Trojans and Popups and Slimeball Business 287
Selanit writes "Salon.com is reporting
on a company which exploited a vulnerability in an old but common version of Internet Explorer's Java engine to install spyware on the visitor's machine. " It's a pretty in depth story showing the lack of respect that
some companies have. My favorite part is that the guy who denies any knowledge
of the trojan popup is named 'Frank Bigott'.
I wonder if this is true... (Score:2, Insightful)
Yep - definitely (Score:4, Insightful)
Many times: it's why I now use Mozilla (well, that and the tabbed browsing and...and...and...) and Ad Aware.
Mostly it seems to be dialler programs for offshore ISPs. Porn, basically.
Use IE unprotected for a while, then run AdAware - it's quite scary.
Re:Yep - definitely (Score:2)
Regardless of which browser anyone chooses to use, I'd hope they're more dilligent about updgrading and/or patching than the people in this article were. All browsers have weaknesses and vulnerabilities, both known and unknown.
I've never had anything infect or self-install on my machines, even when I ran without virus scanner for a while. About the worst I've seen are cookies, and they're easy enough to deal with.
Re:Yep - definitely (Score:2, Interesting)
It's very hard to be totally secure, and it's not really fair to denigrate Microsoft when a patch has available for months (viz CodeRed/Nimda), or RedHat when people are still using 5.2.
Ad-aware (Score:5, Informative)
Re:Ad-aware (Score:2, Funny)
Re:Yep - definitely (Score:3)
One really has to wonder what sort of idiot thought that having the abillity to overwrite any file from any random website was a good idea.
It's not even an exploit really.
Re:Yeah, well Mozilla sucks because... (Score:2, Informative)
First, go to Sun's Java page [sun.com], and download their SDK for Java. Then run their installer and install that on your system. The next step is to go to the bin directory in the location where you just installed Java, and copy all the
Re:I wonder if this is true... (Score:2, Interesting)
What's kinda scary is the network admin wouldn't do anything to help. Norton Antivirus would say it had been quarantined but after she reboots all the processses are still listed in her Task Manager. I just forwarded this on to her to give to the admin so maybe he can take care of this now.
look here. (Score:2)
Investigate this! (warning: lot's of pink images, don't investigate at work).
Ah, the irony (Score:5, Funny)
Actually (Score:4, Informative)
I'm aware, that this doesn't necessarily sit well with a lot of people here, but wtf...
Re:Actually (Score:4, Informative)
Re:Actually (Score:2)
I _loved_ popup blocking - totally forgot that some sites did it - but it stopped some stuff from working so I had to turn it off. How can I get this wonderful option to work?
Re:Actually (Score:3, Informative)
Re:Actually (Score:2)
My ad-filtering proxy [taz.net.au] (updated block list available through this page [dyndns.org]) blocks the Flash ad they try to send. Editing the URL in the address bar brings you back to the Flash ad (which gets replaced with a 1x1 transparent GIF by the proxy). You also need to remove the cookies set by Salon and block them from sending any more cookies (the same page came up fine in Lynx when I told it to not accept Salon's cookies). Select Edit|Preferences, select "Cookies" under "Privacy & Security," and click "Manage Stored Cookies." Check "Don't allow removed cookies to be reaccepted later," scroll through the list of cookies, and remove the ones set by Salon (I found two, sent by salon.com and www.salon.com).
Re:Actually (Score:2)
> and enjoy Salon in its entirety and
> completely ad-free.
Or simply do what I do. Put *.salon.com in your RESTRICTED SITES security zone, and have all scripting and plugins disabled in that zone. Voila, I never get popups on Salon. Still see some normal ads, but they are tolerable.
This doesnt work with all sites, because some also use Javascript for navigation or other essential stuff, but Salon currently doesn't.
Wow.... (Score:2)
So what, exactly, gives you the right to deny them of funds like that? Now if you simply close the ad and don't click on it, thats one thing, but to never view it....
Good to see Jamie Kellner's [slashdot.org] got an account now.
Re:Actually (Score:2)
You know that those $2.00 sunday papers are payed for 10x over by the companies putting ads in them and then they have the fscking nerve to turn around and charge the customer more money to deliver the extra 10lbs of ads.
Give me add-fee paper publications and I'll start reading hardcopy news again.
no, that's not quite how it works (Score:2)
However, advertisers won't pay (or at least not nearly as much) to advertise in something free. They take the number of paid subscribers--even if it's only a small amount--as a measure of how many people actually read it.
hawk
Re:Ah, the irony (Score:2)
Really? Funny, I never saw that. Of course, I don't do Javashit. Or Flush. Gee, it really sucks to be in the dark ages, maybe I should upgrade... tomorrow. :)
Re:Ah, the irony (Score:2)
Maybe my settings are broken for stuff like that.
Maybe they're broken intentionally.
Re: How do you block OnClose? (Score:2)
Yes, I am a TV Junkie. I find tvguide.com invaluable, but tvguide.com uses popups to show a closer look of each show:
closer = window.open("", "CloserLook", opts);
closer.focus();
On Mozilla 0.9.9 the only thing I allow JavaScript to do is to "Open a link in a new Window". This lets me use TV Guide, and keeps almost all other popups away. On Mozilla 1.0RC1, I have to enable "Open unrequested windows". Yikes, if I want my TV Guide popups, I also get all the other pop ups in the world.
So I am still not sure what I need to be doing to get TV Guide to work once more while keeping the junk popups away
Microsoft, security and Java... (Score:5, Funny)
Isn't it odd that the only Java security exploit to be used in the wild is in the VM produced by Microsoft that didn't obey the Java spec.
Now a cynical person would say that this would enable Microsoft to point at Java and say "Java is insecure" but of course I'm not a cynical person and I'm sure it was purely an accident.
Re:Microsoft, security and Java... (Score:5, Informative)
Yeah, I posted it elsewhere, but it bears repeating that the "Microsoft® virtual machine (Microsoft VM)" [microsoft.com] is not a Java Virtual Machine (JVM, the old name), and Microsoft are no longer allowed to call it that after being bitchslapped around a few courts by Sun. Let's keep the Microsoft VM and the Sun JRE clear and distinct in our minds.
That comment is not insightful (Score:2, Insightful)
Re:That comment is not insightful (Score:2)
>>That comment is not insightful
>>It's just a statement with no supporting evidence.
> Hey; don't complain - the same scheme worked
> for YOUR comment; you got modded up.
He didn't make any statement that needed any more supporting evidence than the post he was responding to.
Re:That comment is not insightful (Score:2, Insightful)
If you had written applets between 1996 and 1998 using Netscape's VM, the Sun JVM and the Microsoft JVM at the time, and tried to get the same code working on all three, you wouldn't have needed any corroboration.
One of the worst was that Netscape's VM used completely different Z-Order to everyone else's. Their security manager was different.
I'd come up with more examples, but I've blocked out that awful part of my memory.
Simon
Re:Microsoft, security and Java... (Score:2, Informative)
If you look at that MS was doing to the Java APIs (not the language or VM), you will see that they tried to get people to write code to their APIs that tied people to their MS x86 Java Platform which was against the agreement they had with Sun.
Netscape just had a bad implementation of Java.
The line gets thinner (Score:5, Insightful)
It seems that all the Klez and Chernobyl kiddies have gone and got themselves some venture capital, and are turning their malware into a business.
Re:The line gets thinner (Score:2)
This is definitely illegal. There is no thin line here-- it is unauthorized, malicious, and destructive modification of someone else's box. I hope these fuckers get nailed.
Re:The line gets thinner (Score:2)
Klez, CIH, etc, all spread themselves as 100% self-contained packages, and all it takes is one slip to have it "escape" - which gives you a bit of weasel room.
This grungeware requires servers to connect to, which means concious ongoing support.
IMO, that's worse than virus writing - although it at least provides a single point of killing it off.
Um.. (Score:4, Insightful)
I didnt see any mention in the article of somebody lodging a criminal or even civil complaint.
I think a big reason these companies get away with this crap is that nobody takes them to task for what they are doing...
Re:Um.. (Score:2, Insightful)
'scuse my language, but (Score:4, Flamebait)
WHO THE FUCK ARE THESE PEOPLE?! Never heard of a single one of them - figures they'd be polluting the Internet.
Shouldn't these shitty companies have DIED last year?!
Re:'scuse my language, but (Score:4, Interesting)
You notice as available VC goes down, the number of pop-ups, subscriptions and sleazy sites go up.
I like to think that eventually the sleazy and make-abuck-quick companies will finally go under, and the web will be more like it was before. A communications medium for PEOPLE to communcate, rather than a giant catalog that consumers can shop from.
I can dream.
Re:'scuse my language, but (Score:3, Insightful)
A lot of the large media companies would be happier if no other competition existed for people's attention. A lot of the recent legislation is aimed not only at controlling the means of media consumption, but also the means of media production.
In ten years, it could be illegal to put up a web site or run an ISP without arranging content licensing and censoring (like, say, Iran or China).
Don't like it? Get active about it.
You can dream, but the reality gets more and more like a nightmare each day.
That would explain... (Score:3, Insightful)
That would explain why he didn't get it (Score:2)
Re:That would explain why he didn't get it (Score:3, Informative)
Yup, like I said, I have a log full of lame server entries for wwws1.com -> translation, the program was sending her to wwws1.com and my DNS server when doing the resolving was reporting the fact that the DNS for wwws1.com is not setup correctly.
Who said anything about www.s1.com?Block Flowgo at SMTP (Score:5, Interesting)
There has to be a solution to this sort of problem. About the only way I could get Flowgo to stop SPAMMING my mail server is to call up a buddy of Tony Soprano to break their knees because Flowgo doesn't care and I have never, ever, ever been able to get one of my elected officials or law enforcement agency to pay any interest in Unsolicited Commercial E-Mail. Its not like Flowgo is hiding its behavior either. It should be easy to get them but no one that matters or has the power, gives a damn about this huge waste of bandwidth.
Re:Block Flowgo at SMTP (Score:2)
Re:Block Flowgo at SMTP (Score:2)
I've been blocking flowgo and euniverse for over a year. These people are totally slimy, and they haven't figured that mail bounces. These people give the human race a bad name.
Re:Block Flowgo at SMTP (Score:2)
Hey, how dare you even compare a Flowgo employee to a human being! Its an insult to human beings. I agree, these people are slimy. The only way they will be stopped is by the law or an (un)fortunate act of God. If several of us are bouncing their e-mails for 5 months+, they just don't give a damn. It obviously doesn't hurt them financially to send out e-mails that bounce. I assume they are reporting only what they send out to clients, not what is received. That might be an avenue to attack Flowgo. Like Capone being busted for tax evasion, you might to have to hit Flowgo with something outside their normal crime. Since a lot of their e-mails are being bounced and they don't care that they are being bounced, it would be a decepetive trade practice for them to sell to clients the ability to e-mail a certain number of Internet Users knowing full well they can never reach their target audience because of SMTP blocks and RBLs.
Just a thought, I still like the idea of breaking knees to solve a problem like this. Its just more up close and personal. Tony Soprano, where are you when I need ya, baby?
Re:Block Flowgo at SMTP (Score:2, Funny)
"Power tends to corrupt, and absolute power is actually pretty cool." -- Tom Clancy (The Bear and the Dragon)
Re:Block Flowgo at SMTP (Score:2)
"Power corrupts, and absolute power is even more fun." -- Simon (BOFH)
Re:Block Flowgo at SMTP (Score:2)
Have you considered threatening a lawsuit? I realize that they're not the most popular thing on Slashdot, but when somebody is doing something illegal and annoying they're about your only recourse. Many states now have at least some kind of anit-spam laws, so if you've kept a record of your email asking them to stop sending mail to your users and the mail they've kept sending, you'd have a pretty good case. A nice, polite cease and desist letter sent by registered mail would likely get their attention, and if it didn't a lawsuit for the applicable statutory damages per message certainly would. If your company already has a legal counsel, it wouldn't even cost you anything.
Re:Block Flowgo at SMTP (Score:2)
Lawsuit is a good idea. I wish I could but I can't get my corporate council interested in going after a SPAMMER when he has bigger fish to fry for the company. However, I still think breaking kneecaps would be more satifying than legal action.
Re:Block Flowgo at SMTP (Score:2)
The lawsuit wil need to be filed by a resident of the state.
You should sue (Score:3, Informative)
Investigate your state laws here: http://law.spamcon.org/us-laws/index.shtml [spamcon.org]
Some of the states allow quite significant damages, for example, California law allows "damages of $50 per message, up to $25,000 per day, or its actual damages, whichever is greater."
If you are in a state with anti-spam laws you could really lay a hurtin' on them, and might even collect some dough in the process. (Although, given that we know they are unscrupulous, collecting will not be easy.)
Here are some other resources:
http://smallclaim.info/ [smallclaim.info]
http://www.spamcon.org/ [spamcon.org]
http://www.aboutspam.com/ [aboutspam.com]
http://http://www.cauce.org/about/resources.shtml [cauce.org]
Re:Block Flowgo at SMTP (Score:3, Interesting)
This helps. I had to do this last year when Bellsouth just wouldn't kick a joe-jobbing spammer that forged mails in my name. Eventually, I forwarded all the bounces to them (tech support, management, sales, ... and in the end even customers...).
Re:Block Flowgo at SMTP (Score:2)
Even better than tech support, SALES!
I complain (Score:4, Interesting)
An email, or written mail, just saying that I don't like it.
I was liquored up and complained about the GAP commercials, I got a very nicely worded response.
Now if I can find the email address for those putting all the pop up ads fo the Mercury Marauder up.....
My email generally says, "I saw a **** at http://****, and didn't like it because *****, why don't you just *****"
for po[p up ads, I'll say something about I prefer the less intrusive advertisements, when they force me, it makes me angry at the product being shoved in my face.
It is really nice if you can mention how you were already aware of their product somewhere else (magazine review, top of page ad, someone told you)
LA Based ? CPC 502 applies (Score:3, Interesting)
It's about time someone got put away for this sort of crap.
California Penal Code, look for section 502 [ca.gov]
Re:LA Based ? CPC 502 applies (Score:3, Funny)
Prison?
Concrete shoes?
In the trunk of a car?
Handcuffed to the floor in a crack house?
Sounds good, but could you be more specific?
Re:LA Based ? CPC 502 applies (Score:2)
Of course, that might violate the 8th Amendment.
Re:LA Based ? CPC 502 applies (Score:2)
If you do not know french history here is the list:
1. Break all limbs on the weel.
2. Casrate and show the removed offending material to the public
3. Skin alive
4. Dip into boiling oil
5. Hang what is left on a hook upside down
6. Leave for the crows to finish off.
That is of course in public.
It should be enough to do it once for anyone not to think of spamming as a business idea.
Another reason why choice is good. (Score:2, Insightful)
With that in mind, if the slimeballs knew that they can target one platform / browser (which is the case now as most normal people use IE anyway), they can devise things like this. Personally I use Mozilla, and tonight I'm converting to Linux, so this won't be much of an issue. I just wish more people knew there were other choices out there besides M$, and then they wouldn't fall victim to this.
Re:Another reason why choice is good. (Score:2)
It was only a matter of time... (Score:2, Interesting)
Spyware for targetted ads... Scumware for stealing our resources... using exploits to do whatever they like
whats next?
deleting competitors software? (or even worse, dissabling it/making it give incorrect results in such a way that the user doesnt know its been tampered with)
Installing backdoors so they can verify that your not using their software illegaly?
I feel increasingly that we, the consumers, need to have some sort of protected from spyware, scumware, companies who exploit security problems and the next generation of click through "but you signed your kidneys over to microsoft when you bought office!"
Re:It was only a matter of time... (Score:2)
Kazaa is pretty close to this: Install it, and the bundled adware deletes your install of Ad-Aware.
"Installing backdoors so they can verify that your not using their software illegaly?"
Whether or not MS is prosecuting, XP has the ability to do this.
"Oh brave new world, that has such people in it!"
*sigh*
Re:It was only a matter of time... (Score:2, Insightful)
What's scarier (Score:5, Interesting)
Quote
The second is "nonsensitive" information, and among that will include your name, address, and records of anything you buy or surf on the Internet. Under the act, business can't collect or divulge the sensitive bits without your express consent, but anything classified as nonsensitive can be freely collected and sold at will.
End Quote
The article can be found here [salon.com]
internet explorer slashdot story icon (Score:2)
Moot licensing? (Score:3, Interesting)
If a piece of software *is* malicious spyware, it would be counterintuitive to ask the user to authorize its use and consent to a license agreement.
So -- let's assume that the software exploits the hole and, in the process, causes damage to your machine. Because you did not agree to the usual clickwrap, (software is AS IS, etc etc) could you hold the company liable for this?
Just a thought
Re:Moot licensing? (Score:2)
Re:Moot licensing? (Score:2, Interesting)
Speaking of slimeball tactics.... (Score:2)
While technically not any different from the way other spyware are distributed, it still tops the list in my book for the sleaziest thing I've yet seen in spyware, i.e., capitalizing on the emotional turmoil for 9/11.
Re:Speaking of slimeball tactics.... (Score:2, Insightful)
No, respectable people would never do that, would they? Respectable people like, hmmm, THE FBI???
What bothers me... (Score:5, Interesting)
Its clear that the federal government is zealous in its crusade to protect corporate America from "hackers". But who protects individuals from shady companies?
Its also clear that the company behind the trojan popups has engaged in criminal activity...but where the hell is the criminal investigation -- anyone being brought up on charges? At most -- we might see some fiducary damages awarded to someone (but not anyone here -- and not to anybody we know)...but if the feds can throw Kevin in jail -- I want the fuckers responsible for this kind of malicous marketing in jail too...(don't forget spammers either).
-Turkey
Re:What bothers me... (Score:3, Troll)
<SARCASM>
Companies and corporations can do no wrong! Just ask Senator Disney^H^H^H^H^H^HHollings. On the other hand, those Evil Unamerican Terrorist Hacker Content Pirates(tm) are a threat to our very way of life!!!!!
</SARCASM>
To comply with the ADA, SARCASM tags have been added for the sarcasm impaired.
Whats to be done (Score:2, Interesting)
I think using a computer should be though of more like using a car than a calculator - no one would dream of sitting in a car and going for a drive before taking some lessons and getting a license (apart from a joyrider perhaps), yet many people phone DELL-U-WANT, order their box and sit down thinking they will be able to browse away, most getting very irrate when it doesn't work out. People need to realise that to use a computer they need to put in time and effort to learn how to first, which is something not helped by all the AOL type adds saying how easy it is.
Another possible fix I like the idea of is to have a 'safe zone' - The WWW is a large and mostly free place, and I for one do not want to see ANY legislation changing that, whether apparently for the better or not. As anyone who lives in a large city nows, you don't go to the bad end of town unless you now how to handle yourself, people will learn to stay in the safe zone. It could work by having a controlling body which hands out domains (here.sfe etc.). Anyone using this site must sign a rigirous contract of use, forbidding any type of exploitation of the vunerable users. Thus, any company exploiting in the domain will be liable through breach of contract, and leaves the rest of the internet free for those of us who now what we are doing. Systems could come with 'IE-safe', which does not allow browsing outside the safe domain, so only someone who knows what they are doing will be able to download full browser and go to the big bad web.
These solutions are far from perfect, and do leave room for exploitation, but I think the're better than the 'I'm safe, I don't care' attitute, and a bit more constructive than 'lets melt the &"%$ in a vat of acid' solution
Bullet-proof computing (Score:2)
You know, it's precisely this attitude which pisses me off the most out of anything in the computer industry currently. For one thing, the above poster is right - the masses are NOT tech savvy. Nor should they have to be.
Hell, I'm tech savvy as far as that goes. But running a whole host of extra software and/or hardware just because we have weak laws/stupid people is NOT an acceptable answer. Think about it - if, instead of laws making it illegal to shoot people, we just said this:
"If you don't want to get shot, well, you shoulda worn a bullet proof vest and helmet when you went out."
I always shake my head when tech-related issues arise; it's as if people suddenly lose all common sense. I can freely walk down the street (for the most part) in the US without fear of being shot, sure it's a remote possibility, but everyone does and very few people get killed proportionally. Why oh WHY can't we use our computers freely also?
ReDefinition: Viral Marketing (Score:2)
An example of this might be name brand T-shirts..
But this puts "viral marketing" in a whole new light...
I had GoHip installed from outlook express (Score:2, Interesting)
That was more than a year ago.
Fortunately they just replaced my homepage and search page in IE. No spyware.
Well, I don't use IE now anyways, but I use Outlook Express to read my Hotmail account.
Now I just turned off preview screen so I can delete spam and stuff without actualy rendering it.
Scary Stuff! (Score:2, Insightful)
I hope this company is held accoutable.
There's another company that's nearly as bad: Real Networks. Ever see how much crap they try to install if you're not paying attention?
Our company now has RealPlayer on its banned list, because we consider it a virus.
Not exactly a surprise... (Score:2)
I also block any ad tracking site from setting cookies or sending popups through the nifty 'security' settings. Every time I find a cookie in my temp internet files that I don't recognize, the host automatically goes into 'ad tracking sites'.
Call me paranoid, but if it ain't plain HTML and static images, I don't wanna see it.
Internet Explorer's WHAT machine? (Score:3, Redundant)
Correction: the Microsoft VM is not a Java Virtual Machine. It is a Virtual Machine that supports Java. Lest we forget, Sun had to fight long and hard to have a court uphold this. Check out the Microsoft security bulletin [microsoft.com] about this flaw and note that it is the "Microsoft® virtual machine (Microsoft VM)". Let's not tar JVM's with the same brush.
ActiveX Backdoor (Score:3, Informative)
The Microsoft virtual machine (Microsoft VM) contains functionality that allows ActiveX controls to be created and manipulated by Java applications or applets. This functionality is intended to only be available to stand-alone Java applications or digitally signed applets. However, this vulnerability allows ActiveX controls to be created and used from a web page, or from within a HTML based e-mail message, without requiring a signed applet.
What about Alchemy's actions? (Score:2)
When contacted by Salon on April 26 about reports of malicious code at the IntelliTech sites, Alchemy's vice president Jamie Daquino said his position was Shut down first, ask questions later.
"For someone to get written up as a virus, that's pretty serious. If they're doing what people are saying, it's illegal. We don't want to be associated with that," said Daquino.
I hate to quote so much but this is scary. This is Alchemy's response based on some info from Salon? Without even checking with IntelliTech first they simply "pull the plug"? After reading the articles I formed my own opinion that IntelliTech is complete trash but what gives Alchemy the right to simply pull the plug? I assume they have an official step by step to deal with issues of this nature but they appear to not use them. Alchemy basically states that they don't know what IntelliTech is doing, did not bother to ask, but pulled the plug anyway.
Re:What about Alchemy's actions? (Score:2)
Alchemy has every right to pull the plug immediately. You might debate if they have the right to leave the thing unplugged without any investiagtion - but venture to guess they got someone to have a look at the site's code immediatley.
Software nutrition information (Score:3, Interesting)
Flowgo (Score:2)
Re:Flowgo (Score:2)
Affected Systems: (Score:3, Interesting)
Systems not affected:
Internet Explorer running on Macintosh
Internet Explorer running on Solaris
Netscape running on Windows
Netscape running on Macintosh
Netscape running on Linux
Netscape running on Solaris
Netscape running on BSD
Mozilla running on Windows
Mozilla running on Macintosh
Mozilla running on Linux
Mozilla running on Solaris
Mozilla running on HP/UX
Mozilla running on BeOS
Mozilla running on AIX
Mozilla running on VMS
Opera running on Windows
Opera running on Macintosh
Opera running on Linux
etc.
(they forgot to mention this in the article. Not that any patterns are starting to appear...)
Comet Cursor, Movie Networks, Gator, Bonzi Buddy (Score:2)
The Computer Misuse Act 1990 (UK) (Score:2)
If you live in the UK (or EU) then this is already illegal under section 1 of the Computer misuse act. Since this act is a result of EU Treaty obligations similar legislation exist accross the EU.
This same legislation could theoretically be used against junk emailers.
'The Computer Misuse Act 1990'
Section 1;
1.--(1) A person is guilty of an offence if--
(a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
(b) the access he intends to secure is unauthorised; and
(c) he knows at the time when he causes the computer to perform the function that that is the case.
(2) The intent a person has to have to commit an offence under this section need not be directed at--
(a) any particular program or data;
(b) a program or data of any particular kind; or
(c) a program or data held in any particular computer.
(3) A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both.
http://www.hmso.gov.uk/acts/acts1990/Ukpga_1990
Re:Not a good day for M$ on Slashdot (Score:3, Funny)
A good day for microsoft would be: (Score:3, Funny)
M$ bought by VA Software (Score:2, Funny)
Re:How Exactly (Score:2, Funny)
With refrence to your order CR12345778092
We are sorry to tell you that your order is in a holding queue.
As you will be aware all transactions require the primaries signiture signed in triplicate in BLOOD.
Unfortunatly you seam to have taken this to mean the blood of any conviniant human near by.
We require the signature to be in your blood.
We are sorry for the delay this missunderstanding has caused and look forward to taking possession of your soul at the earlist.
Yours,
B. L. Z. Bub
Head of Customour Resources
Hell
Big-Boo-TAY (Score:2, Funny)
Re:What if... (Score:2)
Re:What if... (Score:2)
Frank Bigott: "Excuse me, but it's pronounced 'Bee-GOH'."
Well, assuming that the sound of his name has anything to do with anything, the double 't' at the end prevents it from being silent. I assume that you are trying to apply French pronounciation rules here.
My question is why the apparent joke about this name. I rememberback in 7th grade, one of my friends found a picture of a truck or van with "Fucker" painted on the side. It was a German company, I believe, but we sure had a lot of laughs over that one. Ha! Ha! Boy, isn't that funny! I think we all got tired of it by the time we were in 8th grade, though. Maybe it was a part of growing up.
Re:Shouldn't this count as a computer crime? (Score:3, Interesting)
Heck, I'm sure if I the same exploits to upload even 1 teeny-tiny file to a PC, let's say, at a local bank. Guaran-damn-tee I'd be in lockup the next day.
The company behind this needs to be more than bitchslapped. They're going down.
Re:r-e-s-p-e-c-t (Score:3, Interesting)
It is their problem that people are abusing it, but it's not their fault people are abusing it. I compare this to the luxery of having a convertable - it'd be really nice if it weren't so damned easy to break into, but it's not the car makers fault it happens - they just need to work on a way to help prevent it. And the fact is that people LIKE convertables - it's a feature.
The sad fact is that while MS is horrible about securing their products, it's the crackers and punks and phreaks that make it difficult for everybody. Sure, I'm approaching this from an existentialist point of view - not particularly realistic - but you have to blame the people that are maliciously taking advantage of a problem as well the company that fails to correct it.
It's crackers fault I have to spend my money and time protecting against break-ins. Even if you are well protected, these people steal my money and waste my time and that latter part is unforgivable. Yes, I feel the same way about the people who make it necessary for my house and car to need locks and an alarm system. I know it's reality, but those are the people I blame for making it reality.
Ok, now I'm venting, pardon the rant. I like dogging MS as much as the next guy, but the people who are violating your privacy are the ones that need your antagonism.
Re:r-e-s-p-e-c-t (Score:3, Insightful)
A better solution.... (Score:2, Informative)
is sending the cards in your organization. I
am a member of four or five ladies' groups and
I typically send between one and five or six
ecards per week.
I won't touch Flowgo with a ten foot pole. I have fallen into their spam trap twice. Women love ecards.
What they need is some alternatives to Flowgo or a bit of education in disarming Flowgo/Funstun/Send4Fun etc.... This is a serious issue because ecards are sent for support (the most popular one I send is "thinking of you") and sometimes sympathy or illness.
Put simply, you don't want to spam someone with illness or a death in the family or someone who is recovering from ilness either.
What you need to do is talk to the major ecard senders in your organization. This may be the party committee, the boss' secretary, the ladies upstairs in marketing what have you.
Suggest any of the following
http://shopping.corbis.com (write your own message and choose from thousands of images. The database is a great toy.) No ads in the card for outside businesses.
http://www.artsmia.org (Minneapolis Museum of art has lovely illustrations.) No ads period!
http://www.arborfoods.com (cards are a few links inside the site and come with recipes.)No ads!
The MOMA also has great ecards with a very classy pick up letter. No ads!
If you can tolerate a little advertisement and have someone among the card crew who is techincally comfortable (can code some html), have her set up a postcard mill on the company web site. http://www.allyours.net works really well for this and you can upload your own pressies. My personal postcard mill is at http://nakedmolerat.org.uk/plaunch.html and the pressie galleries start with http://nakedmolerat.org.uk/raok2.html
Alternatively, Funstun/Flowgo etc... cards are very easy to disarm. I know you think why bother. I think that too since I prefer the alternatives I mentioned above but people love those animated cards. Instead of just hitting the send the card on button, the sender sends the card to HERSELF. She then cuts the nonspam link out of the pick up letter sent by Flowgo and inserts it into a fresh email letter. Goodbye spammy opt in by deception, and hello animated greeting card. True they're still full of pop ups but at least the spam trap is gone.
The trick is to realize that cards are important. Women account for the vast majority of greeting card purchases and when we are online we bring this part of our culture with us, and we even take it to the office.
By the way, the education strategies will also work with friends and relatives. I'm sorry if I sound sexist, but I think this is a female problem.
Eileen H. Kramer/Roanna/ZOIDRubashov
Head of the RAOK Guestbook Committee.
http://nakedmolerat.org.uk/raokg
Re:i thought flowgo.com was a known spamhouse... (Score:2, Interesting)
Re:happily unsupported (Score:2)
I don't know about you but I find Linux is WAY easier to use.