A valiant attempt by a spammer

Just last week I started a new feature called Stupid Spam of the Week. This one doesn't fit there. The spammer who created this one deserves a prize: Something like 10 years in prison. The premise is so simple that one has to wonder why nobody did it before. The premise of the spam is that most people have subscribed to an on-line service before and have seen messages from the server with an explanation that they must do something to complete the registration.

Like this, for example:

It almost looks plausible. Login verification seems reasonable enough and the spam isn't asking for a user ID and password, but providing one.

But the message claims to have come from Singapore. Not a good sign. And the URL is an IP address. That's the kiss of death as far as I'm concerned. No legitimate operator will send you to an IP address to confirm login information.

Also notice that nowhere does it show your name and the login ID is generic. There isn't a decent system on the planet that assigns user IDs these days; you'll be asked to create your own.

Did I sign up for anything like this? No. But if I was looking for a job and if I had signed up for any of the job-search operations, this could have been sufficiently plausible to earn a click.

That's what makes it so dangerous.

You might be wondering what happens if you go to the website. It appears that the site will do nothing but display a message that says If you do not see the Secure Login Window please install our Secure Login Applet. When you click that, two things will happen:

1. Applet.exe will start running and will undoubtedly attempt to install something on your computer that you won't want on your computer.
2. It will run a Javascript function that, as you can tell from the code, seems to be more than a little hostile to Kaspersky anti-spyware: function xor_str(plain_str, xor_key){ var xored_str = ""; for (var i = 0 ; i < plain_str.length; ++i) xored_str += String.fromCharCode(xor_key ^ plain_str.charCodeAt(i)); return xored_str; } function kaspersky(suck,dick){}; function kaspersky2(suck_dick,again){};var plain_str = (huge variable here.)

The huge variable may contain the payload or it may simply contain something to keep you busy while Applet.exe does what it needs to do.

Some of the messages thank you for joining cat lovers groups, or dog lovers groups. And ...
Here is your membership info for Web Cooking.
Welcome To Web Cooking.
Thank You for Joining Funny-Files.
Are you ready to have fun at Entertaining Pros.
We are so happy you joined Entertaining Pros.
Are you ready to have fun at Online Hook-Up.
Welcome To Poker World.
Thank You for Joining Ringtone Heaven.
We are glad you joined WebTunes.
We are so happy you joined CoolPics.
Welcome To Job Search Pros.

The way to avoid being fooled by these tricks is to treat any message you receive with suspicion. If you didn't request something, don't click on a link.

Converting a PDF to editable text

Adobe's PDF (portable document format) files are ubiquitous. You'll find them on websites. You'll find them in offices. You'll find them used extensively in the printing industry, both for pre-press work and as files that are used to create plates that are used to print newspapers, magazines, brochures, and more. The primary shortcoming to a PDF document, if you don't have the full version of Adobe Acrobat, is that it's hard to extract the text. Sometimes you need to do that.

Why? A company that supplies a product or service to your business may send a PDF that describes the product or service and you may want to use some of the text in one of your publications or on a website. If you could just copy the text or extract it into a word processor. But without the full version of Acrobat, how can you do that?

	Microsoft Word 2007can create a PDF, but it certainly can't open one. This is the result of opening a PDF with Word. CLICK THE IMAGES FOR A LARGER VIEW.
	The standard by which PDF applications are judged is Adobe Acrobat. If you have the full version, you can open an existing PDF (assuming it's not protected) and then save the file to extract the text or the text and formatting. I tried saving a 2-page document that includes some relatively sophisticated formatting.
	The result looks good. In some cases, every line ends with a paragraph marker. That wasn't the case with Acrobat.
	But text from the 2-page flyer was extracted over a total of 4 pages. If you want just the text, it's easy enough to scrape the text together, but it would be nice not to have to do that.
	If you need Acrobat to create PDFs, there's nothing better. If you need Acrobat just to extract words from PDF documents, the $300 to $900 cost (depending on the version) might be out of your range. Docudesk's UN-PDF fills the gap nicely. This is a $60 package that is capable of giving you the text (either plain text or in a Word-compatible format). Here I'm about to open a PDF.
	The first choice is whether I want plain text (no formatting) or if I want the output to retain some of the formatting. I've decided to keep the formatting.
	The next step is how the application should group the text. The Best Match option appeared to break the text into too many pieces ...
	... so I selected Inline/Flowing.
	I didn't want the picture along the left edge, so I deselected Pictures.
	And I didn't want the logo, so I deselected Lines and Vectors.
	Then I was ready to convert the document.
	The result fit on 2 pages, unlike the output from Acrobat.
	Unfortunately, each line ended with a paragraph mark. This is an easy problem to fix, certainly no harder that fixing Acrobat's problem in exporting a 2-page document and scattering it over 4 pages.

Short of perfection, but a workable tool

If you look at the innards of a PDF document, which is actually a Postscript file with a wrapper around it, you'll see that it's more than a little challenging to decrypt. In some cases, individual letters are placed according to coordinates, so extracting the text isn't easy. Postscript generally treats a line of text as a discrete unit, too.

For example, here is some Postscript:
        0.158 0 (...Labor Cost per Hour)A
        ; : 0 0 10778 13952 rc 0 0 0 sco F0_158
        Ji
        7575 5269 M
        40.500 0 (..................)A
        ; : 0 0 10778 13952 rc 0 0 0 sco F0_158
        Ji
        9390 5269 M
        0.083 0 ($28.51)A

That's the code required to generate this line:
        Labor Cost per Hour..................$28.51

In short, Postscript isn't easy to convert to usable text. Neither application does it with 100% reliability, but Docudesk's UN-PDF is a cost-effective way to obtain text you can use in other applications.

If you need to extract text from a PDF, consider UN-PDF

This is a good, solid, reliable application that's easy to use and does what it says it will do. If you extract text from a PDF with UN-PDF, you'll be left with some clean-up work. The needed clean-up work will take far less time than manually typing the text or scanning it and, if your typing is anything like mine, the results will be far more accurate.

For more information, visit Docudesk's website.

Stupid spam of the week

Here's the next in the series of stupid spams of the week. Despite being creeps, some spammers are relatively clever. "Stupid spam of the week" is designed to highlight the spammers who are a few cans short of a six-pack, a few clowns shy of a circus, a few clues short of an idea.

What's wrong with this one? Let me count the ways.

1. Look at the sender. "Marketing Department" is OK, but what about the actual address. It's clearly malformed because there is no top-level domain. This is an amateurish mistake.
2. The message has been sent to an address that I use only for certain specific communications. This is another amateurish mistake.
3. The subject line is none too intelligent, but I'll give the spammer a pass on this one.
4. Pier 1 and Ikea has ...
   Apparently the spammer flunked 7th grade English. A plural subject (note the presence of the word "and") requires a plural verb.
5. You can shop for free at any one of these shops.
   That's nonsense, of course; a native speaker of American English would never say "any one of these shops" when only two shop names are presented.
6. Yep thats right, we ...
   That's requires an apostrophe because it's a contraction. I'll ignore the comma splice
7. ... but they did!!!!!
   If you're a middle school student with a crush on somebody, it's OK to use 5 exclamation points. No legitimate marketing operation would ever commit this kind of atrocity.
8. We work for you $user!
   The spammer is not only illiterate when it comes to English, but he is illiterate when it comes to Perl. "$user" should have been replaced by my name (or at least my e-mail address.) This loser wasn't able to accomplish either simple task.
9. Stop what your doing ....
   Right. It should be "you're" because it's a contraction for "you are", not the possessive.
10. That GOOFY and random CAPITALIZATION?
    Yeah, that might influence my opinion about the dim-bulb who created this spam.
    

Nerdly News

Attacking a monster

Personal data belonging to hundreds of thousands (millions?) of users has been stolen from Monster.com. According to Symantec, user names, e-mail addresses, home addresses, and phone numbers were uploaded to a remote Web server.

Symantec says phishing e-mails to Monster.com users are realistic looking because they contain personal information about the victims. The phishing e-mail encouraged users to download a "Job Seeker Tool". The tool turned out to be a program that encrypted files on the victim's computer and then left a ransom note that told users they would have to pay if they ever wanted to see their files again.

Monster.com spokesman Patrick Manzo says it's "not a hack of Monster's security" but the misuse of "legitimate customer credentials". Manzo says it's not a case of identity theft because the information is similar to what can be found in a phone book.

Iphone says "bye bye" to AT&T

A New Jersey teen with a soldering iron has unlocked his Iphone so that it will work with carriers other than AT&T. By the time you read this, he will probably have heard from Ma Bell's attorneys. So far, neither Apple nor AT&T has any comment. The good news is that there is apparently no US law that prohibits unlocking cell phones. The Library of Congress in 2006 excluded cell-phone unlocking from coverage under the asinine Digital Millennium Copyright Act, which has been used to prosecute (some would say "persecute") people who modify game consoles to play a wider variety of games.

George Hotz of Glen Rock, New Jersey posted information about the process on his blog late in the week. The hack isn't easy and requires both hardware and software modifications. A misstep with a soldering iron can destroy the phone. Hotz included a video on his blog that shows an Iphone working on the T-Mobile network. That's because only 2 US mobile networks use the technology built into the Iphone: AT&T and T-Mobile.

Hotz says he hopes that someone will find a way to unlock the phone using only software.

The Iphone is sold only in the US, but it can be made to work on European networks by copying information from the Subscriber Identity Module, a small card with a chip that identifies a subscriber to the cell-phone network. The Iphone's built-in camera and its ability to access WiFi networks is retained, but the "visual voicemail" feature is lost.

Hotz says it took him about 500 hours to perfect his method. He put his hacked $500 Iphone on sale on Ebay and by week's end the high bid was above $3000. Not a bad summer's work. Hotz will be a student this fall at the Rochester Institute of Technology.

Is Netflix the Blockbuster buster?

Netflix and Blockbuster are engaged in a battle to the death. Both have cut prices and modified offerings recently, but Netflix seems, in my opinion, to have the edge. This week, Netflix founder and CEO Reed Hastings talked with the San Jose Mercury News and suggested that Netflix would win the battle.

The full story is on the Mercury News website.

Hastings is looking beyond physical delivery of discs. Netflix lost 55,000 subscribers so far this year and is now down to 6.74 million overall. Income and revenue are up. The Netflix Watch Now service that streams movies on demand shows where the company is going according to Hastings.

Hastings admits that Blockbuster is better known and is larger (about 5 times larger) than Netflix, but "Our view is that the smart money is that they can't sustain the battle. . . . Last year they were $251 million of positive free cash flow, calendar year. The first six months year to date, they're negative $215 million. Big numbers and a big change."

Netflix has been around for a decade and Hasting says that the future is Web-based television that will allow users to "watch all kinds of video content from all kinds of sources." He says Netflix recognized the opportunity early and was able to build a company before others realized what was happening.

This is the only ad you'll ever see on this site. It's for my website host, BlueHost in Orem, Utah. Over the past several years, they have proven to be honest, reliable, and progressive. If you need to host a website, please click the banner below to see what BlueHost has to offer.

TechByter Worldwide receives a small advertising payment for each new client that signs up with BlueHost but I would make the same recommendation even if the affiliate program didn't exist. (If you don't see a banner ad above and you would like to know more, this link takes you to BlueHost.)