Monthly Archives: January 2014

One more spammer caught…

Posted on by

Well, it seems that a message about spam attracts other spammers. Fortunately you can also report spammers who try to spam through comments at SpamKlacht. And if the spammer or company mentioned by the spammer is located in the Netherlands, then they can take actions against them.

So, let’s display part of the report at the end of this post that I’ve received from SpamKlacht, which happens to be written in Dutch. (Sorry, but maybe Google Translate can help?)

In short, a french website has posted a Dutch message on a blog that’s mostly written in english. It’s likely that the servers from society26.com are hacked and misused to send this kind of spam. These spammers know that forum and blog spam is harder to trace and stop than regular spam by email. They also know that many blogs and forums don’t have very good systems against this kind of spam, although WordPress does an incredible job in stopping them.

What’s more interesting is that this message doesn’t contain an email address, phone number or even a URL to their own site. Most likely, that link would be www.euromovers.nl or that of one of their members. It’s not really helping much, unless people like me decide to look for them by using Google.

What actually happens is that the spammers are smart. They just pick up random texts from the Internet, in this case the About-page from Euromovers, they just shorten some of the paragraphs and use the text as their comment, hoping it somehow makes sense for the forum or blog administrators to let it pass. They know that if an administrator passes one spam message, it’s likely that the spammers account has become whitelisted and thus is allowed to post more comments. When that happens, the spammer will flood the blog or forum with spam.

With WordPress, it’s actually a practical way to bypass the spam filters. Fortunately, even though my site operates under a dutch domain name, its main language is english. As a result, I tend to consider comments in dutch a bit suspicious. But I also learned to just trust it’s spam filter, which hasn’t failed me yet.

The report from SpamKlacht:

U heeft een spam-melding geplaatst op spamklacht.nl, een website van de Autoriteit Consument & Markt. Dit document geeft een samenvatting van uw melding.

Spamklacht gemeld op  : 20-01-2014 09:43
Uw gegevens
Naam  : W.A. ten Brink
Adres  : xxxxxxxxxx
Postcode / plaats  : xxxx xx Amsterdam
Telefoonnummer  : xxxxxxxxxx
Gegevens van het mogelijke spambericht
Bericht ontvangen per  : Social Media, namelijk https://blog.wimtenbrink.nl/
Ontvangen op datum / tijd  : 19-01-2014 13:53
Ontvangen op adres  : Spamfilter heeft het tegengehouden.
Ontvangen van adres  : Verhuisbedrijf Euromovers uit Vlaardingen
Genoemd adres  : marita-cockett@gmail.com Www.solution26.com 87.98.172.16
Onderwerp  : Het betreft een bericht dat in mijn spamfilter van WordPress terecht is gekomen. Het bestaat uit drie delen, te weten de auteur, het bericht en een URL naar het bericht waar de spammer het probeerde te plaatsen.

[Author start]
Www.solution26.com
solution26.com/liens/?page=824
marita-cockett(at)gmail.com
87.98.172.16
[Author eind]

[Bericht start]
…… Verhuisbedrijf Euromovers uit VlaardingenVerhuisbedrijf
Euromovers uit Vlaardingen maakt deel uit van
het internationale netwerk van Euromovers International.
Dit netwerk bestaat uit hoog gekwalificeerde en betrouwbare
verhuisondernemingen in geheel Europa, de VS, Rusland, China, Australië
en Nieuw Zeeland. In Nederland is elk…….Bent u opzoek naar een professioneel
verhuisbedrijf dat werkt met ervaren verhuizers, professionele materialen, zelf vervoer
op maat regelt en werkt met een goede motivatie aan elke klus?
Kies dan voor de Verhuisbeweging, hét ideale verhuisbedrijf van Rotterdam en
omstreken. Wij zijn een erkent verhuisbedrijf dat zich door de jaren heen
heeft bewezen als betrouwbare en professionele verhuizer, daarom hebben wij ook een schadeverzekering gekregen, dus mocht er eventueel schade oplopen tijdens het verhuizen, geen punt!
Onze verzekering dekt de schade en betaald het aan u uit!
[Bericht eind]

Let’s talk about social media…

Posted on by

When I was a kid, there just wasn’t any internet. If you wanted to speak with someone else, you’d had to pick up the phone or just go visit them. Being social was complex because it involved plenty of travel to meet others. And even when the Internet was born, being social was still something that people did in real life, not behind a computer screen. Still, things slowly changed about 15 years ago, when people started to use the Internet for all kinds of fun things. It also helped that proper internet tools became more popular. (And free!) The increased speed and the change from the 33k6 modem to ADSL or Cable also helped a lot. And now, just one generation further, being social is something we do online, with bits and bytes.

But enough history. And no, I won’t explain what social media are because now, you’re reading stuff I wrote on such a social media website. (Yeah, a Hosted WordPress site, but I could have used Blogger or Tumblr too..) This discussion is about the complexity of all those social media, not their history.

Most people will be familiar with both Twitter and Facebook. On Twitter you post a message that you’ve just pooped and on Facebook you post the picture of the result. And if you’re a professional, you might also post it on LinkedIn, if you’ve pooped during office hours. Since you can connect these three together, you will start to build a practical resource with all kinds of personal information about you online. Twitter will be used to send small but important updates about yourself, your company or your products to every subscriber while Facebook is practical to connect with the consumers at home. But if you’re looking for a new job or need to hire or find some experts, you use LinkedIn for your search.

Search? That reminds me. There’s also Google Plus although not many people use it as a social platform. Still, people like it because you can use your Google Plus account to log in many other websites. (Facebook, LinkedIn and Twitter also support this.) Google also provides email accounts and document management tools, plus plenty of online storage, so it’s a very attractive site to use, even if people still are less social on Google Plus than they are elsewhere.

Yahoo also used to be a great social media center, but the competition with other sites has lessened its influence considerably. Many things that Yahoo offers is also available on other sites. Yahoo also used to be great with their email services until they decided to drop support for email through POP/SMTP, just when Google decided to start increasing their email services. By doing so, Yahoo lost much if it’s influence and never really managed to get some back, although their photo-service Flickr still holds plenty of value. (But here too, the competition becomes murderous.)

Pinterest, for example, can also be used to share photo’s with others, although Pinterest is mostly used to share pictures from others, to promote those people. Basically, it’s a site for fans. DeviantArt is a bigger challenge for Flickr and has a huge amount of graphics. Especially cartoons and CGI next to pictures. But DeviantArt is missing an easy way to connect your other social media to your DeviantArt account.

So Behance is another interesting photo site where you can build your gallery and, more importantly, allow people to contact you and offer you jobs and other career opportunities. It also connects better with other social media and if it was free, it would definitely kill Flickr. Unfortunately, the free version has limitations and the commercial version is a bit expensive if you just want to share a bit of your work. Or maybe you’d prefer Bitpine.

Then again, if you’re into the art of images and photo’s, you might like to try to make some profit by selling merchandise. Cafepress is known for this and allows you to upload pictures and put it on all kinds of things, including the cape for your dog or panties for your girlfriend. There are plenty of other sites that allow simpler merchandise like t-shirts but Cafepress just has a huge collection of things you don’t need but which still look nice with your picture on them.

There are more social media sites, of course. Including sites that will combine all your social media sites into a single reference for all your friends to know where you hang around. About.me will combine your bio, your résumé and all kinds of social media connections. Mine tends to have plenty of connections. Connect.me is also practical to connect with other people and allows you to build up your online reputation. TrustCloud is another medium that links people you know to your account. (Or mine.) Or go to Visify and tell others how active you are online.

An oldie is Reddit which is more like an online forum. However, it has so many users that all discussions go very fast. Vimeo can be used to share videos, just like YouTube. Or use GitHub if you’re a software developer and want to share your code with others. Or Society3 for those who need social media for their marketing strategies. Or, the simples one: FourSquare, where you can tell where you are and where you went.

Well, I’ve mentioned plenty of social media sites and it’s all great to share your personal information with the World and get your 15 minutes of fame. And they all connect to one another, often via ID providers from Google, Facebook, Twitter or LinkedIn and lately also from Adobe. (Although Adobe is mostly using its ID provider to have others connect to the Creative Cloud.) If you’re connected to even a third of these sites, then there’s a lot of information about you online. And this is where it starts to become creepy and dangerous.

First of all, the amount of personal information that people share is huge. The joke I started with that people tell others on Twitter that they’ve just pooped isn’t just a joke. It happens! But when people are on a holiday, they also tend to use Twitter, FourSquare and TwitPic to tell the World where they are. With more information on Facebook, thieves can try to find where those people live and rob those empty homes. They might also check LinkedIn to see if someone might have some interesting stuff at home. For example, a CEO of a company who’s on holiday in Italy is a more interesting target than a teacher visiting his aunt in Almelo. And this is just a few different media that can be abused by others without the need to hack anything.

So beware of your privacy and avoid sharing sensitive information online. Or at least be less interesting than the other online people.

But getting robbed is just one risk. You can protect your home, make sure there’s at least one person there when you’re on holiday. The problem is that all these media are connected to one another. And in general, you have given them permission to combine their information. And systems are as strong as their weakest links.

Take, for example, Facebook. Many websites use your Facebook ID to let you log in to those websites. Thus, if someone hacks your Facebook account, they also have access to those other websites. And if one of those sites has your credit card information, your bank account information or your PayPal information. They might not even need this information to make purchases in your name, simply because those connected sites remember this internally. I checked which all I use that are connected to Facebook and it turns out that I’m connected with over a hundred other websites! I know a few friends of mine have an average of around 40 other sites connected to their Facebook account and it’s easy to increase that number since plenty of sites want to connect to Facebook.

Fortunately, I have created several websites that connect to Facebook so several of those connected apps are actually my own sites. Still, it’s a lot. It means that you have to be aware that anyone who hacks my Facebook account will be able to use these other sites. What they can do on those sites depends on how those other sites have implemented their security. And the same applies with apps connected to Google Plus, Twitter or LinkedIn.

If you use Flickr or Yahoo then you might have connected that account with Facebook or Google Plus. Since Yahoo is used as ID provider for even more websites, you can see a complete chain fall down once your Facebook account is taken over. This makes Yahoo less reliable than the others. With Facebook, Twitter, LinkedIn and Google you can try to add more security. For example, only copy the ID key from the provider plus the email address and force the user to generate a new password for your site. Thus, if Facebook is hacked, they still need a password for your site.

Which causes another problem. When people have a few dozens of social media accounts, they start having troubles remembering all the passwords. I use an email alias for every site. Websites tend to allow visitors to log in with email address and password so I can use the same password for many sites, because the user email address is different for every site. (I still use different passwords too, though.) Most people just use the same address and password for many sites, though. And that’s a big risk, because if one of the sites is hacked, the hackers will be able to use that information for all the other sites.

The bigger websites do have a proper security. At least, that’s what most people think. However, both Adobe and LinkedIn have had some serious trouble with their user databases and users of both websites have received a notice in the past urging them to change their password immediately, because of the hacks. And these were just the bigger sites who dared to publicly admit they’ve been hacked. Smaller social media sites can be a bigger risk if their security isn’t strong enough. Which is why it’s actually better that they use ID providers from the bigger sites instead of implementing their own systems.

Developers often ignore security, thinking that what they’re making isn’t very interesting for hackers. But I can’t say it often enough and remind people that social media are just chained together. One weak link exposes all.

When you want to build your own social media website then be very aware of the security. Don’t build your own version unless you have an expert in your team. And even then have the code audited by another expert. Since social media chain together, a weak link in this chain will take it all down. Which reminds me of this xkcd comic:

xkcd

When you create your own ID provider, you’re just adding to the competing standards that already exist. What would make your system better than those others? Your site will be more secure by using an existing provider but if that provider has a weakness, your site will fall too unless you require more information.

My suggestion would be that people should be able to log in using Google Plus, Facebook, Twitter or LinkedIn but combine it with some extra security. You know, for example, the IP address from the visitor thus you can remember it. As long as it’s the same as in your history, it’s unlikely that the account is hacked. Once it changes, you should ask for one more extra piece of information like a separate password. The visitor should know this, since he might have had to enter it during registration.

Another option would be by asking the visitor for his mobile phone number during registration so you can send an SMS message as part of the authentication process. Thus, if a user is using a different computer, you can send an SMS with a security code. The user will have to enter that code and then you know you can trust that system. Add it to the list of trusted computers for this user and you can keep the visitor safe. (Microsoft is doing something like this with Windows Live.)

So, a long story just to start a discussion about the best way to secure social media, reminding everyone that there are actually a lot of sites chained together through all of this.

One more spammer: Adobe!

Posted on by

I like to use email aliases for every online subscription and registration I have to fill out. I like this because it allows me to recognise if companies are going to spam me or not. I also make sure that any checkbox for extra mails that is checked will be unchecked. Unfortunately, not all companies care about that.

One of them is Adobe, well-known from it’s PFD reader but I also happen to use Adobe Lightroom, which requires an online registration. Which I had to fill in, else I would not be able to use the software properly. Okay, so I did. And I used an alias.

Today, I received an unreadable email because the images inside are blocked by my mail reader.  They seem to have given or sold my address to kieseentablet.nl who likes to spam many people with all kinds of garbage. I think they’re trying to sell me a DVD box in this message, but I’m not sure and don’t want to know. Viewing those images would mean that my mail reader has to contact their servers with a special code, and that code will validate my address.

I have reported it to SpamKlacht and I hope they will take action against this spammer and against Adobe. Adobe is just as guilty for not keeping my address safe. They violated my privacy by sharing that address with others.

I will show the headers of this email, though. And I hope most spam-filters will pick this up and add this spammer to the blacklist. They should blacklist Adobe too, in my opinion, because this pisses me off! I expect some small internet-companies will leak my address but Adobe is supposed to be a serious, big international company. They just don’t care about their customers, that is clear…

Delivered-To: xxxxxxxx@xxxxxxxx
Received: by 10.50.173.36 with SMTP id bh4csp113728igc;
        Mon, 13 Jan 2014 00:38:24 -0800 (PST)
X-Received: by 10.194.104.66 with SMTP id gc2mr1505781wjb.75.1389602303789;
        Mon, 13 Jan 2014 00:38:23 -0800 (PST)
Return-Path: <bnc-24-data_sendout_1389545845_715_57-74@bounce.kieseentablet.nl>
Received: from mta2.parfumvandaag-mail.nl (mta2.parfumvandaag-mail.nl. [178.32.7.217])
        by mx.google.com with ESMTP id md15si7043232wic.62.2014.01.13.00.38.23
        for <xxxxxxxx@xxxxxxxx>;
        Mon, 13 Jan 2014 00:38:23 -0800 (PST)
Received-SPF: pass (google.com: domain of bnc-24-data_sendout_1389545845_715_57-74@bounce.kieseentablet.nl designates 178.32.7.217 as permitted sender) client-ip=178.32.7.217;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of bnc-24-data_sendout_1389545845_715_57-74@bounce.kieseentablet.nl designates 178.32.7.217 as permitted sender) smtp.mail=bnc-24-data_sendout_1389545845_715_57-74@bounce.kieseentablet.nl;
       dkim=pass header.i=@kieseentablet.nl;
       dmarc=pass (p=REJECT dis=NONE) header.from=kieseentablet.nl
Received: from localhost (localhost [127.0.0.1])
    by mta2.parfumvandaag-mail.nl (Postfix) with ESMTP id 16895163B348
    for <xxxxxxxx@xxxxxxxx>; Mon, 13 Jan 2014 09:38:23 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=kieseentablet.nl;
    s=default; t=1389602303; bh=Z5MpxKWITtojtkQ1ghnUMKSgLY4=;
    h=From:Reply-To:Subject:List-Unsubscribe:To:Date;
    b=o30KntUOp1TaT2j506DJmyK7Ak0hC2iWnPtEk+hDr6apIyYZyP3C1km805OO9c0Tb
     XnmzMnoyYn4XjgiFCStU2qKXZurqGGnr5dy2+J0b62I1dyHSISEVwvb2rfYW+3KRrX
     /dlIBtWM5mxPu7pencyad+BB8b9N+1coafAi6J/8=
MIME-Version: 1.0
Content-Type: multipart/alternative;
 boundary="=_cc78254c8040f1935d8f257c8e3ed1ee"
From: "Welkomstgeschenken Kies een Tablet" <nieuwsbrief@kieseentablet.nl>
Reply-To: leden@kieseentablet.nl
Subject: U ontvangt de complete Penoza DVD box
List-Unsubscribe: ,<mailto:unsubscribe_data_sendout_29865@bounce.kieseentablet.nl?subject=unsubscribe_29865>
X-Slip-uID: 2011425
X-Slip-active: N
X-BeverlyMail-Recipient: xxxxxxxx@xxxxxxxx
To: xxxxxxxx@xxxxxxxx
Date: Mon, 13 Jan 2014 08:38:23 +0000
X-BeverlyMail-MTA: 74
Message-ID: <1389602303-567845345AB@kieseentablet.nl>