May 01, 2008

30th Anniversary of Unsolicited Bulk Messages

This is it!  Tomorrow is the 30th Anniversary of the first message that we have come to know as "Spam."  The message sent on May 2, 1978 is attributed to Gary Thuerk, a marketer for the Digital Equipment Corporation.  (DEC was my former employer.)  It is amazing to think how much spam became part of our vocabulary in such a short period of time.

What was the message that gives Mr. Thuerk a place in history?  Was it for some body part enlargement?  Was it fund raising for Africa?  Nope, 1978 was a simpler time.  Here is the text of the very very very first spam message:

-------------------------------------------------------------------------

DIGITAL WILL BE GIVING A PRODUCT PRESENTATION OF THE NEWEST MEMBERS OF THE
DECSYSTEM-20 FAMILY; THE DECSYSTEM-2020, 2020T, 2060, AND 2060T.  THE
DECSYSTEM-20 FAMILY OF COMPUTERS HAS EVOLVED FROM THE TENEX OPERATING SYSTEM AND THE DECSYSTEM-10 <PDP-10> COMPUTER ARCHITECTURE.  BOTH THE DECSYSTEM-2060T AND 2020T OFFER FULL ARPANET SUPPORT UNDER THE TOPS-20 OPERATING SYSTEM. THE DECSYSTEM-2060 IS AN UPWARD EXTENSION OF THE CURRENT DECSYSTEM 2040 AND 2050 FAMILY. THE DECSYSTEM-2020 IS A NEW LOW END MEMBER OF THE DECSYSTEM-20 FAMILY AND FULLY SOFTWARE COMPATIBLE WITH ALL OF THE OTHER DECSYSTEM-20 MODELS.

WE INVITE YOU TO COME SEE THE 2020 AND HEAR ABOUT THE DECSYSTEM-20 FAMILY AT THE TWO PRODUCT PRESENTATIONS WE WILL BE GIVING IN CALIFORNIA THIS MONTH.  THE LOCATIONS WILL BE:

               TUESDAY, MAY 9, 1978 - 2 PM
                   HYATT HOUSE (NEAR THE L.A. AIRPORT)
                   LOS ANGELES, CA

               THURSDAY, MAY 11, 1978 - 2 PM
                   DUNFEY'S ROYAL COACH
                   SAN MATEO, CA
                   (4 MILES SOUTH OF S.F. AIRPORT AT BAYSHORE, RT 101 AND RT 92)

A 2020 WILL BE THERE FOR YOU TO VIEW. ALSO TERMINALS ON-LINE TO OTHER DECSYSTEM-20 SYSTEMS THROUGH THE ARPANET. IF YOU ARE UNABLE TO ATTEND, PLEASE FEEL FREE TO CONTACT THE NEAREST DEC OFFICE FOR MORE INFORMATION ABOUT THE EXCITING DECSYSTEM-20 FAMILY.

-------------------------------------------------------------------------

Even though the mail was simpler, the reaction was swift and strong.  Here is one message recorded in Brad Tempelton's home page:

ON 2 MAY 78 DIGITAL EQUIPMENT CORPORATION (DEC) SENT OUT AN ARPANET MESSAGE ADVERTISING THEIR NEW COMPUTER SYSTEMS. THIS WAS A FLAGRANT VIOLATION OF THE USE OF ARPANET AS THE NETWORK IS TO BE USED FOR OFFICIAL U.S. GOVERNMENT BUSINESS ONLY. APPROPRIATE ACTION IS BEING TAKEN TO PRECLUDE ITS OCCURRENCE AGAIN.

IN ENFORCEMENT OF THIS POLICY DCA IS DEPENDENT ON THE ARPANET SPONSORS, AND HOST AND TIP LIAISONS. IT IS IMPERATIVE YOU INFORM YOUR USERS AND CONTRACTORS WHO ARE PROVIDED ARPANET ACCESS THE MEANING OF THIS POLICY.

THANK YOU FOR YOUR COOPERATION.

MAJOR RAYMOND CZAHOR

CHIEF, ARPANET MANAGEMENT BRANCH, DCA

-------------------------------------------------------------------------

A few years ago, Templeton had the chance to talk to Thuerk.  Here is an excerpt:

"Thuerk thought, and maintains to this day that he didn't think he was doing anything wrong -- even though he gets a moderate amount of spam on his current E-mail account. He felt the Dec-20 was really relevant news to the Arpanet community, the first major system with Arpanet software built into it. Indeed, some of those who commented on the message felt it was definitely more of interest than other small mass mailings they had seen, with baby announcements and personal trivia."

I don't know the appropriate way to observe tomorrow's anniversary.  Anyone with some ideas?

April 22, 2008

Data Mining Employee Email Contacts

When you think about it, your contact list contains a tremendous amount of useful business information.  If you need to find somebody at a certain company, don't you check both your contact list and your incoming emails for likely people to know?

What about doing this on an enterprise-wide scale?  What if the company needed to find a contact at a large prospect?  The Wall Street Journal reports....

Financial information giants Thomson Corp. and Dun & Bradstreet Corp. each recently bought small software companies that make products for this purpose. Thomson, of Toronto, bought Contact Networks Inc. in January, while D&B, of Short Hills, N.J., acquired Visible Path Inc., both for undisclosed terms. The software is supposed to help companies drum up business by allowing employees to make use of each others' contacts. For example, salespeople can pitch to a co-worker's contacts, while corporate recruiters could use the program to target employees' friends and acquaintances.

The products work by examining the contact lists on employees' email programs, as well as other information such as lawyers' billing records or contacts stored on special programs for managing customer relationships. Then it checks how often individuals email the contacts and whether they have appointments for face-to-face meetings or phone calls on their calendars. The software uses that information to determine how strong a relationship a person has with the contact. For example, individual emails that get replies rank higher than a blast email sent to many people.

Of course, this raises all sorts of privacy and account management concerns.  What if that person you know at General Electric was your ex-spouse?  And, how do you prevent somebody from calling that contact that asked you to leave them alone?

Still, it sounds like these issues can be resolved with clever software checks and balances.  It would be a new way to get value from email.

April 14, 2008

Spear-Phishing in the Army

On Friday, I wrote about a military test.  30% of those with military addresses fell victim to a phishing attack in a military-sponsored exercise named Bulwark Defender 08.  Initially, I thought this was a story about phishing education.  I did not realize that this was a tip to a story about espionage as dangerous as any Cold War movie thriller.

On Saturday, I found in my mailbox a huge Business Week cover story on "e-spionage" and attacks against the U.S. military using email.  What makes these messages different is that they target a receiver with content that seems familiar to them.  The attachments contain a sophisticated "digital intruder rendering traditional defenses—firewalls and updated antivirus software—virtually useless."

It is not your typical Nigerian email scam. 

Spear-phishing is a narrowly focused form of phishing, according to Business Week.  The spear-phishers "gather information about people's jobs and social networks, often from publicly available information and data stolen from other infected computers, and then trick them into opening an email."  Often, the information used is commonly available from Google searches.

The article starts off describing an email addressed to a Booz Allen Hamilton executive:

The email message addressed to a Booz Allen Hamilton executive was mundane—a shopping list sent over by the Pentagon of weaponry India wanted to buy. But the missive turned out to be a brilliant fake. Lurking beneath the description of aircraft, engines, and radar equipment was an insidious piece of computer code known as "Poison Ivy" designed to suck sensitive data out of the $4 billion consulting firm's computer network.  ...

Its authors knew enough about the "sender" and "recipient" to craft a message unlikely to arouse suspicion. Had the Booz Allen executive clicked on the attachment, his every keystroke would have been reported back to a mysterious master at the Internet address cybersyndrome.3322.org, which is registered through an obscure company headquartered on the banks of China's Yangtze River.

The U.S. government, and its sprawl of defense contractors, have been the victims of an unprecedented rash of similar cyber attacks over the last two years, say current and former U.S. government officials.

"It's espionage on a massive scale," says Paul B. Kurtz, a former high-ranking national security official. Government agencies reported 12,986 cyber security incidents to the U.S. Homeland Security Dept. last fiscal year, triple the number from two years earlier.

And later on, a more chilling discussion ....

By itself, the bid to steal digital secrets from Booz Allen might not be deeply troubling. But Poison Ivy is part of a new type of digital intruder rendering traditional defenses—firewalls and updated antivirus software—virtually useless.  (emphasis added)

Continue reading "Spear-Phishing in the Army" »

April 11, 2008

Phishing Email Part of Army Test

Many people become victims of email phishing scams that cause them to release personal confidential data.  But, how much is our national defense at risk?  One recent exercise led 30% of people with a military address tested to fall victim to a clever scam.

More than 3,000 soldiers, civilians and family members with military email addresses provided personal information in a phishing scam that was sent to 10,000 email addresses on March 30th.  The well-designed phishing email promised free tickets to area theme parks, with a link to a Web site that appeared to belong to the Family and Morale, Welfare and Recreation Command and used FMWR Web graphics and logo, according to the U.S. Army

But, the link did not really belong to the FMWR.

Fortunately, no personal information was transmitted.  These "phishing" emails developed by the Army Computer Emergency Response Team (ACERT) in a Global Computer Network Defense exercise, Bulwark Defender 08, to test the defensive posture of the Army LandWarNet.

"This exercise illustrates how hackers can turn the popularity of a trusted resource such as the MWR Web site against unwitting personnel by using real information and activities openly available on the Internet," stated a second email from ACERT.  "As you know, phishing emails are a common method used by Hackers to infiltrate Army networks and systems. Your ability to identify and respond to phishing attempts is paramount to the defense of critical information systems that make up the Army LandWarNet. Soon, you will receive another email from the ACERT that will provide education on how to identify 'phishing' attempts as illegitimate."

FMWRC officials were not alerted to the exercise in advance because the unit "limits the number of trusted agents" in phishing exercises of this type, according to ACERT officials.

"From the outside, looking in, the customer has no way of knowing FMWRC was not involved in this exercise," said Ms. Laurie Pugh, Public Affairs Officer for FMWRC. "We have no idea how many of our customers this exercise has alienated ... The Family and MWR Command has spent decades and millions of dollars establishing our brand as one that can be recognized and trusted by Soldiers and Families ... We have yet to determine how much of that trust has been undermined by this exercise."

April 08, 2008

Spring in New England

Banner When is it Spring in New England?  It certainly is not March 20th or 21st, no matter what the astronomical calendar says.  Anyone who lived through the April 1, 1997 blizzard will tell you that.  It is not when that last mound of snow finally melts or even when the birds return.  No, the first sign of Spring is the Red Sox home opener.  We know that Summer is coming.

Img00025It was a beautiful day at Fenway Park today as they unfurled the 2007 Word Series Championship banner.  It did start a bit on the cold side today.  Initially, our seats were in the shade. But as the game played on, the sun shined on our seats.  We were warm, outside, and watching the Boys of Summer. The birds (including both the infamous hawk living at Fenway and the flyover by the Vermont National Guard) and the fly balls made us all smile.

The game itself was great for Red Sox Nation.  The Sox won 5-0 and Dice-K pitched beautifully. Ahhh ... summer in New England.  I can hardly wait.

April 04, 2008

Man Sends Threatening Email, Gets Arrested for Porn

It may never be a good idea to send a threatening email to the "Governator."  He is likely to get upset and do something about it.  And, you never know where that might lead.

Back in September 2004, David Kearby Clements sent a nasty email to Gov. Arnold Schwarzenegger that according to court papers, however, called the Governor a "Nazi" and threatening to physically harm him. This attracted the attention of the California Highway Patrol (CHP), the agency responsible for protecting the governor.

CHP officers executed a search warrant at Clements' South Lake Tahoe home to obtain evidence that the e-mail originated on his computer, where they also found a bounty of "child pornography, sexually explicit images of minors, and child erotica," according to court papers and reported in Sacramento Bee.

Clements, 50, was sentenced Monday to five years in federal prison for receipt and possession of child pornography, the paper reported.

April 03, 2008

NC Gov Holds Hearings on What Emails to Delete

North Carolina Governor Mike Easley's panel on deleting emails and public records laws is scheduled to hold its second meeting today.  It is a timely meeting after revelations this week that show that some employees believed that the Governor ordered the deletion of emails coming from his office.

Last Month (March 4th), Debbie Crane, the former public affairs director for the state Department of Health and Human Services, was fired and shortly afterwards she said in an interview that she and other top public information officers were told to delete email after sending it to the governor's office.  This instruction could be in violation of North Carolina's public records law.  (This paragraph now contains the correction mentioned in the comment.  My apologies for any confusion and my thanks to the commenter.)

The Governor's office quickly denied the allegations.  "I find no evidence that anyone in the governor's office instructed any state agency, including DHHS, to systematically delete and destroy email messages exchanged with the governor's office," wrote Reuben Young, Easley's legal counsel on the next day. (The News and Observer)

This week, the waters became murkier. when notes taken by other public information officers became public:

The notes from one public information officer read, "Public records request -- increasing -- careful of email -- delete emails to/from gov. office everyday."

Another public information officer wrote, "emails -- more and more public records requests (blogs?) be careful w/emails; delete emails to & from gov office every day." (News & Observer)

In addition, other documents, such as a record of a March 20th meeting with the governor's press office in which email was discussed: "Sherri -- keep eye on agencies; limit your e-mails; clean out sent emails."  Sherri may refer to Sherri Johnson, the governor's communications director.

Gov. Mike Easley said Tuesday that he is not convinced that recently released notes jotted by state employees are clear evidence that officials in his office instructed others to destroy public records.  One interpretation, Easley said, is that the public information officers were told to avoid taking up too much space on computer servers and that they should print out email messages that are public records and keep them in a file before deleting them.  (N&O)

"Delete can mean a lot of things," Easley said. "If you've got something of value, you move it to a folder and then delete it. If you need to print it, print it and then delete off your box." (Charlotte Observer)

The debate is an important one.  The Governor's office claims to be taking the high ground and wants to make it known that the public records law must be followed.  That could be one interpretation of Debbie Crane's termination for allowing emails to be deleted.  Another interpretation is that the Governor's office is actually telling people to delete emails without actually using those words -- plausible deny ability.

In either case, it is good news that there is now a panel endorsed by the Governor that is designed to review and make recommendations, if needed, concerning email messages and public records.  I hope that it has the independence and strength to review the issues and make great recommendations.

April 02, 2008

Google Custom Time

GmailEver want to go back in time to send an email that proves your boss knew about a problem two weeks ago?  Ever want to get a pass from the SEC because you have email proof that you met the deadlines?

Tuesday, Google announced a new feature for Gmail -- Google Custom Time, with the slogan "Be On Time. Every Time."  You can opt for it to show up read or unread by selecting the appropriate option.   How might you use this feature ...

"I just got two tickets to Radiohead by being the 'first' to respond to a co-worker's 'first-come, first-serve' email. Someone else had already won them, but I told everyone to check their inboxes again. Everyone sort of knows I used Custom Time on this one, but I'm denying it." -- Robby S., Paralegal

"I used to be an honest person; but now I don't have to be. It's just so much easier this way. I've gained a lot of productivity by not having to think about doing the 'right' thing." -- Todd J., Investment Banker

Finding it hard to believe that Google would do this?  You should.  It was sent on April 1 -- April Fools Day.  It also included such wonderful references as:

How does it work? Gmail utilizes an e-flux capacitor to resolve issues of causality (see Grandfather Paradox).

Thank you, Google, for the wonderful April Fool's prank.  And, thank you Michelle for pointing it out to me.

April 01, 2008

Monks Get Recording Contract By Email

What would monks from a 12th-century Austrian monastery from the Cistercian monastery of Heiligenkreuz (The Holy Cross) in Austria do with email and YouTube?  Well, land a recording contract, of course with Universal Music, the label for pop stars such as Amy Winehouse and Eminem.

Universal had seen an increase in interest in Gregorian chants.  So, they placed an advertisement in various religious publications in Britain in February -- and received more than 100 entries from all over the world.

"We didn't have much hope of securing a deal", a spokesman for the monks, Father Philipp-Neri Gschanes, told AFP.  "But we applied via an e-mail containing links to our website and to a YouTube video that one of our brothers had made for us."

The monks are set to go into the recording studio in early April, with the release date set for the summer. 

March 31, 2008

Indiana Requires Sex Offenders to Register Email Addresses

Indiana Governor Mitch Daniels signed into law a new requirement that "bans sex offenders from using social-networking sites, instant-messaging programs or chat rooms that the offender knows includes children. The law also requires offenders to register their email and user names with the state each year and makes it a Class D felony if they don’t." (Indiana Daily Student)

This seems like an excellent idea, although it would allow offenders to get new email addresses the day after they register with the state.

“These e-mail addresses are what’s going to be important when law enforcement authorities are doing investigations related to social networking sites such as Facebook and MySpace,” Indiana Attorney General Steve Carter said March 24 during an appearance in Indianapolis to discuss recently-enacted legislation, according to the newspaper.

Do other states have requirements like this one?  The Indiana law takes effect July 1.

15th Anniversary of Spam

I don't know if it is worth a birthday cake, but today is the 15th anniversary of the use of the word "spam" to describe unsolicited bulk electronic communications.  The term is thought to have been coined by Joel Furr, an administrator on the net discussion system Usenet.  He used "spam" to describe bulk postings on discussion boards.  It took a few years for the term to be applied generally to bulk email.

It is hard to believe that 15 years ago, the word "spam" only referred to certain processed luncheon meat and a Monty Python skit.  In the skit, a group of Vikings, who were at a restaurant that only served spam, start singing: "SPAM, SPAM, SPAM, SPAM..., Spam, lovely spam, wonderful spam."

Next month, it will be the 30th anniversary of the first recorded unsolicited email.  It was sent by 3 May 1978, when Gary Thuerk, an aggressive DEC (Digital Equipment Corp., my former employer) marketer who thought Arpanet users would find it cool that DEC had integrated Arpanet protocol support directly into the new DEC-20 and TOPS-20 OS.  He sent the email to every Arpanet user on the U.S. West Coast.  More on that in May!

March 27, 2008

Did China Fire Their Soccer Coach By Email?

An interesting small article in yesterday's Beijing People's Daily said that China's women's soccer coach Elisabeth Loisel was returning to China despite receiving an email that asked her not to return:

"It is impossible for us to continue the commitment of your contract, and we are sorry to inform you that you do not have to come to China and coach the team again."

This is not the first time this blog reported on people being sacked by email.  But, this seemed to be a very high profile way of terminating a contract.  Loisel is also quoted as saying that the email could be a fraud:

"There is no signature and no stamp (on the e-mail). I have no idea about the email's credibility," said the embattled coach, who has been in deep water with Chinese officials for several weeks. "As I did not receive the official decision about my future, I will fly to Beijing according to my original schedule.

With the Olympics coming to China later this year, all form of sport has become very visible.  Loisel reportedly failed to improve the team since taking the job last October and has been in an argument with China Football Association (CFA).  The article suggests that the email is legitimate, saying:

"Reports said the email was sent to Loisel with the authorization of CFA vice-president Xie Yalong"

"CFA ignored Loisel's (training) list, omitting veteran winger Zhang Ouying, a player strongly backed by Loisel, and called up some new faces.  It is a strong sign the coach's tenure has indeed come to an end. Despite Loisel's arrival in Beijing today, it is unlikely she will attend the training session that begins tomorrow and ends May 8."

 

March 26, 2008

Employers May Limit Union Use of Email Systems

The National Labor Relations Board (NLRB) ruled that employers do have "basic property right" to restrict the use of its email system by a union and that a union should not be able to use an employer's equipment to organize or communicate with employees. (Law.com)  This ruling settles a long running dispute and affirms the position in the U.S. that it is the employer, not the employee, who controls the content of their email system.  But, it may also suggest that employers review their email policies to make sure they are handled consistently.

This dispute put a union's basic right to organize workers against property rights.  The unions argued that the use of email is widespread and that in many cases has augmented verbal communications.  The issue of verbal communications is important.  Over the years, NLRB gave greater protection to verbal communications than to written communications, such as a brochure or a leaflet.

However, the NLRB has also recognized that the National Labor Relations Act does have some limitations when it comes to union activities during working hours in the workplace.  For example, it has been held that a union should not be able to use an employer's equipment to organize.

In this particular case, the employer, Guard Publishing had a general policy that prohibited any "nonjob-related solicitations" on company email.   This was held to be perfectly legal.  The union also argued that since the employer had allowed some personal or nonbusiness email solicitations, it had to allow union emails, or else it was enforcing its policy in a "discriminatory" manner. The board rejected this theory.  This is how Law.com explains it:

The board recognized that an employer who allows limited personal email solicitations, but still prohibits union solicitations, has not engaged in discriminatory enforcement. The board limited the application of the discriminatory enforcement rule to the employer's treatment of email communications of a similar nature. For example, it stated that an employer may lawfully allow employees to send personal emails, listing personal items "for sale," or use email to solicit support for charitable organizations like the Red Cross, while still prohibiting union solicitations. The board reasoned that these communications were not similar, and therefore did not merit similar treatment.

On the other hand, the board cautioned that if union solicitations are prohibited, an employer cannot allow employees to use email to solicit for profit-making ventures, to organize meetings for "clubs" or private organizations, or to promote competing unions. To allow these types of email solicitations while prohibiting "union" emails would be discriminatory enforcement.

There are specific rules regarding union solicitations that cannot be generalized to normal email use.  But, it would not be a stretch to imagine legal action where somebody complains that a general prohibition on the use of non-business email would be challenged if it is not uniformly enforced.

This suggests that employers should review their email policies to be more specific about what is allowed and what is not allowed.  For example, banning "non-business" emails may be too broad in this day and age.  Specifically allowing a reasonable number of personal messages, as explained above, may be prudent.

March 14, 2008

Newest Email Scam: "Now do you want to LIVE OR DIE?"

Many newspapers around North America are reporting an influx of emails in which a person is told that they can avoid their own murder by paying off the emailer.  Here are some of the latest that I've seen:

  • "They claim responsibility for the Sept. 11 terrorist attacks and the London transit bombings and now they've been hired to kill you.  The latest email scam is perhaps the most insidious yet. It prays on the fears of Internet users with the threat of death if money isn't handed over.  Rose Menard opened her email Thursday morning and learned a hitman is going to kill her if she doesn't pay $15,000."  (Sudbury, Ontario Star)
  • "A local elementary school teacher and a businessman get death threats on their computers.
    "I went to check my email and I only had three draw up and I saw one said, 'Be more careful'." Those three words peeked Hysen Selman's curiosity. The Mansfield business owner opened the email, only to discover it was a death threat, saying, "Some friends want you dead".  (WJW-8, My FOX, Cleveland)
  • "Within the past few weeks, the Yavapai (AZ) County Sheriff’s Office (YCSO) has received complaints and documented at least two incidents in which persons threaten death via email to a specific party unless money is paid. In a majority of the emails, the sender claims he has already been paid to kill the recipient and will cancel the contract on the recipient’s life if the recipient pays a large sum of money.  (The Wickenburg Sun)
  • "A Basehor area woman was told she could avert her own murder by paying someone $15,000, according to a report from the Leavenworth (KY) County Sheriff’s Office.  ... The person who sent the email purported to have been paid to kill her. He indicated he would not murder her if she contacted him for instructions regarding where to send money, according to the report." (Leavenworth Times)

One of the newspaper articles says that the email reads: "Someone you call a friend wants you dead by all means, and the person have spent a lot of money on this, the person also came to us and told me that he wanted you dead and he provided us with your name, picture and other necessary information we needed about you. So I sent my boys to track you down and they have carried out the necessary investigation needed for the operation on you".
   
The email goes on, demanding money, "Now do you want to LIVE OR DIE? As someone has paid us to kill you. Get back to me now if you are ready to pay some fees to spare your life, $xx,000 is all you need to spend".
   
Investigators say don't be fooled. It's actually another email scheme.

March 13, 2008

"Sexy Muffin" Email Revealed At Disciplinary Hearing

Here is a story in which being caught by email and text message led to the ultimate tragedy for all involved.  The teacher resigned from her job and faces disciplinary hearings.  The student reportedly committed suicide.

"Hey, you sexy muffin, let me begin by telling you that I completely enjoyed my weekend. ... You definitely made me feel like I was the most beautiful thing. ... You have more energy than the Energizer Bunny and more stamina than any world leader," said the email that was read yesterday at the disciplinary hearing of Lori-Lee Simard, a teacher from the northwestern Alberta, Canada village of Donnelly. 

Simard allegedly sent the email to 18-year old student Riley Aubin. (Edmonton Sun)  It was one of a reported 22 emails plus text messages sent by Simard to Aubin.  (Edmonton Journal)

Simard, who taught drama, pleaded guilty Tuesday to one charge under the Teaching Profession Act: that she "engaged in an inappropriate teacher-student relationship." She pleaded not guilty to five other charges under the same legislation, including that she engaged in an inappropriate romantic or sexual relationship with Aubin.

Besides emails, Aubin allegedly received text messages from the same computer to his cellphone. In one, Simard allegedly referred to Aubin's "sexy, seducible eyes and that blue steel look ..."  The hearing was also told about a naked picture of Aubin that was reportedly on Simard's school computer.

Unfortunately, it was a text message apparently sent by Aubin that led to his being caught and then his own reported suicide.   

Ken Riegel, superintendent of the High Prairie School Division, said Simard told him that her husband had found a text message on a new cellphone she had left at home.  The message started with, "Miss you sexy like you wouldn't believe" and ended with "F- are you amazing." (Edmonton Journal)  Riegel said Simard told him her husband didn't know who had sent the message, so he called the phone number from which it came. The teacher told her superintendent that Aubin answered and apologized for the message, explaining it had been sent in error.  One day later, Aubin died at home on April 9, 2006, of a gunshot to the head. (Edmonton Journal)

March 12, 2008

Email Leads to Criminal's Capture

We know that some email scams are fronts for illegal activities.  But, this is a story in which sending out thousands of emails actually lead to the arrest of an alleged criminal.

"Hi everyone. Attached is a picture of a serious con man. In the photograph he looks suspect, but NOT when you see him. He stole my car and my jewelery. The Internet is a powerful tool. Please, please pass this on to everyone you know in South Africa. If you all do this, it may save someone else from being fleeced by this cockroach," said an email from a Cape Town woman that was widely circulated in South Africa.

Seven months later, book shop employee Audrey Potter recognized the man.   Determined to ensure that he be caught, she kept him busy in the store for a while and later followed him into another one.  Then, she flagged down two policemen who drove past and convinced them to help her catch the man, who was by then strolling down the street.  Flanked by the policemen, Potter shouted at him: “Hey, you robbed my friend and we’re gonna arrest you now."  (The Times)

March 11, 2008

Gmail Thief

In The Case of the Missing Gmail, I wrote about an IDG article that claimed "Although Google denies system wide issues with its Gmail service, many users have lost some or all of their stored email."  One would think that this would cause a rush of people who wanted to archive / backup their Gmail.

"I've accumulated a mass of important information that I would rather not lose. During my search I came across G-Archiver, I figured what the heck I'll give it a try," stated Dustin Brooks in the blog Coding Horror.

When the software did not work as expected, Dustin decide to look at the source code of the product using a program called Reflector.  What he found surprised him.  The source code contained the email address and password of the supposed author, John Terry.  Not a smart thing to do.  And, Dustin felt it was OK to log into Terry's account to see what it was being used for.  He was shocked to discover:

Gmailpasswordthiefscreenshot3

"Upon getting to the inbox I was greeted with 1,777 emails with account information for everyone who had ever used the software and right at the top was mine. I decided to go ahead and blast every email to the deleted folder and then empty it. I may have accidentally changed the password and security question to something I don't remember as well, whoops, my bad. I also contacted Google to erase this account as I didn't see a way to delete it myself."

Until recently, this software was available for free download at a wide number of sites, including my favorite CNET's Download.com.  Be careful what you download.

March 10, 2008

Does the NSA Monitor Your Email?

The NSA "now monitors huge volumes of records of domestic emails and Internet searches as well as bank transfers, credit-card transactions, travel and telephone records," reports today's Wall Street Journal.  The intent is to find patterns.

This is how it works, according to the report.  First, the government may have a suspicious email or IP address.  It then finds all of the email addresses and IP addresses used to communicate with the suspicious one.  The web can then continue to find all those who connect to that second set of addresses.  And, so on.  (I think there is a joke about connecting to Kevin Bacon needed here.)

"The haul can include records of phone calls, email headers and destinations, data on financial transactions and records of Internet browsing. The system also would collect information about other people, including those in the U.S. ... The information doesn't generally include the contents of conversations or emails. But it can give such transactional information as a cellphone's location, whom a person is calling, and what Web sites he or she is visiting. For an email, the data haul can include the identities of the sender and recipient and the subject line, but not the content of the message."

It is unknown how many law-abiding Americans have been swept up in the surveillance because they communicated with somebody who knows somebody and so on. 

"While the Fourth Amendment guarantees "[t]he right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures," the legality of data-sweeping relies on the government's interpretation of a 1979 Supreme Court ruling allowing records of phone calls -- but not actual conversations -- to be collected without a warrant," the Journal says.

Japanese High School Principal Arrested Over Emails

Police confiscated two personal computers from the Principal's Office at Kawaguchi High School yesterday, reported the Japan Times.  Principal Kazuo Ichikawa, 56, was arrested Saturday after he allegedly sent more than 10 threatening email messages to a woman in her 20s, who wanted to break up with him. The alleged messages, sent in November and December, threatened death and blackmail, according to the police:

"I don't care about what will happen to you. I can kill somebody in cold blood," one message said.

"I will expose your private life," said another.

Yesterday, officials from the high school and the Kawaguchi Municipal Board of Education held a news conference to apologize for the incident.

Congressman Apologizes for Breaking House Rules on Campaign Email

Matthew Lillibridge, a staffer working for Rep. Steve Chabot (R-Ohio), apparently broke House rules Friday, forwarding a request that congressional staffers send interns to the Republican National Committee (RNC) to make campaign-related phone calls on behalf of Jim Oberweis, reported The Hill.

In the purely partisan email stated:

“If you have interns sitting around today, please send them over to the RNC...to phone bank for Oberweis.”

Lillibridge apparently violated House rules against using House resources for campaign purposes. Lillibridge used his House email address, forwarding the e-mail to other addresses on the House email server.

Chabot spokesman George Cecala apologized for the incident.  “It’s not our office policy to conduct business this way...We apologize if there was an appearance of impropriety, which was certainly not our office’s intent. We apologize to the folks back home. We work hard to make sure that our staff is fully informed on the proper procedures,” Cecala said.  Cecala added that Chabot's office had been “quick to notify the ethics committee,” and that Lillibridge “is a young assistant who acted before he thought.” Lillibridge is 23 years old.

No matter what the decision is related to ethics, Lillibridge effort was for naught.  Oberweis lost the special election on Saturday for the Congressional seat vacated by former GOP House Speaker Dennis Hastert.  (This was seen as a major Democratic win.  This is a district that President Bush carried easily in 2004 with 55% of the vote.  The GOP reportedly had spent more than a $1-million in an attempt to keep the seat in the R column.)

State Must Release Email Addresses

In response to a Freedom of Information Act request, a Vermont judge ordered the State to release an electronic database containing email addresses for every government employee. 

The addresses were already publicly available in two forms -- as a printed list, or as a partial electronic list on the State's Web site -- but staff refused to release the entire database in one electronic file.  The State argued the information was exempt from disclosure as an electronic database because the addresses then could easily be used for private gain, according to court papers as reported in the Burlington Free Press.

Judge Dennis Pearson rejected that reasoning in a February ruling, writing the department's "apparent position" is "the information should be available to the public so long as it is not in an easy to use form."

March 08, 2008

What Are The Candidates Position on Email?

"This shouldn't be an issue, except for the current administration's inability to manage a functioning archive or backup," said  Charles Bermant in today's Seattle Times. "As we decide whom to support in the presidential election, one issue has been ignored: What email policies he or she will enforce to maintain an accurate archive, chain of command and reliable backup?"

He makes an interesting point.  The current White House reportedly lost a million email messages.  Some employees are known for having their assistants print out email messages for their bosses.  And several are accused of using personal email systems for official government correspondence.

It should be easy for a candidate to say how he or she will support the Presidential Records Act to prevent lost emails in the future.  I hope that somebody asks.

March 07, 2008

Male Call -- Breaking Up By Email

(Read today in the San Jose Mercury News.  This is verbatim text of their article.)

Q.  A guy just broke up with me by e-mail, and I want to know if this is now common practice. It just seems rude to me. We had only gone out a few times, but we had fun, and there seemed to be potential, and then it was just this blow-off email.  --  Annoyed, San Jose

A  Hey, at least it wasn't a text message. Or the even more common practice (apparently, judging from our email) of simply vanishing from the face of the Earth - no call, no email, no traceable GPS location. All you're left with are a few mismatched sweat socks under the bed and half a six-pack of Coors Light in the fridge. (If the beer wasn't light, you might have had a chance at clobbering him as he sneaked back in to grab the remainders. But for Coors Light? Nah . . . )

Continue reading "Male Call -- Breaking Up By Email" »

March 06, 2008

iPhone Lust

I recently purchased a BlackBerry Curve.  What a great smartphone.  But, no matter what, it still is not as sexy as an iPhone.  Yet, it was hard to justify a device that did not synchronize with Microsoft Outlook.  The heart may say iPhone, but the mind says BlackBerry.

Well, today, Apple held an event announcing a software developer's kit and software store, plus support for Microsoft Exchange email, contacts and calendaring coming in June.  This could change the entire equation.  As more interesting business applications find their way to the iPhone, it can become a serious alternative to the BlackBerry.  (Now, guys, can you also fix the non-removable battery and the lock on AT&T as a service provider?)

March 03, 2008

Ruling Confirms First Felony Spam Conviction

In a narrow 4-3 ruling today, the Virgina Supreme Court upheld the conviction of one of the world's most notorious spammer and specifically said that spam was not protected by the First Amendment guarantees of free speech.

Jeremy Jaynes was once listed by Spamhaus as the "8th most prolific spammer in the world."  At the time of his arrest in December 2003, "said that in a period of just one month, Jaynes and a partner sent over 100,000 e-mails to AOL users that were in turn reported as spam, with untold more going to other ISPs." (Daily Tech)  He was convicted and sentenced to nine years in prison.

An interesting twist to the conviction was that Jaynes is a North Carolina resident and did not operate out of Virgina.  However, the Virginia law covers mail passing through the state, including mail passing through AOL's servers.  Jayne's claim that the law violated the interstate commerce provisions of the U.S. Constitution were also rejected by the Virginia Supreme Court.

Generally, it is good to cheer the successful conviction of such a mass spammer.

"This is a historic victory in the fight against online crime," state Attorney General Bob McDonnell said in a written statement. "Spam not only clogs e-mail inboxes and destroys productivity; it also defrauds citizens and threatens the online revolution that is so critical to Virginia's economic prosperity."

However, should Virginia have the right to pass regulations on how the Internet may be used anywhere in the country simply because AOL's servers are in that state?  What other states can now exercise new rights because email is stored or forwarded for a nanosecond within its boundaries?

ABOUT AUTHOR

  • Roger Matus is CEO of InBoxer, Inc. of Concord, Mass. and a well-known commentator on the use of email, IM, and messaging technologies.



    View Roger Matus's profile on LinkedIn