Posts tagged ‘crime’


Could the fight against phishing be shifted?

08.04.2017

I wasn’t able to find anything about this online, and I wonder if anyone was already doing it. If not, maybe someone should.
   Could the big players, e.g. Amazon and Apple, not provide the public with a fake email address and password (or a series of them) that we can feed in to phishing sites? When the crooks then use the same to enter Amazon, they could be reported with their IP address and caught. Is anyone doing this?
   In other words: make fake accounts to fight fake emails.
   It seems regular people like us can spot phishing long before the big sites and web hosts do, and this could act as a deterrent against this sort of criminal activity. Like a lot of things, we’d democratize scam-busting, instead of reporting them to the authorities.
   Of course we can still report the phishing site to APWG, Spamcop et al, but it’ll take hosts some time before they shut down the site, by which time the crooks will have made off with a lot of usernames and passwords.
   I imagine some of these people will have built in safeguards, e.g. they keep a record of the emails they send phishing messages out to, and if the one you provide doesn’t marry up, they’d know. But then, do all of us use the same email on these sites? If their aim is to cast their nets widely, then they would want those extra email addresses. I don’t necessarily use the same email address on all websites. Greed might trump the fear of getting caught, since the average scam nets the criminal US$4,500.
   I know they’d also get suspicious if a whole bunch of us entered the same address and password, so these might need to be automatically generated regularly to bait the scammers. The oldest ones would be deleted.
   Comments are welcome. It seems such a simple idea that it must already be out there after so many years, but maybe the pitfalls of generating so many would present difficulties, or maybe such an idea has already been tried and discarded.

Tags: , , , , , ,
Posted in internet, technology | No Comments »


Modern terrorism and where we are in history

10.01.2015

Thoughts today on social networks, chatting to friends about issues stemming from the Charlie Hebdo massacre and the hostage saga in Paris’s 11th arrondissement.
   In response to an Australian friend of Chinese heritage:

[Muslims] have been [speaking out against violence] since 9-11 and probably before but no one cared or no one could be bothered translating it into English.
   As to why [certain members of this religion engage in violence], it’s an accident of history.
   Had air travel and the internet been around 100 years ago, I’m sure we would be the ones doing some of this because of the way colonial powers were carving China up.
   Extremists will use whatever they have as a means to unite others behind their cause. If plain old sympathy does not work, then they will make it religious, or at least, about ideology. It’s why there are even Buddhist terrorists in history. Yes, this is being done in the name of Islam, just like the Troubles were in the name of Christ. There’s plenty of killing going on in the Old Testament of the Bible.
   Without social media it certainly seemed that mainstream Protestant and Catholic voices were silent in that conflict, and by this logic, endorsing the violence.
   And not everyone has the privilege to make these statements. We can in a free society but some of these people live in fear.
   But we in the west have played directly into their hands anyway with the changes in our laws and clamping down on free speech, when we should have held firm with our own traditions and beliefs, and told these folks to get with the programme in a globalized society.
   The more confused the occident becomes and the greater the economic chasms in our own society, the more the disaffected youths might think: you do not have the answer and maybe these nut jobs do. Hence you see them come from poor areas where religion is one of the things they feel some fellowship with.
   And with the negative sides of western civilization, as there are some, no doubt they will seize on that to get recruits. For politicians who do not believe that inequality (real or actual) is a problem, then they had better wake up fast, as no amount of legislation about stripping foreign fighters of citizenship is going to stem the tide.
   Like I said in an earlier thread, no Muslim I know would engage in or endorse this stuff, but I’m in a privileged position as are the Muslims I have met. Not so these guys, and they have a wonderful target—us, living in comfort—to sell others on.
   Muslims are the stereotyped bogeymen for now, and then in another age the mainstream will have chosen another minority to pick on, telling us how their beliefs are evil.

   And to an American friend and colleague, who points out MEMRI has been translating, in some ways a postscript:

I’m definitely not denying that there are plenty of nut jobs in that part of the world who push their crazy on to others. You only need to get a sense of what gets broadcast on al-Jazeera (as opposed to al-Jazeera English) where they get a ready platform.
   But, once again, it is where we are technologically as a people, with many disunited and hypocritical.

   When you’re a minority, you can see how majority thought can work against you. I’ve heard, depending on where I am, that Muslims (or even all Arabs) are terrorists, whites are undisciplined, or Jews are stingey, and at some point you just have to say no to stereotypes when you realize that you could be the next group to be singled out and targeted. Remember when Chinese were Triads, a popular one that was within the lifetimes of most New Zealanders reading this blog? That was the mid-1990s, when a few years before I was denied service at Woolworths because of the logic that trade was not supplied and all Chinese must be greengrocers.
   It beats being called a Triad or a terrorist.

Tags: , , , , , , , , , , , ,
Posted in culture, interests, politics, technology | No Comments »


Je suis Charlie

09.01.2015

I was watching France 24 about half an hour after the Charlie Hebdo attack and made the above graphic a few hours later, in support of press freedoms and the victims’ families, and showing solidarity with other members of the media. One friend has made it his Facebook profile photo and I followed suit about a day later.
   We have come across the usual, and expected, ‘Everyday Muslims should say something and be openly against extremists. Silence means they endorse these actions.’
   Some have, of course, but no more than Christians came out to condemn the actions of Protestants and Catholics groups during the Troubles (although at least the IRA told you to get out of a building), or white American Christians came out against the KKK prior to the Civil Rights Movement.
   I wonder if there are double standards here.
   Perhaps this Muslim writer put it best in a Facebook comment: ‘I was just making a larger point about how easy it is to make the assertion and equate “silence” to passive aggression. Most Muslims are from non-English speaking countries. Just because they don’t tweet in support and aren’t given enough media coverage, doesn’t mean they directly/indirectly propagate the oppression conduced by radical Islamists.
   ‘I’m a Muslim who vehemently opposes attacks such as the one in Paris. I can only say this to you because I’m equipped with the privileged circumstances to do so. Most people on this planet (let alone Muslims), do not. Claiming that I have a stake in these attacks, however, is blatantly unfair too.’
   I’m not denying that those engaged in acts of terror do so in the name of Islam, just as the Klan proclaims itself a Christian organization. They have been able to spread their hate more readily because of where we are in history, namely in an age of easy movement across borders and the internet. But had the same technology been ready 100 years ago, it isn’t hard to imagine Chinese terrorists taking it to the west for what western colonial powers were doing inside China. Would the PLA have been more widespread for the same reasons? Probably. It’s hard for me to have it in for any one faith since we’re not that far away from doing the same, and the fact we aren’t is down to winning the lottery of where, when, and to whom we were born.
   I definitely have it in for those who are committing atrocities, and they need to be identified and dealt with. We can debate on whether we have a suitable legal framework to do this, and that is another topic.
   Simon Jenkins should have the last word on this topic:

[The terrorists] sought to terrify others and thus to deter continued criticism, and they now seek to reduce the French state to a condition of paranoia. They want to goad otherwise liberal people to illiberal actions …
   Osama bin Laden’s attacks on the United States, culminating in New York in 2001, were exceptional. Since he could not hope for an American capitulation, the intention must have been to scare the US into a hysterical reaction … [Y]ears of war ensued, years that realised al-Qaida’s wildest dreams. Western nations plunged into battle, at a cost of some $3tn. Thousands of lives were lost and regimes were destabilised across the region. Democratic governments lurched towards authoritarianism. Almost willingly, it seemed, governments tore up many of the central tenets of their liberties. In the more belligerent states – the US and Britain – habeas corpus, private communication, legal process and even freedom of speech were curtailed or jeopardised. The forces of state repression suddenly found themselves singing the best tunes.
   Bin Laden was handed his triumph. For a decade he was able to rally supporters to his cause. He boasted at the vulnerability of this supposedly superior society. He taunted democracies that claimed immunity from the devious tactics of militant Islam …
   Terrorism is no ordinary crime. It depends on consequence. It can kill people and damage property. It can impose cost. But it cannot occupy territory or topple governments. Even to instil fear it requires human enhancement, from the media and politicians.
   That is why the most effective response is to meet terrorism on its own terms. It is to refuse to be terrified. It is not to show fear, not to overreact, not to over-publicise the aftermath. It is to treat each event as a passing accident of horror, and leave the perpetrator devoid of further satisfaction. That is the only way to defeat terrorism.

Autocade hit 3,000 models before December 31 was out. The 3,000th: the Renault Espace V.
   There are still some big omissions (for instance, all the full-size Japanese sedans, all the Toyota Celicas, and it needs more Corvettes, Ferraris and Maseratis) but a lot of the mainstream model lines are there (all current Geelys, all the Volkswagen Golfs, and more and more current model lines). For a site made primarily out of personal interest, it’s doing reasonably well, with a few thousand page views daily.
   A quick summary then, based on the stats grabbed in early December:

March 2008: launch
July 2008: 500 (four months for first 500)
December 2009: 1,000 (17 months for second 500)
May 2011: 1,500 (17 months for third 500)
December 2012: 2,000 (19 months for fourth 500)
June 2014: 2,500 (18 months for fifth 500)
December 2014: 3,000 (six months for sixth 500)

March 2008: launch
April 2011: 1,000,000 page views
March 2012: 2,000,000 page views
May 2013: 3,000,000 page views
January 2014: 4,000,000 page views
September 2014: 5,000,000 page views

Currently, it’s on 5,473,963, so the rate is increasing slightly, probably helped by a new Facebook fan page (with a mere 60 members).
   We have been chatting about some radical changes to Autocade in 2015. Should this happen, I’ll blog about it when I am able.

Finally, the resolution to my problems around Linux was putting Linux Mint 17.1 on to a bootable USB stick using Rufus, which happily (and unlike a lot of programs) does what it says on the tin. (The allotted hard drive space for Ubuntu 13, which was determined when I installed 10, became insufficient for 14, hence the Christmas project of trying to upgrade.) Neither Ubuntu 14 nor Mint 17 allowed itself to be installed without hard drive partitioning—it is not poor memory when I say that Ubuntu 10 presented no such hassles in 2011—and that is too risky based on my computing knowledge while I have data on every hard drive that I need to keep. (Again, this is down to experience: an earlier attempt following instructions—that old bugbear—cost all the data on one hard drive and having to Dial a Geek and pay NZ$100.) I could not put either on to the hard drive I wanted, despite selecting the ‘Something else’ option. Putting either into a VM Ware virtual machine made little sense, though I tried it at the suggestion of a good friend, only to find that the only screen resolution that was possible was a tiny 640 by 480. (Going into display settings did nothing: it was the only option available; trying to force different ones through the Terminal also failed, while downloading new drivers for the screen did not make any difference.) After hours—possibly even days wasted if you totalled up those hours—none of the usually helpful forums like Ask Ubuntu had answers that matched my circumstances.
   The USB set-up is good for me for now, since I do not get that much work done in Linux, but I cannot believe how complicated things had become. As with the browsers I have, there is very little on my computers that is so customized that they would be considered extraordinary—I do not have those computing skills to make changes at that level—so it makes me wonder why there is such a gulf between the claims and the reality when it comes to software, constantly. Yosemite taking 12 hours to upgrade, browsers that stopped displaying text, and now Linux requiring a computing degree to install, aren’t good signs for the computing industry.
   Unless you are in the support business, then they are wonderful signs for the computing industry.

Tags: , , , , , , , , , , , , , , , , , , ,
Posted in media, politics, publishing, technology, UK, USA | 3 Comments »


The graffiti issue

25.09.2013

One voter says, ‘Hi, when I show people around Wellington I feel really ashamed of how our beautiful city has been covered in graffiti.’ And she is right. So what can we do?
   I responded in an email:

You are right, and believe it or not, $500,000 of our rates are going toward the cleaning and we’ve little to show for it. It’s worsened over the last few years.
   There are some basic things we can do, but they won’t stop the problem. Let me get those out of the way first, just out of completeness’ sake, because residents have told me they’d like to see these in place.
   Spray paint buyers could provide ID when buying, and I notice Eastern Ward council candidate Sarah Free proposes that sellers should even record the colour and date of purchase. I’d certainly support a bylaw for the ID requirement.
   Shop owners are telling me that it’s not just graffiti, it’s glass-scratchers. They’re going to huge expense replacing the glass.
   I understand from police that it’s difficult to identify the offenders but the few that we do catch, I support having them come and clean up their own mess along with doing community service.
   Now, all of the above are things we can do after the fact. What we really need to do is make sure young people (most taggers are 22–23) don’t commit these crimes in the first place.
   So here are my solutions.
   It’s no surprise that this happens more during a recession. Two main reasons these young people spray graffiti are: creativity (21·6 per cent); and believing in “celebrity” (15·7 per cent).
   This is why I emphasized youth in some of my policies. I put these in to my manifesto back in April, three to four months before my opponents even had theirs. Youth unemployment is shockingly high in Wellington—if you only look at 15–19, it’s 25 per cent. But if we provide them with apprenticeships (Dunedin City Council is already doing this) and internships, then they will be able to see that they can have a proper career path.
   Wellington businesses are telling me they are finding it hard to get talent, including the creative industries, and if some of these taggers are frustrated creatives or people who want their name “in lights”, let’s make them do things that benefit our economy.
   I’d rather spend [a chunk of] the $500,000 on the apprenticeship programme instead. I mention this as I’m not one to make election promises that we can’t pay for as a city.
   We publicize these programmes and we must include those that have an artistic component to them, and target the areas in our city that fall foul to graffiti the most.
   We recognize their issue that there aren’t jobs, and show them that they can apply their talents legitimately. Those businesses that want artists can get them; and the young people understand they can have a future.
   It’s not a perfect solution, but I’m all about targeting root causes rather than applying Band-Aids.
   This has the added effect of stopping some of the drunkenness as well—which is also socioeconomic and partly cultural—so we have a more palatable Courtenay Place and entertainment district. In effect, all this leads to a more presentable, liveable and prouder city.

Tags: , , , , , , , , , , ,
Posted in culture, New Zealand, politics, Wellington | No Comments »


Chrome continues to block sites although Stop Badware clears them

09.04.2013

I’m pleased to note that the Stop Badware people have manually analysed jackyan.com, lucire.com and autocade.net, and cleared all sites at 8.01, 8.01 and 10.01 a.m. GMT respectively.
   Google, however, is still showing this to Chrome users as at 9.10 a.m. if they visit the Lucire website:

   I am not surprised.
   This has come at a cost, with our clients enquiring and one sending this:

All because Google can’t get its systems right, and is happy to ruin the reputations of online publications, despite being notified countless times over the last four days that it has messed up.
   Incidentally, I put up a status about this at Lucire’s Google Plus page yesterday. Interestingly, Google Plus would not share it with anyone who followed us. It makes it harder to believe that the errors are completely down to automated systems.

Tags: , , , , ,
Posted in internet, publishing, technology, USA | No Comments »


Google clears our ad server of any malicious code, but continues to block our sites

06.04.2013

All of the sites that carry advertising from our ad server (ads.jyanet.com) were blacklisted by Google yesterday, including this one. In fact, Google still blacklists them, despite Google and Stop Badware clearing the server of any problems.
   Here’s the kicker: the code that was injected by hackers appears to be Google Adsense code. If true, this means that Google provides hackers with code, hackers use the code, Google blacklists the sites. Have a look below to see if that’s the case.
   I remember that any schmuck can get a Google Adsense account, so they aren’t choosy. (I applied for one many years ago, which I had for six months. Believe me, it was really easy.)
   If it is Google Adsense, it wouldn’t be the first time their own code was dodgy. There had been instances where McAfee, on my computer, blocked ads on one of our sites and, when investigated, those ads turned out to be Doubleclick ones, i.e. they were from Google’s own ad network. Very big sites get targeted—unfortunately, very big sites appear to get all-clears from big companies like Google rapidly (because they affect their bottom line more?).
   Whatever the source, the hackers used their code and decided to piggyback off legitimate ad-serving websites, including ours. We fixed the vulnerability that led to this within hours of learning about it, but, as usual, we’re disappointed that Google and Stop Badware haven’t caught up after over 24 hours that things are sorted.
   I’ve pasted the warning from Google below, a shot of our OpenX installation describing the code (it looks like Google Adsense to me—is it? Or is it just based on parameters of their code so the hackers’ Adsense account profits from the activity?) and a screen shot of where the dodgy stuff Google believes it came from, namely a domain owned by one William Oster in New York. (These are from my Tumblog.) [Note: Mr Oster might not even know about this and that his OpenX installation was the victim of the same hack. The hackers could well have placed the malware on his server and spread things from there.]

   I’d like the solution to be tougher guidelines on everyday users getting Adsense accounts. Let’s hope things are harder today than they were in the 2000s. There are a lot of honest people using Adsense, so it’s fine to argue that it’s unfair to affect everyone because of a few bad eggs. Every ad network needs to be more stringent on who can advertise, too.
   Most of the larger, legitimate ad networks that I know of make things stricter, and your site has to have proven traffic and a decent track record before they’ll let their ads be shown on them.
   My guess is that Google isn’t about to change its policies because it does very well from casting its net far and wide. The last I looked, the ad business was worth US$3,600 million to them.

Tags: , , , , , , , ,
Posted in business, internet, marketing, publishing, technology, USA | 4 Comments »