Ed Nisley's Blog: Shop notes, electronics, firmware, machinery, 3D printing, laser cuttery, and curiosities. Contents: 100% human thinking, 0% AI slop.
Spotted on the way around one of the myriad strip malls (different from “strip clubs“) sporting a “Recently Renovated” sign out front:
Renovations – overpainted sign
You just know what those signs said, right? Must not be important any more.
Around the corner, the painters couldn’t get to where they needed to go:
Renovations – paint underspray
A Streetview image from seven years back tells the tale:
Renovations – Street View 2018
So the most generous interpretation would be something like overspraying those signs was a mercy killing. I’m impressed they could get that much paint behind the UPS drop box!
Out front there’s another triumph of hope over experience:
An email from Electronic Arts arrived in an email account I haven’t used in over a decade:
Welcome to your EA Account! Your EA Account serves as an all-access pass to everything EA, from websites and mobile apps to console and PC games.
Seconds later:
Your EA Security Code: <<< redacted, not that it matters >>> If you didn’t request this code, please go to your My Account page and change your password right away. For assistance, please contact EA Help.
Thanks for helping us maintain your account’s security.
Not ever having had an EA account nor being in the process of signing up for one, I did nothing.
After a few more seconds:
Dear EA Insider,
Thanks for signing up. We’re looking forward to bringing you the latest news and information on your favorite games.
All the emails look to be genuinely from Electronics Arts, not scam emails routed through the usual sketchy / compromised servers.
Four days later:
Dear Customer,
We are contacting you regarding your EA account.
We wish to notify you that we have found your account to be in violation of our User Agreement or our Terms of Sale, and due to the nature of this violation we are left with no option other than to permanently close your account with immediate effect.
Which looks much more impressive in email HTML:
EA Account Closing
Although I did not respond to the Security Code message, the scammer surely used a phone number under his (it’s always a he) control, because “2FA” really means “pick an authentication method that lets you in”.
Just for the amusement value, I fed that email address into the EA sign-in page, hit the “Forgot my password” button, and got a Security Code just like the scammer didn’t. I suppose I could change the password and discover / change the phone number, but that would put me in full ownership of an account used for nefarious purpose.
I sometimes wonder what else happens using my identity.
A good prosecutor could nail me for Third Party Retro-associative Complicity and, if I didn’t already live in Poughkeepsie, send me up the river.
For the record, the typeface in that block of Fine Print is 1 mm tall = 3 point, which I find barely readable without magnification and impossible to follow without a pointer.
I’ve come to realize being a “valued customer” does not mean what businesses want me to think it means.
Those of you running Windows should have undone whatever setting removes file extensions from the usual views, because by default Windows won’t bother you with such trivia.
But, hey, maybe an SVG file can contain an audio recording. I mean, there’s an online file converter for that, so it must be a thing.
Having been around this block a couple of times, though, let’s peek inside the SVG file with a text editor:
Spam SVG Audio – attachment
Huh. Not an audio recording, but a Javascript one-liner with a URL/URI/IRI/whatever aiming Your Default Browser at a presumably compromised server.
I didn’t go further, but surely the payload would wrestle Your Default Browser into a position allowing insertion of a remote compromise.
Well played, spammer!
Just another entry in the “Why friends don’t let friends run Windows” category, despite knowing whenever security and convenience come into conflict, convenience always wins.
It’s not clear why a Sergeant in the US Army would translate her request for help into Simplified Chinese so I can better understand it, but that’s the world we live in.
This deposit would move my Quality-of-Life needle, but certainly not in a good direction:
Mrs Sgt Candy Payne spam – detail
Today I Learned: there are humanitarian doctors connected with the Red Army in Morocco.
The cost of sending this junk must be low enough to fuel the spam machine from a minuscule response rate.
A postcard arrived last week telling me to call a special number for special deals on Medicare Advantage plans. Being that type of guy, I managed to read the microscopic Fine Print and found this amusing blooper amid the disclaimers weasel wording:
Medicare Advantage mail spam
Inserting insurance carrier names should have happened before printing the card, so [CarrierA] and [CarrierB] are either placeholders or mail-merge variables.
Also, you’re seeing the contrast-blown and magnified version of the postcard. The original Fine Print had faint orange ink on light green cardstock: colors having different hues with the same saturation and value to minimize legibility. In general, folks eligible for Medicare Advantage plans have trouble reading Fine Print, so the choice was not accidental.
The Smell of Molten Projects in the Morning 