Tag Archives: Sydney

How Good Information Goes Bad

image 

The Internet is fast becoming a sort of gossip chamber where the real merges with the fantasy, leaving ordinary people overwhelmed. I’m not sure it’s a good thing.

Take an email my wife forwarded me this morning. It’s from a newsgroup comprising Indonesian expat mothers in Singapore (talk about niches!). The sender had forwarded an email they received from someone who claimed to have had the scam they describe befall them in Singapore.

The scam itself is ingenious: someone phones a resident, saying they’ve got a package to deliver and confirming someone will be home. The package is a beautiful basket of flowers and wine. No card (the delivery guy says it’s coming later.) Recipient happy, but told will have to pay $3.50 as proof the delivery guy left the alcohol-containing package to an adult. Fair enough.

The recipient goes to get cash. No, says the guy, it has to be by EFTPOS—a bank card—because he’s not allowed to handle cash. Fair enough.

He swipes the card on  his machine, recipient enters PIN, and off delivery guy goes.

Within a few days, several thousand dollars disappears from the recipient’s account, via a duplicated card and the stolen PIN number.

Now this is a good, classy and brazen scam. And it’s true. It did happen—in Sydney, Australia, in October (and possibly November) 2008. The guy involved was arrested on November 21.

But it didn’t, as far as we know, happen in Singapore. Or anywhere else.

But that hasn’t stopped the email from spreading virally. In Malaysia, Canada, and elsewhere.

Myth-busting sites like Snopes and Hoax Slayer have done a good job of trying to separate fact and fiction. The problem is that as these legitimate stories spread, they serve to confuse and alarm rather than educate the public. As Hoax Slayer puts it:

While they may be perfectly valid when first launched, a problem with such warning emails is that they may continue to circulate for years and eventually become outdated and redundant. And, as noted, false or misleading information may be added to the messages as they circulate and such additions can significantly erode their use as warnings. Before forwarding such warning messages, it is always wise to check that the information they contain is accurate and up-to-date.

I quite agree. It’s good that people are wary, but not based on stories that are no longer true.

Checklist to avoid such scams:

  • Ask to see credentials of any delivery guy, whether or not he’s giving you free stuff.
  • If you’re wary, don’t accept the delivery. Even if it’s free stuff.
  • You should not be asked to pay money by someone appearing at your door unless you’re expecting the package. Sadly this is not properly adhered to, even by supposedly reputable couriers. In Indonesia I would find the couriers demanding duty payments that were not sufficiently documented.
  • Don’t let anyone swipe your bank card unless you’ve established who they are.
  • If in doubt, demand a name card and take a photo of the person with your cellphone. Then close the door.

Photo credit: North Shore Times.

Google Killer? A Clip Around the Ears, Maybe

There’s a new search engine out there, according to the Guardian, and it sort of tries to figure out what you’re looking for. Which is good. Google searches are great so long as they’re simple. But is Powerset up to snuff?

Here are some searches I did (betraying my interests):

image

Pretty good stuff. And how about me?

image

Even less obvious matches seem to work:

image

Also right on the money. Nixon got second place when I asked who was the first u.s. president to resign? which is good enough:

image

Other searches tho — how many copies of Office 2007 has Microsoft sold? and how far is it from London to Sydney — weren’t any good at all.

Of course, Powerset is so far only parsing Wikipedia articles (only — there are 2.3 million of those in the English language). And ask Google the same questions and you’re also likely to get the answers high up (1st in the case of Nixon, Taser inventer, Suharto resignation, though nowhere on my own alleged career (fittingly). Sydney/London throws up a WikiAnswers page, and I’ve given up hope trying to find out how many copies of Office 2007 have been sold.)

Still, it’s early days for something like this. There’s no question that a better search engine will one day come along, perhaps belonging to Google, perhaps not. Will it need to parse every sentence for meaning? Who knows?

Technorati Tags: ,,

Bot, Go Out and Do My Bidding

This week’s WSJ.com column (behind a subscription wall, I’m afraid) is on how we need to get ready for the day when chatbots go out and do our bidding for us. Literally, possibly, but if nothing else to go out and do the pre-flirting bit of online dating. 
clipped from online.wsj.com

Expect a future where we don’t interact with other people. Instead, we’ll send our “cyber double” out to interact with other people’s “cyber doubles” until things get interesting. Then, and only then, will real people take over.

This is the vision of Liesl Capper, whose Sydney-based RelevanceNow! last week launched an early version of MyCyberTwin (mycybertwin.com), a service that allows you to create and hone an online version of yourself. Your cyber twin will then chat on your behalf on instant messaging, your blog or your MySpace page. Eventually much of what you do online will be left to your cyber double, indistinguishable from the real thing (you). As Ms. Capper puts it: “You can be you, even when you’re not you.”

Our Nasty Internet

It sometimes boggles my mind at how messy and nasty the Internet has become.

The Canberra Times (no URL available, can’t find it on their website) quotes Peter Tippett, a member of United States President George W.Bush’s Information Technology Advisory Committee and chief technologist at Cybertrust, as telling a media briefing in Sydney last week that in the first six months of this year “the proportion of total e-mail traffic classified as malicious – including spam and phishing – rose from 20 per cent to 85 per cent.”

What does this mean? Well, for one thing it means that most folk trying to download the Windows XP SP2 update without already having a firewall in place didn’t stand a chance: “In a test undertaken in 10 cities last month, Cybertrust found that only 40 per cent of new computers were able to download a Windows update before they were successfully hacked.” Says Tippett: ”The average time before a successful hack is under an hour on an average high-speed Internet connection in the world today.”

We have got to find another way of doing all this. The Internet has become one, big, bad neighborhood. Ordinary folks just shouldn’t have to be vulnerable when they plug in.

(Tippett, by they way, recommends setting up a wireless network. He plays down the dangers of sniffing and eavesdropping and plays up the fact that over 80% of attacks can’t get through a netted router. ”If you did only one thing for home security, you should add wireless to your home network,” said Tippett. I’m certainly no expert, but wouldn’t adding any kind of router that has NAT, or Network Address Translation, built in do the same thing for you? Why does it have to be Wi-fi?)

Email Goes Unlimited

First there was Gmail, with its 1 gigabyte email storage service. Now unveiled today, there’s AlienCamel, an Australian email service claiming to be the first to offer unlimited email storage.

First off, a declaration of interest: I’ve been using AlienCamel for a while, and have gotten to the know the guy behind the service, Sydney Low. But I have to say it’s a pretty good offer for $16 a half year, along with very good spam filtering and virus-free emails, courtesy of Bayesian filtering, a neat system of advising you when there’s email that appears to not be spam but from someone who’s not on your whitelist, and two virus engines (Kaspersky and ClamAV) to keep your emails free of nasties.

I’d recommend a tryout. It’s not a perfect world when you have to pay extra for an email service on top of your ISP account, but unless your ISP offers good customer support, good spam filtering, decent online storage and virus-free email, services like this make a lot of sense.

The Gaping Browser Hole

Sometimes security holes can be subtle rather than complex. Sidney Low of Aliencamel points out the vulnerability discovered by Secunia, called the Multiple Browsers Frame Injection Vulnerability.

It’s a fancy term for a simple enough trick, where the bad guy hijacks a frame in a legitimate webpage (a frame is one portion of a webpage which has been divided into sections). The result is that the overall page is kosher — including, crucially, the URL — but that one of the frames contained inside is not. In that frame, of course, the bad guy could do anything he likes, and the user is none the wiser.

The only way a user can tell, I think, is by right clicking on the frame content and seeing what URL it is coming from, but who does that?

This vulnerability, actually, is a variation on a vulnerability Secunia reported had been fixed in earlier versions of IE, but then created again in a recent version. The bad news is that the vulnerability is not only an IE also present in Opera, Safari, Netscape and Mozilla. I couldn’t get it to work in Firefox, interestingly. There’s a test you can perform here.

As Sydney says: “This one is quite worrying because it doesn’t need to do any URL masking. It simply exploits the fact that framesets will do the URL masking for the phisher.”

Column: Ethel fights back

Loose Wire — Tea, Sympathy And Service

By Jeremy Wagstaff
from the 25 July 2002 edition of the Far Eastern Economic Review, (c) 2003, Dow Jones & Company, Inc.
If you want good customer service on-line, try impersonating a little old lady. It worked for me.

Frustrated by the poor response to my own e-mail enquiries to big companies — I’m not naming names here, except to say I’m still waiting for replies from the likes of 3Com, Fujitsu and Linksys — I figured things might work better if I metamorphosed into Ethel M. Girdle, a septuagenarian who claims to have typed her way through World War II while flying Spitfire fighter aircraft and is a dab hand at growing roses and laying on tea parties for the local pastor.

First stop for Ethel was fixing her Zanussi dishwasher. “Hello, young man (or lady),” she wrote to the customer-service centre in Britain. “My washer makes a noise like one of those newfangled leafblower things and my crockery doesn’t get clean. Can you send one of your nice young chaps round to fix it, I’m having the vicar for tea on Friday and if he sees the china in this state he’ll think I’ve gone over to the other side. Yours, Mrs. Girdle.” Zanussi responded with impressive speed and grasp of the gravity of the situation. “Dear Mrs. Girdle,” they wrote. “Sorry to hear of the problems that you are experiencing with your dishwasher, if you would kindly let me have your postcode I will be able to look up the details of your nearest service centre for you so that one of our engineers can come and repair your appliance so that your china gets nice and clean again.”

My own experience of airlines and the Internet has been woeful, so I was interested to see how my fictional friend got on. She wanted to visit her grandson and fired off e-mails to several airlines: “I’m coming to Hong Kong/Sydney/Tokyo/Singapore to see my grandson, who is doing a grand job running one of your banks. This is not the first time I’ve flown (I used to fly during the war, don’t you know) but it’s been a while. Is it OK to bring my cocker spaniel, Poppy? He won’t be any trouble, unless you’ve got rabbits on the aircraft! And may I bring my own teapot on board? I do like a cup of tea in the afternoon.”

Ethel’s still waiting to hear from Japan Airlines and Qantas, while British Airways’ Web site had no functioning e-mail address for ordinary folk. Singapore Airlines offered a form letter, Cathay Pacific was somewhat intimidating: “Please kindly note that domestic animals of any description are not permitted to be carried in the passenger cabin on any Cathay Pacific flights.” But Virgin Atlantic rose to the occasion well: “I can assure you that our crew will make sure you receive a nice cup of tea on the flight or more than one in fact! It would not be necessary to take a teapot with you. Unfortunately Virgin Atlantic do not have a licence to carry pets of any description, even though I am sure he is no trouble.”

Next, Ethel decided to buy a computer. “I need the following,” she e-mailed IBM: “A nice keyboard (if possible an electric one, the manual ones tire me out) and a nice screen to look at. Could I use my TV instead, and save a few dimes? It’s a big one, though black and white and takes forever to warm up. My grandson says I need a CD drive but I think I can just drag the stereo over and plug it into the computer, yes?”

IBM were very helpful. “Please note that all our NetVista (desktops) come with a standard keyboard. However, we are unsure of what you mean by “electric” vs. “manual”, they wrote, before gently pointing out that hooking up her black-and-white TV and CD player to the PC was a no-no.

Encouraged, Ethel went back for advice on the Internet: “Do I need some sort of passport, or special goggles, or something? My grandson says the connections are very fast these days, I don’t want to mess up my hair.” IBM was reassuring, saying a passport wouldn’t be necessary.

Overall, I was impressed. Customer service on-line has a long way to go — shame on those companies that didn’t reply — but at least there are some bright and helpful folk at the end of those e-mail addresses. And for those of you not getting customer satisfaction on-line, feel free to impersonate Ethel. I know I will.