Problems with Microsoft’s Hopelessly Inept Spam Filtering - UPDATED 2021-11-01

UPDATE 2021-11-01:

After chasing Microsoft for over a week, and getting nearly half a dozen boilerplate assurances that the issue was being "looked into" by their "Escalations Team," they still have not fixed the issue, or even so much as provided any reason (valid or otherwise) for having listed our server in the first place. As a result of Microsoft's ongoing failure to address the issue & evident lack of concern for the problems they've created, we have had to implement a workaround, involving using a third-party mail relaying service for outgoing mail for customers who need to correspond with Hotmail addresses. If your EMail is hosted with us and you are currently experiencing this issue, please contact us and we can enable that workaround for your account.

On a related note, due to both Microsof's consistent inability to provide reliable EMail delivery - and the massive volumes of spam that we receive from Microsoft's servers - we will no longer be accepting any customer contact EMail address hosted through Microsoft's free EMail service (which includes Hotmail.com, Live.com & .ca, Outlook.com, and likely others). Over the next few months, we will be reaching out to any existing customers who have provided a Hotmail contact address, so that they may provide an alternate address.
 

ORIGINAL POST:

Last week we started receiving reports from customers that Microsoft is rejecting all EMail from our servers. We are aware of the issue and, while we regularly monitor spam blacklist/IP reputation services to prevent issues like this, unfortunately Microsoft's spam filtering lacks any sort of transparency - meaning we have no way of knowing when they blacklisted our server, or why they did so, or what (if anything) needs to be done to fix the issue. That said, we do actively monitor for issues with our server's "IP reputation" via general-purposes services like MXToolbox that allow monitoring multiple spam blacklists - as well as being registered for Microsoft's "SNDS" and other equivalent services - none of which indicate any issue with our server itself.

We have repeatedly requested that Microsoft provide an explanation for why they've blacklisted our server, but (in both this and previous instances) they have repeatedly failed to do so, or even so much as acknowledge the request. Therefore, all information we currently have indicates that the issue does not lie with our server itself - and that Microsoft is both rejecting legitimate EMail from our server, and has no valid reason for doing so in the first place. We've informed them that, as a result of this problem, they are preventing their own customers from receiving legitimate EMails from (among others) a Meals on Wheels office, a support/advocacy organization for locating missing & abducted children, and two separate charities devoted to providing services for disabled children & their families - but, unfortunately, that does not appear to be of any concern to them.

When first notified of the issue, we submitted a "delisting" request to Microsoft; after being subjected to their usual run-around (where they appear to reject all delisting requests out-of-hand, and only actually investigate/act on them if you hound them about it), we were told that Microsoft had "implemented mitigation" for our IP (AKA removed our server from their blacklist) and the issue would be resolved within 24-48 hours... and that was on October 20th.

Yet five days (and counting) later, they clearly haven't done so - given that they are still rejecting all mail from our server.

So, to re-cap: Microsoft failed to notify us of whatever issue resulted in them blacklisting our server, they've failed to provide any details of their reason for doing so (assuming they even had one in the first place), then they claimed that they had/would fix the issue, but have failed to do that as well. We will continue chasing them to, hopefully, get the issue resolved and will update this post when (if?) anything changes; but at this point, if outgoing mail that you're trying to send is being rejected by Microsoft's servers, the best thing we can suggest is to contact the recipient via other means, and recommend that they consider switching to an EMail provider that prioritizes reliable delivery of legitimate EMail, because Microsoft clearly does not.

If you're curious about the process involved to try to get this issue resolved, here's a brief run-down:

Here's a short tutorial on the steps to take if you discover that your server's IP address has been blacklisted by Microsoft:

1. Follow the standard best-practices, like registering your server for various feedback-loops/abuse-reporting services, monitor for issues using services like MX Toolbox, and quickly resolve any issues that occur, make sure you have proper SPF records and rDNS in place, and... it won't matter. Not only will that seemingly do nothing to prevent Microsoft from blacklisting your server, but they also don't provide any way of monitoring their blacklist so that you can be aware they've listed a given IP, and chances are that you won't find out about the issue until EMails to Microsoft-hosted Mails start bouncing back.
    
2. Start attempting to fix the problem by clicking the link in the error message... except that's not of any use, because amazingly they fail to include any link to the actual delisting request form, and the link just goes to a generic and largely useless explanation of SMTP error codes. So instead, you'll need to Google the process, which will eventually take you to this link: https://support.microsoft.com/en-us/supportrequestform/8ad563e3-288e-2a61-8122-3ba03d6b8d75.
    
3. Fill out and submit the form, and then wait. And wait. And then wait some more - expect it to take at least 24 hours to for Microsoft to respond to the request (longer if you submitted it anywhere near a weekend). Since you presumably run your own mail server, while waiting for a response you'll have plenty of time for things like, oh, say, re-reporting spam that you received from Microsoft's servers and that they likely turned a blind eye to (a practice which would almost certainly result in them blacklisting their own servers if their polices were applied consistently, but I digress).
    
4. When you finally do receive a response from Microsoft, it will almost certainly just be a generic canned response saying that they have "completed reviewing the IP(s) you submitted" and as a result of their "investigation," determined that the IP is "Not qualified for mitigation." No explanation of why, or why it was even blacklisted in the first place, just some more generic information on their EMail policies, and a note saying to reply... with information that would have already been provided with the delisting request to have them investigate further.
    
5. After some more waiting... and waiting... and even more waiting, followed by some waiting, you'll finally get another response - almost certainly the exact same response you received earlier, still with no actual details, and most likely not addressing (or even acknowledging) even the simplest questions. At that point, you might as well just re-send the exact same response you sent previously, because it's not as if it's likely to make any difference - we've literally sent them follow-ups containing nothing but gibberish placeholder text, and STILL received the exact same response.
    
6. Finally, after the 3rd or 4th time going through that same run-around - and probably the better part of a week later - Microsoft will change their minds and decree, seemingly at random/for no apparent rhyme or reason, that your server's IP does now "qualify for mitigation" (of course with no explanation of why they changed their minds). Oh, and be prepared for one last bit of waiting, because apparently they can't even remove IPs from their blacklist in under 24-48 hours.
    
7. Send test messages to verify when/if they actually fix the issue, because Microsoft won't provide any notification - and that's if they even do fix the issue. From our recent experiences (see above), it's by no means certain that they will actually will do anything about - even after they've given specific assurance that they will.
    

Comments

Aliant/CloudMark EMail issue - RESOLVED - UPDATED 2020-10-29

UPDATE 2020-11-17

Both Aliant and CloudMark have continued to ignore our repeated requests to provide any valid reason for why they blocked all mail from our server for almost a week - and what little response we have received from either organizations has been hopelessly vague, to the point where their responses seem to be deliberately evasive. We did send witten to both that they provide assurances that, unless there was an actual valid reason, they would refrain from blocking legitimate EMail from AT LEAST the organizations we host which provide critical services, - including 3 ChildFind offices, a children's aid society, and a local Meals on Wheels branch - and their response? From CloudMark, nothing but radio silence since we sent them the request over 3 weeks ago - while Aliant refused to provide any assurance, while seemingly trying to pass the buck to CloudMark by claiming that it's totally out of their hands (which seems highly unlikely, unless they also outsource the management of their mailservers themselves to CloudMark).

In their response, Aliant effectively confirnmed the followg: Aliant allows a for-profit US-based company full control over what EMail they do or don't deliver to their customers, including allowing them control over whether Aliant customers can receive EMail from organizations that are local to them; Aliant has no ability whatsoever to override CloudMark's blacklist with its own whitelist - or (much more likely) is unwilling to do so; Aliant is abundantly aware that using CloudMark has, at least in this incident, has had the direct result of preventing Aliant's own customers from receiving a substantial amount of legitimate EMail, that CloudMark has failed to provide any valid explanation for doing so (despite repeated requests going back over a month now), and that CloudMark was glacially slow to correct that issue, taking more than 4 entire days & 3 separate delisting requests from us (plus however many requests Aliant sent to them) - and yet, despite being fully aware of those issues, Aliant intends to continue using Cloudmark's/Proofpoint's service, AND does not intend to take any steps to prevent the issue from reoccurring in future.

If you have concerns regarding this matter, or are encountering similiar issues, Aliant can be contacted at AliantInternetSecurity@bellaliant.ca - while CloudMark can be contacted via support_csi@cloudmark.com.

UPDATE 2020-10-29:

We finally heard back from Aliant, apparently the issue was because our server's IP address had been listed as a source of spam by CloudMark, a spam filtering service which Aliant makes use of. We had already been aware of that issue, and had sent repeated requests to CloudMark to remove our server's IP from their blacklist - or at LEAST provide a proper explanation for why it was blacklisted, so that we could resolve the issue if there actually was one. Unfortunately, despite having made those requests on Thursday, October 22nd, CloudMark failed to address the issue until early on the morning of Monday, October 26th - four days later, which was also the first time we received ANY response from CloudMark whatsoever (and before then, we had only received a single response from Aliant, that Friday, stating that they were looking into the issue, with no follow-up until Monday).

We have asked CloudMark to provide a explanation for why they blacklisted our server, three separate times now, but unfortunately they have repeatedly failed to provide any valid reason for doing so. They first claimed it was because of a report they received of spam EMail sent from our servers - yet the only example they provided was a single EMail from over a month ago,... that was not actually spam, and they then failed to provide any further examples despite our repeated requests. So at this point, all of the information we have access to indicates that they blacklisted our server by mistake, likely due to an EMail message that someone accidentally reported as spam, then acted on it without making any attempt to verify if the reported message was actually spam - and both CloudMark and Aliant exacerbated the issue, by taking 4 days to address or even respond to the issue in any useful way (which Aliant has confirmed is because they only provide Monday-Friday support for their EMail services). We will continue our efforts to get a valid explanation from CloudMark as to why they caused this issue - if we ever receive a response from them, we will post updates here.

ORIGINAL POST:

We're aware that EMails from our server to any Bell/Aliant-hosted EMail is currently being rejected - which also includes EMails to any old Sympatico or NBNet addresses. While the error messages from Aliant's servers don't provide specific details, it appears that they are explicitly/deliberately blocking all mail from our servers, for some unknown reason. Typically, if one network blocks mail from another, it's because they've received spam from yet - that doesn't appear to be the case here. In addition to our normal monitoring of our IP address' "reputation," we have double-checked that the server is not listed in any legitimate anti-spam blacklist (verified via MXToolbox); nor has Aliant sent us any reports of spam received from our servers, nor are we currently experiencing the same issue with any other EMail provider.

Over the last 48 hours, we have repeatedly contacted Aliant to attempt to get the issue resolved - and so far, they have yet to provide any valid reason for blocking mail from our servers. In one of the few responses we did receive, we were told that they issue would be looked into... which was over 24 hours ago, and in that time there has been no further responses, or any sign of anything being done to address the issue.

Unfortunately, as the problem appears to entirely on Aliant's end, we have no way to resolve the issue except to wait for them to fix it - and with the lack of response from them, we have no way of knowing how long that will take. So if you are currently experiencing that issue, the best thing we can recommend is to contact Aliant about it directly - via EMail at abuse@bellaliant.net or AliantInternetSecurity@bellaliant.ca, via telephone at 1-888-214-7896, or on Twitter @Bell_Aliant.

Comments

SSL & Google Chrome “Not Secure” Warnings

Google announced some time ago that their Chrome web browser would begin showing a \"Not Secure\" notice in the address bar, when viewing any site that doesn't use an encrypted, HTTPS/SSL connection. This change took affect in July 2018 - if your site is not setup to use HTTPS/SSL, then anyone visiting your site in Google Chrome will currently see the \"Not Secure\" warning at the top of their browser.

Any site/account hosted on our Linux-based servers already has a free SSL certificate installed automatically (via a feature called AutoSSL) - however, without configuration changes to your hosting account and/or website istelf, visitors can still access your site through unencrypted HTTP connections (which will display the \"Not Secure\" warning). The simplest way to correct that is to modify your hosting account to automatically redirect all traffic from http:// addresses to https:// addresses - but unfortunately we are unable to do that automatically/en masse for all hosting accounts, because many websites may need further changes in order to work properly over HTTPS.

To check if your website is accessible via HTTPS, simply type the site's address into your browser - and add "https://" in front of it - so if your site's address is domain.com, you would enter https://domain.com. If you don't see any errors (E.g. broken images or error messages referring to "mixed content" or "insecure content," then the option to force HTTPS can be safely enabled for your hosting account. Otherwise, if you do see mixed/insecure content warnings, then the developer(s) of your site would likely need to make changes to address that. If you would like us to enable forced redirect to HTTPS for your site - or if you need help fixing issues that are preventing your site from working via HTTPS - please contact us.

Comments

GMail Filters Flagging Legitimate EMails as “Dangerous”

For more than six months now, since Novembe 2019, GMail has repeatedly been blocking legitimate EMails from us, and consistently ignoring all of our requests that they fix the issue. We first became aware of the issue when several of our customers informed us that they hadn't received EMails they were expecting from us, with invoices for the services we provide to them. After some further checking, it turned out that the messages had ended up in the "Spam" folder of the recipient's GMail accounts, and GMail had flagged them as "Dangerous." Normally, marking the messages as "Safe" and/or adding the sender's address to the contact list will solve the issue - though in this case, the EMails from us were still filtered into the spam folder even after following those steps.

Since the usual solutions didn't work, we ended up doing some testing to try to determine why the messages were being filtered - which was more made difficult to GMail's lack of transparency over how their filters work. Granted, and in context, most mail providers don't publicly provide full details how their spam filters are configured (we certainly don't), because that information would make it easier for spammers to get around those filters; but with most hosts & spam filtering solutions, the recipient of the message can at least view the raw headers of the message to see details of how it was classified by the spam filters. Unfortunately, though, GMail lacks even that degree of transparency - so the only way to test was via brute-force trial-and-error: namely, editing the attachment that GMail considered "dangerous" to remove one line at time, the resend, ad infnitum, until we identified the specific text that was triggering the filter.

Surprisingly, it turned out that the messages were being filtered for the sole reason that they contained a PDF attachment, which in turn contained text content with a ".com" domain name. As should be obvious, this practically guarantees an absurdly high rate of "false positives" - AKA, legitimates messages erroneously filtered as spam or malicious. For ourselves, as a provider of hosting & domain registration service - and given that ".com" is the most commonly-used type of domain name in the world, that means most of the invoices we send to customers who use GMail will be blocked by their filters. Or it would, except that on top of that, our formally registered company name also includes our (.com) domain name - so EVERY invoice we send contains a .com domain name, because they contain our company's name.

Some additional details that we discovered during the testing:

• It appears that they've manually "whitelisted" their own domains, as the filter conveniently ignores PDF attachments containg "gmail.com" and "google.com".
• Doesn't matter if the domain name is actually registered or not, a message with an attachment containing "someinvaliddomainthatisntevenregistered.com" was flagged as "Dangerous"
• Doesn't matter if the domain name isn't even valid & would be impossible to register - a message with an attachment containing "someinvaliddomainthatisntevenr&egistered.com" was flagged as "Dangerous"

Not only does the filter have an inexcusably high rate of error/false positives, it's ALSO appears to have an etremely high rate of false negatives (spam/malicious EMails that the filter deems safe) - meaning that not only does it block significant amounts of legitimate messages, but it won't even effectively work with the majority of spam/malicious messages that it's targeted at. The reason being that it's absurdly easy to get EMails with malicious links past that filter, simply by using any type of domain name other than .com or .net - which spammers have already been doing for years now, as many of the other types of domains are cheaper & have much less oversight from the registries that control them. Or there's another well-established trick that spammers have been using years: obfuscate the actual destination of the link by hiding it behind a URL shortener such as bit.ly... or Google's own "goo.gl" service (and yes, the filter does also ignore messages containing goo.gl URLs, even if they redirect to known malicious URLs). It's a textbook example of IT "security theatre" at its worst: it causes significant problems for legitimate uses, while not even being particularly effective at addressing the actual problem it's designed to deal with.

We have repeatedly attempted to contact GMail & request that they fix that issue (most recently via Twitter) - but unfortunately, they've ignored all those requests & haven't even bothered to respond; and have evidently failed to do anything about the problem, given that it's still occurring at the time of this writing. So, unfortunately, we now have to recommend that all customers of ours avoid using GMail for any important communication. And that's probably a good idea for all users of GMail, not just our customers - given that GMail clearly can no longer be trusted to reliably deliver legitimate EMails, and given their apparent lack of concern for that issue.

Comments

Google Knowingly Distributing Malware AGAIN - 7 days (and counting)

In the past, we've written about a previous incident where we noticed malicious files that were being hosted on Google drive, and distributed via links in spam EMails (unsurprisingly sent via GMail). And now it looks like Google is at it yet again, distributing malware via this URL:

https://drive.google.com/uc?id=1bVOrRozJg9wPoALxHn2nou_XjZGUit50&export=download

And this time, the scammers seem to have found an even easier-to-exploit flaw in Google's malware scanner. In the previous incident, they resorted to using less-common compression formats, which Google's malware scanner is presumably incapable of reading - this time, however, the scammers simply used a password-protected zip file. And that seems to be all it takes to sneak malware onto Google's servers, which they will then happily & unwittingly distribute.

We've notified Google that they're hosting & distributing malware over a week ago, when the message was first received - and even did so via multiple means, including sending spam complaints against the "spamvertised" Google drive link, and through Google's own "Report malicious software" page. Yet they don't seem to be at all concerned about that, since 7 days later they still haven't done anything about it & are still knowingly distributing that malware.

Comments

Wrong Website and/or Company

If you've been sent to this page, it's because you sent us a message intended for a different company - most likely Smarty Plus or Smarty Pants Vitamins.

We have NO relationship with either of those companies beyond coincidentally similar names. If you trying to cancel a subscription with Smarty Plus, or have an issue with an order from Smarty Pants Vitamins, then that has nothing to do with us - you'll need to contact them directly, through their own website(s).

SmartyPlus.net
SmartyPantsVitamins.com

Comments

Update on Spam-Support Website(s) Hosted by Namecheap.com

Back in November of 2017, we wrote about the provider NameCheap.com - and the difficultly we had encountered in getting them to do anything about a website that they hosted, which we had repeatedly been spammed with links for. The focus of that article was merely on their lack of any response to the abuse reports we had sent to them, after (at the time) more an week. But when we finally DID receive a reply, their response was more ridiculous than we could have possibly expected.

First, some additional details that we weren't yet aware of at the time of the previous post on this topic: it turns out that the GetMyBusinessFundedNow[dot]com domain name is using something that many providers refer to as a "masked redirect" - in other words, they're using a full-page frame or iframe to display the content of another spam website (findbusinessfunding365.com). To anyone familiar with spammers & their common tactics, the reason for this should be obvious: it puts their spamming operations at less risk from abuse complaints - even if getmybusinessfundednow.com is suspended, the actual spam support content is still present on findbusinessfunding365.com, and probably unaffected because it's hosted by a different provider (Unified Layer, yet another provider who appear to turn a blind eye to spam complaints). In many ways, this is just a slight variation of the spammer tactic of using free URL-shortening services to redirect to their spam URLs, while hiding the actual sites & making them harder to report.

It also turned out that these same (by all appearances) spammers are using several other Namecheap-hosted domains in the same way: as masked redirects to/embeds of findbusinessfunding365.com. So far, the ones we've directly observed are:

GETMYBUSINESSFUNDEDNOW.COM
BUSINESSFUNDS365.COM
FINDBUSINESSFUNDING-247.COM
PROBUSINESSFUNDING.COM

However, when we reported those spam-support sites to Namecheap, they repeatedly insisted that they had no responsibility for the issue, because the actual content of the spam website was hosted elsewhere, and just embedded using an iframe/frame - despite the fact that they most certainly were (and still are) hosting the actual links being advertised by the spam EMails. Amazingly, they even claimed that they weren't actually providing hosting for getmybusinessfundednow.com and the other domains, despite the fact that they all resolve to an IP address that they are responsible for. Their sole justification seems to be that their spammer customers don't have a hosting service, but only domain registration service (with the masked-redirect-via-frames provided as part of that service) - which is ridiculous, because an iframe/frame only works if it's inside an HTML document, and that requires hosting by definition. Even if it's an extremely limited, purpose-specific form of hosting, it's still hosting - so by all appearances, that response was nothing more than a flimsy excuse for Namecheap to knowingly continue providing service to spammers.

The one kinda-sorta exception was PROBUSINESSFUNDING.COM: initially they claimed that they had resolved the problem by suspsending the domain's registration:

But when I happened to check it about a month & a half later, I noticed that the domain was still active & still resolving to NameCheap's webservers. Foolishly, I took them at their intiailly word & didn't think to check if the site was actually down - so I don't know if their claim to have suspended the site was complete BS, or if they did suspend it and then un-suspsended it later. Though incidentally, the reason I thought to check if the domain was actually suspended was that almost the exact same thing happened with yet another spam support URL hosted by NameCheap (loanbrokersinternational.com): they claimed they had suspended the offending account, but the site was still active when I checked less than a day later... that one is a slightly different situation, though, as that particular site is hosted directly on their servers, rather than embedded using a frame/"masked redirect". We'll be writing a separate post to detail that incident.

To top it off, it seems like many (if not most) of the Namecheap support staff we interacted with had serious difficulty understanding basic aspects of their own job - and/or had serious difficulties with basic reading comprehension. In just a single support/abuse ticket, here's a list of the nonsensical objections that we received fro Namecheap staff, and the basic details that we had to explain to them:

• They objected that the issue wasn't their responsibility, because the EMails weren't received from their server - which is of absolutely no relevance, since it was the website we were reporting to them, rather than the EMail. On top of that, the EMail was sent through a contact form, so the actual message technically came from our severs; both of those details were clearly spelled out in the initial message we sent to them.
  
  
   
• They objected that they had no evidence of the issue, since the domain wasn't listed in anti-spam blacklists - which was both incorrect (as we had provided them with multiple samples of the spam EMails advertising that domain), and not relevant for the same reason as their previous objection (the blacklists they cited were specifically for sources of spam EMail, while we were reporting the spam-support website instead). Amusingly, however, some of the domain names ARE present in blacklists of spam URLs - but when we pointed that out, we've received no response in the several months since.
  
  
   
• They objected that they could not terminate domain registration due to spam complaints - which was also irrelevant, since it was the spam site/URLs that we were reporting, and not the domain name itself (nor would it even be necessary to suspend/terminate the domain registration, given that they're the host of the site).
  
  

Even eliciting those lame excuses/red-herrings from Namecheap has been like pulling teeth: we've consistently noticed a pattern where they won't reply to a support/abuse ticket for days/weeks at at time - but publicly shame them about it on Twitter, and suddenly the ticket gets a response within an hour or two. It's almost as if Namecheap is more concerned with giving the public appearance they're responsive to those issues, than actually doing ANYTHING effective to address them. At the very least, it doesn't do much to dispell that impression when, of the 6 most recent abuse complaints we sent to them, 5 of them are stll open more than a month later & have received no response from NameCheap - while the 6th was closed without the issue having been resolved (the aforementioned loanbrokersinternational.com site, which is still active on their servers as of the time of this writing).

It also turned that this was not an isolated issue - or a new one either. A recent article published by Brian Krebs, one of the comments linked to blog post from 2015, which details almost the exact same issue: same spammer tactic (using domains hosted by/registered with Namecheap to embed content from separate stes via frames/masked redirects), and the exact same run-around from Namecheap's support staff (repeatedly claiming that the spam sites weren't hosted by them, when they clearly were) - the only difference seems to be that those spammers were hawking weight lose products instead of business loans. So that issue has been ongoing for at least 3 years now, and Namecheap is well-aware of it. While the KrebsOnSecurity article wasn't about that particular issue, it did mention NameCheap as one of the top registrars for TLDs (domain name extensions) that are favoured by spammers and spammers; the article also includes a quote from Namecheap's CEO, Richard Kirkendall, where (among other things) he accuses Krebs - a noted tech security ressearcher/journalist - of making "irresponsible assumptions." Kirkendall (or at least someone claiming to be him) then jumped into the article's comments, and didn't exactly inspire confidence in the company's willingness to address spam issues - particularly when he referred to people who oppose spamming as "nazis."

And as far as Namecheap's failure to address the use of their services by spammers, this is not even the only incident that we have experienced. In fact, the main reason for posting this update is that we've witnessed several further examples of even more absurd failures by Namecheap to address spam complaints, and it seemed that we should post an update on the first incident before moving onto the other, even more ridiculous ones. Stay tuned for those details!

Comments

How ICANN and GoDaddy Shield Scammers

If you want to set up shop on the Internet using a domain name that reflects your business rather than relying on @hotmail or @gmail addresses, or a web site hanging off one of the many web site builders' domain names, you need to register it through the ICANN registration system. ICANN - short for the Internet Corporation for Assigned Names and Numbers - sits atop the global heap that is the domain name system. It's main job is to manage the domain name registration system, delegating local authority to national domain name registration systems (in Canada, that's CIRA - the Canadian Domain Name Registration Authority). The actual registration process is further delegated to domain name registrars, and sitting atop that pile is GoDaddy.

Since the early days of the dot-com era, the domain name registry was abused: false names, addresses that turned out to be in the middle of the Mississippi River, phone numbers that belonged to unsuspecting victims who got the angry calls complaining about this or that bit of online abuse.

And lets not forget Facebook's role. In fact, earlier this month my wife spotted a paid link on Facebook pointing to a CBC.ca news story about Kevin O'Leary - the Dragon's Den / Shark Tank shouter - claiming that he was being investigated by the federal government for illegally profiting from a casino scam. The 'article' posted on a website - http://newsstuffpro.com/ - looked like a CBC.ca page, complete with links to related stories, the CBC logo, etc. turned out to be shilling for an online casino based in the United Kingdom. It was all an elaborate, ugly piece of fake news.

And the CBC's response? It happens all of the time, and we don't have the interest or resources to do anything about it.

So who is behind newsstuffpro.com?

The typical way to find out is to do a whois search. That means going to a service that provides information about the registrant of the domain name in question and, as predicted, this turned out to be registered through GoDaddy. Which goes out of its way to hide registrant information, but there are often ways around their firewalls.

After a bit of digging, it turns out that domain - and at least 99 more - are registered through GoDaddy to one John Macafee. And John claims to live at 1520 Garden Street in lovely Victoria, British Columbia, Canada, and his phone number is 1-250-874-7985. But don’t worry - I’m not doxing John because his phone number is not in service and his address, according to Canada Post’s address lookup and Google maps, simply doesn’t exist.

And this is the same bogus contact information on at least 100 domain names ‘John’ has registered through GoDaddy.

You’d think GoDaddy might have some interest in keeping their customers honest - and you’d think ICANN would be equally concerned about the reputation of the domain name registration system, but I think you’d be very, very, very wrong.

Yes, there is a way to file a complaint to ICANN about bogus registrations - one domain name at a time. First, you have to deal with a long, complex online form. Then, ICANN expects you, as a good Samaritan, to send A PIECE OF SNAIL MAIL TO EACH AND EVERY ONE OF THE DOMAINS WITH BOGUS INFORMATION - AND PROVIDE THEM WITH PROOF OF NON DELIVERY.

The suggestion that they consider Canada Post’s street address database as verification that the street address in our John’s domain name registrations doesn’t exist, or that they simply call the phone number on record to learn that it’s not in service? They are simply not interested.
And the online scammers of the world love it.

I did a quick calculation: 100 x 10 minutes to fill out the ICANN complaints  form, 100 letters to address and stamp and send, the scanning of each failed delivery snail mail returned to me. and the likelihood that it’s all just a shell game and a massive, intentional waste of time.

Sorry, folks, but the Internet is seriously broken, but the folks who benefit from breaking it - from the scammers to ICANN to registrars like GoDaddy - seem to like it that way.

Assuming the average cost of a domain name renewal is about $12-15 per year, GoDaddy stands to make more than $1000 annually for not checking on 'John' and the hordes like him. ICANN gets their half pound of flesh. 'John' gets to continue scamming and spamming with some help from Facebook, who also get a cut for his duplicitous ads.

And the rest of us? We get scammed again and again, with no indication it's ever going to end.

Comments

SEO Spam Websites 2018-04-16

We've recently noticed a trend of SEO spammers becoming more and more bold - while most of them are still careful enough to avoid putting easily reportable links to their websites in the spam they send out, many are now sending out spam from their own domain names (instead of hiding behind throwaway accounts from spam-friendly webmail providers like GMail & Hotmail). While spammers certainly aren't the brightest bulbs, they do have a keen sense of self-preservation - in the same way that cockroaches aren't known for being especially intelligent, but they do still have the sense to run & hide when the lights come on. So it seems reasonable to conclude that spammers would not be making this change unless they had good reason to believe it was safe - and most likely, they're taking advantage of hosts that have a consistent track record of failing to address spam complaints promptly (or at all, in the case of providers like NameCheap & BlueHost).

That being the case, we've decided to start keeping a record of the domain names used by the SEO & web development spammers who have contacted us - as well as publishing the details of the providers who host them, many of whom continue to host those sites despite being aware that their services are being used in support of spamming. Read on for the details.

Today's first SEO spam domain name is techsaga.es - the spam EMail was received from Google/GMail, and the hosting provider for the website appears to be https://publicdomainregistry.com/ - a report has been sent to them via abuse@publicdomainregistry.com.

The second SEO spam domain is rankyourdomain.com - in this case, the spam EMail came from the same the same/provider that hosts the website, http://brainpulse.com/. A report has been sent to them via network@brainpulse.com.

The third SEO spam domain is aquadsoft.com - also hosted by https://publicdomainregistry.com/ - a report has been sent to them via abuse@publicdomainregistry.com.

And today's fourth SEO spam domain (at least so far) is weboptimizes.com - hosted by http://maileig.com / https://www.endurance.com.

In the near future, we'll update this post with the results of our reports against those spam sites - including which providers address the issue responsibility, and which providers are happy to knowingly continue providing service to spammers.

Comments

NameCheap.com - Spam-Friendly Provider, hosting GetMyBusinessFundedNow[dot]com

UPDATE 2018-06-28: see the follow-up post here.

Another day, another large hosting provider knowingly providing service & support to spammers, by turning a blind eye to spam complaints. The latest provider to demonstrate that behaviour? NameCheap.com.

Since earlier this year, a site that we manage has received repeated, persistent spam EMails hawking small-business loans, via links using a number of different, but similar domain names. Rather than sending the links in regular EMails, these spammers were instead using the website's contact form - a common trick used by some types of spammers, to evade spam filters (typically it's much more difficult to block contact form spam, because the actual EMails come from your own server) - which also makes it harder to report the spammers, since you can't do so using automated/turnkey services like SpamCop. But these spammers managed to get my attention thanks to their persistence (at one point, we were receiving daily contact form spam from them), so I started attempting to track down where the spam-vertised sites were hosted. Which brings us to the main topic of this article: NameCheap.com, the company providing hosting service to the spam support site advertised in the most recent example.

Read on for the details of NameCheap's response (or rather the utter lack thereof) when we attempted to report the issue to them.

We took the standard steps to determine where the spam support site was hosted: first looking up the IP address of the server hosting it, 192.64.119.159 - and then looking up that IP address in a geolocation service that also also lists the owner of the IP address: in this case, the owner is listed as "Namecheap Inc." Being familiar with NameCheap & knowing them as a fairly large, reputable (by and large) provider, we decided to report the issue to them & looked up the contact information for their abuse department. We then sent copy of the full spam message to their primary abuse reporting address, abuse@namecheap.com, including the offending links to the spam support site hosted on their servers. That was on November 1st... after 5 days with no response whatsoever, we sent a follow-up through their support ticket system. That was 4 days ago, on November 6th - and the response since then? The best way to illustrate that is with a screenshot of the replies/history for that support ticket:

That's right, after 9 days, the only messages under that ticket are the ones from us - with no response whatsoever from NameCheap staff. The ticket is listed as not even having been assigned to one of their staff - which, if you're familiar with Kayako Fusion (the support ticket software they appear to be using), means there's a very good chance that the ticket hasn't even been looked-at yet. And suffice it to say, nothing has been done about the offending spam-support site: GetMyBusinessFundedNow[dot]com is still online, and still hosted on NameCheap's servers. At this point, it looks like NameCheap belongs in the steadily-growing list of large providers who are spammer-friendly in practice, if not in official policy: such as OVH, BlueHost, Google/GMail, and Microsoft/Hotmail. They're a great choice for spamming & hosting spam-support sites, but they should be avoided for anything else - for the same reasons that it's a bad idea for a legitimate business to setup shop in a neighbourhood that's full of crack houses.

UPDATE 2018-06-28: see the follow-up post here.

Comments

Hotmail/Outlook.com - The #1 Choice of SEO Spammers

In the past, we've written a number of articles about SEO & web development spammers, primarily based in India. As we've written previously, SEO & web dev spam is substantially less dangerous than many other types - for example "phishing" scams that attempt to steal sensitive login details (E.g. for online banking access), or virus scams that attempt to trick people into infecting their computers with malicious software. But on the flip side, SEO spam is much closer to the line between legitimate & junk EMail than those other types of spam, making it harder to block than more-dangerous types of spam, and it seems to be much more common. So despite the "mostly harmless" nature of SEO & web dev spam, it can still end up being more of a nuisance simply because of the sheer volume.

The fact that SEO/web dev spam often comes from large, free webmail providers makes the problem even more annoying, because those providers can't be simply blocked (at least not without blocking large amounts of legitimate EMail in the process - which is undoubtedly WHY spammers use those services). And today, the largest provider supporting & enabling (even if unintentionally) the bargain-basement, fly-by-night SEO & web dev "industry" is Microsoft - via their Hotmail/Outlook.com webmail service.

Interestingly, this wasn't always the case. Up until about 2 years ago, GMail.com accounts were far & away the largest source of that type of spam. But around September-October of 2015, it appears that those spammers migrated en masse to Microsoft's free EMail service instead - probably because Google finally stopped ignoring spam complaints & started to actually terminate the offending accounts. Of course, that doesn't mean that Google has completely gotten their act together in terms of addressing the use of their services for spamming & malicious purposes - as evidenced by the malware they continue to distribute via Google Drive, more than a month and half after it was first reported to them. And to Microsoft's credit, they at least provide easy-to-find information on how to report spam from Hotmail users; while Google seems to go out of their way to hide that info - just try doing a Google search for the term "report spam from gmail", the actual page to report spam from GMail doesn't even show up in the first page of results. Instead, the page is titled "I would like to report a Gmail user who has sent messages that violate the Gmail Program Policies and/or Terms of Use" - which looks like something written by a lawyer, who's primary goal was to avoid making any acknowledgement that Google's servers are (or could be) a source of spam.

Sadly, despite giving the appearance of taking spam/abuse much more seriously than Google, the amount of spam from Hotmail/Outlook.com accounts has steadily increased in the past two years - and today, we receive substantially more spam from Microsoft's servers than we do from Google's (almost all of it being SEO/web dev spam). To give a more concrete idea of the extent of Microsoft's spam problem, here are some quick numbers for received in the past 24 hours: out of a total of 151 spam messages caught by our filters, 31 of them of were SEO/web dev spam or similar (E.g. spam advertising mobile app development services) - the rest are a mix of the usual junk, EMails hawking weight loss & hair regrowth snake oil, "advanced fee fraud" scams, and a smattering of links to fake articles about Megyn Kelly. And out of those 31 SEO/web dev spam EMails, 22 were from Hotmail.com or Outlook.com addresses - compared to a total of 2 from GMail.com addresses.

In other words, SEO accounted for roughly 20% of the total volume of spam we received today - and of that SEO spam, Hotmail/Outlook.com addresses accounted for just under 71% - or roughly 15% of the total spam received today. So not only is Hotmail/Outlook.com the single largest source of SEO/web dev spam EMails (which is arguably the single most common/numerous type of spam we receive), but they also the single largest source of ALL the spam we receive. And today is not an anomaly, those numbers are consistent with the steadily-increasing volume of spam we've seen from Hotmail/Outlook in the last few years - granted, a few providers do sometimes surpass them on individual days, but even for the most notoriously spam-friendly large providers (OVH, etc), those are usually only momentary spikes. Over longer periods of time, the volume of spam received from Hotmail/Outlook accounts easily dwarfs that of other providers combined.

And if that weren't bad enough, it appears that Microsoft's turnaround time for addressing spam complaints is even worse than Google's (though neither of them hold a candle to OVH). As a quick test, I put together a list of all of the Hotmail.com & Outlook.com addresses that we received spam from last month - and then sent an EMail BCC'd to all of them, to see how many of those accounts were still active. Out of the 160 spam EMails we received either from Hotmail/Outlook addresses, or at least using Hotmail/Outlook addresses as their reply-to, 136 were unique (meaning 24 were duplicates/repeat offenders) - and of those, not a single bounce/"message undeliverable" error was received. In other words: as best as I can determine, despite us having sent reports to Microsoft of spam from those addresses. Most of them we reported at least twice, both via Spamcop reports & sent directly to Microsoft via abuse@outlook.com (or four times, for the duplicates/repeat-offenders).

While I haven't had a chance to run the same experiment with older spam received from Hotmail/Outlook addresses (to get a clear idea of what the actual turnaround time is), I did perform a more basic test by going back through past Hotmail/Outlook spam & randomly picking one from each month, to see just how far back I would have to go in order to find a spammer address that Microsoft had actually terminated. Amazingly, even when I went back more than a year & did the same test with spam from August 2016, I didn't get a single bounce... so I went back to August 2015, and still none of the spammer addresses I tried bounced... then I went back to the oldest SEO/web dev spam I have from a Hotmail/Outlook address (from February 4th, 2015 - and even that address still appears to be active!

So while it's hardly a definitive test, I haven't been able to verify that Microsoft EVER acts on spam reports - and if they do, the turnaround time appears to be on the order of months (if not years). And it's also worth noting that the volume of spam (as well as it's steady increase) is almost certainly linked to Microsoft's horrendous track record for addressing spam complaints: spammers are likely aware of those same details, and choosing/sticking to Hotmail/Outlook because they know there's a greater chance they'll be able to continue spamming having to continually open new accounts, etc. And as it becomes more widely known that Hotmail/Outlook.com is basically a safe-haven for spamming, then more spammers will use it - leading to the continually increasing volume of spam we've seen from their servers. At this point, the issue will almost certainly continue to get worse unless Microsoft does something about it - and they don't appear to have any desire or incentive to do so, unless/until the situation gets bad enough for Hotmail/Outlook to be listed in Spamhaus, Spamcop, or one of the other major RBLs (spam blacklisting services).

Comments

Google Drive Allows Malware to Remain Online for 91 Days (and counting) -  [UPDATED 2017-11-10]

Recently, we've started seeing a new type of spam-driven EMail scam involving fake purchase orders. We've seen two or three different examples of the scam, but they all share some common traits: they come from GMail accounts (and one example use an Outlook.com address as the reply-to), the malicious files are hidden inside less-common archive formats such as .ACE and .REV (presumably to avoid detection by virus scanners), the spamming operation seems to be a bit more interactive in that they don't send the malware attachments/links unless you reply (presumably to avoid revealing their malware unless they think they have a "live one" on the hook), and they all use Google drive to host the files - in addition to sending them by EMail.

Naturally, we reported all of the offending GMail address & malicious Google drive links to Google (via Spamcop). Now, if you've read the title of this post - or you've ever personally tried to get Google to shut down malicious content/accounts in the past - then you can successfully guess what the result (or lack thereof) has been. But, if you're curious, read on for the details.

The first example of this spam that we received this summer arrived on August 8th: it came from someone claiming to be "jessie ganda" & using the EMail address purchasedepat1990@gmail.com - out of curiousity for how the scam worked, I decided to play along and reply. Two days later, on August 10th, the scammer replied by sending me a Google drive link to the supposed purchase order document - which was actually a .ACE archive containing a .EXE file (in other words, obvious malware).

The link pointed to the URL https://drive.google.com/file/d/0BwKsklZY13s-a01QZUVpcUlvVDg/view - WARNING: that URL goes to page with a link to a malicious file that could seriously harm your computer if opened, the URL is included only for the purpose of documentation.

Both the link and the offending EMail address were reported to Google on the same day - August 10th. Yet as of the time of this writing, the link is still active and Google is still hosting the malicious file, and test messages sent to the purchasedepat1990@gmail.com don't bounce back, so it still appears to be active as well. For a multi-billion dollar, multinational tech company, taking that long to remove malware from their servers would be inexcusable even if they had actually dealt with the problem - which they haven't. Due to Google's continued failure to address any part of the issue, I've re-reported both spam EMails to them directly via the abuse@google.com & abuse@gmail.com addresses, as well as reporting the malicious file via the Google drive web interface.

When (or if) Google gets around to actually doing anything about the malware they're knowingly hosting & the spam that they're facilitating, we'll update this article. Personally, I'm curious to see if they manage to address both parts of the issue (the spammer GMail account and the Google Drive-hosted malware), or if they pull an OVH and only deal with part of the problem.

UPDATE 2017-08-29: nearly a week has passed since this post was originally published - yet in that time, Google still has not done anything about the malicious files that they are hosting: the URL is still active (https://drive.google.com/file/d/0BwKsklZY13s-a01QZUVpcUlvVDg/view) and Google is still allowing downloads of the file. As such, given that the issue has been reported multiple times & was first reported more than two weeks ago, it appears that Google is knowingly allowing their servers to be used for distribution of malicious software.

It's also worth noting that the same group of spammers have sent us additional spam EMails (also from GMail accounts), containing a different to a malicious file, which of course is also hosted on Google Drive - and as should come as no surprise, Google hasn't done anything about that either (the offending GMail account still appears to be active, and the malicious file is still available for download). Given the circumstances, we've decided to give Google one more day to address the issue, which will be a full 20 days (four business weeks) since the issue was first reported - after that, we'll start re-resending reports of the spam EMails/accounts & the malicious files once per day and see how long it takes them to deal with the issues then.

UPDATE 2017-09-01: another three days have passed since the last update, and Google has still failed to take any evidence steps to address the issue (the malicious files are still available for download, and the GMail accounts that sent them still appear to be active) - bringing us to a total of 21 days since we first reported the issue to Google. Starting on August 30th, which was the 20 day point, we began reporting the malicious Google Docs link daily, using the "Report abuse" link on the same page - and so far, it appears that Google is ignoring those reports as well.

UPDATE 2017-09-06: another 5 days, and Google continues to allow the use of their servers to distribute malware - despite the previous reports that we sent, and the daily reports that we've been sending since August 30th. Right now, I'd put good odds on Google ignoring the issue for a full month - at that point, maybe we'll start sending them links to the malware via Twitter.

UPDATE 2017-09-25: nearly a month since the last update, aaaaaaaaaaand you guessed it - both of the Google Drive-hosted links to malicious files are still active (https://drive.google.com/file/d/0B4X7BhdRq1FMejE2aFpEbGViVmc/view and https://drive.google.com/file/d/0BwKsklZY13s-a01QZUVpcUlvVDg/view), AND all three of the GMail accounts used by the same spammers/scammers still appear to be active. So the lesson here seems to be: Google is perfectly happy to not only allow their EMail service to be used for spamming, but they also knowingly allow the use of Google Drive to distribute malware. And for the record, I'm giving Google the benefit of the doubt by assuming that they're aware of the issue - because the only other possibilities are even more damning: that Google (a multi-billion dollar multi-national company) is so badly-staffed/incompetently run that they literally aren't capable of responding to abuse complaints properly... or they simply don't care/can't be bothered, which is even less-excusable (also known as the "too big to fail" mentality).

UPDATE 2017-11-10: more than a month since the last update, and true to form, Google has still failed to do anything about the two Google drive-hosted malware links that we reported to them over 3 months ago (91 days... and counting). So, as a last-ditch attempt, we've sent Google a link to this article via Twitter. In the unlikely event that they ever get around to removing the malware that their servers are distributing, or at least responding to the post on Twitter, then we will update this post.

Comments

TechTSS.com - “CASL-Compliant” SEO Spammers, hosted by BlueHost [UPDATED 2017-08-29]

In the past, we've written about the extremely dim view we take of SEO & web development spammers; while it's nowhere near as dangerous as other types of spam, it can be a bigger annoyance because of the sheer volume & the fact that it's harder to block, making it more likely for SEO spam to get through spam filters compared to viruses or phishing EMails. And an increasing number of those spammers have switched to sending spam through website contact forms rather than EMailing directly, since that's harder to block & report (since messages sent through a contact form typically come from your own mail server). For those reasons, my current preferred trick for dealing with those types of spammers is respond & ask if their services are "CASL-compliant" - with CASL being the Canadian Anti-Spam Legislation.

That serves two purposes. The first is simply to get a response from the spammers, which gives me an EMail that can be reported as spam to their hosting provider - and if they're particularly dumb, they may even respond from their real domain name and/or with their real website address, rather than the throwaway Hotmail/GMail accounts they typically use to keep their spamming operations at arm's length. The second purpose is admittedly more petty: as a trick question (that I already know the answer to), to see if they're desperate and/or dishonest enough to claim that they are CASL-compliant - which is particularly hilarious, given that they've already violated CASL by spamming us in the first place. Which brings us to TSS Sales, AKA TechTSS.com: "CASL-compliant" SEO & web dev spammers. Read on for the details.

So far, this spammer has followed the usual pattern: the initial contact came from an @gmail.com address, from a "Dominic Joy" - and when we wrote to ask about the CASL-compliance of his services, he quickly replied "Yep, our services are CASL-compliant." Normally we would just report the EMail as spam & leave it at that, but "Dominic" has managed to stand out thanks to his persistence: since originally spamming us on July 14th, he's sent an additional four follow-up EMails, with the latest one arriving today. So, in addition to this article, we've decided to reward his persistence by filing a report with the CRTC that TechTSS.com is sending spam that violates CASL, while simultaneously claiming to comply with CASL... in the very same EMails where they're violating that law. Which will also help serve as a simple experiment to determine just how blatantly someone can violate CASL before the CRTC will actually take action (not holding my breath, to be honest).

And that brings us to the third-parties who are providing "spam support" services for TSS Sales, particularly their web hosting provider: Bluehost.com, AKA one the least-competently run large providers (second only to OVH) I've had the displeasure of dealing with in the past 20 years (they're the owners of HostMonster, the company that put us through a ridiculous comedy of errors back in 2014). Bluehost currently provides hosting for TechTSS.com, and we have reported 4 spam EMails to them which advertise that address - yet two weeks later, the site is still online. By comparison, responsible hosting providers with competent abuse staff typically resolve issues like this within 48 hours, at most. Not only that, but when reporting the latest EMail via SpamCop, I noticed a note in the report details stating that "ISP does not wish to receive reports regarding http://www[.]techtss[.]com/" (URL munged to avoid giving the site an undue SEO boost). Those notices only appear when a website address has been reported via Spamcop, and the recipient(s) of the report has then clicked a link indicating that they don't want to receive any further reports related to that address - likely meaning that Bluehost just blindly forwarded the Spamcop report to the spammers themselves, without bothering to remove the "Don't send reports for this address in the future" link, giving the spammers the ability to prevent Bluehost from receiving future complaints against that URL.

UPDATE 2017-07-26: we contacted Bluehost directly about the issue. The person I spoke with claimed that Bluehost had not received any of the complaints I sent, and that the address I had sent them to (malware@bluehost.com) was not valid; they asked to forward the offending EMails to a different address and gave assurances that their abuse department would address the issue. We'll see.

UPDATE 2017-08-01: Bluehost appears to have validated my earlier skepticism, by failing to take any evident action against the spam site in the 6 days (and counting) since giving assurances they would address it. So it would appear, contrary to their terms of service & the claims of their staff, that Bluehost is A-OK with their servers being used to host spam-support websites.See below for the transcript of our latest conversation with Bluehost.

UPDATE 2017-08-29: Since the last update, Bluehost has continued to ignore the issue (the spam support site techtss.com is still active on their servers) & we have made two additional attempts to contact them. Unfortunately, I forgot to save screenshots of those live chats - but it's just been more of the same run-around. When I contacted Bluehost via live chat, each time I was literally told a different EMail that the issue should be reported to: in addition to the address Spamcop has on record (malware@bluehost.com), we've also been told that issue needed to be reported to tos@bluehost.com... then, the next time, we were told that the issue should be reported to abuse@bluehost.com instead... and the next time, we were told to send the offending messages to legal@bluehost.com instead.

It's impossible to say if that's due to Bluehost staff deliberately giving us the run-around, or if it's due to incompetence on the part of their staff - but at this point I don't really think it matters, because the end result is the same either way. After turning a blind eye to the issue for more than a month (after at least 5 reports were sent to them), it's clear that Bluehost is willing to knowingly providing services to a spam-support site, contrary to their stated terms of service. Which puts Bluehost on the same pile as OVH: a provider that may not be spam-friendly in official policy, but are spam-friendly in practice due to their consistent failure to address spam complaints.

Comments

GuliSons.com/DigiProw.in - SEO spammers, hosted by OVH [UPDATED]

As we've detailed in the past, French hosting provider OVH has become one of the Internet's largest single sources of spam, blurring the lines between a true "bulletproof" host that deliberately allows their systems to be used maliciously as a matter of policy - and cheap hosts that depend a quantity-over-quality where hiring a competent abuse department would cut into their razor-thin profit margins. In the last 2-3 years, I don't think there's been a single day where we haven't received at least one spam EMail that either originated from OVH's servers, or advertised a site hosted by OVH - or both. So we don't report on most of it, but I decided to make exception for some spam we received today, as it's an intersection between two of my least favourite things: spam-friendly hosting providers, and SEO spammers.

SEO/web development spam is both my least favourite & most favourite type of spam. Least favourite, because those spammers are often using our own systems (mail servers) to try to poach our clients - and that's when they're not stupid enough to try to sell us the very same services that we provide. But it's also my most favourite, because those spam messages usually have valid from/reply-to address, and the senders will often even reply, providing more spam messages that can be reported to their provider. Typically, this type of spam comes from free EMail services - until a few years ago, that was mainly GMail, though those spammers seem to have migrated en masse to Hotmail/Outlook.com back in 2016. The spam from GuliSons.com/DigiProw.in jumped out me because it came from an actual company domain name, and included a link to their website.

To explain why that is notable, I'll first need to explain why SEO/web dev spammers normally use freemail services & don't initially include links to their websites. In a nutshell, it's done for the purposes of keeping their spamming operations at arm's length from the company providing the services advertised in the spam. If you have time & patience to lead on a SEO/web dev spammer, eventually most will provide you with a link to their actual website and/or contact you from their real company EMail address - but they typically won't do that until they believe they have a "live one" on the hook. Otherwise, if they spammed from their company domain name - and/or included a link to their website - then people could report the spammers to their providers, and there's a good chance their primary EMail and/or web hosting would get shut down. But as long as they only use freemail accounts for the actual spamming & don't initially mention their real website address or company name, then even if GMail/Hotmail shuts down one account, the worst-case is that they're out 5 minutes of effort to register a new account & resume spamming.

In that context, it seems odd for GuliSons.com to send out spam that not only comes from their company domain name, but also includes a link to their website - which is hosted by the same provider as their EMail (OVH), meaning that a single spam complaint could conceivably result in the suspension/termination of both their official website & EMail. Putting so many eggs in one basket seems like a fairly big risk, unless GuliSons.com/DigiProw.in have some reason to believe that, even if they are reported, OVH won't take any action against their account...

But, we'll see. The spam EMail, and the links in it, have all been reported to OVH as of 12:58PM today (July 8th, 2017) and it's such a blatant, obvious example of spamming that even OVH's abuse department should be capable of dealing with it. It will certainly be interesting to see how long it takes OVH to address the issue (if they address it all), feel free to comment with your prediction - but my advice is to aim high (weeks or months, rather than hours or days).

UPDATE JULY 09, 2017: unsurprisingly, no actions appear to have been taken (yet?) against the latest OVH-hosted spammers that we reported - BUT it looks like the persistent Kijiji-impersonating spam that we reported on earlier has resumed. After nearly 5 months without receiving any (the previous spam for that site was received on Feb. 14th, 2017), we received another one overnight - less than 24 hours after this post was originallyy published. Very interesting timing! And, of course, the Kijiji-impersonating spam is still advertising the site Classifieds-news[dot]com, which is still hosted by OVH - despite it being an obvious spam support site, which we've reported to OVH at least 100 times over the past two and a half years.

UPDATE JULY 17, 2017: it appears that OVH has finally acted on the report we sent... sort of. The GuliSons.com website no longer loads, and in its place is the generic CPanel "Default Web Site Page"/error - however, the two other sites owned by the same spammers (GuliMart.com & DigiProw.in) are both still online. And that's despite both of the other sites resolving to the same IP address as GuliSons.com (198.27.88.99) - so they appear to be on the same hosting account/VPS - and despite the fact that both of those sites were also advertised in the same EMail that we reported to OVH. So it's taken OVH around nine days to address one third of the problem, and sadly even that's still an improvement over their previous turnaround time for addressing spam reports.

UPDATE JULY 25, 2017: apparently we spoke too soon & overestimated the competence of OVH's abuse department, because the GuliSons.com website is online once again - still hosted by OVH, and still hosted on the exact IP address (198.27.88.99). So half a month later, not only has OVH failed to address the entire issue - they still haven't addressed ANY part of the issue.

UPDATE AUGUST 01, 2017: almost a month later, and OVH has apparently done nothing about the spam-support site that they are hosting - because we're still receiving spam advertising the spam-support site GuliSons.com, which is still hosted by OVH. For those keeping count, that's now 23 days (and counting) - at this point, regardless of whether it's deliberate or just due to incompetence, I think it's safe to say that OVH is a spam-friendly provider.

Comments

OVH & the “Three Stooges” Approach to Network Abuse

When you run a mail server and spend several hours a day blocking & reporting spam, patterns become noticeable after a while - in particular, which providers are good at addressing spam complaints. You also start to notice which providers are not so good at addressing spam complaints, which is how I first became aware of OVH Hosting. Before 2015, I was largely unaware of OVH - they are (or at least claim to be) the 3rd largest hosting provider in the world, but they are based in France and until recently they had operated primarily in that market, so I hadn't had much contact with them. They are well known in a few circles, however - in September of 2016, they were on the receiving end of a record-breaking distributed denial of service (DDoS) attack. They are also known for an even more dubious honour: in August of 2014, they were listed by SpamHaus as #1 on their list of "The World's Worst Spam Support ISPs".

As you may have already guessed, OVH ended up on my radar in May of 2015 when I started noticing a large volume of spam originating from their servers. These appeared to be different from a normal spam run, however, because the messages were almost all identical (spoofed/fake Kijiji alerts), and were being repeatedly sent to the same small number of EMail addresses. That approach is much more risky for the spammer, because it makes it much easier for their hosting provider to detect the spamming and shut down their account. In contrast, most spam are done in more of a fly-by-night fashion, where the spammers will try to send as many different spam EMails to as many different EMail addresses, in as short a time as possible - to get as much return on their "spamming investment" as possible before being shut down by their hosting provider. In fact, the behaviour of these spammers operating on the OVH network much more closely resembled that of spammers operating on "bulletproof" hosting providers, which refers to hosts that will not shut off customers, no matter how many abuse complaints they receive. Spammers using those types of providers typically take less precautions to hide their activities from their hosting provider, because they have reason to believe the hosting provider will turn a blind eye to the complaints.

Because of those unusual details, I started looking into the content of the messages a little more closely. All of the Kijiji-spoofing spam contained links to spammy-looking domain names with uncommon TLDs like ".trade", ".loan", and ".bid", etc - and invariably, the links have all redirected to the website http://classifieds-news[dot]com (to avoid giving the spammers any kind of SEO-boost, we decided not to link to the site directly or publish it's domain without obfuscating it). The first surprise was that both the redirect links, and the site that they redirected to, were also hosted by OVH: the classifieds-news[dot]com domain name resolves to the IP address 92.222.75.202 - which according to lookup/geolocation services, is located in France and owned by the provider "Ovh Sas."

The owners of the site don't even bother to use CloudFlare or the like to hide where they're hosted, as the domain name is using the nameservers ns109.ovh.net and dns109.ovh.net - and OVH is also the registrar (registration provider) for the domain name, something it shares in common with the domains used for the redirect URLs.

So not only were the spammers using OVH's servers to send out junk EMail, but they were also using OVH to host the websites advertised in the spam and using OVH as the registrar for those sites' domain names. In other words, these spammers were effectively putting all of their eggs in one basket, and operating in way that would make it extremely easy for any competent, responsible hosting provider to detect and shut them down. And we're not the only the only ones to notice this particular spamming & spam support site: there's a post on the Fraud F.Y.I. blog from January 2017, noting that they've seen a large volume of the same spam with links that redirect to classifieds-news[dot]com - but impersonating Craiglist instead of Kijiji.

At first, we decided to treat the spam from OVH the same way we would treat spam from any other hosting provider: we reported the spam to them via Spamcop (a free reporting service that will analyze submitted spam EMails, identify which networks the spammers used, and allow you to easily send complaints to the people responsible for those networks). Several weeks went by without any response from OVH (which is, admittedly, typical for most large hosting providers) - and we continued receiving the spoofed Kijii alert spam, so we began reporting them directly to OVH by forwarding of all of the messages to abuse@ovh.net. Despite this, the spam continued - and still continues to this day. Does all of that mean that is OVH a "bulletproof" host? In fairness, no - in fact, there are numerous posts & forum threads around the web, where spammers & blackhat SEOs complain about OVH shutting down their accounts (though it is worth noting that that seems to be a recent change, since many of the complaints note that it didn't happen in the past). In this case, the saying "don't ascribe to malice what can be attributed to incompetence" would seem to apply - OVH appears to do the bare-minimum to deal with abuse complaints, and so far have only shut down the redirect URLs, while continuing to host the actual spam site that those URLs all redirect to: http://classifieds-news[dot]com, which is still active on OVH's server as of this writing. While they are likely also shutting down the accounts used to send the spam EMails, that does nothing to prevent those same spammers from setting up a new redirect URL, signing up for a new account, and continuing to send the same spam. In other words, OVH's abuse department appears to be only addressing the symptoms, while ignoring the cause & continuing to host the site that benefits from that spamming.

Even with OVH's "treat the symptoms, ignore the cause" approach, it has often taken them a week - or more - to take any action. In the fall of 2016, when the Kijii-spoofing spam restarted after a 2-3 month lull, we finally lost patience and decided to post about it on their forums; and as something of an experiment, we decided to keep track of how long the spam-vertised links remained active after they had been reported to OVH. We received another of the Kijiji-spoofing spam EMails from OVH's servers on January 14th of this year and posted the details on OVH's forums (as well as reporting it to them through Spamcop & their abuse-reporting address) - and it was not until January 19th (5 days later) that the spam redirect links were shut down. In contrast, shortly after the Kijiji-spoofing spam started up again, one of those EMails contained a link to a redirect URL hosted by a different provider - within 3 hours of reporting the link to them, we received a response from them stating that the offending site had been shut down (which we verified). A significantly faster turnaround than the roughly 120 hours that it took OVH to do the same thing, with a handful of forum replies being the only response we've received from them despite having reported dozens of near-identical spam from their servers over the course of nearly two years.

As we became more and more aware of the extent of the issue, and the extent of OVH's failure to address it, we start pressing them to either deal with the problem - or at the very least, provide an explanation. Unfortunately, the only responses we received were generic, stock excuses & attempts to downplay the issue. For example, one of the responses we received from "Phil" at OVH stated that "On first offences, we contact our customer and ask them to rectify the issue. If the the problem persists, only then will we take further action. This can sometimes take several days before the entire cycle completes itself" - which seemed incredibly disingenuous, given that the issue was FAR from being a first offense (closer to eightieth offense at that point), the fact that they had taken no effective action despite his claim to the contrary & despite the fact that the issue clearly had persisted, and the fact that the issue had continued well past the "several days" he claimed (unless you consider more than 500 days to be "several"). When we pointed out that literally none of the points in those 3 sentences had any relevance to the actual issue, Phil simply didn't respond. But even that was topped by OVH's response when we pointed out their history of having been listed as the World's Worst Spam Support ISP: Phil described that as "some problems [...] with spam," and attempted to paint it as just a temporary issue that they had "quickly rectified." He left our a "minor" detail, however: when OVH was listed as the #1 "World's Worst ISP," it was with 79 unresolved incidents - after reading Phil's claim that the issue had been rectified, I checked their current status on Spamhaus, which (as of December 12, 2016) listed: 72 unresolved issues - only 7 fewer than when they were on the top of the list. By every indication, they didn't drop off the Worst ISPs list because they actually rectified the issue, as claimed - but simply because they overtaken by even worse ISPs. Suffice it to say, we didn't receive any response after pointing that out either.

To sum up, and to highlight just how unusual this is: after nearly 20 years of being involved in the hosting industry, in various capacities, OVH is the only host I've ever encountered that allowed the same spammers to continue sending the same spam, to the same recipients, for nearly 2 years (not to mention hosting the site advertised by the spam). Which is all despite having been sent numerous abuse complaints, via 4 different methods: Spamcop reports, OVH's abuse reporting EMail, OVH's abuse reporting ticket system, and even publicly in their support forums. Yet the spamming has continued, averaging 1-2 per day; the only change is that these particular spammers appear to have stopped using OVH to host the redirect URLs and have started using WebSelf.net instead, a free website builder/hosting service based in Quebec (who don't seem to have a particularly fast turnaround for addressing spam complaints either). As one final last-ditch attempt, we started requesting return receipts & delivery status notifications when forwarding copies of the spam to OVH's abuse reporting address - and we did actually get a response, which was a pleasant surprise for a few seconds... until we looked at the details: the response was a notification that the message had been deleted without having been read. So far, we've received the same notifications from 2 different people at OVH (while it was tempting, we decided not to publish their names & EMail addresses). I honestly can't think of any better way they could have communicated a lack of concern for the issue, without stating it explicitly.

Before publishing this post, we of course attempted to provide OVH with the opportunity to comment: because OVH's contact page doesn't list any actual media contact info, we first attempted to reach them by posting on their forums, since that's the only place where we've received any response in the past - but after several days and two attempts, there has been no response. Following that, we made one final attempt to give them the opportunity to comment, by sending the same request to any official OVH EMail addresses we could find online (primarily in the WHOIS information for their domain names) - and if you've read this far, it probably won't be hard to guess what the result was: 24 hours & there's been no response. In the unlikely event that we do ever receive a response from them, we'll update this post.

It is also worth noting that this is only the most egregious example of spam/spam support that we've seen from OVH, and it's FAR from the being the only example: typically we receive at least 5-10 spam EMails every day that were either sent through OVH's mail servers, or advertise sites hosted by OVH (in many cases, it's both). And that's not even mentioning the other types of malicious traffic that we regularly receive from OVH's network: for example, the only brute-force attempts our servers have received from within Canada in the past year has been from OVH's network, with over 200 attempts in February 2017 alone - and there almost certainly would have been more if we didn't automatically ban IPs for repeated login failures. Amusingly, the volume of other malicious traffic may have actually reduced the spamming somewhat, since spammers wouldn't be able to send us EMail from servers/IP addressed that had already been blocked; to reference an old Simpsons episode, it's basically the "Three Stooges" approach to network abuse.

And while OVH's failures are the focus of this article, it should be noted that the owners of Classifieds-news[dot]com are almost certainly the people ultimately responsible for the spamming: either directly, or via third-party "EMail marketers" (which is almost always a euphemism for "freelance spammers"). The spam links take people to the site's homepage, with no affiliate/referral ID in the URL. True, it's possible that the spam is a "Joe job" (someone else sending spam advertising that site, in an attempt to get them kicked off their host or cause some other harm to them) - but it seems highly unlikely at this point, given how long it's gone on. If it is a "Joe job," then it's both incredibly persistent & incredibly ineffective (since it's evidently had no effect). Finally, it should be noted that OVH is not the only host providing spam support services for classifieds-news[dot]net (just the primary one), and none of them seem to take their responsibilities as internet hosts any more seriously than OVH does - including webself.net & their provider, Amazon AWS. But those are all topics for the follow-up article that we're working on.

Comments

Comment Spam Advertising WebHoster.pk

Comment spam advertising hosting companies seems to be a common theme recently - earlier this month, we reported on spam advertising Bulgarian hosting provider "BGCloud," and now we've received spam comments advertising WebHoster.pk, a hosting provider in Pakistan. The spam comment came from the IP address 39.59.10.69, which is located in Pakistan according to IP geolocation services. We attempted to contact WebHoster.pk to give them the opportunity to provide an explanation, but they failed to respond to multiple requests.

Comments

Comments Spam advertising BGCloud.com - Bulgarian Hosting Company

As hosting providers ourselves, it's fair to say that a large amount of our time is eaten up dealing with spam of all types - whether it be traditional EMail spam, or contact form spam, or website comment spam. As a result, there are few that we take a dimmer view of than other hosting providers spamming us with advertisements for their services (don't worry, "HebergPlus," we haven't forgotten about you either). Which brings us to today and a hosting provider called BGCloud, who appear to be based in Bulgaria: earlier this morning, the following comment was posted to our site:

A years ago I used shared hosting, but recently I’ve moved to virtual private server, due to obvious reasons, and as you can guess, security is the most important of them.

The name attached to the comment was "VPS" and the spammer entered a link to BGCloud's website in the URL field. Unfortunately for this "online marketer," we don't actually display information entered into that field - but it does make good bait for comment spammers. Incidentally, the comment was posted from an IP address in Bulgaria - the same country where BGCloud is located. We have sent a message to BGCloud requesting an explanation; in the unlikely event that we receive any response, we will update this post.

Comments

Websites.ca - Spammers?

Late last week, we received a report from a hosting customer that they received spam advertising Websites.ca. This was unusual, as most spam we see has its source obfuscated in some way - and it's even less common to see spam from an organization apparently based in Canada AND using a .CA domain name. So this definitely got our attention.

While it's impossible to say with 100% certainty that the message was spam, there were strong indications. The most damning detail is the fact the message was sent to an EMail address that is only used to receive submissions from a prescription refill form on the website of a small pharmacy - which isn't publicly listed anywhere except the HTML code for the form. So either Websites.ca harvested the EMail address themselves, or they bought a list of addresses (which are commonly marketed and sold for spamming purposes) which included that address - either of which would have made it impossible for them to obtain proper opt-in consent, as is required of them by the CASL (Canadian Anti-Spam Legislation).

Despite the strong evidence against them, we decided to give the owners of Websites.ca the benefit of the doubt - mainly because they're based in Canada. So we sent a response to the EMail, copied to the administrative contact address for websites.ca (effectively the owner of the domain name), and requested details on when & how they had received consent to send commercial advertisements to that EMail address - or at least details of any preexisting relationship that would qualify as "implied consent" (an exception/bare-minimum requirement of Canada's Anti-Spam laws).

But despite that message being sent nearly 5 days ago (nearly 3 business days), there has been no response - so at this point, we can only assume that they do not intend to respond & conclude that our original suspicions were correct. That being the case, we have reported the message to their hosting provides (which appears to be Amazon's "cloud" hosting) & and have filed a complaint with the CRTC that the message appears to have been sent in violation of the CASL.

If we ever receive a response from Websites.ca (or any update on the CASL complaint), we will update this post with the details. Have you or anyone you know of also received spam from Websites.ca - or other organizations based in Canada? Please let us know in the comments.

Comments

Freelancing 2.0 - Standing Up For Standing Desks

Rebecca Tucker writes about arts, culture, food and cats for the National Post newspaper. Earlier this week, she turned her focus to standing desks in a piece that dismissed the value of standing desks, and mocked studies that claiming a overly sedentary life is unhealthy and harmful. Under the headline "Standing Up for Sitting Down," she ends with this nugget of wisdom:

"Don't spend thousands of dollars on a standing desk; do stand in line at the airport, and make take the stairs at lunch. It's free."

She suggests that if you stand up at work, you're just "more likely to go home and sit down," pointing to a recent UK study that concluded using a standing desk resulted in "a meagre 20 per cent" reduction in sitting time over the course of a day.

I've always liked math, and I've always liked words. In my experience, they both matter. Now when somebody writes about "a meagre 20 per cent," my spidey sense starts to tingle.

I've never met Rebecca Tucker. But it seems a fair wager that if she learned her salary at the National Post was about to be cut by 20 per cent, "meagre' probably wouldn't be the first word that jumped into her head.

In fact, let me you how un-meagre an 11-percent (Corrected from 12-percent) difference has meant a whole lot to me.

About four years ago, with my weight hovering around the 225-pound mark (Corrected from '205), I knew I had to change. Part of that change was buying and using a standing desk. A few months into the school year, I spotted a standing desk on sale at a local office supply store. The top is about 3 1/2 feet wide, 2 feet deep: big enough for a laptop, some space on either side for extra hard drives and a notepad, and some space behind the laptop for various bits and pieces that tend to find their way to my desktop. The wheels make it easy to move around the house.

The first few days were uncomfortable: sore joints, tired muscles, but like any other unaccustomed exercise - and trust me, this is exercise - the aches and pains soon dwindled. And slowly but surely, so did my waistline.

Now you need to know that I don't stand all day every day. Just as you'd take a break now again on a long walk, I take the occasional break in a comfy chair or lying on a couch. But most of the working day is spent on my feet. I stand up while talking to friends and clients, reading and answering emails, editing video, and writing pieces about this and that, including how to survive as a freelancer, or the benefits of standing up over sitting down.

Now back to that un-meagre 12 per cent: just four years after buying my inexpensive standing desk, I've broken the 180-pound mark. By my count, that's 45 pounds lighter, two pant-sizes smaller, and a hell of a lot fitter.

In fact, using a standing desk has made me far less likely to sit down outside the workplace. At the airport, while everybody else sits waiting for the plane to board, I prefer to stand, knowing we'll all be crammed into shrinking airplane seats for hours. At conferences or workshops? That's me standing at the back, while everyone else sits in horridly uncomfortable chairs, then slowly push themselves up at the end, complaining about their sore backs.

But I do agree with Rebecca on one point: you don't have to spend thousands of dollars for a standup desk. There really are inexpensive, effective options. Hell, if you're half-way handy, you can make one for next to nothing (the easiest to make fit on top of existing desks), although I do like the wheels on my store-bought model.

Otherwise, from my point of view, the rest of her suggestions are pure bunk. And I'm not much impressed with her take on simple arithmetic: 20 per cent does matter.

Comments

Freelancing 2.0 - Embrace the Errors of Your Ways

Have you ever heard of WD-39? No? Like the 39 formulations that came before, it didn't work. But formulation # 40 was a different story, and WD-40 eventually became a household icon found in about 80 per cent of North American homes.

That's not an isolated tale.

Thomas Edison, the inventor of the lightbult, once told a reporter who asked him how it felt to fail 1,000 times (that's how many non-working prototypes came before the first lightbulb actually lit up): "I haven't failed. I just found 1,000 ways that didn't work."

James Dyson of vacuum cleaner fame had a failure rate five times greater than Edison before finally claiming success.

In fact, there is no shortage of tales of persistent failure that demonstrate the need to try - and try again - and again. In fact, the road to success is usually paved with failure.

In my very early days as a freelance writer, a seasoned vet told me that the best way to succeed in the business was to prepare to 'wallpaper' my office with rejection slips. Althoght not quite room-sized collections, J.K. Rowling's debut novel 'Harry Potter and the Philospher's Stone' was rejected by 12 publishers before a small press agreed to sign a contract, while 21 publishers rejected the novel that Richard Hooker spent seven years writing. You may not recognize his name, but I suspect you have heard of M*A*S*H.

Fear of Failure Guarantees Lack of Success

It would be all too easy to keep going with a laundry list of similar examples: Rovio's 51 failed games before Angry Bird went viral, Henry Ford's five epic business failures before creating one of the world's most famous automotive brands, cartoonist Charles Schulz's rejection by even his high school yearbook staff before creating the well-loved and long-running 'Peanuts', and so on.

Sure, there are bound to be a few first-time efforts that turned to gold. Just like there's bound to be a multi-million dollar lottery winner. But the odds are so shockingly small, that you'd be silly to count on either one happening. Better to get use to the facts that 1) you will fail and 2) you can learn something from every failure.

I'm certainly not advocating that you purposely seek failure. That would be equally silly. But don't be surprised when it happens. Just remember to pick yourself up, figure out where you went wrong this time, and start again with that well-earned lesson in mind.

And if everyone around you is telling you to give up, consider the case of the late Robin Williams, who was voted by his high school peers as the 'Least Likely to Succeed'.

Or think about the long-distance swimmer who, after five grueling hours in the water, got within sight of the shore but was too tired to go on, so he turned around and swam back home.

Comments

Freelancing 2.0 - How to Buy (The Right) Technology in 6 Easy Steps

If you've ever bought new technology only to develop a serious case of buyer's remorse because, after you've shelled out your hard earned money, you discovered it didn't work, or didn't work the way you thought it would, or didn't fit in with your lifestyle, or there were a dozen hidden gotchas...following these 6 easy steps will help you avoid another calamity.

You might ask: Why is research not on the list? Because research is a given, and we assume you're going to do that every step of the way.

With that out of the way, let's get going.

STEP ONE - The Prime Directive

What is the one thing you want to get out of this purchase? Sure, there are likely to be peripheral requirements, maybe a long list of 'em. So jot them all down, then put them in order of importance. Be brutal because there can only be one NUMBER ONE PRIORITY. (Yes, we've had bosses who've given us six NUMBER ONE priorities, and we all know how that's going to turn out.)

Say we're talking about a new mobile phone. Is security your top priority? Video playback? An app you can't live without? Text big enough to read without your putting your contacts in? The latest bendy screen to make your friends jealous? Hey, we're not judging here, so be honest about it or guarantee you will be sorry post purchase.

STEP TWO - Software Software Software

We used to have cameras and phones and remote-controlled toys and so on. Now we have computers with cameras, phones, and toys and so on attached to them.

The computer side of the human-computer interface has two parts: the hardware and the software. And in most technology purchases, you should be focusing on the software first. (Which is one reason we wrote a post last year about why buying a mobile phone sucks! - 'demo' models that don't actually work but just have a photo of the screen.)

If you're looking for a laptop you'll use primarily to create stunning videos, then start researching software that creates stunning videos. Sounds simple, but you'd be amazed at the number of folks who start at the wrong end of our list of 7 easy steps. (We don't need to say start at the top of the list, do we? Good. Read on.)

If your primary purpose for a mobile phone is the ability to keep track of your freelance projects to make sure your invoices are accurate to the minute and easy to spit out and send to your clients, then research the best mobile phone software for that set of tasks.

STEP THREE - Now Check Out The Hardware

You've found the perfect software. Yee Ha. Good for you. Now find out what hardware you need to run it.

I love HoursTracker Pro. Until recently, it only ran on iPhones, iPads and iPhones. So guess what...no Android or Windows phone for me. (It's now available on Android.) But my other go-to application is Notability, which lets me draw on PDFs, finger-sign and return contracts, build quick-and-dirty how-tos for clients struggling with tech issues and email them custom-built help docs in minutes. And it only runs on iPhones, iPads and iPhones.

I shoot a lot of video, almost never in a studio but out in the world, so changing sound levels and light levels are the norm. Not being a fan of auto-everything because I want control when things go sideways - which is most of the time - a video camera that has physical controls at my fingertips rather then buried deep inside a digital menu is a must. 

STEP FOUR - Gotchas

Have you noticed that most consumer-based computer printers are almost free these days? The gotcha is the price of replacement toner cartridges. So if you're shopping for a new printer, check out the price of replacement toner. (And you can be pretty much guaranteed that the toner cartridge that comes 'free' with the printer will have enough toner in it to print at least 10 pages.)

A colleague is shopping for a complete website overhaul and found a company that has an elaborate backend customer management system that will do 90 per cent of what he needs. The gotcha? You have to use WordPress for the front end - the part that faces the public - and while the upfront cost is minimal, the monthly hosting fee is $30 per page, so his 20 page site that was costing him about $300 a year will now cost more than $300 A MONTH. And it's in US dollars, which at today's rate is $399.72 per month. Gotcha.

Another colleague is considering the purchase of a drone so he can do aerial home inspections. He found what he thought was a great deal on a great drone, but one of his top requirements is the ability to record in the infrared spectrum to scope out heat loss. But since the camera on the drone he wants is fixed in place, he'll have to buy two drones - one with an infrared camera for heat loss recording and one with a non-infrared camera for the other stuff. Gotcha.

And speaking of drones, the battery life is usually wickedly short, with less than 20 minutes being the norm. So if you're going to rent a drone, and you're paying for the day, keep in mind that with 20 minutes of flying time, and two hours of charging time, you could end up getting about 90 minutes of flight time in that entire day unless you have plenty of spare batteries. Gotcha.

STEP FIVE - Accessibility

Things break. Supplies run out. Documentation isn't always comprehensible. New features often come along.

Do you have access to spare parts and supplies or are they on perpetual back order?

Is support available? Is it available outside of office hours? Does it cost a fortune?

Can you upgrade the software when a new feature comes along or do you have to whip out your credit card for every incremental improvement?

STEP SIX - Price

Now that you've researched your way through the first five steps, we've arrived at the place where too many people start: price.

Sure, you might get lucky. Once. But the odds are not in your favour. Remember the old saying: If a deal seems too good to be true, it probably is.

If you've followed our process, which we've been using successfully for a couple of decades, you'll have narrowed your choices based on your requirements, the software that will deliver, the hardware that will run the software that will deliver, and you've spotted the obvious and even some of the hidden gotchas. You may very well have narrowed your choices to a few or even one. Your job now is to find the best price for those very few options that are left on your list.

And remember: you don't have to buy new. Used - or even better, refurbished with a warranty - could the ideal way to purchase the technology required to fulfill your need and keep you from becoming just another unhappy shopper.

=g

Comments

Freelancing 2.0 - Why I Did Everything So I Don’t Have To Do Everything

One of the descriptions that's often applied to freelancers is that they behave like a herd of cats: forced together by common interest, but solitary and singular and, to a large extent, behaving like little one-man bands.

Many of them complain about low income, terrible rates, about clients who don't value their work. All true. Freelance writers have been facing stagnant rates - and rights grabs - for the better part of three decades. As the Internet shredded the business model of much of mainstream media, their paying customers, it also brought into play 'citizen journalists' who are happy to write for exposure. And there is no shortage of media outlets more than willing to join the race to the bottom line. Even if, like the Huffington Post, they're actually making gobs of money from the free work of the people who provide the bulk of their content.

'I Can't Afford to Farm Anything Out'

Yet far too many freelancers think that because times are tough, they need to do everything:  "I can't afford," the thinking goes, "to farm anything out." And that applies to not just the fundamentals like research and writing, but to bookeeping, photography, website design, marketing, video production.

So let's explore the latter for a minute: video production.

Even for talented photographers, video production is usually a challenging transition thanks to the introduction of a couple of significant add-ons: sound and motion. For non- or totally amateur photogs, the learning curve is almost ridiculously steep.

Don't believe me? Five minutes on YouTube should convince you that just having access to a camera and a microphone - usually on the same device - does not a videographer make.

Shaky images, unintellible audio, silouhettes of heads with bright lighting behind them, every video transition in the book, and non-stop panning and zooming enough to make even the hardiest sailor spew over the side.

But if you want to learn how to make decent video, you need to learn about camera angles, depth of field, lighting fundamentals, capturing good audio, how to develop and convey a story arc, file formats, aspect ratios. And so on. Not insurmountable, because there are thousands of people who get it, but a fairly steep climb that takes dedication, time and effort.

I've been through the learning wars - made hundreds of mistakes - and now feel confident that I can shoot and edit competent, professional-quality videos. (Yet the odd mistake still creeps in, usually at the worst possible moment, but that's just being a fallible human.)

You Can't Afford NOT TO

It's very useful to be able to do it all. That way you understand how it all works, but not so you can be a crazy one-man band.

I know how to keep our books. But like a lot of freelancers, it's one of my least favorite tasks. So if it were up to me, I'd never actually get around to it until 1) my bank balance is closing in on zero or 2) the tax man is knocking at the front door. So I have a part-time bookkeeper: clients are billed on time, taxes are paid on time, and I'm neither impoverished or incarcerated.

Web development? Started doing that when the guys that created Google were still in high school, and retain a pretty decent grasp of the pieces and processed required. But I work with a team who are individual experts at coding, design, and integration.

My strength - and my joy - comes from writing, business devleopment and sales. So that's where I try to spend my time and energy, and farm out as much of the rest as humanly possible.

Doing It All Limits Your Growth AND Your Income

Let's assume you can work 60 hours a week. If you do it all, you'll be lucky if a third of that time is billable, because you'll be spending 40 of those hours pitching, researching, billing, bill collecting, doing paperwork (even if it's digital paperwork, it's still paperwork), keeping up with what's happening in the areas you cover, keeping up with the technology you use to get your work done.

Let's say you can make $50 per hour, which is more than many freelancers can even imagine. That's only $50,000 a year (assuming you work 52 weeks, don't get sick, and don't mind skipping family holidays, assuming you even have time for a family.) And that's before taxes and other expenses.

If you can farm out 40 of those hours, you could easily double those billable hours. 

Plus if you team up with other people, you could collectively take on projects far larger than any of you could even dream about as a one-woman band.

In Conclusion

By all means, learn the basics of all parts of your freelancing business. Then take a step back and figure out the parts of it that you truly like doing and start figuring out how to put the rest on someone else's shoulders.

I think you'll be glad you did. After all, isn't freelancing about following your dream? Don't let it turn into a nightmare.

-30-

George has been self-employed for all but six of the last 35 years, working in print, radio, TV, and the online world. For the past two decades, he's lived almost exclusively off the avails of the Internet. He's currently combining his passion for video production and his love of sailing to take his freelancing business in a whole new direction.

Comments

LogoJeeves.com Spam

While the majority of spam EMail today originates "overseas" (from the context of North Americans, at least), there is still a substantial amount of "grey-area spam from seemingly-legitimate businesses located in North America. Case in point: LogoJeeves.com, a business supposedly located in Sunnyvale, CA, who have sent us multiple unsolicited commercial advertisements over the past month. The only unusual detail is that, when companies based in North America resort to spamming, they usually try to put up at least a flimsy pretense of being "legitimate EMail marketers" (if such a thing even exists) - such as worthless CAN-SPAM disclaimers or B.S. "you are receiving this EMail because..." notices. Not LogoJeeves.com, though, tthey don't even make an attemp to pretend that they're anything other than garden-variety spammers.

Here are copies of the two most recent SPAM EMails that we received from LogoJeeves.com - personally-identifable details have been removed, but otherwise the messages have been left intact. It's also clear that they're just trawling lists domain names that have been registered or renewed recently, as that was the case with both the domain names that were targeted by LogoJeeves.com spam.

Subject: 	[...], Special Logo Coupon for [...]
Date: 	Thu, 15 Oct 2015 14:19:50 +0000
From: 	Logo Jeeves 
Reply-To: 	Logo Jeeves 
To: 	[...]

You're Going to Need a Logo!

Activate Your Coupon Now to Get Your Logo for Only $29.96

No matter what type of business or organization you're starting, you're going to need a logo. Have you thought about all the opportunities you have to establish your brand?

Your website and email signature, business cards you hand out daily, and customer invoices and bills, are all ways to establish your brand. Save 25% Now

Regards,
Mark Williams
Brand Ambassador
Logo Jeeves - USA
877-326-0220


Unsubscribe Here

Email Marketing Services, 1140 Philadelphia Avenue , Salt Lake, 84111 

Subject: 	[...], Special Logo Coupon for [...]
Date: 	Wed, 21 Oct 2015 11:42:23 -0400
From: 	Logo Jeeves 
Reply-To: 	Logo Jeeves 
To: 	[...]

You're Going to Need a Logo!


Activate Your Coupon Now to Get Your Logo for Only $29.96

No matter what type of business or organization you're starting, you're going to need a logo. Have you thought about all the opportunities you have to establish your brand?

Your website and email signature, business cards you hand out daily, and customer invoices and bills, are all ways to establish your brand. Save 25% Now

Regards,
Mark Williams
Brand Ambassador
Logo Jeeves - USA


Unsubscribe here

Since LogoJeeves.com claims to be located in North America, we decided to respond and give them opportunity to provide details regarding their compliance (or lack thereof) with the CASL (Canada's anti-spam legislation). In particular, they were specifically asked to provide any details on when/if they had obtained consent to send commercial advertisements to our EMail addresses - but so far, they have failed to respond or even acknowledge the request. We also requested a number of details that they are required to provide by Canada's federal privacy legislation, PIPEDA (the Personal Information and Electronic Documents Act) - specifically, we requested details on what information they had collected, what purposes they intended to use it for, and how long they intended to retain it. So far, they have also failed to respond to - or even acknowledge - that request.

So what can you do if you receive spam from LogoJeeves.com? If you're a Smartypants.com customer & have your EMail hosted through us, then you're already covered - we've configured our mail servers to block any future spam from them (in addition to filing the appropriate reports/complaints). If any does still slip through, please forward a copy of message to us, including the FULL headers (the easiest way to do that is using your EMail software's "Forward as Attachment" option) - and we would be happy to file reports/complaints for you. You can also directly report EMails that violate CASL, and report organizations that violate PIPEDA.

And, suffice to say, we strongly recommend against ever doing business with LogoJeeves.com. Legitimate companies almost never resort to something as unscrupulous as spamming - granted, it's entirely possible that LogoJeeves.com is the exception, though it's difficult to verify because the registration/ownership info for LogoJeeves.com is intentionally hidden behind a WHOIS privacy service. When the very first interaction with a company is via unsolicited commercial EMail/spam, AND they take deliberate steps to hide their contact information, it does not exactly inspire confidence in the rest of their operation. And even if they didn't have any knowledge that their services were being advertised using spam (E.g. if it was done by a third-party marketer), that's still no excuse - to paraphrase an often-used line by Ken White of legal blog PopeHat.com (a variation on a quote from Eric Turkewitz): "When you outsource your marketing, you also outsource your reputation and ethics."

Comments

7 Reasons Why Buying a New Mobile Phone Sucks

I've used mobile devices for a very long time: from steno-pad-and-pen to a 26-pound luggable computer, from the Palm Pilot to an iPad, from a Motorola bag phone to an iPhone. During that time, I've used, tested, reviewed, trashed, saved from the toilet, and generally messed with a whole pile of different operating systems and devices sizes and applications.

Going phone shopping today is a nightmarish mishmash of phones, features, and voice-text-data plans with more gotchas than a ball of barbed wire.

Here are my top seven reasons to hate phone shopping:

1. Let me actually try the damned thing

Most of the phones I've tried are tethered via a retractable leash attached to the phone via a clunky theft-prevention gadget, they're not connected to any outside network, and in most cases, you don't actually get to see the operating system but a photo of what it might look like. Seriously?

Imagine going into an automotive showroom and all they have are photos of the actual cars? I think that's called eBay.

2. And without the leash

One of the key elements of a handheld mobile device is the feel: how it feels holding it in one or two hands. Does it fit your hand? Is it as slippery as a wet fish? Does it feel sleek or more like a brick?

But the leash is constantly pulling at the phone and throws off the relative weight, while the theft-prevention attachment smack in the middle of the back of the phone makes it impossible to hold it in the palm of one hand.

3. Broken Online Ordering Systems

I just spent an hour in a store trying to buy a phone and service plan. The phone I intended to purchase requires a two-year plan with a $60 monthly minimum. The plan I wanted is $105 per month. Unfortunately, the computer-based ordering system's arithmetic is screwy: it required a minimum $600 per month plan. Clearly a misplaced decimal point, but in a chilling update of the old saw: the computer is always right.

4. Clueless Clerks

I don't expect everyone to know everything about the products and services they're selling, but it's disconcerting when my information about those same products and services is more accurate than the clerks, or sales associates, or whatever they're called. I don't enjoy correcting them repeatedly, even if I'm right 90 per cent of the time.

5. Words that can kill you: mobile phone plans and contracts

The word 'dense' comes to mind. So does 'incomparable' as in apples and oranges. Might as well add 'convoluted', particularly when you throw the cost of subsidized phones into the mix.

I've hung around a few phone stores lately trying phones, reading the marketing materials, and overhearing long, complicated, and obviously frustrating discussions customers were having with sales people.

The most commonly overhead phrase: "I don't understand."

6. Your call is important to us...Your call is important to us...Your call is important to us...

Even sales associates have to call for help sometimes and it's embarrassing watching them try to deal with being on hold for 15 or 20 minutes as the customer in front of them gets more and more antsy, and everyone within speaker phone distance can hear those horrible six words over and over again: Your call is important to us.

Sure it is. That's why you're not answering it.

7. The new version will be released...

You just know it's going to be better, faster, lighter, sleeker, and maybe even cheaper that what you've finally chosen and managed to drag home after all of the pain and agony of online and instore research, making a dozen complex decisions, and waiting for the first billing shock. I mean, you KNOW there's going to be a billing shock of some kind.

The worst of it is that you know you'll be going through the same thing in a year or two from now, depending on the length of your service plan.

Call that the eighth reason buying a new mobile phone sucks.

-g

Comments

Hurricane Arthur Just Left - Here's What We Learned

The wind was rising on Friday night when we went to bed, and was a roaring monster by dawn when we lost power. The top of one of our poplars broke off and smashed part of a neighbour's fence. Next door, part of an old oak came down and caught the corner of the front porch. Across the street, a 60-foot pine fell with a huge crack and landed on the corner of the camper-trailer next door. And another house opposite lost two huge birch trees that didn't hit the ground because they landed on the main power lines.

All told, Fredericton lost more than 2,000 mature trees, some that have been standing for the better part of a century. Garden plants were shredded. About 95 per cent of the city was without power by Saturday evening when the rain continued to pelt down. Fallen trees, and downed power poles blocked large and small streets. Sirens blared non-stop. Live wires were everywhere and whole neighbourhoods were closed by yellow emergency tape. Some trees caught on fire. We saw a lawn smoldering where a fallen powerline lay across it.

So what did we learn?

It's time to do some serious trimming of our large, gorgeous, but somewhat dangerous trees.

Having an Internet-based home phone is great, till the power goes out. (We still have one lowly landline that costs us dearly every month, but sure came in handy this weekend.)

The radio doesn't work without power.

Cell phones help, but they need to be charged and when everyone moves from wifi to the mobile network, loading up the power company's outages page - where you can find out when you're likely to get back to normal  - takes forever.

Neighbours who are inclined to help will come out of the woodwork.

A lot of people here don't know how to drive when the traffic lights go out: the rule of the road is that a four-way intersection becomes a four-way stop. Saw a few near accidents thanks to the occasional idiot. (No, everyone wasn't stopped so you could blow through the intersection without stopping.)

Very few gas stations have backup power. The ones that did, had lineups of up to two hours before they ran out of gas. Not so much for cars, but for home generators.

We can easily live without power for a few days - but that's in large measure thanks to years living in the country where almost any serious storm was pretty much a guarantee of evenings spent with candles and flashlights, and cooking and making hot water on the BBQ.

A hot shower after several days without feels absolutely fabulous.

-g

Comments

.CA is good, .COM is better, Both is BEST

If you're using email, the web, file sharing and social networks to connect to customers and prospects, then you probably have a domain name. And if you don't have the .COM version of it, you should.

Why?

Because is .COM  (or dot-com) is the default.

The dot-com era - when the Internet went global and commercial - made it so: it's part of our language. And .COM is part of our digital business structure.

Assuming both .CA and .COM domains are available for a specific name, then we advise registering both. You can decide later if you want them to lead to the same content, or to divide online visitors based on their geographic preferences.

Given the low cost, and the potential benefits, why would you settle for just one if you can do both?

-g

Comments

Goo.gl - Google's link-shortening feature - used to spread malware

Spam watchers are noting a new trend: using Google's link shortening tool to hide the real location of links to malicious software.

The links are in a variety of spam attacks, including supposed access to Dropbox files, tax refunds, voice mails and faxes. This replaces the usual bait-and-switch links that, as anyone familiar with even basic html will know, claim to point to one web site address while the underlying, hidden link actually goes somewhere else. It's a bait-and-switch trick that's simple to expose: hover your cursor over the visible link and, if the actual link that pops up is different, then you're being phished.

In this case, however, the visible link and the underlying link are the same: http://goo.gl/AndSomeCode

Hover over the link, and you get the same web address. But when you actually click on the link, you go first to the Google link shortening tool which then redirects you to the link containing the malicious software that will now infect your computer. Thanks, Google.

So there are two solutions: Google needs to put a stop to this, or Internet users need to stop clicking on any links using Google's link shortener.

Since we have no control over Google - and don't know how or when they'll deal with this problem - our solution is to block any email that contains http://goo.gl and warn the crew here never to click on that type of link in any emails that slip through our filters.

-g

Comments

Benefits of .COM

In the past few months, the Internet Corporation for Assigned Names and Numbers (ICANN) has opened floodgates and let loose a deluge of new domain name extensions (or gTLDs). Historically, the unrestricted gTLDs have been limited to .COM, .NET, and .ORG – with a few additions in the early 00s, such as .BIZ, .INFO, and .NAME – but with the current expansion, ICANN is on course to add hundreds (if not thousands) of new TLDs before the end of 2014.

This has led people to question whether or not the “traditional” gTLDs of .COM, .NET, and .ORG are still as important as they once were. We, however, believe that the new gTLDs are unlikely to supplant the traditional gTLDs any day soon – for a variety of reasons. Read on for the details.

Because the new gTLDs are, well, new, it means that the people registering domains under them can, for the most part, be divided into two main camps. The first are owners of large organizations who already own a .COM domain (or a domain with one of the other traditional gTLDs), who register their existing domains under the new gTLDs mainly to prevent others from doing so. The first group usually does this to protect themselves from the second group: domain squatters, online fraudsters, and others who see benefit from using new gTLDs to impersonate websites that use the more established gTLDs. The remainder are mostly limited to people using the more-exotic gTLDs for “domain hacks” (using the extension to spell out a word, E.g. “delic.io.us” or “goo.gl”).

There is the perception that expanding the available gTLDs will give people the opportunity to purchase domain names that they couldn’t get as .COM or one of the other traditional gTLDs – but, aside feeding the perception of newer gTLDs as “consolation prizes, the problems with that rationale should be apparent after reading the previous paragraph. If you purchase a domain name under a new gTLD and that domain already exists as a .COM or other older gTLD, then there’s a good chance that a significant amount of your potential visitors will end up on the .COM site instead of yours – because most people are familiar with .COM and it’s the first thing many will try when typing in a website address they’re unsure of. And that’s probably the best-case, assuming that the owners of the .COM equivalent haven’t already registered their domain under the new gTLD during its pre-order/”sunrise” phase, and assuming that the .COM equivalent isn’t covered by a trademark (which can lead to seizure of “infringing” domains & other legal issues). Because of these factors, some have cynically suggested that the only groups benefiting from the gTLD expansion are ICANN and trademark lawyers.

Barring major changes by ICANN, this leads to a seemingly-insurmountable chicken-or-the-egg problem for the new gTLDs: to become as established/desirable as .COM, they need the same level of adoption, but the largest barrier to adoption for new gTLDs is the fact that .COM is already so well-established. The traditional gTLDs like COM simply have too much of a lead at this point, there’s no way for new gTLDs to “catch up” so to speak. The best example of this it the previous, much smaller expansion of the gTLDs: despite the fact that the .INFO and .BIZ gTLDs have been around for nearly 15 years now, they’re still barely a blip on the radar compared to .COM and the other traditional gTLDs.

So while there are situations where it makes sense to consider one of the newer gTLDs (or a country-specific TLD like .CA), we still recommend .COM first when customers ask is which TLD they should use for a new domain name. And that’s not likely to change for the foreseeable future.

- Stephen B.

Comments

HostMonster - Service & Support Issues

While we’re still only in the early months of 2014, a clear frontrunner has emerged for dubious honour of worst hosting provider I’ve had the displeasure of dealing with this year. The fun started earlier today, when I received an EMail from HostMonster’s support stating that outgoing spam had been detected from a mailman installation in our account. So, of course, my first step was to attempt to login to the control panel account in order to check the mailman settings… except when I tried to, I received an error message stating that the account had been suspended. But not for the mailman as you might expect – instead, the error stated that the account had been suspended for a completely different reason: copyright violation.

Sadly, that’s only the tip of the iceberg when it comes to shoddy & unreliable service from HostMonster. Read on for the complete comedy of errors.

First, a little bit of background: while we do use our own webservers for the majority of the sites that we host, develop, and maintain, we have also had a Hostmonster account for abut 5 years now – mainly for development purposes, testing, as an emergency backup, etc. So, fortunately, we only have a single live site on HostMonster’s network (one of our own sites), partly due to similar experiences with poor service from Hostmonster in the past – but more on that later.

Getting back to the current (and ongoing as of this writing) issue, this is not actually the first time that Hostmonster has suspended our account for copyright violation – but the second time. The first time was almost as ridiculous: Hostmonster’s support didn’t bother informing us of the “issue” until after they had already suspended the account… for a non-existent copyright violation. Apparently one of the brain donors in their support department noticed that our site contained a number of videos and then mindlessly assumed that they must violate copyright, without having received any third-party complaints or takedown requests, or any other valid reason to believe there was a copyright issue.

That brings us full circle, back to the present… and it gets even more absurd. This time, Hostmonster didn’t even bother to inform us after the fact that the account had been suspended – I only noticed when I attempted to login to the control panel. The notification message about the EMail issue made no mention of account suspension and stated that only the account’s ability to send outgoing mail had been suspended – when, in fact, the entire account had been suspended, included the site hosted on that account (causing any visitors to the site to see an error, instead of the page they expected).

But even THAT isn’t the end of it. I did eventually discover that I could still access the control panel for the account – not immediately obvious, since I was redirected to the “account suspended” page after login. So while waiting for Hostmonster to get around to responding, I checked on the original issue that they reported… only to discover to that that issue was also non-existent, because there are no mailman lists setup in that account to begin with. As near as I can tell, the message originated from one of our other servers (due to a known issue with the way mailman’s “list-owner” address works) – but because it the domain it came from had also been setup on our Hostmonster account in the past, someone appears to have incorrectly assumed that the message came from their server. Which means they evidently didn’t bother to check to check the originating IP in the message headers, or perform a DNS lookup for the domain name, or even check for mailman lists in the account on their own servers – any of which would have immediately confirmed that they’d made a mistaken assumption about the origin of the message. I didn’t think Hostmonster’s service could get worse than assuming that all video files violate copyright, - but suspending an account for spam received from a completely separate network is at least a contender as far as amateur-hour mistakes go.

And to put the cherry on top, I first contacted Hostmonster’s support about the issue nearly two hours ago – but the only response I received was a boilerplate message asking me to confirm that I am in fact the account holder… yep, I replied to a message that they sent to me as the account holder, yet they still need me to verify (not exactly a surprise, though). There have been no further responses since I replied with the information they requested, over an hour and 45 minutes ago.

UPDATE 2014-02-21 It has now been over 24 hours since we first reported the problem to HostMonster's support and requested that they fix it. Since this post was originally written, we have received a grand total of one further response - saying that I needed to check for vulnerable mailman settings... after I had already pointed out that there aren't any mailman lists setup in that account.

In the meantime, we've transferred the one site we had on HostMonster to another server. Despite the fact that the site contains over 50GB of data, we were able to do that in less than it's taken HostMonster to fix a problem that is entirely on their  end & should have required (at most) 10-15 minutes to fix. That's including the time it should have taken to verify the we information provided to them, after we essentially did their job for them and spoon-fed them all of the relevant details.

Now it's time to see if their cancellations department is any less inept - certainly not holding my breath.

Comments

Rogers “Extreme Text Messaging” Useful Features, Silly Name, and Glaring Security/Privacy Risks

There's a set of options that Rogers Wireless bundles under the heading "Extreme Text Messaging" - while it's not heavily publicized (apparently it's been around since 2010), it does include some very useful options. It also illustrates one of the more annoyingly-lazy product/service-naming trends (at least they didn't call it "Xtreme"), and opens Rogers customers up to some fairly serious security/privacy risks - but more on that aspect later.

The official instructions from Rogers focus on accessing the "Extreme Text Messaging" settings using the Rogers account management app for Android or iOS - but there's also a web-based option that can be accessed from any device with a browser, which is the method I'll focus on. The instructions say that you need to send a text message with specific content to a particular number, and then you'll get a reply back with the URL of the "Extreme Text Messaging" settings page - but it appears they always send the same URL, so you can go there directly instead: http://rogers.com/m/extremetext. The only requirement is that access that page from the device you're trying to configure, and that you access the page via Rogers' cellular network - so Wifi will likely need to be disabled on your phone first.

Most of the available options on that page are self-explanatory. You can setup an auto-reply for incoming text messages, or use the "Blocker" feature to block text messages from specific numbers, or setup Distribution Lists so that you can easily send messages to multiple people. That leaves the "Forwarding" and "Copy" features, which do much the same thing - but with some important differences. The "Forward" option allows you to specify another number to forward incoming text messages to - and after enabling, the messages stop being received at your regular number. And the "Copy" setting, on the other hand, lets you do the same thing - but you still receive copies of the messages on your regular number, and you can "copy" the messages to an EMail address as well (the "Forward" option only lets you specify another phone number as the destination).

One main caveat before moving on to the security and privacy issues: in typical Rogers fashion, information on additional costs/pricing isn't mentioned in any of the documentation that I could find. But I've never known Rogers to pass up an opportunity to nickle-and-dime their customers, so it's probably best to assume that there are additional charges - for example, if you have the "Copy" option enabled, Rogers will likely charge you twice for every incoming text messages (once for the receipt of the message, and again for forwarding it to the destination number).

Privacy/Security Implications

From reading the instructions above, you may have noticed one detail conspicuously-absent: any mention of needing a username or password to access the "Extreme Text Messaging" settings page. That's because there is no login required: you do need to have physical access to the phone and access to Rogers' cellular data network - but beyond that, Rogers doesn't appear to use any access restrictions to secure those settings (not even an option to protect those settings with a password). In other words, it would be trivial for anyone with even brief access to your phone to change any of settings mentioned above, without your knowledge; Rogers doesn't so much as send a confirmation SMS or EMail to inform customers that their settings have been changed. Strictly speaking, even physical access to the phone is not a requirement: software running on the phone (viruses/malware) would also have access to change any of "Extreme Text Messaging" settings, without any indication*.

This neglect of basic security principles opens Rogers' customers up to several potential abuses, while making stalking and online harassment significantly easier. Want to surreptitiously spy on someone's text messages? Just enable the "Copy" feature. Want to block someone's ability to receive text messages? Just enable the "Forward" feature. Want to try get someone's friends and family upset at them? Just enable an abusive/profane auto-reply message. In fact, the only feature that doesn't have obvious potential for malicious use is the "Distribution Lists/Group Messaging" option, but I have no doubt that someone could figure out ways to abuse that feature too, given enough time & motivation.

So what can individual Rogers Wireless customers do to prevent those types of problems? Not much, until Rogers gets around to securing those settings - and even then, I wouldn't hold my breath waiting for them to roll out modern security features like two-factor/out-of-band authentication. For now, the best protection is to keep an eye on those settings: if you're using Rogers Wireless, check the "Extreme Text Messaging" settings every now and then to make sure that no one has changed them.

*There is already malicious software for desktop PCs that works in a similar fashion, exploiting security flaws to modify the configuration of wireless routers. Doing something similar with a mobile application would be relatively simple, and malicious "copycat" applications are already prevalent on mobile software marketplaces.

Comments

Using Your Domain Name with Dynamic DNS

Dynamic DNS is a fairly simple idea that's been around for some time & it allows people to run publicly-accessible network servers without the need for a static IP. This has many potential applications: developers who run a testbed server in their office/home, providing staff without out-of-office access to their work computer or other network resources (in situations where a VPN would be overkill), etc.

Unfortunately,  dynamic DNS providers typically offer you one of two options: free service where you can only choose a sub-domain, which will hang off another domain (E.g. yourdomain.dyndns.org). Or if you want to use your own domain name, then there's usually a recurring fee - it also requires running DNS for the entire domain through the dynamic DNS service. With that setup, your website and/or EMail could go offline during IP address changes - even if those are hosted elsewhere.

But there is a solution that gets around both sets of problems - read on for the details.

This guide is very general; it's more of a general strategy than a step-by-step guide, mainly because the exact steps will depend on your hosting/DNS provider. But if you're familiar with creating and editing DNS records, then you should have no trouble adapting this to your particular setup.

You need three things for this to work: a domain name, control of the DNS settings for your domain name (usually available through your hosting provider and/or domain registrar), and an account with a dynamic DNS service (E.g. https://www.dnsdynamic.org/). Add a domain to your dynamic DNS account, from one of the free options - this will give you "dynamic" domain that looks something like "mydomain.user32.com". You'll probably also want to install a dynamic DNS client on your computer, so the dynamic domain gets automatically updated when your IP address changes.

Next, edit the DNS settings for your "real" domain. Keeping with the example above, your dynamic domain would be something like "mydomain.user32.com" - and the "real" domain would be something like "mydomain.com". All you need to do is create a CName (alias) record under your real domain and point it at your dynamic domain - for example, the CName could be called "office.mydomain.com". And that's it, the domain names "office.mydomain.com" and "mydomain.user32.com" would be essentially interchangeable, giving you the best of both worlds: free dynamic DNS, using your own domain name.

Comments

iPad2 - Two Years On

Product reviews are generally all about being the first out of the gate or second-wave expansions of detail and insight. But it's also worth looking at products after they have some dents and bruises from heavy long-term use, and my iPad2 has some dents and bruises.

It's a 3G 16GB model.

Here's what it's good for:

• Time tracking and reporting
• Astronomical charts
• Email in a larger format than a phone
• Signing and annotating documents
• Creating documents to sign and annotate
• Google maps
• Nautical charts
• Skype on the fly (not any more - mic stopped working a year ago)
• Portable video viewer - bigger than a phone

• Writing / editing lengthy documents
• Typing - even with a decent Bluetooth keyboard
• Video editing
• Skype on the fly - now that the mic stopped working
• Email storage - it's really limited if you're a heavy user
• Email management - GRRRRR! - too small, poor search
• Being spied on by Apple and some app developers
• Safari in general
• Calendar and duplicate entries
• Cameras

Size does matter, after all. That's why newspapers and magazines used to put their pages up on a wall or on long shelves for layout and design. (And someone's now doing it with monitors and I'm betting the design folks are going to go back to the big desk approach as soon as they can pry the money out of management.)

When you're dealing with large amounts of data, trying to work on a cellphone-sized screen is like working through a keyhole. An iPad just feels like a somewhat larger keyhole.

The apps that have lasted:

• HoursTracker - track multiple projects for multiple clients simultaneously and spit out spreadsheet-formatted reports via email - awesome
• Notability - mark up PDFs and images with your finger tip, sign contracts and email them from the app - seriously useful tool
• Planets - want to see where Jupiter is or the name of that constellation? in real time? gets a WOW every time
• Flashlight - including a keyable green (for video)
• AR.FreeFlight - for flying a small, dual camera drop helicopter
• Clock Pro - superb full featured timer app (stopwatch, countdown, various time zones, etc.)
• Find iPhone - required
• Keynote - for creating (if no other choice) and displaying slide decks
• iTunes U - one of the world's best travel companions - load up some audio / video learning for travel
• CBC Radio - limited time travel that lets me catch shows played west of here that conflict with things I'm doing when they run locally

I didn't feel any need to upgrade to the iPad that should be called the 3.

And if the iPad has given me anything significant to take away from the experience is the immersive power of touch. After a month-long experiment of using the iPad2 pretty much exclusively, I was both ready to toss it into the lake and kept trying to use touch on non-touch enabled computers.

My next desktop / laptop monitors will definitely be touch enabled. While I don't like onscreen keyboards one bit - few touch typists do - touch-enabled screens let you do a lot of very neat things with your hands directly on the user interface.

And dictation software is improving. It's not an option in noisy environments and if you type quickly, it's often faster to type than to talk and then correct.

But at the end of it all, a tablet is pretty much a tablet with both product-specific and general strengths and weakness. I'd give the iPad2 7.5 out of 10.

-g

Comments

An open letter to comment spammers

To the brain donors posting comment spam from the IP addresses 217.164.214.91, 110.206.98.78, and 116.54.231.5:

Would you like to know one of the best ways to get someone to dedicate themselves to having your site shut down and reporting it to as many relevant authorities as possible? Create a site that promotes child pornography, and then spam a hosting/IT company's blog with links to it.

Comments

The Need for Dark and Quiet Spaces

When I first spent a night at the beach house (mid December), it came as a surprise that the house was in a digital blank spot: neither Internet nor cellphone connectivity. Sure, I could drive 15 minutes back along the road from the shore, but after more than 7 hours on the road, there was zero desire to climb back into the car.

Unwinding takes time, so the first hour normally spent checking email, phone messages, and the like felt a bit surreal: brain and fingers all ready to hit the digiverse that wasn't there. The normal cure in a place like this would be to head for the beach, but the night was stormy and rain lashed against the windows.

So I sat, stood, paced a bit, and then spotted a goldmine: a giant stack of The New Yorker going back a couple of decades. Including the issue featuring the now famous 'On the Internet, nobody knows you're a dog.' cartoon. No tweets, no texts, no emails, no ringtones. Just the indoor silence overlaid with the wind, rain, and waves.

The skies cleared by morning, and the digital itch forgotten thanks to a stunning view of the sea. A few hours later, back on the road returning to the so-called real world.

[caption id="attachment_1106" align="alignright" width="300" caption="Peace & Quiet in a Digital Dark Spot"][/caption]

I was back again six weeks later but this time with a serious winter storm about to erupt. And now there were two of us without external connectivity. Knowing we had at least two days of isolation ahead. (It turned out to be three.) No instant headlines, instant messages, instant banality.

The rain began not long after we arrived, the intensity of the waves and wind slowly increased, the fire in the wood heater crackling and hissing in time with the wind.

So we talked. Almost in whispers.

When the night sky was clear, we looked at the Milky Way. With only a thin cloud-free strip, we woke in the middle of the night to see an orange half moon pop above the roiling sea. We took turns fleeing across the stone floor to put more wood in the fire before hurrying back to the warmth of the bed that faces the huge windows.

We did make a couple of brief forays into the digiverse: just far enough from the house to get a single bar from a cellphone tower and get assurances that the outside world was still intact and getting along just fine without us. I'm guessing that were we able to spend weeks instead of days in this quiet zone, those forays would become less frequent, more of an imposition that an opportunity.

The hiatus ended when the storm cleared and the pull of our other lives had us back on the road. But the essence of that dark and quiet space lingers, not unlike the aroma of rosemary on the sleeve of a sweater.

And we continue to embrace the social network of just we two at the end of each day: talking quietly, almost in whispers, about the day gone by.

-g

We

Comments

Constant Contact IP Ranges 208.75.123.0 - 208.75.123.255

In an earlier post, I mused about finding the list of IP addresses that bulk emailer Constant Contact uses to send out their email messages. So today, I went looking.

Among the first results is an article with the title 'The Battle of the Inbox' on the Constant Contact site that talks about how to get around those pesky people and companies who don't want their inbox attacked every time a Constant Contact customer has the urge to send out some earth-shatteringly important missive about a new way for them to get at your money.

No IP ranges listed there, though. So I kept looking and lo and behold, the St. Lawrence Seaway is one of several places to find the answer. Ironically, it's part of a post on the Seaway site about how to get those pesky systems administrators who do their best to keep your inbox safe to let let down the barriers so that Constant Contact's digital warriors can get through and, I presume, win the battle.

The list is often part of a form letter - there are various examples online - created by Constant Contact to send to system administrators who are blocking Constant Contact emails from entering their networks.

At any rate, here are the ranges:

IP Range: 208.75.123.0 - 208.75.123.255 CIDR: 208.75.123.0/24 Network/Netmask: 208.75.123.0 255.255.255.0

Specific IPs sending from this range:

208.75.123.1 coi001.confirmedcc.com 208.75.123.2 coi002.confirmedcc.com 208.75.123.3 coi003.confirmedcc.com 208.75.123.103 coi103.confirmedcc.com

208.75.123.130 ccm22.constantcontact.com 208.75.123.131 ccm23.constantcontact.com 208.75.123.132 ccm24.constantcontact.com 208.75.123.133 ccm25.constantcontact.com 208.75.123.134 ccm134.constantcontact.com 208.75.123.135 ccm135.constantcontact.com 208.75.123.161 ccm26.constantcontact.com 208.75.123.162 ccm27.constantcontact.com 208.75.123.163 ccm38.constantcontact.com 208.75.123.164 ccm39.constantcontact.com 208.75.123.165 ccm165.constantcontact.com 208.75.123.166 ccm166.constantcontact.com 208.75.123.167 ccm167.constantcontact.com 208.75.123.168 ccm168.constantcontact.com 208.75.123.169 ccm169.constantcontact.com 208.75.123.170 ccm170.constantcontact.com 208.75.123.171 ccm171.constantcontact.com 208.75.123.172 ccm172.constantcontact.com 208.75.123.173 ccm173.constantcontact.com 208.75.123.174 ccm174.constantcontact.com 208.75.123.175 ccm175.constantcontact.com 208.75.123.176 ccm176.constantcontact.com 208.75.123.177 ccm177.constantcontact.com 208.75.123.178 ccm178.constantcontact.com 208.75.123.179 ccm178.constantcontact.com 208.75.123.180 ccm178.constantcontact.com 208.75.123.181 ccm178.constantcontact.com 208.75.123.182 ccm178.constantcontact.com 208.75.123.193 ccm33.constantcontact.com 208.75.123.194 ccm34.constantcontact.com 208.75.123.195 ccm35.constantcontact.com 208.75.123.196 ccm36.constantcontact.com 208.75.123.197 ccm197.constantcontact.com 208.75.123.198 ccm198.constantcontact.com 208.75.123.200 ccm200.constantcontact.com 208.75.123.201 ccm201.constantcontact.com 208.75.123.202 ccm202.constantcontact.com 208.75.123.225 ccm29.constantcontact.com 208.75.123.226 ccm30.constantcontact.com 208.75.123.227 ccm31.constantcontact.com 208.75.123.228 ccm32.constantcontact.com 208.75.123.245 mail245.nutshellmail.com 208.75.123.250 ccm37.constantcontact.com

And here's another list of possible legacy email sources: 64.95.77.162     c1.confirmedcc.com 64.95.77.163     c2.confirmedcc.com 64.95.77.164     c3.confirmedcc.com

63.251.135.74     ccm01.constantcontact.com 63.251.135.75     ccm00.constantcontact.com 63.251.135.109     ccm08.constantcontact.com 63.251.135.115     ccm09.constantcontact.com 66.151.234.151     ccm14.constantcontact.com 66.151.234.152     ccm15.constantcontact.com 66.151.234.153     ccm16.constantcontact.com 66.151.234.154     ccm17.constantcontact.com

Your system administrator could use a list like this to reject email from the computers / computer networks at those IP addresses.

I've heard from Constant Contact who offered a briefing with their head of compliance. I'm hoping for mid February.

Some organizations use the company's services for content that recipients requested and actually want. In my experience, the majority of sources of Constant Contact email parachuting into our inboxes didn't fit into that category.

The dilemma facing system administrators is this: if I let one Constant Contact customer to send mail into my network, then I'm opening the door to all current and future Constant Contact customers.

The company admits a lot of customers tend to let marketing enthusiasm overcome their adherence the rules of war, even offering extensive educational materials about email etiquette and legal requirements, should they care to read it.

With most of us moving to mobile, unwanted junk landing in our inboxes is becoming more expensive. Bulk email marketers seem either blissfully unaware or willfully blind to the fact that unwanted junk mail sent to mobile devices is being paid for by the recipient as part of their data plan.

Imagine if the junk flyers dumped into your physical mailbox came with a Postage Due notice from the Post Office. If that's wrong, why should it be okay to shift the cost of digital advertising onto the recipient's mobile phone bill?

-g

Comments

Digiweb Ireland Keeps Bank Phisher Online

Three days after we reported to Digiweb.ie that an apparently abandoned web site they host (AskGareth.com) is home to at least three infected directories being used in a global phishing scam aimed at CIBC (Canadian Imperial Bank of Commerce) customers, the malware is still happily infecting anyone duped by the phishing emails to visit the Digiweb server.

Emails sent to Gareth O'Shea at the address listed in his site's domain name registration bounced.

Emails sent to technical contact John McKenna at Digiweb were ignored, so additional copies were sent to Michael Doyle, Digiweb Ireland's Chief Financial Officer and the media contact listed on their web site. And ignored.

How do we know they're ignored? Because overnight, another set of phishing emails pointing to yet another infected file on the AskGareth.com site hosted by Digiweb and apparently abandoned sometime last year. As of the time of writing, ALL of the malware links in the phishing emails pointing to the Digiweb network are still in full operation.

It's truly unfortunate that given the dramatic rise in identity theft worldwide and the well-documented fact that the vast majority of online identity theft attacks are intended to steal money from existing bank accounts that an ISP calling itself "Ireland's leading independent telecommunications company" would be so totally cavalier about hosting one of the key elements that cybercriminals need to steal money.

Sad and pathetic.

-g

Comments

Revealing Glimpse Under the Hood of a Broken Comment Spam Bot

Earlier today, the Smartypants blog received yet another "faux-praise" spam comment - one of those comments that attempt to look legit, but are still obvious spam because of how generic and semi-literate they are ("Thanks you for all the wonderful infos!!!"). It's run-of-the-mill stuff for anyone who runs a blog, or any other type of site that allows commenting, but this one was a bit more interesting.

One of the oldest methods of identifying spam is to look for multiple, identical messages (old-timers are probably thinking "Briedbart Index" right about now) - so spammers will often add random variations to each message in order to circumvent filters. And that's what makes this particular spam comment interesting - for some reason (probably misconfiguration), the comment contains some sort of template markup, which shows all of the possible variations of the message. Most of them are minor, such as slight changes in wording:

I {couldn't|could not} {resist|refrain from} commenting. {Very well|Perfectly|Well|Exceptionally well} written!

In simple terms, this spammer has accidentally posted his entire script/template for generating seemingly-unique comments. Read on for the full script.

Comments

What, Me Retire? As If

A year ago, I woke to a fiddler playing 'When I'm 64"...a poignant and funny start to that birthday orchestrated by my funny and poignant wife.

Tomorrow, that song becomes past tense for me.

There's long been an expectation among my generation that 65 means retirement. Unless you can do it sooner or, if you put your trust in RRSPs that tanked and built up a nice wall of debt during the recent decade of nearly free money (how ominous does that sound?), if you can do it at all.

I tried retirement. It just didn't work for me.

After spending most of the '90s embracing the commercialization of the Internet, dumb luck let me cash out before the dot-com bust.

After six months of barely any activity, the threat of boredom drove me back to work. But not back to the workaholic level. It's more balanced now. At the same time, it would take ropes and chains to drag me away from the team of smart, interesting, creative people who share my working life now.

I love being productive, helping to find better and more interesting ways to do things worth doing, sharing with friends in the here and in the virtual, learning, thinking, wandering the globe in large and small chunks, and generally being upright and sentient.

It's been an amazing 65 years. Yes, there are regrets and great stupidities that would be grand to undo. There are tragedies unfolding before my eyes.

The hardest part is losing people.

But like it or not, life marches on. We can only make the best - or the worst - of it.

-g

Comments

Canadian Subsidy Directory Spammer Back for Yet Another Year

Do you have a hankering to pay for information that you can receive absolutely free online? Then you’re the kind of sucker the Canadian Subsidy Directory is looking for.

The company behind the annual spam shilling paid listings of freely available information gleaned from Canadian federal and provincial governments is registered as Publications Canadian Publications, 1999 du Skieur, Sainte-Adele, Quebec, and claims to have offices in Montreal and Ontario. The man behind this scheme – who lists himself on LinkedIn under ‘philanthropy’ – is Michel Goyette (aka Michael Goyette).

He’s been spamming far and wide – and relentlessly – for years. Here are some links:

• A posting on The Bolt blog at the University of Saskatchewan from April of 2011;
• Spamhaus lists Goyette in their Registry of Known Spam Operators and says they first spotted him abusing ISPs in 2003;
• Spamfighter posts years of correspondence about Goyette’s spam with Canada’s Privacy Commissioner – acknowledging he harvests and spams email addresses he finds online but says it’s OK;
• Believe it or not, Canadian Subsidy Directory is listed as a member in good standing of  Québec Commercial Certification Office (similar to the Better Business Bureau);
• Even more surprising is that organizations like the Manitoba Environmental Industry Association, the Canadian Venture Capital Association, and Toronto's evangelical Tyndale University College & Seminary are actually PROMOTING the directory;
• While the online forums at Concordia University include a warning and tons of complaints about spam about the annual publication going back nearly ten years.

Another tip: If (perhaps that should be 'when') you do get spammed for the directory, do NOT reply in the hopes of getting your email address removed from the list. There's plenty of evidence that you'll just confirm that you're a live one and the deluge may actually increase.

Save your $70 or $150, contact the nearest government business development office, and get what is likely to be more up-to-date information about grants and subsidies for the cost of a local phone call.

-g

Comments

Don't hang up on the telemarketing Captain - Keep him on the phone as long as you can

Getting telemarketing calls from the Captain, from the fake Windows security experts who've tracked a virus to my computer, for whatever...the worst thing you can possibly do is hang up quickly or drive them off the phone with your obvious annoyance.

That's what they want you to do.

What?

Yep. If you're a NO, the sooner they can get you off the phone and move to another potential sucker, the better. And your number stays in their database as a possible. At least they know your number works and that a human will answer. Suppose they might sell that to another online phone scammer? Um, yeah.

So what's a person to do?

It's both counter intuitive and simple: KEEP THEM ON THE LINE AS LONG AS YOU CAN.

The longer the better. I've managed just over 20 minutes with more than one poor slob who thought he had a live one.

How?

By asking a lot of questions. By asking of they can hang on while I answer the other line / look for my wallet / answer the door / have a fake coughing fit / go off on some tangent / begin to display my dementia...whatever it takes.

Remember the line "Don't get mad, get even!"? Now's your chance.

It's their worst nightmare - a seemingly hot prospect that's nothing but a tease.

Sure, you'll have to do it a few times. But in my experience, the calls start to drop off pretty quickly when they figure out 1) you're not a dupe, 2) you're prepared to act like one, and 3) this is a lousy number to call because you never says YES but also never say NO.

It's been so much fun that unless I'm under some sort of deadline, or in a meeting, whenever I get a (rare) telemarketing call these days, I usually ask them to hold on one second while I get rid of my current phone caller - giving me enough time to pour a fresh cup of tea - and have some fun picking off their wings.

-g

Comments

Social Media is all about sharing - but how sharing are we?

Yes, you can share my obsession with cats (which I just made up), what I had for lunch including fuzzy fotos, why I loved the great new episode of Whatever IV, me joining the slag of a sleaze of a celebrity whore who had the audacity to tweet THAT, and oh so much more.

But!Back!Away!From!My!Smartphone.

Get.yer.sticky.fingahs.offa.my.ipad.

[If this were a money hungry blog where we thought we wouldn't be able to pay the rent without annoying ads, there would be a slickly done graphic and text ad right here - in this very spot -  that looked like it fit right into the content - part of the blog post - it wouldn't even say 'advertisement' in tiny text like they have to do in the dead tree edition. But it's not a money hungry blog. We have, as they say, alternate sources of revenue. Look up SmartypantsICP.com or NewMediaDrive if you want to know more.

LOL...that was fun. Did you think it clever? Annoying? Stupid? Money hungry? All of the above? C'mon, admit it. You smiled. A little bit.]

OK. So back to sharing.

You can share my thoughts and emotions, such as they are, and even glory in the photos of my joy, pain, hubris and downright stupidity, but do NOT, and I say again, do NOT think you can use my laptop or take my cellphone out for the night.

And don't even ASK to borrow my persona.

As in: "NO, I will not let you use my Facebook account on Saturday night."

Don't even ASK.

-g

Comments

Google Plays "Hide the Free Version" with Apps for Domains

A few years back, Google introduced a free service called "GMail for Domains" - in a nutshell, it allowed domain name owners to use the GMail service for their domain's EMail accounts. Later, this was renamed to "Google Apps for Domains" when it was expanded to included other Google apps like Docs & Calendar, around the same time that Google started offering a paid version for businesses. Unfortunately, this was also right around the time that they started making the free version progressively more & more difficult to find (just a coincidence, no doubt).

For example, this post from 2008 describes how the only way to signup for the free version was to start the signup process for a trial of the paid version, and then click a "Compare to Standard Edition" link on the second page. Four years later, and even that option is no longer available - in fact, Google's main page for the service doesn't contain even a single reference to the free version (and refers to the service only as "Google Apps for Business").

Fortunately, there is still a way to sign up for the free version - as of this writing (August 28th, 2012), the only signup link for "Standard" (free) version is on the Google Apps Pricing page (you can also go directly to the signup link for the free version).

Comments

Google Plays "Hide the Free Version" with Apps for Domains

A few years back, Google introduced a free service called "GMail for Domains" - in a nutshell, it allowed domain name owners to use the GMail service for their domain's EMail accounts. Later, this was renamed to "Google Apps for Domains" when it was expanded to included other Google apps like Docs & Calendar, around the same time that Google started offering a paid version for businesses. Unfortunately, this was also right around the time that they started making the free version progressively more & more difficult to find (just a coincidence, no doubt).

For example, this post from 2008 describes how the only way to signup for the free version was to start the signup process for a trial of the paid version, and then click a "Compare to Standard Edition" link on the second page. Four years later, and even that option is no longer available - in fact, Google's main page for the service doesn't contain even a single reference to the free version (and refers to the service only as "Google Apps for Business").

Fortunately, there is still a way to sign up for the free version - as of this writing (August 28th, 2012), the only signup link for "Standard" (free) version is on the Google Apps Pricing page (you can also go directly to the signup link for the free version).

Comments

Diana Adams - Poet, Writer, Troublemaker and now CIBC Password Phisher?

Want to hand over your CIBC online banking details to identity thieves? You can do it by visiting dianaadams.ca and filling in the online form.

It's not on the home page - you'll have to dig a bit deeper or just visit this link that arrived via email this morning:

http://dianaadams.ca/www.cibconline.cibc.com/olbtxn/authentication/introduction.html

But whatever you do, don't put your real CIBC information into the form. You're not really on the CIBC website - it's a page that's been added to dianaadams.ca to help collect your banking information and pass it on to identity thieves.

Was Diana's website hacked? Probably.

And since it's a .ca site - meaning it's likely Canadian - the polite thing to do would visit her site and look for a way to let her know. Unfortunately the home page consists of a few words, an image of a book cover, and a photo of our intrepid poet, writer, and troublemaker. No links. No contact information or form.

So a quick check of her domain name registration looking for an email or postal address. Or a phone number. But that information is hidden from public view. Same for her hosting company, Alberta-based Computer Engineering: no email contacts, no phone number, no physical address.

She appears to have a LinkedIn profile, but she's not in my circle of connections. So how do you tell someone who's taken the trouble to hide her domain name information that her site has apparently been hacked and turned into a phishing site that's trying to grab online banking details from CIBC customers?

The bigger question is why hide your registration information in the first place. Besides making it easier for the Internet's less savoury characters to make their mischief?

-g

Comments

Anatomy of a Website Compromise

Recently I had the "pleasure" of cleaning up one of the websites we host, and encountered one of the sneakiest website compromises ("hacks") I've seen so far. I've decided to document the details, in case the information is of any use to other people whose sites have been compromised the same way. This incident is also a good example of how sophisticated (or at least sneaky) these attacks have become, and the amount of effort required to cleanup a site compromised in this way.

Read more for the gory details. Many website compromises are easy to spot - typically attackers will add code that redirects visitors to other sites (or opens pop-up windows in their web browser), or they add content to pages on the site, or they outright replace entire pages. This compromise was much more subtle though, and it was only noticed when spam links began appearing in the Google search results for that site.

When we were asked for help with the problem, I immediately started on the standard cleanup tasks:

• creating a compressed backup of the infected site & the recent web logs (for later analysis)
• searching through the site's files for words that were in the spam links/search results with "grep" (a UNIX tool that searches through files for specific text)
• and creating a list of all the site's files sorted by their modification date

The "grep" search turned up several files that contained key words from the spam links/search results, which I promptly removed. The list of recently-modified files turned up some more infected files, mostly "backdoor" scripts hidden in the /images folder, which I also removed. Backdoor scripts are usually web-based file managers, which attackers can use to modify files on the website. To use a real-world analogy, it's like to breaking into a house by picking the front-door lock, and then making some other more subtle change to make it easy to break in again - like disabling the lock on a window.

So far, this was all fairly standard stuff that I'd seen before on other compromised sites. But the recently-modified files list also showed that the site's index.php file had been modified, which I found a bit surprising because there were no obvious signs of infection when viewing the site in a web browser. Checking the index.php file, I found an "include" statement that had been added & was used to load another file, which is where things started getting interesting.

Most scripting languages used for web sites have some sort of "include" function, that lets files load content or scripting code from separate files - that's typically done to make development easier, by organizing content (or portions of web-based applications into separate files). In this case, though, the include statement was loading a file with a .pdf extension, which had been hidden in the folder /home/username/mail/tmp (probably to make it harder to find).

When I examined the include'd .pdf file, it contained some binary data (in base64 format) along with PHP code used to decode that data. In other words, the file contained PHP code, and the most of the actual content had been obfuscated by converting it to base64 - and when the file was run (via the include statement in index.php), the base64 data was decoded & the obfuscated PHP code was run.

A brief explanation: attackers often use this method, because it's a fairly effective way to hide the malicious code they've uploaded to a website. Say, for example, an attacker modifies a website to add advertisements for fake rolex watches - normally, if the files are in plain ASCII (text), you can find the infected files by just running  a grep for the word "rolex". But if the attackers encode the content using base64 (or some other similar method), then a grep for "rolex" won't find any matches - because in base64, the word "rolex" would be encoded as "cm9sZXg=" instead, and it would only be converted to plain text when the PHP script is executed (typically by being viewed in a web browser).

So in this particular case, the attackers had taken some PHP & HTML code containing their spam advertisements and then they had run it through a base64 encoder. But they didn't stop there - instead they took the initial base64 encoded data, and then ran it through the base64 encoder again, effectively adding a 2nd layer of obfuscation to the file. It's most likely that this was done to in order to evade virus & malware (malicious software) scanners, which many servers use to detect these types of compromises. Many of these scanners will automatically decode base64-encoded data, but not all of them are sophisticated enough to detect that the decoded data is itself base64-encoded.

That's still not the end of the story, however - I was puzzled by the fact that I couldn't spot any modifications to the website when viewed in a browser, even before I removed the malicious file (and the include statement pointing to it). So I decided to take a copy of the file with the base64 encoded data & make some small modification to it, so it would simply display the decoded data when viewed in a web browser instead of actually running the code. The actual data was a PHP script, and a quite a long one (nearly 8,500 lines) - but the main thing that jumped is that contained code to check the IP address & user agent of any visitors against the indexing bots used by many search engines, primarily Google.

Remembering that the only publicly-visible results of the infection were some spam content in the Google search results for the compromised site, I used the "Fetch as Googlebot" tool (in Google's Webmaster Tools suite) to load the malicious page. Viewing the results of how the page appeared to Google's indexing bot finally gave me (almost) the complete story. It appears that the code was setup to detect if it was being viewed by Google's indexing bot, and display the spam content - while hiding it from visitors who viewed the page in a web browser (probably to reduce the chance that the website's owners or visitors would spot the compromise).

As for the exact goal of the attackers, it's difficult to say from looking at the code. They were able to add code to the site that added spam content to that site's Google results, but there were no actual links visible in the search results - the links were only visible through Google's cached copies of those pages. So it's unlikely that anyone would have clicked on the links, which largely defeats the purpose of adding the spam content. I believe that the most likely explanation is that the attackers were trying to boost the Google ranking of the site(s) that the spam links pointed to, essentially trying to leech off the Google ranking of a legitimate site in order to boost their own search ranking. And a few of the links also appeared to contain affiliate IDs, so it's possible that the attackers were attempting to drive traffic to their affiliate link in order to defraud another site's affiliate system.

Lastly, it appears that the attackers were able to compromise the site by exploiting a security vulnerability in an old, unused (and out-of-date) copy of WordPress that was present on the site. Even though the current site isn't using WordPress, the attackers were still able to break in using a WordPress vulnerability (or a vulnerability in one of its plugins) - and they were able to use that access to modify the active website.

Unfortunately there's no magic bullet to prevent these types of attacks - although there are a few general practices that will help. If your website runs WordPress, make sure it's updated regularly (along with any installed plugins). Don't leave un-used applications installed on your website, because they may contain security vulnerabilities that attackers can use as a backdoor into your site. And it's a good idea to check the Google search results for your site from time to time, because that can help alert you to problems that may not be immediately apparent.

Comments

OpenTable Open For Spamming

OpenTable - an online restaurant reservation system - is wide open for spamming.

This discovery comes after a flood of mobile phone spam to one of my email addresses - the kind that costs a mint thanks to embedded images and all sorts of other useless but bandwidth-intensive eye candy.

The OpenTable system is wide open for spamming thanks to the company's failure to require confirmation for sign ups. This is a fairly typical oversight when greed trumps common sense.

Sign up for an OpenTable account, sign up for all of their many newsletters, add someone else's email address in the contact field, and the fun begins: OpenTable will start mindlessly spamming your victim.

If the first email or any change of email address required the recipient - or victim- to confirm the validity of the email address, this spam wouldn't be possible. It's also worth noting that unlike most legitimate online registration systems, OpenTable doesn't use a Captcha or any similar technique to try to separate human from machine registrations. This is generally a sign that greed is on the ascendant and common sense got buried in among the dirty laundry.

So what if you're the victim of this type of spam, and don't find much joy in having your cellphone's inbox filled with unwanted ads for restaurants half a planet away THAT YOU GET TO PAY FOR AS PART OF YOUR MOBILE BANDWIDTH FEES?

You can try the unsubscribe link on the junk mail OpenTable sends to you, but that only works per newsletter and OpenTable has a bunch of them. If you've been signed up for more than one, the only way to get at the list is to liberate the offending account. Otherwise, you'll have to wait while OpenTable spams you with each of their newsletters and unsubscribe one at a time. No, it's time to act.

Here's how:

OpenTable uses the email address in each account as the username.

Go to the OpenTable page and click on the Login link. You may have to type in your email address in the username field. That would be the email address that OpenTable has been happily spamming.

Then follow the instructions for re-setting the password. This will generate a reset password email that will arrive in your inbox in a few minutes.

Open this email - click on the Reset Password link - and this will take you to an OpenTable page where you can change the password to whatever you wish.

Once you've done that, you can now log into the offending OpenTable account.

The first tab to head for is My Account: this is where you'll find the list of OpenTable newsletters you're signed up to receive. Uncheck them and - if you're lucky and OpenTable doesn't pull the old 'we reset your account because we know you want to pay for our advertising'...

Finally, prepare an invoice for the data charges incurred when OpenTable spammed your mobile phone without permission, and for the time required to put a stop to it, and mail it to:

OpenTable Inc.

799 Market Street

4th Floor

San Francisco, CA 94103

-g

Comments

Photobox Spam - Welcome to the dark side

Photobox is a digital photo company based in the UK that just teamed up with a digital greeting card company. Coincidentally, what had been a single 'Welcome to Photobox' spam which I ignored, has turned into a nearly daily deluge of offers for a service based in Europe that I wouldn't use even if I did live there.

Tried getting the attention of their Twit-bot on Twitter @Photobox (the avatar is a blonde with big hair - the humans behind it could be anything). After much back and forth ('just drop what you're doing and call when it suits us') it said that 'Andy' was anxious to sort this out and was waiting for my call today (Sept 15/2011).

I called. Didn't get Andy, but got Kash who goes by just the one name: "Andy's not in today."

Thanks for nothing, blonde avatar lady. Are you clueless or did you flat out lie?

Kash did make the request I get from every spammer I've ever called: Give me your email address and we can fix it.

No.

You bought a bad list, or let people sign up others without their permission, and have clearly stepped into opt-out territory: That's where the spammer keeps hammering you until you say stop, rather than requiring an okay from you before they even start.

I want to know how you got my personal email address in the first place - I'm guessing it was through what you call the 'Refer a Friend' page and what should be renamed 'Annoy your friends and enemies' page. And why you started battering away at me after more than a year of silence.

One email in March, 2010, then silence until July 5, 2011, when Photobox apparently changed policies and the near-daily barrage began.

I doubt it's just me: this smells like policy. The kind that spammers adopt.

-g

Comments

Bill Kunkel - the Game Doctor - Dead at 61

It's been a strange weekend. What seemed a toothache turned out to be a mouth pimple.

What seemed like a missed voicemail message turned out to be a big hole in my heart.

We were trying to set up a conference call to talk about a project long in the making. A call that won't ever happen: My friend Bill Kunkel died yesterday.

Because he was such a fine writer, it's intimidating to write about him.

I met Bill because I'd met Barry Friedman and, with Barry involved in my Internet company, landed in Las Vegas with a bunch of Barry's old and new friends in 2000 at a dinner high above the city...and just clicked with Bill. Smart, articulate, funny, and the real deal.

I am not a gamer. I'm not into professional wrestling. It's only as time passed that I became even remotely aware of Bill's influence on both genres. And Bill was a cartoonist? Really?

Bill was one of my few true friends. That's what I know, value, and will remember.

I'm shocked, sad, stunned...and remembering a guy who really made me LMAO.

RIP I miss you already.

-g

Comments

Making it Right - The Metropolitan Hotel & Spam

What's not to hate about spam?

It's about as infection-free as a dirty penny lying in spit, fills inboxes daily with offers to steal your identity, to kill you with fake pharmaceuticals, and it's starting to hit mobiles - phones, tablets, etc. - where pricey data rates mean the recipient gets to pay for the delivery of this garbage.

But the most hateful thing about it?

When a company I actually like doing business with joins the slime.

Toronto Bound

In the late spring of 2009, we did video production at an event in downtown Toronto. As normal, we stayed in the same facility as the event. And it was horrid: terrible service, totally unreliable Internet - our life blood - and suspecting we'd be back the next year, we thought it wise to look for another place to stay.

Enter  Metropolitan Hotel Toronto.

The Metropolitan is on Chestnut, a curious bit of streetscape bounded by the University of Toronto and Nathan Phillips Square that t-bones Dundas Street to the north, heads south to a 90-degree bend into Armoury Street which runs briefly west before intersecting University Avenue.

This convergence has created an odd combination of bustle and bliss: whizzing honking traffic and a flood of pedestrians, convenience stores, coffee shops and ethnic fast food joints, broad and shaded car-free walkways.

We'd been on the road for a week when we pulled into Toronto for the same event in 2010.

Because of the nature of our equipment - cameras, mics, lights, mixers, computers - it doesn't stay in the car but goes with us. All 400 pounds of it. And we always load and unload ourselves.

Tired. Hungry. Worn out.

And a doorman is right there - with a cart.

Can I help?

We'd rather do it ourselves. Camera gear. You understand.

And he simply nods and backs off.

Two people stand next to us and light up cigarettes. I cough when the cloud surrounds us. The doorman asks them if they'd mind moving away from the entrance. Please.

From the rejection of the offer to help, noticing we're troubled by the smoke, asking gently if they'd mind moving...all done in such a pleasant, professional way.

We thank the smokers. They nod.

We're already starting to relax.

We get into our room: clean, decent, and we're online in minutes after a quick call to the front desk (yes, we do really need a half-dozen Internet access codes).

Downstairs for something to eat. Did I mention the restaurant in the hotel the year before was closed and 'no, we can't give you an apple, sir, the restaurant is closed but if you hurry, there's a Subway up the street that closes in about two minutes'. Not sure if it slipped my mind or it's just another repressed memory.

So downstairs at the Metropolitan, where we had one of the best meals of the entire trip. Exactly when we needed it most.

Yes, it was a pain to have to pack up and move all of our gear to the event venue and then back again, but it was worth it.

The event moved out of Toronto for 2011, but is heading back in 2012 and if we're taking part, we know where we're staying.

Or at least, we did.

And Then There Was Spam

Imagine this: The Postie drops a few flyers into your mailbox. Knocks on your door once a month and demands that you pay for their delivery. You'd be saying: Are you nuts? Pay for junk mail I didn't ask for and don't want? Slam.

Imagine this: Your mobile provider drops a few flyers into your mailbox. Comes back once a month and demands that you pay for their delivery. You should be saying: Are you nuts? Pay for junk mail I didn't ask for and don't want?

Here's a typical trip through my inbox:

Mrs. Handsome Darling has 4.5 million US dollars to share 70:30 with me because she's dying of a half-dozen different diseases, is a pure Christian woman whose email address is 'Barr James Something' at Yahoo! in China. Sure. Four words: Nigerian advanced fee fraud.

See XXX celebrities I don't care about do unspeakable things with each other and office equipment. Here's a photo.

Thanks. My wife just walked by.

Not happy with the strongness and size of your manlihood then our best Canadane pharmacy is ready to srevice you with the perfect product. Get a girlfiend like this to wish your every dream.

Great. Nice timing. And just love the command of the language.

I get another ping - check my mobile mail - and after honouring my request to use the email address provided when I made the reservation in 2010, Metropolitan Hotels hit me with two within a few seconds of each other.

I could stand up in front of a crowd and give them - off the cuff - a brief history of spam with examples, names and dates. I belong to a high tech crime fighting organization - a joint venture between law enforcement and the private sector - and it's become clear that what was once a nuisance is now generally the tip of the organized crime icerberg.

If you're a criminal, the online world is THE place to do your business: it's hard to get caught because national laws generally aren't enforced internatonally, the penalties are generally just a license fee to keep doing it, and as P.T. Barnum noted: There's a sucker born every minute.

Our Weird Email Addresses

Whenever I come in contact with a business for the first time that I think may be spammish, I create a special email address that's only provided to that business. Sell, share, give it away or have your contacts database hacked and it's simple to track the problem back to the source.

Hello, Tamara

Tamara Stepek is the Metropolitan's head of PR. She answers her phone line and she returns calls when she says she will. She told me straight off that she was relatively new to the job but was coming up to speed quickly.

I told her about the spam - the fact that the address hadn't been bothered in over a year and now two in the space of a few minutes - and asked what was going on here.

"I don't know," she said, "but I'll find out and get back to you."

What? None of the usual lame excuses?

1. It was a technical glitch. (We don't know what we're doing with your personal information, but you can trust us with it.)

2. We thought it was really important information. (Great. I pay for you to tell me about your lunch specials. What part of NO do you misundertand?)

3. Just give me your email address and I'll remove it from the list. (We've been busted. Now we want you to help us clean up our dirty little list that we bought/stole/harvested from the Internet.)

So Why Do Companies Spam?

Because it's easy. And it seems really inexpensive: reach millions for only $1 a day.

As we move to mobile - where data charges can be usurous - shifting the cost of advertising to the recipient isn't so hard to spot.

A few dozen junk emails a day? Annoying.

A few dozen junk emails a day on your mobile? That could push you over your data cap - more and more telcos are capping data - and start costing the recipient silly amounts of money.

See what happens with mobile spam when you're racking up roaming and overseas data charges on your travels. The costs can be shocking.

Your Call Is Important to Us

I said a callback in a couple of days would be fine with me.

But Tamara didn't call back the next day as we'd agreed.

She called back a few hours later, said she'd made some progress, asked a couple of quick questions, and said she's have more information the next day.

No silly excuses, no BS.

What kind of PR person is that?

What she learned and shared with me was that I should have been spammed earlier. I'm not being sarcastic or facetious. An update that should have dumped my email into the marketing database was missed. When the error was caught...boom. Spam.

Spam that I pay for.

"I agree. It's not fair," Tamara said. "Were not at all like that."

Metropolitan Hotels are now reviewing their entire online marketing strategy. "We're checking on the settings," she told me.

One big consideration is opt-in versus opt-out. In other words, you're given a chance to keep the promo emails coming rather than being forced to opt-out. And for hard core spammers, opting out only confirms that they have a live one. So you're damned if you do and damned if you don't.

The Social Media Angle

The Metropolitan Hotel Toronto isn't just a hotel: it's a downtown nightspot and home to fine dining. So not all of the clientele are stayovers. Many of them appreciate knowing when something special is on offer - either in terms of price or rarity.

Nearly every company wants to be seen on social media - and that cuts both ways.

It means I can post on Twitter and the Metropolitan's Facebook page for the world to see. Which is what I did. Tamara was obviously paying attention and responded in kind.

What's Next?

I'm looking forward to finding out more about the Metropolitan's review of online policies and practices.

I'm looking forward to meeting Tamara in person. She's a prime example of how to deal with legitimate complaints in a a social media world.

And I'm looking forward to staying at the Metropolitan again.

-g

Comments

My favorite hotel between New Brunswick and Montreal

I'm generally not a fan of hotels that perch on the edge of the highway cloverleaf, but the Comfort Inn & Suites on Route du Pont, St. Nicholas, Levis, Quebec, is such a treat, that it's a rule breaker.

It's admittedly an off-highway hotel with a drive-by clientele, and that's likely the original intention. It's not spartan, nor is it luxurious.

The complementary breakfast - which seems to be slipping a bit in variety - is what you'd expect from the usual highway stopover.

So what's the big deal?

Location, price, connectivity and staff. And not in that order.

It's just off the TCH across the St. Lawrence from Quebec City, and on the Montreal side so that the morning traffic heading west towards Montreal - less then 3 hours away (barring any more deteriorating bridge delays) - is paltry. And it's about 7 hours drive from our home base.

It's new, it's clean, and it's a great bargain. We've had singles, doubles, and self-

The best part: the staff. They're friendly, accommodating and seem genuinely happy to interact with their customers. In English and French.

And the wireless Internet connection has been reliable and speedy.

For all of those reasons,  it's become our regular one-night-away-from-home-base stop between home and points west.

The only problem is that the hotel hasn't been terribly busy when I've stayed there. Not that we mind the peace and quiet, the great service, the great rates and the reliable Internet connections, all of which could go to hell if the place becomes too popular. But closing due to lack of business would be equally disappointing.

So I'm giving away this personal travel secret and hope that it spreads...but not too far.

-g

Comments

I dropped my iphone in the toilet

Not really, but it's the search term I used to seek examples of people with catastrophic experiences with their mobile devices - what more catastrophic than an iphone in the crapper? - and Google claimed to find 5.9 million instances. It petered out after less than 500 links, actually, but that's still a lot of Jobsian slips.

And what's double disturbing is that the very first thing you should do if your phone is immersed in liquid, whether of the i-variety or otherwise, is to get it out as quickly as possible.

Be not afraid, or squeamish but reach right in there - dig around if you must - and drag it back to dry land.

With most phones, you have between 15 and 20 seconds to get them out of the drink before the water or whatever reaches the innards. And it's usually deep trouble if that happens.

Is it pooched?

Probably. But no matter what your reptilian brain says, DO NOT TURN IT ON. Instead, remove the battery. DO THAT NOW.

Whew. We can relax a bit.

The worst possible thing that could have happened if you'd tried to turn on your phone or other mobile device now is that it would work. For about a millisecond. Before it fried itself.

Now take the rest of the phone apart - the pieces that come off or out easily, like any covers, the SIM card or memory cards. If you have access to compressed air, you can use it to carefully blow moisture out of crevices. Use a soft cloth or paper towels (not facial tissue - it often has talcum powder which can scratch screens) to pat down water. Shake moisture from openings.

If the liquid wasn't plain water - coffee, juice, salt water, etc. - then you'll need to flush your device with distilled water. If you're shop savvy, you could also use denatured alcohol. It's reportedly an ideal cleanser for salt water immersions. (This isn't rubbing alcohol - that can leave too much of a residue. But it can be good to do some edge and keyboard cleaning with a Qtip.)

The next step is to dry everything out. Completely. And the best tool here is patience. It can take a week or more for a seriously immersed phone or MP3 player to completely dry out.

Some folks talk up uncooked rice (it absorbs the moisture that evaporates from the phone), others like silica crystals in plastic bags, while others prefer blow dryers.

My preferred tool is patience.

Can the other approaches work? Sometimes. Don't heat batteries, though: they can blow up on you. And don't put electronic devices in the microwave. Just throw them away and save the electricity.

If you do want to speed up the process, put the device on a rack in the path of cool breeze from an air conditioning unit. This air is very dry and will hasten the drying process without putting any undue strain on the components.

Can the phone company or computer shop tell if the phone's been wet? Yes. Devices have built-in moisture detectors, and technicians can spot breaches in seconds.

So before you cough up for a hefty repair bill or the cost of a new phone, just wait a bit longer. You want it to be completely, entirely dry.

Now plug in the battery. Which may have zero charge. And try to turn the phone on. (Don't forget to put your SIM card back into your phone.) If nothing happens, try plugging the device into a charger. The battery might be dead, so a new battery may get your phone working again.

If that doesn't work, you can usually move your SIM card to another phone on your carrier's network and have access to some of your data.

And that brings us to the crux of the problem if your phone or PDA takes a bath: it's not the device, it's the data. The phone numbers and notes and logs of meetings and documents and photos and all the other things we carry around in our pockets these days.

So tell me this: When was the last time you backed up your phone?

-g

Comments

Spring Spamfest Meets Mobile Phone Bills

It seems that every year at about this time the annual spring spamfest begins. Why now? All the university business and marketing students are at their summer jobs, and many of them have 'great ideas' about how to market online: forget the wishes of the recipients, forget privacy policies and common sense when you can auto blast hundreds, thousands, millions, forget that a lot of us now use iPhones and Blackberries and other smart mobile devices.

Cool: Email right to our mobiles and tablets where it is likely to get our attention. Especially when we get our next mobile bill and can see how much we get to pay to receive this unsolicited, unwanted advertising.

How bad is it? Here's a short list from just the past 24 hours:

Rogers Communications - And this is something the CRTC should be concerned about. Purchase a mobile phone with data services from Rogers, and they start spamming same phone with data rich advertising. Not only to you get to pay for it, but Rogers gets it both ways: you pay to receive the advertising and they get the direct benefit of helping you churn through your data limits. To push you into post-limit territory - where you pay huge amounts extra for tiny amounts of data and where the profits are measured in the hundreds of percent. This is the same Rogers that crows about how 95 per cent of its mobile customers use very little data. No wonder: they're scared shitless by the ridiculously high data rates. (Canada has one of the most expensive m0bile data regimes IN THE ENTIRE WORLD.)

Delta Hotels - In May, the national media council of the Communications, Energy and Paperworkers Union met at the Delta Halifax for their annual convention. Yesterday, every single one of them who stayed at the host hotel started getting spam - nice, rich media spam that churn though mobile data plans like hot lead through soft flesh. The hotel chain says it was probably just a glitch, or somebody did something wrong by accident. That was when I only knew it was coming to me. Not everybody who stayed there. And I'm guessing not just for the media conference, but throughout the past few months. And in the spam, they have the unmitigated gall to say that the recipients requested to be added to the junk mail list. Despite making it abundantly - at least I did - that the email provided was to be used for one purpose and one purpose only: Confirmation of the registration including terms and conditions.

Eventbrite - This is a US-based online registration system that also harvests the email addresses of the registrants and immediately begins blasting them with direct spam that has nothing to do with the event they registered for, but all about Eventbrite. And, as usual, nice media rich spam that helps your mobile carrier wealthier.

Digital River - This is a payment processing company. One of their clients is Nuance, the company that produces Dragon Naturally Speaking voice-to-text software. According to Nuance, buying software from them through Digital River's payment system means you are requesting relentless rich media junk mail from them.

And that's just the harvest from part of one day, but then the season is still young.

-g

Comments

Delecting EMail Accoints - Dumbest Phishing Scam Ever?

While cleaning up some old paper recently, I came across an EMail that I'd printed out back in 2009. It appears that I then promptly forgot about it, which is a shame because this is probably the most hilariously-inept "phishing" scam that I have ever encountered.

Read on for the EMail. Warning: due to choking hazard, do not read while consuming food or beverages (or "C&C" for any Usenet old-timers out there).

Comments

Blackberry Playbook – first impressions 03 - More missing pieces

First of all, we're not normal users. At least not during the working day. We use computers to create and manage rather than simply consume content.

We also provide general and specific consulting services to corporate clients who count on us to try to figure out the safest way through the consumer electronics minefield where misinformation tends to outweigh accurate, reliable intel.

We use a mixture of software that ranges from open source to very expensive. We use a mixture of online services that range from free to very expensive. Think of it as a hybrid of home made and world class. Yet they all have one common element: we believe they are the very best software and services we can find and afford for the task(s) they perform.

In simple terms, it's what I call the Swiss Army knife approach: Want to whittle a point? Knife. Take something apart? Screwdriver. Opening a bottle of wine? Corkscrew.

In other words, pick the right tool for the job. Yes, you can open the wine with a screwdriver. Spit. Gag. Don't you love Chardonay with squishy bits of floating cork?

So what are these missing applications that would be difficult to live without?

VNC - Remote control software that lets us take control of a remote computer. We use this for technical support, both inhouse and for clients. VLC - A great cross-platform media player. There are so many a/v codecs and file formats floating around that stump common media players. If anything can play an audio or video file, it's likely going to be VLC. RDP - Remote Desktop is one of those applications that we use nearly every day to log into our desktops remotely, whether that's from a laptop or a mobile phone.

We haven't tried all of the Playbook apps that are out there, but we're grinding our way through them one by one. What we have noticed is the lack of some very basic functionality in many of them, and the surprisingly common spelling and grammatical errors that accompany many of them in the Blackberry app store.

For instance, there's a potentially useful app called 'Teleprompter': the idea is that you can use your Playbook to scroll through text, just like a TV studio teleprompter that costs hundreds or even thousands of dollars. But it doesn't have the ability to paste text into the application or to import a file. Huh?

And the time tracking applications are few and far between, rudimentary at best and completely lacking in the ability to export the data short of retyping it. Might as well just use a little notebook and a pen from the start. It's about $450 cheaper.

-g

PS - Managed to completely drain the battery. On purpose. Now seeing how long it takes to full recharge using AC. We'll do another test plugged in via USB to see how the two methods compare.

Comments

Blackberry Playbook - first impressions 02 - Missing Pieces

It didn't take long for the Apple fans to start in on my Playbook tablet notes. So perhaps some background info, and then let's address their comments.

Why Are We Doing This?

We provide consulting to clients who need to know about technology - hardware, software, best practices, online trends, etc. - and who have neither the time nor the interest in spending days or hours testing, researching, and generally digging through a million details to find the useful nuggets.

In order to be able to do that effectively, we need to get our hands dirty.

Are We Apples or PCs?

We're both, and more. Well call it being operating system agnostics. We just don't care if it has a PC or an Apple logo on the case. (In fact, one or our in jokes is to put PC stickers on Apple devices and the Apple logo on PCs. Just to yank the chains of the more rabid fanbois.)

What we do care about is whether or not it works as intended. And there are plenty of examples of Fail! in both camps.

(How agnostic are we? How about Linux virtual machines running inside a Windows server using VMWare? At last count, we had eight separate operating systems going here. Because we have clients who need to know.)

The Missing Pieces - Sort Of

Here's an email from a colleague following my first post to a forum about the Playbook review:

FYI: If you get a PlayBook and expect to use it for mail, calendars, contacts and so forth, you also need to have a BlackBerry handset.

I first read the email in question on the Playbook (though I responded from my desktop 'cause there's nothing better for typing than a real keyboard) and I don't have a Blackberry here today.

So webmail - while feature light - does work. And Google calendars work.

But the writer is correct that the 'native' Blackberry mail, calendar and contact apps are not currently available to run directly on the Playbook.

If you expect to use those native apps, then you will need a Blackberry handset.

One of the issues facing corporate IT managers is the potential for mobile devices to carve great big security holes in corporate networks. Blackberrys are very locked down, or they wouldn't be so popular with the suits. Using the Playbook as a way to 'see' into the handset without actually having the handset software running on the tablet should minimize those security concerns.

Another reason for the 'coming soon' label on the native apps is presumably due to the tablet using a new operating system - QNX - created by an Ottawa company that RIM bought. The plan, as I understand it, is to move all of the Blackberry devices to QNX as well as providing an Android emulator for the tablet. The latter move would open the device to about a zillion Android apps and possibly drive corporate IT managers 'round the bend.

A more pressing issue in my opinion is the lack of an RDP (remote desktop) application. I have one on my iPod Touch. It works, but the screen is so small, that it's not very practical. (I rarely have to synch anything but consumable entertainment - certainly not work files - between my mobile and desktop devices. RDP lets me log right into my desktop over cellular or wifi and use the remote device as a dumb terminal.)

I suspect most Playbook purchases will be by people already in the Blackberry camp. Those tend to be corporate users. Who are too busy to do the kind of exhaustive road testing that we do. As one person at one of our recent technology presentations put it: "I don't need to know all this stuff. I just want you to tell me what I should do."

-g

Comments

Blackberry Playbook - first impressions 01

We picked up the last Playbook on sale in Fredericton yesterday. And have been mucking about with it for the past 24 hours.

My first impressions is that I like the build quality, the form factor (bigger than an iP0d but smaller than an iPad), the stickiness of the coating on the back, the clean intuitive interface, and the rich display.

The audio is surprisingly good. It seems to have a depth - on the bass end of the scale - missing in most small consumer electronics.

The Playbook has two cameras - one front, one back. The camera on the back produces decent quality video, and puts you in the position of using the monitor to control the camera. It even has optical stabilization.

On the Other Hand...

The lack of a calendar application is curious. I'm not a Blackberry user, but understand that if I was, I could use the calendar app on the phone to synch with the Playbook. The only recommendation for us non-Blackberry users is to use Google Calendar.

It froze, less than 12 hours in. What happens is that when you boot up your Playbook, it displays the 'Blackberry Playbook' title - white text on black background that slowly changes to a multi-coloured background. And stays there. The on-screen swipe does nothing. The edge of the bezel that normally reacts to finger touches goes dead.

The solution requires plugging the Playbook into a computer, downloading the desktop Playbook application, and upgrading the Playbook software. So you need a computer to use your tablet? Doesn't seem right.

And the upgrade was a less than flawless process.

Netflix doesn't work. And for our US friends, Hulu is blocking the Playbook. Silverlight, Microsoft's video delivery platform, isn't compatible with the device.

I haven't been able to find a streaming video service that recognizes the Playbook's camera so it could be used to stream live.

Battery Life?

No idea whatsoever. Will have to test that over the next few days.

-g

1. Apr 23, 9:43 - corrected iPad/iPod comparison - Thanks, Annie

Comments

dot.com bubble 2.0 - and away we go

$41 million. From Sequoia Capital, Bain Capital, and Silicon Valley Bank. Pre-launch.

That’s how much a brand new startup called Color has to work with. Your eyebrows should already be raised, and here’s something to keep them fixed there: this is the most money Sequoia has ever invested in a pre-launch startup. Or, as the Color team put it, “That’s more than they gave Google.”

Jason Kincaid

Techcrunch.com, Mar 23, 2011

What this feels like - not this event per se but this event in the accumulation of other related events - is the dot.com boom again, but with social media and web 2.0 plastered all over it.

Most people think that the dot.com bust which inevitably followed the collapse of so much hot air had something to do with technology. It didn't. It was financial. Much of the technology developed and companies started  during the original dot.com bubble  are doing just fine, thank you very much. You've probably heard of Google or Amazon?

But ask any university that rues the loss of computer science students to parental misunderstanding. pitches computer science and you'll hear the lament of fewer students due to parental misunderstanding, parents who thought the problem was the lack of opportunity in information technology when it was about unsustainable businesses blowing up.

The pot is boiling again - with the rise of Twitter and Facebook and social networking and online video which, among other things, is attracting marketing dollars away from other media. And any time there's blood - or money - in the water, the sharks come out.

Comments

Malware Targeting Web Developers

In the past few months, we've noticed an alarming new (and increasing) trend: websites compromised by way of "malicious software" (viruses, etc) that targets web developers. By all accounts, the malware searches infected computers for the data files of common FTP programs, where login details are stored (FTP usernames and passwords) - the attackers can then use this information to upload malicious files without the site owner's knowledge.

The result is that otherwise-legitimate websites can end up containing malicious content, without the site owner's knowledge. This typically means "phishing" pages, which impersonate the login pages of online banking sites for purposes of stealing financial information. In other cases, the site itself is modified to add hidden code which can then infect visitors to the site.

Read on for some information on how to prevent these types of attacks.

Many of these attacks also involve PHP (or ASP) "shell" files, a type of backdoor. If an attacker is able to install one of these files onto a website, it can give him access to modify, create, or delete files on that site. In those cases, changing the FTP login will not help - since the attacker will still be able to get in through the shell.

Prevention - For Web Developers For the most part, the standard computer security "best practices" are the most effective protection. Don't install software from untrusted sources, make sure you're running up-to-date anti-virus software (at least on Windows), don't use dictionary words or easily-guessed passwords for FTP accounts, etc.

Used effectively, website stats can also help you spot potential problems. E.g., most stats applications will show you a list of the most-viewed pages/files - keep an eye out for any that you don't recognize, or any with suspicious file names. Google's "Webmaster Tools" can also be used to check a site for malicious files, and alert you if malicious files are found or reported. And a few years back, we setup a page that can be used to check a website or webpage using Google's "safe search": http://smartypants.com/safesearch.php.

All that said, making sure that your anti-virus software is running & up-to-date will prevent the vast majority of these attacks - this can't be overstated. By doing this, web developers help ensure the safety of the sites they develop & maintain, as well as the safety of visitors to those sites.

Comments

Bank of Montreal's complaint procedure: Don't answer the phone

So you have a payment due to a company in Ontario - and it has to be made today - so you get a bank draft and take it to the local branch of their bank, the Bank of Montreal (on Prospect Street in Fredericton).

Two tellers and a line to the door. Two other people behind the counter, but they're consumed by their computer monitors. One finally steps in to help customers as the line threatens to extend outside into parking lot.

Finally get to the teller's window, provide her with the account info for the Ontario company and the bank draft for the appropriate amount.

"Do you have an account here?"

"No. "

"Then we can't accept this."

"It's a bank draft. It's legal tender. The payment is due today. Your customer - who's expecting the payment - specifically requested that it be deposited at a local branch of the Bank of Montreal."

"One moment."

She calls over to Kim, one of the people behind the counter who's been focused on her computer terminal, who says basically the same thing.

"It's a bank draft. It is legal tender."

She says they'll have to check with the branch manager. She and the teller go to the far end of the counter area, then the teller gets on the phone.

About thirty minutes after entering the bank, the teller returns and tells me that yes, they will accept my bank draft. But they require two pieces of ID.

Why?

Because the bank manager requires it.

She doesn't like the first pieces of ID. "Do you have government ID? With your picture on it?"

I essentially empty my wallet and she picks through it, finding the ID she'll accept, writing the details on the back of the payment slip.

"Why is this required?"

"The manager requires it."

"How long do you intend to keep that information?"

"Indefinitely."

"Why?"

"It's required. And we require a contact phone number."

And who required all this?

"The manager."

And the managers name: "Kim Barnett."

----------------

I call my financial institution, the Omista Credit Union. Unlike the Band of Montreal, it's locally owned and operated and the profits stay in the community. And I can't imagine tellers hanging around staring at monitors while customers are lined up. But then it's a local business, not a big bank.

They tell me that the Bank of Montreal teller, prior to demanding my ID, called to confirm that they had, indeed, issued the bank draft half an hour earlier and yes, it's valid.

"They do that to us all the time," the credit union tells me about the Bank of Montreal's refusal to honour their bank drafts.

---------------------

The Bank of Montreal has a complaints procedure. But save your time and energy: the secret apparently to an effective complaints procedure is to avoid answering the phone.

Here's a link to the bank's complaint info page, where "We promise to address your complaint quickly, efficiently and professionally, as retaining your confidence and trust is of utmost importance."

Don't start laughing yet. Let's give them the benefit of the doubt.

This is a multi-part complaint process. Part one is calling the  appropriate division. This step is called 'Talk to us'...that would be nice if they were really willing to listen. Here's what happens instead:

You dial the number they provide: 1-877-262-5907

You're told that your call is important (generally the first clue that it is, in fact, a pain in the ass and won't you please just go away?) and to push the right button to talk to a representative. (I can't remember the fancy title - something like senior banking response agent or an equally pompous name for call center worker.)

But, and you should have seen this coming, all of our senior banking response agents are busy. Please wait in order to retain your position in the queue. Six minutes pass.

Then, after sustaining another brain injury caused by horrible elevator music playing while on hold, the phone begins to ring. And ring. And ring. And ring. And ring. After another six minutes - and about 60 rings - it seems obvious that I've reached the end of step one.

Step one not working for you? Then you can 'escalate' this to step two - a senior officer - who didn't get to be a senior officer by answering telephone complaints, by the way. But if you insist, here's a new phone number to try: 1 800 372 5111

You can tell it's a step up the food chain from the lowly step one minions: theres no messing about voice mail messages and pushing the right number on your phone to redirect your call. None of that fluff. This is plain old ring - ring - ring - ring - unanswered ringing right off the bat. (Is this going to a pay phone somewhere? That would be a cheap way to redirect complaints witho9ut having to put up with the annoying ringing sound in your senior officer office.

So on to step 3: the ombudsman. And yet another number: 1 800 371 2541

Ah, yes, the ombudsman. Not quite in the call center, but not a senior officer with the right to unlimited phone ringing. What we run into here is plain old voicemail because, while it's the middle of the day on Monday and their office hours are Monday to Friday, 8 am to 4:30 pm Eastern time, they're unable to take my call.

Now that's an interesting way to deal with complaints: just don't answer the phone.

I'd call that a pretty damn good triple play. And some excellent reasons for avoiding the Bank of Montreal and telling the world why.

UPDATE:

The ombudsman's office called back. They tell me that what I thought was step 1 was actually part of step 2. Stupid me, relying on the information and phone number provided under step 1 on the bank's own web site. Seems there's a step before step 1: you need to find and call the area manager.

And there's even a search page on the Bank of Montreal site. Too bad it doesn't work. Or maybe between me driving to the Bank of Montreal branch on Prospect St. in Fredericton this morning and now, the branch disappeared. Now that would be a fairly extreme way to avoid hearing complaints, but at this point, nothing would surprise me.

Comments

I told you this treadmill desk was a good idea!

A scant two weeks after posting my first blog about being a walking talking blogging machine, researchers at the Michael G. DeGroote School of Medicine at McMaster University in Hamilton have published results they claim categorically shows the anti-aging benefits of exercise.

They started with mice pre-disposed to early aging and put some of them on a regular treadmill regimen. The first group ended up hunched over, huddled in the corner while the treadmill walkers stayed bright eyed and bushy tailed into their golden years.

So as I head off to the Doc for another checkup, let's see if the 100 km I've logged on my treadmill desk in the last month made a difference.

-g

Comments

The walking talking blogging machine

More and more people are working from home, and given the typical Canadian winter, our typical Canadian diets supplemented by typical Canadian binges during the Christmas holidays, the Super Bowl party, and the annual Valentine's Day feast of chocolates, many of us home office types are getting noticeably wider.

It's all that sitting in front of a computer terminal. But that's how we work. If you work from home, you're going to be using the computer, the telephone or both. And it usually happens in a chair. There are few signs of that changing any day soon so the only rational option is to change the working environment. Actually, it means changing the focus of the working environment.

And that means taking advantage of thin, light, mobile monitors, wireless connections, alternative input methods, some innovative office furniture, and some standard exercise equipment.

Monitors, as we've seen from the explosion in popularity of computer tablets led by Apple's iPad, are not tied down anymore. And while they've gotten larger, they've become smaller and lighter. So much that they're being carried around in ever increasing numbers as smartphones, laptops, netbooks and now - tablets.

This mobility on the part of monitors - allowing us to put them on the wall in front of us or in our jacket pockets - coupled with some other relatively ordinary tools have the capability to get us back on our feet, back in shape, and even more productive than when we worked sitting down.

For the past year, I've been researching the benefits of working standing up. That led to learning about standing desks, essentially desks that are designed more like working counters or work benches.

That led in turn to learning about what are called walking desks or treadmill that. These desks are designed to fit over a treadmill, the idea being that you walk while you work.

There are homemade and commercial versions of treadmill desks that range from the extraordinarily simple - like the my fake maple 35" x 14" Canadian Tire shelf - to the extraordinarily elaborate that cost several thousand dollars. Most are stationary, but some have hydraulic lifts that allow the desk to be raised and lowered at will.

About three weeks ago, I installed a treadmill in my office and started experimenting with it as a workspace. Since then, I've logged about 70 kms while reading, watching online videos or webinars, taking part in phone meetings, testing various devices like keyboards and touchpads, and so on.

I'm dictating this while walking at a rate of about two kilometers an hour. Not very fast, but easily the upper limit for typing. Which is why I'm also experimenting with the latest voice-to-text software.

Which led to an attempt to create a blog entry that could be written and posted without touching a keyboard. Failed at perfection, but succeeded in moving up the learning curve. Expecting 100% keyboard free writing and posting the first time out is admittedly optimistic. Yet I can't stop thinking about the advantages of being able to compose while walking at work.

Granted, only a portion of this post was created with the dictation software while walking on treadmill. Yet it was a whole lot more than I was able to accurately type in the same period time and with the same relative effort.

During the experiment today, I also took part in an online chat using a combination of typing and dictation. It took a while to figure out some quirks - such as how to send message once I entered them - but now that they've been discovered and the workarounds documented, the next experiments look even more promising.

Comments

What's Super Bowl Sunday without Gevalia spam?

More Gevalia spam from Sharktech Internet Services - an appropriate name for such a constant source of spam. It's coming from this IP address on Sharktech.net's network:  70.39.97.2,  which they're renting out to pushwall.info, a domain name registered to 'Bobbie Crandall' but, as usual, the phone number listed in the registration information isn't Bobbie Crandall's. It belongs to someone else who isn't happy about some of his identity being misappropriated.

Pretty much like all of the other Gevalia spam that keep's arriving from this ridiculous collection of made-up domain names with made-up owners.

This is really crude and rude behaviour from a company - Kraft - that's the largest food processor in North America.

The emails have no accurate contact info and are using bogus domain name registration information, and relying heavily on gmail addresses for their email contacts.

This pattern is being repeated day in, day out. It would be fair to call it business as usual for Kraft and Gevalia.

Sharktech, meanwhile, is climbing up the spammer food chain with four listings on the Spamhaus blocklist:

The Spamhaus Block List (SBL) is a realtime database of IP addresses of spam-sources, including known spammers, spam gangs, spam operations and spam support services.

And all four are from the past week (Feb 1-6). Would that be in honor of the Super Bowl Sunday spamathon?

Comments

Gevalia - Spamming Your Inbox For Eight Years?

'Gevalia is subscription-based coffee product sold by Kraft on a Web site, Gevalia.com. Spam abuse mailing lists are full of complaints about e-mails urging people to try the luxury European coffee, which includes an offer for a free coffee maker.

'The e-mail offers arrive many times each day at MSNBC.com. After about a month’s worth of requests for information, Kraft still hadn’t produced an audit trail for the e-mail. But it did say it works hard to prevent its affiliates from sending out spam."'

'Spam fighter Laura Atkins, president of the SpamCon Foundation, said Kraft is a classic example of a company that is quietly benefiting from spam, and not doing nearly enough to reel in spamming affiliates.

'“They are violating California state law and they don’t care,” she said.'

That wasn't me writing. That was MSNBC tech writer Bob Sullivan. In 2003, eight years ago, in an article title 'Who profits from spam? Surprise'.

The pattern has continued since then - blame the consumer, blame some rogue 'affiliate', offer to list wash (give me your email address so we can take complainers off our list - for now), and otherwise keep the spam engine running at full throttle.

Hell, with the growth in social media, let's get our affiliates to spam the daylights out of Twitter and Facebook users. Let's turn everybody into an affiliate. We'll add social media tools to the Spam Your Friends campaign so you can directly annoy them on Facebook, too. And we'll even pay you for being an asshat.

The height of corporate responsibility. Sad, innit?

Sullivan's article also quoted Dan Clements of CardCops.com who said the only effective way to stop out-of-control affiliates "...is to subpoena the beneficiary site."

Now there's a thought.

Comments

Gevalia's spam gang at it early today

The latest junk mail from Gevalia's spam gang was sent at 22:36 on Feb 1st from an email address at butterflight.info

The domain butterflight.info was registered on Jan 31, 2011. One day before it was used for its first spam run promoting Gevalia's coffee.

The 'owner' is Tina Santana. And as usual with the Gevalia spam gang tactics, the registration contains a real phone number...which belongs to a real person who isn't and knows nothing about Tina Santana.

And for a change, I got to them first. The owners of the phone number say they've had the number for more than five years and no, they haven't had any other calls complaining about spam.

"You will," I told them, before explaining that the Gevalia spam gang had hijacked their phone number to use in the typically phony registration info they provide in order to hide their identity.

The spamming domain is hosted by Sharktech.net - google 'Sharktech spam' and you'll find all of the markings of a black hat ISP that protects the spammers on their network.

Another favorite home of the Gevalia spam gang is LimestoneNetworks.com - one of the ISPs that we routinely block from our mail servers for, shall we say, a history of sending email we don't need.

So the pattern further defines itself: Kraft (the owner of Gevalia and the subject of a 2005 lawsuit for spamming - just like this) and Gevalia collect email addresses, without the address owner's permission, and start spamming said email address and share it with Kraft / Gevalia's partners.

Now in case you didn't know, Kraft is the largest food processing company in North America. They have MANY affiliates and partners. So once y0ur email address is tossed into the Kraft / Gevalia Spaminator - you're done for.

-g

Comments

Kraft's Gevalia adds 'spam your friends' feature

Update (9:00 pm) Brian MacDonald called from Gevalia. He says if I tell him the email address that's being spammed, he'll find out how it got on their list and have it removed. Ah, yes, a little list washing. But I'm after an interview with someone knowledgeable about Gevalia's relentless spam campaign from throw-away email accounts and domain names, like deluxepinewood.info which is supposedly owned by Calvin Edwards.

Calvin supposedly lives on Wass Avenue in Brewster, Maine. The phone number listed in in Brewster, but it's not Calvin's. It belongs to someone who's getting annoyed by the calls for Calvin complaining about spam.

My guess is that Calvin is a fake name for a spam gang - often criminals - that's working on the Gevalia promotions.

Let's pick another source of the Gevalia spam: mazensite.info

Owner: Stephen Patterson. Number not in service.

Or how about this one: footsite.info

Owner: Louis Hahn. Number not in service.

Or this one: fourpants.info

Owner: BBQ Media (they own 14 other domains)

The phone number is for a business cell phone in Houston, Texas. "I've had several calls looking for BBQ media," the phone's owner told me. "If I get my hands on them, I'll BBQ their asses."

Do you sense a pattern here?

From more than a decade of tracking down spammers, it seems to me that Gevelia / Kraft are hiding behind third party whack-a-mole spammers to dump their unsolicited marketing - at the recipient's expense - into computer and mobile phone inboxes.

-------------------------------------------------- Original Item Below------------

Since I last wrote about Kraft's spam-friendly Gevalia coffee (the environmentally unfriendly coffee that comes in cup-sized packaging presumably since consumers are no longer capable of handling a measuring spoon ), they've sent me more than 100 junk mails. Just like they threatened / promised to do.

I called Kraft Canada's PR rep (12:30 pm AST, Feb 1, 2011) - that would be Lynne Galia, (w) (416) 441-5610, lynne.galia@kraft.com - and left a message asking for an invue  about this non-stop assault on my inbox.

And while hunting for a media contact at Kraft Canada, I discovered that Kraft / Gevalia have added a new feature to offloading the cost of advertising to the recipient with their new 'spam your friends' feature.

[caption id="attachment_833" align="aligncenter" width="300" caption="Kraft Foods / Gevalia's Spam Your Friends Feature"][/caption]

And according to their so-called 'privacy' policy, they promise start spamming your friend and to share your friend's email address with their 'partners' so that those partners can spam your friend as well.

And they admit to using web bugs and other spammer tricks to identify your IP address. Kind of makes a 'privacy' policy sound more like authorization to spy and annoy.

Meanwhile, the best I can do is raise awareness that Kraft is using junk mail to offload the cost of delivering their unwanted advertising to the recipient, and that packaging coffee in one-cup disposable containers is an insult to environmental responsibility.

-g

Comments

MyLife.com: Some guy is seeking Djanglebert

If you read the earlier post about Djanglebert Dinglebart - the non-entity that MyLife.com claims is the target of a half-dozen online searches - you'll know that it was all just a test (apparently one of many) to determine if MyLife.com has a shred of credibility.

But being outed hasn't stopped the bots at MyLife.com from claiming that, since our ghostly heroine set up her account, she's been the subject of a search by "a 54-year old male living Marshfield, Mass."

Marshfield is a small town south of Boston. I don't know anything about it - or the people who live there - but if one of them really is a 54-year old male pining for Djanglebert, then it's also home to one of the sadder stories of Internet stalking ever.

Hey, 54-year old guy: Djanglebert does not exist. She's a fake. Made up. A specter.

You'd have a better chance of a fulfilling relationship by logging off MyLife.com and going back to just surfing free porn sites.

Unless, of course, 54-year-old-Marshfield-Mass guy is also made up. But who would do that? MyLife.com?

Log off MyLife.com and go back to surfing porn.

Comments

Incompetent Latvian Spammer

Someone (I forget who) once said "people generally don't become spammers because they've lost their job at the Jet Propulsion Laboratory" - in other words, spammers tend not to be terribly smart. Case in point: after cleaning up a large batch of spam comments yesterday, I did some digging and noticed that all of the spam came from two IP addresses in two class-C ranges (195.191.54.* and 94.142.131.*), all of which appear to be located in Latvia.

The stupidity of this particular spammer started to become obvious when I checked back through older spam comments on the site & found several thousand from the same IP range, posted over the course of several months. And not a SINGLE one of those comments has ever appeared on the site, thanks to the WordPress Akismet plugin & manual comment approval. So not only is this spammers completely ineffectual, he's also too oblivious to realize it.

But the real fun didn't start until I blocked the IP ranges using the WP-Ban plugin for WordPress (which I highly recommend). The plugin has a nice display of ban stats, showing individual IPs and the number of times they've been blocked - as of this writing, the spammer has made 1,059 attempts (from 18 different IP address, all from the same two class-C ranges), in under 24 hours. And he's still at it, making one attempt at least every 2-3 minutes - sadly for Mr. Spammer, this is not one of those situations where persistence makes up for a lack of intelligence.

UPDATE - JAN 19: Mr. Latvian Spammer has now been blocked a total of 2,398 times, from a total of 18 different IP addresses. And what does he get for his persistence? Since I've always been a fan of the old "SPEWS" approach, the IP ranges 195.191.54.* and 94.142.131.* have now been blacklisted across our entire hosting network (web and mail servers). Congrats!

Comments

Djanglebert Dinglebart and MyLife.com

When I first heard about MyLife.com, the word 'scam' came to mind. MyLife.com  is the web site that advertises that somebody is searching for you and if you just type in your name and some personal details (birthdate, zip code), you can find out who that somebody is.

Now most folks will type in their own names. But my gut feeling was that even if you make up an outrageously unlikely name - Djanglebert Dinglebart, for example - the good ole MyLife.com search engine with come up with people who've apparently gone to the site and searched for that name.

[caption id="attachment_804" align="aligncenter" width="300" caption="Is anybody looking for Djanglebert?"][/caption]

And guess what? Thirty-three year old Djanglebert Dinglebart has a half dozen people looking for her (yeah, I decided to make Djanglebert a female and added a novel maiden name - Bartendingle).

[caption id="attachment_805" align="aligncenter" width="300" caption="There's apparently a crowd searching for our non-existent Djanglebert"][/caption]

Looking through the list of names on the site, I headed down to the Dinglebart area and discovered an entire community of Dingleberries - including Dufus, Clean and Dang Dingleberry. Just a wild guess, but it looks to me like a few other folks are skeptical about MyLife.com's basic claims.

-g

Comments

Vyew: Free Alternative to Dimdim

Online meeting software is fairly common today, there are numerous services like WebEx and GoToMeeting that combine shared document editing/whiteboard/video conferencing/screen sharing, etc, into a single turnkey package. The downside is that those services tend to be quite pricey, usually outside the budget of freelancers, small-medium business, etc.

There has been one standout that offers a free equivalent: Dimdim. Unfortunately, it appears that they've just been purchased by SalesForce.com - who have decided to discontinue all free Dimdim accounts on March 15, 2011 according to an EMail we received from Dimdim today:

Dimdim has been acquired by salesforce.com. Your free Dimdim account will remain active until March 15, 2011. After that date, you will no longer be able to access your free Dimdim account.

Fortunately, there are a few other services that, while they may not be as well-known as Dimdim, they do still provide most of the same features. The best alternative that I've found is called Vyew - as with Dimdim, it's Flash-based so there's no need to install JAVA or Active-X plugins. Vyew's interface is a bit more complex, though it looks like it has some extra features and does appear to contain all of the essential functionality for online meetings (voice/video conferencing, shared whiteboard, shared document editing, etc).

Disclaimer: we are not affiliated with Vyew.com, nor do we receive any compensation (financial or otherwise) for recommending their service.

Comments

Let Them Bake Bread

I walk down the aisles of the grocery store - overflowing with a cornucopia of choices - and then I see the bread: mainly puffy bags of nothingness that seem to be inexpensive, claim to be nutritious and taste...well, it doesn't taste like anything, really.

And then there's bread: the stuff that goes right for your sense of smell, that fresh baking bread aroma, a direct attack on your salivary glands so that you can almost taste it before it even hits your tongue.

Problem is, as we all know, that home-made bread thing is hugely time consuming. Right?

Bollocks!!!!

(read on)

Bread on the Farm

Back in the days when I had farm-fresh milk and eggs on my doorstep - literally, meaning I had to wear rubber boots - I baked 12-16 loaves a week using a beautiful little Scandinavian wood stove with an insulated, brick-lined oven. It wasn't very big, but it was as efficient as all get-out and there wasn't a cold or hot spot in the oven.

Fast forward 20+ years to an electric oven in the city - and my forays into that bread-making past have been, with a few exceptions, disappointments.

Yes, I still make a mean batch of bagels (the goose-egg variety were the best...but these aren't bad) and haven't lost my touch with Challah. But those are specialty doughs that almost require intentional incompetence to screw up.

The regular old loaf of bread was eluding me. For two decades. Doorstops, 27 . Edible loaves, 0.

The Bread Machine from Hell Week

So one day we're at the Coop - it's "Member Appreciation Week" which should really come with the tag "From Hell!" Coop members from far and wide - members who shop once a year - friends of members - show up in droves. It takes two hours to buy a package of toilet paper.

Anyway, they do have some terrific sales during the week from hell, and one of the sale items was a bread machine. I figure if I've lost my bread-making mojo, maybe technology can bail me out.

Wrong.

If I was interested in building a small hut out of bread, the bread machine I owned for three whole days would be my production tool of choice: hard, impenetrable, but shaped perfectly for unskilled building construction.

I tasted part of one - the one that looked most like a failed brick (I can't bring myself to say "that looked most like a loaf of bread" cause that would be lying) - so I took a bite of it and then I tasted raw flour. And the flour tasted better.

Dough's a Messy Business

I remember my baking day marathons. The idea was to do a whole pile of production cause even a little bit was so time consuming and messy - requiring huge cleanup big or small - that volume equaled efficiency.  Right?

Wrong again.

It turns out that minimal handling, healthy ingredients, patience and a few simple tools produce high quality bread that requires very little work.

Bread-Making Drudgery? No Knead for That

The utensils:

• A heavy 4-qt bowl (non metallic)
• Measuring spoons and a 1-cup measuring cup
• Spatula or flat-edged wooden spoon
• Pizza stone (can substitute a ceramic or pyrex bowl or baking tray)
• Wax or parchment paper

• 3 cups flour (whole white flour or bread flour)
• 2 tsps salt
• 1/4 tsp dried instant or breadmaking yeast
• 1 1/2 to 2 cups warm water

You make a fairly moist dough, enough for one decent-sized loaf of bread, you leave it alone for a day, you come back and bring the oven up to temperature, handle the dough for a couple of  minutes, and an hour later you're eating delicious, homemade fresh bread that looks, smells and tastes like it came out of a specialty bakery shop.

So enough of the writing...the best way to show you how to do this is to just show you how to do this.

Pictures and videos are in the works.

-g

Comments

Facebook's free speech smackdown of Canadian political discussion

While most of the focus around free speech recently has been on the Wikileaks dump of diplomatic notes and cables, Facebook has quietly limited the free speech of a popular page called 'Can this Onion Rings get more fans than Stephen Harper?'

The faceless minions who control Facebook have blocked the Onion Ring fan page from posting events, notifying fans, or adding content to the photo / video galleries.

Nobody knows why - or who - just that somebody at Facebook decided that this kind of political discussion won't be tolerated.

Despite the silencing efforts, if you search Facebook for 'Stephen Harper', the Onion Ring page comes up first (160,708) and Mr. Harper's page (37,738) comes up a distant second.

-g

Comments

Spammers in Denial - UK Food Exports

While George is really the anti-spam expert around here, there is one amusing spam trend I've noticed recently. For instance, today I received some spam from UK Food Exports (no, I'm not going to link to them, spammers don't deserve a free SEO boost), who appear to be (you guessed it) a UK-based exporter of food items.

Read on for the details.

It's run-of-the-mill spam, but the disclaimer at the end of the message caught my eye - for one, it was almost as long as the message itself.

This message is not "SPAM" because it contains our identification and unsubscribe instructions. This message was offered to you for one of the following reasons: your email address has been selected from a database that you have subscribed, your email address was made public by you; you have requested to receive the offer; you are a partner of our company; your email address is in our database as a result of previous correspondence.

1) Among most IT professionals & server administrators, there is a slightly more formal term for spam: unsolicited commercial EMail, abbreviated as UCE - many also amend or revise that definition with the word "bulk". These spammers, however, appear to be borrowing a definition from the appropriately-named CAN-SPAM Act of 2003 - a largely useless piece of legislation in the United States that allows most spam so long as there's an opt-out link and a valid From address.

There's also the minor detail that CAN-SPAM doesn't apply to either the country where this spam was sent (the United Kingdom) or the country where it was received (Canada).

2) If you feel the need to state that your EMail isn't spam, then it almost certainly is spam. The fact that it's from a food export company makes it particularly silly - do they also feel the need to label their physical products with disclaimers saying saying "this is not SPAM®"?

3) The disclaimer (quoted above) gives several possible reasons why we received message - in this case, the 3rd reason ("email address was made public by you") is technically correct. There's a little more to it, though: the address that they spammed has only been "made public" in the sense that it's hidden in the source code of a contact page. And the sole reason the address exists? As bait for spammers.

In other words, the only way that UK Food Exports could have obtained the address is if they viewed the source code of the contact page, or used a type of computer program known as an "EMail harvesting bot" (software that searches websites in order to collect EMail addresses). That, or they purchased an EMail list from a 3rd party who had harvested the address.

So congratulations UK Food Exports, you are a spammer.

Comments

Spam Leaders: Gevalia coffee and AARP

Cleaning out a few thousand incoming junk mails from the past month and the leading offenders in the major brand category are Gevalia and AARP - the American Association of Retired Persons.

If you've read about spam in this blog before, you may recall that I'm still waiting for both of them to call me back and explain why they are such persistent spammers.

Gevalia, by the way, isn't just counting on email spam. It's now heavily involved in Twitter spam. What is it about spam that so-called legitimate organizations find so attractive? The ability to have the recipients pay for their advertising?

-g

Comments

Dis-Unified Communications

I'm old enough to remember when snail mail was just called 'mail' and when digital communications meant putting your forefinger into the correct hole on a rotary dial telephone like this one.

[caption id="attachment_730" align="alignright" width="150" caption="Rotary Dial Telephone"][/caption]

If I heard the front door open, and something hit the floor followed by the clang of the mail slot, it was just like saying 'You've got mail'. Incoming 'electronic' messages were presaged by the original ring tone: a metal hammer repeatedly striking a brass bell.

Now, in the modern version of the digital age, I have two landlines, an answering machine, voice mail, voice-mail-to-email, a dozen email accounts (several 'hidden' to avoid spam), a Twitter account, a Facebook page, a LinkedIn account, a Skype account, an MSN Messenger account, an AOL Instant Messenger account, an internal project tracking/messaging system. And a mail slot where, to this day, I can still hear the outside door swing open, the thump as the junk mail hits the floor announcing that I've got mail.

So after 30 years of the relentless march of all things digital into my formerly analog world, instead of an easy life of flying cars and a perfectly safe personal nuclear reactor, my life now consists of spending hours each day just checking to see if Bob sent a response to my urgent plea for help via email, Twitter, voice mail, SMS, Skype or whatever.

Granted, I can now be among the tens of millions who are the first to know when Sarah Palin('s ghost writer) tweets that she just saw Russia from her back 40, or that the new Beeb (as in Justin, not the UK-based broadcaster) is lunching on PB&J.

Would I have cared any more if, back in the dark ages of the mid-70s, someone had taken the time to rotary phone me with these explosively important factoids? I probably would have gone back to work thinking 'What lunatic was behind spreading that bit of useless information?'

So welcome to the world of dis-unified communication, a world in which not only is the medium the message, but the noise has become the signal.

-g

Comments

Gevalia - Kraft Foods new spam run (part 2)

Richard was true to his word. And apparently, despite privacy legislation, he is eligible to give us his full name. (More on that later.)

Not Veronica X.

OK - so here's what happened:

Veronica X from Gevalia phoned today.

I asked "Veronica who?"

"Due to privacy laws I am not eligible to give you my last name."

Eligible?

OK. Whatever.

So why did you call?

To tell me that I should simply opt-out of the Gevalia spam (in Twitter space that would be #Gevalia spam) and my life would return to normal.

But if I don't opt out, will Gevalia keep spamming me? And maybe my other email addresses? And my cellphone?

"Yes."

But I didn't ask for Gevalia spam. And I sure didn't ask to it to be sent to a mobile phone - where I pay for ever bit and byte I receive.

So Veronica X, do you understand that some of us are actually paying to receive #Gevalia spam?

"Not if you have a data plan."

According to Veronica X, if you have a data plan on your cellphone, you just pay a monthly fee for data charges and you don't really pay for the ads that #Gevalia sends you. Or something like that. I don't quite get her argument.

And she obvi0usly doesn't get mine: I don't want to receive #Gevalia spam, and n0t if I have to pay to receive their ads. That's like telemarketers being able to call collect.I pay for data. Up to a limit. If I go over it, I pay more. If Veronica X decides to spam the sh*t out of my cellphone, she could put a serious dent in my bank balance.

According to Vernonica X, too bad.

"That's called marketing," she told me.

Shifting the cost of advertising - remember that #Gevalia is owned by Kraft Foods - from a huge corporation to people who really would rather not get their ads and sure as fsck don't want to pay for them - must sound like the marketing miracle of the millennium:

And what about the lawsuit against Kraft / Gevalia in 2005 for spamming? Are you aware of that?

"No, I’m not...I went through head office and they don't know about it either."

Doesn't the Can-Spam Act prevent you from randomly spamming people you have no prior business relationship with and who've never given you permission to abuse their inboxes?

"I’m not 100 per cent sure. I can definitely look into that."

But what you're doing seems to be breaking the law.

"No, it isn't."

So you can speak on behalf of the company, but won't identify yourself?

"Yes."

And you one of the company's official spokespersons?

"I am an executive representative."

How about letting me talk to someone who isn't afraid to identify themselves - somebody who will represent the company without hiding behind your bogus privacy legislation claim?

"I will get someone to call you back."

And she hopes I have a great day.

-g

Comments

Gevalia - Kraft Foods - new spam run - Part 1

Don't you love spam - unsolicited commercial email - that you have to pay for?

A major Gevalia turdlet appeared in my inbox today. From a typically obscured domain name - claiming to be based in Las Vegas - spamming like mad for Gevalia.

I called the contact number for Gavalia and was told that I had to open an account before they could pass me on to media relations. (Thanks for that, Anne 704126 - but no thanks for putting me on hold forever...and yes, I eventually gave up while you looked for your supervisor. That was the plan, right?)

So I called Kraft Canada's media line (1 800 438 2542) and spoke with Richard Buino. He's apparently never heard about spam - or about the 2005 lawsuit against Gevalia / Kraft for spamming.

He promised to look into my concerns. And asked me for my contact info. He has my name.  And phone number. But not my email address: I'm not that stupid. Spammed me already at one address. Not giving you another email address to feed into your spamming machine.

So, Richard...over to you.

I am not holding my breath.

But my brain is starting to create this interesting connection: Kraft = spam. I don't like spam. Do the math.

-g

Comments

War Games - Why Most MSM Online Forums Suck

On occasion, I've been an avid reader of the online comments on sites like The Globe, The National Post, Calgary Herald, Toronto Sun, CBC, etc. But it's all going to hell, and quickly.

Visit any of those online sites to see for yourself (the illusion of) Internet anonymity run amok.

(There is no anonymity on the Internet, unless you're technically competent enough to hide your tracks, or you've hired someone to do it for you. It's not something that comes with Micr0soft Office or the iPad.)

Thanks to lax registration requirements and amateurish moderation standards, the majority of the online 'discussion' consists of personal insults, name calling, completely unfounded and often scurrilous accusations, constant reposting of the same litany over and over ad nauseum, constant attempts to change the subject to all-too familiar rants. A place where the MSM writers and editors rarely if ever respond, and where the only visible sanction is to make the post go away with a note saying 'We made the post go away'.

Meanwhile, we have anonymous postings, being able to hide your earlier posts, no way to 'ignore' the relentless trolls on both sides of every issue, and the freedom to rant nearly at will.

On occasion, the postings are so egregious as to make me jerk back in my chair, stung by the savagery. One example is enough. There are plenty more where this came from:

"...it is a weak society that convicts its warriors of killing an injured enemy on the battlefield..."

Armies that slaughter injured enemy combatants are usually described using terms such as 'murderers' and 'savages' and 'butchers'. Want more examples? Visit the forums mentioned above.

So what's the current scenario: all too often a nasty, divisive 'public' spaces with all the charm, wit and intelligence of Question Period.

-g

Comments

Teamwork

There are people who work near each other - their desks or cubes are in close proximity - and people who work with each other. I'm happy to be part of the latter group.

I just sent off a proposal to what we hope will be a great new client. We only found out about the opportunity two weeks ago, and had to fly to Ottawa to meet with them in the middle of last week. And work through the weekend to get our proposal in on time.

I'm looking at the final result now - wishing I could show you it to you (later) - and I'm totally amazed: We produced a 30-page proposal that looks and reads like a magazine,  produced a relevant video segment, added dozens of work samples, and created a micro-site that pulls it all together.

It happened because I'm part of a team of professionals who enjoy working together, who excel at what they do, and appreciate bigger-than-the-sum-of-the-parts results.

Will we be disappointed if we don't get this contract? You bet. Will we be devastated? No way. This is the best proposal we've ever created. And we're only going to get better.

What a nice way to end a summer Monday.

-g

Comments

AARP Spamming Canadians?

The American Association of Retired People is the latest spammer to hit an email address here that usually just gets links to porn or pitches from Nigerian lawyers offering to split $6.5 million from their dead clients.

It came from LeslieSmith@thalized.info - about as real as the latest lawyer from Lagos? - with the subject line of "Receive a gift with AARP membership"

And here's the usual 'you asked for it' nonsense that leads off the email:

"You have received this e-mail on behalf of AARP because you requested to receive information from the company listed at the bottom of this message."

There is no company listed at the bottom of the message, of course, but then we all know that the first rule of spam is that Spammers Always Lie.

The message goes on to suggest clicking on a link that's supposedly www.aarp.org/benefits to take advantage of all of the irrelevant blah-blah-blah in the rest of the spam. Of course, once you start lying, why revisit the truth?

The real link - the one hidden under the www.aarp.org/benefits tag - is actually at http://thalized.info

Now my best guess is that domain - thalized.info - is probably a throwaway domain created in the past few days or weeks and will lead to somewhere else. So let's check out my theory:

Registered at GoDaddy (what a surprise! not) on July 2nd, 2010. And with contact info that's clearly bogus, such as the phone number 1-426-745-7985 that doesn't exist. Yep, spammer spoor alright.

So what happens when we click on the link?

We get delivered to www.aarpmemberhip.org with the AARP logo all over it, plus a toll free number that  leads me to a telemarketer (name withheld) at the AARP call center in Nevada.

So who owns aarpmembership.org? A St. Petersberg, Florida, company called SendTec (sendtec.com) that filed for Chapter 11 bankruptcy protection last year , just months before it set up aarpmembership.org and was earlier under investigation by the Securities and Exchange Commission in the USA.

Calling AARP's Washington, DC, office and asking for a media contact gets me Charlotte Marshall. After explaining the brief outline - spam to my inbox and the link to AARP - I asked if aarpmembership.org is in fact associated with AARP.

"Yes."

So are you saying that AARP sends out unsolicited junk mail?

"This company does that, yes," she told me and went on to explain that they buy email addresses from third parties.

When she asked again why I wanted to know, I repeated that I'm a journalist and was conducting and interview.

"Oh," said Charlotte. "Can you hold on while I get you a spokesperson? That's not my department."

So after a bit of waiting, AARP spokesperson Jordan McNerney came on the line. I gave him the same backgrounder, and asked about the connection between the throwaway source of the spam, aarpmembership.org and AARP.

"I don't know the answer to that," he said. "That's not my department. But I will try to find out for you and call you back."

Anyone willing to bet on that last promise being the truth?

So is this a first for AARP?

Not according to this blog post by Johm Mello at allspammedup.com which relates a similar story from a few months ago.

AARP claims 39 millions. And has a reputation that extends into Canada. Must be really bad times in the USA if an organization that I used to think had credibility is using the same shady tactics as the ugliest of the porn spammers and the offshore criminal gangs trying to steal identities.

-g

Comments

Michelle Simson, Member of Parliament 3.0

I don't know much about Scarborough Southwest MP Michelle Simson. What I know is that she promised - and kept it - to put details of how she spent taxpayers' dollars online.

That's so right in this day and age. The technology makes it possible, and Canadians of all political stripes overwhelmingly want this kind of full disclosure.

Every other Member of Parliament should recognize the value of this openness. Walk like a duck...

So we have  the political class and the chattering masses. Not for the first time, of course.

Remember these refrains?

- Let them eat cake.

- Off with their heads.

Anyway, I don't know very much about Michelle Simson, but I think she might be Canada's first MP 3.0

-g

Comments

"Proven the Fastest"?

Remember those Rogers "Proven the Fastest" ads that were popping up everywhere not too long ago? For some strange reason, those ads started disappearing right around the time that Aliant's Fibre-to-the-home rollout got underway. The "Proven the Fastest" promotional site is still online, but the "Atlantic" link now just redirects to a different Rogers site (until very recently it had been showing a "404 Not Found" error instead).

Ever wonder if that timing was just coincidental? We recently had the opportunity to run a few side-by-side speed tests comparing an Aliant Fibre connection & Rogers' Highspeed Extreme service - the winner? According to SpeedTest.net, here's how Rogers and Aliant currently measure up:

ALIANT FIBRE Download: 57.08 Mb/second Upload: 14.34 Mb/second	ROGERS HIGH-SPEED EXTREME Download: 10.01 Mb/second Upload: 0.99 Mb/second
View Results	View Results

Comments

How do I Register the .CA Version of a .NB.CA Domain?

UPDATE DECEMBER 2010: due to recent changes to the .CA registry, the instructions below no longer apply. We're looking into the new process and will update this post once we have all the details.

We recently ran into a situation where a hosting customer already owned the .NB.CA version of a domain name and wanted to register the .CA version as well. It's fairly well-known that, if you register a province-specific domain name (domain.nb.ca), then no one can register the national-level domain (domain.ca) without your permission. Unfortunately, it's rather difficult to find any details on the specific steps needed to provide permission.

CIRA does provide a document detailing the "Registration Of Conflicting Domain Names," though it's barely-comprehensible four pages riddled with bureaucrat-eese and instructions for registrars (that 99% of individual domain owners don't need to know). It turns out that the process is fairly simple (CIRA over-complicating something? Shocking, I know).

The scenario is that you already own domain.nb.ca and you want to purchase domain.ca (note: nb.ca is used as an example, but this information should apply to any province-specific domains - on.ca, sk.ca, ns.ca, etc) . First you need to put in a registration order for the national-level domain (domain.ca), just as you would for any new .CA domain. Within a few minutes CIRA will send a notification EMail to the admin contact of the province-specific domain (domain.nb.ca), requesting permission to register domain.ca.

To grant permission, the process is exactly the same as authorizing any other "non-trivial" change to a .CA domain: you need to login to the CIRA account for the province-specific domain (domain.nb.ca) and click on an "Approve" link. That will take you a page where you can authorize (or reject) registration of the national domain (domain.ca).

Of course you either need to have an up-to-date administrative contact EMail address for the province-specific domain (domain.nb.ca) so that CIRA can send you your login information, or you need to have a copy of your CIRA account information on record. Otherwise, you need to (literally) find a judge or notary public or priest and get started with the dreaded CIRA "Manual Change of Admin Contact" process.

Comments

Rahim Jaffer's web site dead but still twitching

Who pulled the plug on former MP Rahim Jaffer's web site?

The site was in the news last week after the Conservative Party demanded he remove the party logo from the site. The site included photos of Jaffer with various Conservative notables, including Prime Minister Harper.

Then there followed allegations that Jaffer was using an email address and office space assigned to his wife, former federal cabinet minister Helena Guergis, and now claims that he also made use of her ministerial limo for his personal business affairs.

Then the site went dead.

So who pulled the plug on the site? The most likely answer is: the site owner. And that's where this one gets fairly convoluted.

The domain name in question is rahimjaffer.com

The registrant - domain-name speak for 'licensee' - is listed as:

Office of Rahim Jaffer, MP House of Commons Ottawa, ON K1A 0A6 CA

Jaffer lost his seat in Parliament in 2008. The domain is licensed to August 19, 2011, which means the domain is paid up until that expiry date.

There are two emails listed in the domain name registration:

jaffer0@parl.gc.ca and rahim.jaffer@rogers.com

So does Jaffer own the site? Or is the owner the House of Commons and, therefore, the people of Canada?

If it's the HOC, then it's entirely possible that the self-promotional site that included his business initiatives, photos, and bio was being paid for by taxpayer dollars.

Update:

Jaffer, of course, is the same ex-MP who was charged with impaired driving and cocaine possession but got what the judge called 'a break': a $500 fine in return for a guilty plea on a careless driving charge.

Digging around in the dusty annals of the Internet, you can find archived versions of the site from August 2000 to June 2008, about four months before he lost his seat in Canada's 40th general election.

Included in the archive is a post about the Conversative's new tough, anti-crime initiatives, that wraps up with:

"While the Liberals continue to earn their soft on crime reputation, Canada’s New Government is tackling crime, protecting our streets and communities and building a stronger, safer, better Canada."

Back on the Conservative side of the fence, the Gates Foundation just withdrew funding for an anti-smoking initiative in Africa after learning that former federal cabinet minister Barbara McDougall, the chair of the International Development Research Centre which was managing the initiative, was at the same time sitting as a member of the board of who was appointed by then-foreign affairs minister Maxime Bernier (he of the girlfriend with alleged Hell's Angel's connections)

-g

Comments

Warning: DOMAINRENEWALONLINE.ORG "Domain Slamming"

In the past few weeks, we have received several EMail messages advertising domain name registration services provided by DOMAINRENEWALONLINE.ORG. At first glance the messages appear to legitimate domain renewal notices and they include a link to pay for the renewal - but the messages are actually sales solicitations, attempting to trick you into transferring your domain registration to DOMAINRENEWALONLINE.ORG.

This is a practice known as "domain slamming" and it is similar to the tactics used by the Domain Registry of Canada (who we also issued a warning about). The only significant difference is that the Domain Registry of Canada sends physical letters, while DOMAINRENEWALONLINE.ORG uses EMail instead - so their messages also qualify as spam (unsolicited commercial EMail). Aside from the misleading sales tactics, it's always a good idea to avoid doing business with spammers.

Read on for two samples of the EMail messages sent out by DOMAINRENEWALONLINE.ORG

==============================================================
From: "jacques.casey" <jacques.casey@domainremeber.info>


Hello


Do not miss, your domain name YOURDOMAIN.com is about to expire
60 days .
Our company allows to renew your domain name automatically.
Click here if you wish to renew your domain
--------->  http://WWW.YOURDOMAIN.com.domainrenewalonline.org/


Once we have accepted the payment we will initiate the renewal
process .You will receive a conformation when your name has been
renewed.
__________________________________


Kind Regards ISP Renewal
__________________________________


Services and information about Domain Renewal.
You receive a reminder from us when you have a domain name
that is about to Expire.  Domain Renewal monitors domain
names and renews your domain names through your existing
Internet service provider. If you choose to prolong your domain
name please use the link above. You can also ask your existing
domain provider to renew your domain for you.  If you order us
to renew your domain name, we will not make any changes in
the whois information or change internet service provider. The
only changes will be a new expire date. You can see the total
fee for your renewal by clicking on the link.
You can contact our customer center if you have any questions
regarding your domain. The customer center can be reached at
Tel: +44 20 3318 1883
Fax: +44 20 3318 1884
==============================================================


==============================================================
From: ISP renewal <miriamangels@aol.com>


Be aware


This is a notice to remind you, YOURDOMAIN.com will expire
60 days .We will help you to renew your domain name
automatically.Click here if you wish to extend the expiry date
of your domain
-------->>>  http://WWW.YOURDOMAIN.com.domainrenewalonline.org/


You will receive a conformation, once your payment has been
accepted and your domain has been renewed.
__________________________________


Best regards ISP Renewal
__________________________________


Useful information.
This is a domain renewal reminder service. Once a domain
name is about to expire we will send a reminder notice so
you do not miss the expiry date of your domain. If you
choose to extend your domain name through our service
please use the link above. Note! By using our services you
will keep your existing provider. No changes will be made
in the whois information except the new expiry date. You
may also contact your existing domain provider to renew
your domain The only changes will be a new expire date.
Click on the link above to View the total cost for the service.
You may contact our customer center if you have any
additional questions at
Tel: +44 20 3318 1883
Fax: +44 20 3318 1884
==============================================================

Comments

Read This Before You Say Yes…

The only problem I have with Doreen Pendgracs new book - BEFORE YOU SAY YES...The Pleasures and Pitfalls of Volunteer Boards - is that she didn't write it 20 years ago.

(Disclaimer: I know Doreen, we're both members of the Professional Writers Association of Canada, and she quotes me in one chapter, and she sent me a contributor's copy of the book.)

So with that out of the way, let me just say that the book is chock full of anecdotes and wise advice based on decades of experience, both on the part of the author and the people she interviewed.

There's the board locked out of its own office after a staff mutiny, the board where cursing and sexual innuendo were the norm, the board that finds itself in an unlawful dismissal suit.

That's the bad news.

The good news is that Pendgracs also provides a long list of suggestions for avoiding or at least softening the blow if and when things go badly.

And that after the many tales of woe, she's still clearly optimistic about the benefits - personally, professionally and to the community - of devoting time and energy to volunteering for the many non-pr0fit organizations that continue to function either in whole or in part because of the generous donation of time and energy.

It's not a very big book - just 145 pages front to back - and it's not a very expensive book - $19.99 in paperback from Dundurn Press - but it's a book that should be handed out every time a board asks someone to consider volunteering for a position, and a must read for every current member of existing volunteer-driven boards.

It's the best $19.99 they're likely to spend to avoid the pitfalls that could cost the organization its very existence, and the board members their personal assets, not to mention their sanity and peace of mind.

-G

Comments

WRU - The more things change…

WRU is a special purpose key on a teletype machine. It's short for 'Who Are You?'.

It would great to have one of those on today's version of the Great Network.

When two teletype machines were connected over dedicated circuits, hitting the WRU key would trigger the remote machine into responding with its identity, which would then print out on your paper roll.

That was the 'screen' - a roll of newsprint.

The teletype in the photo below has a paper tape reader so the operator doesn't have to type live. Line costs were VERY expensive so you wanted to be able to type offline, print that out to 1/2 inch stiff paper tape, which you'd then insert into the tape reader. It 'uploaded' the data far more quickly than a human operator.

Dial the remote machine, do your WRU, and start feeding tape.

[caption id="" align="alignnone" width="440" caption="Teletype (Image resides @ Clemson.edu)"][/caption]

The keys were big, klunky and a real b!tch for touch typing. There were, however, customized tape machines: they couldn't go online but they could produce the paper tape that plugged into the teletype for faster transmission. The tape machines were smaller, had way better keyboards, and therefore allowed for faster, more accurate typing.

If we were in a real hurry...

This was for one of the world's largest heavy equipment manufacturers and among the clients were some VERY big construction companies that lost mega bucks for every minute that their equipment was down. So we were nearly always in a real hurry at some point during the day.

Emergency parts orders went out by teletype and stuff was flown in. If contractors were in penalty mode, they'd pay whatever it took to get the parts to the job site. And yell and scream at you while they waited.

So to speed things up, you'd generate a couple of feet of paper tape on the tape machine, string it right into the teletype - so you now have an internal network connection made out of paper. Fire up the teletype, and start feeding tape.

Then back to the tape machine to continue typing. These were long part numbers, quantities, customer info, along with some live chat.

The idea was to type faster than the teletype could send, or the paper tape would break. While the teletype's clanking away like some demented machine and the contractor is still screaming.

But for all the aggravation, it was comforting to know that if you hit the WRU key, you'd get an honest answer.

-g

PS - The teletype machine in the photo appears to only be able to receive an incoming connection - don't see the rotary dial anywhere. Plus it's time to change that paper roll - the red stripe shows up on the far right when the paper's running low. And if you don't change it in time, your 'screen' goes blank and all that data will be lost.

Comments

Hotmail - Time To Block It?

Out of several hundred emails I've received from Hotmail.com so far this year, can you guess what percentage has been spam?

Would you believe 100 per cent?

And the amount of incoming mail - and therefore incoming spam - from Hotmail has been growing by the week.

Sent off an interview request to Hotmail's PR company in Canada, along with a note that my solution is simple: block any and all incoming email from hotmail.

-g

Comments

The FBI Moves to Nigeria - I win big!!!

One of my favorite junk mails - a category that represents about .00001 per cent of the crap that's filled my inbox over the years - was the sad tale of the Nigerian astronaut supposedly snuck aboard a Russian mission to their space station then abandoned in orbit when the Soviet Union collapsed and there was no money to bring him back to earth. And he wanted me to help him claim his back pay.

Now, according to the Lads from Lagos, the FBI has uncovered evidence that I've won $800,000 in an online lottery and, for just $500, I can claim my prize. This directly from FBI Director Richard Mueller himself.  He even included his phone number so I can call and start working out how to send him my $500.

But not just any old FBI phone number. We're not talking reception here. We're talking his DIRECT LINE. In Nigeria.

The email came directly from the FBI's mailserver in Australia and includes a link to the email address of the Special Agent in Charge of this investigation who just happens to be in Kiev, Ukraine.

So what do you think? Is this real or could it be a scam?

-g

PS - And for your amusement, here's the email: Anti-Terrorist and International Fraud Division. Federal Bureau Of Investigation. Seattle, Washington. Telephone Number : (206) 973-2572

This is to Officially inform you that it has come to our notice and we have thoroughly completed an Investigation with the help of our Intelligence Monitoring Network System that you legally won the sum of $800,000.00 USD from a Lottery Company outside the United States of America. During our investigation we discovered that your e-mail won the money from an Online Balloting System and we have authorized this winning to be paid to you via a Certified Cashier's Check.

Normally, it will take up to 10 business days for an International Check to be cashed by your local bank. We have successfully notified this company on your behalf that funds are to be drawn from a registered bank within the United States Of America so as to enable you cash the check instantly without any delay, henceforth the stated amount of $800,000.00 USD has been deposited with Bank Of America.

We have completed this investigation and you are hereby approved to receive the winning prize as we have verified the entire transaction to be Safe and 100% risk free, due to the fact that the funds have been deposited at Bank Of America you will be required to settle the following bills directly to the Lottery Agent in-charge of this transaction whom is located in Lagos, Nigeria. According to our discoveries, you were required to pay for the following -

(1) Deposit Fee's ( Fee's paid by the company for the deposit into an American Bank which is - Bank Of America ) (2) Cashier's Check Conversion Fee ( Fee for converting the Wire Transfer payment into a Certified Cashier's Check ) (3) Shipping Fee's ( This is the charge for shipping the Cashier's Check to your home address )

The total amount for everything is $500.00 (Five Hundred-US Dollars). We have tried our possible best to indicate that this $500.00 should be deducted from your winning prize but we found out that the funds have already been deposited at Bank Of America and cannot be accessed by anyone apart from you the winner, therefore you will be required to pay the required fee's to the Agent in-charge of this transaction via Western Union Money Transfer Or Money Gram.

In order to proceed with this transaction, you will be required to contact the agent in-charge ( Mr. Benson Edward ) via e-mail. Kindly look below to find appropriate contact information:

CONTACT AGENT NAME: MR. BENSON EDWARD E-MAIL ADDRESS: bensonedward08@gala.net

TELEPHONE NUMBER : +234-703-586-0779

You will be required to e-mail him with the following information: FULL NAME: ADDRESS: CITY: STATE: ZIP CODE: DIRECT CONTACT NUMBER: You will also be required to request Western Union details on how to send the required $500.00 in order to immediately ship your prize of $800,000.00 USD via Certified Cashier's Check drawn from Bank Of America, also include the following transaction code in order for him to immediately identify this transaction : EA2948-910. This letter will serve as proof that the Federal Bureau Of Investigation is authorizing you to pay the required $500.00 ONLY to Mr. Benson Edward via information in which he shall send to you, if you do not receive your winning prize of $800,000.00 we shall be held responsible for the loss and this shall invite a penalty of $3,000 which will be made PAYABLE ONLY to you (The Winner). Please find below an authorized signature which has been signed by the FBI Director- Robert Mueller, also below is the FBI NSB (National Security

FBI Director Robert Mueller.

Comments

Microsoft Attacks Spam

Microsoft used a US court order to block traffic to 277 .com domains in order to decapitate the command and control capabilities of the Waledec botnet: a global network of compromised computers used to distribute a claimed 1.5 billion junk emails PER DAY.

The order requires VeriSign - the original dot-com registrar and a key player at ICANN (look it up) - to temporarily nuke the domains, the first time a legal attack on domain name registrations has taken down such a large chunk of spammer domains.

In the past, the domain name registry system has been one of the primary enablers of spamming.  Away back before the domain name gold rush, .com was meant for commercial enterprises, .net was meant for networks, .gov was meant for governments,  .org was meant for non-commercial organizations, and .edu was intended for educational institutions.

Then greed got in the way and only two  of the original top level domains (TLDs)  - .go and .edu - weren't completely polluted as the domain name system began feeding on a rapidly growing money supply. The only requirement for the feast to continue: don't give a fig if a domain name is registered to a cartoon character living in the middle of the East River, so long as the cheque doesn't bounce.

So while there are pundits proclaiming how little impact Microsoft's action will have on the war against spam, I beg to differ: going after the domain registry system is the right thing to do. And it's about time.

ICANN, and the major registrars that run it, have helped spam levels reach 90+ per cent of global email, and growing. Their abuse of the original intent of the registry system made them a pile of money. They don't care. Maybe Microsoft - a company I've bashed when it was warranted and credited when that was due - deserves a round of applause for sticking a wrench into the domain name cabal's spam wagon.

The other spam enabler that has escaped: credit card companies. Let's hope somebody really big who hates spam - Google, or Hotmail (microsoft) or Twitter - goes after them next.

-g

Comments

Convergence 2.0: CTV discovers the Internet

CTV's Internet coverage of the 2010 Winter Olympics from Vancouver has been, without a doubt, a major breakthrough in the merger of traditional and new media. I'd go so far as to call it convergence 2.0

Like many Canadians with access to broadband Internet connections, we've been evolving away from traditional TV viewing and seeking the ala carte approach that's an inherent feature of the Internet: a bit of this, a bit of that, some live, some from the archives. In other words, we decide what, when, and how.

"I want to see the video of the Gold Medal pairs winners."

Click. Click. Click.

"Want to watch the Canada-Russia men's hockey game? It's on in 5."

"Sure."

Click, click, click.

We even sat through some of the commercials.

It's not perfect. (Silverlight? That's the Microsoft video client-server CTV is using. And let's just say it's not overly Apple friendly. And that's a bad idea, given the Apple-fan demographic.)

But it's liberating to be able to watch what we want, when we want, how we want. And liberation - for people who never spent a lot of time in front of traditional TV - means we've been watching more.

I suspect there's a lesson there.

-g

Comments

DISH Networks spam - kerplunc!

Update (Feb 16 - 11:46 a.m.)

No response from the DISH Network media contact. Nothing further from Matt @ kerplunc who included the phrase 'legal opt out' in his last email which, in my experience, is spammer speak for 'our unsolicited commercial email isn't spam because you can opt out'. Particularly since his 'client' didn't include any of the information required by US law (it's a US company pitching a service available only to US residents but, spammers being spammers, also being sent to Canadian recipients). One of those required bits is information about who is sending the email and providing a method for unsubscribing from their list.

----------------------

When you visit the home page of a domain name used to send junk mail - and it contains nothing more than a 'We are not spammers' rant, you know you've found a rat. A live rat.

Here's the text from the home page at http://sunsetresources.net -

Anti-Spam and Privacy Statement

Today, more than ever, privacy is a huge concern among people throughout the world. Although this system allows businesses to obtain and retain customers through e-mail marketing, we understand the importance of privacy and therefore respect the expectations of the public. This system does not distribute or sell members confidential information.

This e-mail system is utilized for sending permission-based e-mail from companies to their opt-in customers and partners.

We are strongly opposed to unsolicited e-mail. Under the terms of our customer contract, we will not knowingly allow a customer to use our product to distribute SPAM, nor allow unsolicited commercial e-mail (UCE). In regards to our enterprise software solution, we will not knowingly sell to companies that send or plan to send UCE/SPAM.

We do not retain e-mail address information after our users delete from our servers. We do not monitor or limit our users from creating e-mail messages. We do, however, quickly and fervently respond to notification of violations or abuses of our Terms of Service, including failure to honor opt-outs.

If you have questions or concerns regarding this policy, please forward a copy of the e-mail in question to abuse@tr4x.net.

The ownership of sunsetresources.net is hidden behind a privacy screen. And you'll never guess what the situation is like for tr4x.net...

I stopped there, because I didn't really know what the situation was at this point, but thought I'd lead you on.

So let's be fair about this and check on tr4x.net: ownership information hidden. Going to http://tr4x.net we get a page telling us 'This account has been suspended."

Hard to tell if that means anything, since what's on the home page isn't necessarily indicative of what's happening inside the domain.

One of the players is kerplunc.com based in British Columbia. Matt from kerplunc answered several emails today. I've asked to talk to him and his client.

-g

Comments

Spammers - Bay View Marketing et al

companiesincluding.info =  Bay View Marketing - joesmith243@gmail.com - Nerdie Networks - editdns.net - tatacommunications.com - ovh.net - gblx.net

wearestrong.info = Jason Walters - jwalters444@gmail.com - Nerdie Networks - editdns.net - travailsystems.com

hotmail.com - eastsideking88@hotmail.com

fortheman.info = Jason Walters - jwalters444@gmail.com - godaddy.com - Nerdie Networks - Editdns.net - travailsystems.com

The same players - day after day.

-g

Comments

Streaming Video

I've been watching online streaming video - a lot of it - for nearly two years. The quality keeps improving, and although there are still problems, gives me an amazing amount of ala carte TV from around the world.

And a lot of what I watch is often suddenly cut off in mid-show. "This stream has been suspended / terminated at the request of the copyright holder."

So here I am watching Super Bowl LXIV- or trying to. Sure I could watch in on cable, but I don't want to. Partly because Canadian cable will cover the SB commercials with local ads for Joe's Garage.

Much of the streaming video I see is re-broadcast live from various networks around the world. Complete with the advertising.

Now if I was a TV network, and I knew Internet users were re-broadcasting my content - complete with ads - would I go out of my way to kill the re-broadcast and the ads that go with it?

Wonder what the advertisers think about that.

-g

PS - Watched the SB online. Streaming channels kept getting shut down, usually in the middle of an ad.

Comments

Facebook just 404'd

At first, it wouldn't let me Like a comment - then it wouldn't let me comment on a comment. And then it went dark:

http://www.facebook.com/

404 - Not Found

Comments

Jason Walters domains and hotmail top spammers today

Here's some of what showed up today in the spam folder:

birdseeders.info - Jason Walters jwalters444@gmail.com - editdns.net - travailsystems.net pantsandthings.info - Jason Walters jwalters444@gmail.com - editdns.net - travailsystems.net theplanet.com comcast.net yahoo.com hotmail.com softlayer.com

-g

Comments

Bayview Marketing - persistent spammer

The same pattern with some slight variations - day after day:

yardtop.com + Bayview Marketing +  Nerdie Networks + editdns.net + ovh.net + gblx.net

blasteduncap.com + Bayview Marketing + Nerdie Networks + editdns.net + nobistech.net

bootwindow.com + Bayview Marketing + Nerdie Networks + editdns.net + gblx.net

The domain names change, but the three pieces in the middle remain the same.

-g

Comments

A.G. Bell Redux - Fibre to the Home (FTTH)

The best conference I've ever attended was back in the 1980's in Baddeck, Nova Scotia, in honour of Alexander Graham Bell, who's famous as the inventor of the telephone yet generally overlooked for what he considered his most important discoveries which laid the foundation for fibre optics.

Fibre optics arrived here, today, after a very long wait.

And the difference is dramatic:  Download speeds have jumped by 10 times. Upload speeds increase 14 times. But that's just the math.

The Bell conference - by invitation only and including senior players at the Bell Labs, the Canadian Space Agency, the telephone world, National Geographic and so on - wasn't just good. It was shockingly good: slides from deep space never before seen in public, hundreds of amazing National Geographic photos from a half dozen projectors, presentations that talked of developments that would change the world, of historic inventions that already had.

Today, my internet connection went from copper wire to glass fibre.

And it brings closer to fruition a prediction one of the conference attendees - and a great Bell admirer made during lunch one day.

"I live in New York," he said. "And my mother lives in California. With fibre optics, the day will come when we'll be able to sit at the same table for Thanksgiving dinner and I'll be able to see her as clearly as I can see you. There will be a camera at her end, and a camera at ours. And we'll see each other in wall-sized screens. And it will be so realistic, it will be just like being in the same room. Except for one thing: We won't be able to pass the gravy."

- G

Comments

Another set of spam tracks

The name that keeps showing up in a series of similar domain names / spam is BayViewMarketing. They're supposedly based in Oregon and, while they have various web and mail hosts all over the place, they always appear to use the DNS servers provided by Nerdie Networks @ editdns.net which leads back to GKG.Net Domain Proxy Service listed at a PO Box in Bryan, Texas.

Here's BayViewMarketing's registration information, which ends with a Gmail email account:

 Registrant Address: 14525 SW Millikan Way 27755
 Registrant City: Beaverton
 Registrant State/Region/Province: OR
 Registrant Postal Code: 97005-2343
 Registrant Country: US
 Registrant Tel No: 1.9712282955
 Registrant Fax No: 1.9713401185
 Admin Name: Bayview Marketing
 Admin Company: timetodolimited.com
 Admin Email Address: joesmith243@gmail.com


-G

Comments

Today's Spam Tracks

Spam today included the following participants (as the source, the website host, the DNS service, or the domain name registration):

Limestone Networks - limestonenetworks.com

Gogax Hosting - gogax.com

Nobistech - nobistech.net

MTO Telecom - mtotelcom.com

MyLife - Mylife.com

Wild West Domains - wildwestdomains.com

Nerdie Networks - EditDNS.net

Bayview Marketing Group - registered owner of various spammy domains

-g

Comments

Stephen's First Law of Technology Issues

When confronted with malfunctioning technology, the problem with invariably resolve itself exactly 5 seconds after you go to the effort of contacting technical support.

Comments