Tuesday, May 24, 2016

Remember: If It Looks Too Good To Be True...

I went clear-cutting one of my less monitored email accounts today.   Some 1900 messages were thre, Maybe 1400 were legitimate messages from the past year and a half.  I deleted those, leaving the rest.   Perhaps about 25-30 that needed to be kept - the rest got the spam flag first.    Amongst the Nigerian princes fake lotteries, and other miscellaneous nonsense I sawone that sent me about 15spam-mails.   This got my curiosity to have a look.  In general, the odds of a spammer using the same name and /or email address multiple times is slim.


Here's the contents:
Thank you for opening my email sent last week.   Since the last email I sent my lending requirements have loosened.   We are willing to loan to small businesses with no personal guarantee or Fico score requirements. We base our approvals on the Financial stability of your company.  For example last week I funded a Georgia based Software Company  $20,000 with a $99.00 daily payment Monday - Friday for 10 months.  This particular company was using my capital to secure SEO marketing and google clicks and two contract employees. As you know in order to crush the competition and stay alive you need to market and have the manpower.  Why not use my money to crush the competition. They always say in order to make money you must spend it.
My Program Highlights are


Funding in 24 Hours 
Submit Only a one page Application and Three  Months of your last business Bank Statements
Loans Available to $500,000
Loans not based on Individual FICO Scores

 My funding comes with no restrictions and  it is wired directly to your bank account for your discretion. Also this deal was funded with 24 hours of all of the conditions being met.

The Application requirements are light. 
1. Signed and completed application. (This application is attached to this email)
2. One month of your current business bank statements. 
*If you are accepting credit cards I will also need a copy of your last months credit card processing statement
Once I get this I will package and present your deal to our partner banks as well as our private investors.  I will have an approval and term sheet for you within 2 hours of receiving all of your information.  Funding will be within 4 hours after all of the information on your application is verified and funding conditions are met..  You can fax me these documents to my secure e-fax at (866) 656-8477. You can reach me anytime at my desk or at 877.237.7703 or call me after hours on my cell phone (323) 216-0555 so that we can discuss some of the programs available to your business. I'm up and going every day at 5 am PST.
CLICK HERE TO APPLY NOW

Thanks and have a blessed day,

Stef Marrero

Business Development

999 Corporate Drive 
Ladera Ranch, CA 92694
p. 877-237-7703 x 101
f. 866-656-8477
d. 949-525-4727
w. www.talegacapital.com


Of course there's also the normal BS about how this was not unolicited or whatever to try to make you believe you signed up for it.   Apparently Mr (Stefan) Marerro  is mixing Florida and California information here (domain registry info).  

What tells me it's bogus?
  • I have never heard of this individual, nor his company.  
  • I have not actively nor passively sought out any type of funding from him
  • Nor from an outfit that may share information with shady bottomfeeders/scammers.   
  • It was not addressed by name or business.   
  • It operates on false pretenses of previous/established relationship
  • It makes unrealistic claims regarding available monies
  • The requirements seem to be "too easy", especially in today's economy.
  • It arrived to an account not associated with my business

 There's a chance that there's something non-illegal about Mr Spammer's offer.  But, it's likely something that will come with more pain than gain.   The best advice to remember is that messages that come in unsolicited (even/especially if they claim otherwise) that make an offer that seems "too good to be true"; are.   Flag it, bin it, and don't be taken for a ride by something like this.

Thursday, May 12, 2016

App Review, Followup - Color ID

A bit ago, I checked out an app called Color ID.   I posted an initial review of this app, and decided to follow up on it.

Several things have remained constant in the intervening time.   I am still using the Samsung Galaxy S6 for the app.   I still have no iProducts to compare the iTunes store version.   And, I have had no change in my color vision.  I have had a bit of time to try this app out in several conditions.


This app could probably be considered "abandonware".   The developers have not been supporting, or updating it.   So, it is as-is, and will likely remain so for as long as it is around.    There is no support for it.  

How have I found the functionality?
The app uses the camera and speaker.   It has no zoom feature, but a round centering section for it to recognize.   The default isfor the voice to be on, and to check colors every couple seconds.   This can be turned off, so that you can identify color as desired.   In the options, it offers "simple colors" "exotic colors" and "Ral colors".  Simple offers things like "Dark purplish green", "Grey brown" and such.   While not having seen them, they make sense from the "basic crayon box".  They also give the numeric code that it perceives (Brownish black #0a0e0f).  Exotic colors, I believe, gives a lot of new names to the individual shades (Dune, Woodsmoke, Rangoon) though still gives a numeric (Shark #232627).  I'm not overly sure what "Ral colors" means, but seems to give a mix of unusual names, and modified basics (Jet black, concrete grey, sepia brown ) and gives numerics (Tarpaulin Grey #4d4943).

I've found the app to be a bit helpful, but, not as much as initially hoped.   I've found that slight variations in placement of camera, or minor differences in lighting, can result in the identified color.   Sometimes these minor movements (a fraction of an inch in camera placement) can switch between grey, purple, blue and green.   The nature of lighting has an affect on this, as well.   CFL bulbs, fluorescents, sunlight, incandescents, an LED monitor nearby... All of these change the minor perceptions of what the camera sees.

It's nice, and sometimes helpful.  However, it can't be relied on.   While I can be easily fooled between blue and green, I realize there is a world of differences on the spectrum of them.   It's a handy tool, but it's not something that I can count on absolutely.

Party Line Is Open

The phone lines are open: Call 1-855-326-5442, while it's still working. Some possible answers will be "Google Technical Support", "Windows Technical Support", "Yahoo Technical Support", "Technical Support", and "Computer Scammers R Us". 
 
OK, so maybe they didn't answer the phone the last way... but I called them out on it. Until such time as Level 3 Communications can be bothered to disconnect their phone service, I declare the Party Line open. 
 
These are not legitimate call center employees.   They are criminal scammers.   The same contact number claims to represent many competing corporations, simultaneously.  

Examples of deception and fraud include:
  • Microsoft (or Google, Yahoo, etc) will NEVER call you to tell you there is a problem with your computer!!! (While Microsoft will offer phone support, it requires you, the user, to contact them for assistance.   They do not have your name and number.  Yahoo no longer offers phone support - or seemingly any support.)
  • Claiming that the CLSID number is your "Windows license".  (This number, 888dca60-fc0a-11cf-8f0f-00c04fd7d062 is the same on all copies, it is not unique)
  • Claiming that the "netstat" command "shows hackers in your system" (The netstat command, by itself, shows a list of remote connections to your computer - which includes currently visited websites, it does not necessarily indicate hackers' presence)
  • Claiming that the warnings and errors in Event Viewer indicate hackers, viruses or infections (These errors are normal, and do not indicate such things as the scammers attempt to claim)
  • Being very pushy to engage in a remote session with your computer.   (Yes, on occasion legitimate companies will ask for remote access.  This is strictly voluntary, and the level of insistence is low.)
  • Use of profanity, including "The F Word" (These are termination-worthy offenses, with a generally zero-tolerance policy toward even lesser oaths, let alone "the queen mother of all profanities". )
So far these scammers have provided me a bit of entertainment in dragging them out through imaginary "problems".   I figure if Level 3 is going to leave this number up - deeming it not a violation of AUP; then Others may as well have some fun with it, as well.


Keep in mind that these are criminal scumbags, not legitimate business people.   Have fun with them.  String them along.  Waste their time.  Do not, however, let them gain remote access to your computer.   The more their time is wasted, the less it can be used to victimize innocent people, and harm their machines - or steal their money.

Thursday, May 5, 2016

Hillary's Server - Not A Political Post

The Clinton Server
(Not A Political Posting)


I've never really wanted to delve into politics here.   I find that mixing business and politics ends up being bad for business.   The "Clinton Email Server" has been newsworthy for some time.  I, like many, have personal opinions on this matter.  I do not intend to get into those here.   This is about technology, not politics.   Below, the discussion will be about whether or not an extradited hacker's claims of having accessed Mrs Clinton's server are plausible.  Please read this with an open mind, regardless of your opinion on Mrs Clinton.

The "quick and dirty" (or TL;DR) version to set things up:  Barack Obama was elected in 2008.   Upon taking office, he appointed Hillary Clinton as Secretary of State.   Mrs Clinton used a home-based mail server for her State Department correspondences.  Following the 2012 election, Mrs Clinton stepped down from the position of Secretary of State.   In 2013, information about her private mail server surfaced, and since then has become a political topic of assorted controversies.

One of the questions about this server was "How secure was it?"   Staff claim that no one got in.   However, a Romanian hacker, Marcel Lehel Lazar (using name Guccifer) claims otherwise.    In this piece, and this link, Guccifer talks to journalists following his extradition to the US.  He claims that he accessed the server, and gives some detail on "how".    A valid question, though is "Does this man's story hold water?"

The Clinton camp was quick to call "bull" on Lazar's story:
In response to Lazar’s claims, the Clinton campaign issued a statement  Wednesday night saying, "There is absolutely no basis to believe the claims made by this criminal from his prison cell. In addition to the fact he offers no proof to support his claims, his descriptions of Secretary Clinton's server are inaccurate. It is unfathomable that he would have gained access to her emails and not leaked them the way he did to his other victims.”
Perhaps to the non-user to average computer user, this makes sense.   It seems logical.   Unfortunately, to the more trained eye, Lazar gave quite a bit of information in his interviews and statements.

His access to the Clinton server started, according to him, with Clinton confident Sidney Blumenthal.   Mr Blumenthal still used an AOL email account.   With sufficient research, Lazar found details to gain access to Blumenthal's account.   We are about eight years removed from a somewhat similar incident involving participants in the Presidential Election, when Vice-President candidate Sarah Palin's email account was hacked, and leaked.  While Lazar did not get into specifics, his vague description matches the specifics in the Palin hack.  


For the average email user, looking at the inbox shows a sender, subject, time and date, and maybe other people that are on the cc list.   There's a lot more to it than that.  Depending on the mail provider/client one uses, the means of viewing the source information varies.   In this email source, there is a lot of useful information to the more-trained eye.   In order to arrive, mail must be addressed. (username @[instructs computer that domain follows] domain.extension)  When you send mail, it goes from your device to your mail provider, to their mail provider, to their device (and significant routing points along the way). 

As Lazar pointed out, each endpoint has a unique IP address.   For some (home users' computers, Yahoo, Gmail, etc), the address may change with time.   For others (large businesses, schools, hosted domains) a permanent, or static, IP is used.  Lazar is correct that there are a multitude of tools available to examine these IP addresses.  

It seems that Lazar looked a little deeply at some of the contacts with Blumenthal, and looked at where they lived on the Internet.  As I read the description, I thought "This sounds vague".  I was easily able to fill in the details, though, which were likely left out, so as not to provide a "how to" guide.  I can see "Clintonemail" being intriguing, especially not behind a .gov server.  I can see what he describes as being "one of the first things to try".  

To address the Clinton group's assertion that the contents would have been leaked, motive should be considered.    In the Palin case, the perpetrator was American, a Democrat, and she was an opposition candidate in a national election.   There was (perceived) political gain in the September 2008 leak.   By not leaking (at the time), this allows for more exploration, and more gathering.   Continuing to read Blumenthal's email source, he could potentially discover many more servers of interest.   These, in turn, could lead to other "productive" finds.   Burning his source right away eliminates the potential of future discovery.

To be fair, the fact that he makes these claims, and knows the process does not necessarily mean that he was in the Clinton server.    He tells a compelling tale, and it is extremely plausible.  However, he would need to provide some pretty good proof that he was in to convince the jury. 

The Clinton assertion that the server was secure, and no one got in; may be true.  However, it is just as likely to be optimistic belief that has yet to be disproved; or a political mistruth to protect the image of one of three remaining major presidential hopefuls.  

Ultimately, Lazar makes a very convincing and plausible argument.  To be fair,anyone who has a strong functional knowledge of IP addresses and port scanning could likely say the same - with or without having accessed a particular machine.   In the end, the answer will be determined by whether or not Lazar can back up his claims.