Ho John Lee’s Weblog

Spring seems to have brought on a new variant of the Nigerian “419″ spam fraud campaign, substituting Benin for Nigeria. Going through the e-mail that came in during spring break, weeks I’m seeing a lot of e-mail with titles like

“FINAL NOTIFICATION OF RECEIVING YOUR HERITANCE FUND IN ATM MASTER CARD”

“CONTACT YOUR ATM MASETR CARD”

“CONTACT EMS IMMEDIATLY ON +234 8022856155″

“CONTACT FedEX EXPRESS COURIER COMPANY LIMITED FOR YOUR CONSIGNMENT IMMEDIATLY”

“CONTACT REV DR.KENNETH OKOM DIRECTOR OF ATM CARD BANK”

“CONTACT MR FRED IKEM FOR YOUR $950,000.00″

The general theme in this sort of spam is “We’re waiting for you to confirm your bank information and send a small processing fee so we can send you a lot of money.” This campaign mostly mentions a program from the Republic of Benin to give away money through funded ATM/Mastercard accounts for various reasons ranging from inheritance to payment for previous services. Some of these have an interesting wrinkle though:

A few days ago, the first time I saw the television ad for the new Volvo S80’s heartbeat sensor alarm, I thought it was a parody. It shows a woman walking up to her car in a dark parking lot, then turning away after the heartbeat detector shows that someone is hiding in her car. I’m sure they test marketed this before including the feature, but I totally don’t get it.

Here’s what the Volvo site says about the feature:

The Personal Car Communicator (PCC) is your car key’s smart connection with your Volvo S80 applying the latest in two-way radio technology. When in range, you’ll always know the status of your car. Locked or unlocked. Alarm activated or not. If the alarm has been activated, the heart beat sensor will also tell you if there is someone inside the car. The PCC also includes keyless entry and keyless drive.

I’m quite pleased that the British authorities managed to foil the attempt to blow up multiple airliners last week. On the other hand, I’m probably not alone in wondering how long-haul business air travel is going to work out.

If a ban on all liquids, gels, and personal electronics stands, a lot of air carriers will need to start competing on in-flight service again. In recent years, I normally bring my own water, food, work, entertainment, and a change of clothes for air travel to China and India. On a trip to India, it’s about 30 hours in transit, which is a lot of time to watch the 6 movies that United usually rotates each month, along with putting in a full day or so of work. I usually fly United since their Asian routes are all based here, but I wouldn’t want to rely on them for food, water, and entertainment. Might be time to book on Singapore Airlines, which flies with a huge video- and audio-on-demand library and Nintendo video games, never seems to run out of food or water, and consistently provides attentive cabin service.

Overnight, British authorities arrested 21 suspected terrorists planning to blow up several airliners on Continental, United, and American by mixing liquid explosives carried onboard in hand luggage.

At the moment, all liquids are banned from hand luggage, except for baby formula and medicine.

All in all, it sounds like great work by the UK authorities, although this quote leaves me wondering a little (since they’ve only arrested 21 so far):

“A senior U.S. counterterrorism official said authorities believe dozens of people — possibly as many as 50 — were involved in the plot.”

More from Counterterrorism Blog here, here, and here

The search query data that America Online posted over the weekend has been removed from their site following a blizzard of posts regarding the privacy issues. AOL officially regards this as “a screw up”, according to spokesperson Andrew Weinstein, who responded in comments on several sites:

All –

This was a screw up, and we’re angry and upset about it. It was an innocent enough attempt to reach out to the academic community with new research tools, but it was obviously not appropriately vetted, and if it had been, it would have been stopped in an instant.

Although there was no personally-identifiable data linked to these accounts, we’re absolutely not defending this. It was a mistake, and we apologize. We’ve launched an internal investigation into what happened, and we are taking steps to ensure that this type of thing never happens again.

More raw data for search engineers and SEOs, and fodder for online privacy debates - AOL Research has released a collection of roughly 20 million search queries which include all searches done by a randomly selected set of around 500,000 users from March through May 2006.

This should be a great data set to work with if you’re doing research on search engines, but seems problematic from a privacy perspective. The data is anonymized, so AOL user names are replaced with a numerical user ID:

The data set includes {UserID, Query, QueryTime, ClickedRank, DestinationDomainUrl}.

I suspect it may be possible to reverse engineer some of the query clusters to identify specific users or other personal data. If nothing else, I occasionally observe people accidentally typing in user names or passwords into search boxes, so there are likely to be some of those in the mix. “Anonymous” in the comments over at Greg Linden’s blog thinks there will be a lot of those. The destination URLs have apparently been clipped as well, so you won’t be able to see the exact page that resulted in a click-through.

There’s an interesting new report out today from the Combating Terrorism Center at West Point (the US Military Academy), titled “Harmony and Disharmony: Exploting Al-Qa’ida’s Organizational Vunerabilities“, which has some useful insights for entrepreneurs and corporate managers as well as for those dealing with global jihadist movements or with a general interest in global security issues.

The report is based on a collection of captured documents which have been recently declassified, and examines some of the strengths and weaknesses of the Al-Qa’ida organizational structure. The merits of a 21st-century, networked, mobile, internet-enabled insurgency have been observed elsewhere at length, as summarized by James Na at Korea Liberator:

Catching up on the backlog of feeds, some discouraging news from Bangalore:

Last Thursday’s Times of India:

An armed assailant killed a retired IIT Delhi professor and injured four others in a daring assault on delegates of an international conference at the premier Indian Institute of Science (IISc) on Wednesday evening.

The unidentified attacker — police aren’t sure whether more than one person was involved in the strike — fired indiscriminately through his AK-47 rifle from the parking lot at delegates coming out of the auditorium after the second day’s deliberations ended.

One person was killed, two other attendees were shot, and a hand grenade (which misfired) was found in the driveway .

This doesn’t appear to have been a large or politically interesting conference. MC Puri, the retired professor who was killed in the attack, was one of 36 attendees at an operations research symposium.

Marc van der Chijs observes some new signage in the Sanlitun diplomatic district in Beijing:

You are not allowed to blow up your car! Not sure if it is a temporary sign (Mr. Bush will visit Beijing this week) or whether it has been here longer already. Or does it mean something else?

There actually has been a warning from the US State Department regarding a threat against 4- and 5-star hotels in China. Hopefully nothing will come of it, though I’m sure there’s more under way than putting up these signs.

(via Asiapundit)

Although there’s no working system described in any articles I can find about this, the patent application that goes with this is filed on behalf of NASA, so it might not be total vaporware.

From Audio DesignLine:

At last, you think that you have a secure room for conversations. No windows to bounce laser beams off as a means to eavesdrop. The doors are sealed and air tight. But don’t rest too easy. Now there’s a new way of snooping using Gigahertz waves.
…
Reflected electromagnetic signals can be used to detect audible sound. Electromagnetic radiation reflected by a vibrating object includes an amplitude modulated component that represents the object’s vibrations. The new audio interception method works by illuminating an object with an RF beam that does not include any amplitude modulation. Reflections of the RF beam include amplitude modulation that provide information about vibrations or movements of the object. Audio information can be extracted from the amplitude modulated information and used to reproduce any sound pressure waves striking the object. Interestingly enough, the object can be something as unlikely as a piece of clothing. Thus, something as intensely personal as your heart beat can be intercepted by reflected RF waves in addition to audio sounds.

via BoingBoing:

Many color laser printers hide information about your printer’s serial number and the date and time of your print job in every job you print. It’s believed that this is done to get your equipment to incriminate you without your knowledge. Now EFF has decoded the information-hiding scheme on the Xerox Docucolor series, by getting EFF supporters to print out pages from their printers and mail them to our researchers, who examined them under magnification and special light and cracked the code.

EFF: Is Your Printer Spying On You?:

Imagine that every time you printed a document, it automatically included a secret code that could be used to identify the printer - and potentially, the person who used it. Sounds like something from an episode of “Alias,” right?

Unfortunately, the scenario isn’t fictional. In a purported effort to identify counterfeiters, the US government has succeeded in persuading some color laser printer manufacturers to encode each page with identifying information.

Korea has amazingly high penetration rates for broadband and cellular service. It’s cheap, fast, and widely available, and has been for several years now. This has made Korea a lead market for trying out new wireless and online services. Streaming broadcast and video-on-demand for all national networks is the norm. Next up: building a centrally planned, wired city called New Songdo, which will implement many of the ubiquitous / pervasive computing ideas that have been floating around for a while but never attempted at this scale:

New York Times:

via Om Malik:

Google seems to have developed a secure WiFi VPN software tool - Google Secure Access Client. The information can be found here. Google Rumors has all the details. To sum it up, what they are doing is giving away a VPN tool that takes some of the security risks out of open WiFi. Companies like JiWire and Boingo also have these type of secure WiFi software solutions. While on paper this sounds like a perfectly good deal, Inside Google says not so fast, and writes, “Google Secure Access has the same benefits for Google as Web Accelerator did, with fewer of the things that scared away people the first time.” They dig deep into the GSA privacy policy …

Another take at Inside Google:

From SANS: Multiple Linksys WRT54G Vunerabilities, published: 2005-09-14

iDefense has released five vulnerabilities against the Linksys WRT54G wireless access point/switch/router. Some of these vulnerabilities are very serious. Users of these products are highly recommended to patch their devices. Patches for the latest versions are available at http://www.linksys.com.

This is one of the most popular and widely modified wireless routers out there. If you have one that’s exposed to the public, time to patch it.

Here’s the capsule descriptions, these look like fun:

Bruce Schneier, noted crypto and security guy, has an entertaining thread of comments on various security issues at Hogwarts in the latest installment of Harry Potter, starting with a post from Karl Lembke:

In the latest Harry Potter book, we see Hogwarts implementing security precautions in order to safeguard its students and faculty.
One step that was taken was that all the students were searched – wanded, in fact – to detect any harmful magic. In addition, all mail coming in or out was checked for harmful magic.
In spite of these precautions, two students are nearly killed by cursed items.

Brent Dax comments:

I hadn’t stopped by the SDForum Security SIG in a while. A few notes from last Thursday’s meeting in Palo Alto:

Gerhard Eschelbeck, CTO at network security company Qualsys, gave a presentation on his analysis of aggregated vunerability data. Their company provides network vunerability scanning and monitoring services, and the 2004 data set used in his study includes over 14 million IP scans, both within corporate firewalls and on the public network. They turned up over 3 million exposed critical vunerabilities, or just over 20% of the scanned systems.

He’s publishing a monthly list of the top 10 internal and external vunerabilities, along with his report on the Laws of Vunerability.

A couple of days ago I wrote about the unsolicited SMS message I received on my Cingular Wireless cell phone, inviting me to download some antivirus software from McAfee. Unfortunately, the source of the message was unidentifyable, meaning that anyone willing to downloaded the binary package would be just as likely to have picked up malicious code as an antivirus package from Cingular.

Apparently it really is from Cingular. I’m happy that they’re trying to provide a useful service, but this is a case where they’re educating the customers to behave in a counterproductive way. There’s no mention on the Cingular site, because this is a beta program.

Darla Mack writes:

On August 25th a small number of Cingular subscribers(including some Pre-Merger subscribers) received text messages alerting them of a new service provided by McAfee. Apparently, some of these subscribers had been infected by the Commwarrior virus. As you know, the Commwarrior virus can be spread via Bluetooth and/or MMS ad only affects devices running the Symbian OS.

This turned up on my cell phone a few minutes ago.

I have no idea whether this is really from Cingular or not, but I’m sure some trusting people will go ahead and click the link.

It’s unauthenticated, sent to my phone via WAP push, with no way to verify that the originator is Cingular, McAfee, or an affiliate. They want me to download a binary and run it on my phone. Just lovely.

I hate the fact that its just as likely to be from an attempted security exploit as it is from Cingular. There’s no obvious mention of this on the Cingular public site, customer service site, or a quick Google search on Cingular and McAfee. Unfortunately, Cingular, like the other wireless service providers, tends to be poor at communicating with subscribers, other than attempting to upsell and cross sell services, so your guess is as good as mine whether this is authentic.

It’s near the end of the day here in California. All day today I’ve been getting regular updates on this morning’s terrorist bombings in London, and aside from general anger at the attackers, and sympathy and concern for the citizens of London, I’m also just realizing that I haven’t had the television on once, nor had the impulse to go check. For me, it has been irrelevant as a news source today.

There is a huge amount of 1st person content - blog postings, photos, audio, and probably video by now. None of it scrubbed for journalistic accuracy, of course, but presenting a collective, subjective view of the situation in a more timely and compelling way than what might otherwise be presented through the conventional media, and providing a vast pool of source material and leads to conventional media journalists. Tonight and tomorrow there will probably be some thoughtful analysis from the news services, but blogging and the internet are a perfect fit for news events in flux.

An interesting thread on Google Answers, regarding what services are available to track the current location of a cell phone. (via del.icio.us).

For about $200.00 ICU, Inc. offers to locate a cellular telephone by
pinging the phone – a kind of triangulation process similar to the one
I mentioned earlier. Ms. Landers explained that the cell phone appears
as a ‘blip” on a screen. They provide the service 24 hours a day, 7
days a week in order to help locate missing persons, fugitives,
cheating spouses, etc. They regularly serve bondsmen, authorities,
investigators and many others. You will receive the results within 7
to 10 minutes of a successfully completed ping that will indicate
within approximately 50 feet, where the phone was located at the time
of the ping.

I.C.U. Inc.
http://www.tracerservices.com/cpl.htm
http://www.tracerservices.com/cplfaqs.htm