Archive for the ‘Featured’ Category

Posted on November 17, 2008 - by snipe

Gift Guide for Geeks

With the holidays just around the bend (ack! HOW does that keep happening every year?), your non-geeky friends, relatives, significant others and other loved ones are going to end up in the frustrating position of trying to decide what to give you for Christmas/Hannukah/Kwanzaa/Solstice/Festivus. You are a geek, they are not. This causes them much anxiety, and too often leaves you with crappy presents. So do yourself - and them - a favor - and point them over to this post on TehAwesome.Net, which contains a fantastic list of excellent gift ideas for the geeks in their life (namely, you.)

Posted on November 7, 2008 - by snipe

Facebook and MySpace Users, Beware!

I have received two virus emails from two unrelated friends, indicating their accounts have been compromised. The messages are being sent through Facebook and both have had a spammy sounding subject line and a link to a geocities website. This was suspicious enough, but the fact that one message came from a friend I haven’t spoken to much in a year made it even more so.

The first virus email subject was “RE: You were caught on our secret camera!” and the second was “RE: You have a great hair cut in this movie” . The geocities addresses they pointed to were for user’s reedgates21 and richiemack11.  I’ve googled both addresses and gotten no results, so my guess is that they are randomly generating geocities accounts and generating these emails. A co-worker just one too - variation on a theme. Subject is “Don’t cry! Your mom will never see this movie”, also pointing to geocities, user name rkssbcyzk.

The links in the Facebook messages point to websites that contain viruses. Do NOT click on them.

Below are some examples of what they look like. (These are just images, so you can click on them for larger versions to see how the messages come into your inbox.)

If you’re using Firefox, your browser should warn you that you’re about to try to access a page that has been linked to virus/malware when you click on the Facebook messages in question, but if you’re using an older version of IE (shame on you!), you may not get any warning at all.

When You Receive a Virus Email

1. DO NOT CLICK ON THE LINK
2. Send an e-mail (or call) the sender, letting them know they are likely infected with a virus
3. Suggest to the friend that they change their password from another, uninfected computer, and follow the steps further down in this article to remove the virus. (The method they use will depend on which virus they’ve been infected with.)
4. Once the virus is cleared from the sender’s system, suggest they install a free anti-keylogger program and switching to Firefox just to be safe

Ultimately, its like anything else - common sense will go a long way. If the email seems odd (for example, the fact that the subjects sometimes start with “RE:”, as if they were replies to a message you sent, but you never sent a message with that subject), the phrasing seems off or not something your friend would actually say, something is probably awry. If you’re unsure, contact the friend directly and ask if they sent it to you.

This has been happening a lot lately, and the scenario Tech Crunch describes in this article sounds a lot like what’s happening here.

Keep in mind… Facebook applications do NOT have access to your password, so unless you installed an application that “required you” to download an executable application (any kind of .exe, .msi, etc), your Facebook applications should NOT be the cause. (Being an application developer, I can say that I couldn’t steal someone’s password even if I wanted to, using their API. HOWEVER there have been several reports of phony applications and groups that require some sort of download in order to get the full experience (Secret Crush was one of them).

NO application or group should EVER require you to download and install anything. If they do, report them to the social network immediately.

Also keep in mind that these viruses are not limited to Facebook users. I’m more familiar with the Facebook scenario because I avoid MySpace like the plague, but every time I login there are spammy and/or virus-y emails awaiting me. This isn’t as much a flaw in the Facebook platform as a result of social networks still being young and going through some growing pains. MySpace has just as much of a problem with these issues, if not moreso, since they have been historically less concerned about user experience and safety.

Another Variation - Fake YouTube Links

Another variation of the viruses being sent around Facebook is a similar message to users suggesting they are appearing in a YouTube video and providing the supposed link to view it. Instead of actually seeing a video, the virus advises viewers they need to download an updated version of Flash, which if followed may install a virus into the user’s computer. More info on that version, including sample messages and screenshots, is available here.

Why Its Working

If you find yourself infected, don’t be too hard on yourself. People have become so used to receiving emails from Facebook asking them to confirm this or that that it could be argued that people are more prone to click on a link that looks like it came from Facebook without being as diligent as we would be if we weren’t used to preforming this same action 10 times a day for legitimate Facebook actions. For example, most users of Facebook are familiar with the “Joe has added you as a friend on Facebook…” stock email.

Some users are conditioned to follow this process whenever they receive an email of this sort. Some people can receive this email several times every day and perform this login procedure so often it becomes automatic. This simple, clean design is very easy for a phisher to mimic. Since users are conditioned to follow this process blindly, they might not notice that the email is spoofed or that the address bar is slightly incorrect. This makes Facebook users ideal targets for the type of generic phishing attacks that are usually directed at financial institutions.

If You Clicked on the Link And Your Computer is Infected

I spent some time trolling Facebook’s forums to see if anyone had any specific direction on how to remove this virus from an infected machine. I found a few possible solutions, although since the people posting didn’t know or didn’t mention the name of the specific virus they were infected with, it may take some trial and error to find the solution that works best for you.

If your virus detection software determines that you’re infected with Bolivar23.exe, you can click here for directions on how to remove it.

In early August, there was a different one going around, called Koobface. Kaspersky’s website writes:

One confirmed method of removing this virus is by downloading MalwareBytes - for some at the time, it seemed to be the only out of the box software that was able to remove it.

Still another that was around this time, Troj/Dloadr-BPL Trojan horse, was reported on by Sophos:

Messages left on Facebook users’ walls are urging members to view a video (which pretends to be hosted on a Google website), but clicking on the link and visiting the webpage takes users to a site which urges them to download an executable to watch the movie.

Sophos detects the executable file as the Troj/Dloadr-BPL Trojan horse, which in turn downloads further malicious code (detected as Troj/Agent-HJX), and displays an innocent image of a court jester sticking his tongue out. [more]

In Conclusion

This isn’t the first wave of social network viruses, nor will it be the last. There isn’t one social network that is more prone to them than others. As we allow social networks to become a bigger part of how we communicate, we must simply remain cautious and avoid the temptation to become complacent. Pay attention to the links you click on that are sent through Facebook, the same way you pay attention to suspicious e-mails that come in through normal e-mail.

Posted on November 6, 2008 - by snipe

Photo Retouching - How to Salvage a Dark Digital Photo

I prefer not to shoot with flash when I can help it - I don’t like the way it washes colors out. Unfortunately, sometimes if you don’t leave the exposure open long enough, or don’t have time to adjust your exposure in the first place (candid shots are my favorite but can be a bitch if you only have a second to capture the moment), you end up with under-exposed photos that may be too dark to use. Dark photos are particularly challenging to retouch, because as you make the image lighter, it can end up looking very grainy. This tutorial will show you a few ways to salvage a dark photo and minimize some of the graininess.

(more…)

Posted on October 6, 2008 - by snipe

Is IMAP/POP3 Gmail or Gtalk periodically rejecting your password?

I have run into this many times: my Gtalk password is stored in my email program (Thunderbird as an IMAP account) and my Gtalk password is stored in Adium, and every now and then, when I start my computer, Google tells me my password is wrong.

(more…)

Posted on September 27, 2008 - by snipe

Planning Your Facebook Application

This is part one of a series - the technical how-to of creating the application will be discussed in a separate article. This article is intended to help you plan out your application to best prepare for coding and best leverage the new aspects of Facebook for exposure and social interaction.

(more…)

Posted on September 13, 2008 - by snipe

Web 2.0 in Six Easy Steps

This post, written by web designer James Paden of Xemion.Com, takes a snarky look at Web 2.0 and the cookie-cutter websites that seem to be popping up everywhere. Make with the clicky here.

Incidentally, this is a great web development blog, by the way, especially for freelance developers interested in taking a closer look at conversion rates and learning how to put together a powerful resume. Lots of great articles.

Posted on September 9, 2008 - by snipe

Introducing TehAwesome.Net

While Snipe.Net covers lots of tech topics and reviews, I’ve wanted to create a site specifically for *everything* I think is awesome (without the techie restrictions) for quite some time now. Well, I finally did it - and it’s called TehAwesome.Net.

Its still appears to be rather design/tech related right now, but that will change. Its just that the tech links are the ones I have the most of and where I chose to start - but expect lots of other great stuff to come soon.

Posted on August 28, 2008 - by snipe

Using Twitter for Business?

Two interesting articles have come out recently, discussing tips and techniques for people interested in using Twitter as a business or marketing tool.

As I work for an advertising agency that specializes in leveraging new technologies (such as Facebook applications) to market towards a younger, more tech-savvy audience, this is something I was particularly interested in.

In his article 50 Ideas on Using Twitter for Business,  blogger and 10-year veteran of the ‘Net industry Chris Brogan writes:

We really can’t deny the fact that businesses are testing out Twitter as part of their steps into the social media landscape. You can say it’s a stupid application, that no business gets done there, but there are too many of us (including me) that can disagree and point out business value. I’m not going to address the naysayers much with this. Instead, I’m going to offer 50 thoughts for people looking to use Twitter for business. And by “business,” I mean anything from a solo act to a huge enterprise customer.

In his article, Brogan runs you through first steps, ideas on what to tweet about, potential pitfalls and criticisms you may encounter, and some possible positives you can throw back at the naysayers.

In a WebProNews article from today titled The Poetics of Professional Tweeting, blogger Jason Lee Miller takes a step back and looks at Twittering for business in a more abstract sense, discussing what’s working and what’s not.  He writes:

Over at Wired.com’s “Listening Post” blog, Scott Thill bemoans the lack of “penetrating insights” from the band REM’s Twitter feed before noting the un-Snoopness of Snoop Dog’s. Some PR poser, someone completely out of touch of with the bow-wow-wow-yippie-yo-yippie-yay-ishness of Snoop spends 140 characters telling followers to pick up a copy of the new album at their local Wal-Mart.

Not very Snoopish, at all.

While Twitter wasn’t created with the intention of becoming a business tool (to my knowledge, anyway), it was only a matter of time before marketers would start looking for a way to leverage it to reach out to customers (and potential customers).  While Brogan offers specific suggestions on what to tweet about, Miller cautions potential business-tweeters about remaining true - sound advice for marketers in ANY medium.

Another interesting article comes from Mack Collier of Search Engine Guide, which brings up an interesting point of what happens when companies try to use Twitter (or other social networking tools) on their own terms, instead of as the rest of us use them. His example, titled Worst Example of a Company Twittering?, shows an interesting scenario involving DirectTV.

I don’t know what the future holds for businesses and Twitter, but I do know that people can tell when they’re being played, and when your attempts to seem hip and young and cool come across as phony and contrived. Like every other aspect of successful marketing, the message you’re sending and the venue by which you do it should feel authentic or it just won’t fly.

Posted on August 13, 2008 - by snipe

Managing registration spam in vbulletin

As the administrator of several forums, I don’t even have words to describe how frustrating forum spam has become. On my photo gallery software site, I had to take down the phpbb forums because the signal-to-noise ratio was just out of control. I had been using phpbb for most of the forums I set up for a while, however one of them had become a constant target for hackers and phpBB always seemed to have vulnerabilities. I decided it was worth my sanity to shell out the cash for vbulletin, and overall I’ve been very happy with that decision.

Of course, I had the same issues with spam as I did with phpbb. On one forum that had been around for many years, I was receiving upwards of 60-100 spam registrations a day. I had changed our forum settings to require my approval before anyone could post, which was great at sparing our users from spam posts about viagra, but was doing nothing to help my sanity. Out of those 60 new registrations, *maybe* one was valid. It got to the point where the sheer volume was overwhelming, so the accounts pending approval started to pile up. Unless the new forum member emailed me directly, they simply never got approved. Not a good way to run a forum, for me or for our users. I was feeling frustrating and cranky, and the users were being neglected and denied the ability to participate. Fail².

When I logged into my vbulletin admin two days ago and saw that there were over 1,000 accounts awaiting my approval (and by way of a quick glance through the list realized that 95% of them were spam), I decided I needed to revisit some anti-spam tactics for vbulletin. I was already using vbulletin’s built-in captcha, and had added the NoSpam! plugin a year or two ago - I’ll go into it more in a moment. NoSpam! definitely helped, but as I was in a rush when I installed it, I didn’t force myself to sit down and come up with a range of good questions.

My goal was to find a solution (or several solutions) for registration spamming, not post-spamming - since logic would dictate that if the users who are able to successfully register are not spammers, you don’t have to worry about post-spam.

My first thought was to see if there was an Askimet system for vbulletin. Askimet does such an outstanding job at keeping Wordpress blog comments spam-free that I thought it would be the perfect place to start. A quick Google search turned up less than stellar news. The reviews on Askimet’s vbulletin port were not great, citing many instances of false-positives, which would ultimately end up creating even more work for me in the long-run, since I’d be fielding user complaints of poists not showing up, etc. The more I thought about it, Askimet wasn’t really the right answer anyway, since it screens only posts, not registrations.

More Googling turned up an excellent blog post by Cormac Moylan, appropriately titled Fighting Spam in Vbulletin, where he goes into detail on several of the available options for fighting spam in vbulletin. The article was from 2006, but there were some products listed that I wasn’t aware, so it was very helpful. He, too, agrees that the Askimet port to vbulletin is not as awesome as its Wordpress flagship. In a similar fashion to his post, I’m going to go through the available products and my own conclusions below.

NoSpam!

This plugin allows you to add an additional barrier to the registration process, where the user sees one of a randomized list of questions YOU define, and they have to type the correct answer into a text box. Spambots have been improving their OCR capabilities over the past several years, so an image captcha alone just doesn’t cut it anymore.

With NoSpam!, you create the questions - and the answers - so you’re able to really control the level of screening you want to implement. A simple math question (2 + 2 = __, with possible answers of “four” or “4″, for example) will be harder for a bot to grok than a basic image captcha. NoSpam! did help, and I recommend it. The fact that it was less effective as time wore on is very likely my own fault, since I stuck with basic math problems. I would expect that if spambots can easily detect and fool image captchas, they are probably capable of detecting basic math prompts these days. I’ve since changed the questions to ones that require an actual human to solve, but still easy enough for new users to get through. For example, for the Wench forums, one of my NoSpam! questions is “Fill in the blank - International _______ Guild.” Still not rocket science, but since the questions are more topical to the forum content itself, its doing a better job.
[download]

Enhanced Captcha Image Verification

I’ve only recently installed this one, but it looks like a great tactic to get around spambots - the demo speaks for itself. Its quite brilliant in its simplicity - four boxes with random images, and text that asks you to select a specific image from the group. Certainly easy enough for a real person to complete, but it will be more of a challenge for bots to figure it out. The install in vbulletin was very easy - upload the images, and then install the product by uploading the xml. Couldn’t ask for a simpler plugin.
[download]

Check Proxy RBL on New User Registration

If a bot gets past the first barriers - the standard image captcha, the enhanced image captcha, and the NoSpam! questions, there is one more line of defense - running the IP address of the registration user through the RBL, or Real-time Black List, databases, to see if it matches any of the known spammer IP addresses. If it finds a match, it deletes the signup and can either alert you by private message or by automatically starting a thread in a designated forum category of your choice.

I have just installed this one, so I’m not able to give you a success rate, however Cormac reported an 80% success rate with no mention of false positives. (Update: see my own updated numbers at the bottom of this post.)

This plugin comes with a small handful of RBL server addresses to check against, but this post on the Anti-Abuse Project site offers quite a few more, including:

bl.spamcop.net
cbl.abuseat.org
dnsbl.sorbs.net
socks.dnsbl.sorbs.net
dul.dnsbl.sorbs.net
http.dnsbl.sorbs.net
smtp.dnsbl.sorbs.net
misc.dnsbl.sorbs.net
dnsbl.njabl.org
combined.njabl.org
zen.spamhaus.org
rbl.spamlab.com
accredit.habeas.com
list.dsbl.org
multihop.dsbl.org
unconfirmed.dsbl.org
dnsbl.ahbl.org
dnsbl.burnt-tech.com
bl.deadbeef.com
dnsbl.delink.net
access.redhawk.org
no-more-funn.moensted.dk
spam.tqmcube.com
ko.tqmcube.com
prc.tqmcube.com
dnsbl.tqmcube.com
ubl.unsubscore.com
psbl.surriel.com
blacklist.spambag.org
combined.rbl.msrbl.net
dnsbl-1.uceprotect.net
dnsbl-2.uceprotect.net
dnsbl-3.uceprotect.net
cblless.anti-spam.org.cn
bl.spamcannibal.org
cbl.ni.bg

[download]

Banning E-mail Addresses and IP Addresses

Although this one seems like a no-brainer to me, I should definitely mention it. Vbulletin comes with the capabilities of banning whole or partial email addresses and IP ranges. I have been cultivating my domain ban list for several years, and you’re welcome to snag it and use it for yourself. (My list is fairly aggressive, so it might not be appropriate for everyone - for example, I don’t allow .ru domains at all, since I know none of our members would have a .ru address. You can gank my list here.

Apache’s mod_security

Another option to prevent post spam is to install Apache’s mod_security. Mod_security is an Apache module that provides intrusion detection and prevention for web applications. It aims at shielding web applications from known and unknown attacks, such as SQL injection attacks, cross-site scripting, path traversal attacks, etc - and has the added benefit of blocking spam posting as well.

Mod_security is basically a series of rules and regexes that Apache runs POST and GET data through. If it finds a match to potentially harmful or spammy information sent to the server via a POST or GET method, it will prevent the form submission from going through, throwing a 500 Internal Server Error message and logging the incident to a file.

Although I am a big fan of mod_security, its not going to be for everyone. If your forums are very active, it can really spike your server’s CPU load. Out of the box, its incredibly restrictive (which is good!), and blocks a lot of false-positives. It takes a while to comb through the incident log and refine the rules so that there is a balance between security and legitimate user-submitted content. This is definitely not for the novice, or for someone who needs a quick fix, but it should be considered as an option. You can find the download here and a tutorial on setting it up here.

Still not perfect

So as we’ve seen, there are some steps you can take in vbulletin that will make a significant difference in the amount of registration-spam you experience. These plugins and techniques are geared at intercepting and blocking spambots, specifically - however it should also be noted that sometimes the spammers actually *are* real people - and unless you’re willing to manually screen and approve every forum registration, there isn’t much you can do about those. Anything you could implement that could confuse them or prevent them from registering are the same things that will prevent your legitimate users from registering.

*** Sept 8, 2008 Update ***

I’ve now been running this plugin for about two weeks, and the RBL New User Registration check has prevented over 200 spam registrations. Registrations that would otherwise have made it through all of the aforementioned checks, since the RBL plugin collects the username, which means the registrant had to have gotten to and completed the registration form.

Over 200 spam registrations blocked, and approximately 10-15 total false positives (which could probably be remedied by removing a few of the more aggressive RBL servers from my list.) I can firmly state that the 10-15 false positives, compared to the 60 spam registrations a day I was getting, falls into the win column. Whitelisting an IP takes just a few seconds, so its not a big deal.

The ultimate outcome - these plugins combined have, for now, allowed me to turn off manual registration approval completely - with ZERO spammers making it through the blockades. My users are happier, and I’m happier.

Posted on August 11, 2008 - by snipe

Turn any photo into a vintage photo

With the Bakamatsu Koshashin Generator, you can turn any photograph from new to old in seconds. This vintage-style effect is quite convincing - check out our example below, and there are more samples on the website.

While its certainly possible to do this on your own in Photoshop, this online conversion does such a nice job, I can’t imagine doing it manually. There’s nothing to download, and the conversion is free, so check it out!

Bakamatsu Koshashin Generator via [Lifehacker]