|
The app is being installed under the user profile, not under Program Files. That's why it installs without UAC popping up.
You don't have to be an admin for an app to show up in Apps & Features. The Uninstall key you find under LocalMachine in the registry also exists under user profiles.
|
|
|
|
|
Dave Kreskowiak wrote: You don't have to be an admin for an app to show up in Apps & Features.
It's an interesting and helpful feature really. Makes a nice and clean install and quite seemless for the user too.
|
|
|
|
|
The problem with it is if you have a dozen different users on the same machine running the app, you have a dozen installations of the app on the machine.
|
|
|
|
|
Dave Kreskowiak wrote: if you have a dozen different users on the same machine running the app, you have a dozen installations of the app on the machine.
That is a very good point. and these Electron installations are HUGE compared to their native (or managed framework) alternatives. HUGE! The app I rewrote was about 3 MB or something. The new one installs 90MB or more.
Of course for .NET managed apps you have the initial installation that is large but at least that is in one location and everyone can use. I took a look at the Atom Editor (also Electron app) and it is 1.1GB installation. Wow!
|
|
|
|
|
You also run into limitations, like if your app data is in an Oracle database and you have to modify TNSNAMES.ORA. You have no way of doing that in the installation.
Nor do you have any ability to throw any HKEY_LOCAL_MACHINE stuff into the registry either...
|
|
|
|
|
umm just thinking out loud here...
the appearance of the trojan [horse] is that it looks like a gift, and [referring back to the story] also looks innocuous. Even once brought inside (installed) it still looks like gift.
Only when it turns dark (ability to move freely / undetected - UAC has [elsewhere] been set to allow) then the payload within is released to achieve it's goal.
Trojans don't by themselves attempt to gain access, they wait until it's provided to them.
Ability for ordinary [otherwise limited for security purposes] users to install ANY app without permission a good thing?
Gotta love the way windows still makes even new features so useful for the good and the bad.
Message Signature
(Click to edit ->)
|
|
|
|
|
It looks similar to the Microsoft Click-Once installer which for some strange reason is totally unknown to most Windows developers: Create custom installer for ClickOnce application - Visual Studio | Microsoft Docs[^]
As Dave Kreskowiak mentioned this installs to the user profile.
The interesting thing is that, from a Microsoft browser, it can directly install by just clicking a link.
For non Microsoft browsers this sadly does not work and it will just download the installer.
|
|
|
|
|
RickZeeland wrote: It looks similar to the Microsoft Click-Once installer which for some strange reason is totally unknown to most Windows developers:
I agree that it looks like that type of installer (which is quite nice) and I'm not sure why this wasn't the standard for installations either. Probably just not well communicated by MS originally. I remember when Vista came out and the standard for installations became so different (Program Files was locked down) and I had to learn how to do installs properly -- it was a pain to discover the info.
|
|
|
|
|
raddevus wrote: installations became so different (Program Files was locked down) and I had to learn how to do installs properly -- it was a pain to discover the info.
I totally appreciate this comment!
Restricted access to HKLM also created some headaches/redesign.
"Go forth into the source" - Neal Morse
|
|
|
|
|
I've got this mail:
Subject: S e c u r i t y A l e r t . Y o u r a c c o u n t s w a s h a c k e d b y c r i m i n a l g r o u p .
Mail content:
I hacked your OS and got full access to your account MAIL_ADDRESS_HERE.
You can check it - I sent this message from your account.
So, you can change the password, yes.. But my malware intercepts it every time.
How I made it:
In the software of the router, through which you went online, was a vulnerability.
I just hacked this router and placed my malicious code on it.
When you went online, my trojan was installed on the OS of your device.
After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).
A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.
But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!
I'm talk you about sites for adults.
I want to say - you are a BIG pervert. Your fantasy is shifted far away from the normal course!
And I got an idea....
I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).
After that, I made a screenshot of your joys (using the camera of your device) and glued them together.
Turned out amazing! You are so spectacular!
I'm know that you would not like to show these screenshots to your friends, relatives or colleagues.
I think $993 is a very, very small amount for my silence.
Besides, I have been spying on you for so long, having spent a lot of time!
Pay ONLY in Bitcoins!
My BTC wallet: 15yF8WkUg8PRjJehYW4tGdqcyzc4z7dScM
You do not know how to use bitcoins?
Enter a query in any search engine: "how to replenish btc wallet".
It's extremely easy
For this payment I give you two days (48 hours).
As soon as this letter is opened, the timer will work.
After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.
If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your "enjoys".
I hope you understand your situation.
- Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)
- Do not try to contact me (you yourself will see that this is impossible, I sent you an email from your account)
- Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.
P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!
This is the word of honor hacker.
I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.
Do not hold evil! I just do my job.
Good luck.
Now the real warning: I work at home... be prepared to receive pictures of me at 7:00 AM!
Don't say I've not warned you...
|
|
|
|
|
Joan M wrote: be prepared to receive pictures of me at 7:00 AM!
Nooooo ... At 7AM i'm still working on my first of the day!
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
Why $993 dollars, and not say, $993.27? Damn Nigerian bankers...
|
|
|
|
|
if hackers can log all your keystrokes including passwords and gain access to your camera (even mine which hasn't been connected ever) to see whatever you are looking at (and inasmuch your keyboard on wide angle?)
how come they don't just use your banking passwords (they've got all your passwords) to take the money by themselves?
some sort of hacker ethics that they must ask you to pay them???
extortion is acceptable but theft isn't???
Message Signature
(Click to edit ->)
|
|
|
|
|
lopatir wrote:
some sort of hacker ethics that they must ask you to pay them???
extortion is acceptable but theft isn't???
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Because my bank account requires MFA
|
|
|
|
|
Joan M wrote: be prepared to receive pictures of me Doing your enjoys.
Social Media - A platform that makes it easier for the crazies to find each other.
Everyone is born right handed. Only the strongest overcome it.
Fight for left-handed rights and hand equality.
|
|
|
|
|
These emails would be a lot more convincing if they included just one sample of what they took with your web cam.
I'd be impressed. Especially since my primary internet device has no camera whatsoever.
|
|
|
|
|
|
Offer 50K for their services as a security consultant because their integrity and concern for you is so impressive
Send a convincing mock up of the funds transfer when asked
When they wonder why it never arrived, tell them the bank got suspicious and they need to send something small like 100 in the opposite direction to prove the contact is legitimate
Wait and see.
Ger
|
|
|
|
|
Your company needs to use a good anti spam filter like MXGuardDog. my quarenteen folder is just chock full of this stuff.
|
|
|
|
|
Just hit reply and "TL;DR"
|
|
|
|
|
All jokes aside, file a report with the police. If you want to have some fun, write a mail explaining how BTC is not anonymous and how a blockchain is designed to be traceable. Can't verify a BC payment without it, and the chain itself is a list of transactions he (and other BC users) made
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
"If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
|
|
|
|
|
β<blo<blockquote class="quote"> Quote: After that, I made a screenshot of your joys ......Quote: I have been spying on you for so long, having spent a lot of time ckquote class="quote">Quote: I want to say - you are a BIG pervert
Sounds like heβs the bigger pervert π
|
|
|
|
|
I've gotten several of these over the past year or so. I've always wanted to reply "Other people will pay you to take down my pictures."
|
|
|
|
|
Me and a coworker have tackled the largest and most complex store proc in our database, and have reduced it from 1120 lines down to 160 lines, AND increased performance by 400%.
I'm gonna count that as a win.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|