The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Archive for April, 2007

Quantum cryptography already hacked?!

Posted by Xavier Ashe on April 28, 2007

A team of researchers has, for the first time, hacked into a network protected by quantum encryption.

Quantum
cryptography uses the laws of quantum mechanics to encode data
securely. Most researchers consider such quantum networks to be nearly
100% uncrackable. But a group from the Massachusetts Institute of
Technology (MIT) in Cambridge was able to 'listen in' using a sort of
quantum-mechanical wiretap. The trick allowed them to tease out about
half of the data, in a way that couldn't be detected by those
transmitting or receiving the message.

The
group admits that their hack isn't yet capable of eavesdropping on a
real network. “It is not something that currently could attack a
commercial system,” says Jeffrey Shapiro, a physicist at MIT and one of
the authors on the study.

But
they expect that one day it will be able to do so, if quantum
encryption isn't adequately adapted to stop such hackers from
succeeding.

Wow… Mad props to MIT.  Posted on Nature.com.

Advertisements

Posted in Security | Leave a Comment »

Help the Roleplayers in the Military!

Posted by Xavier Ashe on April 19, 2007

When President Bush ordered troops to Iraq, he probably never imagined that he would be ultimately be responsible for what very well could be the very first D&D convention/game day ever held in a war zone. Ziggurat Con, being held June 9 from 1200 to 2100 hours at Camp Adder/Tallil Airbase, is open to all allied military personnel and civilian contractors in Iraq.

KBR and MWR (the army’s Morale Welfare & Recreation Department) have graciously allowed service members to use part of the Community Activity Center to hold the Game Day. The Ping Pong room will be set up for RPGs (Role-Playing Games, not to be confused with the rocket propelled grenades which share the same acronym), and the DVD Movie room will be playing Anime Movies all day in support of the event.

The largest problem with running a Con in Iraq, of course, is that there are no local stores or game publishers, and few game books on the post. Even dice are in short supply, with many soldiers breaking the unwritten taboo held by many gamers and sharing dice. Thankfully, many game publishers have also lent their support, and have agreed to supply game products to help the Con along. aethereal FORGE, Sovereign Press, Final Redoubt Press, Goodman Games, Paizo Publishing and Steve Jackson Games are among those that have thrown in their support for the convention. But Amberson indicated that the soldiers could definitely use more.

“This convention is currently in drastic need of prizes and giveaways for the troops,” he said. “Everything donated will go directly to the troops, or to MWR to use as loaner books for the soldiers.”

For more information, contact SPC David Amberson at the following address: david.amberson (at) iraq.centcom.mil

Donations can also be sent to SPC Amberson directly at the following address:

SPC David Amberson
A Co 86th Sig Bn
APO, AE 09331

They’re planning to run the following games (and will be happy to get additional games):
Babylon 5 RPG, Cyberpunk 2020, D&D, D&D RPGA, GURPS, Historic Miniatures Battles, Magic Tournament, MechWarrior Miniatures, Rifts, Shadowrun, Starship Troopers, White Wolf System-Vampire, White Wolf System-Werewolf, XCrawl

Got any game books crowding your shelves that you never use? Here's a great cause to donate them to. Spread the word.

Originally found here.

Posted in Main Page | Leave a Comment »

Scammers don't know when to quit

Posted by Xavier Ashe on April 18, 2007

Except when you mention the FBI:

[13:53] olgafun01: How are you doing?
[13:53] olgafun01: Hello
[13:53] olgafun01: Buzz!!
[13:54] me: Ever get back to the US?
[13:55] olgafun01: Yeah
[13:55] me: Good, what city is it that you live in again?
[13:56] olgafun01: Am still in UK
[13:56] me: So are you in the US or the UK?
[13:57] olgafun01: UK now
[13:58] olgafun01: But i wish to get to you before next 2 weeks okay
[13:58] me: okay… You live in Atlanta right?
[13:59] olgafun01: Nop
[13:59] me: where do you live?
[13:59] olgafun01: I live in Clarksville TN
[13:59] olgafun01: That is where am really from
[13:59] olgafun01: And you?
[13:59] me: oh yeah, that's right. So whatcha doing in the UK?
[14:00] olgafun01: I tolld you before that i wnet to UK for some project
[14:01] olgafun01: U there?
[14:02] me: What is that you do for a living?
[14:02] olgafun01: I work as an interior Decorator / computer Consultant for interior/remodelling companies….
[14:02] me: sounds fun.
[14:03] olgafun01: Ohh yeah
[14:03] olgafun01: What do you do too?
[14:04] me: Internet Fraud Investigations
[14:04] olgafun01: Okay
[14:05] olgafun01: So where are you?
[14:05] olgafun01: Tell me what you really do for you living?
[14:05] olgafun01: Coz that is not wor
[14:05] olgafun01: work
[14:06] me: yes it is. this is part of work I do: http://www-935.ibm.com/services/us/index.wss/summary/imc/a1026055?cntxt=a1000451
[14:07] olgafun01: Okay
[14:08] me: But I am more on the consulting side. I go help companies track down the bad guys
[14:08] olgafun01: Okay
[14:08] olgafun01: That is a good work
[14:08] me: yeah.. it's fun. I get to work with the FBI alot.
[14:08] olgafun01: Brb please

She may be back, but it's been about 45 minutes.  I think she might be a bit scared now.  We'll see.

Posted in Personal Note | Leave a Comment »

Logsurfer

Posted by Xavier Ashe on April 18, 2007

Logsurfer is a program for monitoring system logs in
real-time, and reporting on the occurrence of events. It
is similar to the well-known swatch program on
which it is based, but offers a number of advanced
features which swatch does not support.

Logsurfer is capable of grouping related log entries
together – for instance, when a system boots it usually
creates a high number of log messages. In this case,
logsurfer can be setup to group boot-time messages
together and forward them in a single Email message to the
system administrator under the subject line “Host xxx has
just booted”. Swatch just couldn't do this properly.

Logsurfer is written in C – this makes it extremely
efficient, an important factor when sites generate a high
amount of log traffic. I have used logsurfer at a site
where a logging server was recording more than 500,000
events per day – and Logsurfer had no trouble keeping up
with this load. Swatch, on the other hand, is based on
perl and runs into trouble even when dealing with a much
smaller rate of log traffic.

Neat little tool from Kerry Thompson.

Posted in Security, Tools | Leave a Comment »

New Windows Event Management Blog

Posted by Xavier Ashe on April 18, 2007

Ages ago (Sunbelt was founded in 1993, so we’re a rather ancient
company by today’s standards), we had our feet firmly in the Windows NT
system management space — and did quite a bit of business in event log
management. Then we made the move into security software and the rest
is history. 

But we still keep an eye on the market and have many friends in the business.  One of those companies is Dorian Software and Andy Milford over there has started a new blog just on event log management.  You can see it at http://eventlogs.blogspot.com/.  If you’re into event log management or analysis, it’s worth putting the site into your RSS feed.

From the Sunbelt Blog.

Posted in Security | Leave a Comment »

Anyone need a Watchlist?

Posted by Xavier Ashe on April 18, 2007

Prior to the airline hijackings on Sept. 11, 2001, the Federal Aviation Administration's “no-fly list” contained 11 names.

Soon after the attacks, the Transportation Security Administration was
created, and given direct authority over airline security screening and
the watch list. The list soon began to expand almost daily, according
to government documents. The last credible report on the list put its
length at 119,000 names, though the TSA says it has since narrowed it
to a smaller number that must remain a secret.

While it was expanding the no-fly list, the TSA was also busy
carving out a second list of people who were allowed to fly, but would
be screened extra closely on their way to the gates. The government
initially denied this “selectee list” existed, but a watchdog group
eventually got the goods in a Freedom of Information Act request.

Of course, the TSA isn't the only agency making lists these
days. Here's a quick Wired News field guide to post-9/11 watch lists.

Get the list on Wired.

Posted in Privacy | Leave a Comment »

Microsoft corroborates Windows Vista OEM hacks

Posted by Xavier Ashe on April 13, 2007

At least Redmond can't say that no one told them so, as the folks at Microsoft are finally holding up a hesitantly-raised white flag
and admitting that Windows Vista is indeed far from crack-proof. After
depressing the mental “Allow” button, Microsoft Senior Product Manager
Alex Kochis has come to grips with the Vista hacks that are currently floating around (and apparently functioning).
Interestingly, he insinuates that the company will be looking at ways
to “disrupt the business model of organized counterfeiters and protect
users from becoming unknowing victims,” but also mentioned that it
wouldn't be rushing out in a likely futile attempt to nab every “mad
scientist” (saywha?) on a mission to hack Windows. Hmm, wonder if that
has anything to do with the barren efforts it exhausted trying to one-up FairUse4WM?

From Engadget.

Posted in Security | Leave a Comment »

Preparing for Security Event Mangement

Posted by Xavier Ashe on April 9, 2007

Ahh, finally a topic near and dear to my heart, Security Event Management (SEM).  Well, at least it's near and dear to my paycheck.  The whitepaper (PDF) is released by Three Sixty Information Security, a security consulting firm based in London.  It covers what is SEM, and how to prepare for it.  Since most the work I do right now is post sales, I usually miss the opportunity to promote this level of planning.  So to all the future customers of TSOM:  read this paper and give some good though to planning.  More often than not, the database that is created by TSOM (and any SEM for that matter) is one of the largest databases a company will manage.  But planning for a large database is only part of the story.  And I thank Three Sixty Information Security for putting together a decent whitepaper helping future customers.

Posted in Personal Note, Security | Leave a Comment »

Deception on the network: thinking differently about covert channels

Posted by Xavier Ashe on April 9, 2007

The concept of covert channels has been visited frequently by academia in a quest to analyse their occurrence and prevention in trusted systems. This has lead to a wide variety of approaches being developed to prevent and identify such channels and implement applicable countermeasures. However, little of this research has actually trickled down into the field of operational security management and risk analysis. Quite recently a number of covert channels and enabling tools have appeared that did have a significant impact on the operational security of organizations. This paper identifies a number of those channels and shows the relative ease with which new ones can be devised. It identifies how risk management processes do not take this upcoming threat into account and suggests where improvements would be helpful.

Good paper (PDF) from Maarten Van Horenbeeck at the School of Computer and Information Science at Edith Cowan University.  Discusses IP Header Tunneling, DNS Tunneling, HTTP Entity Tag Tunneling, Covert encoding or steganography, and the Microsoft GDI+ exploit in 2004.  Not a bad read.

Posted in Security | Leave a Comment »

ShmooCon 2007 Videos

Posted by Xavier Ashe on April 9, 2007

Videos from the 2007 SchmooCon have been posted.

Posted in Security | Leave a Comment »

Counter attack hacking OK-ed by courts

Posted by Xavier Ashe on April 9, 2007

This is a very interesting case.  It seems if you are just collecting evidence while trying to protect your own systems, hacking a hacker is okay.

A federal appeals court just shot down an attempt by confessed
superhacker Jerome Heckenkamp to overturn his computer crime
convictions, which were an end result of information provided by a
university sysadmin who broke into Heckenkamp's computer to gather
evidence.

The warrantless cyber-search was justified by the “special needs”
exception to the Fourth Amendment, because “the administrator
reasonably believed the computer had been used to gain unauthorized
access to confidential records on a university computer,” the U.S. 9th
Circuit Court of Appeals ruled Thursday.

Later in the article on Wired:

According to the decision, UWisc cracked Heckenkamp's computer in
order to confirm that he was the hacker they were looking for.
Heckenkamp turned out to be guilty, so Schroeder's tough talk has some
surface appeal. But what if Heckenkamp had been innocent?

The whole policy has some nasty implications for student privacy.
There's no judge in the loop; no independent finder of fact. So who
decides when there's enough evidence to break into the student's
machine and riffle through his files? And then there's the inevitable
mission creep. What happens when system administrators crack a
suspected hacker's computer, and find he's innocent of the hack, but
also turn up evidence that he's been selling dope to his friends? Or
downloading pirated music? And eventually, instead of Qualcomm, it'll
be the RIAA or the MPAA calling up the University of Wisconsin for a
little help.

Posted in Privacy, Security | Leave a Comment »

Oracle Scripts

Posted by Xavier Ashe on April 9, 2007

IBM Tivoli Security Operations Manager (TSOM) supports two databases, Mysql and Oracle.  Mysql has many resources that are free and easy to use online.  Oracle, however, is a bit more challenging.  As a product consultant I am tuning databases as often as I am working with TSOM.  Unfortunately, I am not a DBA.  I am nearly a MSDBA, but never finished taking all the tests required.  So working with Oracle has been fun.  Today I came across a collection of oracle scripts posted by Pentest Limited (a UK based security firm).  These are probably easy as cake for Oracle DBAs, but will help me immense in the field.  Also posted on their downloads page is BTScanner:

BTScanner for XP is a Bluetooth environment auditing tool for Microsoft
Windows XP, implemented using the bluecove libraries (an open source
implementation of the JSR-82 Bluetooth API for Java).

Requirements
: Windows XP Service Pack 2 with a Microsoft Windows supported
Bluetooth driver. This will not work with the WIDCOMM Bluetooth stack.

Posted in Personal Note | Leave a Comment »

Vista Secure? HA!

Posted by Xavier Ashe on April 5, 2007

At the Black Hat Conference in Amsterdam, security experts from India demonstrated a special boot loader that gets around Vista's code signing mechanisms. Indian security experts Nitin and Vipin Kumar of NV labs
have developed a program called the VBootkit that launches from a CD
and boots Vista, making “on the fly” changes in memory and in files
being read. In a demonstration,
the “boot kit” managed to run with kernel privileges and issue system
rights to a CMD shell when running on Vista RC2 (build 5744), even
without a Microsoft signature.


Experts say that the fundamental problem that this highlights is
that every stage in Vista's booting process works on blind faith that
everything prior to it ran cleanly. The boot kit is therefore able to
copy itself into the memory image even before Vista has booted and
capture interrupt 13, which operating systems use for read access to sectors of hard drives, among other things.

Read the full article at Heise Security.  I am reading more from MS developers that many of the flaws in Vista are due to the DRM that is built in at a very low level.  We'll never know for sure, but I am willing to bet that this has something to do with DRM.

Posted in Security | Leave a Comment »

Breaking 104 bit WEP in less than 60 seconds

Posted by Xavier Ashe on April 5, 2007

We demonstrate an active attack on the WEP protocol that is able to
recover a 104-bit WEP key using less than 40.000 frames with a success
probability of 50%. In order to succeed in 95% of all cases, 85.000
packets are needed. The IV of these packets can be randomly chosen.
This is an improvement in the number of required frames by more than an
order of magnitude over the best known key-recovery attacks for WEP. On
a IEEE 802.11g network, the number of frames required can be obtained
by re-injection in less than a minute. The required computational
effort is approximately 2^20 RC4 key setups, which on current desktop
and laptop CPUs in negligible.

Good paper (PDF) from Erik Tews, Ralf-Philipp Weinmann, and Andrei Pyshkin.  It ridiculous how many people still user WEP.

Posted in Security | Leave a Comment »

Crack the Code

Posted by Xavier Ashe on April 4, 2007

WHAT WE SEEK
Are you aware that
camcorder and camera device manufacturers are aggressively increasing
their efforts to restrict third-party battery compatibility with their
devices? Their effort combines cutting edge technology located inside
the device and corresponding battery. The device creates a “handshake”
with the battery to ensure compatibility.  This trend has the potential
to raise prices for all consumers and limit competition in the battery
market.  We don’t want this to happen!  We are looking for someone to
help us “crack the code” so we can continue to build compatible
batteries that are safe and reliable.
 
WHAT’S IN IT FOR YOU?
We are offering a $20,000 prize for anyone who can help us make a
compatible battery for the devices listed below.   We are seeking an
understanding of the technology utilized by these devices/batteries and
we require a method of building a compatible product.  This information
will help us continue to provide safe, reliable batteries at an
affordable price.
 
Read the rules to see what is required to win the prize. If you are interested in joining the contest, please send us an email at crackthecode@batteries.com so we know who is on our team. 

Okay, this HAS to be a DMCA violation.  We'll see how long this “contest” lasts.  Find out more on batteries.com.

Posted in Security | Leave a Comment »

Scammers on Yahoo Personals

Posted by Xavier Ashe on April 2, 2007

I posted about my fun on True.com, where the company itself was attempting to scam me.  Now it seems I found that Nigerian scammers have moved to Yahoo Personals.  This was the third time this has happened in about a week.  All of the the “girls” involved had their profiles deleted days after emailing me.  They all had full profiles and seem like real people.  Who happen to be stuck in Nigeria.  One needed some cash to pay the hotel phone bill.  One needed cash for transportation to the American Embassy.  One clue is the “Buzz!!” that happens when I am IMing these folks.  It happen with a previous chat too.  Here's an older chat:

[17:40] me: hello… you there?
[17:40] marybabie112: How have you been
[17:40] marybabie112: i know you forgetten about me
[17:40] marybabie112: i will be trying to talk to you but know response
[17:41] me: just been busy… how have you been?
[17:42] me: did you remove your profile from yahoo?
[17:42] marybabie112: yes cos i have you
[17:43] me: ?? You have me?
[17:44] marybabie112: YES
[17:44] marybabie112: cos since started talking to you i feel butterfly in my stomach
[17:49] marybabie112: do you think will have anything in common
[17:49] me: if you want you give me a call at xxx-xxx-xxxx
[17:50] me: I hope so 😉
[17:50] marybabie112: They dont allow me to used the hotel phone anymore cos the money am oweing them
[17:51] me: hotel? Where are you at?
[17:51] marybabie112: Nigeria , Summit Hotel
[17:52] me: oh… well it's kinda hard to go out for drinks with you still out there. When will you be back in town?
[17:53] marybabie112: i dont know yet cos i dont have the money to pay them
[17:53] me: riiiight.  So, email when you're back in town.  Then we can chat.
[17:54] marybabie112: Okay

And here's the chat I had this morning.

[07:43] olgafun01: Hello
[07:43] olgafun01: How are you doing today?\
[07:43] me: good morning
[07:44] olgafun01: Good morning to you too
[07:44] olgafun01: How is everything over there?
[07:45] me: good. just getting up and going. Excuse my faulty memory, but who is this?
[07:47] olgafun01: This is Olga from US TN
[07:47] olgafun01: Do you know where you meet me?
[07:48] me: No, I'm sorry. Where did we meet?
[07:49] olgafun01: Arer you on Fling?
[07:49] me: no
[07:49] me: what is fling?
[07:50] olgafun01: Did you know me?My name is Olga from Clarksville TN and i know you know me from some site
[07:51] me: Prehaps Yahoo personals?
[07:51] olgafun01: Yeah you got it right?
[07:52] me: cool, can you send me a link to your profile?
[07:53] olgafun01: Well i have not finish my profile but i can tell you about me and where am from?
[07:53] olgafun01: Okay
[07:54] me: Sure, but how did we meet on yahoo personals if you don't have a profile there?
[07:58] olgafun01: Well i just search on only you
[07:58] olgafun01: Coz i love your profile
[07:59] me: ah. Well, thank you. Why are you looking for folks in Atlanta? Planning on coming down?
[08:00] olgafun01: Ohh coz i love the way you put your profile and i wish to know you better than this and i know when you get online everything wil gonna be alright for me to see you in person
[08:00] olgafun01: Coz i have been hurt before and am still looking for man who can be with me for ever and ever
[08:02] me: I'm not one for online romances. I don't mind chatting every now and then, but I am not online enough. I'd rather just meet in person. I think you can discover a lot more about a person that way.
[08:03] olgafun01: WHere are you?
[08:03] olgafun01: Talk to me
[08:03] olgafun01: Ohh Yeah
[08:03] olgafun01: But where can i get uyou and knmow ou very well?
[08:03] olgafun01: Or can will talk here better before knowing each othedr
[08:03] olgafun01: Other
[08:04] me: I have to get breakfast on. Be back in a bit.
[08:04] olgafun01: Okay
[08:04] olgafun01: Or can you mail me and tell me a lil about you so i can reply you and tell you about myself too
[08:07] olgafun01: Buzz!!
[08:27] me: No, thank you. I am not looking for an online/remo
te relationship. If you are in Atlanta and would like to meet, let me know.
[08:27] olgafun01: Are you back?
[08:28] me: yes
[08:28] olgafun01: Ohh is that why you keep your self there righht
[08:28] me: huh?
[08:28] olgafun01: Yeah
[08:30] olgafun01: Arer you there?
[08:31] olgafun01: Well let talk about how will gonna meet each other
[08:32] me: Sure… When is the next time you will be in Atlanta?
[08:32] olgafun01: I don't Have any business there right now
[08:33] olgafun01: But i can get there to meet my Mr. Right
[08:34] me: This weekend I am busy. But I have a flexible work schedule. If you wanted to come down during the week, I can make time for lunch or drinks.
[08:35] olgafun01: Really?
[08:35] me: sure
[08:37] olgafun01: Ever since I joined yahoo personals, I have always wanted to meet someone like you with so much care and respect for woman feelings I'm looking for serious relationship
[08:38] me: Thanks. So when do you think we can meet?
[08:38] olgafun01: Just that my heart is on fire at the moment
[08:38] olgafun01: i want to be there, just that i am froze up here right now
[08:40] olgafun01: Well i am a bussines person, forget to tell you that
[08:40] me: too bad. I don't have the flexibility for a road trip myself. Just ping me when you think you can make it down.
[08:40] me: That's cool.
[08:40] olgafun01: I am here in Nigeria for the first time
[08:41] olgafun01: it is not what you think ?
[08:41] me: riiight, what happen to clarksville?
[08:41] olgafun01: I have neve been here since i was introduce to this business 4 yrs ago and i have been to many places in Europe and in Austria
[08:42] me: sounds fun. Like I said, I'm not looking for a remote relationship right now.
[08:43] olgafun01: Can you imagine kind of bullshit i got myself into… Have been stranded here since Four Days
[08:46] olgafun01: I lost both parent. My only brother i depend on he's is into drugs life been adicted to it, he doesnt care about me, If not i would have just ask for help from my parent or my brother. But now, that i don't have them i think you are all i have now
[08:46] olgafun01: Buzz!!
[08:47] me: you are in some bad shape if you are asking a perfect stranger for some help. But unfortunately, you are the third girl that I have met online that is stuck in Nigeria. Sounds like an epidemic.
[08:53] olgafun01: I was here to clear some computer from Czech. But, Unfortunately when i get here i was sick and i use the money i have on me to get Treatment in the Hospital and now all i need is You to help me with some money so that i can clear the Goods. I promise to pay back as soon as i deliver the Goods and get payment from my Client. I will be very very gratefull if you can help me with the Clearance Fee so that i can get Goods cleared and return and come back to you
[08:53] olgafun01: Oh yes i know about so many scam here in nigeria i wouldn'y lie to you
[08:53] me: heh…. of course you wouldn't.
[08:53] olgafun01: Just please try and help me, I know for now i am a stranfer to you but i am very sure later you will klnoe me more than i know myself
[08:54] me: well, good luck with that.
[08:54] olgafun01: please kindly help me out..I'm not just looking for financial support only, I'm looking for something meaningful and lasting
[08:54] olgafun01: Just please try and understand why i need you to do this for me
[08:54] me: ha, thanks for the entertainment this morning.
[08:55] olgafun01: I know it is hard to trust me but i just want you to please try and help me please
[08:55] olgafun01: OKay

EDIT.  HA!  She came back later the same day.

[11:51] olgafun01: Hello
[11:51] olgafun01: How are you doing am back
[11:51] olgafun01: I know you can't do nd help me but let talk about how will gonna meet each other okay
[11:52] olgafun01: Buzz!!
[11:52] olgafun01: Buzz!!
[12:06] me: Just ping me when you get back in town.
[12:06] olgafun01: Okay..But try to understand me well okay
[12:07] olgafun01: Am in the state right now but i need to clear my goods in Nigeria coz the costom sieze my goods here and tell me to pay for the Good
[12:07] me: “[08:40] olgafun01: I am here in Nigeria for the first time”
[12:07] olgafun01: Goods and i dont have enough money with me all i have here is j
ust $600
[12:08] olgafun01: I jst did an mistake
[12:08] me: yup
[12:08] olgafun01: COz am so sad and i dont know what to do and what to talk about okay
[12:08] olgafun01: Am sorry
[12:09] me: right…
[12:09] me: http://blog.xavier.ashe.com/blog/_archives/2007/4/2/2853018.html
[12:10] olgafun01: I know you can't trust me
[12:10] olgafun01: But just try to believe me that i can't do something to make you be unhappy to me
[12:11] olgafun01: Coz i really wanna meet you and know you very well that is why i just read all what i write and i see tht i did an mistake there
[12:11] olgafun01: Am sorry for that
[12:12] me: are you marybabie112 too?
[12:12] olgafun01: Nop,
[12:12] olgafun01: My real name is Olga and am from TN \
[12:12] olgafun01: Nop that is not my name
[12:12] olgafun01: I told you am in the state right now
[12:13] me: Well, when you are Atlanta, I will meet you for drinks. Then you can try to scam me to my face, until then I have to get back to work.
[12:13] olgafun01: Ohh is that what you think about me?
[12:13] olgafun01: ohh that is not right
[12:14] olgafun01: Coz am for real\
[12:14] me: then I'll be proved wrong when we meet
[12:14] olgafun01: Okay
[12:15] olgafun01: But try to help me for the goods clearase
[12:15] me: HA! You are unbelievable!
[12:16] olgafun01: Ohhh is that right
[12:17] olgafun01: I know that coz the mistake i did before that is what make you say that to me
[12:17] me: you should read http://www.stop-scammers.com/forum/default.asp?CAT_ID=6
[12:17] olgafun01: That is why isay i can't trust any one in here again
[12:17] olgafun01: They always breaking my heart
[12:19] olgafun01: So you are one of them
[12:19] olgafun01: Well i promise to come to you
[12:19] olgafun01: And i knwo you gonna do this for me to make me happy
[12:20] me: I'll believe it when I meet you. Until then, you can stop trying to get any money out of me.
[12:21] olgafun01: Yeah that is when i meet you okay
[12:21] olgafun01: Well please try to trust me and help me to clear the good
[12:22] olgafun01: So i can be able to sell it here and get the money so i can be able to get over to you soon
[12:22] olgafun01: Okay
[12:22] olgafun01: I promise you that
[12:22] me: STOP TRYING TO GET MONEY FROM ME. You are barking up the wrong tree.
[12:23] olgafun01: Ohh Okay
[12:23] olgafun01: Will you help me for something
[12:23] olgafun01: Do you know how much am asking from you?
[12:23] me: it doesn't matter
[12:24] olgafun01: I know that
[12:24] olgafun01: But just try to believe me very well than thjis
[12:24] olgafun01: Can you talk to my client right here
[12:25] olgafun01: Buzz!!
[12:26] me: no
[12:26] olgafun01: WHy?
[12:26] olgafun01: Hello
[12:26] olgafun01: Talk to me
[12:27] me: what else do you want to know. Yes, I would love to meet you. No, you are not scamming me out of any money. Yes, i am at work and am very busy.
[12:27] olgafun01: Ohh okay
[12:28] olgafun01: When you are not busy please talk to me so will can know how wil gonna meet okay
[12:28] olgafun01: Bye
[12:28] olgafun01: Buzz!!

Unbelievable.  But I guess people fall for it or they would keep doing it.

Posted in Personal Note | 1 Comment »

 
%d bloggers like this: