2015-12-18 (“It’s kind of like I’m maintaining civilization. Believe me, a lot of people complain about HOAs, but...)
Koos van den Hout : A 'favourite' subject among (US) radio amateurs: Home owners associations. In this story it seems some HOAs think all their rules and regulations are what keeps civilization going.
My house has a deed restriction that I allow my neighbours and the phone company passage over the last 30 centimeter of my land. Nothing about the outside of my house. Yet civilization has not fallen apart around us.
2015-12-16 Suspect 'invoice' mail showing an interesting error
The flood keeps coming, this time with an interesting error:Dear Customer, Our records show that your account has a debt of $295.{rand(10,99)}}. Previous a ttempts of collecting this sum have failed. Down below you can find an attached file with the information on your case. [-- Attachment #2: SCAN_INVOICE_99193061.zip --]I guess the spammer had a bit of a problem with the spamming macro language! The .zip file containsLength Date Time Name --------- ---------- ----- ---- 22333 2015-12-16 20:27 invoice_GeL0XY.js --------- ------- 22333 1 fileWhich is a really obfuscated javascript.
2015-12-16 Suspect 'invoice' mails keep coming
It is a whole flood of suspect mails this week, mostly trying to be an invoice or sometimes order confirmation. Containing .xls files, .doc files, or javascript or java applet. I don't have the environment to research these completely but I expect them all to contain some form of malware aimed at the Windows operating system.
2015-12-15 (HamTV will be used for ARISS contacts, and Goonhilly earth station will be used to receive the video...)
2015-12-15 Een nutsbedrijf moet een ding doen, en dat heel goed doen
Bij het invullen van de meterstand op de website van Vitens, onze waterleverancier:Wilt u de nieuwsbrief met interessante ontwikkelingen binnen Vitens en van onze nieuwe producten en diensten per e-mail ontvangen?Nee, jullie zijn een nutsbedrijf, een waterleverancier. Ik wil dat jullie je aan de waterleidingwet houden en vooral geen rare commerciële avonturen beginnen. Ik vond het ook al verdacht dat de incassovoorwaarden het hadden over 'geleverde producten en diensten van Vitens' in plaats van 'levering van water'.
2015-12-14 Next suspect mail flood: "Invoice 14 12 15" from "Thunderbolds Limited"
And the next flood of suspect e-mail messages:This message contains 2 pages in PDF format. [-- Attachment #2: fax00163721.xls --] [-- Type: application/vnd.ms-excel, Encoding: base64, Size: 105K --] [-- application/vnd.ms-excel is unsupported (use 'v' to view this part) --]Probably more malware droppers. It seems some botnets are in great need for new systems to abuse.
2015-12-14 Suspect mails "FW: Scan from a Samsung MFP"
Multiple e-mail messages the last hour or so with:-----Original Message----- Please open the attached document. It was scanned and sent to you using a Samsung MFP. For more information on Samsung products and solutions, please visit http://www.samsungprinter.com. This message has been scanned for malware by Websense. www.websense.com [-- Attachment #2: Untitled_14102015_154510.doc --] [-- Type: application/msword, Encoding: base64, Size: 123K --] [-- application/msword is unsupported (use 'v' to view this part) --]I don't have the means to research the .doc file completely but when I get unsollicited office files it can only be malware. Update: I'm not the first to notice this: New Word malware: FW: Scan from a Samsung MFP - mxlab who researched the file and indeed found malware.
2015-12-13 Trying to squeeze in some radio hobby when propagation is cooperating
This weekend I wanted to play some radio but it was hard to find time and cooperating propagation. At the moment propagation seems very limited and it only happens during the hours the sun is up for the amateur bands I am active in (20 meter and 10 meter). On Saturday it was rainy most of the day which ment the roof was wet and my signals weren't getting out when I got around to trying. I had enough incoming signals and had nice overviews on PSK reporter but nobody heard me when I had time to call/answer. On Sunday it was dry and I made five PSK31 contacts, and one SSB contact. After sunset the 20 meter band dried up quickly for me so I hung out the endfed to try my luck on 40 meter. Calling CQ in RTTY mode on 7051 MHz got spotted on the reverse beacon network but nobody answered. What frequency on 40 meter is good for PSK31 varies, but the only frequency where I hear/see it active is 7.040 MHz which is currently outside the frequency range I'm allowed to use. So I tried something else: JT-65 since I did hear the JT-65 tones above 7.076 MHz. The software was readily available via the Ubuntu ham radio software repository: wsjtx. It took me a bit of work to configure it to use hamlib via localhost: I can select the right rig type (NET rigctl 2) but I can't select a network host. Entering 'localhost' gave me a 'connection refused' error which I did not expect. I used strace to find out and the connection was only attempted to ::1, the IPv6 localhost where rigctld does not listen. I entered 127.0.0.1 as port and CAT control (controlling and monitoring my radio) started working. I saw some activity, and even tried answering a CQ call, but my answer was not received. JT-65 takes time: transmitting a message of maximum 13 characters takes around 50 seconds(!). A full QSO including signal reports takes at least 6 minutes, it's really not a mode for chatting or for fast contacts. On the other hand: it is a weak-signal mode, JT-65 can dig up signals deep from the noise!
2015-12-12 (The RF Interference Before Christmas caused by The Lights Before Christmas!)
2015-12-08 (Monitoring Christmas)
2015-12-07 News selection that doesn't agree with me
Lately I have been annoyed a few times by the selection of news that makes the headlines on television and in the newspaper. This may be due to the selection I follow (NOS journaal and de Volkskrant) and my issues with current politics (how their actions will be framed in the news seems to be much more important than the long term effects). Two recent news stories where I wanted a lot more information than my news sources wanted to give me were the damaged bridge in Weener and the flooding in parts of northern England. The world wide web to the rescue, where I can find other news sources and a lot more information about things happening around the world. Damaged bridge in Weener (Germany):Flooding in northern England. Noticeable to me was that visiting the BBC website at www.bbc.co.uk gave me a redirect to www.bbc.com which seems to stay away from news about England. Using news.bbc.co.uk gives a better result.
- Binnenvaart kan weer onder vernielde brug bij Weener door - rtvnoord
- Videoflug über zerstörte Friesenbrücke - ndr.de
- Schip ramt spoorbrug bij Weener - rtvnoord
In general it seems when some foreign news attracts my attention it is better to find web sources than to wait for the Dutch news to get a hint.
- Cumbria and Lancashire Floods - legionseagle with links to video and pictures
- Storm Desmond: Schools, hospitals and transport disrupted by flooding - bbc news
- Storm Desmond: Engineers battle to restore power to 43,000 homes - bbc news Updates about the aftermath. This article also has something clearly for 'web news consumers': video without audio, most likely the extra video collected in the area but not used for news reports: the "Aerial footage filmed on Monday morning shows the flood levels in Carlisle" video.
2015-12-04 Overzicht geschiedenis PA0FBK antenne
Ik heb een apart overzicht gemaakt van mijn ervaringen met de PA0FBK coax antenne. Aangezien ik over die antenne begonnen ben in het nederlands dat maar volgehouden. Andere dingen over amateur radio schrijf ik meestal in het engels.
2015-12-02 Geluksrelatie spam
Ineens een opvallende stijger in de spam die me opvalt: geluksrelatie.nl die spam stuurt alsof je op een andere manier contact had gezocht met een vrijgezelle dame en het handig is als je verder contact zoekt via die site. De logica dat die dame dan wel de ontvanger kan benaderen maar toch via die site zou moeten werken ontgaat me een beetje. Voorbeeld:Bedankt voor je reactie ik ben wel wat laat met reageren maar dat komt omdat ik het erg druk had de afgelopen tijd. Ik probeer je daarom nu nog even te bereiken via dit mailtje. Aangezien ik enorm veel reacties had gekregen op mijn oproep heb ik besloten om mezelf [1]hier in te schrijven. Buiten het feit om dat je met mij in contact kan komen zijn er nog [2]veel meer mensen die op zoek zijn naar een serieuze relatie want we willen toch allemaal gewoon gelukkig zijn? Ik kan wel een heel verhaal op gaan hangen maar als je echt serieus bent en je wil contact dan weet je hoe je mij kunt bereiken.Opvallend is dat hier weinig klachten over terug te vinden zijn, eentje maar via trustpilot als negatieve review van netground.nl.
2015-12-01 Malware linked to recent Brussels lockdown
It must take a special kind of evil to try to spread malware under the guise of information about the recent Brussels lockdown. From the e-mail message:Read the rest of Malware linked to recent Brussels lockdownFederale PolitieWith some shady files attached. Scanning them with virustotal gives that the .zip file contains the Java/Adwind malware.
Commissariat de Police
Directorate of the special units (DSU)
Sir,
We kregen een terreuralarm met betrekking tot uw zakelijke omgeving.
Worden geadviseerd om de beschermende maatregelen (SECURITY TIPS) als gehecht aan jezelf, je bedrijf volgen en uw gezin beveiligd
.................................................................................................................
Monsieur,
Nous avons eu une alerte terroriste concernant votre secteur d'activité.
Être conseillé de suivre les mesures de protection (Conseils de sécurité) tels qu'ils sont joints pour vous garder, votre entreprise et votre famille fixée
Best regards,
Catherine De Bolle,
General Commissioner
Commissariat de Police
Rue du College 1,
1050 Brussel, Belgium
P: 032 2 515 71 86
E: commisioner(a)polfed-fedpol.be