On Wed, 14 Jun 2023 19:38:40 +0100, David Brooks
<DavidB@nomail.afraid.org> wrote:

>You'll note that the 'update' I posted there "5 hrs ago" has been removed.
>https://developer.apple.com/forums/profile/HunterBD
>
>I'd better take a screenshot!

Quick, before you get banned again.

On Wed, 14 Jun 2023 19:29:11 +0100, David Brooks
<DavidB@nomail.afraid.org> wrote:

>Have you yet had the balls to run EtreCheck on your Apple MacBook Pro?

*SLIME ALERT*

David Brooks formulated the question :
> On 14/06/2023 18:24, FromTheRafters wrote:
>> David Brooks presented the following explanation :
>>> On 14/06/2023 14:15, FromTheRafters wrote:
>>>> David Brooks used his keyboard to write :
>>>>> On 14/06/2023 10:02, FromTheRafters wrote:
>>>>>> Joerg Lorenz wrote on 6/14/2023 :
>>>>>>> Am 13.06.23 um 21:22 schrieb David Brooks:
>>>>>>>> On 13/06/2023 12:29, Joerg Lorenz wrote:
>>>>>>>>> Am 13.06.23 um 13:01 schrieb David (BD):
>>>>>>>>>> On 13/06/2023 09:06, Joerg Lorenz wrote:
>>>>>>>>>>> Am 13.06.23 um 09:18 schrieb David Brooks:
>>>>>>>>>>>> Unsigned Files:
>>>>>>>>>>>>        Launchd:
>>>>>>>>>>>> /Library/LaunchDaemons/com.symantec.sharedsettings.MES.plist
>>>>>>>>>>>> Executable: /Library/Application
>>>>>>>>>>>> Support/Symantec/Silo/MES/DomainSettings/SymSharedSettingsd
>>>>>>>>>>>> Details: Exact match found in the legitimate list - probably OK
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> *The system is compromised*.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> I wonder if anyone else reading here agrees with you.
>>>>>>>>>
>>>>>>>>> Symantec files on a Mac or any other computer are a
>>>>>>>>> malware-infection.
>>>>>>>>
>>>>>>>> Ha! Guess what *I* found?!!!
>>>>>>>>
>>>>>>>> https://ibb.co/88bn2jF
>>>>>>>>
>>>>>>>> All now gone. :-D
>>>>>>>>
>>>>>>>> Thanks for helping. :-)
>>>>>>>
>>>>>>> Why do you do that? I'm stunned!
>>>>>>
>>>>>> You lied to him and he took you seriously.
>>>>>
>>>>> I'll refer you to my question posed here:-
>>>>> https://developer.apple.com/forums/thread/709959
>>>>>
>>>>> HTH
>>>>
>>>> Why?
>>>
>>> In the hope that you might comment there yourself.
>>>
>>> You didn't - probably didn't read today's comment either.
>>
>> I looked and saw no relevancy to accusing Symantec of writing malware.
>
> The relevancy was to how I FOUND Symantec on my iMac!
>
> Have you yet had the balls to run EtreCheck on your Apple MacBook Pro?

Nice try, I haven't responded to that kind of schoolyard taunting
since, well, since school -- a long time ago.

What kind of balls does one need to do something so simple and easy?
Sorry to find out that you think it takes balls to do such simple
things.

On 14/06/2023 22:11, FromTheRafters wrote:
> David Brooks formulated the question :
>> On 14/06/2023 18:24, FromTheRafters wrote:
>>> David Brooks presented the following explanation :
>>>> On 14/06/2023 14:15, FromTheRafters wrote:
>>>>> David Brooks used his keyboard to write :
>>>>>> On 14/06/2023 10:02, FromTheRafters wrote:
>>>>>>> Joerg Lorenz wrote on 6/14/2023 :
>>>>>>>> Am 13.06.23 um 21:22 schrieb David Brooks:
>>>>>>>>> On 13/06/2023 12:29, Joerg Lorenz wrote:
>>>>>>>>>> Am 13.06.23 um 13:01 schrieb David (BD):
>>>>>>>>>>> On 13/06/2023 09:06, Joerg Lorenz wrote:
>>>>>>>>>>>> Am 13.06.23 um 09:18 schrieb David Brooks:
>>>>>>>>>>>>> Unsigned Files:
>>>>>>>>>>>>>        Launchd:
>>>>>>>>>>>>> /Library/LaunchDaemons/com.symantec.sharedsettings.MES.plist Executable: /Library/Application Support/Symantec/Silo/MES/DomainSettings/SymSharedSettingsd Details: Exact match found in the legitimate list - probably OK
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> *The system is compromised*.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> I wonder if anyone else reading here agrees with you.
>>>>>>>>>>
>>>>>>>>>> Symantec files on a Mac or any other computer are a
>>>>>>>>>> malware-infection.
>>>>>>>>>
>>>>>>>>> Ha! Guess what *I* found?!!!
>>>>>>>>>
>>>>>>>>> https://ibb.co/88bn2jF
>>>>>>>>>
>>>>>>>>> All now gone. :-D
>>>>>>>>>
>>>>>>>>> Thanks for helping. :-)
>>>>>>>>
>>>>>>>> Why do you do that? I'm stunned!
>>>>>>>
>>>>>>> You lied to him and he took you seriously.
>>>>>>
>>>>>> I'll refer you to my question posed here:-
>>>>>> https://developer.apple.com/forums/thread/709959
>>>>>>
>>>>>> HTH
>>>>>
>>>>> Why?
>>>>
>>>> In the hope that you might comment there yourself.
>>>>
>>>> You didn't - probably didn't read today's comment either.
>>>
>>> I looked and saw no relevancy to accusing Symantec of writing malware.
>>
>> The relevancy was to how I FOUND Symantec on my iMac!
>>
>> Have you yet had the balls to run EtreCheck on your Apple MacBook Pro?
>
> Nice try, I haven't responded to that kind of schoolyard taunting since,
> well, since school -- a long time ago.
>
> What kind of balls does one need to do something so simple and easy?
> Sorry to find out that you think it takes balls to do such simple things.

A question then!

WHEN will you run EtreCheck on YOUR Apple computer!

*I WILL*! https://www.youtube.com/watch?v=3989jHX3sMQ

--
David

David Brooks laid this down on his screen :
> On 14/06/2023 22:11, FromTheRafters wrote:
>> David Brooks formulated the question :
>>> On 14/06/2023 18:24, FromTheRafters wrote:
>>>> David Brooks presented the following explanation :
>>>>> On 14/06/2023 14:15, FromTheRafters wrote:
>>>>>> David Brooks used his keyboard to write :
>>>>>>> On 14/06/2023 10:02, FromTheRafters wrote:
>>>>>>>> Joerg Lorenz wrote on 6/14/2023 :
>>>>>>>>> Am 13.06.23 um 21:22 schrieb David Brooks:
>>>>>>>>>> On 13/06/2023 12:29, Joerg Lorenz wrote:
>>>>>>>>>>> Am 13.06.23 um 13:01 schrieb David (BD):
>>>>>>>>>>>> On 13/06/2023 09:06, Joerg Lorenz wrote:
>>>>>>>>>>>>> Am 13.06.23 um 09:18 schrieb David Brooks:
>>>>>>>>>>>>>> Unsigned Files:
>>>>>>>>>>>>>>        Launchd:
>>>>>>>>>>>>>> /Library/LaunchDaemons/com.symantec.sharedsettings.MES.plist
>>>>>>>>>>>>>> Executable: /Library/Application
>>>>>>>>>>>>>> Support/Symantec/Silo/MES/DomainSettings/SymSharedSettingsd
>>>>>>>>>>>>>> Details: Exact match found in the legitimate list - probably OK
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> *The system is compromised*.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> I wonder if anyone else reading here agrees with you.
>>>>>>>>>>>
>>>>>>>>>>> Symantec files on a Mac or any other computer are a
>>>>>>>>>>> malware-infection.
>>>>>>>>>>
>>>>>>>>>> Ha! Guess what *I* found?!!!
>>>>>>>>>>
>>>>>>>>>> https://ibb.co/88bn2jF
>>>>>>>>>>
>>>>>>>>>> All now gone. :-D
>>>>>>>>>>
>>>>>>>>>> Thanks for helping. :-)
>>>>>>>>>
>>>>>>>>> Why do you do that? I'm stunned!
>>>>>>>>
>>>>>>>> You lied to him and he took you seriously.
>>>>>>>
>>>>>>> I'll refer you to my question posed here:-
>>>>>>> https://developer.apple.com/forums/thread/709959
>>>>>>>
>>>>>>> HTH
>>>>>>
>>>>>> Why?
>>>>>
>>>>> In the hope that you might comment there yourself.
>>>>>
>>>>> You didn't - probably didn't read today's comment either.
>>>>
>>>> I looked and saw no relevancy to accusing Symantec of writing malware.
>>>
>>> The relevancy was to how I FOUND Symantec on my iMac!
>>>
>>> Have you yet had the balls to run EtreCheck on your Apple MacBook Pro?
>>
>> Nice try, I haven't responded to that kind of schoolyard taunting since,
>> well, since school -- a long time ago.
>>
>> What kind of balls does one need to do something so simple and easy? Sorry
>> to find out that you think it takes balls to do such simple things.
>
> A question then!
>
> WHEN will you run EtreCheck on YOUR Apple computer!
>
> *I WILL*! https://www.youtube.com/watch?v=3989jHX3sMQ

When and if I want to.

On 14/06/2023 22:23, FromTheRafters wrote:
> David Brooks laid this down on his screen :
>> On 14/06/2023 22:11, FromTheRafters wrote:
>>> David Brooks formulated the question :
>>>> On 14/06/2023 18:24, FromTheRafters wrote:
>>>>> David Brooks presented the following explanation :
>>>>>> On 14/06/2023 14:15, FromTheRafters wrote:
>>>>>>> David Brooks used his keyboard to write :
>>>>>>>> On 14/06/2023 10:02, FromTheRafters wrote:
>>>>>>>>> Joerg Lorenz wrote on 6/14/2023 :
>>>>>>>>>> Am 13.06.23 um 21:22 schrieb David Brooks:
>>>>>>>>>>> On 13/06/2023 12:29, Joerg Lorenz wrote:
>>>>>>>>>>>> Am 13.06.23 um 13:01 schrieb David (BD):
>>>>>>>>>>>>> On 13/06/2023 09:06, Joerg Lorenz wrote:
>>>>>>>>>>>>>> Am 13.06.23 um 09:18 schrieb David Brooks:
>>>>>>>>>>>>>>> Unsigned Files:
>>>>>>>>>>>>>>>        Launchd:
>>>>>>>>>>>>>>> /Library/LaunchDaemons/com.symantec.sharedsettings.MES.plist Executable: /Library/Application Support/Symantec/Silo/MES/DomainSettings/SymSharedSettingsd Details: Exact match found in the legitimate list - probably OK
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> *The system is compromised*.
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> I wonder if anyone else reading here agrees with you.
>>>>>>>>>>>>
>>>>>>>>>>>> Symantec files on a Mac or any other computer are a
>>>>>>>>>>>> malware-infection.
>>>>>>>>>>>
>>>>>>>>>>> Ha! Guess what *I* found?!!!
>>>>>>>>>>>
>>>>>>>>>>> https://ibb.co/88bn2jF
>>>>>>>>>>>
>>>>>>>>>>> All now gone. :-D
>>>>>>>>>>>
>>>>>>>>>>> Thanks for helping. :-)
>>>>>>>>>>
>>>>>>>>>> Why do you do that? I'm stunned!
>>>>>>>>>
>>>>>>>>> You lied to him and he took you seriously.
>>>>>>>>
>>>>>>>> I'll refer you to my question posed here:-
>>>>>>>> https://developer.apple.com/forums/thread/709959
>>>>>>>>
>>>>>>>> HTH
>>>>>>>
>>>>>>> Why?
>>>>>>
>>>>>> In the hope that you might comment there yourself.
>>>>>>
>>>>>> You didn't - probably didn't read today's comment either.
>>>>>
>>>>> I looked and saw no relevancy to accusing Symantec of writing malware.
>>>>
>>>> The relevancy was to how I FOUND Symantec on my iMac!
>>>>
>>>> Have you yet had the balls to run EtreCheck on your Apple MacBook Pro?
>>>
>>> Nice try, I haven't responded to that kind of schoolyard taunting
>>> since, well, since school -- a long time ago.
>>>
>>> What kind of balls does one need to do something so simple and easy?
>>> Sorry to find out that you think it takes balls to do such simple
>>> things.
>>
>> A question then!
>>
>> WHEN will you run EtreCheck on YOUR Apple computer!
>>
>> *I WILL*!  https://www.youtube.com/watch?v=3989jHX3sMQ
>
> When and if I want to.

If you did - and your computer was compromised - how would you know?

David Brooks laid this down on his screen :
> On 14/06/2023 22:23, FromTheRafters wrote:
>> David Brooks laid this down on his screen :
>>> On 14/06/2023 22:11, FromTheRafters wrote:
>>>> David Brooks formulated the question :
>>>>> On 14/06/2023 18:24, FromTheRafters wrote:
>>>>>> David Brooks presented the following explanation :
>>>>>>> On 14/06/2023 14:15, FromTheRafters wrote:
>>>>>>>> David Brooks used his keyboard to write :
>>>>>>>>> On 14/06/2023 10:02, FromTheRafters wrote:
>>>>>>>>>> Joerg Lorenz wrote on 6/14/2023 :
>>>>>>>>>>> Am 13.06.23 um 21:22 schrieb David Brooks:
>>>>>>>>>>>> On 13/06/2023 12:29, Joerg Lorenz wrote:
>>>>>>>>>>>>> Am 13.06.23 um 13:01 schrieb David (BD):
>>>>>>>>>>>>>> On 13/06/2023 09:06, Joerg Lorenz wrote:
>>>>>>>>>>>>>>> Am 13.06.23 um 09:18 schrieb David Brooks:
>>>>>>>>>>>>>>>> Unsigned Files:
>>>>>>>>>>>>>>>>        Launchd:
>>>>>>>>>>>>>>>> /Library/LaunchDaemons/com.symantec.sharedsettings.MES.plist
>>>>>>>>>>>>>>>> Executable: /Library/Application
>>>>>>>>>>>>>>>> Support/Symantec/Silo/MES/DomainSettings/SymSharedSettingsd
>>>>>>>>>>>>>>>> Details: Exact match found in the legitimate list - probably
>>>>>>>>>>>>>>>> OK
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> *The system is compromised*.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I wonder if anyone else reading here agrees with you.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Symantec files on a Mac or any other computer are a
>>>>>>>>>>>>> malware-infection.
>>>>>>>>>>>>
>>>>>>>>>>>> Ha! Guess what *I* found?!!!
>>>>>>>>>>>>
>>>>>>>>>>>> https://ibb.co/88bn2jF
>>>>>>>>>>>>
>>>>>>>>>>>> All now gone. :-D
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks for helping. :-)
>>>>>>>>>>>
>>>>>>>>>>> Why do you do that? I'm stunned!
>>>>>>>>>>
>>>>>>>>>> You lied to him and he took you seriously.
>>>>>>>>>
>>>>>>>>> I'll refer you to my question posed here:-
>>>>>>>>> https://developer.apple.com/forums/thread/709959
>>>>>>>>>
>>>>>>>>> HTH
>>>>>>>>
>>>>>>>> Why?
>>>>>>>
>>>>>>> In the hope that you might comment there yourself.
>>>>>>>
>>>>>>> You didn't - probably didn't read today's comment either.
>>>>>>
>>>>>> I looked and saw no relevancy to accusing Symantec of writing malware.
>>>>>
>>>>> The relevancy was to how I FOUND Symantec on my iMac!
>>>>>
>>>>> Have you yet had the balls to run EtreCheck on your Apple MacBook Pro?
>>>>
>>>> Nice try, I haven't responded to that kind of schoolyard taunting since,
>>>> well, since school -- a long time ago.
>>>>
>>>> What kind of balls does one need to do something so simple and easy?
>>>> Sorry to find out that you think it takes balls to do such simple things.
>>>
>>> A question then!
>>>
>>> WHEN will you run EtreCheck on YOUR Apple computer!
>>>
>>> *I WILL*!  https://www.youtube.com/watch?v=3989jHX3sMQ
>>
>> When and if I want to.
>
> If you did - and your computer was compromised - how would you know?

I probably wouldn't, depending upon whether it was trapdoored or
backdoored. I would probably go online to find some help, and upon
reading even some of your threads I would discover that EtreCheck is a
well respected tool for ferreting out problems even if not related to
malware.

What specific kind of compromise are we fantasizing about? What does
the infestation do?

On 15/06/2023 00:09, FromTheRafters wrote:
> David Brooks laid this down on his screen :
>> On 14/06/2023 22:23, FromTheRafters wrote:
>>> David Brooks laid this down on his screen :
>>>> On 14/06/2023 22:11, FromTheRafters wrote:
>>>>> David Brooks formulated the question :
>>>>>> On 14/06/2023 18:24, FromTheRafters wrote:
>>>>>>> David Brooks presented the following explanation :
>>>>>>>> On 14/06/2023 14:15, FromTheRafters wrote:
>>>>>>>>> David Brooks used his keyboard to write :
>>>>>>>>>> On 14/06/2023 10:02, FromTheRafters wrote:
>>>>>>>>>>> Joerg Lorenz wrote on 6/14/2023 :
>>>>>>>>>>>> Am 13.06.23 um 21:22 schrieb David Brooks:
>>>>>>>>>>>>> On 13/06/2023 12:29, Joerg Lorenz wrote:
>>>>>>>>>>>>>> Am 13.06.23 um 13:01 schrieb David (BD):
>>>>>>>>>>>>>>> On 13/06/2023 09:06, Joerg Lorenz wrote:
>>>>>>>>>>>>>>>> Am 13.06.23 um 09:18 schrieb David Brooks:
>>>>>>>>>>>>>>>>> Unsigned Files:
>>>>>>>>>>>>>>>>>        Launchd:
>>>>>>>>>>>>>>>>> /Library/LaunchDaemons/com.symantec.sharedsettings.MES.plist Executable: /Library/Application Support/Symantec/Silo/MES/DomainSettings/SymSharedSettingsd Details: Exact match found in the legitimate list - probably OK
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> *The system is compromised*.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I wonder if anyone else reading here agrees with you.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Symantec files on a Mac or any other computer are a
>>>>>>>>>>>>>> malware-infection.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Ha! Guess what *I* found?!!!
>>>>>>>>>>>>>
>>>>>>>>>>>>> https://ibb.co/88bn2jF
>>>>>>>>>>>>>
>>>>>>>>>>>>> All now gone. :-D
>>>>>>>>>>>>>
>>>>>>>>>>>>> Thanks for helping. :-)
>>>>>>>>>>>>
>>>>>>>>>>>> Why do you do that? I'm stunned!
>>>>>>>>>>>
>>>>>>>>>>> You lied to him and he took you seriously.
>>>>>>>>>>
>>>>>>>>>> I'll refer you to my question posed here:-
>>>>>>>>>> https://developer.apple.com/forums/thread/709959
>>>>>>>>>>
>>>>>>>>>> HTH
>>>>>>>>>
>>>>>>>>> Why?
>>>>>>>>
>>>>>>>> In the hope that you might comment there yourself.
>>>>>>>>
>>>>>>>> You didn't - probably didn't read today's comment either.
>>>>>>>
>>>>>>> I looked and saw no relevancy to accusing Symantec of writing
>>>>>>> malware.
>>>>>>
>>>>>> The relevancy was to how I FOUND Symantec on my iMac!
>>>>>>
>>>>>> Have you yet had the balls to run EtreCheck on your Apple MacBook
>>>>>> Pro?
>>>>>
>>>>> Nice try, I haven't responded to that kind of schoolyard taunting
>>>>> since, well, since school -- a long time ago.
>>>>>
>>>>> What kind of balls does one need to do something so simple and
>>>>> easy? Sorry to find out that you think it takes balls to do such
>>>>> simple things.
>>>>
>>>> A question then!
>>>>
>>>> WHEN will you run EtreCheck on YOUR Apple computer!
>>>>
>>>> *I WILL*!  https://www.youtube.com/watch?v=3989jHX3sMQ
>>>
>>> When and if I want to.
>>
>> If you did - and your computer was compromised - how would you know?
>
> I probably wouldn't, depending upon whether it was trapdoored or
> backdoored.

Indeed - good malware is virtually undetectable!

> I would probably go online to find some help

*Stop*! Why would you do that? You wouldn't know you /needed/ any help!

> and upon
> reading even some of your threads I would discover that EtreCheck is a
> well respected tool for ferreting out problems even if not related to
> malware.

It *IS* well respected - so the folk on the ASC forums claim! So much so,
I purchased EtreCheck and had great fun exploring the inner workings of
my iMac.
> What specific kind of compromise are we fantasizing about? What does the
> infestation do?

That's what I'm trying to determine. Will you help?

--
David

David Brooks presented the following explanation :
> On 15/06/2023 00:09, FromTheRafters wrote:
>> David Brooks laid this down on his screen :
>>> On 14/06/2023 22:23, FromTheRafters wrote:
>>>> David Brooks laid this down on his screen :
>>>>> On 14/06/2023 22:11, FromTheRafters wrote:
>>>>>> David Brooks formulated the question :
>>>>>>> On 14/06/2023 18:24, FromTheRafters wrote:
>>>>>>>> David Brooks presented the following explanation :
>>>>>>>>> On 14/06/2023 14:15, FromTheRafters wrote:
>>>>>>>>>> David Brooks used his keyboard to write :
>>>>>>>>>>> On 14/06/2023 10:02, FromTheRafters wrote:
>>>>>>>>>>>> Joerg Lorenz wrote on 6/14/2023 :
>>>>>>>>>>>>> Am 13.06.23 um 21:22 schrieb David Brooks:
>>>>>>>>>>>>>> On 13/06/2023 12:29, Joerg Lorenz wrote:
>>>>>>>>>>>>>>> Am 13.06.23 um 13:01 schrieb David (BD):
>>>>>>>>>>>>>>>> On 13/06/2023 09:06, Joerg Lorenz wrote:
>>>>>>>>>>>>>>>>> Am 13.06.23 um 09:18 schrieb David Brooks:
>>>>>>>>>>>>>>>>>> Unsigned Files:
>>>>>>>>>>>>>>>>>>        Launchd:
>>>>>>>>>>>>>>>>>> /Library/LaunchDaemons/com.symantec.sharedsettings.MES.plist
>>>>>>>>>>>>>>>>>> Executable: /Library/Application
>>>>>>>>>>>>>>>>>> Support/Symantec/Silo/MES/DomainSettings/SymSharedSettingsd
>>>>>>>>>>>>>>>>>> Details: Exact match found in the legitimate list -
>>>>>>>>>>>>>>>>>> probably OK
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> *The system is compromised*.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> I wonder if anyone else reading here agrees with you.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Symantec files on a Mac or any other computer are a
>>>>>>>>>>>>>>> malware-infection.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Ha! Guess what *I* found?!!!
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> https://ibb.co/88bn2jF
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> All now gone. :-D
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Thanks for helping. :-)
>>>>>>>>>>>>>
>>>>>>>>>>>>> Why do you do that? I'm stunned!
>>>>>>>>>>>>
>>>>>>>>>>>> You lied to him and he took you seriously.
>>>>>>>>>>>
>>>>>>>>>>> I'll refer you to my question posed here:-
>>>>>>>>>>> https://developer.apple.com/forums/thread/709959
>>>>>>>>>>>
>>>>>>>>>>> HTH
>>>>>>>>>>
>>>>>>>>>> Why?
>>>>>>>>>
>>>>>>>>> In the hope that you might comment there yourself.
>>>>>>>>>
>>>>>>>>> You didn't - probably didn't read today's comment either.
>>>>>>>>
>>>>>>>> I looked and saw no relevancy to accusing Symantec of writing
>>>>>>>> malware.
>>>>>>>
>>>>>>> The relevancy was to how I FOUND Symantec on my iMac!
>>>>>>>
>>>>>>> Have you yet had the balls to run EtreCheck on your Apple MacBook Pro?
>>>>>>
>>>>>> Nice try, I haven't responded to that kind of schoolyard taunting
>>>>>> since, well, since school -- a long time ago.
>>>>>>
>>>>>> What kind of balls does one need to do something so simple and easy?
>>>>>> Sorry to find out that you think it takes balls to do such simple
>>>>>> things.
>>>>>
>>>>> A question then!
>>>>>
>>>>> WHEN will you run EtreCheck on YOUR Apple computer!
>>>>>
>>>>> *I WILL*!  https://www.youtube.com/watch?v=3989jHX3sMQ
>>>>
>>>> When and if I want to.
>>>
>>> If you did - and your computer was compromised - how would you know?
>>
>> I probably wouldn't, depending upon whether it was trapdoored or
>> backdoored.
>
> Indeed - good malware is virtually undetectable!
>
>> I would probably go online to find some help
>
> *Stop*! Why would you do that? You wouldn't know you /needed/ any help!

Not true, it depends upon the type of infestation. Malware "does
something" and that something can be detected. Even something like an
occasional beacon can be noticed but not addressed until investigated.

>> and upon reading even some of your threads I would discover that EtreCheck
>> is a well respected tool for ferreting out problems even if not related to
>> malware.
>
> It *IS* well respected - so the folk on the ASC forums claim! So much so,
> I purchased EtreCheck and had great fun exploring the inner workings of my
> iMac.
>> What specific kind of compromise are we fantasizing about? What does the
>> infestation do?
>
> That's what I'm trying to determine. Will you help?

No, it is your cross to bear. I meant 'what would a hypothetical
malware be doing' which would be detectable.

On 15/06/2023 03:06, FromTheRafters wrote:
> David Brooks presented the following explanation :
>> On 15/06/2023 00:09, FromTheRafters wrote:
>>> David Brooks laid this down on his screen :
>>>> On 14/06/2023 22:23, FromTheRafters wrote:
>>>>> David Brooks laid this down on his screen :
>>>>>> On 14/06/2023 22:11, FromTheRafters wrote:
>>>>>>> David Brooks formulated the question :
>>>>>>>> On 14/06/2023 18:24, FromTheRafters wrote:
>>>>>>>>> David Brooks presented the following explanation :
>>>>>>>>>> On 14/06/2023 14:15, FromTheRafters wrote:
>>>>>>>>>>> David Brooks used his keyboard to write :
>>>>>>>>>>>> On 14/06/2023 10:02, FromTheRafters wrote:
>>>>>>>>>>>>> Joerg Lorenz wrote on 6/14/2023 :
>>>>>>>>>>>>>> Am 13.06.23 um 21:22 schrieb David Brooks:
>>>>>>>>>>>>>>> On 13/06/2023 12:29, Joerg Lorenz wrote:
>>>>>>>>>>>>>>>> Am 13.06.23 um 13:01 schrieb David (BD):
>>>>>>>>>>>>>>>>> On 13/06/2023 09:06, Joerg Lorenz wrote:
>>>>>>>>>>>>>>>>>> Am 13.06.23 um 09:18 schrieb David Brooks:
>>>>>>>>>>>>>>>>>>> Unsigned Files:
>>>>>>>>>>>>>>>>>>>        Launchd:
>>>>>>>>>>>>>>>>>>> /Library/LaunchDaemons/com.symantec.sharedsettings.MES.plist Executable: /Library/Application Support/Symantec/Silo/MES/DomainSettings/SymSharedSettingsd Details: Exact match found in the legitimate list - probably OK
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> *The system is compromised*.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> I wonder if anyone else reading here agrees with you.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Symantec files on a Mac or any other computer are a
>>>>>>>>>>>>>>>> malware-infection.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Ha! Guess what *I* found?!!!
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> https://ibb.co/88bn2jF
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> All now gone. :-D
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Thanks for helping. :-)
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Why do you do that? I'm stunned!
>>>>>>>>>>>>>
>>>>>>>>>>>>> You lied to him and he took you seriously.
>>>>>>>>>>>>
>>>>>>>>>>>> I'll refer you to my question posed here:-
>>>>>>>>>>>> https://developer.apple.com/forums/thread/709959
>>>>>>>>>>>>
>>>>>>>>>>>> HTH
>>>>>>>>>>>
>>>>>>>>>>> Why?
>>>>>>>>>>
>>>>>>>>>> In the hope that you might comment there yourself.
>>>>>>>>>>
>>>>>>>>>> You didn't - probably didn't read today's comment either.
>>>>>>>>>
>>>>>>>>> I looked and saw no relevancy to accusing Symantec of writing
>>>>>>>>> malware.
>>>>>>>>
>>>>>>>> The relevancy was to how I FOUND Symantec on my iMac!
>>>>>>>>
>>>>>>>> Have you yet had the balls to run EtreCheck on your Apple
>>>>>>>> MacBook Pro?
>>>>>>>
>>>>>>> Nice try, I haven't responded to that kind of schoolyard taunting
>>>>>>> since, well, since school -- a long time ago.
>>>>>>>
>>>>>>> What kind of balls does one need to do something so simple and
>>>>>>> easy? Sorry to find out that you think it takes balls to do such
>>>>>>> simple things.
>>>>>>
>>>>>> A question then!
>>>>>>
>>>>>> WHEN will you run EtreCheck on YOUR Apple computer!
>>>>>>
>>>>>> *I WILL*!  https://www.youtube.com/watch?v=3989jHX3sMQ
>>>>>
>>>>> When and if I want to.
>>>>
>>>> If you did - and your computer was compromised - how would you know?
>>>
>>> I probably wouldn't, depending upon whether it was trapdoored or
>>> backdoored.
>>
>> Indeed - good malware is virtually undetectable!
>>
>>> I would probably go online to find some help
>>
>> *Stop*! Why would you do that? You wouldn't know you /needed/ any help!
>
> Not true, it depends upon the type of infestation. Malware "does
> something" and that something can be detected. Even something like an
> occasional beacon can be noticed but not addressed until investigated.

I know that you like to be 'difficult' FromTheRafters - and like to
'prove a point ........ *BUT* ...

If some naive user of an Apple device asks for assistance on the ASC
forums and is cajoled into loading and running EtreCheck, they would
have absolutely no clue that, afterwards, they should be looking for
ANYTHING suspicious.

If their device appears to be working well, that would be the end of the
matter.

>>> and upon reading even some of your threads I would discover that
>>> EtreCheck is a well respected tool for ferreting out problems even if
>>> not related to malware.
>>
>> It *IS* well respected - so the folk on the ASC forums claim! So much so,
>> I purchased EtreCheck and had great fun exploring the inner workings
>> of my iMac.
>>> What specific kind of compromise are we fantasizing about? What does
>>> the infestation do?
>>
>> That's what I'm trying to determine. Will you help?
>
> No, it is your cross to bear.

Indeed. I am doing my best to carry it!

> I meant 'what would a hypothetical malware
> be doing' which would be detectable.

At a guess, stealing money?

The pointers? Etresoft Inc .....

No one can visit the business because there isn’t one. It is just a
shared office accommodation space where people come and go if the need a
business photocopier, a laminater or an electric stapler. He doesn’t
even have mail delivered there and he has a PO Box.

John Daniel is a 'Will o' the Wisp' character who has lied on LinkedIn,
just as his partner in crime has also done.

https://en.wikipedia.org/wiki/Will-o%27-the-wisp

Here's an extract of an email I once sent to Intego...

"I've done a bit of research into malware over the last ten years but am
no expert! However, I believe that it is possible for malware - which
may already be resident within a computer - to 'defend itself' (hide)
when a product like yours is installed. This would, of course, give the
computer owner a warm, fuzzy, feeling that they are protected when, in
reality, the computer is STILL being controlled from an external source.

How does Intego combat this possibility? How CAN the user be absolutely
certain that there is no resident malware 'underneath' your AV?"

*What answer would YOU give*?

--
David

On 2023-06-15, David Brooks <DavidB@nomail.afraid.org> wrote:

>>>>> If you did - and your computer was compromised - how would you know?
>>>>
>>>> I probably wouldn't, depending upon whether it was trapdoored or
>>>> backdoored.
>>>
>>> Indeed - good malware is virtually undetectable!
>>>
>>>> I would probably go online to find some help
>>>
>>> *Stop*! Why would you do that? You wouldn't know you /needed/ any help!
>>
>> Not true, it depends upon the type of infestation. Malware "does
>> something" and that something can be detected. Even something like an
>> occasional beacon can be noticed but not addressed until investigated.
>
> I know that you like to be 'difficult' FromTheRafters - and like to
> 'prove a point ........ *BUT* ...

(snip the phony the altruistic bullsh*t)

You stalk those devs because you annoyed them and they ignored you...
it's called narcissistic injury. Here's a question for you and your
'friend':

At what point will you accept the fact that your 'stories' don't 'sell'
in this ng?

On Jun 15, 2023 at 7:41:45 AM MST, "Steve Carroll" wrote
<u6f7v9$e7g6$8@fretwizzer.eternal-september.org>:

>
> (snip the phony the altruistic bullsh*t)

To you the very idea of altruism is "bullshit".

--
Personal attacks from those who troll show their own insecurity. They cannot use reason to show the message to be wrong so they try to feel somehow superior by attacking the messenger.

They cling to their attacks and ignore the message time and time again.

On 15/06/2023 15:41, Steve Carroll wrote:
> On 2023-06-15, David Brooks <DavidB@nomail.afraid.org> wrote:
>
>>>>>> If you did - and your computer was compromised - how would you know?
>>>>>
>>>>> I probably wouldn't, depending upon whether it was trapdoored or
>>>>> backdoored.
>>>>
>>>> Indeed - good malware is virtually undetectable!
>>>>
>>>>> I would probably go online to find some help
>>>>
>>>> *Stop*! Why would you do that? You wouldn't know you /needed/ any help!
>>>
>>> Not true, it depends upon the type of infestation. Malware "does
>>> something" and that something can be detected. Even something like an
>>> occasional beacon can be noticed but not addressed until investigated.
>>
>> I know that you like to be 'difficult' FromTheRafters - and like to
>> 'prove a point ........ *BUT* ...
>
> (snip the phony the altruistic bullsh*t)
>
> You stalk those devs because you annoyed them and they ignored you...
> it's called narcissistic injury. Here's a question for you and your
> 'friend':
>
> At what point will you accept the fact that your 'stories' don't 'sell'
> in this ng?

It's solely because I care about wrongdoing that the ACW newsgroup even
exists nowadays!

I have bought and paid for the products of both ClamXAV and that of
Etresoft. When I complained about the behaviour of the proprietor of the
latter, I was given a full refund.

Tell me, where does John Daniel live and work?

Certainly not at the address he has lodged with the Canadian authority
which regulates Incorporated companies!

On 2023-06-15, Snit <brock.mcnuggets@gmail.com> wrote:
> On Jun 15, 2023 at 7:41:45 AM MST, "Steve Carroll" wrote
><u6f7v9$e7g6$8@fretwizzer.eternal-september.org>:
>
>>
>> (snip the phony the altruistic bullsh*t)
>
> To you the very idea of altruism is "bullshit".

As coming from virtue signalling jackasses like you two, obviously.

On 2023-06-15, David Brooks <DavidB@nomail.afraid.org> wrote:
> On 15/06/2023 15:41, Steve Carroll wrote:
>> On 2023-06-15, David Brooks <DavidB@nomail.afraid.org> wrote:
>>
>>>>>>> If you did - and your computer was compromised - how would you know?
>>>>>>
>>>>>> I probably wouldn't, depending upon whether it was trapdoored or
>>>>>> backdoored.
>>>>>
>>>>> Indeed - good malware is virtually undetectable!
>>>>>
>>>>>> I would probably go online to find some help
>>>>>
>>>>> *Stop*! Why would you do that? You wouldn't know you /needed/ any help!
>>>>
>>>> Not true, it depends upon the type of infestation. Malware "does
>>>> something" and that something can be detected. Even something like an
>>>> occasional beacon can be noticed but not addressed until investigated.
>>>
>>> I know that you like to be 'difficult' FromTheRafters - and like to
>>> 'prove a point ........ *BUT* ...
>>
>> (snip the phony the altruistic bullsh*t)
>>
>> You stalk those devs because you annoyed them and they ignored you...
>> it's called narcissistic injury. Here's a question for you and your
>> 'friend':
>>
>> At what point will you accept the fact that your 'stories' don't 'sell'
>> in this ng?
>
> It's solely because I care about wrongdoing that the ACW newsgroup even
> exists nowadays!

Please. The most sickening aspect of your 'stories' on this is how you
link your son to it.

On Jun 15, 2023 at 8:13:23 AM MST, "Steve Carroll" wrote
<u6f9qj$e7g6$20@fretwizzer.eternal-september.org>:

> On 2023-06-15, David Brooks <DavidB@nomail.afraid.org> wrote:
>> On 15/06/2023 15:41, Steve Carroll wrote:
>>> On 2023-06-15, David Brooks <DavidB@nomail.afraid.org> wrote:
>>>
>>>>>>>> If you did - and your computer was compromised - how would you know?
>>>>>>>
>>>>>>> I probably wouldn't, depending upon whether it was trapdoored or
>>>>>>> backdoored.
>>>>>>
>>>>>> Indeed - good malware is virtually undetectable!
>>>>>>
>>>>>>> I would probably go online to find some help
>>>>>>
>>>>>> *Stop*! Why would you do that? You wouldn't know you /needed/ any help!
>>>>>
>>>>> Not true, it depends upon the type of infestation. Malware "does
>>>>> something" and that something can be detected. Even something like an
>>>>> occasional beacon can be noticed but not addressed until investigated.
>>>>
>>>> I know that you like to be 'difficult' FromTheRafters - and like to
>>>> 'prove a point ........ *BUT* ...
>>>
>>> (snip the phony the altruistic bullsh*t)
>>>
>>> You stalk those devs because you annoyed them and they ignored you...
>>> it's called narcissistic injury. Here's a question for you and your
>>> 'friend':
>>>
>>> At what point will you accept the fact that your 'stories' don't 'sell'
>>> in this ng?
>>
>> It's solely because I care about wrongdoing that the ACW newsgroup even
>> exists nowadays!
>
> Please. The most sickening aspect of your 'stories' on this is how you
> link your son to it.

You HAVE to attack. You can't stop yourself.

--
Personal attacks from those who troll show their own insecurity. They cannot use reason to show the message to be wrong so they try to feel somehow superior by attacking the messenger.

They cling to their attacks and ignore the message time and time again.

On Jun 15, 2023 at 8:12:13 AM MST, "Steve Carroll" wrote
<u6f9od$e7g6$19@fretwizzer.eternal-september.org>:

> On 2023-06-15, Snit <brock.mcnuggets@gmail.com> wrote:
>> On Jun 15, 2023 at 7:41:45 AM MST, "Steve Carroll" wrote
>> <u6f7v9$e7g6$8@fretwizzer.eternal-september.org>:
>>
>>>
>>> (snip the phony the altruistic bullsh*t)
>>
>> To you the very idea of altruism is "bullshit".
>
> As coming from

Your views of who others are is not relevant. Drop your OLAS shit.

--
Personal attacks from those who troll show their own insecurity. They cannot use reason to show the message to be wrong so they try to feel somehow superior by attacking the messenger.

They cling to their attacks and ignore the message time and time again.

On 15/06/2023 16:13, Steve Carroll wrote:
> On 2023-06-15, David Brooks <DavidB@nomail.afraid.org> wrote:
>> On 15/06/2023 15:41, Steve Carroll wrote:
>>> On 2023-06-15, David Brooks <DavidB@nomail.afraid.org> wrote:
>>>
>>>>>>>> If you did - and your computer was compromised - how would you know?
>>>>>>>
>>>>>>> I probably wouldn't, depending upon whether it was trapdoored or
>>>>>>> backdoored.
>>>>>>
>>>>>> Indeed - good malware is virtually undetectable!
>>>>>>
>>>>>>> I would probably go online to find some help
>>>>>>
>>>>>> *Stop*! Why would you do that? You wouldn't know you /needed/ any help!
>>>>>
>>>>> Not true, it depends upon the type of infestation. Malware "does
>>>>> something" and that something can be detected. Even something like an
>>>>> occasional beacon can be noticed but not addressed until investigated.
>>>>
>>>> I know that you like to be 'difficult' FromTheRafters - and like to
>>>> 'prove a point ........ *BUT* ...
>>>
>>> (snip the phony the altruistic bullsh*t)
>>>
>>> You stalk those devs because you annoyed them and they ignored you...
>>> it's called narcissistic injury. Here's a question for you and your
>>> 'friend':
>>>
>>> At what point will you accept the fact that your 'stories' don't 'sell'
>>> in this ng?
>>
>> It's solely because I care about wrongdoing that the ACW newsgroup even
>> exists nowadays!
>
> Please. The most sickening aspect of your 'stories' on this is how you
> link your son to it.

I confess that I do miss him.

Do you see much of your own children?

Am 14.06.23 um 23:20 schrieb David Brooks:
> On 14/06/2023 22:11, FromTheRafters wrote:
>> What kind of balls does one need to do something so simple and easy?
>> Sorry to find out that you think it takes balls to do such simple things.
>
> A question then!
>
> WHEN will you run EtreCheck on YOUR Apple computer!

Never!

> *I WILL*! https://www.youtube.com/watch?v=3989jHX3sMQ

Who cares!

Once more X-posting deleted.

--
Gutta cavat lapidem (Ovid)

Am 15.06.23 um 01:09 schrieb FromTheRafters:
> David Brooks laid this down on his screen :
>> On 14/06/2023 22:23, FromTheRafters wrote:
>>> David Brooks laid this down on his screen :
>>>> On 14/06/2023 22:11, FromTheRafters wrote:
>>>>> David Brooks formulated the question :
>>>>>> On 14/06/2023 18:24, FromTheRafters wrote:
>>>>>>> David Brooks presented the following explanation :
>>>>>>>> On 14/06/2023 14:15, FromTheRafters wrote:
>>>>>>>>> David Brooks used his keyboard to write :
>>>>>>>>>> On 14/06/2023 10:02, FromTheRafters wrote:
>>>>>>>>>>> Joerg Lorenz wrote on 6/14/2023 :
>>>>>>>>>>>> Am 13.06.23 um 21:22 schrieb David Brooks:
>>>>>>>>>>>>> On 13/06/2023 12:29, Joerg Lorenz wrote:
>>>>>>>>>>>>>> Am 13.06.23 um 13:01 schrieb David (BD):
>>>>>>>>>>>>>>> On 13/06/2023 09:06, Joerg Lorenz wrote:
>>>>>>>>>>>>>>>> Am 13.06.23 um 09:18 schrieb David Brooks:
>>>>>>>>>>>>>>>>> Unsigned Files:
>>>>>>>>>>>>>>>>>        Launchd:
>>>>>>>>>>>>>>>>> /Library/LaunchDaemons/com.symantec.sharedsettings.MES.plist
>>>>>>>>>>>>>>>>> Executable: /Library/Application
>>>>>>>>>>>>>>>>> Support/Symantec/Silo/MES/DomainSettings/SymSharedSettingsd
>>>>>>>>>>>>>>>>> Details: Exact match found in the legitimate list - probably
>>>>>>>>>>>>>>>>> OK
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> *The system is compromised*.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I wonder if anyone else reading here agrees with you.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Symantec files on a Mac or any other computer are a
>>>>>>>>>>>>>> malware-infection.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Ha! Guess what *I* found?!!!
>>>>>>>>>>>>>
>>>>>>>>>>>>> https://ibb.co/88bn2jF
>>>>>>>>>>>>>
>>>>>>>>>>>>> All now gone. :-D
>>>>>>>>>>>>>
>>>>>>>>>>>>> Thanks for helping. :-)
>>>>>>>>>>>>
>>>>>>>>>>>> Why do you do that? I'm stunned!
>>>>>>>>>>>
>>>>>>>>>>> You lied to him and he took you seriously.
>>>>>>>>>>
>>>>>>>>>> I'll refer you to my question posed here:-
>>>>>>>>>> https://developer.apple.com/forums/thread/709959
>>>>>>>>>>
>>>>>>>>>> HTH
>>>>>>>>>
>>>>>>>>> Why?
>>>>>>>>
>>>>>>>> In the hope that you might comment there yourself.
>>>>>>>>
>>>>>>>> You didn't - probably didn't read today's comment either.
>>>>>>>
>>>>>>> I looked and saw no relevancy to accusing Symantec of writing malware.
>>>>>>
>>>>>> The relevancy was to how I FOUND Symantec on my iMac!
>>>>>>
>>>>>> Have you yet had the balls to run EtreCheck on your Apple MacBook Pro?
>>>>>
>>>>> Nice try, I haven't responded to that kind of schoolyard taunting since,
>>>>> well, since school -- a long time ago.
>>>>>
>>>>> What kind of balls does one need to do something so simple and easy?
>>>>> Sorry to find out that you think it takes balls to do such simple things.
>>>>
>>>> A question then!
>>>>
>>>> WHEN will you run EtreCheck on YOUR Apple computer!
>>>>
>>>> *I WILL*!  https://www.youtube.com/watch?v=3989jHX3sMQ
>>>
>>> When and if I want to.
>>
>> If you did - and your computer was compromised - how would you know?
>
> I probably wouldn't, depending upon whether it was trapdoored or
> backdoored. I would probably go online to find some help, and upon
> reading even some of your threads I would discover that EtreCheck is a
> well respected tool for ferreting out problems even if not related to
> malware.
>
> What specific kind of compromise are we fantasizing about? What does
> the infestation do?

He got you! Idiot!
--
Gutta cavat lapidem (Ovid)

On 15/06/2023 17:28, Joerg Lorenz wrote:
> Am 15.06.23 um 01:09 schrieb FromTheRafters:

[....]
>> What specific kind of compromise are we fantasizing about? What does
>> the infestation do?
>
> He got you! Idiot!

Sometimes it appears that FTR is not quite as bright as once he was.

Additionally, he's been suffering from poor health for many years; maybe
I should say 'conditions' 'cause he's not actually ill AFAIK. :-(

David Brooks wrote on 6/15/2023 :
> On 15/06/2023 03:06, FromTheRafters wrote:
>> David Brooks presented the following explanation :
>>> On 15/06/2023 00:09, FromTheRafters wrote:
>>>> David Brooks laid this down on his screen :
>>>>> On 14/06/2023 22:23, FromTheRafters wrote:
>>>>>> David Brooks laid this down on his screen :
>>>>>>> On 14/06/2023 22:11, FromTheRafters wrote:
>>>>>>>> David Brooks formulated the question :
>>>>>>>>> On 14/06/2023 18:24, FromTheRafters wrote:
>>>>>>>>>> David Brooks presented the following explanation :
>>>>>>>>>>> On 14/06/2023 14:15, FromTheRafters wrote:
>>>>>>>>>>>> David Brooks used his keyboard to write :
>>>>>>>>>>>>> On 14/06/2023 10:02, FromTheRafters wrote:
>>>>>>>>>>>>>> Joerg Lorenz wrote on 6/14/2023 :
>>>>>>>>>>>>>>> Am 13.06.23 um 21:22 schrieb David Brooks:
>>>>>>>>>>>>>>>> On 13/06/2023 12:29, Joerg Lorenz wrote:
>>>>>>>>>>>>>>>>> Am 13.06.23 um 13:01 schrieb David (BD):
>>>>>>>>>>>>>>>>>> On 13/06/2023 09:06, Joerg Lorenz wrote:
>>>>>>>>>>>>>>>>>>> Am 13.06.23 um 09:18 schrieb David Brooks:
>>>>>>>>>>>>>>>>>>>> Unsigned Files:
>>>>>>>>>>>>>>>>>>>>        Launchd:
>>>>>>>>>>>>>>>>>>>> /Library/LaunchDaemons/com.symantec.sharedsettings.MES.plist
>>>>>>>>>>>>>>>>>>>> Executable: /Library/Application
>>>>>>>>>>>>>>>>>>>> Support/Symantec/Silo/MES/DomainSettings/SymSharedSettingsd
>>>>>>>>>>>>>>>>>>>> Details: Exact match found in the legitimate list -
>>>>>>>>>>>>>>>>>>>> probably OK
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> *The system is compromised*.
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> I wonder if anyone else reading here agrees with you.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Symantec files on a Mac or any other computer are a
>>>>>>>>>>>>>>>>> malware-infection.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Ha! Guess what *I* found?!!!
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> https://ibb.co/88bn2jF
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> All now gone. :-D
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Thanks for helping. :-)
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Why do you do that? I'm stunned!
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> You lied to him and he took you seriously.
>>>>>>>>>>>>>
>>>>>>>>>>>>> I'll refer you to my question posed here:-
>>>>>>>>>>>>> https://developer.apple.com/forums/thread/709959
>>>>>>>>>>>>>
>>>>>>>>>>>>> HTH
>>>>>>>>>>>>
>>>>>>>>>>>> Why?
>>>>>>>>>>>
>>>>>>>>>>> In the hope that you might comment there yourself.
>>>>>>>>>>>
>>>>>>>>>>> You didn't - probably didn't read today's comment either.
>>>>>>>>>>
>>>>>>>>>> I looked and saw no relevancy to accusing Symantec of writing
>>>>>>>>>> malware.
>>>>>>>>>
>>>>>>>>> The relevancy was to how I FOUND Symantec on my iMac!
>>>>>>>>>
>>>>>>>>> Have you yet had the balls to run EtreCheck on your Apple MacBook
>>>>>>>>> Pro?
>>>>>>>>
>>>>>>>> Nice try, I haven't responded to that kind of schoolyard taunting
>>>>>>>> since, well, since school -- a long time ago.
>>>>>>>>
>>>>>>>> What kind of balls does one need to do something so simple and easy?
>>>>>>>> Sorry to find out that you think it takes balls to do such simple
>>>>>>>> things.
>>>>>>>
>>>>>>> A question then!
>>>>>>>
>>>>>>> WHEN will you run EtreCheck on YOUR Apple computer!
>>>>>>>
>>>>>>> *I WILL*!  https://www.youtube.com/watch?v=3989jHX3sMQ
>>>>>>
>>>>>> When and if I want to.
>>>>>
>>>>> If you did - and your computer was compromised - how would you know?
>>>>
>>>> I probably wouldn't, depending upon whether it was trapdoored or
>>>> backdoored.
>>>
>>> Indeed - good malware is virtually undetectable!
>>>
>>>> I would probably go online to find some help
>>>
>>> *Stop*! Why would you do that? You wouldn't know you /needed/ any help!
>>
>> Not true, it depends upon the type of infestation. Malware "does something"
>> and that something can be detected. Even something like an occasional
>> beacon can be noticed but not addressed until investigated.
>
> I know that you like to be 'difficult' FromTheRafters - and like to 'prove a
> point ........ *BUT* ...
>
> If some naive user of an Apple device asks for assistance on the ASC forums
> and is cajoled into loading and running EtreCheck, they would
> have absolutely no clue that, afterwards, they should be looking for ANYTHING
> suspicious.

Why should they?

> If their device appears to be working well, that would be the end of the
> matter.

Yes, but you implied that there *is* something untoward. I replied to
that as a scenario not as a real life problem. If there *is* some
malware, it would be doing something and likely be caught doing that
something when that something is looked for. If it does nothing, it is
not malware.

>> I meant 'what would a hypothetical malware be doing' which would be
>> detectable.
>
> At a guess, stealing money?
>
> The pointers? Etresoft Inc .....
>
> No one can visit the business because there isn’t one. It is just a
> shared office accommodation space where people come and go if the need a
> business photocopier, a laminater or an electric stapler. He doesn’t
> even have mail delivered there and he has a PO Box.
>
> John Daniel is a 'Will o' the Wisp' character who has lied on LinkedIn, just
> as his partner in crime has also done.
>
> https://en.wikipedia.org/wiki/Will-o%27-the-wisp
>
>
> Here's an extract of an email I once sent to Intego...
>
> "I've done a bit of research into malware over the last ten years but am
> no expert! However, I believe that it is possible for malware - which
> may already be resident within a computer - to 'defend itself' (hide)
> when a product like yours is installed. This would, of course, give the
> computer owner a warm, fuzzy, feeling that they are protected when, in
> reality, the computer is STILL being controlled from an external source.
>
> How does Intego combat this possibility? How CAN the user be absolutely
> certain that there is no resident malware 'underneath' your AV?"
>
> *What answer would YOU give*?

Joerg Lorenz explained on 6/15/2023 :
> Am 15.06.23 um 01:09 schrieb FromTheRafters:
>> David Brooks laid this down on his screen :
>>> On 14/06/2023 22:23, FromTheRafters wrote:
>>>> David Brooks laid this down on his screen :
>>>>> On 14/06/2023 22:11, FromTheRafters wrote:
>>>>>> David Brooks formulated the question :
>>>>>>> On 14/06/2023 18:24, FromTheRafters wrote:
>>>>>>>> David Brooks presented the following explanation :
>>>>>>>>> On 14/06/2023 14:15, FromTheRafters wrote:
>>>>>>>>>> David Brooks used his keyboard to write :
>>>>>>>>>>> On 14/06/2023 10:02, FromTheRafters wrote:
>>>>>>>>>>>> Joerg Lorenz wrote on 6/14/2023 :
>>>>>>>>>>>>> Am 13.06.23 um 21:22 schrieb David Brooks:
>>>>>>>>>>>>>> On 13/06/2023 12:29, Joerg Lorenz wrote:
>>>>>>>>>>>>>>> Am 13.06.23 um 13:01 schrieb David (BD):
>>>>>>>>>>>>>>>> On 13/06/2023 09:06, Joerg Lorenz wrote:
>>>>>>>>>>>>>>>>> Am 13.06.23 um 09:18 schrieb David Brooks:
>>>>>>>>>>>>>>>>>> Unsigned Files:
>>>>>>>>>>>>>>>>>>        Launchd:
>>>>>>>>>>>>>>>>>> /Library/LaunchDaemons/com.symantec.sharedsettings.MES.plist
>>>>>>>>>>>>>>>>>> Executable: /Library/Application
>>>>>>>>>>>>>>>>>> Support/Symantec/Silo/MES/DomainSettings/SymSharedSettingsd
>>>>>>>>>>>>>>>>>> Details: Exact match found in the legitimate list - probably
>>>>>>>>>>>>>>>>>> OK
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> *The system is compromised*.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> I wonder if anyone else reading here agrees with you.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Symantec files on a Mac or any other computer are a
>>>>>>>>>>>>>>> malware-infection.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Ha! Guess what *I* found?!!!
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> https://ibb.co/88bn2jF
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> All now gone. :-D
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Thanks for helping. :-)
>>>>>>>>>>>>>
>>>>>>>>>>>>> Why do you do that? I'm stunned!
>>>>>>>>>>>>
>>>>>>>>>>>> You lied to him and he took you seriously.
>>>>>>>>>>>
>>>>>>>>>>> I'll refer you to my question posed here:-
>>>>>>>>>>> https://developer.apple.com/forums/thread/709959
>>>>>>>>>>>
>>>>>>>>>>> HTH
>>>>>>>>>>
>>>>>>>>>> Why?
>>>>>>>>>
>>>>>>>>> In the hope that you might comment there yourself.
>>>>>>>>>
>>>>>>>>> You didn't - probably didn't read today's comment either.
>>>>>>>>
>>>>>>>> I looked and saw no relevancy to accusing Symantec of writing malware.
>>>>>>>
>>>>>>> The relevancy was to how I FOUND Symantec on my iMac!
>>>>>>>
>>>>>>> Have you yet had the balls to run EtreCheck on your Apple MacBook Pro?
>>>>>>
>>>>>> Nice try, I haven't responded to that kind of schoolyard taunting since,
>>>>>> well, since school -- a long time ago.
>>>>>>
>>>>>> What kind of balls does one need to do something so simple and easy?
>>>>>> Sorry to find out that you think it takes balls to do such simple
>>>>>> things.
>>>>>
>>>>> A question then!
>>>>>
>>>>> WHEN will you run EtreCheck on YOUR Apple computer!
>>>>>
>>>>> *I WILL*!  https://www.youtube.com/watch?v=3989jHX3sMQ
>>>>
>>>> When and if I want to.
>>>
>>> If you did - and your computer was compromised - how would you know?
>>
>> I probably wouldn't, depending upon whether it was trapdoored or
>> backdoored. I would probably go online to find some help, and upon
>> reading even some of your threads I would discover that EtreCheck is a
>> well respected tool for ferreting out problems even if not related to
>> malware.
>>
>> What specific kind of compromise are we fantasizing about? What does
>> the infestation do?
>
> He got you! Idiot!

How do you figure that? I ask a question and somehow that translates to
him having gotten me? You don't seem to be following the conversation
very well.

David Brooks explained on 6/15/2023 :
> On 15/06/2023 17:28, Joerg Lorenz wrote:
>> Am 15.06.23 um 01:09 schrieb FromTheRafters:
>
> [....]
>>> What specific kind of compromise are we fantasizing about? What does
>>> the infestation do?
>>
>> He got you! Idiot!
>
> Sometimes it appears that FTR is not quite as bright as once he was.

Your inability to follow along is not my problem.

> Additionally, he's been suffering from poor health for many years; maybe I
> should say 'conditions' 'cause he's not actually ill AFAIK. :-(

Please state what you think I am missing in this conversation. What is
meant by "He got you!" and how could one be expected to see the
unseeable.

On Thu, 15 Jun 2023 15:13:23 -0000 (UTC), Steve Carroll <"Steve
Carroll"@noSPAM.none> wrote:

>On 2023-06-15, David Brooks <DavidB@nomail.afraid.org> wrote:
>> On 15/06/2023 15:41, Steve Carroll wrote:
>>> On 2023-06-15, David Brooks <DavidB@nomail.afraid.org> wrote:
>>>
>>>>>>>> If you did - and your computer was compromised - how would you know?
>>>>>>>
>>>>>>> I probably wouldn't, depending upon whether it was trapdoored or
>>>>>>> backdoored.
>>>>>>
>>>>>> Indeed - good malware is virtually undetectable!
>>>>>>
>>>>>>> I would probably go online to find some help
>>>>>>
>>>>>> *Stop*! Why would you do that? You wouldn't know you /needed/ any help!
>>>>>
>>>>> Not true, it depends upon the type of infestation. Malware "does
>>>>> something" and that something can be detected. Even something like an
>>>>> occasional beacon can be noticed but not addressed until investigated.
>>>>
>>>> I know that you like to be 'difficult' FromTheRafters - and like to
>>>> 'prove a point ........ *BUT* ...
>>>
>>> (snip the phony the altruistic bullsh*t)
>>>
>>> You stalk those devs because you annoyed them and they ignored you...
>>> it's called narcissistic injury. Here's a question for you and your
>>> 'friend':
>>>
>>> At what point will you accept the fact that your 'stories' don't 'sell'
>>> in this ng?
>>
>> It's solely because I care about wrongdoing that the ACW newsgroup even
>> exists nowadays!
>
>Please. The most sickening aspect of your 'stories' on this is how you
>link your son to it.

That has always bothered me, as well. He does it consistently, and one
of the strangest things is that he seems eager and proud to share with
us what he's doing by pasting the actual contents of his emails here in
ACW. The worse his actions make him look, the more he seems to enjoy
sharing them. I don't know the name of that particular quirk or illness.