I Dream Of Wires

Posted on 16th September 2008

The following has recently entered my inbox; body copied verbatim:

"Your internet access is going to get suspended

The Internet Service Provider Consorcium was made to protect the rights of software authors, artists. We conduct regular wiretapping on our networks, to monitor criminal acts.

We are aware of your illegal activities on the internet wich were originating from

You can check the report of your activities in the past 6 month that we have attached. We strongly advise you to stop your activities regarding the illegal downloading of copyrighted material of your internet access will be suspended.

ICS Monitoring Team"

Those who receive this, and the attached file, may well be duped into believing that they have been caught out and consequently open the attachement to discover they have now install a dubious artifact on their machine. The Winlogon trojan, which is then installed, may not be want you want hanging around on your system.

I did find it amusing that the creators, working with the scare tactics of the major music industry companies I've previously spoken of, have crafted this social engineering attack to dupe unsuspecting recipients. It effectively means, once people do educate their spam filters, that any future emails from music industry henchmen threatening fines, court appearances and cutting your internet will most likely end up being deleted :) 

As a result it may just mean the dubious threats might finally go away. Mind you with the stocks and share around the world looking rather shaky, I can imagine the media moguls have better things to worry about than those downloading dubious files over BitTorrent.

File Under: humour / internet / music / spam

From Russia Infected

Posted on 6th March 2008

Yesterday MessageLabs got a mentioned on the BBC News site, under the title of Infective Art. The Metro Newspaper in the UK also ran with the story, Cyber crime art revealed.

I'm currently touring the UK with a presentation entitled Understanding Malware, which takes the six types of malware, and using the MessageLabs "Know Your Enemy" campaign images, explains a little more about what they are. The presentation has gone down very well so far and there have been some healthy discussions afterwards, with attendees trying to understand how we can get better at getting rid of malware threats from the inbox. It's unlikely to happen altogether any time soon, but with companies like MessageLabs on the case we are making it harder for the malware to get through.

I shall be taking the presentation to more parts of the UK, so if you have a user group that might be interested, please feel free to get in touch and invite me along. Note that the presentation is not a programming language or operating system talk, and is more about technology and social engineering. I shall be submitting it to LUGRadio Live, YAPC::NA and YAPC::Europe this year, so if I don't make it to your local user group, hopefully you'll be able to make one of those conferences. As an added bonus I also have some freebie giveaways for anyone who can answer the questions during my persentation, courtesy of MessageLabs :)

File Under: computers / internet / malware / security / spam / technology

Do You Remember Rock 'n' Roll Radio?

Posted on 20th February 2008

LUGRadio Live 2007

LUGRadio Live 2007

LUGRadio Live UK dates have been announced as the weekend of 19th/20th July.

At the moment the guys are busy preparing for LUGRadio Live USA, so expect more details for the UK event after next month. The US event will be the first time the LUGRadio experience will have been seen on such a major scale outside of the UK. The guys seem suitably excited and I'll be keen to discover if the American event has the same manic and mayhem feel as the UK event. The UK event is very definitely about getting the Linux and Open Source communities together, to hopefully provide an opportunity to meet and greet with fellow developers or just people you meet on IRC or the forums. It doesn't have that corporate feel is much more laid back, thus having a much more social nature about it than many traditional conferences. Not to diminish the value of the talks and presentations, but the atmosphere is much more conducive to discussion, questions and feedback than more formal events. For me that has perhaps more value as I like to get feedback and ideas from others and some more corporate events often don't encourage that atmosphere.

In the meantime, if you're in the US and can make it to the West Coast over the weekend on 12th/13th April, checkout LUGRadio Live USA2008 and try and get along to The Metreon, San Francisco. As a tempter, watch the video trailer created by Tony Whitmore, AV coordinator for the UK event.

I shall be at LUGRadio Live UK, although whether that's as a speaker, attendee or member of the crew remains to be seen. I'm thinking of submitting my Understanding Malware talk, but seeing as it's about an hour long, and I definitely DON'T want to be on the main stage, I'm hoping the guys will agree to hiding me in a smaller room. They guys always manage to put me up against big names (Mark Shuttleworth and Chris Di Bona for the last two years), so this might be my chance to steal some of the audience back for the little guy ;)

As I don't specifically talk about Linux stuff, but more general Open Source stuff, I've often felt a bit of an outsider as a speaker. The Malware talk is again not about Linux specifically, and some aspects are not Open Source (for justifiable reasons), but the content, particularly for anyone interested in understanding what malware is and eager to gain some very basic hints and tips to protect your inbox, it's ideal. Seeing as most of the attendance for LUGRadio are knowledgeable Linux people, I'm hoping the talk will be of interest to a wide variety of people. I've now done the talk twice, for Leicester LUG last week and Coventry LUG last night. Both presentation went down very well and generated lots of interesting discussion afterwards. Seeing as some of these guys are very clueful sysadmins and developers, as a benchmark, I think the LUGRadio audience will love it. We'll see ;)

The UK event will be returning to Wolverhampton University Student's Union, the venue for the 2006 event. Personally I liked the Lighthouse, the venue for 2007, but I know the guys got heavily criticised for a variety of issues, that meant they had to reconsider the venue for the 2008 event. The SU venue is smaller than the Lighhouse too, which might cause some problems, as I can see the event getting a bigger attendance this year. For the past 3 years the attendance appears to have been increasing anyway, but in the last year, I am noticing more and more articles, blogs and posts about LUGRadio. I just hope there is enough space for everyone.

BTW if you're attending LUGRadio Live USA2008, please take a camera and post your photos publically. My site always gets a lot of hits for LUGRadio, and I'm sure the thirst for photos for the US event will be just as popular.

File Under: conference / linux / lugradio / opensource / security / spam

Don't Bring Me Down

Posted on 19th February 2008

Over the weekend I got spammed. I don't get that much spam into my inbox usually, as most gets caught by my own very aggressive detection rules, with SpamAssassin generally picking up everything else for me. However, this spammer seems to have got through because their spam was music related. Mr. Robert J. Johnson and Ms. Mary M. Dharma (Assistant to Mr. R. Johnson) under the guise of "www.eloformermembers.com", a website that seems only to exist to track real email addresses, appear to be working for a new band called The Orchestra, made up of former band members from ELO (Electric Light Orchestra) and ELO Part II. Now although I did used to like ELO, I have no real desire to see a half hearted attempt to see what almost amounts to a covers band, and especially when they employ a spammer to get me to listen to them or see them on tour.

However, what got me most about the spam, and the band's use of them, was that I got sent the request 3 times (or should I say 3 got through ... there maybe more), all different messages, and all 3 were requesting me to hit a link to obtain the tour dates for the forthcoming UK tour. But the best bit is the mails all started with "Dear Classic Rock Fan, Can I have your permission to send you info on the upcoming [UK tour]". Maybe the band don't see the stupidity of that statement, or are so ignorant of the actions of spammer that they don't care that their potential fans could become victims to a stream of rubbish in their inboxes. If you're going to advertise your tour dates doesn't it make sense to tell people about them in the mail, rather than request permission to send them? I might (note I said might) have had a bit of respect for them if they had done that and maybe had a link along the lines of "if you would like to receive further mails...", but as it is they have now been added to my blacklist.

Admittedly I wouldn't have wanted to see the band anyway, but possibly this might serve as a warning to other bands thinking about using spammers to get their name about. Don't. There is never a good reason to use a spammer. Ever. In this day and age there are plenty of ways to get your presence known, most venues have weekly or monthly updates on gigs, ents24 does the same, and there are many internet news sites these days (including the tradional hard copy magazines such as NME, Kerrang and Rolling Stone) that cater for a variety of musical tastes. It's alot easier to get your band's name known these days, and resorting to spammers just screams of desperation. If things are really that bad, maybe you really should just call it a day.

I've purposefully avoided adding any active links in this post, as don't want to promote the band or the spammers, but anyone getting a mail like this and being a bit dubious does a search, hopefully they'll find this post and avoid any further involvement with the band. Either that or bands read this and think of better ways to promote themselves.

File Under: music / spam

Fan Mail

Posted on 20th May 2007

Dear Spammer,

Why are you bothering to try and spam this system. If you even bothered to check back after you'd posted, you'd note that your scheming spamming tricks don't work. This site has a very strict filtering system that you will not get through, so please don't bother.

This site gets hit by spammers at least once a day. However, as the backend gets to see more of these spammers, the less I get to see them. Hopefully it'll get to the point I see maybe the occasional post once a week, or once a month or even better never. The Scooter Do also has a similar detection in the backend, and both are accummulating a notable amount of knowledge. I've been wary of using something like SORBS, as for email is not reliable enough, but seeing as most spamming systems tend to use these open proxies, the chances are that legitimate posters won't be on those lists. So, I've started to look at using Net-DNSBLLookup, to see how well I can integrate it with what I have. It will hopefully mean I only need to clean the database once in a blue moon :)


File Under: spam / technology

Some Rights Reserved Unless otherwise expressly stated, all original material of whatever nature created by Barbie and included in the Memories Of A Roadie website and any related pages, including the website's archives, is licensed under a Creative Commons by Attribution Non-Commercial License. If you wish to use material for commercial puposes, please contact me for further assistance regarding commercial licensing.