Thursday, July 28, 2011

The Chevrolet Volt Is More Affordable Than You May Think

Have a Great Older Car?   Consider Total Cost of Operation.


In late October 2010, I purchased a fully loaded 1999 Oldsmobile Aurora in great condition. Manufactured during the last year of production of the higher performance first generation Aurora, my automobile is unique in so much as only six others (0.031%) were as well equipped: all options and blessed with the 160 mph capable "Autobahn" gear ratio transmission of 3.71 (instead of the 3.48 transmission).

Engineered to be the best Oldsmobile ever produced, the vehicle was meant to compete with the Lexus and the BMW. The Aurora was also intended to save the Olds name plate from extinction, and launch a comeback of the marque. Oldsmobile sales had dropped from 1,066,122 in 1985, to a mere 389,173 in 1992.

Design work on what would become the Aurora had started in the late 1980's, and surfaced in a 1989 engineering concept known as the Oldsmobile Tube Car. Beyond the overall similar shape, the Tube Car possessed many design elements that were later found on the production Aurora. This design was ahead of its time, and GM has incorporated many of the advanced characteristics of the Aurora into the Chevrolet Volt (i.e. the Aurora has a drag coefficient of 0.32, Volt's coefficient of drag is 0.28).

As initial production neared, the Aurora's engineering team resisted efforts to dumb down the vehicle. The Aurora was powered by a 4 cam 32 valve 4.0L V-8, and featured a standard onboard computer. During the normal crush-to-failure tests done by automakers to evaluate body rigidity, the Aurora's unibody construction actually broke GM's testing machine. A frame-crusher normally used to test stronger truck frames had to be employed instead, with Aurora exceeding federal standards for passenger cars by two times over. After the demise of Oldsmobile, I never forgot the Aurora, and enjoyed the sleekness of the vehicle's design when I saw one on the road.

I paid cash for the Aurora, and have no monthly payment. The car is great, but all older vehicles require more maintenance than do new vehicles. I recently reviewed total cost of operation by tallying receipts. I was not entirely surprised that in using the Aurora as my primary vehicle, cost of operation has been $530.00 per month. This includes $2400.00 in gasoline, and $2900.00 in repairs (for brakes, new tires, etc.). Having spent $2600.00 to purchase the car ten months ago (which was an incredible bargain), total cost of ownership equates to $890.00 per month. Although I could have leased a Cadillac at this rate, I wanted the Aurora, and remain pleased with it.



In early October 2010, I ordered a Chevrolet Volt. My 2012 Volt will be manufactured during August 2011. Many car shoppers interested in the Volt will opt for the low cost lease, which is $350.00 per month. Provided my usage pattern, it will cost $40.00 per month to power the vehicle. In addition, the Volt is covered by a 36-month bumper to bumper repair warranty.

I did not select the Volt solely for economic reasons. The environmentally friendly aspect of the Volt was not the primary consideration in choosing it. Nor did I opt for the Volt simply because I will no longer be contributing to the erosion of America's wealth and national security.  

 
For me, the most compelling reason for driving the Chevrolet Volt is the driving experience itself. The electric drive provides 273 pound-feet of *instant torque* (the Aurora attains 260 pound-feet torque at 4400 rpm). The car is as quiet as a Rolls Royce. The heavy weight of the Volt and the aerodynamics of the design mean that I won't experience buffeting when passing the monster semi-trucks that frequent the highways of the midwest (this is also true of the Aurora). In addition, the Volt is the most technologically advanced automobile yet manufactured (its computers include more lines of code than the Boeing 767 Dreamliner).

The Chevrolet Volt has won a number of awards related to driving experience:

  • 2011 North American Car of the Year
  • Motor Trend 2011 Car of the Year
  • Car and Driver 10 Best for 2011
  • Ward’s AutoWorld 10 Best Engines for 2011
  • Automobile Magazine 2011 Automobile of the Year
  • 2010 Breakthrough Technology - Popular Mechanic
  • Green Car Journal 2011 Green Car of the Year

As you will have observed, operating the Chevrolet Volt (including the monthly lease payment) will immediately save $140.00 per month over an older car in excellent condition (for which I have no monthly payment). I will keep the Aurora, and will drive it on the occasional sunny Sunday afternoon, but the Volt will become our primary vehicle.



Saturday, May 28, 2011

RBN Targets Lady Gaga


Steroid marketers in the Russian Business Network have targeted pop star Lady Gaga.

This takes the form of brand/copyright infringement attendant with the creation of the following domains:

  • lady-gaga-romance.com
  • ladygagaromance.net
  • ladygagaromance.org
  • ladygagaromancefilms.com
  • ladygagaromancetips.com

On the face of it, these Lady Gaga domains appear to be the property of a Swedish marketing firm:

ladygagaromance.org
Reverse Whois:
"Ogelvy & Nielsen Ltd" owns about 19 other domains

Domain ID:D160903576-LROR
Domain Name:LADYGAGAROMANCE.ORG
Created On:11-Dec-2010 21:48:32 UTC
Last Updated On:10-Feb-2011 03:49:07 UTC
Expiration Date:11-Dec-2011 21:48:32 UTC
Sponsoring Registrar:Directi Internet Solutions Pvt. Ltd. d/b/a PublicDomainRegistry.com
(R27-LROR)
Status:CLIENT TRANSFER PROHIBITED
Registrant ID:DI_2144851
Registrant Name:Per Lundstroem
Registrant Organization:Ogelvy & Nielsen Ltd
Registrant Street1:12, Gammel Kongevej
Registrant Street2:
Registrant Street3:
Registrant City:Copenhagen V
Registrant State/Province:Bornholm
Registrant Postal Code:1610
Registrant Country:DK
Registrant Phone:+45.332565
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email: contact@victorymarketing.info

LadyGagaRomanceTips.com is also Ogelvy & Nielsen Ltd (contact@victorymarketing.info)

Looking more closely, we can see that Ogelvy & Nielsen Ltd are a front:

victorymarketing.info is hosted on a server in Hong Kong with IP address 123.108.108.55:


victorymarketing.info    a     123.108.108.55
Hong Kong

The name server for victorymarketing.info is ns1.pranza.com.

Other domains with the same IP address and name server are:

abrahamwealthservices.com
fosassetmanagement.com
hsharpprivateconsultants.com
ivitamins.org
mail.abrahamwealthservices.com
mail.hsharpprivateconsultants.com
mail.pacific-escrow.com
mail.pranza.com
mail.pricelaw.com
mail.rainesecuritiesllc.com
ns1.pranza.com
pranza.com
pricelaw.com
rainesecuritiesllc.com
top.pranza.com
victorymarketing.info

ns1.pranza.com:
Domains using this as name server (8)

abrahamwealthservices.com
hsharpprivateconsultants.com
ivitamins.org
pranza.com
pricelaw.com
rainesecuritiesllc.com
roidgear.net
victorymarketing.info

pranza.com itself is shielded by privacyprotect:

Domain Name: PRANZA.COM
Registrant:
PrivacyProtect.org
Domain Admin (XXXXXXX@privacyprotect.org)
ID#10760, PO Box 16
Note - All Postal Mails Rejected, visit Privacyprotect.org
Nobby Beach
null,QLD 4218
AU
Tel. +45.36946676

pranza.com was registered through Directi:

Domain Name:    PRANZA.COM
Registrar:    DIRECTI INTERNET SOLUTIONS PVT. LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Examining the other properties associated by DNS and IP address:

Domain Name:IVITAMINS.ORG
Created On:25-Mar-2005 09:25:39 UTC
Last Updated On:24-Aug-2010 13:46:11 UTC
Expiration Date:25-Mar-2012 09:25:39 UTC
Sponsoring Registrar:1API GmbH (R1724-LROR)
Status:OK
Registrant ID:RAI6113358-QAPX
Registrant Name:Rusnac Irina Anatoli
Registrant Organization:ICS Interland SRL
Registrant Street1:B-dul Stefan celMare, no. 169
Registrant Street2:
Registrant Street3:
Registrant City:Chisinau
Registrant State/Province:Chisinau
Registrant Postal Code:2004
Registrant Country:MD
Registrant Phone:+373.60305749
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:

ivitamins.org, based in Moldova, is an Internet marketer of anabolic steroids, human growth hormone, and the like, presumably manufactured by Balkan Pharmaceuticals SRL:

iVitamins Shop

Manufacturer:Balkan Pharmaceuticals. This product is human use licensed by law at GMP standards. More details on company website ...
www.ivitamins.org/product_info.php?products_id... - Cached - Similar
Show more results from ivitamins.org

iVITAMINS - Anabolic Steroids Discussion and Bodybuilding Forum

20 posts - 10 authors - Last post: Sep 19, 2006
Just to let others know,I had some damage occur during shipping and I-vitamins said they would ship a replacement.Exellent costumer service. ...
www.anasci.org › ... › News & Updates › Anasci Board Sponsors - Cached - Similar
Very Happy with Ivitamins.org
Reverse Whois:
"SC Balkan Pharmaceuticals SRL" owns about 1 other domains
Registration Service Provided By: IMENA.UA
Contact: +380.442010102
Website: http://imena.ua
Domain Name: BALKANPHARMACEUTICALS.COM
Registrant:
    SC Balkan Pharmaceuticals SRL
    Silviu Chiru        ()
    ul. N.Grehdesku 4
    Kishinev
    ,MD-2002
    MD
    Tel. +1.22503588
    Fax. +373.22503589


James McQuaid
EmergingThreats.net

Saturday, May 14, 2011

How To Disable WebGL

On May 11th, Swa Frantzen posted "Time to disable WebGL?" on the Internet Storm Center's Diary page (http://isc.sans.edu/diary.html?storyid=10867).  Dan Goodin also covered this story on the 11th: "New graphics engine imperils users of Firefox and Chrome" (http://www.theregister.co.uk/2011/05/11/chrome_firefox_security_threat/). 

Both articles point out that US-CERT has recommended that WebGL be turned off in browsers which support it (http://www.us-cert.gov/current/index.html#web_users_warned_to_turn).

The SANS piece mentions that in order to disable WebGL in Google Chrome "It needs the --disable-webgl argument on the command line".  After some testing, I have concluded that this only works once (i.e. in the browser session opened from the command line).  In addition, if you open the command window in the Run As Administrator mode, the command line argument does not work at all.

In order to disable WebGL on end user computers, it is necessary to change the target of every Google Chrome shortcut on a machine. 

To make this change in Windows 7:
1) right click the Google Chrome shortcut,
2) left click Properties,
3) click the Shortcut tab,and
4) change the Target to:
C:\Users\THEUSERNAME\AppData\Local\Google\Chrome\Application\chrome.exe --disable-webgl

This will not prevent users from creating a new WebGL enabled shortcut.


In Firefox 4.01, WebGL can be disabled by:
1) enter "about:config" in the address window,
2) scroll down to webgl.disabled and right click on it,
3) left click Toggle.

You can test your configurations by browsing to this site: http://www.webkit.org/blog-files/webgl/SpiritBox.html.  If the puppy appears in a rotating cube, WebGL is enabled.  If WebGL is disabled, you will see a photograph.

The WebGL extension designed to protect the GPU stack from exploitation, GL_ARB_robustness, has not been deployed by most GPU vendors.

Once WebGL is effectively sandboxed by Google and Mozilla, I will be happy to turn it back on.  Until then, the eye candy will have to wait.

Additional references:
    http://www.contextis.com/resources/blog/webgl/
    http://www.khronos.org/news/permalink/webgl-security

James McQuaid

Sunday, March 20, 2011

RBN IP List and Super Black Hole Updated


Hunting the RBN

IP address ranges from which the former customers of the RBN ISP, their malware marketing affiliate networks, emulators, and other organized crime groups exploit consumers. Block at will:

Protect your family and home network from 300,675 of "the baddest of the bad" domains blacklisted for Smoothwall 3:

config

hosts

Sunday, March 6, 2011

RBN IP List Update 3-6-2011

RBN IP List Update 3-6-2011 is available at:
http://doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork

In this update we add more coverage for ChronoPay properties.  Thus far, we have seen only one domain object move.  The mail server mail-eye.com was located at 78.108.190.4 (AS43355 UPL-TELECOM-AS UPL Telecom) and is now deployed at 178.63.72.234 (Hetzner).  Both of these IP addresses also host DNS servers, so this provides a clue as to enemy infrastructure.

In addition to Pavel Vrublevsky's hubris, the update lists new instances of SpyEye Command and Control servers, Zeus, several backdoor trojans, a Heihachi deployment of Trojan Palevo, and we catch the Koobface Gang victimizing cancer patients with Trojan Bredolab.

We have consolidated several IP listings (an opportunity provided by consistently malicious behavior).

We wish to acknowledge Brian Krebs, the Malware Domain List, and David Glosser at Malware Domains.

Thank you,

James McQuaid
http://www.jamesmcquaid.com/JamesMcQuaid.asc

Saturday, February 12, 2011

AnonLeaks On The Move

Yesterday, I pointed out that anonleaks.pcriot.com had been deployed on IP address 69.175.6.102. During the night, anonleaks.pcriot.com was moved to 69.175.122.178. In addition, anonlinks.pcriot.com was deployed on 69.175.6.102.
69.175.122.178
anonleaks.pcriot.com

69.175.6.102
anonlinks.pcriot.com
In addition, anonleaks.ru has been set up within criminal hoster Webalta's IP space:
92.241.162.216
anonleaks.ru
hbgary.anonleaks.ru
internetfeds.mil.nf
irc.anonops.net
loic.anonops.in
Anonops has several familiar dedicated DDOS domains at 109.235.53.142:

dharma.anonops.ru
irc.anonops.net
irc.anonops.ru
loic.anonops.in
loic.anonops.net
loic.anonops.ru
Hijacked brands on 69.175.122.178 include Facebook, HSBC Finance, Nintendo, and Star Wars. In addition, the IP is cluttered with web spam junk domains.

According to clean-mx.de, there have been 29 separate instances of malware on 69.175.122.178 during the past 12 months (including pcriot.com) http://support.clean-mx.de/clean-mx/viruses.php?ip=69.175.122.178&sort=first%20desc, and the host domain objects remain in play (they include various subdomains for pcriot.com, x10.bz, and x10.mx).
MalwareURL reports that Zeus and other keyloggers are currently active on the IP.


x10hosting.com is the bad hosting firm involved, and we will be taking a close look at their other operations.


James McQuaid
2-12-2011

Friday, February 11, 2011

AnonLeaks Continues Relationship With Criminals

The sociopaths at Anonymous are once again aligning themselves with cyber criminals.  You may recall that they hooked up with Heihachi some time ago.  Now they are launching AnonLeaks as a replacement for wikileaks.  While AnonLeaks is being promoted through social media, and a free sites such as blogger, they have also launched a subdomain at malware domain pcriot.com.

Google Safe Browsing paints a pretty ugly picture:
"Malicious software includes 1 scripting exploit(s), 1 trojan(s), 1 exploit(s). Successful infection resulted in an average of 1 new process(es) on the target machine."
http://www.google.com/safebrowsing/diagnostic?site=pcriot.com

Threat Expert, Norton, and McAfee also warn of malware at the site:
http://www.threatexpert.com/report.aspx?md5=a7e1388c38c1fed12785bc335f95b15d
http://safeweb.norton.com/report/show?name=biohazarder.pcriot.com
http://www.siteadvisor.com/sites/pcriot.com

anonleaks.pcriot.com is nestled in with numerous scam, fraud and malware sites at 69.175.6.102:

    *.alma-radiantbarrier.x10.mx *.bigfang.exofire.net *.com.x10.mx *.com2fhttp3awww.menshealth.x10.mx *.conectplayer.x10.mx *.craybiez.pcriot.com *.dammy.exofire.net *.domains.menshealth.x10.mx *.dotnuxx.x10hosting.com *.ebay.menshealth.x10.mx *.ebaymotors.ebay.menshealth.x10.mx *.elementfx.com *.emu.pcriot.com *.exofire.net *.fogafoga.exofire.net *.freedownload.x10.mx *.in.www.menshealth.x10.mx *.menshealth.x10.mx *.monroefunds.elementfx.com *.moviesx.x10.mx *.new4m.x10.mx *.o-radiantbarrier.x10.mx *.pcriot.com *.porno-radiantbarrier.x10.mx *.proactolreview.x10.mx *.prodigy.x10.mx *.s102-darkwindow.exofire.net *.s102-radiantbarrier.x10.mx *.sars-gov.x10.mx *.standardbanksecuredpage.x10.mx *.uk.x10.bz *.www.menshealth.x10.mx *.x10.bz *.x10.mx *.x10hosting.com 6apart.menshealth.x10.mx 9lb-ar.x10.bz absolut.x10hosting.com accountnow.x10hosting.com accs-google.x10.bz accs-radiantbarrier.x10.mx activities.menshealth.x10.mx adiantbarrier.x10.mx alma-radiantbarrier.x10.mx am-red.menshealth.x10.mx americanflyertrains.x10.bz anonleaks.pcriot.com astoora.pcriot.com atenas.x10.bz avto-radiantbarrier.x10.mx aztecas.exofire.net b.s102-darkwindow.exofire.net b.s102-radiantbarrier.x10.mx background-netsite.x10.bz background-radiantbarrier.x10.mx beatfiltering.com2fhttp3awww.menshealth.x10.mx beautyskincare.pcriot.com best1services.x10hosting.com bigfang.exofire.net bizmarket.x10hosting.com blogging-radiantbarrier.x10.mx bos1-mail.domains.menshealth.x10.mx build-radiantbarrier.x10.mx bz2.menshealth.x10.mx c13-b2b-prod-fa-web-lb.menshealth.x10.mx cashopping.pcriot.com chat-radiantbarrier.x10.mx cheapstackingchairs.x10.bz chiziahu.x10.mx com.x10.mx com2fhttp3awww.menshealth.x10.mx conectplayer.x10.mx cosex-darkwindow.exofire.net craybiez.pcriot.com cucvip.net dogtrainingcenter.pcriot.com domains.menshealth.x10.mx ebay.menshealth.x10.mx ebaymotors.ebay.menshealth.x10.mx emu.pcriot.com facebook.emu.pcriot.com facebook.pcriot.com fogafoga.exofire.net folksfun.pcriot.com fuuhx.x10hosting.com gamesnaper.x10hosting.com guias2009.exofire.net iciici.x10hosting.com in.www.menshealth.x10.mx in2.x10hosting.com infinityicici1.x10.mx iyan.x10hosting.com leroi.elementfx.com lestim.x10hosting.com lotus.x10hosting.com malisnet.com menshealth.x10.mx monroefunds.elementfx.com morenathuso.com morenathuso.x10hosting.com mptiga.x10hosting.com mrrohana.x10hosting.com mx.x10hosting.com new.x10hosting.com new4m.x10.mx nikmob.x10.mx ns1.conectplayer.x10.mx ns10.x10hosting.com ns100000.x10hosting.com ns2.conectplayer.x10.mx ns3.conectplayer.x10.mx ns3.x10hosting.com o-radiantbarrier.x10.mx onetouchglucometer.exofire.net phonezone.exofire.net pills.x10.bz pnoykb.x10.mx porno-radiantbarrier.x10.mx quebec-community.com rijad2.x10.mx runex.pcriot.com s102-darkwindow.exofire.net s102-radiantbarrier.x10.mx sap.x10hosting.com sc2.pcriot.com serfx.dotnuxx.x10hosting.com sex.x10.mx sexypicsblog.x10.bz simanta.x10hosting.com stoned.x10hosting.com teacuppigs.x10hosting.com timehack.pcriot.com touchnew.elementfx.com trenager.pcriot.com unlimited.pcriot.com visualfields.pcriot.com watch4free.x10hosting.com www.elementfx.com www.fogafoga.exofire.net www.menshealth.x10.mx www.pcriot.com xartit.x10hosting.com zzsite.x10.mx
If you don't want to reload your computer as well as, deal with the nightmare that is identity theft, stay away from the various AnonLeaks sites.

We will be adding 69.175.6.102 to the RBN IP List with the next update.

Amazon may be interested to learn that they are hosting a site being utilized by Anonymous:

AnonLeaks. posted Dec 14, 2010 03:57:55 by anonleaks123. Pure Awesomeness. page 1. Back to Topics. Login below to reply: get your own embeddable forum with ...5950853.weebly.tal.ki/20101214/anonleaks-257449/
5950853.weebly.tal.ki a 184.72.247.12 United States
184.72.128.0/17 Amazon IAD prefix AS14618 Amazon-AES-IAD

One of the characteristics that the members of Anonymous have in common with their Russian and Ukrainian cybercriminal benefactors is that they evidently never received a moral education. Another is that they are felons who have earned hard prison time.

James McQuaid
11 February 2011