The Hypocrisy Weblog

I once upon a time joined the forum over at Cerulean Studios in order to obtain more information about certain issues connected to the Instant Messaging client “Trillian”.

The other day I got a phishing email sent to an email-alias that only Cerulean Studios should have had access to. The alias is also created in a way that ensures that it can’t be guessed, and hardly be “randomized” by a computer or matched to a known alias-list.

The emails goes as follows;

Subject: Confirm Your SunTrust Banking Account
“SunTrust Bank” (faked, of course)
November 27, 2004 12:09

Dear SunTrust Client,

We recently reviewed your account, and suspect that your Suntrust account may have been accessed by an unauthorized third party.Protecting the security of your account and of the SunTrust network is our primary concern.
Therefore, as a preventative measure, we have temporarily limited access to sensitive Suntrust account features.
Click the link below in order to regain access to your account:

https://internetbanking.suntrust.com

We received a massive identity thefts targeting SunTrust so we suggest you to Confirm Your Banking Account within 24 hours.
DO NOT FORGET TO COMPLETE BOTH FORMS, to avoid Credit Card Fraud

Sincerely,

The SunTrust Security Department Team.
We apologize for any inconvenience this may cause, and apriciate your assistance in helping us maintain the integrity of the entire SunTrust system.w

I felt quite disappointed, to say the least. The alias is de-activated now, but the memory of this event remains.

British news agency BBC writes; “Paul Myers, chief executive of Wippit – a peer to peer service (P2P) which provides paid-for music downloads – believes it is time advertisers stopped providing ‘oxygen’ for companies that support illegal downloading.”

Paul Myers said the following in an open letter to the British Phonographic Industry last month (quote); “You may be surprised to know that current advertisers on the most popular peer to peer service eDonkey who now steadfastly support copyright theft with real cash money include Nat West, Vodafone, O2, First Direct, NTL, and Renault,”.

Myers urged people to follow his lead and ‘dump’ brands associated with companies such as eDonkey.

The BPI is equally quick to condemn established brands becoming bedfellows with peer to peer networks.

“Networks like eDonkey, Kazaa and Grokster facilitate illegal filesharing. The BPI strongly believes that any reputable company should look carefully at the support they are giving these networks through their advertising revenue,” BPI said in a statement.

BPI continues; “Illegal file-sharers steal millions of pounds worth of music through these services. We are sure that the companies advertising on them would not put up with theft on such a scale from their own businesses,”.

Mark Mulligan, a music analyst with Jupiter Research airs the opinion that the issue about advertisements on P2P-networks are more complicated for the actual advertisers. The reality of it all is that the millions of downloaders represent a very attractive audience.

Mark Mulligan says; “Advertisers probably pay a lot less for putting ads here than on more respected sites and they are reaching the perfect target audience,”.

“If you put the legality issues aside, not to advertise here would mean missing out on a valuable audience,” Mr Mulligan added.

Meanwhile companies contacted by the BBC News website insist that they were not directly aware of where their ads have been appearing.

OneTel adverts were spotted on eDonkey this week and its response was typical.

“We have investigated this matter and believe that one of our affiliate partners has placed this advert without our knowledge. It is not our policy to advertise through peer-to-peer networks,” read a statement from the discount phone firm.

It has requested the advert be removed immediately, said a spokeswoman.

Similarly telecommunications firm NTL blames its media buying agency which places adverts with third party networks featuring thousands of sites.

Since the matter was brought to its attention last month, the agency has strict instructions to make sure ads do not appear on such sites, a spokesman told the BBC News website.

Presidential peer-to-peer campaign

However Mr Mulligan was not entirely convinced by these explanations.

While smaller brands might not necessarily be aware of where the money they allocate to online advertising actually ends, this is no excuse for well-known brands, he said.

“I would be surprised if these brands didn’t have the know-how to prevent this happening,” he said.

At the moment eDonkey is enjoying the benefits of having some very well-known faces advert on its network.

“Many big brands have leveraged the opportunity, including perhaps two of the biggest brands in the world – Senator John Kerry and President George W. Bush,” said chief executive Sam Yagan.

There are some distinct advantages of advertising on such a network, he thinks.

“Peer-to-peer clients offer big brands a unique opportunity to engage with their customers where they’re most comfortable: at their desks interacting with their favourite digital media,” he said.

My comment; The above controversy is typical, as while the music industry (Paul Myers&Wippit along with the BPI) wants to protect their source of revenue, aka the intellectual capital music is, the major public has a whole ‘nother view on the matter; they have grown accustom to music being free and easily accessible, and (too) many see the work musicians do to be something that they shouldn’t really get paid for, and when there is a sense of “the musicians must live out of something”, there is still the “I will download this album, I bet that someone else will buy it”-feel.

What the record-industry fail to accomplish is to reach out to the grey mass, as in a not demographically determined group of people / potential consumers and, no matter how slow, change attitudes in order to finally make paid for and legal digital music&film something of a more common reality. If this is not accomplished, then there is no hope for the music and entertainment industry as a whole.

I know that putting out advertisements on (“non-commercial“) P2P-networks such as eDonkey must be a real thorn in the side to any record / film-company executive, but it has to be done in order to win the battle between legally downloaded intellectual material, and the illegally shared ditto. One can not sue people to submission.

It is time for all the Lukes Skywalkers of BMG&co to join the darkside; there is no other way.

Article at the BBC-website

Being one of the beta-testers of Google’s “Gmail”-service, I’ve been following the progress of the service with interest.

This interest of mine comes from both a technological view-point, as well as an interest for the Privacy-issues, where Google takes the right to both scan the contents of the users’ emailboxes and from this match advertisements based on this content-scan.

Having this said, this post will concentrate on the more interface and technical-related issues.

To start up, Gmail is (often) very fast to load, and when one learns how to use the filter and label-function it actually takes the pain out of having only 2 mailboxes; the inbox and the archive.

Interface&design

The interface is very clean and the colors are well-chosen in subtle shades of blue for the email-boxes / contents-display, green for the labels, red for the invites (beta mode, ya know?!) and yellow for the settings. Psychologically this works fine, with the calm blue for the email-display, the positive green for the labels and a sense of importance with the yellow colouring.

All of the above is topped off with the Google-logo on the top, in other words; so far, so good…

Filters and Labels;

Setting up filters and labels within the settings works as a “saved search” function, and you can see how many unread emails you have in a certain label, regardless what emailbox they are located in. Also, when clicking on a particular label, you see all emails matching a certain filter and assigned label.

This function is one of the basics of Gmail, and it’s similar to having folders in a regular email-program or competing webmail-client.

Addressbook

This is yet another positive side of Gmail. The addressbook is both updated when composing and sending an email to an email-address not yet inside the addressbook, and the auto-completion works brilliantly. Another thing is that your contacts are sorted after how often you’ve emailed them, which is a very handy approach.

Antivirus&Spam-protection

The antivirus protection in Gmail is quite primitive, as the incoming mailserver(s) deletes attachments with certain file-endings. One of the responsible people behind Gmail, Georges Harik, says that a complete antivirus-software is on a wish and todo-list.

Concerning the spam-protection system; I didn’t have the “pleasure” to receive much spam to be able to have an opinion on this issue yet, but there have been no false-positives so far.

Google have implemented the “no images unless confirmed”-feature that you may find in webmail-clients such as Squirrel Mail or modern email-clients such as Mozilla Thunderbird, which basically means that no external images will load in the email opened unless you press a button to do so. As you might know, spammers will see that you have read the email they pumped out when loading external images on their servers, as these external images serves as a tracking-tool for a spammer.

Code

Gmail is as of now written with javascript, which isn’t such a good idea, as not all users have this function activated. Google have stated that a html(dhtml?)-based interface is in the works.

The negative aspects

Threading; Sometimes Gmail does not seem to be able to understand that several emails in a conversation, from for example an email-list is in the same thread. Also, the thread is lost if applying / removing a label to the conversation. This is quite annoying if dealing with a higher email-traffic.

Also; there is no possibility to be able to choose a “threaded view” within the web-interface, a huge con.

Composing email; Although the auto-completion is a good thing, there is no way to compose your emails in html-mode in an easy way, and this really needs to be worked at, if you ask me – as even if I don’t personally miss this; many users will.

No virus-scanning; There is no scanning after viruses being done, and an image file could easily contain a virus, and infect your PC while using Gmail to watch attached pictures.

So, do I think that Gmail is a bad service? Not at all, Google is shaping it up to become better and better. The intuitive interface combined with the power of Google’s search knowledge and the 1 GigaByte storage-space are compelling factors to why people would like to use Gmail.

The main factor being against Google’s Gmail is the privacy controversy, where users won’t feel secure that their personal email-account remains… personal.

Further down the road I will write more about the privacy discussions surrounding Google, and what I believe the company should do in order to battle this.

Thank you for reading!

More on Google at Hypocrisy.nu
External link to Gmail

From the New York Post;

YASSER STASHED BILLIONS ALONG SHADOWY MONEY TRAIL

In his four decades as Palestinian leader, Yasser Arafat has run a murky financial empire that includes far-flung PLO investments in airlines, banana plantations and high-tech companies, and money hidden in bank accounts across the globe.

Jaweed al-Ghussein, a former PLO finance minister, said Arafat and the PLO were worth $3 billion to $5 billion when he quit in 1996. No one will say how much the organization and its boss are worth now — some estimates say as little as a few million. But as Arafat, 75, fights for life in a hospital near Paris, Palestinians fear that what’s left will disappear or be pocketed by Arafat cronies.

“It’s the money of the Palestinian people,” said Palestinian legislator Hassan Khreishe. Arafat has long resisted proper accounting for the funds, which include Arab payments to the PLO in the 1970s and 1980s, and Western aid to his self-rule government, the Palestinian Authority, after interim peace deals with Israel in the 1990s.

Arafat lived frugally, but needed large sums to maintain loyalties. He would register investments and bank accounts in the names of loyalists, both to buy their support and protect the holdings from scrutiny and seizure, al-Ghussein said. Only Arafat had the full picture, he said, and it’s not clear whether he has left a will or any financial records.

Mohammed Rashid, Arafat’s financial adviser, denied his boss was rich. “Arafat has no personal property in any part in the world,” he told Al-Arabiya television on Sunday. “He doesn’t even have a tent, a house, an orchard or any account that we can call personal in the name of Yasser Arafat.” However, Forbes magazine ranked him No. 6 on its 2003 list of the richest “kings, queens and despots,” estimating he was worth $300 million. Shalom Harari, a former top Israeli intelligence official, said Arafat has stashed away $700 million.

Two names frequently come up in connection with Arafat’s money — Rashid and Arafat’s wife, Suha. Rashid has handled hundreds of millions of dollars in Palestinian Authority revenue Arafat diverted from the treasury. Suha Arafat, Arafat’s wife of 13 years and mother of his daughter, lives in Paris and has received monthly payments of $100,000 from Palestinian coffers, according to a senior official.

Al-Ghussein said the big money from the Arab world started flowing in 1979. For a decade, the PLO received about $200 million a year, $85 million of it from Saudi Arabia, he said. Al-Ghussein said that during that period, he would hand Arafat a check for $10.25 million every month from the PLO budget, ostensibly for payments to PLO fighters and families of those killed in battle.

Much of the Arab money dried up after Arafat infuriated his patrons in 1990 by siding with Saddam Hussein during Iraq’s invasion of Kuwait. But Saddam gave Arafat $150 million in three payments, al-Ghussein said. The PLO investments are said to have ranged from an airline in the Maldives to a Greek shipping company, banana plantations, a diamond mine in Africa and real estate.

A senior Palestinian Authority official with detailed knowledge of financial transactions said much of the money has been lost. Some of the companies went bankrupt. In other cases, Arafat cronies absconded with the cash. Some frontmen for PLO investments died, and the holdings passed to their families.

If all of this, or even parts of it can be proven, then the legacy of Yasser Arafat will be forever tainted. Of course, as the article suggests, I doubt that Yasser Arafat was and is alone in acting in such a manner, but the article above sure helps explaining why Yasser Arafat was able to cling on to power for so long; he had a great deal of help from his “friends”, and this help came at a high price, which in the end is payed by the Palestinian people.

The man who became the symbol of the Palestinian freedom fight, Yasser Arafat, died at the military hospital Percy in Paris, France at 3.30 local time, the 11th of november 2004. (You may read more about the life of Arafat here.)

There’s been great controversy surrounding the president of Palestine, yet he will perhaps cause greater controversy now after his death – as his dictator-like political culture (lack there-of), has created a vacuum within the Palestinian power-structure. As a result of this failure to grow a healthy political culture in the top of Palestinian rule, there will now be a harsh, and perhaps bloody, powerstruggle. (Keep in mind that Yasser Arafat was great at cultivating the myth surrounding himself. This combined with a high sense of politic survival kept him at power as long as he has been.)

There are also issues about where he will be buried. Yasser Arafat had a wish to be buried in Jerusalem, but this will not happen, at least not in the present moment. Arafat’s final resting place will be outside PLO’s headquarters in Ramallah.
Hamas has promised to increase their attacks on Israel, and this in it’s turn will lead to retaliation on the Palestines, which undermines an eventual peace process.

A positive aspect is that with Arafat gone, the Israelis are willing to negotiate with the Palestinians again, as Israel was not willing to negotiate with Arafat.

Another aspect is for the Palestinian authority to start rebuilding their society, and tone down the focus on Israel as the big threat. This, I believe, will benefit the region in the long run.

To end my post; a great political survivor and leader is dead. Yasser Arafat was 75 years of age.

Further reading;
Wikipedia about Yasser Arafat
The Guardian; Life in pictures
The Guardian; Obituary

I know that things are looking dire for the followers of Yasser Arafat, though this is too good to be missed

Lyrics: Sharon
Music: Bush

Yassir in a coma, I know
I know – it’s serious
Yassir in a coma, I know
I know – it’s really serious

There were times when I could
Have murdered him
(but you know, I would hate
Anything to happen to him)

No, I don’t want to see him

Do you really think
He’ll pull through ?
Do you really think
He’ll pull through ?
Do …

Yassir in a coma, I know
I know – it’s serious
My, my, my, my, my, my baby, goodbye

There were times when I could
Have strangled him
(but you know, I would hate
Anything to happen to him)
Would you please
Let me see him!

Do you really think
He’ll pull through ?
Do you really think
He’ll pull through ?
Do …
Let me whisper my last goodbyes

I know – it’s serious

(Slash / Rose)

Hey you caught me in a coma
And I don’t think I wanna
Ever come back to this…world again
Kinda like it in a coma
‘Cause no one’s ever gonna
Oh, make me come back to this…world again
Now I feel as if I’m floating away
I can’t feel all the pressure
And I like it this way
But my body’s callin’
My body’s callin’
Won’t ya come back to this…world again
Suspended deep in a sea of black
I’ve got the light at the end
I’ve got the bones on the mast
Well I’ve gone sailin’, I’ve gone sailin’
I could leave so easily
While friends are calling back to me
I said they’re
They’re leaving it all up to me
When all I needed was clarity
And someone to tell me
What the fuck is going on
Goddamn it!

Slippin’ farther an farther away
It’s a miracle how long we can stay
In a world our minds created
In a world that’s full of shit

Help me
Help me
Help me
Help me
Bastard

Please understand me
I’m climbin’ through the wreckage
Of all my twisted dreams
But this cheap investigation just can’t
stifle all my screams
And I’m waitin’ at the crossroads
Waiting for you
Waiting for you
Where are you

No one’s gonna bother me anymore
No one’s gonna mess with my head no more
I can’t understand what all the fightin’s for
But it’s so nice here down off the shore
I wish you could see this
‘Cause there’s nothing to see
It’s peaceful here and it’s fine with me
Not like the world where I used to live
I never really wanted to live

Zap him again
Zap the son of a bitch again

Ya live your life like it’s a coma
So won’t you tell me why we’d wanna
With all the reasons you give it’s
It’s kinda hard to believe
But who am I to tell you that I’ve seen
any reason why you should stay
Maybe we’d be better off without you anyway

You got a one way ticket
On your last chance ride
Gotta one way ticket
To your suicide
Gotta one way ticket
An there’s no way out alive
An all this crass communication
That has left you in the cold
Isn’t much for consolation
When you feel so weak and old
But is home is where the heart is
Then there’s stories to be told
No you don’t need a doctor
No one else can heal your soul

Got your mind in submission
Got your life on the line
But nobody pulled the trigger
They just stepped aside
They be down by the water
While you watch ‘em waving goodbye
They be callin’ in the morning
They be hangin’ on the phone
They be waiting for an answer
When you know nobody’s home
And when the bell’s stopped ringing
It was nobody’s fault but your own
There were always ample warnings
There were always subtle signs
And you would have seen it comin’
But we gave you too much time
And when you said that no one’s listening
Why’d your best friend drop a dime
Sometimes we get so tired of waiting
For a way to spend our time
An “It’s so easy” to be social
“It’s so easy” to be cool
Yeah it’s easy to be hungry
When you ain’t got shit to lose
And I wish that I could help you
With what you hope to find
But I’m still out here waiting
Watching reruns of my life
When you reach the point of breaking
Know it’s gonna take some time
To heal the broken memories
That another man would need
Just to survive

IMPORTANT NOTE: Before reading this post, please realize that I am not putting any political emphasis in the words written; it is an outsider’s view on one of the most important political events in world politics, and the wish for this to have been conducted fair and square.

Curious as I am, and quite faithful in the (american) democratic system, I stayed up as long as I good in order to watch the american presidential election-wake on Swedish TV.

Of course, I always have my doubts when it comes to any election where there are such high stakes involved, and now with the electronic voting system up and running in, for example, Florida I try to keep my eyes even more open and stay even more awake than in usual cases. After reading on several news-sites (IT-related mainly) and watching news coverage about the fuzz concerning the non-existent paper-receipt that every voter could get to take home in order to have a verification of their vote I raised an eyebrow, being surprised if not.

Now here comes the twist that I find very eerie; American voters reported over 1100 cases of malfunctioning machines to the Electronic Frontier Foundation (EFF). In all cases the votes could be corrected, though in some cases several corrections were necessary. Also, the EFF only heard from people who actually discovered the problem, so this can be much more widespread than the 1100 cases now reported.

To continue; The company constructing the (computer) systems handling the votes is called Diebold. Diebold is a large contributor to the Republican party. Jeb Bush is the governor of Florida. The plot thickens…

The Information Technology Association of America (ITAA), which represents the manufacturers of the e-voting machines called the problems negliable in correlation to the approximately 50 million expected to use the e-voting machines to lay down their vote on either candidate, and also claimed that the voter could correct their vote before it was registered, and that this could not be done using the orthodox paper-puncture method. (Comment; Get a new ballot?)

Some related quotes and links can be found below;

Notable Votescam quotes:

“You’ll never prove it, now get out!” — Elton Davis, TV network computer programmer responsible for magically “projecting” 100% accurate vote results.

“This may be the biggest vote fraud scandal ever to rock the nation!” — Mike Wallace of “60 Minutes” upon reviewing the Votescam evidence. However, after meeting with his higher-up’s, Mr. Wallace dropped the issue like a vial of Anthrax.

“When you’re dealing with the networks, gentleman, you’re dealing with a shadow government.” — ABC Supreme Court correspondent, Tim O’Brien, explaining why the station refused to run video taped evidence of vote fraud.

“This nation’s voting system is a total sham, ” says Landes. “In the upcoming election, a couple of corporations (ES&S and Diebold) with strong ties to the Republican Party will count 80% of the vote in virtual secrecy. Democratic candidates should be in federal court now protesting this insanity. It might be too late after the election.”

anybody in ’safe state’ want to WRECK A DIEBOLD e-vote machine and get court case rolling?
http://portland.indymedia.org/en/2004/11/301724.shtml

E-Voting Tests Get Failing Grade & so does its fraudulent ‘creditation’ framework
http://portland.indymedia.org/en/2004/11/301601.shtml

“I am committed to helping Ohio deliver its electoral votes to the president next year.”
Just a reminder from Wally O’Dell, CEO of Diebold Inc
http://portland.indymedia.org/en/2004/11/301750.shtml

why do exit polls fail?
http://portland.indymedia.org/en/2004/11/301759.shtml

50,000+ different calls about vote fraud in one day.
http://portland.indymedia.org/en/2004/11/301773.shtml

Voting Irregularities Nationwide
http://portland.indymedia.org/en/2004/11/301699.shtml

Could Associated Press (AP) Rig a VoteScam? – AP as sole source of raw vote totals for media Nov.2
http://portland.indymedia.org/en/2004/10/300558.shtml

To end this post with a laugh, set your windows media player to: http://www.wc3sear.ch/misc/Voting_Machine.wmv

Which person would you like to vote for as the next president, Bush or Kerry?

Are you sure that you want to vote for Bush as the next president?

Please confirm your vote for Bush.

Thank you for voting!

Google’s haused, in beta, webmail-service “Gmail” is vulnerable to a security exploit that might allow hackers full access to a user’s email account simply by knowing the user name, according to reports.

Israeli news site “Nana” writes that the security flaw allows full access to users’ accounts, with no need of a password.

Using a hex-encoded XSS link (Cross Site Scripting), the victim’s cookie file can be stolen by a hacker, who can later use it to identify himself to Gmail as the original owner of an email account, regardless of whether or not the password is subsequently changed.

Following up a tip from an Israeli hacker, several co-workers from the site confirmed the attack and verified the exploit with local security firm Aladdin Knowledge Systems.

Israeli news site Nana writes;
“Everything could get publicly exposed – your received mails might be readable, as well as all of your sent mail, and furthermore – anyone could send and receive mail under your name”, thus reveals Nir Goldshlagger, an Israeli hacker, on an exclusive interview with Nana NetLife Magazine.”

Nana continues to quote Nir Goldshlagger;
“”Even more alarming”, he explains, “is the fact that the hack itself is quite simple. All that is needed of the malicious hacker, beside knowledge of the specific technique, is quite basic computer knowledge, the victim’s username – and that’s it, he’s inside”.”

…and ends with;
“Matters are several times worse when it comes to a service such as Gmail. Besides the obvious blow to Google’s seemingly spotless image, we’re looking here at a major threat to anyone who has turned to Gmail as his major email box. “Because Gmail offers a gigabyte of storage, several times bigger than most other web based mail services, users hardly delete any old correspondence”, says Goldshlagger. “The result is a huge amount of mail accumulating in the users’ boxes, which frequently include bank notices, passwords, private documents and other files the user wanted to backup. Who ever takes a hold of this data, could literally take over the victim’s life and identity”.”

It’s unclear whether the hole has been maliciously exploited as of yet. Google has been notified of the issue and is reportedly working on a fix.

EDIT: Google now claimed to have fixed the problem.

My comment to all of this is that it is quite surprising that Google did not work harder in anticipating such a hack-method while working on their email-service, yet it is understandable that they didn’t see this one coming, as after all; Gmail is in beta.

After this security flaw has been fixed there are still major personal integrity issues to be dealt with, especially when it comes to PR-work. (applies to everything from their core-business; their search-engine to new additions such as the “Google Desktop Search” where Google still have failed to inform the press, and subsequently the public about which information is passed on to Google from the user’s personal computer system. Failure in doing so will endanger Google’s image as “the good company”.

Over and out…

You know you’re living in 2004 when…

1. You accidentally enter your password on the microwave.
2. You haven’t played solitaire with real cards in years.
3. You have a list of 15 phone numbers to reach your family of 3.
4. You e-mail the person who works at the desk next to you.

5. Your reason for not staying in touch with friends is that they don’t have e-mail addresses.
6. When you go home after a long day at work you still answer the phone in a business manner.
7. When you make phone calls from home, you accidentally dial “9″ to get an outside line.
8. You’ve sat at the same desk for four years and worked for three different companies.

10. You learn about your redundancy on the 11 o’clock news.
11. Your boss doesn’t have the ability to do your job.
12. Contractors outnumber permanent staff and are more likely to get long-service awards.

AND THE REAL CLINCHERS ARE…
13. You read this entire list, and kept nodding and smiling.
14. As you read this list, you think about forwarding it to your “friends.”
15. You got this email from a friend that never talks to you anymore, except to send you jokes from the net.

16 You are too busy to notice there was no number 9
17. You actually scrolled back up to check that there
wasn’t a number 9
18. AND NOW U R LAUGHING at your self.