The bot war is over and the bot farmers have won :-(

[EliseAnne85]

1 hour ago, Ceka Cianci said:

Ahh ok, that's probably why I'm not familiar with it.. It's not really been around that long..

Thank you for clearing that up for me.

No, it hasn't been around that long.  I think you can find SL's 2fa under ACCOUNT but it's called multifactor something or other in SL.  

When it came up in another thread about why ChatGPT requires a phone number to have an account I went to search a little about "bots".  I came across an article that said 2fa was invented because bots became able to read that squiggly line worded Captcha that used to be sent to our emails (like in the screenshot I'll put below).  Bots are more and more eluding the I AM NOT A BOT Captcha techniques.  I also noted in that thread that recently, on a government website, I had to check I AM NOT A BOT twice while filling out the form.  Bots are becoming more and more elusive to detection.  That aspect of bots is kind of a drag.  Again, the below Captcha it is said bots can now read, so it's useless.  And now we have 2fa or multifactor.

Edited March 26, 2023 by EliseAnne85

[Zalificent Corvinus]

2 minutes ago, Count Burks said:

While doing research on this topic several weeks ago I did find a bot service provider offering bots you can control to send in world and spy on chat conversations through IM messages. You can rent a bot send it to specific location, let it listen to chat conversations which the bot will then transfer to you through IM messages. And this is still a somewhat harmless service. Who knows what all these hundreds of roaming bots are exactly recording and what services are being offered through non public channels?

Thoys Bot

What are they able to do?
You can let them follow you for instance. You can talk through them. Listen through them (through instant messages). They are able to sit and resit when they get kicked off something. And a lot more.

How do I command them?
You command them through instant messages and local chat. For the command note look under here. Only the master can command the bot and the master is set in the bot tool.

So as you can see there are indeed bot services around that make money from offering spying tools.

The thing with roaming bots is that nobody, not even Linden Lab knows what they are being used for.

You could do that with a script in SL, without renting a bot, hell, there used to be a rlv collar plugin that did that, so you could spy on your sub and who they were talking to in local.

Technically you still can, but technically, repeating local chat conversations from an inworld location to your inworld IM box without the explicit consent of all parties present, is a TOS violation, and you can and should file an Abuse Report.

 

As for what "these hundreds of bots are recording" about all they can record is where your avatar is, what it's wearing by way of non-hud attachments, total script count and cpu time, a bad estimate of your avatar's height, what display name you are currently wearing, your avatar's estimated complexity score, etc, the standard info available via lsl.

 

None of that seriously infringes on YOUR privacy to the extent that it becomes some "URGENT PROBLEM" demanding immediate draconian fixes that probably won't work anyway.

 

And you STILL haven't shown evidence of the dozens of "evil bot farmers" using your "fool proof money maker" business plan to charge $10 a week to sort of guess where an avatar might have be based on sightings in the last 45 minutes.

 

[Love Zhaoying]

Interesting thought, that the most annoying may be using bots!

[Ceka Cianci]

29 minutes ago, EliseAnne85 said:

No, it hasn't been around that long.  I think you can find SL's 2fa under ACCOUNT but it's called multifactor something or other in SL.  

When it came up in another thread about why ChatGPT requires a phone number to have an account I went to search a little about "bots".  I came across an article that said 2fa was invented because bots became able to read that squiggly line worded Captcha that used to be sent to our emails (like in the screenshot I'll put below).  Bots are more and more eluding the I AM NOT A BOT Captcha techniques.  I also noted in that thread that recently, on a government website, I had to check I AM NOT A BOT twice while filling out the form.  Bots are becoming more and more elusive to detection.  That aspect of bots is kind of a drag.  Again, the below Captcha it is said bots can now read, so it's useless.  And now we have 2fa or multifactor.

I'm thinking of the one that you need to use your phone or whatever.. that was like last summer or spring or something..

I can't remember ever using the one in the image above.. unless it was when creating an account..

ETA: I was sort of close.. It was the fall before last spring.

 

Edited March 26, 2023 by Ceka Cianci

[Zalificent Corvinus]

20 minutes ago, EliseAnne85 said:

No, it hasn't been around that long.  I think you can find SL's 2fa under ACCOUNT but it's called multifactor something or other in SL.  

When it came up in another thread about why ChatGPT requires a phone number to have an account I went to search a little about "bots".  I came across an article that said 2fa was invented because bots became able to read that squiggly line worded Captcha that used to be sent to our emails (like in the screenshot I'll put below).  Bots are more and more eluding the I AM NOT A BOT Captcha techniques.  I also noted in that thread that recently, on a government website, I had to check I AM NOT A BOT twice while filling out the form.  Bots are becoming more and more elusive to detection.  That aspect of bots is kind of a drag.  Again, the below Captcha it is said bots can now read, so it's useless.  And now we have 2fa or multifactor.

No, MFA was invented to try and stop hackers from guessing that a moron's password was "password", and thus gaining access to the moron's bank account, or email, etc. Nothing to do with bots logging into systems under their own bot accounts.

 

Edited March 26, 2023 by Zalificent Corvinus

[Arielle Popstar]

18 minutes ago, Zalificent Corvinus said:

And you STILL haven't shown evidence of the dozens of "evil bot farmers" using your "fool proof money maker" business plan to charge $10 a week to sort of guess where an avatar might have be based on sightings in the last 45 minutes.

 

I'm waiting with bated breath for you to enlighten us with why the "non evil bot farmers" are putting up servers to scrape the data they are scraping and creating a searchable database with said data if they aren't benefitting from it in some way. Is this all an altruistic gesture on their part for the betterment of the community?

[Zalificent Corvinus]

31 minutes ago, Ceka Cianci said:

I'm thinking of the one that you need to use your phone or whatever.. that was like last summer or spring or something..

I can't remember ever using the one in the image above.. unless it was when creating an account..

For work, I have to...

1. Use a stupor strength password to unlock the hard drive encryption so the pc will boot

2. Log in using an 8 digit pin number, via a remote virtual smart card system on a company VPN, no internet, no windows login

3. Log into a Protection system, with a username and another stupor strength password, that unlocks internet access needed to...

4. Log into the company email with another username and password

5. Log into a government system with another username and password

6. Respond to the automated call from step 6's MFA, on my phone

7. Log into a government website with another username and password

8. Log into a different government website with the same username and password

9. Log into a remote timesheet website with the company email username and password

10. Log into a general remote telephony app using a different username and password

11. Log into the specific remote telephony app, using a different SUPER stupor strength username and SUPER stupor strength password, that actually notifies the company that I'm logged in and ready to start my shift.

 

That's about 15 to 20 minutes every day, including opening various mandatory pages on the various websites, of unpaid overtime before my shift started.

That's assuming it all worked of course, various security stages would often not work, sometimes for hours. One co-worker literally had 3 weeks of sitting at a pc doing nothing, and getting paid, because 'system issues' at the company's end with the security meant they couldn't access the apps they had to access to do the job. 3 weeks paid idleness waiting on a remote tech fix, due to "MFA".

 

Edited March 26, 2023 by Zalificent Corvinus

[Ceka Cianci]

6 minutes ago, Zalificent Corvinus said:

For work, I have to...

1. Use a stupor strength password to unlock the hard drive encryption so the pc will boot

2. Log in using an 78 digit pin number, via a remote virtual smart card system on a company VPN, no internet, no windows login

3. Log into a Protection system, with a username and another stupor strength password, that unlocks internet access needed to...

4. Log into the company email with another username and password

5. Log into a government system with another username and password

6. Respond to the automated call from step 6's MFA, on my phone

7. Log into a government website with another username and password

8. Log into a different government website with the same username and password

9. Log into a remote timesheet website with the company email username and password

10. Log into a general remote telephony app using a different username and password

11. Log into the specific remote telephony app, using a different SUPER stupor strength username and SUPER stupor strength password, that actually notifies the company that I'm logged in and ready to start my shift.

 

That's about 15 to 20 minutes every day, including opening various mandatory pages on the various websites, of unpaid overtime before my shift started.

That's assuming it all worked of course, various security stages would often not work, sometimes for hours. One co-worker literally had 3 weeks of sitting at a pc doing nothing, and getting paid, because 'system issues' at the company's end with the security meant they couldn't access the apps they had to access to do the job. 3 weeks paid idleness waiting on a remote tech fix, due to "MFA".

 

That's pretty wild..  If I had to do that to get into SL, I would be doing something else instead of SL, like in the kitchen working on a better way to make egg salad or something.. hehehe

[Zalificent Corvinus]

3 minutes ago, Arielle Popstar said:

I'm waiting with bated breath for you to enlighten us with why the "non evil bot farmers" are putting up servers to scrape the data they are scraping and creating a searchable database with said data if they aren't benefitting from it in some way. Is this all an altruistic gesture on their part for the betterment of the community?

I don't give a damn why they want to "scrape useless data". Frankly I'm not that paranoid.

I do know however that there are people who will pay modest amounts for useless info on paranoid people, don't ask me why, but the idea that running a bot farm to spy on avatars is some amazing make money fast scheme that anyone can do, is complete and utter rubbish, deliberate disinformation intended to cause a panic over what is largely a non-issue.

 

Take the Bot's That Cannot Be Named website, and it's now infamous "how much merchants are earning" info, wildly inaccurate information, based on the most ridiculous guestimates, utterly useless. Yet paranoid people went into a panic over these non-facts being "an invasion of privacy".

 

"Oh no! people can see my avatars public profile, in public! We're being data scraped!"

One clueless fossil, clearly revealed that they don't know how to use the parcel security settings to stop roaming survey bots landing in their living room, despite being an oldbie who's supposed to know about SL.

 

This whole "Bot Paranoia" is getting old and tired.

Can we switch to one of the OTHER "Clueless Old Farts Paranoia Topics" for a change of pace?

Time for an "The Urgent Need to Deal With Filthy Alts" thread,  or "The URGENT Need to Deal with CopyBots of 2006" thread?

At least TRY and alternate between the three instead of hammering the same nonsense over and over.

 

[Ceka Cianci]

14 minutes ago, Arielle Popstar said:

I'm waiting with bated breath for you to enlighten us with why the "non evil bot farmers" are putting up servers to scrape the data they are scraping and creating a searchable database with said data if they aren't benefitting from it in some way. Is this all an altruistic gesture on their part for the betterment of the community?

I think when something gets labeled as evil, it's harder for people that see it as evil to see it being used  for anything else..

I only say this because, couldn't it be possible  they just found it interesting and then someone say, you could do so much cool stuff with this and then it evolve into what it is?

Why did places like Free Dove exist and other places like it exist still? 

People complained and they took down the things people complained about.. Isn't it possible that they are not trying to take advantage of us?

I'm just saying, they seem to react to what people think where  you can't get a lot of people to do that, they'll just keep doing what they are doing a lot of the time..

 

[Zalificent Corvinus]

17 minutes ago, Ceka Cianci said:

That's pretty wild..  If I had to do that to get into SL, I would be doing something else instead of SL, like in the kitchen working on a better way to make egg salad or something.. hehehe

Yeah... if the MFA Koolaid Junkies get their way and I have to Multi Effing Annoyance, every time I want to log in to SL, spend $15 on the lindex for shopping tokens, teleport to a store, or spend a $'s worth of shopping tokens on a dress, then I won't bother.

 

It's why these Bot-Paranoia people bother me so much, I can see them demanding some ENFORCED MFA to "URGENTLY combat the OUTRAGEOUS non-threat of EVIL Bot Farmers SCRAPING useless data in SL", and thus bringing about a "cure that's worse than the disease".

 

Edited March 26, 2023 by Zalificent Corvinus

[Ceka Cianci]

3 minutes ago, Zalificent Corvinus said:

Yeah... if the MFA Koolaid Junkies get their way and I have to Multi Effing Annoyance, every time I want to log in to SL, spend $15 on the lindex for shopping tokens, teleport to a store, or spend a $'s worth of shopping tokens on a dress, then I won't bother.

 

It's why these Bot-Paranoia people bother me so much, I can see them demanding some ENFORCED MFA to "URGENTLY combat the OUTRAGEOUS non-threat of EVIL Bot Farmers SCRAPING useless data in SL", and thus bringing about a "cure that's worse than the disease".

 

If it ever gets to where I feel it's that unsafe here to where I would need all that.. My survival instincts are gonna kick in and just won't come here no  more, after I make sure I've emptied any information that I can from my accounts..

Reward has to outweigh risk.. I'll go climb the side of one of the mountains outback if I feel the need for a risk rush.. hehehe

[Scylla Rhiadra]

22 minutes ago, Zalificent Corvinus said:

Take the Bot's That Cannot Be Named website, and it's now infamous "how much merchants are earning" info, wildly inaccurate information, based on the most ridiculous guestimates, utterly useless. Yet paranoid people went into a panic over these non-facts being "an invasion of privacy".

Disinformation masking itself as "data" is actually in some regards worse than the publication of valid and verifiable data. At least the latter can inform people; the former simply misleads them.

I don't see a lot of paranoia here. No one has accused any actual operation of evil deeds. There are instead concerns about how this data might be misapplied. The example of RedZone demonstrates what can happen when "public data" -- i.e., IP addresses -- is misused and leveraged for monetization.

The issue is putting in controls, tools, and policies that ensure that bot operations of all kinds are responsible, and don't misuse the data they are scraping.

[EliseAnne85]

It's possible "they mean no harm" but I also object to the fact that we don't opt in, we have to opt out to which I directly asked a person who works for this bot farm in question if they were planning on keeping our usernames if we opted out and the answer given here was "yes".  Yes, they plan to keep our usernames.  For what, to send en masse IM's with links to clicks? 

Don't click on any links from bots everyone, it's a classic social engineering hackers scam technique and it usually involves using blackmail.  Let's say they IM you saying they saw your bf/gf at so-and-so place without you and with another avatar and have a picture of them together and want you to click on it so you can see what they were doing together without you, which is a lie but that's a classic social engineering hacker's scheme.  

And, that is about all I want to say for now because I think it's better safe than sorry.  However, there are those whom I feel just want to "baby" the bots and SL residents are paranoid or old, which makes it all our fault.  

So, I need a break from this now.  It's enough blaming those who were not disturbing the peace.    Plus, saying we are paranoid seems a bit like gaslighting to me.  So, I'm out for awhile. 

Edited March 26, 2023 by EliseAnne85

[Arielle Popstar]

21 minutes ago, Ceka Cianci said:

I think when something gets labeled as evil, it's harder for people that see it as evil to see it being used  for anything else..

I only say this because, couldn't it be possible  they just found it interesting and then someone say, you could do so much cool stuff with this and then it evolve into what it is?

Why did places like Free Dove exist and other places like it exist still? 

People complained and they took down the things people complained about.. Isn't it possible that they are not trying to take advantage of us?

I'm just saying, they seem to react to what people think where  you can't get a lot of people to do that, they'll just keep doing what they are doing a lot of the time..

 

See if they were gathering it for such cool ideas, why not tell us what those things are? Make us want to sign up to have our profiles displayed on their super duper cool site! Instead they came out swinging calling us stupid, ignorant and paranoid for questioning their data harvesting without permissions. Where is the free prizes for having my profile on there? Free Dove was at least giving the community something tangible that I could wear with pleasure for having scored a good find. I'm not seeing it for these people. You?

[Silent Mistwalker]

2 hours ago, Zalificent Corvinus said:

"Too Effing Annoying"

See also MFA - "Multi Effing Annoying"

"Please enter the 1FA Impossible to remember Stupor-Strength password that you wrote oin a post-it note stuck to the edge of the monitor.

Please enter the 4th, 7th, and 14th characters from the 2FA impossible to remember 'memorable data', that you also wrote on that post-it note.

Please complete the 3FA captcha to prove you are not a bot thing.

Please enter the 4FA 6 digit security code sent to your phone.

Your 5FA Trusted device, has had a web browser update, and is no longer a 5FA trusted device, would you like to 5FA Trust this device... Again...

You will receive a 6FA automated phone call, to confirm you want to trust your PC... Again...

Congratulations, you can now use your online banking!

Error, you took more than 60 seconds to walk from your PC, to the table in the hall with the bill you want to pay, and back, 7FA Auto Timeout has automatically logged you out, please start the MFA process all over again from scratch!

Have a nice MFA day!"

 

It would be funny as hell if it weren't so frigging true.

[Silent Mistwalker]

1 hour ago, Zalificent Corvinus said:

Redzone was giving out more than "current location of Avatar X. it was handing out IP addresses, and lists of avatars using them, to "out"  the "filthy alts" that so many oldbies seemed to hate so much, that isn't the same as finding suckers willing to pay $10 a WEEK to know where an avatar is inworld.

 

Again, since this service you propose, doesn't violate the TOS,, and is a "guaranteed money maker" where are all the outfits running such a service?

RZ was also storing personal information that had nothing to do with SL such as how many children you have in RL, where you work in RL, your spouse's name and workplace, your children's school. Get the picture now?

[Qie Niangao]

1 hour ago, Zalificent Corvinus said:

No, MFA was invented to try and stop hackers from guessing that a moron's password was "password", and thus gaining access to the moron's bank account, or email, etc. Nothing to do with bots logging into systems under their own bot accounts.

MFA wasn't just about bad passwords, but good passwords, too, compromised as by phishing or other means more sophisticated than a lucky guess. The "multifactor" adds one more of the three security "somethings":

• something you know (like a password—and easily compromised)
• something you are (like fingerprints and other biometrics—hard to collect, store, and match reliably)
• something you have (like a device that can authenticate with a token)

Each factor has varying weaknesses depending on details of implementation, but combining across these categories substantially shrinks the vulnerabilities of an authentication, way more than just a better password—or five of them.

[Rick Nightingale]

3 hours ago, Love Zhaoying said:

Is "copycat" behavior with Dinkies even an issue? I didn't know you could tell them apart. 

You certainly can tell them apart. I wasn't always a big, handsome devil:

[Istelathis]

Bots would make a decent tool to scour SL in search of profiles that could be used to link a person's RL to their SL, things such as email addresses, social media accounts, even RL pictures can provide a relatively easy way to find out their real identity.

There is money to be made from people engaging in adult related activities in SL, from simple 'ol blackmail.  Paranoia or not, there are a lot of poor people in this world in search of an easy buck, who have plenty of time on their hands.  This does not even include people who just get a kick out of having that sort of perceived power over others, who get a thrill from it for some reason or another.

With that said, bots are not necessary for others to do this, it probably makes it a lot easier though.  The more people know, the better.  Leaving behind a trail for others to follow back to your RL, is incredibly foolish.  

Paranoia or not, people should at the very least knowledgeable not to make it so easy for others to turn them into a target.  

 

Edited March 26, 2023 by Istelathis

[Innula Zenovka]

2 hours ago, Count Burks said:

How to make money using a bot net in Second Life a tutorial for Innula Zenovka

1. Rent a couple of dedicated servers 

2. Create a medium sized bot net with 100 avatars.

3. Start a website named  offering avatar tracking service for 1500 Linden per week payable at kiosk in Second Life.

Service includes tracking data of one particular avatar on the Second Life grid. But if you sign up for the Premium + package you can track up to 5 avatars anywhere on the grid. Premium + is 2500 Linden per week.

_______________________________________________________________________________________________________

Deployment of bot net.

Calculation

1 bot teleports every 10 seconds to another region and monitors the names of the avatars on the region.

1 bot * 6 teleports per minute * 60 minutes = 360 teleports per hour.

100 bots * 6 teleports per minute * 60 minutes = 36000 teleports per hour.

36000 teleports per hour / 27000 Second Life regions = 1 teleport per 0.75 hours or 1 teleport per 45 minutes.

_______________________________________________________________________________________________________

Many residents remain at particular locations for an hour or longer so even with a small to medium sized bot net it is possible to track, spy and monitor on the movement of all Second Life avatars on the grid except within  regions which are not publicly accessible.

Many residents will want to know where their boyfriend or girlfriend or partner has been hanging out. Do not underestimate the curiosity of people so you will make money with such a service.

_______________________________________________________________________________________________________

To even hide more from Linden Lab you use servers collocated in separate data centers so it looks like you are running tiny bot farms for hobby purposes.

You also refresh sections of your bot farm every 5 to 10 days so that bots that got banned or restricted in access are no longer in circulation.

_______________________________________________________________________________________________________

Do not underestimate what is possible with bot farms, how you can use them. This is a very basic example on how to deploy a bot farm to make money from it but it gives you insight why roaming bots should be blocked from the system.

 

 

 

 

Has anyone in the almost 20 years that SL has been going ever actually offered such a service, though?   I mean, I've seen seen bots deployed for all sorts of purposes, ranging from swooping down and buying vacant land to  moderating  in-world groups to being  automated sex workers doing house-calls, but I've yet to hear of anyone offering the sort of service you describe.

This suggests to me there's simply not the market to support this sort of automated avatar tracking service.

That's possibly because, at least in the experience of some of my friends over the years who've had the misfortune to be stalked in SL by jealous or vengeful partners or exes, there's no need to deploy an army of bots to track people down when it's all too easy, and provides more sick fun,  to stalk people using a script to determine when they're online, a knowledge of their habits and favourite shops and hangouts, and the judicious use of alts.  

 

[Ceka Cianci]

38 minutes ago, Arielle Popstar said:

See if they were gathering it for such cool ideas, why not tell us what those things are? Make us want to sign up to have our profiles displayed on their super duper cool site! Instead they came out swinging calling us stupid, ignorant and paranoid for questioning their data harvesting without permissions. Where is the free prizes for having my profile on there? Free Dove was at least giving the community something tangible that I could wear with pleasure for having scored a good find. I'm not seeing it for these people. You?

I'm not saying to you it's one way or the other.. But that it's just as much a possibility..

I'm just saying there is a lot of people that do things for other reasons than to put the shaft up everyone else's butt.. It's SL where people come to throw out ideas  and see if they work and how well..Some do it for themselves ,some do it for others and some do it because they can.

I wasn't at the first thread, did they come to that thread because it was a warm and welcoming thread, or should I  assume away and think it wasn't such warm of a feeling when they got there?

The reason for putting those free stores in my post wasn't because they gave you stuff, but because  those people had an idea also..

Just because you didn't get anything out of it doesn't mean it's not useful. It may be to others..

Your profile and information isn't on there anymore.. So no gifts for you.. hehehe

 

[Count Burks]

9 minutes ago, Innula Zenovka said:

That's possibly because, at least in the experience of some of my friends over the years who've had the misfortune to be stalked in SL by jealous or vengeful partners or exes, there's no need to deploy an army of bots to track people down when it's all too easy, and provides more sick fun,  to stalk people using a script to determine when they're online, a knowledge of their habits and favourite shops and hangouts, and the judicious use of alts.  

 

The example I did provide is basic, yet there would certainly be a market for it. You can also take it much further when you start to think outside of the box if you get into setting up a spy service using a bot net.

While you can use a script to retrieve online status you cannot track people on the grid. While you might know the habits of these people you will not be aware of people their location if people decide to hide.

Example which frequently occurs:

Avatar A and Avatar B are in a relationship and are living together on their land. After 3 weeks avatar A is fed up with the relationship for some reason and takes up her house, leaves the land, blocks Avatar B as she doesn't want to have anything to do with him anymore.

Avatar B is perplexed, tries to IM Avatar A without a response. For Avatar B who wants to know more and wants to know the whereabouts of his girlfriend it not suddenly becomes interesting to make use of such a tracking service.

Deploying a bot net or a single roaming bot can be used as a tracking system. The bot effectively provides more accurate information than any script can do. Now you have a valid reason why anonymous roaming bots should be frowned upon.

34 minutes ago, Istelathis said:

With that said, bots are not necessary for others to do this, it probably makes it a lot easier though.  The more people know, the better.  Leaving behind a trail for others to follow back to your RL, is incredibly foolish.  

Paranoia or not, people should at the very least knowledgeable not to make it so easy for others to turn them into a target.  

You can have endless discussions about this. As Istelathis writes  " it probably makes it a lot easier though." With scripted agents you can do data harvesting, data mining, tracking, spying and tracing. You can push it really far when you start connecting avatar profile data with other profile data of people online.

[Love Zhaoying]

46 minutes ago, Istelathis said:

Bots would make a decent tool to scour SL in search of profiles that could be used to link a person's RL to their SL, things such as email addresses, social media accounts, even RL pictures can provide a relatively easy way to find out their real identity.

There is money to be made from people engaging in adult related activities in SL, from simple 'ol blackmail.  Paranoia or not, there are a lot of poor people in this world in search of an easy buck, who have plenty of time on their hands.  This does not even include people who just get a kick out of having that sort of perceived power over others, who get a thrill from it for some reason or another.

With that said, bots are not necessary for others to do this, it probably makes it a lot easier though.  The more people know, the better.  Leaving behind a trail for others to follow back to your RL, is incredibly foolish.  

Paranoia or not, people should at the very least knowledgeable not to make it so easy for others to turn them into a target.  

 

Love this song!

[Istelathis]

Just now, Love Zhaoying said:

Love this song!

It is catchy, not quite right but I was too lazy to look for a paranoia song dealing with generalized paranoia.  I was going to go with the one below, but also this one likewise did not quite fit.

I like Flagpole Sitta a lot more though.