- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
I get actual spam that contains similar tidbits. When you save a webpage from Internet Explorer, it adds a comment at the top... something to the effect of "saved from url=http://example.com/". If you saved the page from an ftp site after logging in, it includes your username and password in the URL. Hilarity ensues.
Admin
And here I was, thinking there is nothing worth reading in spam. It looks like every pile of crap has its gems.
Admin
... but why would you want to SLOW DOWN free porn and warez?
What else would we use the Internet for?
Admin
This wasn't walking through an open door. This was lifting the doormat, picking up the key hidden there, unlocking and opening the door, going inside, and then torching the furniture.
Admin
Screw the laws. Laws are for civilized people, not spammers.
Admin
*Standing ovation* Indeed!
Captcha: hacker, appropriately enough.
Admin
I once received a piece of spam with an actual unsubscribe link. This we less spam and more of a legitimate marketing strategy, I suppose. Though I have no idea how I got on their list. The unsubscribe link looked something like this: http://www.initech.com/mailing/unsubscribe.asp?id=2343. To help a few other people out I ran curl with the URL, replacing "2343" with "[1-1000000]," though I stopped the command after I had removed 25,000 or so subscribers.
The lesson? Don't use GET for potentially destructive actions. And don't use auto-generated IDs where one user can easily access other records that don't belong to that user simply by incrementing a number.
Admin
Admin
Not at all.
If you think about it, the login and password has come up with the html source code. When you retrieve information from the server your browser is getting inside the FTP. So, this simple fact makes your act of viewing a spam message ilegal? If not, then the bastard spammer has just granted you legal access to his account. So i really doubt anyone can be considered as guilty from remove the account content.
Just my 2cts
Admin
Not at all.
If you think about it, the login and password has come up with the html source code. When you retrieve information from the server your browser is getting inside the FTP. So, this simple fact makes your act of viewing a spam message ilegal? If not, then the bastard spammer has just granted you legal access to his account. So i really doubt anyone can be considered as guilty from remove the account content.
Just my 2cts
Admin
Admin
Australia
Under section 9a of the Victorian Summary Offences Act (1966), "a person must not gain access to, or enter, a computer system or part of a computer system without lawful authority to do so". The penalty if convicted is up to six months' jail.
<script> <!-- // var b;var greater = 0 ;name = navigator.appName; ver = parseInt(navigator.appVersion); var agt = navigator.userAgent; if (agt.indexOf('Macintosh')==-1) { if (name == 'Netscape' && ver >= 4) { b = 0; } else if (name == 'Microsoft Internet Explorer' && ver >= 4) { b = 2; } else { b = 0; } if (b == 1) { var toolkit = java.awt.Toolkit.getDefaultToolkit(); var size = toolkit.getScreenSize(); width = self.innerWidth; if (width >= 772) greater = 1; } else if (b == 2) { if (document.body.clientWidth >= 772) greater = 1; } if (greater == 1) { document.write("<br clear='all'><style type='text/css'>@media print {.nopr {display:none}}</style><div class='nopr'><table cellpading='0' cellspacing='0' border='0' align='right' width='300'><tr valign='top'><td> </td> <td align='right'><font size='-1' color='#666666'><strong>advertisement</strong></font></td></tr><tr valign='top'> <td nowrap> </td><td bgcolor='#ffffff' align='center' valign='middle'>");document.write("<IFRAME WIDTH='300' HEIGHT='250' MARGINWIDTH='0' MARGINHEIGHT='0' HSPACE='0' VSPACE='0' FRAMEBORDER='0' SCROLLING='no' BORDERCOLOR='#000000' SRC='http://campaigns.f2.com.au/html.ng/cat=technology&ctype=story&subcat=itnews&site=age&adspace=300x250'><SCRIPT LANGUAGE='JavaScript1.1' SRC='http://campaigns.f2.com.au/js.ng/cat=technology&ctype=story&Params.richmedia=yes&subcat=itnews&site=age&adspace=300x250'></SCRIPT><NOSCRIPT><A HREF='http://campaigns.f2.com.au/click.ng/cat=technology&ctype=story&Params.richmedia=yes&subcat=itnews&site=age&adspace=300x250'><IMG SRC='http://campaigns.f2.com.au/image.ng/cat=technology&ctype=story&Params.richmedia=yes&subcat=itnews&site=age&adspace=300x250' HEIGHT='250' WIDTH='300' BORDER='0'></A></NOSCRIPT></IFRAME>");document.write("</td></tr><tr valign='top'><td> </td><td nowrap align='left'><font size='-1' color='#666666'><strong>advertisement</strong></font></td></tr></table></div>"); } } // --> </script>
Admin
Sorry can someone edit that. bloody copy and paste.
Admin
Wow that brings back memories! I loved that game because I always seemed to win! :P
Admin
you mean... "YOUR WINNER!".... that one?
Admin
QFT, since not only spammers need unsubscribes.
GET: The link should go to a page that says "Are you sure?" and has a POST-form submit button.
Easy access: Letting people unsubscribe everybody is not the half of it. The page should ABSOLUTELY NOT show the email address if all it requires is a subscriber ID. If it does, you've just given your complete subscribe base over to anyone who wants it. Add a field to the Subscribers table with random data in it, and add that to the query string: unsubscribe?id=2343&salt=A37DjsdSj
Admin
It's a dirty job, but someone must amuse himself doing it >:-].
Bye, G.
Admin
Just make reading email illegal all over the world. You could still send them, so the spammers would have something to amuse themselves with all the days of their sad little lives. If I wasn't allowed to read my email, it would save me so ooomuch time each day.
Admin
What makes you think the spam that was sent was legal? Most spam emails are illegal and/or violate the terms of service for usage of private systems.
Admin
Admin
Not a chance. The expiration date exists on spam for one reason only--because products intended for human consumption require an expiration date. Sure, they could set it to expire in 20 years, but that would just creep people out. Truth is, a million years after the end of civilization a cockroach will crack open a can of Spam and find its contents to be in pretty much the same state they were on canning day...
Admin
Make sure that the 150,000 emails are a nice embedded goatse image though.
Also, it would be more than 150,000. The original story said over a million email addresses.
Admin
http://www.419eater.com/
Scambaiting at its finest... some of the exchanges are long but ultimately worth it
Admin
You all seem to think that this unsubscribe link actually removes one from the spam list. Tell me, why would a spammer remove an address which he just confirmed valid?
The unsubscribe links are just another trap.
edit : is it just on my side or i broke the site layout somehow? :/
Admin
Great story. Allthough deleting his files is a good step, personally I would have screwed his whole account, and if it was his own server (not shared/vhost) I would go as fas as to swipe the drives... Fuck spammers.
captcha: random
Admin
Try out this ebay impostor:
ftp://ed:[email protected]/signin.ebay.com.ws.eBayISAPI.dllSignIn&co_partnerId=2&pUserId=&siteid=0&pageType=&pa1=&i1=&bshowgif=&UsingSSL.html
I deleted the file several times and even reported the site to ebay - but it reappears again and again.
Telnet access is not possible and and I failed to login in via ssh (port 22 is open though). Maybe some of you can help by uploading some GB of data or something like that. :-)
Thanks,
J
Admin
You fools!
This is obviously a paid message on The Daily WTF that encourages you to stop your spam filters and read through your spam mail with hopes of catching a similar case!
captcha: zork
Admin
Admin
Do you need any more signatures? A few more taglines? Just dump whatever you think is witty (but isn't) into your signature here, and in your e-mail (which I know you've done).
Admin
Admin
Or the dude that raided a bakers with a rolling pin or a candlestick maker with a wick. Trust me, I know :-(
Admin
Ok, then let us hear those violated laws.
I`d have not only deleted that guys files, but also goat`sed his 'webs' :)
Admin
You may jest, but that is exactly what would happen here in the UK. The law is an ass here.
Admin
You can access it via POP 3. You can also access it via IMAP.
If you use IMAP and look at his sent mail you see 1 item sent to Ron. The from address in that: '[email protected]'
The login/pasword is also the correct one for SSH but that login has no shell.
Admin
That message was in repy to:
Admin
Other open ports:
https://64.15.136.213:443/ shows the default plesk page
https://64.15.136.213:8443/ shows the ples login page... but ed/ed doesn't work there
Admin
I am really fed up with my bank! As a matter of fact, every bank in America.
My bank is incompetent. They continuously "lose" my personal account information and are emailing me to log in and provide:
How can I trust them to manage my money when they can't even keep track of my personal information?
And I even get it from banks with whom I do not hold accounts! It must be an epidemic of stupidity in the Banking Industry!!
</sarcasm>
Admin
Haha. Never thought about it that way. If only the people who falls for these phishing messages would do that.
Great story btw.
Admin
"YOU'RE WINNER!!"
Admin
It's actually "YOU'RE WINNER!!"
Admin
Obviously a joke.... But, it did send me to the Hormel site to look at their annual report. Sales of the SPAM® family of products were down by 2.5% (or 512,000 lbs) yty. This lets me know that they sold 9984 tons of SPAM last year. (or, rather, 9984 tons of the SPAM® family of products as they call it in their annual report)
Another SPAMTASTIC fact I learned from Hormel is that SPAMTASTIC® is a registered trademark of Hormel. I can't imagine who thought that was a good idea for a trademark.
And here's a fun quote from a Hormel web site (http://spam.com/ci/ci_in.htm which is owned by Hormel & linked to from their main corporate site)
Admin
This case has been and almost always will be very contentious. My understanding is that he shot the intruders as they were running away from his house across a field some 50-100 yards away. British law allows the use of force in self-defence. It is debatable how much danger he was in when they were running away and a long way off so a self-defence argument is difficult to make. It is also true that he did the deed with an illegally held shotgun, the police having revoked his license.
The government never did give the surviving robber money, this is an urban myth. Hlariously what happened was the robber sued for loss of earnings, then when they got to court it turned out that he never had any declared legal earnings so there was nothing to lose and the case was thrown out.
It seems sensible to me that the jail sentence for unlawfully killing someone is longer than that for burglary.
The case is always held up by right wing politicians as a case of common sense not existing, or burglars having more rights than the burgled, but the truth is far from that simple.
Admin
Admin
But the furniture was upholstered in purple shag. It was hideous, he was doing the world a favor.
Admin
TDWTF Forum Sucks :\
Wow, delightful forum software here, Alex.
Admin
How did you know my name was Eric?
Admin
You da man...
Admin
That's impressive, but after hearing "Pigs go in, SPAM comes out; no remainder", I won't be eating any SPAM in the future.
Admin
That's because Tony Martin shot those kids in the back as they were running away. Technically, that's murder, and that's what he was initially convicted of - it was reduced to manslaughter on appeal, but I always got the impression it was more because the distorted, biased and inaccurate press coverage of the case had provoked a public outcry on an "issue" that didn't come up in the case than because of any clear reason why Martin's actions would fail the established test for inferring intent in murder cases.
Hearing this case, and hearing it brought up continually as an example of how the law is on the side of the criminals, pisses me off no end. The law, as it always has been, is on the side of people not being killed in cold blood when they are posing no threat, and I'm confident that every single person who chanted "Free Tony Martin!" would unhesitatingly assert that they want this to remain the case.
Yet still they campaign for a cause which actively undermines the rule of law, because Rupert told them to.
Admin
No, the law is in remarkably good shape here. The media are asses, though, and determined to undermine it at every step. Just today we have a perfect example of the media and police force working in lockstep to undermine the Human Rights Act, eventually requiring the Lord Chancellor to do the rounds of the news shows saying, quite correctly, "don't be so bloody stupid".
The media is also strangely silent on the (vast majority of) cases brought under the HRA that fail or are thrown out.
In the armed forces, the behaviour over the HRA would be described as "dumb insolence" - but the plain fact is that people had better get used to it, because it's not going away. Even if the UK act is repealed, the ECHR's judgements will be every bit as binding as they've ever been - wouldn't you rather have cases decided by British judges.
Now for sure, there are some bloody stupid laws on the statute books, and New Labour seem hell-bent on demonstrating why the supremacy of Parliament should perhaps not be as absolute as it is in this country (but then, with the recent creation of a Supreme Court, it might be, because the judiciary are no longer intermingled with the legislature or dependent on their charity) - but taken as a whole, the body of the law in this country does a fair job of accomplishing what it sets out to achieve.
Any time someone tells you the law is an ass - stop and consider who's doing the braying.