Category: Tech

Posted on
by

To be honest, I haven’t used any instant messaging system much since college. But every once in a while I fire up Gaim just to see if anyone I know is on AIM or ICQ. I have a Yahoo account, but I’m not sure anyone I know actually uses Yahoo Messenger, and I’ve been avoiding MSN mainly on principle.

Sadly, it seems the IM wars have returned.

This time it’s Yahoo that’s blocked other clients from connecting to their networks. The most high-profile victim has been Trillian, another client which talks to multiple IM networks, but of course Gaim was hit as well. What’s interesting, this time, is that Yahoo claims it’s doing this to cut down on spam.

Now let’s think about this: In order to send and receive instant messages on Yahoo’s network, you need a Yahoo account, correct? So no matter what software a spammer uses to connect, he still needs to log in, which means Yahoo can control them inside the network. This is where current IM systems are fundamentally different from email: instead of many independently-controlled systems talking to each other, each IM service is one system with many accounts, more like a website with required registration. Place limits on what clients can do, and (barring bugs in your server) no matter what client someone uses, he can’t get around your spam/virus/hack controls.
Continue reading

Posted on
by

Long story short: while Eudora is still my favorite Windows-based email program, its HTML rendering is so bad that I had to read today’s Microsoft Technet newsletter on my Linux box. (And before anyone comments that I can set Eudora to use IE’s rendering engine, I don’t want the security mess of letting Internet Explorer handle my email.)

Posted on
by

This morning I recieved both a bogus “Out of Office” reply from someone at Halliburton (presumably from a virus that spoofed my address as the sender) and a new 419 scam variant, this one claiming to be someone in Iraq. (I still think of them as Nigerian scams, but they’ve gone seriously international over the past year or so.) Subject line: “EVERY IMPORTANT” (really!)

Something to consider on those vacation messages: I was just sent some random Halliburton employee’s cell phone number. Not that I have any use for it, but would you hand out your cell number to any random person on the Internet? I know I wouldn’t!

Posted on
by

I just came across an article on non-password authentication that refers back to an April 2004 survey of office workers which found that “71% were willing to part with their password for a chocolate bar.”

Wow. I know they say everyone has their price, but this is ridiculous.

It reminds me of the comic book Underworld Unleashed, in which a demon approached various DC villains offering to give them enhanced powers in exchange for their souls. The Joker sold his soul in exchange for… a box of cigars. “They’re cubans!” he explained.

Another good one: “I work in a financial call centre, our password changes daily, but I do not have a problem remembering it as it is written on the board so that every one can see it.”

Un. be. lievable.

Posted on
by

Some people browse collections. I collect browsers. Mostly I just want to see what they’ll do to my web site, but I have a positively ridiculous number of web browsers installed on my Linux and Windows computers at work and at home, and I’ve installed a half-dozen extra browsers on our PowerBook.

One project I’ve worked on since my days at UCI was a script to identify a web browser. In theory this should be simple, since every browser sends its name along when it requests a page. In practice, it’s not, because there’s no standard way to describe that identity.

Actually, that’s not quite true. There is a standard (described in the specs for HTTP 1.0 and 1.1: RFC 1945 and RFC 2068), but for reasons I’ll get into later, it’s not adequate for more than the basics, and even those have been subverted. That standard says a browser (or, in the broader sense, a “user agent,” since search robots, downloaders, news readers, proxies, and other programs might access a site) should identify itself in the following format:

  • Name/version more-details

Additional details often include the operating system or platform the browser is running on, and sometimes the language.

Now here are some examples of what browsers call themselves: Continue reading

Posted on
by

It came from the spam box! (cue scream)

Offscreen voice: AAAAAAAAA!

This one (which scored well above the threshold, thanks to SURBL) was an image-only spam, which means I have no idea what it was actually advertising. (You have to go deep into the preferences and answer several “Yes, I know what I’m doing” questions before KMail will do something as risky as fetching images over the web when displaying your mail.)

Anyway, the title of this piece was “avocado pit 8 tenors.” Along with its single image, it contained a paragraph of distracting words, and it looks like they might actually have been trying to form sentences:

When recliner defined by corporation is dirt-encrusted, of particle accelerator write a love letter to light bulb for.turkey about guardian angel is mitochondrial.Indeed, near apartment building seek fetishist defined by skyscraper.And plan an escape from the dark side of her ocean.about blood clot laugh and drink all night with near bowling ball, but industrial complex beyond pee on coward inside.He called her Kirk (or was it Kirk?).
perseverant grumble quintillion culver flowchart brandywine

OK, it doesn’t have the literary greatness of “The Eye of Argon”, or even Zero Wing, but I suppose not everyone can.

Posted on
by

OK, it’s time someone collected these comments from the SpamAssassin-Talk mailing list.

A week ago, Matthew Cline posted “Vowel Duplication Humor”

Subject: Regaain Your Yoooouth

Text: Hi Reyna, Reeeeeeegaiiin your yooooouth with Humaaaaaaan Grooooowth Hoormooooooone!

It’s like being spammed by ghosts. “Your dooOoooOOommmmed!! DoooOOoOOOoommed!!”

Today, in a thread describing the pattern as “stuck key” spam, Justin Mason said:

ha! I’ve been calling that “zombie spam” — you know, like “Braaaaaaaaaaiiiinssss….”

ยปAll pages site-wide with this tag