The Null Device

A US dating site has found a novel way of increasing its profile count: by automatically adding profiles for non-users from publicly available information. You know, just in case they might be open to romance, much in the way that other public-minded individuals send out emails to millions of people just in case some of them have erectile problems they're too embarrassed to seek out help for:

Jordan said the site would soon host some 340 million profiles after scraping information from social networking sites, e-mail registries, mailing lists, marketing surveys, government census records, real estate listings and business websites to create new dating profiles.

¶ dating privacy scams spam 1 Share

MySpace's legendary contempt for its users comes to the fore once more: recently, they bought Imeem, an online music service that let users embed streamable playlist widgets in their web sites, allowing users to (legally) stream music. As soon as they did so, Imeem was shut down, replaced with a notice telling people to use MySpace. As for users' embedded playlists? Well, they've been replaced with obnoxiously garish ads for downloadable ringtones.

¶ murdoch myspace skulduggery spam 0 Share

A reformed Facebook spammer (in his own words) writes about the dubious tricks of his former trade:

I finally came to this realization: People on Facebook won’t pay for anything. They don’t have credit cards, they don’t want credit cards, and they are not interested in shopping. But you can trick them into doing one of three things:

• Download a toolbar: It could be spyware (such as Zango) or something more legitimate, such as Webfetti or Zwinkys.
• Give up their email address: You’ve won a “free” camera or perhaps you’ve been selected as a tester for a new Macbook Pro (which you get to keep at the end of the test). Just tell us where you want us to ship it.
• Give up their phone number: You took the IQ Quiz, so give us your phone number and we’ll tell you your score. Never mind that you’ll get billed $20 a month or perhaps be tricked into inviting 10 other friends to beat your score.

Cloaking: This is when you show a different page based on IP address. We and most other ad networks would geo-block northern California—showing different ads to Facebook employees than to other users around the world. One of the largest Facebook advertisers (I’m not going to out you, but you know who you are) employs this technique to this day, using a white-listed account. Our supposition is that it makes too much money for Facebook to stop him. Believe me, we have brought this to Facebook’s attention on several occasions. Here’s what this fellow does—he submits tame ads for approval, and once approved, redirects the url to the spammy page. To be fair, players like Google AdWords have had years more experience in this game to close such loopholes.

¶ facebook scams spam tech 0 Share

Imagine, for a moment, that you have published an online multiplayer strategy game. How do you get players to play your game (and, more importantly, spend money on the numerous playability enhancements, from premium-priced instant messages to power-ups) rather than any of the numerous other games out there? Well, you could concentrate on making a particularly playable game, give away accounts and wait for word of mouth to do its work. Or, if you're the publisher of Evony (formerly known as Civony), a game heavily inspired (to phrase it somewhat generously) by Sid Meier's Civilization games only much more heavily monetised, you could bet on the assumption that sex sells and plaster the web with increasingly lascivious ads, in which the traditional cod-Tolkienist clichés gradually give way to gratuitous female nudity, culminating in the apotheosis: a close-up of a lingerie-clad bosom, with nothing about the actual game whatsoever. It's Idiocracy marketing taken a few steps beyond the typical Facebook ads with pictures of hot chicks promoting completely unrelated products, assuming that your target market is comprised entirely of idiots who, when shown pictures of BOOBIES!!!1!, begin drooling like Pavlov's Dog and reflexively get their credit cards out.

And here is a Grauniad piece about Evony. It seems that their dodginess goes well beyond patronisingly pornographic ad campaigns, and extends its slimy tentacles into everything from spamming blog comments to gold-farming and gouging their clientele (the "suckers", as I believe the technical term is) to lifting text and graphics from existing games. These people, it seems, have more contempt for their user base than MySpace.

And as if bad advertising and tenuous intellectual property were not enough, the game is also under fire for its business model – a system that seems intent on getting players to spend as much money as possible. Players are encouraged to buy in-game extras to speed their progress – but the confusing way the game prices its add-ons means that many users may not realise that a simple action, such as sending a message to another player, can cost 15p a time.

It turns out that the site's backers are equally unpopular. Evony is the product of Universal Multiplayer Game Entertainment (UMGE), a developer linked to a Chinese gold-farming operation called WoWMine. That site has also come in for regular criticism, but the real kicker comes with the news that the company's owners are being sued by Microsoft over allegations of click fraud.

¶ advertising spam stupidity videogames wtf 4 Share

Michael Jackson's death melts the internet:

Search giant Google confirmed to the BBC that when the news first broke it feared it was under attack.

Before the company's servers crashed, TweetVolume noted that "Michael Jackson" appeared in more than 66,500 Twitter updates.

That put news of Jackson's death at least on par with the Iran protests, as Twitter posts about Iran topped 100,000 per hour on June 16 and eventually climbed to 220,000 per hour.

Michael Jackson's death will almost certainly go down in history as one of those iconic events that everyone remembers where they were when they heard of it, like the Kennedy assassination or the passing of his erstwhile father-in-law some three decades earlier. Only, this time, it happened in a highly networked world, so the recollections will surely reflect this. I first heard of it when I saw someone log into an instant messaging service with "RIP Michael Jackson" as their status. Though one may well have found out about it by reading Wikipedia's revisions page:

(cur) (prev) 22:49, 25 June 2009 TexasAndroid (talk | contribs) m (119,637 bytes) (Removed category Living people (using HotCat))

And the Register' article on the Michael Jackson Twitter meltdown ends with some speculation about what's likely to happen in the days and weeks following his death:

We can expect floods of tributes, detailing how Jackson changed the face of pop music (a reasonable claim) was the biggest record seller in history (probably) and invented the moonwalk (absolutely not).

This will be quickly followed by floods of revelations about the singer's murky private life, now that libel restrictions no longer reply - at least in the UK.

But first of all, we can expect a flood of malware spam, likely promising post-mortem pictures of the star's body.

¶ death internet media michael jackson online spam twitter wikipedia 0 Share

The latest trend in spam seems to be incoherently bizarre headlines mentioning Britney Spears, and promising videos:

Britney vagina transplant to erase fools' memory syndrome
Britney heartbroken as Diana's Butler beds Winehouse
Britney Spears has Fanny Magnets Grafted in to Attract Papparazzi
Britney sues vagina for divorce

This seems to have started two days ago; before that, there was a brief burst of Angelina Jolie-related spam, following on from a number of "Weekly top news" headlines like "sperm-flavored cocaine all the rage in LA" (which sounds like they got Warren Ellis in as a copywriter).

¶ bizarre britney spears fail spam 2 Share

Those fake sensational news headlines spammers are using to trick people into visiting dodgy websites are getting more and more ridiculous:

Bush is Gay. Obama Converts To Judiasm.
Bush and Putin Agree To Restart Cold War During G8 Summit.
Barack Obama Wins Ku Klux Klan Endorsement. Both Obama And Mccain Claim They Will Deport Elton John.
The internet was invented in 1950s in China.
Gregorian Monks Commit Mass Suicide In Italian Church.
Madonnas Former Home Destroyed By Jesus. Blair: Im Not Gay, Thats Just My Accent.

¶ amusing bizarre spam 5 Share

Yiddish spam titles. (Well, Yinglish, to be precise, but still amusing:)

Do shiksas heckle your schmeckel?

XXX ... Yenta noshes on pisher's trayf blintz! Hot!

Take this and you'll need another bris!

Also in McSweeney's Lists: Brews to Accessorise the Modern Hipster ("I Don't Really Like This but I'm Drinking It to Get Back at My Parents and/or Friends With an Overt and Crass Display of Being Cultured Lambic", "Rummage Sale Pale Ale"), and Phrases Commonly Used By 1950s Housewives That Were Often Misinterpreted As Blatant Requests For Sex.

(via McSweeney's) ¶ 1950s hipsters humour jewish mcsweeneys sex spam stereotypes yiddish 0 Share

Apparently 2% of internet traffic now consists of denial-of-service attacks, mostly launched by botnets of hijacked Windows PCs operated remotely by organised crime. By comparison, email comprises 1 to 1.5% of internet traffic (though a majority of that is reportedly spam).

¶ crime internet malware spam 0 Share

The Napsterization blog (which is not about craptacular DRM-shackled music-rental services but about the social and economic implications of disruptive technologies) has a piece on the lengths Facebook application authors go to get people to install their applications, such as doing sleazy things like not only requiring users to install their application to see messages from friends, but wilfully misleading them into believing that if they don't forward a message (of a pornographic tone) to some friends, they won't get to see it. As a result, the maker of the app gets a juicy boost to their installation figures, whilst pissing all over people's social relationships and making your user experience that much crappier.

In this case, the culprit was Slide, with their popular FunWall application, though neither Slide nor Facebook will accept the blame for this:

Facebook pointed the finger at Slide (the app maker in this case), and said, "There is nothing we can do. We have no control over the apps people make or the stuff they send." Oh, and if I wanted Facebook to change the rules for apps makers? I'd have to get say, 80k of my closest Facebook friends to sign on a petition or group, and then they might look at the way they have allowed porn spam to trick people into forwarding, but until then, there would be no feature review.

Slide said that they thought Facebook was the problem, because as the "governing" body, Facebook makes the rules and "Slide wouldn't be competitive if they changed what they do, and their competitors weren't forced to as well." In other words, Slides competitors use the same features to get more users (or trick more users as the case may be) and Slide didn't want to lose out on getting more users with similar features, regardless of the effect the features have on us and our relationships.

¶ ethics facebook irritainment online social software society spam 0 Share

There is, indeed, nothing new under the sun. 74 years ago, people in America were besieged by unsolicited advertisements for dodgy medical products, financial scams, gambling, drugs and "dubious pleasure activities". Only rather than cluttering up their nonexistent email inboxes, this spam took the form of powerful radio broadcasts from transmitters in Mexico and/or aboard ships, jamming the signals of existing radio stations.

(via /.) ¶ fraud history pirate radio radio scams spam there's nothing new under the sun usa 0 Share

Facebook is in the news again, with (so far) the first known instance of a Facebook application being used to install adware on users' PCs. If your friends invite you to install the "Secret Crush" application, you accept, and you are using Windows, then the application will install the Zango adware program on your PC, not to mention arm-twist you into spamming your friends with requests to add it.

If Secret Crush actually needs you to click buttons to invite your friends to add it, the criminal scumbags who designed it have missed a trick; some other applications, such as RockYou's Super Wall and related applications, are able to send messages to randomly selected individuals from a user's friend list, purporting to be that user and asking to be installed to see a message from them, without the user's intervention. (I once found in my notifications the notice that I had messaged three randomly-chosen people, whose relationships to me have nothing in common, inviting them to install Super Wall. Soon after that, Super Wall was no longer installed on my page.)

¶ adware crime facebook fraud security social engineering spam viral marketing 1 Share

It looks like the latest angle in 419 ("Nigerian") scams is not millions of dollars of oil revenues or Iraqi gold but free puppies, as evidenced by the following email:

MY NAME IS Rev. Sis Dora Martins, I AND MY HUSBAND ARE ON A CHRISTIAN MISSION TO AFRICA AND I CAME ALONG WITH MY PUPPY. AFTER A WHILE I NOTICE THAT THE AFRICAN WEATHER IS NOT GOOD FOR THE PUPPY AND I HAVE NOT BEEN ABLE TO TAKE GOOD CARE OF HER THE WAY I ALWAYS DO BECAUSE OF MY JOB. I NEED SOMEONE TO ADOPT HER AND TAKE CARE OF HER THE WAY I ALWAYS DO. IF YOU CAN TAKE GOOD CARE OF HER DO SEND A REPLY AND I WILL EMAIL YOU HER PICTURES. I HOPE TO READ FROM YOU. THANKS AND GOD BLESS.
Rev.Sis Dora.

¶ 419 nigeria scam spam 1 Share

It looks like Facebook (the social network site which promoted itself on being less jarringly obnoxious than MySpace) may soon explore new frontiers of annoyingness:

"Evil is deeply embedded in Facebook's corporate DNA," said Umair Haque, a strategy consultant who covers digital media and innovation on his blog, Bubblegeneration.com.

As Nicholas Carr, former executive editor of the Harvard Business Review, wrote in his blog: "It's a nifty system: First you get your users to entrust their personal data to you, and then you not only sell that data to advertisers but you get the users to be the vector for the ads. And what do the users get in return? An animated Sprite Sips character to interact with."

In describing Facebook's new advertising system at a US conference this week, Facebook founder Mark Zuckerberg made it clear there would be no avoiding the onslaught of advertisements and viral marketing on Facebook. "There is no opting out of advertising," he said.

¶ advertising corporations evil facebook spam 0 Share

As the US braces itself for another bitterly contested Presidential election, computer-crime experts are warning that it's only a matter of time before botnets, phishing and DOS attacks are used to nobble campaigns or disenfranchise voters:

Dirty tricks are not new. On US election day in 2002, the lines of a "get-out-the-voters" phone campaign sponsored by the New Hampshire Democratic Party were clogged by prank calls. In the 2006 election, 14000 Latino voters in Orange County, California, received letters telling them it was illegal for immigrants to vote.

Calls could even be made using a botnet. This would make tracing the perpetrator even harder, because calls wouldn't come from a central location. What's more, the number of calls that can be made is practically limitless.

Internet calls might also be made to voters to sow misinformation, says Christopher Soghoian at Indiana University in Bloomington. "Anonymous voter suppression is going to become a reality."

(via /.) ¶ corruption crime democracy elections gibson's law politics spam 0 Share

What News Corp. doesn't want you to know about MySpace. It turns out that the grass-roots indie-hipster youth web sensation is actually nothing of the sort, but actually the product of a shady spam/adware company:

The whole site is, in essence, a marketing tool that everyone who registers has access to. Users constantly receive spam-like messages from said bands, business, and individuals looking to add more "friends" (and therefore more potential fans, consumers, or witnesses) to their online identity. A testament to this strange new social paradigm is the phrase "Thanks for the Add," a nicety offered when one MySpace user adds another as a friend. Best yet, to use the site, members must log in, causing them to inadvertently view advertisements, and then read their messages on a page with even more advertisements. In the world of MySpace, Spam is earth, air, fire, and water.

3. Tom Anderson did NOT create MySpace. Most users don't know that Tom Anderson (pictured) is more of a PR scheme than anything else--the mascot designed to give a friendlier feel to a site created by a marketing company known for viral entertainment websites, pop-up advertising, spam, spyware, and adware. As MySpace's popularity grew, the MySpace team moved to create a false PR story that would best reflect the ideals and tastes of its growing demographic. They wanted to prevent the revelation that a Spam 1.0 company had launched the site, and created the impression that Tom Anderson created the site, and the lie worked. According to Anderson, the bulk of his initial contribution is as follows: "I am as anti-social as they come, and I've already got 20 people to sign up."

(via Bowlie) ¶ evil murdoch myspace spam villainy 1 Share

Spam subject line of the day: "hors d'oeuvre sociopath". (From a "Hastings E. Ben".)

The mind boggles.

¶ spam 0 Share

Security researchers dissect a Russian spam botnet; it turns out that these things are getting alarmingly sophisticated:

Once a Windows machine is infected, it becomes a peer in a peer-to-peer botnet controlled by a central server. If the control server is disabled by botnet hunters, the spammer simply has to control a single peer to retain control of all the bots and send instructions on the location of a new control server.

Stewart said about 20 small investment and financial news sites have been breached for the express purpose of downloading user databases with e-mail addresses matched to names and other site registration data. On the bot herder's control server, Stewart found a MySQL database dump of e-mail addresses associated with an online shop. "They're breaking into sites that are somewhat related to the stock market and stealing e-mail address from those databases. The thinking is, if they get an e-mail address for someone reading stock market and investment news, that's a perfect target for these penny stock scams," Stewart said in an interview with eWEEK.

The SpamThru spammer also controls lists of millions of e-mail addresses harvested from the hard drives of computers already in the botnet. "This gives the spammer the ability to reach individuals who have never published their e-mail address online or given it to anyone other than personal contacts," Stewart explained.

Stewart discovered that the image files in the templates are modified with every e-mail message sent, allowing the spammer to change the width and height. The image-based spam also includes random pixels at the bottom, specifically to defeat anti-spam technologies that reject mail based on a static image.

(via /.) ¶ crime security spam 0 Share

I just got a spam email containing no attached images, no advertising pitches, no URLs, and indeed nothing but four letters and two digits, rendered as ASCII-art, entirely out of digits, a little like:

  3822  63748   90678  64826  109067      058   09405
 09  40 53  26 90      86  30 94           05       38
 47  07 10985  11      34  53 84059        76   96534
 961179 64  23 36      64  57 63           53  22
 42  52 12659   82391  26911  126422  75  2307 8174775

What could this be? Is it some online version of graffiti tagging, calculated to be as obnoxiously intrusive as the real-world equivalent? Secret al-Qaeda messages to sleeper agents? A brand-building campaign for some product? Or something else altogether?

¶ spam 4 Share

Subject: line found in spam folder: "Laboratory pep rally".

That would make a pretty good title for the kind of record one might see reviewed on Pitchfork.

¶ art-pop indie rock post-rock spam 0 Share

Seen in a recent spam message, from one "Fawlty Towers":

vob psp gp
adapts still literary
issues gender poltiical leavens message firstrate
Pets Sports Religion
Ferry Corsten Toca Race
fact
families higher leaflets
Zen Thanks
Torrone loaded
Author Software Handheld
Medical
Chicano cyberpunk performer discusses visionary RUSirius Duncan
Novell microbes
viewer winzip proxy proxify
revered foolish habit. generally credited
wavelike coarsely
Realtime Sweeper spyware
coupleof
station Engineers DNA Nanowire Assembly
ABs Blacks
pointers articles
OperaThis speedy recently widgets.
punish letting Hizbollah menace
Triggers Manhattan
guessing painting. racist
protocol thatthe garbage
culprits whether
Kiwis trapped kills strikes BEIRUT: killed least punish
Treatment Exercises
Under
mail.The phrases auxiliary Compare: Youve Talebones
beside song Thus roughly

¶ dadaism spam zen 0 Share

After alleged British spies were caught in Russia using a wireless receiver hidden inside a rock to communicate with recruits (though it has been suggested that the story was partly if not wholly made up by Russian government agencies to justify a crackdown on non-government organisations), security guru Bruce Schneier's blog discusses the possibility of wireless "dead drops"; and, if anything, there would be less easily detectable ways of doing it than hiding a device in a rock:

Even better, hide your wireless dead drop in plain sight by making it an open, public access point with an Internet connection so the sight of random people loitering with open laptops won't be at all unusual.

To keep the counterespionage people from wiretapping the hotspot's ISP and performing traffic analysis, hang a PC off the access point and use it as a local drop box so the communications in question never go to the ISP.

Replace one access point at a support provider for Starbucks and then have someone figure out which one it is after it's up. Use an asic mac filter to send traffic to a special part of the access point itself.

Port knocking on that dangling PC. The PC stays in stealth mode and only replies (briefly) when knocked upon.

Even better, how about hacking one's wireless configuration manager to hide the contraband data in unused header fields, passing it to a similarly hacked access point that would be an otherwise functional dead end. The spy's laptop wifi antenna could be accidentally left activated and innocently trying to associate with whatever WAP it sees (like my wife's does in our neighborhood). Hit the right WAP(s) and the data is passed.

All that spam you get in your in-box is merely steganography. The word "viagra" isn't mis-spelled to get around the spam filters, it's a complicated encoding allowing the spammers and their prospective recipients to exchange messages without anyone suspecting that there are people who want the message in the message. That's why spammers don't care if they send it to people who don't want it, their goal is to make people think of their communications as discardable trash, rather than something that may have a value.

(via schneier) ¶ bruce schneier espionage security spam tradecraft 0 Share

Mark Dery looks at spam subject lines as Dadaist found literature:

If only Tristan Tzara had lived to read spambot subject lines, some boiler-room hacker's idea of a foolproof strategy for bluffing your way past spam-killer defenses. "Be godparent or osteology," admonishes today's first hunk of junk mail, a Dadaist ultimatum if ever there was one. What mental-ward wisdom hides in this love-it-or-leave-it, my-way-or-the-highway dualism? Does it mean: If you're not part of a social network, bound by family ties, you've got your nose in the boneyard? "Ragweed conjunct Sherlocke," the next spam asserts, cryptically. A reference to Conan Doyle's mythical detective?

But why the antique terminal "e"? Intriguingly, this one makes use of the market-tested alt.music formula of stringing together three unrelated words to generate a record title or bandname guaranteed to inspire hours of beer-bong explication de texte, as in Wilco's Yankee Hotel Foxtrot or The Butthole Surfers' Locust Abortion Technician or Independent Worm Saloon or the Mother of Them All, Captain Beefheart's Trout Mask Replica. Do spambot programmers in offshore sweatshops have a secret sweet spot for the Captain? Or is there a neurocognitive reason for our requirement that three's the magic number when it comes to dream-logic word games? I've archived mails with Beefheartian subject lines such as "biracial Auerbach crankshaft," "boil longleg Kant" (those of us with little patience for the bewigged old dear couldn't agree more) and the painful-sounding "hardwood pancreatic departure".

(via bOING bOING) ¶ captain beefheart dadaism found poetry spam 0 Share

Spam of the day: from "Jadon Plourde", with the subject line "Re: crackpot Phdarmaceutical".

¶ spam 0 Share

I just got an email from "Imploding H. Agglutinated", urging me to "WORK FROM HOME".

¶ spam 3 Share

I just received a spam with fragments of The Master and Margarita (in English) at the end (to fool filters). It looks like the spammers are working their way forward through the Russian literary canon.

¶ mihkail bulgakov russia spam the master and margarita 2 Share

Today's fake spammer name of the day: "Boycie Ball"

¶ spam 0 Share

According to my spam filter, "Colene Grudmanish" says "But now I can penetrate hardly and give the pleasure to every woman!".

¶ spam 0 Share

According to Technorati, one blog is created every second. The report doesn't say how many of those are search-engine spammers' link farms.

¶ blogs internet spam 0 Share

Russia's biggest spammer found battered to death in his Moscow apartment. Insert repurposed jokes about disliked professions here.

(via /.) ¶ crime death russia schadenfreude spam 2 Share