ENTRIES TAGGED "spam"

Four short links: 2 June 2014

Four short links: 2 June 2014

Filesharing Box, Realised Dystopias, Spam Ecosystem Research, and Technical Interviews

  1. PirateBox 1.0 — turns a wireless router into a filesharing joy. v1.0 has a responsive ui, among other things for use on tablets and phones.
  2. Dystopia Tracker — keep on top of which scifi dystopic predictions have been realised. I’d like filters for incubators, investors, and BigCos so you can see who is investing in dystopia.
  3. The Harvester, the Botmaster, and the Spammer (PDF) — research paper on the spam supply chain.
  4. Technical Interviewing (Moishe Lettvin) — lessons learned from conducting >250 technical interviews at Google. Why do I care? Chances are, your technical interviews suck so you’re hiring poorly.
Comment

Phishing in Facebook’s Pond

Facebook scraping could lead to machine-generated spam so good that it's indistinguishable from legitimate messages.

A recent blog post inquired about the incidence of Facebook-based spear phishing: the author suddenly started receiving email that appeared to be from friends (though it wasn’t posted from their usual email addresses), making the usual kinds of offers and asking him to click on the usual links. He wondered whether this was a phenomenon and how it happened — how does a phisherman get access to your Facebook friends?

The answers are “yes, it happens” and “I don’t know, but it’s going to get worse.” Seriously, my wife’s name has been used in Facebook phishing. A while ago, several of her Facebook friends said that her email account had been hacked. I was suspicious; she only uses Gmail, and hacking Google isn’t easy, particularly with two-factor authentication. So, I asked her friends to send me the offending messages. It was obvious that they hadn’t come from my wife’s account; they were Yahoo accounts with her name but an unrecognizable email address, exactly what this blogger had seen.

How does this happen? How can a phisher discover your name and your Facebook friends? I don’t know, but Facebook is such a morass of weird and conflicting security settings that it’s impossible to know just how private or how public you are. If you’ve ever friended people you don’t know (a practice that remains entirely too common), and if you’ve ever enabled visibility to friends of friends, you have no idea who has access to your conversations.

Read more…

Comments: 5
Four short links: 6 February 2013

Four short links: 6 February 2013

Cite Spam, Astro Science Labs, Citizen Science, and Accelerating Research

  1. Manipulating Google Scholar Citations and Google Scholar Metrics: simple, easy and tempting (PDF) — scholarly paper on how to citespam your paper up Google Scholar’s results list. Fortunately calling your paper “AAAAAA In-vitro Qualia of …” isn’t one of the winning techniques.
  2. Seamless Astronomybrings together astronomers, computer scientists, information scientists, librarians and visualization experts involved in the development of tools and systems to study and enable the next generation of online astronomical research.
  3. Eye Wirea citizen science game where you map the 3D structure of neurons.
  4. Open Science is a Research Accelerator (Nature Chemistry) — challenge was: get rid of this bad-tasting compound from malaria medicine, without raising cost. Did it with open notebooks and collaboration, including LinkedIn groups. Lots of good reflection on advertising, engaging, and speed.
Comment

Stacks get hacked: The inevitable rise of data warfare

The cycle of good, bad, and stable has happened at every layer of the stack. It will happen with big data, too.

First, technology is good. Then it gets bad. Then it gets stable.

This has been going on for a long time, likely since the invention of fire, knives, or the printed word. But I want to focus specifically on computing technology. The human race is busy colonizing a second online world and sticking prosthetic brains — today, we call them smartphones — in front of our eyes and ears. And stacks of technology on which they rely are vulnerable.

When we first created automatic phone switches, hackers quickly learned how to blow a Cap’n Crunch whistle to get free calls from pay phones. When consumers got modems, attackers soon figured out how to rapidly redial to get more than their fair share of time on a BBS, or to program scripts that could brute-force their way into others’ accounts. Eventually, we got better passwords and we fixed the pay phones and switches.

We moved up the networking stack, above the physical and link layers. We tasted TCP/IP, and found it good. Millions of us installed Trumpet Winsock on consumer machines. We were idealists rushing onto the wild open web and proclaiming it a new utopia. Then, because of the way the TCP handshake worked, hackers figured out how to DDOS people with things like SYN attacks. Escalation, and router hardening, ensued.

We built HTTP, and SQL, and more. At first, they were open, innocent, and helped us make huge advances in programming. Then attackers found ways to exploit their weaknesses with cross-site scripting and buffer overruns. They hacked armies of machines to do their bidding, flooding target networks and taking sites offline. Technologies like MP3s gave us an explosion in music, new business models, and abundant crowd-sourced audiobooks — even as they leveled a music industry with fresh forms of piracy for which we hadn’t even invented laws. Read more…

Comments: 3
Four short links: 10 May 2012

Four short links: 10 May 2012

Illuminated Mario, Touchstone Facts, Calculating Spamicity, and Abstract Quantified Self

  1. Gravity in the Margins (Got Medieval) — illuminating illuminated manuscripts with Mario. (via BoingBoing)
  2. Hours Days, Who’s Counting? (Jon Udell) — What prompted me to check? My friend Mike Caulfield, who’s been teaching and writing about quantitative literacy, says it’s because in this case I did have some touchstone facts parked in my head, including the number 10 million (roughly) for barrels of oil imported daily to the US. The reason I’ve been working through a bunch of WolframAlpha exercises lately is that I know I don’t have those touchstones in other areas, and want to develop them. The idea of “touchstone facts” resonates with me.
  3. Spotting Fake Reviewer Groups in Consumer Reviews (PDF) — gotta love any paper that says We calculated the “spamicity” (degree of spam) of each group by assigning 1 point for each spam judgment, 0.5 point for each borderline judgment and 0 point for each non-spam judgment a group received and took the average of all 8 labelers. (via Google Research Blog)
  4. Visualizing Physical Activity Using Abstract Ambient Art (Quantified Self) — kinda like the iTunes visualizer but for your Fitbit Tracker.
Comment
Four short links: 30 September 2011

Four short links: 30 September 2011

Fingerprinting Cameras, Stopping Spambots, Generic Infographics, and Open Source Healthcare Records

  1. Fingerprinting Cameras Through Sensor Noise — using the pattern of noise consistent between images taken from the same camera to uniquely identify the device. (via Pete Warden)
  2. Stopping Bots with Hashes and Honeypots (Ned Batchelder) — solid techniques for preventing spambots. (via Andy Baio)
  3. Most Popular Infographics Generalized (Flowing Data) — it’s only funny because it’s true.
  4. London Hospital to Deploy Open Source Record System — hot on the heels of the NHS canning a failed expensive development of electronic health records. (via Glyn Moody)
Comment
Four short links: 21 June 2011

Four short links: 21 June 2011

Terminal Tool, Gamifying Education, Exponential Shortcut, and Kindle Spam

  1. tmux — GNU Screen-alike, with vertical splits and other goodies. (via Hacker News)
  2. Gamifying Education (Escapist) — a more thoughtful and reasoned approach than crude badgification, but I’d still feel happier meddling with kids’ minds if there was research to show efficacy and distribution of results. (via Ed Yong)
  3. Rule of 72 (Terry Jones) — common piece of financial mental math, but useful outside finance when you’re calculating any kind of exponential growth (e.g., bad algorithms). (via Tim O’Reilly)
  4. Spam Hits the Kindle Bookstore (Reuters) — create a system of incentives and it will be gamed, whether it’s tax law, search engines, or ebook stores. Aspiring spammers can even buy a DVD box set called Autopilot Kindle Cash that claims to teach people how to publish 10 to 20 new Kindle books a day without writing a word. (via Clive Thompson)
Comment: 1
Facebook comments: Fewer and better, or just fewer?

Facebook comments: Fewer and better, or just fewer?

Alistair Croll and Sean Power examine the impact of Facebook's embedded comments tool.

Facebook's new embedded comments option offers websites an additional social layer, but does it attract or drive away content engagement?

Comments: 4
Four short links: 10 March 2011

Four short links: 10 March 2011

MTurk Spam, Javascript Secrets, Better Comments, and Full RSS

  1. Everybody is Spamming Everybody Else on MTurk — one researcher found >40% of HITs are spammy, but this author posted a Mechanical Turk HIT to supply recommendations for visitors to a non-existent French city and got responses from people expecting that every response would be paid regardless of quality.
  2. Javascript Garden a growing collection of documentation about the most quirky parts of the JavaScript programming language. It gives advice to avoid common mistakes, subtle bugs, as well as performance issues and bad practices that non-expert JavaScript programmers may encounter on their endeavours into the depths of the language.
  3. A 5 Minute Framework for Fostering Better Conversations in Comments Sections (Poytner) — Whether online or offline, people act out the most when they don’t see anyone in charge. Next time you see dreck being slung in the bowels of a news story comment thread, see if you can detect whether anyone from the news organization is jumping in and setting the tone. As West put it, news organizations typically create a disconnect between the people who provide content and the people who discuss that content. This inhibits quality conversation.
  4. Full Text RSS Feed — builds full-text feeds for sites that only offer extracts in their RSS feeds. (via Jason Ryan)
Comments Off
Four short links: 15 February 2011

Four short links: 15 February 2011

New Copyright Laws Proposed, GMail APIs, Internet Book Roundup, and Chrome Farm

  1. White House Will Propose New Digital Copyright Laws (CNet) — If the Internet were truly empowering citizenry and bringing us this new dawn of digital democracy, the people who run it would be able to stop the oppressive grind of the pro-copyright machinery. There’s no detail about what the proposed law would include, except that it will be based on a white paper of “legislative proposals to improve intellectual property enforcement,” and it’s expected to encompass online piracy. I predict a jump in the online trading of those “You can keep the change” posters that were formerly the exclusive domain of the Tea Party, and the eventual passage of bad law. As the article says, digital copyright tends not to be a particularly partisan topic..
  2. Introducing GmailrAn unofficial Javascript API for Gmail [...] there are many companies [...] building out complex APIs with similar functionality, that can all break independently if Gmail decides to significantly change their app structure (which they inevitably will). What we really need is for many people to come together and build out a robust and easy-to-use javascript API for Gmail that is shared across many extensions and applications. This is my hope for Gmailr. This is how Google Maps API began: reverse engineering and open source.
  3. The Information: How the Internet Gets Inside Us (New Yorker) — thoughtful roundup of books and their positions on whether the Internet’s fruits are good for us. He divides them into never better, better never (as in “we’d be better off if it had never been invented”), and ever-was (as in, “we have always been changed by our technology, so big deal”). (via Bernard Hickey on Twitter)
  4. New Chrome Extension Blocks Sites from Search Results — Google testing whether users successfully identify and report content farms.
Comments Off