The home of the haikulator

 

Links

My Stand-up & gigs
The Coding Craftsman
BurberryAndBroccoli
MarkInventions

The Musical!
Incredible Productions

apostrophell
backlash
incredible
haiku


Previous Posts

There Must Be 50 Ways To Make A Gig Difficult
History Repeating
Hi, we’re calling from Some Criminals.com
An Open Letter To HSBC
Pay What Now?
Outro
Hearing the music
When to quit
I am not as other men
Tonight I was funny

Blog Archives

October 2001
November 2001
December 2001
January 2002
February 2002
March 2002
April 2002
May 2002
June 2002
July 2002
August 2002
September 2002
October 2002
November 2002
December 2002
January 2003
February 2003
March 2003
April 2003
May 2003
June 2003
July 2003
August 2003
September 2003
October 2003
November 2003
December 2003
January 2004
February 2004
March 2004
April 2004
May 2004
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
May 2008
June 2008
July 2008
August 2008
September 2008
October 2008
November 2008
December 2008
January 2009
March 2009
April 2009
May 2009
August 2009
September 2009
January 2010
March 2010
April 2010
May 2010
June 2010
July 2010
August 2010
September 2010
October 2010
November 2010
December 2010
January 2011
February 2011
March 2011
April 2011
May 2011
June 2011
July 2011
August 2011
October 2011
December 2011
February 2012
March 2012
April 2012
May 2012
June 2012
July 2012
March 2013
April 2013
May 2013
June 2013
July 2013
August 2013
September 2013
October 2013
December 2013
January 2014
February 2014
March 2014
May 2014
July 2014
January 2015
February 2015
March 2015
April 2015
May 2015
June 2015
July 2015
August 2015
January 2016
February 2016
March 2016
April 2016
May 2016
July 2016
August 2017
January 2018
August 2018
September 2018

Global Domination

Locations of visitors to this page

Monday, August 20

History Repeating

History is unreliable. Stories through the telling take on a truth of their own, quite different to the objective facts of the time. Often this is gradual, though sometimes it’s a very deliberate act of one’s own psychological survival to quickly recreate the narrative with yourself as the valiant hero.

Let’s just say it’s been an eventful few months.

Sitting there, as a weird lighthouse in the sea of my life, is the Edinburgh Fringe. My relationship with it is deep and complex, but always lovely. I’ve never had a single year where I regretted being there for the reasons I went there. I’ve always had sensible expectations and always met or exceeded them... or so the story goes.

This year’s trip is, if records are to be believed, my 17th. The Fringe itself has been running in some form or other since 1947, meaning this is the 72nd. I’ve been to more than a quarter of them!

My wife has just finished her 8th Fringe. I’m the sole reason she started coming to them...  I think it’s fair to say she’s as fully invested as I am!

The festival seems to be a constant across time, with the same venues reappearing out of the mist each year, only to disappear at the end of August as though they were never there... but it is changing. The biggest change is the market.

Audience expectations move year on year. This year, the expectation is that you can pay for free Fringe show buckets using cashless payment. The “kids” have different sensibilities and different ideas of what a festival entails.

Most importantly, though, the market in Edinburgh is heading towards its own ultimate destruction. If you had a decent touring show, you’d be better touring it. If you’re making one, then Edinburgh is still a good place to rough it into shape... This means there are some, but not too many real diamonds hiding in the programme. There are plenty of great shows, though... but the economics of doing a show in a saturated market, where a huge phalanx of performers is competing for the same audience and accommodation as you, means you need to run several shows. Each performer staging multiple shows saturates the market even further, growing the number of venues, the number of other show spots to fill, consequently the size of the supply, while the demand is not growing at nearly the same rate.

At some weird future extinction event, there will be one performer running around 500 venues, doing a few seconds in each, chased by an audience of 3, who have each paid 35 quid per show minute for the privilege, while a bunch of young people drink themselves to death in astroturfed concrete car parks at 20 quid a pint, served in reusable bendy plastic cups.

I’ll probably still be going to the Fringe when that happens.

Saturday, August 4

Hi, we’re calling from Some Criminals.com

Having recently set up a company, I understand that it can be hard to determine your best business model, and hard to perfect your attack on the market. One company that is really pushing itself hard is best called “Not really BT”. I say that because they ring us up relatively frequently, claiming to be BT when it’s quite clear that they’re anything but actually BT.

I’ve had some minor adventures with them in the past. Sometimes they claimed to be calling from Microsoft, telling me they’d detected a fault on my computer. One one occasion I pretended to have a Mac (living the dream, eh) and tried to do what they were telling me, complaining that my screen didn’t have on it what they were asking me to click on. I wasn’t at the computer - I’d made it up. When I said I didn’t have Internet Explorer, but could use Safari, they asked “Don’t you have Windows” and I said “Well, you told me you’d found a problem with MY computer; don’t YOU know?”. They hung up.

One guy claiming to be from Microsoft told me he was called Martin Short, so I launched into a tirade around how much I loved his movies, especially The Three Amigos (great film). He hung up.

The other day a woman claiming to be from BT spouted nonsense at me about hackers and servers and when she paused I said “Look, you don’t have to do this. You don’t have to ring people up to try to exploit them. You could get a better job that’s not so dishonest.” Without missing a beat she told me to go fuck myself and hung up on me. Seriously, it’s hard to give careers advice in IT these days.

I’ve always wanted to explore these scams deeper. I say always, I mean I’ve kind of wanted for some time... so after my careers advice call was so rudely terminated, I went onto my Mac: yes I have a real Mac now, not a pretend one - don’t worry it also dual boots to Windows, so I’ve not entirely sold my soul to Apple: also Microsoft... I went onto my Mac and I installed a fresh Windows within VirtualBox. In short, this simulation of a computer is running a Windows with nothing installed on it except a web browser. It knows nothing about me other than my name and has no access to any of my private files... but it lives in a sandbox on my computer.

Having created the pretend computer, I took a clone of it and called that the honeypot. I fear I may have misnamed it - it should really be called honey trap. Honeypot sounds like a euphemism for something naughty, but I’m not going to google that in a hurry to check.

The honeypot can be compromised as many times as you like and it can be wiped in 20 seconds and rebuilt from the original in 5 minutes. In other words it’s a playground where I can watch hackers trying to fool me, knowing that they’re wasting all of our time. Similarly, as it’s not real and has never been used in the real world, there’s zero chance of it having caught any viruses or having been compromised in any other way.

On Tuesday another hacker called. I ran up the stairs giddy with excitement and quickly started up the honeypot computer on my real computer and turn on screen recording with my phone on speakerphone.



What occurred is a play in three acts.

In act 1, there is the ridiculous attempt by the scammers to blind me with science and take control of my computer, the situation and my confidence. We’ll come to try techniques they use in a bit. In act 2, at around 36:46 in the above video, I reach a point where I no longer want to play, partly because it was taking so long, and partly because the request they made would have genuinely compromised my security, so I reveal that I’m an IT specialist and that they’ve been trapped in a virtual computer all along and that I can see through their lies and bullshit.... it took a lot of pushing from me for the fellow on the other end to accept that the game was up. In act 3, the human behind behind the scam - someone who has a shitty job in a criminal call centre in a deprived country - spoke to me as a human, with no script, with his own feelings and fears, and I shut up and listened... or at least backed off enough for him to be heard. He may even give up this game one day as a result.

Before I explain the con (briefly - watch it to see more) I should say that I came into this aware that some people go for jobs in what they think is genuine IT support, then learn during induction that they’ll be exploiting people for criminal gain... some walk away, some have no option but to stay and probably some feel entitled to skim money off whom they imagine are wealthy foreigners.

The con seems to be tiered. The first person you speak to is a robot asking you to press 1 for support. The idea being to filter out people who don’t answer, or who don’t think they might have a computer problem that needs support.

The next person is there to ask you to do stuff. When it’s clear that you’re pliable and will follow instruction, you’re passed onto the next person who walks you through setting up some software that gives them control of your computer. Bizarrely they use two tools at the same time. Any Desk and Team Viewer. One of the things they try to minimise is your perception of what these are and what access you’re handing over to the people on the other end.

Finally you are handed over to a hacker. This is the person who will ramp up the social engineering claims, suggesting how important it is to catch hackers, and who will also be driving the control of your computer while, and this is the clever bit trying to convince you that you’re doing it. My hacker “Mark Robinson” probably not his real name, was getting me to do all manner of silly things including typing the command “I want to know how many hackers are activate on my server” into a command prompt... and when I hit return, he pasted in a command to make my machine actually appear to do stuff. Luckily he pulled the trick twice so I saw what he was doing as it flashed past the second time.

So you think there’s a problem (they have you look in spurious error logs to start the process), you think BT are fixing the problem for you by telling you what to do, and you’ve forgotten that they’re watching and controlling your computer during the call.

After they earn your trust they will eventually hold your computer to ransom unless you pay them.

People fall for this.

I hope the above video, in which I deliberately slow them down and waste their time will be useful to show people about the dangers of being scammed/hacked. Similarly I hope people will look at the victim on the other end of the phone - he deserves a better life than this, but has fallen into something quite wrong.

The best defence against this is everyone being wise to it. Then they will stop as there’ll be no market for it.

Share!

All content ©2001 - 2012 Ashley Frieze