Saturday, June 19, 2010

Phunny Phishing Phuckers

So I was checking my Charter webmail and I saw this email:

Protect Your valid Charter Account

Well, gosh... I have a valid Charter account! Also, the use of gratuitous capitalization must mean that this is both important and legitimate!  Let's look inside:


This mail is to inform all our CHARTER users that we will be 
maintaining and upgrading our website in a couple of days from now.As
a Subscriber you are required to send us your Email account details
to enable us know if you are still making use of your mailbox. Be
informed that we will be deleting all mail accounts that is not
functioning to enable us create more space for new subscribers, You
are to send your mail account details which are as follows:

User name:
Password:
Service Address Zip Code:

Failure to do this will immediately render your email address
deactivated from our database.

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.


Goodness! Apparently, nobody at Charter can do a simple SQL query to see if email users have logged into their email accounts within an arbitrary amount of time. The aggressive use of capitalization MUST Mean It Is a Legitmate Email about my CHARTER account... right? Boy, I sure do thank them for sending this and I am more than happy to the three pieces of information required for them to log in to my account... even though they have that information already.


Sigh. What a pathetic phishing attempt. Because Charter's abysmal webmail client sucks so much I can not look at the headers and launch a DoS attack against the originating IP. Some people want to rob me of all fun. Luckily, I had the presence of mind to hit "reply" and will ya look at that! This was in the To: field:


service.eng@msn.com


Of course, the info@charter.net was in the CC: field, which was who the email was allegedly from. So, yeah, this was a feeble attempt at harvesting email accounts on Charter, so watch out!


I think I am going to write an email bot and flood that account with messages, then contact MSN to let them know what's up.


One more time:


service.eng@msn.com is a stupid phisher

Friday, June 18, 2010

Cheap, safe, effective wasp spray

It's summertime in North Carolina and 'tis the season for our old friends the wasps. Yes, it seems they materialize out of thin air and for some reason or another we have more than our fair share at my house. I suspect the reason is due to the fact we probably have a Buick sized wasp nest in the attic, but to be frank I am too afraid to look up there.

There are plenty outside, which is generally fine with me as I don't spend a lot of time outside in the superheated humid air. Unfortunately, we will occasionally see one in the house and that can make for a bad time.

A couple of years ago I serendipitously found a wasp killer that doesn't cost a lot, is safe around humans, pets, and food, and knocks those suckers right out of the air. Simple Green. Yup, you know the stuff. I am particularly fond of their engine degreaser, which I usually keep a spray bottle of a dilute mix handy in my shop.

One day I heard the telltale buzzing sound of wasp wings beating against my fluorescent shop lights. I really don't know why they do it, but wasps apparently break into my house and beat their wings against my lights. Fascinating behavior really.  Anyway, I did not have anything handy to swat the wasp with (do you realize how hard it is to kill one??) so I grabbed my bottle of Simple Green. I tweaked the spray from a mist to a more directive pattern and gave him a couple of squirts. He dropped right off the light in a fit of anger, but the little devil seemed to be generally immobilized and flightless. That of course allowed me to dispatch him to Wasp Heaven with a step of my shoe on the concrete floor and that was that.

I've sprayed it at wasps and they have literally dropped from the air. I am really not sure if it kills them or just removes their ability to fly and walk correctly, but either way a solution of Simple Green gives me the upper hand in man-versus-stinging insect faceoffs.

The best part is that it does not have any cholinesterase inhibitors as do most insecticides. What is cholinesterase, you may ask? It is an enzyme that helps break down acetylcholine into acetic acid and choline, and is crucial for proper nervous system operation. Without it your nervous system either goes haywire or in to a state of paralysis. To give you an idea, weaponized nerve agents such as VX, Sarin, Tabun, and many others are cholinesterase inhibitors. Oh, and some venomous snakes produce cholinesterase inhibitors too. Personally, I'd rather not be spraying nerve agent all in my house but instead a shot or two of Simple Green seems to be more effective. And, it smells so much better.

Monday, June 14, 2010

GPS trackers on drugs

I was in my office this afternoon and in walked a private investigator, with whom I do a quite a bit of data forensics and technical intelligence work. I knew something was up as he had dollar signs in his eyes. When I'm not working with him and his partner on marital infidelity cases or sniffing out a network for days on end looking for evidence of industrial espionage, he's usually cooking up some 'get rich quick' scheme. He's not a scammer - he just wants to hit a big payday. Who doesn't, right?


I talk with him a bit and he's wanting to know a little bit about GPS trackers. That is really his partner's forte, but as he was out installing micro cameras I guess I would do in his absence. Actually, even when he is around I still get the occasional email, call, or visit (if it is REALLY important).


This PI is always looking to bid on jobs and today was no different. Inside a manila folder was two sheets of paper. One was a printed detail of a GPS/GSM tracking device that used telephone SIM cards. Another was an email with a bid proposal from an anonymous 'Fortune 500' client.


Apparently this large client was a chain pharmacy who was interested in devices that could be placed in drug bottles, so that when they were stolen they could be traced and the perpetrators dealt with accordingly. When he vocalized this request, the first thing out of my mouth was "somebody has been watching too much television". Visions flooded my mind of some big business know nothing manager type who has seen a few episodes of 24, or perhaps even Spooks (my favorite) and said, "Hey, we can do that too!" The company did specify that they wanted the device to be able to be placed in a bottle roughly the size of a 100 count Advil bottle. You know, something the size of a grain of rice that would give global positioning updates every 100 milliseconds or so. Yeah.


Well they were not wanting to protect their ibuprofen, obviously. They want to deploy these trackers into their stock of hard and often stolen narcotics. It's a plan that makes sense, at least on the surface and at least to someone who has no clue about how GPS technology works other than what they've seen in the movies or on television. Yes, pharmacies get broken into quite a lot. There's an independent one right down the road from me that used to get broken into all the time, but I believe that's stopped for the most part. I wonder if they bought GPS trackers? No, most likely they did the sane, intelligent, and cost effective thing by simply locking up their narcotics.


Did I mention there was a $1M budget for this project? Amazing. Needless to say, among much laughter I tried to explain to this guy that there's no way you can stuff a tracking device that is 60x40x15mm into such a small bottle without it being abundantly obvious, even to a dope fiend. I think I got the point across to him, but now I'm just curious if the client will get it too.

Sunday, June 13, 2010

A distorted reflection - Google Trends

Gee, since I've had this blog for over two years now and haven't posted anything, I think I'll do that now.


Everybody knows that Google has gobs and gobs of data and they track lots of things. Some of the more interesting data that they keep note of are search trends - you know, the stuff that people put into the search fields.


Google Trends is quite an interesting experience. I have it displayed in my iGoogle so every time I open my browser or pop open a new tab, there it is. Right now, today, here are the hottest trends:
1.german goalkeeper kills himself
2.coastal carolina university
3.germany vs australia 2010
4.wisconsin unemployment
5.tony awards 2010
6.german soccer team
7.pgad
8.unemployment wisconsin weekly claim
9.germany world cup
10.true blood season 3 premiere
11.robert enke
12.lukas podolski
13.four loko
14.german national anthem
15.loretta lynn
16.salem witch trials
17.neal parker crash video
18.miguel castro castro prison
19.bam margera
20.man vs food
This is some of the more normal stuff I've seen come across. After all, we are in the middle of the FIFA World Cup. Soccer (as we call it in the States) or football is not very popular here, but it has been gaining momentum over the past several years.


Anyway, this is the sort of minutiae that truly fascinates me - all the junk that people stuff into the search boxes. Examining it is a bit like knowing the will of millions of people. Powerful stuff, so much so it can drive one to distraction. I really wish I had more time to spend on my artificial intelligence projects that I was doing in Second Life as I think this data, properly parsed, could be used to create a robot that was more aware of current popular events than your average teenager.