E-mail Phishing Attempts Get Trickier: Fake bounced mail and Fake mail-from-scanner

Two phishing1 attempts made it through the work spam filter earlier this month, and they show the creativity of bad guys as they try to get access to your machine. The attempts at social engineering were interesting enough I thought I’d describe them here. We’re getting pretty close the line where we can’t tell a legitimate e-mail from ones with nasty side effects.

The Fake Bounced Message


This message has the appearance of being a bounced e-mail from a server called ‘cyber.net.pk’.
Screenshot of a fake bounced e-mail message.

Screenshot of a fake bounced e-mail message.

Free Stanford AI Class is a “Beta” for a Commercial Launch?

When Stanford University’s School of Engineering announced its free Artificial Intelligence class last month, the news took the geek world by storm and even worthy of note in the New York Times. The initial news articles made it sound like another example of open educational resources — a movement popularized by the Massachusetts Institute of Technology to put course materials and recordings of lectures online for anyone to use. But with registration for the class open and more details posted on the class homepage, I’m not so sure.

My O’Reilly Wish List

O’Reilly Media — my favorite technology publisher — is offering a contest in which they are giving away $500 worth of books from their catalog. To enter, one must post a public wish list to books, e-books, and videos from the O’Reilly catalog and send the URL to O’Reilly using a web form. As long as the total of all the items on your wish list is less that $500, you’re entered. The deadline is 11:59pm PST on Tuesday, Feb. 22, 2011, and the sweepstakes is limited to U.S. residents only.

First Bill for DLTJ Hosting on Amazon Web Services

I just got the bill for the first month of hosting this blog on Amazon Web Services. The total for the month was $23.60, and includes:

  • data transfer charges for all in-bound and out-bound content;
  • a full-time use of a LINUX micro-sized Elastic Compute Cloud (EC2) instance (with backup to the Elastic Block Store (EBS));
  • a Simple Storage Service (S3) bucket for static files (Cascading Style Sheet and JavaScript files, images, and other media); and
  • use of the Amazon CloudFront content distribution network.

All told, I’m pretty pleased with the costs — particularly as I was considering the amortized cost of buying a new server to replace the one I had been using for the past five years. The itemized bill is included below.

DLTJ In a State of Flux

DLTJ is in a bit of flux now. After updating some underlying packages on my 9-year-old Gentoo-based personal server, I’m finding that I can’t start the web server process without the 1-minute load average climbing to roughly 60 in the span of about 5 minutes. (Translation: the machine is working very hard but getting nowhere fast.) Increasingly, the server has also been hard to update — lots of strange errors, etc. — so after 9 years, it is clearly time to rebuild it. In the interim, I’m in the process of moving the blog over to an Amazon EC2 cloud computing instance. If you see this post, you are reading it on that virtual server. The DNS entries should catch up with the migration in a couple of hours.

Attempting to Run Comments without reCAPTCHA

I’m trying an experiment over the next couple days/weeks. I’m turning off the reCAPTCHA requirement for blog commenters (the figure-out-these-words-and-type-them-in anti-spam scheme I turned on three and a half years ago). The only automated scheme in place now is Akismet. This change was made Friday night, and over the weekend a few spam comments got through to “approved” status while 550 were in the “spam” queue. With reCAPTCHA in place, I would typically only get 10 or so comments that would make it through reCAPTCHA only to get caught by Akismet (and none through to approved comments). I could easily go through 10 or so comments a day looking for ones that would accidentally get trapped (maybe one a month), but I’m not going through 200 or more a day. So, if you comment on DLTJ and don’t see it immediately posted, please do let me know and I’ll fetch it out of the spam queue.

“Do More … With Someone Else” — Guest Editor Introduction to NISO ISQ Fall Issue

I’m pleased to announce that the Fall 2010 issue of NISO‘s International Standards Quarterly (ISQ) is done and available online to NISO members and ISQ subscribers. Print copies are scheduled to be mailed on December 28th. The individual issue is available for purchase (see the form link to on the issue homepage), and some of the articles are freely available on the NISO website. The theme for the issue is resource sharing, and I was privileged to be the guest editor for the issue. Included below is my introduction letter to whet your appetite for the full issue.

Protect Your Keyboards, Mice and Cables from Theft with a Flat Washer

You are using lockdown security cables to protect your PCs, but your accessories — keyboards, mice, and other cables — are still vulnerable to theft. You can use one of these specially built products to lock down the cables, or you can use a 20¢ flat washer from the hardware store to protect these components from minor mischief.

Charleston, SC Visitor’s Center A/V Display

First, sorry about this getting posted prematurely through the DLTJ blog. I was trying the post-from-Flickr function, and it was telling me that the posting wasn’t working. So, it got posted here twice. And it got posted before I was ready; I was hoping it would land in the draft queue so I could edit it with further commentary. Oh, well; live and learn.

Charleston, SC Visitor's Center A/V Display

From Joshua Kim, Ideas for Working with Vendors

Joshua Kim, senior learning technologist and an adjunct in sociology at Dartmouth College, recently had a series of posts about working with software vendors. Although Joshua’s focus is with learning technologies (course management systems, lecture capture systems, etc.), these are general enough to be useful in a variety of library environments as well. His posts, hosted by Inside Higher Ed, were:

Here are descriptions or excerpts from each of the posts.