"Google Wizard"- Twitter Hacked; aliencam banninated.

Posted in Life in General, Stupidity by aliencam | 6 Comments »

(copypaste from an intense-debate forum topic I created until I get a chance to write something special)

This morning my twitter account posted a google wizard spam message. I have not given out my password to any websites except foursquare (playfoursquare.com) and tweetsum a few times, and my password is fairly complicated (12 characters, capitals, numbers, and symbols).

the spam mesage that came from my account was: “Today was so exciting! Made $124 in 20 minutes! if ur interested, go read: ***************** ”

Anyway, I did not post this spam message, I’ve been using this as my personal account since may 2007 (3,377 posts) and I am fairly confident (barring any unpublished hacks into tweetsum or foursquare) that my password is secure.

I did not notice this spam message until one of my friends told me about it. I promptly deleted the offending tweet, and changed my password.

As soon as I got a chance, I went to the twitter support site and reported this, thinking that there could be a vulnerability in Twitter, and I wanted to know if there was anything else I could to to ensure my account was secure. A few minutes after I submitted this help ticket, my account was suspended. I thought I was helping twitter out by reporting a possible security flaw, but nope, I got suspended 😛 (I put through another help ticket to reinstate my account).

A quick google search of the URL that was in the spam message shows that it was tweeted by arround 100 people today, and of the accounts I looked at, it seems like at least a dozen of them were legitimate accounts (one account being exclusively in spanish, with this english spam tweet). Also, not all of the accounts with this same message were banned, which reinforces my theory that I got myself banned :P.

I just did some more research, and according to “tweetlists .com” the two most popular URLs posted on twitter today direct to the same page that my twitter account linked to.

It seems to me that there are more than a few legitimate people being suspended for this particular spam message, and I can’t find any similarity between the accounts that haven’t been suspended yet.

There is a post about this on a Symantec blog by their “Internet Safety Advocate”. And if you search twitter for “google wizard” you will see hundreds of accounts of this.

My account is currently suspended, I am trying to get this fixed, I’ll update this as things happen.

UPDATE 1: July 31, 2009. At least one other user who was “hacked” was using foursquare (playfoursquare.com) (via the norton community post linked to above). Was foursquare hacked/compromised?

UPDATE: August 06, 2009.
Today my account was reactivated. The first suspension email did say “minimum suspension: 1 week.” they seem to keep to that very strictly, as exactly 7 days after my initial suspension, my account was reactivated. What I did in order to reactivate my account was submit one support ticket on their website, and send an email to suspended -at- twitter.com. Make sure you are very polite in each, and don’t bug them with lots of multiple submissions (what I read shows that they don’t like that.)

All of the support tickets I submitted (3 in total, one describing the first spam, one asking to be un-suspended, and the email which showed up on the website after a day or two) were marked “solved” very quickly, with absolutely no communication. While this is very rude and probably not good support practice (which is another issue entirely), the issue was actually solved, even though I couldn’t find out until the minimum 1 week suspension was finished. I would suggest waiting until the end of your minimum suspension before freaking out again with support :P. don’t forget to be polite and grateful! they don’t have to unsuspend your account, and I’m sure being the banhammer is not a job where you get very many compliments.

Installing Firefox 3.5 In Ubuntu (completely)

Posted in Guides, Linux, Ubuntu by aliencam | 3 Comments »

Firefox 3.5 came out a few days ago, and I always want to have the most updated version of everything. It won’t be in the Ubuntu repositories until 9.10 is released.

First step is from Lifehacker, it downloads and unpacks the file from the firefox website.

Open a terminal window and enter:
wget -O - http://releases.mozilla.org/pub/mozilla.org/firefox/releases/3.5/linux-i686/en-US/firefox-3.5.tar.bz2 | tar xj -C ~

Now, this shouldn’t overwrite firefox 3.0, but we need to move it to the mozilla folder, so use the following command:

mv ~/firefox/ ~/.mozilla/firefox3.5/

Now, make a symbolic link to firefox 3.5 in the equivalent of a “programs” folder (/usr/bin in Ubuntu):
sudo ln -s ~/.mozilla/firefox3.5/firefox /usr/bin/firefox-3.5

NOTE: you may only have one version of firefox open at one time. To open Firefox 3.5, you must completely close all other versions of firefox.

Now to set the firefox icon to the new firefox program (when opening in gnome-do and if you make a panel shortcut) open your home folder, hit ctrl-h (to show hidden files), go to .mozilla/firefox-3.5, right-click on the “firefox” in there, go to “properties” then left-click on the icon (top left corner). Now go to Pixmaps on the left (or /usr/share/pixmaps) and select firefox-3.0.png.

Now, there are a few ways to set up a shortcut to open firefox. One of the easiest is to add it to the program menu. Open the menu and go to System > Preferences > (Display >) Main Menu. Now open the “Internet” section (in the left column), and create a “New Item” with name: Firefox 3.5, command: firefox-3.5, and once again, the icon should be /usr/share/pixmaps/firefox-3.0.png.

Another method is, if you use gnome-do, just open it (alt-space) and when you start typing “firefox,” hit the down arrow and select “Firefox 3.5” (I think this only shows up after a restart, or if you add the firefox 3.5 menu item above).

Firefox 3.5 has some interesting quirks though. Flash will not work for it unless you copy your plugins into it.

In Ubuntu though, you need to copy plugins for multiple locations. Use this set of commands to copy all the plugins:
cp /usr/lib/flashplugin-installer/libflashplayer.so ~/.mozilla/firefox3.5/plugins/ && cp /usr/lib/mozilla/plugins/* ~/.mozilla/firefox3.5/plugins/

you also need to disable the strange middle-mouse behavior in 3.5. go to about:config in firefox, click the “I’ll be careful I promise!”, and go to: middlemouse.contentLoadURL and if it is true, double-click on it to make it false.

the only thing I have yet to figure out is why all the fonts in firefox 3.5 seem to be blurry, while 3.0 was perfect… To me it is like the difference between subpixel smoothing and high contrast font rendering modes… see the screenshots below. (left is non-blurry firefox 3.0, right is blurry firefox 3.5)

UPDATE: There were a few forum topics about this issue, but nobody had a definitive solution. Many possible solutions, but many of them were kind of strange, and many did not work.

Here is what worked for me:

open a terminal, and this first step is a backup just in case the next step messes up your system’s fonts.

sudo cp /etc/fonts/conf.d/10-hinting-slight.conf /home/$USERNAME/Desktop/
sudo cp /etc/fonts/conf.d/10-no-sub-pixel.conf /home/$USERNAME/Desktop/

Now, the files were just copied to your desktop, here are the next two commands:
sudo ln -s /etc/fonts/conf.available/10-hinting-medium.conf /etc/fonts/conf.d/.
sudo ln -s /etc/fonts/conf.available/10-sub-pixel-rgb.conf /etc/fonts/conf.d/.

And finally, you need to reset fontconfig:
sudo dpkg-reconfigure fontconfig

Once this finishes, restart Firefox to see the new fixed font rendering engine! You should also restart your computer to ensure that removing those files did not do any harm. If you restart and you can still see text, then you are okay to:
sudo rm /home/$USERNAME/Desktop/10-hinting-slight.conf /home/$USERNAME/Desktop/10-no-sub-pixel.conf

Now you are finished!

Creative Commons License