Buying Computers In A High School Gym

My first computer show was in Atlantic City, NJ. You want to know how long ago it was? It was pre-gambling!

Since that time I’ve been drawn to out of the way… strange places… where computers are sold by the people who build them.

Over the years I’ve spent significant money in these computer shows. Mostly I’ve bought parts – little bits and pieces of computers. But I’ve also brought people to these shows so I could talk them through buying full systems (often assembled right there).

I’ve gone to them in school gyms, hotel ballrooms (and its adjacent swimming pool) racetracks and fairgrounds. If you had an unused, open space on a weekend, a show was going to take place.

The amazing thing for the promoters was, they could charge the vendors and charge the attendees! Yup, you paid for the privilege of buying.

Yesterday, my dad and I attended one not far from here and this might be my last.

We each paid $5 to get in. He bought some disk labels for $10 and I bought a very cool, lit, optical mouse for $8. The spark is gone.

Unfortunately (or maybe fortunately – it depends on which side of the table you’re on) most of what was only available at these shows is now available online and in brick and mortar stores. The prices online are cutthroat. The advantage of a local show is gone… at least to me it is. I saw nothing I can’t see here on my PC.

I was surprised this last time to see some software that was surely bootleg. And I looked at some merchandise that was more expensive here than elsewhere. In fact, when I got home, I bought two more mice for $5 apiece.

It’s a shame because there was always a bit of an outlaw feel to these shows. You were getting a real deal, buying from someone who was also getting a good deal because his uncle or brother or cousin lived near the factory in Taiwan or Korea.

Like I said, I’ll be surprised if I go back.

Another Computer Repair

I went to dinner by myself last night. Helaine and Steffie are away. At work all the usual suspects were otherwise engaged. I headed to the Greek Olive.

After my omelet, I schmoozed a little with Tony, the owner. Somehow we got to talking about computers and he showed me an old laptop he had which he had been told was incapable of going on the Internet.

Sheesh! This is such a big crock. The amount of money spent on new hardware for little purpose amazes me. Usually it’s a machine that has slowed down. The owner figures it’s worn out. It doesn’t work that way.

There’s no doubt, in today’s environment this machine is slow. But, for Internet surfing and reading email, it’s fine. Well, it’s nearly fine. It needs about $20 in additional memory. I’ll get to that in a minute.

To me, seeing an unused computer is like having a puppy follow me home. I am unable to help myself.

The first thing I normally do is look for the computer online to see if anyone else has any advice which will make my job easier. A label on the cover says “Viva Book Hand Technologies.” That was worthless. Nothing showed up on Google.

Imagine how obscure a laptop must be to not even show on Google! After all, this is Google, where even typos can bring thousands of hits.

The bottom panel of the laptop had a little more info, including the FCC ID number. That wasn’t much help, but it was some. The manufacturer, long since gone, was located in Taiwan. The laptop had been sold under a few names including ILUFA and Chaplet as the M175.

It has an AMD K6 processor running at 300 mHz. There is 32 mb of RAM. That’s very little (which is why I’ll order Tony some more). The hard drive is 3 GB. That’s tiny, but only if this machine is going to be loaded with programs. As a barebones mail and web machine, 3 GB will suffice.

I copied the license information down and reloaded the operating system from scratch. Then I went to Microsoft and ran all the updates.

Though the laptop is the computing equivalent of one of my Dell laptops, it was very sluggish. I ‘borrowed’ a 64 MB memory stick and threw it in. Still sluggish.

When I scrolled the screen it was painfully slow. Text rippled from top to bottom instead of smooth motion. That is a warning sign that the video driver is no good. I went to the Device Manager in the Control Panel and, sure enough, a generic video driver was being used and a warning was posted.

I installed Belarc adviser, an excellent program that scans and reports on your hardware and software. It could identify the video system. Then I looked at what was being reported to Windows. Just some gibberish and coded data that I couldn’t uncode.

If the manufacturer were still alive… or if this had been a popular model, I’d be able to go to school based on other people’s queries. There was nothing.

I went to Drivershq, loaded up their Driver Detective and hoped for the best. Bingo! The video system was an old Chips and Technologies device. C&T doesn’t exist anymore, but their drivers live on.

Before long I had the drivers going and the screen responding pretty quickly. Make no mistake. This is not a speedy machine. It’s an ‘it will do’ machine.

Right now, I’m finishing up by installing Flash, Java, Adobe Reader and a few other things Tony will need. Then I’ll go back and ‘strip’ the operating system, turning off programs and services he doesn’t really need which only serve to make a system like this more slovenly than it needs to be.

This will never be a P4 3.8 gHz machine – but it doesn’t need to be. On the Information Superhighway it’s a 1996 Chevy Cavalier – and most of the time that’s plenty.

The Scariest Type of Spam

I got an email this evening from Bank of America. My email client at work, Mozilla for Linux, brought it right to me. At home, Popfile thought it was spam.

Dear valued Bank of America Customer!

As part of our continuing commitment to

protect your account and to reduce the instance

of fraud on our website, we are undertaking a

period review of our member accounts. You are

requested to visit our site by following the link

given below. This is required for us to continue

to offer you a safe and risk free environment to

send and receive money online, and maintain the

Bank of America Experience. After verification you will be

redirected to the Bank of America home page. Thank you.

http://www.bankofamerica.com/state.cgi?section=generic&update=&cookiecheck=yes&destination=nba/signin

Copyright 2003 Bank of America Corporation. All rights reserved.

That’s what it looked like – but looks can be deceiving. The link to www.bankofamerica.com was really just text. The actual web link, hidden in the source code of the email, was different (I’m going to change a few characters so it will show up here, as it is specifically formatted to be invisible!&#185):

http://www.bankofamerica.com %01%01%01%01%01%01%01%01%01%01%01%01%01….. %34:%38%30/%77%77%77/%62%6F%61/%73%74%61%74%65%5F%63%67%69%2E%70%68%70

So, what have we here? It’s an exploit, taking advantage of the way Internet Explorer (and possibly other browsers) treat what they see. You’re not being sent to a Bank of America website but actually:

http://www.bankofamerica.com/state.cgi?section=generic”>http://www.bankofamerica.com +stuff_snipped+

@211.23.65.84:80/www/boa/state_cgi.php”>http://www.bankofamerica.com/state.cgi?section=generic

In other words, the info you see is treated as if it were a username or password and the real destination is a directory on 211.23.65.84. That IP address, 211.23.65.84 is nothing out of the ordinary. Every website has a numerical address hiding behind its URL. This site, www.geofffox.com, is really 66.225.220.189.

So, who is 211.23.65.84? It’s a website, hosted by Chungwa Telecom Co, Ltd.

netname: HINET-TW

descr: CHTD, Chunghwa Telecom Co.,Ltd.

descr: Data-Bldg.6F, No.21, Sec.21, Hsin-Yi Rd.

descr: Taipei Taiwan 100

country: TW

Are you confused yet?

Let’s get very simple. Someone sent out emails, looking like they were coming from Bank of America, asking people to log in and provide account details. What looked like a Bank of America website was really a website located in Taiwan.

The normal user of this IP address is Spectrum Research and Testing Laboratory, Inc. More than likely, they had no clue what was going on, and one of their computers had been hijacked for this exploit.

What’s even stranger is that the actual email was mailed from a Comcast home customer! It’s possible that the Comcast subscriber was a conspirator, but more often than not some piece of ‘malware’ has invaded that home machine and it’s now a ‘zombie’ doing the bidding of these potential identity thieves!

It just sounds too weird, doesn’t it? But this kind of stuff is going on all the time! Many people, maybe most people, who get this kind of email will bite and enter their info. Everything looks legit. Everything seems on the up-and-up.

As of this evening, the site mentioned in the email is down. How many user names and passwords were gotten before it was stopped? Your guess is as good as mine.

Catching the crooks is going to be tough. The miscreants who devised this probably aren’t in Taiwan, or using a Comcast cable modem. They could be anywhere in the world, getting ready to go on the shopping spree of a lifetime. On the Internet, there’s really no difference between Brooklyn or Bulgaria or Buenos Aires.

This is the cancer that has invaded the Internet. I have mentioned this before, but it bears repeating. The Internet in general, and email in particular, will become devalued unless a method is devised to accurately verify who is the sender. This will mean a total reconfiguration of email protocols – but it’s got to be done. And, it’s got to be done sooner rather than later.

Tonight, there’s someone, somewhere, who suddenly has the money to mount the research into writing that new email protocol – but that’s the last thing he wants.

I could not have begun to tell this story without the help of Spamcop and SamSpade. Both are top notch in getting to the bottom of spam.

&#185 – (01-10-04 3:33 PM) I just got a call from Mike, at the Cingular Store, who was reading my webpage. It seems even including the altered code from this email was enough to set off McAffee Virus Scanner! I have changed the code again and McAffee now passes it. This just goes to show how nefarious these ‘phishing’ emailers are!