Posts Tagged Rants

Money For Nothing: Bitcoin Blackmail

The spam filters on my email account snagged a message with an impressive subject:

Be sure to read this message! Your personal data is threatened!

The sender used my very own email address, sending the message from a server with a Mumbai IP address:

As you may have noticed, I sent you an email from your account.
This means that I have full access to your device.
I’ve been watching you for a few months now.
The fact is that you were infected with malware through an adult site that you visited.
If you are not familiar with this, I will explain.
Trojan Virus gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.
I also have access to all your contacts and all your correspondence.
Why your antivirus did not detect malware?
Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.
I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.
With one click of the mouse, I can send this video to all your emails and contacts on social networks.
I can also post access to all your e-mail correspondence and messengers that you use.
If you want to prevent this, transfer the amount of $796 to my bitcoin address (if you do not know how to do this, write to Google: “Buy Bitcoin”).
My bitcoin address (BTC Wallet) is: 14tfS3 << redacted >> WH6Y
After receiving the payment, I will delete the video and you will never hear me again.
I give you 50 hours (more than 2 days) to pay.
I have a notice reading this letter, and the timer will work when you see this letter.
Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address.
I do not make any mistakes.
If I find that you have shared this message with someone else, the video will be immediately distributed.
Best regards!

The threat uses Nigerian-scam grade English, evidently targeted at folks with both a guilty conscience and a tenuous grasp on how email works. I thought those same folks would have enormous difficulty converting dollars into Bitcoin.

However, feeding the wallet ID into a Block Explorer shows three transactions over the last two days, with the account now standing at 0.43069539 BTC = US$2269.44. I have no way of knowing how many emails went out, but obviously three people had sufficiently guilty consciences to (figure out how to) make a Bitcoin transaction.

I’m sure this has something to do with my recent IP camera adventures

Update: The ransom payments tapered off after five days.

Bitcoin Scam - Total
Bitcoin Scam – Total

I don’t know how many different scams came from the same source, but $6700 (at today’s market rate) says this campaign paid better than most legal occupations outside the fintech sector.



Sharing the Road on Raymond Avenue

This time, I neglected to give my “We’re taking the lane!” signal, whereupon the driver behind us assumed we would all fit into the roundabout / traffic circle at Vassar’s Main Gate:

Raymond Ave - passing into Main Gate roundabout - rear camera - 2019-03-28
Raymond Ave – passing into Main Gate roundabout – rear camera – 2019-03-28

Raymond Avenue’s original “standards compliant” design has undergone some revision during the last few years:

Raymond Ave - passing into Main Gate roundabout - helmet 1 - 2019-03-28
Raymond Ave – passing into Main Gate roundabout – helmet 1 – 2019-03-28

The brace of black bollards centered on the median at the “pedestrian refuge” now replace the original quartet of illuminated, albeit non-reflective black, bollards, after errant drivers successively destroyed them.

There’s apparently no standard governing the placement or depth of drain grates along the right edge of the lane, nor the amount of gravel and trash allowed to accumulate to the right of the fog line:

Raymond Ave - passing into Main Gate roundabout - helmet 2 - 2019-03-28
Raymond Ave – passing into Main Gate roundabout – helmet 2 – 2019-03-28

Mary is just barely clearing the grate, I’m moving leftward to ensure I’m the first one to get hit. Fortunately, common sense broke out:

Raymond Ave - passing into Main Gate roundabout - helmet 3 - 2019-03-28
Raymond Ave – passing into Main Gate roundabout – helmet 3 – 2019-03-28

We got through the traffic circle without further contention and continued on our way.

Getting squeezed into a traffic circle happens often enough to show whatever NYS DOT uses as a “design standard” doesn’t include pedestrian or bicyclist safety as measurable quantities.

As we all know, anything you don’t measure doesn’t happen.



“New” Phone Battery

Having an ancient flip phone in need of a battery, I ordered a Kyocera TXBAT10133 battery from eBay. Described as “new” (which, according to the Ebay listing, means “New: A brand-new, unused, unopened, undamaged item in its original packaging”), I was somewhat surprised to see this emerging from the box:

Kyocera TXBAT10133 - not really new
Kyocera TXBAT10133 – not really new

It obviously led a rather hard life before being harvested from somebody else’s obsolete flip phone and is definitely not “new”.

Not yet having a deep emotional attachment to the thing, I set it up for a capacity test:

Kyocera TXBAT10133 - contact clamp
Kyocera TXBAT10133 – contact clamp

Given a very light 100 mA load, it shows about the same capacity as the original battery in our phone:

Kyocera TXBAT10133 - 2019-03-29
Kyocera TXBAT10133 – 2019-03-29

Given the precarious contact arrangement, the glitches near the right end aren’t surprising.

The battery label claims a 900 mA·h rating, so both have nearly their nominal capacity at such a reduced load. In actual use, the phone has a low battery after a few hours of power-on time, far less than when it was new.

The seller promises a replacement. For all I know, there are no genuinely “new” batteries available for these phones.



Poster Boilerplate: Whoopsie

Spotted this in a lobby (clicky for more dots):

Hannaford Reusable Bags - Poster Boilerplate
Hannaford Reusable Bags – Poster Boilerplate

I know no more than you do about the situation, but I’d lay long, long odds Hannaford created the poster with a more recent version of Microsoft Word (or whatever) than the recipient organization has available, making the file essentially read-only.

Not casting shade on ’em; sometimes, you do what you gotta do.

FWIW, I’d expect LibreOffice and any Microsoft Word version other than the exact one used to create the poster to mangle the formatting differently. Been there, done that.


J5 Tactical Flashlight: Loose PCB

I’ve been using the J5 Tactical flashlight as a “walking light” on our walks around the neighborhood, because its bright white spot has definitely caused a few drivers to look up from their phones at the last moment and swerve away.

Of late, however, it turned on with a weak light and operated erratically. Removing the lens and unscrewing the front end revealed one mmmm potential problem:

J5 Tactical Flashlight - loose LED PCB
J5 Tactical Flashlight – loose LED PCB

It looks like they’re depending on the “gold” in cutaway plated-through holes to make electrical contact with the aluminum mount, then through the threads to the case. The PCB joint would work much better with consistent pressure all the way around its perimeter.

I mashed the PCB into place with a machinists vise, but, given the number of problems I’ve had with J5 flashlights (one a QC reject), they’re on my Non-Preferred Vendor list; if I’m going to get junk, I may as well pay bottom dollar.



Monthly Image: Electrical Safety FAIL

Our room in a pretty good motel (pronounced “No Pets Allowed”) had the light on the wall above the beds plugged in thusly:

Motel outlet 1
Motel outlet 1

Next to the other bed was the outlet for the between-the-beds nightstand with lamp and clock radio plugs:

Motel outlet 2 - side
Motel outlet 2 – side

Which looked not-so-bad from the side, but not-so-good from the top:

Motel outlet 2 - top
Motel outlet 2 – top

It’s all fun and games until you grope for your metal-frame glasses in the middle of the night and they fall off the nightstand … hasn’t happened yet, but it’ll be spectacular when it does.

I think the original beds were narrower, with more clearance around the outlets, but we’ll never know. Those Panera Bread outlets pose similar problems.


Encrypted Email: What Could Possibly Go Wrong?

So this arrived from an email address similar to, yet not quite the same as, the URL of a physician’s office where I had an appointment a few days hence:

Encrypted Email Message
Encrypted Email Message

My email client is set to prefer plain text, disallow remote content, and not open attachments, so that’s as far as it got. Donning asbestos work gloves and face mask, I pried open the message and its attached HTML file with the appropriate tools and found, as expected, scripts doing who-know-what.

Called the office and, also as expected, was told my appointment time had been changed.

Showed up, mentioned it to the doctor, and was told the office must check off many boxes to demonstrate its HIPAA compliance.

Bottom line: HIPAA now requires patients (a.k.a., us) to open random attachments from random senders, all in the name of privacy.

Banks do that, too.