Interesting E-mail

Today I received an email in one of my web email accounts professing to be from the CIA. The text of the message is as follows with a sending address of mail@cia.gov:

Dear Sir/Madam,

we have logged your IP-address on more than 30 illegal Websites.

Important:
Please answer our questions!
The list of questions are attached.

Yours faithfully,
Steven Allison

++++ Central Intelligence Agency -CIA-
++++ Office of Public Affairs
++++ Washington, D.C. 20505

++++ phone: (703) 482-0623
++++ 7:00 a.m. to 5:00 p.m., US Eastern time

Now I'm sure Mr. Allison is a real person at the CIA and the telephone number is probably legit. Now if I were an American citizen who is clueless about the Internet , I might respond to the e-mail by opening the attachment (a zip file no less) which contains the latest variant of the Sober worm. You would think that the kiddie scripters would know better and construct a more formal e-mail than one like the one above. One thing for sure is that this particular e-mail account of mine do get a lot of junk e-mail including Paypal scams, Nigerian scams and the various lottery winner scams. The problem is that it is almost impossible to track the sender of the e-mail even though the originating IP-based sender is shown to be an ISP based in Malaysia. Obviously these scams do work as it only take one to be sucked in to make it worthwhile. While most that I have seen are done via e-mail, there was one where I got sent official looking documentation via regular mail.

So, bottom line, never open any emails from folks that you don't know and also be wary of emails professing to be from well known companies (e.g. PayPal, your bank) as more than likely they are phising emails.

Update - BC politicians pay raises

Within 24 hrs, the Opposition Leader, Carole James, flip-flopped and refuse to support the legislation (Bill 17) that was passed in record time which gave all the elected politians a 15 to 31% pay increase.

Yesterday, the Government introduced Bill 19 to repeal Bill 17 which was passed so none of the MLA will be getting any pay increases. The smart move is to introduce legislation that would tie the MLA compensation to the rate of inflation and cost of living.

Anyhow, this debacle high lighted the current flawed system and also put the Opposition in a very bad light. I mean, if they were so concerned with public outcry, why unanimously voted for the pay increases. What's also upsetting was that one elected member, Lorne Maynecourt (Lib), screamed, yelled, and voted against repealling the pay hike. This coming from a fellow who won the election by a mere 12 votes??? Time to recall this elected official and sent him packing. The greedy pig!

BC Politicians voted themselve a hefty pay raise!

I can't believe it as I was driving home from work today. The radio announced that the MLA (Members of the Legislative Assembly) had voted themselves a minimum of 15% (with some as high as 40%). In one afternoon, the Government managed to rammed through this pay raise (Bill 17) with all members (including Opposition) voted in support of passing the bill. Shame! Not one stood up to voice their concerns. I guess all politicians are alike (line their own pockets while standing up in public to denounce the poor working people).

This is unbelievable as a short few weeks ago, the Government was telling the teachers that they (the teachers) will not be getting any increases (zip, zilch, nada) but here we are, the MLAs will have a base compensation of $86.5K plus additional compensation based on their portfolio. If this keeps up, there will be combustion point (much like what is happening in France) and you will have people on the streets screaming for change (remember the French Revolution?).

Obviously the current political system is so flawed and so open to abuse that something has to be done. It's time that the general population rise up and kick these scumbags out of the seat of power! I think it's time for a new party with the right Principles and Ideals that will appeal to both the business leaders and the working folks.

October 2005 CPU

Pete Finningan pointed out a post on Bugtraq that documents some problems with the recently released Oct 2005 CPU patch. I was quite concerned when I saw Pete's entry as we have yet to apply the patch and if it causes problems, then we will have to hold off.

A further look into the Bugtraq posting shows that one of the problem identified was the unfixing of an old vulnerbility but that is only applicable to Oracle 8.1.7.4 as per the post, "the October 2005 CPU fails to install the
patched Oracle Text (CTXSYS) components on Oracle 8.1.7.4 on all operating
systems.". On top of that, it's a simple fix as the "flaw" as in the execution of an incorrect procedure. You can review the details here.

Blogging commitment

I must start off by apologizing for not posting any entries for the last few weeks. It's been hectic at work but I think I need to at least commit to posting at least one entry per week. When I first started this, it was a means for me to let off some steam and vent but as more and more folks start reading the blog, it became more of a commitment than I expected. Anyhow, from hereon, I will try my best to post on a more regular basis.

I've been keeping up on some stuff and also reading up on subjects that I'm not familiar with but have some responsibility in ensuring that it runs (for example, SAN). We have been experiencing problems with our SAN (IBM storage, FalconStor and HP-UX combo) and I've been reading SAN for Dummies. So far, couple of things that me; The first one was this statement, "To store information, the computer uses a series of eight bits, or one byte of data. A byte is eight characters of data. Therefore, it takes eight bits to make a byte. The letter A is store on your computer as a byte of data." Hmm, I still don't get it. The other one was the words, "fibre" vs "fiber" and how it was the French who uses "fibre". Hmmm, I think "fibre" is the right term (i.e. Queen English) all that.

Another thing that came to my attention was this headline from ZDnet, Tsunami Hacker" which seems to be a over-reaction to hacking based on new legislation. I mean if all the guy did was to browse the directories (since they were left open), I don't think that's hacking at all. It like saying that I have an open house and folks came in and started opening doors to check out the house and I can charge them with B & E if they open doors to rooms that I want to keep shut but not locked. How do they tell the difference between what was allowed and not (if doors to both are shut and not locked)?