As many readers of Information Security Buzz articles may already be aware, I have had published two articles about ‘Trust’ in relation to Russian applications, and as such I have set on a personal course to remove all links with such companies, relinquished partnerships, and have removed all said applications of origin from all my devices – that is, all except for one stubborn little piece of software!
The Technical Challenges
Having arrived at the juncture to run the final removal of such applications, I hit a very interesting, concerning situation in which said application not only refused to be uninstalled, but it also displayed several interesting and worrying characteristics – which left me thinking, was this a. Poor quality build, b. Language conflicts between character sets, c. Malicious activity? or d. Maybe a mix of all or some!
The first indication that all was not going well was, what seemed to be the presentation of a Chinese Character set being displayed on the application status bar as the uninstall progressed – See Fig 1 below
The next indication that all was not going to plan, was an Anti-Malware alert which was generated at the time of uninstall – not saying it was directly related, but interesting that it should be invoked at the time of the applications removal – see Fig 2 below:
Fig 2 – Anti-Malware Alert
I then attempted to run the removal again, but this time I ran into an error – again, maybe it is just one of those things, but… See Fig 3:
Fig 3 – Error Message
Again, with another attempt, life was getting more interesting, and I then encountered the following shown as Fig 4:
Fig 4 – More Issues
Finally, I gave up, and decided that the only way forward was to run a complete rebuild on the Windows 10 laptop to erase all traces of said application and any other of its associated components – and attempted one final fix, before trashing the logical environment – upon close-down, this time the Laptops O/S generated the screen shown at Fig 5:
Fig 5 – Close Down Screen
What was the issue? – Not sure, other than it was a first – was it just down to a poor quality of software build? Was it a matter of conflict in the code with the local supported language character set (however, this was an application for international use)? Was the Malicious Malware alert generated as a matter of coincidence, or was it related to the Russian code – again, the jury is out?
All I do know is, this is the first time I have encountered such a myriad of technical issues when uninstalling a commercial application available to the international market, and it has only gone one step further to raise the question of what can be trusted when it comes to what you install on your digital assets!
John is the Principle at Shadow-Intelligence (Si), partnering with PALISCOPE, BreachAware and iStorage. He is a Visiting Professor at the School of Science and Technology, Nottingham, Trent University (NTU) and holds the appointment of Editor in Chief for the International Journal of Cyber Forensics and Advanced Threat Investigations (CFATI). For the last decade he has delivered training courses in the Middle, and Far East to Commercial, Industrial, the Financial Services Sector, and Military Agencies, including the UAE, US, Pakistan, Saudi Arabia, Malaysia (KL), Singapore, Argentina, and Sao Paulo
He served in the Royal Air Force 22 years’, specialising in Counterintelligence, working with UK Agencies such as GCHQ/CESG, and others in the fields of SIGINT, COMINT and Satellite Communications, holding appointments such as System ITSO for a CIA SCIF.
In the commercials sectors of IT/Cyber he has worked for/with Logica, Bae, T5, GM, Experian, Betfair, Palace of Westminster, House of Lords/Commons, TSol (Treasury Solicitors) and provided Consultancy to the Saudi Arabian MOD, TRA (Telecommunications Authority (Dubai) and the Military Academy of Malaysia (KL) on SOC, CSIRT, Digital Forensics and OSINT. Within the last 5 years he has focused on Geopolitics, with global expertise around the UAE and Russia, Anti-Terrorist Operations (ATO), Cyber-Warfare, Dezinformatsiya (Disinformation) and Maskirovka (Military Deception).
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.