Pine will show you the "Date", "From", "To", and "Subject" of a message in addition to the message's contents. But you may wish to view the full message headers to see the "Message-ID" or the "Received" headers. The Received headers allow you to view the path of a message from an originating system to your mail server. They are useful in determining if a message actually came from the purported orginator, since spammers and worms often use fake "From" addresses.

Pine allows you to display the full message headers using the "H" command. But, if you hit "H" and you see the message "[Command "h" not defined for this screen. Use ? for help]", then the command hasn't been enabled. To enable the comand so that you can use "H" to toggle the display of full message headers, take the following steps.

1. At Pine's main menu, which is shown below, hit the "S" key for "Setup".

     PINE 4.33   MAIN MENU                         Folder: INBOX  3,280 Messages
   
   
             ?     HELP               -  Get help using Pine
   
             C     COMPOSE MESSAGE    -  Compose and send a message
   
             I     MESSAGE INDEX      -  View messages in current folder
   
             L     FOLDER LIST        -  Select a folder to view
   
             A     ADDRESS BOOK       -  Update address book
   
             S     SETUP              -  Configure Pine Options
   
             Q     QUIT               -  Leave the Pine program
   
   
   
   
      Copyright 1989-2001.  PINE is a trademark of the University of Washington.
   
   ? Help                     P PrevCmd                 R RelNotes
   O OTHER CMDS > [ListFldrs] N NextCmd                 K KBLock
   

2. At the next menu, shown below, hit the "C" key to configure Pine.

   This is the Setup screen for Pine. Choose from the following commands:
   
   (E) Exit Setup:
       This puts you back at the Main Menu.
   
   (P) Printer:
       Allows you to set a default printer and to define custom
       print commands.
   
   (N) Newpassword:
       Change your password.
   
   (C) Config:
       Allows you to set many features which are not turned on by default.
       You may also set the values of many options with that command.
   
   (S) Signature:
       Enter or edit a custom signature which will
       be included with each new message you send.
   

3. Scroll down through the list that appears using the cursor keys on your keyboard (or you can move up and down the list with "n" for "next" or "p" for "previous") until you find "enable-full-header-cmd" under "Advanced Command Preferences". When you've found it, hit "x" to set the value ("x" toggles values off and on). Then hit "E" to exit setup. When prompted "Commit changes ("Yes" replaces settings, "No" abandons changes)?", hit "y" to save your changes. Now when you view a message, you can just hit the "h" key to toggle the display of a message's headers on and off.

   [/network/email/clients/pine] permanent link

While running adware/spyware checks on a system today I found Bazooka Scanner reported LocalNRD on the system. I wasn't able to remove it through "Add/Remove Programs", but instead had to manually remove the remnants of this malware. I've created a registry file to remove the registry entries Bazooka associates with this malware and a batch file to remove the file associated with it.

Instructions for removing LocalNRD

[/security/spyware/localnrd] permanent link

The ABC News website has an article today stating that America Online (AOL), (I think Ads Online might be a more accurate name), is telling its broadband customers in nine southern states that it will no longer be able to provide broadband service to them. Customers have until January 17, 2005 to find another broadband provider. If they remain with AOL, they will be converted to AOL's dialup service. And AOL spokesperson Anne Bentley is quoted as stating that she expects AOL will phase out broadband service to the rest of its customers over the next year.

I've read other reports that AOL is experiencing financial problems and a declining subscriber base, which doesn't surprise me. I used to suggest AOL to people who had no prior experience with computers or whose computer knowledge was very limited. And when I was helping a family member run a mailing list devoted to anime, I maintained an AOL account so that I could help mailing list members who were AOL members. Many would join the list, but then be unable to receive email, because their AOL account was configured to block email from addresses outside AOL. With the AOL account, I could send them a message advising them how they could change their AOL settings.

AOL did make it fairly easy to get on-line, chat, and send email even for people who were computer illiterate. But over time, I decided AOL wasn't even a good choice for computer novices. Other ISPs improved the packaging of their service and support for novice users, but didn't bombard users with ads whenever they went on-line. And after dealing with AOL's customer service, I came to the conclusion it was awful.

AOL started popping up ads to create a second AOL account when you went on-line. A family member inadvertently created a second account, though she didn't realize she had done so. When I saw the second billing, I called AOL. I was told a second account had been created. I told the representative I spoke to we didn't want it and I wanted that account canceled. I was told the account was canceled. The next month I was again billed for the second account. I called again and was again assured the account was canceled. The following month I was again billed for a second account. I called again and spoke to an AOL representative who said she was checking on the account and then switched me to a telemarketer when she put me on hold. It was bad enough when they put me on hold and forced me to listen to marketing offers while I was on hold, but getting switched to some telemarketing partner of AOL was infuriating. I called back and demanded to speak to a supervisor. I was told the second account would be deleted, but next month I was again billed. On my next call, I was told that "yes" the second account would finally be deleted, but they couldn't credit my credit card for the billings for the previous months. Instead they would give me a credit for extra months on the first account, which I had switched to AOL's $4.95 limited service, which I only kept to assist mailing list members. Billing for the second account finally stopped, but at that point, I didn't feel I could ever recommend AOL to anyone. And with such lousy customer service, it doesn't surprise me AOL is losing customers. I think AOL's chances of still existing in another five years aren't good.

[/network/Internet/ISP] permanent link

While running adware/spyware checks on a system tonight, I found Bazooka Scanner reported Bubba.Wintools on the system. I wasn't able to remove it through "Add/Remove Programs", but instead had to manually remove the remnants of this malware. I've created a registry file to remove the registry entries Bazooka associates with this malware and a batch file to remove the files associated with it.

Instructions for removing Bubba.Wintools

[/security/spyware/bubba-wintools] permanent link

I received an email today, purportedly from SunTrust Banks, Inc. which was actually a phishing scam. The message had a "from" address of "Suntrust Bank " and a subject of "SunTrust Bank SECURE VERIFICATION PROCESS". The message had a GIF image, chinaman.GIF embedded in it.

Clicking on the link in the message opens another window where the the mark is expected to fill in the following fields:

ATM/Debit Card
PIN-code
Expiration date
CVV2 (the three-digit code on the back of a credit card)
Login Name
Password
E-mail Address

To view a snapshot of that window, click here or to view the window as activated by the HTML code, click here. Submitting the form yields a "Thank you for confirmation" message.

In Internet Explorer, when you move your cursor over the link in the email message, you see http://www.suntrust.com/personal/Checking/OnlineBanking/Internet_Banking/security.asp, which is a real SunTrust webpage, but the real URL to which you will be taken is shown below:

http://%32%30%33%2e%31%39%38%2e%32%31%30%2e%31%35%36:%38%37/%73%74/%69%6E%64%65%78%2E%68%74%6D

The author of this scam is using an obfuscated URL to make it less likely potential marks will see through the scam. Obfuscated URLs can be unobfuscated using tools provided at various websites. Putting in the above URL at http://javascript.internet.com/equivalents/url-revealer.html reveals a more intelligible URL, http://203.198.210.156:87/s/t/index.htm, which is more obviously not a SunTrust website address.

The source code for the message shows the obfuscation. The HTML code can be downloaded here.

[/security/scams/phishing/suntrust] permanent link

Glenn Weinberg, vice president of Sun's operating platforms group, is quoted in a ZDNet article, Open-source details hold up Solaris release as indicating details on Sun's open-source version of Solaris may not be finalized by the end of the year. "It'll be really close," Weinberg told reporters. According to Sun president Jonathan Schwartz, Sun has not ruled out releasing Solaris under a GPL license.

Sun is discussing their plans with open-source representatives at the Open Source Initiative, though Eric Raymond, president of the Open Source Initiative, has stated those communications have been unofficial.

[/os/unix/solaris] permanent link

There is an article, Sun Ready to Open Solaris, in eWEEK dated November 1, 2004 by Peter Galli stating that Sun is getting closer to releasing Open Solaris, an open-source version of their Solaris operating system. The article states that Sun is starting with a pilot/beta program for Open Solaris. The article also states that Sun is getting close to finalizing pricing for Solaris 10.

Though, in another September 22 eWEEK article, When Open-Source Claims Fall Flat, Steven J. Vaughan-Nichols wonders about when Sun will actually make Open Solaris available. He also implores Sun not to come up with yet another variant of an "open-source" licensing model. He has also written another eWEEK article, Analysts Question Sun's Open-Source Solaris Plans, published in eWEEK on September 21, on the implications of the licensing scheme that Sun may adopt for open Solaris.

He is critical of Microsoft's "shared source" scheme, another effort by Microsoft to combat the open-source movement which threatens its revenue stream.

[/os/unix/solaris] permanent link