Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

How Asus Recovery Disks Ended Up Carrying Software Cracks

timothy posted more than 5 years ago | from the nice-thing-about-free-software-is-no-cracks dept.

Bug 241

Anthony_Cargile writes "We all now know about Asus shipping illegal software cracks and confidential documents/source code on their recovery DVD (and in the system root), but this article tells exactly how it happened. It's even more careless than you think, and most likely an accident."

cancel ×

241 comments

Sorry! There are no comments related to the filter you selected.

First post! (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#25099819)

First post!

ASUS, so that should be, first POOP !! (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#25099829)

Poop out of ASUS?

Re:ASUS, so that should be, first POOP !! (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#25100229)

Poop out of ASUS?

Poop comes out of your ass, you dumbass.

Re:ASUS, so that should be, first POOP !! (0)

Anonymous Coward | more than 5 years ago | (#25100331)

I think he means the plural form of ass.

So the guy who goofed, is he BLACK? (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#25100491)

He is clearly incompetent so I want to know if affirmative action had anything to do with him being hired.

Re:So the guy who goofed, is he BLACK? (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#25100523)

As the only Slashdot-reading Nigger known to exist, I will let you know that bad niggas isn't tolerated at work. We want house-niggas, not goad-toofed thugz, in our development house.

Now, son, we niggas isnt always hired because we black. We niggas is hired because of the quality of our craft. Contrary to popular belief, niggaz is actually well-suited to cubicle life cuz they asses be all big fo sittin' down an sheit. Plus, the women know we packin' hung down below!

Like I says, my house hires only the best niggas. Clean-cut, sharp niggas -- no ebonics -- no stoopit ice hanging offa him, no bottom grill, no gang tats, no sports team bomber jackets, no ragz, no coanrows -- nun of that shit.

TFA (5, Informative)

Anonymous Coward | more than 5 years ago | (#25099847)

Asus Recovery DVD scandal: How it happened
Posted by anthony Published in Security, Software

For those who havenâ(TM)t already heard, the PC OEM company Asus was involved in a major scandal where a directory on the recovery DVD and inside c:\Windows\ConfigSetRoot\ contained a software crack for the WinRar program, software serial numbers, a resume (presumably for a now-jobless Asus employee), an internal Asus powerpoint describing âoeknown compatibility issuesâ, Asus source code, and even an OEM issued Microsoft document, which mainly says âoedo not distribute DR-DOS with any computersâ.

We now know from an OEM source how exactly the files got where they did in the first place, and it isnâ(TM)t very surprising.

An Asus representative said they would be investigating the matter, and while someone is still going to lose their job over this just so Asus can say so, the way the files made it to thousands of PCs is pretty common.

An OEM employee (name not mentioned here) discussing the matter said that during the vista installs, the generic vista disc installing the OS looks for an XML file (unattend.xml) on a flash drive, and upon finding it the installation parses it and runs the XML code as installation instructions so nobody has to go through the installation menu for the hundreds of synchronous installations (hence the unattend).

BUT⦠there is another twist: If a certain tag or attribute is present, all files other than unattend.xml itself on the flash drive will be copied to c:\windows\configsetroot - see the connection?

So apparently an Asus employee happened to have a personal flash drive, and stored his resume (presumeably, conspiracy theorists may disagree) as well as a few âharmlessâ(TM) keygens and serials on it as well, in his defence in case maybe he lost the serial to winrar or other programs. Apparently the same employee used the flash drive to store or back up confidential Asus documents and source code, as well.

So if the Asus internally distributed unattend.xml file was copied to this unnamed (and jobless) employeeâ(TM)s personal flash drive, and included the xml tag/attribute to copy over everything to the system root and, therefore, recovery DVD as well, then voila! Then the only way somebody could come under fire because of this is because of oh, I donâ(TM)t know, not checking the installation root once everything was installed!

So now we know HOW exactly this whole ordeal was started, and there is a lesson to be learned hereâ¦. somewhere.

Re:TFA (1)

master5o1 (1068594) | more than 5 years ago | (#25099933)

encrypt all sensitive data?

Re:TFA (3, Interesting)

AKAImBatman (238306) | more than 5 years ago | (#25100267)

encrypt all sensitive data?

I was gonna say, "Use a Mac".

Or Linux. Or Solaris. Or SOMETHING other than Windows.

It seems to me that Windows and Office are far too often the culprits of accidental leaks. Microsoft's strategy has always been one of convenience rather than security, so it's no surprise to me when these things happen. If you're looking for a decent home system, fine, use Windows. If you're going to use it as an employee workstation, be paranoid. But never, ever, ever deploy it to the production floor of anything!

Not that anyone is going to listen to me. I'm just going to keep seeing more blue screens on busses, trains, airplanes, ATMs, factory floors, and anywhere else it's actually important not to use Windows.

Re:TFA (2, Insightful)

HeronBlademaster (1079477) | more than 5 years ago | (#25100307)

I thought it would be "Don't buy Asus machines." It isn't hard to imagine a vendor doing something similar to this for Linux installations.

Re:TFA (5, Insightful)

Nazlfrag (1035012) | more than 5 years ago | (#25100409)

Great, then the mac or linux files would have been copied from the usb stick to the windows install directory. Reduces the chances of cracks appearing, but does nothing for the documents.

Re:TFA (1)

TheLink (130905) | more than 5 years ago | (#25100341)

What if they consider the xml sensitive as well?

If you encrypt on a per drive basis, it also means you'd decrypt the entire flashdrive when trying to access the xml.

So that wouldn't help as well.

Better to use one flash drive for private data (use encryption if you want), and use other drives for other stuff.

Mixing stuff like that is just bad hygiene.

The Important Question (-1, Troll)

Anonymous Coward | more than 5 years ago | (#25100117)

So apparently an Asus employee happened to have a personal flash drive, and stored his resume (presumeably, conspiracy theorists may disagree) as well as a few ÃharmlessÃ(TM) keygens and serials on it as well, in his defence in case maybe he lost the serial to winrar or other programs. Apparently the same employee used the flash drive to store or back up confidential Asus documents and source code, as well.

Was he black?

Re:TFA (-1, Troll)

suck_burners_rice (1258684) | more than 5 years ago | (#25100635)

Yeah. There is a lesson to be learned here: Yet another reason (along with infinite others) not to use that OS.

Asus Conspiracies... (5, Funny)

RudeIota (1131331) | more than 5 years ago | (#25100809)

and stored his resume (presumeably, conspiracy theorists may disagree) as well as a few ÃharmlessÃ(TM) keygens and serials on it as well

... So, are you implying that you're a coincidence theorist???

Lipstick on a disc (1, Funny)

deadcrickets (1307745) | more than 5 years ago | (#25099857)

Damn that lipstick!

This doesn't explain everything (5, Insightful)

RGRistroph (86936) | more than 5 years ago | (#25099867)

I can how an internal ASUS USB flash disk with an unattend.xml file on it, might get used to move documents around, and then also get used to install windows.

That might explain how certain documents got put on a lot of harddrives inside ASUS.

It doesn't explain how that directly ended up being part of what they made an ISO out of, and how no one apparently did quality control and checked every single file on a CD before it was replicated and sent out to the world.

Re:This doesn't explain everything (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#25099889)

I can how an internal ASUS USB flash disk with an unattend.xml file on it, might get used to move documents around, and then also get used to install windows.

That might explain how certain documents got put on a lot of harddrives inside ASUS.

It doesn't explain how that directly ended up being part of what they made an ISO out of, and how no one apparently did quality control and checked every single file on a CD before it was replicated and sent out to the world.

When was the last time that anyone checked every file on a CD when it's say, a windows restore? Yeah. Nice job dipshit. Think before you talk. What human actually knows every file that's supposed to be on there?

Re:This doesn't explain everything (2, Insightful)

master5o1 (1068594) | more than 5 years ago | (#25099957)

Or not supposed to be there?

If it's Asus confidential crap or someone's personal CV then they should obviously be removed.

Re:This doesn't explain everything (5, Insightful)

IceCreamGuy (904648) | more than 5 years ago | (#25099999)

When was the last time that anyone checked every file on a CD when it's say, a windows restore? Yeah. Nice job dipshit. Think before you talk. What human actually knows every file that's supposed to be on there?

diff -r, dipshit.

If doing this kind of quality control doesn't seem trivial and normal to you, then congrats; you don't work in the IT field.

Re:This doesn't explain everything (3, Insightful)

lysergic.acid (845423) | more than 5 years ago | (#25100239)

well, if they have a clean copy to compare with diff, then why wouldn't they have just used that disc image for the shipped discs?

obviously more stringent quality control is needed here, but i don't think running a simple diff command is the solution.

Re:This doesn't explain everything (0)

Anonymous Coward | more than 5 years ago | (#25100327)

Unfortunately, they were using Windows. Yet another tragic casualty of bad software, tsk tsk.

Re:This doesn't explain everything (1)

Probie (1353495) | more than 5 years ago | (#25100647)

Its a problem with the carbon, at the very least grep for the unattend.xml file. Its just lazy, sloppy work.

Re:This doesn't explain everything (1)

Hal_Porter (817932) | more than 5 years ago | (#25100373)

The problem is that these files ended up in the master copy. Of course they should have diffed that against a know good Microsoft RTM disk in this case to make sure that the only changes were intentional ones, so yeah someone low level is going to get fired.

Re:This doesn't explain everything (3, Insightful)

Miseph (979059) | more than 5 years ago | (#25100035)

"When was the last time that anyone checked every file on a CD when it's say, a windows restore? Yeah. Nice job dipshit. Think before you talk. What human actually knows every file that's supposed to be on there?"

How else do you think this stuff could have been found? Magic?

I dunno... maybe the guy responsible for figuring out what the hell is supposed to go on there in the first place would know. Last I checked, Microsoft only hired humans for work outside of the legal department. More importantly, nobody would need to know off the top of their head, since they could just check against a list... or even better they could write a short script to do it for them.

Re:This doesn't explain everything (5, Insightful)

MerlynEmrys67 (583469) | more than 5 years ago | (#25100041)

Uh - I do. You mean when you are building a large distribution you don't create a manifest that lists all of the files that are supposed to be on the disk - and then have a script automatically check that everything is on the CD that is supposed to be on it... nothing more - nothing less.

Sloppy work at the best - a simple engineering problem to solve, takes 2 minutes to run after the ISO is cut. My QA lead would laugh hysterically at me if I tried to pull a stunt link this on her. Easy to verify final ship products

Re:This doesn't explain everything (2, Insightful)

dougmc (70836) | more than 5 years ago | (#25100135)

I think the point is that Asus *was* sloppy about it, and they just happened to get away with it until now. That's the nature of sloppy work -- if it's too sloppy, you don't get away with it, so you improve the quality until you generally can get away with it. Doesn't need to be 100% -- just most of the time.

I'll bet they don't make the same mistake again. (Though of course, they may make similar makes, or may create procedures to help prevent them too. We shall see.)

Re:This doesn't explain everything (4, Interesting)

RGRistroph (86936) | more than 5 years ago | (#25100129)

I had forgotten that it was a windows restore CD, I was thinking in terms of a driver CD or something.

However, there exist tools that are designed to do exactly that sort of thing. I run something that checksums every file on a server and compares it to a known good value, as part of an intrusion detection system. If I were shipping a windows computer otu of manufacturing, I would take file lists from as-shipped as well as after restoration, and I would compair them against other windows installations, and make sure I knew a reason why every single different file was different.

It's not that hard. Once you write a script to go through and get the file list out of all the .cab files, and subtract that from what's on the disk, what's left is not that much. Just the pre-installed cruftware and whatnot . . . maybe they had so much of that, these files got lost in the noise.

So, what had to happen was this:

1) Employee got the "official vista install" USB fob, probably used it, and then he or someone else used it as a hand file transfer mechanism, adding more files to it

2) This non-pristine USB fob was used again to install the "master" harddrive that would be used to make recovery DVDs shipped with the product

3) No one carefully checked the files on that recovery, OR the USB fob infection had also gotten to the vista's that he compaired against

Still seems sloppy to me. If you know you are going to be dealing with a behemoth like Vista, one of the things you do is write scripts or develope tools to deal with it.

One thought I had, is that this would be a way to make a virus replicate. What if instead of random crap, it put some kernel driver in windows that checked to see if you were writing an "unattend.xml" file and dumped itself on that drive if so ? Some minimal attempts at hiding might take you a long way, given that there appears to be little quality control. How to get it into the OEM so it will be re-distributed ? Oh, just add it to a cracked copy of WinRAR and post it on a warez site, that apparently works.

Re:This doesn't explain everything (5, Insightful)

Free the Cowards (1280296) | more than 5 years ago | (#25099941)

First rule of internal company dynamics: they are not nearly as well staffed, as organized, as thorough, or as competent as you think they are. They are in all probability just as quick and careless as you would be doing the same thing.

Re:This doesn't explain everything (5, Informative)

Anonymous Coward | more than 5 years ago | (#25099965)

As an employee of an OEM that does these installs all day long, I can say they really messed up. Using an unattend.XML from a flash drive is BAD. Using a USB drive that has anything else on it is WORSE. Having illegal software and ND docs on the MFG floor, on an unsecure USB drive, next to your install scripts, is enough to get you FIRED.

And to other comments...Yes, we do look at nearly EVERY SINGLE FILE, including c:\Windows\ConfigSetRoot\. If you send out for 100k recovery DVDs, you want to make sure they are correct.

Let me guess... (0, Offtopic)

Anonymous Coward | more than 5 years ago | (#25099869)

butthis article tells exactly how it happened.

Don't tell me-- like everything else, it had something to do with the derivative debt instruments, mortgage-related assets, and deregulated credit market tightening.

first post? (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#25099871)

first post?

Crack vs. Foss (5, Insightful)

O('_')O_Bush (1162487) | more than 5 years ago | (#25099875)

FTA:
"c:\Windows\ConfigSetRoot\ contained a software crack for the WinRar program...

So apparently an Asus employee happened to have a personal flash drive, and stored his resume (presumeably, conspiracy theorists may disagree) as well as a few harmless keygens and serials on it.."

It amazes me that this employee chose illegal means of getting an archiving program instead of using a FOSS solution such as 7-zip ( http://www.7-zip.org/).

I know some companies have protocols for handling FOSS software, but this should have never have happened if the employee had just turned to his company's legal department for obtaining software licenses.

Thoughts vs. Deeds. (1)

Ostracus (1354233) | more than 5 years ago | (#25099931)

"It amazes me that this employee chose illegal means of getting an archiving program instead of using a FOSS solution such as 7-zip ( http://www.7-zip.org/ [7-zip.org] )."

Why should it be surprising? The idea that attitudes don't have consequences should have been debunked.

Re:Thoughts vs. Deeds. (0)

Anonymous Coward | more than 5 years ago | (#25100207)

FOSS though it may me, 7-zip does kinda suck compared to WinRAR.
I thought I would ditch my WinRAR license after hearing the rave reviews for 7-zip. Guess what -- you get what you pay for in this case.

Maybe someday 7-zip will come to be better than WinRAR. Such is the nature of FOSS. But that day ain't here yet.

Re:Crack vs. Foss (0, Flamebait)

Anonymous Coward | more than 5 years ago | (#25099939)

If it amazes you, you're more naive than Paris Hilton.

Normal human beings tend to use commercial software because the quality of FOSS user interfaces is total shit.

Grow up and realize that the world isn't some FOSS wonderland, people use software that works, and FOSS doesn't.

Re:Crack vs. Foss (1)

dnwq (910646) | more than 5 years ago | (#25099981)

7-zip's interface is actually pretty easy to use. How complicated does an file compressor interface need to be?

Re:Crack vs. Foss (0)

Anonymous Coward | more than 5 years ago | (#25100073)

easy to use != nice to use

Re:Crack vs. Foss (1)

c-reus (852386) | more than 5 years ago | (#25100167)

define "nice to use"

Re:Crack vs. Foss (0, Redundant)

htnprm (176191) | more than 5 years ago | (#25100145)

Ummm...No. Sorry. 7-zip's interface is crap.

Re:Crack vs. Foss (1)

HeronBlademaster (1079477) | more than 5 years ago | (#25100317)

If all you ever use it for is through the right-click explorer-integrated menu, then it's a breeze to use. Especially if you bother to customize it to show the things you actually use and nothing else.

Re:Crack vs. Foss (0)

Anonymous Coward | more than 5 years ago | (#25100549)

Especially if you bother to customize it to show the things you actually use...

Which is yet another one of the reasons 7-zip sucks. It gums up your right-click menu with a bunch of options 99% of users never need. WinRAR, on the other hand, adds just the most useful ones so that average users don't have to do the extra step of cleaning out the ones they don't need. I also seem to recall that despite the large number of menu items from 7-zip, it lacked one of the options WinRAR has by default that I actually do use.

Re:Crack vs. Foss (-1, Redundant)

Anonymous Coward | more than 5 years ago | (#25100203)

Try explainig 7-zip versus winrar to a client:

7-zip: "Oh, but if you click extract, it only extracts the default highlighted file or folder. Press CTRL-A first, but also remember to unselect the parent reference line. Remember to tell it where to extract to, or just look in my documents for a folder named the same as the first file in the list. It may also be named any random selection of file name depending on which one you highlighted first."

winrar: "Click extract and then okay. Close the program. Look for a folder called the name of the file you double-clicked on."

Re:Crack vs. Foss (2, Informative)

hairyfeet (841228) | more than 5 years ago | (#25100615)

That is why I give folks Alzip [altools.com] instead of 7zip. The interface on 7zip is just too geeky for your average user. While Alzip isn't OSS,it is free,and the user interface is just as easy as WinRAR to use IMHO.

As for ASUS,I'm really surprised a company that size pulling such a rookie foul up. I guess it is pretty obvious that they didn't have anyone checking the images that went out. Has the images been scanned for malware? Because if the guy was carrying cracks and keygens there is no telling what else could have been on that stick,or even what all went into the image for that matter. If I had one of the affected machines I would definitely look at it as suspect. But as always this is my 02c,YMMV

Re:Crack vs. Foss (1)

deniable (76198) | more than 5 years ago | (#25100493)

I find it comes down to what you're doing with it. I'm mostly unpacking other peoples' compressed files so it's perfect, especially with the Explorer right click menu. The people who don't like it seem to be packing more than unpacking. YMMV. That said, the only files I've had that 7zip can't handle are RARs from more recent versions of WinRAR.

Re:Crack vs. Foss (2, Insightful)

Anonymous Coward | more than 5 years ago | (#25100037)

And yet your idiot rambling is being distributed and viewed globally with FOSS.

I'm willing to bet that, in general, the quality of free software is is much higher than propietary software.

The reason crappy proprietary software seems rare is that it sinks to the bottom of the barrel faster than crappy free software, as it should.

Re:Crack vs. Foss (0)

Anonymous Coward | more than 5 years ago | (#25100249)

you are confusing naive and skanky

Re:Crack vs. Foss (0)

Anonymous Coward | more than 5 years ago | (#25100765)

Then why did I switch to Linux from MS?

Could it have been that all those "wizards" were so fucking annoying? Could it have been that I got tired of those very same "wizards" falling back to default even though I told them to do something different? Could it have been that I got tired of jumping through shitloads of hoops just to get my machine set-up and configured the way I wanted it?

NOPE, couldn't have been any of that. I just wanted a total shit interface and user experience. Oh, wait, I don't have that now. Damn it, now look what you've gone and done! I'm gonna have to switch back to M$ just so I can get that shitty interface feeling that I've been missing.

Re:Crack vs. Foss (1)

DigitAl56K (805623) | more than 5 years ago | (#25099987)

I know some companies have protocols for handling FOSS software, but this should have never have happened if the employee had just turned to his company's legal department for obtaining software licenses.

Sometimes the process for purchase requests can be anal, as can be managers who are running a department on an overstretched budget. I'm not at all surprised employees find easier and more timely solutions to their problems.

That said, I agree with you. If you can't afford WinRAR there are other solutions that don't involve piracy.

Re:Crack vs. Foss (2, Insightful)

Anonymous Coward | more than 5 years ago | (#25100119)

WinRAR is $30, for something that inexpensive I'd send an email to whoever handles purchasing requesting the software and reminding them that if I have to come explain to them why I need it, the waste of both our time will cost the company more than just buying the program in the first place.

It's always worked for me, your mileage may vary.

Re:Crack vs. Foss (2, Interesting)

Fackamato (913248) | more than 5 years ago | (#25100385)

Then again WinRAR has no purpose. 7zip ( http://www.7-zip.org/ [7-zip.org] ) is superior and free, actually even Open Source.

Re:Crack vs. Foss (1)

kitgerrits (1034262) | more than 5 years ago | (#25100603)

The price is not usually the problem.
I currently work for a large company and I needed an SSH client for my *berry.
This client enables the 24*7 dept. I work with to quickly diagnose problems and implement quick fixes.
The licence was only $90 but the purchase required someone to put a Credit card number on a web form.
No-one in the purchasing dept. has a company credit card, much less an idea of how to use it.

I ended up buying the licence myself and having the company buy me a 500GB USB disk.
And, yes, this organisation will spend hundreds of dollars in administration on a $25 order.

Re:Crack vs. Foss (0)

Anonymous Coward | more than 5 years ago | (#25100755)

WinRAR is $30, for something that inexpensive I'd send an email to whoever handles purchasing requesting the software and reminding them that if I have to come explain to them why I need it, the waste of both our time will cost the company more than just buying the program in the first place.

So you just wasted the purchasing clerk's time by putting in a reminder about why you shouldn't have to explain things. You could have put the explanation of why you need it in the email, instead of a reminder about why you're too important to explain things. This would have saved the company the purchasing clerk's time taken to reject your request, and your time to redo the request properly.

Re:Crack vs. Foss (2, Interesting)

deniable (76198) | more than 5 years ago | (#25100525)

Yep, the price itself is usually less of a problem than figuring out how to pay for something. First, there is the paperwork. Then you have to see if the supplier is set up by Accounting. Then you may have to make a cost justification. Then you run into the 'we don't pay for things online, do they have a mailing address and can we get thirty days credit' line from the Accounting people. It's quicker and easier to get a cracked copy than jump through all of the hoops for a cheap item.

Re:Crack vs. Foss (2, Informative)

tftp (111690) | more than 5 years ago | (#25099997)

It amazes me that this employee chose illegal means of getting an archiving program instead of using a FOSS solution such as 7-zip

Compare GUIs of those two programs. 7-Zip's GUI is quite bad. Also 7-Zip does not have the "Move" function where your files are archived and deleted. I use WinZip for that since the company has it licensed. I also have 7-Zip installed, but as I said it's GUI is very rudimentary, IIRC lacking buttons for many obvious functions.

This is actually a well known effect of piracy on free software. If the commercial software is free to the user, just as F/OSS software is, then the commercial software wins - it is simply better in most cases, at least because more effort and more money went into it.

Re:Crack vs. Foss (1)

pizzach (1011925) | more than 5 years ago | (#25100121)

I have a few questions but just to warn you I have been out of touch with GUI archival programs for a while. Also I only really only use zip/tar/rar from the command line because I can automate the crap of of things.

I'm a bit surprise that Winzip is still around. Doesn't Windows since XP have built in GUI archival tools? When Mac OS X moved away from Stuffit, so did most of it's users. I would have expected a similar move by Windows users.

Re:Crack vs. Foss (1)

baxissimo (135512) | more than 5 years ago | (#25100321)

The Zip archiver built into Windows (XP and Vista) is horribly HORRIBLY slow compared to WinRAR.
Probably most mom and pop users get along fine with it, but if you work with big archives a lot, it starts to get annoying fast. Also Windows only supports zip by default. If you've got to open a .gz .bz2 .7z .rar .lzo or .lzh then it's no use.

That said, I haven't used WinZip in a long time. The interface on that thing was wretched. Worse than 7zip's even, so you might as well go with 7zip in that case. WinRAR's UI is pretty good compared to those two.

Re:Crack vs. Foss (1)

mgblst (80109) | more than 5 years ago | (#25100265)

Because 7-zip if shit and doesn't handle a lot of zip formats. I wish it was better, but we would always have it falling over, where it gets stuck for 30 minutes while it figures out that it can't understand that file.

Re:Crack vs. Foss (1)

HeronBlademaster (1079477) | more than 5 years ago | (#25100343)

7-zip doesn't handle what zip formats? For your convenience, here is a list of the file extensions it recognizes (you can guess the associated compression algorithms):

7z, arj, bz2, bzip2, cab, cpio, deb, dmg, gz, gzip, hfs, iso, lha, lzh, lzma, rar, rpm, split, swm, tar, taz, tbz, tbz2, tgz, tpz, wim, xar, z, zip

I would venture to guess that there are 7-zip plugins to handle other formats. What else do you want from 7-zip (besides a decent GUI)?

In my personal, anecdotal experience, I have never had 7-zip choke on a file or be unable to figure out what format it's in. Of course, I don't spend a lot of time downloading files on BitTorrent (read: none), so I may not come across some of the more obscure formats...

Re:Crack vs. Foss (0)

Anonymous Coward | more than 5 years ago | (#25100479)

7z, arj, bz2, bzip2, cab, cpio, deb, dmg, gz, gzip, hfs, iso, lha, lzh, lzma, rar, rpm, split, swm, tar, taz, tbz, tbz2, tgz, tpz, wim, xar, z, zip

I would venture to guess that there are 7-zip plugins to handle other formats. What else do you want from 7-zip (besides a decent GUI)?

For the functionality (and more) of 7-zip on Windows, with a WinZip-like GUI, the best free software program to choose would probably be PeaZip.

http://en.wikipedia.org/wiki/PeaZip [wikipedia.org]

http://www.peazip.org/ [peazip.org]

PeaZip running on Windows Vista:
http://en.wikipedia.org/wiki/Image:Browse_pc_pealauncher.jpg [wikipedia.org]

Enjoy.

Re:Crack vs. Foss (2, Informative)

mgblst (80109) | more than 5 years ago | (#25100619)

I have had problems using 7-zip on new winzip created zip files. I am not the only one to have this problem in my company. We wish we could get rid of Winzip, but we can't since out clients use it (not from bittorrent, wanker!) uses it. You do know that zip has different compression algorithms within it (not 7z, arj, just zip!). This is the problem, 7-zip doesn't handle the latest ones.

All I want from 7-zip is as I said, for it to work, and it not to waste 30 minutes figuring out it can't handle a file.

In my personal experience, it keeps failing. What more can I say. Not all the time, but a couple of times a day.

Re:Crack vs. Foss (0)

Anonymous Coward | more than 5 years ago | (#25100295)

More likely, perhaps the employee just didn't know about 7-zip? It's not that widely marketed. When you are looking for a way to deal with RAR files the first thing that comes to mind is WinRAR.

Re:Crack vs. Foss (2, Interesting)

zz99 (742545) | more than 5 years ago | (#25100459)

ASUS has a lot of its workforce in mainland China, where most of the installed software, both personal and on company computers, is pirated. Officially the government is against piracy, and at regular intervals raids are conducted in visual places, but at the whole I don't think they will shed any tears if MS looses licensing revenues. The better the anti piracy control is the more people will use FOSS. Because piracy disrupts the free market. If you can get something worth $200 for free, why choose something truly free (worth $0)?

Re:Crack vs. Foss (0)

Anonymous Coward | more than 5 years ago | (#25100497)

Probably because WinRar, when cracked and/or purchased, is a far more intuitive and useful piece of software than 7-Zip is, not to mention the fact that 7Z's compression ratio is much slower for a minimal amount of space saved. I refuse to download 7Z files for the mere fact of how long it takes to extract them regardless of what sort of hardware I use.

Re:Crack vs. Foss (0)

Anonymous Coward | more than 5 years ago | (#25100583)

7-zip can't create RAR archives nor can any other free archiving program since that part of the RAR format is available only through licensing. So if the employee needed to create RAR archives your point is moot.

A-what? (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#25099893)

How ANUS Recovery DICKS Ended Up Carrying Software CRACKS

See what I did there? Ho ho ha ha HA HA HAAAAAAAA!

Re:A-what? (0)

Anonymous Coward | more than 5 years ago | (#25099929)

You, sir, are bringing down the good name of anonymous cowards everywhere. For shame, sir, for shame.

Re:A-what? (1)

aXi (6533) | more than 5 years ago | (#25100017)

Wow that was GOOD, you are a really talented piss & poop joke maker. Keep up the great job, send Bill Gates your resume, maybe you'll end up taking over Seinfelds place.

Re:A-what? (0)

Anonymous Coward | more than 5 years ago | (#25100879)

You insensitive clod, I'm dyslexic and that's almost exactly how I read the headline.

Could have been me (5, Insightful)

InlawBiker (1124825) | more than 5 years ago | (#25100029)

I am completely unsurprised. When I heard about it I thought, "Oh, some jackball inadvertently copied his personal files via some install script. That's pretty funny."

I personally have the exact same stuff on my thumb drive - my resume and some cracking tools. As we all know, nobody tests their own work. That's why testers have jobs.

So he screwed up - at least he has a good story to tell!

Re:Could have been me (2, Insightful)

Morkalin (992168) | more than 5 years ago | (#25100087)

As we all know, nobody tests their own work.

Speak for yourself.

Re:Could have been me (5, Insightful)

ogl_codemonkey (706920) | more than 5 years ago | (#25100339)

As we all know, nobody tests their own work.

Speak for yourself.

I don't know anyone that tests their work as thoroughly as the next person to find a mistake in it.

Re:Could have been me (3, Informative)

AnonChef (947738) | more than 5 years ago | (#25100591)

As we all know, nobody tests their own work.

Speak for yourself.

It should be:
As we all know, nobody should test their own work.

Re:Could have been me (5, Funny)

this great guy (922511) | more than 5 years ago | (#25100383)

I personally have the exact same stuff on my thumb drive - my resume and some cracking tools.

Hello, this is John, your boss's boss from Asus. We found your thumb drive plugged in one of our server used to build Vista images. Are you available monday 9:00am for a quick meeting ? We need to have a little talk.

PS: bring 1 or 2 empty boxes.

-John

Re:What is important. (1)

Technician (215283) | more than 5 years ago | (#25100621)

I personally have the exact same stuff on my thumb drive - my resume and some cracking tools.
What is important to learn is to learn from mistakes. Some learn from other's mistakes. Others wait till it happens to them. This is why proceedures are put into place. Often they are there to prevent common mistakes. Bypassing written proceedures is a gateway to making known types of mistakes.

Thumb drives are nice, but what exactly is your company policy regarding their use?

The one hanging on my employee badge is not treated the same as the one hanging on my keyring. Personal and professional never mix.

Re:Could have been me (0)

Anonymous Coward | more than 5 years ago | (#25100691)

On the up side - at least a lot of people have his resume. . .

Re:Could have been me (2, Informative)

mea_culpa (145339) | more than 5 years ago | (#25100851)

Having dealt with ASUS over the last 10 years I am not surprised that such carelessness happens within their organization. In the late 90s and early 2000s I probably had 500 or more of their motherboards in use at various small businesses. Early on I had a great deal of confidence in their product, never had any defects so never had to deal with their company. This was very rare at that time. That was until their A7x series of motherboards came along. Countless failed NB fans, intermittent PS/2 port failures, etc. When calling for support I was expecting very professional help but was met with people that didn't give a sh*t. They would only send one replacement fan at a time even though every single one failed and I needed like 10-20 at a time. Getting a motherboard replaced was insane especially when dealing with intermittent problems. They directed me to an incredibly bothersome webform rather than assisting me over the phone. They had a bad habit of sending the same defective board back to me 3 times saying it 'passed' their diagnostics. Out of frustration I resorted to putting them in the microwave for few seconds to make them really dead before I would get better working products. I lost thousands in lost hours and handling my own warranty. ASUS didn't give a sh*t for my problem, and it was probably the same attitude that led to this recovery disk debacle.
When I saw this I hear so clearly the words of Nelson... HAH HAH! And can't agree more.

Carelessness (1, Insightful)

Anonymous Coward | more than 5 years ago | (#25100083)

"It's even more careless than you think, and most likely an accident."

Not really. While the details are interesting, this is about the level of carelessness I expected.

Software cracks and other personal files somehow made it into the master ISO, and nobody caught it. We knew that already, and that fact alone implies massive carelessness by several individuals. TFA just shows the path that carelessness took.

And of course this is an accident. Unless you think Asus decided to go into the software crack business, what the hell else would it be? Someone screwed up.

I'm all for rhetoric and such, but come on--in a 2 sentence OP, 1 of those sentences shouldn't be throwaway.

I always get keygens for software I buy (4, Insightful)

Matt Perry (793115) | more than 5 years ago | (#25100091)

I always get keygens and cracks for software I buy as a safety measure, and test them in a virtual machine to make sure they work. With all the phone home activation that software does these days I don't want to have to call a vendor and beg for access to to software I've already paid for when Windows takes a nose dive. What if the vendor doesn't support that version any more and doesn't want to give me a new activation key? What if the vendor is bought or goes out of business? If I reach that point I can at least use the keygen or crack to protect my investment.

I can't fault anyone for having keygens for their apps.

Re:I always get keygens for software I buy (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#25100115)

Earth to dude! We don't give a shit that you use cracks! See a priest if you want to confess! Go to hell if you want! WE DON'T CARE!

There is a simpler, safer solution. (3, Insightful)

NotQuiteReal (608241) | more than 5 years ago | (#25100147)

I just back up my keys.

I have one key that is over 10 years old, that was updated by the company from an 8 digit code to a more secure 6-groups-of-5-alphanumeric code that still works.

Never needed a crack, and the key takes up a lot less space. Plus it I know it isn't a trojan program or a virus.

Re:There is a simpler, safer solution. (1)

yayotters (833158) | more than 5 years ago | (#25100195)

But that thread starter was saying that they didn't want to be bothered by limited activation keys in the future.

Re:There is a simpler, safer solution. (5, Insightful)

powerspike (729889) | more than 5 years ago | (#25100251)

It's not that easy anymore, programs like windows, anti virus software just to name a few, require you to either phone a number to active the software, or connect to the internet, if you don't do that, it won't run until you do. Now add in they usally only let you install the software X number of times per key/product, your going to be screwed in ten years if you need to activate software from today. Safely storing your serial/product keys these days for long term use is pretty useless.

Re:There is a simpler, safer solution. (1)

Technician (215283) | more than 5 years ago | (#25100649)

Safely storing your serial/product keys these days for long term use is pretty useless.

Using software that needs to connect to the mother ship to ask permission is pretty useless when there are plenty of alternatives.

I keep the keys for my older software as barcodes for easy entry with a barcode gun for quick reinstalls. Chance of accidental deletion or copy is pretty nil. They are pasted on the CD boxes.

Re:I always get keygens for software I buy (2, Insightful)

DigiShaman (671371) | more than 5 years ago | (#25100233)

Let be real ok? 99.999% of the time someone uses a keygen, it's to pirate software. Hey I've been guilty of it, sure (with Nero Burning rom). But I've also purchased a real key from their website a few months later. The point is, it's still wrong.

Do you think if I carried a crack pipe in my pocket, I could convince a COP that it's just a goodluck charm? You see my point right?

Re:I always get keygens for software I buy (1, Informative)

Anonymous Coward | more than 5 years ago | (#25100353)

Do you think if I carried a crack pipe in my pocket, I could convince a COP that it's just a goodluck charm? You see my point right?

Well, I believe that's the exact principle that allows head shops [wikipedia.org] to operate. Unless they can prove that crack pipe is not a good luck charm, they've got nothing on you. Course what you said may be true -- even if he can't take you in, you may not be able to convince the cop. :-)

Re:I always get keygens for software I buy (4, Funny)

commodoresloat (172735) | more than 5 years ago | (#25100363)

You see my point right?

That you're a crackhead?

Re:I always get keygens for software I buy (2, Informative)

Zironic (1112127) | more than 5 years ago | (#25100653)

>Do you think if I carried a crack pipe in my pocket, I could convince a COP that it's just a goodluck charm?

Yes you could, there is nothing illegal about owning a crack pipe.

Re:I always get keygens for software I buy (0)

Anonymous Coward | more than 5 years ago | (#25100721)

>Do you think if I carried a crack pipe in my pocket, I could convince a COP that it's just a goodluck charm?

Yes you could, there is nothing illegal about owning a crack pipe.

Unless there happens to be cocaine residue in it. Then they're got you on possession.

Re:I always get keygens for software I buy (1)

amirulbahr (1216502) | more than 5 years ago | (#25100325)

The DMCA makes a criminal out of you.

This is a strong case... (1)

dosh8er (608167) | more than 5 years ago | (#25100155)

for using TrueCrypt (or some other derivative). Aforementioned individual wouldn't have exposed that kind of sensitive information with an encrypted volume on the thumb drive. Shoot, Vista wouldn't have "looked" for an XML file in the case of an encrypted volume in the first place! This doesn't change my love for the ASUS mobo in my desktop. Solid.

Re:This is a strong case... (0, Offtopic)

QuantumG (50515) | more than 5 years ago | (#25100179)

Wow, you completely missed the point.

Re:This is a strong case... (1)

zullnero (833754) | more than 5 years ago | (#25100837)

Really? I thought the part about encrypting your personal thumb drive and how it would probably prevent you from doing something as stupid as using it for an unattended install...or at least encrypting your personal directory...made enough sense. Or maybe you didn't get that particular point?

I mean, ragging on the poor schmuck who botched his installs at this point is probably redundant, but offering a halfways decent idea up to every other smug schmuck ragging on the unemployed guy while inviting bad karma down upon themselves is probably worth a whole lot more.

Re:This is a strong case... (1)

MattPat (852615) | more than 5 years ago | (#25100223)

Shoot, Vista wouldn't have "looked" for an XML file in the case of an encrypted volume in the first place!

How very right you are. That's exactly why your solution would fail miserably, because the unattend.xml file was an integral part of the employee's job. No XML file = sitting there for an hour clicking through installation screens manually. :)

Re:This is a strong case... (1)

kitgerrits (1034262) | more than 5 years ago | (#25100625)

My guess is, the employee would have stored the XML file (with the company's installation key) inside the encrypted volume.
Net effect: zero

Lately their quality has been going downhill... (5, Interesting)

cyberjock1980 (1131059) | more than 5 years ago | (#25100171)

This is disappointing. A few months back ASUS got into a flamewar with GIGABYTE. GIGABYTE came out and told Tom's Hardware that ASUS used inferior parts, changed their % gains versus their competitor without changing the product whatsoever, and that ASUS's EPU feature is software instead of hardware(meaning it is inferior to GIGABYTE). GIGABYTE did come back and appologize for claiming ASUS used inferior parts(it was found that it was a different vendor's board that contained inferior parts). ASUS threatened to sue any website that talked dirty about ASUS when this all came to light. Check out http://www.tomshardware.com/news/asus-gigabyte-motherboard,5348.html [tomshardware.com] to read about the GIGABYTE versus ASUS drama. Then check http://www.tomshardware.com/news/asus-gigabyte-motherboard,5480.html [tomshardware.com] for ASUS suing GIGABYTE for the bad publicity.

I have been an ASUS user for many years, building many computers with ASUS parts. While GIGABYTE did include some false claims, they did have valid complaints for their other arguements. I was one of the people that was stuck with a motherboard that cost me $250 that didn't do quite what it was supposed to do, and as a result my linux based computer cannot use their power management function(because it is software based). GIGABYTE's is hardware, and is enabled in BIOS and doesn't care which OS you use. This one hit home for me. My computer is on 24x7, and I wanted my computer to be green. Unfortunately that dream will not be a reality with ASUS hardware.

This again paints a bad picture of the quality work ASUS has been doing lately. I am sure that my next motherboard won't be ASUS. They have lost points with me, and I am going to check out one of the other top tier motherboard companies.

I have never purchased a motherboard from GIGABYTE, but I'm already looking for motherboards for Nahelem when it comes out next month, and I'm not even looking at what ASUS is offering. Bite me once, shame on you. Bite me twice, shame on me!

Reasons for leaving ASUS:

1. Changing your product efficiency % gains after shipping the product for months, AND not changing anything on the product! As if they wouldn't get caught? Competitors are always shopping their other competitors!

2. They fail to mention that EPU REQUIRES Windows to run. I don't care what ASUS says. If it requires software(Windows based at that!), then it's software based. Even if its hardware functions are enabled by using the software.

3. Suing anyone who talks about their bad publicity from GIGABYTE. WTF? Seriously, WTF? That's RIAA type behavior, and I will not tolerate that type of child in my house.

I'm curious about that anti DR-DOS document (4, Interesting)

electrogeist (1345919) | more than 5 years ago | (#25100215)

OEM issued Microsoft document, which mainly says "do not distribute DR-DOS with any computers".

Is this something recent? Someone have one of these restore CDs to post the text? With the history of bad blood this could be a story in itself

Re:I'm curious about that anti DR-DOS document (1)

pecosdave (536896) | more than 5 years ago | (#25100411)

I don't think this is the actual document in question, but I found this [slated.org] while looking and I would say it qualifies as interesting and related. I like the reference to "scare tactics".

Re:I'm curious about that anti DR-DOS document (4, Informative)

Orion Blastar (457579) | more than 5 years ago | (#25100623)

Here is a reference to that [steve-parker.org] but Microsoft made sure the original articles got scrubbed off the Internet. There were things Microsoft did to GEOS, GEM, the Amiga, the Atari ST, Vision, Desqview, etc to discourage OEMS and hardware and software makers from supporting them and only supporting Microsoft products like MS-DOS and Windows instead. Microsoft did the same thing to IBM over OS/2. But most of the articles about that Microsoft had scrubbed off the Internet.

The history of the Amiga [amigahistory.co.uk] clearly shows its 8-bits roots with the Atari 2600 and Atari 400/800 series that evolved into the Amiga eventually, parallel to the Macintosh.

In the 1990's PC OEMS were fighting over the Amiga, but were loyal to Microsoft. But Microsoft used the same tactics against the Amiga that they used against DR-DOS, and killed the Amiga by leveraging what OEMS could and could not do and then Gateway had to sell the Amiga division to make Microsoft happy.

"The press attention to the Microsoft case reveals their relationship with Gateway. Jim Von Holle, a former Gateway employee, describes how the company tried to punish Gateway for the type of software they shipped. Although largely in the background, it became increasingly clear why Gateway chose to develop an alternative to the Windows market. Unfortunately, just a few months later Gateway's relationship with Microsoft regarding their set-top box would have a dramatic effect upon Amiga's plans. Who could have guessed Microsoft would play a major role in the Amigas downfall?"

I have said it before, but my comments got rated down as troll, by rapid Apple and Microsoft fanboys who hate the Amiga. This time I found the links that prove it.

It was not just DR-DOS that Microsoft murdered, but the Amiga as well. Apple had a hand in it by forcing Apple dealers to lose their license if they sold Amiga computers as well as Macintoshes. Then later Apple killed the Apple Dealers and did the store within a store and web store to sell Macintoshes as revenge on Apple dealers that still tried to sell Amiga One and Classic Amiga computers along with Macs.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>