Category Archives: Hoaxes

Spot the phish

McAfee have a great ten question quiz to challenge whether or not you can spot phishing sites. Give it a go. I got 9 out of 10.

Once you finish, it shows you the answers, and how to spot the fake sites.

Of course, one of the problems is that a prime indication of a fake site is awkward or badly phrased wording. This, unfortunately, is not limited to fake web sites. While it isn’t generally a trait of big corporate web sites, that have professionals working on them, there’s any number of smaller businesses that have badly designed, misspelt or awkwardly-worded sites.

In most cases, it’s careful inspection of the URL that will indicate for sure if you’re talking to the right people. Some of the quiz examples excluded this information, to make you look for other signs, which was good. But in practice all browsers should be displaying the URL. Some older versions don’t do this on popup windows and so on, which is a problem… you can see it by right-clicking and looking at the properties of the page, but most people wouldn’t remember to do this consistently.

Gone phishing

I’ve had many phishing attempts trying to impersonate banks, but this is the first I recall impersonating the Australian Taxation Office.

From: Australian Government <admin @ ato.gov.au>
To: dbowen @ custard.net.au
Date: 15-Jun-2007 16:32
Subject: Australian Taxation Office – Please Read This.

After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $163.80
Please submit the tax refund request and allow us 6-9 days in order to process it.

A refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline.

To access the form for your tax refund, please click here

Regards, Australian Government

© Copyright 2007, Australian Taxation Office – All rights reserved..

The click here link was to: http://bigart.com.tr/ato/updatedb/ (rest snipped)… from the looks of it this domain is commonly used by phishers. Evidently they’ve been at it for a few months now.

HSBC.co.uk Security Sistem

From: HSBC Bank PLC
To: josh_parris@leakeddomain.com
Cc:
Subject: HSBC.co.uk Security Sistem

Dear HSBC Member,

We have reason to suspect that your HSBC account may be in use by an unauthorized party.

….

I think I should click on the link to check out this sicurety pblum. What do you think?

Vaccination and Hippies

Owen turned four (months) recently, and he was taken to the doctor for that round of inoculations. That reminded me that when Cathy and I were doing childbirth classes we discovered that the lunatic fringe is alive and well in Melbourne. The subject was “Sleeping Soundly”, the opening minutes of which were about vaccination for no reason I could discern.

The World Health Organisation, whom the Choices for Childbirth speakers quote when lamenting (quite rightly, in my opinion) the high medical intervention rate during childbirth, is studiously ignored when talking about how one ought to explore both sides of the “debate” over immunization. The WHO says “No child should be denied immunization without serious thought about the consequences, both to the child and the community”.

Humans are terrible at estimating risk (also known as probabilities). They happily play lotteries (one in millions chance of winning), but then drive their kids to school (running a pronounced risk of a car crash and injuries vs a vanishingly small risk of a perverted old man snatching their kid and having his way with them). Humans are prejudiced machines – they decide things without knowing all the information (pre-justice, or pre-judge). They make decisions based on what they can recall on the subject. And this counterpointed by the news media, which reports news. They don’t report that millions of Aussies got out of bed, went to work and came home again, without incident. That’s not news. Someone being bitten (or better yet, taken) by a shark, that’s news – because it hardly ever happens. Things that are unusual, different, out of the ordinary and notable are part of every night’s TV viewing. A viewing night of four hours – 240 minutes – includes 30 minutes of really unusual stuff, so odd and weird that the TV station sent a film crew out to take pictures of it (ever woken to find a camera crew filming you getting out of bed? “This morning, Josh got out of bed…” No, didn’t think so). And humans think “I better be careful when I go swimming, a shark could get me. I’ve seen that happen a couple of times in the last few months. In fact, just to be safe, I won’t go swimming”. We have crime shows on every night, leading viewers to think “there’s a lot of crime out and about. I’ll drive to the shops”. The news loves a good kidnapping “little girl snatched from her bedroom”, and happily ignores the fact that almost all child abductions are performed by relatives. But we’ll drive them to school, to keep them safe (and fat). So when the Tabloid TV shows announce that a child has reacted poorly to an inoculation, immunization rates plummet, in the same way breast cancer screening rates jumped right after Kylie got it. More often than not, they use their power for evil rather than good.

These same TV shows give equal time to minority and majority opinions, in the interests of fairness. Which would be fine, except humans will go “hmmm, it seems that professional opinion on this seems to be divided down the middle, I’ll just be safe and not vaccinate my child (besides, needles hurt).” It’s dangerous and irresponsible, scaremongering amongst the vaccination decision makers – parents. And they’re being affected by it. Infectious diseases the developed world thought it had eradicated (think whooping cough, which was almost wiped out – ) are resurfacing as a result of the crazy hippies who reckon that this vaccination thing is all a money making scam by the multinational pharmaceutical companies.

Vaccines don’t always work. They are not 100% effective. You can get a disease after being vaccinated against it – the vaccine may not provoke an immune response. And that doesn’t have to matter.

Needles hurt. Vaccines have an inherent level of danger. Injecting pathogens into your body isn’t something it’s really designed for, and keeping vaccines viable for an acceptable time means there’s stuff in them that some bodies will not react well to. Some immune systems go ape shit when they see the disease. Some people die. I’d like to point out how badly the bodies of these people will react when they get the real, live, unattenuated, unadulterated, honest-to-God virulent form of the disease – exceptionally poorly. But none the less, there is a potential cost associated with being vaccinated.

I’m going to talk about Herd immunity and the free loader effect. A certain level of non-vaccinated members of the population is acceptable, but varies from disease to disease – the immunization you’re given may not invoke an immune response in you, but at the same time, if about 90% of the population is immune, generally an infectious disease is not going to become pandemic. Which is fine, and everyone’s happy. Until God damn hippies start running around not getting immunised, becoming free loaders on those of the population who have run the risk of reacting horribly. With enough people unimmunised, eventually the herd immunity effect breaks down, and the kids of the hippies end up getting diseases that we thought no one got anymore. And, no doubt, the hippies whinge about it, but refuse to take the blame for the kids of responsible parents who got the disease despite being vaccinated against it – because their bodies failed to produce an immune response. And those responsible parents will be too grief stricken to blame the hippies for killing their child.

The Australian federal government’s Immunisation Myths and Realities booklet talks about the complaints that hippies put forward. Myths such as the MMR vaccination causing autism.

The adverse reactions a vaccination may produce are mild compared to what would happen if they actually got the disease. The only elevated risk is to those intolerant of egg products.

Let’s have a look at what these diseases do. Because, if you were against immunizing against them, they can’t be that bad, insofar as diseases go, right? Because you’re happy to run the risk of your child catching and living with (and dying from) these diseases, verus the risk of your child having “something happen to them” as a result of being vaccinated.

From the Australian National immunisation program schedule of immunisations, things that you’re innoculated against:

  • At the moment of birth: hemorrhaging. Normally Vitamin K is produced by bacteria in the intestines, and dietary deficiency is extremely rare unless the intestines are heavily damaged. But newborns are nearly sterile – if the embryonic sack is intact, they are sterile. Thus, no bacteria, and no Vitamin K, which is needed for the posttranslational modification of certain proteins, mostly required for blood coagulation.
  • Polio, check out photos of polio victims. The virus invades the nervous system, and the onset of paralysis can occur in a matter of hours. Polio can spread widely before physicians detect the first signs of a polio outbreak – so forget pulling your child from school when someone is noticed with polio, this is not a prophylactic method with any level of success.
  • Diphtheria, check out photos of children with Diptheria, a bacterial infection. Long-term effects include cardiomyopathy (the heart wastes away) and peripheral neuropathy (ie, paralysis).
  • i

  • Pertussis or whooping cough. Doesn’t sound so bad, a bit of a cough. Check out the photos of babies with a bit of a cough. Complications of the disease include pneumonia, encephalitis, pulmonary hypertension, and secondary bacterial superinfection.
  • Rubella, a relatively mild disease (photos) unless it’s caught by a developing fetus. Lifelong disability results. But I guess that’s the fetus’ problem, not yours.
  • Mumps usually causes painful enlargement of the salivary or parotid glands. Orchitis (swelling of the testes) occurs in 10-20% of infected males, but sterility only rarely ensues; a viral meningitis occurs in about 5% of those infected. In older people, other organs may become involved including the central nervous system, the pancreas, the prostate, the breasts, and other organs. The incubation period is usually 12 to 24 days (again, don’t bother pulling your kids from school – they’ve already got it). Mumps is generally a mild illness in children in developed countries. So your child should get it.
  • Hepatitis B – Over one-third of the world’s population has been or is actively infected by hepatitis B virus, so it can’t be all that bad. Hepatitis B infection may lead to a chronic inflammation of the liver, leading to cirrhosis. This type of infection dramatically increases the incidence of liver cancer. Only 5% of neonates that acquire the infection from their mother at birth will clear the infection. Seventy percent of those infected between the age of one to six will clear the infection. When the infection is not cleared, one becomes a chronic carrier of the virus.

There are other diseases, but I’ve only got so much time. Read the Australian federal government’s Immunisation Myths and Realities booklet. And for the love of all that’s right in the world, get your children immunised.

Just because you don’t understand statistics, science or even simple logical reasoning, doesn’t make vaccinating your children a bad thing. Perhaps, if you don’t understand any of these things, you should leave the decision making on vaccination to the professionals?

This is God calling

Yesterday I answered the ‘phone. Because I was home, having a holiday, which is soon to be rudely interrupted by a short working stint, but that’s by-the-by. I could tell that whomever had called didn’t know anyone in the house; the phone’s listed in my girlfriends name. “Hello, Mr [Girlfriend’s-name]?” is a dead giveaway that they’ve pulled the number from the phonebook, and immediately puts me on the defensive. Which is why I have no interest in having the phone in my name. I can spot low-life scum a mile away with the arrangement as it is.

Now, the first thing I do when I have a telemarketer on the phone is to get them to tell me who they are. The lass weasled about, talking about a survey. Surveys don’t care about the identity of the respondent; this was marketting. Eventually she said she was representing the Jehovah’s Witnesses, at which point I terminated the call; religous fundamentalists get up my nostril.

Neither Cathy nor I get any telemarketing calls – oh, well maybe we get a couple a year from local gyms. It’s because we’re signed up to the ADMA’s do-no-call list. If you’re not signed up, stop reading, and go sign up now. The local gyms get the line “we only purchase goods from members of the Australian Direct Marketting Association” and they’re taken care of.

So, here we have technology being used for evil. Evil, not only because it’s evangelical fundamentalists at work, but because they claim they’re doing a survey about how people in the local neighbourhood feel about stuff. Because it’s a survey, that would be covered by the Australian Market & Social Research Society, which (they would claim to keep the statistics clean) doesn’t operate a do-not-call list (in spite of the fact that people that don’t want to be surveyed are going to do all sorts of bad things to their stats).

Worst of all, I don’t think there’s much I can do about it, except I remember hearing about a guy who had installed a PABX with and IVR – “if you want to talk to Cathy, press 1 now. To talk to Josh, press 2 now. Pressing 3 now will let you talk at Owen, but don’t expect a cogniscient conversation out of him.” Apparently, in the US, he was getting zero telemarketing calls – which is quite a feat.

Questions:

  1. Has the obesity epidemic reached the point where the Jehovah’s Witnesses can’t be bothered leaving the house to recruit souls so that they can, pyramid-sales-scheme-like, go to heaven?
  2. Why don’t the Jehovah’s Witnesses tell people up front you’re not going to heaven, even if you convert (there’s only 144,000 spots – what are the chances you’ll be goody-two-shoes-super-converter enough to get in)?
  3. Why doesn’t the AMSRS operate a do-not-call list?
  4. Why doesn’t the government ban harrassment like this?
  5. What can I do to stop this from happening again?

Prank

So, that shiny new computer I’ve been given and my propensity to save power have combined with boyish enthusiasm with a practical joke to create a very embarrassing situation for the two other contractors I work with.

I normally leave my box locked overnight, shutting it down on a weekend. So a discovery of a week ago had to wait until Monday to play out.

My new computer has a temperature sensitive main case fan that’s ducted – at higher temperatures the fan is cranked up to increase the airflow over the water cooled CPU heatsink. There’s a BIOS setting to set the idle fan speed; the default value is almost imperceptable, the highest is a roaring not dissimilar to a jet taking off (mainly because of the ducting and air being forced through the heatsink – all the turbulance is very noisy) and certainly seems to move a lot of air. Apparently the other guys here discovered this setting, and thought it would be a great idea to crank up the idle fan speed to “stupidly high” while I was away.

When I powered up the box, and the roaring fan started, I immediately went to Dean, the guy who did the swap-over to the new box. Having a CPU cut out because of overheating is not cool; I imagined that the heatsink might have come off somehow. He couldn’t imagine what was going on, and did note that the air wasn’t hot. Opening it up revealled everything in its place.

At this point the pranksters saw that this could escalate well beyond a prank and intervened with an explanation. Whilst I wasn’t put out, other people put the pranksters in their place. So, kids, be careful with those pranks. They could blowback on you (oh, I hadn’t intended that pun!).