Paul Gregg

Jack of all Tech.

domainadmin.com phishing spam email that isn’t.

Written By: pgregg - Jun• 25•2014

Registered a new domain name this evening and very quickly received what looked very much like a phishing email from domainadmin.com

The email itself:

> From: PGregg [mailto:xxx@example.com]

> Sent: 24 June 2014 23:26

> To: xxx@example.com

> Subject: VERIFICATION REQUIRED – Please verify your domain name(s) as soon as possible

 

Greetings,

Please read this important e-mail carefully.

Recently you registered, transferred or modified the contact information for one or more of your domain name(s). As of January 1, 2014, ICANN requires all accredited registrars to verify your new contact information.

You can read about ICANN’s new policy at: http://www.icann.org/en/resources/registrars/raa/approved-with-specs-27jun13-en.htm#whois-accuracy.

newdomainname.com

In order to ensure your domain name remain active, you must now click the following link and follow the instructions provided:

http://approve.domainadmin.com/registrant/?verification_id=1234567&key=abcdefg&rid=12345

Failure to follow the above link and complete this process will eventually lead to the suspension of your domain name(s).

If you have any questions, please contact us.

Sincerely,

PGregg

Turns out this is actually legitimate.  Posting this in case others wonder the same and google happens to direct them to this page.

 

 

Test post

Written By: pgregg - Jan• 02•2013

Migrated database and web site to new host. Testing this is working.

Guardian @commentisfree columnist @MissEllieMae talks drivel about Lord McAlpine

Written By: pgregg - Nov• 16•2012

I came across Ellie Mae O’Hagan on twitter today, who claims in her twitter biog to be a “Socialist, feminist, columnist”.

Her twitter ID is @MissEllieMae, and she wrote this:

 

 

Feel free to go read, then come back here. I’m going to break it down and comment.

I want to expand on the tweets I put out this morning regarding Lord McAlpine’s decision to sue for damages after being falsely accused of abusing children.

Fair enough.

Twitter is the sort of place where even the most obvious of sentiments must be spelled out, so let me emphasise that I recognise Lord McAlpine has been the victim of false accusations, that he has suffered immensely and unjustly, and I extend my sympathy to him.

I would like to respond firstly to the respondents who accused me of creating a ‘hierarchy of suffering’ in saying what I said. I want to be absolutely clear here: being abused as a child IS worse than being falsely accused of paedophilia. There is no doubt about that – especially as abuse survivors who speak out often become the victims of false accusations as well (they are called fantasists, liars, sluts etc). I invite anyone who wants to contradict me to ask themselves which form of suffering they would prefer.

How is this relevant? Are you trying to say it is ok to be called a paedophile because it isn’t as bad as being abused? Reading this paragraph – you are certainly establishing a hierarchy of suffering.

In any case, I was not trying to create a hierarchy of suffering. I was attempting to redress the hierarchy of suffering which ALREADY EXISTS thanks to the rape culture and privilege which exists in our society. These forces allowed the abuse of Stephen Messham to happen. These forces enabled the abuse to be covered up. These forces allowed the Mail to print a hatchet job of an abuse victim. And now they are responsible for the entire story focussing upon Lord McAlpine, instead of the pursuit of justice for survivors of abuse. That is not an accident. That is evidence of rape culture and privilege.

Consider your hierarchy of suffering created.

It is worrying that so many people are behaving as though it is just coincidence that McAlpine been the focus of the story for weeks, overshadowing the man who survived the actual abuse. It is worrying that so few (especially so few journalists) have acknowledged that this skewed focus is the result of OPPRESSIVE SOCIAL STRUCTURES which destroy the lives of many, and not just the way a news story happened to roll out.

Again irrelevant.

Now I want to turn to McAlpine’s decision to sue for damages. This is his right as someone falsely accused, and I acknowledge that. But just because someone is entitled to do something, that doesn’t make it the best course of action. Let’s look at the context here: McAlpine has just received £185k from the BBC the day before its annual drive to raise money for vulnerable children. And for what? It is now accepted that he was falsely accused. Some have said ‘mud sticks,’ but I fail to see how £185k will make anyone desperate to believe the false allegations think ‘oh well now he’s got MONEY, I don’t believe it anymore.’

And yet, the twitterverse is now criticising McAlpine for not suing Scallywag for similar allegations in the 1990s. Damned if you do, damned if you don’t. Further, Scallywag was being sued by John Major, and promptly went bankrupt – so there was noone for McAlpine to sue.

As an already very wealthy individual, this money will not ease McAlpine’s suffering in the way that – say – Chris Jeffries’ compensation might. Given the issues of rape culture and privilege in these events (see above), I think it is the wrong decision for him to keep that money, despite him being entitled to do so.

That is entirely your opinion. You are entitled to it. But just as you think it is wrong of McAlpine to keep it (note, he hasn’t said if he is keeping it or donating it anyway), I am perfectly entitled to think you are wrong for your posturing, indeed bullying, in an attempted to coerce him into donating the settlement to abuse victims.

In addition, McAlpine’s solicitor has also said he is in possession of a ‘very long list’ of people who smeared his client. I can’t imagine all of these people are able to afford a legal case, and I suspect legal proceedings might mean financial ruin for some of them. How does that help Lord McAlpine? Will that be confirmation of his innocence? I don’t think it will make any difference to his reputation, but it will make a lot of difference to the lives of these people. Is it really proportionate? Again, Lord McAlpine is entitled to pursue this if he so wishes, but I don’t think that makes it right.

This is irrelevant to the dealings of the monies from settlement with the BBC. However, why not? He was libelled. He has a lawful right to seek redress in the courts.  Twitter is not extralegal. Therefore what is the problem?

At this point I also want to point out that abuse survivors who sue are often accused of being in it for the money, and are told it should be about ‘justice.’ But when the accused sue, it is considered fair. A rape survivor contacted me this morning to tell me that when she claimed her compensation, she was smeared in a national newspaper as being a ‘slut.’ That’s another example of rape culture and privilege.

That is terrible – but it seems you are invoking the hierarchy of suffering to say McAlpine has no reason for complaint.

Finally, many have said it is not Lord McAlpine’s responsibility to stand up for Stephen Messham or survivors of child abuse, as he has not chosen to be a part of this story. Given sexual abuse is the product of rape culture and privilege (see above) which is a socially ingrained thing, we ALL have a responsibility when it comes to this. It is doubly incumbent upon Lord McAlpine to do this given how the story has refocused on him thanks to rape culture and privilege (see above). He may not have intended that, but it HAS happened. I would like to see him use this opportunity to call for justice. That could only improve his reputation.

Seriously? It was Stephen Messham who misidentified Lord McAlpine. Why on earth would he want to stand up for him? The story has not refocused. If it McAlpine’s fault that the media (and you) are mentally incapable of separating two stories and running with both?

So, given Lord McAlpine’s solicitor says he is monitoring Twitter, I have this message for him: please ask your client to consider using his influence to speak out for survivors and to donate his compensation to helping them. He is under no obligation to do so, but it would be right and decent under the circumstances, and it would help refocus this story onto the pursuit of justice for survivors.

It might be the decent thing to do. But it is your opinion that it is the right thing to do. What he does with the settlement is entirely up to him and not for you or others to persuade him what to do with it.  Trying to sway public opinion with emotive rubbish like this is an abuse of position for any columnist. Further, it is only a settlement of this magnitude that will cause media owners to think twice before falsely accusing an individual of a crime.

Consider this. If McAlpine had been accused of being a thief, or a murderer and it turned out to be a false allegation. Would people be calling for him to donate any settlement to victims of theft or families of murder victimes? No? Why not?  I stand by by original twitter comment:

 


She will probably never read this because she declared me a troll and blocked me for having the audacity to disagree with her opinions.

My final comment is that those who dug themselves into the holes they are in regarding McAlpine should perhaps stop digging.

Menshn stats and where they came from.

Written By: pgregg - Sep• 11•2012

You may have noticed, if you have been following my twitter feed, that I have been posting some Menshn statistics recently. You may also be wondering how I came by these numbers.

 

  Someone sent me a message on twitter pointing me to the URL: menshn.com/data/chat.php (which shall remain unclickable for reasons that will become apparent).  This web page basically dumps the last 20-30k “menshns” out in a semi-structured html data format.  In total (at time of writing) it dumps 31MB of data. So you can see why I’m not making it a link. I’ve no desire to overload their systems.

Upon looking at the “View source” on the menshn.com homepage, it seems that they use this to back end the automatically updating feed on their homepage.  

If you watch the traffic generated by your browser – you can see it making a request every 4 seconds for https://menshn.com/data/chat.php?roomid=*&lastid=73405

So, now we know where my source got the link from – seems if you don’t supply any arguments, it just dumps everything it has. And so, with such a dataset we are able to do some metrics.

First up, I parsed all the data out to produce a simple ID,Room,Name,Message text file – just to prove to myself that I had understood the data set and was parsing it correctly.

Next, I built into the parser, metric building. Count the unique users, count number of posts/menshns, count number of rooms/topics, etc.

From this I have the top line information: 

Number of active users: 218
Number of active rooms: 224

Breaking this down further to “Top 20″ lists, I get:

20 Most prolific users:
 5752 janemcqueen
 3240 CosensV
 2019 Chriss
 2011 BlackAdder
 1569 PoliticsBlogorguk
 1520 Xlibris
 1106 DavidX
 783 JOSHBHJ
 782 Louise
 717 EdenFisher
 704 JayMcNeil
 666 Grist
 588 TinderWall
 401 RV
 384 Bozier
 373 jeanprytyskacz
 348 MikeARPowell
 285 Silaz
 251 Rabbs
 239 Europe

And

20 Busiest rooms:
 6361 //ukpolitics
 3216 //gaymarriage
 1252 //religion
 1014 //assangecase
 877 //olympics2012
 717 //judaism
 673 //uselection
 663 //atheism
 642 //mormonism
 585 //davidcameron
 527 //civilliberty
 479 //reshuffle
 474 //mittromney
 415 //corbyelectio
 394 //capitalism
 315 //twitter
 295 //falklands
 224 //louisemensch
 208 //philosophy
 204 //catholicism

Growth metrics are easily obtained by performing the same test at different times. In my case, they were 3.5 days apart. Leading to the conclusion posted on twitter:  

 

If you really want to see all the menshns, rather than overload the menshn server – you can obtain my parsed analysis of the dump at http://pgregg.com/test/menshn/menshnchat.txt

I’d welcome comments on this. For the record – none of this information was obtained via a “hack” and no illegal acts were committed in the gathering of this information.

 

 

Luke Bozier reponds. Backs up allegation with 3rd party tweets.

Written By: pgregg - Sep• 06•2012

Follow-up to yesterday’s article when I discovered Luke Bozier was accusing me of being behind the lukebozier.com web site.

Luke Bozier, co-founder of Menshn, has responded to my email from last night.

Unfortunately he has not retracted his allegation against me, nor offered an apology.

He has compounded the allegation by further alleging that he, and others, have seen me “bragging about setting up lukebozier.com”

He sent me a screen shot of the following tweet as “proof”.

 


Contents of the Email from Luke Bozier:

Subject: Re: http://lukebozier.com/
From: Luke Bozier <lukebozier@gmail.com>
To: Paul Gregg <p-----@pgregg.com>
That would be all well and good except the fact that plenty of people
have seen your Twitter bragging about setting up lukebozier.com on
Twitter. See the attached screen shot. And it's not the only one.

 

Defamed by Menshn owner Luke Bozier

Written By: pgregg - Sep• 05•2012

Today in my twitter feed, I saw this:

 

 

Now I know that the above is a fake/parody account, but it is funny to follow regardless. So I clicked on the link to see what it was about and was horrified to see Mr. Luke Bozier (the real one) make specific allegations that I am behind the lukebozer.com web site.

At the bottom of the page is:



Mr Luke Bozier is mistaken.

I have emailed Mr Luke Bozier asking for an apology and a retraction.

Screenshot of email to Luke Bozier

Comment: Upgrade cycle madness

Written By: pgregg - Aug• 28•2012

It is getting near that time of year when the world goes mad for the next revision of the iPhone.

That annual elation when the faithful can upgrade their awesome^H^H^H^H^H^H^H, sorry, now old and crappy iPhone 4S for the shiny new OMGOMGOMGOMG!!!  NEW iPhone 5. And your life is complete.

On the other hand, there are those (I approximate, half the Apple citizens) who are mid-way through their 24 or 18 month contracts and are torn between needing that shiny new phone and buying out their contracts to get it, or having to suck it up and wait.

A few years ago, I would have agreed that the devices were getting exponentially better and there was a clear benefit to having the latest mobile device but I believe that is no longer true. The power of the devices are reaching a point where they can do almost anything you would want them to. Quad core CPUs – in your *phone*. I think the next huge leap will be in battery life, but, I digress.

Much like PC upgrade cycles. Businesses used to religiously replace their computers every 3 years. There was always a clear benefit to this and we all loved getting new computers because they were so much faster than the one before.

But that stopped being true* about 3 years ago (*unless you are a gamer). Word processing isn’t any faster, email isn’t faster, the Web isn’t faster. Generally speaking – the computer you bought 5 years ago is still pretty damn good.

Companies are realising this also and 3 year replacement cycles became 4 year replacement cycles mostly due to budget cuts. Then 4 years became 5 years as they noticed “hey, this still works great”.  I believe the new standard PC replacement cycle will be 5 years.  I think this was already true in the average home. As an aside, this business change is what is hurting the likes of Dell and HP right now.

So, back to our shiny mobile phones. Can this continue? I don’t believe so. There will come a time – and I think for Apple it will be 2013 – when the iPhone owners realise that their phone is still bloody awesome and the iPhone 6 isn’t such a great incremental step as before, and that maybe, just maybe, they don’t need this to complete their lives.

By 2015, I believe, I hope, that we will be happy with our devices and we won’t need to keep paying the annual upgrade tax just to have the latest shiny. The shiny in our pocket will be awesome, and it will remain so for a couple of years. We should be happy with our devices for at least 2 years – maybe 3.

We had a dotcom bubble. It burst in 2001. We had a financial bubble. It burst in 2008. We are in the middle of a mobile bubble. I believe it will burst in 2015.

None of the mobile device makers want this to happen. I’m not sure the phone companies would like it either – they still want to extract their £35 or $50 per month out of you for the next 24 months.  But you, the consumer, the guy with the cash in his pocket, should care. You are paying £800 or $1200 every two years for that shiny slab of metal in your pocket. You probably wouldn’t spend that on your primary computer that could last 5 years.

Disclaimer, I use a 2.5 year old HTC Desire that is just begging to be upgraded – but I’m holding off as best I can to see what happens post iPhone 5 in the market. I aim to choose a phone that will last me 3 years.  And if there can be any encouragement, it is this. I’m only paying £10 ($16) per month for all my minutes, texts and unlimited data plan.

On Software and Game Copyright and Second Hand sales.

Written By: pgregg - Aug• 07•2012

 

This morning I got into a little twitter spat with a local game developer Matt Johnston. Basically he is arguing against companies like GameStop because they do not provide any revenue back to the original developers of the game. As he is a game developer, he is very obviously on the side of the games companies.

Matt made a blog article and very nicely quoted me in the article – one of the tweets during the to-and-fro conversation. Well as much as 140 characters allows.

Matt makes several points, one of which is that if we allow* a second hand market, then DRM will happen; and we don’t want DRM, so we shouldn’t have a second hand market.

(* note that it is not the right of the games companies to allow or ban it in the first place).

DRM is a red herring and not at the heart of the issue. DRM may be the games companies answer to the problem it perceives – but at the end of the day, DRM only hurts those people who actually pay for the game.

I could go onto many underground sites and find the latest games “for free”. Who wins there?

I don’t as I do believe the game should be paid for. I have a large collection of both Wii originals, and a large Steam archive.

Having said that, morally, I have a real objection to the games companies thinking they can ride roughshod over consumer rights and long established principles and doctrine of first sale.

The second hand market is both legal in the physical works *and* in the digital world. And thankfully we now have case law to back this up.

Last month, in the EU, Oracle lost a case (Oracle vs UsedSoft) trying to prevent resale of licenses to its software.

The court wrote:
“A rightholder who has marketed a copy in the territory of a Member State of the EU thus loses the right to rely on his monopoly of exploitation in order to oppose the resale of that copy.”

Further, Oracle, and Matt here, opposes further distribution based on licensing terms. The court also rejected this view, thus:
‘The principle of exhaustion of the distribution right applies not only where the copyright holder markets copies of his software on a material medium (CD-ROM or DVD) but also where he distributes them by means of downloads from his website. Where the copyright holder makes available to his customer a copy – tangible or intangible – and at the same time concludes, in return form payment of a fee, a licence agreement granting the customer the right to use that copy for an unlimited period, that rightholder sells the copy to the customer and thus exhausts his exclusive distribution right. Such a transaction involves a transfer of the right of ownership of the copy.
‘Therefore, even if the licence agreement prohibits a further transfer, the rightholder can no longer oppose the resale of that copy.’

http://www.gamerlaw.co.uk/2012/07/legality-of-second-hand-sales-in-eu.html
http://www.bit-tech.net/news/gaming/2012/07/04/curia-digital-distribution/1

In summary, as a gaming company, you would love to make income on the second hand sales of your games, who wouldn’t.  However, morally it is wrong.

Would you like the government to charge VAT on second hand goods? No? – they already got their cut, as have you in your first sale.

Thankfully, the law agrees with me.

 

Image: http://www.stockvault.net/photo/106338/video-game-controller

Leaving Menshn for good

Written By: pgregg - Jul• 11•2012

I’ve decided to close my Menshn account, folks. It’s over.  After four weeks of micro-menshning and meeting great friends and colleagues (largely not on Menshn), I’m off. It’s been amazing but it never provided the community feeling it once promised.

So I’ll be posting my rants on twitter and my blog instead, and I’ll be blogging more here and writing for a range of other channels.

Friends can email me via the usual address, add me on Facebook or connect with me on twitter.com, where my username is pgregg.

So to my hundred (automatically assigned) followers – see you around – it’s (mostly) been a pleasure, but largely a technical disaster.

Menshn: Another password design flaw

Written By: pgregg - Jul• 11•2012

Ok – so I forgot my password on Menshn, again, and went to reset my password. Normal email address+token thing – except I noticed another problem.

Menshn emails you a link in the form:

pwreset.php?e=email@address.com&c=8chartoken

At least they are not emailing plain text passwords again. But, I noticed that the token link can be used both multiple times, and it does not expire.

Requesting a new token to be emailed to you invalidates earlier tokens – however it remains the case that the most recent pwreset token stays valid.

Ooops. Bad Menshn, bad. Back to the naughty corner for you.

At least clear the stored token when the user uses it once (and ensure you don’t accept blank tokens).