So, Anonymous Wants to Kill Facebook…
by BeauHoward on August 10, 2011
Listen to the press release on YouTube by clicking here.
Read it on the Village Voice by clicking here.
…This should be interesting. In a fight like this, my money usually gets placed on the corporation generating $2 billion a year in revenue. That said, Anon has been about this game long enough now to know that it won’t actually “kill” Facebook. They could cost Facebook money through harassment, but the juggernaut social network will clearly weather the storm, whatever it is, because (1) it has a $50 billion market cap, (2) there is too much money to be made, and (3) people are addicted to it.
Take cigarettes as an example. They give you cancer and kill you, and everyone on Earth knows it. Even so, the tobacco industry is alive and well for basically the same three reasons that Facebook will be fine. Countless public service announcements and anti-smoking ordinances may have dented big tobacco’s armor, but Altria Group, Inc. (formerly Phillip Morris) still generated $3.9 billion in profits on more than $16 billion in revenue in 2010.
So this threat feels like a public service announcement and a publicity stunt from Anonymous. It will not kill Facebook, but it will certainly be interesting to watch.
One caveat: Anon has planned its operation for November 5, which is Guy Fawkes day. I presume they intend only a virtual detonation of Facebook with the usual denial of service attacks and associated grief, as opposed to actual detonation with kegs of gunpowder. Anon does, after all, appear to have a new toy to replace the Low Orbit Ion Cannon.
Need to know where someone was? Subpoena their iOS “consolidated.db” file.
by BeauHoward on April 20, 2011
I had a recent case where someone skipped a court hearing despite being under subpoena to attend, and I suspected that the explanation for their absence was phony. Fortunately, the issue was handled quietly, without court involvement, and my suspicion and persistence in asking questions was enough to force a resolution. But what if suspicion and pointed questions had not been enough? What if I needed proof?
Recent research from Pete Warden and Alasdair Allan suggests that a person’s whereabouts might be determined from the “consolidated.db” file stored on their iPad or iPhone. Apparently, these devices use information broadcast from cell towers to regularly triangulate their location, and then they store this information in the consolidated.db file for whatever purpose. Targeted advertising maybe? That’s a mystery for another time.
Anyhow, call tower triangulation isn’t GPS-level accurate, but it could certainly prove that someone’s iPhone was in Atlanta (for example) when the person claimed to have been in Dallas (again, for example). From there, cell phone records, social media activity, and other evidence could be used to help prove whether the individual was actually with their phone at relevant times. It’s a neat trick, if you can pull it.
Here’s an article on point from the Washington Post and Bloomburg.
Here’s a link to an app that would help you examine the data contained in consolidated.db.
I wonder who will be the first to try to subpoena this file in a civil proceeding?
Update:
ArsTechnica has an interesting article suggesting that encrypting your iPad or iPhone data backups will make this information harder to obtain by someone looking for it surreptitiously on your home computer, but it would not encrypt the data stored on your phone or tablet itself: click here.
There is also some indication that the location data contains glitches which will occasionally place you in a location a few miles off from your actual location. This could be very significant or not, depending on why your location is being tracked. See here.
Judge Sanctions Plaintiffs $29,000 for Discovery Fishing Expedition Against John Doe Defendants
by BeauHoward on April 12, 2011
The Court issued its Final Order and Judgment on April 6, 2011, in the case styled Ligatt Security International, Inc. v. John Does 1-25, et al., Civ. Act. File No. 10-A-6012-5, Superior Court, Gwinnett County, Georgia. The Judgment awards the Defendant approximately $29,000 in attorney’s fees, stating:
The Court finds that Plaintiffs filed this case as a pretext for a discovery fishing expedition, which Plaintiffs conducted through the illegal means described in the Court’s prior Order Awarding Fees. The Court bases this finding on the reasons stated on the record during the March 28, 2011 hearing (as reflected in the transcript thereof), and on (a) the testimony of Plaintiff Evans respecting his intentions for filing this case; (b) the fact that Plaintiffs never filed a written response to any motion filed by Defendants; (c) the fact that, after multiple hearings, Plaintiffs finally stated in open court that they did not oppose the relief requested in the Motion to Dismiss; and (d) the fact that, after the Court entered its Order Awarding Fees, which quashed Plaintiffs’ illegal subpoenas, Plaintiffs voluntarily dismissed this case to pursue litigation in other courts. Based on the foregoing, the Court finds that, by improper conduct including, without limitation, the issuance of illegal subpoenas, Plaintiffs unnecessarily expanded this proceeding, which was itself initiated and conducted without substantial justification, for the purposes of harassment, and as part of an illegal discovery fishing expedition.
For the reasons stated in the Order Awarding Fees and further pursuant to O.C.G.A. § 9-15-14(b), Defendant Morris is entitled to an award of reasonable and necessary attorneys’ fees and expenses incurred in preparing and pursuing both his Motion to Dismiss and Motion to Quash.
(Footnote omitted.)
The full text of the Judgment can be read by clicking here.
The full text of the Court’s prior Order Quashing Subpoenas can be read by clicking here.
You can read The Register’s coverage of the subpoena issue here: Judge Rebukes ‘World’s No. 1 Hacker’
No Defamation When University Blacklists “Unreliable” Websites
by BeauHoward on April 12, 2011
In another case that turns on the difference between statements of opinion and fact in the defamation context…
The Turkish Coalition of America (“TCA”) and Sinan Cingilli recently sued the University of Minnesota and two University officials, President Robert Bruininks and Professor Bruno Chaouat, for defamation (among other things) related to the parties’ conflicting viewpoints on whether the Ottoman government’s killing of Ottoman Armenians during World War I constituted genocide. The TCA maintains a website arguing that no case of genocide could be successfully brought against the Ottoman government. The University of Minnesota, which operates a Center for Holocaust and Genocide Studies (“CHGS”), takes a contrary viewpoint, and from about 2006 forward, the University’s CHGS website stated the following about the TCA under the heading “Unreliable Websites”:
We do not recommend these sites. Warnings should be given to students writing papers that they should not use these sites because of denial, support by an unknown organization, or contents that are a strange mix of fact and opinion. We also do not advise using sites with excessive advertising.
On the issue of whether this statement could constitute an actionable defamation, the United States District Court in Minnesota stated:
[As to the defamation claim,] the Court concludes that the alleged statements constitute protected opinions of the CHGS and Professor Chaouat. Defendants have openly acknowledged that the CHGS and Professor Chaouat believe that the killing of Ottoman Armenians during World War I was genocide. Even if the allegedly defamatory statements indicate that the TCA’s contra-genocide viewpoint is unreliable, it is clear that this position is one of academic opinion. Accordingly, the Court dismisses Plaintiffs’ defamation claims against Defendants.
The Court notes that in order for Plaintiffs’ defamation claims to go forward, Plaintiffs would have to be able to establish that the allegedly defamatory statements made on the CHGS website were false. To conclude that Defendants’ statements were false, the Court would also have to determine that either the contra-genocide viewpoint is correct or that the issue is a genuine controversy. The problematic nature of such a request highlights why statements of opinion, and particularly academic opinion, are not actionable….
Although this ruling is pretty narrowly tailored to academic debates, I don’t see a reason it shouldn’t extend to public discussion of other complicated social, political or legal issues. Universities aren’t the only “tastemakers” out there with sufficient pull to scuttle reliance upon a website. (Note that I said “reliance upon” as opposed to “visits to,” because publicly denigrating someone’s website is a great way to drive traffic there). Why should the well-respected be denied the freedom to express their legitimately held opinions in public debates?
You can read the full text of the Court’s Order here: Memorandum Opinion and Order
You can read professor Eugene Volokh’s commentary here: The Volokh Conspiracy
Identifying Anonymous Internet Trolls
by BeauHoward on March 16, 2011
The problem of harassment from anonymous Internet trolls is hardly new. The topic has a rich enough history to merit New York Times (NYT), Wikipedia and How Stuff Works articles, of which, the NYT story is far-and-away one of the most fascinating things you can read for free on the Internet.
A quick Google search reveals a wealth of content alternately rating the all-time-best trolls, explaining how to troll, and/or describing strategies for dealing with trolls. XKCD once published this hilarious cartoon on the topic: Troll Slayer.
In truth, Internet trolling can often be amusing and harmless. This was the case with Mark V. Shaney, a program that generated nonsensical, but quasi-intelligent text and posted it to Usenet to trick people into conversing with a computer when they believed they were having a conversation with a real, albeit off-kilter person.
There are, however, circumstances where individuals cross the line, and a hoax becomes tortious, or worse, criminal. In one famous case, a prankster created a fake Bloomburg News website and successfully manipulated a stock price. The NYT reports:
Using a personal World Wide Web site intended to look like an Internet page of Bloomberg News, someone posted a fake report early yesterday that said an American technology company called Pairgain Technologies Inc. was being taken over by an Israeli rival for a hefty price. The report spread to a Yahoo message board and then to other sites frequented by stock traders, who quickly bid up Pairgain’s stock by more than 30 percent.
(NYT, Fake News Account On Web Site Sends Stock Price Soaring, April 8, 1999.)
In other cases, anonymous Internet harassment has arguably lead to more dire consequences. Lori Drew, for example, was convicted in federal court of misdemeanor computer fraud “for her involvement in creating a phony account on MySpace to [play a trick on] a teenager, who later committed suicide.” (NYT, Verdict in MySpace Suicide Case, November 26, 2008.)
These examples are by no means exhaustive. Hundreds of instances of Internet harassment, defamation, stock manipulation, stalking and fraud are a mere Google search away. Some of these schemes are perpetrated by trolls, in the classic sense. Others are perpetrated with criminal intent. Regardless, if you are unfortunate enough to become a victim, the trickiest part of making yourself whole can often be identifying the culprit.
If you are legally or technically savvy enough to do so, discovering the Internet Protocol (IP) address associated with a tortious communication should be one of your first steps. According to ICANN, the international organization assigned to manage and coordinate Internet addresses:
IP addresses are the numbers assigned to computer network interfaces. Although we use names to refer to the things we seek on the Internet, such as www.example.org, computers translate these names into numerical addresses so they can send data to the right location. So when you send an email, visit a web site, or participate in a video conference, your computer sends data packets to the IP address of the other end of the connection and receives packets destined for its own IP address.
(ICANN, Beginner’s Guide to Internet Protocol (IP) Addresses, accessed March 16, 2011.)
An IP address, however, merely points to a computer or a router, not a person. In the case of a stationary computer, the IP address cannot tell you who was at the keyboard. In the case of a router, the IP address only identifies the router itself, not the connected devices, and certainly not the individuals using those devices. If the IP address refers to a foreign proxy server or a Tor exit node, the problems are compounded. Depending on the circumstances, it could be difficult, cost prohibitive or impossible to positively identify the sender of the communication by an IP address alone.
That said, an IP address is often a nice piece of circumstantial evidence. It can help narrow your range of suspects, and, when used in conjunction with other identifying evidence, it can help support your case for identifying the culprit. So, what other forms of identifying evidence do you need? Thanks to recent research, a small number of writing samples is one possible answer.
In a new article by Farkhund Iqbal, Rachid Hadjidj, Benjamin C.M. Fung, Mourad Debbabi titled “A Novel Approach of Mining Write-Prints for Authorship Attribution in E-mail Forensics” (mirror here), the authors propose a fairly sophisticated method for analyzing suspects’ writing samples, identifying recurrent factors and patterns that make up the suspect’s “write-print” (style, word choice, common grammatical errors, et cetera), and then comparing the suspect’s write-print to the write-print of the problem communication.
In the words of the authors:
In forensic science, an individual can be uniquely identified by his/her fingerprint. Similarly, in cyber forensics, an investigator would like to identify the ‘‘write-print’’ of an individual from his/her e-mails and use it for authorship attribution.
The authors tested their proposal using data from the publicly-available Enron email database and achieved remarkably accurate results (in the 80% range) when using a modest sample of the test-suspects’ emails (about 16 emails each for 6 suspects). In a civil lawsuit, where the evidentiary standard is “more likely than not,” a methodology with an 80% average success rate may be sufficient to get your expert in front of a jury if the other identifying evidence is consistent.
In short, if you can use IP information to narrow your range of suspects, and your attorney can collect and authenticate a reasonable number of writing samples, an expert employing the Iqbal write-print analysis could remove some guesswork from identifying your culprit. Although the write-print study was conducted with emails, there is no reason the same analysis would not work with message board, blog, or newspaper comment posts.
In closing, please note that not every instance of harassment is actionable, and using a court to strip another person of their online anonymity generally raises First Amendment and a variety of other legal issues. If you find yourself in the unfortunate position of needing to identify an offending John Doe, consult your attorney.
Anonymous Leaks Internal Bank of America Emails
by BeauHoward on March 14, 2011
From the New York Times: link to the article.
Anonymous picked up where Wikileaks left off by publishing a batch of Bank of America’s (BoA) internal emails, allegedly showing that BoA was complicit in foreclosure fraud. According to the NYT:
The documents indicate that Bank of America improperly foreclosed on several homes during the height of the financial crisis in 2008 that began one of the worst recessions since the great depression. The report came from a former employee with Balboa Insurance — a risk management and insurance firm. The employee reportedly corresponded with Bank of America employees and was told to falsify loan numbers on documents to force Bank of America to foreclose on homeowners.
Other publications, such as Business Insider, remain skeptical about whether the leaked emails contain any damaging information to BoA.
The BoA emails were provided to Wikileaks last year, which intended to release them in December 2010. Julian Assange’s arrest may have derailed those plans, although Reuters reported in February 2011 that even Mr. Assange’s desire to release the documents had waned because he was not sure whether they demonstrated anything newsworthy.
Anonymous is providing access to the leaked emails at http://bankofamericasuck[dot]com, but reports indicate that a flood of interest has shut down the site.
A discussion on the Reddit politics board lists a number of mirrors.
Georgia residents interested in the leaked emails may want to tread carefully, as it remains to be seen how BoA will react to the disclosure.
Others reporting on this story, some of which are republishing emails from within the leaked batch of documents:
Huffington Post: Bank Of America Anonymous Leak Alleges ‘Corruption And Fraud’ (Mirror)
The Register: Anonymous collective begins leaking Bank of America emails. Is that all you’ve got? (Mirror)
Forbes: Bank Of America E-Mail Leaks Are Here, How Much Will They Hurt? (Mirror)
The Atlantic: New Leakers Accuse Bank of America of ‘Corruption and Fraud’ (Mirror)
Business Insider: Bank Of America “Leaks” Are A Total Letdown And The Source Is A Whiny Former Employee (Mirror)
Gawker: Anonymous to Leak Bank of America Documents Monday (Mirror)
Twitter: #BlackMonday