Category: Internet

What can the mostly peaceful computer users do with AT&T call and text records?

by philg

“AT&T security breach exposes call, text data from almost all customers” (The Hill):

A security breach at AT&T exposed call and text data from nearly all of its customers, the company revealed Friday.

The records of most of AT&T’s cellular customers between May and October 2022, as well as a single day in January 2023, were illegally downloaded from its workspace on a third-party cloud platform, AT&T said.

The question for today is… why bother? I assume that a mostly peaceful download of this nature was done in order to make money, but how does money get made?

Here’s one theory: the information gets sold to our brothers, sisters, and binary-resisters in India who call us multiple times per day with concerns about our rooftop solar, Medicare, and final expense insurance coverage. With the purloined data, these folks can call us with caller IDs that make it seem as though a friend is calling and, therefore, the spam call is more likely to be answered.

A second theory is that the mostly peaceful Internet users who performed the download can determine which financial institutions an AT&T customer relies on. That will make it easier to call the customer and say “I’m calling from Citibank about your account. Can you please verify your account number…”.

How else can these call/text records be turned into cash?

If not on data security, what’s been the corporate focus for AT&T?

The Pride shirts might be working. AT&T says that it doubled “Percent LGBTQ+ representation in U.S. workforce” between 2018 and 2022 (from 1 percent to 2 percent, so still quite a ways to go considering that 21 percent of American Gen-Z adults identify as LGBT and 7.1 percent of Americans of all ages).

Full post, including comments

What’s a good summary of the Julian Assange situation?

by philg

It seems that Julian Assange, who was never a political prisoner (only Russia and China hold political prisoners), is finally free after 14 years of prosecution by various nations (Wikipedia). During these 14 years, I’ve lost the thread. What did he do that was bad/illegal? I found this summary of Judaism in a Belmonte, Portugal museum:

It would be good to have something of about the same length explaining the Julian Assange situation.

I remember that he published a lot of stuff that the U.S. government did not want published. That’s not supposed to be a crime, though, right? Various American newspapers have done that. The government employee who leaks the information is a criminal, but the Washington Post and New York Times aren’t criminals even if the information could be considered helpful to one of our enemies.

Then I’ve heard that Assange encouraged (or helped?) a U.S. Government employee to obtain information that was later published. That would have been a criminal act if he’d been in the U.S. when he did it, but he wasn’t in the U.S. so what law did he break? CNN says “pleading guilty to conspiring unlawfully to obtain and disseminate classified information over his alleged role in one of the largest breaches of classified material in US military history.” But I still can’t figure out how a conspiracy is against U.S. law if it doesn’t happen in the U.S. It’s against U.S. law to kidnap Americans and hold them hostage, but Joe Biden isn’t seeking to prosecute anyone in Gaza for having done these very things in Israel. In fact, Joe Biden has actually rewarded the Gazans who continue to hold Americans hostage by sending them all of the cash, food, water, etc. that they need to keep their war going.

Finally, what did Assange publish that actually was harmful to the U.S.?

Related:

Full post, including comments

30th anniversary of spam? (which was about immigration)

by philg

From “An Ad (Gasp!) in Cyberspace” (New York Times, April 19, 1994):

An Arizona lawyer had an entrepreneurial idea: advertise his services over the Internet, the global web of computer networks.

Advertisements are beginning to appear all around the network, usually followed swiftly by messages of outrage and dismay from longtime denizens of cyberspace. However, no one can recall so relentless and pervasive an advertisement as the one sent last Tuesday by Mr. Canter’s law firm, Canter & Siegel.

Paying nothing beyond his $30 monthly connection fee, and with little more than the press of a button, Mr. Canter advertised his firm’s bid to provide legal services for people wanting to participate in the planned “green card” immigration lottery, in which the Federal Government intends to allow foreign applicants to vie for a United States work permit. Mr. Canter’s missive went to nearly every nook and cranny of the Internet, which has an estimated population of 20 million users.

The mailing list that Mr. Canter employed was the addresses of more than 9,000 Internet Usenet news groups. The Usenet is a particularly anarchic and popular segment of the Internet composed of discussion groups, typically in the form of electronic bulletin boards.

“The Internet is changing,” Mr. Canter said. “People don’t like the invasion of what has been their private world. But as long as it’s set up the way it is, where anyone has access to it, it’s a public forum, and they have to accept anything that comes into it.

“In fact,” Mr. Canter added, “I’ve received a lot of calls from people who want to know how to do it.”

So pleased is he with the the response, in fact, that he said he planned to write a book on how to advertise on the Internet.

Some more detail from WIRED:

in the early 1990s, Congress devised the Green Card Lottery program to encourage diversity in immigration. Unfortunately, it also provided an opportunity for charlatans to charge exorbitant fees to file lottery entries for hopeful immigrants.

In truth, all it took to enter the drawing was a postcard with your name and address mailed to the designated location.

Canter and Siegel, a husband-and-wife law firm, decided to join the lottery frenzy by pitching their own overpriced services to immigrant communities.

The spam is still available from Google Groups, which establishes the date as April 12, 1994:

Related:

  • Laurence Canter and Martha Siegel (Wikipedia): Canter and Siegel were not the first Usenet spammers. The “Green Card” spam, however, was the first commercial Usenet spam
Full post, including comments

The Brave New World of text message spam

by philg

This year will be the 30th anniversary of the modern text message (SMS). It seems to also be the year of text message spam. I don’t remember receiving even a single spam or phishing text message prior to 2021 and in 2022 it is a near-daily occurrence. Here’s an example:

How is it supposed to work from here? I’m supposed to reply “My name isn’t Logan and here is my Visa card number…”?

Also, is it trivial for senders to spoof the from number? What if I call (304) 607-3405? Will that number belong to Logan, Selina, or Lucy? Or some person entirely unaware that his/her/zir/their phone number has been appropriated?

Why didn’t we get these before coronapanic?

Update from this evening… my uncles are looking out for me beyond the grave:

(In addition to being blind, Lisa will also be suffering from heatstroke if she wears that outfit on a date here in south Florida!)

Full post, including comments

Xfinity xFi Pods mesh network review

by philg

One of the worst things about having moved from an apartment to a single-family house is that we were kicked out of the AT&T fiber 1 Gbps symmetric paradise and plunged into the dark pit of Xfinity cable Internet service (more money, 1/30th the upload speed). The good news is that the xFi Gateway (modem/router/WiFi base station) seems to provide reasonably good service through three walls, at least when one is not experiencing a complete service outage from Comcast. Beyond three walls it gets dicey and our old-school laser printer requires a Cat 5 connection.

Enter the xFi Pods. This is an official ISP-sold and -supported tri-band mesh network. Even more exciting, the pods include RJ45 jacks for dinosaurs who have laser printers requiring Cat 5 connections. At two for $200, the price is lower than shutting down the Xfinity WiFi network and building a new network with Eero or Netgear or similar. Carriers need to make everything idiot-proof so I imagined that setup would take mere minutes.

In case it helps others, this post is to report that the Xfinity system is

  • about one hour to set up (multiple attempts at configuration and repeating the same process about 6 times finally resulted in the Pods both affiliating with the Gateway)
  • not great at connecting clients to the closest wireless access point to the point that a phone will drop off WiFi altogether because it was trying to connect to the far-away Gateway and never discovered the alternative of a nearby Pod
  • prone to complete failures where both Pods will be offline and the only way to fix is to unplug everything, including the Gateway, and apply power sequentially

This is on top of the overall fragility of Xfinity, which fails at unpredictable times and fails hard after brief power outages (power cycling the gateway is insufficient; one needs to call Comcast and have them send a reset signal).

On the plus side, the Xfinity app is easy to use and it is easy to see which devices are connected to which access point (Pod or Gateway). Also, the Xfinity app gives you alerts when someone new connects.

With or without Pods, a deficiency of the whole Xfinity system is that, unlike with AT&T and Verizon fiber standard gear, there is no way to set up a guest network. Every service person who comes to the house will need to be supplied with your private network password (since Verizon doesn’t see fit to cover Jupiter, Florida, except on its fictional coverage map).

Here’s a question for network nerd readers: does the heavily promoted WiFi 6 standard have better protocols for ensuring that a client, e.g., smartphone, is always connected to the best wireless access point in a multi-point (but same SSID) system?

Related:

  • UniFi versus Araknis versus Ruckus (updated to reflect the fact that a lot of this stuff is certified to work only up to 40 degrees C and therefore shouldn’t live in an unairconditioned garage)
Full post, including comments

Verizon 5G Ultra Wideband compared to a 56K dial-up modem

by philg

Our neighborhood in Jupiter, Abacoa (created by the MacArthur Foundation), is home to a Major League Baseball training stadium at which the St. Louis Cardinals and Miami Marlins practice. A light post beyond the outfield bristles with mobile phone antennae, which presumably includes one for Verizon. Sitting in the stands, exactly one baseball field away from these antennae, I was unable to use a web browser. Here’s a Speedtest result:

Decoding the above: Max signal strength. On the new 5G Ultra Wideband network that Verizon advertises. Sub-LTE download speed. Upload speed, which is presumably making it tough for me to request pages, almost the same as a 56K modem dialing up AOL on an analog phone line (see Brent Townshend’s patent filed in 1994, which kept patent litigators busy for even longer than Verizon kept me waiting for web pages).

Young people: AOL was like Facebook and Twitter except that you wouldn’t be kicked off for saying that you believed masking kindergarteners wouldn’t stop an aerosol virus. Also, the typical user didn’t spend time and energy raging against things done by governors and legislatures of states other than the user’s own.

Full post, including comments

What’s a good introduction to Joe Rogan?

by philg

Who watched the Dave Chappelle special on Netflix? was about how I invested one hour to learn about someone identified as an Enemy of the Truth.

The latest Enemy of the Truth, a dangerous spreader of misinformation and hate, is Joe Rogan. I haven’t watched or listened to this guy, however, and I’ve heard dark tales of three-hour-long episodes. I don’t want to wade through 100 hours of content to figure out what is intolerable about this person.

I’m therefore appealing to readers. Which Joe Rogan episodes and, preferably, at which in/out points, should be listened to be someone who has no experience with this form of hatred? (URLs pointing directly to these episodes would be most welcome)

Separately, I’m a little confused about Spotify’s new quota-based system for distributing $100 million:

In the latest installment of the Spotify-Rogan saga, CEO Daniel Ek sent out a company memo on Sunday addressing Joe Rogan’s use of harmful racial slurs in past episodes of his podcast. Over 70 of these past episodes have now been removed from Spotify. In the memo, which was published by The Hollywood Reporter, Ek declared that Spotify will invest $100 million in the licensing, development and marketing of music and audio content from historically marginalized groups. This is the same amount of money that Spotify paid to Joe Rogan for his exclusive content deal.

Tensions escalated recently when 270 medical professionals signed an open letter to Spotify urging the company to implement rules around misinformation after Rogan, who is one of the most-listened to podcasters in the industry, hosted Dr. Robert Malone, a virologist banned from Twitter for spreading misinformation about COVID-19. High-profile figures like Neil Young, Joni Mitchell and author Roxane Gay pulled their content from Spotify in protest of the company’s inaction against Rogan’s platforming of false public health information.

“One of the things I am thinking about is what additional steps we can take to further balance creator expression with user safety,” Ek wrote. “I’ve asked our teams to expand the number of outside experts we consult with on these efforts and look forward to sharing more details.”

Note that, according to the journalists, it is a fact that what Dr. Malone was saying (“give COVID-19 vaccines to old people, not to young people”) was wrong (“misinformation”). The Science is settled and there is no possibility that Malone will turn out to have been correct, e.g., if universal vaccination pressures SARS-CoV-2 to evolve in unwanted ways (see Marek’s disease). Also, users cannot feel or be safe without those 70 episodes having been removed (is there a samizdat server somewhere in a free speech country where the 70 banned episodes can be evaluated by users who don’t mind feeling/being unsafe?).

From a purely practical point of view, what is a “marginalized group”? Vietnam is not well-represented in hip hop currently, as far as I know. Will Spotify fund Vietnamese rappers rapping in Vietnamese?

Full post, including comments

Verizon 5G: strong enough to disable aircraft radar altimeters, but not strong enough to download a web page

by philg

Here’s a better-than-usual Verizon mobile data situation in Jupiter, Florida:

Three bars of 5G yields 3/1 Mbps of data, which turns out to be not enough to browse the modern JavaScript and CSS-bloated web. (This was on Indiantown Road, which I hope will soon be renamed, a 6-lane main artery lined with busy strip malls.)

Meanwhile, the Garmin Pilot app (a flight planning tool) informs us that aircraft radar altimeters aren’t going to work because of 5G deployment:

So the 5G signals are strong enough to call aviation safety into question, but not strong enough to support denouncing Donald Trump, Joe Rogan, and Robert Malone on Facebook, the streaming of Neil Young tunes, or reading news regarding the January 6 insurrection.

Related:

Full post, including comments

Why can’t a dual-SIM phone use two mobile data sources simultaneously?

by philg

Whatever we are paying Verizon is not enough to induce them to build a working mobile data network here in Florida. The dead spots are at least as bad as in Maskachusetts despite the flat terrain and lack of skyscrapers that could generate multipath.

Why not switch to another carrier? T-Mobile and AT&T customers report similar unreliable communications.

The worst part of it is that the phone often shows 3 bars of 5G while simultaneously being unable to load a web page for minutes. Upgrading from the iPhone 12 Pro Max (rubbish) to the iPhone 13 Pro Max (a whole new world of greatness) did not help the problem in any way.

If we assume that T-Mobile’s dead spots are not the same as Verizon’s dead spots, the obvious solution is for the phone, which already is capable of dual-SIM operation, to have both SIMs activated simultaneously for mobile data. If the phone can’t get packets out via Verizon it would try T-Mobile and vice versa.

This is not a radical concept. A colocation facility for Web servers can have data links from at least two Internet Service Providers (ISPs) so that the failure of one ISP does not render the servers unreachable. The whole point of packet-switched networking (invented by a 2SLGBTQQIA+ BIPOC American) is that routing can handle network link failures. There is no more common example of a network link failure than in the final segment between mobile tower and mobile device.

Carriers should like this. They can cooperate to get customers’ money for two subscriptions instead of fighting over who gets paid for a single subscription.

Consumers should accept this. Americans cheerfully pay 2X what Europeans pay for mobile service and home broadband. Why not pay 4X and get something that actually works when you need it?

Full post, including comments

Thankful for archive.org

by philg

One weekend per year devoted to being thankful doesn’t seem unduly burdensome. Today I’m expressing thanks for archive.org. Especially given the recent American tendency to rewrite history in accordance with current #Science/religion/belief/etc., where else would would we be able to find evidence of just how bad things were in the bad old days? (though the evidence might not be complete; see Web publishers can delete stuff from archive.org)

archive.org enabled at least the following blog posts here:

Harvard University attracted a bit of attention when it hosted a theatrical performance restricted to audience members of one skin color earlier this fall. Emboldened by the federal judiciary saying it was okay to discriminate against Asians, the school apparently decided that Massachusetts General Law, Section 98 did not apply (“Discrimination in admission to, or treatment in, place of public accommodation… Whoever makes any distinction, discrimination or restriction on account of race, color, religious creed, national origin, sex, gender identity, sexual orientation, which shall not include persons whose sexual orientation involves minor children as the sex object, … in any place of public accommodation, resort or amusement, … shall be punished by a fine of not more than twenty-five hundred dollars or by imprisonment for not more than one year, or both, …”). The web page has been scrubbed from the theater’s web site, but it remains alive on archive.org:

We have designated this performance to be an exclusive space for Black-identifying audience members. For our non-Black allies, we appreciate your support in making this a completely Black-identifying evening. We invite you to join us at another performance during the run.

Proof of vaccination or negative test results required to attend.

A Facebook friend attended and wrote “I can now tell my grandkids that I tasted segregation first hand, just like my mom and dad.” He attached this picture that includes a sign regarding Harvard’s expressed commitment to “anti-racism” (which includes “we will not tolerate racism”) and a sign saying that prospective audience members with the wrong skin color should go elsewhere.

Note that the above-mentioned web page contains an admission that the theater is on stolen land:

A.R.T. acknowledges that its theaters are situated on the traditional and ancestral homelands of the Massachusett Tribe.

With a $53 billion endowment, Harvard apparently can’t afford to give the land back to the nearest Native Americans and then pay for a ground lease from them. If the rightful owners do show up to reclaim this land and Harvard scrubs its damaging admissions from the live pages, archive.org will be the dispossessed owners’ best friend.

Readers: What have you found on archive.org that the original authors/publishers probably wish had remained forgotten/hidden?

Full post, including comments