ICQ Rumors 21 - 30
These two URLs have been getting passed around a lot lately. If you visit the page it wall say "AOL has bought ICQ and they are planning to charge people for using it! They must be stopped!" First off, AOL is not planning to charge for ICQ. If you need more reassurance of that then I urge you to visit the AOL/ICQ page. But the "Save ICQ" page doesn't end there, it goes on to ask you to sign their petition with your name, e-mail and country. They say if they get a million people to sign then they will send it to AOL. Sounds like another of those misguided in-duh-viduals trying to rack-up hits, right?
No, this time I have a feeling those e-mail addresses are being collected for something a bit more sinister. You see, the first time I visited that page I checked the link that the form data was being submitted to. Ever heard of the Sex Museum? Well, if you sign that so-called "petition" there is a very good chance you will be hearing about them... in your e-mail when the spam starts pouring in. It is one of those quaint little perverted porn sites. You know the kind where you click on the "free" link and it asks for your credit card number? Anyway, a week after my first visit the link banners to the Sex Museum had been changed to a less suspicious looking site called NetRadio. Now that may not seem so bad, but look at those banners carefully and you'll notice that they are revenue generating banners. That means everytime someone clicks on one the owner of that page is making money. Now don't get me wrong, I don't mind if someone puts together a fantastic site and then makes a little extra cash off of ad banners. But I do object when they lie about the true intent of the page. In this case they are trying to make money off of the gullibility of people in the ICQ community that are afraid of AOL charging, when that simply isn't going to happen. And then they will probably try to make even more money from selling your e-mail addresses to anyone who will cut them a check. So if you really want to do your friends on ICQ a favor, warn them not to visit this site.
By the way, I would love to know who the creep who set this scam up is, but you'll notice his name and e-mail address are nowhere to be found. For future reference I would advise all of you to be wary of any site that has paid ad banners or asks for your e-mail address, especially when the owner chooses to remain anonymous. Note: I'm not saying a site shouldn't run ad banners, there is nothing wrong with that. It's when they try to rack-up hits under false pretenses that I have a problem. (R30)
They say if you are going to tell a lie, make it a big one, and "Funky Fred" has really gone out of his way to deceive the ICQ community with this page...
I would like to start by making my strongest case why this isn't true. Anyone with a knowledge of computer programming can look at the code used by ICQ. Every single op code (instruction) can be disassembled and inspected. You can't hide secret instructions from a determined programmer. While this level of expertise is beyond the typical ICQ user, there is no shortage of people who are fully capable of doing it. And due to ICQ's popularity, more than one skilled programmer has disassembled and studied it, line by line. Security flaws have been found and reported. A number of hackers have written programs to exploit these flaws, and the flawed code from the ICQ program has been published on the net, complete with documentation. However... no one has ever documented sinister code that does anything like what is being described above. That is where this claim breaks down, if such code existed then why hasn't anyone found it and documented it? We're not talking about the Loch Ness Monster here, anyone with a sector editor or disassembler program can study the code from start to finish. Do you think someone who found this smoking gun would keep it a secret? No way José, they would instantly become famous for uncovering one of the biggest fiendish plots in the history of the Internet. Overnight they would become a hero to millions. Every news organization on the net would be writing about them... even the conventional news media could have a field day with something this sinister. Once someone published the section of code in question, every hacker/programmer in the world could easily look and confirm the discovery. It wouldn't even be debatable, computer instructions are very specific. Code written to read and send information from the system registry or any other file could be traced through, step-by-step and fully documented. A clever programmer could make the code appear innocuous at first glance, but the real function would become apparent under closer scrutiny. So I'll ask again, where is the proof? To paraphrase Tom Cruise... show me the code! Until you can do that, shut the hell up and stop trying to spread panic through the ICQ Community, Flunky Fred.
Not convinced by a technical argument? Let's try reasoning our way through this. Flunky claims this info is being gathered to combat software piracy. Does Mirabilis or AOL have a problem with their software being pirated? How do you pirate free software? You want AOL's client software? I have 50 of their disks and CDs collecting dust, want to trade something for 'em? The CDs are great for target practice with a shotgun. Oh wait, then Flunky says they could be selling the info to "large software vendors such as Microsoft." Well isn't that sweet of them, helping out the competition. Just how much do you think they are getting paid for this info? Enough to justify committing a felony and exposing a billion dollar corporation (AOL) to a massive class action lawsuit? What else do you think they are doing? Is AOL chairman Steve Case peddling crack on a street corner in his spare time? Get real, ya moron. What are the "large software vendors" going to do with this info? Use it to get ten million search warrants based on illegally obtained "evidence?" What kind of evidence is this, anyway? You said yourself to make sure "Windows is registered to a fake name." What if we all change our names to Bill Gates? Are they going to come knocking on his door to search for pirated software? If not Bill, then how can they be sure of any name and address they get off a computer? You really thought this through, didn't you Flunky?
What else does our Boy Wonder suggest? Modifying the Windows Registry? Let me put it this way: BAD IDEA. If you don't know enough about how the registry works to understand that this isn't a problem, then you really shouldn't be poking around in there in the first place. Besides, if Mirabilis is supposedly smart enough to be sneaking a peek at our data, then why would they put a key in the registry that could turn off this "feature?" Don't you think they could find a little better place to hide it? I also noticed that under ICQ's Preferences/Accept/General you can uncheck "Automatically receive Externals, Servers and NetTips updates." Just a guess here, but would someone like to try changing that and telling me if the Reg file is then set to "no?" I'm a little busy at the moment explaining why Flunky Fred is an idiot.
I see Flunky claims the "Macintosh and Java versions of the ICQ client are not affected!!!" Why is this? Don't Mac and Java users pirate software, too? Maybe after going though all this trouble to program a backdoor into the Windows version Mirabilis decided it was unethical and let everyone else off the hook?
So Flunky has offered absolutly no evidence to back-up his far-fetched conspiracy claim, but then offers a link to Wired for more info. I've been reading Wired for years, and if anyone were going to investigate and publish a story like this, these are the guys and gals to do it. So what do you get when you click on the link? "An error occurred while processing this directive." Awwww... no story, what a huge surprise. But while you're there, do a search for "ICQ" and you'll turn-up lots of stories about past security flaws in ICQ. Just be sure to note something important: these are FLAWS... bugs, errors, mistakes... not intentional ways for Mirabilis to spy on you. I've never seen a claim like Flunky's made by Wired, and if they did they would include a little something called e-v-i-d-e-n-c-e.
Speaking of "dense/dunce," just who is this Flunky Fred? He didn't leave a name or e-mail address where he can be contacted. What's wrong Fred, afraid the Mirabilis goon squad is going to break down your door in the middle of the night and haul you away? (BTW, if Mirabilis ever forms a goon squad I volunteer to be on it. J ) More likely ol' Flunky just doesn't want to be held accountable for his actions. I've noticed that about most of the rumor mongers, they love to hide under rocks with the rest of the scum. Just for the record, my real name and a working e-mail address appears on this page. I stand behind what I write and if anyone has evidence to prove me wrong then I'm only one mouse click away. Note that word again: evidence. As in documentable and verifiable. Your best buddy HaPpY hAx0r whispering a secret to you in the "I_Saw_Elvis_Working_At_A_Gas_Station" chatroom one night is not evidence... you'll have to do better than that. Even if HaPpY claims to have seen the evidence, I don't care, maybe it was Elvis that showed it to him. I'm a programmer, not Geraldo Rivera, show me the code or don't waste my time.
Why do people go to all the trouble of spreading rumors like this? Because they have a grudge against AOL or Mirabilis? Fine, then state your case against them just like others have done, don't make-up a bunch of garbage. Maybe Flunky works for one of Mirabilis's competitors? I honestly don't know. Most likely he is just trying to impress his friends with how many people he can deceive. There is a Showstat counter hidden away on the bottom of his page, and it appears that a lot of people are visiting his site. In fact, for every person who visits my page in the coming months there will probably be ten that visits his. I guess sensationalized lies are more fun to spread than the boring old truth. The unfortunate part is that everytime someone spreads Flunky's hoax, more people are likely to drop ICQ, which in turn makes the program less useful for all of us (what good is a contact list without contacts?). That's why I write this stuff, I enjoy using ICQ and the more people who get it, the more useful it becomes. Plus I just don't like people who peddle lies. There are a lot of really nice people on the net who deserve to know the truth so they can stop worrying and enjoy the experience. (R29)
I've got some "futher information" for you, too. Software can't destroy your CPU. The Central Processing Unit is the chip that runs your computer, such as a Pentium II chip. It is a piece of hardware that can not be altered in a harmful way by any program. A power surge or taking the cover off your computer and hitting your CPU with a hammer could destroy it, but opening ICQ won't hurt a thing. Unless some joker sends out a message saying "Mirabilis will delete your account unless you open up your computer and whack your CPU with a hammer until you see smoke rising. Please forward this message before removing the case." Then I suspect the computer stores will be very busy on 26 November 1998 because there seems to be a whole lot of people who will do anything they are told to do by an ICQ message.
(If you happen to be one of these people and are also a young, attractive female living in the South Florida area, please contact me immediately or your ICQ account will be terminated. This is not a joke, it says so right on Mirabilis's™®© page at... um... http://www.icq.com/DB'sLoveSlaves.html *WEG*)
Now look at the URL that was included... a link to the page where Mirabilis asks everyone NOT to forward hoax messages and even links to this site. I thought it was rather sporting of this rumor writer to include that link, just his or her way of saying "You're such a dumbass you'll forward this message even though I gave you a link that would have proven it was a hoax." No wonder you only have one friend to inform. (R28)
I find it totally amazing how many people have been forwarding this rumor. I realize many people are new to ICQ, but is the concept of time also new? Half the people using ICQ didn't even own a computer a year ago, so what kind of "special tracking machine" do they think Mirabilis was using? A crystal ball? Maybe the message should have read "Even though you didn't have ICQ a year ago, the Spirits of the Internet™ have informed Mirabilis®© that you wouldn't have forwarded our message anyway. We also know what you will be doing in that private chat on 16 May 2005 and we don't approve of that kind of thing." Of course all those special symbols mean it has to be true, no one would DARE use a registered trademark in a fake message... the Spirits of the Internet™ wouldn't allow it.
Okay, let's sum this up and put it to rest for another year.
Here's one from e-mail...
But how do I know you aren't really an EVIL HACKER? Maybe all that cute horsey stuff on your website is just a cover? Maybe the unicorn was kidnaped? You may have broken into someone's computer and STOLEN it! You may be trying to control my computer right now! Is that the REAL reason you used green text? It's a hacker trick, isn't it? The old GREEN TEXT OF DEATH hack! I'm on to you! I'm going to tell the world that even though all the other hacker warnings are fake, THIS ONE IS REAL!
Hey?! Why is my hard drive light on? What happened to my HTML editor? And now my browser is gone! Are you doing that? STOP IT! PLEASE KAGGIE! Okay, I promise I won't expose you as an evil hacker!!! Just let me live!
Enough horsing around. I've stopped including the "hacker warnings" because if you've seen one, you've seen 'em all. But I made an exception this time because it is a good first-hand example of what I've been saying about false warnings. Kaggie is about as far from being a hacker as anyone could get. She is a sweet girl who is into raising horses and having fun. Yet as a result of this "warning" getting passed around, there are now people who won't accept her authorization requests... their loss. (R26)
Hey, this one is almost plausible... the rumor author must have grown half a brain. Had a complete brain developed he/she would have realized that it isn't "Mirabilis Incorporated" but "Mirabilis Ltd" or "ICQ Inc." Most companies know their own names. As for the servers, ICQ99a appears to be using it's own server so older versions can continue to use the network safely. Fortunately, Mirabilis's programmers have been gifted with full brains and from the start have had a better way to send a message to everyone on ICQ than to use the "forward this" method. With a click of a button, every ICQ account can be instantly sent a System Message directly from Mirabilis's office. Would you really expect a company that develops mass communications software to rely on a rumor grapevine to spread important information? That would be like your local TV station announcing breaking news by handing out printed fliers on a street corner and saying "pass it on." As they say on their website: "We never ask our users to send us ANY information or to forward any messages." Remember that any time the words "Mirabilis" and "forward this" appears in the same message and you can save yourself some worries. (R25)
I love this one, it is *almost* believable. Shades of "Big Brother Bill Is Watching You." The problem is, in the process of looking for pirated software they would have to look at your personal files, which would be a clear violation of your privacy, thus opening Microsoft up to a massive class action lawsuit. Kinda makes me wish it were true, I'd love a piece of Brother Bill's pie.
This has been one of the more controversial rumors. I've received several dozen e-mails with just about every conceivable point of view. Here's the final verdict: While it is possible to check to see which programs are in your system registry, it would be exceedingly difficult to determine if they are pirated and almost impossible for Microsoft or anyone else to do something about it. Consider this example. You buy a MS product on CD and install it but never send in the registration card (thus saving a few trees from becoming junk mail). Then you "lend" the CD to your best friend and they install it. Now how is MS going to know which of you is the pirate? Granted, there are other scenarios where MS might be able to determine that the software is likely to be pirated, but then how are they going to know for sure who the pirate is? An IP address doesn't tell them much unless your ISP gives them additional information, which most won't do without a court order. Any info you volunteer on their site could be false, so they aren't likely to try to get a search warrant based on that. So relax... or if you are really paranoid, just don't pirate software. (R24)
Okay, this is really important... I don't care. Do you have any clue how many "Warlocks" there are on the net? I counted 18 just on ICQ. So you think I'm going to report every Warlock on the net? The only "Klown" I'm going to avoid is the next one who forwards a message like this. (R23)
I'm sure the ICQ staff have nothing better to do than send absurd messages. I love the part about not being able to delete him, seeing as how the "directory" that he would be deleted from is on Mirabilis' end, not behind FLASH's firewall. (R22)
Of course the first thing I did was go to that page. A few MIDIs, some links and not much else. One thing is certain, my "C:/ drive" is just fine. The only thing getting hacked here is the crediblity of the people who forward messages like this.
I should point out that occasionally a security flaw is found in various browsers. While "evil hacker web pages" are more myth than fact, almost anything is possible where browser or e-mail client bugs are concerned. I strongly advise you to use up-to-date versions of your browser, e-mail reader and ICQ. The following sites link to many of the currently available patches: Windows Internet Patches and WinFiles.Com. Users of Eudrora Pro should check here for security updates: http://eudora.qualcomm.com/security.html.
Having pointed out that, while rare, a web site could exploit a bug in a browser, I would also like to demonstrate how some people are tricked into believing that a web site is accessing their hard drive. One of the oldest tricks is using a form request to display the contents of a hard drive. When you click on one of the buttons below you will see a listing of your C: drive. Note: only YOU are seeing it, no information is actually being passed over the net to me or anyone else. But with a few "enhancements" it can be made to appear that all the files on your hard drive are being erased. Go ahead and try it (if you dare *g*) and then hit the "back" button.
UPDATE (10/22/98): It is getting increasingly difficult to make any pronouncements regarding security. Lately for every rule there seems to be a security bug, either in a browser or an e-mail client. In this case I just tried a CGI script that can in fact read the file names in any of your hard drive directories. Another script is capable of reading your cookies. Neither script can directly write or delete any files, but until Netscape and Microsoft get around to patching the holes, be aware that this problem does exist. (R21)
If you would like to link to this site you welcome to
use any of the link banners on the main ICQ Lies page.
You may e-mail me at
(Please don't send ICQ authorization requests.)
Or tell the world what you think of ICQ Lies by
Signing my Guestbook
(The Last Word)
Subscribe (or Unsubscribe) to the
ICQ Lies Update Newsletter
If you would like to receive occasional updates
about the latest rumors floating around on ICQ,
enter your e-mail address in the box and press
Send. All info will be kept confidential.
(Click here to view our privacy statement.)
Thomas Robert Pasawicz aka DiamondBack
All Rights Reserved