Competitors did not cave in. Microsoft and Yahoo stripped out IP addresses and other data that would identify individuals. The government is interested in analysing the data as ia relates to unwanted porn coming up in searches. Google could have done the same but they are bent on playing the martry with our goverment and yet they are so willing to bend over for the evil Chinese government. But rest assured they will only sell your rights down the river when money is involved.
Not to mention when Microsoft and Yahoo complied they stripped out the IP addresses which is fine with the Government as they just want to analyse data where it pertains to unwanted porn coming up on searches.
Now on the other hand Google bends over for the Chinese government and filters content. Google is evil.
I ran the image through stegdetect and it came up with a "false possitive". This utility detects images encoded with jsteg, jphide, invisible secrets, outguess, F5(header analysis), AppendX, and Camouflage. Although, steghide is not listed, I have found that false possitives are shown with images that I know to have an embeded file.
I played around with steganography at one time and setup a script to create embed images via the web using Outguess
This was my first thought. It is a complete hoax. I would suspect that the download is in fact a trojan to turn PC's into spam sending zombies. Can someone please analyse this "screensaver".
I worked for this end of the horse racing industry for a number of years. We contracted with both Amtote and Autotote.
It was a matter of time before someone pulled something like this. There were times when people were forging the barcodes on winning tickets with just a pencil and eraser.
Often people throw away winning tickets by accident or never return to the track to cash it in. These uncashed tickets are called "outs". Outs are required to be turned over to the state after 180 days. The amount of time may vary from state to state.
At any one time racetracks around the world are holding hundreds of thousands of dollars in "outs". I often thought that it would be a perfect heist to reprint some of the bigger winning tickets and cash them in. It would have to be an inside job though as you would need the serial numbers of the winning tickets in the outs database. The tickets themselves are not hard to forge and even if poor, they could be cashed in at automated tote machines.
Not advocating anyone go and do this. Just some thoughts from someone that was on the inside of that industry.
On the other hand there was no such press and no one was ever arrested when ~$350,000 in cash walked out of the Los Alamitos money room one night. So the perfect crime is usually low tech.
I think this may have bigger ripple effects on how affiliate programs work.
Lets say I am the miscreant administrator for ABC ISP. I route all my customers http traffic through my evil proxy that intercepts Amazon.com traffic. I would strip out any legtimate associate ID and rewrite the URL with my own ID.
I would think that I can even fiddle with the Kazaa attempts to grab the commission and make it my own.
Am I wrong? If not I think we are going to start seeing more of this type of scam.
You are absolutely right. I was going to post the same thing. This is asteg'dimage, and this is the original. I don't remember what I used as a key but I used PGP to encrypt a text file then used Outguess to encode the encrypted PGP message into the image. I don't even remember what I used for the steg passphrase so if anyone wants to have a go at it feel free. I think the feds would want you to work for them if you could find the original message.
I have not seen a popup add in years. I was not vulnerable to the.eml bugs. I laugh at websites that are blank for people like me who have java script turned off. I have always thought that Java Script, captive X etc were the scourge of the internet.
Ever since we have had the option I have used the built in security functions of IE. Tools/Internet Options/Security
Turn off everything for your internet zone. Add all your sites that you visit regularly to "Trusted Sites" and enable all the bells and wistles you want.
If a site breaks because they have not done simple checks to see if you have java script enabled then screw them and move on to a site that is run by someone who has an element of style and thoroughness.
Here is a wish list I do have for IE though. One power tool I have allows you to toggle images on and off with a click . I would like such a power tool that would enable/disable java script with a click and another to add trusted zones on the fly. If anyone out there has the coding capability I think you may have something.
In California they did have such a law once. This law was overturned in a United States Supreme Court decision as it pertained to arbitrary enforcement of the law.
There was a black man who was a resident in upscale La Jolla California. Besides being highly educated with multiple MS's and I think a PHD, he had dread locks. He liked to walk his neighborhood and was stopped daily and was cited for failure to carry ID.
So that is the story of a lack of ID carry law in California.
Lets see, I cancelled my main email address to start new, I now pay the telephone company for a privacy manager. I have to make up email addresses on the fly to protect my main pop account. Do I now have to worry about my local pub sending me junk mail telling me they have a 2 for 1 special.
These marketing whores have somehow got business to buy into their "direct marketing" list concept. How many of you think this really works? How many people are they willing to annoy just to make one sale?
I have never purchased anything from a catalog, spam, or telemarketer. And I never will. Should'nt I be in a "Never buys anything list"? Seems there would be a value in such a list so companies could save money by only targeting the mindless impulse shoppers.
It will be a matter of time before the credit card purchase records at these bars will be tied with the drivers license data. Next you will have a guy calling you on the phone Sunday morning to offer you something for your hangover.
I thank the person for this thread. First off I am a user of DNSRBL's I was using MAPS for a long while until they went subscription. Spam is virtually none for myself and my customers so I thank those who run legitimate RBL's
A client of mine (also an RBL users) has been black listed by SPEWS for months now. This is a legitimate ISP with over 4000 dialups, few hundred DSL lines, and 100 or so collocated servers. They have been in business since 1993.
Someone built a case based on three different incidents over as many years to blacklist this ISP's entire netbock. Perhaps they should apply this same logic to UU.net.
When trying to appeal to them to be removed they were told to post to the mail abuse news groups as this is spews vehicle for removal. Well they did this and all they got was libelled by what sounded like a bunch of kids.
Here is the real bad thing about this. Spews blackholed a/18 when in fact this ISP only had a/19. I contacted a maintainer of one of the RBL's that utilizes SPEWS and gave him a heads up that not only is this listing in error but Spews has blocked an additional 32 class C's that belong to another ISP. I informed him of a possible liability for such a mistake. He did not want to hear it and pointed me back to the news groups.
Seems that he was nice enough to contact the guys at spews as the/18 changed to a/19 but my client remains blacklisted to this day.
In reallity it has not been a huge problem for them as I think even the hard core anti-spam advocates have distanced themselves from spews.
Your correct. It does not send back information to a centralized server. Apparently it has an automated silent update procedure like Onflow. I was incorrect in classifying it as spyware.
I would think one method would be Comcast's use of Tioga's support software. Cox Cable just recently sent out the "toolbox" converstion kits. Part of the install is the Tioga client that binds to port 641. Apparently this client tgcmd.exe sends out configuration information to Cox or Comcast so the support persons can look at your configuration and even fix it remotely.
I would suspect that the IP adddress is part of the information sent.
Other means discussed would be used against those who do not install their software, of which are generally more tech savy people who use NAT.
I tried to find the lawsuit but came up empty. If I remember correctly a flower shop in TX sued a spammer who used a bogus email address on their domain as a return address. The flood of bounced email and complaints brought down their mail server. I beleive they were awarded $50,000.
I think the perp was a minor kid who's parents had to flip the bill.
From what I understand the routing will not stop and your cable connection will still be up. Services that Excite@home provides for Cox Cable is Email,DNS, and web services etc. Cox owns the infrastructure.
I just don't see how they got caught off guard. I know that Cox is currently working to provide these services directly to their customers.
I could be wrong and if I stop routing at 12 PST you will not be here to say sorry.
I just got off the phone with an administrator at Cox. I had to weasel it out of him but my suspicions where correct.
The only thing that they are threatening to turn off is Email, DNS, and web services. Does not affect me as I don't use their DNS and provide my own services via my collocated server.
They just want enough customers to scream to force the cable companies such as Cox to pay Excite@home more money on contract renewals.
I am not worried.
Slashdot Mirror
Competitors did not cave in. Microsoft and Yahoo stripped out IP addresses and other data that would identify individuals. The government is interested in analysing the data as ia relates to unwanted porn coming up in searches. Google could have done the same but they are bent on playing the martry with our goverment and yet they are so willing to bend over for the evil Chinese government. But rest assured they will only sell your rights down the river when money is involved.
Not to mention when Microsoft and Yahoo complied they stripped out the IP addresses which is fine with the Government as they just want to analyse data where it pertains to unwanted porn coming up on searches.
Now on the other hand Google bends over for the Chinese government and filters content. Google is evil.
And I was going to pitch him for a donation to combat cat juggling.
UMMU - United Martian Miners Union
I ran the image through stegdetect and it came up with a "false possitive". This utility detects images encoded with jsteg, jphide, invisible secrets, outguess, F5(header analysis), AppendX, and Camouflage. Although, steghide is not listed, I have found that false possitives are shown with images that I know to have an embeded file.
I played around with steganography at one time and setup a script to create embed images via the web using Outguess
This was my first thought. It is a complete hoax. I would suspect that the download is in fact a trojan to turn PC's into spam sending zombies. Can someone please analyse this "screensaver".
Wishful thinking
Are you sure they are not going to hang a pink arrow over your head like in Grand Theft Auto: Vice City?
No registration needed for this link
A M. html?ex=1045704785&ei=1&en=2560fd607d65a46 1
http://www.nytimes.com/2003/02/09/magazine/09SP
I worked for this end of the horse racing industry for a number of years. We contracted with both Amtote and Autotote.
It was a matter of time before someone pulled something like this. There were times when people were forging the barcodes on winning tickets with just a pencil and eraser.
Often people throw away winning tickets by accident or never return to the track to cash it in. These uncashed tickets are called "outs". Outs are required to be turned over to the state after 180 days. The amount of time may vary from state to state.
At any one time racetracks around the world are holding hundreds of thousands of dollars in "outs". I often thought that it would be a perfect heist to reprint some of the bigger winning tickets and cash them in. It would have to be an inside job though as you would need the serial numbers of the winning tickets in the outs database. The tickets themselves are not hard to forge and even if poor, they could be cashed in at automated tote machines.
Not advocating anyone go and do this. Just some thoughts from someone that was on the inside of that industry.
On the other hand there was no such press and no one was ever arrested when ~$350,000 in cash walked out of the Los Alamitos money room one night. So the perfect crime is usually low tech.
I think this may have bigger ripple effects on how affiliate programs work.
Lets say I am the miscreant administrator for ABC ISP. I route all my customers http traffic through my evil proxy that intercepts Amazon.com traffic. I would strip out any legtimate associate ID and rewrite the URL with my own ID.
I would think that I can even fiddle with the Kazaa attempts to grab the commission and make it my own.
Am I wrong? If not I think we are going to start seeing more of this type of scam.
Javascript is a scourge, turn it off. Enough said.
You are absolutely right. I was going to post the same thing. This is asteg'dimage, and this is the original. I don't remember what I used as a key but I used PGP to encrypt a text file then used Outguess to encode the encrypted PGP message into the image. I don't even remember what I used for the steg passphrase so if anyone wants to have a go at it feel free. I think the feds would want you to work for them if you could find the original message.
I was thinking the same thing, but then again I remember when all tools were cordless.
Perhaps a new project for http://freenetworks.org
A minor child cannot be bound by a contract. Have your children install your software and now the EULA is not enforceable as the contract is void.
They should scrap this excuse to employ lawyers as they really do not have the reach they are grasping at.
I have not seen a popup add in years. I was not vulnerable to the .eml bugs. I laugh at websites that are blank for people like me who have java script turned off. I have always thought that Java Script, captive X etc were the scourge of the internet.
Ever since we have had the option I have used the built in security functions of IE. Tools/Internet Options/Security
Turn off everything for your internet zone. Add all your sites that you visit regularly to "Trusted Sites" and enable all the bells and wistles you want.
If a site breaks because they have not done simple checks to see if you have java script enabled then screw them and move on to a site that is run by someone who has an element of style and thoroughness.
Here is a wish list I do have for IE though. One power tool I have allows you to toggle images on and off with a click . I would like such a power tool that would enable/disable java script with a click and another to add trusted zones on the fly. If anyone out there has the coding capability I think you may have something.
In California they did have such a law once. This law was overturned in a United States Supreme Court decision as it pertained to arbitrary enforcement of the law. There was a black man who was a resident in upscale La Jolla California. Besides being highly educated with multiple MS's and I think a PHD, he had dread locks. He liked to walk his neighborhood and was stopped daily and was cited for failure to carry ID. So that is the story of a lack of ID carry law in California.
Lets see, I cancelled my main email address to start new, I now pay the telephone company for a privacy manager. I have to make up email addresses on the fly to protect my main pop account. Do I now have to worry about my local pub sending me junk mail telling me they have a 2 for 1 special. These marketing whores have somehow got business to buy into their "direct marketing" list concept. How many of you think this really works? How many people are they willing to annoy just to make one sale? I have never purchased anything from a catalog, spam, or telemarketer. And I never will. Should'nt I be in a "Never buys anything list"? Seems there would be a value in such a list so companies could save money by only targeting the mindless impulse shoppers. It will be a matter of time before the credit card purchase records at these bars will be tied with the drivers license data. Next you will have a guy calling you on the phone Sunday morning to offer you something for your hangover.
I thank the person for this thread. First off I am a user of DNSRBL's I was using MAPS for a long while until they went subscription. Spam is virtually none for myself and my customers so I thank those who run legitimate RBL's
/18 when in fact this ISP only had a /19. I contacted a maintainer of one of the RBL's that utilizes SPEWS and gave him a heads up that not only is this listing in error but Spews has blocked an additional 32 class C's that belong to another ISP. I informed him of a possible liability for such a mistake. He did not want to hear it and pointed me back to the news groups.
/18 changed to a /19 but my client remains blacklisted to this day.
A client of mine (also an RBL users) has been black listed by SPEWS for months now. This is a legitimate ISP with over 4000 dialups, few hundred DSL lines, and 100 or so collocated servers. They have been in business since 1993.
Someone built a case based on three different incidents over as many years to blacklist this ISP's entire netbock. Perhaps they should apply this same logic to UU.net.
When trying to appeal to them to be removed they were told to post to the mail abuse news groups as this is spews vehicle for removal. Well they did this and all they got was libelled by what sounded like a bunch of kids.
Here is the real bad thing about this. Spews blackholed a
Seems that he was nice enough to contact the guys at spews as the
In reallity it has not been a huge problem for them as I think even the hard core anti-spam advocates have distanced themselves from spews.
Your correct. It does not send back information to a centralized server. Apparently it has an automated silent update procedure like Onflow. I was incorrect in classifying it as spyware.
Morpheus is not spyware free. It installs B2d projector from briliantdigital.com. If you are running it check out c:\bde
I would think one method would be Comcast's use of Tioga's support software. Cox Cable just recently sent out the "toolbox" converstion kits. Part of the install is the Tioga client that binds to port 641. Apparently this client tgcmd.exe sends out configuration information to Cox or Comcast so the support persons can look at your configuration and even fix it remotely.
I would suspect that the IP adddress is part of the information sent.
Other means discussed would be used against those who do not install their software, of which are generally more tech savy people who use NAT.
I tried to find the lawsuit but came up empty. If I remember correctly a flower shop in TX sued a spammer who used a bogus email address on their domain as a return address. The flood of bounced email and complaints brought down their mail server. I beleive they were awarded $50,000. I think the perp was a minor kid who's parents had to flip the bill.
From what I understand the routing will not stop and your cable connection will still be up. Services that Excite@home provides for Cox Cable is Email,DNS, and web services etc. Cox owns the infrastructure. I just don't see how they got caught off guard. I know that Cox is currently working to provide these services directly to their customers. I could be wrong and if I stop routing at 12 PST you will not be here to say sorry.
I just got off the phone with an administrator at Cox. I had to weasel it out of him but my suspicions where correct. The only thing that they are threatening to turn off is Email, DNS, and web services. Does not affect me as I don't use their DNS and provide my own services via my collocated server. They just want enough customers to scream to force the cable companies such as Cox to pay Excite@home more money on contract renewals. I am not worried.