Experts Exchange Newsletter

What's New at Experts Exchange

New Geniuses: Two members of Experts Exchange have gone over the 1,000,000 point level in the past week. war1 earned his certificate in the Applications topic area, and mbizup became the 21st Expert to reach that level in the MS Access TA. Well done, folks!
Milestones:
- In picking up his Genius certificate, war1 became the fourth member of the 3xGenius club, joining jkr, lrmoore, and lrmoore.
- objects went over the 8,000,000 point level.
- lrmoore went over the 7,000,000 point level.
Update: Over the next few weeks, we will be working on the Expert of the Year awards. Look for them to be announced in our January 17 issue of the newsletter.

Click here to unsubscribe from the newsletter.

The holidays and advertising

ericpete is the editor of the Experts Exchange newsletter. He considers the main benefit to doing that job to be the opportunity to write -- something he has done professionally since he was a young boy. He also coaches a 7th grade basketball team.

Growing up in the weekly newspaper business has its moments. You get to stand on the sidelines of high school football games, instead of being forced to sit in the bleachers. Politicians ask your opinion on things (sometimes, even when they're not really interested in hearing them) because they don't want to get on your bad side ("Never pick a fight with someone who buys ink by the barrel and paper by the ton."). Organizations always invite you to their dinner meetings (dinner included) because they know you will bring your camera and notebook.

But there are downsides, too. There was a time, not all that long ago, when we dreaded Halloween. Starting the day after, we would begin an eight week struggle to come up with new ways of creating advertising for our clients -- something new and distinctive even if they were advertising more or less the same things they advertised each of the eight years prior. There's not much new one can say about "Free Delivery Of Your Appliance If Purchased Before Thanksgiving" or "Permanents $35 Every Tuesday Until Christmas".

We got to the point where we actually began to dislike -- adamantly, on occasion -- the whole idea of Christmas. The only good part was that (depending on the day of the week Christmas fell on) we would print one issue a day or two early so we could take the day off. Why do they call it Black Friday? Because it's the day when most of our advertisers would make enough money to finally get into the black for the year. It was great for us; volume would always go up -- but the better the Christmas, the worse the spring, because people pay their December ad bills in January (and more frequently February).

We're a little less jaded about the holidays now; we don't have as many deadlines, the hours are a lot better, and we don't get sick and tired of seeing Santa Claus's image all day, every day, for two solid months. We get to enjoy the season; we even actually like some of the advertising we see.

The advertising season was made almost remarkable for us the other day, when a friend of ours sent us a "do-gooder" ad from Spain. It's a reminder of what the season is all about; turning up the sound isn't necessary, so if you're at work, go ahead and click. We aren't normally prone to forwarding the stuff we get in our In Box; this is an exception that deserves to be forwarded.

And if you're in the US, there's an 800 number that you can have your kids call to track Santa's progress across the country.

Have a wonderful holiday, and we'll see you next year.

Not-so last minute holiday gifts

Thanks to all of you who wrote or posted at EE about the DVD Rewinder we profiled last issue. No, we have not bought one, nor do we know anyone who has. No, we don't know that it is anything other than what the website says it is. Yes, we would absolutely love to find out... because it forced us to leave our annual mention of the Roomba out of this year's lists.

Baskeball jersey TeamAwear Wearable Display
Okay, so we have admitted our fondness for hoops. But we've officiated enough that having something tell us how many fouls a player has is a great idea -- especially if we can program the controller.

Price not available - Details here.

Optimus keyboard
Preorders will be available in the spring for one of 103 of these keyboards. The keys use OLEDs to show exactly what the key is doing at any moment. They also build a 3-button keyboard.

About $1200. - Details here.

Demotivator Calendar
No new year would be complete without being able to indulge in a little self-pity enhanced by the annual issue from Despair Inc. Order as soon as you can; the stock depletes quickly. Go figure.

About $16. - Details here.

BMP BVP Boyevaya Mashina Pekhoty
Sick of that commute? This is the Czech version of Russia's first generation "infantry fighting vehicle", which evidently doesn't do well in minefields but can handle freeway traffic. The turret is not included -- but it's available.

$18,000. With turret: add $10,000. Details here.

Snow block and snowball maker
This won't be a lot of use this time of year for a good portion of EE's membership who live in the southern hemisphere. For the rest of you who live where there IS snow, give this to the kids, send them outside, and stay indoors.

About $12. - Details here.

Wooden flash drives Wooden USB flash drive
If you're in one of those offices where people are always walking around with their flash drives, and they occasionally get theirs mixed up with someone else's, this is your solution. Unique, handcrafted designs and exotic woods.

Price not available - Details here.

The Premium Services include a number of features not available to "limited" members. Among them:

> Unlimited question points

> VIP Search

> Bookmarks

> Quick Links

> Collapsible menu

> No ads

You can purchase Premium Services on a month-to-month, semi-annual or annual basis, and take full advantage of all that Experts Exchange has to offer!

Guest column: Dissecting an email

MtnNtwks, known to his friends as David Gronbach, is the CEO of Mountain Networks, a networking firm in Santa Cruz, CA.

Well, here's a topic that has been beaten to death. When it comes to dealing with spam, it seems all of our collective efforts have been focused on dealing with the problem after the fact ... after the message has already been sent. We have lots of spam control options. Some reside on the servers of the ISPs, others reside on locally hosted email servers, and still many others reside on the end user's desktop in the form of filters. Yet there seems to be absolutely nothing available to stop the spam messages from being sent in the first place.

Email is all about sending the actual message. Email programs don't care if the recipient exists or not, nor do they care if the sender is who they say they are. It seems that we should spend our collective, global energy on disallowing the sending of messages, if the recipient or the sender are false or do not exist, or if the sender claims to be someone that doesn't add up. For example, if I say I'm from ebay (From: "eBay Center" <security-center@ebay.com> ... a forged header), and I don't have an eBay IP address, I shouldn't be allowed to send the message. Either the email program, or some router should figure it out and trash the message.

Let's take a spam message I just received today. It's a phishing attempt to try to get me to log in to my eBay account using their link, and thus give them my password, my credit card info, and allow them to proceed with fraud.

Let's take a look at some actual headers, then dissect them, and understand how this message is sent. The first thing to understand is that absolutely everything in the example below can be forged. My domain and email address are no secret, and they can be readily accessed from any browser. This explains why I am the target of so much spam. I'm quite sure my address has been harvested by programs looking for email addresses on websites.

Ok, here is the first part of the header. The domain mountainnetworks.com is my domain, and that's for real. If we go to www.dnsstuff.com and look up the IP address of 71.202.193.222, we see that belongs to Comcast. It's possible that this is a DHCP address being used by a computer on a Comcast Internet connection. It is also just as possible, that a spam sending software program randomly inserts this IP from a list of known, popular ISPs.

There is some language in this first part of the header that says "ESMTP." ESMTP stands for (Extended Simple Mail Transfer Protocol). ESMTP provides the capability for a client e-mail program to ask a server e-mail program which capabilities it supports and then communicate accordingly. Currently, most commercial e-mail servers and clients support ESMTP. Next we see this:

(SMTPD - 9.04)

Processes ending in "d" are most likely unix or linux driven processes called "daemons." If we accept what we see at face value, and assume that up to this point, the headers have not been forged (which they probably were), we see that an email was received from a comcast address by my server with an Extended protocol, and with a linux or unix daemon, probably version 9.04. The email is given an id, stamped with a date and a time.

Here we see an IP address, which according to DNSSTUFF says it's from Romania. The message says "from users" by "VWILSON" using a Microsoft SMTP agent, and it says the date and the time. If I understand this correctly, the first thing we should focus our technology on is prohibiting the sending of messages from sources which can't be authenticated. "From user" should be rejected, as should "VWILSON". The program should ask, "who is VWILSON?" Do I have "VWILSON" in my database of authenticated email accounts? Am I VWILSON ... is that my login or profile name? Am I in a known eBay subnet? Do I have an eBay IP address?

All the rest of this information is generated after the message is created, and can be easily modified before the spammer clicks "send." But the only information the spammer is interested in forging is the sender, the return path and the from. But let's help each other understand the more obscure language in this secton of the email. I'll start from the bottom.

The X-IMail-ThreadID is a unique ID for the message that corresponds to log entries and processing files on the IMail server during processing. IMail is an email server software product made by IPSwitch.

The X-UIDL istands for Unique ID Listing, which is a POP3 mail server function that assigns a unique number to each incoming mail message. This allows mail to be left on the server after it has been downloaded to the user. Both the mail client and the POP server must support this feature. If you configure your email to "Leave a copy of the message on the server" this is the part of the email that makes this possible.

Status U: The "Status" field is used by some mail delivery systems to indicate the status of delivery for this message when stored. In my case, the "U" means the message is not downloaded, and not deleted.

I won't spend any time on the X-RCPT TO and the X OriginalArrrivalTime because they're self-explanatory and irrelevant.

Message-ID: The message ID is the unique message identifier that refers to a particular version of a particular message. The server name after the @ symbol is often invalid/forged in spam messages as it was in this one. The structure of this message looks like it was sent by a spam sending software program.

The rest of the headers have nothing to do with sending or receiving the message. They simply identify the technology and formats used to both draft and send the message. It's good information to know, so I'll go over them.

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000: In this portion of the email headers, the technology identification is broken up into two parts. First is "MIME" which stans for "Multipurpose Internet Mail Extensions." The OLE portion stands for "Object Linking and Embedding." MIME extends the format of Internet mail to allow non-ASCII textual messages, non-textual messages, multipart message bodies, and non-ASCII information in message headers. Among a few other things, it's the ability to send graphics in the body of an email. It's also how you can send embedded HTML pages. Put the Mime and OLE together and you simply have a software product which happens to be named by Microsoft "MimeOLE" along with a version number.

X-Mailer is the program used to send the mail. In my case, the spammer used Microsoft's Outlook Express which is very common.

X-Priority: 1 and X-MSMail-Priority: High: These two are not at all interesting, except that your mail program reads these flags to decide where they will show up in your inbox.

Skipping over the rest because the message content types, character sets, and so on aren't important, we move into the From and Reply-to headers. These are forged. Many automated messaging programs use a "noreply" feature so to prevent people from replying to automated messages which will never be read. And the From says this message is from eBay Security. Well, we all know that's crap.

My wish is that if a sender is not who they say they are, which can be verified by identifying their current IP, or validating their email account from their incoming/outgoing mail servers, the spammers would be prevented from sending the email. My wish is that the spammer would get an error message that says "unable to validate sender information against current login profile and/or email account parameters. Your message cannot be sent." I'm sure that over time someone would find a work-around. But it would make actually sending spam a lot harder than it is today.

Tracking the location of an actual spammer is next to impossible. Let's look at the relevant portions of the body of this message:

Dear Customer,

Okay, here's the first thing. eBay never sends a message "Dear Customer." It's always "Dear [where they actually say your eBay id]".

http://xbox.com.bo/%20/www.eBay.com/index.html

This is the link they want me to click. I guess if I was uninformed, I would just blindly click the link. But even an uninformed user could easily surmise that eBay would never put a security link off of an xbox directory. Since this is a technical group, most of us know that anything after a "/" in a URL means a directory on the web server where a web account exists. I did a lookup of the root domain xbox.com.bo. To my shock, it actually resolves to an IP address. (I thought Microsoft owned the world and was on top of this sort of thing.) Anyway, the IP of xbox.com.bo belongs to EntelNet, which is some South American tech company in Bolivia. All the /%20/... blah blah, tells me is that their site has probably been hacked.

In the end, we see an email that was sent from Hungary, that points to a hacked site in Bolivia, and that says it was sent from someone with a Comcast account. Because email programs don't do any sort of the email checking before they're sent, and because the headers of a message can be made to say anything you really want them to say, your guess is as good as mine in determining who sent the message.

More not-so last minute holiday gifts

Special thanks to stone5150, without whose reliable assistance we would have never found about half the stuff we've listed over the last couple of weeks. He spent so much time looking for things, we think it appropriate to list some of the items on his personal wish list.

Either a British hovercraft ($29,975) or an American hovercraft (27,580.74). The British one looks like more fun.
A TVBGone (about $20). He actually already has one, but wants one of the purple ones.
A Logitech® Harmony® 880 Advanced Universal Remote ($250).
An Ultimate Game Chair ($500).
A Micro Flyer Wattage Indoor Mini RC Electric Airplane ($25, or $75 if you get him the spare parts to replace the broken ones).
A Bluetooth Laser Virtual Keyboard ($180).
MP3 and Voice Recorder Sun Glasses ($90).
A Viewsonic Pocket PC V36 ($350).
A T-shirt with a built-in working stop watch ($40).

HP laptop HP Pavilion dv9000t Series Laptop
This thing is more of a portable home entertainment center than it is a computer. Integrated webcam, dual mics, NVIDIA graphics, dual core Intel processor...

Starting at $1,000. - Details here.

Space flight Virgin Galactic Charter To Space
You're going to have to wait a couple of years before you take the trip on SpaceShipTwo, but it should be worth it; the price is for six people, and includes a party for each and a guest in the Virgin Islands. There are rules.

$1,764,000 - Details here.

Rocket launcher USB Missile Launcher
The perfect Weapon of Mass Distraction launches three foam rockets controlled from your desktop or laptop. Launcher rotates and angles, so there are no excuses for missing.

About $40. - Details here.

Waterplay Backyard Waterpark
Courtesy of lherrou, who must have children. Who knows how many different kinds of water nozzles, sprays, and other contraptions. Controllers, recycling systems and designs.

Price based on configuration - Details here.

Robosapiens Robosapien RS Media
Plays MP3s, MPEG4s, and takes photos and videos. Head-mounted camera, a color LCD screen in his chest, a full speaker system embedded in his armour, 40 MB of internal memory, and an external memory card slot. You want pictures of the boss at the company Christmas party? Here you go...

About $540. - Details here.

iPod Apple iPod
We disagree with c|net's "prizefight" between the Zune and the iPod: we'll take the slimmer, more colorful Apple product with over twice the storage. Did we mention the price is about the same?

About $250 - Details here, and a personal viewer here for $300.

PC-BOT White Box Robotics 914 PC-BOT
The perfect companion for the Robosapien RS above; think of it as R2D2 to C3PO. It's a fully functional PC with wheels (imagine the TSA trying to figure this one out), has a webcam and can be controlled over the Internet.

As shown $4,995. - Details here.

Ferrari laptop Acer Ferrari 5000 Laptop
This actually isn't a bad little machine: dual-core 64-bit AMD TurionT 64 X2 Mobile Technology, exclusive carbon-fiber casing, HD DVD drive, Bluetooth enabled, and a lot cheaper than the car.

Starting at $2200 - Details here.

20 Questions 20Q Challenge Game, Deluxe
We weren't going to include this until we actually saw one; any toy that can figure out a Bengal tiger is pretty slick. Very cool interface, and some impressive technology. There's also a portable version.

About $35. - Details here.

Tip from the Moderators

There are only a few days left in the year, so how about taking a little time to "straighten up" your list of open questions.

Yes, we know that AnnieMod's group of Cleanup Volunteers is out there, and they will probably spend at least part of this season toiling away, but it would be of real service if you would take the time to make sure you don't have some old question hanging around. If you need assistance, take a look at the Help page or post in the Community Support topic area.

Have a great holiday season! We're looking forward to helping you next year!

Page Two: More News and Notes

The sky is falling, the sky is falling: Google isn't Google any more, if what Nata discovered is any indication. SearchMash is the latest offering from the company, with a streamlined -- if it is possible to streamline Google any more than it already had been -- interface. That explains why they went to the trouble to apply for a patent on their interface. But somehow, we don't think we'll hear anyone say that they can just SearchMash for information.
Someone paid for this?: Researchers in London have reported five web-design mistakes that can lead to "negative effects on the nervous system". In other words, people get ticked off when they go to a poorly designed site that has lots of popup ads, is slow to load, and has difficult navigation. Funny -- but that descibes one particular type of website we can't mention lest we annoy the spam filters, and from what we read, they're as popular as ever, and are making more money than ever. Or maybe those people have something physically wrong with them in the first place. Who knows... Anyway, there's a new syndrome out there: "Mouse Rage."
Just in time for Christmas: TechRepubic is closing its bookstore.
In requiem: Al Shugart, co-founder of Seagate.
Welcome to our world: The passing of James Kim, the c|net editor, has pointed out what everyone who lives where we do has known for years: cell phone coverage in rural areas sucks. We know why, obviously: the very lack of people that makes living in the country so pleasant also means there is no profitable market for the cell phone companies.
That's no excuse, in our view. We figure that if the phone companies are big enough to pay millions of dollars in salaries to executives and board members, they're also big enough to make sure the country is blanketed. It also seems reasonable that if one of the PEs can call us from his cell phone in Germany for a penny a minute that some restructuring of service fees is in order.
Site of the Week: Random.org. It makes as much sense as anything.
Copping out, Time-Warner-AOL style: Time magazine, which last year chose Bill and Melinda Gates and Bono as its persons of the year, has named you -- and me as this year's honoree.
No honor among thieves...: ... or, as it turns out, corporate web designers. One supposes that "Do No Evil" does not mean "Do Not Steal From Your Competition". Google has also lauched a new service to search for patents without going to the source material. Question: how would you search and find this one, let alone know what the heck it is for?
Insecurity watch:
- For more than a year, the database at the University of California, Los Angeles has been compromised, exposing the personal information of 800,000 people. To put that into perspective, that is over 20 per cent of the population of the City of Los Angeles.
- A third laptop stolen from Boeing contained the personal information of 380,000 employees, the company confirmed. This is the third such incident involving Boeing in the past 13 months.
Maybe they should just join the MPAA: The four major television networks are getting together to figure out how to compete with YouTube. We have the same advice for them as we did for the movie folks: start making better television shows.
The system works: Without getting TOO political, we just wanted to point out that one of the true strokes of genius of the framers of the US Constitution was that they created a system that by design gets in its own say most of the time, thereby avoiding the "tyranny of the majority" and ill-considered, short-sighted laws. That being the case, we breathed a small sigh of relief when we saw that despite all of the hoohah surrounding Congressional ideas, very little actually happened.
Legal Notices
- Dell Computer settled a lawsuit in which the company was served at one of its shopping mall kiosks.
- In an Iowa case involving antitrust allegations against Microsoft, an email was introduced as evidence in which Microsoft CEO Steve Ballmer says that if he didn't work for Microsoft, would buy a Mac.
- A French consumer group has finally decided to do something about one of our pet peeves: Software preloaded on new computers. They're suing HP.
- Amazon has countersued IBM over the latter's claim that the former is violating patents by having a system to electronically order merchandise. Amazon said that IBM's patents don't pass the "obviousness" test and are not valid. The Supreme Court is currently hearing a case that speaks directly to the issue.
  One has to be amused, though, at the assertion by Amazon that if IBM's case is upheld, it could lay claim to the entire Internet. We always thought Microsoft was doing that.
- Xiaodong Sheldon Meng, a Chinese national with Canadian citizenship, was indicted on espionage charges, based on the allegations he stole code for software used to train fighter pilots.
Signs of the Apocalypse: The domain name vodka.com sold for $3 million (in case you're interested, bourbon.com is available), an interesting choice of names for the latest Linux Ubuntu distribution, and a not so startling conclusion of a study done on the economic impact of Vista.

Nata's Corner: A C-note gets you 10,000 shares of -- what?

Nata eEye Digital security announced last week that there is a new botworm that uses a flaw in Symantec's corporate antivirus software; Symantec responded that the flaw was patched six months ago. What makes this all interesting is that at first, virus writers are now focusing on applications (rather than the operating system); and second, that even people who run corporate networks and have antivirus systems installed aren't keeping them up to date. Don't assume that the botnet -- or any botnet, for that matter -- isn't harmful just because you do have antivirus software in place. There is one Russian-controlled net that is sending out the rash of penny stock emails. At this point, I'm actually using two different systems -- one, because I like some of the tools that came with it, and the other because it has a really good firewall. I looked at it yesterday, and even though our system is locked down pretty tightly, people are still trying to get in.

Many people know that the Mods and PEs use Yahoo Instant Messenger, so if you haven't upgraded to the new version that was released last week, don't. It has what is technically a little trojan that installs the Yahoo search bar and a little Yahoo mail icon, and also changes your email preferences to Yahoo mail. They've supposedly fixed the bug, but is no longer pushing the annoying prompt that says "do you want to upgrade" every time you open your messenger.

Speaking of security (and the absence of it), a survey of MySpace showed that people are getting better about picking safe passwords, but not all people. The most common ones at Myspace: password1, abc123, myspace1, password and blink182. The report also says that MySpace members are better about their passwords than the employees of most corporations, but I'll bet that most MySpace members don't have to worry about the company's network, the bank's website, two or three different email systems, a few shopping sites, and, of course, Experts Exchange. That begs the question: are we all having to remember too many passwords?

Inside the numbers

ameba, one of EE's prominent Experts, provides us with a list of newly earned Certificates. His list of all of the Certified Experts is located at his site. The list below covers the period from December 11 through December 18.

Expert	Certified	in Topic Area
mbizup dtodd HuyBD rettiseert Nightman mrdany REA_ANDREW johnb6767 gopal_krishna Ryan_R Dark_King Here2Help webtubbs	Genius Guru Guru Guru Master Master Guru Wizard Master Master Master Master Master	MS Access Microsoft SQL Microsoft SQL Visual Basic Visual Basic Visual Basic ASP.NET Windows XP Windows XP Windows XP Windows XP Windows XP VB.NET

Expert	Certified	in Topic Area
itcoza itcoza Redwulf__53 trenes McKnife Nightman dkloeck LeeHenry jason1178 BogoJoker mohammadzahid kanwal_no1 Infinity08	Master Master Master Master Master Master Master Master Master Master Master Master Guru	Exchange_Server Win. Server 2003 Win. Server 2003 Win. Server 2003 Win. Server 2003 C# C# Web Development Web Development Web Development Oracle Excel C++

Expert	Certified	in Topic Area
Frankco i_m_aamir ssvl war1 lherrou sirbounty boonleng Chris-Dent sparkmaker pablouruguay rsivanandan checoo strung	Guru Master Master Genius Guru Master Guru Master Guru Wizard Master Master Master	Outlook PHP and Databases Linux Applications Miscellaneous Miscellaneous JSP WinNT Net. Laptops/Notebooks Linux Net. VPN Pocket PCs All Mac Net.

2486 experts have 4247 certifications: Genius: 129 Sage: 182 Wizard: 279 Guru: 758 Master: 2899