Windows Vista Vulnerability

Well now, after years in the making, Microsoft has released its latest operating system software, Vista, to consumers after releasing it to businesses earlier.

Except by giving it all the bells and whistles, they’ve given it a huge potential security problem. How so? Well they’ve gone to town with speech recognition (the hyperlinks on the Windows Vista sections of the Microsoft website are changing very frequently, so bear with me).

So all you need is a microphone and you’re away, being able to dictate commands as well as by clicking or typing them. And don’t forget that many PCs have speakers too.

Ah.

So in theory, your speakers could say something and your PC could act on the commands? No, of course not. Er … well, yes, actually.

You might visit a web page, leave it on screen whilst you go and make a coffee or nip to the toilet and whilst you’re away, the page might refresh to another one which has an embedded sound file set to autoload and autorun. And that embedded sound file might tell your PC to open the file explorer, select your documents folder and delete the contents. Then it might tell the PC to delete all the files in the recycle bin too for good measure.

Microsoft wouldn’t let that happen, would they?

Well … yes they did. And here’s more on that.

Oh dear…

More on the T-Mobile Spam Saga

If you recall, I was a little miffed at receiving spam from T-Mobile. Looks like I’m not the only one and The Register decided to do some digging themselves.

See the full story here:
http://www.theregister.co.uk/2007/02/01/t_mobile_spam/

There are one or two belters that I’m quoting here from that article:

“So, just to recap, T-Mobile hired Quantum Media who hired Mailtrack Media who hired E-Mail Movers who bought a list from Century Communications who bought it from a bloke on eBay.”

and

“All the companies involved are British-based and signed up to the Direct Marketing Association, as well as being responsible to the Information Commissioner’s Office. In light of our complaint, E-Mail Movers has lodged a complaint with the Information Commissioner who will investigate the procedures used by Century Communications.”

Now, we all know that the Direct Marketing Association are, by definition, the sort of people you wouldn’t piss on if they were on fire, but I love the way that Emailmovers have lodged a complaint! It was their fault in the first place (and Mailtrack Media before that and Quantum Media before that and, of course, not forgetting T-Mobile themselves who decided to breach a Statutory Instrument).

Well done T-Mobile!

Windows Vista Vulnerability

Well now, after years in the making, Microsoft has released its latest operating system software, Vista, to consumers after releasing it to businesses earlier. Except by giving it all the bells and whistles, they’ve given it a huge potential security problem. How so? Well they’ve gone to town with speech recognition (the hyperlinks on the Windows Vista [...]

Motorcycle-Tech.com

It appears that another website is re-publishing content from this and other bike-related blogs apparently as its own by taking the RSS feeds and importing them as posts, so this one will be harvested and republished in due course.

Right at the very bottom of the posts, it does say “Original post by RHM and software by Elliott Back” but that merely makes them appear to be articles by different writers for the motorcycle-tech blog website which, of course, they’re not. Presumably it’s being done to scam advertising revenue or some other such scheme?

We’re taking action against the webhosts at the moment with a view to having the website taken down.

2007 Ally Pally Motorcycle Show

Once upon a time, there was a Road Racing & Superbike Show held at the Alexandra Palace in London. This was different from the ‘main’ motorcycle show held at the NEC (and Earl’s Court before that, for those of us with long memories) in that it was mainly for racers to source parts and tools in the off-season. Or at least that’s what my impression of it was.

I started attending a couple of years ago as an antidote to the winter blues and sourced leather race suits and sticky tyres, etc. at around the same sort of time as the show was evolving into a London motorcycle show, if you see what I mean.

For some reason unknown to me, MCN has decided for this year to move it to the new ExCel centre on the Isle of Dogs and SuperBike’s publishers decided it might be good to arrange an alternative event the week before at the Ally Pally – maybe as a spoiler? Who knows?

Even before I looked at the hideously expensive parking fees at the MSN show venue (free at the Ally Pally), I’d decided to ‘do’ the Ally Pally show as usual.

So I arrived with a mate and his son at 10.15am today (Saturday, 27th), having unfortunately missed out on the buy-one-get-one-free ticket offer to SuperBike subscribers, paid my £12 and in I went, walking past the SuperBike subscription desk where they were offering the free fleeces they’d omitted from the NEC show (which was a bit of a pisser, frankly).

Once inside, there was more room to move around than usual because there were fewer stands present, presumably because the Ally Pally show was only running for three days and the MCN show would have been getting much more exposure.

Also evident was the amount of ‘totty’ wearing skimpy SuperBike bikinis. Funny how not so many years ago, the suggestion that scantily-clad women would be at these bike shows would have been shot down in flames as sexist and un-PC when instead, as I said to Michael, these girls would probably be making some good money just by being there and smiling for photographs.

We decided to go and watch the stunt show at 12.30pm which unfortunately wasn’t what I would call a stunt show with roadbikes but was instead a pair of guys on GasGas trials bikes doing some pretty amazing things. So all in all, not too bad then!

The best stand placement of the day would have to be putting “the Mad Count” (featuring DVDs of people stunting on the roads in London) right next to the London BikeSafe (i.e. police) stand.

So overall it was OK, but not quite as good as last year. Will I go again next year? Of course! Michael’s going to the MCN show next week for a comparison, but unless it’s pretty special, SuperBike could know that “if we build it, they will come.”

I hadn’t taken my camera as none of the big manufacturers were there but I was forced to take some snaps with my phone. Click on the thumbnails for larger sizes.

Ally Pally Show 1 Ally Pally Show 2
Ally Pally Show 3 Ally Pally Show 4 Ally Pally Show 5

Feedback Form, Trackback and Comment Spam

You know, it never ceases to amaze me at just how stupid spammers are and, unfortunately, how stupid those gullible idiots who allow themselves to be caught out by a combination of greed and stupidity are.

Why are spammers stupid?

Well they know that there are those gullible idiots who are keen to hand over money to Nigerian 419 scammers and the like and how they’ll click on those phishing links, especially when there’s a $ reward survey supposedly there to be had, or to sign up to MLM programs especially those that proclaim they’re not MLM deals when they clearly are. So they take the broad-brush, scatter-gun approach to sending out junk e-mails.

That must work even with a very low number of clicks per million as it’s so cheap to send out Spam.

But they’ve moved on to getting their websites some coverage. And the way they found to do this was to spam blog comments and trackbacks as well as filling in and submitting feedback or guestbook forms.

The trouble is, anyone with half a brain either junks or disallows all trackbacks or else they use the features of their blogging software to require authentication or moderation so that those Spam attempts go nowhere. Liskewise, feedback forms: they’re going to come back to people like me who’ll just junk the link spam ones without reading them.

And the best bit is that is probably costing these fuckwith spammers money to get these forms filled in, either manually or by bots. Excellent!

Maybe T-Mobile Are Learning?

Following the T-Mobile/DBS Datamarketing saga comes a reply:

“…You’re quite right Mr Morris, we do choose these companies to send out our marketing material. We take all the necessary steps to make sure that these companies are reputable and without feedback from people like yourself, we’d be unaware that there was any problems.

“Please be assured that your complaint will be kept on file and we’ll use this information to improve our service…”

Have they learned anything? We’ll see…

Toyota Spamming with DBS

So you know all that stuff with T-Mobile?

Well I recently (Wednesday 17th) received this e-mail from DBS data marketing (or are they DBS Datamarketing Limited – seems they can’t even decide on what their company name is):

“Thank you for your email. Your email address originates from  Business Flight Search (http://www.businessflightsearch.com/ ) with an opt in date of 09/12/03.

“I can confirm that your email address has now been permanently removed from our system.”

Never heard of them. Never used them. Never opted-in. A lie.

So when DBS data whatever say “permanently removed”, how long would you think that would mean? Permanently? Forever? No. Two days!

This time, it’s Toyota GB spamming me: “Your details were obtained from DBS Datamarketing Limited…” and they used spammer eCircle AG to send their shite to me.

Dingles Toyota (Norwich) whose name appears in the e-mail haven’t telephoned me back about this. I have also made a formal complaint to Toyota GB as by sending me this spam, they are in breach of the Privacy and Electronic Communications (EC Directive) Regulations 2003 as enacted by Statutory Instrument 2003 No. 2426 – in other words, Toyota GB has broken the law and can be sued for damages by me and is liable to action by the Information Commissioner.

T-Mobile: “Spam not our fault”…

I’ve been having some “issues” with being spammed by T-Mobile and have complained to them. Their latest reply is a belter!

It started in December (18 December 2006), when they used a regular spammer called DBS data marketing to send out a mailshot to an e-mail address of mine that has only ever been used to register some domain names. That bit’s important…

So when I complained to T-Mobile, they contacted the Spammer who informed me that:

“Your email was supplied to us from Consumerbase and your opt in date was 2nd November 2004.”

Now Consumerbase have an “opt-out” policy, which means if they buy your e-mail address from someone or maybe harvest it themselves – who knows? – when they spam you, you have to click on an opt-out/unsubscribe link or else they add your e-mail address to the lists they sell on to other spammers like DBS data marketing. And as we all know, children, the more unscrupulous spammers merely treat such clicks as confirmation that the address is a live one. And as I mentioned earlier, that e-mail address was only ever used to register some domain names.

On 4 January 2007, T-Mobile wrote to me, stating:

“Your details were provided by DBS Marketing, which means that you’d have opted in to receive marketing from them. We would not send marketing advertisements otherwise, as this would be illegal.”

Red rag to a bull. I’ve been online since 1993/94 and know enough about spam to know there is no way I would ever opt-in to receive junk e-mails. Especially when the e-mail address to which it was sent is not a regular e-mail account, remember…

So I replied:

“I’m sorry, but for you to state so categorically that “[I’d] have opted in to receive marketing from them” is complete and utter nonsense and is merely repeating a lie you may have been told by them. As I already explained, the e-mail address your Spam was sent to has only ever been used to register some domain names with a company that is in no way related to that firm of known Spammers you chose, DBS. As you correctly note, sending out “marketing advertisements otherwise, …would be illegal” and indeed is.”

I received a reply on 9 January 2007 from them:

“Your details were provided by DBS Marketing. If you feel that they’ve incorrectly advised us that you opted in to receive marketing information then you’ll need to contact them directly to discuss this.

I do appreciate you letting us know your views Mr Morris. It’s important to us as it allows us to improve what we do. I’ve passed your comments on to our marketing department so that they can take these into consideration when choosing the companies that we deal with.”

A pity then that I had received another spam to the same address earlier that day from T-Mobile, this time via another well-known spammer, Emailmovers.

I replied to T-Mobile later that same day:

“Clearly your marketing department is not in the slightest bit fussy which Spammers they use: your company has again sent me Spam today (13:40) using a different firm of Spammers. The e-mail you sent is titled “Exclusive Offers and great phone deals with T-mobile” and this time your company used Emailmovers.
 
I would be very interested to find out from you what lame excuse you intend to use this time…”

And yes, verily it was a very lame excuse:

“I can confirm Mr Morris that our marketing department have removed your details from our mailing lists.

Any complaint that you wish to make about receiving unwanted marketing information should be addressed to the company that sent them. In this case I understand it was from Emailmovers. The emails are sent by them and not us. We just supply the email content.”

So it’s not T-Mobile’s fault that they use any old bunch of spammers to send out spam e-mails rather than relying on their own, proper, opt-in lists. Oh and apparently T-Mobile aren’t the company sending out T-Mobile mailshots. That explains that then…

I’ve suggested that the person I’ve been e-mailing at T-Mobile “needs more training”. That translates as “is a stupid twat”.