Sunday, August 08, 2004

FTC National Resource for ID Theft: your account at eBay has been suspended

Federal Trade Commission - Your National Resource for ID Theft
If you ever complete any of these "phishing" emails, like the one I describe below, you'll need this link! Here's some background for those who've never bothered to investigate these scams.

I get at least 10 "contact eBay urgently" messages every week. If nothing else, the scum sucking scammers sending the messages are really hurting eBay's ability to reach their customers.

Today, on a whim, I decided to follow the link in one of those messages. I run Safari on OS X, so I wasn't that worried about viruses and browser hijacking.

This was the message. It looked reasonably genuine, only one grammatical error suggested the author was not a native english speaker:
Dear eBay User,

We regret to inform you, that we had to block your eBay account because we have been notified that your account may have been compromised by outside parties.

Our terms and conditions you agreed to state that your account must always be under your control or those you designate at all times. We have noticed some activity related to your account that indicates that other parties may have access and or control of your information in your account.

Please be aware that until we can verify your identity no further access to your account will be allowed. As a result,Your access to bid or buy on eBay has been restricted. To start using your eBay account fully, Please uptake and verify your information by clicking below

http://signin.ebay.com/aw-cgi/eBayISAPI.dll?Verify

Regards,

eBay Member Service

**Please Do Not Reply To This E-mail As You Will Not Receive A Response**
In the message I received clicking on the link doesn't go to eBay at all, it goes here:

http://signin_ebay_com_account.pornosin.com:7308/ebay.htm

There I completed an extensive and astounding form that requested everything anyone could steal. My SSN, eBay passwords, bank account information, credit card numbers, mother's maiden name, etc. I filled it full of nonsense. I suppose one way to hurt these scum would be to create a software program that would complete these forms with meaningless data that would be costly for the scammers to verify. It would raise their cost of operation. If I were eBay, that's what I'd be doing to fight back.

BTW, here's the whois entry for pornosim:
Domain Name: PORNOSIM.COM
Registrar: NAMESDIRECT.COM, INC.
Whois Server: whois.namesdirect.com
Referral URL: http://www.namesdirect.com
Name Server: No nameserver
Status: ACTIVE
Updated Date: 09-apr-2004
Creation Date: 09-apr-2004
Expiration Date: 09-apr-2005
It was apparently created in April of 2004, I suspect it will only be transiently active.

Saturday, August 07, 2004

Email is truly broken - so don't be upset if I don't reply!

The New York Times > Technology > Circuits > Delete: Bathwater. Undelete: Baby.
Several months ago, Dr. Kim and Mrs. Crasco were at a meeting when they ran into a program director they knew from the American Association for the Advancement of Science. She greeted them coolly. Puzzled, Dr. Kim and Mrs. Crasco asked what they might have done to offend her.

As it turned out, she had sent Dr. Kim and Mrs. Crasco an e-mail message suggesting that they work together on a grant application. The application deadline had since passed, and the acquaintance was more than a little miffed that she had gotten no response from them.

The two entrepreneurs were flabbergasted. Not only did they have no idea the e-mail had been sent, they had no idea that it had been snuffed out as junk.

Yes, email is broken. It's been obviously broken for a couple of years. I have over 4000 intercepted spams a week, and about 70 that aren't intercepted. Among the > 4000 intercepted spams are probably 1-3 legitimate emails. There's no way ANY spam filter can be accurate enough to eliminate 99.5% of all spam and NOT also eliminate 1 or more legitimate emails. I have done test analysis as part of my worklife, and no test is perfect. Spam filtering is a testing procedure. (If spam filtering services made some trivial UI changes it would be MUCH easier to hunt for the legitimate email in the mounds of digipoop -- the authors of those products clearly don't get much email.)

I proposed, years ago, a series of technical approaches to spam. Indeed, many years ago, I proposed to Mindspring that they start offering spam filtering as a service -- and months later they were the first to provide ISP based filtering.

I am sure none of my suggestions were original, though I've never seen a complete presentation of my primary recommendation: "differential filtering based on the managed reputation of an authenticated sending service". In any case, there are many technical fixes that will work. All of them will involve some form of sender authentication (authenticating the sending service and then filtering based on sending service reputation, as I propose, pushes the authentication obligation to the sending service and allows at least potential identity protection).

In general a lot of things done by email (file transfer, broadcast communication, collaborative groups, receiving notification of changed content) can be better done through other technologies, esp. webDav and RSS/Atom syndication. (Finding a unified workflow engine is a related challenge, however.) Sending messages, however, requires email or something fundamentally identical; instant messaging is no replacement for email.

Email must be fixed. It can be fixed. It will be fixed. It's just a question of whether the fix is a trojan horse for the RIAA/Palladium/DRM/Ashcroft agenda, or a more modest fix that addresses our messaging needs alone.

In the meantime, if I don't reply to your message, don't assume I got it.

Springsteen - the intellectual

The New York Times > Opinion > Op-Ed Contributor: Chords for Change
Like many others, in the aftermath of 9/11, I felt the country's unity. I don't remember anything quite like it. I supported the decision to enter Afghanistan and I hoped that the seriousness of the times would bring forth strength, humility and wisdom in our leaders. Instead, we dived headlong into an unnecessary war in Iraq, offering up the lives of our young men and women under circumstances that are now discredited. We ran record deficits, while simultaneously cutting and squeezing services like afterschool programs. We granted tax cuts to the richest 1 percent (corporate bigwigs, well-to-do guitar players), increasing the division of wealth that threatens to destroy our social contract with one another and render mute the promise of 'one nation indivisible.'

It is through the truthful exercising of the best of human qualities - respect for others, honesty about ourselves, faith in our ideals - that we come to life in God's eyes. It is how our soul, as a nation and as individuals, is revealed. Our American government has strayed too far from American values. It is time to move forward. The country we carry in our hearts is waiting.

If Springsteen indeed wrote this piece, there's no doubt he's a strong writer. He isn't, of course, responsible for the dorky title.

He has come "out", not so much as a democrat (that was long suspected), but as an intellectual and a social critic. In this realm he joins a number of other rock and folk stars who made their wealth with a different image. Achieving mega-stardom, as the Terminator has recently demonstrated for the dark side, seems to require a formidable intellect as well as domain specific talent.

Time to hit Amazon and see if I can add anything to my Springsteen iPod list.

Friday, August 06, 2004

Life in 1954 -- a time traveler's tale

Popular Science | Tech '54, Where Are You?

A fantastic essay. I need to finish it!

Thirty-eight rhetorical tricks, with the methods of overcoming them

From 'Straight and crooked thinking' by Robert H. Thouless, Pan Books, ISBN 0 330 24127 3, copyright 1930, 1953 and 1974.

A marvelous resource.

Review here.

Updated 10/22/2011: The original link has vanished and the domain was acquired. I can't find a summary of the book online, but I found a PDF that can be downloaded from the 1953 edition. A wikipedia article lists some key excerpts.

The new, crazy, stock market

BW Online | August 6, 2004 | The New Rules of Investing... The long-term investor who checks in occasionally to see what's going on can be alarmed by what's happening. Technical indicators, like the level an index reaches on a analytical chart, can trigger major buying activity, even if there was no positive fundamental news in a particular sector. For example, one reason financial stocks rallied on Aug. 2 in the wake of a government announcement of a new terrorist threat may simply be because, that same morning, they fell to a technical level at which a lot of buyers had decided weeks ago to buy. So while most investors might have expected stock prices to decline in the face of rising fear, they actually rose. Go figure.

Similarly, individual stocks' moves can seem inexplicable until examined in the context of today's trading strategies. Did you wonder why Citigroup (C ) rose the day after its New York headquarters was named as a terrorist target? It may simply be because it was bought that day as part of a basket of bank stocks ...
We need to stop announcing market moves on the radio as though they were meaningful.

This noise is annoying, but I worry more about corporate governance and our weak financial regulatory environent. Those are the issues that are rigging the market.

Minneapolis is America's most literate city?!

Literate Cities 2004 | introduction
But St. Paul is number 16!!!

ARGGGHHHH. We St. Paulites will never live this down.

Scenice Byways - America and MN

Learn About Byways: "The National Scenic Byways Program is part of the U.S. Department of Transportation, Federal Highway Administration. The program is a grass-roots collaborative effort established to help recognize, preserve and enhance selected roads throughout the United States. Since 1992, the National Scenic Byways Program has provided funding for almost 1500 state and nationally designated byway projects in 48 states. The U.S. Secretary of Transportation recognizes certain roads as All-American Roads or National Scenic Byways based on one or more archeological, cultural, historic, natural, recreational and scenic qualities."
Sure looks like a typical pork project!! I ordered a map anyway.

Here's the list for Minnesota.

Thursday, August 05, 2004

Will McCain turn on Bush? The right may have gone too far ... again.

Guardian Unlimited | World Latest | McCain Condemns Anti-Kerry Ad
Republican Sen. John McCain, a former prisoner of war in Vietnam, called an ad criticizing John Kerry's military service ``dishonest and dishonorable'' and urged the White House on Thursday to condemn it as well.

``It was the same kind of deal that was pulled on me,'' McCain said in an interview with The Associated Press, referring to his bitter Republican primary fight with President Bush.

The 60-second ad features Vietnam veterans who accuse the Democratic presidential nominee of lying about his decorated Vietnam War record and betraying his fellow veterans by later opposing the conflict.

``When the chips were down, you could not count on John Kerry,'' one of the veterans, Larry Thurlow, says in the ad.

The ad, scheduled to air in a few markets in Ohio, West Virginia and Wisconsin, was produced by Stevens, Reed, Curcio and Potham, the same team that produced McCain's ads in 2000.

``I wish they hadn't done it,'' McCain said of his former advisers. ``I don't know if they knew all the facts.''

Asked if the White House knew about the ad or helped find financing for it, McCain said, ``I hope not, but I don't know. But I think the Bush campaign should specifically condemn the ad.''

Later, McCain said the Bush campaign has denied any involvement and added, ``I can't believe the president would pull such a cheap stunt.''

The White House did not immediately address McCain's call that they repudiate the spot.

Steve Schmidt, a spokesman for the Bush-Cheney campaign, said Kerry's record and statements on the war on terrorism - not his service in Vietnam - are fair game. ``The Bush campaign never has and will never question John Kerry's service in Vietnam,'' he said.

In 2000, Bush's supporters sponsored a rumor campaign against McCain in the South Carolina primary, helping Bush win the primary and the nomination. McCain's supporters have never forgiven the Bush team.

McCain said that's all in the past to him, but he's speaking out against the anti-Kerry ad because he believes it's bad for the political system. ``It reopens all the old wounds of the Vietnam War, which I spent the last 35 years trying to heal,'' he said.

``I deplore this kind of politics. I think the ad is dishonest and dishonorable. As it is, none of these individuals served on the boat (Kerry) commanded. Many of his crew have testified to his courage under fire. I think John Kerry served honorably in Vietnam. I think George Bush served honorably in the Texas Air National Guard during the Vietnam War.''

McCain himself spent more than five years in a Vietnam prisoner of war camp. A bona fide war hero, McCain, like Kerry, used his war record as the foundation of his presidential campaign.

The Kerry campaign has denounced the Swift Boat Veterans for Truth, saying none of the men in the ad served on the boat that Kerry commanded. The leader of the group, retired Adm. Roy Hoffmann, said none of the 13 veterans in the commercial served on Kerry's boat but rather were in other swiftboats within 50 yards of Kerry's.

Jim Rassmann, an Army veteran who was saved by Kerry, said there were only six crewmates who served with Kerry on his boat. Five support his candidacy and one is deceased.

Overreach is always a danger. McCain is putting Bush into a corner. Either Bush repudiates the ad, or he's exposed as supporting it. Rove won't allow repudiation. But if Bush is shown to be a supporter, then he exposes his true nature -- and McCain may join the fight on Kerry's side.

Wednesday, August 04, 2004

So what happened when the marines invaded Fallujah? And then withdrew?

The Atlantic Online | July/August 2004 | Five Days in Fallujah | Robert D. Kaplan
A hundred and thirty thousand U.S. soldiers in Iraq were simply not enough to deal with a small fraction of that number of insurgents. It wasn't only because insurgencies, pace C. E. Callwell, arise from the soil itself, and thus have whole categories of advantages that a military force from the outside, alien to the culture, lacks. It was also because—as the large number of American troops near the Baghdad airport attested—the U.S. defense establishment was still organized for World War II and the Korean War, with too many chiefs at enormous rear bases, and too few Indians at the edges. In the weeks ahead the Marines at Fallujah would attempt to avoid large-scale bloodshed by seeking Iraqi surrogates to patrol the city. Such an expedient may provide a hint as to how the U.S. military will deal with Iraq as a whole.

I remember the Fallujah episode as a series of puzzling and inconsistent news reports, ending in an odd sort of stalemate. This story provides more context.

The Marines Kaplan describes are classic warriors -- samurai -- violently devout, righteous, often compassionate, aggressive, lusting for battle and glory, courageous and prepared to die in battle. They seem to resemble their opponents, save that the Marines seem far more concerned about civilian casualties. I suspect for the insurgents there is no such thing as a "non-combatant". Women and children are combatants too; and those who are not combatants do not merit life.

The Marines entered Fallujah thinking there were a minority of enemies in a civilian population that wanted them out. They discovered that "minority" was pretty large -- too large to kill. They found every mosque was a military facility. They had far too few men to pacify a city like Fallujah -- unless they were to kill tens of thousands of men, women, and children. Ultimately they were withdrawn. It was the least bad alternative given fundamentally mistaken assumptions.

Kaplan on the old data alert: a reasoned condemnation

Waving the Orange Flag - Did the Bushies overplay the latest al-Qaida threat? By Fred Kaplan
Given what the Times' counterterrorism source said about the vast set of blueprints that al-Qaida keeps on the shelf, U.S. intelligence might discover lots of laptops with lots of apparent plans. If the alert goes up to orange or red with each discovery, very soon nobody is going to take these alerts at all seriously—and that includes the local law enforcement agencies tasked with enforcing the alerts on already overstretched budgets.

If president Bush is truly serious about preventing terrorist attacks, he has to ensure that these alerts, even when they're wrong, are at least perceived as sincere and untainted by political motive. By this standard, Tom Ridge last Sunday proved himself a dreadful homeland security secretary, and the Bush administration (by association, if not collaboration) diminished the trust that a president must inspire on such matters.

During the news conference where he announced the heightened alert, Ridge made the following remark: 'We must understand that the kind of information available to us today is the result of the president's leadership in the war against terror.'

As far as I can tell, only Jon Stewart, host of Comedy Central's The Daily Show, quoted this line. On one level, the 'real' news media might be lauded for ignoring the sentence and thus separating the news from the propaganda. But on another level, by censoring Ridge's spin, aren't they distorting the news? Isn't his spin part of the news? Could it be that the spin spurred the news, supplied (at least in part) the rationale for the announcement—especially given the broader context of its timing just a few days after the Democratic Convention?

Homeland security, like the Fed, should be appointed independently of the ruling party with congressional oversight. Kaplan's reasoning is persuasive. It was understandable that security heads and government wanted to announce the findings, but they are indeed old data. Given that, extra attention should have been paid to the perception of sincerity. Bush failed that test, but Rove passed his test.

Tuesday, August 03, 2004

When a black hole burps ...

The New York Times > Science > Space & Cosmos > Songs of the Galaxies, and What They Mean
The most recent outburst, they estimated, was about 11 million years ago and was the equivalent of about 10 million supernova explosions.
This black hole sits in M87, a nearby galaxy. If the black hole at the center of our galaxy were to output the energy of 10 million supernovae ...

Lessons on the slippery nature of intelligence information: WMDs, Iraq and yellowcake uranium

Talking Points Memo: by Joshua Micah Marshall: August 01, 2004 - August 07, 2004 Archives
...The US has long known that the Italians had the forged documents in their possession at least as early as the beginning of 2002. And what we've uncovered is that at the same time Italian intelligence operatives were surreptitiously funnelling copies of the documents to this document peddler with the knowledge that he would sell them to other intelligence services and likely to members of the Italian press.

Now, a few more notes on the ‘security consultant’. The Financial Times story said that he “had a record of extortion and deception and had been convicted by a Rome court in 1985 and later arrested at least twice.” Several of the particulars here are incorrect. But he does have a criminal record. And I’m told by a very reliable source that he is now trying to sell his the detailed version of his story to members of the British press for 30,000 euros. Whether he's successful in doing so we'll probably find out in the next few days.

We already have his account. And needless to say, we didn’t pay him. But it’s reasonable to ask how trustworthy his account is since he seems to be someone of rather less than spotless integrity. The answer is that we’ve confirmed the key details of the story I outlined above independently.

The Niger yellowcake documents MAY have been authored by Italian intelligence, then funneled via an active "asset" who was supposed to be "inactive" to a shady information broker who passed them on the British intelligence ...

Ok.

Maybe we have the wrong people running intelligence services in the west.

Monday, August 02, 2004

Our latest terror alert -- based on 2-3 year old research?

The New York Times > Washington > The Overview: Reports That Led to Terror Alert Were Years Old, Officials Say
Much of the information that led the authorities to raise the terror alert at several large financial institutions in the New York City and Washington areas was three or four years old, intelligence and law enforcement officials said on Monday. They reported that they had not yet found concrete evidence that a terrorist plot or preparatory surveillance operations were still under way.

Ooookaaay. This data was obtained prior to the 9/11 attack?

I'm sure that it suggests some very professional research, but why go to organge alert now? If only I had even an iota of confidence in GWB ...

The credit reporting industry: dysfunctional and without hope

The New York Times > Business > Your Money > Spending: How to Mend a Credit Report That's Not Really Broken
'What we have is an industry that has completely run amok and is continuing to publish inaccurate information that harms consumers and does so without giving consumers an adequate remedy,' said Ian Lyngklip, a lawyer in Detroit who is representing Mr. Graham. 'Every one of these cases is like taking a little day excursion into the twilight zone.'

Lawyers and consumer advocates say the system is overwhelmed. Rather than truly investigating complaints, they say, the big credit bureaus make only cursory checks...

In June, U.S. PIRG, the Washington lobbying office for state Public Interest Research Groups, released a survey showing that 80 percent of credit reports had mistakes; one in four had errors serious enough that credit could be denied.

Complicating matters, lawyers say, collection agencies increasingly place even questionable debts on credit reports.

... Consumers should be sure to find lawyers familiar with the laws. Mr. Graham said he found his lawyer by going to the Web site of the National Association of Consumer Advocates.

The reporting agencies are in a competive environment. They are punished when they omit a problem from a credit report, they are not punished for falsely including a non-existent problem. QED -- everything else follows from these incentives.

Many of the post-911 proposals for population surveillance have even fewer safeguards than the credit reporting industry.