Slashdot Mirror
Forward This Article And Get Paid $203.15
Iphtashu Fitz writes "We've all seen it. The e-mail forwarded to us from a friend who got it from a coworker whose sister's cousin's roommate's great aunt knows somebody at Microsoft. The one from Bill Gates himself offering you cash to forward the e-mail to others in order to test out their new e-mail tracking system. If you haven't received that one you've undoubtedly gotten other e-mail hoaxes offering anything from gift certificates to free computers to free airline tickets. How do these sorts of hoaxes start and who starts them? Well Jonathon Keats at Wired Magazine decided to track down the origin of the Bill Gates e-mail tracking hoax. After a few dead ends he finally located then-student Bryan Mack, who created the hoax on November 18, 1997 while at the University of Houston. In Mack's own words: 'It was just a joke between a couple friends' that eventually got out of hand. One of his buddies had gotten a make-money-fast spam and Mack said 'I can come up with something better than that.' Three minutes later, Bill Gates' email-tracing program was born. At first he just sent it to a few friends, but those friends sent it to other friends (and so on), and it didn't take long for the e-mail to transform from a joke to a full-fledged hoax."
This is actually a very well written Wired article. It's interesting to note that it only took him a little bit of research (or so it seems by the article) to find this guy. All he had to do was find the original hoax email, and the guys name was the first on the list! This is what started it all, and every single revision one could think of. It went from Email, to Instant Messaging, people have even started recieving them on their SMS-enabled phones as well. It's amazing to think that there are actually people who still believe this stuff... and it still continues on...amazing.. well atleast amusing to say the least.
Hmmm.
I never received much spam until that one day, someone I had emailed ONCE and LONG AGO, who obviously put me in her list of contacts (automatically or not), decided to forward a fake AMBER alert to the hundreds of people in her list, me being one.
I still rue the day I emailed her.
Hoaxes are not just powerful at getting a message across, but they can be amazingly powerful for spammers. Imagine spammers creating hoaxes that go out to 1,000,000 email addresses. Assuming 1% goes through and that each one of those people forwards to another 20 people will allow spammers to distribute a link to some product for free after the first 1,000,000. Also, this will take the legal strain off of the spammers themselves?
Are any companies currently doing this?
GroupShares Inc. - A Free and Interactive Stock Market Community
-------
artlu.net
As you can imagine it did our credibility no good whatsoever.
It is not just ignorant housewives and naive schoolkids who fall for these hoaxes...
Web Sig: Eddy Currents
I can remember recieving this on Usenet! Long before 1997. Circa 1992 or so. I think they got the wrong guy. He may have started one, but the incarnation of this joke was FAR earlier.
SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
Has anyone ever used these exploits to write a (Unix) virus?
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
- A lot of smart people don't know anything about the underlying technology. They don't know that an email message is usually just a bunch of alphanumerics. On the other hand, that ignores attachments and other content that can be made active by the MUA. Which brings us to:
- Don't you think that if Microsoft could make a serious buck off of it, they would implement something that allowed them to track certain bits of mail? Some bit of ActiveX that, when signed by Microsoft, would always be run by Microsoft MUAs?
Sure, the money hook is obviously absurd. But the technology end isn't as absurd now as is seemed in 1997. Back then, executing content that any stranger sent you was obviously something that any reasonable company would take steps to prevent. This is definitely a way in which Microsoft has "innovated.""It is our blasphemy which has made us great, and will sustain us, and which the gods secretly admire in us." - Zelazny
What about Jessica Mydek and her dying wish to clog as many email servers as she could before cancer takes her? Won't you help? (P.S. Try saying her name three times fast.)
Has anyone ever used these exploits to write a (Unix) virus?
I'm not sure about Pine, but Yes, mailer exploits did lead to a UNIX worm.
"Why do I even subscribe to Wired anymore, I can get the whole magazine in 2 weeks worth of articles on Slashdot, with full discussions..."
Bathroom reading, man.
"Derp de derp."
He started it as a joke.
And he didn't mean anything malicious by it.
He isn't anymore guilty than millions of other people who passed it on.
If he didn't do it, someone else would have.
Hopefully I didn't put any [] around my words.
Wired's a kickass rag, even if the content is nearly all online. It looks good on the Ikea coffee table, and it advertises to all guests that you are, in fact, smarter than them, what with their piffy pedestrian Newsweek and People subscriptions. Pshaw!
It does? I remember a friend of mine that deleted it in Windows 98 and it wasn't recreated. You're probably talking about Windows that has this auto-restore feature (which can be a pain in the ass), but then I have no XP machine so I don't even know if that particular file still exists.
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
"Did you read the next sentence? The quoted was a rhetorical question."
That doesn't prohibit me from answering. Your basic premise is severely flawed by the lack of data.
" but it does say something about how little most people care for their privacy."
No, it doesn't. The only thing it says is "people sent out emails." The rest is pure speculation with no data to back up any of it. Even somebody who was uppity about privacy
wouldn't necessarily behave consistently here.
My point? This is one of those generalizatiosn that just plain isn't insightful.
"Derp de derp."
I had a friend in highschool who registered (something to the effect of) billgates@hotmail.com and sent an email to every address that could be found in the headers. He claimed he was actually Bill Gates and need a name, address, and telephone number to send the checks to.
A large number of the recipients actually replied with the requested information. Even worse was the number of people that replied believing they were really giving this information in order to receive a check.. but couldn't be bother to write their areacode, zipcode, state, or city with their reply.
Joe Doe
112 4th Street
Thanks, now Billy can get that new lung!
- John
Jon Katz is not writing technical articles anymore, AFAIK. He's writing books about dogs. While there are probably innumerable jokes that people could make playing off this, unlike his Slashdot writing or some of his quasi-philosophy books written in the dotcom era, his dog books seem to be pretty well-received by their target audience, and they've been generally well-reviewed. I think you're also being a little too harsh on the person who actually wrote this article. You need a lead-in for a story, this was a fine enough lead-in, and if Wired occasionally writes somewhat whimsical articles like this, so what? Wired was always about features, not news, and somewhat silly features are hardly new to them. And it's a kind of amusing story. Don't be such a sourpuss.
I wrote it over 7 years ago for my web site, posted it to a couple of humor newsgroups to get some promo. Someone stripped my intro, sent it to a couple of humor lists with the claim it was real, and it exploded.
Sadly, my Shit Nickels Fast chain letter parody did not do as well.
- Greg
Start a happiness pandemic
A funny story about that..
As soon as I heard about it I sent an email to a girl I know who has a horrible tendancy to believe these things explaining that it was a hoax. The following conversation ensued.
First, the important back end to the punchline: Her comptuer at the time was an old Compaq Presario, 200mhz, 32 megs of RAM, and Windows95
Her: I deleted that file
Me: I told you it was a hoax
Her: Yeah but I had the file on my computer!
(I decide to take this and run with it)
Me: I told you it was a hoax for a reason, now if you shut your computer down you aren't going to be able to start it back up again.
(she signs off and isn't seen online again for about a week)
Her: Colin am I ever going to be able to turn off my computer?
She BELIEVED me and actually left her dinosaur Win95 box running for a week straight. I was surprised after running that long she was able to get on to AOL 6.0 and IM me without the system falling to its knees in a spectacular stream of 30 BSODs.
Stupid is as stupid does I guess
...and that's all there is to it.
I just tried it on 3 machines, and it did. One was XP, 2 were 2000. I have no recollection of what it did on 9x boxes, but I seem to recall it not impacting anything. I could be grossly mistaken.
-9mm-
I usually tell whoever forwarded this to me (as it's usually someone who knows me) that if they keep doing it I'll be forced to block all mail from them.
I do the same. One thing I've found that helps before you block _all_ mail from them is block any thing that comes from their email address where the subject starts with "fw". This will catch "Fwd: make money fast!", "Fw: some joke", "Fw: Re: Fwd: Re: Fw: funny!". Most microsoft MUAs and common webmail systems I've seen handle forwards this way (prepending Fw: or Fwd:). Usually if it's just a FoaF I never get legit forwards from them anyway, and if they want to actually type me an email the chance of the subject starting with Fw is small.
Sometimes I find they remove the freaking subject altogether before forwarding it on.. If that happens I just block everything from them. Works for me so far.
Today I didn't even have to use my AK; I got to say it was a good day -- Icecube
Not sure about you, but taking a dump with a laptop on your lap is weird. To each his own, sure, but it's not for me.
What does work wonderfully is a PDA. I just have books/articles pre-downloaded to the PDA, often before I leave the house in the morning, but you can just as easily get a wireless card for most PDAs sold today if you'd prefer.
Having a PDA with reading material is nice in a lot of ways, actually. Since I first got a PDA, a bunch of years ago, I've started reading a lot. That is, when my reading material is always waiting in my pocket and conveniently brought out and quickly put away, I will read for a single page in times that otherwise I'd just have to stand there trying to achieve zen blankness of mind. Hell, I even read when I'm taking a piss- a page here, a page there. It's a great way to get leisure reading done when you're so busy between working full-time and taking a full-time load of college credits that you can't afford to actually sit down for an hour and read a novel.
Also, there's more you can do on your PDA than just read on the toilet. I've written at least a few hundred lines of code as well, mostly in Squeak Smalltalk, but also in Lisp and NewtonScript.
Working toward a usable PDA environment in the spirit of Newton OS: Dynapad
It has nothing to do with commands being accepted from remote, and everything with characters typed at the remote end being echoed back. It's not a modem problem, it's a *software* problem.
As for embedding problematic code in messages, that's either a software problem or a brain-dead operator problem. Hayes SmartModems (and every other modem since, AFAIK) by default require 1 second of silence before the escape sequence (+++). And once the remote modem has dropped back to command mode, it takes a *local* (to it) command to make it do anything.
Do daemons dream of electric sleep()?
Actually, this still works quite often. The vast majority of users still use dialup. Many modems (especially the cheaper ones) will hang up if you can get the user to send +++ATH0 at all. This means that if you send +++ATH0 as the payload of an ICMP echo request, and they echo it back, you can force a hangup.
Most modems support initialization strings that allow you to disable this feature, or enable the delay to stop attacks like this, but it is often on by default.
The last modem I tried this on was a USR Sportster 56K, and it worked just fine. You can do it with nix's ping command, or with specially crafted ICMP packets from Windows (you can't pass a payload directly to Windows' ping).