Monthly Archives: April 2016

Did you know the Post Office sells your information?

Posted on by The Old Wolf

mail.jpg

I wish I had known this long ago. I would never have put in forwarding requests. It’s mean, it’s ignorant, and from a moral standpoint it’s downright reprehensible – but it’s legal, and they do it gleefully to get gain.

After our recent move to the wilds of Utah to the east coast, I put in three forwarding requests – one for our personal mail, and two for businesses. Little did I know that this would cause me no end of trouble, as that information was instantly transmitted to marketing agencies and basically anyone who has two coppers to rub together, and immediately began receiving junk mail and having my new information appear on automatically scraped websites.

Here’s the Forbes article I found – a bit dated, but still valid – that opened my eyes to this dirty little secret.

Whenever you fill out a change of address form with the United States Postal Service, the USPS adds your new details into a database of 160 million previous address changes over the past four years. The USPS has deals with data brokers to sell this data to anyone who pays, provided they have your old address. That means data firms cannot buy the address of Leroy Jones in Cincinnati, but can obtain his new address if they know where he used to live, which they usually do anyway.

This is, in a word, filthy. The PO’s responsibility is to get my mail from here to there, and that’s where their responsibility ends. To take people’s personal info and sell it to data brokers is nothing short of criminal, and it shouldn’t be permitted.

So this time, when we move from our temporary apartment to the home that we will – it is to be hoped – shortly be purchasing, I will not be relying on the PO to forward my mail. In plenty of time, I hope to inform our critical correspondents of our new address individually, and let the junk mail  get returned to sender.

There is supposedly a loophole, although I don’t know if I trust the Post Office as far as I could throw a grand piano:

There is, however, a loophole that keeps data brokers from accessing your updated address. When you fill out the online form to change an address, you can indicate a temporary change that provides six months of forwarding that can then be extended for another six months.  That information, unlike the changes marked as permanent, is not included in the master list sold to data brokers.

Time will tell.

The Old Wolf has spoken.

Klaatu Barada Nikto

Posted on by The Old Wolf

When I purchased the relatively recent remake of “The Day the Earth Stood Still”, it included a nice remastered copy of the 1950 original so my money wasn’t a total waste.

dayearthstoodstill1

If you’ve never seen it (Ai! What rock have you been living under?) it is based on the timeless story by Harry Bates, “Farewell to the Master,” which is worth a read all by itself.

Long seared having been seared into my mind since the first time I saw it as a child, I’m gratified that this film ranks 7th on Arthur C. Clarke’s top-10 science fiction film list, because even 65 years later – coincidentally my age – it’s just as relevant now as it was then. It’s a tight film, without a second wasted, and made with the intention that it would:

a) be as realistic as the technology allowed, and
b) transmit the message that mankind needs to get rid of its violent nature if it cares to survive.

Having spent a career as a linguist, I some time ago watched the film again with the intent of listening to Klaatu’s language, and transcribing what he said as accurately as possible. There is so little dialog that it can’t really be considered a conlang, but it was interesting to me nonetheless.

Klaatu barada nikto!” is one of the most famous lines ever uttered in a science-fiction film, but was not the only thing that Klaatu said. The remainder of the dialog is:

Gort! Deglet ovrosco! (Said after Klaatu is shot the first time)

Imray Klaatu naruwak.
Makro [pluvau|pluval], baratu lokdeniso impeklis.
Yavo tari [axo|axel] bugletio barengi degas.
(Klaatu’s instructions – ostensibly to his Federation – for his “demonstration of power”; this linguist’s best transcription. Two words are nearly impossible to pinpoint without a script or screenplay. You can listen to the dialog here.)

Klaatu barada nikto! (Probably something like “Klaatu needs help!”)

Gort, berengo. Probably much like “Mirab, his sails unfurled,” i.e. Gort, let’s blow this bait shack.

I never tire of watching this film – its value to the human condition, and as an early example of outstanding science fiction cinematography, will never diminish.

Here is the text of Klaatu’s speech, for your consideration:

“I am leaving soon, and you will forgive me if I speak bluntly. The universe grows smaller every day, and the threat of aggression by any group, anywhere, can no longer be tolerated. There must be security for all, or no one is secure. Now, this does not mean giving up any freedom, except the freedom to act irresponsibly. Your ancestors knew this when they made laws to govern themselves and hired policemen to enforce them. We, of the other planets, have long accepted this principle. We have an organization for the mutual protection of all planets and for the complete elimination of aggression. The test of any such higher authority is, of course, the police force that supports it. For our policemen, we created a race of robots. Their function is to patrol the planets in spaceships like this one and preserve the peace. In matters of aggression, we have given them absolute power over us. This power cannot be revoked. At the first sign of violence, they act automatically against the aggressor. The penalty for provoking their action is too terrible to risk. The result is, we live in peace, without arms or armies, secure in the knowledge that we are free from aggression and war. Free to pursue more… profitable enterprises. Now, we do not pretend to have achieved perfection, but we do have a system, and it works. I came here to give you these facts. It is no concern of ours how you run your own planet, but if you threaten to extend your violence, this Earth of yours will be reduced to a burned-out cinder. Your choice is simple: join us and live in peace, or pursue your present course and face obliteration. We shall be waiting for your answer. The decision rests with you.”

The Old Wolf has spoken.

Malware Payloads

Posted on by The Old Wolf

Chapa NO MALWARE

I’ve noticed a lot of malicious emails coming through to one of my addresses lately – interestingly enough not at Gmail, which may even filter these things out before they are even sent to Spam – but to one of my private email addresses. Here are two examples:

Dear info,

Many thanks for your card payment. Please find payment confirmation attached below. Should you have any queries, please do not hesitate to contact Credit Control Team.

Best regards

Dena Carpenter
Director Audit Services
Attachment: 851E2_info_43A8AE.rar
And this one:
Dear info,
Please check the bill in attachment.
In order to avoid fine you have to pay in 48 hours.
Best regards
Antonia Snider
Executive Director Sales Account Management Training Performance Support
Attachment: info_e-bill_669770.zip
Both of these emails came with compressed attachments, one a .zip file and one a .rar file. Inside each was a document with the extension “.js,” meaning it’s a javascript file which would automatically run once the file was clicked on to see the “invoice”or “bill.”

DO NOT DO THIS.

From Microsoft’s Malware Protection Center:

Payload: Downloads malware or unwanted software

This threat can download other malware and unwanted software onto your PC. We have seen it download the following threats:

  • PWS:Win32/Fareit
  • Ransom:Win32/Crowti.A

Connects to a remote host

We have seen this threat connect to a remote host, including:
  • davis1.ru using port 80
Malware can connect to a remote host to do any of the following:

  • Check for an Internet connection
  • Download and run files (including updates or other malware)
  • Report a new infection to its author
  • Receive configuration or other data
  • Receive instructions from a malicious hacker
  • Search for your PC location
  • Upload information taken from your PC
  • Validate a digital certificate

We have seen this threat access online content, including:

  • two.jpg
  • one.jpg

Another similar threat is 097M/Donoff. This Microsoft Article shows many types of emails that are being sent out to try to get people to run this malware. One of my emails contained Win32/Penzievs, which is so new that Microsoft has no technical details on it yet.

Working at Carbonite™, we have seen many customers who have been infected by the Cryptolocker virus and similar encryption programs. Almost all of these vicious payloads come as email attachments that are opened by the unwary. While having good anti-virus protection and a rcloud-based backup system that protects multiple versions of your files is good insurance, the best procedure is never to open attachments from unknown sources, no matter how legitimate they look. Especially always avoid “.exe,” “.com,” “.zip,” and “.rar” files.

Be careful out there. Protect yourself and your loved ones.

The Old Wolf has spoken.

 

Domain Registraton Scam – Bad Actors from China

Posted on by The Old Wolf

Be careful out there. I just got this email the other day, and while it looked dodgy from the outset, I thought I’d follow it down the rabbit hole to see where it went.

Dear sir or madam,

We are a registrar for domain names authorized by Chinese government. Today, we received an application from Daoc International ltd applying to register [domain] as their brand name and some top-level domain names(.CN .HK etc). After our initail checking, We found the main body of domain names is same as yours.

We are handling the application and we need to confirm whether or not you authorize them to register them? Let me know your positon ASAP so as to solve it promptly. Looking forward to your reply.

Best regards,
Elvin Lee
Tel:+86-551- 6349 1191
Fax:+86-551- 6349 1192
Address:No.413,Changjiang Road,Hefei City,Anhui Province

OK. So I simply responded and said, “These domains are not authorized, thank you.”

Next up:

Notice: regarding this case, we did not receive any of your reply until now. Concerning the mentioned brand name please confirm whether you need to register by yourselves? If need, please let us know in time, we can send an application form to you. If you think the registration of that company or the use of the brand name will not bring any negative effect to your company, i suggest you can give up the brand name, then we will accept that company application unconditionally. Further questions please contact me in time.

Followed the same day by this:

Notice: hi, i am Elvin Lee. We had discussed the case about disputing your company’s brand name. You have never registered the brand name, the dispute period will come soon. If your company does not register the brand name, we will start aforesaid company registration within 2 workdays. That company will become the legal owner of the brand name in the world. We had notified you, so we are not responsible for any dispute question about your intellectual property right and trademark after they succeed in registration. If you have any questions, pls contact us within 2 workdays.

Basically telling me I’ll lose worldwide rights to my domain name if I don’t quickly take action, or alternatively, I should abandon my own domain so that they can legally register it with other companies.

Lastly, today:

Thanks for your confirmation. As soon as receiving the application of that company, we checked and found [domain] is your company’s using name. We are concerned that your name might be affected negatively by their applications, this is why we informed you. Following brand name and domain names are applied by that company:
Brand name:
[domain]
Domain names:
[domain].asia
[domain].cn
[domain].com.cn
[domain].com.hk
[domain].com.tw
[domain].hk
[domain].in
[domain].net.cn
[domain].org.cn
[domain].tw
[domain].co.in

You know that the domain names registration is open in the world, that company also has the right to apply for the available domain names. You only have the preferential rights to register them.

At present, we haven’t passed their application, we need your opinion. If your company consider these names of importance to your company’s business or interest, i suggest that your company register these names first so as to avoid confusion or speculation. Of course, If you don’t think their application will affect your company in the future, you can give up these names so that we can finish registering for them. Please give me your company’s decision as soon as possible.
Uh, no. While I have no doubt that there are many good and honest Chinese businesses, this is not one of them – in fact, falls under the rubric of “morals of a honey badger.”
Above and beyond the standard advice, “Never deal with spammers,” I’d add that you be extraordinarily careful when unsolicited business proposals come from China – in other words, be doubly vigilant.
The Old Wolf has spoken.