Len was a major advocate for privacy and a great influence on some of my earlier work.  He leaves a great legacy but an even greater void in so many lives.  My thoughts go out to his wife Meredith (L. Patterson), may she have strength and courage through these difficult times.

Depression is the silent killer.

I'm coming to understand that "battle with depression" is sometimes very close in meaning to "battle with cancer."

@maryadydd 04 July 2011

<BEGIN PGP MESSAGE>
Len Sassaman (1980-2011)
<END PGP MESSAGE>

When I raised a support request the other day, I used my Pipex account email address, i.e the one that has been associated with my account since day one of me being a customer with them. (usually of the form ***@dsl.pipex.com) 
I noticed that I didn’t receive an auto-reply which was unusual, so out of interest, I sent a test message from another email account.
Funnily enough, it bounced. But not just any old bounce, but because of:

5.1.0 - Unknown address error 550-'Mailbox is inactive'

Since Pipex have transferred over the home customer control panels to some part of Tiscali, there isn’t actually an easy method of retrieving your customer account settings any more.  No problem I thought, I’ll raise a ticket.

I raised a ticket with Pipex Support and couldn’t believe their response.

I understand from your email that you are uanble send emails on your email account ******@dsl.pipex.com as the senders are getting error 5.1.0 - Unknown address error 550-'Mailbox is inactive'
With reference to your below mail, please be informed that unfortunately we are unable to help you from this helpdesk on this concern.
I would request you to please contact our Customer Support as they would be in a better position to assist you in this regard.
You can contact our Customer Support at 0871 663 3300. Calls are charged at 5p/min from a Pipex line or at 10p/min from a BT line. Calls from mobiles and other providers may vary. Lines are open from 8:00 am to 9:00 pm, Mondays-Fridays, 8:00 am-5:00 pm on Saturdays, and 9:00 am-6:00 pm on Sundays.

So support aren’t actually able to provide any support?
That was Pipex Customer Support I had emailed!

It turns out, all that emailing customer support will do is result in a reply back asking me to call their customer support line.  
What they want me to do is call a PAID FOR support line, not a free one, but a PAID FOR support line.
Now trust me, despite 5p/min sounding like a cheap rate from my Pipex line, and 10p/min from a BT line, if only it were that simple.  My last call to Pipex customer support required waiting on hold for over 2 hours, and a further 20mins waiting for the support representative to fix the issue. The same issue reared it’s head the following week which required another 90mins of call time.
That worked out at around £11.50 just to fix that one issue which was yet another screw up at their end.

Well Pipex can go whistle this time. I emailed them back and have given them my home number so they can call me.
And if they cannot resolve it via email, I’ve also given them a deadline of 8pm tomorrow night.
If they have not resolved it by 8pm tomorrow night, WITHOUT the need for me to waste my time and money calling them, I will be requesting my MAC and moving my account to another ISP.

The only reason I haven’t moved away from Pipex is as I stated in previous post in that they Pipex owe me funds which are incredibly difficult to have returned once you leave them. But sod it! I’ve totally had enough of Pipex and the complete bunch of eejots that seem the be running the damn company.  I’ll pursue them via the courts and boy will it cost them a damn site more than it would have done if they had just returned the monies that were owed to me in the first place.

Pipex were once a great ISP, before that was, Tiscali came in and totally screwed the company over and up.

Trust me when I say, avoid Tiscali, TalkTalk and Pipex like the plague. Go with O2 (as my first option), and then Plus Net (as my 2nd option despite them really being BT now). But, be warned with Plus Net.  I’ve seen quite a few mumblings around various online forums that Plus Net support has gone down the pan since BT took them over. (Something else I’m not surprised about).  Never ever go with BT direct either, but that’s a whole new story I’ll save for a rainy day.

Finally, Pipex, you win the idiot of the week award for this week. You must now be ranking as one of the worst ISP’s in the UK

I’m not the only one who has suffered at the hands of Pipex.  Check out http://www.pipexproblems.co.uk/

It did recover later that day, but ever since Tiscali took over the routing of my data, both the upload and download speeds have steadily decreased until yesterday, they nose dived to below 750Kbps.  Pipex insist they do no traffic shaping, no bandwidth throttling on my connection, but I beg to differ!

I contacted support to see if any work was going on. “Absolutely none sir, nothing has changed this end”.
So I sent them a copy of the above data and rang them back. There response was “Have you changed your phone sir?” to which I replied “What everyday since June 2009 !”
He assured me nothing had changed and that there were no problems his end. I then asked them to sort out my Mac code as I had enough and I would be transferring away ASAP.
Funnily enough, within 30mins, my upload speed has shot up above 2000Kpbs for the first time since June 2009.

Pipex/Tiscali/Talk Talk absolutely suck and are to be avoided like the plague regardless of how cheap they are.

You are much better taking a look at Plus Net (although now they come under BT, I’d be weary of that).  My top suggestion at the moment is believe it or not, O2 Broadband.  Yes, they are a big corporate group, but their customer service is first rate. If you tell them there is a problem, they actually listen to you. They don’t treat you like some half witted idiot, but they actually listen to what you have to say.

So why am I still with Pipex? Because the buggers owe me over £400 in over payments and the instant I leave them, I face a long haul through the courts to try and claim it back. As for Ofcom? Forget it. They know who pays their wages and are about as effective as a chocolate fireguard.

And if you wanted further proof of just how bad Pipex/Tiscali can be, just take a look above.
They insisted absolutely nothing was wrong at their end. It took 30mins of ranting at their support guy for them to go actually get off their arse and take a look. And finally, after 8am, things magically get a whole lot better.

Be warned… stay clear of Pipex and Tiscali…

It was minus –8deg on the outside thermometer when I woke this morning, so I quickly got the fire going.  Crumpet, marshmellows and a few chestnuts tonight for supper methinks.

I have heard of a similar scam to do with Sky customers, but the caller never mentioned Sky, merely if my reception was fine.
Sky have put some information about a similar ‘scam’ on their own website (Sky Protect)

In my case, it appears that they are cold calling UK numbers rather than targeting Sky customers with the aim of finding any customers who are currently experiencing problems.
The scammers then apparently try to “help you resolve” the problem by offering to contact Sky support on your behalf. At no time however do they mention that you will be billed by them for this support.

Just be warned that there is no such organisation as the National Television Control Centre, at least not in the UK. If you receive such a call, do not reveal any personal information.
If they do claim to be from Sky, or working on behalf of Sky, ask them for your contact number, account number, or the type of receiver you have been supplied. I can assure you that they won’t be able to answer and will give you some waffle as to why they can’t supply that information. 

Lotus are to return to Formula 1 for the first time since 1994 after being granted the 13th slot on the grid from next season.

They will line up as one of four new teams for 2010 - alongside Campos Grand Prix, Manor and US F1.

Great news for us F1 fans, especially those who remember the good old days when Lotus were last involved. Admittedly, it’s been a fair few years since they could be classed as one of the successful teams, but I’m just glad to have the badge back amongst the starting grid. I was born in 67, so not quite old enough to remember their best years between the 60’s and 70’s. Not a lot of people realise that despite withdrawing from F1 back in 94, they are still the fourth most successful F1 team ever.

In its new incarnation the team is a partnership between the Malaysian Government and a consortium of Malaysian entrepreneurs and is being led by team principal Tony Fernandes, the founder and CEO of the Malaysian-based Tune Group which owns Air Asia airline.

Mike Gascoyne - who has 20 years experience in the sport after working with Jordan, Renault, Toyota, and most recently Force India - returns to F1 as the team's technical director.

For more information see the original BBC Sport Article: Lotus will return to F1 in 2010

From the JustGiving page set up by Tess Morris.

Our little girl Eden Summer was born at 29 wks, 11 wks, early by emergency caesarean at Wolverhampton's New Cross Hospital, miles away from our local hospital which didn't have the facillities to look after a baby so small . Eden's incubator was donated to the hospital by Bliss and the intensive care unit was also referred to as Bliss. I eventually held Eden for the first time after 4 days and quickly started kangaroo care which Bliss says helps pre-term babies and parents,it did,after 3 wks Eden was transferred to our local hospital where she stayed another 3 wks after which we were allowed to bring her home. It was the scariest time of our lives but the staff at both hospitals and Bliss were fantastic .The work Bliss does is amazing and my husband and me are trying to raise as much money as possible for them to continue their work. So thats why we will be running 10 miles in The Great South Run so please help us help babies like Eden.

For more information on BLISS, you visit their website at http://www.bliss.org.uk

Bliss, the special care baby charity, provides vital support and care to premature and sick babies across the UK. Founded 30 years ago this year, we offer guidance and information at a critical time in families' lives. We also fund ground-breaking research and campaign for babies to receive the best possible level of care regardless of when and where they are born

Remember, these babies are too small to be able to help themselves. Help BLISS give them the best start in life. As I say above, even if you can't afford to give a few pennies, then forward this post to everyone you know, or send them the link to the JustGiving page.

Be warned and on the lookout for a new round of Hotmail accounts being hacked and suspicious links being sent to you from your contacts.
You might receive a message from a known contact that will contain a link to what initially appears to be a to a profile picture.
What it is actually doing is trying to get you to download a windows Trojan.
Hotmail Message from Hacked Account

The message you will receive could look something like the following:

The text will say something similar to the above: "ahha is this you?? hxxp://images-id.com/profile.php?=yahoo:shinerweb@yahoo.com"

How does the attack work?

If you receive the above message or similar, because it has come from a "trusted friend" in your Hotmail contact list, you are probably likely to believe the link to have come from them.
Most people will just click on the link, but don't worry, you haven't been hacked just yet. In this case of this attack it actually requires you to install it, but believe it not, many people will do just that.

In this instance, clicking on the link above will download a self-extracting zip file to your PC. (Yes, we are talking a Windows Trojan here).
But you still haven't infected your PC. You now have to actually run the self-extracting zip file by navigating to the location where it was downloaded and clicking on it. (Some chat programs allow you to open the downloaded file by simply clicking on it from within the chat program).
But you still haven't been infected if you do just that. All you have done is to extract the actual virus to your PC.
It still requires you to now navigate to where the file was extracted and open it.
Only now will you have infected your machine.

At the time of writing, only one anti-virus vendor was giving a warning, with two other vendors marking the file as suspicious.
It will take most of the leading Anti-virus companies up to another 6-12 hours before they release new definitions to catch this one.
It will probably be a few days before the rest of the bunch catch up with some taking up to a week.
So even if you have the most up-to-date virus definitions, you are not going to detect this trojan just yet.

Despite the number of manual steps involved in order to become infected, many hundreds of thousands of users around the globe will still do just that.
Some will do it primarily because the link and the files came from someone in their Hotmail contact list that they probably trust.

So why did my Hotmail contact send me this link?

Actually, your contact didn't. The bad guys have gained access to your contacts username and password and have control of their account.
There are a number of ways that the bad guys can gain access to these details.

Trojan: The payload in this instance is a trojan that installs other software to capture personal information from the infected machine. The user could already have been infected with this trojan or another similar and the Hotmail account details stolen (via a Keylogger for example).

Phishing: There have been a number of incidents already this year whereby legitimate sites have displayed adverts or malware inserted by the bad guys. This presents the visitor with a dialogue box very similar (almost an exact copy) of the Hotmail Login screen. The user then blindly enters their Hotmail Username and Password. The bad guys scripts will then usually display a failure message before redirecting the visitor the genuine Hotmail Login screen. But by this stage it is too late, they already have your Hotmail account details.

In this instance, this is what I suspect to have happened in that the user has fallen foul of a phishing attempt on a site they have recently visited.

The short answer is that your Hotmail contact did not send you the message. In fact, they probably have no knowledge what-so-ever of any messages being sent to you.
They will probably tell you that they didn't even have their computer switched on at the time so it could not have come from them.
The bad news is that it didn't need to be. The bad guys already have their username and password and they use a program of their own to login and send the messages from any computer they like.

At a later date, I will post an update on how to prevent or reduce the chances of falling foul of these types of attacks.
Some quick advice though is:

• Never to trust any files sent by friends no matter how much you trust them. It might not be them sending it in the first place.
• Always have your chat program configured to run an anti-virus scan of ALL downloaded and transferred files. (Though this would not have protected you in this instance).
• Any file you are not sure of, upload it to Virus Total and see what they have to say about it.
  

The information below is the technical information about how the virus works.

In this case, the link will attempt to download a file called PICT0573.JPG.EXE

The following is the initial report from Virus Total.

Additional information

File size: 97281 bytes

MD5...: cc259a2aa044d105d7159b2c5a8aa5eb

SHA1..: f3a9f1de1243683fce79d29dcfa2338cb5b3d57d

SHA256: d71788cfd5d99af611fee16e9c2b6abddda6505ed851a836298e2971a3a72e08

SHA512: 208e2d97247b406a3aa179b237549b6251342f022bdb7f81e4b1b939a0b21aa3 e1b6a1894e0f45981880b3ac0aa8cc1f8877cb6e374ea43510e52d17d7823cc4

ssdeep: 1536:b5GJEhlcbW5sk1BlfLvveIbXWm+nwN6J3rs5gqtXZPoeSVfOgRJNVB5uulU 6EE:VGu9BlfzWIbXWm+w0Jg5TSVfRJNYulU4

PEiD..: -

TrID..: File type identification Win64 Executable Generic (59.6%) Win32 Executable MS Visual C++ (generic) (26.2%) Win32 Executable Generic (5.9%) Win32 Dynamic Link Library (generic) (5.2%) Generic Win/DOS Executable (1.3%)

PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x645c timedatestamp.....: 0x480251cd (Sun Apr 13 18:32:45 2008) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x99c8 0x9a00 6.58 fd7744c26c2bf4d279968be94b283b11 .data 0xb000 0x1be4 0x400 4.25 99858e86526942a66950c7139f78a725 .rsrc 0xd000 0xd9f0 0xda00 6.72 37630b96b2c90e9f0a4951e15d50197f

The file is actually an executable (self extracting) Zip archive. (Note it ends with .exe and is just made to look like an image).
Usually they do a better job of hiding the .exe by using multiple spaces, but not in this case.

If you run the file, it extracts another executable which is the trojan itself. The name of the file in this instance was: buriminew.exe

Only when you actually run buriminew.exe will you now infect your PC.

Currently this is what VirusTotal has to say about this file:

Additional information

File size: 31744 bytes

MD5...: fe546d6dece496a4e4a3ca47f15e5937

SHA1..: 4acc9a1196539919238387863d8585e4fd43f017

SHA256: a3d90312ab961adbeb7062350643b74d5b43d35dcc963eccf4295ce375b29908

SHA512: c0f2aab84a75e8dd0a30743de66332cb058148544cb68514bee588b13b0bf92c e9d5c6e5ffdaf5f6f8553191dff0dcfb4d3aae2cb594446531c099f86bafcacd

ssdeep: 768:qrOV9YKGFjCZXwNKLWBOp07uu51xlXTOm/q:egYRcW7uIxRKm

PEiD..: -

TrID..: File type identification Win32 Executable Generic (42.3%) Win32 Dynamic Link Library (generic) (37.6%) Generic Win/DOS Executable (9.9%) DOS Executable Generic (9.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1e80 timedatestamp.....: 0x49b0f1a1 (Fri Mar 06 09:49:21 2009) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x11be 0x1200 6.25 a0f569558af5fc265be797139ffd38d8 .rdata 0x3000 0x60b6 0x6200 7.97 3fe31e2297e4fb70643d182fd955d7d2 .data 0xa000 0x163e0 0x400 5.54 629e2248ee12ab91a5a46c4c0c17d51e ( 1 imports ) > KERNEL32.dll: GetProcAddress, LoadLibraryA, lstrlenA, GlobalAlloc ( 0 exports )

The file appears to be a new variant of a Trojan called Buzus.
When run it will display a dialogue box.

From the site ThreatExpert, it has the following information:

Trojan.Buzus opens a backdoor on the infected machine and tries to steal various information like personal financial data (like credit card numbers, online banking details etc.), passwords from various email and FTP applications (like Trillian, Microsoft Outlook, CuteFTP etc.) It also tries to compromise security settings of various security related products.

At the time of writing, only Microsoft was identifying the threat as: VirTool:Win32/Injector.gen!U

If anyone wants a copy of the trojan to do their own analysis, you can contact me via the contact form on my profile page

You can also check the status of anti-virus detection by visiting the VirusTotal page for buriminew.exe .

That is a number from Bulgaria and more than likely, a premium rate number.
I had a quick check online to see if there are any other reports on this number and low and behold, there are plenty. It does however appear to be a new number in use.

I was amazed to read some of the comments on one site and a few of the questions I have listed below:

"How do they get my number?"
"Why are they ringing me at that time of the morning? I'm not likely to answer".
"Why do they only let it ring once, I will never be able to answer the phone that quick"

Some people just don't seem to understand when they are about to be conned even when it jumps up and bites them on the nose.
They didn't "get your number".
And the reason why it only rings once is because they don't want you to pick it up and answer it.
(If you do, that costs them money and they don't want to actually spend any money, they just want to make as much as possible).

Here is a copy of my reply I posted in reply to one comment.

A company based in Bulgaria for example, has a a few people or a bunch of computers that basically start off dialling +44 0000 000000 and work their way up to +44 9999 999999. (it's not quite that crude, but you see my point. i.e. they didn't get your number from anywhere, it was just the next one in the sequence of numbers they called).
So they didn't get your number from anywhere, you just happened to be the next in the queue.

The system dials the number, let's it ring once, and hangs off.

Why? There are two possible reasons.

1. Any number that rings is a valid number and could be added to a database of UK numbers to cold call at a later date.
2. And this is the most likely answer, and is becoming a major scam. Assume they call 100,000 numbers.
   It costs them nothing to ring a number and put it down before someone answers.
   It's free to them. But the number they provide as their caller ID is actually a premium rate line.
   If just 1000 people (i.e. 1%) of the people they call hit re-dial, that is 1000 calls to a premium rate number.  
   

Remember, it doesn't cost you a penny to dial a number, you only start getting charged the second the other party picks up the phone at the other end.
If no one ever picks up, you don't get charged.
It doesn't matter if you dial it and the line drops the call at the other end immediately, it's too late. Once you have connected to the line the other end, you've been charged the minimum call (usually quite a few pounds). At their end, the system is designed to answer the call and drop it immediately. They don't want to talk to you. They just wanted you to call back.

Assuming it was say £1.00 a minute, for just 1% of people they call returning their call, they just made £1000. And it cost them nothing to earn that.
But they don't just call 100,000 people. Their computer system can call millions of people. And if just 1% of people hit redial, that is an awful lot of money they've just made.
And with most overseas premium lines, it isn't £1.00.
If you did dial the number, go have a look at your next bill.

So unless you are expecting a call from overseas, and unless you recognise the number, never ever dial them back. If someone wants to speak to you, they would always call you back. Go look up the country code. If you are not expecting a call from that country, forget it.

Every time you ring back one of these numbers, you become part of the problem. You are contributing to their profits giving them the excuse to carry on doing what they are doing. It's easy money for them.

It is also incredibly difficult to have them shut down, since they don't usually do this from within the UK or the EU. The caller ID they are supplying can be easily spoofed.
Even though it says "03598815400011", you could be being called from next door. "03598815400011" is just the number they want you to dial back and is not necessarily the number you were called from.

I think it was 2006 or 2007 that I joined Ecademy which is a great UK based Business Social Networking tool (and here you can see my Ecademy Profile).

Another reason behind my decision to let my account lapse is the sheer number of totally “free” Social Networking sites.  Whilst I wasn’t able to commit the time to work, there was no sense in throwing good money after something you can actually get for free anyway.  I won’t create a list of those free sites here, because I am not knocking Ecademy in the slightest.
So why would I go back to Ecademy? Simply because of the people that exist on Ecademy or rather the quality of the people “you can” meet on Ecademy.

It is the members of Ecademy that make it so worth while and provide the power behind the site.  Quite simply, the site could have been done in Notepad and have the crappiest web front end in the world, but the members of Ecademy are what gives it true value.

So back to my rant. Who is Anthony Benner and what did he do to get up my nose.
Back on the 14th October 2008 he send me a contact request in order that I would join his network and vice-versa.
I still kept an eye on requests and any that are relevant and non-spammy, I would at least try and respond to, but to be honest, I had never heard of this guy, never had him recommended to me, he wasn’t on any of my contacts friends lists, so I gave it a low priority to respond back to. (So low that even after 3months I didn’t get round to responding).
After all, his initial request for contact had no information about why he wanted to contact me, contained no information on why I would want to contact him. So what was in it for me? Where was the ‘attraction’?

Then I get a message from his account on the 4th January that simply said: “No Response”. (Which I am not sure if that came from the system, or from him directly). But on looking closer, I also see he has “blocked me” from contacting him?
WTF?
Blocked?
Why? Because I didn’t respond to his “spammy” request to be on his contact list.
Ok, I say let’s have a look at this guys profile and see what I could have done to piddle him off.

I see he is ranked #1 in Australia. Ok, that looks fairly impressive.
Globally ranked #16, which sounds equally as impressive.
Maybe I’m too small a guy to be worthy of being able to communicate with him, so let’s read on.
So let’s have a look at some of the 69 testimonials. (That number appears quite apt as it happens).
Most of his testimonials are from people who have never even met with him, let alone worked with him, yet they give him a testimonial. And again, most of them are from people who are unlikely ever to work with him.
So what kind of testimonial is that? What has ever done for them that would inspire me to want him to do anything of any use for me? Not a lot..
A testimonial is only ever worthy if it reflects something you have done for someone, or a summary of a service you have provided.  When ever I look at someone to do work with, I research them to the nth degree and if possible, try to speak for former clients, read reviews, do a web search etc.

Now let’s have a look at his website. A blogspot blog set up in August 2008 with the grand total of one post.
And what does he do? He’s in to PR ? erm. Public relations. Ah, someone who knows all about personal images. So blocking someone for not responding to a random connection request creates a good personal image. Not.
Even his main domain simple redirects back to the blogspot blog (which has a PR of 1).
Somehow he has been rated good by 746 people. 90% of which have probably never met him, exchanged a ‘contact' request and that’s about it.
For some ranked so high, who is not even a Blackstar immediately makes me suspicious of that persons activities.
So I still don’t have a clue what he does, or what he has done for all those people who think of him so highly.

Doing your research on someone BEFORE you connect is a much better way of doing business.
I can’t stand people who think the number of followers, or ‘friends’ is some sort of “willy waving” contest.
You can bet he hasn’t even heard of Twitter, and guarantee that if he had, he’d have one of those accounts where 2 people follow him, yet he follows 10,000 plus.

Block me will you. Thanks, you’ve done me a great favour.

Best thing is, I only have to visit Retaggr to update any of my 'points of presence'

Still, I expect there is bound to be more fun ahead with 'Obi'

I must give credit to Ike Pigott (@ikepigott) for the idea of a "Top 10 People to Unfollow" list.  Although I can easily think of several individuals I’d like to place on this list, I figured it would be too mean to actually call them out by name (and possibly result in a libel suit).  So the list below contains ten archetypes that I’ve noticed on Twitter.

From the post “Top 10 List of People to Unfollow on Twitter” on the blog by Shannon Whitley.

I’m hoping I’ve never fallen into any of those categories, though looking at my main “personal” Twitter account, one or two (erm, try most) are getting pretty close to another Top 10 reason category of “Too Drab to be of any interest”.

Pop over to Shannon’s site and add any categories you can think of to the comments on that post.

Related articles by Zemanta

• To Tweet or Not to Tweet...Is That Even a Question?
• Social Media Museum has Bloggers all A-Twitter!