Page 1 of 2

Is my computer "owned" ?

Posted: Thu Aug 23, 2012 6:16 pm
by Ebere
I am still on mint 11 Katya. The newer ones cause problems on my old machine.


The symptoms...

Random freezes. The only way out is Ctrl Alt Del. Sometimes not even that, have to use the hardware reset button. (And no other keys work in any way at all.)

There are only a couple things halfway consistant about the freezup.

**Three of the dozen or so, have occurred when I opened an unknown site and granted javascript. (No, I don't visit <violates forum rules> sites. And I don't visit questionable sites. Sites that I visit are usually links from other forum members in a couple forums I go to.)

**Maybe 7 of the dozen or so times it happened, the cursor still worked just fine. You could move it anywhere you wanted to. It just didn't actually have any affect on anything.



Random cricket noises from speaker. Nothing consistant about it. Sometimes happens for a bit, then stops. Random intervals between chirps. Etc. Pretty much the sort of thing that would happen if someone were doing it just to annoy you. (And yes, my cell phone is turned off. I know the sound that makes, and this is more of a chirp.)



Cd drive doors open and close by themselves. Again random times. Not connected to anything else. Just as if someone were trying to annoy.



Random LARGE uploads and/or downloads. These always stop the INSTANT I hit the button to open system monitor to find out what app is doing this. I have absolutely nothing in any program anywhere that is allowed to automatically update, or to connect to the internet for any other reason.

Re: Is my computer "owned" ?

Posted: Thu Aug 23, 2012 9:14 pm
by Ebere
Also, I don't run as root.

Re: Is my computer "owned" ?

Posted: Thu Aug 23, 2012 11:33 pm
by heavy metal
Ebere wrote:I am still on mint 11 Katya. The newer ones cause problems on my old machine.


The symptoms...


Random cricket noises from speaker. Nothing consistant about it. Sometimes happens for a bit, then stops. Random intervals between chirps. Etc. Pretty much the sort of thing that would happen if someone were doing it just to annoy you. (And yes, my cell phone is turned off. I know the sound that makes, and this is more of a chirp.)


Cd drive doors open and close by themselves. Again random times. Not connected to anything else. Just as if someone were trying to annoy.
Maybe your computer has a Poltergeist who tries to annoy you??? :)

Re: Is my computer "owned" ?

Posted: Sun Sep 09, 2012 7:36 pm
by Django
what system processes are currently running with everything except Firefox?

Re: Is my computer "owned" ?

Posted: Sun Sep 09, 2012 7:42 pm
by keet
What is the output of this command?

Code: Select all

ps aux

Re: Is my computer "owned" ?

Posted: Sun Sep 09, 2012 8:03 pm
by Ebere
keet wrote:What is the output of this command?

Code: Select all

ps aux
A loooong list.

Is there anything in particular that I am looking for ?

Re: Is my computer "owned" ?

Posted: Mon Sep 10, 2012 5:42 am
by Django
Ebere wrote: A loooong list.

Is there anything in particular that I am looking for ?
No, it's something I'm looking for. I think I'm having the same problem I'm just looking for a possible correlation in open processes.

Re: Is my computer "owned" ?

Posted: Mon Sep 10, 2012 5:17 pm
by Ebere
Ok, call me paranoid, (because I AM), but I'd rather not post a list of all the processes going on, on my computer... On an open forum.

I can tell you a bit of what I have learned. I'm not so convinced that my computer is 'owned'... Except for weaknesses in firefox.


First... the clicking sound.

I discovered that it was sounds associated with a "chat" that was running on a forum I am a member of. I didn't authorize the chat. I didn't sign in. Etc. It just automatically ran, and the sounds seemed to have a 'human' "ryhtym", because in essence, they did. It was the sound made when someone posted. Irregular intervals, etc.

I tracked it down, and turned it off.



The rest of the problems...

I have figured out that they happen only when on some new web page that I have never visited before.

Usually a "news" page. As in owned by the press, a newspaper, telivision, etc.

And usually the freezeup that cannot be ctrl-alt-del 'ed out of, (HAVE to do a hardware reset.)... Happens when I have ok a video to run, then have put it on hold, (to watch the rest of, later), and gone to some other page.

Since it never seems to happen while I am on the actual page, (and even if it did, the cursor moves, but nothing else works, so I couldn't "investigate the cause" anyway...), I have never been able to figure out exactly what it is that is causing it.



My gut tells me that my computer itself is not "owned". But that it might as well be, if all I am doing is running firefox, and in essence, my firefox is "Owned" from somewhere outside my machine. With all the things that firefox can do on your machine. Browse files, upload/download, etc... (One of the problems I have seen, is occassional HUGE uploads and/or downloads... And NOTHING is running that should be doing that. (Firefox is always running, but I didn't authorize any uploads or downloads.) I do not have any program anywhere enabled for automatic updates, or any other reason for unexpected uploads or downloads.) Add stuff I don't readily understand... Seems to me your computer can be made a zombie of, even if actual control of the computer itself, (root), cannot be achieved...

Re: Is my computer "owned" ?

Posted: Mon Sep 10, 2012 5:33 pm
by zerozero
can't tell you much about all the rest but for FF these 2 add-ons are absolutely essential (imo)
http://noscript.net/
http://adblockplus.org/en/
much better than giving you a huge explanation, read the 2 homepages, search the web about them, try them out.

Re: Is my computer "owned" ?

Posted: Mon Sep 10, 2012 5:54 pm
by Ebere
zerozero wrote:can't tell you much about all the rest but for FF these 2 add-ons are absolutely essential (imo)
http://noscript.net/
http://adblockplus.org/en/
much better than giving you a huge explanation, read the 2 homepages, search the web about them, try them out.
Good advice.

I run both of those.

I tend to allow javascript temporarily on news sites, if there is a news vid that I want to watch. (later) And as I said, the lockups seem to largely happen at those times, once I navigate away from that page, but leave it connected.

The uploads and downloads also tend to only happen when I am on a site that I haven't been to before. And seemingly always... the up or downloads always seem to stop immediately when I open up the monitor to see what is doing that. Which makes me think it is on purpose. If it were purely coincidence, the upload or download would continue sometimes.

I don't do <violates forum rules>. But then it's not only <violates forum rules> sites out there that will do things like hijack your browser.

Re: Is my computer "owned" ?

Posted: Mon Sep 10, 2012 6:24 pm
by zerozero
ohh :D i should imagine that you knew them.
The uploads and downloads also tend to only happen when I am on a site that I haven't been to before. And seemingly always... the up or downloads always seem to stop immediately when I open up the monitor to see what is doing that. Which makes me think it is on purpose. If it were purely coincidence, the upload or download would continue sometimes.
this though is similar to
http://forums.linuxmint.com/viewtopic.p ... 49&start=0
http://forums.linuxmint.com/viewtopic.p ... 92&start=0
unfortunately in none of those topics we find a clear answer.

Re: Is my computer "owned" ?

Posted: Mon Sep 10, 2012 6:40 pm
by Ebere
zerozero wrote:ohh :D i should imagine that you knew them.
The uploads and downloads also tend to only happen when I am on a site that I haven't been to before. And seemingly always... the up or downloads always seem to stop immediately when I open up the monitor to see what is doing that. Which makes me think it is on purpose. If it were purely coincidence, the upload or download would continue sometimes.
this though is similar to
http://forums.linuxmint.com/viewtopic.p ... 49&start=0
http://forums.linuxmint.com/viewtopic.p ... 92&start=0
unfortunately in none of those topics we find a clear answer.
Quite simlar to those, yes. And thanks for the links.

I guess the biggest reason it bugs me is because I have taken DAYS, to go completely through every program on my computer, and make sure that there is NOTHING left that allows any automatic upload or download of any kind.

And I have done this several times over, very thoroughly, just to be certain that it wasn't something that I made a mistake on, or missed.

If this is a legit program, doing a legit thing, that's one thing. And understandable. But I DON'T like such a thing going on... and not giving me the option to turn it off. Since I have been through everything twelve ways to sunday, I know that legit or not, I have not been given the option to deny. And that sucks.

By the way, the person in your second link might have been seeing legit traffic between the computer and the router, and didn't understand that that isn't actually "internet traffic".

Re: Is my computer "owned" ?

Posted: Wed Sep 12, 2012 1:39 pm
by AlbertP
About the freeze - that could be a graphics driver problem. Please post the output of:

Code: Select all

inxi -Gx
And posting processes on the forum is not a problem. The forum is secure enough; malicious visitors, even registered, will not be able to track your IP.

Re: Is my computer "owned" ?

Posted: Wed Sep 12, 2012 3:40 pm
by Ebere
AlbertP wrote:About the freeze - that could be a graphics driver problem. Please post the output of:

Code: Select all

inxi -Gx
I'm pretty sure you are correct.
Graphics: Card ATI RV380 0x3e50 [Radeon X600] X.Org 1.10.1 Res: 1280x1024@85.0hz
GLX Renderer Gallium 0.4 on ATI RV380 GLX Version 2.1 Mesa 7.10.2 Direct Rendering Yes
And the fan on the card is not the best.

Re: Is my computer "owned" ?

Posted: Tue Sep 18, 2012 3:32 pm
by homerscousin
This thread was kinda interesting. If I may ask how do you know it was a HUGE up or download if it stopped when system monitor was opened. Did one ever complete? Is there a way in Linux to trace, track, identify the file or source? I might even try a reinstall of Firefox or install Chrome as a comparison.

Re: Is my computer "owned" ?

Posted: Tue Sep 18, 2012 3:57 pm
by Ebere
homerscousin wrote:This thread was kinda interesting. If I may ask how do you know it was a HUGE up or download if it stopped when system monitor was opened. Did one ever complete? Is there a way in Linux to trace, track, identify the file or source? I might even try a reinstall of Firefox or install Chrome as a comparison.
I have the window in the toolbar at the bottom for system monitor. I have it set to show the upload/download activity.

When I see a LOT of activity, while I am not doing anything that is supposed to be up/downloading... Invariably, if I just watch it, it goes on and on. If I click the window and acyually open up system monitor, it immediately stops.

Like I said, the laws of chance would say that at least SOME of the time, when I click on it, the up/downloads would continue. They never do.


I know there's ways to do so. But none that I have ever found put out any sort of data, that is easy to read. You have to pore through tons of data. Most of which is cryptic to say the least, to a novice like me.

Re: Is my computer "owned" ?

Posted: Wed Sep 19, 2012 7:08 am
by AlbertP
What does the updater (shield) icon in the tray look like while it's showing activity? Is it empty? In that case the updater is refreshing. It does so every 15 minutes.

Re: Is my computer "owned" ?

Posted: Wed Sep 19, 2012 2:22 pm
by Ebere
AlbertP wrote:What does the updater (shield) icon in the tray look like while it's showing activity? Is it empty? In that case the updater is refreshing. It does so every 15 minutes.
No it doesn't.

Please read above.

I have that turned off.

I don't like anything accessing the internet for any reason, without my direct knowledge.

Yup. I'm paranoid.

I recon you can be paranoid, even if they ARE out to get you. :wink:

Re: Is my computer "owned" ?

Posted: Sat Sep 22, 2012 10:43 am
by AlbertP
Have you already tried using Firestarter to find out which process is up/downloading?

Re: Is my computer "owned" ?

Posted: Sat Sep 22, 2012 2:54 pm
by Ebere
AlbertP wrote:Have you already tried using Firestarter to find out which process is up/downloading?
Thank you.

I didn't have that installed.

It is now installed, and I opened it and went through the simple setup. (Three steps ? Four ? Whatever. It was simple.)

Almost the instant that I first started it, an error message came up.
Failed to open the system log

No event information will be available.
I'm assuming it is going to be important to see "event information". LOL How do I fix that error ?

And thanks again.