Posts Tagged Rants

Credit Union Email: Phishing or Not?

The Credit Union recommends we practice “Safe Computing” with this helpful advice (clicky for more dots):

HVFCU - Safe Computing - sketchy URL

HVFCU – Safe Computing – sketchy URL

The link leading to that page was on their website, but the page is on trabian.com, whoever they are. Should I trust the links on that page to return me to the credit union site or not?

Here’s their definition of “phishing”:

HVFCU - Phishing description

HVFCU – Phishing description

Having just switched to “paperless statements” at the Credit Union, a recent email prompted me to look at my statement. Let’s start by seeing where the email came from:

HVFCU - Statement email - From address

HVFCU – Statement email – From address

Huh.

It claims to be from the credit union, but does its actual address (insofar as anything concerning email can be actual) of statement2web.com sound a little phishy to you, too?

Well, let’s look at the full headers, which I can do because, yo, 1337 H4X0R. Here’s a snippet from the bottom of the stack:

HVFCU - Email detail header

HVFCU – Email detail header

Huh.

So the email started from statement2web.com and bankshotted off kbmla.com. Further up, the headers show it rattled through pobox.com and eventually arrived in my inbox. As far as I can tell, it never touched its alleged starting point of hvfcu.org at any point in its journey.

Quick: phish or no phish?

Of course, it’s a perfectly innocent message from the credit union, but it contains every single warning sign we’re supposed to notice in spam or phishing emails, complete with a clicky link!

[heavy sigh]

Advertisements

2 Comments

Streaming Radio Advertisements: Carpet Bombing

After a protracted silence in a Radionomy stream, the Raspberry Pi player offered this log:

2017-03-05 11:17:07,890 INFO: Starting mplayer on Plenitude -> /home/pi/Playlists/Radio-PLENITUDE.m3u
2017-03-05 11:17:13,651 INFO: Track name: []
2017-03-05 11:44:02,296 INFO: Track name: [David Wahler - Whispers from Eternity]
2017-03-05 11:46:36,995 INFO: Track name: [Radio PLENITUDE - Jingle Intro Publicité]
2017-03-05 11:47:07,117 INFO: Track name: []
2017-03-05 11:49:07,080 INFO: Track name: [Radio PLENITUDE - Jingle Extro Publicité]
2017-03-05 11:49:10,079 INFO: Track name: [Jef Mounet & Danièle Mounet - L'ancre musicale Natures d'Eau]
2017-03-05 12:02:02,271 INFO: Track name: [Radio PLENITUDE - Jingle Intro Publicité]
2017-03-05 12:02:32,424 INFO: Track name: []
2017-03-05 12:04:32,243 INFO: Track name: [Radio PLENITUDE - Jingle Intro Publicité]
2017-03-05 12:05:01,925 INFO: Track name: [Targetspot - TargetSpot]
2017-03-05 12:07:02,276 INFO: Track name: [Radio PLENITUDE - Jingle Intro Publicité]
2017-03-05 12:07:31,968 INFO: Track name: [Targetspot - TargetSpot]
2017-03-05 12:09:32,262 INFO: Track name: [Radio PLENITUDE - Jingle Intro Publicité]
2017-03-05 12:10:02,192 INFO: Track name: [Targetspot - TargetSpot]
2017-03-05 12:12:02,311 INFO: Track name: [Radio PLENITUDE - Jingle Intro Publicité]
2017-03-05 12:12:32,184 INFO: Track name: [Targetspot - TargetSpot]
2017-03-05 12:14:32,085 INFO: Track name: [Radio PLENITUDE - Jingle Intro Publicité]
2017-03-05 12:15:02,217 INFO: Track name: [Targetspot - TargetSpot]
2017-03-05 12:17:02,057 INFO: Track name: [Radio PLENITUDE - Jingle Intro Publicité]
2017-03-05 12:17:32,445 INFO: Track name: [Targetspot - TargetSpot]
2017-03-05 12:19:32,083 INFO: Track name: [Radio PLENITUDE - Jingle Extro Publicité]
2017-03-05 12:19:35,171 INFO: Track name: [Jean-Marc Staehle - Bercé par tant de beauté]
2017-03-05 12:23:42,410 INFO: Track name: [Francesco - Sur le chemin]
2017-03-05 12:29:50,265 INFO: Track name: [Michel Pépé - Pacifica]
2017-03-05 12:35:07,493 INFO: Track name: [Radio PLENITUDE - Jingle Intro Publicité]
2017-03-05 12:35:37,377 INFO: Track name: [Targetspot - TargetSpot]
2017-03-05 12:37:37,478 INFO: Track name: [Radio PLENITUDE - Jingle Extro Publicité]
2017-03-05 12:37:41,476 INFO: Track name: [Music And Wellness (Musique Et Bien Etre) - Absolute Winner]
2017-03-05 12:46:36,742 INFO: Track name: [Radio PLENITUDE - Jingle Intro Publicité]
2017-03-05 12:47:06,668 INFO: Track name: [Targetspot - TargetSpot]
2017-03-05 12:49:06,538 INFO: Track name: [Radio PLENITUDE - Jingle Extro Publicité]
2017-03-05 12:49:10,270 INFO: Track name: [Patrick Vuillaume &Nicole Bally - Pearls of Light (Instrumental by Nicole Bally)]
2017-03-05 12:53:45,357 INFO: Track name: [Trine Opsahl - Sister moon]
2017-03-05 12:54:58,596 INFO: Track name: [Peter Kater - Rebirth]
2017-03-05 13:04:52,726 INFO: Track name: [Radio PLENITUDE - Jingle Intro Publicité]
2017-03-05 13:05:22,665 INFO: Track name: [Targetspot - TargetSpot]
2017-03-05 13:07:21,561 INFO: Track name: [Radio PLENITUDE - Jingle Extro Publicité]
2017-03-05 13:07:25,808 INFO: Track name: [Deuter - Flowing]
2017-03-05 13:12:55,970 INFO: Track name: [Radio PLENITUDE - Jingle Intro Publicité]
2017-03-05 13:13:25,859 INFO: Track name: []
2017-03-05 13:15:26,449 INFO: Track name: [Radio PLENITUDE - Jingle Extro Publicité]
2017-03-05 13:15:33,022 INFO: Track name: [Radio PLENITUDE - Jingle Intro Publicité]
2017-03-05 13:15:59,437 INFO: Track name: [Targetspot - TargetSpot]
2017-03-05 13:17:59,559 INFO: Track name: [Radio PLENITUDE - Jingle Extro Publicité]
2017-03-05 13:18:06,133 INFO: Track name: [O - Part I]

The Jingle lines introduce a short interlude of chimes separating music from advertisements. The Intro chimes play for 30 seconds and the Extro chimes play for three to five seconds. Some stations have similar interludes, others do not; apparently the station gets to choose the format.

The [Targetspot - TargetSpot] lines mark two minutes of TargetSpot insertion: either advertisements (if you’re in their target market) or generic musical interludes similar to the station’s genre (if you’re out-of-market). The ads and music often lack volume-matching with the streaming music, rarely have lower volume, and the ads are incomprehensible to my ears. The musical interludes seem to be randomly chosen from a small set of candidate tracks that, along with the chimes, become annoyingly familiar in short order.

The [] lines (yes, an empty string) mark two minutes of Public Service Announcements, advertisements, or generic musical interludes. I’m uncertain how they differ from the [Targetspot - TargetSpot] insertions.

At a minimum, Radionomy inserts two minutes of TargetSpot / PSAs after every 12 to 15 minutes of music. Adding in the Jingle markers, ads occupy just under 20% of the total “airtime” for this station.

However, bizarre events like the 17 nonstop minutes of jingles and ads inserted just after noon occur with inexplicable frequency. I’ve noticed half an hour of similar back-to-back-to-back ads on other stations, so it’s not a rare event.

To quote the TargetSpot website:

TargetSpot serves ads in real time to each listener’s personalized stream, creating a one-to-one relationship between the advertiser and the listener. The result is a dramatic increase in message relevancy and campaign effectiveness

Those keyword markers turn out to be incredibly convenient. Just sayin’…

, ,

1 Comment

LED Filaments: Whoops

Five bucks delivered three sets of five warm-white LED filaments from halfway around the planet:

LED Filaments - 3x5 sets

LED Filaments – 3×5 sets

Unfortunately, the “Top Rated Plus” eBay seller just popped three ziplock baggies into an unpadded envelope and tossed it in the mail:

Unpadded LED Filament Envelope

Unpadded LED Filament Envelope

Which had pretty much the result you’d expect on the glass substrates within:

Broken LED Filament 1

Broken LED Filament 1

Turns out every single filament had at least one break:

Broken LED Filament 3

Broken LED Filament 3

Indeed, some seemed just as flexy as the silicone cylinder surrounding the pulverized substrate.

I reported this to the seller, with photographs, and got a classic response:

can you use?

No, I cannot imagine a use for broken LED filaments.

The seller proposed shipping replacements that would might arrive just after the eBay feedback window closed. I proposed refunding the five bucks. The seller ignored that and sent the replacements in an untracked package “as it is an economical shipping, we have to reduce our loss, so is it ok?”.

No, it’s not, but he / she / it didn’t actually intend that as a question.

Were the filaments intact, they’d pass 15 mA with 50 to 60 V applied in one direction or the other, for 1 W average dissipation. That’s probably too high for prolonged use in air (spendy bulbs with similar LEDs have argon / krypton fill for better heat transfer), but I can surely throttle them back a bit.

Perhaps the replacements will arrive before the feedback window closes?

I did order another batch from a different seller that might arrive intact before then. We shall see…

10 Comments

J5-V2 700 lm Flashlight: QC FAIL, Redux

The inside of the replacement J5 V2 Tactical Flashlight doesn’t have quite as much dirt on the LED emitter, but it’s still pretty bad:

J5-V2 Flashlight - LED crud - second unit

J5-V2 Flashlight – LED crud – second unit

The small white dingus at about 10 o’clock seems to be a plastic shred stuck on end to the emitter lens. Here’s a better look, rotated a quarter-turn counterclockwise:

J5-V2 Flashlight - LED crud detail - second unit

J5-V2 Flashlight – LED crud detail – second unit

There’s also an alien egg glued to the heatsink beside the LED:

J5-V2 Flashlight - random pellet - second unit

J5-V2 Flashlight – random pellet – second unit

I’m hoping it’s another random plastic blob.

There’s no point in returning this one; it’ll suffice for my purposes. However, given two random samples, I’d say the J5 Tactical Flashlight factory, wherever it may be in China, is really filthy.

I’d hoped that paying a bit more for a “tactical” flashlight, instead of going bottom dollar, would yield a better product. Maybe it did?

5 Comments

Amazon Packaging: Lack Thereof, Redux

Fortunately, it’s hard to damage an aluminum-body “tactical” flashlight:

J5-V2 Flashlight - Amazon packaging

J5-V2 Flashlight – Amazon packaging

A keyboard and cylindrical cell charger arrived intact, with absolutely no credit due to Amazon’s careful packaging:

Keyboard and charger - Amazon packaging

Keyboard and charger – Amazon packaging

Sometimes, a box does arrive with a token scrap of padding dropped inside, but, as nearly as I can tell, it’s cheaper for Amazon to replace the occasional damaged item than to waste time and material stuffing the boxes with air pillows, eco-foam peanuts, or, heaven forfend, space-filling foam.

14 Comments

Money For Nothing: Gfk MRI TV Survey

This arrived a week ago:

GfK MRI postcard

GfK MRI postcard

You cannot imagine my excitement when the actual survey arrived, complete with a crisp $5 bill:

GfK MRI Survey

GfK MRI Survey

These folks are cheapskates; Nielsen paid better, although I haven’t gotten anything further from them.

It didn’t take long to fill out; my fat Sharpie slashed through the NO columns at a pretty good clip. I did attach a note saying we didn’t have a TV and regarded all TV programs as crap, just in case they didn’t get the message.

Now they know.

FWIW, I did not fill out the form that would enter us in a drawing for one of five $500 prizes, because that would let them associate my name with my response without fattening my wallet. The survey itself probably encodes my identity, even though it didn’t have any obvious bar codes or other ID; they could simply print the questions in a unique order in each survey.

11 Comments

Phishing Knows No Bounds

This appeared on The Mighty Thor’s phone during a Squidwrench meeting:

BofA Phishing

BofA Phishing

“To maintain a secure banking environment” seems diagnostic of a scam.

Discouragingly, some of our banks still send emails with clicky links using third-party mail servers, so checkonlineinfo.com doesn’t seem any more suspicious than, say, Schwab’s customercenter.net.

A pox on their collective backsides!

2 Comments