Spammers get scammed :-)

Posted on May 24, 2006 by D-Caf

Ok first good story I’ve heard about spammers, though it’s not all good news. Apparently there are some card scammers that use stolen credit card numbers to buy goods and get paid by spammers and then run with the goods and the cash to let the spammers deal with the chargebacks and indentity fraud investigations. šŸ™‚Ā  So, it’s good in that it cost spammers money and makes their lives harder, bad in that it’s at the price and annoyance of people who have had their credit cards numbers stolen.

You can read more about it here:

Carders scam spammers – The Register

or here:

How Many Spams Can a Scammer Scam If a Spammer Can Scam Spams? – The Washington Post

Posted in David, Security | Leave a comment

MS Word and Yahoo Messenger Worms/Trojans

Posted on May 22, 2006 by D-Caf

Ok, two nasty little vulnerabilities people should be aware of have popped up.

First, late last week, a security hole in MS Word was revealed and a corresponding trojan virus that takes advantage of it.Ā  More information can be found here:

http://www.kb.cert.org/vuls/id/446012

http://www.theregister.co.uk/2006/05/22/trojan_exploit_word_vuln/

There is no patch yet from Microsoft, so follow best practices, don’t open documents/files you weren’t expecting to recieve from people.

Second there is a trojan worm going around that likes to attack yahoo instant messenger users.Ā  It will send a link to a website to your IM contacts encouraging them to download and install a “Safety Browser”.Ā  Of course there is nothing safe about it.Ā  More information here:

http://www.theregister.co.uk/2006/05/22/safety_browser_im_worm/

Again, don’t click on links you aren’t 100% sure of, even when they look like they’ve come from a friend.

Posted in David, Security, Technology | Leave a comment

Fedora Core 5 Linux install on Sharp MM20

Posted on May 2, 2006 by D-Caf

Well, I finally got around to posting up my instructions for installing FC5 on a sharp MM20 laptop. This is definitely one of the best versions yet to run on this laptop. It’s not perfect yet, as suspend modes aren’t 100% consistent, but it is getting very close. Anyway, you can read about it here:

Fedora Core 5 Linux install on a Sharp MM20 Laptopt.

Posted in David, Linux | Leave a comment

Pennsylvania High Point

Posted on April 30, 2006 by D-Caf

This weekend we decided to hit another high point. This time we drove up to Pennsylvania to Mount Davis. The highpoint is located in a State Forest and there are several hiking trails you can take. The trail/path to the highpoint is short though, maybe 200 feet from the parking lot. This was the first High Point that we took Muirna, our dog, to. She loves riding in cars and getting a chance to check out new areas. It was cool, but not cold and a little bit of wind. There is a sign next to the major road that appears to be marking the high point (in the first picture), but it’s not, you have to drive just a little further past to see the side road that leads up to the parking lot for the high point. The high point is marked by a big boulder (which I’m sitting on in one of the pictures below). Unfortunatly, I left the good digital camera at home, so had to resort to the Treo for pictures.

PA HighPoint Sign PA HighPoint
Posted in David, HighPoints | Leave a comment

Sad times for security research

Posted on April 28, 2006 by D-Caf

Here is a very good article about Security researchers going to jail for doing the right thing. They find a flaw in some instituition/company website, one that exposes valuable or personal information, and they do the good deed and tell the instituition/company about the flaw allowing them to fix it (which most likely they would never have found on their own until some bad guy came in and stole all the information and banckrupted them and their customers/clients). So how do they say thanks to the good guy? They take him to court and sue him for computer intrusion. This is so very backward thinking, and shows how badly they DONT understand security. If I found out a business did this I would not want to be associated with them or in any kind of financial/priviledged relationship with them. They are destined to fail and leak out my information to the real bad guys cause they don’t take security seriously, they are only concerned with their image (which apparently they don’t protect very well either).

Anyway, it’s a good read, and hopefully instituition will learn that they want these researchers on their side, not against them, or worse, out of the picture completely (which affects all of us).

Breach case could curtail web flaw finders

Posted in David, Security | Leave a comment

Big security holes in Mozilla, Firefox, Thunderbird, and SeaMonkey

Posted on April 17, 2006 by D-Caf

Time to run the update cycle. Some fairly significant security holes were found in most all of the Mozilla Foundations products. These security holes could allow someone to run any program they want on your computer as the user you are logged in as. Please go upgrade/update now.

More information here.

Posted in David, Security | Leave a comment

I HATE spammers!!@!!@!

Posted on April 17, 2006 by D-Caf

It seems that some spammers have decided to forge emails that appear to be coming from my domain (cafaro.net), i.e., people are getting emails from hoiud@cafaro-189588.ingress-bonde.easywp.com and dell34@cafaro-189588.ingress-bonde.easywp.com (and others), which are fake email address. These emails are NOT coming from my server, they are being relayed through badly configured email servers owned by other people. What really sucks is there is NOTHING I can do about it, there isn’t any way I can stop it cause they aren’t using anything I can control. It pisses me off big time. All these people I don’t know are getting these emails and think the spam is comming from my computers. šŸ™ And to make it more fun, I get all the bounced emails from dead email address the spammers are mailing to and from those who bounce spam back to the from address (which is forged, but their anti-spam software is badly designed and doesn’t realise this). Anyway, I’m just frustrated and very pissed. I’m about ready to start taking spammers to court, maybe I can suck some money out of them if I can track them down.

Posted in David, Technology | Leave a comment

Cool new light technology

Posted on April 13, 2006 by D-Caf

Well OLEDs keep getting cooler, I can’t wait to get my replacement lamps which will look like window shades and create light that feels like it’s coming in the window from the sun outside.Ā  And not generate heat, and use less electricity.Ā  They are getting so close to being ready…

Bulb busting light source inventedĀ 

Posted in David, Technology | Leave a comment

LinuxWorld/OpenSolutionsWorld Last week

Posted on April 13, 2006 by D-Caf

Well, it was a pretty good show, it wasn’t glitzy and glamorous, but there was some good info to be had, and good people to meet. Oh, and had a lot of fun at after show parties! :-). Anyway, here are a couple of photos looking down at the show floor from above. I should have taken more pictures, but I was too busy running around doing things. Looking forward to August for San Fran, if things go well, I’ll have some very interesting sessions for the security track!

These photos were early morning on the last day, that’s the only time it wasn’t crowded and busy (and I wasn’t flying around trying to be somewhere I wasn’t yet…)

LinuxWorld Left Expo HallLinuxWorld Right Expo Hall
Posted in David, Linux, Technology | Leave a comment

LinuxWorld/OpenSolutionsWorld next week

Posted on March 31, 2006 by D-Caf

Well, I’m getting ready for LinuxWorld/OpenSolutionsWorld next week. Not to much to do, most things I’m responsible for, I’ve taken care of. Looking forward to it. I hope people enjoy the Security Track I’ve put together. Guess I’ll know soon.

In related news, I’ve been asked back to do be on the Program Committee for San Francisco as well! I’ll also be doing the Security Track again, hopefully I can make it even better.

Going to be fun!

Posted in David, Linux, Security | Leave a comment