Thanks, Steve,
It's terrifying how naïve I am.
But you already knew that.
Well, you didn't send me the $2500 yet (is the check in the mail?) so
you can't be *that* naive.
What might be terrifying (I think you are being hyperbolic, the buzz of
a rattlesnake, the growl of a grizzly are terrifying, your naivete is at
worst just "quaint"!) is that you are not alone.... that this is another
way in which we've outdriven our headlights. We *all*, astute
technophiles included, have a hard time keeping up with this stuff.
While some of us posture and fluff as if *we* have it all understood and
under control, we don't... anymore than the nameless tens of thousands
of painters/carpenters/handymen back in the day burned down their
workshops/homes because they didn't understand the spontaneous
combustion of linseed (and related) oils in discarded rags.
I don't fully understand your profession. Evolutionary Psychology as I
understand it, however, would seem to address this question in some
way. There must be precedent for this co-evolution of our extended
phenotype/technosphere and our ability to apprehend it and it's (often
fairly immediate?) implications. Your insights are welcome.
- Steve
Nick
Nicholas S. Thompson
Emeritus Professor of Psychology and Biology
Clark University
http://home.earthlink.net/~nickthompson/naturaldesigns/
<http://home.earthlink.net/%7Enickthompson/naturaldesigns/>
*From:*Friam [mailto:[email protected]] *On Behalf Of *Steve Smith
*Sent:* Monday, November 18, 2013 11:18 AM
*To:* The Friday Morning Applied Complexity Coffee Group
*Subject:* Re: [FRIAM] Forum hacked
Nick -
Just send me the $2500 and don't worry your pretty little head about
it... I'll be sure he gets it. Or at least that it gets spent.
Actually there are a whole class of phishing schemes that are slightly
too oblique for me to guess exactly what they are about. Sometimes I
think it is (to extend the phishing metaphor) chumming... tossing out
bait with no hook to get a frenzy going. For example, if they send
out 1.9 million requests for various things ($2500 loan because of
robbery in Phillipines, or $900 for a plane ticket to get back to
Manila from Denver to help the family, or ...) and then scrape the
open web archives of lists like FRIAM for that same text, they can
find how receptive folks (like yourself) are to that particular scam.
Let's say your question to the list was "how do I get the money to
him, I"m sure this is legitimate, he must have forgotten to give me
the info where to wire the $2500) then they recognize that their scam
is good and to elaborate it for you (and others like you), or even to
just follow up in person (... Nick, I forgot to tell you in my last
e-mail... can you wire-transfer that $2500 to XXXyyyZZZ in Manila
right away... and it would really help if you send me your Driver's
License #, Credit Card #s with expiration and security code, and maybe
your mother's maiden name "just in case"?)
Another possibility (slimmer) is that the ReplyTo field in the
original e-mail is different from the From: which you recognize. When
you blithely hit "Reply", it goes to another e-mail. Given that
e-mail addresses have two parts (the common name, and the actual
address such as "Nick Thompson <[email protected]>
<mailto:[email protected]>") someone (like me) can make it feel like
the recipient is replying to you while actually replying to me... it
takes a tiny bit of sophistication but... heck, for $2500/mark, why
not stretch oneself a bit and learn some tricks?
Could anybody translate Owen's message into ordinary language? Or
shouldn't I bother my pretty little head about it.
Probably not, but let me try riffing on it in pidgen Zuni and Basque:
Basically, someone who runs the forum (mail list? Web Site discussion
group?) indicated to the constituents that their server(s) had been
compromised (we don't know how or how they know it)... they apparently
indicated that the hackers (probably? surely?) got access to the forum
users' Database which would have "personal information" (name, e-mail,
more?) and apparently (encrypted) passwords.
One way to discover clear-text from an encrypted list (passwords) is
to encrypt (using various methods?) a dictionary of likely
words/phrases and compare the resulting encryption to the password
list. If any of the encrypted words/phrases match something in the
list, then you know that clear text (password). This depends on your
using words that are likely to be in their dictionary. Their
dictionary needn't be a list of english-language words (though that is
an obvious collection to include), it could be a collection of likely
or already known passwords (e.g. "password" or "f*ckoff!", etc.)...
thus if they crack your password on one site, they can add that to
their "dictionary" and if you have used it on another site, it will
pop right up with this form of attack.
If the site administrator/system uses "salt" (see wikipedia link),
each password gets folded in with a psuedo-random number so that it no
longer looks anything like the original password that might show up in
a dictionary. user:nickt password:nickt becomes user:nickt
password:gob@#ledy$%go%ok , with the latter less likely to be in their
dictionary (which might also be custom-built based on your personal
information such as DOB, paternal uncle's favorite cat, mother's
maiden name, Pet Cockatiel's DOHatch, etc.).
Ikusi arte, So' a:ne, Adios, Ciao, Carry on!
- Steve
Meanwhile, this morning, I got an urgent message from an
acquaintance asking me to loan him 2500 dollars on account of his
being robbed "at gunpoint" in the Philippines. A call to his
home revealed that he was safe and sound in Denver. Here is the
puzzle. The spoofer gave me nowhere to send my money. Thus, I
have 2500 dollars to send and nowhere to send it. The only way I
had of getting back to him/her was via the spoofed email address.
No link. No bank account number. No phone number in Manila. How
does THAT work?
Nick
Nicholas S. Thompson
Emeritus Professor of Psychology and Biology
Clark University
http://home.earthlink.net/~nickthompson/naturaldesigns/
<http://home.earthlink.net/%7Enickthompson/naturaldesigns/>
*From:*Friam [mailto:[email protected]] *On Behalf Of
*Owen Densmore
*Sent:* Monday, November 18, 2013 10:13 AM
*To:* Complexity Coffee Group
*Subject:* [FRIAM] Forum hacked
A forum I belong to has been hacked, including personal info as
well as passwords.
How do they use this information?
I presume they try the hash function on all combinations of
possible passwords. (Naturally optimized for faster convergence).
They see a match, i.e. a letter combination resulting in the
given hash of the password.
If they crack one password, does that make cracking the rest any
easier?
And does "salt" simply increase the difficulty, and indeed can it
be deduced, as above, by cracking a single password?
.. or is it all quite different from this!
-- Owen
============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribehttp://redfish.com/mailman/listinfo/friam_redfish.com
============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
