How to boot a win 7 hard drive that was in Ubuntu system?

[Xen]

Joel Rees schreef op 08-04-2017 6:49:
> On Sat, Apr 8, 2017 at 12:29 PM, Xen <list at xenhideout.nl> wrote:
>> Joel Rees schreef op 08-04-2017 4:39:
>> 
>>> It really isn't rocket science.
>> 
>> 
>> Trust me, rebuilding the Windows boot configuration store (BCD, boot
>> configuration data) is rocket science, at least without a tool.

I really don't know what you are on about. The BCD is not the same as 
the MBR. The BCD is sitting on the "System" partition (usually 
/dev/sda1, so to speak) and can only be remade with Microsoft tools or 
likewise, I don't think there is any Linux tool that can do it.

> Is there a gparted package in Ubuntu? It would be dead simple to
> install Ubuntu to a USB, boot the thing, and install gparted on the
> USB system. Then you have point and click for all sorts of stuff that
> might happen on the way to repairing your MBR.

You say gparted can restore a Microsoft MBR. I don't know why you would 
trust non-Microsoft tools to do that. And I can't test right now 
because:

$ sudo gparted
Segmentation fault (core dumped)

>> Also, the Windows "bootrec" tool is no different from what fdisk 
>> could, or
>> would do, or something similar. It is just a command line tool like 
>> all the
>> rest.
> 
> Meaning?

Meaning that using it is not equivalent to "trusting people to do stuff 
for me that I want to do myself or want to be able to do myself".

You mentioned of course the yannabuntu thing. But the bootrec tools is 
the core tool for doing this sort of thing. Anything else is "another 
tool".

> Digital River was always a company that seemed to be shouting out
> "Trust ME" when it was doing things that companies I would like to
> trust would not do.

So you're basically just paranoid all around. The fact that Microsoft 
can test and verify themselves what images these guys are hosting is of 
no relevance to you.

No, everyone is suspect now, including Microsoft itself, because they 
might be installing trojans too, who knows.

Really *facepalm*.

> However, you did not post a link to Digital River. You posted a link
> to a site that claims it hosts images from Digital River and offers no
> proof.

And what proof could it possibly offer other than Microsoft-hosted SHA 
checksums that you say are untrustworthy?

> What it does offer, when you ripped into my paranoia, you mentioned
> it. But then you seemed to indicate that you had not actually checked.

It is not my job to guard against your paranoia. Maybe a psychiatrist, 
but not me, sorry.

> I usually use gloves when accessing sites that host ISOs and such of
> questionable legality because I know that a host that is willing to
> cross one legal line will likely be willing to cross another moral
> line. So I made some directories to isolate my work and used wget from
> within those directories:

That is just your assumption and your 'flaw' here. Sorry, again, can't 
help you with that.

Seek advice or something, I don't know.

>     mkdir -p isolation/corenoc
>     cd isolation/corenoc
>     wget --save-cookies ../cookies
> http://mirror.corenoc.de/digitalrivercontent.net/

Isolating the files (single file, mostly) downloaded using wget as if 
they can spring to action and destroy your system.

Because HTML files are so volatile, aren't they?

> Used vi to look at the files it saved. Sure, I'm paranoid. I do not
> want to wonder whether I have a keylogger on my system or not.

Hint: there is no possibility in the chain of commands between wget and 
anything else you do that will install a keylogger on your Linux system 
here okay.

Maybe you should isolate that HTML file in a concrete bunker in case 
some radiation leaks out too.

:-/.

> Since you ask, it would be dead easy to set up something like Boot
> Repair CD, seed it with a backdoor installer for several popular
> OSses, and then offer it on sourceforge under a pseudonymous username.
> 
> Yannubuntu has made his connection from the Ubuntu community to his
> Boot Repair CD pretty clear, but he or she has not made the reverse
> connection clear at all. That's why I'm asking him or her to post the
> reverse connection on sourceforge.
> 
> The ISOs you posted the links to have the same sort of problems, in
> addition to being technically illegal until someone sues Microsoft and
> the OEMs and gets a judgment that there is some sort of contract to
> keep those ISOs available.
> 
> The fact that you seem to ignore the basic principles I am telling you
> about makes me rather hesitant to trust what you say on the list, as
> well.

I still recommend some pills.

> If you want to get into things a little deeper, you knew that SHA1 has
> been broken?

> (1) Find a good reason to mirror ISOs from Microsoft.
> (2) At first, host them in perfect condition, along with the SHA1
> checksums from Microsoft and links to where the checksums can be found
> on Microsoft's site.
> (3) Make sure that the checksums are prominent on my mirroring site,
> and that the means of checking them is also prominent.
> (4) Troll various lists under various usernames with the information
> that the ISOs are there and provably safe.
> (5) Crack one checksum at a time, sufficient to insert a little
> backdoor into just that one ISO in some rarely examined binary deep in
> the System directory hierarchy.
> (6) Substitute the ISO some time after I had quit trolling.

There is just one issue with that under the current example:

that rarely examined binary will never get run by a person running 
bootrec /fixmbr or anything of the kind.

unless that bootrec /fixmbr installed a boot virus (I don't know if it 
gets run by the installer of course, I guess not) (but I'm not sure) 
your proposed exploit would not actually get used in this instance. You 
were talking about protecting your MBR. Well, this is not it.

> There are some other details about choice of binary to pervert and
> about the possibility of adding triggers, etc., and the necessity of
> perverting certain system functions enough that the OS would ignore
> the changes to just certain binaries. But there's plenty of room in a
> 2G ISO for that.
> 
> Public mirroring is relatively safe because the checksums are not the
> last line of defense. Maybe I have never met most of the Ubuntu
> developers face to face, but I interact with a lot of people who have.
> If one of them decides his reputation isn't worth enough to keep him
> honest, it will get noticed.
> 
> Even with something as controversial as systemd, the developers have a
> vested interest in keeping things working correctly at some level, and
> the openness of the processes partially protects things from certain
> abuses that can occur in closed commercial environments.
> 
> But this is a private mirror we are talking about, so the checksums
> are the only line of defense, and I don't know enough about the person
> or people hosting corenoc.de to have any good reason to believe they
> are not playing the game I describe above, or a similar one that I
> have not described but is significantly more likely. (Which is why I
> am not providing any hints on how to do it in a public forum.)

You are just forgetting one thing: if any of the images had trojans in 
them, they would

a) quickly get discovered by most virus-scanning software out there most 
likely
b) result in people talking about it on the net, and
c) the reputation of that person quickly getting tarnished to the point 
of having to take his content offline because the site is not that easy 
to find if you don't know how (for example because of previous searches) 
and sites that link to it would either remove their links or start 
calling it out on it.

The "Microsoft" community is much much larger than the Linux community. 
You don't think there are a dozen sites that would quickly determine 
this to be a fraud?

Moreoever, if these keyloggers or other things exist (i.e. botnet) there 
would be people like myself and others who would get hurt by it. My 
credentials would be stolen and I would find accounts getting hacked 
most assuredly. Now I can't say with a million percent accuracy that my 
computer is not part of a botnet (when it is running Windows). I can say 
that all Windows PCs carry Windows Defender which is pretty okay at 
detecting anomalies. I can also say that if this was a pervasive scheme 
that this software would quickly get updated with the means to detect 
this anomaly. So all indications show that this is simply not the case.

In other words, there is no reason to be worried until there is a reason 
to be worried and since I have had nothing happen to me nor anyone else 
that I would see on the net that would get linked to this download,

It simply means that you have a rather skewed conception of whom you can 
trust and whom you can't, because to you even Microsoft itself is a 
potential culprit as to its own software, most likely.

In this context of you not trusting Microsoft OR Windows at all, likely, 
then, at that point, the entirety of Windows turns into one big 
keylogger for you.

And in this context, any advice from you as to the usage of Microsoft 
Windows should simply be disregarded.

That's all.

And in the context of this thread, this is my last message here. Seek 
help ;-).

Regards.