Crashed Pips - Computers, politics, emetic trash

Friday, November 7, 2008

Goodbye, IE6

Filed under: Internet, Microsoft — Tags: , , , — Jonathan Rothwell @ 18:23

Just a quick note to say that Internet Explorer 6 and earlier users will now be presented with a warning when visiting this site - telling them that their browser is outdated and probably a security risk to their own computers.

If you can’t upgrade to Internet Explorer 7 (or 8) then try Firefox, Safari, or Opera. If you can’t use any of those (eg you are still using Windows ME, 98 or earlier) then you really should consider upgrading your computer, or at the very least replacing your operating system with something more up-to-date, like Xubuntu.



Monday, August 18, 2008

Spammety spammety spam.

Filed under: Security — Tags: , , , — Jonathan Rothwell @ 12:47

Spam is one of those things that’s often so bad, it’s good. Today, I received one of those messages. It was sent to the hello@crashedpips.co.uk e-mail address (obviously harvested, from here) and I present the text below:

Dear customers,
Thank you for using our new service “Buy airplane ticket Online” on our website.
Your account has been created:

Your login: hello@crashedpips.co.uk
Your password: passRHK6

Your credit card has been charged for $669.57.
We would like to remind you that whenever you order tickets on our website you get a discount of 10%!
Attached to this message is the purchase Invoice and the flight ticket.
To use your ticket, simply print it on a color printed, and you are set to take off for the journey!

Kind regards,
Spirit Airlines

There are multiple reasons why this is dubious.

  1. I never booked a flight, and the idea I would do so with Spirit Airlines is ludicrous. Because they operate in the Americas as an ultracheap airline (a bit like EasyJet in the UK, but without as much orange.)
  2. As Spirit is an ultracheap airline, $669 (even with the current state of the dollar) is excessive.
  3. Printer is mis-spelled printed. It seems unlikely that a medium-size airline (still quite a large operation) would make such a mistake - can they not afford a dictionary?
  4. The ‘invoice’ and ‘flight ticket’ are attached in a ZIP file, apparently. Examination of the zip file reveals - yes, you guessed it - Ticket_N141-SK.exe, which looks suspiciously like a virus. I’ll be sending this off to some antivirus companies for analysis.
  5. They’ve obviously put in no effort with header spoofing whatsoever: the ‘from’ address is kvtgady (at] bradshawplace (full stop) com (address obfuscated to prevent spam to the (possibly) innocent owner of this address).
  6. Yep, the usual “Dear Customers” opening line (surprise, surprise).
  7. This is perhaps the most important point of all. It demolishes the e-mail’s premise in one swipe: I don’t even have a damn credit card. Even if I did, I’d have paid in pounds or euros, rather than dollars. If I did have to pay in dollars, I would have sent the money using a money transfer service or simply by popping a cheque in the post.

For the record, I’ve tried to contact Spirit about this, but the only phone numbers I can find are for their reservations centre, and the only e-mail addresses I can find are for comments on the Web site. If anyone can source a number or address direct to Spirit’s HQ, I’d be very grateful - it’s best the airline knows about this so it can post an advisory in its website.

EDIT: I’ve sent the file to McAfee and its online scanner says it’s spy-agent.bw. An extra .dat file is being issued for this - I’ll see what McAfee’s rules on redistribution are, and if it’s OK with them I might mirror it here for if you’re using a McAfee scanner. Meanwhile, Symantec won’t let me show them the virus unless I pay them money, and Sophos’s process is long and irritating.

The file will now be shredded to protect other machines on my network.



Monday, August 4, 2008

What’s Wrong With This Scanner?

Filed under: Security — Tags: , , — Jonathan Rothwell @ 02:22

I’ve just been told my C: drive is infected by errors in all the .dll files by a free online error and virus scanner I found on the Internet! OMG OMG OMG!

What makes this particularly amazing is that the scanner claims to have found viruses on the C: drive - when there is no C: drive (I’m on the Eee at the moment running Ubuntu). See what I’m getting at here?

However, people do get taken in by these things. I’ve seen it happen before where the Messenger Service in Windows XP has been hijacked, and gullible/inexperienced users have listened to the message, no questions asked. Of course, they don’t read the EULA (who does? they say.)



Thursday, May 15, 2008

We got a live one!

Filed under: Security — Tags: , — Jonathan Rothwell @ 18:44

I’ve just received the most believable phishing scam sent to my inbox to date. It’s still suspicious to ninety nine per cent of users, perhaps, but these things are certainly starting to look more believable.

For those who don’t know what phishing is, you should. It’s when someone purporting to be from a trusted organisation or person (such as, say, a bank) tricks you into giving them your details by contacting you, usually via e-mail. They’ll usually pretend that your account information needs updating, and will usually convey a sense of urgency.

Before clicking on that link, here’s a couple of important things to remember:

 

  • If in doubt, go to the bank’s website directly. That is by opening your browser and then typing its web address into the address bar. You could also phone the bank or go in person.
  • These messages usually try to instil a sense of urgency, with dire warnings such as “YOUR ACCOUNT WILL BE STOPPED IF YOU DO NOT VERIFY YOUR ACCOUNT”.
  • If someone purporting to be from a bank (or purporting to be a bank) e-mails you, automatically be suspicious. Even if you trust the organisation and/or hold an account there, phishing scams are often sent out to thousands and thousands of people at a time, in the hope that some of them will fall for it.
  • Remember, banks will NEVER e-mail you asking for confidential information. They will almost always write to you with regular snail mail, or phone you up and ask you to call them.

With that out of the way, here’s the e-mail:

Note that Mac OS X Mail didn’t render this as HTML, but other e-mail clients may well do, adding to the realism.

The text talks about ‘enhanced security measures’, which are, in fact, real. More and more banks have started giving you the option of having a Chip and PIN machine connected to your PC to add an extra layer of security to online transactions.

However, the website this links to actually looks incredibly realistic by phishing standards: it ties in relatively well with NatWest’s real site (leaving our site) and could certainly fool the novice computer user.

Note: I seriously discourage anyone from following the link in a phishing e-mail. It can do all sorts of things such as fiddle with your browser, and worse. I was going in because I wanted to demonstrate what a phishing site would look like, and because I was using a secure web browser (Safari).

Of course, there are ways to just irritate the phishers using this page.

As soon as our hypothetical gullible computer user has entered his/her account number, he is asked for his PIN and password. Alarm bells should be starting to ring here. Remember that this e-mail has arrived out of the blue, and has sent you to a site that is now asking for your password and PIN number.

If the user was gullible enough to enter his information here, the site next asks him for - wait for it - HIS DEBIT CARD NUMBER. Anyone with half a brain should realise that the bank should have your debit card number. It shouldn’t ask for it if you try to log in.

After this, quite cleverly, the phishing page redirects to NatWest’s real latest offers page (leaving our site) having captured Joe Gullible’s personal information. That information will now be sold on a seedy website somewhere for around £8. (That is around US$15.)

So, the moral of the story? Don’t believe everything you receive in an e-mail. Simple as.



Monday, April 28, 2008

Sneaky Grisoft advertising

Filed under: Security — Tags: , — Jonathan Rothwell @ 11:22

Interestingly, this seems to be advertising AVG’s paid security solution, AVG Internet Security, conveniently omitting any mention of the new version of AVG Free.



Saturday, February 9, 2008

Unsubscribe? My foot

Filed under: Security — Tags: , — Jonathan Rothwell @ 18:12

Spam often contains an ‘unsubscribe’ link that allows you to ‘remove your address from the mailing list’. Rubbish. It only proves the Email address is active.

You didn’t think the spammers would actually kindly refrain from emailing you, would you? No. Now we’ll put that to the test.

This is a widget showing the inbox of a Mailinator address - it was empty at 1810GMT today, and has been ‘unsubscribed’ from the mailing list using this address.

I fully expect it to be filled with spam by tomorrow: quite interestingly, the message displayed after unsubscribing said “my address has been removed” - whereas it should never have been on the list in the first place.



Monday, December 3, 2007

Insult spam?

Filed under: Security, Software — Tags: , , , , — Jonathan Rothwell @ 13:36

Spam

I’d like to share with you the text of some comments left on various articles on this blog today, which were very quickly thrown to the (Akismet) dogs.

NO NO NO! You are barking up the wrong tree mate! Most if not all the items which you have put shame upon are great!!!. HOW dare you. you insult me!

Your ideas aren’t very great, as a matter of fact, they won’t work. Sorry but I think you should reconsider most of your ideas.

壞主意!這無疑是個壞壞壞!你是不是一個很好的人,我不喜歡你,你侮辱了我!

I have no idea what this last quote means - if anyone can speak Japanese, you are invited to leave a comment (in English) on this post.

Приятель что вы о! BBC + ОИС = MI5? в россии даже нет имени мы получить эти каналы! Но, с другой стороны некоторые ваши рассказы довольно хорошие на iphone один очень верно! не в том, что ive даже рассматривать характер.

This one appears to be in Russian.

Crashedpips.com ist der schlimmste Website, die ich je gesehen habe, die nicht auffällig oder interessant, und es nützlich ist.

A quick translation on the Dashboard reveals this this is roughly equivalent to:

Crashedpips.com is not remarkable or interesting the worst Website, which I saw ever, those, and it is useful.

At least get the bloody address right!

OMG what a insulting website. Do you ever plan to write some positive on this website. I feel so stringly about my views i have decided to create a wikipedia for your crashed pips!! ENJOY.

The only people I think I could have insulted on this website are spambots, Microsoft, conservatives, George Bush and New Labour.

Either way, this Wikipedia article that was supposedly created does not, in fact exist.

Is this a new type of WordPress spambot? Has anyone else had similar experiences?



Tuesday, November 20, 2007

Not the government’s fault

Filed under: Politics, Security, The News — Tags: , , , , — Jonathan Rothwell @ 22:48

BBC Newsnight has just confirmed that the data on the optical disks which were lost by Her Majesty’s Revenue and Customs was not encrypted.

It just serves as a reminder that there’s a sucker born every minute. And, of course, this has given ammunition to certain right-wing newspapers against the government.

But, in reality, is it really fair to blame the government? It’s like blaming the Headmaster because your child hung himself with his tie at school. The buck stops with the idiot who sent it in the post instead of simply sending it down the line to the Government. It’s certainly not an excuse for the Tories to use in Parliament.



Encryption and Passwords for the Dummies at the Inland Revenue

Filed under: Politics, Security, The News — Tags: , , , — Jonathan Rothwell @ 18:33

So, Her Majesty’s delightful Revenue and Customs have now got into a bit of a pickle - they’ve lost 25 million people’s confidential information.

And, it appears that HM Revenue and Customs won’t tell us whether or not the data was encrypted, for ’security reasons’. Well, that generally means, ‘they aren’t’.

So, put simply, a huge cock-up.

However, it would have been made a lot better if the data had been encrypted - in other words, scrambled to make it impossible to read without a ‘key’.

So, if they weren’t encrypted, why not? And, what’s more, why the hell were they sent through the insecure postal system, and not either a) delivered by hand or b) delivered over at least two encryption methods by running a cable between the HQ of HMR&C and the Audit Office?

Nevertheless, most people reading this (well, if they have children) will be concerned about whether or not to worry about it. Well, chances are you don’t.

However, there are some common-sense rules concerning passwords etc - basic stuff, which is really important.

  • If you’re using a blank password, for goodness’s sake CHANGE IT!
  • If you’re using an easily-guessed password, such as password, open, security etc., change it.
  • If it contains you or your children’s date/s of birth, change it.
  • If it contains you or your children’s names, change it.
  • If it’s the same as your username, change it.
  • If it’s shorter than 12 characters, change it.
  • If it only contains letters or only contains numbers, change it.
  • If you haven’t changed the password for more than three months, change it.
  • If you’ve given it to someone, then you’re a twit. Change it.
  • If you see any unusual transactions on your statement, tell the bank and change it.

Common sense tells you most of these things, and you might think ‘it won’t happen to me!’. Tough luck, mate. The Bad Guys are out there to get you, and while we can’t stop government staff being so stupid, we can put in some common sense protection to avoid being affected.



Saturday, October 20, 2007

A Car Alarm For Your Laptop

Filed under: Apple, Macintosh, Security — Tags: , , — Jonathan Rothwell @ 15:20

I really like this idea. Put simply, you use your MacBook’s remote to ‘lock’ the computer. Then, when the motion sensors built into the machine sense movement (these are normally used to slow down the drives when the machine’s turned on its side) an alarm goes off, and the iSight camera takes a picture of the intruder.

Genius.



Older Posts »

Powered by WordPress 2.7 Comments are the responsibility of their respective author. The Rest © 2007-2009 Jonathan Rothwell, unless otherwise stated.