On SOPA

(This is made up of a set of email I sent to some of the contacts on my address book. I figured I might as well post it here too.)

A good deal of the major web sites have blacked themselves out today in protest of SOPA.

Many of them would not exist at all if SOPA/PIPA (also known as the Internet Blacklist Bills)  were to go into effect, or had it been in effect at the time they had started out.

The list of sites includes Wikipedia, Google, and Facebook, some of the most popular sites on the internet. They, and other productive businesses, are under a coordinated attack from large and entrenched companies who distort the news, promote proprietary closed source software and DRM, and troll innovative companies with bogus patents issued by the United States.

SOPA/PIPA doesn’t just threaten “pirates”. SOPA/PIPA threatens free and open source software, and free and open content. It gives the US government, without any court order, the ability to remove sites from the internet. Not just in the US, but worldwide. It must be stopped.

In my personal opinion, it would blow up in the face of the proprietary software companies that are promoting it, and possibly lead to a mass exodus to free and open source software (at least until the rich business criminals at Microsoft and Apple figured out a way to shut them down with unfair legal tactics). As tempting as it would be to otherwise just not care about SOPA/PIPA because it would likely cause these companies to  choke on their own greed, gloating at the prospect that the government thugs will take sites distributing this proprietary software down is not the right thing to do. An act of repression is not a good thing, even when it is likely to backfire and cause a revolt. (Besides, you’d think ICE actually had a job to do that isn’t getting done. Hint hint.)

The protest against SOPA/PIPA has forced the mainstream media to (sort of) do their jobs. They were silent on it before because many of the larger ones like MSNBC/CNN/Fox Noise actually supported it.

With sites like Wikipedia and many others gone black or having had large protest banners today, they had to come out of hiding.

The protests have done at least some good. They have raised awareness of this repressive piece of Anti-American legislation, and chased some of the supporters away from it. It lost at least three co-sponsors today as a direct result of the protests.

http://latimesblogs.latimes.com/technology/2012/01/sopa-blackout-sopa-and-pipa-lose-three-co-sponsors-in-congress.html

Many of them gave the MAFIAA (MPAA/RIAA) people a chance to attack the grassroots protests with rhetoric and smear.

Says former Senator, turned MAFIAA shill, Chris Dodd,

“Some technology business interests are resorting to stunts that punish their users or turn them into their corporate pawns, rather than coming to the table to find solutions to a problem,” says Chris Dodd, CEO of the Motion Picture Association of America, which supports the bills. “A so-called blackout is yet another gimmick, albeit a dangerous one, designed to punish elected and administration officials who are working diligently.”

http://www.usatoday.com/money/industries/technology/story/2012-01-18/SOPA-PIPA-protest-reaction/52641560/1

You might remember Senator Dodd, he resigned because the MPAA offered him a truckload of money to be a lobbyist working against the American public, and for the rich business criminals who make up the MPAA.

SOPA was largely written by members of ALEC. Most people don’t know what ALEC is, but ALEC is actually the government of the United States. The real one. It’s made up of corporations, lobbyists, dirty money, and private lawyers that hand off finished bills for the shills in Congress to introduce and pass.  They probably figured SOPA/PIPA would simply sail through like the rest of the US laws they write, such as the Digital Millennium Copyright Act. Normally, their attacks on education, the right to read, and the right to share and help your friends goes unnoticed. Indeed, the DMCA was mild compared to SOPA/PIPA. It managed to get rammed through back when the “social” media phenomenon of the internet was not as vibrant as it is now, or it too may have been shot down by overwhelming public outrage.

http://alecexposed.org/wiki/ALEC_Exposed

ALEC has written a number of state level laws and passed them off to their shills in state governments across the United States, including in Indiana. The “Right To Work” bills are largely their doing. An attack against living wages and jobs with good benefits. Companies wish to deal with workers on an individual basis so that they are expendable and, unable to bargain with their employer, have to accept whatever lousy pay and benefits they’re offered.

Wal-Mart (a member of ALEC) in particular is supporting that one, because it likes to hide the true cost of their merchandise. By avoiding unions, paying their employees minimum wage,  and giving most of them no health insurance or benefits. You may think you’re saving money when you shop there, but those employees who work 40 hours a week end up in the line for food stamps and Medicaid. Wal-Mart shifts the difference onto state and federal tax payers, who must foot the bill regardless of if they even shop at Wal-Mart.

SOPA/PIPA is only a symptom. In fact, I’d say that we’re fighting the wrong thing. The disease of bad government remains. You can’t fight a cancer by treating only the symptoms and hoping it goes away.

Finally, I notice that Chris Dodd speaks of middle class jobs being destroyed by “piracy”. I wonder what middle class jobs a branding company full of lawyers and former US senators actually produces. Are they talking about the Mexican cleaning crew that goes over their restrooms or something? (As for Microsoft, they employ very few Americans. Most of the development on Windows and IE is done in India and China.)

Our government has been taken over by these people. When Ben Franklin was asked whether we had a monarchy or a republic, he apparently answered “A republic, if you can keep it”.

Fighting off theocrats and big business interests who want to subvert our freedom, by fighting individual acts that they commit against us, is like trying to cure malaria by swatting at mosquitoes (to borrow part of a Richard Stallman quote about fighting off software patents).

We no longer have a republic, we have a Corporatocracy.

This work by Ryan Farmer is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

Are bandwidth caps a sneaky way for ISPs to profit from Windows malware?

Call me now for your "free" readin!

Back in the 1990s and early 2000s, there was a class of malicious software called a “dialer”.

The “dialer” malware type was Windows software that either tricked the user into running it (trojan horse)with the promise of porn or something, or found its way onto the system with minimal interaction from the user, like most malware for Microsoft platforms does. When launched, the software would typically pick up the modem and dial a foreign country or a 1-900 number, and instead of blocking the call, the phone company would let it go on and on as long as they could because they could pass along the bill and share in the ill-gotten profits.

The phone companies also partook of another scheme unrelated to computers, but which I will mention because it serves to point out the general pattern I am discussing. Remember those “free” psychic reading advertisements that came on the TV? The phone company would really start billing you $4 a minute after 3 minutes. (Fun fact: The psychics were fake. (duh) According to the FBI and FTC investigations of the so-called psychics, they were using a technique called cold reading. They had script that branched out like a tree and were designed to keep the victim on the phone and racking up charges for as long as possible.) The phone companies, again, sat back and shared in the ill-gotten gains.

Now the year is 2012, and more and more ISPs are imposing bandwidth caps. They claim that users using bittorrent heavily are among the reasons they need to overcharge. In reality, most of the traffic on the internet is generated maliciously by Microsoft Windows malware doing one of three things.

Worms trying to spread and shotgunning random IP ranges with port scans to try and “get lucky” and find infectable hosts. Since most Windows users use ineffective antivirus/no anti-virus and/or don’t install their updates, this is pretty easy to do.

Botnets sending spam. Microsoft Windows malware is responsible for over 95% of the spam emails and spam instant messages.

Botnets sending tons of garbage data in a coordinated attempt to bring down a web site running Linux or a BSD, which the attacker would likely never take down in a direct attack on the server itself. In fact, it’s not even the OS that crashes due to the onslaught (unless it’s Windows Server), it’s usually just that the site’s internet connection is swamped and no longer able to fit in any real requests.

I don’t use Microsoft software, but because many people do, I am still in danger if someone decided to DoS me.

Back on point, this traffic is immense, and many people leave their computer on for a great deal of time or 24/7. So if the malware floors their internet connection, even if only while they’re away from their computer to avoid suspicion, you will overrun your cap fairly soon and the meter for overages starts running.

AT&T DSL has a cap of 150 GB. Windows malware could overrun that entire allotment in 1-2 days, and have the rest of the month operating in your overage use, which AT&T silently sends you into at a rate of $10 per 50 GB. You could spend the better part of the month paying $30 a day + your $45 monthly fee for the DSL line simply because you use Windows. (That’s a bill of over $900 for those not bothering to fire up their calculator).

Ouch. The tragic part about this is that technically illiterate people like my mother will just blame “the damned computer” like they do so often when Windows causes them problems.

If you would rather not pay for spammers to use your PC to send me spam emails might I suggest Android or a GNU/Linux distribution?

Open source software tends to be more secure. For a variety of reasons. Closed source is not just about controlling the customer, it’s also about controlling the perception of a product. Hiding source code makes it easy to cover up bugs, work arounds for bugs, security problems, and inefficient, bloated, and downright incompetent code. Microsoft does this a lot, but it isn’t just them. Apple is a false choice that is much the same.

The idea that a sucker is born every minute is not only true, it’s the only way phone companies, cable companies, psychic hotlines, malware writers, and proprietary software companies stay in business and make so much money.

AT&T finds another way to mug their customers…

Bandwidth caps:

Or “If I had only known then what I know now, I may not have left Comcast”

I just checked my more or less abandoned Hotmail account the other day because I needed to retrieve a license key for a particular piece of software I bought a long time ago (and they only send the key to the email address you gave them when you bought it).

While I was digging, I noticed a letter from AT&T. The letter was very unprofessional because it didn’t even mention what service that it was in regards to. My mother, who is computer-illiterate, had them send her cell phone account info to that email address because she needed it in order to get “rebates” on her cell phone plan. Ever since then I’ve resigned myself to the fact that anything I see from AT&T that lands there is hers. I couldn’t get them to stop because it’s her account, she can’t get them to stop because she called one day, spent a typical AT&T hour on hold, got someone that said he fixed it and didn’t. (Again, everything I’ve come to expect out of AT&T).

So I get something from AT&T that said I went over my “data plan”. I didn’t notice, but AT&T has had a DSL cap of 150 GB a month since March. I figured my DSL didn’t have a cap, because it was “unlimited” when I started subscribing to it. So I figured it was talking about her cell phones. So I called over to their house, told my step dad that they might want to watch how much data they use over there and inadvertently started a fight that hasn’t let up between them yet. As soon as I found out that this was not about them, but was about AT&T DSL, I have never felt so pissed off in my life. I started World War III over there over something AT&T did to screw me over that has nothing to do with them.

Now that I’ve gotten that out of the way, here goes the obvious rant about data caps:

The nature of the DSL system makes it very very cheap for AT&T to solve congestion problems. Likely a few upgrades to DSLAMs here and there would clear up any problems (if there are any). For a company that makes record profits and gets to overcharge so much already due to being a near monopoly in the United States, these upgrades would be peanuts.

What is really happening, obviously, is that someone at AT&T noticed that if they can extract $10 a month extra here and there from their existing customers, that’s pure profit. Some of them may even not notice right away due to AT&T’s tendency to use cram methods so you never know quite what you’re paying for, and I doubt anyone is going to sue over $10-$20 in overage. Another fact, like in my case (where I got the two warnings this year), is that I changed email services quite some time ago and AT&T had an old Hotmail address I was barely using. Why aren’t they sending this crap to my ATT.NET email account? That’s my official AT&T email account. They sent those hilarious and absurd warnings about IRC being Windows malware to that address earlier this year. I do check it now and then to see if there are any account notices. Not quite as often as I could, but anyone who relies on ISP email is stupid. It is instant lock-in. If you ever leave that ISP, like I likely will with AT&T in the coming months, then they simply delete your email address and give you no forwarding options. Yet the fact remains that it is the official email address tied to my account and they should be using it in all official communications with me.

Now that we’re past the parts where AT&T made me to be an asshole and inadvertently start a war between my mother and step-father, then almost surprised me with a whopping bill full of overages, let’s talk a little about Adblock Plus and other ad blocking, like Privoxy or host files or Chrome Adblock or Opera’s content filter…or……you get the point.

I looked at my monthly usage for the last year, ad blocking the entire time. and I noted that there would have been an additional ~5-6 times that I got so close to either the 150 GB cap or the next cap (they sell you additional 50 GB chunks at $10 each), that I would have essentially paid AT&T another $50-$100 over the last year if I had turned my ad blocker off.

Note to website owners: Sure I feel for you, but I am not going to turn my ad blocking off and pay another $10-$20 a month in overage fees for the bandwidth that your 10 foot tall Microsoft ads in flash (the example I used was Phoronix.com at one point). If you would like to replace them with ONLY static ads or Google text ads, which do not chew bandwidth, and then apologize and promise on your site to never resort to that behavior again, then I promise to consider whitelisting your site. As it is though, I don’t feel like paying highway robbery to get Microsoft ads in flash and “buzzing mosquitoes” and “shoot-the-monkeys”.

In the kind of networks where there really are congestion issues by design, such as cable, it’s likely that this abusive advertising is what is actually “clogging the pipes”.

 

 

 

 

 

AT&T thinks IRC is malware

I logged into my att.net email account today…

I don’t do that very often since ISP email is a trap that makes it harder to leave that ISP. But that’s where they send account notices and the address I use for situations where I might be spammed and they won’t take a disposable address such as Mailinator.

What’s the first thing I see? A stack of warnings under the subject line WARNING NOTICE from AT&T Internet Services Security Center.

Likely the only reasons this didn’t get sucked up by a phishing filter is because it’s an AT&T email address and because Yahoo’s (it uses Yahoo Mail) mail filter is a joke. If I had set this to forward to the much superior GMX mail that I use often, I probably would never have seen it.

Suspecting this was a phishing scam (subjects like these usually are), but clicking on it anyway revealed this..

Wed, June 1, 2011 7:41:20 AM

WARNING NOTICE from AT&T Internet Services Security Center

From:	AT&T Internet Services Security Center <abuse@att.net>
To:	Removed

---

IMPORTANT COMPUTER SAFETY NOTICE from AT&T Internet Services Security Center -“IRC Traffic Detected”

We have evidence which indicates that a computer accessing the Internet via your Internet connection may be infected with malicious software such as a virus or worm.

By now I’m thinking “Are you shitting me?” First off, I don’t use Windows or Mac, so the chances if this being a worm are beyond remote. Secondly, I do use XChat for IRC, daily, and have for years.

The message goes on to state… (notes from me in bold)

IRC Botnet infected systems commonly send or receive commands that can SPAM email, spread malicious software, and perpetrate identity theft.

IRC traffic on ports other than those normally used by IRC can be an indication of backdoor trojans or bots. (Or it could indicate I am using SSL on port 7070 to avoid spying from ISPs that cooperate with Federal acronyms with no warrant and do other creepy things I don’t want to think about. I use SSL on XMPP too, is this malware?)

We realize that in some cases this may be normal activity if you are running an IRC server (client), but in order to protect yourself and others, we recommend that you scan every system that utilizes your internet connection with up to date Anti-virus software. (No thanks)

To address this problem, and in accordance with the terms of service and acceptable use policy of your service agreement, we ask that you immediately take the following steps to secure your network: (Fuck you)

1.    If your computer(s) are managed by an Information Technology (IT) group at your place of work, then contact them immediately.

2.    AT&T offers a free online scan tool PC Health Check that will scan for virus/spyware activity. (link removed)

3.    If your computer(s) are personally owned, then update the security software on your system (follow the instructions on your vendor’s website). You might also consider installing new security software such as AT&T Security Suite. (link to rebadged McAfee crapware removed) (You must be logged in with the Master Account ID to download AT&T Security Suite).

4.    If you are an advanced user (Probably more so than most of your mouth breathing employees), then consider reimaging your computer(s) and installing the necessary software patches. (As unwarranted as your collaboration with Federal searches against your users) For less advanced users, this can be done by a third party such as AT&T Connect Tech.(link to ~$200 an hour monkeys that rip off the terminally stupid Windows users) AT&T Computer consultants trained to clean infected machines (There’s training for that? Victimizing Morons 101?) might also be located in your area (you can search at self-serving reference removed).

5.    In all cases, please respond by forwarding this email to: abuse@att.net with an acknowledgment of: “I am taking steps to address this infection.” (Can it be an acknowledgment that you can go sodomize yourself with a lead pipe?) When we receive such an acknowledgment, we can maintain the high quality of service you expect from us. (BWAHAHAHAHAHAHAAAAAAAA! *DIES LAUGHING*) We welcome feedback on what removal tools or method were used. (Chewing gum and Popsicle sticks)

The message concludes with a bunch of links to Microsoft’s “Security Essentials” and such. Trusting the maker of the defective operating system to secure it? No thanks. I’d rather be safe and happy on Fedora….

My replies to AT&T: (The first one was when I was fuming)

Dear Morons,

Internet Relay Chat is a chat protocol, I am not using Windows or Mac OS because I am not a retard. I know what a botnet is, and I know I don’t have one. Please kindly stop sending me this nonsense.

PS: If I get one more of these I’m going to find out whose idea it was to crapflood my mailbox, and rip their head off and shit down their throat. No seriously. how can you people be so stupid? Do you ever just stop to think that people use IRC for legitimate purposes or may use a non-Windows non-Mac OS operating system which isn’t plagued by this kind of crap to begin with?

By the way, I’d like whatever I’ve been paying you for Norton or McAfee or whatever related bloated uselessware refunded if that’s possible, since I have no possible use for it. Would that be cool? I’d love to have the mandatory Windows antivirus tax returned to me at your earliest convenience.

Have a wonderful day.

————————————————————————–

Then I noticed another warning about IRC in my box and sent this…quoting part of their form letter.
“In all cases, please respond by forwarding this email to: abuse@att.net with an acknowledgment of: “I am taking steps to address this infection.” When we receive such an acknowledgment, we can maintain the high quality of service you expect from us. We welcome feedback on what removal tools or method were used.”

Dear DMCAT&T,

I have taken steps to remove the Microsoft Windows infection, I formatted my hard disk and installed GNU/Linux. I suggest you add this to your recommendations as a way to solve Windows malware problems permanently.

I sincerely appreciate your concerns for my safety. I apologize for my brash email when I saw these notices yesterday as my brain can only handle so much stupidity before shutting down and causing me to go insane.

PS: If you’re going to discriminate against open standards like IRC, why don’t you pick on proprietary crapware like Windows Live Messenger and Yahoo Messenger, the most heavily spammed protocols that I am aware of. It’s also common for users of these networks to be sent malware by hijacked client software of those on their friends list, or sometimes through advertisements hosted by Microsoft themselves. I also speak entrely of my own observation that these services are favored by pedophiles since To Catch A Predator with Chris Hanson always seems to use them to lure 400 pound kiddie diddlers with.

As much as I love your work on behalf of the various cartel organizations to spread FUD about open standards, and censoring the web voluntarily at MAFIAA request, I may have to start searching for another ISP soon since you are making me a “sad panda”.

In closing, I would like to request that you permanently cease sending me pointless notifications like this as they will probably lead to more mocking of your stupid and senseless policies.

Thank you for your consideration.