The Boston Diaries

The ongoing saga of a programmer who doesn't live in Boston, nor does he even like Boston, but yet named his weblog/journal “The Boston Diaries.”

Go figure.

Friday, March 27, 2020

Looks like that DoH issue I had last week has been fixed

Oh cool! The Firefox bug I reported last week has been fixed. One week, I don't think I can complain, and it's nice to know that I apparently gave enough information for them to reproduce the bug and fix it. It looks like it'll be out in release 76 (the current version of Firefox is 74).

Thursday, March 26, 2020

There just aren't enough clue-by-fours

In this paper I present an analysis of 1,976 unsolicited answers received from the targets of a malicious email campaign, who were mostly unaware that they were not contacting the real sender of the malicious messages. I received the messages because the spammers, whom I had described previously on my blog, decided to take revenge by putting my email address in the ‘reply-to’ field of a malicious email campaign. Many of the victims were unaware that the message they had received was fake and contained malware. Some even asked me to resend the malware as it had been blocked by their anti-virus product. I have read those 1,976 messages, analysed and classified victims’ answers, and present them here.

5. The fifth group is actually the most worrying. I call this group ‘MY ANTI-VIRUS WORKED, PLEASE SEND AGAIN’, as these are recipients who mention that their security product (mostly anti-virus) warned them against an infected file, but they wanted the file to be resent because they could not open it. The group consisted of 44 individuals (2.35%).

Via inks, Virus Bulletin :: VB2019 paper: 2,000 reactions to a malware attack — accidental study

Over a year ago, the Corporate Overlords of The Ft. Lauderdale Office of The Corporation started sending us phishing emails in order to “train us” to recognize scams. Pretty much all it did for me was to treat all emails from our Corporate Overlords asking for information as a phishing attempt (it's also made easier as each phishing email has a specific header designating it as such to ensure they get through their own spam firewall—I am not making this up). And I was upset over the practice as I felt our Corporate Overlords did not trust their employees and felt they had to treat us as children (the managed laptops don't help either).

But reading this report is eye opening. Over 2% requested the malware be sent again! Over 11% complained that the “attachment” did not work (they were infected) and another 14% asked where was the “attachment”—what?

I … this … um … what?

I should not be surprised. I mean, someone has to fall for the scams else the scammers wouldn't waste their time. The scary bit is that this validates what our Corporate Overlords are doing.

Sigh.

But Bunny will find the following response group amusing:

10. One of the biggest surprises were 31 members of group number 10 (1.66%) who spent time pointing out all the spelling errors and typos made in the original message. I call this group “I'M A GRAMMAR NAZI”.

Via inks, Virus Bulletin :: VB2019 paper: 2,000 reactions to a malware attack — accidental study

Heh.

Wednesday, March 25, 2020

The Return of the Alien White Squirrels

Almost three years ago the Total Transylvania Eclipse Banner arrived at our house. I manged to buy one of the banners that adorned downtown Brevard during the 2017 total eclipse. Bunny had apparently saved the shipping tube it came in, because just today she found a few postcards and stickers that were shipped along with the banner (she's reusing the tube to ship some stuff out to her brother in Seattle).

What a cool find!

Tuesday, March 24, 2020

You still have the flexible schedule but the games of nude laser tag with lingerie models is not an option

I'm on the second week of working from home, and I'm totally not watching cat videos. Nope.

Not at all.

Not one bit.

And while working from home can be awesome, it's not all less time in the car and fewer spam calls.

Monday, March 23, 2020

This is the type of town that gives small town politics a bad name

A meeting for a South Florida city government exploded into a shouting match over the city's handling of the coronavirus pandemic, leading the mayor to storm out of the room as one commissioner accused her and the city manager of failing to close the city's beaches and shutting off peoples' utilities in the midst of the outbreak.

Via Bunny, Florida city meeting melts down as officials scream at each other over coronavirus response | Fox News

Why does it not surprise me that this took place in Lake Worthless? And why does it not surprise me that it involves Lake Worthless Utilities?

Stay classy, Lake Worthless. Stay classy.


Doing my thing to maintain social distancing

About fifteen years ago [Has it really been that long? –Sean] [Yes, it has been that lone. –Editor], I was playing in a D&D game that had transitioned from being all in-person to partially on-line. I was not a fan of the on-line compoent but I stuck it out for perhaps a year before leaving the game entirely. For me, the reaons include:

I hated it so much that I have since refused to even consider playing in an on-line D&D game. My stance has caused one casualty—one friend accused me of “poisoning the minds” of our friends against running an on-line D&D game, but as I tried pointing out, I was the one who refused to participate in such a game; our other friends were more than welcome to run an on-line game, but that argument went nowhere, and I think that friend still holds a grudge (well, for that and another slight that's beyond the scope of this post).

Unfortunately, due to circumstances apparently beyond the world's control, and the fact that I'm currently running a D&D game, I have been forced to reconsider my stance.

Yes, I ran our twice-monthly (actually every other week) game yesterday, entirely on-line! (sorry, XXXXX­XX)

We settled upon using Roll20, a web-based on-line gaming system. The free version is barely good enough for our use. On the plus side, there's no software to install, but on the minus side, it does seem to be quite heavy in bandwidth. It took about an hour to get all six people (myself and five friends) all online and talking (video chat!). I had to inform Bunny not to stream video while we were playing, and even checking email was a slow and painful process. And during the game, one or two players would suddenly disappear; usually reloading the page would fix the problem.

But we managed to get through the session and well … I hope this doesn't go on for much longer is all I have to say.

One funny story—during the hour we spent trying to get Roll20 working, I tried several different laptops here at Chez Boca. One of the laptops was the managed Windows 10 laptop from The Corporation's Corporate Overlords. The website was blocked by the laptop because of a password breach from 2018! Lovely.

Thursday, March 19, 2020

Still another issue with DoH, yet this time it isn't my fault

So I'm reading this comment on Hacker News and none of the links are working. Odd, because I have had no problems since Debtember with my current implementation of DoH. The broken links in question all have the hostname ending with a period. While unusual, the trailing dot on a hostname makes is a “fully qualified domain name.” I won't go into the full details of a “fully qualified domain name” (that's beyond the scope of this post) but suffice to say, it should be supported.

Okay, fine. I start looking at my script and … well … there's no reason for it to fail. I mean, I did find two bugs (one typo and one logic bug in handling an error) but they were unrelated to not resolving a fully qualified domain name. Down the rabbit hole I go.

What do I find once I hit bottom? Not Alice, but I do think I found a bug in Firefox. And I think it's a similar cause as before—a different codepath.

When I force Firefox to use DNS, both boston.conman.org and boston.conman.org. (note the trailing dot) produce the following DNS request:

00000000: 00 00 01 00 00 01 00 00 00 00 00 01 06 62 6F 73 .............bos
00000010: 74 6F 6E 06 63 6F 6E 6D 61 6E 03 6F 72 67 00 00 ton.conman.org..
00000020: 01 00 01 00 00 29 10 00 00 00 00 00 00 08 00 08 .....)..........
00000030: 00 04 00 01 00 00                               ......

When I switch back to DoH however, boston.conman.org. (note the fully qualified domain name) generates this:

00000000: 00 00 01 00 00 01 00 00 00 00 00 01 06 62 6F 73 .............bos
00000010: 74 6F 6E 06 63 6F 6E 6D 61 6E 03 6F 72 67 00 00 ton.conman.org..
00000020: 00 01 00 01 00 00 29 10 00 00 00 00 00 00 08 00 ......).........
00000030: 08 00 04 00 01 00 00                            .......

There's an extra NUL byte after the domain name, and I suspect what's happening is that the extra “.” at the end is being encoded instead of being ignored. I've created a bug report so we'll see how this goes.

Update on Friday, March 27TH, 2020

The bug has been fixed..

Wednesday, March 18, 2020

Can one make COVID-19 jokes? I hope so, becuse this is a COVID-19 joke

Bunny received the following text from one of her friends:

I posted a warning at the hardware store to not pop the bubble wrap because the air in the bubble wrap is from China. We had to sedate one guy because he is addicted to bubble wrap popping.

We both found it funny, even if it might not be true. There is some concern about COVID-19 survivability on surfaces though, so be careful.

I am so getting struck by lightning.

Obligatory Picture

[It's the most wonderful time of the year!]

Obligatory Links

Obligatory Miscellaneous

You have my permission to link freely to any entry here. Go ahead, I won't bite. I promise.

The dates are the permanent links to that day's entries (or entry, if there is only one entry). The titles are the permanent links to that entry only. The format for the links are simple: Start with the base link for this site: http://boston.conman.org/, then add the date you are interested in, say 2000/08/01, so that would make the final URL:

http://boston.conman.org/2000/08/01

You can also specify the entire month by leaving off the day portion. You can even select an arbitrary portion of time.

You may also note subtle shading of the links and that's intentional: the “closer” the link is (relative to the page) the “brighter” it appears. It's an experiment in using color shading to denote the distance a link is from here. If you don't notice it, don't worry; it's not all that important.

It is assumed that every brand name, slogan, corporate name, symbol, design element, et cetera mentioned in these pages is a protected and/or trademarked entity, the sole property of its owner(s), and acknowledgement of this status is implied.

Copyright © 1999-2020 by Sean Conner. All Rights Reserved.