“A nearly impenetrable thicket of geekitude…”


Spam, spam, spam, spam, spam. The scourge of modern life. Or at least one of them.

Neci Feihsi

I got an interesting phish in today’s e-mail. Here’s how it looked in Thunderbird:

Dera Baalcrys Membre,

Tsih eamil was setn by the Braclays svreer
to verify yoru eiaml addrsse.

…and so on. My initial fears that the bad guys have finally lost it and just given up were allayed when I looked at the actual source of the message:

Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: 7bit
De‮ra‬ Ba‮alcr‬ys

What is going on here? The message body is an attempt at Unicode. Code point 8238 is “right-to-left override”; code point 8236 is “pop directional formatting”. The sections contained within the “‮‬” groups are therefore supposed to be printed backwards.

How delightfully creative. Except that the message is marked as being encoded in ISO-8859-1, which doesn’t contain those code points. All the cleverness (probably aimed at some mail program that accepts the invalid code points) was ignored, leaving gibberish. The good news is that even if they fix that, the presence of “‮” in e-mail is going to be a pretty good indicator of something phishy going on.


Comments Return

Courtesy of a custom Perl installation and Jay Allen’s latest MT-Blacklist software, anonymous comments are enabled again.

Arms Race

While listening to an interview with Bruce Schneier recently, I was struck by his depiction of the problem of the red and blue doors. Simply put, he observes that much security thinking is (given the way politics works) inevitably built around watching which door the bad guys go through, then putting guards on it. Money spent, “something has been done”, problem solved.


Read more

Blog Comment Spam

New medium, same old sleaze it seems. Today, someone wishing to advertise Those Blue Pills placed a comment on each of the fifteen posts I’d made here so far. Just to make sure the message got through, some posts got up to three copies of the advertisement.

This was annoying, but I should have been expecting it.

New UK Anti-Spam Regulations

There is a continual flurry of secondary legislation being laid before the UK parliament every day it is in session. Most of it, like the The Tonnage Tax (Training Requirement) (Amendment) Regulations 2003 (Statutory Instrument 2003 No. 2320), is of interest to very few of us. An exception to this general rule might be The Privacy and Electronic Communications (EC Directive) Regulations 2003, laid before parliament on the 18th of September and coming into force on December 11th.


Read more

Spam: "Why Can't You Just..."

Along with computer viruses, spam (however defined) is becoming a significant barrier to actually getting things done with these computer things. Almost everyone would love it if there was an easy solution to the problems spam causes: either a technical solution or a non-technical (legal or social) one would do.