Category: Software

Strategies to Mitigate Astroturfing for Forum Owners

Astroturfing (the practice of companies pretending to be ‘regular people’ and posting product or service recommendations on forums or blogs) is becoming a big issue. It’s becoming an increasing pain in the ass for us on AusGamers – as our site grows, we get more people drifting in from search engines on random keywords trying to pimp various products.

Unfortunately for this particular campaign – which is surprisingly subtle, giving the sheer obviousness of most of the others we get – it’s going to backfire, because I’m trying a new strategy. Rather than just blowing the whole post away, I’ve posted a link to a competitor.

We’ve been thinking for a while how to stop things like this. The most obvious strategy is to simply not allow new users to post URLs. This is what we’ll probably end up doing – before a user is allowed to post a URL, they must have at least (say) 10 regular posts to prove they’re actually interested in contributing to the community. The number will probably have to be tweaked a little.

There’s a bunch of other ways – approving first posts by new users, stopping them from creating new threads altogether, etc. At the end of the day I think the require-some-posts method works for us because we want to encourage a community of active users that regularly post useful information, and post counts is a simple (if not completely accurate) method of deriving some base level of trust – if they’ve got 100 posts, they’re more likely to be useful (simply because they haven’t been banned for astroturfing).

How to Record Triple J To Your Computer

After reading Hogfather’s post in this forum thread about people recording stuff off the radio it occurred to me that people probably don’t know how to do it in this new era of digital streaming radio.

Be aware that this is almost certainly not fair use and almost certainly is a violation of copyright. It is here for educational purposes only. I personally use this if there’s a song on the radio that I want to remember to look up later so I just grab a little bit of the lyrics so I can Google for it later to find out what song it is.

Here’s how to do it (you will need some familiarity with using the command line):

1) Get wget. I’ll assume you’re using Windows, so go to the wget for Windows page and grab the latest version.

2) Go the TripleJ website and look for the ‘Listen Live’ box which has the MP3 stream link.

3) Right click the link and save the file (triplej.m3u) to your computer.

4) Open that file in a text editor like notepad – it will just contain a single line, which will be a HTTP URL to the mp3 audio stream (at the time of writing that URL is http://202.6.74.107:8060/triplej.mp3).

5) Open your command prompt and invoke wget with that URL (or the URL in the file, if it’s different, obviously) as the parameter:

wget http://202.6.74.107:8060/triplej.mp3

This will start downloading an mp3 file which is a recording of what is playing on the Triple J stream.

WARNING: If you don’t stop it downloading, that file will grow to be huge. It will keep downloading as long as the stream is active. Just hit CTRL-C to stop it downloading once you’ve recorded the section of the song you want.

Chase Bank’s Email Security

For a few months I’ve been getting emails from Chase, which appears to be a financial establishment of some kind. These emails are addressed to a ‘Barbra Harrison’, who is not me. These are coming to my Gmail address – a fairly common occurrence, as many people mistakenly think they own my Gmail address.

People not knowing their email address – or simply mistyping it by accident – is a ridiculously common occurrence. In fact, I was working on how to mitigate it on AusGamers just before writing this. It seems a little scary though that people would screw up their actual email address in anything related to their bank or financial institutions.

But what’s worse is the emails don’t provide me with a clear way to notify the bank that they’re coming to the wrong place. I’ve tried replying to them a few times (despite the notice saying they won’t read them – sometimes they do). I’ve tried navigating their website, but it’s a maze and the only way I can seem to do it easily is to either log in with the account details of Barbra (which I might be able to retrieve as I am in control of the email address she submitted for her online account!), or call them.

I was a little amused when I got this email from them today:

chase-email-security

I decided to spend a bit more time reading the email to see what my options are. I can unsubscribe from mailouts – which I don’t want to do, because my email address might still be attached to Barbra’s account, which is not great for anyone. I can report it as fraud, which I don’t want to do because it’s not really appropriate.

The FAQs have one useful question: “I don’t have an account with Chase, but I’m getting e-mail about my Chase account. How does that happen?” The answer to that, however, assumes that I’m the victim of a phishing attempt. I’m confident that is not the case here.

They have an email address for other inquiries – emailquestion at chase.com. I always feel like mailing addresses like this is a total waste of time, but I’ll give it a go – for Barbra.

Update: emailquestion@chase.com bounces:The original message was received at Tue, 4 Aug 2009 20:44:45 -0400 (EDT)
from sg3.svr.us.jpmchase.net [155.180.248.7]

—– The following addresses had permanent fatal errors —–
<t000900@gti0s025.svr.bankone.net>
(reason: 550 5.2.0 /var/mail/t000900: irregular file)</t000900@gti0s025.svr.bankone.net>

They sure make it hard.

PayPal Changes Their Email Address

I recently got an email from PayPal (an actual one, not a phishing attempt) telling me that they’re changing their email address (subject: “Important Address Change Information from PayPal”).

I noticed this part:

How do I know if an email is really from PayPal?
PayPal emails only come from a ‘paypal.com.au’ or ‘paypal.com’ address. We will always address you by your first name AND last name.

It’s important to note that the first part of this answer is utterly useless from a security point of view. Anyone that knows anything about the Internet will tell you that it is completely trivial to send an email so it looks like it is coming from any email address. Email has no built-in security to stop this from happening.

It’s a little annoying that PayPal focus on that by putting it first, because it’s much, much less of a useful security measure than the second thing they propose – using your first AND your last name. Most email spam/phishing attempts simply attempt to guess your name by deriving it from your email address – for example, if your email address is david@example.com, then they’ll start their email with “Dear David”.

However, there’s (almost) no way to derive your last name in bulk mailing attempts like this – unless you already have that information, like PayPal would if you had an account with them. (I say ‘almost’ because there are fringe cases where spammers could guess your first and last name – for example, if your email address is formatted like david.harrison@example.com).

If you’re reading emails and wondering whether or not they’re from who they purport to be, bear in mind that looking at the actual email address is never a good way to do it. You’ll need to look for other clues.

Unless, of course, they’re using PGP or some other mechanism to digitally sign their emails. It boggles my mind that financial institutions aren’t offering this as a matter of course, even if only a handful of people would actually use it.

New Versions of MediaCoder No Longer Open Source

In addition to my below post, I was surprised to find the source for the latest version of MediaCoder is not available. Poking around on the forums I found a bunch of people that point out it hasn’t been open source for ages, which I didn’t realise. Articles like this one on their blog – asking for nomination in SourceForge.net’s Community Choice Awards – make this a little confusing.

It looks like you can still get the source for old (pre v0.7) versions, so I guess it still qualifies as open source in that regard, but Vic has pointed out MediaCoder is listed on ffmpeg’s Hall of Shame and there’s an ongoing ticket to try and get it removed from SourceForge.

I’ve always loved MediaCoder; it’s an awesome piece of software for video transcoding and takes a lot of the headaches. But really, all it does is provide a nice front-end to a bunch of open source tools and chains them together in a useful way. It seems the developers of MediaCoder have decided they’d rather pursue it as a commercial project now, so it’ll be interesting to see what happens from here.

MediaCoder Removes NeroAAC, tsMuxeR

Noticed today when I loaded MediaCoder to convert some videos to h264 that in the release notes they’re about to remove NeroAAC and tsMuxeR. I always wondered when this would happen as it was a pretty clear license violation of the NeroAAC stuff (at least, from my IANAL point of view).

Presumably it won’t cause any problems, other than making it slightly more of a pain in the ass as you’ll have to download those things seperately. NeroAAC is still available for a free download as long as you’re using it for non-commercial uses, but frustratingly there’s no obvious path to upgrade or license it if you actually do want to use it for a commercial purpose.

Hide Windows Media Player Shell Extension Options

If you’re sick of seeing the “Add to Windows Media Player list” or “Play with Windows Media Player” options in your right-click context menu on media files, then you can just do this:

regsvr32 /u wmpshell.dll

(entered at command line or start->run). This basically just unregisters the shell extension stuff and removes those options. If you want them back, just remove the /u and re-run it.

Create JPG Preview Images for Many Fonts

font-previewIf you’re like me and have a huge stack of TrueType fonts just lying around and don’t want to have to preview them individually by double clicking on them, you might find this handy to throw into a batch file:

for %%a in (*.ttf) do c:\imagemagick\convert.exe -antialias -pointsize 80 -font %%a -draw "text 20,120 'A quick brown fox lazy jumps over dog'" blank.jpg output\%%a.jpg

It requires having ImageMagick installed (I’ve installed it into c:\imagemagick in this example, but you can put it anywhere, obviously). This is a Windows example but should work fine on Linux as well (if you change the path to the ImageMagick binary).

Basically it will write out to the “output” directory a bunch of images rendering the text in that font, allowing you to quickly browse through (or throw into a web page like this to scroll down and compare).

Strip Attachments from Outlook Express Emails

I have been using Outlook Express for almost 10 years now. I have gigabytes of emails stored in it dating back that far.

Lots of the emails are from game publishers or various press sources and often include really ridiculously huge attachments. I often don’t need these attachments at all, so I’d like to be able to delete the attachments but keep the email just as a record.

Outlook Express, presumably through some sort of misguided security reason, doesn’t let you open an old email and just delete the attachment. What you can do is drag the email out to your desktop, where it will create a .eml file – basically a plain text version of the email with the attachments encoded. You can then just strip out the attachments manually (a relatively simple process) by opening them in a text editor and removing the relevant sections.

I got bored of doing this so wrote a quick PHP script to do it, using the PEAR mimeDecode package. It’s really rough and simple but basically consists of two parts:

1) a PHP script which parses the email, spits out the attachments, and spits out a re-written version of the email just in plain text.
2) a batch file which calls the PHP script, so you can just drag a .eml file onto the batch file and have it execute.

The PHP script is available here.

The batch file just looks like this – change it to suit your system:
c:\php\php.exe c:\utils\mailextract.php %1
pause

Trojan in On2 Flix Pro v8.545? Where da md5s at?!

I just loaded On2 Flix Pro (video conversion software to create Flash videos) and was told there was an update.

The application doesn’t have the smarts to update itself directly, instead sending you to the website to download a zip file containing the new update.

It installed successfully (well, the first attempt failed trying to register itself online to make sure I wasn’t copying it – super annoying DRM ties each install to a particular piece of hardware, making it hard to move between computers), but then when I went to run it I got an AVG error informing me that there was a trojan horse in the file winprojector8.exe – PSW.Ldpinch.VKM to be exact.

I’m fairly confident this is a false positive, but I can’t be sure, because there’s no digital signature or md5 or anything for this file, OR the zip file that I downloaded the application in, OR the self-installing .exe that came out of the zip file.

In case anyone else is running into this error, here are the md5s for each file:

577cbe65ae7f718b365b560e5109773b SetupFlixProPC_8_545.exe
4dbc59a37e213fc096f69eb9f6085964 SetupFlixProPC_8_545.zip
260e655dd577e54cd3a215feb60aa021 winprojector8.exe (the allegedly infected file)

Currently Googling for the md5 of the infected file yields this virscan.org URL, which indicates a few other applications detect a trojan in this file as well.

I have contacted On2 support (usually I get a response within 24 hours) and await what I hope will just be a ‘false positive’ response.

If they’d published an md5 hash of these files, I wouldn’t need to be worried. But they didn’t, so I am.

If you’re putting a file on the Internet up for download, please always publish a hash of the file – md5sum or sha1sum would be best – so that people can verify that what they think they’re getting is what you want them to be getting.