Oh, no - it's SPAM!

[There's been some spam getting through a e-mail list I *cough* host, by forging the addresses of subscribers. In an attempt to stop the riot of 'his computer got hacked' before it starts, I wrote this e-mail.]

Do not panic.

Wondering how spam can make it to the e-mail list? Then read on. Don't care? Then move along, nothing to see here.

Spammers collect addresses, then they both send e-mail to those addresses and use those addresses in the 'from' field. Just because spam appears to be from someone you know does not mean that the spammers 'took over' that person's computer - if fact, they probably didn't. Forging the 'from' e-mail address is incredibly easy, you can do it in most e-mail programs - and there's no verification that you own the address you send from.

Once a spammer has a list of addresses, they pick some to send e-mail to, and one to be the from address. So when you get an e-mail "from" your friend that is spam, don't think he's sending it, he could have just as possibly gotten the same spam appearing to be from you. Yeah, how's that feel.

So how do they get the lists of addresses? It could be spyware - malicious programs that are installed without your knowledge, along with other programs, or perhaps disguised as something else - sifting through the files on your computer, looking for e-mail addresses. If could be a less than reputable company, selling the addresses it has (customers, contact, etc.). It could be programs that search the internet for addresses on web pages.

Of course, it doesn't need to be *your* computer for your address to fall into a spammer's hands. If Aunt Matilda installs the latest cool screen saver from dontdownloadthis.com, and your address in on her computer (because you do keep in touch with Aunt Matilda, just not as much as you would like), it's now collected and more than likely sold to other spammers.

But Aunt Matilda is smarter than that, so there's nothing to worry about.

Until one day she forwards that extra funny e-mail she got (because she doesn't just forward anything, only the extra funny), and your address is on the to line right along with Matilda's friend Gertrude. Gertrude isn't too computer savvy, but now your address is only as safe as her actions. Scary.

Or maybe you send that extra funny e-mail to Aunt Matilda, and she just sent it to all her friends (because she doesn't forward to everyone, just her friends), but she left your address at the top of the e-mail, because that's how her e-mail client formats forwards. And now your address is only as safe as any one of Matilda's friend's computers.

Really scary.

Sigh. It's a tough life for our e-mail addresses.

The bottom line is this - other people control who has access to your e-mail address. So one day, the chances are, a spammer somewhere will find it.

But how does spam get on the e-mail list? The same way it gets to your inbox appearing to be from someone you know, or some company you know of. Some how the list e-mail address was found (an infected subscribers computer, an e-mail someone sent to the list and other recipients, a list e-mail that was forwarded to someone else) and spam was sent to it.

That isn't a big deal, in fact the list gets plenty of spam every day; however, when the spammers also have the address of someone subscribed to the list, and they make the e-mail appear to be from that address, the list allows the e-mail through.

If they send enough e-mails, sooner or later that right combination will happen. Discussion lists (as opposed to announcement or broadcast lists) are particularly hard to keep spam out of, because there are so many addresses (all the subscribers) that should be able to post.

Now before victory is declared for the spammers, there are other things the list can do to identify spam, and I'll try to implement some of that soon.

In addition, some of you are probably wondering why this e-mail has been sent because you're e-mail provider or e-mail client already filtered the spam that made it through to the list. Because your filters are just that good.

Tim Lytle [05/06/09 16:49:14] | 0 Comments | Point

Words Mean Something

Sure they do, here's what's going on at AO:

created at TagCrowd.com
Tim Lytle [05/01/09 16:03:05] | 1 Comment | Point

A Little BIOS

Looks like the Acer Aspire One series has a little BIOS problem. Sometimes it just goes poof.

Guess that's why there's a way to flash the BIOS without booting:

First format an USB stick with FAT.

Download the latest BIOS, and put both FLASHIT.EXE and the BIOS file in the root directory of the stick. Rename the BIOS file to ZG5IA32.FD, that's important. Do not remove the USB stick.

Turn the AA1 off, make sure both battery and AC adapter are connected. Press Fn+Esc, keep it pressed and press the power button to turn the AA1 on. Release Fn+Esc after a few seconds, the power button will be blinking. Press the power button once. The AA1 will now initiate the BIOS flash, do not interrupt it under any circumstances. After a while the power button will stop blinking, and the AA1 will reboot shortly after. Wait patiently.

The BIOS has been flashed and all settings reset to default.

If for some reason you made a mistake during the procedure and it doesn't reboot by itself wait 5 minutes before turning it off, just to be safe that it isn't still flashing the BIOS.

Tim Lytle [04/29/09 16:02:04] | 0 Comments | Point

24 in Real Life

Janeane Garofalo would not meet Rush Limbaugh and Lynne Cheney when they visited the set of 24, reports Entertainment Weekly. And by 'reports' I of course mean 'congratulates'. What else would you expect.

Garofalo plays the anti-Chloe on 24, and by that I of course mean she was hired to make both the other character and the other actress look better.

So good for her on keeping it real and not meeting Rush and Mrs. Cheney. That really shouldn't be surprising considering her stint on the blazingly successful Air America. And by blazingly I of course mean the flames from some horrific fire.

Just one question - if she wouldn't met with Limbaugh, what does she think about President Obama and Hugo Chavaz? And by think, of course I mean...well, let's not ask too much.

[Update: Related story, Janeane and Anderson Cooper have a lot in common. Via @deanpeters ]

Tim Lytle [04/20/09 19:55:36] | 0 Comments | Point

New York Trip

Using drop.io to 'live blog' a New York trip today. Watch the carnage here.

Tim Lytle [04/17/09 01:56:57] | 0 Comments | Point

Starting Fires

A recent report says that Firefox has more security holes than any other browser. Mozilla says their count is high, just because they're open about their bugs, unlike other browsers.

I say that Turbo Tax made me use Firefox (instead of Chrome) and Windows (instead of Ubuntu), and once taxes were done, it just so happened that I had a bunch of spyware.

Firefox - you had a good run.

Oh, look, shiny - Chrome.

Tim Lytle [04/16/09 23:08:07] | 2 Comments | Point

Google Profile

So, what's the future of the slowly evolving google profile? Right now it's kinda like an online business card, providing a link list and a contact form.

But then there's the photo stream. Interesting.

What's next? Adding all your 'feeds'? Will this be a kind of FriendFeed?

[Update: Mike Elgan's view on Profiles as Facebook killer.]

Tim Lytle [04/15/09 22:42:18] | 0 Comments | Point

CAPTCHA Fail

When you need analytical and enhancement software to pass...

Tim Lytle [04/08/09 16:54:37] | 0 Comments | Point

Watch Out Bro!

From the BBC:

"We may have to think carefully about the way we deal with families with lots of boys."

You know, because sisters make people better and brothers make people worse. Well, I guess that explains this.

Tim Lytle [04/08/09 14:42:06] | 0 Comments | Point

New Blog

New blog to check out - check out the latest post on the impeding Ubunutu upgrade.

...and the choices always seem so difficult even though we’ve reasoned them down to a sensible choice six months ago with the previous release. The choices are back on the table and equally attractive with the advent of the shiny new technology just around the corner.
Tim Lytle [04/08/09 14:26:19] | 0 Comments | Point