Archive for the ‘malware’ Category

Independence Day

July 22, 2008

This case reminds me of the movie “Independence Day” where the space ship lays dormant for 50 years and all of a sudden jumps to life. Well, this hasn’t taken quite as long. I stopped writing in April and and nothing much happened with traffic dwindling down to 40 hits a day. Actually, I surprised it was that much with no new posts and Google content filtering there was very little reason for even my most devoted fans to come back. Then last week all hell broke loose on all fronts.

The lawyer for the defense called. He had a virus which he and his trial expert didn’t know how to get rid of. I mean, that’s sick. Here we have the trial of this century invoking the Patriot Act, Protected lying Federal witnesses, planted evidence and a mockery of a trial and the lawyer and his expert can’t protect a computer from a virus or get rid of it once it’s infected. The lawyer on this case is a fucking disgrace but that’s another story.

This provoked me to check my blog and all of a sudden I find my traffic has jumped four fold and I found the reason why. Apparently, the feds have a new tactic in kiddie porn prosecutions. instead of fighting my blog, they and Google seem to have embraced it as a weapon in the war on kiddie porn. When you now Google a kiddie porn site, I have commented on or even visit Alexa to find out about it my comments are well represented in the top 10. Actually, this is a smart move on the part of the Feds. Regular readers know that this blog has documented all the involuntary ways to get kiddie porn on your computer. But for true perverts, that defense is gone.

I mean, if you Google young-models.org and still go there after reading comments that the site is illegal, deserved to be nuked and is blatant born in America kiddie porn from the Federal Archives, you not only deserve to go to jail but deserve to go to hell as well.

A Final Chapter????

April 9, 2008

Dear Reader,

I am posting a copy of the cover letter for a package that I have sent to Judge Raymond Finch documenting Shannon Perkins perjury. Pretty much it proves what regular visitors to this blog already know: Federal Expert Witnesses lie to get a conviction, and the Attorney on this case is a fuck-up. Meanwhile Charles Stephano rots in Jail and the expert moves on to bigger and better cases.

The principle point I would like to convey to all is that computer evidence is not immutable when presented by the Feds. You can find evidence of keystroke loggers, spyware and shutdown programs. You can also find the trail of planted evidence. If you can explore all of this “secret information” at a trial and the expert lies to get a conviction, you stand an excellent chance of using the logs to find evidence of perjury and also setting up for a dismissal or retrial if you don’t win.

I will probably pass this along to CNN and the Electronic Freedom Foundation to see if they can bring this type of prosecution to the light of day. While it’s common knowledge in our community among Judges and Lawyers that Federal Experts lie, I believe the general public doesn’t even dream of how widespread and pervasive the practice is.

At any rate, I have worked on this for about a year and am bored with it. As I have unfortunately discovered; resistance is futile, knowledge is soporific.

Sincerely,

The FatSavage

PS I’m glad I’m old – it really does make it easier to cope with the Brave New World of electronic surveillance of all Americans

Google Dorking 4 Kiddie Porn

February 11, 2008

When you Google Dork for porn, you can never be quite sure of the result you will get and not all Google based searches are created equal.  Now while Google dorking for kiddie porn sites with one search I did hit the mother load of hundreds of sites where every page of 10 results had a warning at the bottom of the page that some pages had been removed because of kiddie porn complaints.  When I clicked on the complete URL, most pages came up dead ends or redirected to advertising content.  However, when I just put the main domain name in the URL locator, many of the sites showed suspiciously young girls with a disclaimer they were all 18 and many had a ucj cookie the sames as other “go to jail” type sites. Usually, a page would yield three  domains suspected of hosting Kiddie Porn.

I thought that the search was;

site:*/cgi-bin/ucj/

Now the reason I couldn’t initially repeat the experiment was because when I went back I tried to play it safe. I went to scroogle.org and did my annomyuous surfing only to turn up a list of crap domains which took you to them phony advertising dumps. Next, I used Firefox and killed all cookies only to get the same list of crap.

I tried Lynx on a live cd and got a very evil list but I was forced to yield to cookies to get in.  Well, once your screwed, you may as well go all the way.  When, I allowed cookies in the machine, bam I was back to the Mother of all Kiddie Porn Portals – straight from the fine folks at Google.

The only problem is they will have this search and my cookies on file until 2038 when it finally expires. 

You know you can trust Google to give you any result you want.  You just can’t do it annomyously.

Google Content Filtering!

January 27, 2008

Once again, I seemed to have pissed a lot of important people off. My site traffic dropped by over 70% and I was curious as to why. I had written a few insulting posts on Prosecutor Jill Trumbull-Harris (with a few more to come). Google lists one in the top ten, MSN has two, Yahoo is the top 3 and Ask has zero. Traffic is steady but weak and those who have a need can find the information.

Likewise I checked traffic and and rankings for young-models.org which is a kiddie porn site and had top ten listings in Yahoo, Ask and Google. Once again, I couldn’t see any evidence of content filtering.

Life got really interesting when I checked on youngerbabes.com! Now it seems once again, I got slammed with a huge drop in traffic on my most recent posting which coincided with a huge drop in Google referrals. The last time this happened, I had not yet figured out how to prove that it was content filtering. Now I am presenting the supportive mathematical arguments at tigerstail.wordpress.com

It’s not like I’m really opposed to content filtering. It’s pretty obvious that a manual on purifying uranium and building a nuclear weapon is not going to be online. On the other hand, why would anyone want to block a Christmas wish to Charles Stephano or warnings that youngerbabes.com is a really nasty kiddie porn site. (first blocked post)

Young-Models.org, Hack This Site!

January 21, 2008

If you are a true pedophile, this site is almost guaranteed to contain all the hashed kiddie porn Pictures from the National Archive of Kiddie Porn Picks. If your a Christian, Google has had four complaints that this site is a kiddie porn server and pages have been removed. My experience is a lot more personal.

At the trial of Charles Stephano, the expert witnesses all parroted the claim that anybody who Googled “young models” was probably a pedophile and as evidence, this site was one of many identified as having names which were designed to attract pedophiles. In this particular case they offered a direct link between a known and hashed (secretly marked) kiddie porn  image that was definitely served from young-models.org according to their experts.

Reasons to hack this site include:

1. It has been on-line since July 3, 2004 despite their being a bonafide kiddie porn server.

2. The Feds are aware of their being a kiddie porn server from Google complaints and testimony by federal agents at a federal trial.

3. This is purely an American invention from San Jose California.

4. Throughout the trial this site was on line and still is today.

5. It has some of the nastiest kiddie porn and and the ability to flood your system with more images than you can mentally process before pulling the plug. They end up in cache memory without you actually ever getting to see them.

6. They also dump machine crippling malware on the unsuspecting victim.

7. It is still online today and under certain certain circumstances you can still suffer the effects of 5 and 6.

8. Under other circumstances, you can get a controlled delivery of very nasty kiddie porn which really should be illegal.

This is a site with absolutely no redeeming quality other than it’s free so the dumb asses that run it can’t even claim a profit motive.

Free porn is truly a characteristic off a law enforcement honeypot run by Homeland Security under the Patriot Act.

Aboutus.org Kiddie Porn Portal

January 19, 2008

I love it when old standbys reinvent themselves and start sailing in uncharted waters. Seems that aboutus.org used to be a source of information driven by a community wiki. Now they are using their database to create Internet portals for businesses and the porn industry has the most to spend on self promotion. In order to appear non commercial, they are calling these categories “Category” and the syntax is

http://www.aboutus.org/Category:Your_Interest

So while I was doing a Google background check on a potential kiddie porn site I found a listing for

www.aboutus.org/Category:Cheerleaders

Now being the suspicious sort, I Googled Cheerleader and it was all Pro-football teams stuff and on the first few pages there were not many links to porn of any kind. So, I immediately clicked the above link and found 890 sites listed many with porn like names and quite a few with go to jail type names. I’m not sure how many were American made (I Checked and some were) and how many were promoting illegal kiddie porn (I Checked and some were).

Unbelievable the access to porn didn’t stop there. I noticed at the top of the page a link to Teens and took it only to be told that these were adult sites and I would have to be a registered user to find their names although I doubt that the sites could be worse than those listed under Cheerleaders. I tried “Porn” and entered another restricted area but then went to the list of go to jail search terms mentioned at trial.

www.aboutus.org/Category:Young_Models linked to 118 page reviews of mostly porn sites but

www.aboutus.org/Category:Lolita delivered the mother load of Kiddie porn with over 1200 entries. I never got beyond looking at the list as I had already seen enough with the Cheerleaders.

I wonder if Aboutus.org has figured out what this portal business is about.

My Apologies

December 30, 2007

I got the following email a month ago but as regular readers know, I am a little depressed about the lack of any real progress in the Stephano case. Actually, in terms of American Kiddie porn, there is some. Some of the government condoned kiddie porn has gone off line, other sites have been parked but new distribution channels have emerged. I have been doing a fair amount of technical blogging at Tigerstail.wordpress.com and discuss some of the technology of American kiddie Porn over there. Still, it would appear that I am helping a few who need help. Check the following email and response.

Hi!

I had contacted you earlier via different email account (or maybe was this same, been long time), but chicked out :/ Anyway, now since it’s been some time and I’ve got my head clearer, I thought I would just go ahead and ask what I was going to.Some background bs: some months ago I was at the pit of my life and desensitized to all normal stuff I made a stupid thing. I went to one site, and well… immediately exited it. When I searched the URL via google, I found your blog writing about it. So, in short my PC contracted some nasty shots and my IP got logged.So the question is: does getting rid of the HD the windows is installed in be enough to get rid of the ugly stuff in my end? Or do I need to trash basicly the whole computer? And can they really throw somebody to rot in jail just because their IP was logged somewhere where it was not safe to be logged?I have since found healthy things to dedicate my life to, I don’t want to see those things gone 😦 I know you probably don’t care, but I was almost 180 degree different person back then and in my angst didn’t think anything could be worse than it was already. I’ve changed my ways and hope the society has bigger things to worry about.

Thanks for your blog, it has been a great resource!

Well, you’re right about my apathy towards your personal suffering which I am not qualified to help but I do care about your right to suffer privately without the government monitoring your non-violent actions.

The chances of them arresting you for some pictures on your hard drive are zero to none unless you have some other strange interests. I mean if you are pro-al Quada, like building bombs and have a gun collection and read up on high school massacres, it is easier to convict you of being a pervert by loading up your machine with weird shit and labeling you a sexual predator than it is to convict you of being a deranged and dangerous subversive.

With that in mind, the charges usually stem from possession of images and if you have no physical printouts or an old hard drive with erased images, you are somewhat safe for now. HOWEVER, your motherboard and operating system have been tagged and if you ever return to the dark side, they are already watching you.

If you have weird political beliefs and search weird subversive terms you will get hit with a shitstorm of kiddie porn you never asked for or wanted, your machine will be shut down and if you try to get it repaired at a repair shop you will be reported to Homeland Security as a pedophile. It is easier to convict you of being a disgusting pedophile and the term sex offender will follow you the rest of your life so the whole world will be watching you. Even the terrorists won’t want you as a member for all the attention you bring.

PS. I never got your first email, Big Brother really is watching me and you to protect the world from freedom of thought.

A Happy and prosperous New Year to All.

Thought for the Day. Is George Bush keeping Osama Bin Laden alive so there is a visible enemy to fight and the profits of war to harvest?

Saints Preserve Us!

Merry Christmas Chuck Stephano

December 18, 2007

When you first meet Chuck (Charles Stephano), it’s easy to characterize him as a jolly old elf. He has a constant smile, a twinkle in his eye and even plays the old man in the annual Christmas presentation of The Nutcracker. He goes to work, has a cocktail after work and has never violated a law of the Virgin Islands. He is a veteran who relied on the Veterans Administration for his health care because he is crippled by arthritis. So it’s hard to imagine him being incarcerated in a Federal Penitentiary in Puerto Rico for an indeterminate term.

Repeat, he is being incarcerated in a Federal Penitentiary in Puerto Rico for an indeterminate term.

I know that that’s illegal under the constitution but he has been held in jail for nine months without ever receiving his sentence. He has not been sentenced because he has not yet had his right of appeal. He has not had an appeal because the court has never published the transcript of the trial. His lawyer is not pushing for a transcript because he is not being paid for the appeal.

He has been their so long and had so few visitors that the Feds have moved him to the second floor despite his difficulty of going up and down stairs. They have stripped him of his social security as a prize of war and are harassing him for the couple of months that he got to keep because even they thought he had a right of appeal.

It’s really sad that computer crimes in the territory do not get the publicity of those in America. This case was built on prostituted witnesses who lied at every opportunity about every aspect of malware and all the pictures that he was charged with were online at the start of this blog 3 years after he allegedly downloaded the material and all was being published in America.

It’s really sad that legal precedents established in the Territory become the law of the land and no one notices the change. It is also unfortunate that the poetic rulings of our past are meaningless. Who has not heard justice delayed is justice denied. This man has not had his right of appeal and remains in jail. Surly if you have read my blog, the prosecution won this case by eating the fruit of the poisoned tree which is supposed to be another prohibition in law.

I fear that this blog has actually hurt Charles Stephano’s chance of release. In analyzing the evidence and the logs and showing how corrupted the evidence was, I’m sure that that the Feds fear the appeal because if we win, it would force reevaluation of every other kiddie porn conviction. They have stopped prosecuting these cases in the Territory because they know I will attend if their is no physical contact involved.

Honestly, I believe that Chuck will die in jail without ever being sentenced or get an offer of release if he abdicated his right of appeal. Therefore, there will be no judicial review of the evidence and this type of crap can be used over and over in the rest of the nation.

Just so fucking sad that this is supposed to be America and no one cares.

Merry Christmas.

Halal Porn or Phishing??

October 9, 2007

When you go fishing, you cannot see below the surface so you are never quite sure what you will catch. Likewise when you go phishing for intruder information you never quite no where it will take you.

When I looked up 198.65.147.194 on dnsstuff.com I found:

No PTR records exist for 198.65.147.194.

When I looked it up on netsol.com, I found that it was part of a huge block owned by NTT America.

It was only when I put the IP in my browser URL locater that it took me to IslamOnLine.net.

However, it gets more interesting, when you put IslamOnLine.net into the URL locater, I get two IP’s connecting; The one above and another which easily traces to IslamOnLine as it should. In fact, the one that has no record doesn’t actually connect to IslamOnLine.net but to:

http://198.65.147.194/english/index.shtml a duplicate of IslamOnLine.net.

Now the use of an IP in a cloned site is characteristic of a phishing scam but the question remains as to who is phishing for what. As previously reported, this site connects to the Internet by way of “unknown.dn.net”. A check of the name server for dn.net shows two widely varying IP’s for ns1 and ns2 but both appear to be operating off the same physical machine so it’s a good bet that anything they are serving is part of the same physical network. There is absolutely no information available when you Google “unknown.dn.net” but a check of dn.net shows that they are also the name server for iranlifestyle.com and teenthumbs.com

I must admit I have very little interest in the new Iranian Lifestyle but I just had to go and find out what a go to jail type website like teenthumbs.com had to offer. Utterly amazing this site is a clone of Femalesex.com, Naked.com, raunchy.com, and orgie.com which all rely on cnomy.com for their pictures and javascript as does teenthumbs.com. Regular readers will recognize that after I was tagged by Carnivore, femalesex.com offered links to child sexual abuse and Arab porn.

So is it an accident that both IslamOnLine and Teenthumbs connect to the Internet through the same feed and Muslims really are spying on me?

Or, is the phishing site really a Homeland Security Honeypot spying on all Muslims who visit IslamOnLine.net inorder to offer up kiddie porn and Arab porn to anybody they find guilty of seditious behavior.

PS For those who don’t know, Halal are lifestyle rules similar but more inclusive than Kosher but trying to figure out what’s Kosher about http://198.65.147.194/english/index.shtml and teenthumbs.com will probably take more time than I care to invest.

IslamOnLine.net, Holloween Terror?

October 9, 2007

Let’s start with one fundamental fact, this site (198.65.147.194) was linked to my computer as an uninvited guest. I started cold, monitored my traffic and went to one site alone, my own.

Bam, as soon as it started loading, they came as a hitchhiker and got past all my antivirus and malware protection. I haven’t figured out why they were there or what they wanted but this is a very spooky visit from a very spooky site – just in time for Halloween.

Why is the site spooky? Because I don’t know who they are or whether they are friend or foe. I know they can’t be my friend or they would have never been connected to my machine without my invitation or permission. As to friend, in the world of domestic spying, it’s hard to figure out what a friend is.

IslamOnLine is a moderately conservative Islamic site that wrote an article about Western dress in Nigeria equating it to a return to tribal nudity. Another articles quotes Jimmy Carter that their is no genocide in Darfur. And my favorite is a self reported article on themselves claiming that they present a moderate interpretation of Islam and “It is the most famous website in the Muslim world.” They acknowledged in that article that they write different content for Arabic and English.

Alexa.com uses the following description: The first interactive portal offering an in-depth look at Islam, Muslim societies, and the world through Muslim eyes, featuring information on current events and discovering Islam. IslamOnline.net is an independent and balanced media…

The site uses two different IP’s one for the English version one for the Arabic version. There is a big crossover between the two with much of the member area and email in Arabic.

Of course I ran a traceroute and located the English site in Washington ,DC, off a “unknown.dn.net” feed. Now that’s not indicative of much because every country on earth has spooks in Washington, DC. (The Men in Black were in New York City, home of all alien freaks!) The Arabic version traces to London or possibly Amsterdam.

Now what’s spooky about the site other that they are invaliding my privacy is that it’s hard to find accurate information. Prior to March of 2004, the waybackmachine shows it’s a Japanese language site (HUH!). After that the waybackmachine breaks down as there is always an automatic redirect to the current issue. It is impossible to see there earlier stances on issues and it’s as if their Islamic Fatwas were issued for time immortal without contradictions. There is absolutely no need for revisionist history because there is no history.

Another puzzle is that quantcast.com ranks this site only slightly higher than this fatsavage blog whereas alexa.com ranks the site in the top 500 of every conceivable Muslim Nation and in the top 10000 in the US.

In essence, I don’t know what they believe today or yesterday, I don’t know how popular they are, I don’t know how different there messages are in Arabic and English. All, I really know is they are attached to one of my machines and invading my privacy.

Before Muslims gloat and patriots cry about domestic spying capabilities, I also know that there are only two degrees of separation between this site and a kiddie porn – cop honeypot but that’s another story.