Scam Or Not?
 

Be advised that I have received about a 100 of these Messages in the Last day or so. I have reported them to the proper Abuse services, blocked them, yet they are still coming in. So I ask you, would you click on the link? I have not, given the nature of the bLaster worm and other nasty bugs lately, I would prefer to keep my win2k system virus free.

<font size="2" face="Verdana, Helvetica, sans-serif">

Re: Scam Or Not?
 

Being behind 2 firewalls, I clicked on the link and it certainly seems like the normal MSN web site and talks about the security issue with MSN Messager, but then again, I don't use the product, and I certainly wouldn't download the security patches unless it came directly from the MS web site.

Re: Scam Or Not?
 

there's another thing - i am a user of MSNIM and i didnt get a single copy of that letter.

Re: Scam Or Not?
 

It appears to be legit, I received an email from the MSN abuse people and they say yup, it is a true MSN email. Oh well, I guess not all emails are dubious.

Re: Scam Or Not?
 

most Online stuff can now check and tells you if needs an update. if it stops working, you can always get it later.

Re: Scam Or Not?
 

I always strip MSN and MSMessenger off all my systems at the earliest opportunity. Microsoft tries very hard to stop you doing this (for example, on XP messenger has no uninstall function) but if you're determined there's always a way...

Re: Scam Or Not?
 

With all those viruses spreading during the Last weeks, it seems that PC Users become a bit paranoiac, doesn't it ?
After fighting with MS BLaster for three days on my own PC, I must admit that I'm becoming paranoiac too...

Re: Scam Or Not?
 

Email Rule of Thumb:
Never click a link, especially if its talking about installing patches and stuff.
Anything it says to install or delete, ignore.

Instead, close your email program, then visit the windows update site and do updates on your virus programs by yourself.

1) Links are often boobytraps that will send you down into the monster's lair.
2) Deleting a single file NEVER HELPS. Even the weakest viruses infect lots of files, so only a scanning program can find them all.
3) Putting password info into an email is like giving your wallet to the stranger with a pLastic police badge so he can check your driver's license. Don't be surprised if stuff is missing and all you hear is tires squealing in the distance.
4) Just because it is from a big, well known company does NOT prevent it from being a scam!

[ August 20, 2003, 13:11: Message edited by: Suicide Junkie ]

Re: Scam Or Not?
 

<font size="2" face="Verdana, Helvetica, sans-serif">Yeah i once had to do this for a customer. Very hard to find how to do it. In the end the computer had to boot and only 2 desktop icons where to be clickable. Almost all of the start menu had to be disabled.

It was a portable pc that nurses would take with them as they visited patients on the road. By disabling nearly everything, they hoped to minimize support and it effectively did so

Re: Scam Or Not?
 

It's hard not to be paranoid when MS sends you the F#$&*#^ thing 100 times!! I also got it multiple times. Why the heck would they do that??

Re: Scam Or Not?
 

<font size="2" face="Verdana, Helvetica, sans-serif">Ditto on this. here is a scam I could have fallen for if the scammer had not been so greedy.
It was (well claimed to be) from my ISP (sympatico.ca) claiming my account was not up todate. The kind of message you get when say your Visa expires and they don't have the new expiry date.
So I click the link and get to a Sympatico page (a fake one but very well done). The only thing that triggered the warning flags were that the moron asked for some very personal info the the ISP would never want (ie PIN number, drivers license etc) Had he just asked for the Visa I may have fallen for it.

Re: Scam Or Not?
 

<font size="2" face="Verdana, Helvetica, sans-serif">They send it to everyone on their lists once. However, apparently, it's possible to get on their lists more than once. With the number of addresses they have, and the fact that removing duplicates is an O(n^2) operation, I can understand why they do.

Re: Scam Or Not?
 

Read this before patching...

http://www.theinquirer.net/?article=11124

Re: Scam Or Not?
 

<font size="2" face="Verdana, Helvetica, sans-serif">They send it to everyone on their lists once. However, apparently, it's possible to get on their lists more than once. With the number of addresses they have, and the fact that removing duplicates is an O(n^2) operation, I can understand why they do.</font><hr /></blockquote><font size="2" face="Verdana, Helvetica, sans-serif">The biggest software company in the world that has written some of the most complex programs can't remove duplicate addresses from a list??? What's wrong with this picture.

Re: Scam Or Not?
 

<font size="2" face="Verdana, Helvetica, sans-serif">Yeah, like searching the registry for every occurance of "Messenger" http://forum.shrapnelgames.com/image...s/rolleyes.gif I finally got those dratted Messenger popups to stop.

Re: Scam Or Not?
 

Umm... ever opened "msconfig" from the run prompt? Or perhaps the Services Manager from the Admin Tools? msconfig can control what programs start up with Windows. The Services Manager can control when Windows services (such as Messenger) start. No registry editing needed (at least, not manually http://forum.shrapnelgames.com/images/icons/icon12.gif ).

Re: Scam Or Not?
 

<font size="2" face="Verdana, Helvetica, sans-serif">They could, it's just a matter of the computer time required. The standard algorythm for removeing duplicates goes something like:
</font><blockquote><font size="1" face="Verdana, Helvetica, sans-serif">code:</font><hr /><pre style="font-size:x-small; font-family: monospace;">for(i=0; i&lt;max; i++)
{
for(j=i-1; j&gt;=0; j--)
{
if(entry(i) == entry(j))
{
clear(i)
}
}
}</pre><hr /></blockquote><font size="2" face="Verdana, Helvetica, sans-serif">If they have 10^9 entries, the statement
</font><blockquote><font size="1" face="Verdana, Helvetica, sans-serif">code:</font><hr /><pre style="font-size:x-small; font-family: monospace;">if(entry(i) == entry(j))</pre><hr /></blockquote><font size="2" face="Verdana, Helvetica, sans-serif">gets run, at most (1 + 2 + 3 + 4 + 5 + ... + ((10^9)-1) +(10^9)) times - roughly (10^9)^2, or about 10^18 times. As it is almost impossible to hold 10^9 e-mail addresses in live memory at once (if you allow, say, 100 bytes per entry, that works out to 10^11 bytes - about one hundred gigabytes - of RAM for a single project; not likely), disk access times need to be used for dealing with the entries. If you then assign a disk acess time of, say, 10^-6 seconds per entry, and multiply that by the number of entries accessed (roughly 10^18 accesses) you get an estimate on the amount of time the algorythm will take: 10^12 seconds. That's roughly 16,666,666,666 minutes, 277,777,777 hours, 11,574,074 days, or 31,688 years. Throw 10,000 machines at the task, and it still takes a little over three years (actually, more than that, due to communication time between them). It isn't that they couldn't, it's just that it would cost more resources to eliminate the duplicates than doing so would save them.

Granted, there are several ways to shave time off of the above analysis, but that just gives a general idea of what it would take.

Re: Scam Or Not?
 

You do not have to load every single address into active memory at once. In fact, with that loop, each address is deleted from active memory (essentially) after it is checked against the one you are comparing it to.

[ August 22, 2003, 01:00: Message edited by: Imperator Fyron ]

Re: Scam Or Not?
 

<font size="2" face="Verdana, Helvetica, sans-serif">Apparently you missed the numerous disclaimers:
<font size="2" face="Verdana, Helvetica, sans-serif">rather than "is"; my note at the bottom <font size="2" face="Verdana, Helvetica, sans-serif">and the <font size="2" face="Verdana, Helvetica, sans-serif">to indicate it was a worst-case (for that algorythm, worst-case = no duplicates) analysis.

In the worst case, the Last entry checked must be checked against every other entry, and so all must be available (in memory, or accessed from the disk). The point was to give a general idea of what was required, not the exact algorythm needed. Things would be further complicated by the likelyhood that it isn't a matter of a single database of addresses being worked with. There are a zillion (exaggeration) assumptions in my analysis, and several valid shortcuts that could be built into the algorythm. It's an estimate to support what I said that DavidG had doubts about, not an exact analysis for that particular number set.

Re: Scam Or Not?
 

<font size="2" face="Verdana, Helvetica, sans-serif">They could, it's just a matter of the computer time required. The standard algorythm for removeing duplicates goes something like:
</font><hr /></blockquote><font size="2" face="Verdana, Helvetica, sans-serif">Well I'm not going to dispute your math (frankly I didn't take the time to really understand it http://forum.shrapnelgames.com/images/icons/icon12.gif ) But I have MSN Messanger at work. I signed up for the service and provided my e-mail adress to MS exactly ONE time. And yet I got that message 10 times. Face it MS got something screwed up. Other corps with large databases seem to get things OK. (like Symantec)

Re: Scam Or Not?
 

<font size="2" face="Verdana, Helvetica, sans-serif">Perhaps this is the problem. Now surely this shouldn't be hard to avoid.

Re: Scam Or Not?
 

<font size="2" face="Verdana, Helvetica, sans-serif">Granted; MS could have done much better. The analysis only applies when going back to fix it, not when compiling the list originally. It is easier to maintain a no-duplicates list than it is to change a list to the no-duplicates variety.

Re: Scam Or Not?
 

Best would be an algorithm which checks new addresses against the list before even putting them in!
Keep N small in the first place, and there's less trouble later.
Each submitting machine could keep a filter list of the Last couple submissions so as to cut down on the work the main server has to do.

If you had a sorted list, then the duplicate checking would be really easy.
Decent insertion routines would help a lot too.
Bucket sort to servers holding a piece of the list, then insert using your favorite routine.

Get the n^2 work done as it drips in, so you have years to spend on the problem, instead of rushing it just before trying to send emails.

Re: Scam Or Not?
 

Actually, if you maintain it as a sorted, no-duplicates list from the start, the total computational effort is actually more along the lines of n*lg(n), which isn't unreasonable, even with a billion entries.

Come to think of it, one could always dump the current list into such an algorythm, and then only use ~ 30,000,000,000 comparisons - roughly eight hours, using the same numbers as the earlier analysis for a single machine. Nevermind; MS has no real excuse.