warning: Creating default object from empty value in /home/timk/ on line 1388.

Just A Bite of Coffee and Ice Cream

Photo © 2006 HD41117 CC 2.0 BY NC SA

Her great claim to fame was that she failed Freshman English Lit. Twice.

How is it even possible to fail English Lit? Think about it. This is a course that has no real requirements, save that you show up and say something. Yes, you’re supposed to read the novel that everyone else is also reading. But lesser students had squeaked by on the Cliff Notes, or even outright faking it.

Even so, she managed to fail English Lit. Twice. And so ended her college career.

She promptly moved back in with her parents. She discussed the situation with them only in sketches. Her father asked her what she was going to do now. She replied that she didn’t know, which was the truth. He quietly accepted her answer. He didn’t seem upset. He seemed a little worried.

She took a service-industry job at a local ice-cream-and-coffee place, promptly proving her klutziness. She was constantly getting ice-cream flavors mixed up, or putting half-and-half in a customer’s coffee instead of milk. When her boss asked her to wipe down the counter, she promptly sprayed cleaning fluid all over the lemon sorbet. This made him none too happy and earned her a sharp rebuke. She couldn’t even pour a fruit smoothy without fucking it up— spilled it all over the floor.  Click to continue »

Too Much Information

Photo © 2008 Paul Falardeau CC 2.0 BY ND

This story is a test.

Seriously, it’s a test to see whether I can magically change the future. Really.

I know you don’t believe me, but let me explain. For the past three weeks, I’ve been dreaming the future. Actually, it’s been 20 days. Today will be day 21.

It may have been going on for longer, but I first noticed it on May 21. Actually, at first, I thought it was just a coincidence. It wasn’t until a few days later that I began to suspect something… paranormal. (Yeah, that’s the word I want, paranormal. I know it sounds crazy, but that’s the only word that fits.)

On Friday, May 21, a friend of mine was telling me what happened to him that morning on the way to work. He had almost gotten into a 5-car accident. (He would have been in car number 6.) And as he was telling the story, I remembered I had dreamed the night before about the same thing, an almost-accident.

In my dream, an old work colleague, who I haven’t seen in years, was driving a motorcycle down I-95, and suddenly a truck ran over her. I freaked, of course, but then she got up and assured me that she and her bike were okay. It had been a near miss.

Crazy coincidence, I thought, and I told my friend about the dream I’d had. We all had a good laugh over it and didn’t think any more of it.  Click to continue »

The Confidant of Jericho

Photo © 2008 Jenjke Bykov CC 2.0 BY NC ND

From the moment they appeared at my door, I knew the two men weren’t from around here. The first of them introduced himself as Salmon, told me they were seeking my services, said that Avi had sent them. I looked him in the eye for a few seconds. Good-looking, not too eager. I try to be careful about making mistakes, because there are some services I don’t provide, and I’ve been burnt before. But they looked okay, and they knew Avi. Business travelers, I thought, slumming it up in the red-light district. I let them in.

They gave the room a once-over, my humble abode. I told them where to sit, in the dark corner near where I had been weaving flax into rope. I poured them each a drink, gyrating and throwing them each a wink. I described to them the services I offer—and told them which ones I don’t offer—and how much it would cost. Nods all around.

One of them started a conversation. Nothing about that seemed out of whack. Men often enjoyed a little casual talk before satisfying their baser urges. Salmon said he had heard that I sometimes met high-ranking officials. Even that didn’t make me suspicious. I just told him I couldn’t discuss who I know or don’t know. I may be just a whore, but privacy is still pretty important in my line of work, and I don’t want to get on the wrong side of some of my clients.  Click to continue »

Only the Lonely

Photo © 2009 Janine CC 2.0 BY ND

All those days sitting through Mrs. Owens’s seventh-grade algebra class, then years staring through Reverend Hardy’s sermons, and now centuries yawning through business meetings, she would have thought she’d have gotten used to the experience.

She shifted in her seat, as the company CEO flipped to another PowerPoint slide, animatedly spewing the latest rendition of corporate spin to the assembled audience. Sales figures and production are up! (Except in the divisions that the company did not purchase this year.) We’re launching several exciting new projects! (Because we weren’t able to finish the last ones.) We now control more gigabytes of shitty software than all of Microsoft and IBM combined! (And that’s something to brag about? Even if it were true?)

She glanced around. Hundreds more faces, just like hers. She was suddenly overtaken with isolation, that she could feel so alone amongst so many others just like herself.  Click to continue »

For a Real Buzz, Touch This Microphone!

Photo © 2010 CC BY-ND 2.0

Isn’t it funny, the snippets of life that our memories recall?

Lately, my online buddy and comrade in words, Jim “Suldog” Sullivan, has been talking about his days as a garage-band bassist. On Monday, he told a story of how one of his bandmates rigged his microphone to electrocute him. And that reminded me of one of my own stories.

Okay, first of all, I must say one thing, as a fellow musician with experience in electrical engineering: Futzing with the ground wires is not a funny joke, dude. I don’t think I would have forgiven as readily as Jim did. He’s clearly a bigger man than I. (Or maybe that shock was simply bigger than either of us suspect.)  Click to continue »

Grand Theft Internet (part 5)

This is a true cybercrime story, which hit my friend Tom. Click here to read the story from the beginning. OR Click here to read the whole story as a single page.

Chapter 5

Sunday, March 28, 8:06 PM EDT

“They stole!!!!!!!!!!!!!!!!!!!!!!!!”

By 7:45, Glen had discovered that the attacker had been manipulating the DreamHost support people in order to crack into Tom’s account and steal, a tactic called “social engineering.” Glen discovered this just minutes too late.

Glen immediately promised to gather forensic evidence in order to get back Tom’s domain, to insist on reforms of DreamHost’s policies and practices, and to pursue prosecution. He confirmed that there had been a security breach at DreamHost, and that the support people on chat were not supposed to be making changes on customers’ accounts. DreamHost serves as registrar for over a half-million domain names, and hosts close to a million websites, and the attacker could have gone after any of these— and still could. No doubt, the story, as he reconstructed it, stunned and panicked him and everyone else at DreamHost.  Click to continue »

Grand Theft Internet (part 4)

This is a true cybercrime story, which hit my friend Tom. Click here to read the story from the beginning. OR Click here to read the whole story as a single page.

Chapter 4

Sunday, March 28, 2:40 PM EDT

Glen, from DreamHost’s abuse-response team, replied to our support request, saying that Tom should provide certain billing details, in order to verify that he owned the account. That’s DreamHost’s standard procedure. But we believed that someone might be listening in on DreamHost’s email. How to convince Glen that this issue needs looking into? Tom emailed him back, explaining that he believed that DreamHost’s email servers had been compromised, asking to talk via phone or to send the data via fax.

Tom said to me, “I’m sure they’ve chalked this up to some customer with sloppy security getting their email compromised.”

Shortly thereafter, Glen confirmed that suspicion. He said that while he was open to evidence that DreamHost’s network had been compromised, there hadn’t been break-ins on any other accounts. He suggested that Tom scan his computer for viruses, to make sure there wasn’t something installed on it that was listening in on his email.

Tom shot back, “It’s a Linux machine with a secure password behind a firewall. I have a clue about security. The only place I am seeing any evidence of a breach is with DreamHost. The attacker attempted, and failed, to reset the password on my Google-hosted account. If he had compromised my machine here, he would have been able to intercept that email.”  Click to continue »

Grand Theft Internet (part 3)

This is a true cybercrime story, which hit my friend Tom. Click here to read the story from the beginning. (If you’re looking for my usual “Friday Fun” column, it will return next week.)

Tom and I speculated on how the intruder broke into Tom’s DreamHost account, and what he might be doing there. I thought he might trash Tom’s account, and I was concerned that Tom be able to restore any lost data quickly. But Tom really didn’t have any data in that account. All of his Internet services were served from elsewhere. He thought the cracker was probably setting up a phishing site. That is, the guy would put a fake web page that looked like a real company web page, maybe for a bank. Then he would send people to that web page, maybe with fake spam emails, and then try to trick people into giving him their bank logins and passwords. Tom even feared the guy might charge up fake domain names on his credit card.

Fortunately, there was no way for the attacker to obtain Tom’s credit card number. Nor could he charge up services or domain registrations on the card, because DreamHost’s system always asks for new credit card information when you make new purchases. DreamHost only uses the credit card on file to pay for recurring services that you’ve already agreed to. So that was good.

I had been the target of an Internet break-in before. Someone had cracked into an old Linux box, which I had used as an Internet router years ago. He got in using a long-since-patched exploit. Then he tried to install some Internet relay software, possibly so that he could use my computer in an attack on someone else’s. He gave up as soon as he figured out that my Linux router was too tiny and impotent to run his software.  Click to continue »

Grand Theft Internet (part 2)

This is a true cybercrime story, which hit my friend Tom. Click here to read the story from the beginning.

Saturday, March 27, 10:23 PM EDT

The dark figure waited at his computer for DreamHost support to respond to his chat request. He had requested the password be reset, eight times since 9:35, since he had tricked them into adding his email address to the account. But he hadn’t been receiving the password-reset messages in his email.

Brian answered the chat. “Hi there, how can I help you.”

Now impersonating Tom, the legitimate owner of the account, he explained his problem as best he could. “I’m trying to get login info in my new email address, but not receiving email from DreamHost.” He gave Brian the account ID and email address.

“You’re already logged into the panel, if you’re talking to me,” Brian said.

“Yes,” the dark figure replied. That was true. He was logged into the administration panel, just not into Tom’s account. Not yet. But hopefully soon. He told Brian that he had recently updated the email address, and that he needed to use the new address, not the old one.

Brian replied, “Both are actually listed on your account.” He explained that Tom could use the administration panel to make any changes he needed.

Yes, the dark figure said, he’d tried that many times, but it wasn’t working. He kept getting an error, he said in his typical broken English.

Brian asked him to try it again.

So he did. Of course, he didn’t actually try anything. His story was a complete fiction, but a believable one. He described the steps he would have gone through, had he actually had access to Tom’s administration panel. Every value he would type, every checkbox he would check, every button he would click on.  Click to continue »

Grand Theft Internet

Illustration © 2009 Michael Molenda

This is a true cybercrime story, which hit my friend Tom this past weekend… a little too close to home. And I realized that this is something that could happen to me. Indeed, it could happen to any of us who owns his own business or website domain. Tom wanted this story told, in the hopes that the knowledge will help prevent similar crimes in the future, to encourage other victims also to come forward, and to increase the chances that crimes like this will be prosecuted as a result, and I agree.

I’ve tried to reconstruct the timeline of events as accurately as I can. Naturally, when I portray the villain’s activities—and especially his thoughts and motivations—I’m speculating… but let’s call it “informed speculation.” The villain, although he may sometimes appear incompetent, never acts out of random whim. His goal is not merely to poke around inside someone else’s computer and see what he can find. No. He is pursuing a goal, so he has a purpose to everything he does. And I’ve written his character from this perspective.  Click to continue »

Syndicate content