor racing\" has no meaning at all. None. You have to not only be specific, but use terms for whose meaning we can all agree upon.\n\nWhat do you specifically mean by \"motor\" in this context. Fan? Optical drive? Hemi?\n\n> Saw lyld processes, PIPE\n> processes, mDNS (on Leopard) and more alarming things.\n\nOn a brand new OS install, all of those things are absolutely normal.\nCompletely. \n\nEven on a fully patched system running 10.5.8, I have numerous processes that are using dyld. Since dyld is used with various libraries in the OS, it would be far more frightening to NOT have multiple copies of dyld running.\n\nAgain, the same with PIPE. In fact, to check for just PIPE processes with lsof, you have to actually use PIPE.\n\nmDNSResponder and associated processes using mDNS in Leopard, again, perfectly normal by default.\n\n*None of those are alarming*\n\n\n> Checked System \n> Profiler found awake on net set to yes, found Bluetooth on, and other\n> discrepancies. Shut down.\n\nBoth of those are the correct default values for a new install from the leopard DVD.\n\n> \n> C boot again. From Disk Utility checked file image. In /private/var/\n> found launchd folder filled with a sock terminal,\n\nNormal for sockets, a rather common Unix tool\n\n> found folder named\n> mds holding install.lock, lick, mdsDirectory, and object.\n\nYep, spotlight processes are normal\n\n> Found alias \n> folder named run with appfwd.pid, asl_input, com.apple.blued.launchd,\n> config.pid, diskarbitrationd.pid, installer, mDNSResponder, a\n> ppp.confd terminal, syslog, syslog.pid, and utm.px.\n\nAll of those are normal, and rather critical.\n\n> \n> Other directory level folders held only a file named\n> com.apple.stackshot.plist.\n\nYes, that's the facility that the OS uses to capture stack traces for various automatic reasons. 'man stackshot' explains it fully.\n\n> \n> \n> All these files have been suspects in this investigation, so I figure\n> a kernel level rootkit is usurping the system.\n\nForgive my bluntness, but those are no more indicative of a rootkit than they are of a yeti.\n\n> \n> I partitioned, 7-0's erased, and still heard the hard drive racing\n> everytime I began a new operation. Very hard on the drive. Because\n> if the racing drive when no operations required it, I did a lsof\n> again. Dynamic load libraries running amuck. PIPE. The whole host of\n> dementors were still there and still running.\n\nAs they are rather needed for the OS to operate, that you keep finding them is absolutely unsurprising.\n\n> \n> My disk name changed to rdisk1s03. I think the \"r\" means image file.\n\nNot really. Google /dev/rdisk.\n\n> \n> I checked the Installer Log from th C drive boot. Found a lot of\n> evidence that includes these unlikely terms: localhost LCA [65].\n> (this is the villan). Folder Manager create a folder;\n> CPSGetProcessInfo; OSInstaller [144] Folder Manager create a folder;\n> at this point I get created as localhost Unknown[66]\n> \n> \n> Lots more bad stuff and then\n> ENV: DYLD_NO_FIX_PREBINDING=1\n> \n> ENV: SHLVL=1\n> \n> ENV: OS_ INSTALL=1\n> \n> ENV:_=/System/Installation/CDIS/LCA.app/Contents/MacOS/LCA. (you may\n> remember LCA was the first user, so I think we have a point of origin.)\n> \n> There's much more, but I need a rest. Typing all this from a pad to my\n> iPhone is more labor intensive than my usual style.\n\nNone of this is abnormal nor evil.\n\n> \n> I cannot erase the drive. I have to get in at the preBoot level or\n> something. Any ideas?\n\nYes. First rule of sysadmining: \"Just because I don't know what something is does not imply it is bad or useless. It really means I have more to learn.\n\n> \n> Also I think we may want reinforcements. Any other expert sites worthy\n> in your eyes. I'm not looking forward to typing on this cute little\n> phone but if I can't save my two compromised notebooks I'm gonna be\n> doing it for a long time.\n\nBased on this, you have great need of education, not panicking. Everyone starts out with that same need. Those of us who do well in this field realize that need never goes away nor diminishes.\n

\n\nYes, i was in fact being deliberately not snarky. Well, not very. \n\nI then get this shit offlist:\n\n

Thanks for the information. I am actually not in your field. I came to your list to learn from experts. I wrote that in my introduction. Your style is rough. I was told about a hostile post or two from others but I am on digest. Just got it. I felt embarassed and humiliated. That part I don't like. You gave me some good information. I appreciate it.\n\nI am not a network. I am a single user at home. My router is not even plugged in for security reasons.\n\nI would feel rather silly describing anything else to you. Thank you for your interest.

\n\nDa Fuck? for taking a lot of time with lsof to doublecheck what I already knew and trying to un-panic her, I get this?\n\noh.fuck.no.\n\n

On 1/5/10 3:43 PM, \"Letha Deck\" wrote:\n\n> Thanks for the information. I am actually not in your field. I came to \n> your list to learn from experts. I wrote that in my introduction. Your \n> style is rough. I was told about a hostile post or two from others but \n> I am on digest. Just got it. I felt embarassed and humiliated. That \n> part I don't like. You gave me some good information. I appreciate it.\n\nYour feeling silly or anything else is most certainly not my fault, and your reaction to things is neither my fault, nor unique. Everyone in 'my' field, *everyone* has had a moment of freaking out about something that turned out to be absolutely normal.\n\nWe also all felt silly about it. In many cases, various nicknames synonymous with 'crash' were assigned. One place I worked had the \"Crash Craddock\" award for best screwup of the month. Mildly mean, but not taken personally. \n\nStop blaming others for this, and your feelings of embarrassment resulting from it, not our fault.\n\n> I am not a network. I am a single user at home. My router is not even \n> plugged in for security reasons.\n\nNot that you'll listen, but you're really confusing paranoia and security. Even real security experts plug in their routers. They don't work terribly well otherwise. \n\n> I would feel rather silly describing anything else to you. Thank you \n> for your interest.\n\nSo let me get this straight: rather than amping up the state of panic you were in, I went through all the things you were rather freaking out about, and pointed out that these are normal things.\n\nLine\n\nBy\n\nLine\n\nI pointed out that they were not in fact indicative of a rootkit, nor any other form of malicious attack. \n\nI pointed out that like everyone on that list, including myself, the way to get past the the assumptions that were causing you to panic was to keep educating yourself and to never stop.\n\nAnd amongst all that, you're angry that I didn't encourage you to panic more in a nice way? Seriously, you'd rather get bad advice that does no good whatsoever, and keeps you in a state of panic for days, rather than endure the pure evil that is light sarcasm, and information that points out your panic is unwarranted, and that you should not approach 'strange' as unknown?\n\nSo in your world, nice and wrong beats sarcastic and correct?\n\nYou go on with yo' bad self with that attitude, but helping yourself, you are not.

\n\nOf course i replied. Duh. So she has to reply back, still whining:\n\n

I'm sorry. I couldn't finish reading your email. I saw your website. It seems you have a consistent personal style that offends me to the point where I don't desire to read you so I stop. Some people like that Rush Limbaugh thing you've got going on. The bombastic quality of that communication style isn't compatible with an intellectual bookworm like myself.\n\nFrom what I did read and scan I found that you are not a careful reader. That makes you unreliable. You are include too many personal admonishments. If I don't respect you why would I respect your lectures on comportment?\n\nI don't want to spend another millisecond considering you or anything you have to say. It's not like you are saying much that can't be heard from a zillion other Joes. I'd rather listen to one with a handsome manner.\n\nAgain. Thanks. I'm deleting you. Do the same with me.

\n\nSo now i'm in the \"what are you, fucking 12?\" mode...and i just have to have fun with 'literary bookworm'. Pretentious bint:\n\n

On 1/5/10 9:20 PM, \"Letha Deck\" wrote:\n\n> I'm sorry. I couldn't finish reading your email. I saw your website. \n> It seems you have a consistent personal style that offends me to the \n> point where I don't desire to read you so I stop. Some people like \n> that Rush Limbaugh thing you've got going on. The bombastic quality of \n> that communication style isn't compatible with an intellectual \n> bookworm like myself.\n\nAh, the \"you're rude, so your words have no meaning\" technique. Amusing as it is useless. I shall then hazard that you've little Ambrose Bierce in your awesome literary collection, for I imagine the 'bombastic' quality of his bon mots would likely send you to the drawing room with a critical case of the vapors.\n\n> \n> From what I did read and scan I found that you are not a careful \n> reader. That makes you unreliable. You are include too many personal \n> admonishments. If I don't respect you why would I respect your \n> lectures on comportment?\n\nYou accuse me of being a poor reader, yet you admit to not reading my email. Is 'irony' a word you're familiar with, because that bit is *rich* with it. Oh, if you're going to assume a position of literary superiority, then you might want to grammar-check your missives. \"You are include too many personal admonishments\" is not the kind of mistake that someone who is truly an \"intellectual bookworm\" would make. \n\n> \n> I don't want to spend another millisecond considering you or anything \n> you have to say. It's not like you are saying much that can't be heard \n> from a zillion other Joes. I'd rather listen to one with a handsome \n> manner.\n\nI'm surprised an 'intellectual bookworm' such as yourself would say that, considering the rich history of evil using fair form, with a handsome manner to deceive the innocent, even as the truth was ignored because it was neither pretty or smooth. Your aspirations of literary familiarity seem a bit shallow.\n\nOf course, it's also too bad I'm the only one who bothered to explain to you what was going on with your computer, or that you weren't being hacked. I should have let you keep wiping out your hard drive and giggled at the waste of time from the sidelines. Instead, I took a bit of pity on you. How sharper than a serpent's tongue is the lack of gratitude.\n\nAs I thought, you don't care about the quality of content, only the quality of tone. Kind of like a puppy, in that you can threaten it with dire consequences, but as long as you do so in a cutesy obsequious tone, it thinks you're praising it to the heavens. \n\n> \n> Again. Thanks. I'm deleting you. Do the same with me.\n\nOh emperor? The new outfit? Looks *fantastic*. \n\nHandsome words, weren't they.

\n\nAnnnnd the reply. shorter now, i think she's getting tired of it:\n\n

Really dude. Don't waste your time. I have discipline. Your work is on the trashbin. Save your energy v I can resist you.

\n\nNot sure if that was a D&D reference or not. Whatever:\n\n

> Really dude. Don't waste your time. I have discipline. Your work is on \n> the trashbin. Save your energy v I can resist you.\n\nYour continuous replies give lie to that. But you keep saying that. If you say it enough, you may even believe it.\n\nShouldn't you be wiping your hard drive, the dyld hackers'll getcha!

\n\nYeah, i know, i'm just being a dick at this point, but what the hell, it's fun right?\n\nThen we take the abrupt left into CRAAAAAAAAZYTOWN:\n\n

Gee, I hope you didn't send an apology last time because this email is to notify you that I have asked you three times to cease communicating with me, yet you continue to write me.\n\nJohn, you are harassing me. You need to let go of this and get on with your life.\n\nIf you decide not to respect my wish that you stop emailing me at my personal address, I am going to report your behavior to all the appropriate officials of the mailing list.\n\nThis is my last request and your only warning.\n\nFor the record, do not call or visit or stalk me in any way because I will report you to the police and if necessary, have you prosecuted.

\n\nI have to admit to having that 'poleaxed head-cocked puppy' look for a few. Rampant paranoia will do that. But, i have no sense, and less restraint, so:\n\n

> Gee, I hope you didn't send an apology last time because this email is \n> to notify you that I have asked you three times to cease communicating \n> with me, yet you continue to write me.\n\nYou wrote me, privately. You did so to, literally, scold me, and tell me that I was a bad person. I replied. \n\nLather rinse, repeat\n\n> \n> John, you are harassing me. You need to let go of this and get on with \n> your life.\n\nUm, you started this with your original email to me, remember? I don't suffer inane emails from someone I mistakenly tried to help.\n\n> \n> If you decide not to respect my wish that you stop emailing me at my \n> personal address, I am going to report your behavior to all the \n> appropriate officials of the mailing list.\n\nNow you're threatening me to the EMAIL LIST? How about YOU stop starting fights and then crying when the other person doesn't run away from your vacuous inane idiocy. \n\nBut by all means, go right the hell ahead.\n\n> \n> This is my last request and your only warning.\n\nI dare you to report me to the list administrator. I double-dog dare you.\n\n> \n> For the record, do not call or visit or stalk me in any way because I \n> will report you to the police and if necessary, have you prosecuted.\n\nI don't know, nor do I wish to know your phone number or address. But here's one. How about YOU stop threatening me, and I won't post this entire email chain on my web site so that anyone else who reads your paranoid ramblings on a mailing list knows better than to help you. (actually, since you're threatening me legally, that might be a really good idea on my part, so that this is all out in the open.)\n\nPro Tip: don't harass people and then get whiny when they don't react well. You emailed me at MY 'private' email address to harass me. Did you really expect me to thank you?\n\nI'm sure there's another part of the internet you can babble at. Run along now and do so.\n

\n\nGotta give her credit, she took the dare. \n\nWhen do I get crazy-assed bikini models with sexual addiction issues lurking in the bushes? I think i could handle that. Instead, i get this tripe. sigh.