Latest e-mail scam: death threats
I guess since the Nigerian scams are too common people are working on new angles to rob people via email. This is a great one too, the email purports to be from a contract killer with the recipient being the intended target, but the killer will renege on the killing if the person will cough up some cash. It said, in part, “Am very sorry for you my friend, is a pity that this is how your life is going to end as soon as you don’t comply. … I don’t have any business with you, my duty as I am mailing you now is just to KILL/ASSASINATE you and I have to do it as I have already been paid for that. [...] Get back to me now if you are ready to pay some fees to spare your life, If you are not ready for my help, then I will carry on with my job straight-up.“ The FBI reports that it started seeing these emails about 6-8 months ago, and they’ve traced at least one to Eastern Europe. It looks like they’re even starting to resort to some standard phishing tactics to get more personal information out of people, “…some bold thieves have even used the e-mails on FBI letterhead, or claim to be from the Department of Justice, Internal Revenue Service, Social Security Administration or Better Business Bureau. Typically, they say some kind of complaint was filed and ask the recipient to make a phone call, click a hyperlink or open an attachment — tricks designed to steal personal information.“ So just remember, if any of this were true they would not be contacting you via email.
AT&T DSL plan for $10/month
I’m in no way endorsing AT&T, but I’m encouraged when I see a more ‘tiered’ approach from ISPs, and DSL for $10/month is a great choice for consumers. It seems that this tiered or ‘naked DSL’ is only being offered up by AT&T as part of the “…concessions made by AT&T to the Federal Communications Commission to get its $86 billion acquisition of BellSouth Corp. approved last 
December.” The speeds are what you’d expect for the price, 768 kilobits per second and upload speeds of up to 128 kbps, but this is far and away fast enough for 90% of subscribers I bet, the ’speed’ that they try to sell is not something a normal user is going to bump up against. In what makes it seem even more of a concession instead of a new marketing initiate is that, “The plan was not mentioned in a Friday news release about AT&T’s DSL plans, and is slightly hidden on the AT&T Web site. A page describing DSL options doesn’t mention it, but clicking a link for “Term contract plans” reveals it. It’s also presented to customers who go into the application process.” Let’s hope this is a sign of things to come, America trails most other countries in high-speed internet usage, and with so much going on online, you really need a high-speed connection to really take advantage of it. A $50/month 1.5/768 is really not needed by most, it’s a rip-off for them, but $10/month is something they would get great benefit from without being fleeced.
Spam levels mysteriously fall 30% in a week
This is an amazing statistic, particularly after knowing how much email was just spam as of last month, the level of spam is down 30% from last week. “After rising steadily for many years spam levels have mysteriously dropped 30% in the first week of January. According to SoftScan the most plausible explanation is that a botnet has broken down and lost control of it’s zombie computers. Other possible explanations have been put forward including a large number of infected machines getting replaced by new computers received for Christmas or spammers being isolated by the Asian earthquake. Both explanations are considered unlikely. Spam accounted for almost 9 of 10 emails in December. Diego d’Ambra, SoftScan’s chief technology officer, said that governments will probably be forced to take a tougher stance on spam due to the sheer volume of the problem.” That would be amazing if they could tie it to people getting new computers over the holidays and finally shutting down their trojan based messes. Of course it’ll just be a matter of time until their systems get back to that state and they start complaining their computers are ’slow’ (wonder why?). I’m sure buying a new computer next year will solve that.
Flame Wars sparked by misread emails
Over at The Inquirer.net, they have a great article about the fact that flame wars are often sparked by misread emails, or if not misread, misinterpreted! Hmmm…this hits home since I know some disagreements have started over similar circumstances. ”According to a new study published by the Journal of Personality and Social Psychology, people only have a 50-50 chance of detecting the tone of an email. However they actually think they have guessed it right 90 per cent of the time. Psychologist Nicholas Epley of the University of Chicago said that this of course leads to flame wars when people misread an e-mail’s content or see a post on a message board. Part of the problem is that people think the tone or emotion in their messages is obvious because they ‘hear’ the tone they intend in their head as they write. Those reading messages interpret them based on their current mood, stereotypes and expectations.” Ok, start the “I hate it when you get defensive like this” replies! 
* <-j/k
Rating the risks
An interesting survey of 332 IT “executives” and managers by Forrester Research shows their concerns with outgoing email and IM data. Their take:
- 25% of outbound E-mails contain content that poses a legal, financial, or regulatory risk36% of companies employ staff to read or analyze outbound E-mail
47% intend to deploy technology for monitoring Web mail or IM traffic
70% are concerned about the use of Web-based E-mail to expose confidential data
77% say preventing intellectual-property and trade-secret leaks is their top E-mail concern
This is something that has long been terribly lax if you ask me. Think about all the web based email sent from a work computer, along with simple instant messaging, but then think on to people taking laptops home and the proliferation of USB ‘thumb-drives’ now hitting 2 Gig. These are the next real concerns, but locking down networking should be the first. Don’t get me wrong, I’m all for personal privacy, but if it’s going to pose a risk to a company they should not allow it. Those comments above about staff reading and monitoring email and IM should be a wake up call; DON’T USE YOUR WORK EMAIL FOR NON WORK STUFF! My solution is to only use SSL for my connection to my home email server, along with TLS encrypted Jabber IM communication. Not that I have anything to hide…
How to Be a Curmudgeon on the Internet
David Pogue of the New York Times has written a great piece titled How to Be a Curmudgeon on the Internet which covers how rude and arrogant people are in their criticisms when sent via email. It’s so true, the autonomy gives authors a “right to speed” as it were. People think they’re entitled to say what they want, without thought of reprisal, since they’re behind a veil of ones and zeros. Hopefully someone will post about how wrong I am for re-posting this article. ”Last week in my Times column, I referred to the five-note “Intel Inside” jingle often heard in TV ads. At least a dozen readers e-mailed me to inform me that the jingle is actually four notes, not five. As I’ve come to expect, some of these readers expressed, ahem, somewhat more anger than the circumstances might have seemed to require. “If you have that much trouble counting on one hand,” one wrote, “you shouldn’t be reviewing technology. Maybe a four-year-old can help you out next time.”
I replied to this reader that I’m including the first “ping” in my tally. In that case, there ARE five notes in the jingle, as you can hear Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser. . But my correspondent never wrote back. That, of course, would violate the rules for being an Internet pill, reprinted here in their entirety, courtesy of the Pills of the American Internet Neighborhood Society (PAINS): RULES FOR TROLLS AND PILLS
RULES FOR TROLLS AND PILLS
WHEREAS, 95 percent of all the e-mail received by critics and columnists is civil, friendly or respectfully constructive;
but WHEREAS, this is the Internet age, and we’re all anonymous and can avoid making eye contact forever;
and WHEREAS, there’s so much information overload, a little heat and drama on your part may be necessary just to be heard above the din;
and WHEREAS, many of those who fire off potshots are missing out on some of the best techniques for effective snippiness;
THEREFORE let us now post the rules for membership in the Pills of the American Internet Neighborhood Society.
1. Use the strongest language possible. Calling names is always effective, and four-letter words show that you mean business.
2. Having a violent opinion of something doesn’t require you to actually try it yourself. After all, plenty of people heatedly object to books they haven’t read or movies they haven’t seen. Heck, you can imagine perfectly well if something is any good.
3. If it’s a positive review that you didn’t like, call the reviewer a “fanboy.” Do not entertain the notion that the product, service, show, movie, book or restaurant might, in fact, be good. Instead, assume that the reviewer has received payment from the reviewee. Work in the word “shill” if possible.
4. If it’s a negative review, call the reviewer a “basher” and describe the review as a “hatchet job.” Accuse him of being paid off by the reviewee’s rival.
5. If it’s a mixed review, ignore the passages that balance the argument. Pretend that the entire review is all positive or all negative. Refer to it either as a “rave” or a “slam.”
6. If you find a sentence early in the article that rubs you the wrong way, you are by no means obligated to finish reading. Stop right where you are–express your anger while it’s still good and hot! What are the odds that the writer is going to say anything else relevant to your point later in the piece, anyway?
7. If the writer responds to your e-mail with evidence that you’re wrong (for example, by citing a paragraph that you overlooked), disappear without responding. This is the anonymous Internet; slipping away without consequence or civility is your privilege.
8. Trolling is making a deliberately inflammatory remark, one that you know perfectly well is baloney, just to get a rise out of other people. Trolling is an art. Trolling works just fine for an audience of one (say, a journalist), but of course the real fun is trolling on public bulletin boards where you can get dozens of people screaming at you simultaneously. Comments on religion, politics or Mac-vs.-Windows are always good bets. The talented troll sits back to enjoy the fireworks with a smirk, and never, ever responds to the responses.
9. Don’t let generalities slip by. Don’t tolerate simplifications for the sake of a non-technical audience. Ignore conditional words like “generally,” “usually” and “most.” If you read a sentence that says, for example, “The VisionPhone is among the first consumer videophones,” cite the reviewer’s ignorance and laziness for failing to mention the prototype developed by AT&T for the 1964 World’s Fair. Send copies of your note to the publication’s publisher and, if possible, its advertisers.
And there you have it: the nine habits of highly effective pills. After all: if you’re going to be a miserable curmudgeon, you may as well do it up right!
Sending 10,000 spam emails a minute
Earlier in the week I talked about the biggest security worry home users should have is that their systems can be hijacked, taken over, and used as a zombie to blindly send out spam emails. I had no idea how many a standard home DSL setup could handle, but learned from this article that it’s huge. ”Today, the biggest problem is “zombie” computers that have been hijacked by trojans, viruses, or other badness to do various nefarious tasks without the owners’ knowledge. A very popular nefarious task is–surprise!–spamming. On a regular DSL connection, a regular PC can attempt to deliver up to 10,000 messages per minute.[source] The zombie machine goes down its list of addresses, tries to connect to the mailserver associated with the next address, and if connects, it delivers the message. If it doesn’t connect, it just goes down the list.”
Please verify your account
Got another PayPay phishing email today, my filters caught it no problem, so now let’s pollute their database of username and passwords. Here’s the direct link to the
Phishfighting page that will flood the phisher’s site with bogus usernames and passwords. If you’re using Firefox I recommend center clicking on the link 5 times (or more) and leave those tabs open for a day (or more). Have fun.
UPDATE: yep, after leaving it there all day while I was out I return to see the link throwing a 503 – server unavailable. Sweet. Don’t let that stop you, there are plenty more: here’s a fake eBay one, and a fake PayPay one. Also, I’m flattered that PhishFighting has a quote of mine “After a good defense we need a good offense – fak3r.com” in the left column on the front page.
HOWTO: Install Roundcube Webmail from SVN (was CVS) on FreeBSD
UPDATE3: The FreeBSD port is keeping up with this project very well, the current one is only 5 days old! I highly recommend going this route unless you’re a developer or someone who likes to get the bugs before anyone else! 
Thanks to Bernard for bringing this up.
UPDATE2: Roundcube now uses SVN (Subversion) for version control instead of CVS, I’ve updated all effected instructions.
UPDATE: Looking at the download page for Roundcube, I see that There’s also a Spanish version of Phil’s guide written by Daniel A. Rodriguez. ¡se ha traducido eso es lejano hacia fuera, yo! You can find the link here , I hope that helps. I would like to see more translations of HOWTOs in general, I wish there was a good Firefox plugin to translate pages (well) on the fly.
In all my years of running a mailserver at home, I’ve used quite a few different webmail apps to find the balance of functionality and style that I’ve been craving. This includes Horde/IMP, Squirrelmail, IlohaMail, OpenExchange, Hula (as well as a couple of others) but all were either lacking functionality, style, or readiness (Hula I’m looking at you). A few months ago I stubled across Roundcubemail, a webmail app which aims to provide an application-like user interface, which it does. When you can drag and drop mail to a folder, you know you’re dealing with something pretty new, and AJAX related. The smoothness and speed of refreshes when you switch folders (along with the ‘spinner’ at the top of the screen to give you needed feedback) is just a breath of fresh air.
Try out the demo to see what all the fuss is about if you’re looking for a LAMP based IMAP webmail solution. Time will tell, but this project’s out of the gate showing makes me think it’s going to be a great app. Let’s hope they keep the configuration and options to a sane amount, unlike other webmail apps (Horde/IMP, I’m looking at you), so they can keep their clean, non-bloated feel. Since I’ve installed it I’ve moved on to nightly rebuilds from CVS, so I thought I’d document the steps needed to run the latest CVS version of Roundcubemail on FreeBSD. While there is a FreeBSD port in the ports tree (mail/roundcube) it is far out of date, so the CVS version is recommended since there are so many changes happening day-to-day with it. Once running you should also join the dev@lists.roundcube.net mailing list to keep abreast of, and report any, bugs that need ironing out. This HOWTO assumes you have a webserver (www/apache2), a mail transport agent (mail/postfix), and an IMAP server (mail/dovecot) installed and working. I brought them up and tested them with Squirrelmail (mail/squirrelmail), since it’s almost as easy to setup and always “just works”. SO, without further babble, here’s my first (of many) HOWTOs on fak3r.com.
HOWTO: Install Roundcubemail from CVS SVN on FreeBSD
- NOTICE: This document assumes you already have a webserver running with PHP support, a mySQL database a Mail transport agent, an IMAP server and the Subversion client to check out the code.. My configuration consists of Apache2 (www/apache2), PHP 4 (lang/php-4), mySQL 4.x (database/mysql40-server), Postfix (mail/postfix) and Dovecot (mail/dovecot). Additionally this install was done on FreeBSD 6.0, but I see nothing specific that would stop the same procedure to allow Roundcubemail on 5.x, 4.x or even any Linux distribution. Feedback on this is welcome.
1) As root, change to the webroot of Apache
cd /usr/local/www/data-dist2) Login to the Sourceforge Roundcubemail CVS server (when prompted for a password, just press ENTER)
cvs -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/roundcubemail login
2) Checkout Roundcubemail from the Sourceforge SVN server (when prompted, choose ‘p’ to accept the encrypted key permanantly)
svn checkout https://svn.roundcube.net/trunk3) Change into the roundcubemail directory
cd roundcubemail
3) Move the roundcubemail directory to your webroot, remove the ‘trunk’ directory, and then change into the roundcubemail directory
mv trunk/roundcubemail .
rm -rf trunk
cd roundcubemail4) Set permissions of the temp and logs dir so that the web user can read/write to them
chown -R www:www temp logs5) Create a database for storage of Roundcubemail data, replace $PASSWORD with the password you want the roundcube user to use to access mySQL
# mysql
> create database 'roundcubemail';
> GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@localhost
IDENTIFIED BY '$PASSWORD';
> quit6) Import the inital Roundcubemail SQL
# mysql roundcubemail < SQL/mysql.initial.sql7) Change into the config directory
cd config 
Copy the config *php.dist files to *.php
cp db.inc.php.dist db.inc.php
cp main.inc.php.dist main.inc.php9) Modify the config files to suit your environment. In db.inc.php you only need to change the database definition line, add your password in place of $PASSWORD
$rcmail_config['db_dsnw'] = 'mysql://roundcube:PASSWORD@localhost/roundcubemail';Assuming your mailserver is running on the same physical box as the webserver, disable database caching
$rcmail_config['enable_caching'] = FALSE;define the host as localhost
$rcmail_config['default_host'] = 'localhost';define smtp as localhost
$rcmail_config['smtp_server'] = 'localhost';and increase the session lifetime from 5 to something more reasonable (optional)
$rcmail_config['session_lifetime'] = 30;Launch a web browser and point it to
http://some.url/roundcubemailThen login with a valid/existing IMAP username and password.
To debug problems just tail -f (or multitail if you’re cool like me) /var/log/maillog to see what’s happening behind the scenes. Consult the mailing lists for issues and feel free to give feedback below. Since this app is under heavy development I expect this HOWTO to change as the app does.
I’d rather be phishing…
It seems that the phishing site I referred to earlier is now dead (request timed out!) Yah, very cool, now how about another one to keep the ball rolling? Go ahead and try out this one: this one, YAPPS (yet another pay-pal scam). Feel free to open a bunch of tabs on that URL; I’ll throw up a new one once it goes down. This would be a good application for that ‘flash mod’ type of ideal; get a phish-fighting email list, send out a URL like this and have 100s of folks hit it at once. It’d be more like a (more coordinated) 419 attack.
New phisher site to fight!
I just got another PayPal phishing email, as always they include a link to ‘login’ to ‘PayPal’ to verify something or another in an effort to learn your username and password. Of course MailScanner tagged the bogus URL within the HTML, and SpamAssasin (this time Razor2) found that it was spam from content *and* a DCC (distributed checksum clearinghouse) list, so I really couldn’t accidentally fall for the scam, but after a good defense we need a good offense; it’s time to fight back. I currently have 6 Firefox tabs open on PhishFighting.com to pollute the phishers database with phony usernames and passwords. The goal, as I’ve stated before is to flood the phishers database making it unusable, and possibly saving some who have fallen for it by putting so much *noise* around legit data that they’re not used. Want to help? Open a new browser window, and center click on this PhishFighting.com link that already has the bogus URL link that already has the bogus URL information listed. Looking at the totals on my other window I’m over 300 phony usernames and passwords, and I plan to leave it running all day.
Hi, I'm fak3r and I've been online for over 15 years, blogging for 10. I work with open source software, various hardware and whatever else that I can hack on. I enjoy learning by doing, painting infrequently and listening to more music than the law allows. Feel free to follow me and comment on my thoughts and ideas; we're all in it together kid.
