Searching \ for '[OT] is this a fake paypal? what the site can do t' in subject line. ()
Make payments with PayPal - it's fast, free and secure! Help us get a faster server
FAQ page: www.piclist.com/techref/index.htm?key=fake+paypal+what
Search entire site for: 'is this a fake paypal? what the site can do t'.

Exact match. Not showing close matches.
PICList Thread
'[OT] is this a fake paypal? what the site can do t'
2005\11\04@093251 by rosoftwarecontrol

flavicon
face
I got an email dressed as from paypal, have the link below.
is this a real link to paypal? I met such thing once, and been fired once....(:




http://rozin-med.ru/phpBB2/redirect.to.paypal.com/users/aw=user156454/SAPI.dllSignInpUserId=co_partnerId=siteid=0pageType=-1pa1=UsingSSL=1bshowgif=favoritenav=errmsg=165/login=user&p/userlogin/69-58-5264/webscrcmd.php

2005\11\04@095737 by William Couture

face picon face
On 11/4/05, microsoftwarecontrol <spam_OUTmicrosoftwarecontrolTakeThisOuTspamyahoo.ca> wrote:
> I got an email dressed as from paypal, have the link below.
> is this a real link to paypal? I met such thing once,
> and been fired once....(:
>
>http://rozin-med.ru/phpBB2/redirect.to.paypal.com/users/aw=user156454/SAPI.dllSignInpUserId=co_partnerId=siteid=0pageType=-1pa1=UsingSSL=1bshowgif=favoritenav=errmsg=165/login=user&p/userlogin/69-58-5264/webscrcmd.php

It's a fake.

The start of the URL is something other than paypal, and the TLD is
.ru, which says
that this is a russian website.

And, in general, anything you get from paypal via email is a fake
("phishing", they are
trying to get your confidential information to commit fraud).

If you really think a email is ligitimate, *NEVER* click on the link.
Instead, go to your
paypal account, sign in, and see if you have any messages.  Better
yet, call their
support line and see if they really sent you something.

Also, beware that there is another form of "phishing" called
"pharming", in which the
DNS for a legitimate site (such as paypal) is hijacked and re-routed
to someone else.

Bill  { used to do computer security for a living }

--
Psst...  Hey, you... Buddy...  Want a kitten?  straycatblues.petfinder.org

2005\11\04@095945 by John Nall

picon face
microsoftwarecontrol wrote:
> I got an email dressed as from paypal, have the link below.
> is this a real link to paypal? I met such thing once,
> and been fired once....(:
>
>
>
>
> rozin-med.ru/phpBB2/redirect.to.paypal.com/users/aw=user156454/SAPI.dllSignInpUserId=co_partnerId=siteid=0pageType=-1pa1=UsingSSL=1bshowgif=favoritenav=errmsg=165/login=user&p/userlogin/69-58-5264/webscrcmd.php
>  

I don't know about that particular link, but I DO know that I have
gotten fake emails which purported to be from PayPal and had a link in
the email which they wanted me to click on. I assumed it would probably
induce a virus into my system. The first time we got one (the message
was actually sent to my wife, not to me -- I do have a PayPal account,
but she does not) we sent it to the real PayPal site for whatever action
they might want to take. The second time, I just deleted it.

John

2005\11\04@100121 by NDOWS-1252?Q?Bo=9Atjan Jerko?=

picon face
Yes, it's fake.


On 04/11/05, microsoftwarecontrol <.....microsoftwarecontrolKILLspamspam@spam@yahoo.ca> wrote:
> I got an email dressed as from paypal, have the link below.
> is this a real link to paypal? I met such thing once,
> and been fired once....(:
>
>
>
>
> rozin-med.ru/phpBB2/redirect.to.paypal.com/users/aw=user156454/SAPI.dllSignInpUserId=co_partnerId=siteid=0pageType=-1pa1=UsingSSL=1bshowgif=favoritenav=errmsg=165/login=user&p/userlogin/69-58-5264/webscrcmd.php
> -

2005\11\04@100316 by NDOWS-1252?Q?Bo=9Atjan Jerko?=

picon face
On 04/11/05, William Couture <bcouturespamKILLspamgmail.com> wrote:

> Also, beware that there is another form of "phishing" called
> "pharming", in which the
> DNS for a legitimate site (such as paypal) is hijacked and re-routed
> to someone else.


I like this one. Very clever.

B.

2005\11\04@101018 by Wouter van Ooijen

face picon face
is it http://www.paypal.com? No, so it is not paypal.

> -----Original Message-----
> From: .....piclist-bouncesKILLspamspam.....mit.edu
> [EraseMEpiclist-bouncesspam_OUTspamTakeThisOuTmit.edu] On Behalf Of microsoftwarecontrol
> Sent: Friday, November 04, 2005 4:36 PM
> To: piclistspamspam_OUTmit.edu
> Subject: [OT] is this a fake paypal? what the site can do to you?
>
>
> I got an email dressed as from paypal, have the link below.
> is this a real link to paypal? I met such thing once,
> and been fired once....(:
>
>
>
>
rozin-med.ru/phpBB2/redirect.to.paypal.com/users/aw=user156454/SA
PI.dllSignInpUserId=co_partnerId=siteid=0pageType=-1pa1=UsingSSL=1bshowg
if=favoritenav=errmsg=165/login=user&p/userlogin/69-58-5264/webscrcmd.ph
p

2005\11\04@101704 by Dmitriy Kiryashov

picon face
Local DNS copy for most visited sites ? :)


Boštjan Jerko wrote:
>
> On 04/11/05, William Couture <@spam@bcoutureKILLspamspamgmail.com> wrote:
>
> > Also, beware that there is another form of "phishing" called
> > "pharming", in which the
> > DNS for a legitimate site (such as paypal) is hijacked and re-routed
> > to someone else.
>
> I like this one. Very clever.
>
> B

2005\11\04@103049 by olin piclist

face picon face
William Couture wrote:
> Also, beware that there is another form of "phishing" called
> "pharming", in which the
> DNS for a legitimate site (such as paypal) is hijacked and re-routed
> to someone else.

How can DNS be hijacked?  I have several DNS servers specified in my network
setup, by IP address of course.  These are servers of trusted organizations,
like my ISP for example.  Unless someone has control of a router between me
and the DNS server or can somehow intercept packets, how can they feed false
addresses to me when I do a DNS lookup on http://www.paypal.com?  I'm really asking
since I don't see how this is possible without physical access to the wires
or somehow hacking into a router or something.  The first is impossible for
someone in Russia, and the second is very difficult since professional
routers are specifically designed to make this pretty much impossible.


******************************************************************
Embed Inc, Littleton Massachusetts, (978) 742-9014.  #1 PIC
consultant in 2004 program year.  http://www.embedinc.com/products

2005\11\04@103317 by Buehler, Martin

picon face

i think the .ru does not really look like paypal ;-(

************************************************************************
******************************


>{Original Message removed}

2005\11\04@104714 by Rolf

face picon face
It happens to the best of them:

http://www.windowsitpro.com/Article/ArticleID/8170/8170.html

Rolf

Olin Lathrop wrote:
{Quote hidden}

2005\11\04@105555 by Dave Lag

picon face
but it is one of the "better" ones ;)
I figure the faster it gets sent to spoof@paypal the faster it gets pulled down
D


Boštjan Jerko wrote:
{Quote hidden}

>>-

2005\11\04@112322 by Harold Hallikainen

face picon face
I forward these to http://www.spamcop.net . Spamcop then sends complaints
to the emailer, open email relays, and hosts of linked sites. Since these
phishing emails often have some real links to paypal or whomever, an email
also goes to paypal. They are then immediately aware of the attempted
fraud. In addition, when enough people forward the spam to spamcop, it
gets added to the spamcop blocklist. When that happens, email servers that
subscribe to it (like mine) do not accept connections from that mailer.

Harold


--
FCC Rules Updated Daily at http://www.hallikainen.com

2005\11\04@123830 by James Newtons Massmind

face picon face
I don't mean to be... Mean. Or to question your intelligence... I'm sure
there must be a reason for this, and I genuinely want to know how anyone
could think that was a link to PayPal.

I honestly want to know. I'm trying to understand how people get sucked into
these things, so I can try to help.

What in that link makes you wonder if it could be real?

Is it the redirect.to.paypal.com part?

Is it not understanding that domains start from the left just after the
?

Is it having seen other links for advertisements where there is a redirector
to count the number of clicks?

What part of the information that everyone gets from PayPal ("always start
with https://www.paypal.com ") is not being understood?

Again, I'm not trying to be a jerk, I just can't think of a better way to
ask these questions.

---
James.



> {Original Message removed}

2005\11\04@131328 by Mike Hord

picon face
> I don't mean to be... Mean. Or to question your intelligence... I'm sure
> there must be a reason for this, and I genuinely want to know how anyone
> could think that was a link to PayPal.
>
> I honestly want to know. I'm trying to understand how people get sucked into
> these things, so I can try to help.
>
> What in that link makes you wonder if it could be real?

In this case, I'd agree with you, James, but not all Paypal phishing
e-mails are so bad.

I get between two and four e-mails a day on my work account
phishing for account info:  PayPal, ebay, and various credit unions
the phishers expect a university employee might do business with.

The first one I got, the link read as being to paypal.com.  I followed
it, and the address in the address bar began with "http://www.paypal.com"
and went on from there with the usual gibberish.  I almost started
filling the form out, when I realized how stupid I was being, and
started snooping.  The first hint, of course, was that PayPal didn't
(and doesn't) have my work e-mail address.

These crooks are surprisingly sharp.  The bottom line, as someone
else suggested, is never to follow a link from an e-mail.  Go to
ebay.com or paypal.com and log in, then see whether you have
messages from there.  It's the only way to be reasonably sure.

Mike H.

2005\11\04@133111 by Harold Hallikainen

face picon face
Follwoing up on James's comment, I wonder how many phishing attacks
succeed? I receive a bunch of these every day. How many people fall for
them?

The net seems like a dangerous neighborhood. When I brought my new server
up a few weeks ago, I was getting hundreds or thousands of ssh login
attempts. I added sshblacklisting that blacklists an IP address after four
failed attempts. I now get a half dozen different IP addresses trying each
day (and getting locked out after 4 attempts).

Lotsa fun!

Harold

--
FCC Rules Updated Daily at http://www.hallikainen.com

2005\11\04@134601 by Peter

picon face


On Fri, 4 Nov 2005, Dmitriy Kiryashov wrote:

> Local DNS copy for most visited sites ? :)

Because most users use their ISPs DNS pharming is a non-issue. It qould
require the bad guys to take over or poison the DNS server of the ISP.
On the other hand, if they manage to take over the DNS server of the
target site, and keep this secret until the DNS servers expire and
update ... But this is a nearly impossible scenario.

Peter

2005\11\04@135651 by Peter

picon face

On Fri, 4 Nov 2005, Olin Lathrop wrote:

> William Couture wrote:
>> Also, beware that there is another form of "phishing" called
>> "pharming", in which the
>> DNS for a legitimate site (such as paypal) is hijacked and re-routed
>> to someone else.
>
> How can DNS be hijacked?  I have several DNS servers specified in my network
> setup, by IP address of course.  These are servers of trusted organizations,
> like my ISP for example.  Unless someone has control of a router between me
> and the DNS server or can somehow intercept packets, how can they feed false
> addresses to me when I do a DNS lookup on http://www.paypal.com?  I'm really asking
> since I don't see how this is possible without physical access to the wires
> or somehow hacking into a router or something.  The first is impossible for
> someone in Russia, and the second is very difficult since professional
> routers are specifically designed to make this pretty much impossible.

DNS hijacking is done either by breaking into the machines which run DNS
and is SOA for a domain (used to be possible with older bind - dns
server software) or by jamming the network between the legitimate DNS
server and a server or client that is about to update a record (or ask a
question). The latter requires the bad guys to have high bandwidth
access to the network in cause from a compromised machine (which can be
programmed to send crafted packets). Since DNS records are usually kept
by ISPs DNS hijacking is fairly rare.

Peter

2005\11\04@140629 by Maris

picon face

>These crooks are surprisingly sharp.  The bottom line, as someone
>else suggested, is never to follow a link from an e-mail.  Go to
>ebay.com or paypal.com and log in, then see whether you have
>messages from there.  It's the only way to be reasonably sure.
>
>Mike H.
>
>--

The above is the best advice, but if you do follow the link, a way to
distinguish the real site from a phishing site is to log in with a fake
password. The phishing site will accept it, whereas the real site won't...

Maris


2005\11\04@141358 by William Couture

face picon face
On 11/4/05, Maris <RemoveMEmarisTakeThisOuTspamearthlink.net> wrote:
>
> >These crooks are surprisingly sharp.  The bottom line, as someone
> >else suggested, is never to follow a link from an e-mail.  Go to
> >ebay.com or paypal.com and log in, then see whether you have
> >messages from there.  It's the only way to be reasonably sure.
> >
> >Mike H.
> >
> >--
>
> The above is the best advice, but if you do follow the link, a way to
> distinguish the real site from a phishing site is to log in with a fake
> password. The phishing site will accept it, whereas the real site won't...

Unless the phishing site is doing a "man in the middle" attack.  In that
case, your input is passed to the real website, and the phishing site
won't grab your information until it sees a valid login response.

Bill

--
Psst...  Hey, you... Buddy...  Want a kitten?  straycatblues.petfinder.org

2005\11\04@142238 by James Newtons Massmind

face picon face
Your connection to your ISP is usually not exclusive to you. There are other
computers on the "local loop" These other computers can "sniff" your
communications with your ISP. Since DNS is not encrypted, anyone on your
local loop can see your outgoing requests for resolution of http://www.paypal.com
to an ip address. See:
http://www.ethereal.com/ "Ethereal: Sniffing the glue that holds the
Internet together"
http://www.rootshell.be/~dhar/sniffers.html

Even when it is switched, there are arp cracks that can gain access to your
communications to your ISPs DNS server.

A special program can try to "spoof" the response from the DNS server by
replying to you with its own answer before the server does. This is also
true of the connection between the ISP's DNS server and the upper level
Domain servers. Getting a false reply into the ISP's DNS server is called
"cache poisoning" because your ISP's DNS server will retain answer it gets
from upper level DNS servers and use that information to answer future
client queries.
http://www.securesphere.net/download/papers/dnsspoof.htm

Modern DNS servers should be smart enough to see multiple replies and report
or ignore them. There is also a packet ID that must be predicted by the
spoofer before the DNS server will accept the reply, although that is easy
to fake if you are on the local loop.  In fact, it can be guessed even if
you are not on the local loop.

As I understand it (and I'm hazy on this part) the real problem is that the
anyone on the internet can SEND a packet that appears to be from someone
else. The only person who can possibly know that it is not is the machine
that is being "aped" If a dns server sees a packet go by that claims to have
been sent by that server, the server needs to have a cow. That will allow
the network to find and shut down the actual sender of the spoofed packet.
That requires work. Work requires time. In the mean time, you are getting
whatever the spoofer sends.

I have been told that there are firewalls that can detect spoofed replies
(presumably based on the duplicate reply from the real DNS server) but I
don't see why a good bit of hardware couldn't be developed to simply step on
the actual reply as it goes by on the local loop.
http://www.sans.org/resources/idfaq/spoofed_ip.php

Another possible attack is getting a program installed on the client or
server that affects the operation of the DNS system. There are activex
controls that will send ALL DNS queries to a false server rather than to the
servers you set in your network settings. I seem to remember this can also
be done my modifying a registry key... But I've lost that information.

The easiest way is via one of those "search toolbars" any of those are easy
to use to spoof urls entered by the user.
http://techref.massmind.org/techref/app/spyware.htm

There are a lot of vulnerabilities that are constantly being found and used.
http://secunia.com/advisories/ the sooner they get published and the mfgrs
of the software (be that Microsoft or anyone else) are embarrassed by it,
the sooner they get fixed and you can update your machine to avoid being
cracked (don't say hacked). You do keep all your software up to date right?

And no open ports?
http://www.grc.com (scroll down to "Shields up!" and let it test you.
And the latest Anti-Virus?
techref.massmind.org/techref/app/antivirus.htm
And the latest Anti-Spyware?
http://techref.massmind.org/techref/app/spyware.htm

And don't do banking or other money changing things on the internet if you
can possibly avoid it. If you do have to access a site on a regular basis,
get the correct IP address and hard code it in your hosts file. (Somebody
want to write a tutorial on how to do that?)

---
James.



> {Original Message removed}

2005\11\04@142345 by Wouter van Ooijen

face picon face
> The above is the best advice, but if you do follow the link, a way to
> distinguish the real site from a phishing site is to log in
> with a fake
> password. The phishing site will accept it, whereas the real
> site won't...

The phising site could use your info to do the logon itself and convey
the result to you, so this might work today but it is not safe to trust.

Wouter van Ooijen

-- -------------------------------------------
Van Ooijen Technische Informatica: http://www.voti.nl
consultancy, development, PICmicro products
docent Hogeschool van Utrecht: http://www.voti.nl/hvu


2005\11\04@142539 by James Newtons Massmind

face picon face
In outlook, if you mouse over the link in the email it will show you the
actual target of the link text. Usually this is enough to "out" the spoof.

But you are absolutely right: It isn't hard... Just always start with a
clean browser window and type in httpS://http://www.paypal.com and go from there.
Don't omit the https or the www as doing so will allow a search bar attack.

---
James.



> {Original Message removed}

2005\11\04@143017 by James Newtons Massmind

face picon face

>
> The above is the best advice, but if you do follow the link,
> a way to distinguish the real site from a phishing site is to
> log in with a fake password. The phishing site will accept
> it, whereas the real site won't...
>
> Maris
>

Hey... I hadn't thought of that one... Interesting idea.

---
James.


2005\11\04@151610 by Gerhard Fiedler

picon face
Mike Hord wrote:

>> What in that link makes you wonder if it could be real?

>> Is it not understanding that domains start from the left just after the
>> ?

> The first one I got, the link read as being to paypal.com.  I followed
> it, and the address in the address bar began with "http://www.paypal.com"
> and went on from there with the usual gibberish.  

Just /beginning/ with http://www.paypal.com is not enough. The important thing to
add to James's comments is that domains go from the right to the left,
between the "http[s]://" and the next slash. So whatever follows the
"" is not so important as whatever precedes the next slash -- and
the next slash you /see/ may not be the next slash there /is/.

The "better" phishing addresses use something like
"http://www.paypal.com@abc...." or
"http://www.paypal.com%2e%61%62%63%2e..." or ... -- the thing is that you
need to parse carefully whatever there is, and that any strange method is
suspect. "The usual gibberish" should not appear before the third slash.

There are a few ways to obfuscate URLs; use of subdomains, adding
irrelevant user names, encoding characters with %hh, and I'm not sure this
is all of it. So anything different from http[s]://http://www.domain.com/... (note
the slashes and the absence of any non-alphanumeric characters besides the
dot between them) needs careful parsing :)

Anyway, the rule is "never use a link from an email if you enter
confidential information at the site". You don't even have to be able to
parse strange URLs to follow this one :)

Gerhard

2005\11\04@163349 by Dmitriy Kiryashov

picon face
Hi James.

Too simple to be advice.

I've seen emails with links which will bring you to some webpage
acting as ebay and in reality being a cloak transparent gate
between you and real ebay. Once you entered the data it sends
it to real one and reads back ( and shows it to you as well :)
either ebay accepted it or rejected it. Scripts can do magic
these days.

Advice - do not follow any links in emails especially if java
or javascript is enabled. Directly login in ( opening account
by youself in browser ) and verifying if there is any messages
waiting is safer. Also if spyware and adaware running 24/7 it
will make life alot easier :) ( hijackthis, spybot, pestpatrol
and adaware finally are my favorites )

WBR Dmitry.


James Newtons Massmind wrote:
{Quote hidden}

> -

2005\11\04@210047 by Matthew Miller

flavicon
face
On Fri, Nov 04, 2005 at 10:35:59AM -0500, microsoftwarecontrol wrote:
> I got an email dressed as from paypal, have the link below.
> is this a real link to paypal? I met such thing once,
> and been fired once....(:
>
<URL snipped>

By all means, click on the link. When I receive an email like this, and I
have the free time, I always click the link! Why would I do this? Well, I
like to think that by submitting bogus, but real looking info, I can help
bring attention to these crooks when they try to use the personal details I
have provided.

I have a program that creates creates credit card numbers which are bogus,
but pass the checksum routines and I try to make the other information seem
as real as possible. I get a small bit of fun out of doing this. ;^) Maybe
I waste time doing this. I don't know...

Matthew

--
Against stupidity the very gods Themselves contend in vain.
-- Friedrich von Schiller, "The Maid of Orleans", III, 6

2005\11\04@215506 by Bill N8HKI

flavicon
face
I alway forward such emails to PayPal and ebay when I receive them.
Forward to spamBeGonespoofspamBeGonespampaypal.com or TakeThisOuTspoofEraseMEspamspam_OUTebay.com  you will receive information
back telling you if they are fake or not. These phishing emails have been
quite common for a while now.


Bill
{Original Message removed}

2005\11\04@230156 by alan smith
picon face
I'm running Eudor and AGV virus....

The other day, got ANOTHER fake one.  What was interesting was the fact that when I put the cursor over the link....a box popped up and said.....this is different than what is expected, beware....and sure enuf and showed the entire real address and it was a fake.  Thought...very cool....very...


               
---------------------------------
Yahoo! FareChase - Search multiple travel sites in one click.  

2005\11\05@105452 by Philip Pemberton

face picon face
In message <RemoveME8ffe5b0c0511040657p14025110gb588b3e8649bfed4spamTakeThisOuTmail.gmail.com>>          William Couture <bcoutureEraseMEspam.....gmail.com> wrote:

> It's a fake.

Just an FYI to everyone - if you're a server admin, never underestimate the
potential of a PHP script to become a backdoor.
I'm one of the server admins at a small webhosting company, and last week we
got hacked by a Romanian scam gang. Someone used an XSS bug in phpATM (which
was installed on a customer site in DIRECT contravention of our AUP), dumped
a bunch of files on the server, then proceeded to use our email server to
send 20,000 phishing scams out. Not only that, but they used *our server* to
host the phishing site. Needless to say, said server got pulled PDQ.

It was fun explaining that one to our upstream provider...

Later.
--
Phil.                              | Acorn RiscPC600 SA220 64MB+6GB 100baseT
EraseMEphilpemspamphilpem.me.uk              | Athlon64 3200+ A8VDeluxe R2 512MB+100GB
http://www.philpem.me.uk/          | Panasonic CF-25 Mk.2 Toughbook
... I'm not a complete idiot -- several parts are missing.

2005\11\05@125830 by Peter

picon face


On Fri, 4 Nov 2005, Dmitriy Kiryashov wrote:

{Quote hidden}

Just wait untl AJAX starts being ubiquitous. You haven't seen phishing
yet. So far, you have been able to read URLs and judge for yourself.
With AJAX, you can forget about that option.

Peter

2005\11\05@153225 by John Ferrell

face picon face
For those of us who must look everything up: AJAX is at
http://en.wikipedia.org/wiki/AJAX

Dictionary.com says:
ubiquitous

adj : being present everywhere at once [syn: omnipresent]

John Ferrell    
http://DixieNC.US

{Original Message removed}

2005\11\05@160216 by William Chops Westfield

face picon face
On Nov 4, 2005, at 10:47 AM, Peter wrote:

> Because most users use their ISPs DNS pharming is a non-issue.

I would imagine it's possible to simply reply faster than the real
DNS servers in (ie) a shared LAN environment, like you might find
in a school "computer room."

BillW

2005\11\05@164122 by Gerhard Fiedler

picon face
Peter wrote:

> Just wait untl AJAX starts being ubiquitous. You haven't seen phishing
> yet. So far, you have been able to read URLs and judge for yourself.
> With AJAX, you can forget about that option.

This is actually an old technique, in some ways. There are already many
sites where buttons are not standard form submit buttons or links are not
normal HTML links. And there are many sites that have lots of embedded
frames, including "secure" sites that have non-secure parts embedded and
vice versa. A really bad thing... makes control over what's secure and what
not very difficult.

OTOH, I don't think that secure sites will start using Ajax techniques
extensively any time soon, because anything they do on the client side is
by definition wide open to hacking. That's the main reason why you probably
won't see much client-side processing in secure sites.

Gerhard

2005\11\05@171330 by William Chops Westfield

face picon face

On Nov 5, 2005, at 9:58 AM, Peter wrote:

> Just wait untl AJAX starts being ubiquitous. You haven't seen phishing
> yet. So far, you have been able to read URLs and judge for yourself.
> With AJAX, you can forget about that option.

http://en.wikipedia.org/wiki/AJAX

Java in email?  It's already pretty difficult to analyze a web site
based on what you can read on the screen...

FWIW, most of my email I still read with a program that doesn't
understand
HTML at all (or mime, or anything since about 1990.)  For the most part
I
find I can simply delete the messages that are unreadable; I think I
like
it that way :-)

BillW

2005\11\05@174458 by olin piclist

face picon face
William Chops Westfield wrote:
> FWIW, most of my email I still read with a program that doesn't
> understand
> HTML at all (or mime, or anything since about 1990.)  For the most part
> I
> find I can simply delete the messages that are unreadable; I think I
> like
> it that way :-)

Yeah, I use Outlook Express but have all that stuff shut off.  All I see is
text whether someone sent the message as HTML or not.  I get a lot of spam
that shows up as cyrillic characters.  I've never bothered to investigate
why, but it makes it really easy to delete without requiring any thought.


******************************************************************
Embed Inc, Littleton Massachusetts, (978) 742-9014.  #1 PIC
consultant in 2004 program year.  http://www.embedinc.com/products

2005\11\06@125600 by Peter

picon face


On Sat, 5 Nov 2005, Gerhard Fiedler wrote:

{Quote hidden}

Most CMS generated sites are moving inexorably towards AJAX. That would
be your bank, your favorite online newspaper, Flickr (already there)
Google maps (also), Ebay (pretty soon).

The fact that the site is secure does not mean that it trusts client
side data. AJAX is interesting for servers because it makes the pages
more responsive. Even more so for secure connections which actually slow
down data transfers.

Peter

2005\11\06@125930 by Peter

picon face

On Sat, 5 Nov 2005, William Chops Westfield wrote:

> On Nov 5, 2005, at 9:58 AM, Peter wrote:
>
>> Just wait untl AJAX starts being ubiquitous. You haven't seen phishing
>> yet. So far, you have been able to read URLs and judge for yourself.
>> With AJAX, you can forget about that option.
>
> http://en.wikipedia.org/wiki/AJAX
>
> Java in email?  It's already pretty difficult to analyze a web site
> based on what you can read on the screen...
>
> FWIW, most of my email I still read with a program that doesn't understand
> HTML at all (or mime, or anything since about 1990.)  For the most part I
> find I can simply delete the messages that are unreadable; I think I like
> it that way :-)

Me too but there will be a point beyond which it won't work anymore. At
least you do not need to deal with funny character sets.

Btw, the latest edition of acrobat reader also interprets Javascript.
Fyi.

Resistance is futile, we will be AJAXed.

Peter

2005\11\06@130356 by Peter

picon face

On Sat, 5 Nov 2005, Olin Lathrop wrote:

> Yeah, I use Outlook Express but have all that stuff shut off.  All I see is
> text whether someone sent the message as HTML or not.  I get a lot of spam
> that shows up as cyrillic characters.  I've never bothered to investigate
> why, but it makes it really easy to delete without requiring any thought.

Imho the problem with the OS you are using is, that you think that you
shut all that off, but you may not know everything. So far there have
been three distinct instances where it turned out that the OS itself is
using the javascript/redirection/whatever mechanism to generate a
preview in *despite* of 'everything' being turned off, and was
vulnerable anyway.

Peter

2005\11\07@013548 by James Newtons Massmind

face picon face
Welcome to the wonderful world of hosting a web server...

...so far my poor old, tired NT Box has not been hacked. (knock on wood)

Of course I'm VERY limited in what I host.

---
James.



> {Original Message removed}

More... (looser matching)
- Last day of these posts
- In 2005 , 2006 only
- Today
- New search...