8 Jan
2019
8 Jan
'19
8:43 p.m.
At 08:56 PM 8/01/2019 -0600, you wrote:
On 01/08/2019 04:33 PM, Fred Cisin via cctalk wrote:
I've been receiving the same 'hacked your account, sending this from your account,
send bitcoins' scam
emails for a while.
They are NOT from 'my account' (what does that even mean?) although the sender
email address is same as
one or more of mine. But that is spoofable. I ignore them.
I can see all the headers, which include lines like:
X-Mailer: Microsoft Outlook Express 6.00.2900.3022
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3022
Since I'd rather die than use MS Outlook Express, or even install it an any system of
mine,
I know they lie (and for other reasons.)
Recently one quoted 'my password' as evidence. It's a password I used on a
porn site long ago, and that
site changed hands and became a junk site sometime since. Maybe the new owners branched
into extortion scams?
I also at times receive a lot of scamming phone calls to my landline. Sometimes several a
day.
These have such a consistent format that I'm sure they must come from some group, even
though they
use different names.
The phone rings, I pick up, there's a variable duration interval of silence, then a
pooiip! popping
sound (their system connecting this call to one of their operators, now that I answered),
then a
usually very Indian sounding voice (M or F) says something like "Hello, this is
Microsoft security service"
or "Hello this is product testing group."
I never bother to go along with it to see what their intent is. Just hang up usually.
We all know the government has total surveilance of all electronic communications.
Don't argue, this
is not a 'conspiracy theory'. I've even had dinner with a guy who was my
interpreter wife's boss at the
time, as head of the Sydney branch of Australia's national crime commission's
intercepts division.
Discussed the Echelon system (as it was named then) system with him, which he acknowledged
existed.
I asked so, what percentage of ALL communications (voice and digital) does the system
capture and analyze
for keywords?
(Echelon used a 'dictionary' of keywords and phrases of interest, put together
each week by the NATO
powers, and shared among them all. Intercepts in each country are done on coms
backbones, with each site
existing as a diplomatic enclave, manned by intelligence staff who are acting on behalf
of 'foreign
allies' hence getting around local surveilance legal limitations. Any intelligence
of interest is passed
to local intelligence services as a diplomatic communication, so the local gov was not
'spying on
their own citizens.' Ha ha ha. It sucks, but that is how it worked nearly 20 years
ago. Certainly much
worse now. I don't know what the equivalent system is called these days.)
His answer: around 98%.
Now here's the thing. Another interesting observation one could make:
You'd think these kind of scamming emails and phone calls should be illegal, and
easily prosecutable.
You'd think it would require almost no effort at all from law enforcement and coms
carriers, to
identify the sources. Given that they have total transparency of the telecoms
infrastructure.
Not to mention that if Indian call centers are involved there would be international
carrier contracts
and national entry points that would stand out like searchlights in traffic analysis.
Same goes for Asian paid web click farms, etc. Even botnets with encrypted command
channels - I can't
believe it can be technically impossible to shut these down.
So, how does this bullsh*t continue?
One can only conclude that the large scale scamming operations are conducted with the
knowledge of,
and probably complicity of, government at some level.
The real question is why.
I can make guesses about that too. But doubt many here would find it comfortable. Or on
topic.
Guy
On Tue, 8 Jan 2019, allison via cctalk wrote:
Interesting observation I made a few years ago. I run a web
store, and was being inundated with ssh login attempts.
About 1000/day! I decided this was serious, they'd
eventually get lucky.
So, searching available software, I found denyhosts. It
checks the logs for login failures, and after a set
threshold, it puts the source IP into the hosts.deny list,
and your machine effectively disappears from that source
IP's view. I set the rules very strictly, so that after 3
login failures over a 2 month span, that IP was blocked for
a year. Something very interesting happened.
The number of attempts did not diminish immediately, as the
botnets had a large number of compromised machines. But,
suddenly, two weeks to the EXACT HOUR when I set up
denyhosts, the attacks dropped from 1000/day to 3! Just
like flipping a switch! So, these hackers have a dark net
list somewhere where they trade IP addresses of machines
they would like to hack, and what they can figure out about
the security measures implemented on them. When they have
demonstrated by coordinated attempts that your lockout
horizon is over two weeks, they put out the word that your
site is not going to bear any fruit.
I currently have 9000-some blocked IPs in hosts.deny, I
wonder how much that slows down my store. Ugh, the stuff we
are forced to go through.
Jon SStandard lockout after three fails i 15
minutes.???
Howzbout:
a quarter second lockout after a fail;
double that for each subsequent fail.
Three tries to get it right will not be inconvenienced.
But, by 32 tries, it's up to a biillion seconds.