SEB Mailbag: Hilariously bad extortion email from the “FBI.”

unbearable_consequencesBeing a famous and world renowned blogger such as I am I tend to get a lot of phishing emails where the authors attempt to convince me to send them money. This time out it arrived in the form of yet another letter from the Federal Bureau of Investigations. This isn’t the first time I’ve heard from the “FBI.” I got two emails from them just days apart back in 2008. Back then they contained offers to help me acquire money that I had inherited in another country.

This one is a different story. This one is a threat to ruin my life. Well, it starts that way at least. Then it suggests that the sender knows I wasn’t the person who engaged in the illegal activity because my identity had been used by someone else, but I could still face the consequences unless this person helps me because he’s a Good Christian® and would hate to see me go to jail. (You gotta love how they toss some religion in there.) So if I wire some dude in some other country who doesn’t even have an FBI mailing address $250 he’ll get the whole thing straightened out for me PLUS I’ll get the $10.5 million that I was promised in the previous emails that got me in this mess to begin with! This guy is all over the place and can’t decide which route he should go to convince me to send some money. If one approach is good then all of them must be better, right?

Here’s the hilarious email complete with spelling and grammar errors:

From: “Federal Bureau Of Investigation”<info@fbi.us>
Subject: Re: Final Warning From FBI.

FBI headquarters in Washington, d.c.
Federal bureau of investigation
J. Edgar Hoover building
935 Pennsylvania avenue,
NW Washington, d.c. 20535-0001
Federal bureau of investigation (FBI)

Attention Needed.

Attention to you. This is the final warning you are going to receive from me do you get me????

I hope your understand how many times this message has been sent to you?.

We have warned you so many times and you have decided to ignore our e-mails or because you believe we have not been instructed to get you arrested, and today if you fail to respond back to us with the payment then, we would first send a letter to the mayor of the city where you reside and direct them to close your bank account until you have been jailed and all your properties will be confiscated by the FBI. We would also send a letter to the company/agency that you are working for so that they could get you fired until we are through with our investigations because a suspect is not suppose to be working for the government or any private organization.

Your id which we have in our database been sent to all the crimes agencies in (USA) for them to insert you in their website as an internet fraudsters and to warn people from having any deals with you. This would have been solved all this while if you had gotten the certificate signed, endorsed and stamped as you where instructed in the e-mail below. this is the federal bureau of investigation (FBI) am writing in response to the e-mail you sent to us and am using this medium to inform you that there is no more time left to waste because you have been given from the 13th of January. As stated earlier to have the document endorsed, signed and stamped without failure and you must adhere to this directives to avoid you blaming yourself at last when we must have arrested and jailed you for life and all your properties confiscated.

You failed to comply with our directives and that was the reason why we didn’t hear from you on the 13th as our director has already been notified about you get the process completed yesterday and right now the warrant of arrest has been signed against you and it will be carried out in the next 48hours as strictly signed by the FBI director. We have investigated and found out that you didn’t have any idea when the fraudulent deal was committed with your information’s/identity and right now if you id is placed on our website as a wanted person, i believe you know that it will be a shame to you and your entire family because after then it will be announce in all the local channels that you are wanted by the FBI.

As a good Christian and a honest man, I decided to see how i could be of help to you because i would not be happy to see you end up in jail and all your properties confiscated all because your information’s was used to carry out a fraudulent transactions, i called the efcc and they directed me to a private attorney who could help you get the process done and he stated that he will endorse, sign and stamp the document at the sum of $250.00 usd only and i believe this process is cheaper for you. You need to do everything possible within today and tomorrow to get this process done because our director has called to inform me that the warrant of arrest has been signed against you and once it has been approved, then the arrest will be carried out, and from our investigations we learn that you were the person that forwarded your identity to one impostor/fraudsters in Benin Republic last year when he had a deal with you about the transfer of some illegal funds into your bank account
which is valued at the sum of la

I pleaded on your behalf so that this agency could give from tomorrow on,so that you could get this process done because i learn that you were sent several e-mails without getting a response from you, please bear it in mind that this is the only way that i can be able to help you at this moment or you would have to face the law and its consequences once it has befall on you. You would make the payment through western union money transfer with the below details.

Receiver name: Okagbue Christian
Country: Republic Nigeria
City: Abuja
Text question: You
Text answer: Me
Amount: $250
Senders name:
Senders Country:

Send the payment details to me which are senders name and address, mtcn number, text question and answer used and the amount sent. Make sure that you didn’t hesitate making the payment down to the agency by today or tomorrow so that they could have the certificate endorsed, signed and stamped immediately without any further delay. After all this process has been carried out, then we would have to proceed to the bank for the transfer of your compensation funds which is valued at the sum of $10,500.000.00 MILLION U.S. Dollars which was suppose to have been transferred to you all this while.

Note/ all the crimes agencies have been contacted on this regards and we shall trace and arrest you if you disregard this instructions. You are given a grace tomorrow to make the payment for the document after which your failure to do that will attract a maximum arrest and finally you will be appearing in court for act of terrorism, money laundering and drug trafficking charges, so be warned not to try any thing funny because you are been watched.

Thanks as i wait for your response

Respectively:

Agent Norman Wood.
E-mail: drnormanwood@qq.com
Federal Bureau Of Investigation (FBI)

If you’re still running Windows XP you’ve got one year of support left.

roadends_by_Johan_Larsson_flickrIt’s amazing to think that Windows XP has been around since 2001 and there are still a crap load of people using it daily. Microsoft has been supporting it all along with new patches for any vulnerabilities that are found, but unfortunately that support will be coming to an end in just about a year’s time:

Windows XP, Internet Explorer 6, Office 2003 enter their final support year | Ars Technica.

Windows XP drops out of extended support on April 8, 2014. As of April 9, 2014, there will be no more security updates or other fixes made for the ancient operating system.

Joining it are Internet Explorer 6 on Windows XP, Office 2003, and Exchange Server 2003. Exchange Server 2010 Service Pack 2 will also end support on that day, but newer Service Packs will continue to be supported. Naturally, this also includes “Windows XP Mode” in Windows 7 and other virtualized solutions.

If you’re one of the 38% of folks who still run Windows XP then now is the time to start considering moving on to something else. Once support for patches ends the longer your continue to use the OS the more vulnerable you will become. It’s impossible to patch every possible exploit and it’s only a matter of time before new ones are found. The more unpatched vulnerabilities discovered the more likely you are to fall victim to one. Especially if you spend any amount of time on the Internet.

So what should you make your next OS? That depends on you and your needs. Microsoft is, of course, hoping you’ll make your next OS Windows 8, but unless you’re going to buy a new computer with a touch interface of some sort then it’s probably not the ideal choice. Windows 7 would probably be a better option and it’ll continue to be supported for many years to come. If you’re buying a new machine and aren’t interested in Windows 8 then there’s always the Apple Mac as an option, though it would mean learning the ins and outs of an entirely new operating system and putting up with Apple’s annoying attitude of dictating how you use the hardware you spent so much money on. If you have older hardware and don’t want to upgrade or spend any money there’s always several flavors of Linux available to choose from. With a year left of support for XP you’ve got some time to investigate the various options and make a decision.

Google is killing Reader and I’m hating all the possible replacements.

googlereadertombstoneGoogle announced recently that they’re going to close down their RSS aggregator called Reader due to declining usage and their desire to concentrate development resources in other areas. I’ve used Google Reader for years now, pretty much since it was launched in 2005. It’s how I keep up with the couple hundred different blogs and websites without having to visit each and every one of them in turn. Needless to say this announcement was very distressing, but all good things come to an end and it’s not like they’re the only RSS aggregator out there so I started looking into alternatives.

In the past few weeks it became clear that what Google considers a “small” group of users is still huge compared to anyone else as just about every other RSS aggregator I tried was swamped with people checking it out after the announcement. The three most recommended ones I tried were Feedly, Newsblur, and The Old Reader.

Newsblur was almost completely useless at the start because its servers were so overwhelmed by all the folks jumping ship. Things have settled down since then and I’ve had a chance to try it out a bit and it certainly seems to have the most features, but it’s also limited to 64 feeds with 10 stories max unless you subscribe to their service. It’s only $24 a year and it might be worth it, but I’ve not used it enough to make that determination yet. It’s one I’ll definitely be playing with more, but my initial impression is that it’s trying too hard to be everything to everyone and the fact that it requires a subscription to really be useful is a negative. It also doesn’t appear to be able to share items with anyone who isn’t a Newsblur user. I’ve gotten used to sharing items on my Google+ page and Newsblur doesn’t support that.

Feedly also was near useless in the immediate aftermath, but it has since become more stable. It wants to present your feeds in a magazine format that’s quite different from Reader’s layout. Ultimately it suffers from what I call “Apple Computer Syndrome” in that it’s very pretty but it wants you to do things its way instead of the way you’d want to do them.

I have a particular way that I go through my RSS feeds in Reader and getting Feedly to allow me to do the same thing has been a real pain in the ass. Some things can be set as default through the preferences option (full articles as opposed to excerpts with a pic next to it), but other things have to be configured on a per-feed basis (showing only unread vs all articles). Considering that I have 200+ feeds having to tell each and every one of them that I want to see both read and unread articles is damned annoying. How you sort feeds in Feedly is also a mystery to me. I want mine sorted alphabetically, but by default it sorts them by who has the newest content. I seem to have somehow gotten it to sort alphabetically, but I have no idea how I did that.

It’s also slow compared to Reader and it becomes even slower if you have a crappy network (like I do at work). Lastly it seems to have a habit of skipping over some articles in a feed. I’ll get to the end of new articles, but it’ll still show 5 or 6 as still unread and if I click on the feed again it’ll suddenly show new items between the items I’ve already seen as if it had them in its pockets and just forgot to show them the first time around. But it is very pretty and it will let me share items to my Google+ page as well as Twitter and Facebook and a couple of others I don’t recognize so it has that going for it.

The Old Reader is an attempt to clone Google Reader from back when it was more of a self-contained system. When you shared items back then it wasn’t posted to your Google+ steam because Google+ didn’t exist back then. Instead it was only shared with other GReader users that had marked you as a friend or subscribed to your shares. TOR also suffered from the sudden influx of new users, but it didn’t seem to impact the functioning of the application so much as it did it’s ability to import your Google Reader subscription lists. You can export your subscriptions as an OPML file that you can use to import them into another RSS aggregator. I did with this TOR and it was nearly two weeks before it got around to actually processing it because so many other people were trying to do the same thing.

That said, TOR is the closest so far to Reader in terms of how it does things and it’s relatively speedy once it gets your subscriptions imported. The ability to rearrange subfolders has a couple of annoying quirks, but you can work around them. It’s definitely a work in progress and its performance will vary as a result, but the biggest negative against it is the same one Newsblur has. That it will only share with other users of TOR.

So, for the moment, I’m still trying to use GReader until they yank the plug or I find an aggregator that does everything I want. Alas, Google appears to have broken GReader’s ability to share items with Google+. When I try to do so these days it’ll pop up the box and I’ll get halfway through typing in a comment only to have the box suddenly disappear and all my key-presses interpreted as keyboard shortcuts screwing up where I am and losing the share in the process. It’s damned annoying. So I keep hopping back and forth between Feedly and GReader and finding I’m not happy with either one.

Granted, in the grand scheme of things RSS aggregators are pretty low on the list of most import things ever and it’s definitely a First World Problem I’m bitching about, but that won’t stop me from pouting over it.

I have lived this nightmare.

That day was not a good day.

The transistor revolution put in perspective.

Adam Savage gives us a guided tour of how far along computing has come in 60 or so years:

You’ve come a long way, baby! It’s interesting to note that the massive 1GB HD they have is from 1981 back when I was cutting my teeth on a Commodore 64 with a 177K 1541 floppy drive.

Anyone else seeing Viagra spam being inserted into SEB posts?

A user contacted me through ***Dave to let me know he was seeing extra content in SEB entries that didn’t look like it belonged there. He sent along a screenshot and a copy of the HTML source and, yep, there appeared to be extra paragraphs with spam links being inserted among the other text.

Here’s the screenshot:

Click to enlarge (ha!).

Awhile back there was some WP hacks going around (mainly through compromised plugins) that would insert hidden spam into a template that only showed up when you did a Google search for the blog in question, but otherwise didn’t show on the live site itself. This, however, appears to be something totally new.

I’ve checked SEB pretty thoroughly and it doesn’t appear to be anything generated here. The reader who reported the problem has since followed up saying that it only happens on his work laptop and not his personal machines at home. ***Dave also verifies that he doesn’t see it on any of his machines. I check SEB on a number of different PCs and smartphones regularly and I’ve never seen this happen so I’m assuming it must be something on the user’s laptop, but he says it only happens when he views SEB which seems oddly specific.

I can’t find anything on Google that seems to match this odd situation so I’m turning to you guys to see if anyone else has experienced this with SEB or something similar with some other site. Anyone else seeing this happen or know anything about a possible hack or virus that could cause it? Let us know in the comments.

The Commodore 64 is 30 years old.

I still hear the song from the commercial every time I see one.

I owe my career as a tech support wizard to my Dad and his decision to purchase a Commodore 64 way back when I was but a young teenager. He intended it to be used by everyone in the family, but it wasn’t long before I was monopolizing the machine. The love affair started off slowly because in the beginning all we had was the tape drive for loading software and it was an agonizingly slow experience. I’d often start a program loading and then go off and make lunch, watch something on TV, play with some friends, and then come back to find it was only halfway through the process. Things improved dramatically when he brought home a 1541 floppy disk drive and load times went from infinity to mere minutes.

Things opened up even more when someone, I don’t recall if it was my parents or myself, bought the 1660 300 baud modem for the machine and I discovered the world of Dial-Up Bulletin Board Systems (BBS). Long before I ever started SEB I used to run a BBS on my trusty Commodore 64 (later Commodore 128 and eventually Amiga) with just two 1541 Disk Drives (170K each!). Later I added a Buscard II IEEE which allowed me to utilize four Commodore SFD 1001 floppy drives that could hold 1.02 megabytes each! Yes, back in the heady days of 1983 my little C64 BBS could store a massive 4.08 megabytes at once!

Introduced in January of 1982 for $595 (roughly $1,110.26 in today’s dollars) I was reminded of this event by the BBC which did an article about it the other day because it officially hit shelves in August of that year. Go check out their article as it contains a video clip where an old-timer shows his vintage C64 to some kids to get their reaction to it. You’ll note that he’s loading games from a tape drive instead of a 1541 floppy drive. I can recall seeing C64 magazines imported from the UK that often had free games on tapes long after everyone I knew in the U.S. had moved up to floppies. Turns out they came up with all manner of ways to compress the hell out of programs on tape which made loading from a tape drive a little more bearable so they kept using them. While the 1541 floppy was faster it had its own problems that kept it from being as fast as it should have been which led to Epyx games putting out the wildly successful FastLoad Cartridge which pretty much everyone in the States who gamed on a C64 ended up buying.


Turn on captions to see game names. Though two of them are incorrect (e.g. M.U.L.E is listed, but wasn’t the game shown).

Speaking of gaming, the Commodore 64 was a large part of the reason I’ve never owned a Nintendo game console of any kind. When the video game market crashed in 1983 it looked like the end of console gaming until Nintendo’s NES game out in 1985 and revitalized the market. By that time I’d been gaming on the Commodore 64 for a couple of years and there wasn’t a whole lot on the NES that appealed to me. In fact, had the market not crashed I don’t know if I’d have gotten as into the C64 as I did. Games on the Atari 2600 pretty much dried up after the collapse and that moved my attention to the Commodore (we picked up an Atari 5200 just before it all went to hell, but I never owned more than 5 games for it).

By the time I moved to an Amiga in late 1985 I had owned at least three Commodore 64s (one for the BBS, one for general use, and a replacement when one of the two died) and a Commodore 128, which was largely a C64 as very little software was ever made for 128 mode. I shut the BBS down in 1986 until I picked up an Amiga 2000 and started it back up for awhile only to turn it off for the final time in 1996 as the Internet started to come into general usage by the masses, but the C64 was where I cut my teeth on computing and first dabbled in programming.

Yes, the nostalgia is strong with this one. Watching the clip above of old games makes me want to fire up an emulator and see if I can’t track a few of them down. I don’t think I ever finished Impossible Mission. Which means the name was probably correct. Happy Birthday Commodore 64! You not only gave me hours of education and entertainment, but a career.

Religious sites are more dangerous than porn sites for getting malware.

We all have that one friend/relative/client who seems to get infected with some form of virus or malware every week and those of us who take on the task of cleaning up their PCs every time they do always tell the same joke: This wouldn’t happen if you’d stop visiting all those porn sites.

But it turns out that it’s actually religious sites that are the real malware threat. At least according to a report from the folks at Symantec:

The average number of threats found on religious sites was 115 mostly fake antivirus software. By contrast, pornographic sites had less than a quarter, at around 25 threats per site. Of course, the number of pornographic sites is vastly greater than religious sites.

According to Greg Day, Symantec’s security CTO for Europe, the Middle East and Africa, while trojans may seem more serious, “if you have installed fake AV you may think you are protected, when in reality you are open to all sorts of attacks.”

This does make a certain bit of sense when you think about it. A lot of religious websites are set up and maintained by church people with varying degrees of computer skills whereas most successful porn sites are run by people who know what they’re doing and how to secure their platforms. No one thinks the asshats who put malware out on the net are going to bother with some piddly-ass church site so there’s less concern about updating software or locking down server access even if the person running it has a clue how to do those things. From the hacker’s point of view, however, every PC infected is one more PC in the botnet that can send out spam/DDoS attacks/whatever. A lot of attempted hacks are automated with scripts these days so if it’s trivial to hack a site and install your malware it’s worth doing so even if it only nets you a handful of PCs. Not like the hackers themselves even have to think about it.

Which is why you should always wear a condom when you go to religious websites. You know, just to be safe.

ISPs and FBI warning about a nasty rootkit called Alureon.

I got an email from an SEB regular about an email they got to check their PC to see if it’s infected that directed them to DCWG.org. She wanted to know if it was legit or a scam. I checked it out and wrote back and I thought the info would be useful for others so here’s her original email followed by my reply:

Subject: dcwg scam

Not hate mail, but a query:  Is this dcwg.org computer checking site that the FBI is sending us to legit?

You’re the only computer guy I “know” [and not in the biblical sense!]

And my reply:

I hadn’t heard about it before, but it doesn’t appear to be a scam. Their about page (http://www.dcwg.org/aboutcontact/) says it’s a joint effort between the FBI, Georgia Tech, The Internet Systems Consortium, Mandiant, National Cyber Forensics and Training Alliance, Neustar, Spamhaus, Team Cynmru, Trend Micro, and the University of Alabama at Birmingham. That’s a pretty impressive group and many of them have links back to dcwg.org. They also provide several links to the FBI (http://www.fbi.gov/news/stories/2011/november/malware_110911) and other sources for confirmation, plus there’s a good number of news articles about it (http://www.usatoday.com/tech/news/story/2012-04-20/internet-woes-infected-pcs/54446044/1). On top of that there’s a number of articles about it at various ISP such as Comcast (http://forums.comcast.com/t5/Security-and-Anti-Virus/DNS-Changer-Bot-FAQ/td-p/1215341). The fact that it has pretty good prominence on Google’s search is a good indicator it’s legit as well.

If you were sent a notice from your ISP I’d take it seriously and run a couple of the tests to verify. This is a nasty rootkit that modifies what DNS servers you connect to to resolve domain names (it’s how you get from typing in stupidevilbastard.com to an IP address the computer can understand which for SEB would be 209.240.81.155). The rootkit modifies the hosts file on your PC and can, apparently, even modify some home routers as well (especially if you never changed the default password). One clear sign is if your antivirus software has been disabled, but check the links for more info. It appears it’s the Alureon rootkit which you can read more about at Wikipedia: http://en.wikipedia.org/wiki/Alureon

Don’t panic too much. Even if you are infected and lose connectivity in July your PCs can be fixed. The reason they’re working now is the FBI has seized the rogue DNS servers and replaced them with non-naughty ones, but they’re not going to keep them running forever. When they shut them done in July your PC won’t be able to resolve domain names. It’s not that you’re not connected to the net, just that you’d be limited to typing in IP addresses like the one I gave you for SEB. That bypasses DNS altogether.

Les

Microsoft’s official write up on Storage Spaces in Windows 8.

If you want to know all the nitty-gritty details then this article gives a pretty in-depth look at it. I'm really looking forward to Windows 8 and getting my hands on some of these new tools.

Virtualizing storage for scale, resiliency, and efficiency

In this post, we are going to dive into a feature in the Windows 8 Developer Preview. Storage Spaces are going to dramatically improve how you manage large volumes of storage at home (and work). We’ve all tried the gamut of storage solutions—from JBOD arrays, to RAID boxes, or NAS boxes. Many of us have been using Windows Home Server Drive Extender and have been hoping for an approach architected more closely as part of NTFS and integrated with Windows more directly. In building the Windows 8…