Archive for the ‘wtf’ Category

« Older Entries

Text Files Are Mysterious

Thursday, December 11th, 2008

Sigh… This is going to be a short post, because something just died inside of me and I need to go bang my head against the brick wall to relieve the pain. It’s also vaguely related to my post from Tuesday. Related in topic matter, but not circumstances.

Here is the story… Or rather, the short version. I really don’t have the heart for it right now. I could probably turn this into a 5 page epic, but I just… Well, you will understand once I finish this. The gist is that a guy at work caught a virus of some sort. The standard operating procedure in these circumstances is apparently to:

  1. Ignore it
  2. Hope it will go away
  3. Talk to the supervisor and tell them that your computer is slow that you need a new one
  4. Never, ever, under any circumstances attempt to contact the IT department and tell them about this problem

I was pleasantly surprised when this dude violated this long standing tradition, and actually called me with the problem. The infection turned out to be relatively minor, considering that his Norton AV Suite was able to clean it out on the first scan. To be on the safe side, I had him run a scan with malwarebytes. If you have ever used this tool (it’s great BTW – I highly recommend it) you know that at the end of the scan it generates a log file and automatically opens it in notepad so you can review it. Sometimes it contains useful information – for example, files that were not possible to be cleaned and/or deleted during the scan.

I asked the guy to save this log file, and email it to me. This is what I got in my inbox:

malwarebytes_headdesk2.png

You can click on that image to enlarge it. And yes, he took a screenshot of his whole desktop, pasted it into word and sent it to me. My reaction:

Facepalm.jpgfacepalm.jpg on flickr

Apparently, God hates me. It could be worse though… At least he managed to skip the wooden table step. I guess I should consider myself lucky…

Moral of this story is: regular users do not understand plain text. I should keep it in mind when I teach my class and talk about ASCII code. When I say “plain text” some students probably think “word doc with no formatting”. Lesson learned.

Also, if you didn’t get this, I am not going to explain it.

Posted in humor, tech support, technology, wtf | 13 Comments »

I have my own domain squatters

Wednesday, November 5th, 2008

The other day I got the following email. Curiously, Gmail did not flag it as spam which it probably should. Before you read it though, I strongly advise against actually going to the terminally-incoherent.cn website. It is seriously NSFW. And when I say NSFW I mean serious pr0n with explicit auto-play flash movie clips playing all over the place. Do not open that website at work.

Dear Sirs,

We have terminally-incoherent.cn and found that the domain is pretty useful for you to explore China market. We can really consider selling it out by escrow.com secure transaction if you are interested in it. Please reply to us and discuss the domain tranfer matters. China is the bigger market in the world !Dot.cn domains is a symbol of enterprises in China!10,000,000 .cn domains are been registered!Wish you happy every day, and welcome to our China to travelling. At last,Sorry for the disturb if any.

Best Regards.

Wong

Usefulname Technologies

Out of curiosity I decided whether or not that URL is actually used for anything. I was half expecting one of those generic parked domain pages full of advertising banners and or/links. There was also a chance the site could have been spreading mallware but since I was sitting at a Ubuntu machine this did not concern me that much. I really did not expect a hard core pr0n site to be there.

They are not really using the domain to identify the website though. It seems to be a simple domain redirect and the links on the website lead to another address. There are probably dozens of other dresses that redirect to the same place this way. They buy them in bulk, then send funny extortion letters in fractured English. I’m pretty sure that the price they would want for the domain would be much higher than what you usually pay for a .cn domain.

I also love the “company name” on the email. I wonder if they actually chose that name or if someone simply forgot to fill out one of the fields in their bulk mailer software and the emails are going out with the default company name placeholder. Sort of funny either way.

Someone asked me what am I going to do about this. I don’t think I need to do anything. If I was selling something or ran a respectable company, and I needed to watch for the corporate image I might have been concerned that my .cn address redirects to hard core pr0n. But since I use the Terminally Incoherent domain to host a private blog I don’t think this affects me in any way. It’s just sort of funny and I guess flattering in a way. It is still sort of bizarre that someone would want to cash in by using my long, hard to pronounce, and easy to forget domain name.

I really don’t know what I was thinking when I started this blog. I picked two long, easily misspelled words and to make matters worse put a hyphen in between them to make it even harder to recall pretty much guaranteeing that this website will never by passed around by word of mouth.

“So, what was that website you told me about?”
“It’s terminally-incoherent.com… With a hyphen in the middle.”
“Oh… You know, just email me the link then…”

Yeah, kids – that’s me. I think I committed every single cardinal sin of naming your domain when registering it. Hard to pronounce, hard to spell, over 20 characters long, has a hyphen in it, not very catchy and etc… I’ve been thinking about shortening it somehow for a while now but I can’t figure out how. I’d love to just use ti.com but the fuckers at Texas Instruments got that one first. Oh well…

Posted in internets, personal, technology, wtf | 5 Comments »

Free Public Wifi Epidemic

Wednesday, June 4th, 2008

Here is a question for you. Have you noticed a strange, non functioning, un-encrypted ad-hoc wireless network occasionally popping up on your Wifi network list in your area? Yeah, I did too. When I first saw it at work, I thought someone in the building is messing around with at-hoc networks. Good for them. Then I noticed the same network popping up at home. Then at school, in a coffee shop and other places. I talked to my co-workers who travel a lot and they too seem to notice this strange network popping all over the country. And these networks never work and disappear as mysteriously as they appear.

To sort of gauge the magnitude of this phenomenon, I decided to search for “Free Public Wifi” on WiGLE. This is what I found:

Free Public Wifi Spottings
via WiGLE – see the interactive version of this map here

Bizarre. I assume some of these hits are from genuine free public wifi networks. But I have a feeling that most are not. If you click on the link below the map, and zoom out a bit, you will be able to see that these things are also popping up all over Europe and in other places of the globe too. It seems to be a worldwide phenomenon.

So I decided to investigate. After some googling, I found out a really nice writeup of this issue written by y Zaib Kaleem at wlanbook.com:

The answer to why this SSID seems to be everywhere can be blamed on Microsoft, more specifically a Windows feature called Wireless Auto Configuration (aka Wireless Zero Configuration). Wireless Auto Configuration “provides automatic configuration for the 802.11 adapters”. In an attempt to make it extremely easy to connect to WiFi networks, Wireless Auto Configuration does the following when an 802.11 adapter is enabled and starts to scan for WiFi networks. (…)

If there are no successful connections and there is an ad hoc network in the list of preferred networks that is not available, Wireless Auto Configuration configures the wireless network adapter to act as the first node in the ad hoc network (…).

At one time or another somewhere out there someone connected to a real ad-hoc WiFi network that had the SSID “Free Public WiFi”. They added this network to their preferred network list. They then traveled to a location where this WiFi SSID didn’t exist (airport, airplane, and/or hotel). They powered on their laptop with the wireless card on and Wireless Auto Configuration took over and starting searching for WiFi networks. After trying [failing to connect to any viable network in range], Windows gave up and configured WiFi card to ad hoc mode with the SSID “Free Public WiFi” (since it was a preferred network).

A second person in close proximity to the user above also has a wireless enabled laptop and is looking to connect to a WiFi network. They scan to see what is available and notice an SSID called “Free Public WiFi”….they connect to it not knowing that it is an ad hoc network. After a few seconds of wondering why they can’t surf the web they disconnect from the SSID, shrug their shoulders and move on with life. Now they have the viral SSID in their preferred list too. The next time they power on their laptop it starts to look for the “Free Public WiFi” SSID. This process is repeated in many locations across the US and world again and again. Soon this SSID is in preferred wireless networks lists everywhere spreads like a virus.

Joshua Wright likened it to a zombie outbreak in the way it has likely started with a single ad-hoc network, and now took over most of the eastern seaboard and created hot spots on the west coast, and Europe. He posted about this weird issue over a year ago, and he also did that WiGLE mapping thing. Go check out his post and compare our maps. You can clearly see how this odd infection has spread since May 07 – the difference is huge. It’s growing!

Is this wifi zombie plague dangerous? Not in and of itself, but it does create certain risk. Whenever your laptop is broadcasting the “Free Public Wifi” SSID, it is essentially revealing itself to all potential attackers. Whether or not you are actually vulnerable to an attack depends on your system setup, and security software you are running. But you clearly become a more of a target due to increased visibility. And naturally any open public wifi hotspot is arguably a dangerous place to be to begin with. This goes double for public ad-hoc networks.

Few people really use the ad-hoc functionality on a regular basis, so it is probably a good idea to configure windows not to automatically connect to them anyway. This way you both immunize yourself to this non-malicious viral wifi worm, and protect yourself from accidentally stumbling into a trap network set up by someone with malicious intent.

tags: , , , ,

Posted in security, technology, wtf | 2 Comments »

« Older Entries