MobileRead Forums - View Single Post

Steven Lyle Jordan · 08-13-2009, 10:21 PM

9: Preparation

By the time Pete came out of his room, I was already busy at the dining room table working over my toughbook. “Morning, super-stud,” he said, which confirmed that he knew what I’d been doing last night. Not that it would have been hard to figure out: The way Gail had carried on last night, the walls would’ve had to be four feet thick to guarantee no one else heard us. “Coffee?” he offered.

“Please,” I said. All I’d found was cans of Donald Duck orange juice, and I needed more than that. “Don’t suppose there’s a Starbucks on your block?”

“Not quite, but it’s not far. What’cha want?”

“Ohh…” It took me a good few seconds to switch gears enough to rattle off my drink of choice, as usual. “A grande double-shot skim milk espresso with room, in my… oh, I don’t have my cup…”

Only then did I look up, to notice that Pete was standing there and holding out his cellphone in my direction. I realized I had just dictated my drink order to someone. Once he was sure I was through, he brought the phone to his own face, and said, “You got that? Good. Be there in five.” He hung up, and smiled. “A little sweetie I got on the hook down there. Maybe I’ll bring her by later. How’s it going?”

“It’s going,” I said non-committally. Pete nodded, shrugged, and headed for the door. Only then did I notice he was still wearing his sleeping shorts. “Dude—”

“S’okay,” Pete called over his shoulder, “I’ve got Gail’s account card. Be back soon!” The door closed, leaving me alone again. After a moment, I quickly glanced around, just to make sure I really was alone in the apartment this time. As nice as last night had been, I didn’t have time for the distraction right now.

When you’re duplicating a website, you have to be careful that the two sites look identical. Since different sites might be on different servers at different ISPs, that meant checking your site’s appearance and links to make sure everything works the same on both sites. If you don’t do this, you might tip off your mark that he’s been played for a sucker. And with loan sharks, that was never a good idea. So I was neck-deep in Fritz’s site, which would become the bogus site, and the new, real site I was setting up, making sure you couldn’t tell one from the other. I’d also have to “spoof” the domain name window, to make it look to the sharks that the bogus site was in fact the real site… so far, there was no way to create two sites with the same domain name on the web, thanks to the careful work of ICANN. But being creative with your site naming could accomplish the same thing.

For instance, Fritz’s site was named after his book, “Blue Shift Bandits”. One of the great things about standard browsers is, they display site names and other things using sans-serif fonts. In standard sans-serif fonts, and in many serif fonts, the number one and the lowercase “L” all look alike. (So does the uppercase “I”, but you can’t specify caps in domain names, so that particular similarity isn’t something you can take advantage of, except in internal pages.) So you can swap them interchangeably in your domain name and create identical-looking sites at brand new domains. I had already registered a new domain substituting a “one” for the “L” in Blue, giving me my new site with the identical-looking domain name, under an alias with a Paypal account that I’ve used before… so the sharks wouldn’t know who to look for.
Of course, some creative googling could still reveal my new site to them. So I had to prepare a surprise for the sharks, to keep them busy while the new site did its work. Most site attackers expect that they won’t get caught orchestrating a DOS attack. This usually because they can use a temporary site long enough to create the attack viruses, then ditch it before they can be traced. But we knew in advance that they were coming, and when you knew in advance, there were things you could do about it. Things that would keep them too preoccupied to google spoof addresses.

By the time Pete got back with my coffee, I had the dupe site up. Now it was time for the fun work.

Viral campaigns are interesting things: They work because they play on people’s emotions or curiosity, hook them either with assumed veracity or just plain entertainment value, and are subsequently passed around to others. Sometimes, they don’t have to be real, truthful, or even that well-done, as long as they are clever. So the trick is, figuring out what’s real enough, truthful enough or clever enough to become viral.

Unfortunately, people know about viral campaigns now… so they won’t fall for just anything. You have to be very careful, or someone will expose your viral campaign for what it is, and everyone will ignore it. However… sometimes, that’s exactly what you want. If you can get enough people to check out the guy who had the incredibly big cojones to do some crazy online stunt, you’ll achieve the same thing as a viral campaign that has everybody fooled.

So what was I gonna do?

What else? I was gonna use porn.

08-13-2009, 10:21 PM	#10
Steven Lyle Jordan Grand Sorcerer Posts: 8,478 Karma: 5171130 Join Date: Jan 2006 Device: none	9: Preparation By the time Pete came out of his room, I was already busy at the dining room table working over my toughbook. “Morning, super-stud,” he said, which confirmed that he knew what I’d been doing last night. Not that it would have been hard to figure out: The way Gail had carried on last night, the walls would’ve had to be four feet thick to guarantee no one else heard us. “Coffee?” he offered. “Please,” I said. All I’d found was cans of Donald Duck orange juice, and I needed more than that. “Don’t suppose there’s a Starbucks on your block?” “Not quite, but it’s not far. What’cha want?” “Ohh…” It took me a good few seconds to switch gears enough to rattle off my drink of choice, as usual. “A grande double-shot skim milk espresso with room, in my… oh, I don’t have my cup…” Only then did I look up, to notice that Pete was standing there and holding out his cellphone in my direction. I realized I had just dictated my drink order to someone. Once he was sure I was through, he brought the phone to his own face, and said, “You got that? Good. Be there in five.” He hung up, and smiled. “A little sweetie I got on the hook down there. Maybe I’ll bring her by later. How’s it going?” “It’s going,” I said non-committally. Pete nodded, shrugged, and headed for the door. Only then did I notice he was still wearing his sleeping shorts. “Dude—” “S’okay,” Pete called over his shoulder, “I’ve got Gail’s account card. Be back soon!” The door closed, leaving me alone again. After a moment, I quickly glanced around, just to make sure I really was alone in the apartment this time. As nice as last night had been, I didn’t have time for the distraction right now. When you’re duplicating a website, you have to be careful that the two sites look identical. Since different sites might be on different servers at different ISPs, that meant checking your site’s appearance and links to make sure everything works the same on both sites. If you don’t do this, you might tip off your mark that he’s been played for a sucker. And with loan sharks, that was never a good idea. So I was neck-deep in Fritz’s site, which would become the bogus site, and the new, real site I was setting up, making sure you couldn’t tell one from the other. I’d also have to “spoof” the domain name window, to make it look to the sharks that the bogus site was in fact the real site… so far, there was no way to create two sites with the same domain name on the web, thanks to the careful work of ICANN. But being creative with your site naming could accomplish the same thing. For instance, Fritz’s site was named after his book, “Blue Shift Bandits”. One of the great things about standard browsers is, they display site names and other things using sans-serif fonts. In standard sans-serif fonts, and in many serif fonts, the number one and the lowercase “L” all look alike. (So does the uppercase “I”, but you can’t specify caps in domain names, so that particular similarity isn’t something you can take advantage of, except in internal pages.) So you can swap them interchangeably in your domain name and create identical-looking sites at brand new domains. I had already registered a new domain substituting a “one” for the “L” in Blue, giving me my new site with the identical-looking domain name, under an alias with a Paypal account that I’ve used before… so the sharks wouldn’t know who to look for. Of course, some creative googling could still reveal my new site to them. So I had to prepare a surprise for the sharks, to keep them busy while the new site did its work. Most site attackers expect that they won’t get caught orchestrating a DOS attack. This usually because they can use a temporary site long enough to create the attack viruses, then ditch it before they can be traced. But we knew in advance that they were coming, and when you knew in advance, there were things you could do about it. Things that would keep them too preoccupied to google spoof addresses. By the time Pete got back with my coffee, I had the dupe site up. Now it was time for the fun work. Viral campaigns are interesting things: They work because they play on people’s emotions or curiosity, hook them either with assumed veracity or just plain entertainment value, and are subsequently passed around to others. Sometimes, they don’t have to be real, truthful, or even that well-done, as long as they are clever. So the trick is, figuring out what’s real enough, truthful enough or clever enough to become viral. Unfortunately, people know about viral campaigns now… so they won’t fall for just anything. You have to be very careful, or someone will expose your viral campaign for what it is, and everyone will ignore it. However… sometimes, that’s exactly what you want. If you can get enough people to check out the guy who had the incredibly big cojones to do some crazy online stunt, you’ll achieve the same thing as a viral campaign that has everybody fooled. So what was I gonna do? What else? I was gonna use porn.