the missus, who works for BT assures me that any BT customers can call 0800800150 and get premium rate number call baring for free, if you want internartional and premium rate call baring itll cost you £5.45 a quarter inc. VAT.
she also said she thinks its well worth it, as Bt is very tough about making people pay their billls, but also donates the profits from these nasty diallers to childline. Still i bet they will still make money from it..from the number of people who will splash out on international barring because of all the horror stories in the news will ensure that.
Rick
>From: George Waring <george@waring.com> >To: main@lists.alug.org.uk >Subject: Re: [ALUG] "Phone fraud" >Date: Sun, 28 Nov 2004 21:15:27 -0600 > >At 03:26 PM 11/25/2004, Wayne Stallwood wrote: > >>On Thursday 25 November 2004 7:11 pm, Ted Harding wrote: >> > ALUGgers who watched this evening's "Look East" will have >> > seen that dialup phone fraud is in the news again -- people >> > getting phone bills for hundreds of pounds for internet >> > calls to Vanuatu, Chile, etc. on premium rates. Some >> > Linux-users may have seen it too! >> > >> > What I'd like to ask knowledgeable folk is: how does it >> > in fact work? >> > >> > I've never seen more than a vague description of it, on >> > the lines that when one is on line "the call is diverted >> > to a premium rate number", apparently through some subversion >> > of Internet Explorer. >> > >> >>Those are usually known as porn diallers and it is started with a >>yes to a >>"you must install application foo to view content blah" This >>installs a >>background dialler that then calls the premium rate number. >> >>But something else struck me, that if it isn't happening already >>could >>possibly happen. >> >>There is a file extension ".ins" that can kick off the internet >>connection >>wizard in a fairly silent mode with defined settings. > >Yes. And it turns off the speaker so the unwitting used is unaware >that the machine is re-dialing. > >I had a boss a couple of years ago who was not very bright. He was >constantly getting these things on his PC. In addition to >re-dialing, the program courteously placed a little icon on the >desktop essentially "Click me for your daily Pr0n." > >I recall one time I installed a new 9 Gig hard drive on his >computer. Then, about a month later he came to me complaining >because he had no disk space. I, somewhat shocked, thought that >there must be something gravely wrong with his machine because there >was no way he could fill up that amount of space. But he had. It was >all porn. Tens of thousands of .jpeg's. > >I quietly deleted it all and simply told him that his computer was >fixed. > >A month later he had it all filled up again. > >It occurred to me that the amount of time this man spent downloading >that stuff must have been virtually every minute of his time on the >job. > >I have no idea how much the phone was but it must have been >astronomical. >. > >> You can (with a simple >>plain text .ins file) define every aspect of a dial up and mail (if >>you want) >>config including "I think" if it is Explorers default. >> >>The trick is to get it working as a transparent proxy so you >>actually get a >>working connection just on a premium number (maybe even get mail >>relaying to >>work by intercepting all traffic on 25 and redirecting it to an >>open relay). >>Hence unless the user studies the dial up box when IE brings it up >>they >>probably wouldn't notice. >> >>Some Mac's with IE installed could also be vulnerable to this, on >>Mac's I >>think there is a mime type called application/x-internet-signup >>that takes >>the same format of configuration file as the .ins on windows. >> >>Nasty stuff but I don't think it would translate very well into the >>Linux >>world. It's another one of those Internet Exploder trying to be too >>"clever" / Windows desktop users having too higher default >>privileges things. > > >--- >Outgoing mail is certified Virus Free. >Checked by AVG anti-virus system (http://www.grisoft.com). >Version: 6.0.797 / Virus Database: 541 - Release Date: 11/15/2004