Forgot your password?
typodupeerror

College Student Receives Email of the Lost 318

Posted by Zonk
from the this-is-what-being-smart-gets-you dept.
dots and loops wrote to mention an eWeek article that's something of a life lesson: Don't be too smart for your own good. The article tells the tale of a college student who cleverly chose null@vtext.com as his cellphone email address. He's been getting thousands of wayward emails and text messages since 2001. From the article: "Initially, the content of the messages was innocuous, he said. It was things like don't forget to drop the car off at baker's and to call mom at 781-XXX-XXXX, stuff like that, Bubrouski wrote. The problem worsened in mid-2002, when Bubrouski's phone began channeling what he claims were dozens of messages from an e-mail address used by General Motors' then-new "OnStar" system. The messages quickly filled up the memory on his cell phone and contained diagnostic response to tests on a beta version of OnStar. 'Basically, peoples' cars were sending messages to my phone, Bubrouski wrote. "
This discussion has been archived. No new comments can be posted.

College Student Receives Email of the Lost

Comments Filter:
  • by Weaselmancer (533834) on Tuesday February 28, 2006 @02:23PM (#14818678)

    Slashdot just put your email address on their home page. Unscrambled.

    Hmmm...wonder what a variant of the Slashdot effect is going to do to a cellphone?

    • Slashdot just put your email address on their home page. Unscrambled.

      This is actually quite serious. I have had one story posted on Slashdot, and because I didn't have a homepage, the editors put in my unscrambled email address. The story was copied and pasted verbatum by countless sites all over the next.

      That address was almost rendered unusable. Only the bayesian span fliters in thunderbird salvaged it. Still, it was pretty irritating to see an address I had been quite careful with destroyed because the Slashdot editors didn't consider carefully what they were doing.
      • Still, it was pretty irritating to see an address I had been quite careful with destroyed because the Slashdot editors didn't consider carefully what they were doing.

        You mean, because you didn't consider what you were doing.... You entered your e-mail address, they didn't go look it up and enter it for you. You should have considered the fact that, if the story was accepted, it would be posted, but you failed to consider that. It is not the editor's place to go and edit someone's e-mail address or home

      • Isn't giving your email address optional? I think it says that you either get a linkback to your website or a link to your email address right where you submit the article.
      • Being "careful" about email addresses doesn't work. It'll ward off the spammers for a while, but eventually you'll have to change your address.

        And that stinks. We need a better solution to the spam problem than carefully hiding email addresses from the world.

        My current "solution" is to run spamassassin, which gets most of my enormous amounts of spam with a fairly low false positive rate. But it's only a stopgap solution -- something more permanent is needed.

        I wish I knew what it was.
      • Still, it was pretty irritating to see an address I had been quite careful with destroyed because the Slashdot editors didn't consider carefully what they were doing.

        Your fault. Everybody knows that the /. editors don't know what they're doing, so your first (and last) mistake was not using a throwaway email address.

    • Quite a bit I think. When I got a story posted to the /. homepage, they linked directly to my email address; unscrambled, of course (and my homepage link was readily available). Spam galore!
    • by jd (1658)
      The signal to noise ratio will go down, but the quality of the noise will skyrocket.
  • Fault (Score:3, Insightful)

    by Billosaur (927319) * <`wgrother' `at' `optonline.net'> on Tuesday February 28, 2006 @02:23PM (#14818684) Journal
    SMS users, like e-mail users, rely on the fact that carriers like Verizon won't accidentally deliver improperly formatted messages, such as those with no addressee, to an unrelated address, said John Pescatore, a vice president at Gartner.

    "There's no way that this should be happening. No e-mail system would ever do that," he said.

    Verizon should be rejecting messages with improperly formatted addressee information, not forwarding it to an account, he said.

    Bubrouski agrees.

    "I'd have to say Verizon is at fault. Sure, service providers make mistakes, but Verizon shouldn't be accepting messages from no one to no one," he said.

    It's safe to say Verizon is at fault, but perhaps not in the way everyone would think. How could they let someone have an email address of 'null'? NULL is generally a reserved keyword in most places where it is used; apparently the designers of Verizon's email system forgot some basic computing. Could someone sign up for 'root@vtext.com'? I would hope they would be smart about avoiding problems like that in the first place, though in the end it's true that their email system must be pretty poor if it allows messages with malformed header information to be received.

    • It's safe to say Verizon is at fault

      No, it's not safe to say. I very strongly doubt it, in fact:

      he couldn't find anyone at Verizon or ESPN who had heard of it and could help him with his problem.

      That's because it was probably our little mobile group at Disney (owner of ESPN and ABC), oops. We took content such as sports stories and sent it out to all kinds of mobile devices, including cell phones and SMS devices.

      If we ever screwed up during our testing (bugs? what bugs?), we could very easily hav

    • back before abuse@ was the way to report issues and commonly used, there were a number of people that were customers of various ISPS, including one customer at MSN that used abuse as their e-mail address. I remember the stories of how much mail that person would receive..

      I know of someone who created their personal email for their family member as nospam@ a domain and they don't get any :) someone must be doing a s/nospam//

    • “How could they let someone have an email address of 'null'? NULL is generally a reserved keyword in most places where it is used; apparently the designers of Verizon's email system forgot some basic computing.”

      The problem goes deeper than reserved keywords. They apparently didn’t understand the concept of “in-band signaling [wikipedia.org]--the sending of metadata and control information in the same channel used for data,” instead of using separate channels. Using unescaped, reserved keyw

    • by idlake (850372)
      apparently the designers of Verizon's email system forgot some basic computing

      Unlike "root" or "postmaster", the address "null" has no special meaning in an E-mail system.
  • Change your fucking cellphone e-mail address, genius.
    • That's what I was thinking. Thousands of emails since 2001... did he not get it that there was a problem? After it became a problem change addresses and it wouldn't be a /. story.
    • Change your fucking cellphone e-mail address, genius.

      Yeah, you'd think that after 5 years, he'd think of that one. Guess some people are a little slow.
    • RTFA: Getting rid of his vText account would stop the stream of unwanted SMS message problem, but Bubrouski said he enjoys reading the messages he receives, and blocks companies and individuals when the volume of SMS they're sending him gets too high.

  • FYI - vtext (the service the kid is using) stands for Verizon Text

    That data has become more sensitive in recent months, as companies rush to deliver everything from SAT test scores to medical information and automobile diagnostics to cell phones and PDAs.
    ...
    "I was getting people's grades, order information from unknown retailers, personal messages with people's credit card numbers [and] social security numbers,"

    Medical information? Credit Card & Social Security numbers?
    Shit is going to hit the fan in 5

    • I gotta wonder, maybe this story is true, but why would confidential info, like Medical records, credit card numbers, etc, be being sent as clear-text email? I could maybe see SAT scores, but I don't think even that would be.

      If anyone I did business with sent me confidential info over email, and it wasn't encrypted, I'd be royally ticked, and sue them for being so negligent about protecting my info.
  • This storey reminds me of one I heard about in the 1980's.

    Some smart *ss decided to get a vanity plate that read "NONE". It seems that whenever a police officer or parking commisionair issued a ticket for a vehicle without a license plate, they would write in "NONE" where it said plate.

    Then the clear entering the ticket info, would (of course) enter the same thing into their system.

    The result was hundreds of tickets being issued to him, for various offenses (parking, speeding, etc.).

    • The result was hundreds of tickets being issued to him, for various offenses (parking, speeding, etc.).

      Clever. Of course, this could be used to his advantage too -- since there would be a flood of them, any tickets that he himself got would also say NONE, and so he could probably get the entire stack dismissed all at once, both the not-his ones and the really-his ones. (The court system is unlikely to expect him to pay for tickets that weren't issued to him, though they might make him jump through som

    • There is a similar myth with a "NO PLATE" vanity plate.
  • There was a story in our local paper a while back about someone who had the vehicle vanity tag of "UNKNOWN" and the owner started getting issued all sorts of automated red light camera tickets shortly after the city started installing red light cameras. Turns out the system that would OCR scan the violaters would enter the word UNKNOWN in the license field for the ticket if the car that was photographed running the light was missing its tags or they were otherwise illegible.

    Be careful of your chosen names!
  • I remember back in the early '90s when I still did Fidonet, all echomail messages had a "To:" field (unlike Usenet), you could read replies to you, no matter what group they were in. Messages that weren't replies were by default sent to "All".

    So if you created a user named "All", most messages in echomail and most messages in local boards would be flagged as new to you. Once sysops figured that out they usually created the user All and that was the end of it.

  • That's why we have RFC 2606 [ietf.org]
  • 867-5309 for the number?
  • car spam (Score:5, Funny)

    by digitaldc (879047) * on Tuesday February 28, 2006 @02:34PM (#14818776)
    In the world of software design, "Null" is commonly used to represent "no value" or "0." Developers of mobile services use the "Null" address during testing routines, assuming that the messages won't be sent to anyone.

    I wonder if he even thought about this before he got that address.
    Now the question is - can he sue for textual harassment?
  • Sounds like someone screwed up big time. In most (all?) programming languages,
    str = "null" and
    str = null

    mean two completely different things. Somewhere along the line, they must be converting null(value) to "null"(string), which seems like a dumb thing to do.
    • Somewhere along the line, they must be converting null(value) to "null"(string), which seems like a dumb thing to do.

      In C, if you try to print a null string with printf, you get the text "(null)" out, which is arguably better than crashing. It's probably something like this causing the spurious messages to the null@ address.
  • ..but again let me ask, why do Multi-Million dollar companies fail to have their SMTP servers setup correctly, but lame geeks such as myself and other /. readers have their POSTFIX servers set to deny emails that don't have any TO: or FROM: headers? I mean come on, here's a HOWTO that I worked with that started out in 2001 for hell's sake: Postfix Anti-UCE [linxnet.com]

    Still, there's going to be a ton of companies that don't know what they're doing, or who they're hiring; problems like these will only continue to surfac
    • Many years ago, I worked at an ISP where a customer chose "core" for his username. A weekly OS cleanup script kept deleting his mail spool.
    • but lame geeks such as myself and other /. readers have their POSTFIX servers set to deny emails that don't have any TO: or FROM: headers?

      It's highly likely that most of the emails he's receiving DO have the To: and From: headers set properly. This comment [slashdot.org] is probably very close to the true source (if not the true idea of the source) of most of the messages he's been receiving. It could also come from java programs, where if you print an unitialized string it just prints the four characters n, u, l, l

  • A car owner in California buys a vanity license plate that says NONE. Within a week he's receiving hundreds of parking citations. All the citations have NONE in the license number field because the car had no license plate.
  • From the article:
    TCG is developing specifications for hardware building blocks, including the TPM (Trusted Platform Module) chip that can secure transactions from mobile devices.

    Great!

  • I own the testcluster.com domain.

    Until I finally shut off DNS to it, every day or so there would be some Windows Active Directory system out there trying to update my DNS servers. I'm guessing "testcluster" is a popular name for a new Windows clusters.

    For example:
    query: _ldap._tcp.pdc._msdcs.testcluster.com
    query: _kerberos._tcp.dc._msdcs.testcluster.com
    query: 6c91d860-bf0b-4bd9-b0f3-2a368934fe0e._msdcs.testcl uster.com
    query: _ldap._tcp.DomainDnsZones.testcluster.com
    • I own a domain that is similar enough to an ISP that I get about one errant email a month. I wont change the domain name though for reasons that you wont care about.

      Anyway, I have a standard response that I send back to people letting them know that they mistyped the addresses. In about two years of this, only 3 or 4 times has anyone bothered to thank me for letting them know they screwed up.

      And one time, some idiot actually replied to my message and kept talking as if he was talking to his friend! Talk
  • Ok, I will admit that registering null@ is cute in a I-am-a-complete-freaking-moron kind of way. No, it shouldn't be allowed by whatever service he is using.

    All that said, why are the developers of these programs using it? I can only assume it is them sending messages to this address as I doubt any clients would. Whatever happened to sending you email to example@example.com? Even better set up an email account that just dumps into a bit bucket on your domain and use that. Regardless of the method why allo

  • My vanity license plate is "NONE". I never get any parking tickets.
  • ...of a friend of mine who registered billgates.com way back in the day. He set up a website that showed the most recently received emails to the domain. Quite entertaining...a lot of people actually seemed to believe that emailing Bill with your sob story would result in a cash handout. Wacky.
    • Similarly, my company policy of filling software licencses out with "Anybody", "Anywhere" in the the Name and Company fields to ensure our legal right to resell, coupled with MSN doing stupid things with defaults once lumbered us with the email address anybody@msn.com - you wouldn't believe the incomprehensible complaints that get sent there by the technologically challenged!
  • This reminds me of what happened to Steve Wozniak.

    Apparently, he always wanted a phone number with all the same digit, like 444-4444. After he got one, he discovered the horrible truth... he got tons of calls followed by hang-ups. As the story goes, he couldn't figure out what it was, until one day he heard someone yell in the background, "Jimmy - you hang that up!" (or something like that). He was getting little kids! Of course, they grab the phone and press the same number over and over.
  • From the article:

    In the world of software design, "Null" is commonly used to represent "no value" or "0."

    NO NO NO NO NO NO NO!

    Null is commonly used to represent "no value" or the absence of data. In programming, zero is discrete and specific data. Zero is data. Null is the lack of any data.

    Okay so this isn't exactly a programming or data base design article but these things are important. I work in a support department and do you know how hard it is to explain what NULL is? Misinformation should not be
  • I have a Verizon phone and set up an "alias" email address like this for my phone. That's all it is. You can always send email to 1005551212@vtext.com (your phone number, of course), but the alias address can be changed. I started to get some spam on my phone through the alias, so I changed it to something else. It took 15 seconds on their website.

    Years of this? Why not just change the address?
  • same thing happened to me when I registered an "address"@XXXX.com address. all sorts of generic mail.
  • call mom at 781-XXX-XXXX

    My therapist is buying a boat.
  • In the early 90's I wrote email software for a living. When we added SMTP support, I would use "nobody@nowhere.com" as a guaranteed-to-fail address for testing non-delivery reports.

    Then, one day, around 1996, I stopped getting non-delivery reports....

    I've never had the courage to try and figure out who I dumped 10,000 identical e-mails onto...
  • On RISKS, a few years ago, someone wrote up his experiences as"My life as uucp@aol.com" [newcastle.ac.uk]. Pretty funny:

    The AOL software politely informed me that this name was taken, and said thesame when I requested "postmaster", "webmaster", etc. In some cases itsuggested an alternative like "webmast236", and in others it simply said"That name is taken."

    Then I requested "uucp".

    And the software asked me to enter my new password.

  • So after reading the article how many of you sent email to his phone? Could this be the first slashdoting of a phone? And does he get charged per message?
  • Bubrouski's phone began channeling

    Wow. A cell phone ter'angreal.
  • ... for anon@anon.com, a@anon.com, abc@abc.com, junk@junk.com and host of other imaginary email addresses I've chosen in the past.

At work, the authority of a person is inversely proportional to the number of pens that person is carrying.

Working...