Planet SecuraBit

Wikipedia articles carry with them a revision history that logs every change made to an article, as well as information on the user or IP address that made the change. The revision history and user information can provide someone gathering intelligence with as much or more information about a topic than its article. Many Wikipedia editors are personally connected to the articles they edit, or otherwise have a stake in what is being said, and by processing the revision data, it’s possible to gain some insight into those connections.

This is somewhat awkward and time consuming to do through the web interface, so it helps to automate. I had a need to determine what revisions and users introduced certain phrases in an article, and wrote the following script to help:

• wikiadded.py

To use, first export the article(s) you want to process to XML using Wikipedia’s Special:Export page (be sure to uncheck ”Include only the current revision”). Once you have the XML saved locally, usage is as follows:

./wikiadded.py <xml file> <word or phrase>

The output is comma-delimited and contains the Wikipedia timestamp, user information (username/id or IP address), and a link to the revision that introduced (or re-introduced) the phrase.

Hope this is of use to someone besides myself!

Today, while updating this VPS, I took the opportunity to change the style/design of mcgrewsecurity.com. I’m especially proud of the new logo. It’s a combination of several out-of-copyright book scans, and my co-worker Kendall’s keen observation that the bit of the key looked like an RJ-45 Ethernet port. A bit of work later and now it very much looks like one.

Over the past several months, No Starch Press has been kind enough to send along review copies of several of their recent security-related book releases. Soon you’ll start seeing my reviews being posted. Overall, I can say I’m very impressed.

I got my first snail-mail scam today. I won two round-trip airline tickets to anywhere in the United States!

The masterpiece arrived in a regular letter envelope and was addressed by hand. The regular first class self-stick stamp was postmarked in Phoenix, AZ

(Click on the pictures for full-size PDFs)

Inside, the document had a letterhead for 'US Airlines". I'm guessing this is to bank on the confusion between US Airways and American Airlines. The letter was addressed to me by name and was also signed by hand.

The letter reads as follows:

NOTE: You must respond no later than November 25th, 2011.

Dear Christopher,

I am pleased to inform you that you have qualified for an award of 2 roundtrip airline tickets. Congratulations. These tickets are valid for travel anywhere in the Continental U.S. from any major international airport. The retail value of this award is up to $1,400.00. Certain restrictions apply.

We have attempted contacting you several times without success. This is our last attempt. If we do not hear from you soon, we may need to issue the ticket vouchers to the alternate.

Please call me today at 1-866-351-2044

Regards,

 

Valerie Fay

Vice President

EO-20270

I'm sure anyone who reads my blog is smart enough to not fall for this anyway, but it was certainly an anomaly in my mail box.

UPDATE [11/19/2011]:

Commenter "Scmmer" did a little research and added:

I called the number.  Was transferred to a young sounding woman who essentially repeated everything in the letter then told me that its a new Travel Agency that is looking to build their business.  You have to visit their office located at 2002 N Lois Ave. in the Westwood Center.  Then she explianed that this was for married or cohabitating couples.  When I asked what the agency name was she pointed me to '"airfareanddealsdotcom".  Doing a quick google search turned up the IP address which turned up 4 entries on he BotScout website.

http://www.botscout.com/ipcheck.htm?ip=174.36.238.92

A Whois search shows they are out of Provo, Utah.

Thats about all I can find online but I am interested in seeing where this goes.