Urban boyscout.Tech-whisperer. Tech-skeptic.
646 stories

Suspicious likes lead to researcher lighting up a 22,000-strong botnet on Twitter

1 Share

Botnets are fascinating to me. Who creates them? What are they for? And why doesn’t someone delete them? The answers are probably less interesting than I hope, but in the meantime I like to cheer when large populations of bots are exposed. That’s what security outfit F-Secure’s Andy Patel did this week after having his curiosity piqued by a handful of strange likes on Twitter .

Curious about the origin of this little cluster of random likes, which he just happened to see roll in one after another, he noticed that the accounts in question all looked… pretty fake. Cute girl avatar, weird truncated bio (“Waiting you”; “You love it harshly”), and a shortened URL which, on inspection, led to “adult dating” sites.

So it was a couple bots designed to lure users to scammy sites. Simple enough. But after seeing that there were a few more of the same type of bot among the followers and likes of these accounts, Patel decided to go a little further down the rabbit hole.

He made a script to scan through the sketchy accounts and find ones with similarly suspicious traits. It did so for a couple days, and… behold!

This fabulous visualization shows the 22,000 accounts the script had scraped when Patel stopped it. Each of those little dots is an account, and they exhibit an interesting pattern. Here’s a close-up:

As you can see, they’re organized in a sort of hierarchical fashion, a hub-and-spoke design where they all follow one central node, which is itself connected to other central nodes.

I picked a few at random to check and they all turned out to be exactly as expected. Racy profile pic, random retweets, a couple strange original ones, and the obligatory come-hither bio link (“Do you like it gently? Come in! πŸ’šπŸ’šπŸ’š”). Warning, they’re NSFW.

Patel continued his analysis and found that far from being some botnet-come-lately, some of these accounts β€” and by some I mean thousands and thousands! β€” are years old. A handful are about to hit a decade!

The most likely explanation is a slowly growing botnet owned and operated by a single entity that, in aggregate, drives enough traffic to justify itself β€” yet doesn’t attract enough attention to get rolled up.

But on that account I’m troubled. Why is it that a single savvy security guy can uncover a giant botnet with, essentially, the work of an afternoon, but Twitter has failed to detect it for going on ten years? Considering how obvious bot spam like this is, and how easily a tool or script can be made that walks the connections and finds near-identical spurious accounts, one wonders how hard Twitter can actually be looking.

That said, I don’t want to be ungenerous. It’s a hard problem, and the company is also dealing with the thousands and thousands (maybe millions) that get created every day. And technically bots aren’t against the terms of service, although at some point they probably tip over into nuisance territory. I suppose we should be happy that the problem isn’t any worse than it is.

Read the whole story
2 days ago
San Francisco, CA
Share this story

Private Internet Access goes Open Source

1 Comment

Today marks the start of an exciting shift over here at Private Internet Access. As long-time supporters of the Free and Open Source Software community, we have started the process of open sourcing our software, and over the next six months we will be releasing the source code for all our client-side applications, as well as libraries and extensions.

We are extremely grateful to the Free and Open Source Software community for creating the foundations of the Internet as we know it. And while we may be late to the party, we are looking forward to furthering our work with a movement that aligns with our own passions, on both a personal and professional level.

We believe that the shift to open source is the right move for a privacy-focused business, and recognise that code transparency is key. We appreciate that our code may not be perfect, and we hope that the wider FOSS community will get involved, provide feedback, feature requests, bug fixes and generally help provide a greater service to the wider privacy movement.

Today, we are opening up the first of many repositories, the chrome extension, that allows users to access our network of proxies from their web browser. The chrome extension also boasts additional privacy and security features such as disabling the microphone and camera, blocking flash and ip discovery through WebRTC, and can also automatically block ads and tracking through PIA MACETM. Please note that the extension will protect traffic from the browser only and will NOT offer any protection when using other applications.

“Let’s continue to fight the good fight. Freedom is an earned right, and we must continue to re-earn it everyday. As the world continues to fight, Private Internet Access will be there. In crypto we trust.” — Andrew Lee, Private Internet Access Founder, and long-term FOSS contributor.

Head over to GitHub, check out the repo and get involved! You can find us in #privateinternetaccess on chat.freenode.net if you have questions, comments or simply want to find out more about what we are up to.

Our longer term goal is to release all our code into the open, and we hope that you will join us on our journey. We have some exciting things planned, and would love to hear from you if you want to get involved … and don’t forget to keep an eye on our blog and/or social media as we will be throwing some exciting launch events further down the line.

It should come as no surprise that we think that open source is awesome, and as long-term consumers of open source we are really happy to now be in a position where we can contribute back.

If you have any questions or comments, please do drop us a line to opensource@privateinternetaccess.com, we look forward to speaking with you and hope that our transparency will ensure that you have some peace of mind.

Chrome is a trademark of Google Inc. Use of this trademark is subject to Google Permissions. The Chromium logo has been used in accordance with CC By 2.5Β .

The post Private Internet Access goes Open Source appeared first on Private Internet Access Blog.

Read the whole story
2 days ago
San Francisco, CA
Share this story

Sheats-Goldstein House

1 Comment
Built in 1963, the residence was designed by John Lautner. It appears to emerge from the sandstone hillside like a mid-century modern cave, a signature of Lautner's taught to him...

Visit Uncrate for the full post.
Read the whole story
4 days ago
San Francisco, CA
Share this story

WiseWear Chapter 11 bankruptcy blamed on Apple's decision to deactivate Apple Watch diagnostic port

1 Comment
Article Image

WiseWear, a San Antonio wearable device startup, blames Apple for causing it to file for bankruptcy on Wednesday, claiming the decision to deactivate the Apple Watch diagnostic port caused patents it held to reduce in value, in turn causing it to fail to raise $2 million in funding.
Read the whole story
15 days ago
probably not a good idea to build a business plan around a diagnostic port.
San Francisco, CA
13 days ago
Totally agree. You almost have to laugh at this one!
Share this story

How Japanese scissors have evolved- Nikkei Asian Review

1 Comment

TOKYO -- Inside Tokyo stationery stores, scissors are undergoing a quiet evolution. The familiar tool has become smaller, easier to cut with and multi-functional. Here is a rundown of the latest products.

Scissors go back millennia. An ancient mural in Egypt depicts a pair and, in Greece, some have been excavated from ruins dating back to around 1000 B.C. 

The first stationery-use scissors are believed to have been created around 1880 by Finnish manufacturer Fiskars. But these Scandinavian scissors would not take the form we know today until 1967. It was the same company that then came up with the iconic orange plastic-handled scissors that are light in weight and easy to use. They went on to become one of the company's best-known products.

By the 1960s, scissors had evolved into designs specific to dressmaking, gardening, surgery and other purposes as manufacturers sought durability and ways to make the tool better cut through various materials. In the meantime, general-use scissors, those typically found at stationery shops, did not evolve much.


Raymay Fujii's Pencut

But in the early 2000s, Japanese companies started to produce scissors with distinct features, like compactness.

Because of their uneven shape, scissors tend to be bulky. Unlike pencils, they do not easily fit into cases, and their presence on desks can be awkward. If this is a design problem, it cannot be solved by making smaller scissors; this would merely compromise the tool's utilitarian nature.

Pencut is a pair of scissors that resembles a pen when not in use. The pair is made by Tokyo-based Raymay Fujii, which gave the Pencut retractable loops of a soft elastic on each gripping end. A tightly fitting cap covers the blades. When the tool needs to be tucked away, it can fit into a pencil case.

The Pencut has relatively long blades for its size and good cutting performance. This last trait made it an instant hit. Smaller products had come along before but took the typical scissors shape and never earned an "easy to use" reputation.


Sun-Star Stationery's Stickyle Scissors

The Pencut changed all of this, touching off a wave of new compact products from other producers.

Tokyo's Sun-Star Stationery took the concept of pen-shaped scissors a step further and created the Stickyle Scissors.

Kokuyo took a different approach to pairing compactness with usability. The handle loops on the Osaka-based company's Hosomi scissors are staggered so that they align on one side along the length of the tool when closed, achieving a narrower profile compared to traditional scissors.

Raymay Fujii then responded to all the competition it kicked off by introducing the Pencut Mini.

The trend toward compactness remains apparent in stationery shops.

There is another trend in Japan's scissors world, one in which new ideas are being applied to cutting performance. Cutting ability is not determined by sharp edges alone. Blade shape, the angle at which the blades come together and how the blades move against each other also significantly impact performance.

This renewed pursuit of better-cutting scissors was touched off by the Fitcut Curve, hatched by Plus, a Tokyo stationery and office equipment maker. The scissors have blades that curve away from each other in a way that makes them always meet at a 30-degree angle along the entire length of the blades. The feature makes it easier for Fitcut Curve to cut through hard or thicker objects at the part near the tip of the blades.


Nakabayashi's Hikigiri

The superior performance is apparent to anyone who picks up a pair and cuts with it. The Fitcut Curve made rival companies realize that scissor performance can be improved by means other than sharpening the edges and prompted them to come up with enhancements of their own.

Nakabayashi did this with the Hikigiri, whose design was guided by artists in Seki. The town, in the middle of Japan, has a long history of producing high-quality blades. The Hikigiri's flat lower blade and curved upper blade give the scissors a longer cutting edge.

In the process of closing the blades, the upper edge travels longer than the lower blade, causing more friction at the cutting point and thus enhancing cutting performance. Seki natives are now calling this the hikigiri, or pull-cut, effect. The scissors require as little as one-fourth the force to cut the same material compared to regular scissors, according to Nakabayashi.


Raymay Fujii's Swingcut

The same principle -- each blade edge traveling a different distance -- is employed in Raymay Fujii's Swingcut, which, instead of having a curved blade, has a pivot deliberately located away from the axis so that one edge travels longer than the other.

Kokuyo's Airofit Saxa and Saxa, an upgraded version of the former, have blades that both curve away from each other so that the angle they form at the cutting point is wider than if they were straight. This strategy improves performance, especially near the tip. Multiple other features also enhance performance. The blades, for example, are shaped in a way that makes them less prone to attract sticky stuff when slicing through duct tape. The gripping ends, meanwhile, extend deep into the plastic handle, ensuring maximum clamping force.

These performance-focused products are all easy to operate, comfortable to hold and do their one job well.

Having long ago ushered in the compact and cutting-performance era, Japanese scissor makers recently embarked on a quest for multifunctionality.

Plus' Fitcut Curve Twiggy, with its blades closed and a cap on, is compact enough to fit in a pencil case. But the product also features the same curved blade design of its Fitcut Curve sibling for enhanced performance.

The Midori Portable Multi Scissors measure 10cm in length. Tokyo-based Designphil created the scissors to slice through credit cards, iron wiring and other rugged materials. And one of the scissors' blades has a serrated back so it can be used to cut open boxes being held closed by duct tape.

Similarly, Kokuyo's Hakoake is specifically designed to perform multiple functions associated with opening items that arrive inside cardboard boxes. The scissors can slide through duct tape, cut tough plastic bands or plastic ties attached to tags and open any envelopes that show up with the order.


Carl Manufacturing's Xscissors

Perhaps the ultimate cutting product to come forth from the recent two-bladed boom is a product called Xscissors, made by Tokyo's Carl Manufacturing. Artisans were hired to sharpen the edges of these general-use scissors' 3mm thick blades. The more muscular blades add durability, and the rear ends of the blades extend right through to the ends of the handles to maximize gripping force.

Carl's new tool is so good and so straightforward that the model could be a harbinger of yet another round in the Japanese scissor industry's game of one-upmanship.

Yasukuni Notomi is a writer who has covered the world of stationery for many years. 

Read the whole story
26 days ago
San Francisco, CA
Share this story

A History of the Xserve: Apple’s One Rack Wonder

1 Comment

Within the next few months, macOS Server as we know it today will be going away, with many of its services being deprecated. Things like hosting calendars, contacts, email and wikis are going away as Apple focuses the product on "management of computers, devices, and storage on your network."

This shouldn't come as a surprise. macOS Server has been languishing for years, with many of its most common features being integrated into the mainstream version of macOS.

For fans of macOS Server, this just another in a long string of disappointments over the years. But none of them were as big as the cancellation of the Xserve, Apple's rack-mountable 1U server, back in January 2011.

Remember this thing? Not many do.

Remember this thing? Not many do.

Running the risk of reopening old wounds, let's look back at this unusual product and its nine year lifespan.


The Xserve seemed a little out of left field when it was introduced back in the spring of 2002. In the 90-minute keynote, Steve Jobs and a much younger Tim Cook explained Apple's thinking behind releasing a server that could bolt right into a rack.

The Mac was already in a lot of Fortune 500 companies, Jobs argued, but not a lot in the IT environments that ran those companies. Apple was entering the market humbly, he said, primary focusing on Mac-heavy companies and the education market.

Apple wanted to meet these needs:

  • File and print services
  • Hosting websites and email
  • Hosting databases
  • QuickTime streaming
  • Computational tasks

These customers didn't want to use a beefed-up Mac desktop, Jobs said, but rather a rack-mountable, streamlined product with a lot of flexibility in terms of storage, serviceability and remote management.

The Xserve ran Mac OS X Server, which bolted the above services (and more) to Mac OS X, which was already running on Unix, which gave IT professionals powerful tools at their fingerprints. Unlike other server products, the copy of Mac OS X Server on the Xserve was the unlimited version, meaning a company didn't have to pay Apple for additional licenses when they added additional users.

Coupled with that was a huge commitment in terms of customer service. Apple touted its integration of hardware and software being a big win in terms of service, as one vendor supplied both the Xserve's hardware and software. Past that, the company promised 24/7 phone and email support as well as spare part kits that allowed for rapid repairs by on-site technicians.

Over the years, the Xserve hardware improved, becoming much powerful than the original G4 model introduced in 2002, but let's start there.

Xserve G4

The original Xserve's specs may look laughable now, but at the time, it was the most powerful Mac ever built, with dual 1 GHz G4 processors, 266 MHz DDR SDRAM, four ATA/100 hard drives, two Gigabit Ethernet ports and two PCI slots.

The low-end model, with a single 1.0 GHz processor, a 60 GB hard drive, and 256 MB of RAM was $2999, but a $3999 SKU with dual processors, 512 MB of RAM and a 60 GB was available as well. To fill up those additional drive slots across the front, customers could attach Ultra ATA/100 7200rpm drives to the custom drive sleds and slot them into place.1

To manage this hardware, Apple introduced a new application named Server Monitor, as explained on its website:

Xserve also features Server Monitor, a remote monitoring application that lets you administer your servers — on a machine-by-machine basis, or hundreds of machines at a time — with an intuitive, easy-to-use Aqua interface. You can gauge everything from system temperature, blower operation, hard drive health and Ethernet status to the condition of your power supply. Red, yellow and green lights provide a quick visual summary of hardware health, and a tabbed window interface gives you one-click access to the details of each hardware subsystem.

Just look at all those pinstripes:

Apple iterated quickly on its original hardware. Seven months in, it revved the Xserve to include 1.33 GHz G4 processors and a slot-loading optical drive.

A month later, Apple unveiled the Xserve (Cluster Node), a model with only one hard drive, no optical drive and no graphics card. This model was designed to prioritize computational tasks. It was prices at $2,799 for a dual 1.33 GHz G4 system – the same price as the entry-level single processor Xserve.

Xserve G5

At Macworld 2004, an hour before announcing the iPod mini, Steve Jobs introduced the Xserve G5. Cramming up to dual 2.0 GHz PowerPC G5 chips in a system just 1.75 inches tall required a complete redesign of the case. Apple had to sacrifice one of system's hard drive bays to make fan for two new air intakes:

In addition to the new silicon, the Xserve G5 shipped with EEC RAM, a first for any Apple hardware. It moved to SATA drives, but retained the clever hot swappable chassis design from the G4.

Also like the G4, the copy of Mac OS X Server that came with the Xserve G5 included unlimited licenses and remote management tools.

Apple sold three flavors of Xserve G5: a $2,999 single-processor model, a $3,999 dual-processor model and a Cluster Node model with Dual G5s but only one hard drive bay for $2,999.

The Xserve G5 saw one update, in January 2005, with processor speeds up to 2.3 GHz, twice the RAM ceiling and support for up to 1.2 TB of storage space internally.

Xserve (Intel)

In August 2006, the Xserve made the transition to Intel processors. The new server was built using 64-bit Xeon processors, clocked up to 3 GHz. This new Xserve was up to five times faster than the outgoing G5 model, and started at $2,999. The Cluster Node SKU was quietly killed.

While the Xeons were shockingly faster than the G5s, they also ran much cooler. This gave Apple the space to add redundant power supplies to the Xserve for the first time and increase the internal storage to 2.5 TB.

With this generation, Apple made the machine far more customizable than ever before. BTO options included a Dual-Layer SuperDrive, 32 GB of RAM and the new Xserve RAID card. This card let users keep the internal drives in a RAID configuration, downplaying the need for external RAID products. Other PCI Express cards could be installed to support Fibre Channels, Dual-Channel Gigabit and more.

In early 2008, Apple revised the machine, increasing the base processor speed to 2.8 GHz, improving the built-in GPU and swapping the FireWire 400 port on the front of the product to a USB port.

In April 2009, the Xserve moved to a new generation of Xeons, boasting twice the performance of the previous model, despite offering slightly lower clock speeds than before. Memory access was increased from 32 GB to 48 GB, and customers could order their Xserve with an optional 128 GB SSD boot drive, freeing up the three spinning hard drives to be dedicated completely to storage.

Xserve RAID

The Xserve had a companion product, named the Xserve RAID. The first model shipped in early 2003, after being previewed with the original Xserve in May 2002.

It was a rack-mountable storage solution that supported 14 180 GB drive modules, each on a separate ATA-100 bus. Like the Xserve, the Xserve RAID drives mounted across the front of the device. I think it's one of the prettiest pieces of hardware to come out of Apple in the early 2000s:

Hello, beautiful.

Hello, beautiful.

The Xserve RAID isn't as deep as the Xserve, but at 3U (about 5.25 inches) in height and weighing in at nearly 100 pounds when filled with hard drives, it is a solid piece of hardware.

To connect to the Xserve, the Xserve RAID supported dual 2 Gb Fibre Channels. That meant the two machines could talk to each other at speeds up to 400 MBps.

From the beginning, the Xserve RAID had redundant power and cooling systems, something that wouldn't come to the server for several revisions.

In January and October 2004, Apple updated the product, allowing for greater storage capacity. By the end, it supported up to 5.6 TB worth of data.

On the software side, Apple added support for Linux and Windows clients, meaning you didn't have to hook up an Xserve to take advantage of the Xserve RAID.

Fully loaded, you could spend $12,999 on an Xserve RAID. While that may seem like a lot, it was noticeably cheaper than some competing products. For instance, in 2004, the price per GB for the Xserve RAID was $3.14, while Dell came in at $9.05 and HP at $11.39, according to Apple.

The Xserve RAID was discontinued in February 2008 after going over three years without an update, as reported by Jim Dalrymple at the time:

Apple struck a deal with Promise Technology to have its RAID systems qualified for use with Xsan 2,2 so users are not left out in the cold. Apple said the Promise product delivers on the features its customers have been asking for and it also delivers significantly greater performance.

“We decided to focus our efforts where we could add most value, with Xserve, Xsan and Leopard Server,” Apple spokesman Anuj Nayar, told Macworld.

Customers that already own an Xserve RAID will still be able to add Apple storage too. While the RAID system itself has been discontinued, the company will still sell modules for it.

Post-Xserve Life

The Xserve itself followed in the RAID's footsteps in January 2011. When the company announced the product, it said users weren't content with running a desktop Mac as a server, but that's exactly what Apple suggested they do in its Xserve Transition Guide. Apple had been shipping a Mac mini with Snow Leopard Server since the fall of 2009, and said it was the most popular server system it sold. A Mac Pro configured with Server was on sale as well, but proved less popular.

I was in IT at the time the Xserve's demise was announced, and rushed to order one. For the needs my company had at the time, it was by far the best option. I know many IT professionals were upset to see the server go away, but I think most migrated to a collection of Mac minis to run Mac OS X Server, coupled with external RAIDs.

At the time, it felt like having the rug pulled out from under us, but in hindsight, it should have probably been more obvious that the Xserve's end was coming. Most people just didn't need the horsepower the machine offered, and I can't imagine it ever sold all that well, even at its peak.

Now macOS Server itself is next on the chopping block, at least for many users. The reality is Apple is a company focused on the consumer and professional markets, and isn't interested in making a big dent in the IT market. That's a bit of a bummer for this nerd, but I understand it.

  1. One detail about this machine really makes me smile. Its Model Identifier was "RackMac." ↩︎
  2. It's a story for a different day, but Xsan is software that gives multiple Macs access to a shared block of storage via a Fibre Channel network. ↩︎

Support MacStories Directly

Club MacStories offers exclusive access to extra MacStories content, delivered every week; it's also a way to support us directly.

Club MacStories will help you discover the best apps for your devices and get the most out of your iPhone, iPad, and Mac. Plus, it's made in Italy.

Join Now
Read the whole story
27 days ago
San Francisco, CA
Share this story
Next Page of Stories