From paul.suh at ps-enable.com Thu Apr 12 02:13:45 2007 From: paul.suh at ps-enable.com (Paul Suh) Date: Thu Apr 12 02:14:09 2007 Subject: [Newsletter] Spam, Maryland law, and iTrip (Dock) Message-ID: <39FB938F-E459-4161-AA99-54735337B4FC@ps-enable.com> Folks, Impressive Spam ------------------------ I received some seriously professional-looking spam, and I thought it would be interesting to analyze it. This e-mail slipped right through my spam filters. Currently most of what is getting through is full of junk to try to evade bayesian filters, but this one got through by mostly having good, meaty looking content. Note that the SpamAssasin score is only one * -- a sign that it looks very unlike spam. In reality it's a phishing message that looks like a Bank of America message about suspicious account activity. There are only two clues in the e-mail that this is not a legitimate message: 1) If you check the link to reset the password by hovering over it in Mail.app, you will see that it goes to a straight numeric IP address, probably a compromised server located at National Taiwan Ocean University. 2) Looking at the raw source of the message, you can see that it was relayed through 211.75.167.10, another Taiwanese range, in this case a machine in the range owned by Fuhwa Financial Holding Co.,Ltd. It is extremely unlikely that Bank of America would relay through a Taiwan-based financial company. Neither of these would be easy to detect by your typical end user. Once a user clicks on the link, they might notice that the URL line doesn't look like a real Bank of America URL, but then again many users don't bother to look at or understand the URL line, and the page may utilize JavaScript techniques disguise the URL. I did not view the page that the link leads to at the time, and it has since been taken down. Bank of America could have helped this situation by checking the referrer header when their webserver returns their logo and other images. The spam message pulls the logo and other images directly from Bank of America's website. The BoA could have checked to see if the logo or other images were being requested by a legitimate page or by a page coming from outside their domain. If the request is associated with a page outside their realm, they could then return a different image that says, "Warning, you could be a victim of an identity theft attack!". I've archived the message contents on my website at . You can see what the message looks like at Maryland Law for a Paper Trail Passes ----------------------------------------------------- Finally! And only after a bunch of last minute shenanigans, the likes of which I have never seen before. The original bills, House Bill 18 (HB18) and Senate Bill 392 (SB392) were very close and were solid bills. HB18 was passed a long time back, unanimously and without killer amendments. On March 23, the Senate committee responsible for SB392 produced a bill with amendments that completely gutted it. On March 26th, the bill was sent back to committee by the Senate leadership without a vote, for reasons unknown. The suspicion is that the Senate leadership found out that they would not have had the votes to pass such an obviously dismembered bill, and had to take it back. On April 4th, the SB 392 came back out of committee with a different set of amendments that require a voter-verified paper trail, but that did not have an audit requirement. The eventual form of the two bills that was finally passed on April 9th (the last day of the legislative session) requires a hand-marked, optical scan paper ballot, but does not have an audit requirement. Nevertheless, it's a HUGE victory. We can now have true audits, even though they're not required, and the bill does not require implementation until 2010, too late for the 2008 elections. There is also a budget issue, although studies have shown that two years of maintenance costs on the Diebold electronic voting machines would be enough to pay for the optical scan machines outright. If the Maryland State Board of Elections staff gets going *right now* there is no question that we can be ready in time for the 2008 elections. However, the chance of their doing that is slim to none, since they have been dragging their feet on this issue and being apologists for Diebold since day 1. I should point out that the board itself has been neutral to helpful towards a paper trail. The problem has been the staff, headed by Chief Administator Linda Lamone. One of the new members of the board is Chuck Thomann, a Republican from Anne Arundel county. His wife, Joyce, has been a stalwart in the fight for a voter-verified paper ballot, and I know that Chuck is of a similar mind. Linda Lamone and the SBE staff will be facing a very different environment shortly. Time to celebrate a little bit and start getting ready for next year, when we want to enact an audit requirement and try to push for a 2008 implementation. Griffin iTrip (Dock) ------------------------- One of the goodies that got in the MacWorld speaker gift bag is the Griffin iTrip. It is a little FM transmitter that clips into the dock slot of an iPod and lets you send your music to an FM receiver. I brought along to Omaha, NE (which is where I'm writing this), and I've been using it in the car where it's been a great convenience. It can tune from 87.7 MHz to 107.9 MHz using a rocker switch on the side and has a small LCD display that lights up for a short time so that you can read it at night. The range of frequencies is very important, since most major cities have a *lot* of radio stations. I had an old FM transmitter that had a choice of four stations: 88.1, 88.3, 88.5, and 88.7. In Washington, DC and San Francisco, at least, the thing was unusable since there were regular radio stations that could easily overpower the little thing (2 x AAA batteries) on or close to all of those frequencies. Griffin used to make an older iTrip that would plug into the top of a non-dock connector iPod. You had to adjust the transmitter frequency by playing a special song, which always seemed a bit awkward to me. The new UI with a rocker switch and a lighted LCD display makes the iTrip much more user friendly. Comparing the iTrip to the DLO TransPod that I use in my car at home, the iTrip does not have the same amount of power to put out a signal as strong as the TransPod's. As a result, I found that the iTrip is badly affected by interference from things like high-tension electrical lines. Despite that, when traveling the small size and light weight of the iTrip makes it much more attractive than the TransPod. Pros: Small, light, good user interface, wide range of frequencies. Cons: Drains the iPod's battery, weak signal. --Paul Paul Suh http://www.ps-enable.com/ paul.suh@ps-enable.com (240) 672-4212 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2615 bytes Desc: not available Url : http://lists.ps-enable.com/pipermail/newsletter/attachments/20070412/fc795fa8/smime.bin