Jump to content

mythsmith

Members
  • Content Count

    20
  • Joined

  • Last visited

Community Reputation

0 Neutral

About mythsmith

  • Rank
    Member

Contact Methods

  • Website URL
    http://daniele.modena1.it

Profile Information

  • Location
    Italy
  1. mythsmith

    SpamCop Denouncer

    Thank you Farelf for having reported that. I hope I corrected it. It was a line in sarissa java scri_pt, part of Plone package, written to overcome shortage of IE conformance to standards I would never have seen that, 'cause I have never visited my site with IE , so your help was precious. "Mythsmith" is a composed word myth+smith, and refer to a "legend-maker", who puts great effort (and pain) in it, like beating and forging metal. I coined the word years ago reading a verse of Tolkien's Mythopoeia: Blessed are the legend-makers with their rhyme of things not found within recorded time.
  2. mythsmith

    SpamCop Denouncer

    The solution: Direct download link for "novices": http://daniele.modena1.it/code/spamcop-den.../spamcop.py.txt Hitting it will only transfer a non-executable text file. And for the screenshots about the processing of an mbox file: 1. Get SpamCop ID(s) The first reporting step is to submit the spam contained in a mailbox and get a "spamcop id" from spamcop.net. This will be used to gather further information and refer to each piece of spam. 2. Collect information about the spam Then the scri_pt downloads the report page, where the detailed processing is shown by spamcop.net and where there are the submission forms. That page parsed to extract important information, then converted to text and stored in a temporary file for further reference. 3. Analyze the reports with fast dialogs This is the only manual step. Each dialog presents an excerpt of the spam and the list of recipients. Each recipient can be de-selected and has a short string showing which is the role of the involved network (s: source, w: spamvertised, etc). You can see the full report (spamcop.net page) switching on the first entry and pressing ok. Then you can add your personal notes. Click enter an the spam is confirmed, or "cancel" and it will be explicitly cancelled from spamcop.net. Your choose is stored for the next step. 4. Submit the reports After you have analyzed all of them, the reports will be sent, confirming to spamcop.net as you would have done in your browser, but without interaction A brief review of the submitted reports is printed (it is a slice of the response page obtained from spamcop.net). In case of error, the full web page will be printed out for debug. 5. Exit stats At the end of the submission step some brief stats will be printed about the session. The time cost is calculated starting from the first response to a dialog (if you take a coffe between dialogs, ignore it!). In this case SCD was ran with -d switch so the mailbox containing the spam was cleared. ANYWAY THIS IS NOT INTENDED FOR NOVICES!
  3. mythsmith

    SpamCop Denouncer

    Hi David, thank you for your kind words. I'm form the middle-north of Italy, and yes I'm an agesci scout leader. I should study a bit more english too, i think... every time I read something I posted I see a new mistake... I hope yahoo babelfish helped you understanding it ( how do he know that? there is something evil going on his website... certanly a security issue being exploited )
  4. mythsmith

    SpamCop Denouncer

    Miss Betsy, I prey you not to visit my website. It's about dangerous things such as downloading a program written in a dangerous and immature interpeted language (Python, isn't it already SCARING?), an run it after having modified it to fit your configuration (AAAAHHHRG! Configuration! Do not mention it!). As the FIRST post said: "WARNING: One-day-hacking-scri_pt here!" Now the days growed, but it's still all about hacking. I prefer non-professional programs to be presented in personal websites, and announced as what they are, instead of amatorial things presented in highly professional manner. If you cannot resist visiting it, at least do not download anything and more than all do not execute any code presented. You are NOT the target of this stuff for the moment, and will not be for a long time. Clear?
  5. mythsmith

    SpamCop Denouncer

    Your visiting any page triggers many, many other actions, that many users do not expect. But they don't light up a led, so they don't care. Many of them, when knows which kind of info are distributing to entities they do not trust, disrupt this flow of information. Welcome to the knowledge that Flash CAN list your webcam properties. Now that you (and your webcam) have been illuminated, go, announce the verb, and make the folks disable Flash. Today was my embedded applet. Tomorrow could be the entire web. We will all die burned in hell. But do not decide what I can and I cannot embed in my personal webpages, unless you provide a reasonable suspect that it's malicious or buggy (an exploitable form, malware, etc) It's how the great www works. A network of trust. Welcome, again. When you visit a website, your presence is notified to many third party entities whom the owner of the page trusts, but you may not, infringing your privacy, for example. If you do not trust those third parties, such as google urchin.js machinery etc, you should disable them. I disabled Flash long ago. No one is forcing me to do anything, as my page is not forcing anyone. It asks. It's not my fault if you are configured to reply "yes, i have a webcam", and you don't like it. Maybe I will do. But only to protect myself from uncareful paranoids. It's stupid, but uncareful paranoia is worst than silliness. And this is not arrogant... To decide what someone can have or cannot have on his personal page, and cry out loud with moderators to ban him. Anyway, i don't think paranoic people would never use my utility, because it's not written by ttottt themself-the-only-techie-they-trust. As my topic seems to attract only this kind of person, I think keeping it is time totally wasted. No big drama: i built the scri_pt to aid myself, only hoped to find here advice and critiques (about the scri_pt!). Moderate as you feel. Personally I would remove the entire topic so I can fresh start with the next "release", and maybe paranoid people will forget me.
  6. mythsmith

    SpamCop Denouncer

    How should I explain that Flash is not accessing anything!? In default configuration, Flash needs an active user confirmation to access the camera. What is happening here is that Flash asks "Is there ANY webcam connected?" The drivers installed in your OS then check if the camera is still here, turning it on for a fraction of a second, and reply to Flash: yes/no. This is not "accessing" it, because Flash isn't receiving any data from it. It's the same difference between a cat and an ls command. The first accesses the file, the second only lists its properties. Infact it is available also for non-readable files!!! This is EXACTLY what happens when your browser sends data about your environment to a remote server. Think of it. It asks the operative system version to your OS. If quering for OS version lighted a blue light somewhere, you would be here screaming "We reserve the right to disable your link on this site and/or display a warning with it."!??? Flash did not access your camera, unless a fault big as a mountain resides in it (again, in Flash, not in the applet) code. But, as I trust the applet source, I know that the authors would not exploit such a fault even if it existed.
  7. mythsmith

    SpamCop Denouncer

    I myself do disable flash in my browser. Really, I never see a flash animation unless I explicitly ask it. I do not run it. That's why I consider all that question a little bit paranoic. None here has flash installed, all are using text browsers... so where is the point!?? It is Macromedia Flash that is accessing the camera because the applet is asking the if there is one. Flash. Not the applet. The applet is running in a Flash sandbox, on your computer, not "in my site". And it behave that way because someone configured Flash to do so. Not the applet. Flash. 1. The applet runs in a Flash sandbox. It asks flash if there is a camera outside of the sandbox. That is applet programmer's fault, to ask for something.... 2. Then Flash, if configured so, asks the O.S. if there is a camera connected. That's user fault, let Flash knows secret things they do not want to be known. 3. Finally the O.S. probes the hardware to see if there is a webcam, and that sometimes causes the camera light to flash because it turns on. That is perfectly normal if you have installed camera drivers. Flash is checking for a camera to answer the applet, no more than a browser answers a remote server when it asks the language, the os, or if a particular plugin is installed or not, if java scri_pt is enabled or not. The remote system asks. Your system reply what you configured it to say. Don't like? Change configuration. Any remote system have all the rights to ask if you has a sound system, which display device are you using, if you have java/java scri_pt/wtf enabled, which language do you speak, where are you from and which page linked you here, BUT IT CANNOT, N-E-V-E-R, ask if you have a CAMERA. That is a big, big, bigger, biggest security issue. I think it's way more dangerous to say that you are navigating with Windows98', if you are really doing so, for example http://www.google.com/support/youtube/bin/...mp;answer=57409 There are many other, eg some social networks that allows video chat between participants without the need to install anything. I CAN SEE YOU, anyway
  8. mythsmith

    SpamCop Denouncer

    Just the last point: Flash is running on your system, not on my system. Your system will not be touched if you configure it not to be. It's not my fault if you configured your system to run every crap it find on the internet. I think I will leave the applet and add a link such as: I CAN SEE YOU Maybe with a sauron eye beyond. The link will point to a page explaining why you should uninstall or turn off automatic Flash execution from your system. It's a proprietary technology, so security updates are slow, torbid and you will never ultimately know what it is doing with your system while you browse
  9. mythsmith

    SpamCop Denouncer

    Ok, I will move it to a dedicated "contacts" page. I personally dislike Flash, but I see is the only technology that actually makes possible these things. Thinking of another superficial visitor that happen on my blog and begin to scream that I'm looking in his webcam simply don't compare to the (remote) utility of that applet. I considered it more an opportunity to advocate a better voip network than dominant skype or msn, than an actual mean of contact me... Expect to find OT things in a personal website! I collect here all my stuff, and since I have diverse interests, the result is a permanently OT website. What does it happen, afterall, when you visit a website with some sort of urchin.js incorporated? -> your visit is unexpectedly reported to an unrelate remote server, without your consense - privacy threat! (I disallow every such scri_pt each time i find a new one...!) Or which embeds random ads? -> You will display content that is not related to the apparent purpose the page was written for. This is the embedded flash object that activate the webcam: http://button.wdeal.com/wvisio_v1-1/common...wf?wtf=29491355 With firefox, press ctrl+I while viewing the page: you see it in media tab. You would not see it in the code of the page as it is loaded by this scri_pt: http://button.wdeal.com/wvisio_v1-1/full_wengo_widget.js So if you have restricted flash or java scri_pt env, the applet will not startup.
  10. mythsmith

    SpamCop Denouncer

    You're right, I (you) should uninstall Internet. Also your browser "unannouncedly" scans/tamper your system to know the OS, the screen resolution, the lang, your precedent navigation (referrer) etc and, in default configurations, sends all those precious data to untrusted remote servers. That's the way Falsh works. If you do not trust Flash, you can disable it unless requested (as I have done on my computer with flashblock). I trust the WengoVisio applet and do not consider it carp also because it is part of the OpenWengo suite, an opensource Skype alternative, with the freedom to change service provider: http://www.openwengo.org/ The wengovisio object itself isn't open-source afaik, but I trust the source that produced it. I'm sorry but you cannot dismantle the trust a person gives to someone/thing unless you provide good reasons. A program for webcamming that scans for a connected device when allowed by your environment is not such a reason, to me.
  11. mythsmith

    SpamCop Denouncer

    You can contact Adobe to denounce that if a user enable their Flash product to use webacms, then it will illicitly query the operative system to know if there is one connected. http://www.adobe.com/support/flashplayer/ I think youtube is seriously infected with that fault Untill Adobe fixes the fault, you should disconnect your webcam and microphone or uninstall their drivers. Or, you can forbid Flash to access anyway to your microphone and webcam (also only to check if it exists) when not explicitly allowed.
  12. mythsmith

    SpamCop Denouncer

    It's all ok: i included the WengoVisio flash object in the page: http://www.wengovisio.com/index.php Visitors can send video and audio messages to me using that applet, if they want. So your webcam is flashing because Flash is scanning for a connected device - nothing dangerous!
  13. mythsmith

    SpamCop Denouncer

    Added some "screenshots" (console-shots!) here: http://daniele.modena1.it/code/spamcop-denouncer/screenshots
  14. mythsmith

    SpamCop Denouncer

    I am receiving a lot of spam without any message body, resulting in SpamCop returning: "No body provided, check format of submission" I think bodyless spam is simply a nonsense, maybe used to test spam networks or to simply annoy zealous denouncers. So today I added a check on the body of the messages: if it is empty, SCD will add a custom string such as: 'This spam email did not have a body. This string was added for reporting purposes' The spam will then be happily reported.
  15. mythsmith

    SpamCop Denouncer

    SpamCop Denouncer v0.2 released! * Many bugs fixed. * Ability to parse spam pasted to standard input * Ability to parse a mailbox and send each spam in it * Security feature to alert if sensible spamvertised websites are found (eg, your own!) * Process your spamcop queue (that brings no big time saving...) * Added a "recently sent" database of spam IDs and hashes, so the risk of sending double reports is minimized * Added a simple statistical engine, recording quality (mean age) and cost (seconds of human interaction). Eg here are my statistics: daniele[at]lami2:~$ spamcop -S1 STATISTICS since 05/27/08 (1 day period): Reporting quality: 1.687h of mean spam age Total time cost: 927.9shi, efficiency: 0.9s/spam Processed: 1137, 162.4/period - Reported: 1041, 148.7/period Reporting activity (1 day period): day processed reported sessions cost quality 05/27/08 16 16 2 0.00 0.00 05/28/08 179 178 13 106.82 0.00 05/29/08 292 250 14 245.41 0.00 05/30/08 185 183 13 189.44 2.01 05/31/08 142 138 9 223.98 1.91 06/02/08 141 96 1 21.42 5.41 06/03/08 182 180 5 140.83 3.36 Overall top 10 report destinations coldrain.net 605 devnull.spamcop.net 374 kisa.or.kr 234 hanaro.com 231 certcc.or.kr 231 ns.chinanet.cn.net 87 ttnet.net.tr 72 olcab.ro 60 cert.br 52 jsinfo.net 42 (note: coldrain is user-defined additional recipient, that's why is on the top) Have fun reporting more and better, and recording your improvements!
×