TipsViaMail keeps spamming me…

On October 3, 2013 Adobe’s Database was hacked and about 150,000,000 Adobe users have their data exposed to a bunch of hackers. Anyone who even registered a single Adobe product , like I did,now has to deal with some extra spam in their mailbox. Unfortunately for the spammers, I used an alias that was used for just Adobe and after the hack, I provided them a new alias. As a result, any email on this old alias is now considered spam.

The hacked database was published and several companies have been datamining it to find their own users inside the database and to warn those users. In my case, only Adobe gave me a warning since only Adobe knew my alias. However, some companies are misusing the same database to pretend people have subscribed to their services and are sending spam to those people. And one of those companies calls itself TipsViaEmail.

First of all, if I did subscribe to their services, I would have used a different alias for them. Instead, they’re spamming me on my Adobe alias. Why? Not really sure but I guess they’re trying to make some profit this way.

Today I received a spam message from TipsViaEmail about some new way to chat with random people through Whatsapp. A bit like “Chat roulette” but on top of the Whatsapp engine. I’m not going to post the URL to this app because my virus scanner warned me about possible malware on their site. It seems extremely unreliable to me and is likely part of a trick to collect phone numbers, email addresses and perhaps even to infect mobile phones with malware. Don’t even try their stuff!

I think TipsViaEmail makes profit because they’re paid by these malicious companies to spam a lot of people. TipsViaEmail has a source of legitimate email accounts and claims these people subscribed to their service. So, people have to prove they never subscribed, which is difficult to do. How do you prove it? Well, I can because I have a habit of assigning aliases to every company I contact. And I can show how they got my address since they used my Adobe alias that was stolen by hackers.

They keep sending me emails once in a while but in low quantities so they won’t get a bad reputation with their providers. They send these spam messages through vistomail.com, which happens to offer ways to send email anonymously. Thus Vistomail is enabling spammers to send spam.

TipsViaEmail also allows a way to unsubscribe from their services by sending an email to an address at simpel-nieuwsbrief.com or by following a link at simpeltracking2.nl. In both cases, doing so would confirm your email address to TipsForEmail, making it profitable to sell to other spammers. They might stop spamming you, but those other spammers will start spamming you afterwards. At WhatCounts they calculated how much they could make by selling an email address and they earned about $17.34 per address! So we’re not talking about pennies when we’re talking about the value of email addresses.

And TipsViaEmail got their list for free because those hackers, who published the whole database!

So first, if you ever subscribed to an Adobe product then change your password immediately! Not just the password for your Adobe account but for all other accounts you have that used the same password! The passwords in the Adobe database were encrypted, but this encryption is being broken now so they will soon be exposed.

Next, find a way to use your own aliases with your mail provider. I did this by just getting my domain name, which costs me EUR 9.95 per year. I also use Google Apps so Google handles my email, even though it’s on my domain. And no, I don’t fear the NSA spying in my mailboxes. I just won’t send top-secret stuff by email anyways. It costs me another EUR 40,00 per year. But Microsoft Outlook and Yahoo Mail also offer similar services to connect your own domain to their email services. I just prefer Google since I think they have the best spam filter.

Finally, if you notice spam arriving at any alias, contact the company responsible for leaking your alias. (Adobe in my case.) They might not know their system has been hacked. And feel free to report the email to the proper channels. SpamCop is a good option internationally. (Do be aware that their URL ends at .net, since there are many copycats misusing their name!) For Dutch people you can report them too at SpamKlacht and people in Belgium can report spam to E-Cops.

(And don’t get fooled by spammers claiming you subscribed and who offer you an unsubscribe option. Unsubscribing will confirm your address, making it more valuable!)

Tricky spammer!

As usual, spammers trying to fool me and many others, and the best way to protect you against them is by sharing how they operate. (And by using a proper spam filter, which is part of Google mail. And today some message was in my spam folder which seemed to be legitimate. Well, okay… There was another hint telling me something wasn’t right. Multiple hints even.

Delivered-To: 
Received: by 10.50.83.72 with SMTP id o8csp50152igy;
        Thu, 5 Jun 2014 10:35:17 -0700 (PDT)
X-Received: by 10.180.76.210 with SMTP id m18mr17979380wiw.49.1401989716698;
        Thu, 05 Jun 2014 10:35:16 -0700 (PDT)
Return-Path: 
Received: from sm1.white-lines.net (sm1.white-lines.net. [188.65.149.28])
        by mx.google.com with ESMTP id cn1si16467631wib.60.2014.06.05.10.35.16
        for <vip@watb.nl>;
        Thu, 05 Jun 2014 10:35:16 -0700 (PDT)
Received-SPF: pass (google.com: domain of  designates 188.65.149.28 as permitted sender) client-ip=188.65.149.28;
Received: by sm1.white-lines.net id hi2736000dsi for ; Thu, 5 Jun 2014 17:35:15 +0200 (envelope-from )
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
From: Security Team <security@security-fix-required.com>
Return-Path: bounce-
To: 
Subject: Your website has a security leak!
Message-ID: 
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101
 Thunderbird/24.3.0
Date: Thu, 05 Jun 2014 17:35:15 +0200

Hello,

during a routine check, we discovered that the server hosting your domain h=
as a security leak and is currently vulnerable. Your website is at risk of =
being hacked! It's also running an outdated PHP version.

For further security details and secure managed server offers, please visit=
 our website:

http://www.security-fix-required.com//

Thank you,

Security Division
Managed Root Server

So, what did they do to make it seem legitimate? Well, it was a simple plain-text email with just a small amount of text. Apparently someone discovered a security leak in my website and is warning me about it. Since there are always white-hat hackers on the Internet who search for such things to warn the site owners, it could be legitimate. It even seems an automated message from an automated vulnerability scanner. So, it will probably fool a few people into clicking on the link in the email.

And that was the first thing that set me off. The domain name is a bit long and the URL ends with what seems to be a GUID or other identifier. If I would click on it, the site would confirm my address as legitimate and perhaps it would redirect me to some online advertisement or even a malware site. So, first lesson: If a URL has a weird number in it, it should be automatically suspicious!

Of course, the message doesn’t give me any information, just a warning. If they had detected something, they could have included a few more details. At least, they could have named the domain that they’ve checked. I have multiple domain names so this warning tells me nothing about the site.

They also mentioned a leak in an older version of PHP in my website, but my website doesn’t use PHP. I know this blog does, but this blog is hosted. It’s not on my server. And the host is making sure it stays safe with the latest updates. (At least, I hope they do but fortunately they have many other customers too.) If they had left away the remark about PHP, it might have looked more legitimate.

The fact that they don’t leave a name is reasonable, since hackers prefer to be anonymous. But hackers would use an alias instead, not some name of some server.

Of course, it also helped that this email ended up in my spam folder. Reporting spam thus helps protect others.If it had not been in my spam folder I would have reported it as spam myself, so Google would recognise it as spam in the future.

Some further analysis by using RobTex tells me the domain is very new. It was registered today, so probably not blacklisted yet. A Google search for the domain name is also interesting. These two should offer plenty of warnings about the site.

Of course, this wasn’t the only spam message, but it was the most tempting. Another message I received tried to sell me a specific kind of blue pills. A third one tempted me with some video but not only did Google detect it as spam, My virus scanner detected the URL inside the spam as potentially malicious. And Ruby Palace wants me as visitor, even though online gambling sites are illegal in the Netherlands if they target Dutch consumers. Since the email was in Dutch, one extra law was broken.

Again, the best weapon against spam is educating people about all the tricks spammers use and to make sure spam gets reported as such. If you use Yahoo mail, Windows Live email or Google mail, reporting spam as such should be a simple option.

Why social media aren’t happy with topless women in pictures…

People generally wonder why Facebook and Twitter seem to ban all forms of nudity, including the display of bare breasts. (Well, female breasts anyways.) Other sites have less troubles with displaying a bit of nudity. And people will always wonder why e.g. Facebook is that prudish. They even have troubles with pictures of women who are breastfeeding. Raevin WhiteBut on other sites they tend to have less troubles with the same type of content.

For example Tumblr has almost no restrictions to the material posted there, as long as it is legal to publish. On Twitter you’re allowed a bit more, like posting nipples in tweets. They won’t allow pornography, though. Many sites won’t, anyways. Still, there’s a good reason for this. The people who will join a specific site do so because of the generic content of the site.

Many social sites are aiming at teens and young adults and this means that the content needs to qualify to specific rules, especially if the site operates in the USA. For example, most people won’t be happy when their teens are visiting sites that has the occasional nude image. (Like this blog, for example.) They would block those sites, thus the site can’t target those teens with advertisements.

For Facebook, this would be a problem. Facebook has plenty of advertisements but also plenty of games that attract teens and young adults. They use Facebook to meet with friends, play games and whatever more. Thus, Facebook depends on this group of people and thus has to respond when people report “inappropriate material”. And because they have plenty of teens, they are extremely strict at that. Tumblr has less troubles with this. They make money from the bloggers themselves by offering premium services and premium themes. They also provide advertisements, although those are barely noticeable.

Tumblr doesn’t really target teens so the content can include nudity and even pornography. Because of that, it’s no surprise that you can find plenty of those on Tumblr.

And WordPress? Well, WordPress is available in several versions. You can host it on your own server, you can have it hosted by a service provider or you do as I do and let it be hosted by WordPress themselves. The hosted versions might be a bit more strict because the hosting provider has a reputation to keep up. Worse, since the blogger is paying the provider, the provider might prefer to have less visitors instead of many, to save bandwidth. Nude pictures are often large amounts of data and with many visitors the provider loses bandwidth.

Self-hosted WordPress sites have no restrictions, though. The worst thing that could happen is that police will confiscate your hardware and arrest you if you happened to host some illegal content.

So, one main reason to block nudity is because people don’t want their teen children being exposed to it. (While plenty of teens might actually be specifically looking for this material and might even exchange nude selfies with friends.) Social sites will have to know the type of visitors they generally have and adjust their content to those visitors.

At SecondLife, for example, the rules for content within the game were mostly quite relaxed. People were allowed a lot in their own lands, as long as it was marked as mature or adult. But SecondLife got into troubles after it was discovered that many underage teens would play the game too. And those teens were suddenly exposed to nudity, sex and a lot of other things. So they decided to create a separate version just for teens and kicked every teen from the adult world to the “nicer” teen world. And if new teens are discovered in the adult world, they too are kicked to the “kindergarten”.

And they banned most of the adult stuff from most areas except for the adult areas. Since you have to pay a lot to have an adult area, this meant that many people just left the game. SecondLife now has some competition because some developers started to create the OpenSimulator where people could just host their own second world on their own system.

This became even more complex after some groups started to combine forces and started hosting virtual world similar to SecondLife, but for much less money or even free. Because of this and the ban on adult material, SecondLife has lost a lot of people.

There are, of course, more reasons. Sites that want to have viewers in e.g. China need to be aware of the restrictions the Chinese government puts on content. No pornography and preferably no bashing of the government itself. Sites focussing on the USA might also block pornography because there are a lot of people in the USA whose religious views are against such images.

In the UK they’re even demanding that providers just block all pornography and adult sites, which led to plenty of protests because too much was blocked. So, sites who want to target citizens in the UK better clean themselves up so they will get past those (faulty) porn filters.

Again, Facebook belongs to those, thus they definitely want to stay clean. Basically, social sites have to choose between those who claim there’s too much nudity versus those who want to have more nudity. Some want more, others want less. And social sites just tend to listen to those who have the most power. Not the majority but those who have the biggest influence. And those would be the lawmakers.

For example, mentioning the Tiananmen Square protests of 1989 will likely get you banned in China. Not practical if you want to trade with people in China. Facebook has similar problems but all over the world. In too many countries the law puts some very strict restrictions on nudity. The USA and UK aren’t even the worst of them.

Facebook is also popular among Arab people, India and plenty of other cultures that frown upon female nipples. They want advertisers everywhere to pay them so they make a lot of profit and thus they have to give in to the demands of those lawmakers. Fortunately they also want to be in Europe so they can’t be too strict on their content, but still…

Nipples are banned because it might offend advertisers in certain areas. That would even apply to pictures of women breastfeeding their child. Male nipples are generally less offensive, though. So yes, there’s discrimination in the Facebook policies. But giving in to the demand to allow more nudity would cost them some of their advertisers, thus some of their revenue. It would only be worth their trouble if people would ban Facebook because of this strict policy.

Unfortunately, no advertiser is blocking Facebook because they don’t show enough nipples. And that’s why social media block nipples…

MtGox is close to bankrupt.

TodaY I received a PDF file called “Announcement of Commencement of Bankruptcy Proceedings_212014” And basically, it tells me that MtGox, a bitcoin market, is definitely going bankrupt. But that was to be expected. I have less than a single euro in bitcoins at MtGox I have no regrets for trying out their service. But plenty of other people have made big investments in bitcoins and stored them at MtGox. Chances are that they will have lost it all, since MtGox has plenty of bills it needs to pay first.

To make it more complex, its unclear if bitcoins can be considered equal to money or not. They’re just a collection of bytes in a specific order and format and they’re worth exactly what people are willing to pay for them. It will be interesting to see what the Japanese court system will think of the value of bitcoins. People might still get their bitcoins if the Liquidator thinks they’re worthless. But if the system in Japan is similar to the Netherlands, that Liquidator could just auction off all bitcoins that MtGox still have to pay off the debts. The remaining cash would then be compensation for anyone who had their bitcoins stored there.

Of course, plenty of other countries (the USA and UK) are probably willing to dig into the action and try to get some financial compensation too. Plenty of American people have lost a lot of money because of this. But the Japanese government goes first and all others have to pick the remaining bones. And I don’t think there will be a lot of meat left on those bones…

The lesson learned from this is, of course, that bitcoins aren’t that safe. Especially if you have them stored at some bitcoin site as MtGox. You are losing control over your money and considering how much bitcoins have been worth in the past, being careless with them can cause a big financial blow. Then again, people can also lose bitcoins if they store them on their own systems. Bitcoins on your phone can get lost if your phone is stolen or damaged. Bitcoins on your computer are always at risk of getting wiped away. I’ve heard of one guy who threw away his old laptop and later learned that he had a few thousands of bitcoins on it, each worth over $1,000 in cash! A very expensive mistake, although he had mined them himself so he did not really lose money. He just made no profits from the mining.

So, please consider what you’re doing when you will use some crypto-money like bitcoins. Make sure you’re well-informed and don’t buy them in large quantities if you just want to save your money somehow. It’s better to just start mining them yourself so your losses can be under control.

And yes, banks can go bankrupt too, but crypto-currency is a bit more riskier since there’s no proof to tell that you really owned them. Once they’re gone, you won’t get them back. This is still something that you should leave to true pioneers who are willing to take risks.

The email itself:

関係人各位

株式会社MTGOX(以下「MTGOX」といいます。)につき、平成26年4月24日午後5時00分、東京地方裁判所より破産手続開始決定がなされ、当職が破産管財人に選任されました(東京地方裁判所平成26年(フ)第3830号)。
今後、破産管財人において、MTGOXの財産管理換価、債権調査等の破産手続を遂行していきます。
つきましては、関係者に対する情報提供を目的として、破産手続に関する基本的事項を添付のとおりお知らせいたしますので、ご確認ください。

なお、このメールアドレス(mtgox_trustee@noandt.com )は破産管財人からの送信専用であり、貴殿が本メールアドレス宛の返信等をされても内容確認及び回答などの対応はできません。
破産手続の進行等については、ウェブサイト( http://www.mtgox.com/ )で情報提供をする予定ですので、当該ウェブサイトをご確認ください。
宜しくお願いいたします。

破産者株式会社MTGOX  破産管財人弁護士小林信明


To whom it may concern,

At 5:00 p.m. on April 24, 2014, the Tokyo District Court granted the order for the commencement of the bankruptcy proceedings vis-à-vis MtGox Co., Ltd. (“MtGox”), and based upon such order, I was appointed as the bankruptcy trustee (Tokyo District Court 2014 (fu) no. 3830).
The bankruptcy trustee will implement the bankruptcy proceedings, including the administration and realization of the assets and investigation of the claims.
For the purpose of providing information to the related parties, we hereby inform you of the basic matters regarding the bankruptcy proceedings as attached.

This email address(mtgox_trustee@noandt.com) is used only for the purpose of sending messages, and we are unable to check and respond to any replies to this email address.
Since we plan to provide the information regarding the bankruptcy proceedings by posting it on the website hosted by the bankruptcy trustee ( http://www.mtgox.com/ ), please check this website.

Bankrupt MtGox Co., Ltd. Bankruptcy trustee Attorney-at-law Nobuaki Kobayashi

Betaalverzoek inzake CJIB

Once more some stupid spammer trying to get people to pay them lots of money. It was sent to my sister who could not understand how she had to pay so she asked me how. I quickly discovered that this is a big scam and told her so. And I’m posting it here to warn other people about this scam too and how scammers try new tricks every time hoping for the suckers who are scared enough to pay.

Since this scam was written in Dutch, I will continue in the Dutch language.


Clip

Mijn zus ontving vandaag deze email van het “CJIB” betreffende een verkeersboete van 155 euro. Het dreigt ermee dat haar bankrekening wordt geblokkeerd met ingang van 13 mei, wat dus al gebeurd zou zijn. Ze moet voor 19 mei betalen, dus op de dag dat ze de email ontving. En ja, dat is de manier waarop spammers proberen om hun slachtoffers mee onder druk te zetten zodat ze betalen zonder na te denken.

Wat belangrijk is, is hoe de spammers aanwijzingen geven om een prepaid credit card aan te schaffen om zo de boete mee te betalen. Vervolgens moet je naar een site toe, waar geeneens een domeinnaam aan hangt. Het is een URL met IP adres 153.122.39.197 en daarbinnen een folder. Daar zie je vervolgend een vrij kaal scherm met een betaalknop.

Clip_2Clip_3Clip_5Klik je vervolgens verder dan krijg ik met Google Chrome al een waarschuwing dat de site is geblokkeerd wegens phishing. Ik neem even het risico en kom bij het volgende plaatje. Daar moet de 3B pincode worden ingevuld, waarna de oplichter de gehele creditcard kan leeghalen. Wie uiteindelijk een 19-cijferig nummer invoert krijgt vervolgens een pagina te zien die aangeeft dat de betaling succesvol was (terwijl ik een willekeurig nummer gebruikte) en ik zal binnen drie tot 5 dagen bericht krijgen van de belastingdienst.

Belastingdienst?

Het bedrag van 155 euro komt mooi overeen met de hoogste waarde van de betreffende maatschappij. Gelukkig hebben ze al door dat er dergelijke nepmails over het Internet gaan zodat iedereen op Beltegoed Opwaarderen daar nog eens de waarschuwing over deze oplichterij te zien krijgt.

Clip_4

Jammer dat de waarschuwing onder de betaalknoppen staat en niet erboven, waar ze nog beter opvallen. Maar iedereen zou dit toch als een waarschuwing moeten zien. Hopelijk is het duidelijk genoeg maar er zullen altijd mensen zijn die in dit soort oplichterij trappen.

Hoe komt het dat er zoveel mensen in trappen? Dat is heel simpel. Dergelijke berichten worden vaak naar grote aantallen adressen verstuurd. Als 1% van de bevolking er in trapt en ze versturen het naar 100.000 adressen dan zijn dat toch al weer 1.000 slachtoffers. En dat maal 150 euro maakt het een winstgevende actie, maar wel illegaal. Gelukkig is het percentage slachtoffers nog veel lager dan 1% maar al zijn er 10 slachtoffers in die grote groep, het geld komt dan wel binnen met relatief weinig moeite.

Hoe kun je je wapenen tegen deze oplichters? Eigenlijk moet je daarvoor gewoon goed opletten en goed weten hoe bepaalde bedrijven en organisaties werken. Het CJIB zal echt niet via prepaid creditcards betaald willen worden. Het CJIB zal sowieso nooit via het Internet boetes proberen te innen.

Dergelijke constructies zijn vooral bedoeld om geld weg te sluizen zodat het slachtoffer er niet meer bij komt. Je bent het geld gewoon kwijt zodra je op deze manier hebt betaald. Ook de creditcard maatschappij kan het niet terugkrijgen omdat ze het beltegoed erop gebruiken om bijvoorbeeld een duur 06-nummer mee te bellen. Dan is de creditcard leeg en ligt het geld bij een telefoon maatschappij die het weer moet doorbetalen aan een bel-bedrijf. En van daar gaat het geld weer verder weg van het slachtoffer.

Wat ook van belang is, is dat de site nergens om mijn persoonlijke gegevens vraagt. Deze staan zelfs niet in de email. Het is gericht aan de bestuurder, zonder zelfs een nummer van een kentekenplaat te vermelden. Dat kunnen de oplichters ook niet want ze hebben deze gegevens niet. Als iemand een rekening per email verstuurt dan zou je toch meer gegevens in de email verwachten. Het gebrek aan deze persoonlijke gegevens is ook een waarschuwing.

Wie technisch iets handiger is kan ook nog eens naar de ‘headers’ van de email kijken om te bepalen waar de email vandaan komt. En dan blijkt dat de email afkomstig is van hetzelfde IP adres als de site zelf. Een adres dat ergens in Japan te vinden is. Mogelijk een Japanse computer die onderdeel is geworden van een botnet en dus misbruikt wordt zonder dat de eigenaar dit beseft. Om de oplichter te vinden is dit dus geen behulpzame manier. Daarvoor zul je het geld moeten volgen…

Maar sowieso moet je altijd oppassen met verzoeken tot betalen per email. Eigenlijk zou je dat standaard moeten weigeren, tenzij je zeker bent dat het iets betreft dat je nog moet betalen.

Nu nog even de volledige email zoals deze is ontvangen via de hotmail account van mijn zuster:

x-store-info:4r51+eLowCe79NzwdU2kRyU+pBy2R9QCj0/8P6fDMVumMo6iGJG5XQGQsGw4y+KC5jGdX6A7+/ZVHRw3c8psWXtc+cAfssqe5kw3LdG9RbC+kh049fg5aL5vFishJNonRedbn/JCR2Y=
Authentication-Results: hotmail.com; spf=none (sender IP is 153.122.39.197) smtp.mailfrom=cjibnoreply@cjib.nl; dkim=none header.d=cjib.nl; x-hmca=none header.id=cjibnoreply@cjib.nl
X-SID-PRA: cjibnoreply@cjib.nl
X-AUTH-Result: NONE
X-SID-Result: NONE
X-Message-Status: s1:n
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtHRD0yO1NDTD02
X-Message-Info: OR3oMfwJnYHF1wanhF69C9Yey20TK9h7x9GWXuv5yaEGAfYu81s5sUj6V3GqMLsbaFOGIxV4jNuK1YTPnnwB8khYxF5czLKOeqtp5CEeiwA6KP8+eQfiSR4aZ+C9AR+10UtHFivL+rY5J1BgXCW7aHs
+IXGFCGuG7VDEq8ZxsEs1ttSXkle85ecru4AU5KBKfNEdJylVvJENsulQeQGWmUjowK3sd7ew
Received: from vps1.cpanel.net ([153.122.39.197]) by BAY0-MC6-F21.Bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900);
Fri, 16 May 2014 18:16:02 -0700
Received: from [62.140.132.229] (port=27929 helo=newran)
by vps1.cpanel.net with esmtpa (Exim 4.82)
(envelope-from <cjibnoreply@cjib.nl>)
id 1WlTE6-0002gc-Bo; Sat, 17 May 2014 10:15:51 +0900
Reply-To: <noreply@cjib.nl>
From: “Centraal Justitieel Incassobureau”<cjibnoreply@cjib.nl>
Subject: Betaalverzoek inzake CJIB
Date: Sat, 17 May 2014 03:15:51 +0200
MIME-Version: 1.0
Content-Type: multipart/related;
boundary=”—-=_NextPart_000_0040_01C2A9A6.59B75712″
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname – vps1.cpanel.net
X-AntiAbuse: Original Domain – hotmail.com
X-AntiAbuse: Originator/Caller UID/GID – [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain – cjib.nl
X-Get-Message-Sender-Via: vps1.cpanel.net: authenticated_id: newran/only user confirmed/virtual account not confirmed
Bcc:
Return-Path: cjibnoreply@cjib.nl
Message-ID: <BAY0-MC6-F21LjANJQ000b8ac21@BAY0-MC6-F21.Bay0.hotmail.com>
X-OriginalArrivalTime: 17 May 2014 01:16:02.0669 (UTC) FILETIME=[91B0C9D0:01CF716D]

This is a multi-part message in MIME format.

——=_NextPart_000_0040_01C2A9A6.59B75712
Content-Type: text/html;
charset=”Windows-1251″
Content-Transfer-Encoding: 7bit

<HTML><HEAD><TITLE></TITLE>
</HEAD>
<BODY bgcolor=#FFFFFF leftmargin=5 topmargin=5 rightmargin=5 bottommargin=5>
<FONT size=2 color=#000000 face=”Arial”>
<DIV>
<IMG align=middle border=0 width=400 height=69 src=”cid:00E9BAC800C5$03195E81$0100007f@uhxyhwczmgwjdgc”></DIV>
<DIV align=center>
&nbsp;</DIV>
<DIV align=center>
&nbsp;</DIV>
<DIV>
&nbsp;</DIV>
<DIV>
Geachte bestuurder,</DIV>
<DIV>
&nbsp;</DIV>
<DIV align=center>
&nbsp;</DIV>
<DIV>
U hebt een beschikking en vervolgens twee aanmaningen ontvangen voor het overtreden van een verkeersvoorschrift.</DIV>
<DIV>
Het openstaande bedrag is niet volledig op de rekening van het Centraal Justitieel Incassobureau (CJIB) bijgeschreven.</DIV>
<DIV>
Daarom zullen wij de bank opdracht gegeven uw rekening te blokkeren per dinsdag 13 mei 2014.</DIV>
<DIV>
Alleen persoonlijk bij het BKR zelf kunt u inzage krijgen in de informatie die het BKR over u ontvangt.</DIV>
<DIV>
Het blokkeren van rekening betekent dat de toegang tot uw rekening geblokkkeerd is met ingang 13-05-2014 voor een periode van vier werken.</DIV>
<DIV>
&nbsp;</DIV>
<DIV>
&nbsp;</DIV>
<DIV>
Met de 3v online krediet kunt u online op onze website de betaling voldoen. U dient hieronder te klikken op<B><I> </B></I><I>3v credit kopen</I> .</DIV>
<DIV>
<B>&nbsp;</B></DIV>
<DIV>
<B> </B></DIV>
<DIV>
<A href=”http://beltegoedopwaarderen.nl/3v”><FONT color=#0000FF><B><U>3v</B></U></FONT></A><A href=”http://beltegoedopwaarderen.nl/3v”><FONT color=#0000FF><B><U> credit
kopen</B></U></FONT></A></DIV>
<DIV>
<B> </B></DIV>
<DIV>
Let op: nadat uw de 3v (prepaid credit) heeft gekocht dient u de 19 cijferige nummercode hieronder te activeren om de betaling te voldoen.</DIV>
<DIV>
Klik hieronder op <I>aanmaning betalen</I><B><I>.</B></I></DIV>
<DIV>
<B>&nbsp;</B></DIV>
<DIV>
<B>&nbsp;</B></DIV>
<DIV>
<A href=”http://153.122.39.197/~newran/”><FONT color=#0000FF><B><U>Aanmaning betalen</B></U></FONT></A></DIV>
<DIV>
Het volledige bedrag van Eur 155,00 (inclusief kosten) moet uiterlijk 19-05-2013 worden betaald. Doet u dit niet, dan wordt u per 19-05-2014 geregisteerd bij BKR.</DIV>
<DIV>
Voorkom blokkade van uw rekening.</DIV>
<DIV>
&nbsp;</DIV>
<DIV>
<B> </B></DIV>
<DIV>
<B> </B></DIV>
<DIV>
Hoogachtend,</DIV>
<DIV>
<IMG align=middle border=0 width=120 height=60 src=”cid:00C18EFDDDDC$00C87F7D$0100007f@uhxyhwczmgwjdgc”></DIV>
<DIV>
Centraal Justitieel Incassobureau.</DIV>
<DIV>
<B>&nbsp;</B></DIV>
<DIV align=center>
&nbsp;</DIV>
<DIV align=center>
&nbsp;</DIV>
<DIV align=center>
&nbsp;</DIV>
</FONT>
</BODY></HTML>

——=_NextPart_000_0040_01C2A9A6.59B75712
Content-Type: image/jpeg;
name=”2007-04-05_handtekening.jpg”
Content-Transfer-Encoding: base64
Content-ID: <00C18EFDDDDC$00C87F7D$0100007f@uhxyhwczmgwjdgc>

[SNIP - Some UUEncoded data]

——=_NextPart_000_0040_01C2A9A6.59B75712
Content-Type: image/jpeg;
name=”download.jpg”
Content-Transfer-Encoding: base64
Content-ID: <00E9BAC800C5$03195E81$0100007f@uhxyhwczmgwjdgc>

[SNIP - Some UUEncoded data]

——=_NextPart_000_0040_01C2A9A6.59B75712–

 

A very generic datamodel.

I’ve come up with several projects in the past and a few have been mentioned here before. For example, the Garagesale project which was based on a system I called “CART”. Or the WordChain project that was a bit similar in structure. And because those similarities, I’ve been thinking about a very generic datamodel that should be handled to almost any project.

The advantage of a generic database is that you can focus on the business layer while you don’t need to change much in the database itself. The datamodel would still need development but by using the existing model, mapping to existing entities, you could keep it all very simple. And it resulted in this Datamodel:ClassDiagram(Click the image to see a bigger version.)

The top class is ‘Identifier’ which is just an ID of type GUID to find the records. Which will work fine in derived classes too. Since I’m using the Entity Framework 6 I can just use POCO to keep it all very simple. All I have to do is define a DBContext that tells me which tables (classes) I want. If I don’t create an entry for ‘Identifier’, the table won’t be created either.

The next class is the ‘DataContent’ class, which can hold any XML. That way, this class can contain all information that I define in code without the need to create new tables. I also linked it to a ‘DataTemplate’ class which can be used to validate the content of the XML with an XML schema or special style sheet. (I still need to work out how, exactly.) The template can be used to validate the data inside the content.

The ‘BaseItem’ and ‘BaseLink’ classes are the more important here. ‘BaseItem’ contains all fixed data within my system. In the CART system, this would be the catalog. And ‘BaseLink’ defines transactions of a specific item from one item to another. And that’s basically three-fourth of the CART system. (The template is already defined in the ‘DataTemplate’ class.)

I also created two separate link types. One to deal with fixed numbers which is called ‘CountLink’ which you generally use for items. (One cup, two girls, etc.) The other is for fractional numbers like weights or money and is called ‘AmountLink’. These two transaction types will be the most used transaction types, although ‘BaseLink’ can be used to transfer unique items. Derived links could be created to support more special situations but I can’t think of any.

The ‘BaseItems’ class will be used to derive more special items. These special items will define the relations with other items in the system. The simplest of them being the ‘ChildItem’ class that will define more information related to a specific item. They are strongly linked to the parent item, like wheels on a car or keys on a keyboard.

The ‘Relation’ class is used to group multiple items together. For example, we can have ‘Books’ defined as relation with multiple book items linked to it. A second group called ‘Possessions’ could also be created to contain all things I own. Items that would be in both groups would be what is in my personal library.

A special relation type is ‘Property’ which indicates that all items in the relation are owned by a specific owner. No matter what happens with those items, their owner stays the same. Such a property could e.g. be a bank account with a bank as owner. Even though customers use such accounts, the account itself could not be transferred to some other bank.

But the ‘Asset’ class is more interesting since assets are the only items that we can transfer. Any transaction will be about an asset moving from one item to another. Assets can still be anything and this class doesn’t differ much from the ‘BaseItem’ class.

A special asset is a contract. Contracts have a special purpose in transactions. Transactions are always between an item and a contract. Either you put an asset into a contract or extract it from a contract. And contracts themselves can be part of bigger contracts. By checking how much has been sent or received to a contract you can check if all transactions combined are valid. Transactions will have to specify if they’re sending items to the contract or receiving them from the contract.

The ‘BaseContract’ class is the more generic contract type and manages a list of transactions. When it has several transactions, it is important that there are no more ‘phantom items’. (A phantom item would be something that’s sent to the contract but not received by another item, or vice versa.) These contracts will need to be balanced as a check to see if they can be closed or not. They should be temporary and last from the first transaction to the last.

The ‘Contract’ type derived from ‘BaseContract’ contains an extra owner. This owner will be the one who owns any phantom items in the contract. This reduces the amount of transactions and makes the contract everlasting. (Although it can still be closed.) Balancing these contracts is not required, making them ideal as e.g. bank accounts.

Yes, it’s a bit more advanced than my earlier CART system but I’ve considered how I could use this for various projects that I have in mind. Not just the GarageSale project, but also a simple banking application, a chess notation application, a project to keep track of sugar measurements for people with diabetics and my WordChain application.

The banking application would be interesting. It would start with two ‘Relation’ records: “Banks” and “Clients”. The Banks relation would contain Bank records with information of multiple banks. The Clients relation would contain the client records for those banks. And because of the datamodel, clients can have multiple banks.

Banks would be owners of bank accounts, and those accounts would be contracts. All the bank needs to do is keep track of all money going in our out the account. (Making money just another item and all transactions will be of type ‘AmountLink’.) But to link those accounts to the persons who are authorized to receive money from the account, each account would need to be owner of a Property record. The property record then has a list of clients authorized to manage the account.

And we will need six different methods to create transactions. Authorized clients can add or withdraw money from the account. Other clients can send or receive payments from the account, where any money received from the contract needs to be authorized. Finally, the bank would like to have interest, or pays interest. (Or not.) These interest transactions don’t need authorization from the client.

The Chess Notation project would also be interesting. It would start with a Board item and 64 squares items plus a bunch of pieces assets. The game itself would be a basic contract without owner. The Game contract would contain a collection of transactions transferring all pieces to their first locations. A collection of ‘Move’ contracts would also be needed where the Game Contract owns them. The Move would show which move it is (including branches of the game) and the transactions that take place on the board. (White Rook gone from A1, White Rook added to A4 and Black pawn removed from A4, which translates into rook takes pawn at A4.)

It would be a very complex way to store a chess game, but it can be done in the same datamodel as my banking application.

With the diabetes project, each transaction would be a measurement. The contract would be owned by the person who is measuring his or her blood and we don’t need to send or receive these measurements, just link them to the contract.

The WordChain project would be a bit more complex. It would be a bunch of items with relations, properties and children. Contracts and assets would be used to support updates to the texts with every edit of a WordChain item kicking the old item out of the contract and adding a new item into the contract. That would result in a contract per word in the database.

A lot of work is still required to make sure it works as well as I expect. It would not be the most ideal datamodel for all these projects but it helps me to focus more on the business layer and the GUI without worrying about any database changes. Once the business model becomes more advanced, I could create a second data layer with a better datamodel to improve the performance of the data management.

 

 

 

Adventures in 3D.

I remember when Blender became first available for me. It was a 3D rendering engine and it looked fun, so I downloaded it, installed it and tried it. This was somewhere around 1999 and I still had a lot to learn back then. Still, I did not like the user interface of Blender (and still don’t) and I considered it too complex and not useful enough for myself so I soon forgot about it again. I still was interested in rendering 3D images, but I also wanted something simpler.

So, around 2004 I purchased a copy of Poser and it had the user-friendliness that I was looking for. I needed to collect all kinds of models, though. But by using models I could create some interesting images and could use my own CGI artwork instead of my own photographs for the software development that I like to do.

Being able to generate your own artwork for your applications is a better option than depend on stock material or purchasing/hiring others to make it for you. I don’t want to violate copyrights of others, but when you create websites, you need some graphical parts too and I needed to be my supplier of these images. Buttons were easy, since Paint Shop Pro and other 2D software had plenty of functionality to create them. But more complex things like showing a person behind a computer either required taking pictures or rendering a 3D model. Poser made the second option available to me.

When Second Life became hot, I also played a bit with that. Here is a 3D environment where you can build 3D objects simply by combining several basic shapes, or prims. (From primitives.) The game gave me a more comfortable feel around 3D environments and made me wanting even more.

And now its 2014. I have a piece of land in Second Life where I can build all kinds of things. I use the Firestorm viewer which allows me to exports my own objects from Second Life to use in other 3D software and from there I can continue to change them even further. Second Life also allows me to import back those objects I’ve exported and modified and allows me to import other objects from 3D software, although it does have a lot of problems with many of those models. Unfortunately, Second Life isn’t very clear when it reports errors and doesn’t seem to be able to simply fix some problems during import.

But in all this time, I’ve gotten a nice collection of 3D software which I will mention now, including where you can find it and what I think about it. All software I have are used on Windows systems.

Blender

Blender is a very popular product but I consider the user interface a bit complex. Too many buttons and options are polluting the screen and make it difficult to understand. To make things worse, it’s user interface behaves different from standard Windows user interfaces. Dialog boxes tend to appear anywhere, with plenty of different options instead of Yes/No or Ok/Cancel. Information is visible all over the screen so you have to look everywhere to find it. It’s just not intuitive, which is probably because this is an open-source collaboration between many developers who each left their own marks on the application.

Personally, I think the Blender user-interface needs a complete rewrite…

POV-Ray

POV-Ray is another 3D render engine and even older than Blender. POV-Ray uses scripts instead of a 3D graphical environment thus it’s not easy to use if you want to generate some 3D model. You just have to write each line in code for this software. Fortunately, there are plenty of 3D modelling applications that you can use to generate POV-Ray scripts. One of them is:

AC3D

AC3D is a commercial product that makes 3D modelling quite easy. Not as easy as Poser or Second Life, but it has plenty of good features. It’s user interface could use some sanitation, though. On my dual-monitor setup, some of the dialog boxes tend to pop up on the wrong monitor. But it’s very practical and supports several 3D image formats. For all others, you might want something that’s able to convert many different formats. Something like the Online 3D Model Converter or an application like:

AccuTrans 3D

AccuTrans 3D supports a few 3D image formats, allowing you to convert your models between different applications. This software also allows you to make some simple modifications to your models and I’ve used it to convert my Poser models to a format that Second Life understands. During this conversion, I also merge the parts of my models that all use the same texture, thus making the models simpler within Second Life. Of course, there’s an alternative that’s free:

MeshLab

MeshLab is open-source, but it has a clear user interface. It still has a few flaws, though. For example, it’s a bit slow compared to AccuTrans 3D. And it fails to correctly import some of my models correctly. It also fails to generate an export file that Second Life can read correctly, thus I need AccuTrans 3D to create those. (And even then Second Life tends to have problems importing them.)

Still, MeshLab is useful and allows you to make several changes to your models. But if you want to put models in proper poses, you will need:

Poser and Poser Pro

Poser is my favorite tool to create 3D models to use within my software. If I need a model of a person behind a computer, I can make it within 20 minutes with Poser. Just take a model of a person, add clothing models and a computer model, perhaps a desk and chair model and start rendering. It is very easy to use and it can import models created by other applications, although those will be less flexible than regular Poser models.

Another application that can be used with Poser models is:

DAZ Studio

DAZ Studio is free, thus making it very popular. It uses the same models as Poser does and DAZ also sells those models! Thus, DAZ has become very popular as supplier of Poser models.

But maybe it’s because I’m too used to Poser already, but I don’t like the user interface of DAZ Studio. To make it worse, I’ve tried to open some of my Poser models with DAZ Studio, only to discover that DAZ Studio did not accept many of the changes I’ve made to the models. Body parts were reset to their default shapes and it just did not look right.

Still, if you use Poser or DAZ Studio to render some new images, you’ll often want to have some interesting background too. Indoors settings aren’t much of a problem but outdoor images would need a more complex environment. One solution would be:

Bryce Pro

Bryce can make some great environments, although it seems to be missing some functionality. It also looks very small on my screen with a resolution of 1920×1200. While the results look very good, the user interface is less practical than the alternative:

E-on Vue

I use Vue a lot to render models that I’ve created with Poser. The reason for this is because Vue generates very good environments while Poser creates fine models. I could use Poser to render those models, but the lack of a good environment makes them look a bit boring.

Still, one problem with Vue is that it cannot export my generated environments for use in other software. Although Vue does have an export option, it also has many models that are not allowed to be exported. Thus you can create a nice sea, with boats and an island, and try to export it only to discover that you can export just one tiny rock from the whole scene. Vue is also quite expensive, compared to Bryce.

There is far more 3D software available, for all kinds of purposes. DAZ Studio also has Hexagon and Carrara:

Hexagon

Hexagon is just another tool to create models in 3D. I like to use it and have created a few things with it, but it tends to crash a lot. It’s not reliable enough for big projects because it can unexpectedly crash while you’re working on some project. While it is very user-friendly, the instability is just annoying.

Carrara

Carrara is similar to DAZ Studio and Poser, since it’s meant to put models in certain poses. But it combines this with landscape modelling, making it more useful. It has a simple interface, making it very practical to use. Less is more. Well, at least for user interfaces. Users tend to get lost in very busy interfaces.

Carrara can use Poser models and more. It can import templates I’ve created based on Poser models, although it doesn’t always succeed at importing Poser scenes. It can export to a format that Second Life should be able to read, but this too has some incompatibilities. Second Life is just too picky.

Second Life

It’s easy to forget but Second Life itself is also very capable of building 3D images. And it seems to be very user-friendly at this too, since it does so in an interactive way with the user. You have an avatar that can walk or fly around the object, which helps you to create models at a nice scale. It supports several primary shapes that can be used to build more complex items. It also allows great control over textures on your objects.

However, to build objects in Second Life, you need some land where you can build. This happens to be limited to certain areas, unless you yourself own some land. You also have to pay small amounts to upload images to the Second Life environment, making it costly in usage. So, there is an alternative:

OpenSimulator

The OpenSimulator is an alternative for Second Life. It’s open-source, thus free. But it can be used by the same viewers that are used for Second Life. It is a bit complex to set up your own simulations and OpenSimulator itself lacks a useful graphical interface. For this, you need a special viewer:

FireStorm

FireStorm happens to be a great viewer for both Second Life and OpenSimulator. While Second Life has its own viewer, FireStorm has some more advanced features and can be used for OpenSimulator. You can use it to build objects within Second Life or OpenSimulator and then export these for usage in other 3D software. Thus you could use Second Life to make a building or fortress and export it and use it in Poser with some models around it.

There are more viewers available for Second Life and OpenSimulator, but I would recommend to use Firestorm.

VastPark

One more simulator. Unlike Second Life, VastPark seems to focus more on businesses who want to make more interactive presentations. And what better to use for this than a virtual environment.

But like OpenSimulator, you can’t really use this without first generating the virtual environment. This takes time and some skills with 3D images. You need to create models and create textures for those models, else it’s just a lot of white on white…

VastPark could also be used to create complex animations by recording the actions within the virtual world. This would be useful for creating training material or support documentation of special events, like car accidents or office fires.

LightWave

I haven’t used LightWave but it looks quite nice. However, I use the LightWave file format as export format for Poser. I then convert those with AccuTrans 3D to the Collada file format, which Second Life can import. The only problem is that Poser models are extremely detailed because they are used to generate highly detailed images. Second Life can’t really handle that much details and often fails to import these models. I can use AccuTrans 3D to split the Poser model in several parts and import those parts one by one, which seems to have a better effect. However, the models that you will import this way in Second Life eat away a lot of your land usage, thus you need a large piece of land. Or your own simulation!

FreeCAD

FreeCAD is just another modelling tool. It has some good examples but it lacks some practical functions. However, missing functionality can be added through plug-ins. It is a good tool to combine with POV-Ray. It can do a lot based on the design mode that you’ve selected.

DeleD

DeleD is another modeller, which is more used for game development. It is useful for simpler objects, not Poser models. It works a bit like Second Life, where you select cubes, spheres and other primitives to build more complex objects.

Speaking of game development, there are also libraries for developers that can help them to create their own 3D software. For example:

Horde 3D

This is an open source 3D rendering engine, to be used in games and 3D applications. It has been created for speed, thus less practical if you want to generate highly detailed images. But in a game, you want animations, and you want them in real-time, running smoothly.

Ogre 3D

Ogre 3D is another 3D rendering engine, written in C++ and with wrappers for use with Python, C# and Java. It too is great to use with games and other interactive environments. It also supports Linux, iOS, Android, WinRT and the Mac OS X. Basically, it’s a library around the OpenGL specifications.

OpenGL

OpenGL isn’t really an application but today, it is part of almost every computer that has a graphics card. The Khronos Group is responsible for maintaining this standard, thus every graphics card can be used by the OpenGL protocol. (At least, if the manufacturer added the support for OpenGL.) Most 3D software relies on OpenGL to display its graphics, although there are plenty of games that use DirectX instead. However, DirectX is an API created by Microsoft to be used for Windows applications only. Thus, many developers are focusing more on OpenGL while Microsoft seems to try to push them back to DirectX.

Oculus VR

The greatest dream of 3D will be the Oculus Rift, a special piece of hardware that’s supposed to give you a 3D virtual environment. Basically, it’s made of two screens, each of them showing you a scene from a slightly different angle. Since each eye will only see one screen, your brain will see the virtual world in 3D. (Unless you’re a cyclops.) It will respond on the movements of your head and development for this device will ask a lot from future developers. The 3D worlds are arriving for consumers and companies. It’s still mostly eye-candy to have nice, 3D environments. Development for such 3D worlds is more complex than having a simple web page with text on it. It will need to conquer its place in this world.

However, there’s also development done on 3D televisions and monitors that would not require special glasses to view its content. If such a device would hit the market, then 3D development would become even more important…

So, developers… Prepare to go 3D!