Another Spectrum

Personal ramblings and rants of a somewhat twisted mind


8 Comments

Pastafarian rights

That’s not a spelling mistake. I really do mean Pastafarian. For want of something better to do (my concentration has been off recently), I was wandering about on the internet and stumbled upon the U.S. State Department web site, and out of curiosity, looked up what that esteemed department had to say about Aotearoa New Zealand.

Most was kind of boring but some snippets did stand out. This one into their 2018 report on religious freedom in NZ made me smile:

In March an Auckland secondary school student stated that his school did not allow him to wear a spaghetti colander for his school identity photograph, contrary to his religious beliefs.  The student is a member of the Church of the Flying Spaghetti Monster, otherwise known as Pastafarianism, which is a legally recognized religion in the country.  The student stated that he contacted the HRC over the incident but had accepted the school’s decision for the time being.

HRC is an abbreviation for Human Rights Commission, an independent authority that reports to Parliament, not the government. So all you Flying Spaghetti Monster worshipers, if you are looking for somewhere where your religion is recognised (one school excepted) then this is possibly an ideal spot.

By the way, did you realise that in 2001, approximately 1.5% of the New Zealand population claimed their religion as Jedi? That’s the highest per capita population of Jedi in the world. It’s been falling steadily ever since. Which is a shame. I much prefer “May the force be with you” than “God bless”. It has a more dramatic ring to it, don’t you think?

Advertisements


1 Comment

Come on then, I dare you…

I am reasonably tech savvy. I worked in the I.T. industry for 35 years providing technical support in the banking and retailing sector, and although I retired from the industry almost 20 years ago, I have retained an interest in it, and in computing in general.

So when my Spam filter catches an email such as the one below, I sigh, knowing every claim made is absolutely false. I don’t need to fear that there might be a chance that what I view online will be disclosed to anyone I might (or might not) know.

While I prefer to keep my online browsing preferences private, there is nothing that would be terribly embarrassing or worse if others were to discover them. And to ensure that I don’t stumble across websites I’d rather not see, my home network makes use of DNS filtering through OpenDNS.

It’s not perfect. I stumbled upon copies of the Christchurch shooter’s live streaming of the event when it appeared on popular social media sites in the days after the incident, even here on WordPress. But for me personally, I appreciate the high level of selective filtering it provides, so the chances of any user on my home network being able to view an online pornographic video are remote.

Leaving aside the remote possibility of anyone watching porn from my home network, let alone my computer, and for the benefit of the scammer, here’s why the email can safely be ignored:

Hello,

Hello to you too. If you had access to my computer as claimed further below, I’d expect you to know my name, and to use it to prove the legitimacy of your claim. Using a salutation without my name is the first indication that you really know nothing about me

As you may have noticed, I sent this email from your email account (if you didn’t see, check the from email id). In other words, I have fullccess to your email account.

No you didn’t. Spoofing the from address is an extremely simple and trivial process. Every email client (even Outlook Express)  provides an easy means of doing so. Besides, a quick check of the email header, provides all the information I need to know that the message originated somewhere other than my own email account. In this particular case you relayed your email via a Yahoo mail server located in the USA.

I infected you with a malware a few months back when you visited an adult site, and since then, I have been observing your actions.

Really? Even on the very remote chance that I accidentally came across an “adult” site and that the site contained malware you had inserted, the odds of it being code that could infect my computer are orders of magnitude smaller. I don’t use a popular Web browser and I don’t use a popular operating system. While no operating system is perfect, any vulnerabilities discovered in Linux are patched almost immediately. This is one of the advantages of using an open source operating system. So unless your code is targeted specially towards Linux, and is using some as yet unidentified vulnerability that you discovered more than a year ago, it’s simply not possible to install malware at the operating system level.

The malware gave me full access and control over your system, meaning, I can see everything on your screen, turn on your camera or microphon and you won’t even notice about it.

Even in the extremely remote chance that malware has been installed, and that it had managed to gain root access when my logon user ID hasn’t, nor do any of the applications, including web browsers, have root access, your claim that the malware was capable of manipulating my camera and microphone is laughable, You see, there needs to be a camera or microphone for you to manipulate. There isn’t. But ignoring that inconvenient truth, shall we continue?

I also have access to all your contacts.

Aside from having access to a nonexistent camera, your malware, you would need to have an intimate knowledge of my operating system, and the software installed. Your malware would have to know what software I use for my contacts and where on the system the information was stored. Give me that information and I might believe you.

Why your antivirus did not detect malware?
It’s simple. My malware updates its signature every 10 minutes, and there is nothing your antivirus can do about it.

As I run Linux on my computer, I have no need for antivirus software. You also clearly don’t understand what a signature is. It is not something within your malware. It’s something antivirus applications create from information gleaned from malware. It doesn’t matter how much your malware modifies bits of its code, the antivirus folk are clever enough to figure out how the modifications are made and build in a suitable method of identification. And as you have been sending me identical messages for more than a year, I have every confidence that if in fact there was any malware at all, every antivirus application would have long ago figured out how to identify it. So I have every confidence that even if I did run a version of Windows or MacOS, which I don’t, I would be well protected by any antivirus program I chose.

I made a video showing both you (through your webcam) and the video
you were watching (on the screen) while satisfying yourself.
With one click, I can send this video to all your contacts (email, social network, and messengers you use).

I’m rather fascinated by your claim. In fact I look forward to viewing said video. I’ve looked and looked, but for the life of me, I cannot find this web cam. Can you enlighten me?

You can prevent me from doing this.
To stop me, transfer $989 to my bitcoin address.
If you do not know how to do this, Google – “Buy Bitcoin”.

My bitcoin address (BTC Wallet) is 1Hmn2KAK2Z3VjkpMz26nmh9KVAV6KqYiYp

If you have access to my computer, could you not have simply accessed my bank account and my credit card details?  The username and password for my online banking are stored in encrypted form within my web browser and surely it would be a trivial matter for you to obtain it, especially if you have access at the operating system level. You wouldn’t even need to decrypt the password. With your supposed knowledge it should be a trivial exercise to fool the browser into decoding it for you.

After receiving the payment, I will delete the video,
and you will never hear from me again.
You have 48 hours to pay. Since I already have access to your system
I now know that you have read this email, so your countdown has begun.

As it’s been close to 9000 hours since I received your first email, and I have received around to 200 subsequent messages, why should I believe this 48 hour deadline is any more final than all the others? It’s quite obvious that you have no idea whether or not I have read your message. The most common technique for knowing if an email has been read is by embedding web link to a transparent 1 x 1 gif. My email application does not display linked images by default. I have to explicitly enable it for each message. The other common technique is to include a flag requesting an acknowledgement when an email is read. My email application is configured to never send an acknowledgement. Besides, I read the contents of your email from within my online Spam filtering system control panel, which, not being an email client, can not open links nor send acknowledgements.

Filing a complaint will not do any good
because this email cannot be tracked.
I have not made any mistakes.

You fail to understand how emails are sent. I can tell exactly the last server and location that the message passed through before it arrived at my mail server (yes, I have my own mail server). Armed with that information and the cooperation of email server hosts, I can track the message to a vpn and beyond, or to a compromised computer. I’ll concede that I’m unlikely to find your identity, but that’s of little concern.

If I find that you have shared this message with someone else, I will immediately send the video to all of your contacts.

Well, as you can see I have shared it. Come on then, send the video. I dare you.

Take care

Of what?

Some further details for those still reading: Some of the messages contain a username and password that I possibly did use many years ago, but not in the last ten years. Over the three decades that I have had online access (does anyone remember NCSA Mosaic?), I have been notified a few times that a website I use has been hacked and and there’s a remote chance that user credentials might have been compromised. This is the most likely source of the user credentials included in some of the scam attempts. In most cases, they have been sites that I had stopped using, but even in the two cases where I am still an active user, I’m not particularly concerned.

You see, I never use the same username and password on more than one site. Yes folk, I’m one of those nerds that use a different user ID and password for every website, and for every computer login. Perhaps I’m fortunate in that I also own several domain names, and can create an unlimited number of email addresses. So even though a great many websites now require an email address as the user ID, I can still create a unique email address/user ID for each and every site.

What the scammer probably doesn’t realise is that every Spam filtering system worth its salt, now recognises such messages as Spam, and will have done so for many months. The intended recipient is unlikely to even see these blackmail attempts.


8 Comments

Believe the Internet

I’ve always known the Internet to be a rich and accurate source of information. Today it revealed something that I wasn’t aware of, or had forgotten:

I have a PhD in history.

I don’t actually recall studying for it, but according to this test, my 100% correct result came about because of my education level; that being the said PhD. As more than half the questions were about American history, I presume my thesis was related to that, or perhaps I studied in an American university. I have no recollection of either, but a perfect score is unequivocal evidence of my great intellect.

Now where did I put my certificate and my thesis?


Leave a comment

Sweet as bro… but sexiest?

We are all deeply honoured at the title, but seriously, we’re not convinced. In fact you could say that we’re incredulous about the fact that a survey of 1.6 million people worldwide found Nyuzild (or Newzild) is ranked number one. Especially when most Kiwis would place it well outside the top ten rankings(but still above Afrikaans and Strine).

What am I referring to? It appears a survey of 1.6 million people in more than 60 countries worldwide conducted by Travel website Big 7 Media voted the Kiwi accent the world’s sexiest. I mean you’ve got to be kidding, right? Surely the French and Italian accents are in a different league from those of Aotearoa New Zealand, South Africa, or Australia?

But in case I’ve got it wrong, here’s some sexy film scenes dubbed with the Kiwi Accent. I can’t say it’s an improvement:

Perhaps, as pointed out by socio-linguist Miriam Meyerhoff in a NewstalkZB article, the awareness people have about New Zealand and people’s attitudes towards the other things that are seen as being iconic in New Zealand, such as natural beauty and its remoteness have probably been more influential than the sounds of our voices, especially as the Kiwi accent is often confused with that of Australia. That to me seems a more rational explanation than the way we sound. What do you think?

Chur bro.


1 Comment

Brain farts

I’m now at the age where very occasionally I have momentary lapses of memory. Whether one calls them senior moments or brain farts doesn’t really matter, but usually they are moments I can laugh at, even at the time they occur.

I haven’t got to the stage where I might end up (as in this clip) “I had hair growing out real thick but Lord it was too stiff to comb”, because I still have no need for either. You’ll have to watch the video clip to find out what Golf Brooks is referring to. But who knows what the future may hold…


1 Comment

What’s to commemorate?

Periodically I check through quarantined email just to ensure no legitimate email has been identified as Spam. Among the usual sex aids, and fake medicine, invitations to infidelity, get rich schemes and attempts at identity theft was this one:


Selection_029


Commemorative: acting as a memorial of an event or person.
Memorial: an object which serves as a focus for the memory of something, usually a deceased person or an event.
Memory: something remembered from the past. The remembering or commemoration of a dead person.

Simply by sending the email, they are breaking NZ law as unsolicited electronic messages are illegal here. Besides, why they would think that anyone with a .nz email address would be in the slightest bit interested in the Donald let alone want to purchase a “free” coin is beyond me. But the fact they call it a commemorative coin makes me ask:

Is there something they know that we don’t?


8 Comments

I blame the Aussies

Even though the distance between Aotearoa New Zealand and Australia is the same as the distance between England and Greece, Australia is our nearest neighbour. But honestly, who would have them?

Like a big bullying brother, they claim they like us, but take things for themselves that don’t belong to them such as Phar Lap, the pavlova, the lamington, ANZAC Biscuits, the Flat White, Mānuka honey, Split Enz, Lorde, Keisha Castle-Hughes, Rachel Hunter, Keith Urban and Russell Crowe (scrub Russel, they can keep him – he’s kind of an embarrassment).

They even claim the kiwi originated in Australia whereas in fact its closest relative is the now extinct Elephant bird of Madagascar. The Australian constitution even includes New Zealand as a state of Australia. Section 6 of the Commonwealth of Australia Constitution Act says:

The States shall mean such of the colonies of New South Wales, New Zealand, Queensland, Tasmania, Victoria, Western Australia, and South Australia, including the northern territory of South Australia, as for the time being are parts of the Commonwealth, and such colonies or territories as may be admitted into or established by the Commonwealth as States; and each of such parts of the Commonwealth shall be called a State.

And of course they’re not above cheating if it means they get the upper hand such as in the underarm bowling incident and ball tampering. So what have the Aussies done this time?

They got bored with their heatwave, so they sent it our way.

Look, if they choose to cover most of their continent with a hot desert, then they are bound to get ridiculously hot days during summer. But when temperatures reach the high 40s and low 50s (Centigrade), it’s not acceptable to send it our way. While the journey across the Tasman Sea does cool it off somewhat, us Kiwis are not used to temperatures above 30°C (86°F). We can manage the occasional day that hot, but a week of it is too much to bear.

Over the past week every day has peaked at over 30°C. That’s just not on. On three days, my indoor/outdoor temperature gauge has recorded temperatures exceeding 36°C, the highest being 37.9°C (100.2°F). Hey Australia! Come and take your heat back!

Orchardists are having to dump tonnes of apples as they are finding them literally cooked on the tree. Railway lines are being forced to close due buckling tracks and failing overhead wires. Roads are melting in the heat. And I’ve resorted to closing all the doors and windows, and switching on the heat pump. In Aotearoa New Zealand, heat pumps are optimised for moving heat into the home. They don’t work so well in reverse cycle pumping heat out. With the heat pump running at maximum, we can keep the interior down to 27°C (80°F) or below, but even that is above my comfort level.

On the other hand, the wife is enjoying the heat. She commented to me this morning how nice it is to have a proper summer just like she used to have in her homeland of Japan. “Bloody foreigner” I thought, but I held my tongue. Had I not, I would have been in an even hotter situation!


4 Comments

Oh no! My router’s been hacked!

Or so says a Spark (my telco and Internet provider) technician who phoned me a short while ago. I’ve had several phone calls a day over the last week from a variety of South Island phone numbers, but invariably, either the caller hung up as I answered, or did within a few seconds. Today one of those callers made a successful connection. The call went like this:

Tech: hello sir. I am [name unrecognisable] from Spark technical support.
Me: Hello. What can I do for you?
Tech: We are calling you because there is a problem with your router. Do you understand?
Me: I understand what you are saying. Why do you think it has a problem?
Tech: I’ll show you. Look at the lights on your router. Are any of them blinking?
Me: Just a minute while I go look. It’s in the next room. Hang on a mo. [pause of around 30 seconds] Yes, several lights are flashing.
Tech: Can you tell me which ones are blinking?
Me: Hang on a bit will you, I didn’t note down which ones. I’ll just grab a a pen and paper and be back in a jiffy. [Quietly] Now where’s a pen that works? [short pause, then louder] Got them, Back in a second. [40 seconds of silence] Are you there? The lights that are flashing are Internet, W L A N, L A N 2, L A N 3 and L A N 4.
Tech: OK sir. Do you know what the WLAN light is for?
Me: Please, tell me.
Tech: WLAN stands for “Wireless Local Area Network”. Someone is using your wireless connection without your permission. That blinking light is an alarm saying that the wireless network has been hacked.
Me: Oh dear. How do I fix that?
Tech: That’s why we’ve called sir. I’ll just transfer you over to one of our router specialists who will lead you through some simple steps to solve the problem. Just wait a minute while I transfer you.
[30 second pause]
Tech2: Hello sir, I’m Gerald [or perhaps Gerard?] from the Spark specialist support team. Do you understand why we have called you?
Me: I think it’s because someone is using my wireless router without my permission.
Tech2: That’s right. But I’m here to help you fix that. Someone has hacked the router so that they can do all sorts of things without you knowing about it, and that flashing light is a warning. You should have reported it you know. It will only take a moment to fix if you follow my instructions. Can we go ahead and do that now?
Me: Sure.
Tech2: As you may understand, a router is digital appliance, and as it doesn’t have its own screen or keyboard, we need to communicate with it by using another device such as a computer or laptop. Do you have one of those?
Me: Yes I have a computer.
Tech2: Good Turn it on please.
Me: Just a minute. [Another 30 second pause] Ok it’s on.
Tech2: That’s great. Is it a Mac of a Windows computer?
Me: How do I tell?
Tech2: There should be a brand name or logo on the computer. Can you tell me what it is sir?
Me: It says “Dell”.
Tech2: It’s probably a Windows Computer, but just to be sure, do you see a button with “CTRL” nearest yo you on the extreme left of the keyboard?
Me: Yes.
Tech2: Does the button to the right of it have a Microsoft Windows logo on it?
Me: What does the logo look like?
Tech2: It looks like a wind with four panes of glass.
Me: Yeah. It does look a bit like a window.
Tech2: That confirms it’s a Windows computer. So this is what I want you to do: Hold down that Windows button and hit “R”.
Me: Done that.
Tech2: Did a window pop up?
Me: Yes.
Tech2: OK. Now type in C for Charlie, M for mother, D for Doctor.
[pause while I type s.l.o.w.l.y.]
Me: Done that.
Tech2: now hit Enter and tell me what you see.
Me: Exactly the same as what was there before I pressed Enter.
Tech2: Can you tell me what you had typed?
Me: C for Charlie, M for Mike, D for Delta.
Tech2 [with some hesitation]: Um… That’s right. [pause] And you say nothing happened when you hit enter?
Me: Well, I didn’t exactly hit it, but I did press it firmly.
Tech2: I see. It looks like the hackers have done more than hack you router. We’re going to have to get into this more deeply. But don’t worry, we’ll put an end to those hackers, although we will have to do a bit more at our end first.
Me: I see. What do I do now?
Tech2: We’ll make some preparations, then would it be OK to call you back between 9 and 9:30 tomorrow morning?
Me: Sure, I’ll make sure I’m here.
Tech2: That’s great. I’ll call you back between 9 and 9:30. Goodbye, sir.
Me: Goodbye.

I’m looking forward to tomorrow. What they don’t know:

  • For 35 years, I was an engineer for a major international I.T. Company, and for most of that time specialised in networked systems in the banking and retail sector.
  • Our home network consists of Linux and Android devices only (plus a Kindle). There isn’t a Windows device in sight, and hasn’t been for more than 10 years.
  • I know they are scammers.

If I’m in the mood, I like to string these pricks along for as long as possible. The last few times, I haven’t been, so I’ve asked them to quote my Spark account number, and of course they were unable to do that. I invite them to call me back when they have it, but for obvious reasons they never do.

In (Not) Windows Support Desk I relayed a similar incident, although this time I look forward to my role play as a less than savvy senior Internet user. After all, they are role playing at being support personnel, so it seems only fit and proper that I play an appropriate role for them. I am impressed with their apparent courtesy. Being addressed as “Sir” all the time, might be flattering to some people, but I know it’s simply because they have no idea what my name is. I wonder what term they’ll use when they eventually discover I’m playing with them.

I’m not confident that they will call back tomorrow morning, but I really hope they do. The longer I keep them tied up, the less opportunity that have of doing real harm to someone else. It’ll be my good deed for the day.