Phish Are Jumpin’
December 15th, 2009I‘ve had only one management position in my career. As “team leader” I managed four young software engineers who did quality assurance testing. Among my charges was a young fellow from Belarus who was particularly dedicated to the task; he took it personally whenever he found something wrong with the software in development.
When he found a bug, he’d come into my cube shaking his head, gravitas oozing from his pores, and say to me, “Skeeep,” before showing me his findings, “thees smells of feesh.”
I mention this because I was reminded of my young friend today when I got an e-mail—allegedly from Google—telling my my Google Adwords account had been canceled. As you might imagine, the e-mail provided no fewer than three links to my “login page,” along with helpful instructions about how to rectify this dire situation.
By now, we all know that Google hires only the best and brightest engineers in the business. And I’m certain they seek out the same capabilities in those who provide their public face through the written word. Today’s e-mail alert was not good writing.
It took very little surf-casting of my own to ascertain that the URL provided by the author of the e-mail was http://google-mc.com. A quick look at whois.net revealed that google-mc.com is registered as follows:
[Querying whois.internic.net] [Redirected to whois.melbourneit.com] [Querying whois.melbourneit.com] [whois.melbourneit.com] Domain Name.......... google-mc.com Creation Date........ 2009-12-16 Registration Date.... 2009-12-16 Expiry Date.......... 2010-12-16 Organisation Name.... denis rogers Organisation Address. 22th fireball ave Organisation Address. Organisation Address. new york city Organisation Address. 74836 Organisation Address. NY Organisation Address. UNITED STATES
As you can see, not only are the address and zip code bogus, but the registration date hasn’t yet arrived.
Putting my Web Debugger through its paces, I also found that google-mc.com eventually does hand you off to http://google.com/adwords. While this looks legitimate, be afraid… be very afraid.
So, if you get an e-mail that appears to be from Google, and if you have an Adwords account, do not follow the links in the e-mail. Instead, type http://adwords.google.com in the address bar of your browser. Even if you don’t have an Adwords account, it would be useful to forward the message to phishing@google.com. I’m sure they’ll put some of their best and brightest on the trail to seeing to it this doesn’t trouble us again.
Celebrating Spring – Hidrellez
May 5th, 2009Hidrellez, the Turkish spring festival, is celebrated throughout the country.
Along with pagan customs of the Eastern Mediterranean, many pre-Islamic traditions of Central Asia and Mesopotamia live on in Turkey. One holiday in particular, Hidrellez, celebrates spring with colorful and ancient rituals that remain part of modern Turkish culture even if their original significance has been forgotten.
Photo courtesy of Phillip Salzman
Now observed throughout the country on May 6th, Hidrellez is whatever Turkey’s multicultural citizens make of it—a day of prayer, contemplation, mysticism, healing, wish-fulfillment, music and poetry, revelry— or a Turkish version of Earth Day.
A revered figure of Near Eastern folklore, the Muslim saint Hizir (from the Arabic Al-Khidr, meaning The Green One) is believed to appear as a mendicant dervish with a long white beard. Hizir has many attributions, but is generally regarded as someone with the power to grant wishes and intercede to save his supplicants from disasters.
Associated with spring planting and rebirth, Hizir has absorbed some of his character from the ancient water and fertility deities of the Middle East. He is also identified with the Old Testament figure of Elijah (Ilyas in Arabic), who was credited with bringing rain to the region’s arid croplands. This gave rise to the Turkish melding of the two names Khidr and Ilyas – as well as ruz. the Persian word for day, to yield the contemporary Hidrellez.
Hizir is also cloaked in the legends surrounding agrarian and fertility cults of the Balkans. Clad in green leaves, the Green Man of the pagans became Green George among Catholic and Orthodox Christians, who celebrated the feast day of St. George each April 23rd, in the old Julian calendar. Among many mixed communities of the Eastern Mediterranean, distinctions between Hizir and Green George were blurred long ago.
Of particular interest to us, is that Hizir is the patron saint of travelers, protecting them from the dangers and difficulties of the road. Thus, he holds a special place in Turkey, a country criss-crossed by ancient trade routes.
Hizir travels the River of Life upon a fish
Always associated with water, the turbanned Hizir is transported by a fish swimming along the River of Life. Once a year, Hizir may be approached for special favors, provided that one petitions him in an appropriate fashion.
Before daybreak on Hidrellez, (May 6th, according to the modern calendar), many Turks make or depict miniatures of things they most desire—a new house, an automobile, a business of one’s own… They place these images in their gardens or yards, or they may write their wishes on slips of paper and tie them to designated shrubs and trees. Walls bedecked with hundreds of brightly-colored rags and written wishes rise at sites of public celebrations, where gypsy bands and bonfires may also enliven the scene. During the ensuing year, Hizir may, at his sole discretion, grant a wish. If not, there’s always next year…
Here is a contemporary account from a friend of mine,* a Turkish woman in her 30’s living in southwestern Turkey. The notes in brackets are mine.
“May 6th is like an unofficial holiday, especially in towns like Finike, Kumluca, etc. They wake up early in the morning and walk on grass [because it is something living and green], walk over a bridge [to signify Hizir’s connection with water]. My mom still goes out to the beach with her friends…
“Others meet at Hidirlik Tower in Kaleici [in the walled, Ottoman quarter of the port of Antalya] and drop leaves or flower petals into the sea. Also, very early on the morning of the 6th, they write their wishes on papers and walk to the beach and throw those into sea, too.
“In fact, in local traditions, Hidirellez is even more of a spring holiday than May 1st. It’s the awakening of Earth and Nature.
“Easter is about the Resurrection of Christ, but for an Anatolian girl like me, who was born Muslim, but who also believes in the Great Mother Goddess and other pagan goddess figures—and even in some Shamanism—it’s all about the ‘resurrection of nature!’ I always love spring! ”
Thanks to Ceylan Zere for her personal account of Hidrillez.
The Conficker.B Worm
March 22nd, 2009Ordinarily, I don’t report on high-tech topics. As a former technical writer and software engineer, I have indeed been there and done that. Nonetheless, I continue to stay in touch with technology. And, like most readers of this blog, I regularly receive “alerts” from well-meaning friends who are fowarding those alerts from THEIR friends to do—or not to do—something involving some peril on the Internet.
Sand Worm from Dune
You know what I mean: those WARNINGS (in upper-case letters for added urgency) to “delete any message that includes a link to an e-card from a greeting card vendor…” And your friends will swear, that “It’s verifiable on snopes.com…Really.”
However, over the past few days, among my incoming e-mail messages, I’ve noticed a pattern that causes me concern. The steady stream of spam I normally receive anyway, has begun to emanate from legitimate companies.
As an example: I received the following “offer” for “Canadian drugs” from xptlgrb@booksinmotion dot com. Of course, the e-mail address, the topic, and the included hot-link (bestcheapcanadiandrugs dot com) would tell most of us right away that this was spam. But as I opened my spam filter to add yet another discount Internet pharmacy to my ever-lengthening list, I couldn’t help wondering why a company called Books In Motion dot com might have an interest in sending me spam e-mail hawking bogus Viagra.
On typing the Books In Motion Web address into my browser, I discovered that it seemed to be a legitimate online company with no apparent interest in offering me the opportunity to improve my sex life at a significant discount. BIM sell audio books on tape and DVD. In fact, some of the titles they have on offer are from The New York Times best-seller list.
I’ve been following the news about the conficker.b worm coiling its way through the Web. Based on analysis of my own incoming e-mail, I’ve begun to speculate if—along with the nefarious things any virus can do to an individual computer—this one might have the power to co-opt a domain name and create its own e-mail addresses on that domain. Or worse—having usurped an email address from a legitimate company, could the worm begin sending out spam with links to other sites that, in turn, could cause even more harm?
If you Google the phrase ‘conficker.b worm,’ you’ll find a lot of reports about what the worm does to an individual machine and how it seems to be creating a “botnet” linking thousands of computers together for the sole purpose of spreading the worm.
Not surprisingly, and true to the mythology of the Web’s alternate universe, conficker.b’s demonic creators are chortling that April First is going to be a very auspicious day in the life of their pet worm.
But the reporters, pundits, and prognosticators are more than a little vague about what may actually happen. Could it be that I’m one of the anointed ones and being treated to a sneak preview? Will I get a bazillion spam e-mails on April 1 from legitimate—if innocent and unwitting—companies whose marketing departments have no idea they are offering me discount drugs from Canada?
I don’t know, but I confess that I am more concerned about this one than any among all the viruses I’ve seen over the past two decades.
So I went to the mountain. I visited Microsoft’s Website to see what their pantheon have to say about conficker.b. Again, they have a lot of information about what it does, but they’re a little light on what the perversion is supposed to achieve. Nevertheless, I downloaded and installed the latest Microsoft patch for my operating system, and I’ll be checking back regularly with the gods on high in the week leading up to April 1.
What should you do? Well, don’t panic. There are tons of information out there that describe the symptoms as well as the remedies. Here are a few of the steps I’ve taken (and I will not post comments that suggest getting a Mac or running some flavor of Linux):
• Visit the Microsoft Web site and download the latest patch for your operating system.
• Be sure your anti-virus software is up-to-date. Conficker.b is most likely to arrive as a hot-link (a clickable Web address) within an email from a compay that appears to be legit. (The big three—Norton, McAfee, and Kaspersky—are all updated several times each day.)
• Just for fun, back up your My Documents directory to an external hard drive, a thumb drive, a CD, or a DVD. That’s good practice anyway, and I’m as guilty as anyone else for letting it slide.
• Speaking of external devices, go to this link at Microsoft and follow their instructions for disabling Auto Run. Apparently, conficker.b likes to hide out on thumb drives and external hard drives.
As a final precaution, I probably won’t start my computer on April 1, at least not until I’ve heard the morning stories on the BBC. Of course, your mother has already given you the best advice for dealing with computer security issues: Don’t accept cookies from strangers.
Flat Tax: The Sooner the Better
February 5th, 2009Nancy Killefer and Tom Daschle have withdrawn their names from consideration for administration appointments because of irregularities in their tax returns. A couple of weeks ago, Tim Geitner might have done the same. As one who voted for Mr. Obama, I am less disturbed about the perception that anyone slipped under the vetting radar than I am that members of his administration and economic resuscitation team are not vociferously pushing the simplification of US tax codes. That is the reason why it is better to approach the Nottingham best Accountants to clear this crisis. Surely, this cluster of embarrassments indicates the crushing need to do that now.
Two consuming preoccupations of American society set us apart from our counterparts in other industrialized countries:
1) We worry ourselves sick about health care—its cost and our our access to it.
2) Our entrepreneurs and corporations are burdened by increasingly complex requirements to record, maintain, and retain records so as to pay—or not pay—state and Federal income taxes. It has now become virtually impossible for an individual to fill out an error-free Federal tax-return (with or without the assistance of Turbo-Tax).
While these two concerns may not always be seen as closely linked, I believe that taking bold action now—on either health care or the tax code—could sustain the new administration’s adrenaline rush and lead to improving both situations.
The sheer complexity of health care administration—be it for a physician’s office, an insurer, or the family of a senior—frequently demands the hiring of outside help. Ditto for the tax bookkeeping requirements of a small business-owner. And while paperwork compliance may provide endless employment opportunities for accountants, it does little for our nation’s collective peace of mind.
For the unencumbered freedom to spend more time at my various “jobs,” for the privilege of NOT having to think about what I can claim as a tax deduction—I would happily pay a “flat tax.” And even if my own taxes might rise, I would consider accepting this increase in exchange for the reassurance that more Americans could have access to good, preventative health care.
I am self-employed, a capitalist with broadly liberal social views. I know that there are millions of US citizens across all economic and political strata who feel as I do.
Our businesses are too focused on tax incentives and penalties. Many don’t hire new staff because they cannot afford employee health care or shoulder the additional accounting costs to make sure they’ve paid all the proper employee withholding taxes.
All of us could profit from additional time to reflect and innovate, spending more time talking R & D, less time thinking IRS.
Writing in The NY Times, February 3rd 2009, How to Avoid a Tom Daschle Tax Problem, Ron Lieber suggests how to avoid what has befallen the new administration.
Compiling advice from various accountants and financial planners, he quotes one:
Can’t you just see H & R Block setting up workshops for pre-schoolers?
Undaunted, Mr. Lieber gives his readers some prudent tips, admits his father is an accountant, and then sums up:
Great! Right on! But then Mr. Lieber finishes with this zinger:
Let’s not forget: that’s the government mindset that improved airline security by giving us the TSA…
