While most of the time I simply skip / delete any malicious content encountered, from time to time I do some quick investigation on items which peak my interest. For example the following comment was posted on a friends blog:
You make a good point, and it is one I often make about encryption. There are just too many standards out there for any smooth communication to occur. I think there are some companies who are getting it right with their approach to malware, but many malware just can’t seem to get their fundamentals down.
I didn’t remove the links, since they point to complete benign sites (sophos.com and kaspersky.com). Mike’s profile is private, but a quick search shows many other spammy comments. Unfortunately there doesn’t seem to be a way to report individual Blogger users as spammers, just actual blogs.
BTW. the same comment spam seems to have hit at least one other security blog. From the screenshot it seems that the spammer also uses the Blogger name MikeFrizzi, which seems to be linked to a real person, but then again, it is quite easy to create realistically looking “shadow identities” for people by scraping other websites.
This is as much as a quick search revealed and I would like to leave you with the following thoughts:
- Do comment moderation, at least retroactively if not proactively (small plug: I do moderate comments, but for the ones I approve the username links are without the nofollow tag – as per the u comment, i follow “ethos”)
- There is very little certainty on the Internet. Just because someone claims to be somebody (like the MikeFrizzi profile), it doesn’t mean he actually is that person.
- Also, the link between spam and the actual company being promoted is hard to prove. I don’t think that Sophos or Kaspersky were spamming here directly, but I do think it’s possible that some remotely connected company (ie. something along the lines of “a company hired by the outsourced marketing department”) did in fact employ such dubious (and useless, since in Blogger all the links in comments are “nofollow’ed”) techniques.
- Or, it may be, that some blackhats want to give the impression that these companies are spamming to erode their credibility…
Update: Sophos confirmed that it was a run-amok “marketing” company hired by them who posted the spam.
Picture taken from madmarv00’s photostream with permission.
]]>
I’m happy to announce that I’m one of two “spam killers” on the Software Engineering radio website. Spam was starting to run rampant on their site, so they asked for help and I responded. It is so simple to donate your time to a worthy cause. You to can do it, it takes just a couple of minutes per day!
PS: If you are interested in software development / design, this is definitely a podcast you should give a listen.
Picture taken from Manuel_Marin’s photostream with permission.
]]>
Recently I was buying a notebook HDD, and after considering a Samsung SpinPoint model, I’ve looked around the net to see if there were any known issues with the model. So I stumbled upon this page and my blood ran cold. Quote:
One of the most common problems Samsung SpinPoint hard drives experience is burnt cuircuit board(PCB).
…
Samsung hard drives could also suffer from firmware problems.
…
Another quite common symptom Samsung drives experience is clicking/knocking sound.
…
There is one more problem that is typical for all hard drives and Samsung drives particularly: bad sectors.
Is this drive really of such poor quality? Does it really have all these problems? But then I started looking around on their site at they seem to have the same or very similar text for every type of HDD out there. The conclusion: they (Data Cent) are just trying to spam Google and I’m inclined to believe that most of their advice isn’t founded on facts, but rather on a randomized text generator. I for one encourage people not to take their business to such a company.
PS. All the links to them are nofollow, so I’m not giving them any Google love.
Picture taken from barnoid’s photostream with permission.
]]>It is surprising to what kind of effort spammers go to get their links. I would also be curious to know if they used automatic or manual methods to come up with the comment text…
PS. A word of caution to my fellow bloggers: if the poster’s URL looks suspicious, but the text of the comment/question seems legitimate, try doing a search on it, to see if it was lifted from an other site.
]]>]]>Hello Cd-MaN You received the following message from : Doudou1 ([email protected]) At: http://forum.f-secure.com/ From Miss Sussana Boga. Abidjan. Cote d'Ivoire Email :( [email protected]) Hello dear, With profound respect and humble submission, and I beg to state the following few lines for your kind consideration, I hope you will spare some of your valuable minutes to read the following appeal with sympathetic mind. I must confess that it is with great hopes, joy and enthusiasm that I write you this mail which I know and believe by the faith that it must surely find you in good condition of health. My name is Miss Sussana Boga, I am the only Daughter of my late parents Mr. and Mrs Boga Doudou My father was a highly reputable business magnet who operated in the capital of Ivory Coast during his days. It is sad to say that he passed away mysteriously in France during one of his business trips abroad on the 20th May 2007. Though his sudden death was linked or rather suspected to have been masterminded by an uncle of mine who travelled with him at that time, but who knows the truth! My mother died when I was just 6yrs old, and since then my father took me so special. Before the death of my father on May 2007, he called me and informed me that he has the sum of Nine Million, Five Hundred thousand United State Dollars.(USD$9,500,000.00) he deposited in a fix bond account in a private Bank here in Abidjan Cote D'Ivoire.. He told me that he deposited the money in my name, and also gave me all the necessary legal documents regarding to this deposit with the Bank I am just 21 years old and a university undergraduate and really don't know what to do. Now I want an honest partner overseas who I can transfer this money with his assistance and after the transaction I will come and reside permanently in your country till such a time that it will be convenient for me to return back home if I so desire. This is because I have suffered a lot of set backs as a result of incessant political crisis here in Ivory coast. The death of my father actually brought sorrow to my life. I also want to invest the fund under your care because I am ignorant of business world. I am in a sincere desire of your humble assistance in this regards. Your suggestions and ideas will be highly regarded. Now permit me to ask these few questions: 1. Can you honestly help me from your heart? 2. Can I completely trust you? 3. What percentage of the total amount in question will be good for you after the fund has being transferred to your account and I come over to meet you? Please, consider this and get back to me as soon as possible in my private Email: ([email protected]). Immediately I confirm your willingness, I will send to you my Picture and also inform you more details involved in this matter. Regards Miss Sussana Boga.
Preventing Virtual Blight complete with video and slides 
2008: A Significant Year In The Fight Against Illegal Spammers
]]>In his opinion, although we think that claims made by spam is very “out there” and wonder why people keep falling for it, in fact it is no worse that what we see in other media (like TV commercials). On some level I agree, although there certainly seems to be more regulation on TV commercials. For one, almost all of them display a disclaimer of some sorts (the fact that it is unreadable is an other question :-)). Also, in my personal experience, they are more of a “don’t talk about the negative aspects” than an outright lie type (for example omitting the fact that the super-duper vacuum cleaner makes such an infernal noise that you can’t use it).
In the end, people need to learn to keep their expectations in check. If it is too good to be true, it probably isn’t. Technology and legislation can only do so much…
]]>Create SEO-Optimized, Content-Stuffed Websites Instantly With WordPressDirect
Basically they are an other method to “reuse” other people’s writing. Some thoughts:
- People feel instantly defensive and start pondering solutions like partial feeds. That is not the solution however, you can still scrape the websites. The solution that I choose and would recommend others is: (1) make it clear under what license you publish your content (for example this blog is under the CC-BY-SA v3.0 license) (2) use some superkalifragilistic words from time to time in your posts and (3) from time to time search for those words. If you find results, you can complain to the site, their ISP, etc if they violate your license.
- The service uses WordPress in their name, so it is very possible that Automatic will take legal action against them (because WordPress is a trademark of theirs). The most probable outcome of the lawsuit will be a namechange (but the service will remain).
- They sell an outdated version of WordPress (and AFAIK they don’t provide auto updating), so this will mean a lot of hacked WordPress sites (then again, their own site seems to run 2.3.2, so…)
- Although they claim “10,000 installs”, using some search engine foo I was able to find only six with Live search and none with Google or Yahoo. (the searches basically look for wordpress installs with the given combination of plugins, so you might have some false positives). This means that either they are lying or that search engines already filter this crap out.
- Interestingly the WHOIS information seems to be referring to a real person:
Administrative Contact: Bouchrika, Imed 190 Burgess Road Southampton, California SO16 3AY United Kingdom +1.8882401991 Fax --He even got a website and seems to be an (at least somewhat) technical chap. Now, it is not clear if he runs the site or only provided technical background, but either way, it is interesting.