Including a rather interesting quote from Mitch Kapor:

It promises to be “disruptive”, says Mitch Kapor, the inventor of the Lotus spreadsheet that played a big role in the personal-computer revolution of the 1980s and 1990s. He is now chairman of Linden Lab. To him, Second Life is comparable to both the PC and the internet itself, which started as something “quirky” for geeks, and then entered and transformed mainstream society. “Spending part of your day in a virtual world will become commonplace” and “profoundly normal,” says Mr Kapor. Ultimately, he thinks, Second Life will “displace both desktop computing” and other two-dimensional “user interfaces”. As “a hothouse of innovation and experiment,” he says, Second Life may even “accelerate the social evolution of humanity.”

You can read the full article here.

I am not sure whether to be worried or flattered, but it appears that someone is going through the trouble of creating targeted malicious code attacks by spoofing an email from me. They’ve even gone so far as to use the correct signature, return phone numbers, and to pick a topic that i am likely to actually send an email on. The only issue is that they’ve spelled my name wrong…probably to prevent any bounces from coming to me and alterting me. The message looks like this:

From: Matt Devest
Date: Sun, 1 Oct 2006 09:05:27 -0600
To: < ****@terrorism.com>
Subject: How China Steals US Military Secrets !

Dear,

FYI-

http://www.usa.tmsasia.com/collections/prc/How_China_Steals_US_Military_Secr
ets.html

Matt Devest
CEO
Terrorism Research Center, Inc.
Tel: (703)***-****
Email: Devest@terrorism.com

Obviously, if you get this message, don’t click on the attachment. My good friend Eric took a look at the target web page and provided this assessment:

Basically, the link is for a page that’s just javascript. What’s interesting is that it uses the javascript ‘unescape’ function to set values to a couple vars. the unescape function takes what looks like gibberish and when unescaped, is plain javascript code. The last part of the initial script does an ‘eval’ on the variable, which runs the code. What the code does is run another set of javascript which was previously decoded and attempts to use a VERY new IE vulnerability to cause a buffer overflow and then allows running any program as administrator on the box. More details on the actual exploit can be found at:

http://www.us-cert.gov/current/index.html#exwbfldr

As such, only Windows users running IE 6 are vulnerable to this ‘link’. From what I can find on the Microsoft website, it looks like this vulnerability might only apply to Windows 2003 Server, but that remains unclear. Microsoft did indicate they would have an update released by October 10.

In summary, whoever did this cleverly crafted email wanted to maximize his/her chances of getting a ‘hit’. The exploit is considered a 0-Day and the way it was escaped took sometime to sort through and decode. If it wasn’t for the misspelled Devost, it could almost be considered ‘perfect’…

For what it’s worth, the email came directly from a server in Utah.

IP: 205.118.75.84
OrgName: Utah Educational Network
OrgID: UEN-1
Address: 101 Wasatch Drive, Rm 215
City: Salt Lake City
StateProv: UT
PostalCode: 84112
Country: US

Probably just a poorly patched server that was hacked and used as a jump-point…

As a parent, I take increasing interest in the analysis of experts like this.

Therefore, I want to share what I am seeing, what I project as forthcoming in the next month, October 2006. I’ve been saying most of this on radio interviews and in suicide trainings for weeks. No one seems to be listening, especially in the US media. Nevertheless, readers may wish to know about the patterns that are so obviously developing. Full Story