Post Feed
Comment Feed

About Me

My MP3 Player

Dream Theater - Octavarium John Petrucci - Suspended Animation Moby - Play: The B Sides Dave Matthews Band - Under the Table and Dreaming

New Comments

2017 Archives

July All Archives...

Blog Archives for July 2007

Recent WTFs

Friday, July 27th, 2007 - Comments (1) in Email, Life, Work

Rachelle got me a watch for our 1 year anniversary, but it needed to have a couple of links taken out of the band to fit me. No problem. Under normal circumstances I would have done it myself, but since we moved, I can't find anything, including tools I would use to take the pins out. We brought it back to the place she bought it from to have them do it. When we got to the counter the woman said that the only person who does that is on a lunch break (at 7:00pm) and would be back in an hour. So my first thought is wondering why they only have 1 person that can do this? It's not rocket surgery.

So while we were waiting for the lone watch-band-link-remover to come back from lunch, we walked around to a few other stores that size watches. They generally all want $14 and like 20 minutes to take a link out of a watch band! It probably takes maybe 5 minutes to do this and at $14, that equates to something along the lines of $168/hr! Absolutely ridiculous.

I wanted to take some pictures of the new kitchen faucet I installed last week, but the batteries in my camera were dead. Rachelle then informed me that she bought an 8-pack of "Super Heavy Duty" Sunbeam brand AA batteries for $1 somewhere. After laughing for a while and wondering how useless these batteries were probably going to be, I joking said, "If I can get 3 pictures out these batteries, I'll be impressed." I only got 1 picture! At least they'll work well in remote controls.

This week at work our CFO was complaining that she wasn't getting an email from M&T Bank when she requested her password. I checked in to it, and their email wasn't getting caught by a spam filter, it was getting rejected due to a sanity check. Basically email connections to Harley are checked to make sure they conform to the standards. Many spammers use shitty custom software that doesn't conform to SMTP standards, so rejecting weird looking connections is almost always safe. Except when it comes to M&T. I was kind of astounded that a national (maybe even global) bank can't get their shit together and just follow published guidelines and standards. It makes me wonder about the settings of their other IT services. I'd like to think things like their databases of bank account info are securely set up, but who knows...

Games 5 and 6

Thursday, July 19th, 2007 - Comments (0) in Life, Softball

Two Sundays ago was game 5. This one was awesome, we won 12-7 or something like that. It was one of those games where we were ahead basically the whole time. We played really well too, not many errors. It wasn't that the other team was bad, they were actually pretty good. One of Rachelle's good friends Chris joined the team and played for the first time in a very long time in this game. She was awesome in the outfield, she caught everything that came near her. She was a welcomed addition because she is really good at softball, but more importantly she would actually show up the games. A few times we've had trouble getting enough girls to show up just to play, even though more than enough signed up originally.

Game 6 on the other hand was a complete disaster. We played that Agatina's team yet again and they killed us 10-4. We got two runs in the first inning, I scored 1 run in the last inning and I wasn't really paying attention when the other run was scored. We were at a serious disadvantage from the get-go because a few of our really good players weren't there. Our pitcher has a hurt knee, and the other guy that pitches was out of town. We were also missing a few of our good girl players also. The circus came back to town during a couple plays this game too unfortunately. By 'the circus' I mean a seemingly never ending string of fielding errors which results in countless extra bases and runs for the other team. Someone gets the ball and overthrows, then the next person fumbles around and overthrows again at the next base. This process usually repeats for what seems like an eternity until the anguished screams of "hold onto the ball!!!" are heeded. And if that wasn't bad enough, they intentionally walked the only guy on our team that can consistently hit far into the outfield. They didn't even pitch to him; he got up to the plate and their coach was like "we're walking you". Now I can see pulling some chicken-shit maneuver like that if the score is tied or close and near the end of the game, but they did this when they were like 7 runs ahead of us! AND there was either nobody or like 1 person on a base at the time. It was absolutely ridiculous, especially considering they had about 4 or 5 gorillas who can all smack the shit out of the ball, but they felt the need to walk the 1 guy that could hit like most of them. Any respect I had for this team is officially gone.

Year Old Cake

Monday, July 16th, 2007 - Comments (2) in Life, Wedding

This past Sunday was Rachelle's and my one year anniversary! Of course we saved what ended up being half of the top layer of our wedding cake and had some on Saturday. It was kick ass! Rachelle packaged it up so well it would've survived a nuclear holocaust. We had the recently thawed cake the day before because the place we bought the cake from, Muscoreils, made us a new top layer for us to have on our 1 year anniversary. We had to drive out to Wheatfield on Saturday to pick it up, but that's ok, it was fantastic. We spent Saturday afternoon at Rachelle's parent's house, and then came back to Rochester to go out to dinner.

We went to Pomodoros for dinner on Saturday instead of Sunday because I had a softball game around dinner time. Pomodoros was great; the food was awesome, we had a table right in the center of everything (we could watch the cooks make everything and it was a good people watching spot) and we only had to wait like 30 minutes to be seated.

Ecard Spam

Friday, July 6th, 2007 - Comments (2) in Computers, Email, Life, Nerd Stuff

I recently received a few particularly nasty spam emails that were masquerading as ecard notifications. Basically when you send an ecard the recipient is emailed saying they have a card and to click on some link to retrieve it. These messages operate the same way, only the url links to some zombie cable/dsl computer and serves some sort of nasty software.


Return-Path: <refn@chilehardware.com>
Received: from router.pogodanet.pl (router.pogodanet.pl [85.14.84.214])
     by joereid.com (*****) with SMTP id l645CkBd011052
     for <joe@evi***rv.com>; Wed, 4 Jul 2007 01:12:47 -0400
Received: from kkgtt.rtkoa ([173.195.226.159]) by router.pogodanet.pl 
     with Microsoft SMTPSVC(6.0.3790.0); Wed, 4 Jul 2007 07:12:43 +0200
Message-ID: <002101c7bdf9$f3984ee0$9fe2c3ad@kkgtt.rtkoa>
From: "netfuncards.com" <refn@chilehardware.com>
To: <joe@evi***rv.com>
Subject: Independence Day Party
Date: Wed, 4 Jul 2007 07:12:43 +0200
MIME-Version: 1.0
Content-Type: text/plain;
     format=flowed;
     charset="Windows-1252";
     reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4133.2400
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
X-Antivirus: avast! (VPS 000753-2, 2007-07-03), Outbound message
X-Antivirus-Status: Clean


Hi. Friend has sent you a postcard.
See your card as often as you wish during the next 15 days.

SEEING YOUR CARD

If your email software creates links to Web pages, click on your 
card's direct www address below while you are connected to the Internet:

http://***.83.87.181/?1d7d41977bc649ea95523893748a

Or copy and paste it into your browser's "Location" box (where Internet 
addresses go).
     


PRIVACY
netfuncards.com honors your privacy. Our home page and Card Pick Up have links to our 
Privacy Policy.

TERMS OF USE
By accessing your card you agree we have no liability. 
If you don't know the person sending the card or don't wish to see the card, 
please disregard this Announcement.

We hope you enjoy your awesome card.

Wishing you the best,
Mail Delivery System,
netfuncards.com

Lets take a second to analyze this email. The first "Received:" header mentions "router.pogodanet.pl"; email doesn't come from routers. This must refer to some little cable/dsl router that his hiding a bunch of PCs behind it. One (or more) of them is probably a zombie. Then check out the "from" header, it mentions netfuncards.com, but the actual email address is something at chilehardware.com.

In the body the first thing you probably notice is the articulate use of the english language, always a dead give away. Then the URL they want you to click on contains just an IP address, not a hostname. I covered up the first number so nobody mistakenly clicks on it, but the IP belongs to a southern California residential Roadrunner customer. They also specifically mention privacy, saying the policy is available on their website, but no links are provided.

Being the curious nerd that I am, of course I followed the link (minus the query string) to see where it goes. I used a program to fetch the source code of the page rather than looking at it in a browser, just in case there was some nasty code in there that my browser would activate. This is what I got:

We are currently testing a new browser feature. If you are not able to view this ecard, 
please <a href="/ecard.exe"%gt;click here</a> to view in its original format.

So it basically is prompting me to download some executable program that will most likely own-up on my computer. Since this kind of thing is always about money, I'm sure that ecard.exe program turns your computer into a zombie (spamming this same email out and serving "ecards" itself) and most likely records everything you do, your passwords, bank and credit card numbers and steals your identity.

This is a great example of how effective social engineering can be. Who doesn't like receiving ecards, nobody! Add to that the fact that it was sent on an actual holiday, though not really a big card sending holiday, I'm sure a lot of people got these spam messages and clicked on the links.

Game 4

Tuesday, July 3rd, 2007 - Comments (2) in Life, Softball

Meh, we lost again. We were tied 6-6 (again) when the home team was on their last time batting. All they needed was 1 run to win, and they got it...along with 2 extra runs. This was that Agatina's team from game 1. We've beaten them before, and I really thing we should have won this one too. We were short people, had some outfield-related difficulties and the umpire made some extremely questionable calls that all contributed. For instance, I was playing first base for a few innings and on one particular play the ball was hit on the ground to the shortstop who got it and threw to me. It hit my glove way down by the bottom resulting in my dropping it. I bent down and picked it back up while standing on the bag the whole time. The batter was about 6 or 8 feet away from me after I had picked up the ball and the umpire called him safe. It was ridiculous.

It didn't even look like we would be able to play this game because we were going to be short on some girls. As it was, someone's mom had to fill in a spot. I find that really annoying, not that a mom had to play (I'm very grateful she could because it prevented us from forfitting), but that so many people signed up to play and nobody shows up. We try to have a practice once a week, and last week it was just the team captain and I who showed up. I realize it's summer and people go on vacation and such, but I can think of a bunch of people who said they were going to be there (a couple said so for that particular game) and didn't show.