Archive for March, 2007

Don’t Blame the Jury!

March 31, 2007

In reality, the guilty verdict was the only one the jury could possibly have delivered. You have 12 computer illiterate mothers of young children look at 500 of the nastiest pictures of abused children you have ever seen in your life and listen to a geek talk about honeypots and Trojans and zombie computers run under the control of their masters. The pictures were shown twice during the trial and twice more during the closing arguments.

 

Our expert was a “homie” who told the truth and their’s was a white woman from Washington who lied and said she didn’t have to address the technical issues because the earth was flat and technical problems with virus and Trojans didn’t exist on computers – especially on dial-up accounts.

 

The closing arguments in a Federal case gives two shots to the Prosecution and one to the Defense. So the closing was as follows:

 

  1. The Chief Prosecutor from Washington, a white mother, showed the 86 pictures at 2 second intervals. She never bothered with intelligent dialog as she was either incapable or thought it not necessary.

  2. The Defense presented the technical arguments about Trojans and while on a John Belushi roll about this trial being for all of us and the future of the computer industry, a juror raised her hand and requested a pee break and the judge decided to break for lunch.

  3. The Assistant Prosecutor pointed out that the defense attorney had primitive ideas about innocent until proved guilty, had overstated the need for valid evidence and if just one picture was on the computer, Chuck (Charles Stephano) was guilty under the Patriot & Porn Act – Just for luck she showed the faces of 12 more victims.

 

No shit, I’m glad I was a researcher for the defense, because the emotional bullshit was beginning to move me.

What the hell’s an Arc Bomb?

March 30, 2007

An Archive Bomb is one of those very stupid pieces of malware that almost no one has heard of. In the early days of virus development, everyone wanted to crash the network just to prove they could do it. This is reminiscent of the mindless vandalism of the the statue of the Madonna and the Christ child that some asshole did with a hammer years ago. It took Michaelangelo years to create it and it took the jerk seconds to destroy it.

Well malware creation has also moved into a very creative and profitable endeavor. Even when the motive isn’t profit you get more bragging rights with a good denial of service attack against SCO, false ads overlaying the real ones on Google and Koran verses replacing porn pictures.

On the other hand a well crafted network of bots or zombie porn servers delivering kiddie porn, spam or phishing are worth real money. So no one designs a non-profit arcbomb to shut down machines without a motive. Just think who would destroy an asset worth real money. If someone allowed you to steal their car, drive it as fast as you wanted and paid for the gas for life, you would never destroy it. Even if you stole a faster car, you would keep it around as a spare and leave it rust but never intentionally trash it.

That’s why destructive Trojans make no senses unless there is an issue of kiddie porn, national security or some other compelling reason. Hey, design the Trojan to take out the machine and when the person takes it to get repaired, they self incriminate.

The first encounter with this was when I heard it described in this kiddie porn trial. The video shut down, Chuck (Charles Stephano) took it in for repairs and bam, he got raided. When I started researching the topic, One machine shut down, and a second and third were half blind. The techie said signal out of range 74 KHz and that’s the signal I got three times. Needless to say, I never asked for help with repairs.

So when researching Trojans in general, I stumbled on an arcbomb or archive bomb. This is when an old compressed file is opened by your antivirus for inspection and BOING it explodes because it has been compressed and recompressed 18 to 20 times so a 7k file expands to fill the drive. Now in the old days this might have been a threat because drives were so small and I paid no attention to it. UNTIL, I was installing programs on my thumb drive that could be concealed and my antivirus got hung on an infinite loop and then froze.

I was about to throw the thumb drive out until, my resident geek suggested we take it apart. We sorted all text files and found one that filled the bulk of the drive. We tried to open it but everything froze. We took the cowards way out and deleted the text file. We then deleted all compressed files and now the drive is working. His comment – “I never believed all your crap till I saw that” – Thanks CE, but he also warned I should try to reside in the real world most of the time even when I’m living life on the technological edge because a lot of people might doubt it otherwise.

Shannon Perkins & The mk:@MSITStore Conspiracy!

March 28, 2007

It’s always been hard for me to listen to bullshit without screaming. So when Shannon Perkins (The Government Expert) lied on the witness stand, my interest really perked (Hahahaha PUN). First, she claimed she had never heard the term honeypot, there were no Trojans associated with porn, Trojans didn’t work on Dial up, and all kinds of very ignorant bullshit. Also, Law Enforcement never engaged in entrapment and the use of retaliatory honeypots simply doesn’t exist. (i.e. Web Sites that screw you when you wander into the wrong place.)

She really got to me when she stated that she had researched all weekend long and there was no such thing as the mk:@MSITStore Trojan and if it existed, it wouldn’t work on dial-up. I got up and left the courtroom as I couldn’t stand blatant stupidity or even worse blatant perjury.

Now we had already had admitted to evidence the article on the discovery of the mk:@MSITStore Trojan published under that name and had tried to introduce some more entries on mk:@MSITStore Trojans working on Dial-up and being used for porn delivery but the judge dismissed them because Shannon said they were not authoritative and Trojans just didn’t do those sort of nasty things things.

Well Shannon, it’s time you learned a fact of classical Greek history and Internet lore. A fucking Trojan Warrior in Greek mythology could do what ever it wanted. It could rape, pillage, and plunder. It could engage in arson, murder and mayhem. It could loot, defame, hijack and do whatever it God damn well pleased. A Trojan operating on the mk:@MSITStore exploit should have been called the mk:@MSITStore Trojan, but it wasn’t. For reasons only know to you, your God (if you have one) and the Government, it was officially named the “MHTML URL Processing Vulnerable” and like the original warriors carried by the Trojan Horse, it could pretty much do whatever it wanted.

Oh well, ignorance knows no limits!!!

This story about Government corrupting computers starts here.

Mom’s Homegrown Christmas Conspiracy!

March 27, 2007

I went to visit my mom for her 90th birthday and the family did a lot of reminiscing. Funny thing I got to thinking and realized my mom taught me everything I need to know to recognize a conspiracy. We grew up one notch below dirt poor. My mom loved to grow things and desperately tried to grow anything on the clay, shale, rock piece of earth we called home. If we had made it up to dirt poor, there probably would have been enough dirt to grow something and we would have been better off.

Still once a year she did everything she could to make Christmas a joy to the world. In her heart, she knew that her four kids would resist the fasting in preparation for and the attendance at Midnight Mass before the calibration would begin in earnest. Of course she knew her husband would be off getting drunk and would come home and pass out before the celebration began but she still conspired to create the greatest memories possible for her kids. In my mind, the feast and gifts were endless and the party lasted till dawn.

I don’t know where she found the time, energy or resources to pull it off but I’m sure she relied on friends and neighbors to help and in his own way, my father probably did too. I mean she would start planning from about Labor Day on and knew where to hide the presents, where the tree would be and how big she wanted it.

From the beginning, I knew that a conspiracy involved two sets of rules, one for those who knew (or knew just a little bit) and another set for the clueless masses. Over the years, the players would change but she was the only one who knew all the rules and she would share them on an as needed basis. As we grew older, and started to understand that there was no Santa, she started to include us in the bigger picture to fool the uninitiated. When we were all old enough to understand her game, she would form various alliances so that there would be one major surprise for everyone on Christmas Eve.

So after a lifetime legacy of Mom’s Homegrown Christmas Conspiracy, I have come to realize that in an Internet world where everybody has full access to full knowledge, the only reason you can’t find out something is because there is a conspiracy to block access and the flow of knowledge.

Sneak A Peak Warrants or Paranoid?

March 26, 2007

So ever since I got slammed with all these Trojan’s and weird pictures, I have been careful to turn off the machines every night and unplug them from the DSL Router. I mean when a Trojan can download porn, connect to the net, run Internet Explorer and change your homepage and favorites, the only protection you have is to turn off the machine and unplug it from the net.

So the first time I came in the morning to find a machine running and plugged into the net, I chastised myself. The second time I found my level of incompetence unforgivable. When I was discussing this situation with the lawyer I’m working with, he decided to fuel my paranoia by telling me about “Sneak A Peak” Warrants so maybe it wasn’t me who turned the machine on.

It seems that a man’s home is no longer his castle and his office is even more vulnerable. The in-Justice Department can now suspect you of a computer related crime and ask the judge to “sneak a little peak” at your computer. So under the protection of the court, a law enforcement official can break into and enter into your premise like any old thief in the night.

The sad part is if they find anything incriminating on the sneak a peak mission they can use it as evidence against you to get a real warrant to impound the machine and really search your premises. If they don’t find anything – they never have to tell you they were there.

So in theory, they can slam your machine with Trojans, turn it into a kiddie porn relay, email all your friends using a Trojan/worm, notify the authorities by email, get a “sneak a peak” warrant to find what they planted and get a real warrant based on the peak at what they planted.

Hey – Don’t piss off the man – He has the Biggest Hammer of all.

Too bad they have the same morals and ethics as the scum they are trying to take out. I believe that if there is a God, she will have a special section in Kiddie porn hell for the people who are trying to exploit it and the scum who are compromising core American values trying to protect us.

Hello Old Friends

March 24, 2007

Life has been on the fast rack for the past month – ever since I got involved in the technological trial that will define ours and future generations. I can’t believe that it’s only been a month since I first got involved in looking at computer forensics. I have been eating sleeping and living the commensurate geek life of obsession.

I have been forced off line for days on end trying to work around computer virus and corrupted and blocked networks. I’m actually enjoying the challenge of facing the best in the world who are trying to suppress knowledge and avoid the bleaching effect of exposure to the light of day.

This battle is fun for me because it’s getting my mind working at full speed but it is not really for me because if we lose the Government’s power to invade computer privacy and control lives will be staggering. Already, I can see the impact on my life as I now trust very few and ask only once.

I have entered a domain where most people I know are classified as more than acquaintances but less than friends. Even friends who want to help do it in strange ways. Instead of handing me a computer supply, they will leave it with a bartender at a place I frequent and ask the person to give it to me. Others make promises of privacy and capitulate with compromises designed to expose me after they have been contacted by the Men in Tailored Suits.

I would like to thank all who have been supportive of my weight loss efforts including Robin, Waistloss and The Middle Manager (who has kept his diversion a secret). With your support I have dropped from 247 pounds to my current level and am a lot healthier because of it. Right now I am stabilized in the 212 to 215 range even as a desk jockey. I have not lost sight of my goal of 190 pounds by year’s end. However, my need to solve the issue of corrupted computers is obsessive and using all my energy right now. I guess I’m just having fun in a new stranger way.

The mk:@MSITStore Conspiracy

March 23, 2007

The first rule in solving a Microsoft related conspiracy is don’t blame Bill Gates. I’m not trying to suck up or even saying that Bill Gates has never done anything wrong. It’s just when separating those who are part of the problem from those who are part of the solution, I’ve made a lot more progress using the MSN search engine and knowledge base. While using Cert and Norton, I found nothing to support my position that this machine was corrupted and the Judge had ruled out our arguments based on newsgroups and forums as being non authoritative.

In addition to finding real information at MSN, I don’t believe there is a capitalist alive who would sacrifice profits, destroy their own reputation and hurt themselves to help the Government become more oppressive. It’s a lot less expensive to compromise disgruntled low level employees who feel that life isn’t fair. Hell, the US Government and the Russians have 60 years experience at seeking, finding and compromising this type of person. So why try to buy out Bill Gates for billions when it’s far easier to give a liver transplant to a programmer who destroyed his body while staying up all night writing code and living off of booze and drugs.

What the hell, the cost of a liver transplant is only a few hundred thousand and you can get a back door or exploitable vulnerability to every Windows machine in the world.

If you really wanted to stop exploitable vulnerabilities, you would have to look farther than Bill Gates and Microsoft management. Seems to me you would have to include the US Government and the Russian Mafia on your list of potentially responsible parties.

New Jersey, The Home of Kiddie Porn.

March 22, 2007

It seems that many Bergen County politicians got up in arms about the last episode of the Soprano’s being filmed in Bloomfield, New Jersey, the home of Tony Soprano, but nobody in the state seems to care that Jersey’s is host to the Nation’s Kiddie Porn Industry. When you go to Aboutus.com, you see a screen shot of the very patriotic looking American Thumbs draped in the American Flag. You see immediately that the site is prominently linked to related domains involving use of the words teen, teenage, younger and Lolita. As explained by Agent Carter and the prosecutor these are key words in the Kiddie porn industry.

A trip to Alexa.com (owned by Amazon.com) global traffic rank for the past 3 months of 187,000 with .00083% of all the Internet users in the world visiting this site. Those are really impressive stats for any web site so Kevin Allen should be proud of his accomplishment in taking the industry by storm.

You can go to Netsol.com and do a whois search to find out the ownership and hosting of American Thumbs and I suspect the address and email are wrong. But if the name server is wrong no one would ever reach the site so let’s follow that path to find out who’s hosting this nasty little piece of work.

Network Solutions (netsol.com) lists reliablehost.net as the name server which needs to be accurate or no one would be able to reach the site and and it would appear that this was set up in September 2003. If you go to their home page you get no information with a time out error and a check with aboutus.com and alexa.com also end in dead ends. However, a check at webhosting.info shows that they host about 660 names and their total global reach is .0008% or the same as americanthumbs.com It would appear that all of their web traffic comes from americanthumbs.com

So who is reliablehost.net? Returning to Network Solutions, we find that they are their own nameserver, and contacts can be reached at dahi.net (we will return to dahi in a minute)

Searching for reliablehost.net was remarkably easy. There principle IP address in the Network Solutions database was traced using dnsstuff.com to choopa.com in Hazlet , New Jersey and of course all of the A records led to choopa.com as did the DNS report.

As an interesting aside, I checked the contact address provided at dahi.net which of course reverted to the same block of IP’s owned by Choopa.com

Now it would appear that Choopa really exists as a small web host with .0029% of the global market – Whoa – stop the press for the scoop. No wonder they are in bed with the kiddie porn industry, American Thumbs alone is ¼ of their total traffic and global market share.

Is Choopa really responsible for hosting americanthumbs.com? Well to satisfy my curiosity I did a “tracert” from the DOS prompt for americanthumbs.com and guess what? It went right back to Reliable Services c/o choopa.com – If simply owning a computer with kiddie porn on it is a crime, then facilitating the distribution is supposed to be a bigger one.

Now back to the myth about kiddie porn hiding offshore in disreputable lawless states beyond the reach of law enforcement. I grew up in New Jersey, the home of organized crime and Tony Soprano but never really believed that it was truly a disreputable lawless state.

Why aren’t the politicians screaming unless they have been briefed or are getting a kickback for silence.

Steganography & americanthumbs.com

March 22, 2007

Steganography (stego) is the art of hiding in plain sight. Most of us are so conditioned to urban legends and myths that if we started looking for the home of a kiddie porn sight so nasty, that a just looking at if for a few minutes is enough to get a warrant to confiscate the machine and search the owners house we’d start in the third world. So it’s expected that the search for americanthumbs.com would focus on the nether lands of Elbonia, Dilber’s mythical country. Of course nothing could be further from the truth.

Americanthumbs.com is a world class website. Among the 100 million websites in the world, it is ranked in the top 200 thousand or it has more traffic than 99.8% of all web sites. Not bad for an outlaw web site on the dark side of the force. Darth Vader would be proud.

Now the problem with that is big sites need big backbone access and that means that Elbonia would never work for Kevin Allen, AKA Keev. Now, I haven’t figured out a revenue model for this nasty site, There is no advertising, no pay per view or pay per entry and the average visitor clicks less than one additional page after entering, still that’s a lot of traffic to get which must be handled even if there is no profit motive to the site as previously mentioned.

Don’t Blame the Press

March 21, 2007

In the Julie Amero case, there was a strong condemnation of the press in their call for a witch hunt and a guilty person. I reread the newspaper articles on our case involving Chuck Stephano’s Kiddie Porn Trial and the reporter did an excellent job. He basically reported on issues as they were presented. Without malice, he presented a description of the technical arguments on both sides. He did not care that this was a debate between round earth advocates working for the defense and a flat earth advocate defending an ignorant point of view, he just reported the positions as they were presented.

In the case of the 500 horrible pictures, he made less value judgment than I have made in this blog. He simply stated that images of child pornography were shown to the jury. To many, that might invoke memories of those cute kids in the Calvin Kline ads who were half naked. Nothing could be further from the truth. These were pictures of severely abused children and still he made no value judgment.

I wish he had been more favorably predispose to our round earth theories, but all in all, Tom Eader of the Avis did a credible job of reporting on an incredible trial.

PS I managed to get a confirmation that the last post was totally correct. Not bad for telling the poor working folks side of the story.