LET THIS BE A LESSON TO YOU
Nov 04, 2002 12:54 PST
LET THIS BE A LESSON TO YOU
James Roger Brown
AN UGLY TALE OF WOE
You have not heard from me for the last two weeks because I have been
dealing with a computer problem that should never have happened. I use
firewall software that identifies the source of hacking attempts. I
check for virus definition updates several times a day. I never open
e-mail attachments from people I do not know or who have not scheduled a
Coincident with the October 20 and 21 assault on the Internet, my
computer locked up and needed rebooting. When rebooted, the monitor
displayed the message, “Unmountable Boot Volume.” According to
technical support at the computer manufacturer, the solution was
contained on the “Unmountable Boot Volume Disk.” Since this problem was
so rare, no copies of the disk were kept on hand. The disk had to be
ordered from a supplier and then shipped.
After numerous calls to technical support, a senior technician
authorized shipment by FedEx. The disk was supposed to arrive the next
day on Tuesday. The disk was not shipped until Tuesday, arriving
Wednesday. The repair disk was defective and locked up the system. A
replacement disk was supposed to be shipped Wednesday to arrive
Thursday. No disk arrived Thursday. Technical support informed me that
shipment authorization had been changed from FedEx to regular mail,
which arrived Monday of the second week of computer downtime.
While waiting on the disks to arrive, I used public access computers at
the library to print repair instructions for “Unmountable Boot Volume”
from the computer manufacturer’s and Microsoft’s knowledge databases.
Following these instructions produced a DOS prompt that allowed two of
the suggested courses of action to be taken. One was two run “Chkdsk
/R”. This did not fix the problem, but generated a new error message
that turned out to be a loop and of no use. The other suggestion, to
use a repair function on the Windows XP upgrade CD, also failed to fix
the problem and also generated a new error message. When the
replacement “Unmountable Boot Volume Disk” arrived, it failed to restore
the hard drive to bootability.
The third suggestion from a technician was to add the hard drive to
another system with Windows XP as an operating system. I was told the
system would recognize the hard drive and I would be able to access the
files, even though the disk was not bootable.
That is not what happened. The disk directory was changed to RECYCLED
and none of the files were accessible. Despite my onsite maintenance
and unlimited technical support contract through 2004, during the last
call to technical support I was told they would, for an additional fee,
make their best effort to restore the hard drive to functional status.
I had little confidence of that happening since the original problem had
been made worse following their alleged knowledge based instructions.
In the end, I purchased a new hard drive and finished reloading and
upgrading the software Sunday, November 3, 2002.
WHY AM I TELLING YOU ALL THIS?
In attempting to determine what caused the initial problem, I asked one
technician if the “Unmountable Boot Volume” problem was something a
nefarious person could use to intentionally shut down someone’s
computer. It turns out that this was yet another vulnerability known to
Microsoft and others that could be exploited by hackers or a government
to put a computer out of operation. I expressed that I was somewhat
peeved that no one had informed me of the potential problem. I was
informed that one of the updates I had downloaded and installed should
have prevented that happening.
Since responding to the US Government’s post 9/11 request for specific
recommendations on how to identify terrorist entering the Country, I
have been the target of increasingly sophisticated attacks originating
in China. I forwarded copies of my suggestions to both the CIA and FBI.
Sending it to the FBI was my mistake, I believe. Even wearing three
piece suits these people can not keep their underwear from being stolen.
Two of the attempts to access my computer were virus laden e-mails (with
.zip attachments instead of .exe) that could only have arrived from the
proxy attack computers if my e-mail address were contained in the virus
code itself. My e-mail address was not on either of the computers from
which the e-mail was sent to me. One came from the Orange, Texas Police
Department and the other from the Missouri Democratic Party
The latest related development is a twist on the Nigerian money scams.
I was contacted with the standard offer with the exception that I was
never asked for money. The focus has been on getting me to fly to Spain
to meet with their “barrister.” I reported to the Secret Service
(responsible for Internet crime) and the FBI that I, or Americans in
general, may be the target of a kidnaping plot using the Nigerian money
scam as a false flag operation. Without conducting any investigation, I
was assured by a female Secret Service agent that I was not the target
of any kidnaping plot, the people who contacted me were simple con
artists. You have no idea how safe that assurance makes me feel. Our
lives depend on these people. The really bad news is that, considering
their level of competence, this IS probably the best they can do.
We are really going to have to be a lot sophisticated in protecting
ourselves. While the larger personal security issues are more complex
and fluid, there are some additional steps we can take regarding our
computers. What I did was ask one of the technicians if there were any
other vulnerabilities that could be used to shut down my computer. Of
course he said “no,” but that does suggest a preventive course of legal
action. I am going to submit to the computer manufacturer the same
request for a list of known vulnerabilities in writing by regular mail.
This will force a written reply. If the response is again “no,” and
another know problem appears that they falsely denied existed, the
written reply can serve as evidence of wilful fraud and mail fraud. To
paraphrase one of the technical experts I consulted on dealing with the
security aspects of this problem, we cannot defeat the technology that
allows computers to be penetrate, but we can defeat the people
© Copyright November 4, 2002 by James Roger Brown. All rights reserved.