[vox-tech] one of the most pernicious spams i've ever seen.

Micah J. Cowan vox-tech@lists.lugod.org
Thu, 25 Sep 2003 13:58:13 -0700


On Thu, Sep 25, 2003 at 09:33:08AM -0700, Michael J Wenk wrote:
> On Thu, Sep 25, 2003 at 08:17:52AM -0700, p@dirac.org wrote:
> > On Thu 25 Sep 03, 10:46 AM, Rob Rogers <rob@wizardstower.net> said:
> > > On Thu, Sep 25, 2003 at 07:24:56AM -0700, p@dirac.org wrote:
> > > > 
> > > > i didn't know this.  so, an URL is of the form:
> > > > 
> > > > URL = user:password@url
> > > > 
> > > > where lowercase "url" is what i used to think of as being an url. and
> > > > the "user:password@" portion is optional.
> > > 
> > > Right. You've probably even seen it for an ftp url...works the same way
> > > for http, just not seen as often.
> >  
> > aha.  thanks!
> > 
> > > As a side note, Opera gave me the following in a popup when I tried to
> > > click on your URL
> > > 
> > > Security warning:
> > > 
> > > You are about to go to an address containing a username.
> > > 
> > >   Username: www.citibank.com
> > >   Server: a3ksd.pisem.net
> > > 
> > > Are you sure you want to go to this address?
> >  
> > yeah, i got that too (i'm on opera).
> > 
> > i was convinced the email was a fraud by looking at it.  i know banks
> > don't ask for PIN's.  they go through great lengths not to know your PIN
> > when you create the account.  for instance, washing mutual has a machine
> > you enter your PIN into, and the teller has to walk at least 3 feet away
> > and turn around before you punch your number in.
> > 
> > but i was so darned curious, i had to investigate!
> >  
> > pete
> 
> Also, guess it doesn't hurt to say that you should never have your PIN
> for online banking match the one for your ATM.  Or if you're forced, be
> bloody sure that the site you enter it, really is your bank's site.  

Do you know of banks that let you choose two different PINs, one for
online, one for ATM? That'd be nice...

> 
> Oh, URI stands for Uniform Resource Identifier (see RFC 2396 for
> details) 

Yeah, it does... but what does that have to do with anything? All of
the URIs he cited are also valid URLs, so he's perfectly right to
refer to them as such, if that's what you're getting at. Also, the
difference is mostly theoretical, as I haven't seen many (any?) REAL
URNs in the wild, except for "persistent URLs".

-Mciah