Tag Archives: also

Amanda Rousseau on becoming a cybersecurity researcher

The relationship between law enforcement and the infosec community can be cordial and cooperative at times. But it can also be confrontational and divisive, as in the debate surrounding backdoors in strong encryption for lawful access or the arrest of cybersecurity researcher Marcus Hutchins on charges of creating and selling malware.

In this Q&A conducted at Black Hat USA 2018, Amanda Rousseau, senior security researcher at Endgame Inc., a cyber operations platform vendor based in Arlington, Va., explained why the term “hacker” is unhelpful and how cybersecurity researchers find their way from being a script kiddie to putting on the white, black or gray hat.

Editor’s note: This interview is part two of a Q&A with Amanda Rousseau, and it has been edited for clarity and length.

What is your take on the apparent tensions between the cybersecurity researcher community and law enforcement or the government? 

Amanda Rousseau: ‘Hackers’ is really a term for people that don’t know the industry. I don’t usually say ‘hacker,’ unless they don’t know what a security researcher is.

If I’m in my running group, and they ask me what I do for a living, I’m like, ‘Oh, I’m just an engineer — a security engineer.’ [And they ask,] ‘What’s that? It sounds boring.’ You know? 

But even people that started out as a black hat or a gray hat hacker when they’re young usually transition to white hat when they get older. Back in the day — like ’80s, ’90s — that was the case. You can probably find someone and ask them, ‘Hey, did you ever download off of Pirate Bay before?’ … And they’ll probably say, ‘Yeah.’

But now, because they have that knowledge, they are the white hats of today helping out law enforcement, because, now that they’re older, they know it’s bad. 

I mean, even with law enforcement, there’s a fine line between legal hacking and illegal hacking, right? 

What is the best way to explain to those outside the community the nuance that comes with being a cybersecurity researcher?

Amanda Rousseau, senior security researcher at Endgame Inc.Amanda Rousseau

Rousseau: I think that they’re marketing it wrong. They use Hollywood really heavily to show this cool hacker lifestyle. But there’s a whole other side to that. I see it in the military sense; I see it as my mission. It’s more like cyberwarfare to me — that it’s my duty to protect whoever I’m protecting from the digital threat. If you see it in a sense of being a protector or a blue-teamer, it’s much more approachable than the negative context of being a hacker, right? 

And ‘hacker,’ in the dictionary, it was considered as a negative term. But in reality, it’s someone who thinks outside the box, finds the bad thing and then tells people how to fix that. And it’s hard to explain that to people who are not in it. But I think if you explain it in military terms, it’s much more easy to consume.

If you’re going after someone’s assets, you want to protect those assets as the guard. But you have to actively monitor what’s going on and then fix it as you go. And that’s pretty much what we’re doing, [asking], ‘How can we think outside the box to protect ourselves?’ And, ‘Can we probe ourselves to make sure that we’re protected from ourselves, too?’ — which we call pen testing

With the military analogy, the defensive part is pretty easy to explain. But could you expand on the offensive pen-testing angle?

Rousseau: There [are] two sides of that spectrum of people doing the offensive work so that the bad guys don’t actually do it. And [there are] the people who are defending, [who] build those infrastructures to protect it. 

Somebody has to play the other side, but they can’t know anything about the other team. They have to figure it out during the exercise. And that’s where you evaluate whether or not your assets are protected, which we call ‘red versus blue.’

The analogy I like to use is my car analogy. You have a purse in your car or a bag, backpack, right? It’s out in the open; [the] bad guy sees it [and thinks], ‘I want that bag.’ He could just bust the window in and get it. And you’ll figure it out early, because the car alarm will go off, the window’s busted and your bag is stolen. So, you can immediately rectify the situation. 

But because the bad guys are learning and getting smarter, they’re finding stealthier ways to get the bag out of the car without you knowing about it. Say, they figured out how to open the door through the rearview mirror by messing with the switches and unlocking the door. And instead of just taking up the whole bag, what they do is they put in a decoy bag so that you think that nothing is wrong until you look inside and there’s nothing in there.

It’s similar to protecting your assets. How do you know someone’s in your network if they’re being sneaky about it? You have to bubble up all of these alerts and logs in order to respond to it. And respond to an alert that makes sense. 

In the Target breach, they didn’t know how to respond to the alert, because the alert was so vague that they didn’t do anything about it until it was too late. A lot of it comes in usability and scalability. Can I put it on 1,000 desktops? And can I manage it with one to two people? 

If you think about it, there are more people trying to attack you than you can defend. So, the whole science around all of these vendor tools and everything is trying to make those two guys’ — that are doing blue team — lives much easier in protecting a huge company.

What do you think when you see stories about something like the recently discovered Yale breach, where they didn’t realize that it happened for 10 years? 

Rousseau: That’s common. I’ve been in breaches where they didn’t know it was in there for six months. [The attackers] kept coming back in and stealing more, coming back in and stealing more. And they found out they came in from a previous breach, so there were multiple people in the same network stealing.

They thought that they were covered. Their internal team, they had these certain [security] tools, but they weren’t actively looking. When they did log analysis, they were manually printing them out and analyzing the logs one by one, thinking that they would catch something. But scaling-wise, you really can’t do that.

Even people that started out as a black hat or a gray hat hacker when they’re young usually transition to white hat when they get older.
Amanda Rousseausenior security researcher, Endgame

It comes down to data science to bubble up the things that are anomalies and are important. With all of these cloud servers and data all over the place, there’s so much information on the internet that you’ve got to be able to scale to that level. 

Even now, I’m having trouble going over just 1,000 samples an hour. I can’t make copies of myself. But I can make code that can do my job. 

There [are] not enough people in the industry that do these technical jobs. That’s why I try to give back to the reverse-engineering community as much as I can — doing workshops and talks like this and different code — because I know how hard it is. It took me forever to get to where I am. I didn’t have those types of resources growing up; I just had to sit there and figure it out. 

Even the trainings that people come out of the military with, or the DOD [Department of Defense], or law enforcement, they’re forced to get some trainings, but some of them are not up to par of today. I think Black Hat is probably the closest you’re going to get to training that people actually use. 

How do we scale training and education to create the next generation of cybersecurity researchers?

Rousseau: That’s a big question that I might not be able to solve.

Slowly, but surely. You look at how big this conference is now and how big DEFCON is and all the other conferences, how big RSA is. There [are] all these little tiny conferences spinning up, and we’re all sharing information, but we have to compete with all the other careers out there, like medicine and finance.

There are so many BSides out there that try to cater to people local in the area, like Minnesota, Chicago, the Midwest, pretty much. So, they’re trying, but the content has to be there, too. Everyone can do technical work, but not everyone can teach. That’s another thing.

If they don’t know their audience, it’s going to be intimidating to people, and they’re going to lose them through teaching it. That’s why you have to provide more opportunities for different learning styles. I’m a visual learner; if you don’t have slides up, I’m not going to absorb anything. Or, [some] people just like to listen; [some] people like to read.

It’s kind of a balance of who can actually learn the material, and who’s passionate about it. When I was young, I was going for art. And I didn’t know I would be really good in this field until I took a class. So, you never know what you’re good at until you actually try it. 

Amanda Rousseau talks about computer forensics investigations

Amanda Rousseau, the senior malware researcher at Endgame who is also known as Malware Unicorn,  began her career working for the Department of Defense Cyber Crime Center performing computer forensics investigations before moving into the private sector.

At Black Hat USA 2018, Rousseau talked about her experiences with dead box computer forensics investigations — studying a device after a crime has been committed in order to find evidence — how to de-stress after spending a week reverse engineering malware encryption, and how to tell the difference between code written by a script-kiddie and a nation-state actor.

This interview was edited for length and clarity.

What was your role in computer forensics investigations? 
 
Amanda Rousseau: When I did forensics, I did criminal investigation. So if there was a murder, if there was domestic terrorism or something like that, they would give me the hard drive and I would analyze it. 
 
It was very specific; it’s not really intrusions, right? Intrusions are more dynamic. But even when you talk about attribution, I cringe because no one really wants to put their finger on where it came from, exactly. If you get it wrong, you could start a war.

I was never on threat intel, thank goodness. I was mainly doing case-by-case, just looking at a certain thing in malware, writing a report on it, giving it up to someone else so that they can do the groundwork. I was more behind the scenes.

Even now, I feel like it’s my job to take out all of the interesting information for them to put the clues together on there. Because when you think about when an FBI agent, or someone that’s doing the investigation, [they know] much more that I don’t know outside of what I see. I can only give my nonbiased results from what I’ve analyzed. And they can put the clues together themselves.

It takes a team. It takes a team to do that kind of stuff.

When it comes to computer forensics investigations, what were the challenges in ensuring the evidence was accurate? 

If there was a murder, if there was domestic terrorism or something like that, they would give me the hard drive and I would analyze it.
Amanda Rousseausenior malware researcher, Endgame

Rousseau: We had to prove that that person was at the computer at that time. Because there would be incidents where the wife’s husband, boyfriend, or whatever would be at her computer or vice versa. So you really couldn’t put that person at the computer doing that thing. Maybe there was a camera that took a picture that [proved] they were there, or maybe their alibi would prove that they were at the computer. But it’s really hard, even for that tiny moment in time, for dead box forensics
 
For intrusion forensics, it’s completely different. You can trace the IP [address] to the server, and it’s another jump server, and then you see who owns the server, and then the people on the ground have to go trace who’s at that address who owns the server and you get all the credit card accounts that paid for that server.
 
What was the most difficult thing that you had to do in dead box cyber forensics investigations?
 
Rousseau: One difficult thing was when I was learning; it was just a learning curve. All you had to do was do it more and practice. It’s kind of like reversing; the more you do it, the more experience you get and [you] see quicker ways to do things.

I think when I did intrusions investigation, the hardest thing to do was encryption, because you have to sit there and try to identify encryption algorithms backwards. And so you’re sitting there with pen and paper like, ‘OK. This bit gets flipped here.’ And you’re writing the whole algorithm down and trying to visualize it. And then you’d identify, ‘Oh, it’s doing this.’ And that’s like a week’s worth of work. But it’s fun. It’s like a puzzle to me.
 
A week-long puzzle, though. It sounds taxing.
 
Rousseau: Yeah. You really have to time-manage your brain. Like, ‘OK, it’s the end of the day. I’ll put my notes down.” Next day, pick it back up, figure it out. 
 
What’s a good way to decompress when trying to reverse encryption like that? 
 
Rousseau: You know, it’s funny because there’s a lot of reverse engineers that are runners, or triathletes. So I haven’t done a lot of running this year, but before, I was marathon training. Because you’re sitting there for hours and hours … just staring at code. We forget to stand up and move around and everything. But running was my only way to …
 
Overcompensate with marathons. 
 
Rousseau: Yeah, exactly. 
 

Now, rather than cyber forensics investigations, you’re mainly doing reverse engineering of malware. Can you walk us through that process? 
 
Rousseau: Pretty much my day-to-day job is looking at malware, taking it apart, writing a detection for it, doing the research. It’s either short term or long term, depending on what the product needs, or what the customer needs at that time, pretty much. 
 
There’s a process. If you’re looking at thousands of samples, you’ve got to have a way to triage all of that and bubble up the things that are important, or the ones that you should be looking at. Same with the file itself. I don’t want to just start from the beginning. I want to look at a clue and start there. 
 
A lot of the research that I did for my Black Hat talk was triage analysis. My boss asked me to do 1,000 samples in three days, manual analysis. I’m like, ‘I can do one sample in a few hours, but I don’t know if I can do all 1,000 samples in three days.’ 
 
So I developed this tool that helped me print out all the stuff that I needed in order to look at samples. I don’t have to look at every single sample, but just the ones that are important because otherwise I would be there forever. 
 
How do you determine what is important?
 
Rousseau: In a binary, you have these things called libraries that load — imports, pretty much. And a lot of these imports give you an idea of what the program is doing. So as an indicator, say it is loading user32.dll. What that is, is it could be doing user-related actions on the system. If you load in Winsock, it’s for sockets, right?

All of these different clues as to what libraries are loading, you can kind of get a sense of what it’s actually going to do, even the function that it’s going to call. Because then you kind of build in, ‘OK, well, it’s going to do something to the file system, it’s going to open up a socket and connect out to some IP address. I’m going to have to look for an IP address, I’m going to have to look for some strings creating a file in the file system.’ That kind of stuff.

But in order to that, I need to disassemble it and see when that happens, in what order it happens. Because goodware can do the same thing, but depending on the context — the order — is it doing it all in one function, or is it spread out? Some of those little clues pinpoint the ones that you need to look at. 
 
And these clues help you understand what kind of malware you’re studying? 
 
Rousseau: Yeah, and it depends on the motive. If you’re ransomware, you’re going to do encryption; you’re going to do file system activity; you’re going to call out to some onion server for the Bitcoin. If you’re spyware, you’re going to be doing keylogging; you’re going to be accessing the camera; you’re going to be trying to take screenshots of the desktop. So those are all different libraries to look. 
 
If you’re just a regular Trojan or a remote access Trojan, you’re going to be calling back out to your [command-and-control network]. You’ll receive instructions to do stuff. So if you know what kind of class they are, you’re looking for those indicators to place them into that class of malware. 

Have you seen any trends in the code across different malware types? 
 
Rousseau: Yeah, it’s funny because with ransomware, there were two main libraries that a lot of the ransomware stemmed off of. It’s kind of like this growing tree of variations of the same code. And because some idiot posted it on GitHub somewhere, all these little 19-year-old to 26-year-olds are playing with this code and making ransomware to make a quick buck. 
 
The ones that do well are the crimeware people that adopt ransomware and make it more like a business, a little large-scale business. 
 
SamSam?
 
Rousseau: Right, right. But when you’re reversing, you can see different code, kind of a mishmash of someone writing it this way and another. It’s like handwriting. You can tell when there’s two different types of handwriting on a page. It’s like that in code for me.

If you look at enough of it you can identify, ‘OK, this is kind of weird. Someone wrote it backwards,’ or that kind of thing. Even with WannaCry, the code for the exploit is completely different than the actual ransomware code. Actual ransomware code is really crappily done, but the exploit code was beautiful. So you know they were kind of mishmashed together. 
 
Well, the exploit code came from
 
Rousseau: It was released, yeah, from … Yeah.
 
I guess we know that the government has really good coders. I guess that’s the key there. 
 
Rousseau: Yeah, the nation-state stuff, you can tell the level of expertise in that developer because usually, that whole thing will look similar. If it’s one or two guys, maybe it will look different. But the more common malware, they buy that stuff off of black market deployment and it comes in a kit. And these kits, they add on their own pictures or whatever they want in the thing. So it kind of has this variant of this s—– code with whatever s—– code that they add in, pretty much.

For Sale – EVGA GTX 1080 Ti SC2 – Warranty to 30/06/2022

For sale is my EVGA 1080 Ti SC2, I purchased it brand new from Amazon on 30/06/17. It also includes the 5 year extended warranty with EVGA which I purchased and is valid until 30/06/2022 so roughly 4 years remaining.

The card has been pretty lightly used over the past year for PUBG mainly when I’ve had time, it’s been boxed up for the last few months though due to a house move and other priorities I’ve not had time to play so there isn’t much point me keeping it. I did put it back in to test and it runs perfectly, it’s in excellent condition boxed with all original accessories.

Will post via RMSD insured at cost which is £11.

Any questions just let me know.

Price and currency: 550
Delivery: Delivery cost is not included
Payment method: BT
Location: Bromley
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – EVGA GTX 1080 Ti SC2 – Warranty to 30/06/2022

For sale is my EVGA 1080 Ti SC2, I purchased it brand new from Amazon on 30/06/17. It also includes the 5 year extended warranty with EVGA which I purchased and is valid until 30/06/2022 so roughly 4 years remaining.

The card has been pretty lightly used over the past year for PUBG mainly when I’ve had time, it’s been boxed up for the last few months though due to a house move and other priorities I’ve not had time to play so there isn’t much point me keeping it. I did put it back in to test and it runs perfectly, it’s in excellent condition boxed with all original accessories.

Will post via RMSD insured at cost which is £11.

Any questions just let me know.

Price and currency: 600
Delivery: Delivery cost is not included
Payment method: BT
Location: Bromley
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – EVGA GTX 1080 Ti SC2 – Warranty to 30/06/2022

For sale is my EVGA 1080 Ti SC2, I purchased it brand new from Amazon on 30/06/17. It also includes the 5 year extended warranty with EVGA which I purchased and is valid until 30/06/2022 so roughly 4 years remaining.

The card has been pretty lightly used over the past year for PUBG mainly when I’ve had time, it’s been boxed up for the last few months though due to a house move and other priorities I’ve not had time to play so there isn’t much point me keeping it. I did put it back in to test and it runs perfectly, it’s in excellent condition boxed with all original accessories.

Will post via RMSD insured at cost which is £11.

Any questions just let me know.

Price and currency: 600
Delivery: Delivery cost is not included
Payment method: BT
Location: Bromley
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – EVGA GTX 1080 Ti SC2 – Warranty to 30/06/2022

For sale is my EVGA 1080 Ti SC2, I purchased it brand new from Amazon on 30/06/17. It also includes the 5 year extended warranty with EVGA which I purchased and is valid until 30/06/2022 so roughly 4 years remaining.

The card has been pretty lightly used over the past year for PUBG mainly when I’ve had time, it’s been boxed up for the last few months though due to a house move and other priorities I’ve not had time to play so there isn’t much point me keeping it. I did put it back in to test and it runs perfectly, it’s in excellent condition boxed with all original accessories.

Will post via RMSD insured at cost which is £11.

Any questions just let me know.

Price and currency: 600
Delivery: Delivery cost is not included
Payment method: BT
Location: Bromley
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – Dell Optiplex 780 SFF PC

Dell Optiplex 780 PC for sale. Has a 500gb HDD, Pentium dual core E6700 cpu and 4GB ram. Also has DVD drive. Cracking little machine nice compact size with plenty of punch as a media machine or for office stuff.Has Win 7 installed, but it has no COA so im not sure its genuine, so please assume no OS included. This is a base unit only so no mouse/monitor/keyboard.

£25 Collection only from Dudley. Can post at cost, but collection preferred.

Price and currency: £25
Delivery: Delivery cost is not included
Payment method: bt/ppg cash
Location: West Midlands
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – Cooler Master II / Asus Prime H270-Plus / 2 10TB Ironwolf Drives / 1 4GB Western Digtial

Hi,

I am selling my PC and as it is unlikely this will all sell in full. I will also price the individual parts as this will interest people more.

If you want the entire system I am looking for £650

Cooler Master Cosmos 11 – Still around £260 cheapest on Amazon – I am looking for £120 as I would class it as as B grade with only 1 minor mark on 1 side panel. Full pictures have been added but I would also ask you to check out the following links as this describes the case really well and shows great pictures and also spare parts you can buy for the case. My own pictures are attached.

I do not have the box anymore and if you are buying I would ask you to check it out, you won’t be disappointed and is in great condition and is one of the best Full tower cases. if you can’t drive fully to my location, I am willing to meet up half way.

COSMOS II | Cooler Master
https://www.cmstore.eu/cosmos-ii/

Asus Prime H270 – Plus – Still goes for around £90 on Ebuyer – the board is in perfect condition and I still have the box for it. I am looking for £55 for the board

Please check out the specs from the following link on ebyuer.

Asus Intel PRIME H270-PLUS LGA 1151 ATX Motherboard – Ebuyer

Kaby Lake Processor I5 7600 3.6ghz (Turbo Boost 4.1) – Cheapest now is around £180 and you can check this with google shop checker which checks all the major suppliers. (Can play 10 bit and HDR) and runs 4K super smooth. No need for a separate graphic card due to the integrated graphics capability’s of the chip, unless your a real gamer.

I would be looking for £110 for this

2 x Seagate Ironwolf 10TB NAS Hard Drive 3.5″ SATA III 6 GB’s 7200RPM 256 Cache

– They go for around £260 on the cheapest sites

1 of the drives was only bought from Ebuyer on the 16/03/18 so still has warranty up to 16/03/21 left which I am fully willing to help out if it goes wrong. I am looking for £170

The other drive was bought from Ebuyer on the 24/04/17 so still has warranty up to 24/04/20, again I will help out with warranty issues if they arise. I am looking for £150

1 x 4TB Western Digital Drive Hard Drive 3.5″ SATA III 6 GB’s 5400RPM 64 Cache

This drive is from 2014 so the warranty is now just run out –
I am looking for £70

2x4GB Hyperx Fury DDR4 2400mhz

Looking for £45

128GB SAMSUNG PM961 NVME TLC M.2 Drive

Samsung 128GB PM961 M.2 PCIe NVMe Performance SSD/Solid State Drive OEM

Is now around £60 new but I believe has been discontinued now – Solid M2 drive I used as my main drive. I am looking for £35

Warranty runs outs on the 12th Jan 2019

HX520 Corsair Modular Power Supply

An old power supply but still had has capability to run my Kabylake and 5 drives which I have used since the beginning. Difficult to put a price on this but I only used my system to play 1080p and 4K movies and shows, this really shows how brilliant the Kabylake is (Can play 10 bit and HDR). You could run a dedicated graphics card if you didn’t have so many drives – I really wouldn’t know how to price this, but it still works superbly well without a graphics card for movies an shows – I would ask for £35

Unfortunately you can only upload 10 pictures and I had about 25 to show you because of the the other products. You will have to ask me for photos for these products and I can get them emailed too you if your interested. My Apologies.

Please feel free to ask any questions you have

Thanks

Price and currency: 650
Delivery: Goods must be exchanged in person
Payment method: paypal or cash
Location: London, Middlesex
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – Dell Optiplex 780 SFF PC

Dell Optiplex 780 PC for sale. Has a 500gb HDD, Pentium dual core E6700 cpu and 4GB ram. Also has DVD drive. Cracking little machine nice compact size with plenty of punch as a media machine or for office stuff.Has Win 7 installed, but it has no COA so im not sure its genuine, so please assume no OS included. This is a base unit only so no mouse/monitor/keyboard.

£25 Collection only from Dudley. Can post at cost, but collection preferred.

Price and currency: £25
Delivery: Delivery cost is not included
Payment method: bt/ppg cash
Location: West Midlands
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – Dell Optiplex 780 SFF PC

Dell Optiplex 780 PC for sale. Has a 500gb HDD, Pentium dual core E6700 cpu and 4GB ram. Also has DVD drive. Cracking little machine nice compact size with plenty of punch as a media machine or for office stuff.Has Win 7 installed, but it has no COA so im not sure its genuine, so please assume no OS included. This is a base unit only so no mouse/monitor/keyboard.

£25 Collection only from Dudley. Can post at cost, but collection preferred.

Price and currency: £25
Delivery: Delivery cost is not included
Payment method: bt/ppg cash
Location: West Midlands
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.