I did not hack your computer
I was just listening to the audio version of the WWDC presentation by Will Shipley. Very cool, I would send you a link but it already has you finger prints on it - in the comments it says "drunkenbatman was here" :)Troy P.
Yeah, amusing that. I've been getting a steady trickle of these over the last ~2 weeks, which have to do with an audio file Will Shipley put up on his blog at the beginning of July.
If you hadn't seen it, Will gave a talk to a big group of students at WWDC 2005, and threw up some slides afterwards, and then decided he wanted to do a (in his words) 'podcast thingy' of the talk. If you go and get it, and throw it in something like iTunes, you'll see this...
Who knows how many downloaded the audio file, but I know the slides were downloaded umpteen thousand times... And I've gotten around 15 emails from it, which isn't bad considering someone had to notice it, then make the connection, then find my email or at the very least open Mail.app and type wordage.
Unfortunately, I've also gotten this:
TO "DRUNKENBATMAN" OR TO WHOM IT MAY CONCERN OR EDITOR OF DRUNKENBLOG.COMI AHVE RECENTLY FOUND YOUR NAME UNWARRANTED WITHIN MY COMPUTERS FILES. MY INVESTIGATION HAD LED ME TO THE WEBSITE WWW.DRUNKENBLOG.COM AND YOUR SECURITY EXPLOITS. I DEMAND FULL NOTICE OF THE MEANS YOU ACCESSED MY COMPUTER AND A LISTING OF EVERY FILE YOU HAVE MODIFIED OR VIEWED OR I WILL HAVE NO CHOICE BUT TO CONTACT THE PROPER AUTHORITIES. IF YOU DO NOT RESPOND WITHIN THREE DAYS I WILL INTERPRET YOUR ACTIONS AS CRIMINAL AND RESPOND IN KIND.
*Beats head against table*
I'm not even going to give a first name on this one, because even I don't have that ruthless a streak, but suffice to say the above is unedited and his kung-fu is strong.
Since the hard drive died last night, the all-caps almost pushed me over the edge of leaving an outline of an Apple with my shiny new paperweight, but we must remember the ham story.
While this was the most... extreme... of the three I got wanting to know how I'd gotten into their machines, there were three emails, which means it's worth spelling this out so, you know, no one looks sillier than they already do while investigating via google.
Anywho, I'd sent Will and app called Audio Recorder (By Ben Shanfelder) for something completely unrelated to any of this, and because Audio Recorder is so kick-ass and simple, Will ended up using it to do his podcast thingy. Will ended up with an AAC-compressed .mov file of his gargantuan ~1.5 hour talk, but wanted a straight audio file so people could put it on their iPods and stuffins.
Since we were already talking about some things, and he was about to crash, it was just easier for me to take it and pass the audio out as a straight AAC file via QuickTime so nothing was lost and forward it back to him for when he woke up.
While I was there, I figured it should have some tags, so I gave it a silly album name that reminded me of stuff we'd talked about earlier, set the genre to 'Religious', and threw my name in the comments because that's the kind of thing that happens when I'm fiddling with things that late at night.
I figured:
- Will would either look at the tags the next day, see my digi-graffiti and laugh, or...
- He'd not bother, because Will is almost beyond such things now (If you run into him, pop-quiz him on the current cost of a gallon of milk without letting him query his manservant and you'll see what I mean), and the small percentage who would actually look at the tags would be confused. If I was really lucky, they'd have heard of my name and they'd get a laugh.
Another of the two, who was extremely amusing (at first) in an unintentional way, basically thought that since he reads my site I must have a bit of code that was exploiting Safari to pull off my prank. And if I did, would I be so kind as to give it to him.
My reply was a javascript file that did hello world, and when he responded back that he couldn't see how the exploit worked in the file -- and could I please spell out the instructions -- I was at a loss and just left it because the next step could only be 'inviso-text' and the amusement factor had been tapped and sapped.
*rubs temples*
Never in my wildest would I guess someone would think their computer has been hacked because of the ID3 tags of an audio file they downloaded, but again we're back to the ham story, and at this moment the ham story is about all that is keeping me from swinging my shiny new Powerbook paperweight.
So no, google investigators, your computer has not been hacked, and I do hope this post alleviates your concern before you email me, where you run the very real risk of perhaps catching me on a bad day when the ham story has slipped my mind, and I say things from a less than polite and understanding frame of mind.
Posted by drunkenbatmanJuly 12, 2005, at 02:49 PM
Comments (12)
Posted by: Ankalon at July 12, 2005 03:24 PM
I KNEW YOU WERE A SCRIPT KIDDIE!
(Sorry, I had to do all caps.)
Ed's right. You better go on a sabbatical before Apple looks in your archives and uses that AppleCare meltdown on you.
Posted by: Malte at July 12, 2005 03:24 PM
Hey, I just clicked a link in my browser and your site came up. How the hell did you get into my computer?!! I'll sue your weenie off!
Seriously, sure - you can't be good at everything. But if you feel like you're way out of your known territory (as in the ham-story and in this case) why would you start accusing strangers? That's just stupid..
..or perhaps it is just part of some defence mechanism.
Posted by: Kasper Jeppesen at July 12, 2005 03:33 PM
Noooo... not my pristine collection of mint condition (never been played) podcasts... I was gonna make a fortune on those on ebay, and now you ruined it!
Posted by: DeanDMX at July 12, 2005 04:34 PM
Kasper you made me giggle!
DB you also made me giggle "and his kung-fu is strong."
Posted by: Chucky at July 12, 2005 05:09 PM
If you wrap your entire computer in tin foil, drunkenbatman will no longer be able to hack into it. Everyone knows that.
Posted by: Mindflayer at July 12, 2005 05:13 PM
Reminds of when I was running Microsoft update for, well, Microsoft. I got a call from one of their investigators saying I was mirroring their files illegally. I assured him it was on the up and up, but he just became more and more belligerent. So, after about the 5th phone call from this jerk, I just conferenced in a big shot at ol' Microsoft. Calls ended pretty quickly. :)
Then there was our other customer, Symantec.... So many "sysadmins" and "network admins" would file complaints with the FBI or call us, livid. They were too.. simple (but arrogant!) to see that the traffic was Symantec updating. Doh.
Posted by: Troy Phillips at July 12, 2005 09:23 PM
I just read your ham story (very funny by the way), but that was more a "Forest Gump" sort of cluelessness. Combining cluelessness, arrogance and aggressiveness like MR CAPS LOCK is much less palatable.
Posted by: Kirin at July 13, 2005 02:29 AM
|]r|_||\|k3|\|847/\/\4|\| -- 1337 |-|4x0r!
(Crap, that stuff takes *ages* to type.)
This made me laugh into my breakfast. So, 'hello world' is the new Safari vulnerability?
Posted by: Hawke at July 13, 2005 06:34 PM
DEAR SIR:
I FOUND YOUR NAME ATTACHED TO A FILE ON MY COMPUTER. SINCE I DO NOT KNOW YOU, I MUST ASSUME THAT YOU HAVE HACKED INTO MY COMPUTER VIA THE 'INTERNETS'. YOUR EXPLOITS ARE WELL CATALOGUED ON YOUR WORLD WIDE WEB PLACE, AND I WILL REPORT YOUR ACTIONS IMMEDIATELY TO THE AUTHORITIES. ON A RELATED MATTER, I MUST FURTHER ASSUME THAT IT IS YOU WHO KEEP PUTTING THOSE EMAILS ON MY COMPUTER ABOUT MALE ENHANCEMENT. MY MALENESS DOES NOT NEED ENHANCING, THANK YOU.
IF YOU DON'T RESPOND IMMEDIATELY, I WILL USE THE MONEY COMING FROM MY FRIEND IN NIGERIA TO HIRE A LAWYER.
SINCERELY,
CLUELESS IN SEATTLE
*snicker* All in good fun.
Posted by: Jesper at July 14, 2005 09:57 AM
"Clueless in Seattle" is quite possibly the best psuedonym ever.
Posted by: varun at August 6, 2005 12:17 PM
hi i am a student of IT engg. frm gwalior (m.p.) india
sir i want to hack the computer would u like to teach me by e.mails thanks
reply me soon
frm-
varun
Are you sure the 'investigator' wasn't joking? I just find it hard to believe. Have you had any further correspondence with them? If you haven't, please don't, as I really am looking forward to reading about the legal proceedings. Between this and cherrymac stuff, you are making a pretty serious hobby out of getting sued by stupid people.