The FBI in Lithuania wants to pay me 15 million dollars…

Posted on 2014/02/01 by W.A. ten Brink

I do love some of the spam messages I receive. Especially when the spammers try to pretend they’re the FBI or other important organisation and they want to pay me a few millions. And I can’t really imagine that some people are stupid enough to fall for this. Then again, if they send 5 billion of these messages, the chance is quite big for them to find an idiot or two willing to fall for this.

Those people must be even more brain-dead than the spammers…This is not a very expensive scam. They just ask for 420 USD instead of thousands of dollars. A payment for the ownership papers or whatever. And they tell me to stop being in contact with the other scammers, which is very good advise.

So? Well, it starts with Mrs. Maria Barnett from Canada. The address seems real, although it has been misused by plenty of other spammers. The address is actually used by an organisation with domain name standardchart.org and is registered by Joseph Sanusi. Too bad that name sounds a bit suspicious since there’s someone in Nigeria with the same name. (The governor of the Central Bank of Nigeria.) He is 75 and I don’t think he’s the spammer, so someone else either has the same name or they’re faking things even more. The domain name is registered but doesn’t seem to be linked to any site or server, because it’s pending a deletion.

Then they refer to Mr. Fred Walters of the FBI. Fred helped Maria to get their money from some Nigerian bank, and they got even a lot more. He even showed her a list of other beneficiaries and my name was on the list and I am eligible to get lots of money too. All I have to do is contact Fred on the email address of Steve Reed in Lithuania, who seems to work at super.lt, which is a Lithuanian website. I don’t really understand the language but Google Translate does. It seems to be an online book store. A strange place for the FBI. I would expect the CIA in that place instead.

Maria herself seems to work for Shaw, a Canadian internet shop. They sell televisions, phones and other stuff. So we have two shops in two different countries that are somehow related by some victim of a Nigerian 419 scam and a FBI agent.

Now, the email headers, visible at the bottom, show some more interesting connections. For example, I notice the name ‘Dealer.achyundai.com’, another chain in the spiderweb of the scammers. That domain is also pending deletion too. The IP address 67.211.119.59 seems to be down too, so it’s likely the scammers have already been taken down.

But this spam message just shows how dumb the spammers make their requests and yet people keep falling for it. If the story was more logical and the email addresses and domain names had actually been more real then I could understand why people fall for this. But this?

Delivered-To: ********@********.***
Received: by 10.50.87.105 with SMTP id w9csp17960igz;
        Sat, 1 Feb 2014 05:42:38 -0800 (PST)
X-Received: by 10.50.80.75 with SMTP id p11mr1777051igx.19.1391262158192;
        Sat, 01 Feb 2014 05:42:38 -0800 (PST)
Return-Path: <mrs.mariabarnett@shaw.ca>
Received: from Dealer.achyundai.com ([67.211.119.59])
        by mx.google.com with ESMTPS id x1si3519252igl.27.2014.02.01.05.42.07
        for <********@********.***>
        (version=TLSv1 cipher=RC4-SHA bits=128/128);
        Sat, 01 Feb 2014 05:42:38 -0800 (PST)
Received-SPF: softfail (google.com: domain of transitioning mrs.mariabarnett@shaw.ca does not designate 67.211.119.59 as permitted sender) client-ip=67.211.119.59;
Authentication-Results: mx.google.com;
       spf=softfail (google.com: domain of transitioning mrs.mariabarnett@shaw.ca does not designate 67.211.119.59 as permitted sender) smtp.mail=mrs.mariabarnett@shaw.ca
Received: from User (unknown [207.10.37.241])
    by Dealer.achyundai.com (Postfix) with ESMTP id 02525A7FA30B;
    Sat,  1 Feb 2014 06:57:03 -0500 (EST)
Reply-To: <stevereed1@super.lt>
From: "Mrs. Maria Barnett"<mrs.mariabarnett@shaw.ca>
Subject: Make Sure You Read Now.  
Date: Sat, 1 Feb 2014 06:57:10 -0500
MIME-Version: 1.0
Content-Type: text/html;
    charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-Id: <20140201115704.02525A7FA30B@Dealer.achyundai.com>
To: undisclosed-recipients:;

One more spammer caught…

Posted on 2014/01/20 by W.A. ten Brink

Well, it seems that a message about spam attracts other spammers. Fortunately you can also report spammers who try to spam through comments at SpamKlacht. And if the spammer or company mentioned by the spammer is located in the Netherlands, then they can take actions against them.

So, let’s display part of the report at the end of this post that I’ve received from SpamKlacht, which happens to be written in Dutch. (Sorry, but maybe Google Translate can help?)

In short, a french website has posted a Dutch message on a blog that’s mostly written in english. It’s likely that the servers from society26.com are hacked and misused to send this kind of spam. These spammers know that forum and blog spam is harder to trace and stop than regular spam by email. They also know that many blogs and forums don’t have very good systems against this kind of spam, although WordPress does an incredible job in stopping them.

What’s more interesting is that this message doesn’t contain an email address, phone number or even a URL to their own site. Most likely, that link would be www.euromovers.nl or that of one of their members. It’s not really helping much, unless people like me decide to look for them by using Google.

What actually happens is that the spammers are smart. They just pick up random texts from the Internet, in this case the About-page from Euromovers, they just shorten some of the paragraphs and use the text as their comment, hoping it somehow makes sense for the forum or blog administrators to let it pass. They know that if an administrator passes one spam message, it’s likely that the spammers account has become whitelisted and thus is allowed to post more comments. When that happens, the spammer will flood the blog or forum with spam.

With WordPress, it’s actually a practical way to bypass the spam filters. Fortunately, even though my site operates under a dutch domain name, its main language is english. As a result, I tend to consider comments in dutch a bit suspicious. But I also learned to just trust it’s spam filter, which hasn’t failed me yet.

The report from SpamKlacht:

U heeft een spam-melding geplaatst op spamklacht.nl, een website van de Autoriteit Consument & Markt. Dit document geeft een samenvatting van uw melding.

Spamklacht gemeld op : 20-01-2014 09:43

Uw gegevens

Naam : W.A. ten Brink

Adres : xxxxxxxxxx

Postcode / plaats : xxxx xx Amsterdam

Telefoonnummer : xxxxxxxxxx

Gegevens van het mogelijke spambericht

Bericht ontvangen per : Social Media, namelijk https://blog.wimtenbrink.nl/

Ontvangen op datum / tijd : 19-01-2014 13:53

Ontvangen op adres : Spamfilter heeft het tegengehouden.

Ontvangen van adres : Verhuisbedrijf Euromovers uit Vlaardingen

Genoemd adres : marita-cockett@gmail.com Www.solution26.com 87.98.172.16

Onderwerp : Het betreft een bericht dat in mijn spamfilter van WordPress terecht is gekomen. Het bestaat uit drie delen, te weten de auteur, het bericht en een URL naar het bericht waar de spammer het probeerde te plaatsen.

[Author start]
Www.solution26.com
solution26.com/liens/?page=824
marita-cockett(at)gmail.com
87.98.172.16
[Author eind]

[Bericht start]
…… Verhuisbedrijf Euromovers uit VlaardingenVerhuisbedrijf
Euromovers uit Vlaardingen maakt deel uit van
het internationale netwerk van Euromovers International.
Dit netwerk bestaat uit hoog gekwalificeerde en betrouwbare
verhuisondernemingen in geheel Europa, de VS, Rusland, China, Australië
en Nieuw Zeeland. In Nederland is elk…….Bent u opzoek naar een professioneel
verhuisbedrijf dat werkt met ervaren verhuizers, professionele materialen, zelf vervoer
op maat regelt en werkt met een goede motivatie aan elke klus?
Kies dan voor de Verhuisbeweging, hét ideale verhuisbedrijf van Rotterdam en
omstreken. Wij zijn een erkent verhuisbedrijf dat zich door de jaren heen
heeft bewezen als betrouwbare en professionele verhuizer, daarom hebben wij ook een schadeverzekering gekregen, dus mocht er eventueel schade oplopen tijdens het verhuizen, geen punt!
Onze verzekering dekt de schade en betaald het aan u uit!
[Bericht eind]

Let’s talk about social media…

Posted on 2014/01/19 by W.A. ten Brink

When I was a kid, there just wasn’t any internet. If you wanted to speak with someone else, you’d had to pick up the phone or just go visit them. Being social was complex because it involved plenty of travel to meet others. And even when the Internet was born, being social was still something that people did in real life, not behind a computer screen. Still, things slowly changed about 15 years ago, when people started to use the Internet for all kinds of fun things. It also helped that proper internet tools became more popular. (And free!) The increased speed and the change from the 33k6 modem to ADSL or Cable also helped a lot. And now, just one generation further, being social is something we do online, with bits and bytes.

But enough history. And no, I won’t explain what social media are because now, you’re reading stuff I wrote on such a social media website. (Yeah, a Hosted WordPress site, but I could have used Blogger or Tumblr too..) This discussion is about the complexity of all those social media, not their history.

Most people will be familiar with both Twitter and Facebook. On Twitter you post a message that you’ve just pooped and on Facebook you post the picture of the result. And if you’re a professional, you might also post it on LinkedIn, if you’ve pooped during office hours. Since you can connect these three together, you will start to build a practical resource with all kinds of personal information about you online. Twitter will be used to send small but important updates about yourself, your company or your products to every subscriber while Facebook is practical to connect with the consumers at home. But if you’re looking for a new job or need to hire or find some experts, you use LinkedIn for your search.

Search? That reminds me. There’s also Google Plus although not many people use it as a social platform. Still, people like it because you can use your Google Plus account to log in many other websites. (Facebook, LinkedIn and Twitter also support this.) Google also provides email accounts and document management tools, plus plenty of online storage, so it’s a very attractive site to use, even if people still are less social on Google Plus than they are elsewhere.

Yahoo also used to be a great social media center, but the competition with other sites has lessened its influence considerably. Many things that Yahoo offers is also available on other sites. Yahoo also used to be great with their email services until they decided to drop support for email through POP/SMTP, just when Google decided to start increasing their email services. By doing so, Yahoo lost much if it’s influence and never really managed to get some back, although their photo-service Flickr still holds plenty of value. (But here too, the competition becomes murderous.)

Pinterest, for example, can also be used to share photo’s with others, although Pinterest is mostly used to share pictures from others, to promote those people. Basically, it’s a site for fans. DeviantArt is a bigger challenge for Flickr and has a huge amount of graphics. Especially cartoons and CGI next to pictures. But DeviantArt is missing an easy way to connect your other social media to your DeviantArt account.

So Behance is another interesting photo site where you can build your gallery and, more importantly, allow people to contact you and offer you jobs and other career opportunities. It also connects better with other social media and if it was free, it would definitely kill Flickr. Unfortunately, the free version has limitations and the commercial version is a bit expensive if you just want to share a bit of your work. Or maybe you’d prefer Bitpine.

Then again, if you’re into the art of images and photo’s, you might like to try to make some profit by selling merchandise. Cafepress is known for this and allows you to upload pictures and put it on all kinds of things, including the cape for your dog or panties for your girlfriend. There are plenty of other sites that allow simpler merchandise like t-shirts but Cafepress just has a huge collection of things you don’t need but which still look nice with your picture on them.

There are more social media sites, of course. Including sites that will combine all your social media sites into a single reference for all your friends to know where you hang around. About.me will combine your bio, your résumé and all kinds of social media connections. Mine tends to have plenty of connections. Connect.me is also practical to connect with other people and allows you to build up your online reputation. TrustCloud is another medium that links people you know to your account. (Or mine.) Or go to Visify and tell others how active you are online.

An oldie is Reddit which is more like an online forum. However, it has so many users that all discussions go very fast. Vimeo can be used to share videos, just like YouTube. Or use GitHub if you’re a software developer and want to share your code with others. Or Society3 for those who need social media for their marketing strategies. Or, the simples one: FourSquare, where you can tell where you are and where you went.

Well, I’ve mentioned plenty of social media sites and it’s all great to share your personal information with the World and get your 15 minutes of fame. And they all connect to one another, often via ID providers from Google, Facebook, Twitter or LinkedIn and lately also from Adobe. (Although Adobe is mostly using its ID provider to have others connect to the Creative Cloud.) If you’re connected to even a third of these sites, then there’s a lot of information about you online. And this is where it starts to become creepy and dangerous.

First of all, the amount of personal information that people share is huge. The joke I started with that people tell others on Twitter that they’ve just pooped isn’t just a joke. It happens! But when people are on a holiday, they also tend to use Twitter, FourSquare and TwitPic to tell the World where they are. With more information on Facebook, thieves can try to find where those people live and rob those empty homes. They might also check LinkedIn to see if someone might have some interesting stuff at home. For example, a CEO of a company who’s on holiday in Italy is a more interesting target than a teacher visiting his aunt in Almelo. And this is just a few different media that can be abused by others without the need to hack anything.

So beware of your privacy and avoid sharing sensitive information online. Or at least be less interesting than the other online people.

But getting robbed is just one risk. You can protect your home, make sure there’s at least one person there when you’re on holiday. The problem is that all these media are connected to one another. And in general, you have given them permission to combine their information. And systems are as strong as their weakest links.

Take, for example, Facebook. Many websites use your Facebook ID to let you log in to those websites. Thus, if someone hacks your Facebook account, they also have access to those other websites. And if one of those sites has your credit card information, your bank account information or your PayPal information. They might not even need this information to make purchases in your name, simply because those connected sites remember this internally. I checked which all I use that are connected to Facebook and it turns out that I’m connected with over a hundred other websites! I know a few friends of mine have an average of around 40 other sites connected to their Facebook account and it’s easy to increase that number since plenty of sites want to connect to Facebook.

Fortunately, I have created several websites that connect to Facebook so several of those connected apps are actually my own sites. Still, it’s a lot. It means that you have to be aware that anyone who hacks my Facebook account will be able to use these other sites. What they can do on those sites depends on how those other sites have implemented their security. And the same applies with apps connected to Google Plus, Twitter or LinkedIn.

If you use Flickr or Yahoo then you might have connected that account with Facebook or Google Plus. Since Yahoo is used as ID provider for even more websites, you can see a complete chain fall down once your Facebook account is taken over. This makes Yahoo less reliable than the others. With Facebook, Twitter, LinkedIn and Google you can try to add more security. For example, only copy the ID key from the provider plus the email address and force the user to generate a new password for your site. Thus, if Facebook is hacked, they still need a password for your site.

Which causes another problem. When people have a few dozens of social media accounts, they start having troubles remembering all the passwords. I use an email alias for every site. Websites tend to allow visitors to log in with email address and password so I can use the same password for many sites, because the user email address is different for every site. (I still use different passwords too, though.) Most people just use the same address and password for many sites, though. And that’s a big risk, because if one of the sites is hacked, the hackers will be able to use that information for all the other sites.

The bigger websites do have a proper security. At least, that’s what most people think. However, both Adobe and LinkedIn have had some serious trouble with their user databases and users of both websites have received a notice in the past urging them to change their password immediately, because of the hacks. And these were just the bigger sites who dared to publicly admit they’ve been hacked. Smaller social media sites can be a bigger risk if their security isn’t strong enough. Which is why it’s actually better that they use ID providers from the bigger sites instead of implementing their own systems.

Developers often ignore security, thinking that what they’re making isn’t very interesting for hackers. But I can’t say it often enough and remind people that social media are just chained together. One weak link exposes all.

When you want to build your own social media website then be very aware of the security. Don’t build your own version unless you have an expert in your team. And even then have the code audited by another expert. Since social media chain together, a weak link in this chain will take it all down. Which reminds me of this xkcd comic:

xkcd

When you create your own ID provider, you’re just adding to the competing standards that already exist. What would make your system better than those others? Your site will be more secure by using an existing provider but if that provider has a weakness, your site will fall too unless you require more information.

My suggestion would be that people should be able to log in using Google Plus, Facebook, Twitter or LinkedIn but combine it with some extra security. You know, for example, the IP address from the visitor thus you can remember it. As long as it’s the same as in your history, it’s unlikely that the account is hacked. Once it changes, you should ask for one more extra piece of information like a separate password. The visitor should know this, since he might have had to enter it during registration.

Another option would be by asking the visitor for his mobile phone number during registration so you can send an SMS message as part of the authentication process. Thus, if a user is using a different computer, you can send an SMS with a security code. The user will have to enter that code and then you know you can trust that system. Add it to the list of trusted computers for this user and you can keep the visitor safe. (Microsoft is doing something like this with Windows Live.)

So, a long story just to start a discussion about the best way to secure social media, reminding everyone that there are actually a lot of sites chained together through all of this.

One more spammer: Adobe!

Posted on 2014/01/13 by W.A. ten Brink

I like to use email aliases for every online subscription and registration I have to fill out. I like this because it allows me to recognise if companies are going to spam me or not. I also make sure that any checkbox for extra mails that is checked will be unchecked. Unfortunately, not all companies care about that.

One of them is Adobe, well-known from it’s PFD reader but I also happen to use Adobe Lightroom, which requires an online registration. Which I had to fill in, else I would not be able to use the software properly. Okay, so I did. And I used an alias.

Today, I received an unreadable email because the images inside are blocked by my mail reader. They seem to have given or sold my address to kieseentablet.nl who likes to spam many people with all kinds of garbage. I think they’re trying to sell me a DVD box in this message, but I’m not sure and don’t want to know. Viewing those images would mean that my mail reader has to contact their servers with a special code, and that code will validate my address.

I have reported it to SpamKlacht and I hope they will take action against this spammer and against Adobe. Adobe is just as guilty for not keeping my address safe. They violated my privacy by sharing that address with others.

I will show the headers of this email, though. And I hope most spam-filters will pick this up and add this spammer to the blacklist. They should blacklist Adobe too, in my opinion, because this pisses me off! I expect some small internet-companies will leak my address but Adobe is supposed to be a serious, big international company. They just don’t care about their customers, that is clear…

Delivered-To: xxxxxxxx@xxxxxxxx
Received: by 10.50.173.36 with SMTP id bh4csp113728igc;
        Mon, 13 Jan 2014 00:38:24 -0800 (PST)
X-Received: by 10.194.104.66 with SMTP id gc2mr1505781wjb.75.1389602303789;
        Mon, 13 Jan 2014 00:38:23 -0800 (PST)
Return-Path: <bnc-24-data_sendout_1389545845_715_57-74@bounce.kieseentablet.nl>
Received: from mta2.parfumvandaag-mail.nl (mta2.parfumvandaag-mail.nl. [178.32.7.217])
        by mx.google.com with ESMTP id md15si7043232wic.62.2014.01.13.00.38.23
        for <xxxxxxxx@xxxxxxxx>;
        Mon, 13 Jan 2014 00:38:23 -0800 (PST)
Received-SPF: pass (google.com: domain of bnc-24-data_sendout_1389545845_715_57-74@bounce.kieseentablet.nl designates 178.32.7.217 as permitted sender) client-ip=178.32.7.217;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of bnc-24-data_sendout_1389545845_715_57-74@bounce.kieseentablet.nl designates 178.32.7.217 as permitted sender) smtp.mail=bnc-24-data_sendout_1389545845_715_57-74@bounce.kieseentablet.nl;
       dkim=pass header.i=@kieseentablet.nl;
       dmarc=pass (p=REJECT dis=NONE) header.from=kieseentablet.nl
Received: from localhost (localhost [127.0.0.1])
    by mta2.parfumvandaag-mail.nl (Postfix) with ESMTP id 16895163B348
    for <xxxxxxxx@xxxxxxxx>; Mon, 13 Jan 2014 09:38:23 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=kieseentablet.nl;
    s=default; t=1389602303; bh=Z5MpxKWITtojtkQ1ghnUMKSgLY4=;
    h=From:Reply-To:Subject:List-Unsubscribe:To:Date;
    b=o30KntUOp1TaT2j506DJmyK7Ak0hC2iWnPtEk+hDr6apIyYZyP3C1km805OO9c0Tb
     XnmzMnoyYn4XjgiFCStU2qKXZurqGGnr5dy2+J0b62I1dyHSISEVwvb2rfYW+3KRrX
     /dlIBtWM5mxPu7pencyad+BB8b9N+1coafAi6J/8=
MIME-Version: 1.0
Content-Type: multipart/alternative;
 boundary="=_cc78254c8040f1935d8f257c8e3ed1ee"
From: "Welkomstgeschenken Kies een Tablet" <nieuwsbrief@kieseentablet.nl>
Reply-To: leden@kieseentablet.nl
Subject: U ontvangt de complete Penoza DVD box
List-Unsubscribe: ,<mailto:unsubscribe_data_sendout_29865@bounce.kieseentablet.nl?subject=unsubscribe_29865>
X-Slip-uID: 2011425
X-Slip-active: N
X-BeverlyMail-Recipient: xxxxxxxx@xxxxxxxx
To: xxxxxxxx@xxxxxxxx
Date: Mon, 13 Jan 2014 08:38:23 +0000
X-BeverlyMail-MTA: 74
Message-ID: <1389602303-567845345AB@kieseentablet.nl>

2014…

Posted on 2013/12/31 by W.A. ten Brink

And thus ends the year 2013. A year that held a lot of changes for me. My former employer had financial problems resulting in me and a few colleagues becoming former employees. I’ve had an accident in which I injured my back which is still troubling me. My previous computer started having troubles and the hard disk crashed.

But also some good news. I bought an iPad, I bought a new, expensive laptop from Alienware. And I replaced my desktop with an expensive Alienware laptop.

I found a new job but unfortunately my back caused too much trouble so I had to quit again. For now, I just have to wait until my back is healed again.

I started fitness, to train the muscles in my back and I managed to lose some weight. I’ve changed my diet and am drinking more water and much less cola.

I’m walking more with my dogs, have started to read some books and am studying some interesting topics. I’m spending more time on electronics too just to expand my knowledge and to better understand what it is when I’m writing code. Because code is still abstract while the electrons moving through hardware is the real, physical world.

Amazing how electrons translate the keys I press on my keyboard into letters on the screen. It seems so simple but I’m starting to become awed by the whole complexity behind it all. I always knew it involved quite a few parts but I start to realize how many parts are actually involved in this all.

I’ve created more artwork in Poser and Vue and I have to say that my skills are improving. Still not very good but I’m happy enough about it all. Still, when looking at the images I’ve created this year I have to admit it’s less than earlier years. Better quality, higher resolutions, but less images. And the amount of clothes in my art also went down.

I’ve done a few new things, quit a few other things and when I look back, I realize that this has been a very busy year for me.

And now I wonder what next year will bring. Next year, which happens to be about 15 minutes in the future. There’s one thing I do know, listening to all the fireworks outside… It will start with a bang…

To all who read this:

Happy New Year!

2013 in review

Posted on 2013/12/31 by W.A. ten Brink

The WordPress.com stats helper monkeys prepared a 2013 annual report for this blog.

Here’s an excerpt:

A New York City subway train holds 1,200 people. This blog was viewed about 6,000 times in 2013. If it were a NYC subway train, it would take about 5 trips to carry that many people.

Click here to see the complete report.

One week of spam…

Posted on 2013/10/10 by W.A. ten Brink

Yesterday, I posted about comment spam in blogs. Today, I’m going to mention a few topics of spam messages I’ve received in just one week. Ti begin, I’ve received an email from the “Microsoft Partner Awareness Team” who doesn’t seem to have a Microsoft mail account but some address in Nicaragua. The topic is “Confirm Receipt” and in it they tell me that they celebrate some 30th anniversary and as a result, this team is giving away £1,864,000.00GBP to six lucky recipients. And I’m one of them and need to reply with name, address, telephone number, email address and nationality. A nice example of phishing.

Next, a message about Canadian Pharmacy Online, where I don’t need prescriptions. Well, I don’t need these drugs either.

And a message from “WhatsApp Messaging Service” notifying me about a new voicemail, even though I don’t have a WhatsApp account for this specific email address. Since the sender is from Russia, I’m not interested in listening. Even though they’ve sent me this message twice…

The next one is a very good one, since it’s from the Google+ Team and uses mail-noreply@googlemail.com as address. Seems legit, doesn’t it? Too bad Google Mail happens to be the same as GMail, so the spammer is using this free service to pretend to be Google. The attached PDF promises £ 950.000 to me as an award and all I have to do is fill in a form with name, address, telephone number, nationality, birth date, gender, occupation and email address. Definitely phishing!

Of course, most phishing emails will promise huge rewards to people, as the one I’ve received from Italy. Some investors have 375 million euro which they want to give away. These huge amounts just make it very clear it’s just fake.

Then some more pharmacy messages and other offers for all kinds of medicines and certain ‘blue pills’. Of course, this kind of spam is also very popular, apparently because one in a million people still decide to buy their drugs this way…

But there are more ways than offering money or selling drugs. I also received a spam message with a pretty woman in bikini. Her name is Valeriya and she lives in Russia and is rather shy at first. And she wants to be pen pals with me. Oh, my… Dating spam! Another trick to get people to offer personal details or even to trick them into sending money to this pretty girl. Or maybe just a fat guy who pretends to be a pretty girl, since that’s more common. Still, even if this girl was real, chances are that she’s just out to steal your wallet and everything else you have. By the way, Irina also wants to chat with me. She enjoys hiking and pottery.

Then an email in the German language offering me a method to win at roulette in some online casinos. Ah, the old gambling site spam. Fits with the other spam message which is written in Dutch and offers me a chance to win the jackpot. They even promise me 100 euro as a bonus when I subscribe. Or the one where they’ll give me 20 free lottery tickets while they claim I’ve officially subscribed to their mailing lists in the past. (Which I never did, since the specific account that received the spam isn’t used to subscribe to anything.)

Then some message which advises me which stocks I should buy on the stock market, since they’re about to become valuable. Sure, for the person who is selling them right now! If plenty of people start bidding, the price will go up from nearly worthless to a few pennies per stock. If they then manage to sell a million stocks, it’s easy money with a huge profit, in a way that’s mostly legal.

And sometimes you receive an email that looks just a bit gibberish, yet makes you curious. People tend to reply to those kinds of messages, asking the sender what’s going on here and what they meant by this message. And thus they confirm their email address is correct. And since many people add a signature to their emails, the sender will get to know a bit more about the recipient. If the recipient happens to work for some company and the company adds signatures, then the spammer might have enough information to pretend he’s that employee!

The emails from “USA TODAY News” are also interesting. Sent from an outlook.com address, it provides me information about losing weight. Apparently I’ve subscribed to their newsletter too (NOT!) and I can unsubscribe and thus confirm the correctness of my email address. Strangely enough, the unsubscribe link points to a Russian website. USA Today seems to be in Russia?

In short, I have three email accounts on my domain and an infinite number of aliases on my domain and a few other domains. I also have two old GMail accounts that I barely use but in total, I receive about 20 spam messages per day over all accounts, which Google nicely detects and filters for me. They’re annoying but Google takes much of the annoyance away. Handy, because I also receive about 60 to 100 legitimate emails per day, mostly from mailing lists.

All these spam messages were easily detected by Google and you can wonder if spam is really as profitable as it seems. But it’s the magic of big numbers that’s in the favor of spammers. If they’re sending one million messages, and only one percent reads the message then it’s still read by ten thousand people. If only one percent of those are responding with some information then they’ve collected the information of 100 people. And if one percent of those fall for their traps and the spammers earns a few thousands of euro’s then they’ve probably made a nice profit.

Basically, people should not respond to spam. They should recognise what spam looks like, which is why I’ve written this post. Do not even open spam just to check the contents since your mail reader might already offer spammers with some information. I am a trained professional and I know what I’m doing when I check spam. My browser is set up in a secure way, my antivirus software is always up-to-date and I am really careful with spam messages and I avoid mail readers that might send information back to the sender. Then again, I have more than 20 years of experience dealing with malware, viruses and spam. Don’t expect that you can do that even someone with 20 years of experience tries to avoid! Because I think education is important but I would have preferred to throw away all those messages without even a single look!

And another stupid spammer…

Posted on 2013/10/09 by W.A. ten Brink

Many people complain about all the spam in their mailboxes but when you’re running a blog, forum or even a simple contact page where visitors can leave messages, you can still receive spam in some other forms. With Facebook and Twitter, for example, you might get invitations by people you don’t even know. With LinkedIn, this is a bit more difficult but it still has people attempting to connect to you so they can make all kinds of “interesting” offers to you.

But today I’ve received a comment spam on my post called “Dealing with deadlines” and it started like this:

{I have|I’ve} been {surfing|browsing} online more than {three|3|2|4} hours today,
yet I never found any interesting article like yours.
{It’s|It is} pretty worth enough for me. {In
my opinion|Personally|In my view},if all {webmasters|site owners|website owners|web
owners} and bloggers made good content as you did, the {internet|net|web} will be {much more|a
lot more} useful than ever before.|
I {couldn’t|could not} {resist|refrain from} commenting.
{Very well|Perfectly|Well|Exceptionally well} written!|
{I will|I’ll} {right away|immediately} {take hold of|grab|clutch|grasp|seize|snatch} your {rss|rssfeed} as I {can not|can’t} {in finding|find|to find}
your {email|e-mail} subscription {link|hyperlink} or {newsletter|e-newsletter} service.
Do {you have|you’ve} any? {Please|Kindly} {allow|permit|let} me {realize|recognize|understand|recognise|know}
{so that|in order that} I {may just|may|could} subscribe.

Well, that’s an interesting comment. (Full text here…) Basically, this is a script file that’s used by spammers to create random comments for blogs and forums. And normally, spammers will just use a selection of words and sentences from these script files to generate something a visitor might have written. And the many variants make it harder to detect as spam. Unless you’re giving the master script, of course, like this stupid spammer has done.

If I would allow this message, someone with a Canadian IP address (142.4.208.160) would be able to add more comment spams on my blog and might even flood fill it with spam, once they got their first approval. Of course, the spammer also used an email account (augustuscolangelo@freenet.de) from the German provider called Freenet and they have been used many times by spammers. They’ve taken steps to prevent spammers to send mass emails but that doesn’t stop spammers from doing comment spams like this one.

Also interesting is the fact that the spammer added a link to foot-en-direct-gratuit.sixsigmadss.com (Links to main site, not the spammers blog) which happens to be some blog on the site of an Indian company called “Six Sigma”. I wonder if this company even knows about this blog, that’s written in French. I guess they don’t know about it, but that their DNS information has been hijacked. Or maybe their servers are hacked.

So, what I like to do is visit RobTex to collect more information about what I’ve found. So far, it’s an interesting international spammer. Mail in Germany, spamming from Canada with a web server that’s owned by a company in India. RobTex tells me the shared host they use for the site is Enzu in the USA, which provides cloud services and more. They also use the DNS services of GoDaddy which does confuse me a bit. Why not use the DNS servers of Enzu?

Well, some further research tells me why. While Six Sigma uses GoDaddy as their host, the spammers have instead used Enzu to create their own website, which makes them appear legitimate. They’ve also moved the regular site to Enzu, and are probably redirecting visitors from there to the original website. (Or Six Sigma is supporting the spammer, which is also an option. I just don’t want to accuse them of this crime.) When I visit the Six Sigma website, it does seem as if someone has taken over control over their site. Much of it looks disabled, as if the hacker is just misusing the site for their own purposes. It looks like it’s been taken over two days ago by the hacker, yet they did not detect the hack at this moment. I hope they will be able to fix this fast, though.

Of course, there’s an even bigger risk here. Since the spammer seems to have hijacked their home site, he can play a man-in-the-middle attack. Every customer of them who enters their credentials to log in will tell this hacker about their credentials too. This is a serious thing. Spammers are often trying to do more than just send spam. They will try to collect more information to allow them to hack even more accounts.

There are a few things here that worry me. First of all, this Indian company that doesn’t seem to realize their site is hacked. Also, GoDaddy, who is supposed to be their host, isn’t hosting their main site. Also, Enzu doesn’t seem to realize that they’re hosting a site for an Indian company that uses the French language for a blog that seems filled with random articles from French/Canadian news sites. You could wonder if hosting companies should be able to check if strange things are happening to the accounts of their customers.

Yeah, I think you can blame hosting companies for all the spam on the Internet, simply because they’re not pro-active when suspicious changes are made to the accounts of their clients. If hosting companies take more care in selecting their clients, validating any account changes and don’t even tell their customers when their accounts seem to be hacked, then spam will just continue to cause problems.

Continue reading →

Dealing with deadlines…

Posted on 2013/10/07 by W.A. ten Brink

I’ve worked on many projects and all of them had deadlines. And like any other developer, I consider deadlines very annoying as they get closer and closer, forcing me to work more and procrastinate less. The result tends to be an uneven workload, since things are reasonable quiet when the deadline is in two months and extremely busy when the deadline is at the end of this week, and it’s already Wednesday. Deadlines can be especially nasty if someone estimated a task to take three weeks while it turns out to be two months worth of work. Or worse, it’s two weeks of work, but other tasks in the same period also expand to two weeks work. Thus, if you have 5 tasks that each take two weeks, and you have three weeks in total, then you’re doomed before you can even start…
But while deadlines are Evil, we just can’t work without them. At least, as long as we want to receive our paychecks, we can’t do without them. Why? Because to create a project or to upgrade an existing one, an X amount of money is reserved to cover all development costs. The final deadline is calculated based on the amount of money that is invested in the project, minus the amounts of money that those paychecks will cost. (Plus many other costs…) Once this deadline swooshes by, the product will have to generate revenue so new projects can be started. Else, the end of the deadline will probably mean your paychecks will stop too. So, it’s important to finish within those deadlines.
I can’t help thinking about the Cathedral and the Bazaar, an essay describing the differences between open-source and closed-source. It fits the area of deadlines too, since bazaars are built by people who feel inspired to build just a small piece of something large. And when they leave, others can take over. As a result, thousands of people can work on building the Bazaar and while the final result might be chaotic because of all the style and color differences, it’s also something that’s build quickly and without any deadlines, simply because others will fill in the spaces of those who don’t make it in time. Then again, many people working on those bazaars won’t get a paycheck, just some recognition of being part of a larger community.

Building a Cathedral, however, is a very long process which used to take decades or even longer. Things had to be carefully planned and everything needed to be finished in time, because other parts need to be built on top of the first parts. Not making the deadline often means it would take longer for the cathedral to be finally finished. Fortunately, most Cathedrals had near-infinite funds because people knew it would take decades to finish even before they started building. Thus, they would find investors to start things up by donating money in return for promises in the afterlife. Which makes a very wonderful sales argument, by the way. Besides, if for whatever reason the construction of a Cathedral could not continue, people would change the build plans or re-use whatever had been built for something else. Here, deadlines matter but because the financial resources were almost infinite, there was never a real, final deadline.

Unfortunately, software developers generally want to be paid and don’t have infinite resources. Thus, we have to deal with final deadlines far more often. Which is why development methods have been created to make sure that there’s at least something finished at the end of a deadline.

When I was young, I’ve learned a technique called SDM, which is based on the seven stages of action. This method is often referred to as a waterfall method and is often considered outdated because people today expect software development to be “rapid”. In SDM, each stage could take a few weeks to finish and only in the 5th stage you would have some real code that would do something. Then the 6th stage would start all kinds of tests and if those tests failed, you would have to go back to stage 5. And if there was a design flaw, you might even have to go back to stages 4 or 3. Thus, it could easily take months before a company would see some results.

A modern approach is called Agile and basically it’s different from the old-fashioned waterfall technique because now you’re dealing with dozens of small waterfalls instead of one big one. And every waterfall has its own final deadline. A moment when you have to stop working on it simply because you’re out of resources. Unfortunately, if agile methods aren’t implemented correctly, they tend to fail quite hard and you will miss plenty of deadlines. This is mainly because these methods are created to generate results fast, even though the results themselves are small.

When done correctly, Agile will start to generate a very small project that has almost no functionality and isn’t much to look at. As time passes, more and more functionality will be added, which is possible because customers start paying for the product. (Or other forms of income are generated.) These customers will make extra demands and by using agile methods, the developers make the product comply to those demands within a reasonable amount of time.

But Agile will go wrong if developers start writing code too early or when management fail to estimate how long certain tasks will take. Worse, unlike the old SDM Waterfall method, the developers have no idea what the product should look like in two years. With SDM, they will. It’s just that with SDM you won’t have a product before this time, while agile methods will allow you to get customers involved in an early stage.

Agile methods also have another advantage. You are allowed to miss some of the deadlines, which just means some functionality won’t be implemented. So your project will e.g. miss functionality to export to Excel. It’s not that big of a deal, since you can always decide to try again after some time. But before you can do that, you will have to build up your resources again and analyze what went wrong. With the SDM methods, you might discover that exporting to Excel isn’t possible for whatever reason, thus you might have to go back a couple of stages to redesign this part. And going back means the whole project will be delayed longer.

So, let’s look at several scenarios with deadlines in them…

The deadline was yesterday.

Well, too bad. The project has failed. If you used SDM then start looking for another job since your company will most likely run out of its resources. Of course, there’s still a chance that they find some more investors thus the deadline might get extended. If that’s the case, the deadline just wasn’t final.

If you used agile methods then your product will be missing a feature. This is less costly and maybe you can keep your job but this is also the moment when people have to analyze what went wrong. Too much procrastination? Bad management? Bad planning? Or just too many surprises and unexpected events?

I have seen how a scrum sprint of three weeks contained work for 4 developers. Each of them would have to work at least 32 hours per week. Unfortunately, it was planned during the holiday season around Christmas, and two of the developers had taken two weeks off. One three weeks and the last one would be available most of the time. Management knew about this all months before the sprint would start so it was already doomed before it started. To make it worse, the developers would still try to get a lot of work done, thus coding started without much thought of any logical design and the code just became a bigger mess than it was before. Bad planning because of bad management that results in bad code. This can haunt the future of the project since the next sprints are unlikely to contain tasks to fix the problems that occurred during this period.

When you’re not finished at the end of the deadline, it’s important to analyze why it failed and if there’s anything usable produced which could help to redo this sprint. The code needs to be frozen and put on a sidetrack (a separate branch in your source control system) because the next sprints will have to be done. In the worst case, the other sprints are depending on the thing you were supposed to build, thus you must restart it all over again, causing an extra delay for the final delivery of the product.

The deadline is at the end of this week, and its Wednesday.

If you’re using SDM methodology, this will mean a certain doom, unless the product is finished and the testers can test it within the remaining days and don’t discover any bug. I have better luck with the horse races when I bet on the three-legged horse, but okay… It could happen. You can also try to deliver an untested product to your customers, which happens often enough. It’s a gamble but it might give you a chance to get more resources which will allow you to fix anything your customers find. Then again, if the bugs are really nasty, customers might claim their money back and might even sue for damages caused by your product.

When you’re using agile methodology then this means this sprint will be the last one so you should start working on fixing any major bugs and forget about adding new features. Disable and hide anything that isn’t implemented and if you can’t fix certain bugs in the last days, consider the possibility of hiding the options that cause the bug. Your customers are waiting and you’re now in damage control mode.

However, if you used the agile methods correctly, most of the features that are supposed to be in the product are available. Most bugs have been fixed already as part of earlier sprints. Most functionality should be available, even if you were forced to skip a few sprints. Just remember that this is not the moment to add some new functions. Quite the opposite! This is the moment to disable all that’s not working!

The deadline is over two weeks.

If you use SDM methods then you should be in the last stage, which is called ‘Implementation’. Basically, this is the final test phase of the whole project and things should work just fine. If bugs are encountered, they should be small and you should just test to see if the project is doing what it’s expected to do. Minor bugs can still be fixed or even ignored but any changes of the code should have a very minor impact. If you do find severe bugs, you will have to go back one stage, which will cause you to see the deadline pass by before you have a final product. But you will have a chance to fix those bugs and deliver the product with those fixes untested. Hopefully, those fixes didn’t cause new bugs. If they do, angry customers will tell you about them!

Agile methodology will have sprints of two or three weeks so this is your final sprint. You should not be adding new features at this moment because they might add new bugs. Those new bugs are normally fixed during the next sprint, but this one happens to be the last. The final sprint is better used to fix the most serious problems and have them tested so you know the final product will be okay to deliver to your customers.

All projects will have bugs so don’t be afraid if your product has a few. The deadline is there to show when you run out of resources and by delivering the product, you can gain some new resources. If you used agile methods correctly, most bugs will be minor and you will have added plenty of new functionality to please your customers.

The deadline is the next month.

Using SDM methods, this means that you will move from ‘Realization’ towards ‘Implementation’ thus if some features are still missing, then you’d better consider if those are really needed. This time will tell you if the design that you created during the first stages are good enough for the final product. Worst-case scenario? A design flaw, causing you to go back at least 3 or more stages. Still, at this moment you can consider moving to agile methods and fix things within one or two sprints.
When you’re using agile, you can consider adding a few minor functions to the product and you should start testing in an environment that resembles that of your customers. Don’t try to come up with new things and keep the developers available so they can quickly fix things before the final deadline.

I’ve seen the error of companies who decided to let developers work on the next sprint which would be part of the next version of the product. This is not a good idea because if something goes seriously wrong in the current development versions, those developers will have to switch back to the code base from before the new development. Worse, that new sprint will most likely fail too because those developers can’t work on it. Do keep in mind that resources will stop when you’re passed the deadline and your product isn’t ready to be delivered.

Of course, many companies will have some reserves that will allow them to delay things a bit more, but customers will be unhappy about this, too. They expected a product at the end of the month and now learn that they might have to wait another two to four weeks, at least.

The deadline is within a half-year.

Well, with this much time you can start making careful planning and do a few designs and exchange ideas before you start developing. If you’re starting something new then it might even be a good idea to use SDM methodologies with a deadline set at three months in the future. While it’s a single waterfall, it’s very likely that you want to start the project with a good base of functions. It’s no use if you have a product within a month that allows users to just enter a bunch of data without any other functionality, and with a crappy GUI. Besides, if you do manage to create a working product from scratch within two scrum sprints, then what’s the difference with the old-fashioned waterfall way anyways? Okay, you’ve had two smaller waterfalls. Most likely it won’t be enough to appease your customers because it’s a product that still leaves a lot to desire.

Still, agile methods would also work fine, because those customers can start adding their desires to the final design. You would have to start small and have a way for your customers to offer lots of comments. It won’t really be your product because your customers will dictate some of its functionality. Then again, that’s how agile methods work. They offer customers an early peek view and allows them to become part of the process.

Which also tends to cause problems with agile, because an important customer might ask for functionality that’s complex and takes long to deliver. To keep this customer, you would have to add this, but your other customers might prefer that you start with other features first. Management will have to read through all those demands and will have to decide which ones can be done before the final deadline, and which ones are for the next version.

Do keep in mind that I don’t mean the end of a sprint with ‘final deadline’. The final deadline is when you will have to deliver something to your customers because you’re running out of resources.

With SDM, you can still show a design to your customers and ask if they have any more comments. You can continue with these design stages until you reach the ‘Realization’ part. At that point, you should have enough information about what you want to build, what the project should look like, what your customers are expecting and you will be able to divide the remaining work into short sprints for the next three months. Up until that moment, you would have more need of your designers while your developers can just be procrastinating or whatever. But once you start to realize things, using sprints will at least make sure that you will reach part of your final goals.

Agile tends to fail also because of a lack of vision. You can start with a small project, then listen to the desires of your customers and add more functionality. But sometimes you want to create something big, like a CRM product for supermarkets. Sure, you could start small with a simple CRM product, but then it’s likely that those big customers aren’t interested and you’ll end up with lots of small fishes with lots of small desires. Still, plenty of small fish will offer enough resources, as long as you can keep them nibbling on your bait.

Stuff on my desk…

Posted on 2013/09/19 by W.A. ten Brink

Well, I’m a software Developer, specializing in back-end code and proficient in Delphi, C#, C++, ASP.NET, XML-based technologies, HTML and a bunch more. And my back injury still isn’t over so I have to take it easy. So, here’s my “playroom” for my daily exercises. 🙂

So, what does a Software Developer have on his desk?

A document holder, attached to my desk. Very practical.
Yes, it’s a whiteboard! With lots of magnets to hold important notes and a lot of writings of upcoming appointments.
An Einstein action figure! Why? Because I’m a Nerd, that’s why!
My Alienware Desktop with 32 GB RAM and 6 cores.
Main monitor with 1920×1200 resolution, which I can also use to watch television.
My Alienware Laptop. Yes, it fits on my desk, nicely on top of a cooler.
My second monitor with 1920×1200 resolution. And some artwork of mine visible.
Those are books. For all you young ones, those are the analog eBooks that people used in the past. Some people still use them.
A mini-tripod for my camera.
A landline phone. Wireless, of course. (Oh, the irony…)
My Android tablet below a piece of cloth that covers my desktop when it’s not used.
A HP Laserjet 100 color MFP, which I use to print, copy and scan occasionally.
My mobile phone in a phone holder.
A simple standard to keep all the little things from my desk. Also puts my monitor more at eye-level. I have two of those.
A bottle of water. Behind it, you can see my Pebble watch, an iPod, an iPad and a Windows 8 RT tablet plus a Bluetooth keyboard.
A stack of external hard disks. Remember to back up often!
A pen holder for those office supplies most people just steal from work. (But I bought these!)

On my desk there’s another watch somewhere. Plus some 3D glasses for the 3D display of my laptop. You can also find a mirror, an external DVD burner that supports Lightscribe, a calculator, a ruler, lots and lots of cables, my digital camera, a dashboard camera, a bar code scanner, dental floss, pens, some extra hardware, a fish eye camera, a remote control for the light because I’m too lazy to stand up, a remote control for my left monitor, which is also a television and finally: plastic chopsticks! Why chopsticks? Because if you eat chips with your fingers, your fingers become greasy and crumbs will disappear in your keyboard. Chopsticks keep my fingers clean.

Wim ten Brink

Software engineering and CGI art

Author Archives: W.A. ten Brink