This past weekend, a friend invited us over to play board games. Two of the people there have been on Jeopardy. So, I found this advertisement interesting. And when I went to the feature explaining why I got the ad, I found that explanation lacking.
Supposedly, it was because I live in the US and am the right age and are similar to their existing customers. I don’t watch the show. I don’t follow their pages. My friends probably do. But, these two friends have very different interests.
My guess? Physical proximity to these friends triggered the ad.
A few years ago, I read Hacking: The Next Generation which mentioned using LinkedIn to research an organization to attack it. Pick out the CEO and send an urgent email from this person to a peon to phish them.
Last week, I heard about a Russian campaign attempting to leverage LinkedIn. I just got a connection request from someone supposedly in a small town near where I used to work. This woman was supposed to be a recruiter, but used the most awkward language in the profile. Stuff like a recruiter for US citizens.
I laughed so hard at this. It seemed obviously like someone who doesn’t understand Americans. Which is odd because your trolling the US election was far superior. Maybe I attracted the D team?
I was sent a script to run by an analyst who advised to verify the MD5 hash. This is good advice to ensure that I receive the correct content. And happens to be the advise I gave the DBA manager before restoring backup files that was going to take hours to download.
The idea is creating an MD5 hash from the file contents is a fingerprint that tells me whether the file is the same or different quickly and easily. The analyst tells me the hash of the file on the source. I generate a hash on the destination and compare. If they differ, then we have a problem.
I do this all the time on Linux. However, the application I was working with is on Windows. And uploading the file to a Linux server from my workstation wouldn’t really tell me if the file on the Windows server has the correct hash as corruption (ever so unlikely) could have happened over one upload but not the other.
So, I was curious if there was a way to do this on Windows. Turns out there is.
certutil -hashfile C:\scripts\filename.sql MD5
The certutil.exe command is a program installed as part of Certificate Services used typically to view SSL information. (I used it via Powershell, but I bet it works via CMD too.) The various flags available makes it look like something extremely useful to know exists. And, I am surprised at never having seen it prior to today.
Great things are not done by impulse, but by a series of small things brought together.
— Van Gogh
…clutching our crystals and nervously consulting our horoscopes, our critical faculties in decline, unable to distinguish between what feels good and what’s true, we slide, almost without noticing, back into superstition and darkness…
— Carl Sagan
I texted a friend about his employer showing up in a movie. He replied a few days later that the owners were excited about this free marketing. I was curious whether this has prompted people to search for them. So, I looked in Google Trends. I liked the feature showing the states and clicked on Georgia and really liked the metro area map.
It made me curious about the definition of the metro areas. It wasn’t clear whether Athens was in the Atlanta or the Augusta metro area. Clicking on the metro area does pull up an “Interest by city” but there were too few results for the employer for it to give me a report. Expanding the window of time gave me the cities list. Also, searching for UGA also gave me the cities.
Athens is at the western edge of the Atlanta one. So, now I know where I sit.
Now, I am trying to get a better sense of the western boundary of the Atlanta metro by trying to come up with searches that are both common enough to list the cities between Athens and the border with the Greenville and Augusta metro areas. Pretty sure the counties that border Athens are included in the Atlanta metro one.
It would be nice to have a list of cities, but I gave up searching for one.
An Android app I needed to use refused to allow me into it unless I updated it.
BONUS: Every time I hit the update button, it took me to the iTunes Store.
So, I went to the Google Play Store. It said I had the current version. So, I visited the store from a laptop computer which said I was two minor versions behind. (2.0.9 was current and I had 2.0.7.)
I tried re-installing the app. It installed 2.0.7 again.
I tried the nuclear option deleting the cache & data and then restarting the phone. When it came back, it recognized that it needed an update.
In retrospect, maybe the Google Play app needed to be the one I deleted the cache for? It seems the problem was it not getting the new information about apps.
Years ago, I wrote about half-blood characters being role models. I missed one. B-Elanna Torres was half Klingon and half human. I was reminded about the omission by watching Voyager again. In the episode, an alien divided her into two individuals. As stereotypes of her races, she epitomized the war I sometimes feel about myself being pulled in different directions.
I used to think it was from being biracial. I now think everyone has this war.
Like all evidence, there is potential for issues when the collectors are not scrupulous.
Location services might be turned off. Really, if you don’t have a need, then it should be turned off. And, they tend to drain the battery, so turning it off would mean less frequent recharging.
Location services might not be precise. Several apps work on geofencing. The concept being that if a phone enters a certain location, then do something. As examples, I have something that will silence my phone when I get to work. Initially, I set it for not much wider than the building, but it often didn’t run. After a few iterations of expanding the area, it is now about a quarter mile wide and seems to be consistent now.
Device Identities. My wife let the stepson borrow her phone to play a game. He signed into Google on the Android device. While she signed back into her account, somehow she still got his Google Hangouts messages until she replaced the device. Google might report both of them being at the phone’s location if Hangouts provides location information.
If you clicked on either, then go to the link on #2 to get advice on kicking off the program with access to your account.
I grabbed the link, https://mnch.at/r?act=48a93ac45jkbhf455465548bc&u=236764556620374&p=112045350166462&h=c2446617ed and had wget download the content safely. It took a couple iterations having it ignore the SSL mismatch and supply a “valid” browser user-agent.
It looks like this new to me version uses a Web Bot service called Manychat to propagate. mnch.at is a short DNS name for it. That posts to the /r URI with the act variable. That redirects to Facebook. Unfortunately, the Facebook HTML is obtuse to read, so I stopped here. I miss the days of hackers using simple HTML on compromised web servers.
Being able to host it in Facebook makes it more difficult to discover what they are doing.
If you go to manychat.com/r, then it has a redirect to send your browser to Facebook. I’m thinking the hackers are exploiting the trust of manychat to get a way to come to Facebook in a way that looks natural to tools looking to block malicious traffic. Sneaky.
