Monday, November 02, 2009

More Junkmail from Bob, #211


A Computerist

Part 1
The other day I got an email from my cousin-in-law Lynn about my Aunt Jeanette's computer. It had a virus. (Jeanette is the one in the middle.)

jeanette.jpg

Lynn is pretty good with computers, and had already done most of what I suggested. The rest of what I suggested didn't do any good. Eventually, I gave up, thinking that I could probably fix it pretty easily if that happened on my computer.

Part 2
I was minding my own business on the internet the other day, which is not always the case. I looked at a web site, and it was some kind of strange site. I thought it might be a phishing site or something like that, and I decided to look around. I think those fake sites are interesting, if you can figure out how they work.

At one point, a dialog box popped up. I glanced at it, and just after I clicked the close "x", I realized that that's not the normal close "x" I see on my computer. I had actually clicked a command button.

A few minutes later, my firewall told me that a program named something like wjkm.tmp was trying to access the internet. I don't use an antivirus program because they slow down my computer, so I pay attention to the firewall messages.

I went through the normal routine -- kill the process, check the tasks running, delete all the files that were just updated, twirl the power cord of the computer to break loose any electron jams, etc. It was easy. Then I did an mrt scan (Microsoft's scanner that comes with Windows,) and I updated Firefox to 3.5 so maybe it would keep me out of trouble next time.

A while later, I noticed that when I clicked a Google search result, it went to the wrong site. That caught my attention. There was one strange task running again, system.tmp from the temp folder. I killed it and deleted the file. I went through all the services and each one was legitimate. There was nothing new in the startup folder or in the startup area of the registry.

I ran mrt again. This time it found a virus. I checked the hard drive for new files, and noticed a folder in my Program Files directory called Windows Police. I knew that name. That's the one that Jeanette had!

No problem. I downloaded 7 antivirus programs, even paying $39 for one (Norton), and scanned my computer with AVG, f-prot, Kaspersy, mbat, Norton, PCTools, and two others I don't remember right now. I even did a couple of them in safe mode. Then, just for good luck, I checked all the strange locations on the hard drive and got rid of anything that looked funny.

This made absolutely no difference. My computer ran just fine, but some virus was intercepting about 1 in 6 search results and sending me to odd web sites with a bunch of choices to click on, apparently making some money off the clicks. This happened on Bing as well as Google. This happened on Internet Explorer and Firefox.

I scanned and scoured the computer for a few days. I was on the verge of calling Lynn and asking to borrow her hammer. But then I ran across a site called PCHelpForum.com. I knew it was unlikely anybody would tell me what was wrong. If all those antivirus programs couldn't take care of it, I doubted they could. But I decided to ask anyway on the off chance that someone else had had this problem.

I started to post the situation, and I noticed a set of instructions. I was supposed to run a few programs which produce reports on my computer, its installed software, active tasks, files modified in the past 30 days, and a bunch of other stuff. So I did. The next day, someone on the forum replied that I should run Combofix. I didn't remember that program from anywhere. How could it do any good?

But since they were taking an interest, I decided to run combofix and see what their next suggestion would be. When I ran Combofix, if said it detected a rootkit problem, and found a virus on atapi.sys. Then it fixed it. That fixed my whole problem!

I reported back to them, and checked out my computer for quite a little while. It was really back to normal. The funny thing is, if Combofix left me a "present," how would I ever know?

One thing I did figure out -- it was NOT so easy to fix Jeanette's problem when it happened to me!


Phish Fry

Earlier this month the FBI arrested 53 people and charged a few dozen more with financial fraud. Since financial fraud isn't very exciting, the AP and a few other news outlets decided to call it identity theft. But they didn't steal anybody's identity. Every single victim got to keep his or her own name.

The group was among the many that send out spam emails claiming to be from a bank, in this case, Bank of America or Wells Fargo. They referred people to the bank website for some fake reason, threatening to suspend their account if they didn't reconfirm some information, or something like that. Here's one I got the day before yesterday.

Dear Bank of America  member,

We are sorry to inform you that your Bank of America Online
Account has been suspended. A high number of failed login
attempts have been recorded on your online account. As a
security measure we had to temporarily suspend your account.

To restore your account we have attached a form to this email.
Please download the form and follow the instructions on your
screen.

NOTE: The form needs to be opened in a modern, javascript
enabled, browser (ex: Internet Explorer 8, Firefox 3, Safari 3,
Opera 9).

We apologize for any inconvenience this may have caused.
Sincerely, the Bank of America security team.

© Copyright 2009 Bank of America Financial Group. All rights
reserved.


It asks for this information:
  • Name on card:
  • Date of Birth:
  • Social Security Number:
  • Mother's Maiden Name:
  • Phone Number:
  • Street Address:
  • City:
  • State:
  • Zip Code:
  • Card Number:
  • Card Expiration Date:
  • Card Verification Value (CVV):

The email is fake, of course. It is just used to collect things like account numbers, passwords, social security numbers, drivers license numbers, mothers maiden names, etc. Then the crooks transfer money our of a victims account into their own.

For quite a while, I was getting messages from eBay saying my account was suspended and I needed to click here to get it taken care of. Of course, I recognized this as a scam. I don't use eBay very often anyway.

Then one day, I logged onto eBay. Those emails had been real! I owed them two dollars and some cents. So I paid and restored my credit rating, preventing the failure of several major banks.

How can you tell the difference between a scam email or a real one that says you need to take care of your account? It's not very easy. One way is to look at the html source of the email, search for all the "http"s, and make sure the part of the URL before the last "." is the company you want. In the case of the email above, it sent the data to http://suntunsmecher.com.

If you go to http://suntunsmecher.com, it looks like a fairly innocuous site, just one of those parking sites that has some search items to generate some Google click money after people arrive there by mistake.

But, if you add /w.php on to the end of that site, you get a fake Bank of America site. It looks real. If you actually try this, you might end up meeting some new friends of questionable character from Egypt, or even California. My guess is that site won't stay up very long.

A safe way to go to a web site in an email is to type the address in yourself instead of clicking on the link in the web site.

      http://www.nytimes.com/2009/10/08/technology/internet/0...

I thought maybe the FBI closed down at least the Bank of America scams, but I just now got another one. They said I'd get $50 for answering a survey. At the end of the survey, it wanted my number and PIN for the account where I wanted the $50 to be deposited. Of course, I would never give them my information. I gave them my brother Jerry's instead.


Backups? Who Needs Backups?

A year or two ago, Microsoft bought a company called Danger. They make the Sidekick, a T-Mobile competitor to the iPhone and Blackberry.

This note was issued a few days ago:"Regrettably, based on Microsoft/Danger's latest recovery assessment of their systems, we must now inform you that personal information stored on your device - such as contacts, calendar entries, to-do lists or photos - that is no longer on your Sidekick almost certainly has been lost as a result of a server failure at Microsoft/Danger."

It's hard to believe that T-Mobile or Danger or Microsoft wouldn't keep a copy of their users' data. But a few days later, Microsoft said that it could restore most, if not all, of the missing zeros and ones.

      http://blogs.siliconvalley.com/gmsv/2009/10/so-thats-wh...

      http://www.siliconvalley.com/search/ci_13568709


Terraced Barges

In Operation Viper, the Department of Homeland Security narrowly averted a plot by terrorists to take over barges on the Ohio River and use them to destroy civilization as we know it.

      http://www.wlwt.com/news/21282269/detail.html


Fussing

The White House vs. Fox News vs. MSNBC. This is all about nothing, as near as I can tell, but someone made a pretty funny video about it.

      http://www.youtube.com/watch?v=CdHzWMPLiow


Health Insurance Companies

I'll avoid the health reform debate, since nobody believes anything said about it anyway. I do think that everybody in the U.S. should have access to health care, but I would prefer not to pay for it all myself. (Oops. I almost avoided it.)

Among the health care publicity campaigns, I noticed that the insurance business promoted some press articles reassuring us that they were not making too much money. "Health insurers posted a 2.2 percent profit margin last year, placing them 35th on the Fortune 500 list of top industries."

That made me wonder, so I did a little checking. Cigna is a major health insurer. Cigna Boss Ed was paid a measly $7,790,000 last year. Of course, that's less than one percent of his total compensation for the year by the time you add in $1,580,000,000 worth of stock options he exercised. Maybe those companies would make some money if they cut their executive compensation back to a couple million dollars a year.


GRB 090510

A few billion years ago, in a galaxy far, far away (7.3 billion light-years, or thereabouts), a couple of neutron starts smashed into each other. This caused a huge explosion, and wiped out everything in the neighborhood, and subatomic particles went flying. Among them weresome photons.

Meanwhile, NASA launched the Fermi Gamma Ray Space Telescope in June 2008.

245184main_GLAST_IMG_3980re_full.jpg

Some of the photons from the galaxy far, far away arrived last week. They didn't make it to earth -- they ended up at the Fermi space telescope. (A whole lot of other photons from that event did make it to earth, though, along with those from zillions of other events. They were generally absorbed by the outer atmosphere.)

One of the photons that hit the Fermi space telescope had a million times more energy than another, yet they arrived within a couple of seconds of each other after traveling 7.3 billion light years. This is important in the fields of physics, science fiction, and agronomy, because unless someone made a timing error, it wipes a significant portion of quantum gravity theories.

There's a good chance I won't ever understand all this, but it's still pretty interesting.

      http://www.nasa.gov/mission_pages/GLAST/news/first_year.html

      http://www.nytimes.com/2009/10/29/science/space/29light.html


Halloween

Halloween season is here! People in the U.S. spend more on Halloween than any other holiday except Christmas. 15 or 20 years ago, my eldest toddler Brian had a computer costume for Halloween.

halloween.jpg

I was appalled this year when I learned that these two guys had unabashedly stolen Brian's idea.

      http://www.youtube.com/watch?v=xIjBqFMwM08

Actually, those are pretty good!


Global Terminology

Global Warming has been renamed Global Climate Change. This is because some people claim the earth is not warming, and because local weather patterns make most areas seem extra cool at least some of the year. People just don't notice a 2 degree change in temperature. But the earth is, in fact, getting a little warmer.

      http://arstechnica.com/science/news/2009/10/talk-of-glo...

I noticed a new term in the area of ecology this week -- Carbon Pollution. I don't like that term. It implies that I should stop breathing. In fact, the U.S. Government has decided that only those people who have exhaled CO2 during the tax year are required to pay income tax.

I won't believe that people are really serious about reducing atmospheric carbon dioxide until they start building nuclear power plants. We can have essentially an unlimited supply of energy without polluting the atmosphere, even if you consider carbon dioxide a pollutant.

Europe has long surpassed the U.S. in nuclear power plant technology. For example, 90% of French electricity comes from nuclear power. France is the world's largest exporter of electricity, and its electricity cost is among the lowest in Europe.

There are 64 power plants operating 104 reactors in the U.S. None are less than 10-years-old. 1 is less than 15-years-old. 99 of the 104 reactors are more than 20 years old.

Nuclear Power PlantOperating Since
Arkansas Nuclear One, AR1974, 1980
Beaver Valley, PA1976, 1987
Braidwood, IL1988, 1988
Browns Ferry, AL1974, 1975, 1977
Brunswick, NC1977, 1975
Byron, IL1985, 1987
Callaway, MO1984
CalvertCliff, MD1975, 1977
Catawba, SC1985, 1986
Clinton, IL1987
Columbia Generating Station, WA1984
Comanche Peak, TX1990, 1993
Cooper, NE1974
Crystal River 3, FL1977
Davis-Besse, OH1978
Diablo Canyon, CA1985, 1986
Donald C. Cook, MI1975, 1978
Dresden, IL1970, 1971
Duane Arnold, IA1975
Enrico Fermi, MI1988
Farley, AL1977, 1981
Fitzpatrick, NY1975
Fort Calhoun, NE1973
Grand Gulf, MI1985
H.B. Robinson, SC1971
Hatch, GA1975, 1979
Hope Creek, NJ1986
Indian Point, NY1974, 1976
Kewaunee, WI1974
LaSalle County, IL1984, 1984
Limerick, PA1986, 1990
McGuire, NC1981, 1984
Millstone, CT1975, 1986
Monticello, MN1971
Nile Mile Point, NY1969, 1988
North Anna, VA1978, 1980
Oconee, SC1973, 1974, 1974
Oyster Creek, NJ1969
Palisades, MI1971
Palo Verde, AZ1986, 1986, 1988
Peach Bottom, PA1974, 1974
Perry, OH1987
Pilgrim, MA1972
Point Beach, WI1970, 1972
Prairie Island, MN1973, 1974
Quad Cities, IL1973, 1973
R.E. Ginna, NY1970
River Bend, LA1986
Salem Creek, NJ1977, 1981
San Onofre, CA1983, 1984
Seabrook, NH1990
Sequoyah, TN1981, 1982
Shearon-Harris(Harris), NC1987
South Texas, TX1988, 1989
St Lucie, FL1976, 1983
Surry, VA1972, 1973
Susquehanna, PA1983, 1985
Three Mile Island, PA1974
Turkey Point, FL1972, 1973
Vermont Yankee, VT1972
Virgil C. Summer, SC1984
Vogtle, GA1987, 1989
Waterford, LA1985
Watts Bar, TN1996
Wolf Creek, KS1985

Some people think this is good, and we should stop building nuclear power plants until they are all closed down. Some people think this is bad, and we should build new nuclear power plants to add to and replace the old ones. Some attorneys think that the legal process for building a nuclear power plant is a real money maker. The attorneys are right.

France and Finland are both building EPR nuclear power plants. EPR, or European Pressure Reactor, is a new design of nuclear reactor, more efficient and safer than older designs. In the tradition of nuclear power plant development and construction, these plants are behind schedule and over budget.

      http://en.wikipedia.org/wiki/European_Pressurized_Reactor

Nuclear fusion power plants are probably the way to go, eventually. Fusion reactions produce a lot more energy than fission, and the fuel is a lot more readily available -- water (with some extra neutrons.) Unfortunately, it is not easy to convert a hydrogen bomb into a controlled fusion reaction.

In 1983 some European countries built the Joint European Torus, a nuclear fusion reactor, in Culham, U.K.

JointEuropeanTorus_external.jpg

In 1991, the Joint European Torus achieved the world's first controlled release of fusion power (if you rule out the sun and Jupiter.) However, it will only produce 70% of the power input. That is, it takes 100 watts of power to produce 70 watts of power. This technique is commonly used in corn methanol production.

The ITER Tokamak is now under development in France. It is an experimental reactor that should be able to produce more fusion power than is required to operate the reactor.

      http://www.iter.org/mach/Pages/Tokamak.aspx

ITER is an organization made up of quite a few countries, including China, European Union, India, Japan, Korea, Russia, and the United States.

      http://www.iter.org/SCI/Pages/BeyondITER.aspx


Swine Flu

The CDC says 1,000 people have died from the swine flu this year. This made headlines. The CDC also says an average of 36,171 people die per year from the flu (between 1993 and 2003.) This did not make headlines.

I tried to find out how much worse the flu is this year than last, but I haven't found any unbiased statistics on it. I believe the flu is somewhat worse, but it's not the catastrophe that it would seem by reading the news.

      http://www.cdc.gov/flu/about/disease/us_flu-related_dea...

It's not easy to find out how many people die from the flu. If I am in the hospital with pneumonia, and then I catch the flu and die, was that from pneumonia or the flu? What if I had the flu first? What if I had the flu, went to the hospital, and died when the nurse whacked me in the head with a bedpan because I was racing a 4-year-old down the hallway on one foot? You can see that this is not a simple problem.

The solution? Wash your hands, don't rub your eyes or pick your nose after you shake hands with someone, and hold your breath when someone sneezes at you. This also helps cut down on carbon emissions.


RIAA

The RIAA pays companies to hack into P2P users and networks so they can file lawsuits. The RIAA claims you owe them $80,000 every time you share a file on the internet. Of course, if you write them a check right now they'll offer you a substantial discount. It sounds a little like extortion to me.

The RIAA used to use MediaSentry for their covert intelligence gathering, but MediaSentry was caught doing some illegal hacking. They were using false information to access computer systems.

Now the RIAA has hired DtecNet to do their spying, in addition to some public relations. However, DtecNet seems to be behind the power curve when it comes to P2P public relations. Some of their claims are comical.

      http://torrentfreak.com/riaa-anti-piracy-partner-cluele...


Wireless Security

About a year ago a guy named Erik and some people showed how to crack the WPA encryption on a wireless network.

      http://www.itworld.com/security/57285/once-thought-safe...

Now some people named Finn, Olav, Martin, and Stig have shown how to do it better.

      http://books.google.com/books?id=mSMsqoqufMoC&pg=PA...


Amazon Words

Amazon has just received a patent for this: They change some words in an online book to introduce spelling or grammatical errors. That way they can prove that the online book came from them when they sue an illegal copier.

I don't like this for two reasons. First, it comes under my "stupid patent" criteria for being too simple and obvious to deserve a patent. Second, I don't think it's proper to introduce errors into a book for the sake of copy protection. But Amazon probably doesn't care what I think.

      http://yro.slashdot.org/story/09/10/28/2236235/Amazon-P...


Nuclear Spaceship

The headline: "Russia Develops Spaceship with Nuclear Engine"
The original headline: "Russia develops design for spaceship with nuclear engine"
A slight difference, eh?

Here's the original article:

      http://en.rian.ru/science/20091028/156623290.html

The old Soviet nuclear spaceship program:

      http://www.astronautix.com/articles/sovermal.htm


Open Source Voting

Sequoia Voting Systems published the source code of its voting machines. I think this is a good thing.

      http://www.wired.com/threatlevel/2009/10/sequoia/

Coincidentally, 5 days before, the Open Source Digital Voting Foundation released the source code for its prototype election system.

      http://www.wired.com/threatlevel/2009/10/open-source/


SSD

Solid state drives (SSD) are now available. They are pretty reliable (depending on who you ask) and are REALLY fast. An SSD costs more than a normal hard drive. A 160gb drive from Intel costs a little over $600 at newegg. The price used to be a couple hundred dollars less, but the demand seems higher than the supply at this moment.

I believe the supply problem has to do with the reliability. In addition to normal yield-type supply problems in new semiconductors, the SSDs have had a number of software snags.

For example, Intel released a new version of their firmware this week. People can upgrade the firmware on the drive to make it faster and more reliable. However, some people who upgraded found that the upgrade killed their drive. So Intel pulled their software update one day after they released it. Oops.

      http://www.computerworld.com/s/article/9140021/Intel_pu...

There is a fairly long list of stories like this from Intel and the other SSD makers.

      http://arstechnica.com/hardware/news/2009/10/intels-bla...

If you'd like to know more about SSDs, check out these Anandtech articles. The first one is six months old, but it covers the fundamentals very well.

      http://www.anandtech.com/storage/showdoc.aspx?i=3531

      http://www.anandtech.com/storage/showdoc.aspx?i=3631

I had decided to wait until the SSDs are cheaper before I bought one. Then, my c: drive died. Completely. I cannot read a single byte from it. And, in case you are one of many who have heard my backup harassment in the past, I did have a current backup. I bought a new SSD and am now living happily ever after. It's only 160gb, so I have a d: drive with the files I don't need fast access to, which is most of my files.


Ares I-X

The NASA Ares I-X rocket is planned to carry people to the space station, after the retirement of the space shuttles. NASA launched one this week, a 150-mile test. The water vapor in the first photo is around the simulated crew capsule.

397895main_launch6_full.jpg  hires...

397571main_launch2_full.jpg  hires...

      http://www.nasa.gov/mission_pages/constellation/ares/fl...


Open Adobe

Adobe is pushing hard to get the U.S. government to accept .pdf and flash as the standard for the U.S. Open Government initiative. That is very ironic, and more than a little stupid.

      http://arstechnica.com/tech-policy/news/2009/10/adobe-p...


Pictures of Today!

This photo shows the paths of NASA's spacecraft over 50 years of space exploration.

50-years-exploration-huge.jpg  hires...

The Crab Nebula:

crabmosaic_hst_big.jpg  hires...

http://antwrp.gsfc.nasa.gov/apod/ap091025.html

Two Indian photos from the early 1900's, by Edward Curtis.
Three_chiefs_Piegan_p.39_horizontal.pngKutenai_woman_1910.jpg

Mike and I were planning to have the boat hauled out of the water for bottom paint, and it was struck by lightning a few weeks before. So now we get to have the mast repaired.

IMG_0070.jpgIMG_0085.jpg
IMG_0102.jpgIMG_0108.jpg
IMG_0120.jpg


The End