Goodbye tinyurl.com and goodbye to your spam

One of the most useful resources for spammers is the link shortening tool at tinyurl.com .  Because they provide a free service, it is great for mass spamming of comments onto blogs like this.  It also has no way of reporting abuse and that is because there is nothing in their terms of use saying you can’t use it for spamming purposes.

They actually have posts on their blog saying how to avoid spam filters.

tinyurl.com has gone from being a handy idea to become a spamming tool.

I am so fed up with spam that uses tinyurl links that I am going to configure this site to automatically flag any comments referring to it as spam and block the poster.

In contrast, bitly provides the same link shortening service but they actually respond to complaints of spam.  I know, I report them and they react.

Bye bye, tinyurl spam.  Consider yourself spam-flagged, blocked and deleted.

Two more domain registration scams – fake renewals

I help look after PeaceTaxSeven.com as it records the journey of seven war tax protestors.  I got a very well constructed email from what appeared to be the hosting company, sent to the right contact address,

Shame they used the brain-dead American date format – we don’t use that in the rest of the world.  Not the Peace Tax Seven, not me, not the hosting company.  But many lazy developers just use American code libraries and not change them appropriately.

Shame they got the VAT rate wrong at 21%.  A few countries in the EU have that rate, but not us.  But, not everyone would notice that, especially the way our tax has been fiddled with this past few weeks.

Shame they said the total payable is £11,097 !  Assuming they used European format numbers and meant £11.097, that would be 11.08% VAT.  WTF?

They do have a (faked) link to the hosting company to pay the bill.  And the incorrect email address ( support@collelli-otterdahl.com ) which is some company with a poorly configured email server.

Perhaps if they were not so incompetent and sloppy, these people might be able to get real jobs in the IT industry.

The other one is for NoNewwWars.com and is utter rubbish as well as totally criminal.  It uses domain domainnav.org to provide a fake re-registration page.  It claims to come from info@newnametech.guru and yet reply to info@ygxbitssites.ltd

They use stripe.com to take payment – I have tried to contact them to tell them they are used by criminals but cannot work out how to do so.

 

 

11/11/2018 – end of

In 2012 to 2013 I developed the idea of preventing wars by forming a one policy campaign organisation whose membership would commit themselves to the idea that if the government started a war, every member would be pledged to turn up and vote for any other party at the next local, national and European election.  That is, if they start a war (as opposed to a defensive action), they lose their jobs.

The goal was to have this in place within five years, by the hundredth anniversary of the Great War on 11th November 2018.

I set up a web site and started recording ideas and statistics.  In my haste and keenness, I did not set up a backup regime for the site.  So when a Drupal exploitation occurred, some stupid child hacker trashed the site and replaced it with some pro-Islamist pro-war bollocks.  I lost all the content – all the thinking and planning I had done.

The 11112018.org.uk domain has finally expired and the web site disappeared.

It takes a lot of time, energy and planning to set up a campaign.  I could not find sufficient to make mine happen.  Life gets in the way.  Meanwhile aid is being cut and military spending significantly increased.  It all feels so futile.

Chinese domain registration emails

I got an email from Adrian Liu adrian@cnnetwork.org of China Registry Head Office saying:

(It’s very urgent, therefore we kindly ask you to forward this email to your CEO. If you believe this has been sent to you in error, please ignore it. Thanks)
Dear CEO,
We are the domain registration and solution center in China. On October 5, 2021, we received an application from Hongxiang Ltd requested “nonewwars” as their internet keyword and China (CN) domain names (nonewwars.cn, nonewwars.com.cn, nonewwars.net.cn, nonewwars.org.cn). But after checking it, we find this name conflict with your company name or trademark. In order to deal with this matter better, it’s necessary to send email to you and confirm whether this company is your distributor in China?

Best Regards

Adrian Liu | Service & Operations Manager

China Registry (Head Office)

Tel: +86-2161918696

Fax: +86-2161918697

Mob: +86-13816428671

6012, Xingdi Building, No. 1698 Yishan Road, Shanghai 201103, China

*****************************************

This email contains privileged and confidential information intended for the addressee only. If you are not the intended recipient, please destroy this email and inform the sender immediately. We appreciate you respecting the confidentiality of this information by not disclosing or using the information in this email.

Gotta love the “Best Regards”.  It’s like a mugger saying “Have a nice day”.  I like to be helpful.  So I replied:

No, Hongxiang Ltd is nothing to do with us at all.

It probably does not matter what you say in the reply, because this comes next.  From one Zhihai Ning ningzhihai@outlook.com saying:

To whom it concerns,

We will register the China domain names “nonewwars.cn” “nonewwars.com.cn” “nonewwars.net.cn” “nonewwars.org.cn” and internet keyword “nonewwars” and have submitted our application. We are waiting for Mr. Adrian Liu’s approval. These CN domains and internet keyword are very important for us to promote our business in China. Although Mr. Adrian Liu advised us to change another name, we will persist in this name.

Kind regards
Zhihai Ning

I thought I ought to respond.  Out of politeness.  Especially since they said “Kind regards” which as we know is always a genuine sentiment.

I don’t see how I can stop you.

But I am interested. Why do you want to use the NoNewWars name?

Back to a reply from Adrian Liu adrian.liu@chinaregistry.org.cn at the China Registry.

Based on your company having no relationship with them, we have already suggested that they should choose another name to avoid this conflict, but they persist in this name as China domain names (nonewwars.cn, nonewwars.com.cn, nonewwars.net.cn, nonewwars.org.cn) and internet keyword. In our opinion, maybe they do the similar business as your company then register it to promote their company.

As is known to all, the domain name registration based on the international principle is opened to company and individual. Any company or individual have the right to register any domain name and internet keyword which are unregistered. Your company haven’t registered this name as China domain names and internet keyword, so any company is able to obtain them by registration. But in order to avoid this conflict, the trademark or original name owner have priority right to register China domain name and internet keyword during our dispute period. If your company is the original owner of this name and want to register these China domain names (nonewwars.cn, nonewwars.com.cn, nonewwars.net.cn, nonewwars.org.cn) and internet keyword to prevent anybody from using them, please inform us. We can send you an application form with price list to help your company register these China domain names and internet keyword during our dispute period.

Best Regards

Adrian Liu | Service & Operations Manager

China Registry (Head Office)

Tel: +86-2161918696

Fax: +86-2161918697

Mob: +86-13816428671

6012, Xingdi Building, No. 1698 Yishan Road, Shanghai 201103, China

****************************************

This email contains privileged and confidential information intended for the addressee only. If you are not the intended recipient, please destroy this email and inform the sender immediately. We appreciate you respecting the confidentiality of this information by not disclosing or using the information in this email.

Now I understand.  It is a scam that is simply frightening people into buying domain names they otherwise would not want or need.  Let’s see if I’m right with a quick search

Hmm.  I wonder if it is a scam…!  🙂  Apparently they’ve been doing this since at least 2009 – twelve years.  So it must work.  Well, he wasted some of my time, I’ll waste some of his.

But China is a communist country. I thought there was no such thing as copyright under communism.

I am awaiting the next email…

Bastard evil WordPress hostile design fault

I logged in to WordPress, started a new post and something flashed up on the screen.  Then something else, then I had lost what I started doing.  In my list of posts is a page just begun with only part of the title.  Odd, because something similar happened yesterday when I tried to write a post.

So I start again, this time having forgotten what I was going to write about and instead write about the distractions that WordPress itself now provides when you try to write a new post.  WordPress used to be somewhere you quickly went to and wrote a thought and posted it.  WordPress is now a product that wants to tell you all about WordPress.  I This was the result:

Showing WordPress losing my postI started to write “Distractions caused by WordPress” and got the popup about leaving the page.  So I let it continue.

WordPress telling me about itselfWordPress had interrupted my attempt to create a post to take me to a page to tell me about WordPress.  Why would I want to be told at this point, when I’m already using it to write a post? This is stupid, inconsiderate design.  Why not go here when I logged in, not when I am trying to put my thoughts on the page?

Now I have lost my train of thought and so won’t be writing the blog post I wanted to write.  WordPress has successfully sabotaged its own purpose – and mine – by trying to promote itself.  And now I am angry with the developers.

Twats.

Edit: Aaarrgghh!!  I realised I had not put a title on this post, went back in to edit it, started writing the title and WordFuckingPress jumped to that elf-promotion page again.  WHY?  Why send me there EVERY FUCKING TIME?  Why do it WHEN I AM TRYING TO EDIT A POST?

Password managers (new hosting site)

Password managers give me the willies.

Knowing all the big names in online hosting have been hacked or have lost passwords, why trust a password manager?  What makes them any more trustworthy than a multi-billion corporation?

But, everyone insists you should use them.  So I did – encryptr.  But they shut that down.  So I switched to BitWarden.  And now I want to get a password from it…

BitWarden not working

BitWarden just sitting there, spinning.

So, how’s that for security?  I can’t get into anything where I do not have another copy of the password.

 

Annoying having to log in twice

At some point in the past something changed. I’ve no idea what or when and it wasn’t something I did. But now when I go to log in I get:

wordpress login Error: cookies are blocked or not supported by your browser. You must enable cookies to use WordPress.

Logging in a second time works.

This gives me the creeps because it is identical to a particular method of stealing login credentials I worked out (and used!) when at college many years go.

Today I had the time to investigate it and, oh dear. It does depress me when I see an error has been around for years and has multiple solutions proposed. I just know it will take me hours to work it out and, no doubt, other things will break.

So, some hours later, I’ve edited the

EDIT: And now I can’t post properly either. It would not let me post the above and when I tried to retrieve it, half it it was lost.

I’ve applied updates, edited the php_config.php, updated php on the server, ensured I’m using an out-of-the-box theme, disabled plugins and done a health check. Now the site is complaining it is not using HTTPS so as well as the original problem, I now have a new one. Exactly as predicted.

Another way to inconvenience spammers

Two posts in particular on here receive almost all the comment spam.  I have changed them both to say “Do not post comments here, they will be spam-trapped” which should prevent mortals falling foul of the mechanisms attached to those two posts.

I tried an experiment the other day and made them password-protected.  So the link the spammers use to get to those pages still works, but they cannot post anything.  This has – for the time being – stopped much of the spam.

I expect in due course they will just pick another ppst and target that instead.

Spam trap

I seem to have created a spam trap, or, at least, most if it is falling into a black hole.

My preferred spam tool was a Captcha tool that made you rotate an image and only when it was lined up could you post a comment.  That stopped working and would not any comments through so I had to disable it.  As soon as I did so, Woosh! the comment spam starts reappearing.

Most of it gets created against one specific post, for some reason.  Anyway, I had an idea.  I created that post again and gave it a different permalink.  A redirection  from the old permalink to the new was automagically created by WordPress, although I have no idea how.

Now the copy of the page appears but the original version does not.  However, the spam is being posted to the original page; presumably because they are going direct to the /id=nnn link rather than the permalink.

Rather than delete the page and risk the spammers picking a new one to post their spam to, I’ll just leave it there.

What I need now is a WordPress plugin that says “For any comment posted on this page, delete it and blacklist the IP address”.  That would turn my spam black hole into a honeytrap.