Pain, Thy Name Is Spam

I’m still getting flooded with those stupid Swen virus e-mails, as is half the planet apparently, but now I have a new spam menace to contend with as well.

In an effort to bypass filters and pose as legitimate e-mail, spammers are sending out e-mails with legitimate From: addresses. If you were to connect to the MX record’s mail server for that person and verify the address you would find that it does in fact exist. Unfortunately, it’s not the person who actually sent the spam… The spammers have huge lists of e-mail addresses they can send to, and they can pose as people on that list as well.

My e-mail address appears to have gotten on one of these lists, so now some people are receiving spam messages that appear as though they are being sent by me. Not only that but it’s the address of my private mailbox, which I had set up separate from a public one specifically to avoid spam. It got leaked somewhere along the way, though it’s hard to tell where.

Not only do I get the blame for these spam messages, but the errors regarding full mailboxes (fairly common with this Swen virus filling peoples’ mailboxes), nonexistent users and domains, etc. all get bounced back to me. Now I’m constantly cleaning viruses out of my public mailbox and error messages out of my private one. I really need to set up those filters…

This ought to be illegal, if it isn’t already. At the very least it’s identity theft for them to send e-mail using my address.

Patch This

My e-mail had actually been relatively spam-free up to this point, but now over the last couple days I’ve been flooded with fake messages in one of two forms:

1) The Microsoft Security Patch

An obvious hoax if you look at the right spots (somehow I don’t think MS’s e-mail address is bqgkxiqisa@support.net), but unfortunately some people will believe it and get suckered into running it and infecting their systems.

2) The undeliverable message notice

These messages try to give you the impression that you sent a piece of e-mail with an attachment to someone and it bounced, hoping you’ll be confused enough that you’ll open it up to remind yourself what it was when, of course, it’s really just a virus in the attachment. The same one as the trojan above, in fact. There’s also a variation on this one where you get a legitimate bounce message from a mailer because it had anti-virus protection, except that you weren’t the person who sent it in the first place because the virus spoofed your address from someone else’s address book, and the anti-virus software has now oh-so-helpfully sent you a copy of the virus as well. :-P

Although they’re easy enough to spot and delete, they’re still getting annoying. I’m receiving about 30-40 a day now and at 110k or more each, they’re wasting a lot of space and risk filling my mailbox and preventing other e-mail from getting through. My private mailbox is fortunately untouched so far, but I do still need to check for the occasional potentially important stuff in the public mailbox, too.

I’m not sure what brought this flood on so suddenly, but now I really need to set up those filters…

(Update: Apparently this is the newly-released W32.Swen.A virus.)

Musical Madness

One of the stranger parts of civil law is the notion that a corporation is considered a ‘virtual person’ with all the rights and freedoms thereof. The analogy goes even further though; apparently companies and organizations and such can become sick and even mentally ill. Otherwise how can you explain the recent actions of the RIAA, such as:

I do sympathize with the artists and they don’t deserve to get ripped off (though with the way things are currently set up they don’t make an awful lot off of album sales anyway), but this is getting a little heavy-handed…

Geekier Than Thou

Speaking of geekiness…

I figured it was about time for my semi-annual haircut. I usually dread these since I really have no idea how to describe what I want done, if I’m even thinking of any particular style to begin with. I’d just mumble something about short/long and hope the end result isn’t too bad.

This time however, I came armed. I went through all the old photos of myself, found one with short hair, and….loaded it onto my PocketPC and popped it up in a picture viewer. A picture is supposed to be worth a thousand words, after all.

I don’t know if the end result was really any better for it, but it was worth the peace of mind at least.

Invaders From The Planet Krispy

As I was leaving the Bow Valley Square building after finishing lunch, I saw something a bit on the strange side. A lot of people were walking around holding flat boxes. The exact same kind of box. *Everywhere* I looked — at least half of the people around must have been carrying them. Otherwise they looked just like the regular lunchtime crowd going around their business.

On the boxes was a logo I’d only seen or heard about from news sites and friends in the States before: the logo of Krispy Kreme. Strange, I thought, I don’t think we even have one of their shops here.

It must have been a promotion nearby of some kind, but I couldn’t tell exactly where they were all coming from. All too aware that their allegedly tasty temptations were a threat to my current diet, I fled the area and returned to the safety of my own doughnut-less office.

And then as I was typing this, my team manager leaned in my office door with a familiar-looking box and said “Hey, want one of these?”…

Password Hell

You wouldn’t think that changing your password would be a big deal. Enter your old password, enter the new password twice, that’s it. Except if you’re on a Windows domain…

The domain policy is set up to force us to change passwords every 90 days, as a standard security precaution. It never fails though — within hours of changing the password, the Weird Things start happening. Some shares remain accessible, some start giving me vague authentication errors, some claim they don’t exist anymore…

After a quick trip to the admin’s office, it’s discovered that my account is locked out because of too many failed password attempts. Of course there was no explicit warning of this at my own workstation as I had continued to be able to lock and unlock the console without trouble… I had however left myself logged in on my other development system under the previous password, and it was what was causing the failed password attempts.

Fine, I log out and back in on that system, unlock my account, and everything’s back to normal. Until a few hours later when the Weird Things start up again…

After roaming from office to office checking all of our test systems, I finally find one of our rarely-used systems that I had logged into two months ago to test something and forgotten to log out of. After logging out of that one and unlocking the account yet again, things are *finally* normal for good. Or at least until the next password change.

You’d think there would be a better way of handling this…

E-mail Hell

I’ve got to get my e-mail filtering system back in place.

I’m not being overwhelmed by spam as much as a lot of other people — I only get maybe a dozen pieces of spam a day. It’s still the majority of mail that I recieve though, and they’re getting sneaky enough to use subject lines that make you hesitate and think it just might be relevant, especially when you run a web site. You get a piece of e-mail with the subject “I think this link is broken” only to find out it’s for GENERIC VIAGRA CHEAP! when you open it…

Unfortunately spam is getting trickier to filter out no thanks to things like the use of HTML in e-mail. HTML was never meant for e-mails, but some wiseguys got the idea of making it show up in mail readers if it happened to be present, which encouraged people to use it, which made e-mail client explicitly allow composing in it… Unfortunately, HTML allows things like:

1) Obscuring the real text of the message

I wish you could filter our just on specific words like “Viagra”, but that doesn’t work anymore due to embedded HTML comments. Although on your screen it might show up as all one word, within the raw text it actually looks something like

Vi<!--fdsatfrqrf-->a<!--gehjwghk-->gr<!--iouwhjlkh-->a

They specifically try to block matching against words by inserting random HTML comments all over the place.

2) Tracking your usage

Some e-mails are now including ‘invisible’ images which link back to a website run by whoever sent the spam. As soon as you open it, if your mail client automatically loads HTML data, it contacts the web site and presto, the company now knows that you actually opened the e-mail. E-mail addresses that are verified to be valid are considered more valuable than unverified addresses. Expect to get a lot more spam sent your way…

Time to start tuning those filters a bit more…

Scanning For Intruders…

In my insatiable quest for toys, I finally picked up a flatbed scanner. I had been holding out trying to find a 2400 dpi model around here, but after playing around with it a bit, I doubt I’ll even use the full 1600 dpi of this model all that often (those files get huge!).

There is actually a practical reason for it. As part of the process of cleaning up around here, there are a bunch of things that I’d like to keep around, but just don’t have the space for: pictures, segments from magazines, comic strips, etc. So instead I’m going to scan them in and then I can ditch the originals. Second on the list is the comics found in the back of The Gateway student newspaper I picked up when I was a student at the UofA (besides the ones that already have their own scans online, like Space Moose or Bob The Angry Flower).

First though, was a promise I’d made to my mother to try and reproduce a picture from a photographic proof (the tiny little sample pictures you get to choose from for the final picture) of her parents. She’d tried taking it to photographers and getting them to reprint it, but they wouldn’t do it — apparently they don’t work off of other peoples’ proofs on general principle since it may be someone trying to scam the photographer into getting them the free sample proofs and then taking it to another, cheaper photographer for the final work.

Unfortunately in this case we don’t know who the original photographer was, whether he’s even still in business, or whether he’d even still have the negatives after all this time, and we can’t exactly take her parents down and have another picture taken when one of them is dead… So, we’ve had to take matters into our own hands and thus I’m trying to scan and reprint the photo based off this tiny little proof picture. This is the best I have so far:

(Shrunken down for web viewing, of course. The original file is 3403 pixels by 4797!)

Papers, Please

Security is a necessary evil, of course. The keycard on the outer doors of the building? Well, there is a lot of riffraff around this part of downtown. The keycard on the elevators? Can’t have people wandering the floors after hours. The keycard on the floor doors? Gotta be able to tell the employees from non-employees.

But now they’re putting key locks on *every individual office door*. It’s not entirely new; a number of people in the company have had locks on their doors for a long time now due to expensive, portable equipment they have (we’ve had laptops stolen before, likely by delivery people who pop in and see nobody around), but now everyone gets one.

It’s not because we don’t trust each other. All of the locks will actually all work off the same key, so all of us can get into each others’ offices if necessary. What it’s actually for is to protect us from our subtenants.

A while back I had to move my office since we’re subleasing some of our space to another company to save on costs. No problem — until we discovered that we can’t build walls between us and them. The section they took is positioned such that the corridors leading between us *have* to remain open in order to comply with fire codes. We’ve put doors up instead, but again to satisfy the fire codes they have to remain unlocked.

So, next month, we’re going to have completely unknown people with access to our floor space as well, and the paranoia’s been gradually greeping upwards, culminating in the installation of all these door locks.

One more lock isn’t really a big deal, but it’s annoying to have yet another daily ritual I have to incoporate…

Do Crazy People Know They’re Crazy?

While I was out walking tonight, I caught myself doing something I’d worried about before. I was mulling some idea around in my head, and while I was thinking about it, I realized that I was thinking as though I was explaining the idea to some imaginary audience in my head.

“Is this normal?”, I started wondering. Am I subconsciously trying to counter loneliness by making up conversations with myself? Is this the first step towards hearing voices in my head?

Well of course not, one side of my head says. The fact that I can identify that behaviour, separate it, and talk about it rationally implies that it’s not some ingrained ‘craziness’. Maybe it’s just a deliberate eccentricity as a form of mental analysis.

Then the other side of my head reminded me that I was carrying out all this rationalization as if I were discussing it with some imaginary audience in my head…

Luck of the Non-Irish

When I think back, it’s interesting to note just how much luck has played a part of my life. Things could have been quite different…

I grew up in tiny mining towns, where there wasn’t really much to do but play outside and in the woods. By chance I happened upon a discarded smashed TV set and was curious about just what all these bits inside were. Luckily enough there was an electronics magazine available at the store, and although at 8 years old I didn’t understand 99% of it, there was still an aura of ‘coolness’ to it. It was through this magazine that I learned about these newfangled ‘computer’ thingies…

It wouldn’t have mattered much if we’d remained trapped in these little mining towns; there wouldn’t have been much of a choice in future careers besides continuing on in the same types of construction and mining jobs. As luck would have it though, the mines were running dry and jobs were harder to come by at that time, so once the town shut down we were forced to look elsewhere. We wound up staying with relatives all the way over in the big city, Edmonton, with all its greater opportunities.

In high school I barely knew anyone, and was kind of adrift socially. I thought a club might be interesting, but wasn’t sure which one was really appropriate. I took a chance on the Games Club, since I liked games of various kinds, and if I hadn’t, I wouldn’t have met most of the people I now know best.

As high school was wrapping up, it was clear what I wanted to do: head to University and get a computer-related degree. It wasn’t clear just how I was going to do so, though. I had absolutely no money and the family wasn’t exactly loaded with cash either, so a student loan looked like the only option, and even that was questionable. One day though, my chemistry teacher mentioned a scholarship that she thought some of us might be interested in. I’d never heard of it before, but I applied and, miraculously enough, won one. The scholarship alone almost entirely covered tuition fees for all four years. I was able to get the degree without having to get a loan, and entered the workforce completely debt-free.

Any minor change in any of these events, just one small decision made differently, and my life could have turned out completely different. Thankfully I’m not stuck back in the mines of B.C. hauling rocks around all day…

Where Does He Get Those Wonderful Toys?

From Microsoft of all places, actually…

MS is apparently trying to encourage us developers to work on PocketPC programs, so as part of a new promotion they sent free Viewsonic V37 PocketPCs out to those of us who filled out all the paperwork and such early enough. (No, I can’t get you one. MSDN members only and they’re probably all long gone now.)

Not my first choice of PDA due to the general crumminess of Windows CE, but it’ll suffice for the few things I’d want it to do. It’s not like I’m looking for a high-reliability server here. And hey, it was free, so I can’t complain too much.

Zzzzzz….

Damn I must be getting old. My alarm almost never goes off by itself anymore — I’m usually lying there awake already. Although it’s nowhere near Paul’s insomnia, my body just doesn’t want to rest as much as it did before. Heck, I used to have to worry about sleeping past noon on weekends; now I can’t even force myself to sleep in any later than 9am.

I’d better hurry up and get that house so I can start complaining about kids on my lawn…