Month: July 2006

I’ve blogged quite a bit (and perhaps annoyingly to others) about my concerns about how the UK is starting to become a Big Brother nation.  I’ve spoken to British citizens about this subject and they share my concern. 

However, there are also a number of Britishers who think I’m being an alarmist nut.  And then there are those (not necessarily British) who believe that the post 9/11 environment justifies the types of degradation of our civil liberties that we’re seeing not only in the UK, but in the US as well.

So this happy subject brings me to a disturbing blog post by a Londoner, about a critical comment made recently about a subway security system, which resulted in a fine of £80.

My friend Phil and I were going through a metal detector on the way out of Highbury & Islington tube on Friday evening around 8.30pm, on our way to a gig. Phil, who has a degree in physics, said to me in a low voice that the metal detector was a “piece of shit that wouldn’t stop anyone”. Obviously, someone was listening, as all of a sudden, half a dozen policemen jumped on him and hustled him over to the corner of the tube station, where he was detained for about 20 minutes for the grave crime of swearing in public, and fined £80 for the privilege. For swearing! On the tube! If it’s such a crime, then I owe them about a million pounds, as swearing on and at the tube is the only way to deal with the pain of having to travel on the dratted thing every day.

Link here via BoingBoing.

Freedom being our most precious right, let us not abdicate our civil liberties in the name of protection against real or imagined outside threats.

 

Alex Eckelberry

A lot of activity is going on in the area of botnets.  If you’re curious about them, you can study a few key references.

An Inside Look at Botnets. Paul Barford. Vinod Yegneswaran. 

Botnets as a Vehicle for Online Crime – CERT/CC.

Know your Enemy: Tracking Botnets. 

Jose Nazario over at Arbonetworks was kind enough to put these references together. As he says, “Read those and you’ll be largely up to date with most IRC bots. Everything since then is largely incremental – crypto, obfuscation, etc. These do not cover P2P bots and HTTP bots, which are becoming hot topics.”

Happy reading.

Alex Eckelberry

Two more things we’ve learned about Leo Stoller, the so-called “Trademark Troll” (he likes to go after companies to get money to license trademarks that he’s registered, and is currently going after our good friends at Castlecops for their use of the word “castle”). 

1. He really likes pretty women.  This is apparent in the fact that he plasters pictures of women all over his blog, often for no apparent reason. 

For example, on this story about the Supreme Court’s decision on Guantanamo Bay, we have an inexplicable image of a model. Why?  I have absolutely no idea.

 

In another example, we have a picture of Paulina Porizkova on a blog entry about toy company Mattel.

Then, there’s this model next to an article about Adenna, a company that makes…um… latex medical gloves (more than I want to know).

Ok, so maybe that’s nitpicking.   After all, he has every right to put pictures of famous and beautiful women on this blog, right? 

Well, I’m not so sure about that, which brings me to point 2.

2. Leo Stoller might just be misappropriating copyrighted material.

You see, a number of these images are arguably protected by copyright.  For example, we have this picture of Jessica Simpson that Leo has used:

Notice the upper right-hand corner?  Nice photoshop work Leo, because the original is at Art.com: 

And, of course, Art.com makes it clear that these images are not to be used:

All content included on this site, such as, but not limited to, images, text, graphics, logos, and button icons, is the property of Art.com or its content suppliers and is protected by United States and international copyright laws. All content on this site that is not the property of Art.com is used with permission. The arrangement and compilation of all content on this site are the exclusive property of Art.com and are protected by U.S. and international copyright laws. All software used on this site is the property of Art.com or its software suppliers and is protected by United States and international copyright laws. Display and use of certain images on the site are subject to additional conditions as set forth in the “Special Conditions” section below.

And we have this other mysterious piece of artful photoshop work.  I wonder what’s supposed to be there?

Then there’s a picture of Pamela Anderson.

Salma Hayek

And so on.

As reference, we have this from Bitlaw on copyright concerns on the web.

Taking images from third-parties. The simple rule is, “Don’t steal someone else’s images.” The moment an original image (or string of text) is fixed on a hard drive for the first time, it is protected by copyright. Any unauthorized copying of a protected image is an infringement of the creator’s copyright, unless the use falls within one of the very limited exceptions to the copyright law, such as “fair use.” In most cases, it is unlikely that the incorporation of an image into a commercial web-site would be considered a fair use.

He could argue fair use, but on a commercial blog that is actively promoting his business, I think that’s a difficult argument.

However, nothing in the law is cut and dry on fair use.  A lawyer friend of mine also took an interest in Leo’s blog and made these comments about Loe’s use of pretty women:  

If Leo is reporting a news event or making some satirical or political comment about the picture (as opposed to the celebrity), it could be OK. But since it’s a blog, it is likely that he is just making personal use of the photo, and that’s a copyright violation.  That said, as a non-commercial use, the damage from the infringement would be pretty minimal (unless the shot has commercial value and could be downloaded from the client’s blog), but I’d say the photographer could still have a potential copyright claim.
 
Going a step further, his violation depends on the use being made of the picture and whether that use falls within the fair use exceptions to copyright (criticism, commentary, research, scholarship, etc.).  If the blog is for criticism or commentary rather than simple personal use it’s more likely to be a fair use.  Also, copying of a photo has been held by at least two circuits to be permissible because the use was “transformative”.  The key cases in this area are called Kelly v. ArribaSoft and Bill Graham v. Dorling Kindersley – both dealing with the transformative use of photographs (Kelly had to do with posting photos on a website).   

Like I said, it’s a gray area. 

But why do I care?  Why should anyone care?  Well, in my view, Leo’s entire business model is based off of abusing intellectual property law to his benefit, with frivolous, baseless legal actions that effectively extort companies.  And yet he finds no problem taking a Jessica Simpson picture, altering it and then posting it as his own on his website.

And so the point is this: Is Our Dear Friend Leo, who argues vehemently and passionately about ethics, intellectual property protection (he even has a whole blog post with his terms of use) and the like, practicing a double-standard?   I’ll leave that for you to decide.

 

Alex Eckelberry
(With credit to Leslie who assisted me greatly in putting this material together.)

No big news here, but here is a live phone phish that’s operating right now.  Phone phishes are a phonenemon that have been around for a while now and they are quite ingenious at deceiving users.

Since not many people have actually experienced a phone phish, Castlecop’s Paul Laudanski and I figured we’d record one for you.

If you dial the number 1-805-214-4801, you will get an automated service that asks you to enter your 16 digit account number.  (Obviously, don’t call this number and enter anything.)  You can hear what it sounds like here..

Remember to report phishing emails to PIRT, at www.castlecops.com/pirt.  They really do get acted upon.

Alex Eckelberry

 

 

Mike Shaw, president of advertising at ABC, told MediaDailyNews yesterday that ABC has had discussions on disabling the fast-forward button on DVRs — so that people can’t skip the commercials.

Here’s what’s absolutely mind-boggling:

Wait, wait … the kicker is that he doesn’t think this would be any big deal to the audience. “I’m not so sure that the whole issue really is one of commercial avoidance,” Shaw said. “It really is a matter of convenience — so you don’t miss your favorite show. And quite frankly, we’re just training a new generation of viewers to skip commercials because they can. I’m not sure that the driving reason to get a DVR in the first place is just to skip commercials. I don’t fundamentally believe that. People can understand in order to have convenience and on-demand (options), that you can’t skip commercials.”

Link here.

Alex Eckelberry 

 

I was on a conference call earlier this morning and a couple of employees ran into my office, pointing out a waterspout (a tornado over water). 

Unfortunately, we were a bit late on getting pics, but here’s a couple taken by one of our developers, Daniel Cormier.  (This is what the view is from our office, overlooking the Gulf of Mexico.) 

 

Alex Eckelberry

 

There’s a new rogue on the loose, SpyHeal (spyheal(dot)com).  We believe this is probably the replacement for Spyware Quake (or SpywareQuake).

 

The product’s EULA is here..  Virustotal results here.  

According to Sunbelt’s researcher Patrick Jordan: “From seriall(com)com with the VladZone infestation, it calls the IP for the security scam hijacking and SpywareQuake install.  Also, from the sysprotectionpage(dot)com showed spyheal(dot)com as one of the new partner sites.”

Alex Eckelberry

 

Businessweek just published a hard-hitting expose of Direct Revenue. 

Consumers have strong opinions about Direct Revenue’s software. “If I ever meet anyone from your company, I will kill you,” a person who identified himself as James Chang said in an e-mail to Direct Revenue last summer. “I will f—— kill you and your families.” Such sentiments aren’t unusual. “You people are EVIL personified,” Kevin Horton wrote around the same time. “I would like the four hours of my life back I have wasted trying to get your stupid uninvited software off my now crippled system.”

Link here.

Make sure to read the sidebars — one on Sunbelt’s Patrick Jordan, the Yahoo connection with a diagram, and affiliate commission schemes.

Wow.

Alex Eckelberry
(Thanks Ben)

Good stuff.

The Rootkit Revelations forum aspires to provide a platform where we can discuss how rootkits hide as well as their detection and removal techniques. The forum aims to work in a manner similar to other CastleCops forums, and where people can get technical support for their rootkit problems.

Link here.

Alex Eckelberry

Gadi Evron writes that Senator Ted Stevens (who said some odd things last week about net neutrality) may actually be saying some sensible things. 

Senator Stevens who everyone is dissing on for his speech on Net Neutrality in my book spoke nothing less than brilliant. I will also tell you, in my opinion, exactly why.

You can find his speech here: http://media.publicknowledge.org/stevens-on-nn.mp3

He nailed down the subject into the point that matters: Business. It’s about profit.

Link here.

I’d be curious to know your thoughts.  The net neutrality debate is actually quite interesting.

Alex Eckelberry

Today, we have an electrical arc taking our power down.

AC is off.   It’s a wee bit warm in here….

But thanks to generators, most of us are still working.

More here.

Alex Eckelberry

 

How to turn on the Bluetooth discovery option
If you can’t get your Bluetooth device, such as a BT headphone, to connect to your XP computer after applying service pack 2, it may be because the discovery option is turned off. This is also an issue with XP Tablet PC edition 2005. This option is turned off by default for security reasons. You have to turn on the discovery option to connect the device. Here’s how:

1. Right click the Bluetooth icon in the notification area of the system tray.
2. Click Open Bluetooth Settings.
3. Click the Options tab.
4. Click to check the checkbox labeled “Turn discovery on.”
5. Click Apply.
6. If you want other Bluetooth devices to be able to connect to your computer, select “Allow Bluetooth devices to connect to this computer.”

Note: If there is no Bluetooth icon in the notification area, click Start | Run and in the Run box type: bthprops.cpl, then click OK. You can turn discovery back off again after the device has created a connection to your computer, to prevent other devices from connecting without your knowledge.

How do you share your Outlook calendars without Microsoft Exchange? Sharing calendars at home or in a small office is easy – if you’re using an Exchange server.  However, if you’re using Outlook with a typical POP email account setup, it’s not possible. The good news is that in Vista, there’s a new built in application called Windows Calendar. While it’s not as sophisticated as Outlook, it will fill the needs of most home users, and you can easily share your calendars on the local computer or across the Internet by publishing them to a web site. Of course, that doesn’t help you much right now, and you may not want to “downgrade” to Windows Calendar from Outlook when you do upgrade to Vista. The other good news is that there are third party software programs that will let you share your Outlook calendars right now without Exchange. The least expensive one we’ve seen is ShareCalendar for Microsoft Outlook; it costs $25 per license (in your situation, you’d need two – one for you and one for your wife). As well as sharing the calendars, it lets you sync your calendar on multiple PCs, create group calendars and let people subscribe to your calendars, and also lets you “hide” your private appointments. You can find out more about it here.

Error 1068 when you try to turn on Internet Connection Sharing
If you get an error message that says “Dependency service or group failed to start” (1068) when you try to turn on ICS by running the Internet Connection Sharing wizard, you need to make sure that all dependant services have been started. For a list of the applicable services and step by step instructions on how to ensure they’re started, see KB article 827328.

You get error messages when you sync offline files
If you try to synchronize your offline files on an XP computer and get an error message that says files of this type cannot be made available offline, this happens because of a problem with client-side caching. There is a hotfix available to address this, but Microsoft recommends you only apply it if you’re experiencing this particular problem, and you’ll need to contact Product Support Services (PSS) to get the hotfix. For more information, see KB article 890671.

How to recover from a corrupted registry
If the Windows XP registry becomes corrupted and this prevents Windows from starting, you may be able to recover your data by using Guided Help to automatically perform the steps for you. You can install and use Guided Help if you’re logged on as an administrator. To download the Guided Help software and for information on how to use it, see KB article 307545.

Special keyboard for Vista?
We hear that Microsoft is making a new wireless keyboard designed for Vista, to be available in the fall. With its subtly ergonomic layout (more smoothly curved than the average ergo board) and ambient backlighting that comes on automatically in dim light, we have to admit that it’s a good looking piece of hardware.

There’s not much about it on the Microsoft site, just a teaser video. Is that a “big green button” (Media Center button) on the right side? We’ll be checking it out and reporting back as soon as it’s available.

 

Vista Compatibility Mode saves the day
If you’re running the Vista beta and you’re having problems getting some of your applications to install or run, be sure to try Vista’s compatibility mode. I installed CorelDraw 10 (I prefer it to later versions) and the installation seemed to go okay but the program wouldn’t open. Here’s what I did:

1. Go to the program’s executable file and right click it, then select Properties.
2. Click the Compatibility tab. Here, as with XP, you can select to run the program in compatibility mode for a previous operating system (for example, XP SP2).
3. Unlike XP, you can also select to run the program as an administrator, in the “Privilege Level” section.

After I selected to run in compatibility mode and as an admin, my Corel applications started up and worked normally.

Deb Shinder

As consumers, we all want to pay less and get more. Microsoft seems to be trying to give us just that, as they incorporate more and more of what used to be “add on” software into the operating system and offer low cost services that provide others. Windows XP included a built in firewall, a product that you once had to buy separately from a third party vendor. Now Vista is adding Defender, an anti-spyware application, and OneCare is a service-based “bundle” of security applications priced considerably lower than those of the major third party competitors in the market.

But is there a downside to getting all your protective programs from the same source that makes the OS? Proponents of Microsoft’s model say no, that having it all made by MS means everything integrates more fully, ensures better compatibility and saves people money. Others aren’t so sure.

At what point does giving customers a good value for the money turn into predatory pricing? Will Microsoft drive all the third party makers of security software out of business by giving it all away – and perhaps then raise their own prices when all the competition is gone? This is a story we’ve seen played out before: prior to the inclusion of Internet Explorer in Windows, Netscape charged for its web browser – today, consumers expect web browsers to be free, and although Netscape now is, it never regained a significant amount of the market share that it lost in the battle with IE.

On the other hand, despite the fact that XP users get the Internet Connection Firewall free with XP (upgraded to the Windows Firewall in Service Pack 2), personal firewall brands like Kerio, ZoneAlarm and others are still around and going strong, and users are still willing to pay for good firewall software. Why the difference? The Windows firewall is generally seen as a “better than nothing” but not a sophisticated firewall product, and people want the extra features such as control of both outbound and inbound traffic, more friendly user interfaces and other advantages that they get with third party firewalls.

We all know that Microsoft isn’t the only example of how aggressive “low balling” on prices can crush competitors who can’t afford to operate without making a profit. Large oil companies took a similar approach years ago, driving most of the “little guys” out of the business and locking in their stranglehold on the American gasoline market. Superstore retailers like WalMart have, in some areas, practically eliminated the “mom and pop” local businesses used to dominate Main Street.

If we end up with few or no choices other than Microsoft for security software, the public will have to bear much of the responsibility, though. Computer users have been clamoring for years for more built-in security, and complaining about having to buy additional software to provide that functionality. So you could say that, if competitors are driven out of business, we’re only getting what we asked for. On the other hand, those who didn’t ask for it, and who prefer to buy their security software from companies that specialize in security, may also lose their ability to make that choice.

Tell us what you think on this issue. Can Microsoft can and should do everything, or would you prefer that they stick to what they do best: making operating systems and productivity software? Do you prefer to buy your security software from a third party vendor? Are you willing to pay a higher price for better software or are the basic built in protective mechanisms good enough? Is it a violation of anti-trust laws to offer products at prices that make it difficult or impossible for competitors to compete? Or are you in favor of anyone who offers the lowest price?

Or vote in Sunbelt’s poll: tell us whether you trust Microsoft’s client security vs. traditional AV companies. 

Deb Shinder

As many know, yesterday was the 40th birthday of the Freedom of Information Act, a critical instrument for ordinary citizens and public-interest groups to get disclosure from the government.

Prior to July 4th, 1966, the US Government worked in relative secrecy.  But since the FOIA, things are different.  While certain secrets will never be known, the FOIA at least allows citizens to get some idea as to what the heck is going on in Washington.  It’s an invaluable law. 

Well worth reading is the interesting brief history of the FOIA at the National Security Archive. 

Documents from the LBJ Library show that the normally gregarious President, who loved handing out pens at bill signings, refused even to hold a formal ceremony for the FOIA, personally removed strong openness language from the press statement, and only agreed to approve the bill after the Justice Department suggested the tactic that has become President Bush’s favorite – a signing statement that undercut the thrust of the law.

 This back story behind Johnson’s grudging signature highlights some constants – the government’s resistance to outside scrutiny – and some surprising role reversals, featuring then-congressman Donald Rumsfeld as a FOIA champion and then-White House aide Bill Moyers as a FOIA opponent, at least for a time.

Link here via beSpacific.

Then, on a slightly depressing note, we hear today from the CDT that “many federal agencies are still lagging in their efforts to comply with the law.” Link here.

It’s worth reminding ourselves from time to time that, as Mr. Lincoln so adeptly put it, ours is “a government of the people, by the people, for the people.”  The FOIA is a critical part of this concept and the law as enumerated cannot be allowed to get watered down or circuited by agencies.

 

Alex Eckelberry

This product manager doesn’t want version numbers on his software, because:

when [customers] see  “Version 2.8 (build 448),” they will think that it took us 28 releases and over *four hundred* builds to get right.

Link to the amazing and baffling email thread here.

It’s the height of lunacy, of course. I don’t quite know what to say, except that this fellow is apparently new to the business and is in need of a serious clue-by-four.

What’s even more miserable is that the marketing director chimes in on the email thread with “oh yeah, we have to get rid of version numbers”. 

Needless to say, any PM who did that here would get to wear the latest fashion accessory: the Sunbelt Happy Dunce Cap.

Alex Eckelberry
(Thanks Steve)

 

The PIRT squad has been having a field day with phishing.  The all-volunteer group of phishing terminators has been having a real impact on phishing.  I thought I would share the top brands fished in May with you, kindly provided by my partners in anti-crime, Paul and Robin Laudanski: 

May 2006 confirmed phish (brand plus total count for May):

1. PayPal – 520
2. eBay – 309
3. Bank of America – 37
4. Barclays – 36
5. Wells Fargo – 36
6. Chase – 33
7. WAMU – 28
8. HSBC – 20
9. MasterCard – 18
10. e-gold – 17
11. Nationwide – 17
12. Citi – 16
13. BancorpSouth – 14
14. Postbank.de – 12
15. Halifax – 11
16. NetBank – 11
17. Laredo Nat’l Bank – 10
18. Nat’l Australia Bank – 10
19. Western Union – 10
20. National Credit Union – 9

Link here.

So, here’s to the old PBS appeal — we need more volunteers!  Killing phishing sites is fun and quite satisfying.  Click here to become part of PIRT and help make a difference. 

 

Alex Eckelberry

In an earlier blog post, I complained about the UI changes in Office 2007, and one of my issues was with the fact that you can no longer easily close a window on the upper left side.

Well, thanks to Nathan, I now know this was a social experiment by Microsoft (kind of like Eon8, but subtler).

We removed left-side close as a planned experiment. If people could get used to closing on the right side, we’d be better off because there wouldn’t be two ways of doing the same simple action. Clearly if we were building a new window manager from scratch with no pre-existing users, we would only have one way to close windows.

Link here.

Ok, so it looks like that capability will come back. 

Am I nitpicking?  Of course, because a) I do like to nitpick and b) because it’s a major hassle to break old habits strictly in the interest of a new paradigm.

But it brings to mind another observation:  Old farts like me have have been taught to be left-centric.  After all, pull-down menus are on the left.  Windows close is on the left.  And, of course, we write from left to right (at least in English).  But the user para-diggum people at Microsoft may be involved in a plot to make us more right-centric. 

Observe the new close and refresh buttons on IE 7:

They are on the right.

Hmm…

Alex Eckelberry