Earl Bockenfeld: Internet

Top 10 Dumbest Online Business Ideas That Made It Big!

Wed, 19 Jul 2006 04:50:12 GMT

Top 10 Dumbest Online Business Ideas That Made It Big!

1,000,000 pixels, charge a dollar per pixel that's perhaps the dumbest idea for online business anyone could have possible come up with. Still, Alex Tew, a 21-year-old who came up with the idea, is now a millionaire.

2. SantaMail

Ok, how's that for a brilliant idea. Get a postal address at North Pole, Alaska, pretend you are Santa Claus and charge parents 10 bucks for every letter you send to their kids? Well, Byron Reese sent over 200000 letters since the start of the business in 2001, which makes him a couple million dollars richer.

3. Doggles

Create goggles for dogs and sell them online? Boy, this IS the dumbest idea for a business. How in the world did they manage to become millionaires and have shops all over the world with that one? Beyond me.

4. LaserMonks

LaserMonks.com is a for-profit subsidiary of the Cistercian Abbey of Our Lady of Spring Bank, an eight-monk monastery in the hills of Monroe County, 90 miles northwest of Madison. Yeah, real monks refilling your cartridges. Hallelujah! Their 2005 sales were $2.5 million! Praise the Lord.

5. AntennaBalls

You can't sell antenna ball online. There is no way. And surely it wouldn't make you rich. But this is exactly what Jason Wall did, and now he is now a millionaire.

6. FitDeck

Create a deck of cards featuring exercise routines, and sell it online for $18.95. Sounds like a disaster idea to me. But former Navy SEAL and fitness instructor Phil Black reported last year sales of $4.7 million. Surely beats what military pays.

7. PositivesDating.Com

How would you like to go on a date with an HIV positive person? Paul Graves and Brandon Koechlin thought that someone would, so they created a dating site for HIV positive folks last year. Projected 2006 sales are $110,000, and the two hope to have 50,000 members by their two-year mark.

8. Designer Diaper Bags

Christie Rein was tired of carrying diapers around in a freezer bag. The 34-year-old mother of three found herself constantly stuffing diapers for her infant son into freezer bags to keep them from getting scrunched up in her purse. Rein wanted something that was compact, sleek and stylish, so in November 2004, she sat down with her husband, Marcus, who helped her design a custom diaper bag that's big enough to hold a travel pack of wipes and two to four diapers. With more than $180,000 in sales for 2005, Christie's company, Diapees & Wipees, has bags in 22 different styles, available online and in 120 boutiques across the globe for $14.99.

9. TruGamerz

Faux-suede padded covers for game controllers and gel thumb pads for analog joysticks? No one will buy that. Forget it. The product proved to be so popular, it got picked up by Target.com and Walmart.com and annual sales new exceed half a million dollars.

10. Lucky Wishbone Co.

Fake wishbones. Now, this stupid idea is just destined to flop. Who in the world needs FAKE PLASTIC wishbones? A lot of people, it turns out. Now producing 30,000 wishbones daily (they retail for 3 bucks a pop) Ken Ahroni, the company founder, expects 2006 sales to reach $1 million.

11. To see other businesses that have not made the top 10 list but came pretty close, visit Uncommon Business Blog

Making A Life And A Living In Second Life

Fri, 03 Mar 2006 04:44:10 GMT

Making A Life And A Living In Second Life

Jennifer Grinnell, Michigan furniture delivery dispatcher turned fashion designer in cyber space, never imagined that she could make a living in a video game.

Grinnell's shop, Mischief, is in Second Life, a virtual world whose users are responsible for creating all content. Grinnell's digital clothing and "skins" allow users to change the appearance of their avatars -- their online representations -- beyond their wildest Barbie dress-up dreams.

Within a month, Grinnell was making more in Second Life than in her real-world job as a dispatcher. And after three months she realized she could quit her day job altogether.

Now Second Life is her primary source of income, and Grinnell, whose avatar answers to the name Janie Marlowe, claims she earns more than four times her previous salary.

Grinnell isn't alone. Artists and designers, landowners and currency speculators, are turning the virtual environment of Second Life into a real-world profit center.

"It's not just a game anymore," said online artisan Kimberly Rufer-Bach. "There are businesses, nonprofits and universities" taking advantage of the online world.

With users now numbering over 130,000, game-maker Linden Lab estimates that nearly $5 million dollars, or about $38 per person, was exchanged between players in January 2006 alone. Working in Second Life is "the same as working in London and sending money home to pay the rent for your spouse," said company CEO Philip Rosedale.

Just ask Rufer-Bach, known in Second Life as Kim Anubus, who works full time making virtual objects for real-life organizations. In a recent contract with the UC Davis Medical Center, Rufer-Bach created virtual clinics in Second Life to train emergency workers who might be called upon to rapidly set up medical facilities in a national crisis. The work is funded by the Centers for Disease Control. "In the event of a biological attack ? the CDC have to set up emergency 12-hour push sites, to distribute antibiotics," said Rufer-Bach.

To create the most realistic simulation possible, Rufer-Bach crafted about 80 distinct objects, "from chairs (to) a forklift, plumbing, wiring," she said. The end result is a training environment that's not only lifelike, but relatively inexpensive. "There are substantial advantages to doing this training in the virtual world," said UC Davis professor Peter Yellowlees. For one thing, it's "incredibly cheaper."

Of course, most of the business opportunities in Second Life don't involve anything as weighty as medical training. The game has a significant market in specialized avatars: People pay as much as 2,200 in-game "Linden dollars," or just over $8, for stock avatars -- with custom work commanding prices that can go much higher. Rufer-Bach ordered a special avatar for her mother, "a knee-high lavender warthog, with a tiara and wings and a big fat spleef with smoke effects."

The game world's mixture of fancy and serious business can lead to some incongruous scenes. "We joke that you just don't show up at a business meeting as a mermaid," said Rufer-Bach. "One guy is a furry, with an animal head. Another's a ball of glowing fuzz. There's a giant two-story robot transformer."

Wharton professor Dan Hunter, an expert on law and virtual worlds, said Second Life's relatively small size makes its economic future hard to predict. But virtual worlds are becoming spaces where "globalization of services can occur," he said. "In SL, services are valued. 'Hey, I can provide something that someone else wants! And I can make money from it!' The expansion of the economy is almost certainly going to be dependent on expanding the service opportunities."

With more and more people cashing in on Second Life, the most pressing question may be, how many can benefit before the boom times end?

Slut-O-Meter

Wed, 21 Dec 2005 01:47:44 GMT

Slut-O-Meter

How slutty is your blog, quantitatively speaking?

Slut-o-meter evaluates the promiscuity of the subject you enter by comparing the number of Google search results with and without "safe-search" enabled. A complete slut would return unsafe results and no safe results. Alternatively, a clean name should produce the same number of safe and unsafe results. The "promiscuity" percentage we give you is calculated as follows:

Negative Promiscuity? Huh?

If you're wondering why some subjects have a negative promiscuity, well, you're not alone. In general, this happens when the number of safe results is greater than the number of unsafe results (or if there are no unsafe results whatsoever). We're not quite sure why this is the case, but we believe that Google is not telling us the truth.

Results for "Earl Bockenfeld's Radio Weblog": Promiscuity: -38.11% (287 / 753)

Hat tip to Majikthise: Promiscuity: 6.02% (130000 / 2160000)

The Ten Internet Commandments

Sat, 10 Dec 2005 19:56:31 GMT

The Ten Internet Commandments

Just a little something to keep in mind, going into the new year.

Thou shalt not buy merchandise found in pop-up ads or spam.
Thou shalt not post thy email address, phone number, address or social security number to the internet, nor shalt thou post anyone else's.
Thou shalt not forget to update thy Windows every second Tuesday.
Thou shalt not connect to the internet without installing an antivirus, nor shalt thou begin a scan without checking for updates.
Thou shalt not connect to the internet without installing a firewall.
Thou shalt not covet thy neighbor's credit card number, nor his bank routing number, nor his social security number.
Thou shalt not enter thy credit card number without seeing the tiny padlock icon on thy status bar.
Thou shalt not reply to the email from the Nigerian banker.
Thou shalt not forward chain letters to thy friends and family.
Thou shalt not use "password" as thy password, nor thy birthday, nor thy children's names.

Nigeria To Put Spammers In Slammer

Sat, 22 Oct 2005 02:02:40 GMT

Nigeria To Put Spammers In Slammer

Nigeria, home to some of the world's most notorious cyber crimes, has proposed a law making spamming a criminal offence for which senders of unsolicited e-mails could be jailed for at least three years.

Is this the end of an era? Nigeria is cracking down on its best-known export - email scams - by putting a law up for vote that would finally make these scams a criminal matter. The move is the latest by the government there to project a tough stance on the issue - back in August, the country even hosted a conference on how to crack down on spam.

According to this Reuters story, spammers who are caught could face up to five years in prison, and possibly have to give up the proceeds derived from their, uh, entrepreneurship. But sadly, if effective (although we kinda doubt the practice will entirely cease), it will deprive us of some of the best - if inadvertent - humor online. On the other hand, if the Nigerian spammer goes the way of the 20 gigabyte iPod, it could boost sales of Tuesdays with Mantu, Rich Siegel's book about his email correspondence with a Nigerian con artist, for nostalgia value alone.

The advance fee e-mail scam, known as "419" after the relevant section of the Nigerian Criminal Code, is a computer age version of a con game dating back hundreds of years and is sometimes called "The Spanish Prisoner."

Typically spammers send millions of unsolicited e-mails around the world promising recipients a share in a fortune in return for an advance fee. Those who pay wait in vain for the promised windfall.

President Olusegun Obasanjo has been keen to clean Nigeria's image as a country of spammers and one of the world's most corrupt nations since he was elected in 1999, ending 15 years of military rule in Africa's top oil producer. He set up the Economic and Financial Crimes Commission in 2003 to crack down on e-mail fraudsters who had elevated scamming to one of the country's main foreign exchange earners after oil, natural gas and cocoa, according to campaigners.

The anti-fraud agency is investigating hundreds of suspects and prosecuting over 50 cases involving about 100 suspects.

The agency got its first major conviction in July when a court sentenced a woman whose late husband masterminded the swindling of $242 million from Brazilian Banco Noroeste S.A. between 1995 and 1998, one of the world's biggest e-mail scams.

This is a link to one of my favorite online videos, Ze Frank's request, in which he dramatizes a Nigerian scam e-mail, verbatim: http://www.zefrank.com/request/

JARGON WATCH

Fri, 08 Apr 2005 19:17:10 GMT

JARGON WATCH

-Gareth Branwyn

Narcipost - A shamelessly egocentric blog post that's of little interest to anyone besides the person who posted it.

Moantones - The recorded sighs and moans of porn stars, available for download as cell phone ring tones. As porn princess (and moantoner) Jenna Jameson said in a press release: "The technology is way beyond most of us, but the bottom line is, you'll be able to hear me ...moan when your phone rings."

Nouse - A peripheral device that tracks the movement of the tip of your nose to control a cursor.

Open Loops - The incomplete tasks and projects in your life that constantly cycle through your head, leading to anxiety, stress, and creative constipation. Popularized by David Allen's work-flow management book, Getting Things Done: The Art of Stress-Free Productivity.

Mobcasting - Mobile audio podcasting using a phone-in blogging service, such as audioLink.

Data Sponge - Silly slang for a handheld scanner.

eBay Effect - The rise in a company's stock after announcing the addition of auctioning to its online offerings. Ticketmaster and Sharper Image both enjoyed the eBay effect.

Generation Lap - The overtaking of baby boomers by their more technologically savvy offspring. The idea of a generation lap has been articulated by many who believe that the "Net generation" has an innate, magical relationship with information technologies.

Pic Post - A free porn supersite on which adult sites post banner ads and links to images each day. The pic post gets content, users get lots of free dirty pictures, and participating sites get, um, exposure.

Spendorphins - The pleasure proteins that seem to be released during a shopping frenzy. Coined by Martha Barnette in Allure magazine.

Y2.038K Bug - Another time/date bug - this one will cause counters on certain legacy systems to leap back 136 years when January 19, 2038, rolls around. The relevant code may no longer exist in 39 years, but then again, two-digit dates once seemed a harmless temporary fix.

Big Hat, No Cattle - Texas expression used to dismiss a cowboy wannabe. In Lone Star IT circles, it describes a technician with a certificate or degree in computer science, but little or no field experience.

Sneakers-up - A dotcom that's gone belly-up. Reminiscent of the older hacker slang "casters-up," meaning a broken-down or dead computer.

GNU Economy - The open source software marketplace, named after the GNU General Public License, which prevents corporations from acquiring public domain systems like Linux.

Cycle Brokering - The farming out of number-crunching tasks to a distributed network of consumer PCs.

Relevance Switching - P2P collaborative-searching technology being developed by OpenCola. Users can share their database-scouring results with other people who have similar search interests and behavior.

******

Gee, a couple of weeks ago, I didn't even know what a groantoners was, Now I R one!

04/14/05 UPDATE: We have word from Johnny & the Moan Ranger correcting what was published in Wired. It seems that moantones were invented four years ago, and that porn princess (and moantoner) Jenna Jameson is a late cummer (and not inventor) to the moantone scene. It amuses Johnny that bloggers will latch on to any media tit that is thrust into their gaping lips without checking to see if the nipple belongs to their mama. While thats true, Johnny, when did you ever get a correction like this in the NYT or LAT?

India's porn police bring their quarry to eBay

Thu, 30 Dec 2004 03:39:15 GMT

India's Porn Police Bring Their Quarry To eBay

NEW DELHI - What started off as an ordinary little scandal about youngsters and pornography has exploded in India's face, with the world's top auction website screaming blue murder as its India manager sits behind bars, questions being raised in parliament, and even US Secretary of State-designate Condoleezza Rice getting involved.

But perhaps the real can of worms is the implication for Indian e-commerce in general, after a magistrate ruled that ink on paper was required, not the mere clicking of an "I agree to the terms of service" button.

Indian police are now conducting a massive hunt for porn in cyberspace, and its perpetrators. Into the dragnet have fallen the schoolboy who lit the fuse of outrage when he secretly filmed an oral sex act with his girlfriend (When sex gets out of the cupboard, Dec 9), and a former student of the prestigious Indian Institute of Technology (IIT) who, to help pay for his education, peddled the sex clip on Baazee.com, the Indian arm of eBay. They are both in jail, along with Avnish Bajaj, Baazee.com's manager and chief executive officer.

The fact that the offending blue movie was filmed with a camera-phone is apparently all-important: the saga has become known as the "MMS case" because of the technology used. Adding fuel to that particular fire - the misuse of technology and invasion of privacy - was the secret filming (using camera phones, what else) of top Bollywood actors Kareena Kapoor and Shahid Kapur getting passionate - French-kissing, no less - at a nightclub this month.

<snip>

But why is Condoleezza Rice involved? She is taking a personal interest in the welfare of Baazee.com's Bajaj, and has contacted David Mulford, the US ambassador in India, and asked him to impress upon the government to ensure Bajaj's safety. Bajaj, an IIT and Harvard graduate, is a US citizen and, if convicted, faces a prison term of several years. "The US Embassy is following this case very closely and there is high-level interest in Washington regarding it. Consistent with normal US consular practices, the [court] hearing was attended by a US consular official," said a spokesperson.

India-born Bajaj was arrested under Section 67 of the Information Technology Act (transmission of obscene material through electronic media), which can carry a jail term of up to five years. He was expected to have a bail hearing on Tuesday: meanwhile, the high-flyer was lodged in India's most infamous prison, Jail No 3 of Delhi's Tihar Prisons, sleeping on the floor in a room along with 70 other prisoners awaiting trial on charges ranging from pick-pocketing to rape and murder.

Bajaj's arrest came about courtesy of Ravi Raj, another IITian (they are the country's brand ambassadors as far as IT goes). Ravi, a final-year student of IIT, was the first person to be arrested in the case, as he was selling clips of the said sexual act - procured from a local area network as it rested on the desktops of many other students - on Baazee.com. Raj is a regular seller on the site to pay for his tuition and other expenses as he belongs to a poor family.

<snip>

Indeed, one of the biggest loopholes in the Indian laws against cyber-crime was the fact that no action could be taken against websites selling or promoting prurient matter as the servers could be located at any international location. However, over the past year Internet business models are stabilizing worldwide, with two Indian dotcoms - Baazee.com and Jobsahead.com - being bought by eBay.com and Monster.com respectively. Other major portals such as Yahoo.com and MSN.com too have their India operations well under way. By making Baazee.com accountable for material on its website, whatever may be the merits of arresting Bajaj, the Indian authorities have sent a powerful message that local laws and sentiments have to be abided.

The question is, what are the implications of the laws for Indian e-commerce in general? According to an online petition addressed to Prime Minister Manmohan Singh, authored by venture capitalist Mahesh Murthy and calling for the quick release of Bajaj, Raj allegedly put the film clip up for sale on Baazee.com after reading and agreeing to the website's terms of service, which expressly forbid trade in any pornographic items. He advertised the item as a "video of Delhi girls having fun" and said he would email it to anybody who sent him Rs125 (about US$3). In the next two days, eight people sent in their money and Raj allegedly emailed them the clip. None of this exchange happened on Baazee.com, and at no time was any pornographic material of any sort hosted on Baazee.com.

"When eBay India/Baazee's lawyers applied for bail [for Bajaj] on Saturday, December 18, by quoting, among other things the Terms of Service of Baazee that the merchant had to agree to before signing up, the magistrate apparently rejected the documentation by saying that there was no ink-on-paper signature on the agreement and hence she would not accept it as evidence."

And then comes the crux of the issue: "By rejecting the admissibility of the paper version of Terms of Service, and insisting on an ink-on-paper signature for legal status, the entire legality of the e-commerce business in India is called to question. This is ironic, for the largest e-commerce operation in not just India, but South Asia, is the Indian Railways online ticket-selling business - a government-owned and -run operation - which does business worth Rs18 crores [$4 million] a month. This magistrate's decision seems to imply a lack of legal standing for all ticket sales online by the railways. It also calls to question all other e-commerce sales in India ... "

EBay has predictably reacted angrily to the arrest, calling it "completely unwarranted". Acknowledging that the listing of the smut clip was against Baazee.com's policies and user agreement, it said in a statement that the video clip itself could not be played on the website and the illegal item was deleted from the site once it came to notice. Moreover, Bajaj had on his own flown down to New Delhi to assist the police, which helped to locate and arrest Raj. "It is unfortunate that local law enforcement has chosen to misdirect its energies towards Mr Bajaj. Baazee.com today is a part of eBay Inc, the world's online marketplace, which has a presence in 32 markets around the world. Never before has such an action been taken against the company. This position advocated by the police is shocking especially as Bajaj has been working closely with and fully cooperating with the Delhi police since they contacted us on December 9," the firm said in a statement.

<snip>

To conclude, while it does seem that the treatment meted out to Bajaj is harsh, it is apparent that the action against Raj and the schoolboy, who cannot be named under Indian juvenile laws, will surely be a deterrent to such future occurrences. Think about the girl for a moment - it is only her face that is visible in the clip and all she did was engage in an intimate act with her boyfriend, not the rest of the world.

IBM to Quit Making PCs

Sat, 04 Dec 2004 03:17:11 GMT

IBM to Quit Making PCs

NEW YORK -- IBM has reportedly put its personal computer business up for sale in a deal that could fetch as much as $2 billion and close an era for an industry pioneer that long ago shifted its focus to more lucrative segments of the computer business. Its stock rose 1.6 percent in early trading in the wake of the report.

The New York Times said in its Friday editions that IBM is in serious discussions with the Lenovo Group, China's biggest maker of personal computers, and at least one other unidentified buyer for the unit.

The newspaper cited people close to the negotiations that it did not further identify for the report.

IBM spokesman John Bukovinsky refused to comment Friday. Spokesmen at Lenovo's Beijing headquarters and Hong Kong offices did not return calls Friday.

Analysts have said a sale of the PC business would make sense for IBM.

Ben Reitzes, an analyst at UBS Investment Research, said in a July research note that the business would be sold. He noted the PC business, which accounts for about 10 percent of IBM's total sales, loses money.

For Asian computer makers, new competition from Dell is a big threat. "By linking up with a heavyweight like IBM, vendors would logically think they could fend off any threat better," Reitzes said.

IBM is increasing its focus on consulting services, analysts said.

"They've been very clear that they intend to streamline and prioritize around new growth opportunities," said Mark Stahlman, technology strategist at research firm Caris & Co. "PCs are not one of them."

IBM, based in Armonk, New York, has refocused on the corporate server and computer services businesses, but was a major force in driving personal computing into the mainstream with its introduction of the IBM PC in 1981.

IBM now ranks third behind Dell and Hewlett-Packard in the personal-computer business, according to Gartner Inc., an analyst in the information technology industry.

The Times said the business up for sale would include the entire range of desktop, laptop and notebook computers made by IBM. The sale would likely be in a range of $1 billion to $2 billion, the report said.

Other possible buyers could include Japan's Toshiba, analysts said.

Guo Tongyan, a Lenovo marketing manager in Beijing, said he had not heard of any discussions, but noted Lenovo was building up its personal-computer business.

Last month, China's state media said Lenovo and IBM were discussing teaming up to make desktop personal computers.

Asked about the Times report, Guo replied: "If Lenovo wanted to further expand its PC capacity, I wouldn't be very surprised."

"We decided on a strategy of 'reinforcing the PC business, focusing on the PC business' in a strategic meeting early this year," said Guo, who heads Lenovo's northern China marketing department.

Lenovo, formerly called Legend, had begun expanding into mobile phone manufacturing and information technology services when its computer manufacturing business faced intense competition from foreign rivals such as Dell.

But after reporting worse-than-expected results last year, Lenovo said it would return its focus to its core computer business. Lenovo is the world's ninth-biggest computer maker by size of shipments.

Photo May Land La. Marine In Trouble

Wed, 28 Apr 2004 16:02:48 GMT

Photo May Land La. Marine In Trouble

He's awaiting word on disciplinary action

By James Varney, Staff writer

A Louisiana Marine responsible for an offensive photograph made in Iraq last summer was awaiting word Wednesday on a disciplinary decision by the Marine Corps, a military spokesman said.

Lance Cpl. Ted J. Boudreaux, a reservist with the 3rd Battalion/23rd Marines who hails from Thibodaux, became the subject of a formal investigation last week after a photo in circulation on the Internet came to the attention of a Muslim public relations firm in Washington, D.C.

In the photo, Boudreaux is shown with two Iraqi boys. All three are smiling, and all three are flashing a "thumbs-up" sign. The middle boy is holding a handmade cardboard sign that reads in English, "Lcpl. Boudreaux killed my dad then he knocked up my sister."

The Council on American-Islamic Relations, which describes itself as "dedicated to presenting an Islamic perspective on issues of importance to the American public," but which also has been identified as "a radical Islamic group" by experts in congressional testimony, posted the photo on its Web site last week and demanded a Pentagon investigation. The results of that probe were expected Wednesday, but Capt. Jeff Pool, a local Marine reserves spokesman, said it would not be released until Boudreaux had been notified.

The Council on American-Islamic Relations' spokesman in Washington, Ibrahim Hooper, said Marine officials told him the investigation was of a "nonjudicial" nature, which could lead to Boudreaux's "separation from the corps."

Last week, the Marine Corps acknowledged the photo was real but said it wanted to make sure the lettering on the sign had not been doctored. It was unclear what military code Boudreaux violated if the sign was genuine, or whether the famous military catchall of "conduct unbecoming" covers enlistees as well as officers. Nevertheless, the sign's message was offensive, officers said.

"Let's just say that if it is true, it sure isn't the smartest thing I've ever seen a Marine do," Pool said.

During his deployment in Iraq last year, Boudreaux was stationed in Al Kut, the capital of Wassit Province, which runs southeast of Baghdad to the border with Iran. His duties there with a headquarters unit kept him largely confined to the big concrete hangars at an air base on the outskirts of the city, and he had little contact with locals. The photo, which shows the trio in front of a ramshackle hut, could have been taken at one of tens of thousands of locations in Iraq, including a shed outside the back entrance of the airfield where the Marines would buy soda, tobacco and trinkets such as prayer beads and head scarves from locals.

Boudreaux could not be reached for comment. His commander during the 3/23rd's Iraq mission, Lt. Col. David Couvillon, called the photo a sophomoric attempt at humor.

"Look, he didn't actually do what that sign says," Couvillon said. "This is stupid, lance corporal stuff that he thought was cute. But it's not, and I was informed the commandant of the Marine Corps had it and the Marine Corps will deal with this."

Couvillon noted that, as he is no longer the commanding officer of the 3/23rd, he is not involved in the investigation. He said he has not spoken to Boudreaux.

At the Council on American-Islamic Relations, Hooper agreed with Couvillon that the picture was a lame attempt at humor.

"My assumption has always been these things didn't happen, and in fact I doubt there's any girl at all," he said. "How the military reacts to this case," he told the Associated Press, "I think will send a message to Muslims in the Middle East and worldwide as to how seriously the United States takes these issues."

[Via The Times - Picayune]

PayPal Spoofing

Tue, 27 Jan 2004 01:16:44 GMT

PayPal Spoofing

<Jacob Palme <jpalme@dsv.su.se>>
Sat, 10 Jan 2004 13:58:53 +0100

I received a message which is abbreviated below [and even more by PGN]:

> Received: from unknown (HELO reva) (81.196.161.141)
>    by 0 with SMTP; 6 Jan 2004 01:55:14 -0000
> Reply-To: "service@paypal.com" <spooff@paypal.com>
> From: "service@paypal.com" <service@paypal.com>
> To: <jpalme@dsv.su.se>
> Subject: Account issue
> Date: Tue, 6 Jan 2004 03:51:33 +0200
>
> Due to concerns, for the safety and integrity of the PayPal community we have issued this warning message.
>
> It has come to our attention that your account information needs to be renew due to inactive members and non-functioning >mailboxes.  If you could please take 5-10 minutes out of your online experience and renew your records you will not run into
> any future problems with the online service.
>
> However, failure to update your records will result in account deletation [sic]. This notification expires on January 10, 2004.
>
> Once you have updated your account records your PayPal will not be interrupted and will continue as normal.
>
> Please follow the link below and renew your account information.
>   http://https-ebay.com   PayPal Service Department

When I clicked on the link, I got to a form which requested a number of personal data, including my credit card number, its security code and its PIN code! I have put up a copy of the form they asked me to fill in at
http://dsv.su.se/jpalme/temp/domain-name-spam-2c.pdf

I got suspicious for several reasons:

(a) No company has ever before asked me for my credit card PIN code.

(b) This information was requested by http, not https. But with a domain name, http://https-ebay.com which might make some people believe it was actually using https.

(c) Looking up in whois indicates that the owner of the domain name https-ebay.com is a private person, not a company.

To be on the safe side, I immediately blocked my credit card, since I had entered some information before I understood this was a spoof. I also wrote to PayPal, who confirmed that the mail was not from them!

I have learnt to be more careful and suspicious in the future!

Jacob Palme <jpalme@dsv.su.se> (Stockholm University and KTH)
for more info see URL: http://www.dsv.su.se/jpalme/

[This is increasingly becoming a problem! We desperately need some greater authentication and accountability. PGN]

[Via Risks Digest]

Google Whacking The Perfect Antidote To Spam Rage

Wed, 24 Dec 2003 02:50:13 GMT

Google Whacking The Perfect Antidote To Spam Rage

This was the year spam joined the axis of evil. Or at least the axis of the incredibly aggravating.

As exclusive offers of Paris Hilton sex-romp videos multiplied exponentially, pundits estimated that e-crap was costing Australian businesses at least $2 billion per annum. (And that didn't take into account all the productivity we lost worrying about how so many complete strangers knew we had such small penises in the first place.)

Then there was the growing problem of spam rage.

In the US late last month, a Silicon Valley computer programmer was arrested for threatening a company he believed was crippling his business with penis augmentation propaganda.

According to Reuters, Charles Booher threatened to send a "package full of anthrax spores" to the company, to disable an employee with a bullet and torture him with a power drill and ice pick; and to hunt down and castrate employees unless they removed him from their email list.

The object of Booher's ire - the advertisers for a product called the "Only Reliable, Medically Approved Penis Enhancement" - blamed a rival firm which they said was giving the penis enhancement business "a bad name".

Now there's a tough assignment.

While many of us share Booher's rage (I'd get into the ice-picking business myself if I wasn't so busy deleting all those emails for black-market Viagra), this is the season of goodwill so it's worth remembering there is some good spam.

The warning about the boob hoax I keep receiving, for example.

"I hate these hoax email warnings, but this one is important," it reads. "If a man comes to your front door and says he is conducting a survey and asks you to show him your boobs, do not show him your boobs. This is a scam; he only wants to see your boobs."

As one recipient lamented: "I wish I'd received this email earlier. I feel so stupid and cheap."

<skip>

While not strictly spam, "Google bombing" also deserves a mention for excellence in en masse internet usage.

Thanks to a weird algorithmic abnormality associated with Google, computer nerds are now able to manipulate the search engine for their own dastardly means.

This is why a search for "miserable failure" will still send you straight to the biography of George W. Bush.

Hunting for weapons of mass destruction?

Enter this phrase into Google and you'll be directed to a site explaining that the weapons you are looking for are currently unavailable. It then suggests adjusting your weapons inspection mandate, pressing the regime change button or, if you are George W. Bush, checking your spelling of Iraq.

It's cyberspace at its anti-establishment, anarchistic best.

[Via The Australian]

Final Days in the Life At Jennicam

Wed, 10 Dec 2003 05:26:48 GMT

Final Days in the Life At Jennicam

After seven years, it looks like former Washington resident Jennifer Ringley is finally turning off the webcams.

Ringley, more famous as the woman behind Jennicam (www.jennicam.org), became an Internet curiosity and a quasi- celebrity in the early days of the Web by putting up cameras around her apartment and letting anyone with an Internet connection tune in at any hour for a $15 annual subscription.

An announcement on Ringley's site last week said that the Jennicam show will close at the end of the year. But so far, the woman who shared everything -- yes, everything -- about her daily life has not revealed at her site why she's pulling the shutters. She did not respond to an e-mail sent midafternoon Friday.

<snip>

Canadian Jennicam fan Paul Brown told The Post in an e-mail Friday that he was sad to see Jennicam close.

"In a sense I'd like to have maintained the surveillance for the rest of her life. . . . as a sociological experiment and a life-narrative art project," he said. "I wish we'd been able to see it out."

At the peak of Jennicam's popularity, around the turn of the millennium, Ringley told The Post that her site got an average of 100 million visitors a week.

[Via Washington Post]

Nigerian eMail Conmen Fall Into Their Targets' Net

Mon, 17 Nov 2003 02:03:17 GMT

Nigerian eMail Conmen Fall Into Their Targets' Net

Tony Thompson, crime correspondent, Sunday November 16, 2003
The Observer

It has been described as the internet's first blood sport and is fast becoming one of the web's favourite pastimes. Fed up with having their inboxes clogged with emails from Nigerian fraudsters promising untold riches, the victims are finally hitting back.

Scam-baiting - replying to the emails and stringing the con artists along with a view to humiliating them as much as possible - is becoming increasingly popular with more than 150 websites chronicling the often hilarious results.

Known as 419 fraud, after the section of the Nigerian penal code that it contravenes, the scam generates millions of pounds each year. According to the National Criminal Intelligence Service, the average loss in the UK stands at around £35,000.

Mike, a 41-year-old computer engineer from Manchester, runs the scam-baiting site 419eater.com, which started two months ago. 'Almost always the scammer will think you are a real victim and try their best to extract money. It started because I used to get a few emails, and although I knew it was a scam I never knew how it worked. I did some research, found out about scam baiting and decided to have a go. It's now almost a full-time hobby for me.'

Like most baiters, Mike replies in the names of made-up characters. His sites specialise in collecting pictures of the scammers in order to make it more difficult to find new victims. Using the pretext that in order to believe they are real people they need to take a photograph holding up signs with the name of Mike's character, he has succeeded in getting one fraudster to pose with a piece of paper stating: MI Semem Stains. Other sites feature similar pictures with signs reading 'Iama Dildo', 'Mr Bukakke' and 'Ben Dover'.

Taking a leaf out of the 419 gangs' book, most of the scam baiters keep their true identities secret. There have been at least 25 murders linked to the 419 gangs. Last February a retired Czech doctor who had lost more than £400,000 stormed into the Nigerian Embassy in Prague and shot dead the leading consul.

A scam-baiting site run by 'Alexander Kerensky' focuses its efforts on 419 gangs based in Amsterdam. Adopting the persona 'Lillith Cova', an attractive but desperately lonely 27- year-old advertising executive from London, Kerensky exchanged emails with a man by the name of James for more than a month. During this time he received authentic-looking documents, including a power of attorney, entitling him to a 20 per cent share of $18 million.

'The site started because I managed to lure James in front of an Amsterdam webcam and I wanted people to know what these scammers look like. I don't have anything against Nigerians. These people are, quite simply, outright criminals.'

The oldest anti-scammer site is Scamorama, which aims to educate the public about the latest trends as well as waste as much of the fraudsters' time as possible. The original emails often claim the author has suffered a personal tragedy, usually the loss of a parent. A typical Scamorama reply claimed the recipient has also lost a parent in shocking circumstances, having witnessed their own father being shot. The email was signed 'Alfredo Corleone'.

The ultimate aim of many anti-scammers is to turn the tables completely and get the 419 gangs to send them money. One of those who has succeeded is an Australian who baits under the name of J Cosmo Newbury and specialises in creating characters and situations that border on the surreal. After months of correspondence, one of his characters even received a marriage proposal.

'I have a long history of writing loopy letters, so this was just an extension of that,' says Newbury. 'I think I was as surprised as anyone when the Nigerians fell for my stories, but I guess they are as gullible and as greedy as their victims. I know my efforts won't stop the scammers, but I have had emails from people who were tempted to reply but searched the internet and found my site and they thanked me for "saving" them.'

Newbury has now published some of his favourite exchanges in the form of a book, Dancing with Thieves. It includes letters where he poses as a terrorist by the name of Princess Tikka Masala, a Chinese restaurateur called Hu Flung Dung and a retired mariner by the name of John Silver.

[Via Guardian Unlimited]

X10 Pop-Under Mongers Declare Bankruptcy

Thu, 30 Oct 2003 02:56:52 GMT

X10 Pop-Under Mongers Declare Bankruptcy

A year ago, if you had asked anyone what the biggest scourge of the internet was, chances are they would have spat out something unprintable about X-10. X-10 makes a small spy camera that supposedly is pretty good for its price. I wouldn't know because I certainly will never buy one.

In late 2001, X-10 rolled out an advertising campaign that buried virtually the entire Internet with pop-under ads. Within a month, X-10 was one of the most hated names on the internet.

There is such a thing as karma and, occasionally, it bites you right on the ass.

As it turns out, X-10 stole their business model from two brothers working out of their childhood home. X-10 contracted with the boys to run their advertising campaign, then didn't pay them. In fact, they stole the plan the boys originated and carried it out themselves!

The brothers sued X-10 and last week were awarded a judgement of 4.3 million dollars. X-10 has filed for bankruptcy protection and may well be heading for that big Pop-up blocker in the sky. Or, more likely, they are headed underground, with all the other scumbags.

Good riddance. Sayonara. Don't let the door hit ya on the way out.

http://news.com.com/2100-1014_3-5095260.html :: X10 files for Chapter 11

[Via SpyWareInfo Newsletter]

These Are Definitely Not Scully's Breasts

Wed, 22 Oct 2003 04:57:24 GMT

These Are Definitely Not Scully's Breasts

Inside one man's crusade to save Gillian Anderson and the rest of the world from the plague of fake celebrity porn.

By David Kushner

The moment he boots up case file 371, the detective gets that twisted feeling in his gut. Ed Lake - blue button-down shirt, gray hair, hangdog jowls - studies the evidence alone in the musty dining room of his tiny apartment in Racine, Wisconsin, a small town southeast of Milwaukee. It's that blonde again. Elisha Cuthbert. He's seen her. The daughter on the TV show 24. And here she is now. Frozen on his computer screen - the smoky eyes, the parted lips. But something's wrong. The plunging neckline. The sheer black blouse. The exposed nipples. It's her, but it's not. It's a sham.

Lake, a 66-year-old retired Air Force weather observer, is the self-described Fake Detective, defender of Hollywood babes. Every day in this cramped hovel, he scours the alt.celebrity newsgroups for doctored photos of starlets in various stages of undress. The hoaxsters behind these operations: a breed of hackers known as fakers who pride themselves not on their ability to crack code but on their skill at creating a new kind of postmodern art.

Fakers are DJs of the pixel, manipulating pictures with Photoshop the way Moby tweaks sounds with a sampler. Bad fakes are obvious - Britney Spears' face clumsily grafted on a topless torso. The good ones seem sublimely genuine - a midstride shot of Ashley Judd sans panties at the Oscars, a doe-eyed Gwyneth Paltrow lying naked on a featherbed. If they're particularly well-done, they rise from the underground newsgroups and onto the hard drives of people who take them for the real thing.

So what's the harm in that? For the chivalrous Lake, it's an affront to the actresses. On his site, he bills his mission: Protecting the innocent, defending the truth, and recovering the sullied reputations of beautiful damsels in distress since 1996. "My favorite actresses are being betrayed," he says earnestly.

But for Lake, there's more to it. Fakers undermine the hard work of collectors of legitimate celebrity photos, like Lake himself. To understand why, he tells me, you need to understand the mind of a collector.

One look around his pad makes it obvious that Lake collects to the point of obsession. Stashed inside his closets and beneath the fantasy art posters that adorn his walls is a hoard of objects that many people would call junk: 4,000 miniature liquor bottles; 2,000 jazz tapes; 3,000 books, including more than 400 on World War II. "Collecting can't be explained," he says almost wearily as he cracks open a Diet Coke. "It's like a pack rat thing. I'll collect anything." Most of all, Lake collects photos of celebrities - a passion that dates back to his childhood and the double features he never missed at the local movie house.

Clearly, Lake has an appreciation for beautiful women, but he denies his motivations are prurient. He's on a crusade. He doesn't want anyone pulling the wool over the eyes of guys who are serious about their celeb collections.

Every self-appointed Batman needs a Joker, of course. And the Fake Detective has his. He goes by the name of Trillian.

"No good. The light's all wrong. She's looking in the wrong direction," says Trillian, in heavily accented English. We're standing in a bookshop in the red-light district of Amsterdam, flipping through a porno mag in search of shots suitable for faking. "This is better. See the hairline? See the angle? It's dead-on," he says, slapping the magazine with a grin. "This, this could be Sandra Bullock."

Along the canals, wobbly tourists window-shop hookers. Macy Gray's "Sexual Revolution" pulses from a Rastafarian café. The warm breeze smells like the inside of a bong. As we head out into the crowds, Trillian, a 37-year-old Hollander with a crooked nose, nicotine-stained teeth, and brainiac eyes, declares he's had enough of the Amsterdam scene.

It was a long time coming. After growing up in a German border town, he moved here to live the wild life. But eight years in a small flat on the far side of town got to him - the dopey crowds, the pushy prostitutes, the neo-hippie vagabonds. Now he lives in an industrial burg outside the city and works as a computer engineer at a local high school.

Trillian's not the most prolific of the few thousand online fakers, but many consider him the best. And for good reason. His necklines - the crease where a celebrity's head is pasted to a model's body - are imperceptible. His saturation and hue - the colorings that blend the skins of two different people - are subtle and convincing. He takes pride in his accomplishments but doesn't want his identity revealed. "You end up being a perv to some people," he says.

Fakes date back to the early days of bulletin-board systems, but they emerged as a distinct subculture in September 1996, when a Canadian computer engineer nicknamed Lux Lucre founded the alt.binaries.pictures.nude.celebrities.fake newsgroup. As the group's archivist, Lucre estimates there are roughly 300,000 fakes in existence, ranging from a black-light poster-style nude of Jennifer Aniston under a waterfall to a spread eagle of, yes, Bea Arthur.

The most popular fakee? Gillian Anderson. She has all the ingredients: girl-next-door accessibility, sci-fi geek cred, and, most important, a symmetrical face that's easy to manipulate. Britney Spears is not symmetrical, Trillian explains, making her difficult to flip. Sandra Bullock is almost perfect. Same for Sarah Michelle Gellar and Jennifer Love Hewitt. "Their heads glue on almost every body," he says.

Many fakers are in it for the cheap thrills. "I'm not really trying to create art, just good masturbation material," emails Yovo, an unemployed 38-year-old faker outside of Seattle. "It's pretty obvious that mine are fake. Anna Kournikova isn't known for doing double penetration shots, ya know."

Trillian professes different motives. "There's nothing erotic when you're working at the level of pixels," he says. He likes the simple nod to a task well-done - something missing from his daily life. "You can seek recognition at work, but you will be disappointed," he says, as we catch a train to his house. "That's part of faking: 'Look at what I've done.' You get cheers or boos. You get recognition."

<snip>

But I suspect there's something deeper at work: the thrill of the pursuit in a life that's slowing down. Without fakers like Trillian, there would be no chase. Without a chase, there would be no Fake Detective. Ed Lake would just be an old guy in a small apartment. Surfing the Internet. Alone.

[Via Wired]

Computer Worm Attacks Software Patch Server

Tue, 12 Aug 2003 15:40:47 GMT

Computer Worm Attacks Software Patch Server

14:21 12 August 03, Will Knight

A fast-spreading new computer worm tries to prevent vulnerable machines seeking protection by attacking a vital update server. The "Blaster" worm has already infected thousands of computers worldwide, security companies say.

The worm, also known as "Lovsan", exploits a software bug affecting most versions of Microsoft's Windows operating system. The bug was revealed on 16 July and Microsoft also released a software fix on the same day.

After infecting a vulnerable computer, the worm is programmed to send a volley of bogus traffic to Microsoft's software update service, windowsupdate.com on 16 August. If enough machines are infected this will overwhelm the site, preventing system administrators from using it to download the software patches needed prevent other machines being infected.

"It's an extremely devious trick by Blaster's author," says Graham Cluley, of UK anti-virus company Sophos. "Blaster attempts to knock Microsoft's windowsupdate.com website off the internet."

<snip>

Buffer overrun

To exploit the Windows flaw on a vulnerable system, Blaster sends irregular network packets of data that
cause a "buffer overrun" error. This means the system's normal security controls can be bypassed, allowing remote commands to be carried out.

Blaster scans for vulnerable machines via the standard network protocols TCP (Transmission Control Protocol) and UDP (User Datagram Protocol). Once a susceptible machine has been located it gains control of the machine and downloads a full executable copy of itself, "msblaster.exe", which it starts running. The worm also installs a TFTP (Trivial File Transfer Protocol) server so that it can pass more copies of itself to other hosts.

Some analysts say the worm may not spread as effectively as some other specimens because it relies on TFTP messages, which are automatically blocked by some firewalls.

Traffic spike

But US network security company TruSecure has already reported a fivefold increase in network traffic directed
at computer ports associated with the data sent by the worm. Other security companies have issued alerts about the worm, as has the Computer Emergency Response Team (CERT), an organisation funded by the US government.

US company Network Associates says the worm "is spreading quickly to thousands of machines around the globe," based on reports from the company's customers.

The SANS Institute, a network administrators training organisation in the US, recommends blocking incoming requests that could come from the worm at a network's firewall and physically disconnecting machines thought to have been infected.

The worm's code also includes a brief insult aimed at Bill Gates, founder and chief software architect at Microsoft. The offending message says: "billy gates why do you make this possible? Stop making money and fix your software!!"

UPDATE: HELP with Removing the W32.Blaster.Worm

Thanks xStainDx for the following information posted in our Back Page News section of the forum.

1.- Patch Your System with the appropriate MS03-026 Patch
2.- After Installation of the Patch, Reboot your system.
3.- Download and run "FIXBLAST".exe to remove the MSBLAST.exe file, terminate the process and remove added registry keys by the worm.
4.- Reboot your pc one last time.
5.- Visit WindowsUpdate.com more often and take note of our repeated warnings to keep your system updated.

Result:
Your System will no longer shutdown after 60secs, please follow the steps above to remove the worm off your computer and return your system to UPDATED safe status.

[Via NewScientist

Flash mobs: a new social phenomenon?

Mon, 04 Aug 2003 01:53:49 GMT

Flash mobs: a new social phenomenon?

Giles Hewitt in New York, Agençe France-Presse

Is it performance art or the ultimate surprise party? A social phenomenon known as the 'flash mob', which began in New York and relies on e-mail, appears to be spreading worldwide.

Using mass e-mailing, the organisers bring together what their invitations describe as 'inexplicable mobs' - large crowds that materialise in public places and suddenly dissipate 10 minutes later.

Since the first flash mob was organised in Manhattan in May, by a mischievous underground group called the Mob Project, the practise has already spread to other U.S. cities, while plans are being drawn up for events in London, Rome and Vienna.

The concept's creator, a shadowy figure known only as Bill, started off by e-mailing 50 friends to gather at a retail store in downtown Manhattan. The plan was foiled after the store was tipped off, forcing Bill to introduce an element of subterfuge.

For mob number two, participants were asked to gather in advance in one of several bars and only then were handed a leaflet detailing the target - Macy's department store.

More than 100 people suddenly appeared on Macy's home furnishing floor and, as instructed by the leaflet, began discussing whether to purchase a 'love rug' for their fictitious commune. To the bewilderment of the sales staff, the crowd then melted away as quickly as it had formed.

As Bill's e-mail pool has expanded, so has the size of the gatherings. Mob number three saw nearly 200 people flood the lobby of the swanky Hyatt Hotel and erupt into synchronised applause in front of bemused guests, while number four involved the invasion of a shoe boutique in Soho with participants pretending to be hick tourists from the southern U.S. state of Maryland on a bus trip.

"It's a spectacle for spectacle's sake - which is silly, but is also, as I've discovered somewhat to my surprise, genuinely transgressive, which is part of its appeal, I think," said the mysterious Bill in an e-mail exchange. "People feel like there's nothing but order everywhere, and so they love to be a part of just one thing that nobody was expecting."

A spokesman for the New York police department was wary about commenting on the legality of the mobs, but said the police would intervene only if there was criminal intent. For the most recent event, on July 24, one group gathered in an Irish bar, trying vainly to act casual as they loitered around the jukebox mentioned in the invitation.

"Are you with the mob?" whispered one anxious first-timer, only to be shushed with a knowing nod and wink, followed by a nervous giggle. A Mob Project representative surreptitiously handed out instruction leaflets, guiding that group and others to a grassy knoll in Central Park, opposite the American Museum of Natural History.

The mob began at 7:18 pm precisely - the 300-plus participants having synchronised watches with a time zone website - and the surreal instructions were followed to the letter:
· For the first three minutes, make as little noise as possible. If you can make a realistic bird call, you may occasionally do so.
· By 7:21 pm, you may make all bird calls, unrealistic or no.
· By 7:23 pm, you may also mumble, 'bird noise'.
· By 7:25 pm, you may also call out, "Nature here! Come get some nature," to passers- by.
· At 7:26 pm, chant "Na-ture" for 20 seconds, cheer and disperse.

"It was over before I could work out whether it was really clever or really dumb. But either way I kind of enjoyed it," said Lorien Poole, 24, who was e-mailed by a friend.

Just a few hours later, the event was the subject of heated discussion on several website chatrooms devoted to the flash mob trend. "It seems to me that while this is all fun, harmless and interesting for now, that it is just a matter of time before a fight breaks out and the mob becomes a riot," wrote one pessimistic participant.

Bill has made it clear he intends to wind up the project before it gets out of hand, although the concept appears to be taking on a life of its own.

San Francisco, Minneapolis and Phoenix have all staged their own events, while the first European mob took place this week in Rome, when 300 people entered a music and bookstore and asked for non-existent titles. The idea has also been adopted and given a more political agenda by other groups.

In Detroit, a group of gays and lesbians organise the 'Detroit Guerrilla Queer Bar', which targets a local straight restaurant or bar for 'swarming' on a designated night. And in Boston, Reggie Cummings, a black software developer, coordinates 'friendly takeovers' by crowds of black yuppies of downtown bars with a traditionally white clientele.

[Via ABC Science Online]

US Senator Orrin Hatch Pauses On PC Destruct Button (Kinda)

Fri, 20 Jun 2003 02:27:49 GMT

US Senator Orrin Hatch Pauses On PC Destruct Button (Kinda)
By Thomas C Greene in Washington
Posted: 19/06/2003 at 21:55 GMT

US Senator Orrin Hatch (Republican, Utah) backed down slightly from his bizarre remarks Tuesday advocating Hacking computers belonging to copyright scofflaws.

On Wednesday Hatch posted an announcement on his Web site saying, "I made my comments at yesterday's hearing because I think that industry is not doing enough to help us find effective ways to stop people from using computers to steal copyrighted, personal or sensitive materials. I do not favor extreme remedies - unless no moderate remedies can be found. I asked the interested industries to help us find those moderate remedies."

It would appear that Hatch is in favor of first exhausting peaceful means before resorting to violence, a code of self-restraint enshrined in American political culture from the early days of union labor struggles right up to the current conflict with Iraq over weapons of mass destruction.

On Tuesday, Hatch had mused about granting the media cartel an exemption from laws discouraging the destruction of property, and said flatly that he was "all for destroying [the] machines" of file traders and software pirates. He reckoned that a few hundred- thousand such incidents would send exactly the right message to the masses.

Now he's saying that he's 'all for it' as a last resort, in case the RIAA campaign of lawsuits, home invasions and other forms of quasi- legal intimidation should have less than the desired effect.

************************************************************************************

In other developments, Senator Hatch's Web site appears to be in violation of a software license requirement related to the javascript menus he's using, the irony of which has tickled the Internet's blogging community.

************************************************************************************

In another development, a sharp-eyed Reg reader has noticed that the Mormon Senator's Web site features a link to adult content at Bignaturals.com. Load this page and find the graphical link to 'myUTAH Search.com' about halfway down on the right-hand side, for some silicone-free Utah search action.

************************************************************************************

[What a two-faced, creepy, phony, SCUMBAG, who deserves his own special room-in-HELL!]

UPDATE: Wired: Orrin Hatch: Software Pirate?

Milonic Solutions' JavaScript code used on Hatch's website costs $900 for a site-wide license. It is free for personal or nonprofit use, which the senator likely qualifies for.

However, the software's license stipulates that the user must register the software to receive a licensing code, and provide a link in the source code to Milonic's website.

On Wednesday, the senator's site met none of Milonic's licensing terms. The site's source code (which can be seen by selecting Source under the View menu in Internet Explorer) had neither a link to Milonic's site nor a registration code.

However, by Thursday afternoon Hatch's site had been updated to contain some of the requisite copyright information. An old version of the page can be seen by viewing Google's cache of the site.

[Via TheRegister]

Depressed Student Kills Herself With Help Of Online Group

Tue, 10 Jun 2003 02:39:28 GMT

Depressed Student Kills Herself With Help Of Online Group

Suzy Gonzales' death is the 14th confirmed suicide associated with the online discussion group, which the San Francisco Chronicle doesn't name. Its reporter writes: "On any given day, the Internet site is filled with hopeless rants about life's miseries, advertisements for suicide partners, and requests for feedback on self-murder plans."

Suzy sent six time-delayed e-mails to the Tallahassee police, telling them that she'd ingested cyanide and that they could find her at the Red Roof Inn.

When investigators entered her motel room, they discovered her corpse alongside the poison, which she'd carefully repackaged.

In her e-mail to her parents, Gonzales had a request for her memorial service: Please play "Fire and Rain," James Taylor's elegy to a friend who committed suicide.

That friend was named Suzanne, too.

[More..]

[Via San Francisco Chronicle]

'No school' E-mail hoax sent to 3,500 students

Thu, 15 May 2003 05:10:51 GMT

'No school' E-mail hoax sent to 3,500 students
By Rachael Jackson, Apr 14,2003
Staff writer

No school on Friday!

The news sounded too good to be true for 3,500 students who received an e-mail early Friday morning announcing classes had been canceled due to budget cuts.

One or more e-mail tricksters sent the message, which was signed "Colonel Cathcart," from a WAM lab just after midnight Friday morning. At about the same time, an e-mail infected with the Klez virus, a virus that exploits a weakness in Internet Explorer, was directed to the same group of students.

The Office of Information Technology is investigating both cases, which may be related.

Most people who received the e-mail figured out fairly quickly that it was a joke because of the ridiculousness of the information and several grammatical and spelling errors. President Dan Mote's office received some calls around 8 a.m. Friday, and campus information received about 40 phone calls related to the e-mail hoax.

"It didn't appear to be too disruptive," said Joan Martinez, spokeswoman for OIT.

After a busy week and little sleep, Paul Marcon, a junior finance major, opened the e- mail at 3 a.m. Friday.

"At first I questioned it, and then I closed all my books and I was like, 'All right, I'm done,'" he said. But after talking to a few friends and taking a closer look at the e-mail, he figured there was no way it could be true.

"It really made no sense," he said. Marcon said he also received about 75 e-mails from people on the e-mail reflector asking each other to stop propagating the Klez virus.

Despite attaching "Colonel" to university spokesman George Cathcart's name, Martinez said the perpetrators tried to use the standard format for official university e- mails, including a footnote saying the e-mail was authorized for distribution to the university community.

"The person who created it apparently went to some measure to make it look like an authentic e-mail from university relations," Martinez said.

Cathcart, who was an armed forces lieutenant in the '60s, was away when the e-mail hoax occurred and was insulted when he heard his name had been used with a rank as low as colonel.

"I would have been higher than colonel by now," he said.

After OIT officials figured out that the e-mail had been sent to the GoalsStudy e-mail reflector, a single address that directs e-mail to about 3,500 people, mostly students, they sent an e-mail out to the same group at around 10 a.m. Friday.

They also put a recorded message on the university phone line and Provost William Destler posted information about the hoax on the university home page.

Affected students who were contacted said they did not even realize their e-mail addresses were included in the e-mail reflector.

Martinez said OIT officials are fairly confident they will be able to track down the perpetrators. Once they are found, they will be turned over to university judicial programs, which will determine the appropriate disciplinary action.

Martinez could not reveal which of the eight OIT-managed WAM labs the e-mail was sent from or give any details of the ongoing investigation.

Part of the e-mail read: "As the deadline for the submission of the University's final budget to the state has approached, it has become clear that we are suffering from a large budget shortfall. Because of this, we are forced to shut down the entire campus for a full day. We apologize for the short notice of this cancellation."

This case, Martinez said, is a reminder of how easy it can be to forge e-mail.

"E-mail is one of the most easily forged or compromised mediums," she said. "Always verify anything that looks suspicious or strange."

[Via DiamondbackOnline]

Rise of the Spam Zombies

Fri, 02 May 2003 05:01:04 GMT

Rise of the Spam Zombies

By Kevin Poulsen, SecurityFocus Apr 25 2003 4:45PM

Pressed by increasingly effective anti-spam efforts, senders of unsolicited commercial e-mail are resorting to outright criminality in their efforts to conceal the source of their ill-sent missives, using Trojan horses to turn the computers of innocent netizens into secret spam zombies.

<snip>

One of those programs popped up last week. Named "Proxy-Guzu," when executed by an unwitting user the Trojan listens on a randomly-chosen port and uses its own built-in mail client to dash off a message to a Hotmail account, putting the port number and victim's IP address in the subject line. The spammer takes it from there, routing as much e-mail as he or she likes through the captured computer, knowing that any efforts to trace the source of the spam will end at the victim's Internet address.

Trojan horses generally rely on their wielder's ability to trick innocent people into executing them. Proxy-Guzu, naturally, arrives as spam -- in one sighting the program was offered as a naughty peek at an online webcam.

One early victim of the malware, posting to an anti-virus message board, says he detected it only when his desktop firewall program alerted him to large quantities of outgoing e-mail messages sent to unfamiliar addresses, with subject lines like "Don't tell your parents about this!" and "your bill."

'Untraceable'
Spammers are borrowing the trick from the method electronic vandals use to create computer armies capable of launching distributed denial of service (DDoS) attacks against webservers. What may have been the first Trojan horse custom-tailored for spammers emerged last November: called "Jeem," it grants the perpetrator full access to a victim computer, but also includes a built-in SMTP server to facilitate e-mail laundering.

Arbon says the spam worlds' plunge into adolescent hacking techniques is a result of spammers enjoying fewer and fewer online havens from which to operate. "With the filters and the lists and heurists and all the mechanisms out there people are using, I think the people that are trying to find a way to get the mail delivered are resorting to alternative tactics," she says. "It's untraceable. I hate to put that in print, but it's the truth."

Of course, it also puts the spammers squarely on the wrong side of the law. "As a general rule it's legal to send someone an e-mail even if they don't want it," says Mark Rasch, a former Justice Department computer crime attorney. "But once you break into their computer and get their computer to send e-mail to someone else, then you're violating federal and state computer crime laws."

[Via SecurityFocus]

File-Trading Hoax Snares Victims

Fri, 04 Apr 2003 01:37:33 GMT

File-Trading Hoax Snares Victims
By Katie Dean

02:00 AM Apr. 03, 2003 PT

An executive who claimed to have developed a file-trading service that intentionally flouted copyright protection laws revealed Wednesday that he made the whole thing up for a laugh -- and to sell a book.

The Honest Thief was announced in February as a new service from PGR BV, a Dutch Internet services company. Pieter Plass, founder of PGR BV and president of CBB, a Dutch construction company, said he cooked up the lie as a joke and publicity stunt.

"First of all, I wanted to have some fun with this," he said. "It's part of our culture to do April Fool's jokes. You can't be a prankster without pulling somebody's leg."

The service promised to take advantage of a recent Dutch court decision that "paved the way for the Netherlands to become the world's first legal haven for file-sharing companies," according to a February press release.

Plass said he wanted to hawk his book of management strategies -- also called The Honest Thief -- and promote the philosophy behind it.

"There is an element of honest stealing in everything you do," Plass explained. "That's how we learn, and that's how people reach their goals. Calling it 'honest stealing' is a more catchy way of saying 'all that you learn as you go along in life.'"

Those who were duped by the scheme include The Wall Street Journal, Business Wire, CNET, Wired News and the PR agency that promoted the company, among many others.

"I got fooled along with everyone else, and I'm not particularly thrilled," said Steven Phenix, senior director of the Alliant Group. "He's no longer a client of ours.

"That's not the way PR is done in this country," Phenix said. "I have a long list of people I have to apologize to."

Phenix said he knew about Plass' book, but said, "I wasn't aware that that was the reason we were doing this (publicity)."

Press releases were sent out by Business Wire when the company was first announced.

"We received this release from a PR agency that is an established client of ours," said Phyllis Dantuono, senior vice president for Business Wire. "I think it's unfortunate that their client scammed them. It's more unfortunate that the scam was passed on to all of us.

"When somebody's trying that hard to trick you, that stinks," Dantuono said. "It's like, get a life, guy. I think that's unconscionable."

The Honest Thief also planned to "launch" a legal defense fund for college students, capitalizing on comments by Rep. John Carter (R-Texas). Last month, during a hearing of the Subcommittee on Courts, the Internet and Intellectual Property, Carter said that locking college kids in the federal pen for illegal file trading would help curb piracy.

The Free 2B P2P legal defense fund was to be announced this week.

Paul Grabowicz, director of the New Media program at UC Berkeley's Graduate School of Journalism, said that this hoax joins a long list of schemes perpetrated on the Net.

"It's common human behavior that's suddenly distributed over a global network," he said. "Instead of a couple of suckers, you could potentially get millions."

In 1998, two "teenagers" who promised to lose their virginity online admitted the plan was a scam. Other tall tales included a woman selling her eggs on the Net and the fake diary of a girl who was dying of leukemia, he said.

The Honest Thief website now includes a diary documenting the scheme, step by step.

"I feel that people still have a sense of humor about it," Plass said. "They can appreciate the effort of it actually being a hoax, and telling that it is a hoax."

Grabowicz sees the incident as an object lesson for journalists and other media professionals.

"I don't care how good a reporter you are or how reputable a media organization, you can get snookered by one of these things," Grabowicz said. "Reporters really need to be on their guard."

[Via Wired]

Use a Firewall, Go to Jail

Sat, 29 Mar 2003 03:14:38 GMT

Use a Firewall, Go to Jail

The states of Massachusetts and Texas are preparing to consider bills that apparently are intended to extend the national Digital Millennium Copyright Act. (TX bill; MA bill) The bills are obviously related to each other somehow, since they are textually similar.

Here is one example of the far-reaching harmful effects of these bills. Both bills would flatly ban the possession, sale, or use of technologies that "conceal from a communication service provider ... the existence or place of origin or destination of any communication". Your ISP is a communication service provider, so anything that concealed the origin or destination of any communication from your ISP would be illegal -- with no exceptions.

If you send or receive your email via an encrypted connection, you're in violation, because the "To" and "From" lines of the emails are concealed from your ISP by encryption. (The encryption conceals the destinations of outgoing messages, and the sources of incoming messages.)

Worse yet, Network Address Translation (NAT), a technology widely used for enterprise security, operates by translating the "from" and "to" fields of Internet packets, thereby concealing the source or destination of each packet, and hence violating these bills. Most security "firewalls" use NAT, so if you use a firewall, you're in violation.

If you have a home DSL router, or if you use the "Internet Connection Sharing" feature of your favorite operating system product, you're in violation because these connection sharing technologies use NAT. Most operating system products (including every version of Windows introduced in the last five years, and virtually all versions of Linux) would also apparently be banned, because they support connection sharing via NAT.

And this is just one example of the problems with these bills. Yikes.

UPDATE (6:35 PM): It's worse than I thought. Similar bills are on the table in South Carolina, Florida, Georgia, Alaska, Tennessee, and Colorado.

UPDATE (March 28, 9:00 AM): Clarified the paragraph above about encrypted email, to eliminate an ambiguity.

[Via FreedomToTinker]