September 2008

The Night Owl has flown the coop.

Today, I just received word, that a friend of mine of several years has shucked his mortal coil...

Ray Patterson, SysOp of Opus/Fidonet BBS The Night Owl (307)235-5207 (Now Defunct) has died.

I won't say that we were good friends, in the sense of consistent contact, but I will say that he was at my first Casper Computer Users Group Meeting in the early 80s. His bulletin board (BBS) The Night Owl, I called at least twice a day. It is also rumored, though I never saw it myself, that he had made a one megabyte bank-switched Timex/Sinclair 1000! Totally within the realm of possibilities, but how do you load something like that with cassette?

It's a bit sad actually, that the bringer of his death was a brain aneurism, the man had a wonderful mind.

He had never done me wrong, and I don't think I had ever heard anyone else say ill of the man. So, yet another pioneer of Wyoming technologists flies off, not into the sunset...

But into the moonset this time.

With thoughts,
Zaphod Breeblebrox :(

*** Ray's Obituary from http://www.trib.com ***

Monday, September 8, 2008 7:37 AM MDT

CASPER -- Funeral serves for Ray Patterson, 55, will be held at Bustard's Funeral Home at 4 p.m. on Wednesday, Sept. 10, 2008.

There will be a viewing at Bustard's from 4 p.m. to 7 p.m. on Tuesday, Sept. 9, 2008.

He died on Sept. 5, 2008 at the Wyoming Medical Center from a cranial bleed. He was surrounded by family and friends.

He was born Dec. 10, 1952 in Thermopolis, to Harold "Pat" Patterson and Willamette (Gerard) Patterson.

He lived in Casper for most of his life and graduated from Kelly Walsh High School in 1971. He also attended Casper College.

On May 28, 1976 he married Terry Lea Brummond, the love of his life.

He worked at the Wyoming Medical Center as a computer specialist. He was retired from the Natrona County Fire Department.

He was a member of the Eagles, F.O.E. #306, Casper Air Modelers, Wyoming Blues and Jazz Society, Wyoming Modelers Park Association and his nightly coffee club.

His was interested in stock car racing, kite flying, RC airplanes and cars, playing the guitar and motorcycle and RV road trips, among other things.

He is survived by his wife, Terry, daughter Erin Rodgers and her husband, and daughter Deedee, all of Casper; his sister Janet Althouse and her husband, two nieces, one aunt and four cousins.

He was preceded in death by his parents and brother.

In lieu of flower, memorials may be made to the Wyoming Blues and Jazz Society, P.O. Box 1643, Evansville, WY 82639 or The Donor Alliance in Denver, CO, (303) 329-4747.

(Edit #1: Added Obituary)

Fight Back at Instant Messenger Spam!

I am sure you regularly get IM spam messages like...

daddydungbag3424:        you home? ;pdsc

Which you don't dare answer, or you will get link spammed, infected, or e-mail bombed with offers.

Well, I have figured out a way to fight back, and help people at the same time! Here are some things I have found out...

1. Most instant messenger spam comes from infected machines running robots under a rootkit where the normal virus checker can't see it.

2. Most of these infected machines are owned by n00bz (newbies) and are considered "fair game" in skiddie (formerly skript kiddie) circles.

3. 80% (or so) of these "bots" have auto-accept file transfers turned on!

This gave me all the data I needed to know. Now for the fun bits, I wanted not only to stop the machine from sending me something, but wanted a way to alert the owner of the machine that something was wrong, without causing damage.

Thankfully there is a virus out there that isn't a virus, but all virus scanners, even crappy ones see it. I figured if I were to send said fake virus to the offending machine, it would drop outside the rootkit, and the virus scanner would pick it up, and alert the newbie their machine had an infection. Luckily most newbies know to let a true tech take care of viruses (they are scary after all). If a tech were to see the test virus, and knows the person is a newbie, it should ring alarm bells in his head too instructing him to dig deeper.

This magical test virus is known as the EICAR test virus from the European Institute for Computer Antivirus Research. This fake virus file is older than dirt, but still, all but a malware anti-virus scanner would alert on it. This should work with almost all instant messenger programs, AOL IM, ICQ, MSN Messenger, Yahoo's Y!, Google Talk, Pidgin and more. Here's how you can fight back with me!

1. Make a subdirectory (folder) on your hard drive named... wait, you pick the name, because we don't want anyone, even me to guess it.

2. Go into your virus scanner, and protect that directory from shield and daily scans (else your virus scanner will do it's job, and delete our tool.)

3. Go to http://www.eicar.org/anti_virus_test_file.htm read the spiel on what it is, and download the EICAR test file to that directory.

4. Make a few copies of it.

5. Rename the copies to some juicy filenames like (be inventive!)...
mypassword.shs
creditcard.exe
wellsfargo.com
firstinterstate.com
(Thank you Clifford Stoll!)

6. Lay in wait for the next robot to link you to some foul site, or gibberishly greet you, and send them a present! (Some won't accept your poo cookie, but most will (as of the writing of this article))

7. When it happens, know you have pretty much alerted an innocent person that there's an evil spy loose in their machine (Quite like superuser come to think of it...), and started them on the road to safety Oh, and, you got to take a toy away from a bad bad boy.

Zap >:)

(Edited to fix some egregious spelling errors)