Cyber Mystery

Page 1 of 2  
This is sorta OT, but I've left it unlabeled.
I started to do a design in Sketchup a while back, and used the add-on CutList. CutList generates what its name implies: a list of cut pieces that are superimposed on a standard sized plank, and tries to maximize wood useage or minimize waste. After it's done all of that it exports the pieces and their dimensions to a format that can be opened with a spreadsheet program. If you have coloured the pieces with a wood colour, it will also specify the wood used in manufacture.
In my case, I'd used a mahogany colouring, so CutList assumed I was specifying mahogany. It didn't matter to me, I just wanted some colour.
I copy/pasted the piece sizes along with material specification to an email client and then emailed myself at work so I had a list of what I needed when I went to buy the wood.
A few days later, I came home and my wife said that someone had called and was ready to quote prices on the cut up pieces of wood that I wanted, all in mahogany. In fact, they could ship that day if she would give them a CC number. I'd never mentioned mahogany to her, so she decided to give them my phone number at work and let me deal with it. She was a bit surprised by the call, and didn't get the name of the company. They never did call me at work, which is really interesting.
My email client includes my name in the "From" box, but no other personal information. I won't say I've never given out my phone number on web forms, but I don't ever recall giving it out to any wood suppliers. In any event, it's not an unlisted number.
In the project that I drew up the plans for, I'm either going to use select pine from the local guy, or use some oak that I have in-house. I've never used mahogany in my life, and have no plans in the near future to get prices on it.
Somehow, someone got the cutlist email, and called.
I don't know what to think here. My "sent" mail folder has no email that goes to wood suppliers or anyone else that would have received that email, other than my work account. I've got theories, but they're a bit wild and involve cyber sniffing, which seems a bit over the top at this point.
I suspect I will never know for sure.
Tanus
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Tanus wrote:

Or perhaps they got the cutlist data, were able to associate it with you, looked up your phone number, and called...

Hmm - very disturbing. I'd be inclined to label it "industrial espionage" and take it up with law enforcement.
    SketchUp     CutList     spresdsheet program     home e-mail client (and plug-ins)     server chain     work e-mail client (and plug-ins)
It might be interesting to discover what kinds of data are being slurped up from other users...
Just out of curiosity, was the e-mail sent using your gmail account?
--
Morris Dovey
DeSoto Solar
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Morris Dovey wrote:

I'd take Morris's advice here, especially if some of this e-mail flowed through your company e-mail. If your company is large enough, you probably have an information assurance officer (or similar title). This could be indicative of a significant issue that affects more than the fact that your name and phone number were identified with your sketchup plans.
--

There is never a situation where having more rounds is a disadvantage

Rob Leatham
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Mark & Juanita wrote:

The email was sent through my personal ISP account.
I"m reluctant to go to law enforcement, but I will follow through with our security people. I work for a government organization with a population of about 15k, so I've got a few people I can tap, and maybe even interest in this.
thanks.
Tanus
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Tanus wrote:

It also could be on your friends email account. I doubt it has much to do with sketchup or the cut list program, as millions use this stuff and I would think it would have come up long ago. My guess is either your outgoing mail or your friends incoming mail is intercepted. Does your friend have a web site? Does his email go through his web site?

--
Jack
Using FREE News Server: http://www.eternal-september.org /
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Tanus wrote:

whitehouse.gov?
They have recently claimed no knowledge of how email was sent to people who have never communicated with any government agency, so it's possible your name miracled itself somewhere too.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Tanus wrote:

Data interception, plain and simple, most likely on your company side, either in-house or clandestine. Packet sniffing is easy to practice and is a big problem with many corporations and governments practicing it routinely, and SMTP traffic, on either side of the server, is fair game.
Only defense for the little guy is to encrypt your e-mail.
--
www.e-woodshop.net
Last update: 10/22/08
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Right. It *can't* be related to anything he's running at home. It would be so much easier and more direct to intercept email at the company's email portal; trace where it came from; and call him at home to offer my services. A smarter person might, if he could figure out how, just slip you something in your SU add-in. Maybe even have you enter the contact information when you downloaded the software, even before you installed it. I know it sounds counterintuitively complex, but that's how I would go about it.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

I forgot to mention... You could do your own sniffing. Wireshark is free for the download. Sysinternals's tcpview is also a free download. Run them on the client box if you suspect spyware.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
MikeWhy wrote:

bothering me. When I posted the original, I was thinking I was getting paranoid about sniffing, and figured the reactions here would go in a different direction. In fact, I was hoping so.
I'll check with our security people tomorrow, but my suspicion is that they'll tell me I shouldn't be sending myself personal emails and leave it at that.
Tanus
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Google has a back door in Sketchup? Nah, Google would never do such a thing.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
krw wrote:

Thank you for voicing that. Now I'm not the only one to go there. The thought had crossed my mind, but it seemed a bit over the top. Frankly it still does, but it's also a possibility.
It's terrible to think that way, but nonetheless the thoughts happen. The entire creed of "Don't be evil" had always struck me as sophmoric. Having said that, I still use Google search 10 times a day on a slow day, and love Sketchup. Google has almost become an indespensable aspect of many people's lives. The pressure to turn that to self-serving at the expense of the rest of us must at times be overwhelming.
Tanus
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Nothing would surprise me, WRT Google. Other than Google Groups (I read during breaks at work and they've blocked all NNTP access), I don't use Google. There are other search engines.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Tanus wrote:

Google is fine but because it seems indispensable and I'm a bit of a non-conformist, I use http://clusty.com/ for my main search engine. I have it in my Firefox search window as primary. It works just as good as Google.
Also, on re-reading your problem, I thought you sent the email to a friend... it was to yourself at work... Does your work have a web site that processes the email, that would be my first place to look if it does. Google mail would be next, the most unlikely would be sketchup/cut list program because it "seems" the problem is unique to you.
--
Jack
Using FREE News Server: http://www.eternal-september.org /
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Jack Stein wrote:

I called at work to the help line and they were particularly uninterested. So far as I know, the email server is not a website at work, but even if it is, I can't get through to the guys who could verify it.
I suspect you're right about Google and CutList. I wouldn't be the first by any means. This sounds more like sniffing between my end and work. I'd also be very surprised if the people who called here were actually anything other than someone looking for a CC number.
A lesson learned, and a cheap one at that.
Tanus
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

I think you ought to run a thorough malware scan on both PCs, using several different scanners.

Probably so... but how'd they know to call you?
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Doug Miller wrote:

I've done the scans and nothing shows up.
My full name is on the "From" field in outgoing mail. Running a 411 search on that name will get not that many hits on a somewhat unusual name. Trial and error I suppose.
T
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Jack Stein wrote:

I've been using ask.com, but have recently found that something they have done causes the pages to scroll very slowly on Firefox under Linux. I've actually started trying Bing (yeah, I get the irony) and have found it to work much better from that regard.
--

There is never a situation where having more rounds is a disadvantage

Rob Leatham
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Hi,
I am the author of the Cutlist plugin for Sketchup. I can assure you that the version that I distribute and the current version ( or any other officially distributed version) has no such software embedded into it to collect personal information.
Having said that, my software is 'open source' and the code is freely viewable and therefore freely modifiable - though I am not aware of anyone having copied my code and making a different version downloadable.
But it does make me wonder if there is anything I can do to prevent that.
In any case, my day job is as an internet switching/routing protocol developer. Part of my job is maintaining security software. There are plenty of ways to secure email but that's certainly a huge topic.
FWIW, I would suspect either malware on your PC or snooping of unencrypted SMTP messages to your workplace. As someone said, they may really just be after a CC number and not so much interested in selling you lumber. Though if they were snooping govt email, they would know the govt just prints money when they need it, they don't need (or probably even have ) a CC :) Snooping govt email may lead to good tips about purchase activity, and when the govt is the only game left in town still buying things, it may not be a bad tip but certainly illegal and unethical.
Someone else already mentioned that it may be easy to put email address and phone number together from some internet searches, especially, as you said, you may have given this out previously.
Another option is that you got a rogue version of my software. You can download from the only valid source and verify that your copy is an official version v4/0/7 is the latest (download it from http://www.box.net/shared/8nzm1tmdfm )
Best thing is to stay vigilant. Do not leave personal details in public places. Contact people offlist if you wish to trade info. Even this forum makes me nervous because a prominent message at the top of the posting states "Messages posted to this group will make your email address visible to anyone on the internet" I don't really like that and it's not necessary. Luckily I'm got some reasonably good spam filters but that's another story...
It's not the Cutlist plugin, unless you don't have my version. Check it. Steve
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Tue, 18 Aug 2009 03:52:04 -0700, daltxguy wrote:

Steve, I and a lot of others use a different email address to post to groups than we use in normal correspondence. Lots of free email providers with spam filters out there. I check that email account once or twice a week - occasionally there's a non-spam message in it.
--
Intelligence is an experiment that failed - G. B. Shaw

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.