Welcome to Orcmid's Lair, the playground for family connections, pastimes, and scholarly vocation -- the collected professional and recreational work of Dennis E. Hamilton
Simple Geek Pleasures
Microsoft Windows Media - Windows Media Player 10. I know there is all of this fuss about competing with Apple's on-line music service. I don't care about that. What I do care about is enjoying MSN Radio Plus over broadband. Except it has been intolerable to use because it operates in a browser window, colliding with my other browsing, including for blogging as well as research and study.
Relief at last. Now I can pretty much have it all my way with Media Player 10 right where I want it. What a joy: fingertip audio while I work away with speakers cranked up, basking in the broad-band improvement of my favorite content. A new tune buffers up and I become squirmy/wriggly with this idiot grin and a soaring heart.
Have a great weekend. It's back-to-school time. For me, it is time to get cracking on my M.Sc in IT dissertation project, so I guess I had better come up with a topic [;<).
Comments: Post a Comment
Pictures from Home
FW: The Beauty of Earth. I float around in some very geeky conversation threads. Sometimes, something wonderfully poetic arrives from an unexpected direction to pull at my heart and inspire my soul.
Comments: Post a Comment
Well, we are going to be going through a period of double-vision here. You will notice that there are these nice titles on the articles where before there were none (if you happened to look around on the last day or two).
Of course, since you changed it, I didn't see double titles until I selected the link for Orcmid's Lair (love the bright red color it changes to!) and scrolled down a bit. So, at first, I was confused. Which is turning out to be a fairly common state of mind these days and I think it's actually a good one.Post a Comment
I'm soberly leafing through an Umberto Eco essay when Spanner Wingnut comes panting up the stairway from the lab, dragging his portable with him. I say dragging because it is some kind of souped-up Osborne sewing-machine crate running XPSP2 and trailing an extension cord that would have shorted my grandmother's teakettle.
"Well you twit, you've been spammed and phished," I say knowingly. "At least you don't have an account with that bank. How often have I had to tell you, Use Protection!"
"No, no, look'cheer" as he elbows me working the trackball,
and then ...
well, would you look at that?
"Dunderhead! You didn't know that? How do you think teen-agers sneak homework answers to their pals using their parents computers? Everybody knows about that," I bark, wondering at how the little newt manages to come up with one after the other of these little cuties.
"And pick up that cord neatly. It looks like the rats have been chewing it."
As Spanner slouches back to his subterranean warren, I wonder if there is a patent attorney available on a Sunday and where can I announce the remarkable von Clueless phish-detector. First, I need a dated entry in my lab notebook. Oh, and I bet I can get Orcmid to give me space in exchange for Spanner cleaning up his blog messes. That's the ticket ...
Very interesting, professor ....
But I have some questions:
1. The first image shows the mouse over the link. Does it also do the link thing on other parts of the message image?
2. And does a user have the opportuniity to compare the actual link to the one in the message? Or is it really a good job with a spoofed link?
3. Do all mail readers display images inline? This is not a rhetorical question. In my experience with Mozilla Thunderbird (which I've set only to display "simple" HTML (whatever the heck that is)), images appear as attachments. So I don't know what this message would look like in my reader.
And I don't have an answer to your teaser.
Hi Bill, interesting questions. Here's what I know about them:Post a Comment
1. The clickable-link cursor (the pointing hand) is the same over the entire image. I was maybe too clever parking the cursor where I did before taking the screen shot.
2. There is a nest of spoofs. First, the image provides a picture of a link. Secondly, if your mail-viewer or browser shows you a link (say, down in the status line of Internet Explorer), it is likely to be the same https link that is in the image. Third, if you actually click on the image, yet-another-URL may be used, one you haven't been shown. This seems to take advantage of a glitch in how image maps work. Fourth, if you do end up going to the hidden phish-hook URL, the page that is ultimately presented will have the address bar and most other window-frame material suppressed, enhancing the deception that the pop-up has something to do with the legitimate page that is brought up by a clever redirection. Finally, all of this depends on the fact that browsers are very loosey-goosey about the HTML they accept, using malformed-but-accepted HTML to carry out their endeavors. There was a time when that may have made sense. It appears that time is now past.
3. The message in my example was a MIME 1.0 with Content-type multipart/related. This is how images, buttons, scripts, and other fragments are bundled together in one payload for your viewing pleasure. You also don't have to be on-line to view the message properly (I wasn't). Here's a simple experiment that you can make: (a) Using Internet Explorer, browse to a page that has images, logos, buttons and other goodies. (b) Use the File | Save As ... dialog to save the file as Web Archive single file (.mht). (c) View the saved file in IE (and your other browsers) while off-line. (d) Then open the file in Notepad or another text editor. Clever, huh? Multipart/related is specified in IETF Proposed Standard RFC 2387.
I have materials for creating a complete working (and benign) demonstration of this particular twisty-little-maze of spoofs, but I wanted to quickly point out the simple counter-measure that Edit | Select All provides. - Prof. H.A.S.v.Clueless, etc.
Pent up Blogophilia
It has been difficult to withhold myself from blogging while I do some important scaffolding around being able to recover from a variety of misadventures here. It helped that I was in an 8-week on-line course that also demanded my attention. But that was then, and now I don't have to get a typing fix by spewing comments onto Scobleizer so much.
I will stop now before I overwhelm myself. These will show up here or over in Professor von Clueless's place. Oh, yeah. I need to get that blog up and operating before I get too carried away.
Comments: Post a Comment
This confirms that the testing of incident-response preparations for the Orcmid's Lair blog are completed and the blog is no longer locked down. Although similar notices were placed in the site feed during testing, those manually-injected announcements are obliterated when the automated feed produced by Blogger.com is reinstituted. This message marks closure of testing and other preparations in the "permanent" feed.
As part of the institution of consistent incident-response procedures for Orcmid's Lair and related blogs, the URL for the Orcmid's Lair blog has been simplified to <http://orcmid.com/blog/>. That's all you need. It will be faster to use this than be redirected from the previous URL, so please update any shortcuts you have to this blog.
Comments: Post a Comment
|You are navigating Orcmid's Lair.||
created 2002-10-28-07:25 -0800 (pst)