i thought something smelled phishy (part 2)
6.23.2010

Well, at this rate, these could become a series. I got another phishing-related email today telling me I'd ordered something (actually, I don't think they ever even said what it was). Like last time, the link was not as expected. I used the text-only (no javascript) Elinks browser to download the page linked to by the email. It turned out to be entirely composed of script tags containing obfuscated javascript. Now, the well-known trick with these is to search the long string of obfuscated text for either "eval" or "document.write", and change that to "alert". That way, you can save it in an html file, open it in a browser, and instead of executing the javascript, it displays the code unobfuscated and readable (for those that read javascript) in an alert box. But this one didn't have eval or document.write in it. I scanned through it anyway the old fashioned way for anything I could work with, and on the second time through I caught something. One bit of code looked like this: 'euvLaulm'[VvIf](/[muzLc]/g, EWgUi), and I realized that the string said eval if you skip every second letter. I also noticed that the second set of square brackets contained the off letters that needed to be skipped. I changed this to: 'aulLeurmtc'[VvIf](/[muzLc]/g, EWgUi) and saved it and ran it in a browser. Out popped an alert box with the simple readable code in plaintext. I hope that helps someone out there (not that anyone reads my ramblings). Unfortunately, all it turned out to lead to was a viagra, etc. scam site. I had been hoping to add some new windows malware to my collection. At least beating the obfuscation trick was satisfying mental exercise.

this post has recieved 0 comments

i thought something smelled phishy
6.23.2010

Got a shock this morning when I got a notification in my inbox that my bulk order of 300 domains from GoDaddy was successful. this is an email I would never get, as I have ethics (does anyone but a cybersquatter need 300 domains?), and there isn't enough money in my account to pay for it anyway. I looked through the email and checked the link to 'log in and check the status of the order'. It pointed, not to GoDaddy.com, but rather to an unfamiliar address that a whois query told me was in the Ukraine. I investigated (using elinks or wget in Linux is pretty safe) and found a 404 error served by the lightweight nginx webserver. I cut the filename out of the end of the address and found a legitimate site served through the apache webserver. This sounded familiar, as I remembered this article that I read a few months ago. Since this meant a legitimate server had been compromised, I wrote an email to the hosting provider's support team describing what I had found, and got back a nice thank-you letter.

this post has recieved 0 comments

Valve's vote
6.17.2010

While searching for something else I stumbled upon this article today and found it pretty entertaining. It's a few months old and to sum it up, it's a reaction to the then-news of Valve's announcement that its Steam Client and its flagship games (Half-Life 2, Counter-Strike, etc.) would be ported to the Mac. The article basically made a case that it is time for Valve to make a Linux version of Steam. The comments were the best part, as almost all of them were detractors giving their opinions on why big game companies will never take Linux seriously and it will never have any good games. This was entertaining because I already know Valve's opinion - the day they released the promised Mac version, they officially announced a Linux version was on its way! Maybe this is finally the Year Of The Linux Desktop?

this post has recieved 1 comments

in my blog
6.11.2010

In my blog I feel safe
No one cares about my ways
In my blog where I belong
No one sees me type this song

In... my... blo-o-oggg!

this post has recieved 0 comments

which is strange since i don't 5p33k like one
1.27.2010

I was just thinking that although I don't seem to look like any celebrities at all, people do compare my voice pretty consistently with that of Matthew Broderick. I'm told it's a compliment, but I never was sure. But then I thought about Broderick's early career - the kid uber-hacker in War Games, and Ferris Bueller, who happens to be able to hack his school's computer as well. I'm no cyber criminal, but as a sysadmin I do have an interest in security. I also identify well with the original hacker subculture; the Unix programmers like Eric S. Raymond who were around before the word became associated with crime and vandalism and instead denoted skill and a love of code. I don't know, I guess you could do worse than sounding like Matthew Broderick - sure beats looking like Richard M. Stallman, awesome as he is.

this post has recieved 0 comments

non-geek post for a change
11.5.2009

to break a streak that may have scared away the two or three people who used to read my blog, i've decided to write a post that doesn't mention Linux at all. er - crap! now i have to start over...

this post has recieved 2 comments

Linux and games
9.15.2009

By now everyone knows I'm a Linux user. I didn't actually drop Windows, as there are a lot of good programs that don't have a Linux version yet, so I dual boot. But as I've gotten used to the new way of doing things that Linux offers, I've had less and less reason to reboot into Windows XP at all - almost the only reason I ever have to do so is old Windows games I like, such as DotA (technically, just a custom map for Warcraft 3), Empire Earth, Age of Empires 3, and Morrowind. Even if I get a new computer, I'll probably end up reluctantly getting Windows 7 and putting it on a secondary partition.

But lately, I haven't booted Windows in months. No, I haven't quit my gaming habit. I've found a couple of games so good that I haven't wanted to play any others, and they run natively in Linux.

One is Total Annihilation: Spring, which is a remake of the classic strategy game Total Annihilation with the 3d engine it deserved. Since that means it can build on the foundation of already excellent gameplay, the game is highly polished compared to the majority of free and open source games out there. the Spring Engine actually has become a separate project and is capable of running a bunch of different 'mods', which are the actual games that run in the engine. I almost exclusively play the Balanced Annihilation mod, but there are a variety out there, including a Star Wars themed one, and a Gundam one. What this game needs most is an easier way to acquire and install it in Windows, packaged with at least one mod so you can play out of the box. but since it's open source, you can install it in Fedora and Ubuntu easily - "yum install spring" should do it from a Fedora command line with root privileges. you'd still need to install a mod to play though. anyways, this is one of those games that seems hidden away when everyone should be checking it out.

The other game I've been playing a lot (too much, according to Cathy) is called Heroes of Newerth, and since it's still in closed Beta testing, I can't tell you too much about it. As a Beta tester, I'm actually under an NDA. But I do have a few Beta invites to hand out and the game is incredible. Why, you ask? It's basically DotA, remade as a standalone game with updated graphics and gameplay, with the permission of DotA's creator, IceFrog. The company behind HoN is S2, which also made the Savage games, and always releases their games for Windows, Mac, and Linux at the same time, as all game studios should. Hopefully by the time this game is released I'll have improved a bit, 'cause right now my stats say I have an average of 0.02 kills per death, which isn't that good.

this post has recieved 0 comments