Back to previous post: A bit of Borges

Go to Making Light's front page.

Forward to next post: Deliberation

Subscribe (via RSS) to this post's comment thread. (What does this mean? Here's a quick introduction.)

June 12, 2002

Do they think I’m crazy?
Posted by Teresa at 08:35 AM *

I got an interesting piece of spam this morning, for certain values of “interesting”:

X-From_: freebiecash@ofr.mb00.net Wed Jun 12 01:27:25 2002
From: Content Watch
To: tnh@panix.com
X-Info: Message sent by Mindshare Design customer with ID “freebiecash”
X-Info: Report abuse to list owner at freebiecash@complaints.mb00.net
X-PMG-Userid: freebiecash
X-PMG-Msgid: 1023854889.19185
X-PMG-Recipient: tnh@panix.com
Subject: Advisory: Hidden file danger
Date: Wed, 12 Jun 2002 01:00:02 EDT

Did you know that your computer AUTOMATICALLY SAVES every PICTURE from every WEBSITE you visit? This function helps your PC access your favorite websites more quickly, but it also allows EXPLICIT adult pictures to be saved to your computer if adult websites have been accidentally or intentionally visited!

FREE, confidential online PC check! Safely detect offensive files in just minutes!

http://www.play4keeps.com/rd.cgi?0612contentwatch

(Note: Scan will not display images—only file names that may indicate the presence of offensive material.)

<<<>>> <<<>>> <<<>>> <<<>>> <<<>>> <<<>>> <<<>>> <<<>>>
* To remove yourself from this mailing list, point your browser to:
http://i.mb00.net/remove?freebiecash:14
* Enter your email address (tnh@panix.com) in the field
provided and click “Unsubscribe”. The mailing list ID is “freebiecash:14”.

OR…

* Reply to this message with the word “remove” in the subject line.

This message was sent to address tnh@panix.com
X-PMG-Recipient: tnh@panix.com
<<<>>> <<<>>> <<<>>> <<<>>> <<<>>> <<<>>> <<<>>> <<<>>>

Let me get this straight: These people, who hang out at places like “freebiecash” and “play4keeps”, and who write and format letters that look exactly like every other would-be scammer on the net, want me to make my files accessible to them so they can check my computer for residual naughty pictures left over from web browsing? No, I don’t think so. I think I’d sooner send money to Miriam Abacha.

Have you seen the ContentWatch website, by the way? It’s a lure for the computer-illiterate and naive, full of testimonial quotes from people like “father, Ireland”, “Sandra, mother of 2”, and “Jane G., OR”. For only twenty bucks they’ll sell you a piece of software that identifies objectionable files that are safe to remove, minimizes the risk of inadvertently accessing objectionable material, and frees up disk space while doing so!

(Dear not-yet-computer-savvy friends: If you want to get rid of residual website caches and free up disk space, just look through your browser’s menus and help files. There will be functions that automatically clear out your cache and get rid of your history of pages visited. Clearing the cache is the most useful one. Thank you.)

What I also found striking about this morning’s proposal is that it can’t work as described. I don’t know about Netscape, but Internet Explorer saves pictures, not under the original names they had on the website, but under random unique strings of gibberish. So whatever else these guys are doing, they’re not scanning for those saved pictures. All they can do is scan for naughty words on the websites on which those pictures originally appeared.

Now that everyone else has one blogged a similar letter from these same guys back in March. This guy actually let them check him for naughty words. They found 226 instances. Some of the words they found: screw, gambling, lovers, tobacco, breast, sex, stud, murder, lottery, rifle, blood, booty, lust. Another user tried it, and found that ContentWatch flagged “Paradise Lost.txt” because it contained repeated mentions of Satan, a file containing the name “Beaver Country Day School”, some testing software called “Browser Torture Test”, and a file containing the phrase “I’m a Google lover”.

And now, if some nervous parent lets ContentWatch check out the computer you’re using to read this, the test will come up positive. Which is laughable; but I wonder how many innocent kids have suffered because their computer-illiterate parents believed this crap?

Comments on Do they think I'm crazy?:
#1 ::: Todd Larason ::: (view all by) ::: June 12, 2002, 12:01 PM:

Netscape's cached files also get saved with names that are 'unique strings of gibberish' (although they're not random, and I doubt IE's are either -- they're functions of the original URL allowing quick lookup).

There *is* by necessity an index (cache/index.db for Netscape 4.7/unix, for example) and it's dimly possible they're able to read the index formats for various major browsers and are using that -- but that's surely not the right way to bet.

#2 ::: Scott Janssens ::: (view all by) ::: June 12, 2002, 12:43 PM:

My favorite protection software was a browser (or plugin, don't recall exactly) that attempted to block potential images containing nudity by trying to determine the amount of flesh tones in the image.

#3 ::: Teresa Nielsen Hayden ::: (view all by) ::: June 12, 2002, 01:04 PM:

And then there's what Brits refer to as "the Scunthorpe problem," after the incident where a filter blocked all references to that town, on account of the supposed obscenity buried in its name.

If filtering software were perfectly executed, you know what we'd be left with? Pornography posted by people who can't spell.

#4 ::: Bob Webber ::: (view all by) ::: June 12, 2002, 01:35 PM:

I think I can top your spam: here's one I got that suggests people should sell their old backup tapes, including used tapes, to somebody who sent them clear and present spam (note reference to the "new e-mail bill" at the bottom, the hallmark of spam).

I don't even have to pay shipping charges? These strangers are great! I'm going to take that big pile of old tapes that stupid system administrator insisted we keep and turn them into money! The doctor will be really happy that I turned that junk into cash!

New Lamps for Old, anyone?

============

Date: Fri, 7 Jun 2002 14:16:53 -0700
From: MagTapes Buyer
To: webber@panix.com
Subject: We BUY Your NEW & USED Magnetic Media or Backup Data Cartridges


Thank you in advance for taking the time to review this email.

I am not selling anything. Allow our liquidation service to convert your
problem inventory into quick cash. Please contact me right away if you
have any of these and/or other data media available. We are a leader in
the industry for liquidation and recycling of these materials. Our
network of outlets for your EXCESS, OVERSTOCKED, or SURPLUS consumables
allows us to provide the maximum amount of residual value for your
inventory - NEW and USED.

[list of tapes elided]

Your "junk" could turn into cash - We pay for all shipping expenses. Just
email your list of supplies to me or any questions you may have, and
you'll be contacted right away with a bid. I can email or fax you a copy
of our purchasing process to ensure your transaction is handled
efficiently and professionally - and that your payment will be prompt and
accurate!

Thank you again and I look forward to doing business with you in the
future.

Norm Hutton

SD Pacific
sdpnorm@yahoo.com
http://www.sd-ads.com/smm/

This message is sent in compliance with the new e-mail bill: SECTION 301,
Paragraph (a)(2)(C) of s.1618. And also in compliance with the proposed
Federal legislation for commercial e-mail (H.R.4176 - SECTION
101Paragraph (e)(1)(A)) AND S. 1618 TITLE III SEC. 301. To be removed
from our mailing list, simply click the link below.
Unsubscribe

#5 ::: John M. Ford ::: (view all by) ::: June 12, 2002, 02:20 PM:

It cannot be long now -- maybe I've just missed it -- before the "Government about to issue new money, send us your old money NOW!" scam resurfaces, doubtless explained this time as an anti-terrorist measure ("Imagine the look on Osama.binhex's face when all his American money becomes worthless! America is so darn smart!")

On the filter brouhaha, it was only a couple of weeks back that a federal court ruled that libraries could not be forced to use filtering software (the threat was cutting their lavish Federal funding) because said software was hopelessly inadequate to the task.
For those who missed it, it was necessary to set the ruling in these terms, rather than dumb ol' civil liberties and stuff, because funding is not a right (and how are -you,- Mr. Giuliani?) but, at least in this circumstance, a library cannot be coerced to burn itself down, even in the interest of public morals.

That's pubLic, ContentWatch.

#6 ::: James Macdonad ::: (view all by) ::: June 12, 2002, 02:36 PM:

The single biggest drive to removing the filtering software (previously required by various laws, regulations, and guidelines) from library computers happened when Superbowl XXX rolled around, and thousands of avid football fans found themselves unable to find any information about the game on the Web.

#7 ::: Teresa Nielsen Hayden ::: (view all by) ::: June 12, 2002, 03:07 PM:

Jim, I take it that means they'd been filtering out the extra-large shirts without anyone noticing?

Bob, Mike, that thudding noise you hear is me gently beating my head against the wall. Those scams worked?

(whump)(whump)(whump)

Now that I've tamped down my brains, I can almost see the one about sending in your old backup media. Most of the noise and hype in computer security is software-based. I can easily imagine companies scrupulously changing their passwords, but keeping their quarterly backups in unfrequented storage areas with only light security protection. Who'd want to steal big unwieldy unusable tapes?

By the time they noticed the loss, who'd remember who was and wasn't in that area over a period of weeks? And they might not even identify it as theft -- just some idiot misplacing half the backups.

Meanwhile, Mike, no amount of head-whumping is going to reconcile me to the idea that people sent their money to scammers on the understanding that the government was about to replace it with new money.

Tell me it doesn't work very often. Please.

#8 ::: John M. Ford ::: (view all by) ::: June 12, 2002, 08:28 PM:

The original version (this is from old reading -- I thought it was in Maurer, but it doesn't seem to be) involved taking a Washington society matron during the Coolidge administration. The crew were posing as big-shot insiders. One "accidentally" showed that his wallet was full of odd-looking money, and after the usual business, explained that the President had given secret orders for new currency, but it had to be introduced carefully to avoid a crisis of, you'll pardon the term, confidence. (For Calvin, this was remarkable sophistication.) Anyway, the patriotic lady offered to do her bit by getting lots of new money and spending it. She did the first part. And apparently, even after careful explanation, never believed she'd been scammed, insisting that the plan must have been cancelled for other perfectly sound reasons.

Obviously this requires a particular setup (or an unusually dumb mark), because there would presumably be no reason to withdraw bank accounts, the usual objective of a big con. Later versions I've heard of have been anecdotal, but one involved a Texas oil-type who trusted the gummint even less than banks, and another with an expat who had lots of American cash the IRS didn't know about. I've also heard of casino winners (who have to fill out a tax report for slot wins over $1200 and any cash transaction over $10k) being offered in-room money laundering of various sorts, including this one, but gamblers' tales are . . . well.
There's a persistent rumor* that the recent real introduction of new bills was at least partly to try and force some of the (real enough) wodges of off-the-books cash into the light. While advances in counterfeiting are quite reason enough for the changes, one imagines that Treasury wouldn't object to that as a free extra benefit.

*Ou est les bruits ephemere8s d'antan?

#9 ::: Erik V. Olson ::: (view all by) ::: June 12, 2002, 10:14 PM:

>There's a persistent rumor* that the recent real
>introduction of new bills was at least partly to
>try and force some of the (real enough) wodges of
>off-the-books cash into the light.

Fails the smell test. The Government, I mean, Gummint, was very clear that the old currency was still legal tender, and would remain so.

If they'd set a drop-dead date on the old bills, like many countries do, then I'd buy it. But with the old bils still legal, you could slowly swap them out with new bills, and the caches remain cached.

#10 ::: Vicki Rosenzweig ::: (view all by) ::: June 13, 2002, 12:09 PM:

US currency, no.

Euros, yes.

People were holding a lot of francs and marks and pesetas (and ...) that they couldn't, or didn't want to, explain to the tax agencies, and that were suddenly going to be not-money. Unless spent. It did weird things to the prices of second/holiday homes in certain places. I didn't check to see if the expected surge in Christmas spending in Germany happened, though. Real estate, cars, jewelry, clothing, are all worth something--for yourself, or as gifts--and you might even be able to sell them for euros later.

#11 ::: Kevin J. Maroney ::: (view all by) ::: June 13, 2002, 12:34 PM:

Teresa, you said: "Tell me it doesn't work very often. Please."

You've read _Crimes of Persuasion_. You know that most scams don't work often at all, but they don't have to; they only have to work really well a small number of times.

#12 ::: Teresa Nielsen Hayden ::: (view all by) ::: June 13, 2002, 05:44 PM:

I know. And I know that it's all much more convincing when you're the target of one of those microtheatre setups. But it still hurts to think about.

#13 ::: michael r weholt ::: (view all by) ::: June 17, 2002, 03:14 PM:

Clearly, when you say:

>(Dear not-yet-computer-savvy friends: If you want
>to get rid of residual website caches and free up
>disk space, just look through your browser's
>menus and help files. There will be functions
>that automatically clear out your cache and get
>rid of your history of pages visited. Clearing
>the cache is the most useful one. Thank you.)

you do not intend to address the real issues of privacy the spam-fiend purports to address. However, for those who are, in fact, interested in such things...

Most will know the following, of course, but for the sake of those who don't: deleting cache files and I believe even history files on Windows machines does not delete the data from the disk. It merely removes the pointer to that data in the disk's directory. *Really* deleting this stuff is a bookkeeping pain in the ass and requires specialty software. If somebody feels the need to *really* get rid of stuff (such that you would need the fearless legions of the Cyber Corps to retrieve it), I recommend a piece of freeware appropriately called Eraser:

http://www.tolvanen.com/eraser/

or get it at the current maintainer's site:

http://www.heidi.ie/eraser/

#14 ::: Teresa Nielsen Hayden ::: (view all by) ::: June 17, 2002, 08:18 PM:

Michael, when I first wrote that paragraph it was about twice as long, and explained that when you dump your browser cache and clean out your history file, fragmented memories of those pages you deleted are still present in ghostly form, in a theoretical sort of way; but they can't be accessed by normal everyday means, and they'll gradually be overwritten and truly deleted forever as you continue to use your machine.

Then I thought about trying to explain the difference between data and pointers to a hypothetical audience that can't find its browser cache in the dark with both hands, and my courage failed me. It would run too long, and I was already starting to feel like I had overburdened the point. In the end I wound up cutting it back to "Here's how to dump your browser cache", and letting it go at that.

I've kept thinking about it, though. It's occurred to me that the most likely audience for this software is people who've been looking at pornography and want to destroy the evidence. After all, the world supply of debauched libertines is as finite as any other resource; and given the size of the porn industry, you really do have to figure that a lot of it is being looked at by respectable citizens who have regular habits, fixed abodes, and long-term financial planning strategies.

In fact, given the numbers, quite a few of them undoubtedly vote Republican.

That would explain the emphasis ContentWatch puts on "safely" detecting and deleting offensive files, with no fear that the objectionable pages might be displayed on your screen. If your boss or your wife walks up behind you while you're in process, you'll look like you're doing innocent file management.

#15 ::: michael r weholt ::: (view all by) ::: June 18, 2002, 08:51 AM:

There was a "Frontline" sometime ago on pornography and Ashcroft's fairly underground at this point intention of going after it, and those who consume it. No doubt this project has been set back by current events, but I imagine it's still on somebody's burner somewhere.

The problem a consumer of internet pornography has is that he/she does not have absolute control over what makes its way onto his/her machine. In the world of gay pornography, the word "boy" is regularly used to indicate gay guys in general, often guys at the twinky end of the scale, but not necessarily. The use of the word "boy" in these cases, however, is not meant to indicate pictures of underage males. Sometimes, however, some asshole *has* posted pictures of males who are *clearly* underage. Some dope cruising the binaries newsgroups, clicking on pics labeled "boy", is liable to eventually run across one of these pics and thereby download a piece of child porn to his machine. Ba-boom. He has just violated the USC and is on his way to having his mug posted on some state's "Sexual Predators" website.

It isn't just the boss and the wife that people who look at internet porn have to worry about. I think anybody who consumes internet porn on anything like a regular basis needs to regularly and thoroughly clean his/her machine of stray crap, cache files, histories, temporaries, and so forth. Ashcroft and his buds aren't going to care if they find the child porn in a neatly arranged directory or in a half-assededly deleted temporary file. They are going to tell you you get whatever you deserve for looking at dirty pictures in the first place, and the fact that you never *intended* to violate any sections of the United States Code isn't going to cut it. You best get ready to have your neighbors drive you out of your neighborhood once the cops start posting your mug on telephone poles, and nobody else is going to want you in their neighborhood either, by the way.

Me, I'd probably have to kill myself. I don't cope well with that kind of stress. :)

But that, of course, would be my just deserts. For looking at dirty pictures in the first place.

The obvious solution is to never look at internet pornography at all. And don't forget to wash behind your ears while you're at it, and say your prayers after you get your jammies on.

#16 ::: Teresa Nielsen Hayden ::: (view all by) ::: June 18, 2002, 06:43 PM:

But Michael, they can't want everyone who looks at porn to fall into an oubliette and die; like I said, given the size of the industry, a lot of those consumers have to be voting Republican. Ashcroft and his ilk just want them to feel really, really bad for looking at it.

#17 ::: michael r weholt ::: (view all by) ::: June 19, 2002, 10:11 AM:

Yes, I admit it is curious behavior. Maybe they are just getting procedures in place so that when the FBI gets its new Windows for Workgroups machines, they'll be able to cross-reference dirty website getlogs with names of registered Democrats.

#18 ::: Patrick Nielsen Hayden ::: (view all by) ::: June 19, 2002, 12:56 PM:

Don't be silly. The FBI isn't going to be getting Windows for Workgroups. Why, to do that, they'd all have to be running 286s at least.

#19 ::: joanna ::: (view all by) ::: July 23, 2003, 02:37 PM:

hi

#20 ::: Joey ::: (view all by) ::: August 18, 2003, 03:41 PM:

Hey:

I was doing Google Searches for pages that link to our site. I work for ContentWatch in the customer service department (don't worry, they didn't put me up to this, I'm doing it on my own time).

I couldn't help but notice you've been a little less than nice to our company in this thread, and I'd like to set the record straight if that's at all possible.

First off, the spam you received wasn't from our company. It looks like it was from one of our affiliates. Our affiliate program allows individuals to make commission based on how many copies of our software they can sell from their website or by other means. We keep pretty good tabs on our affiliates and boot those who don't comply with our terms of agreement. We try to keep them from sending illegal spam, but we can't always do that.

To be truthful, our ContentCleanup program really does stink -- for exactly the reasons you've listed. It can't find images because they are saved under different names, and it is not sensitive to the context that words are used in. I once spoke with a fellow by the last name of "Gamble". I refunded his money because our program identified just about every file on his machine as questionable.

The ContentCleanup program hasn't been updated in over a year. Right now we're working on a stand-alone version (previous versions have all been ActiveX controls that run in the user's browser) that will greatly improve on the features of the original. It will allow a much higher level of customization, so people like Mr. Gamble can remove their names from our list of questionable words.

Currently our Internet Filtering software, ContentProtect (released in October 2002), is leading the market in sales and customer satisfaction. We are featured prominently on www.internetfilterreview.com.

Contrary to most peoples' assumptions, the ContentCleanup program is not meant to help you merely delete your temporary files. I get calls from people all the time asking if that's what it does, and I usually tell them, "If you just want to delete the stuff you can do that with your Internet Options". Our product is meant to help you get information about the files that exist in your computer. You can double click any file on the list to see what it is. In most cases, files are innocent ("breast" in a chicken recipe, "sex" in a job application, and yes, even "cunt" in scunthorpe). There are big warnings all over the program that explain this concept to people. I haven't had anyone call in to complain about losing important files in a long time. People aren't stupid, and they understand that context is an issue. Even though the software does identify a lot of innocent files, if there is questionable content on your computer, you are guaranteed to find it with our system.

We would be open to suggestions if any of you can think of a better way to identify questionable content. It really is a tough nut to crack. While the idea of counting "flesh-colored pixels" seems stupid, the idea has merit. Unfortunately, good enough image recognition algorithms haven't been written yet. Words are about all we have to go by. Our ContentProtect product actually tries to calculate context by looking so many words ahead and behind a word. If it sees many instances of a supposed questionable word in close proximity to other supposed questionable words, it gives higher probability to the questionable nature of the page. Our new version of ContentCleanup will be reprogrammed with these newer algorithms.

The bottom line is that while our program can be a valuable tool for parents to find out what their kids are looking at online, it's not perfect, and it can't replace good parenting. If you really want to protect your kids online, you need to sit down and talk with them about these issues, and then watch what they do online. If software can help you do that, then it's a good investment.

#21 ::: Joey ::: (view all by) ::: August 18, 2003, 03:42 PM:

...and no, we don't think you're crazy. ;)

Choose:
Smaller type (our default)
Larger type
Even larger type, with serifs

Dire legal notice
Making Light copyright 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017 by Patrick & Teresa Nielsen Hayden. All rights reserved.