dan's blog

I guess everyone knows that eating carrots helps improve your view.

Well. Just another hoax.

Digg links an article from The Washington Post's blogs explaining that the last MS .NET update, delivered via Windows Update, silently installed a Firefox extension.

I wasn't aware of it but I found it on my work PC too! Uninstallation is pretty complicate (official instructions - KB963707) because the usual Uninstall button is disabled. A patch has been provided to re-enable it, remember that you must install it while the extension is enabled. Pretty funny that this patch is not available in Windows Update, not even between the optional updates.

About three months ago I bookmarked a page on the UNHCR website for later blogging; the time has come.

It's a map file for Google Earth of refugees all over the world, with news, videos and pictures. Definitely worth a look.

In questi giorni si è parlato di raccolta delle impronte digitali; chi pro, chi contro.

Punto Informatico ha linkato un interessante commento di Stefano Rodotà sulla questione. È stato garante della privacy italiano, non è proprio il primo arrivato. L'articolo merita una lettura e credo possa essere interessante anche per i meno tecnici.

Quando fare assistenza tecnica gratuita? Secondo questo divertente post la risposta è semplice: MAI!

Wow! I didn't expect this happening.

When I receive a phishing email I usually don't trash it immediately but (when it's somehow interesting) I open the linked website and fill the from with the required data, just to see how far the scam goes. Today I received a PayPal phish (I already trashed the original email) and ended up clicking the link and inserting the required data with fake informations. It was very well made: reasonable language, perfect graphics, links referring to PayPal original website placed in good places (e.g. the Is this site secure? link). I think it can get a reasonable number of good information.

After playing my game for a while I closed the window and moved on.

Some time later I won an auction on eBay and tried to use PayPal to pay the item. Surprise! My account was limited. What the hell was happened?

Logging in through PayPal's main page lead me to a warning that my account was limited for suspicious activity: Someone tried to access your account without your authorization. What a surprise! It never happened before. I immediately thought about the scam of hours before as that's the only "suspicious activity" I could have ever done. I really don't think that someone really tried to access my account manually. That said, it's now interesting to understandHOW PayPal detected the fraud.

I suspect that the Is this site secure? link may be the culprit. PayPal could have seen that I was coming from a phishing website and consequentially locked my account. What do you think?

At the moment my account is still limited and I had to change my password and security question. I think now they'll review my data and then re-enable it. Will see how long will it take.

Two conclusions from this experience.

• First: if you are a phish-website-maker do not link back to the original sites. You're offering the phished organization a simple method to discover which customers accessed the compromised website.
• Second (and more important): if you like to play with scams be carefull! Use a different browser, a different PC and ensure to protect yourself enough. On my side I think I won't play these games so easily next times, who knows which bugs did the scammers exploited? Maybe they could read my PayPal cookies and really log into my account.

Yesterday I sent a confidential (not that much, really) email to a few contacts and wanted to hide the addressees of the email so I decided to put them all in Bcc: and leave only my personal address in the To: field. I think it's a pretty common way to act.

I don't know why but I also put another self-owned email address into the Bcc: field, a @gmail.com account.

After I sent the email I looked at it with the Gmail's web interface and... Big surprise! Every addressee placed in the Bcc: list was there! I mean... I had address1@example.com, address2@example.org and me@gmail.com into the Bcc: list, To: my@example.net, From: my@example.net and I was seeing all the addresses into the mail received on me@gmail.com! That was not expected and worth a little investigation.

What came up is really interesting. Read RFC 822 (which is STD0011):

4.5.3. BCC / RESENT-BCC This field contains the identity of additional recipients of the message. The contents of this field are not included in copies of the message sent to the primary and secondary reci- pients. Some systems may choose to include the text of the "Bcc" field only in the author(s)'s copy, while others may also include it in the text sent to all those indicated in the "Bcc" list.

I found this damn interesting. It means that while most systems remove the Bcc: lines completely this is not required! The only required thing is to remove it from copies sent to To: and Cc: addresses. That said, the conclusion: Bcc: must not be used to hide the list of addresses.

Also note that proposed standard mentioned in RFC 2822 leaves this behavior unmodified, leaving to the implementation weather to remove the line or not.

But who is responsible for this glitch? It happens only when I send email from my home account to Gmail, not to nor from other accounts.

The culprit is the mutt-exim pair. Mutt doesn't remove the Bcc: line from outgoing mail, as it's not required to do it. Exim behaves the same way. Intermediate servers don't touch the message and it reaches the @gmail.com mailbox with the Bcc: list intact, the same happens with @mailinator.com. Interesting enough other domains put into the Bcc: list don't get this header (tried with @tiscali.it), I'm wondering who removes this header.

There are a lot of links suggesting solutions, e.g. this but you should be warned about two things. First of all that not standard, you're mangling a message without any valid reason. In second place this doesn't resolve all problems.

Mails addressed to multiple addresses into the same domain are delivered with the same connection, just using the RCPT TO: SMTP command multiple times and this could lead to address leakage on particular systems that displays the SMTP session to the end-user. I agree that they shouldn't be that common but the one I used for test beside tiscali.it and gmail.com does this. Try yourself: send an email with random To: address and place into the Bcc: list more than one @mailinator.com addresses, then go and check one of the mailinator mailboxes, open your test message and click on (text view). Voilà! Your SMTP session is there, showing multiple supposed-to-be-hidden addresses.

In the end: don't use Bcc: to send emails without revealing the destination addresses it's not intended to do that.

Don't remember where I got this but it's a funny video. Worth watching if you have a couple of minutes to waste. Enjoy!

Slashdot links an interesting article on BBC NEWS telling how a child looks at the XO-1. Worth a read.

I was talking with gz about ADSL services and I remembered that I'm still surfing the web at 640Kb/s while most of the new contracts offer much more exciting speed. Yesterday evening I looked at Tiscali (my provider) offerings and decided to ask the call center for an upgrade.

At 2256 I called the toll free number, waiting for a voice giving me the proper times to call for assistance... Instead a friendly operator answered the phone. First good point.

I asked for available upgrades and she told me that I can upgrade to a 7Mb/s line without increasing my bill. Nice score. But how much should I pay for this upgrade? Nothing, she answers we have a promotion these days and you won't pay the usual 25€ for the upgrade. Uh? Where is the trick?

But what about connection downtime? Or do I have to change my access code and emails? I ask. Negative reply. No downtime and no necessity to modify my access codes. Well, it seems a clean offer, let's do it.

Let's see how long does it take to perform the upgrade (10-20 days forecast).

Update: Wow! That was pretty fast! Just one weekend and my ADSL has been updated. After the request on 4th December my line is going at 7Mb/s since 10th December. I had some troubles connecting the first day after the upgrade, kicked off by a Authentication failed error but calling Tiscali's assistance (toll free number) and opening a ticket resolved the situation over single night. Pretty reasonable compared to the 20 days forecast.

Another interesting night to look at the sky is coming. Be sure to appoint 13th December on your agenda, on that night (between 13th and 14th December) the Geminids meteor shower is at its maximum! Moreover the moon is almost new (that means "black") and, at least here in Italy, it will set pretty early in the night, about 2220 local time.

Interesting enough the Geminids are a particular phenomena as they're not generated by a comet like most meteor showers but they come from an asteroid. You can read more on the science@NASA website (they have a great newsletter you can join) or on the omni-present Wikipedia.

Circola da un po' di tempo una mail che rimanda a vari discorsi/post di Beppe Grillo in cui si fa riferimento alla contaminazione di alcuni alimenti da parte di nanoparticelle. Paolo Attivissimo ci propone un interessante approfondimento a riguardo, con acclusa un'intervista audio ad uno dei ricercatori citati da Grillo.

Ascolto consigliato a chiunque abbia sentito della questione (via mail o negli spettacoli del comico) e voglia un minimo di verità in più.

I was about to title this post "Even when broke, porn dominates" but then I thought that probably children having access to the OLPC are not the poorest.

It feels strange, however, to see that soon after having the Internet, poor children learned how to search porn.

It's well known that porn gave a big contribute in development of new technologies and their diffusion but that article made me wonder how many occasion those children are loosing looking porn instead trying to learn something useful. Pretty sad.

Reached through slashdot.

Very interesting video explains how camera lenses are made.

Linked by clickblog.it.

On a rest home entrance: Thank you for not discussing the outside world.

The Simpsons, episode #7F11.