Tag Archives: Electronic engineering

Driver Phishing II, Or Who Is Trentin Lagrange?

I’m fully awake now, and doing some digging on who is behind the Driver Robot “driver phish.” The digging has introduced me to a whole level to the software scam industry.

The company that sells it is Victoria, BC, Canada-based Blitware (“or Blitware Technology Inc.,  to be precise,” as its website urges us). Nothing gives on its Who Is page, nor on the driverrobot.com website the software is hosted at. But a clue to the possibility that this isn’t just some cute little software developer is back on the LogitechDriversCenter website, which carries some named testimonials, among them this:

“I got a new graphics card but the framerate was terrible, and the manufacturer’s website didn’t help at all. It turns out that the driver that came with the card was 6 months out of date! Driver Robot got me the latest driver automatically, and now my whole system is more responsive, especially the games.”

Trentin Lagrange, CA

The good thing about a name like Trentin Lagrange is that it’s not that common. Not like the other two testimonials, which come from one Tim Whiteman and one Susan Peterson (not that they aren’t helpful. But nothing like Trentin.)

Who is Trentin?

A Google search of Trentin Lagrange indicates that either he’s a huge fan of driver update software, or that it’s not just about Logitech drivers or one small Canadian company anymore.

Trentin Lagrange, it turns out, has left glowing testimonials for driver update software, not just on the dodgy Logitech website (and a sister one at logitechdriverdownloads.com) but on websites like Realtekdriver.net, which also carries the company’s logo and calls itself “Realtek Drivers Download Center”:

image

As with the Logitech website, it’s only if you scroll down to the bottom of the page and click on a link “About us”

image

do you get to the truth of whether it’s a company website:

REALTEK is registered Trademarks of Realtek Semiconductor Corp.
All other trademarks are properties of their respective owners.
This website is not owned by or related to Realtek Semiconductor Corp.
We are not associated with Realtek Semiconductor Corp. in any way.
We are just running a site to help users who have trouble to getting hardware device drivers,
This web site is not associated with Realtek Semiconductor Corp. in any way.

Trentin has also left testimonials on websites that impersonate Dell-–delldriverscenter.com—complete with Dell logo

image

and favicon

image

And SIS at sisdrivers.org:

image

and MSI at msidrivers.org

image

and Intel at inteldriverscenter.com

image

and Asus at asusdriverscenter.com

image

and Acer at acerdriverscenter.com

image

and canon at canondriverscenter.com

image

as well as HP – hpdriverscenter.com

image

and driverforhp.com, with this HP-looking banner atop:

image 

No denials of being associated with HP on their about page, so I’m guessing HP’s lawyers haven’t been in touch yet.

Another website, atidriverscenter.com, seems to have closed. It was active in July, when this person fell for the scam and complained on a forum.  At least some companies seem to be watching.

Well, maybe not. This website, atidrivercare.com, is still working:

image

You get the picture.

Google’s Role

All of these websites appeared as sponsored ads above the search results in Google when looking for that manufacturer’s drivers (hp drivers etc) which throw up links to, for example, “official HPs [sic] Drivers & Updates”:

image

(For many users these sponsored ads are either normal search results, or sponsored in the sense of vetted, so they’d be forgiven for thinking that they’re clicking on something official.)

It seems that either Trentin, Tim and Susan are just really generous with their comments and share software tips on a regular basis, or this software schmoozefest is linked to Swishsoft the company that sells Swift Optimizer, software that compresses Flash files. All three put glowing reviews on the software website, althought it seems Susan has moved from the U.S. to Australia in the meantime. Must be the taxes.

And no, I couldn’t find any reference to Trentin Lagrange apart from glowing software testimonials. Either the guy just lives to write software reviews or he is not really living.

So, we’re clear that whoever is behind DriverRobot is also behind a number of websites that basically impersonate the websites of popular hardware vendors, either within the boundaries of the law or outside the knowledge of these companies’ lawyers.

Sponsored Run

But it’s also energetically fending off accusations that it’s all a scam. Do a Google search for driver robot and you get these sponsored ads above the results:

Similarly, the ads on the side of the results:

  • DriverRobot This Is The Real Deal?
    The Truth Will Shock You! reviewblogs.info
  • “DriverRobot” Report We Bought It And Tried It.
    The Truth Will Shock You! www.todaysreview.info/DriverRobot
  • Driver Robot Exposed Buying Driver Robot?
    Get The Facts! RealityChek.net

    The top one is a straight link to the download site. The others sound like links to stories exposing the scammery, right? But they’re not: They all take you straight to driverobot.com. No reviews, or even pretence at reviews.

    Clever, huh? Outwit your detractors who accuse you of impersonating official company websites by impersonating your detractors. There’s a twist I hadn’t thought of.

    Where are the Reviewers?

    But what about those logos from respected software reviewers, like PC Magazine, Softpedia (five stars!), Geek Files ((5/5 stars, Exceptional Product!) and Chip on the LogitechDriversCenter.com website and elsewhere?

    image

    I could find no reference to Driver Robot on the PC Magazine website. On Softpedia’s website I could find no “editor’s review” but found one user review—giving it two stars out of five but saying it used “borderline means to promote its service.” GeekFiles.com contained only discussions, no reviews.

    Depressing

    All of this is faintly depressing, because all the usual checks and balances we look to on today’s web seem to have gone out of the window:

    • a website address can contain a company’s name, with no apparent action from the company itself to protect either its name or its customers;
    • Googling a product doesn’t seem to work: sponsored ads mislead with words like “official” and what look to be review sites are actually redirects owned by the product’s owner
    • Badges from third party download and software websites don’t seem to be a guide, because they are either out of date or fake.

    The fact is that many people are going to be taken in by this kind of thing. Everyone needs drivers, and everyone searches for drivers by googling the manufacturer’s name and the word driver. As many people search for hp drivers as search for kenya on Google:

    So what I want to know is:

  • What are the companies involved doing to protect their brands, their products and their customers from misleading and potentially damaging products sold in their name?

  • What are software reviews sites doing to protect their brands, and their consumers from fraudulent badges?

  • What is Google doing about sponsored ads that mislead the public? 

How Not to Disintermediate

image

With traditional media on the rocks, there are lots of opportunities for companies and organisations to  disintermediate: to project themselves directly to the public. Indeed, in some ways, this is the future.

But here’s how not to do it: to put a guy from the PR department in front of one of the senior folks and let him babble. The result is always awkward half sentences linked rehearsed (and usually quite obviously, and badly) lines from some media training session that ooze jargonish phrases that a real journalist would never let pass.

Things like these (with their translations alongside) from the Nokia Booklet 3G interview with John Hwang, its designer.

“nokia’s all about connecting people” = we make mobile phones

“further strengthening our device portfolio” = we’ve got a lot of different models. You’re confused? Try working here.

“mobile heritage” (repeated by the interviewer, as if it’s a phrase we all use in our daily lives: “honey, could you look in the drawer at our device portfolio and see if there’s something there from our mobile heritage we could lend the kids for sleepover?”) = we have to acknowledge we mainly make mobile phones, but we’re trying to make it sound like that’s our past. Just like our “tree-felling heritage”

“connected services” = the Internet

“all day performance” = the battery won’t give out on ya

“mobile design language” = we design mobile phones. Well we used to. Now we want to be thought of as computer manufacturers

“launched from our mobility statement” = I have no idea what this means.

(And the PR guy keeps saying “we” and then correcting himself to say “nokia”.)

If you’re going to do this kind of thing, do it right. PR guys should not be afraid of asking questions real journalists would ask, including tough ones. (Interestingly, the only tough question here is one the interviewee asks himself.)

It’s Your Mother Calling

A few people have asked for the transcript of yesterday’s commentary on the BBC’s World Business Daily about getting your  mother’s voice to be your ringtone. It follows below, and here’s the (still active) link to the actual program from whence it came. Thanks for listening, and to the crew at Business Daily for their excellent impression of my mother’s voice. It sounds scarily like her. 

audio Listen to Wednesday’s Edition

Updated at 08:32 GMT on Wednesday

The growing spectre of inflation – as elections approach in Russia, how long can the government hold down rising food prices?

and mobile phone RING TONES – what would really grab your attention – how about the voice of your mother – telling you off?

Ringtones

Ringtones on cellphones have long since graduated from beeps into full fledged polyphonic symphonies. And it’s long driven me nuts.

I was on a bus the other day and the guy in front had his handset volume set so loud that when his phone rang he was so disconcerted he couldn’t turn it off. The mindless ditty he had chosen as his preferred form of alert blasted through the bus as he fumbled with the off switch. At least he bothered fumbling. Some people I notice love their ringtone so much they spend a few contented moments listening to it before picking up. This is a variation on the older theme where people stare at their ringing phone apparently mulling whether it’s worth answering. Songs as ringtones are like someone suddenly turning on a radio full-blast and then just as suddendly turning it off. At best you’re relieved your morning reverie is possible again, at worst you’re annoyed you can’t remember what song the snippet of music belonged to, and are stuck the whole day humming a snatch of a best forgotten ditty.

There has to be a better way for ringtones to be less intrusive and yet audible enough to the user so they actually hear it. My solution is simple. I read somewhere that the US Air Force in the 1950s was experimenting with early versions of synethesized voices delivering cockpit warnings. What they found was that a pilot was much more likely to hear an important instruction if the voice used was the pilot’s mother. You can just imagine a disembodied voice saying “Pull up, you silly boy!” just as she might have said “Pull up your socks, you silly boy!” Who wouldn’t pull up under such conditions?

So this is what I propose. When I buy my phone, I hand it over to my mother and have her call out my name at a reasonable volume. That recording becomes my ringtone. Trust me, I’m always going to recognise her voice, across the room, across town, across continents. Mothers’ voices have that kind of quality.

Why would this work so well on phones? Well I may hear my mother’s voice in the middle of a crowded and noisy rave, but everyone else? Unless they’re called Jeremy, it won’t register. If they are called Jeremy, it’s unlikely the voice is going to have quite the same impact. I will know my phone’s ringing. No one else is disturbed, because people are yelling out other people’s names all the time.

This is easy enough to do, by the way: Most phones let you record something and turn it into a ringtone. There are even websites that let you upload sound files and turn them into ringtones. But even better would be to set up a service that let mothers send recordings of themselves to the phones of their offsprings — without them knowing. I’d love to see the son’s expression when he hears his mother’s voice calling him from his pocket. I suspect he’d pick up pretty darn quick.

BBC World Service | Business Daily

Technology Makes You Fit, Not Smart

image

I’m trying to use technology as much as possible in my new environment (Singapore), and it’s not working well out that well for me. I have no useful Internet connection, my Nokia N95’s GPS locks in just in time for the journey to finish, and I’m eating off the tops of plastic containers.

Otherwise everything is going well. I’ve just been trying Streetdirectory.com’s useful tool, for example, for arranging trips by public transport. I know I’m not in tiptop condition, but I was slightly unnerved by this step in the nine-step process of going from one part of the island to the other:

You need to walk to Simei Avenue – blk 3012, (Stop Number: 96101) which is 54250m away.
View: Map

By my calculations, that’s a more than 33 mile walk. And I thought Singapore was only 30 miles wide. No wonder everyone here looks fit. And slightly wet.

I think I might take a cab.

Streetdirectory.com Travel: All about Singapore – Travel, Hotels, Vacations

del.icio.us Tags: ,

The Gadget Gap

image

This week’s WSJ.com column (subscription only, I’m afraid) is about what I call The Hole — the absence of decent devices in terms of size, weight and functionality between the smartphone and the notebook. To me it’s not just about cramming everything you can into a smaller device, it’s about making something that people enjoying having with them when they’re away from their computer:  

The recent excitement about the iPhone illustrates, among other things, that we have a more emotional relationship with our gadgets than some manufacturers allow for. It’s all about an experience — the physical feel of the device, the elegance of its interface, the interaction with it. The more connected we become, the more important this will become, because those devices serve as conduits to the worlds and communities we inhabit online. The lesson? Filling the Hole means taking the lessons we’ve learned with cellphones, iPods and iPhones and applying them to devices that are a little larger, not the other way around: trying to cram our workshop tools into something smaller.

I’m a bit slow off the mark posting this, so I’ve already received some interesting mail from readers. One points me to the the Pepper Computer (pictured above), saying they covert the device because they:

Typically watch TV with the family in the evening. There are many times I want to check out email or want to follow up on something I see while watching the news, etc. Instead of lugging out the laptop plopping it on the coffee table and making it look like I’m not paying attention to the family, I thought it would be cool to just pick up a small web device and do it right there on the spot. Plus you have the convenience of it being a remote control. No remote clutter and it serves a valuable purpose earning a coveted space on the coffee table. (With high end remotes costing $500+, the Pepper Pad seems even more reasonable!)

Another, Daniel Gentleman of Tabletblog.com, points to the power of instant-on in such gadgets as Nokia’s N800:

This is why people still use the awful browsers and email clients on smartphones. They’re simply ready to work as soon as you pick them up. This feature is often overlooked yet critical in that gadget gap.

Very true, and something I’d omitted to mention in my piece.

Press 4 To Give Us All Your Money

I guess it had to happen: phishers are not only trying to snag you by setting up fake banking websites, now they’re trying to snag you by setting up fake switchboards too.

Tim McElligott writes in Telephony Online that scammers “posing as a financial institution and using a VoIP phone number e-mailed people asking them to dial the number and enter the personal information needed to gain access to their finances.” Simply put, the phishers in this case aren’t directing you to a fake website where you enter your password and other data sufficient for them to empty your account; they’re directing you to an automated phone service, where you’d give the same details.

The information comes from Cloudmark (“the proven leader in messaging security solutions for service providers, enterprises and consumers”), which claims in a press release that it has seen two separate such attacks this week:

In these attacks, the target receives an email, ostensibly from their bank, telling them there is an issue with their account and to dial a number to resolve the problem. Callers are then connected over VoIP to a PBX (private branch exchange) running an IVR [an automated voice menu] system that sounds exactly like their own bank’s phone tree, directing them to specific extensions. In a VoIP phishing attack, the phone system identifies itself to the target as the financial institution and prompts them to enter account number and PIN.

As Telephony Online points out, setting up this kind of phone network is easy. “Acquiring a VoIP phone number is about as hard as acquiring an IP address or a domain name,” it quotes Adam O’Donnell, senior research scientist at Cloudmark, as saying. “Phishers figured out how to quickly and fraudulently get that information a long time ago.” An old PC with a voice modem card and with a little PBX software and you’ve got a company’s phone tree which can sound exactly like your bank, O’Donnell says.

This all makes sense. Indeed, we should have seen it coming. It’ll be interesting to see how banks cope with this. Right now their argument has been that if in doubt, a customer should phone them. That no longer is as watertight an option. They could argue that customers should not respond to any email they receive, but that’s also not always true. Banks and other financial institutions need to communicate with customers.

One solution to this is the signature: Postbank last month launched a service where all its emails to customers come with an electronic signature. The only problem with this is that most email clients don’t support the service — only Microsoft Outlook. This is a bit like giving customers a lock that only works on certain kinds of door.

Perhaps banks are just going to have to pick up the phone. If customers are now under threat from automated phone trees maybe the solution is not more technology, but less? A cost the phishers are unlikely to be able to bear would be an actual voice on the other end of the line that sounded familiar and authentic. The only question then would be for the customer to establish the authenticity of the banking assistant.

The End of VoIP?

A provocative (or is it prophetic?) piece  from The Register’s Andrew Orlowski who sees the end of Skype and VoIP:

It’s small, it’s boring and won’t turn any heads – but it probably spells the end of the road for Skype, Vonage and any other hopeful independent VoIP companies. It’s Nokia’s 6136 phone, which allows you to make calls over your home or office Wi-Fi network, as well as on a regular cellular network. UMA, or unlicensed mobile access, is the mobile operators’ answer to the threat of VoIP – and now it’s reality.

UMA, he says, has the edge because in one phone you will be able “to keep one phone number, one handset, and receive one bill at the end of every month.” In the future phone calls at home — whether you’re on your mobile, landline or online — will be free. This is a neat fit because where quality was worst — inside — you will be able to use WiFi.


Got a signal yet?

This is not good news of course, for those of us who saw the interesting lunatics taking over the asylum. Disruptive technology, it turns out, means just that it disrupts the monsters out of their slumber and they finally get it. As Orlowski concludes: “So long then VoIP, and thanks for the free calls.”

.

The Demise of the Handheld Interface

Am I the only person depressed by the idea that Treos are now going to be Windows Mobile-powered? (It remains to be seen whether there’ll be Palm versions too; it would make sense, at least for a while.)

First off, feel sorry for all the third party developers who came up with great Palm software over the years. Mourn the small file sizes. Mourn the simple interface.

For sure, Palm and the OS had their weaknesses. They never seemed to really improve on the software that was in the Palm IIIs except add some colour. They missed more opportunities than your average Premier League club. And my Treeo 650 still crashes on a regular basis. But Windows? Why has nobody ever questioned the wisdom of mimicking a Windows environment and GUI on a screen the size of a cigarette box? The whole idea of Windows is to have lots of programs open that you can see on your screen and move stuff between. When did anybody ever do that on a Pocket PC?

I hate everything about Pocket PC Windows. I really do. There’s no style, no grace to it. Too many unnecessary lines. Big clunky scroll bars. Silly start menus that are at the bottom or top of screens, making for awkward stylus (or finger nail gestures.) Why is the only serious innovation in this field done by outsiders such as the great University of Maryland-developed Datelens? And what’s so Windowsy about Pocket PC Windows anyway? Why, for example, has Microsoft (nor Palm, for this matter) not figured out how to throw up status messages that don’t take up the whole screen?

Sorry, I’m cranky today. But while I long ago lost hope in Palm turning its software into more than a colour version of its mid 1990s original, I have never been a convert to Windows on a handheld. Is there no vision out there about how we use our portable devices that isn’t just an ugly, stripped down and clunky version of what we have to put up with on our desktop? Why haven’t these wonderfully simple new ideas about interfaces from, say, 37signals spread to the handheld? Or is the future Apple shaped and we haven’t seen it yet?

The Prepaid GPRS Rip-off

I’ve grumbled before about how hard it is to do GPRS on prepaid cards. For those who haven’t done this, it’s simply a way to turn your smartphone into an Internet ready machine when you’re on the road (removing you from some of the pain of roaming GPRS charges, in the rare times they’re available. )

The problem is that as far as I can work out there are no flat-rate plans for prepaid GPRS users. Instead, you’re charged per kilobyte transferred, and just downloading a dozen or so email headers  (not the contents; just the headers) will quickly drain your credit. I emptied 20 pounds of credit on UK’s T-Mobile this month after checking my email twice and making a couple of local calls. The price per kilobyte is given as 2 pence but that doesn’t sound right. GPRS on prepaid seems a quick route to bankruptcy. No wonder there’s no useful information about the pricing on their website.

Sadly it’s not just Rip-Off Britain that’s emptying pockets with what are  beguilingly called Top-Ups. Singapore and Hong Kong, when they offer GPRS at all, do so at rates that are usurious.

Anyone had similar or contrasting experiences? Or tips for getting around this problem? Here are some from Syd Low of Alien Camel. My only ones are these:

  • use one email account for vital stuff when you’re travelling so the number of emails you need to sync is manageable;
  • download only headers on sync. You can always download the whole email if you need to;
  • eep your inbox folder as empty as possible if you’re using IMAP. This reduces sync time and cost.

Another Kind of Phone

Here’s another interesting phone-over-Internet approach that also works over existing telephone lines: the PhoneGnome.

This is how it works: A user connects the PhoneGnome via an ethernet cable to his of her home network, and to a PSTN wall jack using a standard telephone cable. When the PhoneGnome powers up, it automatically reports in to a server to let it know it’s online and what its PSTN phone number is. That’s the entire scope of the basic installation.

Once installed, when the user dials a telephone number, it checks with the server to see if that number belongs to a registered PhoneGnome user. If it does, the call is made directly via the IP network, bypassing all PSTN toll charges.

The PhoneGnome also works with non-PhoneGnome accounts like BroadVoice, VoicePulse Connect. In a nutshell, the service seems to straddle the best of old-style telephony and the best of the new — including the public SIP protocol.

I’m not clear whether the PhoneGnome works overseas; I see no reason why it couldn’t.