HOWNOTTO: Socially Engineer

Here’s an oldie but goodie I scrounged up while trying to clean up the files on my file server. I’m not exactly sure when this happened. Given the details I wrote about, this happened sometime between July 1998 and October 1999. The file date of 2005 must have been when I restored this off of a floppy ZIP archive.

Even today I get a smile from this, so here you go.



You’ve heard all the warnings — never accept an executable file from an unknown source, for it may be a virus. Well, I recently had the misfortune of dealing with someone who tried to do just that, under the guise that it was a game he programmed himself in C.

This person contacted me via Random Contact via ICQ from Mirabilis.

I received this message from someone late at night from a Random user WHO WILL REMAIN ANONYMNOUS. He’ll probably change his name anyway, or even get a new ICQ number if he is what I think he is.

i made a great program in c
i want u to see it

Great! A fellow programmer! And he programs in C! I have longed for someone who might be able to understand programming. Everyone I’ve chatted with has had little or no idea about programming. I tell hime “Sure!”

it is a combination of agame and programs
i am a beigner so it isnt so cool
but i want your opinion ok?

This is where I get a little suspicious. A beginning programmer, starting out in C? For those of you who don’t know, C is a very cryptic language, meaning that it really doesn’t resemble English, but the commands are all English words. In short, you probably won’t understand what’s going on unless you a familiar with the programming language. If he’s a beginner, why not start out in BASIC? Its name is what it implies, a simple programming language, and chances are even mere mortals can get some idea of what the program is trying to do if they think hard enough.

I go to tell him to just send me the source code so I can compile it on my PC, as I had a C compiler. I assured him I had no need to pirate the code. I also state that, as a fellow programmer, to please understand my suspicion that it may be a virus, and that I have no anti-virus software. If someone asked me the same, I would either oblige, or simply discontinue the conversation.

But in the middle of composing the message, he requests a file transfer! I gave him no such permission, and denied the request as soon as I finished the message, so he would know why.

come on trust me i dont know how to send the code

All right, hold it! Busted! The source code is nothing more than a text file. To make a program, you need to write the source code, and then compile it using an appropriate compiler. To send the source code, you’d do the same thing as you would to transfer the executable, only change the file to transfer.

wtf is source code?
i am a beginer programmer
i have no code bullshit

Again, busted! Like I said, source code is a NECESSITY. Every programming book I know explains this in the first chapter, and every course I’ve taken has covered this by the first test. Look, when you compile, nothing happens to the source code — it’s still there after compilation is complete.

I promptly explain this to him, after a second attempt to transfer the file (which I denied). I also told him to try harder to plant a virus on a programmer’s computer.

you a fobi dude.
u cant trust ppl
i wish your computer will burn in the flames of hell
and your head will crash on you and you will drawn.
this file has no virus
and u are an asshole!

Just what I’d expect from a someone who was foiled at their virus planting attempt. I never trust people trying to force me to accept anything I don’t want. (BTW, he wants ME to be so trusting of HIM, yet HE can’t trust ME with the source code? Oh, that’s right, this is a scam.) My computer has survived Windows 95 and Windows 98 with only a fraction of the headaches reported out there, and I think it’s anxiously awaiting the next release. I don’t see how it’s physically possible for my head to crash on myslef, and I believe he meant “drown”, not “drawn”.

I then ragged on his horrid spelling. Seeing how he was ripping me so many new ones, I thought he could use an insult. I got this reply:

i am from israel mother fucker!
you got a problem wih that?
cause if you do ill come down where you live and kic kthat racist but of yours till your mother stops fucking you and then ill fuck your ass get it ?!?!?!?!?!?1

OK, you’re from Israel? I checked his Info, and he had entered Italy. I’m racist? For ragging on spelling? The last is part is inexcusable, and deserves no reply, except, “Sick!”

So, the lesson today, boys and girls, is NEVER accept a program from an unknown source. My knowledge saved me this time, but I know there’s a number of kind people out there, like me, who would have loved to help this guy with his game (had it been a real game). And if something seems fishy, like someone sending you files without your permission, get your guard up. And if they begin ripping you a new hole, rag on their spelling — it always riles ’em up. 🙂