Skip to content

InfoAxe Spam

20 November 2009, 7:03 am

This morning I received three separate “invitations” (each to a different email address) from InfoAxe.com. Here is the text of one message (html formatting and links stripped out, my friend’s name removed):

“Friend’s Name” has added you as a friend

Is “Friend’s Name” your friend?

Click Yes if “Friend’s Name” is your friend, otherwise click No. But you have to click!

Please respond or “Friend’s Name” may think you said no 🙁

Click here to block all emails from Infoaxe Inc., Sunnyvale, CA. 94085. Privacy Policy

There is so much wrong with this email:

  • The link on the “Yes” and the “No” responses to the question ‘Is “Friend’s Name” your friend?’ both go to the same page at InfoAxe.com.
  • The message is not CAN-SPAM compliant, there is not a full mailing address in the message.
  • The link in the footer labelled “Privacy Policy” is actually just a link to the site’s home page.
  • The use of the word “friend” is deceptive. It isn’t a social networking site. This is simply an attempt at using my friend’s name as an endorsement of their service.

I wrote back to my friend:

It looks like you gave InfoAxe permission to email all of your contacts listed in your aol address book. It is really really dangerous to give any third party access to your account. Never give out your account’s password. You never know what some other company is going to do with the info they “borrow” from your account. The privacy policy for Infoaxe is extremely light on details. They don’t address the legal ramifications of giving them access to your entire browsing history for example. Their site is also a bit sketchy in that it looks to not have been updated since at least summer 2008. I’d have to recommend you not use their service. Mike

Looking through the InfoAxe web site, there really isn’t anything there that is encouraging. Their abouttheteam page is a joke. The site is copyright 2008, which is an eternity in web-time. Their job page says you need to be able to start by August 2008. Only five blog posts in a year. Taken as a whole, why would you allow this company’s software to track your web browsing, and to access your address book? Stay away.

Update: 11/20/2009 7:06am: I got a reply from my friend that used the InfoAxe service:

Mike…i didnt fill it out when i reealized what ir was….i cancelled mid way…but it must have spammed everyone….so sorry…

That really says it all. InfoAxe isn’t being very clear and/or up-front with their users about how they are going to treat your address book. Basically, the rule is: you should never give out your password to anyone! Facebook, AOL, Hotmail, Gmail, Twitter, etc… There is never a reason to give your password to any third party site.

Filed under Spam.
1 Comment

Misc Update for 2009-11-12

12 November 2009, 2:00 pm

An in-depth analysis of the choose your own adventure books: http://planetmike.com/x/c4 I loved those stories!

Filed under Miscellaneous.
Comments Off on Misc Update for 2009-11-12

Step on the Tasap Spider

19 October 2009, 3:07 pm

I recommend any non-Chinese web site block the TaspaSider, from http://www.tasap.com. It does not request robots.txt, and requested 387 pages from one of my web sites in 74 seconds. The user agent was “Tasapspider/0.9 (http://www.tasap.com)” and the IP address was 218.28.29.234.

Update 2010-03-05: Also blocked 218.28.29.236.

Filed under Technology, Web-design.
Comments Off on Step on the Tasap Spider

Spam is Out of Control

18 October 2009, 1:04 pm

Thank heavens for blacklists! I recently tweaked my mail server’s setup. The Composite Blocking List and Spamhaus blocked more than 93,000 messages last week; up from over 86,000 messages the week before. And that’s only with a handful of domains receiving mail.

Filed under Spam.
Comments Off on Spam is Out of Control

Disable Email Footer Ads in AOL

7 October 2009, 11:30 am

AOl is now allowing their email users to disable the ads that are attached in the footer of their outgoing email messages. Simply sign into your account. Then click on “settings” and then the “compose” option. Select “message footer” and you’ll see this:

“The message footer appears below each email that you send and allows your contacts to learn about different products and content from AOL and our advertisers. Show the message footer at the bottom of each email you send.”

Simply uncheck the box and save your settings. All of us that receive your email thank you for removing unnecessary advertising from our lives.

Filed under Advertising, Technology.
Comments Off on Disable Email Footer Ads in AOL

ASCII Art Spam

5 October 2009, 3:36 pm

Spammers are getting desperate, they’re using ASCII art again. Here it is:

#####                       
                                                                                                                                                                                                                                                                                                                                                                                      ##   ##                                                                      
##   ##  #######   #######  #####            #######    ###     #######  #######       ######   #######    ###    ##   ##  #####           #######   ##   ##  #######  #######             #######  #######  #######        ######## #######  ######   ###    ########  ##  ##   ##  #######           ##  ##      ##      ##   ##  #######   ######   ######  #######   ######      ##     ##                                 
###  ##  ##        ##       ##  ##           ##   ##   ## ##    ##   ##  ##            ##   ##  ##   ##   ## ##   ###  ##  ##  ##          ##        ##   ##  ##   ##  ##                  ##       ##   ##  ##   ##           ##    ##   ##  ##      ## ##      ##     ##  ###  ##  ##   ##           ##  ##      ##      ###  ##  ##       ##       ##       ##       ##           ##     ##     
#### ##  ##        ##       ##   ##          ##   ##  ##   ##   ##   ##  ##            ##   ##  ##   ##  ##   ##  #### ##  ##   ##         ##        ##   ##  ##   ##  ##                  ##       ##   ##  ##   ##           ##    ##   ##  ##     ##   ##     ##     ##  #### ##  ##                ##  ##      ##      #### ##  ##       ##       ##       ##       ##                 ##   
#######  ######    ######   ##   ##          ######   #######   ######   ######        ######   ######   #######  #######  ##   ##  #####  ##        ##   ##  ######   ######              ######   ##   ##  ######            ##    ######   #####  #######     ##     ##  #######  ##                ##  ##      ##      #######  ######    #####    #####   ######    #####            ##         
## ####  ##        ##       ##   ##          ## ##    ##   ##   ## ##    ##            ##   ##  ## ##    ##   ##  ## ####  ##   ##         ##        ##   ##  ## ##    ##                  ##       ##   ##  ## ##             ##    ## ##    ##     ##   ##     ##     ##  ## ####  ##  ###           ##  ##      ##      ## ####  ##            ##       ##  ##            ##         ##          
##  ###  ##        ##       ##  ##           ##  ##   ##   ##   ##  ##   ##            ##   ##  ##  ##   ##   ##  ##  ###  ##  ##          ##        ##   ##  ##  ##   ##                  ##       ##   ##  ##  ##            ##    ##  ##   ##     ##   ##     ##     ##  ##  ###  ##    #           ##  ##      ##      ##  ###  ##            ##       ##  ##            ##        ##  
##   ##  #######   #######  #####            ##   ##  ##   ##   ##   ##  #######       #####    ##   ##  ##   ##  ##   ##  #####           #######    #####   ##  ###  #######             ##       #######  ##   ##           ##    ##   ##  ###### ##   ##     ##     ##  ##   ##  #######           ##  ######  ######  ##   ##  #######  ######   ######   #######  ######         ##                                                           
                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                       ##                               
                                                                                                                                                                                                                               
                                                                                                                                                                                                               ##           
##       ##  #######          ##   ##    ###    ##   ##  #######           ##   ########        #######  ##   ##      #######   #######  #######  #####          ######  #######   ##  #######  #######        ##                                                                                                    
##   #   ##  ##               ##   ##   ## ##   ##   ##  ##                ##      ##           ##   ##  ###  ##      ##        ##   ##  ##   ##  ##  ##         ##   ## ##   ##   ##  ##       ##             ##                                                                
##  ###  ##  ##               ##   ##  ##   ##  ##   ##  ##                ##      ##           ##   ##  #### ##      ##        ##   ##  ##   ##  ##   ##        ##   ## ##   ##   ##  ##       ##             ##         
## ## ## ##  ######           #######  #######  ##   ##  ######            ##      ##           ##   ##  #######      ##        ##   ##  ##   ##  ##   ##        ######  ######    ##  ##       ######         ##                                                                                     
## ## ## ##  ##               ##   ##  ##   ##  ##   ##  ##                ##      ##           ##   ##  ## ####      ##  ###   ##   ##  ##   ##  ##   ##        ##      ## ##     ##  ##       ##             ##                                                                 
 ###   ###   ##               ##   ##  ##   ##   ## ##   ##                ##      ##           ##   ##  ##  ###      ##    #   ##   ##  ##   ##  ##  ##         ##      ##  ##    ##  ##       ##             ##                                                            
  #     #    #######          ##   ##  ##   ##    ###    #######           ##      ##           #######  ##   ##      #######   #######  #######  #####          ##      ##   ##   ##  #######  #######                                                                                             
                                                                                                                                                                                                               ##
                                                                                                                                                                                                               
                                                                                                                                                                                                               
##       ##   ##       ##   ##       ##                                                                       #######   #######  ##     ##
##       ##   ##       ##   ##       ##                                                                       ##        ##   ##  ###   ###    
##   #   ##   ##   #   ##   ##   #   ##                                                                       ##        ##   ##  ## ### ##
##  ###  ##   ##  ###  ##   ##  ###  ##                                                                       ##        ##   ##  ##  #  ##                           
####   ####   ####   ####   ####   ####                                                                       ##        ##   ##  ##     ##                
###     ###   ###     ###   ###     ###   ##                                                                  ##        ##   ##  ##     ##   
 #       #     #       #     #       #    ##                                                            ##    #######   #######  ##     ##

Translation: Need rare brand-cure for treating illnesses? We have it on good price! www.(a 6 digit number).com

Filed under Spam.
Comments Off on ASCII Art Spam

Two Ideas for Mitigating Future WordPress Vulnerabilities

7 September 2009, 8:31 am

This weekend there has been a plethora of news stories about pre-2.8.4 versions of WordPress being hacked (Lorelle, Matt or the Guardian). The official way to protect yourself is to install an upgraded version of the system.

My first suggestion: The administrators of a WordPress blog should be sent an email once a new release has occurred. Unfortunately, I believe the “update release check” only occurs when someone is looking at the admin pages. Perhaps a hook can be added that once a day if the public site is accessed, the version check will be done. If a new version has been released, an email message is sent to the administrators.

My second suggestion: Have WordPress expire after a fixed amount of time. For example, let’s say one year after a version is released, it will lock itself down. At that point it will not allow new comments, posts or pages. Then six months after that, edits can no longer be made to existing pages or posts. Then 6 months after that, a full two years after a new release has been issued, posts, pages and comments will no longer even appear on the site. They’ll still be in the database, but they won’t be displayed at all.

Radical? Absolutely! But I think this would be a prudent way to minimize future problems, as well as forcing (encouraging) people to keep their WordPress installation up to date.

Filed under WordPress.
Comments Off on Two Ideas for Mitigating Future WordPress Vulnerabilities

Easy Way to Watch Your Web Server Log

31 August 2009, 11:43 pm

Based on an idea from John Graham-Cumming regarding watching his log files with single characters, I have written a brief perl program that prints a single character based on the status code logged to my apache log file. Simply change the file in the second line to the apache access log file you’d like to watch.


#!/usr/bin/perl
$in="/path-to/your/web-server-access.log";
open(INFILE,"tail -f $in |") || die "Failed!\n";

my $old_fh = select(STDOUT);
$| = 1;
select($old_fh);

while(my $line = <INFILE>)
{
$temp = $line;
@fields = split(/ /,$line);
$x = $fields[8];
$s=substr($x,0,1);
if ($x eq "200") { $y=".";} #ok
elsif ($x eq "301") { $y=">";} #redirected
elsif ($x eq "403") { $y="F";} #forbidden
elsif ($x eq "206") { $y="P";} #partial
elsif ($x eq "404") { $y="X";} #not found
elsif ($x eq "304") { $y=".";} #ok - not modified
elsif ($x eq "400") { $y="B";} #bad request
elsif ($x eq "302") { $y=">";} #redirected
elsif ($s eq "1") { $y="1";} #Silent response codes
elsif ($s eq "2") { $y="2";} #Successful codes
elsif ($s eq "3") { $y="3";} #redirection
elsif ($s eq "4") { $y="4";} #request is incomplete
elsif ($s eq "5") { $y="5";} #server errors
else { $y="?".$x;} #anything else - should never happen, prints what was actually in the 8th field of the record.
print $y;
}
close(INFILE);

The output on one of my site’s included:

.............................>....>.....>..>FFFFXXX....................

Each period is a valid request; the > is a redirected request; the X is a 404 (file not found); and the F is a forbidden request. It’s been interesting watching traffic flow by. If you have suggestions for this program, please let me know.

Filed under Technology.
Comments Off on Easy Way to Watch Your Web Server Log

DoFollow Rapist

23 July 2009, 8:35 am

Be on the lookout for a “seo” rapist. This guy (his blog doesn’t deserve a link) is writing a new custom search engine of only blogs that don’t nofollow. His spider hits your site, then within seconds every URL in your sitemap is hit, leading to high bandwidth and server resource usage. I recommend blocking “212.117.163.7” as well as user-agents that include “www.blogfollower.com Dofollow blogs search engine crawler” This bot is very ill-behaved. It doesn’t even pretend to ignore robots.txt, it doesn’t even request the file.

It’s fools like this guy that almost make me want to remove my nofollow plugin. It’s another case of a few bad apples spoiling a good situation for everyone.

Filed under Technology, Web-design.
1 Comment

Making Dokuwiki Easier: Add ?do=edit to URLs

15 July 2009, 12:43 pm

I use Dokuwiki for one of my site’s wiki systems. And I’ve removed many of the admin functions from the templates, since I’m the only one who can edit the site. I created a javascript bookmark that adds the ?do=edit to the url so I can easily make changes to the page.

javascript:location.href=decodeURIComponent(window.location.pathname)+'?do=edit'
Filed under Technology, Web-design.
Comments Off on Making Dokuwiki Easier: Add ?do=edit to URLs
« Older Entries
Newer Entries »