Tag: Tops

Posted on
by

Since upgrading to Mozilla Thunderbird 1.5 beta 2, I’ve seen a number of messages slapped with a warning label that “Thunderbird thinks this message might be an email scam.” It appears at the top of the message, in the same style as the junk mail notice bar or the warning that remote images have been blocked, and there’s a button to mark the message as “Not a Scam.”

There’s only one problem. Since SpamAssassin and ClamAV do such a good job of catching the phishing scams before they reach my inbox, Thunderbird has yet to catch any actual phish. But there’ve been a lot of false positives. It’s hit LiveJournal reply notices, newsletters from IEEE and Golden Key, a Spam Karma notice from my own blog, and I’ve seen it on both outbid notices and updates to saved searches from eBay.

I found myself wondering just how Thunderbird’s phishing detection decides that a message is suspicious—and how to teach it that the next LJ notice isn’t a scam.

The Thunderbird support website doesn’t seem to have been updated yet. Most of the articles I’ve found only talk about TB adding the feature, not how it works. The best information I found was this Mozillazine forum thread, which included a link to the actual code that makes the decision, in phishingDetector.js. Thunderbird looks at the following:

  • Links that only use an IP address, including dotted decimal, octal, hex, dword, or some mixed encoding.
  • Links that claim to go to one site, but actually go to another. (Phishers do this to fool you into going to their site. Legit mailing lists sometimes do this with redirectors for tracking purposes.)
  • Forms embedded in the email. (This explains the LiveJournal notices.)

It also appears to trap text URLs containing HTML-escaped characters, which explains the Spam Karma reports. In this case the report includes a spammer’s link with ​ in the hostname. The message is plain text, so Thunderbird leaves the entity as-is when displaying it…but decodes it when it creates the link. Result: a link where the text and URL don’t match.

The easiest way to prevent it from freaking out over the next message? Add the sender to your address book. I’m not sure that’s a great idea, since a phisher could guess which addresses you have saved and spoof them, but it’s at least simple. I guess I’ll find out whether it works the next time I get a reply notice from LJ. Update: Adding the sender to your address book doesn’t seem to have any effect.

Update 2 (July 12, 2006): The comment thread’s gotten long enough that I can see people might miss this, so here’s how to disable it:

  1. Open Options or Preferences (this will be under the Tools menu on Windows, Thunderbird on Mac, or Edit on Linux).
  2. Click on Privacy (there should be a big padlock icon).
  3. Click on the E-mail Scams tab.
  4. Disable the “Check mail messages for email scams” option and click on Close.

That’s it.

Posted on
by

Today I was trying to fix a problem in a section of a website that hadn’t been changed in roughly 5 years. The page in question retrieved data from a database and filled out an Acrobat form using FDF. Under some circumstances, Adobe Reader would generate an error message, “Expected a dict object.” Then it would freeze, and crash the web browser for good measure.

This site was built with ColdFusion, and used a then-freely-available library called PDFFormFiller.cfm (I can’t find any sign of it now) to generate the FDF code. After saving the offending FDF to a file (eliminating the browser as a factor), I started manually editing the code to see what happened.

The problem turned out to be parentheses appearing in the form data. FDF uses parentheses-delimited strings, and it was finding ) in the code and trying to parse what was left as FDF tokens. The solution was simple: just escape the parentheses as \( or \). Continue reading

Posted on
by

I’m sure every English-speaking chemistry student has joked about “Avocado’s Number” (the number of particles in a guaca-mole). Now the joke has gone professional, with this package we found at Trader Joe’s.

Avocado's Number Guacamole package from Trader Joe's

The back has a bit about Avogadro’s number, and admits that “there aren’t 6.0221367×10²³ avocados in here, but 5 plus avo’s isn’t bad!”

Posted on
by

Up at the visitor’s center for the Mauna Kea observatories, there’s a sign that says, “Beware of Invisible Cows.” It was dark when we were there, and I tried to get this picture without using the flash since there were people with portable telescopes ten feet away, so it’s really blurry:

The actual invisible cows sign (blurry)

Fortunately someone in charge recognized the humor value, and the visitor’s center sells bumper stickers:

Beware of Invisible Cows
Why invisible cows? It's dark and foggy.

Of course, it turns out other people, visiting during the day, have snapped better pictures of the sign.

Note: Our visit to Mauna Kea was on Saturday, April 9, 2005.

Posted on
by

Remember the song “How’s it Gonna Be” by Third Eye Blind? When it was new, a lot of high schools apparently chose it for the prom theme, proving that teenagers don’t actually listen to the lyrics (it’s a breakup song), which should mitigate parental concerns about explicit lyrics.

Anyway, Katie and I were talking about this the other day and started tossing around titles of songs that would be just plain wrong to play at a wedding reception.

  • You Oughta Know (Alanis Morissette)
  • Paradise by the Dashboard Light (Meat Loaf)
  • Song for the Dumped (Ben Folds)
  • Closer (Nine Inch Nails)
  • Brick (Ben Folds Five)
  • Playboy Mommy (Tori Amos)
  • Breakfast at Tiffany’s (Deep Blue Something)
  • Anything But Down (Sheryl Crow)
  • Back to Good (Matchbox 20)
  • Me and a Gun (Tori Amos)
  • Anything by Liz Phair
  • Best I Ever Had (Grey Sky Morning) (Vertical Horizon)
  • Guys Like Me (Aimee Mann)
  • Anything by Evanescence or Linkin Park
  • Melanie (“Weird Al” Yankovic)
  • Almost anything by They Might Be Giants
  • Don’t Stand So Close to Me (The Police)
  • Eleanor Rigby (The Beatles)
  • I Touch Myself (The Divinyls)
  • Anything by Rammstein
  • Gollum’s Song
  • Anything by the Chipmunks
  • I Don’t Like Mondays (Boomtown Rats)
  • Anything by Nirvana
  • I’m So Happy I Can’t Stop Crying (Sting)
  • King of Pain (The Police)
  • I’m Still Remembering (Cranberries)
  • One More Minute (“Weird Al” Yankovic)
  • If I Were Brave (Shawn Colvin)
  • Jumper (Third Eye Blind)
  • Yesterday (The Beatles)
  • Roxanne (The Police)
  • I’ll Never Tell (Buffy the Vampire Slayer: Once More With Feeling)
  • Anything by Garbage
  • Positively Fourth Street (Bob Dylan)
  • Torn (Natalie Imbruglia)
  • Taxi (Harry Chapin)
  • The Freshmen (Verve Pipe)
  • Power of Goodbye (Madonna)
  • Waitress (Tori Amos)
  • Total Eclipse of the Heart (Bonnie Tyler)
  • Uninvited (Alanis Morissette)
  • Unsent (Alanis Morissette)

We’re not sure about The Highwayman and Lady of Shalott (Loreena McKennit), since the subject matter is wrong, but they’re quiet and unobtrusive.

This is an open list – feel free to add your suggestions! The idea is not just to get something that isn’t appropriate, but something that’s especially inappropriate (breakup songs, twisted relationships, put-down songs, etc.)