Obfuscated Email

Ruby
1

If you want to ignore the introduction and just get to the task, skip
down
to the last paragraph.

Ah, yes… I remember the good ol’ days of Usenet, when the signal to
noise
ratio was high, very high… certainly much higher than the 1-to-100
ratio
that is the curse of many newsgroups today.

Back then we had rules! And etiquette! And people felt compelled to
adhere
to such rules, because… well, that was how things were done. For the
most
part, we didn’t have to deal with the unrestrained spam that now
pervades
the Internet net like the lingering smell of boiled cabbage.

Where was I? … Oh yes, signatures! We had signatures for our posts
and
email, restricted to a narrow space of no more than four lines and no
wider
than the terminal. We’d put our names, email, phone… even funny quotes
(or
angry, political quotes for those angry, political folks). But it always
fit
within four terminal lines: never more.

But nowadays… What sane person would put his email address in his
signature file, out in plain view for spammers to see? It is folly, I
say.
Insanity. Lunacy. I would sooner code in BASIC than publicly divulge my
email address to the world.

Now, I hear you say, “So, genius, how do you provide such information if
not
in the signature?” Well, you are right to ask and also right to call me
a
genius. Pay attention, and I shall reveal to you how such is
accomplished
(best viewed in monospaced font):

x = (“swDlw ms > mMm.hh@ttaiog” + ## Matthew D Moss, 888-555-1234
“<.cMmssoottaaee”).split(//); z = ## Department of Fine Ruby Studies
[“”] * x.size; puts x.map {z = x. ## University of Wherever I Like
zip(z).sort }.last[9].join + “\n” ## “He that runs Ruby, runs well.”

Do you see it? You don’t, do you? Look again after I run this signature
through the Ruby interpreter:

Matthew D Moss [email protected]

The silence suggests to me that you are stunned beyond words. I think
you
are needing such a challenge…

For your task this week, I ask that you make your own signature such
that
displays your email address when run through the Ruby interpreter. The
signature must fit within four lines of no more than 80 characters per
line.
(If you still want to avoid outputting an email address, your script may
produce something else: a phone number, a funny quote, vCard, a poem to
your
love, whatever…)

2

Google catches my spam for me.

3

On Fri, May 16, 2008 at 9:25 PM, DJ Jazzy L.
[email protected] wrote:

Google catches my spam for me.
Optimism is the root of all evil :wink: and BTW do you really want to keep
them extra busy.
This said, Google catches my spam pretty well too and thanks for that !
Robert

http://ruby-smalltalk.blogspot.com/

Whereof one cannot speak, thereof one must be silent.
Ludwig Wittgenstein

4

On Fri, May 16, 2008 at 10:05 PM, DJ Jazzy L.
[email protected] wrote:

Optimism is the root of all evil :wink: and BTW do you really want to keep
them extra busy.
This said, Google catches my spam pretty well too and thanks for that !

Dude! I
I do not approve of that kind of language and therefore do not read
the rest of your post.
If you really want to tell me something please kindly try again. If
you think that I am getting this wrong please do likewise.

Cheers
Robert


http://ruby-smalltalk.blogspot.com/

Whereof one cannot speak, thereof one must be silent.
Ludwig Wittgenstein

5

Optimism is the root of all evil :wink: and BTW do you really want to keep
them extra busy.
This said, Google catches my spam pretty well too and thanks for that !

Dude! It’s not like they do it by hand or something. They have 15-
infinity 26 year old Python hackers working on every link in gmail.

But, I’m bored@work so… here’s my response to the… ‘task’:

sig = “j|[email protected]|m”.gsub!(’|’, ‘o’)
puts sig if self == nostalgic_hacker

=> false

6

On May 16, 2:25 pm, DJ Jazzy L. [email protected]
wrote:

Google catches my spam for me.

True. And it does for me as well.

But that’s not the point. The quiz description was exaggeration,
satire even. I thought I had laid it on thick enough to be obvious,
especially considering that (a) security through obscurity is not at
all security, and (b) I just told spammers how to defeat this
technique: run the sig through Ruby.

Honestly, this is more an exercise in creative obfuscation and golfing.

7

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Matthew M. wrote:
|
| On May 16, 2:25 pm, DJ Jazzy L. [email protected]
| wrote:
|> Google catches my spam for me.
|
| True. And it does for me as well.

I get Russian spam. At least I think it is spam. :wink:

| But that’s not the point. The quiz description was exaggeration,
| satire even.

More dark humor, really.

| I thought I had laid it on thick enough to be obvious,
| especially considering that (a) security through obscurity is not at
| all security, and (b) I just told spammers how to defeat this
| technique: run the sig through Ruby.

On which I have a question: What do you mean by ‘running it through the
interpreter’? Creatively using Ruby’s feature to convert hex into ASCII,
for example?

Phillip G.
Twitter: twitter.com/cynicalryan
Blog: http://justarubyist.blogspot.com

Yugoslavian ceasefire [noun]:
Unit of time, roughly equal to the time it take to reload a gun.
~ – “Ny Tid” (Norwegian Weekly).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEUEARECAAYFAkgt/vYACgkQbtAgaoJTgL9IcACY8Ozm4klCTgw8yENPG22scHfT
ZACcDUUa9lCBCYmqn7utCa9arR8che4=
=+Aze
-----END PGP SIGNATURE-----

8

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

DJ Jazzy L. wrote:
|> Optimism is the root of all evil :wink: and BTW do you really want to keep
|> them extra busy.
|> This said, Google catches my spam pretty well too and thanks for that !
|
| Dude! It’s not like they do it by hand or something. They have 15-
| infinity 26 year old Python hackers working on every link in gmail.
|
| But, I’m bored@work so… here’s my response to the… ‘task’:

48h grace period, in which the Quiz gets discussed (if necessary) or
pulled (if Matthew didn’t think things through :P), after which you can
post your solution.

Phillip G.
Twitter: twitter.com/cynicalryan
Blog: http://justarubyist.blogspot.com

Use library functions.
~ - The Elements of Programming Style (Kernighan & Plaugher)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkgt+hIACgkQbtAgaoJTgL848QCcCVFWWwQakPZuMLpV9xw3U4bE
mF8AnjRQP+j3nuMQTiaWXT4PltE/0Bft
=FAjb
-----END PGP SIGNATURE-----

9

Whereof one cannot speak, thereof one must be silent.
Ludwig Wittgenstein

Yeah, wait whilst I rephrase everything I write to conform to what I
have to imagine you find acceptable. Please be joking.

10

On Fri, May 16, 2008 at 4:39 PM, Phillip G.
[email protected] wrote:

I get Russian spam. At least I think it is spam. :wink:

I have nightmares thinking some foreign power is sending me obfuscated
emails that are encrypted and important – started happening after I
joined this list, in fact. Sigh. It’s just spam… or is it? :slight_smile:

I can’t wait to see some clever stuff on this quiz.

Todd

11

On which I have a question: What do you mean by ‘running it through the
interpreter’? Creatively using Ruby’s feature to convert hex into ASCII,
for example?

My primary meaning is that if your signature is stored in sig.rb, I
should be able to type:

ruby sig.rb

to see your email address.

But feel free to be a bit more creative, if you like. I shudder to
think what kind of summary I’ll have to write if I say, “Go nuts.”
But… go (slightly) nuts.

12

ruby sig.rb

to see your email address.

1.8 or 1.9?

13

From: “DJ Jazzy L.” [email protected]

ruby sig.rb

to see your email address.

1.8 or 1.9?

1.Dude!

:slight_smile:

14

On Sat, May 17, 2008 at 12:05 AM, DJ Jazzy L.
[email protected] wrote:

Yeah, wait whilst I rephrase everything I write to conform to what I
have to imagine you find acceptable. Please be joking.
You got me right here. That’s exactly what I was expecting, but I
guess that others have expressed some disapproval with your approach
to this thread too, just try to be nice and play to the rules, that
will make you a great distributer…
…or get ignored, you know it is your choice, not mine.
R.

15

‘frightening’.tr(‘fr’,’ l’).gsub(‘ing’, ’ up’)

16

2008/5/17 DJ Jazzy L. [email protected]:

‘frightening’.tr(‘fr’,’ l’).gsub(‘ing’, ’ up’)

Seems you are a nice guy :wink:


http://ruby-smalltalk.blogspot.com/

Whereof one cannot speak, thereof one must be silent.
Ludwig Wittgenstein

17

DJ Jazzy L. wrote:

ruby sig.rb

to see your email address.

1.8 or 1.9?

Generally, I’m running 1.8.6, but fully expect that someone will toss
me a 1.9-only solution at some point, at which point I’ll install
1.9. So whichever you like.

18

48h grace period, in which the Quiz gets discussed (if necessary) or
pulled (if Matthew didn’t think things through :P), after which you can
post your solution.

That may be my fault… I neglected to add the standard Ruby Q.
header which mentions the 48hr grace period.

19

For your task this week, I ask that you make your own signature such that
displays your email address when run through the Ruby interpreter. The
signature must fit within four lines of no more than 80 characters per line.
(If you still want to avoid outputting an email address, your script may
produce something else: a phone number, a funny quote, vCard, a poem to your
love, whatever…)

Here is my solution.
The rule says max 4 lines of 80 characters each.
That’s what I have.

w,h,y=" .<>@HKaceghiklmoprstuy",3.14,“A Look into Japanese Ruby List in
English”
a,l,l=“@5axa@18aXaxxxa@0a@6aa@13a@21a@9axxxaXXa@0a”,“”,“http://www.kakueki.com/
o,f=“xa@14aXXXa@19aa@1a@17axxxaXXXa@11a@4a@10a@15a@7a@12axa@1a@8a@16aXXa@3a”,255
t,h,i,s=“junk in my sig?”,9,7
;print"\n"+y+“\n”+l+“\n”+w.unpack(a+o).join+“\n\n”

Here is my 2nd solution.
It converts a fake address into my address.

a=“xa@20a@11aXaxxxxxa@5aa@20aXXXXXa@2a@10axxxxxaXXXa@5a”
b=“@0a@15aXXa@8aa@18axxa@2a@8aXXXXXa@12a@3a@13a@20a@14aaxxaa@7axxxxxa@22a”
print"\nA Look into Japanese Ruby List in
English\nhttp://www.kakueki.com/"
print"ruby/list.html\n"+“<Hugh
[email protected]>”.unpack(a+b).join+“\n\n”

Harry

20

Pretty interesting idea. The only catch is, anybody can run it
through the Ruby interpreter to turn it into a useable readable email
address…
that said, here’s my super simple obfuscation, enough that a bot not
looking for it would probably not know what to do with it:

puts “[]#$e+w!^^+ob!so[]#$e+@$===#!^.co===”.gsub(’*’,‘n’).gsub
(’+’,‘r’).gsub(’!’,‘i’).gsub(’$’,‘g’).gsub(’^’,‘l’).gsub(’#’,‘a’).gsub
(’===’,‘m’).gsub(’[]’,‘d’)