Friday, February 24, 2006

A message from the Corporal, by way of the Minx

Corporal Kickyourass, bless his Canadian cotton socks (the ones with little maple leaves dancing decoratively around the toe area) has asked me to post something for him. Since he offered me oral sex behind the bike sheds to do this for him, I felt it would be rude to refuse. Ahem.

Voltaire said:

"I do not agree with a word you say, but I will defend to the death your right to say it."

That always has rung true with me -- whether I speak as the Minx here, or the Minx in the real world. It is a passionately and deeply held belief of mine. [And it sets the tone to something far more serious than my facetious (but ever-hopeful) quip about oral sex.]

To cut a long story short, the Corporal posted something on Curbed Enthusiasm that dealt with some very contentious subject matter, in his inimitable and irreverent fashion. As a result of this, a work colleague of the Corp's had his blog hacked and neutered. The Corp, with his uncanny skill for detective work, found the culprit, and the techie geek who had been bribed or conned into doing the hacking.

Here is a quote from the post:

Invasion of Privacy, Breach of Con­fid­en­ti­al­ity, In­tel­lec­tu­al Property Theft, and In­fringe­ment of In­tel­lec­tu­al Property rights. Want to go another round, you rotten bitch?

The hacker was a tech geek, who had been asked by an offended co-worker to stop my site. Apparently, I was spreading hate. I would never be daft enough to read something online, then complain about it. Unless of course the material was obscene, and made victims of children. We are, for the most part, adults. And, we can very easily navigate to the next page. Those of you who are easily offended should use this opportunity to navigate now.


Read the rest of the post here.

The point of bringing this to your attention is the fact that not all hackers are anonymous -- although they will probably try to be at first. Sometimes, this repulsive and repugnant behaviour can be found no further away than our own front doorstep.

The initial post, that caused all the furor, is referenced from the full length version of his latest offering.

It doesn't matter what you feel about the issue described in the post. I have no doubt that many of you may not agree with the Corporal's viewpoint. However, as a community -- which is what I truly understand "Stop Internet Censorship" to represent -- each and every one of us knows that there are people out there who disagree with our fundamental right to speak, write, publish... exist. And since, unfortunately, censorship fails to be restricted by the sex or porn boundary, we therefore have a duty to add our voices to the fight for the right for speech to remain open and free. Remember Pastor Neimuller? ("First they came for the Jews, and I did not speak out because I was not a Jew...")

To quote the Corporal again:

I never have, nor will I ever, shy away from an opinion because it might offend someone. Nobody should, for that matter. That's what free speech is about.

Sunday, February 19, 2006

Very nice post yesterday from DH of DH Spicy about securing your own computer from everyday hacks.



As you know, I like to explore and look around, well today I spent two hours re-scanning my Pc due to a Trojan that just jumped in as I entered a site. Unfortunately, I can’t report the url for you to avoid as it’s gone. I’m a cautious surfer. I’ve had to remedy too many systems at the office not to be. But today I got stung.



His post includes a reminder to not just backup your data and email but also to practice restoring it as well. His final reminder...



Fortunately, I didn’t have to go to that extent today, as my Anti-Virus took care of things. But shit happens. It doesn’t have to be from a Virus, it could be a Hard Drive crash. That’s usually an 8 hour job. Restoring OS, Programs, Restore Data, configure internet and stuff. But if you are well prepared, at least there is minimal lost.

If you have an Anti-Virus, which I hope you do, make sure it has the most recent, up to date signatures.

If you operate, on line systems, like blogs, message boards etc, you should download your back ups and make them part of your regular routine. Database at least.

Read his whole post here.



Sound advice. We don't have to wait for hackers, you know. Sometimes just a well-timed laptop drop is all it takes. I do fairly regular backups, sending email, image, and data files to a safe location, backing up my blog templates and databases on my server, and for extra credit, keeping a copy of my server files on my home machine and (to a limited extent) vice versa. If I go down I'll be a major nuisance, but it won't be a complete catastrophe. You can do that too.

figleaf

Sunday, February 12, 2006

Regarding post theft

The one thing I did notice in the post theft that maiden speaks of is that the hits always come from the same IP.

California, Pleasant Hill, United States
c-67-188-45-190.hsd1.ca.comcast.net (67.188.45.190)

We've gotten hits from that site, several a day usually, but always from the same IP.

I do believe the blog owner wants us to look?

Okay.
We've looked.

Now please write something using your own words.
We would certainly love to see what you can do.
Thanks.

Saturday, February 04, 2006

Post Theft

*waves to all her friends*

Hello all.....

I do not doubt that most of you are aware of a certain blogsite that is stealing our posts and reposting them - I won't be giving the link here, anyone who is interested is more than welcome to email me at my gmail address.

Thus far I know that one of my posts has been taken, one of the lovely Salacious Desires and one of Virgin Slut's to name but three. Each post includes a link to the site that it has been taken from, however there is no clear indication that the work has come from elsewhere.

This is, I am sure in no way as serious a threat as that suffered recently by many of you, however for those of us who consider their posts their "babies" it's infuriating to see someone taking them without seeking permission first. This site is in no way a "round-up" of posts, it seems to me just straight forward theft.

Again, anyone who wants the link, email me at Icemaiden01@gmail.com. I see no reason to give this person free advertising! And a massive thank you to SD for bringing this to my attention in the first place (she also has a post on the topic at her wonderful blog)

Kisses

The Maiden xx

Damn you, and the horse you rode in on

I'm wondering if this posting will remain. Hi, I'm Steff, and I'll be your pilot. My profile has never worked, so I'm the author of the Cunting Linguist, if you care.

This is my inaugural posting here, so a warm thanks to the Queen and the goodly folks who've allowed me to crash this party.

I think I just got censored by the gods that run this dog & pony show. I posted this, "Damn you, insert blogging host you're presently viewing through!" grumbling today. It vanished.

I've received a bunch of comments that have failed to be saved on the site itself after being auto-forwarded to my email comment-alert box. One, though, fortunately proved I wasn't just hallucinating after smoking some of the locally available herbs or anything, since it had to do specifically with the content of my bitching post.

I'd like to take a moment to laugh with hilarity at the ludicrous suggestion that Google, holding out on its searchable items history from the US Federal government, was doing anything altruistic like protecting freedom of speech. No, they were protecting their $400 share price from their buddies at Yahoo! and MSN.

Censorship is alive and well, and the bottom line is the only concern with Google at their subsidiaries at this time, this resident host included.

Anyhow, you can bet my writing's getting backed up as I type. I can't trust this host anymore.

WHOIS and Simple IP Tracking

In this post I am going to show you how easy it is to discover the IP address of a website and track the owner and/or hosting server of that website. There are other ways to do this that are more complicated and time-consuming, but honestly this easy technique works in the majority of cases. I understand that for some of us this is going to be rudimentary information, but I am of the opinion that for the majority of bloggers, this could be extremely helpful. Later on we'll get into other areas of protection, security and other issues. But today we are going to simply focus on tracking down an IP address and finding the owner.

For this example I'm going to use the site theft that occurred to TSB about two weeks ago. This incident led me to discover Rogerio the hacker, almost at the exact same time that the Corporal did. Turns out that Rogerio was the hacker that nearly destroyed TSB a week earlier. On this morning I got an email telling me that my site was up and running on another site, bangblog.info. I went to the site and sure enough, someone had copied my entire site into theirs. What to do about it?

I needed to find the owner and track his sorry butt down. But how? The internet is a helpful place, both to us and to those out to do evil. The trick here is that we both have the same tools available to us. Remember, the hacker doesn't have a magic wand, they are working in the same world as we are. The important thing is to use those tools against them, just as they are using them against us. One of the most powerful tools at our disposal is built right into the internet, and it's called WHOIS. Every IP address on the Net must be registered. WHOIS is a database of those registrations. In a good way it allows us to see what domain names are available or unavailable and ask to purchase those we might want very badly.

There are many places to conduct a WHOIS search available. I usually go to Network Solutions to conduct mine, the address is:
http://www.networksolutions.com/whois/index.jhtml

Bookmark this site, it is also helpful in many other ways.

Here you can enter the domain name, the NIC Handle or the actual IP address and discover the information that might be available. In our example I knew the domain name, bangblog.info and entered that. This is what I discovered. (You get a long list of data.) The Domain ID: D11788188-LRMS. Registrant ID:C-1796. Those are good, but the best part here was that Rogerio had actually registered the site in his name. We learned that Rogerio lives at Avenue Minas Gerais Apt 201 and his phone number is 55.313.827.0045. And his email address is ranicio@gmail.com. And that took us all of about two minutes from the time we started, EXPOSED. Now, the other thing we want to know is where bangblog.info is stored and hosted. Why? Because we may not get any satisfaction from the hacker, remember they are criminals after all, but the host is another story. In this example we also learned that the host was a company in Texas called Planet.com. I say was because that information is no longer available here. So now what?

Well, emails went out to Rogerio and to the hosting company, which I also copied to Rogerio as well, so he could see what I was doing. The point here was to make them both aware that I meant business and that I would be willing to involve higher authorities if needed. For example, here is the actual email I sent to Rogerio:

"Rogerio Anicio Oliveira,

This letter is to inform you that your registered site, bangblog.info
is currently hosting materials that are protected under international
copyright law and registered in the United States of America and
protected under International Law. Your IP address has been recorded
and all materials MUST be removed within 24 hours or further steps
will be taken to insure the protection of our rights.

Our attorneys have been notified and we will pursue this matter
immediately. This email serves as a warning that we take all matters
of copyright seriously and consider your actions to be in direct
violation of the law.

If our materials are not removed we will contact your host immediately
and request that they terminate your hosting."

Almost immediately I got a very nice, short reply from him that simply said, "Fuck you."
To which I replied:

"We have noted your response and have taken the necessary steps to
inform your hosting service of your violations. Please be aware that
your information has also been transferred to the necessary government
authorities and that additional steps are also underway to ensure the
protection of our rights in this regard.

Have a nice day."

The point here is that the site came down within a half hour. I did contact the hosting company, and while getting any true justice there would have taken attorneys, the good news is that now I see they are no longer hosting the site.

I think that about covers the easy way to track IP addresses. This also works from a visitors standpoint. You should be using a tracking device on your site to count visitors. I use two, one is visible to my visitors and one is invisible. One is a simple counter and one is a much more robust and complex counter. This is new since the rash of attacks we've been subjected to. But I monitor them both and make note of any strange unusual visitors, I keep track of those IP addresses and other information. This technique can also be used to track them as well, should it come to that.

Next time I will talk about the Digital Millennium Copyright Act of 1998 ("DMCA") and how to use it to protect your intellectual property, who to contact in the government that can help you and steps you can take to further protect yourself from identity thieves, hackers and other nefarious bandits.

I hope you find this information helpful. If anyone has a specific problem or question, please post it in comments or if you want, contact me directly at secretbrain1138 at gmail.com

Thanks,

What's the status of Blog*Spot?

Blogger was having problems yesterday:
Friday, February 03, 2006
We are currently experiencing some problems with Blog*Spot. A percentage of blogs are completely inaccessible. For others, you may need to reload a few times before you connect to a web server that will serve them. We anticipate things will be calmed down within the hour.

Update, 5:20PM: Blogger and Blog*Spot should be fully operational with the exception of one of our file servers. This means a percentage of blogs will be unpublishable and inaccessible. We are currently waiting for a lengthy disk integrity check to complete on the file server. There may also be transient delays serving blog pages while our load balancing evens out.

Update, 8:00PM: The Blog*Spot web servers are coming back online with connections to the file server that was out for most of the evening. (Its disk is totally okay, btw.) So, within the next 10–15 minutes everything should be completely back to normal.

Again, super major apologies for this.

You should bookmark the Blogger Status page, so that you can check on any current problems.

File under: weirder shit

Weird things be a-happening in the world of Blogger.

This time I am not accusing them of censorship, but I'm concerned that they themselves may be under attack. I've been having some very weird happenings with my comment moderation -- comments not being sent to me, but appearing in the moderation tab for one. Me publishing comments and them not showing up for another. Me publishing comments and them disappearing from the comment box -- despite my receipt of an emailed copy proving that they'd actually been published.

I've been going around in circles all fucking day.

I also received the following letter from Deadly Female:


Subject: Blogger is playing nasty games with me :

It's sending comments to my inbox but not publishing them. And I just made a
new post which I successfully managed to post a comment on but I just went back
to my blog and it has deleted the whole post as if it didn't exist.

Shit! I don't like this, I don't know what's going on.....

DF xx


Also yesterday Blogger was unresponsive on and off all (European time) day. Odd.

The events of the last few weeks have made me super-alert to any abnormalities. I do not rule out the possibility that I am over-reacting. Feel free to pat me gently on the head and smile benevolently as you tell me not to be such a moronic waste of space.

But just in case... I'm posting this. Anyone got anything soothing for the ears of a Minx?

PS I'm posting this at 4.00 a.m. according to this blog's timezone, but for me it's 2.00 p.m. (GMT + 2). If that helps.

Thursday, February 02, 2006

First Aid for Bloggers

I fully agree with Minx (comments on last post), we have to DO something. And, incidentally, I was going to propose to gather e-mail addresses like Art has done already. So, Art, please continue, your list may become handy ! However, I think there IS something else we can do ...

Imagine, you get hacked, your blog is down, no access to your e-mails etc ... The best way to piss off those hackers is obviously to be back up and running in no time !! I don’t spent much time digging into the details of html, tracking down people, digging into Google caches etc. But, some of you do, and have become really experts in all this. So, here’s my request ...

Could those of you who have the know how, not make a 'simple' document that can be sent around, answering questions like:
- how do I get my blogspot (or other)- name/domain back from blogger ?
- how do I make a complete back-up of my blog, in 10 easy steps
(I know Jeff posted advice on this a little while ago, but, please put it into a document we can store)
- how to trace (and report) the assholes ?
- what is the best way to contact blogger ?

Something like a concise "First Aid" manual, that we can simply open, follow the steps and be back in the saddle with the same blog and the same content in no time ...

I realize that this not really an answer to threats to be exposed to family or employers, but, so far, it seems these are minor incidents (correct me if I am wrong). In general it seems blogs get hacked, preventing us from access and diverting our sites to porn sites.

Thus, may I invite those of you that really know how to do this fast and efficient (The Colonel, Artfuldodger, DQ, O, ...) to 'get together', device a strategy, and prepare detailed instructions. I believe this would be of great service to many of us !

Your ideas ... ?
Aragorn

Wednesday, February 01, 2006

More attacks ?

Check Alex & Suze !
- A