Farlops Industries

Making the Future Hideously More Complex Since 1963

How the little folks can do their part

Okay, those of us who've been paying attention to search engine results lately have noticed something new: splogs. A splog is blog generated by a robot that searches other stable and long lasting blogs and sites searching for content that mentions specific keywords. It then copies that content to its own entries and stuffs them full of links to still other disreputable sites who've paid for a boost in their search engine ranking. Often they also try to have domain names that center around the keyword in question. You'll know when you've come across a splog because it seems like it was written by a schizophrenic--endless pages of totally disjointed and unrelated information with links on rather obvious keywords.

The idea is that if you enter a keyword into a search engine, these spam sites will rank higher because, some search engines tend to favor blog content more highly now that they've become so popular.

Not surprisingly this has degenerated into an arms race as search engines tune their pattern recognition algorithms to shut this junk out yet still favor real blogs.

But here's something I've noticed with my own obscure site: you can spot the dreck real quick because the backlinks to your site are so few. If you're an obscure site, when you ego-search your site title, name or some specific string unlikely to be related to anything except you, you only get a few results. These can be quickly sifted through to spot dreck which in turn can be reported to search engines as spam abuse.

This is something the big famous sites can't do since almost everyone links to them. If you put in "Slashdot" or "Boing Boing," you're going to get a million hits only some of which are going to be splogs posing as real content. If you put in "Pace Arko" or "Farlops Industries" you get only a few hundred or less and spotting and reporting the junk is much easier.

See? Obscurity isn't all bad.

Posted by Pace Arko at 9:17 PM on November 15, 2005

Bill and Ray call for security by obscurity

About a week or so ago Ray Kurzweil and Bill Joy condemned the publication of the genome of the virus responsible for the flu epidemic of 1918. Kurzweil in particular called for the genome to be censored.

Continue reading "Bill and Ray call for security by obscurity" »

Posted by Pace Arko at 7:38 PM on October 17, 2005

Security and Privacy Roundup

Over the past few months I've collected several articles about privacy and security:

Listen to Mr. Farlops! It's a dangerous world out there.

Posted by Pace Arko at 4:30 PM on July 17, 2005

If you must use IE--

If you must use Internet Explorer, please, please, please, turn off all scripting, Java and ActiveX support. Learning how to restrict security in Internet Explorer is easy. Once you turn off all JavaScript, VBScript, ActiveX and Java support, 99% of all worms, trojans, phishing schemes and other parasites that rely on Internet Explorer (Or any application that uses components of IE.) to spread will be stopped dead.

I've suggested this to the laity for years but often relented because I knew that being so restrictive would break 90% of the Web. But after spending this year cleaning trojans from many machines and finding XPSP2 a bit disappointing, I have decided to insist on it.

There is a tool (I wonder why this wasn't added to IE6 in XPSP2?!?) that lets you to quickly build a whitelist of safe sites where you can allow all the bells and whistles to work while still filtering out all the garbage. With this tool, which works in Internet Explorer 5 and higher, you can turn off all scripting, Java and ActiveX for all the Web and only turn it on for the small fraction of sites that you actually care about and need. I didn't know about this tool until recently. It's a pain to build a whitelist manually which was why I didn't insist on such tight security for my customers these last few years. Maybe this tool will make my case for me.

Posted by Pace Arko at 10:48 PM on December 26, 2004

The most clever social engineering I've seen so far.

On Saturday, around 2 in the morning, I received a blind carbon at one of my work addresses that had a frighteningly clever phishing scheme posing as a Red Hat security update. I thought it was real and the only reason I didn't apply this rootkit to the Linux box I have is because it's Knoppix and it's off--although I do have a really old laptop with Red Hat 7.2 on it.

My laziness saved me long enough for my paranoia to set in:

  1. After a bit, I realized that I never used the address in question to receive Red Hat technical updates. I did sign up for Red Hat technical updates years ago but that address has long since expired. How'd Red Hat get this one?
  2. The mail was blind carbon, not entirely suspicious in itself but, enough to prompt me to examine the mail more closely.
  3. I looked at the mail's markup and headers and saw that they pointed to locations that didn't make sense: ns1.ultracoms.net, www.wcml.co.uk and 217.8.3.5. Please note, the proceeding links are safe; they point to whois records, not the machine or machines where this spam came from. I have a suspicion these sites won't be visible on the Net much longer.
  4. With my browser, firewall and proxy security set to maximum and from an IP number not related to my work address, I viewed these locations. If you're curious, for the love of all that's holy to you, please don't use Internet Explorer to look at these locations!
  5. Then I started taking strings from the mail to put in a search engine. Sure enough, I got back lots of pages warning about a social engineering hoax that was nearly exactly like the one I got.

Phew! Dodged a bullet there! But clearly, the mail shows that the phishing scheme is mutating. The two pages I cite in point five are already of out of date.

This mail scared me. From now on, whenever someone laughs at my network paranoia, I'm going to point them to this page and say, "Never say never!"

Posted by Pace Arko at 3:37 AM on November 21, 2004

SpamBayes is great!

The amount of spam I get through my business account, which is exposed to spambots, is fairly small, about 37 spam a day. The amount of spam I get through my personal account, which is hidden yet visible in a clever way, is far less, at most 6 each day. This totals to about 35 to 45 spam a day that I have to ignore. My mail traffic is small enough that I can generally deal with this through a whitelist and pattern recognition on my servers.

Recently, I've moved to a smarter clientside solution based on Bayesian filters. A Bayesian filter is a bit of artificial intelligence that sorts and weights patterns according to logic worked out by Thomas Bayes back in the XVIII Century.

Anyway, the plug-in I've got is open source, cross-platform, very accurate and will grow even more so as training time increases. Perhaps you should scope this out as well.

Posted by Pace Arko at 8:35 AM on June 12, 2004

Still more reasons to turn javascript off!

I resolve to write one entry in this journal every day, even if it's total crap. At least I have persisted in keeping it going for three years now; that's a start. Chastisements are finished. Now, on to business:

Reading Mark Pilgrim's site lead me to an explanation and a demo on how to use CSS and DOM to serve as web beacons.The method allows the server to retrive the browser's history.

Of course it's not really CSS itself that is to blame here; it's the javascript. If you turn javascript off, this isn't a problem. The sad thing is that many jugheaded or, perhaps more accurately, wiley site designers require javascript to be turned on for their sites to even function. And now that I think about it, you could use server-side scripting to make this invasion of privacy work too. sigh. Oh well. Remember to flush your history cache often, if you have anything you want to hide.

Either that or get a proxy server that blocks web beacons and hook your browser through it.

Posted by Pace Arko at 10:10 PM on June 2, 2004

Don't open attachments today at all!

Even if you are clever in a security sense. The Mydoom mail worm has been spreading and proliferating since late Monday night, here in the western United States. Even here at the mighty research laboratory of Farlops Industries, we got hit with some spores! Luckily we didn't activate them and thus spread the contagion. The worm is insideous because it doesn't rely on the usual social engineering--update your immune-ware and treat all attachments as supspect. Scan first, even if you expected them!

Posted by Pace Arko at 7:44 AM on January 27, 2004

What is that gobbledygook at the bottom of your mail?

A few months ago I made a change to my mail client, something that I had been dithering over for years since getting on the Internet. Now, when I send out text e-mail (I avoid using HTML-based mail for good reasons.), this tool adds a long, seemingly patternless, string of strange characters at the bottom of my mail. People have been asking what that is. It's my PGP digital signature (Which is related to my PGP public key.) and I've been meaning to have one for many years. Anyone else who uses PGP can now exchange public keys with me and we can send encrypted mail to each other. Very useful for sending passwords, credit card numbers and other previliged information. Given that I am paid to worry about this stuff, I figured I should practice what I preach.

Posted by Pace Arko at 5:16 AM on January 24, 2004

Personal E-mail Security: The Definitive Guide

Many of my friends have been on Internet for years and years. They have the knowing of the Way of the Machine. And they know what to do when it comes to keeping their mail accounts free of spam, worms, viruses, trojans and other bad mojo. But some of my friends do not. Now I have written about this on many, many, many occasions. But I think I finally want one definitive page, that I can always point the greenhorns to.

Continue reading "Personal E-mail Security: The Definitive Guide" »

Posted by Pace Arko at 12:44 AM on July 30, 2003

Bad Mojo for Internet Explorer

I just read on Slash today how a piece of valid markup can crash Windows Internet Explorer 4 and later. This includes many applications that use Trident, a dynamic link library that is the markup rendering component of IE--this means Outlook, Outlook Express and perhaps other Office components. Bad, bad bug!

Here is the invalid markup that causes Trident to crash (without the spaces before and after the angle brackets of course.):

< input type >

To make this legitimate markup we take advantage of something called conditional comments (A silly idea if I ever heard one.)and the result is (again without the spaces.):

< !--[if IE] >< input type >< ![endif]-- >

Posted by Pace Arko at 4:30 PM on May 3, 2003

Wasted security

Thank you Microsoft and Apple. In introducing computers to the public, you've done a good thing. I'd like to think that our world is improved because of it. But, I just wish you both hadn't taken shortcuts with security like you did. Now the public expects to do things like they've always done in System 6 or Windows 3 and this leads to terrible security in the small LANs found all the small businesses and homes around the world. It doesn't matter that you've got OSX or Win2k now. All that new security is wasted because the public doesn't want to give up the convenience of the old, incorrect way of doing things. I guess I should be grateful that I am paid to worry about this, but it's a pity that I have to.

Posted by Pace Arko at 9:33 AM on March 4, 2003

Paranoia on Parade! Grepping the spoken word

One of the chief things that intelligence agencies have been lusting after for many years is the ability to pick out certain key phrases in spoken conversations that rush over global phone lines on a daily basis. Bright sparks have been working on this for decades and now it may become commonplace.

Posted by Pace Arko at 6:59 PM on December 22, 2002

Pattern recognition improves, more spam expected

There used to be this web-based mail service called MessageTo that used a clever test to automate the process of updating an e-mail user's whitelist. Sadly, but not surprisingly, research has cracked this clever test. The test was hard to implement in an accessible way regardless.

Posted by Pace Arko at 11:39 PM on December 11, 2002

Irony in easy to swallow pill form

I rarely post political stuff here but, I just saw the shield for the Information Awarenss Office. Holy Ned! Don't these fools realize that this logo hands the conspiracy nuts a loaded gun? Let's think about what was running through the minds of the people who designed this logo.

Hmmmm.

Let's not. It's too scary a place to be. Sometimes the government just makes it too damn easy to laugh and cry at the same time. It's almost as if the current administration is revelling in it's power to invoke paranoia and suspicion.

Attention: This entry has been coded for easy parsing by Echelon.

Posted by Pace Arko at 8:58 PM on December 4, 2002

CSS, nuclear materials tracking and the loose, wanton ways of Windows

Posted by Pace Arko at 9:24 AM on October 16, 2002

Privacy and Security

What follows is rather jumbled but in my mind it's all related.

Continue reading "Privacy and Security" »

Posted by Pace Arko at 2:47 PM on October 11, 2001

Who watches the watchmen?

A few years ago, a friend and I were talking about using the redundant bits in web images to store text messages. You could drop the image into binary/hex editor and see the message or something like that. We discussed it as a means to increase the accessibility of web images. Screen readers could see descriptive information inside images so treated. Anyway, considering recent events, some folks seriously considered this as a means for bad guys to communicate with each other. Their search for such hidden messages has so far turned up empty.

Speaking of security and the erosion of privacy and personal freedom through technological advance, Dr. Steve Mann, has been observing the observers for some time now. Basically he is a gargoyle. He wears a uniform filled with computer, telecommunications and recording gear and walks around recording, receiving and transmitting stuff. He finds it telling that the people who most object to be being observed in this manner are the ones who observe and record everyone else for security purposes, that is police, government offices, casinos, retail stores and so on.

Posted by Pace Arko at 7:57 AM on September 26, 2001

Web Bugs

If you need a reason to install an ad and cookie blocker, to spoof your referer information and to shut off all client side scripting except for trusted domains, web bugs are that reason.

Posted by Pace Arko at 6:29 PM on August 15, 2001

Hope This Doesn't Keep You Up at Nights--

The US spends over a billion dollars each year to assure that decommissioned Russian nuclear weapons don't fall into the wrong hands. Recently, Russian scientists discovered several flaws in the database software that the US lends to Russia to track it's weapons and nuclear materials. The US has been using this accounting software to track it's own nuclear weapons and materials for a few years now.

Surprisingly, a Slashdot author debunks the inference, made in the Washington Post, that it's Microsoft's SQL Server or NT that's to blame.

Posted by Pace Arko at 12:45 PM on July 11, 2001

Guerilla Warfare Once Again Thumbs Its Nose at High-tech

I just read a story about a cheap and simple device that can fry the electronics of most of the military's high-tech weapons systems. At some point, when the US engages in another bout of cruise missile diplomacy, the people who are the targets of this diplomacy will just use this device to fry the missile guidance systems and laugh at us on global television.

I think President Shrub's plan to revive Reagan's dubious Star Wars missile defense ought to be reconsidered in this light.

Posted by Pace Arko at 1:23 PM on May 3, 2001

Zip the commercials!

Advertising is everywhere these days. It's becoming like that Pohl and Kornbluth story, where advertising was even on the wallpaper and toilet paper. I think it's gone far enough. I think people should be allowed to pay more for no advertising at all. Think about it. You pay for cable right? Wouldn't you be willing to pay a little more not to see any ads on cable at all? Maybe we should demand that. Maybe we should demand to pay more not to see ads before movies--or "prominent product placement" in movies. Maybe there should be a movement towards paying more not to plagued by ads.

Continue reading "Zip the commercials!" »

Posted by Pace Arko at 10:01 AM on February 22, 2000

Site Navigation

Unless otherwise noted, copyright Pace Arko 1998-2007, Various rights reserved.
Valid XHTML, CSS, RSS, Atom and 508.