Okay, actually they already have one, but it's an expanding business, I'm sure they'll want more.
The following message (quoted in part) showed up in my mailbox today.
What with my previous posting extolling the virtues of Messagefire's anti-spam technology, I should probably mention that this came in on my .Mac account, and thus wasn't filtered by Messagefire. Messagefire would have rejected it with extreme prejudice:
Received line is in a DNSBL list.
IP address is in Russia (which I might or might not have been blocking)
Direct to MX (message left their mail server directly, no initial mail application).
Message passed through two countries to get to me (Russia and France)
Sender domain doesn't match the IPs (combined with #3 that gives us extra bad points)
Hosts in SMTP From, From:, Return-Path and Message-ID from and message-id don't match received headers (extra points)
and so on...
All that stuff obviously wrong--but it walked right through .Mac's content filters.
Like most spam, it was unintentionally humorous in places, but overall it's actually fairly well written--only a few language translation problems. What I found particularly amusing, however, were the meaning translations. As follows...
Hello, I am writing to inquire if you might be interested in part-time
employment in the field of accounting/clerical services.
We'd like you to handle some money for us.
Elbrus Financial,
Co., a major Russian investment bank and asset management company,
Organized crime syndicate.
is looking for chargeable and determined individuals
I particularly like the “chargeable” part. That's not what they meant, but it is probably accurate both
financially and legally.
to fill the specialist and
associate positions within the Receivables department of our
Transactions/Finance group in the United States. As a specialist or
associate, you will be in charge of monitoring and processing funds
transfers initiated by our US clients and reporting to the Receivables
department manager in Russia.
People will send you money, and you'll send it to us.
We are looking for numerate individuals
I had to look that “numerate” up, but they got it right. Then again, they probably looked it up too.
who are also capable team-players,
Who won't cheat us.
preferably with some college education and/or
previous accounting/clerical experience.
So we can butter you up
by telling you that you can have the job even though you are underqualified.
... Our mission is to provide investors with reduced emerging
market risk and superior returns through broad diversification and conscious
risk-taking.
You'll be taking the risks, of course.
To learn more about our company, please visit us online at
www.Elbrus.com
We've got a .com domain, so we must be real.
Let's see, they say they are based in Russia, their mail also says they have offices in
Lithuania and Cyprus. The domain is registered in Israel, the domain servers are in the US, and a DNS
lookup of the web site shows that it is currently (these things tend to move around every hour or so)
hosted on someone's PC via a Comcast Cable connection in Chelmsford, Massachusetts (US).
...[Extensive detail on how you'll manage incoming email and money transfers, and what cut you'll get.]...
You will never be required to cash a check, make a remittance
before the funds are cleared into your account or engage in any other
financially risky activity.
...
It should also be understood that being a
foreign entity, Elbrus is not subject to the US IRS supervision. You will be
the sole person liable for reporting the commissions that you receive as
your personal or business income.
You just make good with the IRS and you'll be fine... (of course, we won't
mention federal statutes about transferring money in and out of the country, not to mention
money laundering laws).
You can apply for
the position online at: http://elbrusfinancial.com/?menu=par Please note
that only applicants under serious consideration will be contacted. Please
use the following vacancy code: EL-SEP07.
Look, we have two domains. We must be real!
This one is actually registered in Russia. DNS in the US. Web site hosted on half a dozen cable modems.
Haven't you always wanted to join the Russian Mafia? Go for it! :-)
P.S. It occurs to me that I ought to expand on this for people who don't know what's really going on here. It's really quite simple. In order to run scams selling non-existant, stolen, or counterfeit goods, you need to have a U.S. address that will receive the money--otherwise it sets off everyone's fraud alarms. So they are looking for people who will receive the money and then forward it on to them. That's generally called Money Laundering.
There's also an equivalent come-on for people to handle receiving goods bought with stolen credit cards. In those cases they want people who will receive packages and then forward them out of the country. That's usually referred to as Receiving Stolen Goods.
P.P.S. There's another scam running that this is even more likely to refer to. It relies on the fact that American banks will credit checks before they have entirely cleared. You're sent a check and asked to deposit it. You then transfer 90% of the money offshore. A few weeks later, the check is discovered to be a forgery and you owe the entire amount to the bank. (See Spam-scam crackdown nets $2 billion in fake checks).
It's sad that our legislators don't have the guts to repeal laws that are clearly unconstitutional, but thankfully the courts still stand as the third leg of government.
Six years ago I co-founded an anti-spam company that didn't use content filtering. It looked for "lies" in the headers. We grew it into a an end-user service called MessageFire, and we started on a corporate service ala Postini. Then we sold the company to an up-and-coming email-compliance vendor called MessageGate. I stayed there for almost two years before the commute between Boston and Seattle, among other things, just got to be too much. Sadly, although they still are around, their attempt to start selling to the Fortune 100 and work their way down, just didn't work. And MessageFire's technology, a small part of their system, has languished.
How do I know that MessageFire's technology would still work? After all, I left the company several years ago, and the characteristics of spam have changed quite a bit since then. Very simple. The software is still filtering my personal email. And as the owner of somewhere.com, I get a lot of spam. Here are the stats on the accounts I am currently filtering.
Messages processed for Kee Hinckley in the past week.
Account
Mail
Junk
Misfiled
xxx
93 (23.2%)
307 (76.8%)
0/ 0 (0.0%)
xxx
69 (21.0%)
259 (79.0%)
0/ 0 (0.0%)
xxx
52 (32.3%)
109 (67.7%)
0/ 0 (0.0%)
xxx
482 (6.6%)
6,774 (93.4%)
0/ 0 (0.0%)
Total
696 (8.5%)
7,449 (91.5%)
0/ 0 (0.0%)
System Total
31,882 (20.3%)
125,484 (79.7%)
134/ 28 (0.1%)
So in the past week, my personal mail accounts got 696 legitimate messages and 7,449 pieces of spam. Overall (in the same week) the system received 31,882 valid messages and 125,484 pieces of spam. The recorded error rate was 0.1%. (The yearly system totals are 1.6m legit messages and 6.2m pieces of spam.)
So that's not bad. But here's what's really impressive.
Your typical anti-spam system, as run by Google, Postini, MessageLabs or others, has a room full of people, working 24/7, identifying new pieces of spam and adding them to the filters.
The MessageFire anti-spam system is still running the same software, with the same rules, that it was running over two years ago when I left. In those two years spammers have vastly increased their use of dark IP addresses, pwnd machines, new image and PDF attachments, and other techniques. Every content-filter vendor out there has had to scramble to deal with the problem. But the MessageFire system is still running old, un-updated code. Not because it couldn't be improved (it definitely could be), but because it's sitting on MessageGate's shelf waiting for someone to come along and buy it. Yet it works as well, if not better, than any of those systems.
It's frustrating to write software that never gets used, even in the best of circumstances. To see MessageFire's technology sitting there filtering less than a hundred accounts, is enough to drive me to drink.
I stumbled across this advertisement for Microsoft Office today. It was actually interactive, if you moved over the center area it showed you the rest of the toolbar--but it didn't help. I look at this interface and it's clear to me that it's doing something to fonts, but what, I can't tell. It's incredibly busy. In this one small area I see at least four pulldowns scattered in between things that aren't pulldowns. It looks like a UI designers idea of hell. But apparently Microsoft not only considers this to be a good design, they consider it a feature worth advertising. Got me.
First of all, I'll give him a bit of slack. I assume he didn't really mean to sound quite so silly and simplistic. More likely he wants search engines to not list certain types of site content--just as they currently warn about potentially dangerous content.
However, even after removing the silly-season flavor of the quotation... it just doesn't work. In the first place, what's special about the internet? Are we going to censor libraries as well? Restrict access to certain types of biological and chemical information? Require a security clearance to get a degree in physics?
In the second place, has he for a single moment paid any attention to what happens anytime someone tries to censor anything else on the internet, whether it be a video on YouTube, or the key to a DVD encryption scheme? It instantly turns into a game. Your secret information gets published on thousands of sites. It's duplicated through the DNS system. It shows up on t-shirts. And the more you fight it, the more publicity it gets, and soon everyone's grandmother has heard about it and is searching for it online. It's not just that global internet censorship doesn't work--it's that it invariably makes things worse!
And finally of course. None of this keeps the â€bad guys“ from getting the information. No matter how hard you try, the information is out there. Just as DRM gets in the way of normal users, but does nothing to stop professional theives--internet censorship makes life hard for legitimate access, and yet fails to keep the information out of the hands of criminals.
Let me get this straight. I got to the store. I purchase a mini-CD which has on it two songs, one new and one old, plus a remix and a ringtone (sorry, those don't count as different “songsâ€). The ringtone doesn't even have a way of being transfered to my phone unless I connect to some site somewhere via my computer or phone to download it. And for this extremely limited and complicated thing... I pay six bucks.
Alternatively I go to the Apple Store, pay $3.96 ($.99*4) for the same thing, get to choose which part of the song is my ringtone, and have it all instantly downloaded to my iPhone.
Sorry, this doesn't compute. Even if you don't have an iPhone it doesn't compute. Can you say, “Dead in the water?†I knew you could.
So when I got to music camp (the one week a year when I'm usually offline, offgrid and offwork), I got inspired. By midweek I'd dropped all my classes (except for Peggy Lynn's SongWriting class, which I kept visiting for advice and encouragement) and was camped out on the dining hall porch with my laptop and several books--frantically trying to narrow down the scope of the piece. By Friday morning (day of the “talent” show) I had it down to fifteen minutes (still way too long), but I had no music. So I enlisted Beth Lawton, a Meadowlark Music Camp student who does a lot of historical reenactment music, to help me out. She and others helped me pick out the background music and which verses we would do. And somewhere in there I roped her, her partner, and Sheldon Campbell into performing them for me.
By dinner time I had the piece down to ten minutes and that was all I had time to do (the Friday capture-the-flag game after dinner is too much of a tradition to miss). None of the performers had heard more than a few bits and pieces of the performance, and I'd just scribbled down some queues for when they should start playing each song. We had no time to arrange for playing background throughout the piece, which I would have liked. A few hours later-hot, sweaty, out of breath, sore (capture-the-flag), and smelling of lobster (dinner)-we put it on.
All things considered, it went pretty well. It was certainly the longest performance anyone had done at the talent show, and the first using a laptop (I had not had time to memorize the words), but it went over well. A number of people suggested I should do a video-which would be very cool if I ever had the time....
The sad thing is that in 2005, the number of examples I had for misbehavior of the Bush administration were fairly limited. I certainly believed there were more, but there hadn't been a lot of details of specific misbehavior, just bad words and suppression of speech. Torture, illegal wiretaps, indefinite incarceration of citizens-that all came later. If I were to write the piece now, the ending would be far nastier. Sigh.
Note: The quotation attributed to Benjamin Franklin at the end of the piece, though commonly presented as such on the internet, is in fact incorrect. He may or may not have written it, and it probably reflects his views. However a more correct statement would be “As published by Benjamin Franklin.” And the correct text is: “Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety.” See “Franklin Quoted by Minsky” for details.
I've been meaning to post this for about a year now. I wrote this in 2006 at Meadowlark Music Camp. It's a slightly modified version of "House of the Rising Sun", with the focus on the New Orleans flood.
Kee Hinckley - guitar, vocals
Anna Grosslein - flute
Shireen Hinckley - fiddle, vocals
Lyle Hawthorne - lead fiddle
Meadowlark attendees - chorus
Many thanks to Cindy Kallet and the Arrangements class for all their assistance. Words and audio download follow.
I'm the CEO/CTO of Somewhere, Inc., a company building a unified social networking layer that gives people the means to track their friends across multiple social networks.
I stumbled across this advertisement for Microsoft Office today. It was actually interactive, if you moved over the center area it showed you the rest of the toolbar--but it didn't help. I look at this interface and it's clear to me that it's doing something to fonts, but what, I can't tell. It's incredibly busy. In this one small area I see at least four pulldowns scattered in between things that aren't pulldowns. It looks like a UI designers idea of hell. But apparently Microsoft not only considers this to be a good design, they consider it a feature worth advertising. Got me.
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=8db01617-548f-458b-bd0d-dcaceefa737f)
