Spam subject:
this going to expolad
It’s a stock spam, and what they’re trying to say is “This is going to explode.” But doesn’t “Expo-Lad” sound like a character from the Legion of Super-Heroes?
Just imagine:
“No one wants to come to our convention! What can we do?”
“Never fear! Expo-Lad will save us!”
Update: I can’t believe I didn’t think of this earlier, but maybe ExpoLad is related to TypoLad!
Some recent bizarre-but-true spam subjects:
Dinky $ch001girl$ of the universe
Obviously trying to avoid keyword filters (not that it helped), but come on—“dinky?” When was the last time you saw that applied to a person? And what exactly is a “schoolgirl of the universe?” It sounds like a new anime series or something, with schoolgirls and jet packs, roaming the galaxy to defeat evildoers.
trill boxing
It’s the fight of the 24th Century! In this corner: Curzon Dax! In this corner: Odan! Who will win? All I know is it won’t be my free time; when I looked up the names, I found Memory Alpha, a Star Trek wiki with waaay too much info. And there’s all kinds of stuff that’s happened since I stopped watching in the mid-1990s.
It lets a woman ride you like you’ve never been ridden before!
Sent to a spamtrap with a woman’s first name. Sure, you’ll reach a few who might be interested, but statistically speaking you’re better off targeting men. Or, if you take it literally instead of figuratively, horses. Last I looked, though, there weren’t too many horses with email. Unless you count pwnies, I suppose.
There’s a lot of misinformation out there about various web browsers. Opera can/can’t do this. Firefox can/can’t do that. There’s only so much you can do to promote one product when you only know rumors or outdated facts about another.
Opera users: If someone told you that Firefox was better than Opera because it doesn’t have ads, you wouldn’t take them seriously. You’d know the ads have been gone since last year, and you’d wonder what else they have wrong.
Firefox users: If someone told you Opera was better than Firefox because Firefox won’t let you reorder tabs, you wouldn’t take them seriously. You’d know that Firefox 1.5 did just that, and you’d wonder what else they have wrong.
And neither of you will convince an IE fan that Opera is better because of tabs and a built-in search box because they’ll tell you that IE7 has both.
When you’re trying to convince someone that X is better than Y, and they know Y very well, you’d better know Y well enough not to make statements that the other person knows are false. When you do, you’ll lose credibility, and the rest of your argument — the part you do know well — will suffer for it. (I suspect a lot of software flame wars get started this way!)
So here’s my suggestion: If you want to promote Opera, go and download Firefox 1.5. If you want to promote Firefox, go and download the Opera 9 beta. Either way, try out the IE7 beta (if your Windows version will run it) or fire up Safari (if you’re on a Mac). Mess around with them enough that you’re familiar with how they work, what you can do with them, and how they handle your favorite web pages. That way the next time you face an IE fan (to the extent that IE has fans), or a Firefox fan, or an Opera fan, or a Safari fan, you’ll be armed with accurate information.
As for the post title — I don’t think it’s necessary for the major browsers to be enemies. I think there’s plenty of room for cordial competition rather than a cutthroat struggle. But “Know Your Enemy” is a better attention-getter than “Familiarize yourself with the competition.” ๐
*This post originally appeared in two slightly different forms on my blog Confessions of a Web Developer at the My Opera community and on my Spread Firefox blog.
Remember how LiveJournal, TypePad, and related sites were down the other day? The official line was that “Six Apart has been the victim of a sophisticated distributed denial of service attack.”
It turns out that the DDOS wasn’t aimed at 6A, LJ, or any other part of their network. It was aimed at Blue Security, an anti-spam company, who decided to re-route their web traffic to their blog—a blog hosted on TypePad. So instead of their own site going down, it took out Six Apart’s entire network of millions of bloggers.
Classy move, guys.
I do admire Six Apart’s restraint in not pointing fingers themselves. If it had been my site (though in a way, I suppose it was, since I’ve got an LJ blog, even if I don’t update it very often), I would have been royally pissed off.
Sure, Blue Security didn’t launch the attack—but they did choose where to redirect it. Maybe they thought Six Apart would be able to handle it. Maybe they thought the attackers were targeting them by IP and not domain name. Maybe they were panicked and didn’t think. Maybe they thought things through, but 6A got bitten by the now-all-too-familiar law of unintended consequences. They could easily have pointed their domain name at empty IP space, or to localhost. Redirecting it to a third party was less like deflecting a punch and more like the “Do it to Julia!” moment in 1984, or the classic joke, “I don’t have to outrun the bear, I only have to outrun you.”
(via Spamroll)
Update: Additional articles at Computer Business Review and at Netcraft, and a Slashdot story.
Update 2: According to Blue Security, the DDoS was not targeting their website by name, and the DDoS didn’t attack their blog until after they had already redirected the website. So it looks like it was less a case of them redirecting the attack and more a case of the attackers chasing them.
*Sigh* Must remember to collect all facts before engaging in righteous anger.
Update 3 (May 9): Apparently “all the facts” as reported by Blue Security don’t add up… (via Happy Software Prole)
A mortgage spam started with this line:
D r ear Home O u wne u r ,
OK, so they’re inserting random space-letter-space sets into the text. But let’s ignore what they’re trying to say, and look at how it actually came out.
“Drear” home owner? (Or rather, “ouwneur?” Are they French?) Apparently I picked up the deed to the House of Usher or some such miserable domicile. I can’t say I’ve noticed any ravens around (not counting my comic collection, anyway), though I’ve certainly been awake many a weary midnight.
Lately I’ve seen an interesting pattern emerge in the comment spam logs here. Along with the usual collections of links to pills, porn, and watches, there are a bunch of trackback spam attempts using innocuous websites like Google and Yahoo and the phrase “this is very good,” over and over.
Title? “this is very good”
Blog Name? “this is very good”
Author? “this is very good”
The excerpt itself varies a bit, but is usually something like, “this is related article.”
I figure they’re either probes or attempts to poison blacklists.
What’s funny about these is that in the logs, the fields are all run together, so it looks like this:
author: this is very good title: this is very good blog_name: this is very good e-mail: …
The natural inclination is to break the phrases at the punctuation, so it looks like it’s saying, “This is very good title. This is very good blog name. This is related article.”—making it sound like Zathras is behind the keyboard!
After my latest round of supposed anti-fraud notices claiming to be from banks with which I don’t have any accounts, it occurred to me that phishing, 419 scams, email spam, blog spam, etc. are all scattershot approaches. They seem so obvious to those of us who are used to seeing them. It seems unthinkable that someone would fall for a phishing attempt that identifies itself as someone else’s bank, or buy pharmaceuticals from someone who can’t spell d.Ruugz. But they’re not intended for us. We’re just collateral damage.
Direct marketing often makes at least an effort to aim, because paper and postage cost money. That’s why businesses and charities will mainly share/sell their mailing lists among similar organizations, and not some random list of people. In this way, direct marketing is like riflery: you want each shot to be as accurate as possible.
Email, however, is cheap, and most spammers are using someone else’s resources to send out the mail anyway. It’s long been pointed out that they don’t care if 99% of their messages get lost in the ether. They only need a fraction of their list to respond. It’s like using a machine gun: you don’t have to aim, just spray the general area and at least one bullet is likely to hit your target.
So phishers don’t have to match their pitches to each recipient’s bank. If they plaster the net with messages claiming to be from Chase, it doesn’t matter if most of their messages hit Wells Fargo customers. Statistically speaking, some of the recipients will have Chase accounts, and some of them will be fooled, and that’s all they need to collect their virtual loot.
And the rest of us? Bystanders caught in the drive-by.
