The Legacy Sunbelt Software Blog

Ok, I’m a fan of Estonia. The president of that small country was recently here in Tampa, and while I didn’t get to see him talk, I was impressed with what I heard of the country.

Of course, there’s the extraordinary flat tax system (which actually goes down every year). I can only envy it from afar…

And, the country runs like a well-oiled machine compared to other democracies. The country is heavily online, with about 95% of all government activities done through the Internet. There’s no luddite Series of Tubes nonsense going on over there. These people are very hip to the Internets and The Google.

There’s a darker side: About a year ago, the country was nearly brought to its knees by a massive cyberwar. They fought back successfully, and the result is that the country is to become the center of a seven nation NATO cyberdefense center. I can’t think of a more perfect location, frankly.

So on that note, friend and colleague Gadi Evron wrote a detailed analysis of what happened last April. Recommended reading, and you can find it here.

Go Estonia.

Alex Eckelberry

Update: Counterpoint/debate here.

If you’re wondering why your next book purchase is clogged with pamphlets from local businesses, you can thank real estate marketer Carl White.

Here, whispering conspiratorially, he shows how to sneak into a book store aisle and insert personalized business cards into books.

(Direct link if you’re having problems accessing the video, here.)

The idea of angst-ridden real estate salespeople furtively inserting their business cards into real estate books… well, I admit, the image is funny (and sad), even if it is obnoxious as hell.

Alex Eckelberry

Spam keeps changing. I thought I’d anecdotally highlight some recent trends we’re seeing in spam:

– Fake university degree offers appear to be way up.

– A new type of spam which pushes affiliate links. The look is always the same — green link text, simple headline.

This one pushes AdultFriendFinder:

This one pushes an adult site, again apparently using an affiliate ID.

– Malware-pushing spam is still pandemic. Various interesting subject lines, and even resorting to outright begging:

And so on…

– The plague of “me”: Another very popular spam going around these days is an email with an attachment (usually about 40k–50k in size), featuring a picture of this girl:

The spammers don’t put any extension on the file, which is named “me”. However, it is a jpeg format file.

(This is just a baiting tactic to lure the recipient into a scam.)

Otherwise, for the most part, it’s still the same old fake luxury goods and “Cialis/Viagra/cheap meds” garbage, along with the usual extraordinary amount of spam promising the enlargement of a particular male body part.

Alex Eckelberry

According to press reports, Microsoft wants to buy just the search portion of Yahoo. Joe Wilcox rightly points this idea out as being a “lobotomy”.

I admit to being bewildered by this idea on a number of points.  First, how exactly do you separate Yahoo search from the rest of Yahoo’s holdings?  Secondly, how does Microsoft integrate Yahoo with Live?

I was also uncomfortable with Microsoft’s first bid to buy Yahoo, seeing that Microsoft would have to go into a fairly staggering amount of debt (for the first time in its history) to make the acquisition. 

It’s not that I really care what either company does, but it always bugs me when something doesn’t make sense.  Maybe I’m just not getting the whole picture. Anyone smarter than me want to ‘splain it?

Alex Eckelberry

Path Intelligence (featured last December in TechCrunch) makes a technology that monitors cell phone use to develop traffic patterns for malls. Basically, they install a few boxes in a mall, and then the mall owner can track cell phones by signal triangulation as shoppers walk through the mall.

The ostensible use is to to view traffic patterns. The company has been around for a couple of years and is now starting to get traction in the UK, with two malls using it, and three more on the way in the coming months.

They track by IMEI code, which is theoretically anonymous (except that one can match an IMEI code to a person’s real identity through the subscriber’s phone company, an area where there is still some legal fuzziness from a law enforcement perspective).

Here’s an example UI screen:

You can watch a demo of the technology in action at the company’s website, here.

The Times recently wrote about the technology, quoting the UK Government as having given “cautious approval” of this technology:

The Information Commissioner’s Office (ICO) expressed cautious approval of the technology, which does not identify the owner of the phone but rather the handset’s IMEI code – a unique number given to every device so that the network can recognise it.

But an ICO spokesman said, “we would be very worried if this technology was used in connection with other systems that contain personal information, if the intention was to provide more detailed profiles about identifiable individuals and their shopping habits.”

Your thoughts?

Alex Eckelberry
(Hat tip)

Fake codecs typically push for a special “Active X” or “Codec” install.

Here’s one trying to tell the user they are missing Flash.  Notice how convincing it is:

What’s actually pushed is the trojan MediaTubeCodec.

(In case you’re wondering, Flash is certainly installed on that system.)

Alex Eckelberry
(Thanks, Patrick Jordan)

Word is going around that Zango might be in bed with the distributors of Storm. I have a great deal of respect for the people behind this speculation. However, I would offer a cautionary note.

After years of tracking Zango/180, etc., we have a really hard time believing that Zango would knowingly work with distributors of Storm. While there’s no love between us, they’re not complete idiots, and they know that if they got caught they’d be in serious trouble with the FTC.

I hope to get more up on this issue later today, time permitting.

Alex

Update: The Trend blog post has since been modified to reflect a more cautious tone.

Mildly interesting (albeit fairly basic) 10-minute presentation by Matt Cutts of Google on blackhat SEO, splogging, etc.

(If you’re having trouble seeing the embedded image, the direct link is here.)

More here at Matt’s blog.

Alex Eckelberry

We’re known for our pursuit of science here.  So I thought I’d bring back a couple of old experiments for your weekend viewing pleasure:

This experiment was an attempt to determine what happens when you put a felt tip marker in the microwave.

And, here’s one where we determined what happens when you drop 50 pounds of silly putty from six stories high.

I hope to put some pictures up soon of another project we’ve been involved in — we bought an 80’s vintage SDI laser a while back, but it’s taken forever to get the thing to work.  This is a very, very large and powerful laser, made for shooting down large objects (e.g. missiles, that sort of thing), so it hasn’t been a trivial task.  We figured we’d use it to shoot products purchased through spam or something.  Hopefully I’ll get some pics up sooner or later.

(It should be noted that Sunbelt’s experiments are always safe, non-toxic and highly respectful of animals, etc.)

Alex Eckelberry

I know, I’m late on this story, but I figured I have to give both sides of the CCTV story:

Unable to afford a proper camera crew and equipment, The Get Out Clause, an unsigned band from the city, decided to make use of the cameras seen all over British streets.

Brilliant.

Link here.

Alex Eckelberry
(Hat tip)

iPowerWeb is getting better than they used to be in terms of hacked sites, but they still have problems. Monday, I wrote about DNS hacks they still have problems with (which Micheal Horowitz was kind enough to mention).

Some brief research shows the following iPowerWeb accounts hacked (most should still be live):

voyageofwhisper,com
toysnsilk,com
tnrnelson,com
stevenlin888,com
samplesofserenity,com
reviews-reviews,com
regulatory-compliance,com
pieinear,com
palmhaven,org
mohrfamily,com
midwestwrecker,com
magiciansmarket,com
jonathanfricke,com
jerniganhouse,com
gogosportingnews,com
enshunada,com
endofendo,com
dlar,us
dealindaddy,com
confessionsrus,com
angeleyes03,com
allvisualsigns,com

The typical format for the hack is (5 character string)/adult/adult_12.html, which leads to a page pushing malware. So, confessionsrus,com/cqbku/adult/adult_12.html might show a page like this:

or this

or this

(Incidentally, these pages are only accessible through a Google search, you don’t get anything if you just go to the page itself.)

Alex Eckelberry

Vietnamese language pack for Firefox embedded with adware.

Because of a virus infection, the Vietnamese language pack for Firefox 2 was polluted with adware, Mozilla security chief Window Snyder said in a blog posting. “Everyone who downloaded the most recent Vietnamese language pack since February 18, 2008 got an infected copy,” she wrote. “Mozilla does virus scans at upload time but the virus scanner did not catch this issue until several months after the upload.”

Link here.

Alex Eckelberry

Pushes AntiVirProtect.

Alex Eckelberry
(Thanks for pointing it out, Baz)

This is surreal. Gas is now so expensive that some older pumps can’t display the prices.

Just like computer engineers couldn’t imagine that their little machines would last until Y2K, the mechanical engineers who designed these pumps back in 1995 when gas was the equivalent of $1.60/gallon apparently couldn’t imagine a day in 2008 when dead dino juice would be this expensive. Unfortunately for customers who patron stations with this antiquated equipment, they aren’t getting their fuel for the price advertised on the pump. Rather, the state’s Weights and Measures program is giving these businesses extra time to upgrade or replace their pumps as long as the actual price of gas is clearly displayed and customers get an explanation of what’s going. For now they’re doing it the old fashioned way, by multiplying the gallons pumped by the price on the sign.

Link here (via TTAC)

Alex Eckelberry

Susan Gorman is our anointed Install Goddess (in other words, she writes the installers you see for all of our products, a task that is actually far, far more complex than one might think).

She runs a great blog on install and configuration management. If you’re involved in this field, I would recommend adding it to your feed.

The blog is located at www.gormanonline.com/blogs/msidle.

Alex Eckelberry

We’ve been nominated as a finalist in the Red Herring North America Top 100 awards.

Propoganda here.

Alex Eckelberry

For those who have argued on this blog that CCTV cameras help make the UK safer, the Guardian today reports that CCTV’s actually don’t work to reduce crimes, despite enormous cost, and enormous intrusions on personal privacy. This is not new news — the British Home Office said this years ago, despite the expense of these cameras.

Let’s hope that this is noticed in the US, where the trend is going toward more CCTV cameras, not less.

However, the UK is now looking to invest more in CCTV technology, specifically in automated intelligence. Unfortunately, this will invariably create false positives — imagine being stopped after crossing the street, asked for identification, searched and then let go, because an image match flagged you as someone who looked like a criminal.

Massive investment in CCTV cameras to prevent crime in the UK has failed to have a significant impact, despite billions of pounds spent on the new technology, a senior police officer piloting a new database has warned. Only 3% of street robberies in London were solved using CCTV images, despite the fact that Britain has more security cameras than any other country in Europe.

The warning comes from the head of the Visual Images, Identifications and Detections Office (Viido) at New Scotland Yard as the force launches a series of initiatives to try to boost conviction rates using CCTV evidence. They include:

· A new database of images which is expected to use technology developed by the sports advertising industry to track and identify offenders.

· Putting images of suspects in muggings, rape and robbery cases out on the internet from next month.

· Building a national CCTV database, incorporating pictures of convicted offenders as well as unidentified suspects. The plans for this have been drawn up, but are on hold while the technology required to carry out automated searches is refined.

Link here.

Alex Eckelberry
(Hat tip)

When I first ran SiteAdvisor (back when it was Chris Dixon and a couple of other people, with Ben Edelman lending a hand), my first thought was: A search company is going to buy this.

Well, it turns out that McAfee bought it instead. Yesterday, however, McAfee announced a deal with Yahoo to have search results filtered through SiteAdvisor.

This is a very, very good idea. And, of course, it’s beneficial for McAfee, building brand name awareness.

The major issue I see is false positives, which SiteAdvisor has had problems with in the past, and will put both companies squarely in the sights of upset webmasters. The StopBadware initiative(arguably Google’s only similar offering) battles with upset webmasters on a regular basis, and they have a false positive rate that is arguably non-existent (because their warnings are only based on real malware being on a website, not allegations of spam, etc.). Nevertheless, I’m sure both companies will work through these problems.

As an interesting side note, the current Zango vs. Kaspersky battle may have some bearing here. In its appeal, Zango is arguing that Kaspersky is not acting as an “Interactive Computer Service”:

…Thus, a computer service is “interactive” if it enables people to access the Intenret or access content found on the Internet. Kaspersky does neither of these things and therefore is not an ICS [ed: An Interactive Content Service as portrayed in the Communications Decency Act]. Text here (2.1mb download).

In the Amicus brief that we are a party to, this objection is answered (see page 19 of the brief). However, Zango has backed itself into a corner, because they just defined an Interactive Computer Service as, basically, Yahoo. So I don’t see them having much of a leg to stand on in any fights against Yahoo or McAfee in this regard.

At the end of the day, this is a deal that ultimately benefits the consumer. And that’s ultimately the most important thing we can do as an industry.

Alex Eckelberry

A new Merrill Lynch phish is hitting the rounds, with a dangerous payload.

The phish typically looks something like this:

Subject lines include “New ML Business Centre Login Page”, “Merrill Lynch Business Centre with new Login Page?” and “Merrill Lynch Business Centre Website changing marketing process.”

The phish points to a website which pushes a new “certificate” that is needed.

The “Certificate” is a variant of Papras, a data-stealing trojan. However, don’t expect it’s only Merrill Lynch. We believe that this trojan is being used in a similar Colonial Bank scam, and there are likely others.

Alex Eckelberry