Troll Update

Friday’s Troll attack on TBP generated some fascinating stats.

Number of attempted comments:  212
IP Addresses used: ~60
Names Used: 12

Kudos to Movable Type — once I labeled his comments as spam, their
system very quickly identified the pattern and eliminated 95% of them prior to their showing up on the blog.

In addition to Nostradame, he also used Panzner’s and my name, as well as others he pulled off of comments list in an attempt to hide his identity (anyone accidentally banned or deleted, please let me know).

The Nostrodame troll had IP Addresses randomly assigned, through a corporate, or more likely, a University network. But these addresses aren’t truly random — they are all assigned via the broader ISP trunk, and are readily traceable. And because he used so many IP addresses, its a simple matter to track down the school. In fact, my IT guys tell me they can identify the precise dorm room it came from.

And trying to post over 200 comments was probably via an automated system. Still, manually punching in 200 captchas, only to see them deleted moments later must involve an extraordinary lack of anything better to do. Who is that bored or has that much spare time? Amazing.

Anyway, the upshot of it is that Typepad has initiated an investigation. Their security personnel and lawyers will determine if its prosecutable. I’m not sure if being an asshat is technically a crime, but because
of the systemic automation, my IT department tells me it could be.

Regardless, the behavior surely violates any University’s code of behavior. Wonder what they are going to do when the data and IP addresses are turned over  . . .

Nostradame — I had fun! I hope you did too!

>

Spam Comments from Nostrodame

Asshat_w_small_penis

Print Friendly, PDF & Email

What's been said:

Discussions found on the web:
  1. Karl K commented on Apr 12

    Barry, if Dante were alive today, he would find a special circle in hell for the spammers and sockpuppet trollers of this world.

    I may not always agree with you, or some of your commentators, but I defend the right of you to do everything you can to prosecute these folks to fullest extent possible.

    Go get ’em!!

  2. matt commented on Apr 12

    What a loser. When you find the dorm, let us know so someone can try a college prank like pennying his door :D

  3. Billy Shears commented on Apr 12

    I hope he gets expelled from school, what a jerk. Of course, if he’s busy spamming, he isn’t studying, so he’ll have to resume his operations from his parent’s spare bedroom.

  4. Billy Shears commented on Apr 12

    I remember the penny trick in the dorms….worked like a charm! Unfortunately, there was payback…

  5. Max commented on Apr 12

    Hunting trolls is fun and easy.

  6. No_Bear commented on Apr 12

    Some years back I worked over some Internet thugs with a civil action based on an old theory called trespass to chattels, which is recognized in a number of jurisdictions. Intellectually interesting, but probably not worth the effort.

    It is surprising how much spare time some bozos have to waste.

  7. John Borchers commented on Apr 12

    It is a crime because of the malicous intent to disable or otherwise harm the normal system.

  8. Mark E Hoffer commented on Apr 12

    BR,

    you may consider publishing the, further, identification of yon’ troller, in the interest of providing additional market clearing information v. the actions taken by the, various, responsible parties..

  9. Ross commented on Apr 12

    TALL TREE………..SHORT ROPE.

  10. crack commented on Apr 12

    Nice alternate text.

  11. Timothy Sykes commented on Apr 12

    I’ve got plenty of trolls but you don’t waste valuable blog space on them

  12. Deborah commented on Apr 12

    Blog stalking… Is that celebrity status or what?

  13. stevesliva commented on Apr 12

    I had way more free time in college. And high speed internet. Those were the days.

    Kind of a weird choice of targets, though. Smart enough to find a good blog, dumb enough take offense for comment moderation?

  14. Mongo commented on Apr 12

    Good for you, Barry.

  15. yoshi commented on Apr 12

    In consulting for clients about information security I sometimes get the following question “if you can’t break into it then its secure right?” – my usual response is “no i have a life – i am not a bored 13 year old in [detroit,russia,india,china, etc] with nothing but a computer, time on my hands, and a doubtful future”.

  16. maximo commented on Apr 12

    Here at Johns Hopkins they will expelled you for the folowing:

    c. Harassing others by sending annoying, abusive, profane, threatening, defamatory, offensive, or unnecessarily repetitive messages, or by sending e-mails that appear to come from someone other than the sender.

    Inded, you have to be a real punk to do it.

  17. km4 commented on Apr 12

    ah how sweet KKK Karl is also a suck up…
    How many pairs of kneepads do you go thru in a given mo. ?

  18. maximo commented on Apr 12

    Correction: Meant to say Indeed!

  19. bluestatedon commented on Apr 12

    I’m 100% in favor of identifying the school, the dorm room, and the loser who should have been studying for his basketweaving exam.

  20. bluestatedon commented on Apr 12

    I’m 100% in favor of identifying the school, the dorm room, and the loser who should have been studying for his basketweaving exam.

  21. esb commented on Apr 12

    BR:

    For those of us who are not IT geeks or nerds and who are somewhat or completely lost regarding what you are saying happened here perhaps a detailed and very basic explanation would be desirable.

    You seem to be saying that someone posted several hundred identical entries using different email accounts over a short period of time using some manner of automated software that opened the email accounts and performed the posting.

    Is this the new version of the “all caps” post?

    Why not just remove the duplications so that only the original remains … perhaps your own automated software can do that at all times.

    What was the original “pre-duplication” post anyway?

  22. esb commented on Apr 12

    BR:

    I notice that the two posts immediately above mine of 8:14:06 are duplications.

    Is this a (small) example of this process?

  23. Bob A commented on Apr 12

    Most likely some kid or hacker paid by someone who didn’t like being exposed as a buffoon or fraud… guess you gotta expect that.

    I wouldn’t suppose you could track the down any more than you could track down whoever sends me the five-ten via gra spams every day.

  24. mat commented on Apr 12

    hope he is not french, though his troll name. or i would be ashamed. France could want to join your action ;-)

  25. mat commented on Apr 12

    oh, would it be that the troll sees himself as a kind of heir of the Quasimodo of Notre Dame ? ;-)

  26. Winston Munn commented on Apr 12

    No doubt a “rogue troll” from a respectable banking institution.

  27. judyo commented on Apr 12

    Call in his/her student loans!

  28. Wade Black commented on Apr 12

    may his/her portfolio be fully invested in First Marblehead or Thornburg

  29. Nostradame commented on Apr 12

    It took me only 10 minutes to set it up. I am rewriting the code to make the hits more responsive and quickly adaptive to their ridiculously primitive Movable Type (Let me know if you want me to repeat the show, it will keep you attached to your computer 24-7, maybe I should do it because you have never apologized. I am too nice to you). Typepad is a very weak platform. I cannot believe you are using it. I think you are also paying for it. What a waste of money! WordPress is a hundred times better written, more secure and free. (NYT and WSJ use WordPress)

    Your IT department is a bunch of clueless morons (fire all of them and hire someone who knows the field). They do not have a clue or they are giving you bologna. I did not use any University based PlanetLab or CoDeeN system. I am not stupid.

    Typepad can investigate what ever they want. Their security personal cannot add 1+1 but you think they can trace it. There were no laws violated at all (Typepad’s lawyers are a bunch of illiterate high school drop outs, they need to pass the bar exam first, I doubt they can pass the exam without knowing the first amendment), it was not spam. This is a public blog (it is not a private blog or private email account, you did not secure it with a password and you did not restrict it). Moreover, I guarantee 100% they cannot trace anything. Do you want to make a bet they cannot trace it? Lets each of us put $100K in an escrow account and make a bet that those dorks cannot trace it.

    Here are the real stats from my program (proving that your IT department is a bunch of morons):

    240 hits over 24 hours
    58 completely different IP addresses coming from 32 different countries (none of them from any University)

  30. pmorrisonfl commented on Apr 12

    Nostradame – go back to Slashdot!

  31. Winston Munn commented on Apr 12

    I was wrong – a rogue asshat.

  32. Barry Ritholtz commented on Apr 12

    BTW, the new redesign happens to be on WordPress.

  33. SINGER commented on Apr 12

    yo…that guy is cool…NOT!!!!

  34. N_o_s_t_r_a_d_a_m_e commented on Apr 12

    Yep, WordPress 2.5 new version was released last week and there are more than 1000 free fantastic plug-ins giving additional amazing functionality as needed.

    WordPress is both free and priceless at the same time.
    http://wordpress.org/

  35. Shane commented on Apr 13

    If you think you are doing Barry a service . . . why don’t you get a real job . . . or start up a company of your own that for a FEE and WITH THEIR APPROVAL would test their security. Otherwise your just being a punk and a doing a disservice to society.

    As a Master student in ECE, if you think you’ve got such skill, then doing this crap is a horrible waste of talent. If you have such skill you’d actually be able to get hired on by a security company and would be making tons of money . . . otherwise you’re just some two-bit joker who is a menace to society.

    Trust me kid . . . in the real world companies don’t give a rat’s behind that you were some hacker, or pwned a blog . . . they care that you know your crap, work hard, and can help their bottom line.

    So instead of hacking a blog, why don’t you get a 4.0 at a great University, get involved in the field of internet security, get a job, and make something of yourself.

    Otherwise . . . have fun living in your mom’s basement for the next 10-15 years.

  36. Sherman McCoy commented on Apr 13

    I find this awfully funny. Generally I’m a big supporter of Barry since he is so anti-Establishment. But in this case, he seems to be the Establishment. So I’m tempted to root for the spammer.

    I have to admit too that a sense of revenge and the virtue of drive are both admirable qualities. Not to mention technical know-how. Hmmm… both parties seem to excel in these categories. Could this turn into the 21st Century version of Willie E. Coyote and the Roadrunner?

    I think the WOPR that Matthew Broderick hacked into some 20 years or so ago has some good advice: “The only way to win is not to play.”

  37. maximo commented on Apr 13

    If this guy is as smart as he claims to be then I have to say he is wasting his talent and time. What a lack of creativity as well. Go after someone evil like Wal-Mart, Microsoft, Google, or the Chinese Interior Ministry.

    Don’t be a jerk to someone like Barry. So what if he monitors his blog. Name someone who doesn’t protect the integrity of their virtual space.

    Actually, come to think of it you might be a Google reject or Microsoft wash out.

  38. Trainwreck commented on Apr 13

    Keep posting the truth Barry. Keep beating that drum.

  39. Pat G. commented on Apr 13

    “I’m not sure if being an asshat is technically a crime,”

    I think that would depend on what position or level you held. And whether or not your decisions (as a asshat) influenced alot of other people’s lives.

  40. Philippe commented on Apr 13

    Should he be French let him find his Esmeralda! but I am afraid he is not Victor Hugo when reading his title:)

  41. bugly commented on Apr 13

    Lemme know what dorm room he’s in and I’ll send him a dunce cap.

  42. Nihilism commented on Apr 13

    OK, I’ll bite. What is so inherently good about being anti-establishment? And what is so “good” about being a hacker? Didn’t your mommy and daddy love you when you were a child? That’s OK, you can tell us all about your unhappy childhood.

    All of us can do things we know we shouldn’t do. So is there a point, or is it just a mental problem thingie?

  43. steve commented on Apr 13

    Just because you can doesn’t mean you should.

    I understand that the drive for status is a all consuming affair, but what’s the result. Do you want to be the governor who doesn’t love his wife? How about the hedge fund manager in his isolated mansion? Or the pro athlete that can’t walk without pain when he is 40?

    There is nothing wrong with success, but true success comes from cooperation and not from competition. In war, business or life. Become the next Marc Andreessen and move the ball forward.

  44. Kris Tuttle commented on Apr 13

    To paraphrase Patton Oswalt it often seems that scientists and technologists are “all about coulda, not shoulda.”

  45. Kris Tuttle commented on Apr 13

    To paraphrase Patton Oswalt it often seems that scientists and technologists are “all about coulda, not shoulda.”

  46. alexd commented on Apr 13

    I think the worst part of the problem is that Nostr. is off topic. If your so smart why don’t you add some unique insight to the topics covered by the blog?

    That would be stepping up to the plate, rather than throwing crap at the umpire.

  47. DavidB commented on Apr 13

    What is so inherently good about being anti-establishment? And what is so “good” about being a hacker?
    Posted by: Nihilism | Apr 13, 2008 5:47:21 AM

    because you asked….

    there’s nothing much good about being a hacker. Just because you disagree with something doesn’t give you the right to shoot someone or damage their space when you have the power to change things and most hackers have the brains and talent to change things. Besides, putting out grief only earns grief with interest. We reap what we sow no matter how justified. I like to turn my frustration into fuel in order to make the world I see and interact with that much better. It is better for the gut that way. I’m beginning to get addicted to that feeling of respect I am given when I head to work each day. It only took about 20 years to build

    With that being said, I can’t endorse a world system myself that starves 50,000 innocent children every day for lack of less than about 1% of world GDP

    And save your justifications. I’ve heard them all before. 1% is pocket change for all of us. We’d do it for a loved one in a second. Yet most are too busy loving themselves and the rolls that will be in the junkyard or used car lot soon after the 3rd world kid is dead

  48. cinefoz commented on Apr 13

    And I thought I didn’t have much of a life. This goofball is from another planet. At least I have a purpose for writing when I choose to, but freaks like him make this place totally unappealing.

    BTW, I just finished ‘The Trillion Dollar Meltdown’. It’s a fast read and a great explanation of the current financial problem. I highly recommend it, especially to those who only see gloom in the form of shadows. This book will add substance and, hopefully, raise the level of pessimism here to knowledge based pessimism.

  49. brion commented on Apr 13

    testing testing….
    i wonder if nostradamnus is the troll who would post under my screen name occasionally…

    He seemed like a right winger (wanker?) Bushler youth type.

    find him and prosecute.
    Blog about it. Put the fear of god in some of the internet’s more feverish fascists.

  50. stckpkr7000 commented on Apr 13

    Most hackers were pathetic little kids who didn’t and can’t seem to find a fit in society…. They are screaming for attention and probably struggle in the REAL world…. Poor pathetic little nerds! Borderline trench coat types…….. I guess the little geek is getting his wanted attention……..Pathetic!!!!!!!!!!

  51. squeezed commented on Apr 13

    “Most hackers were pathetic little kids who didn’t and can’t seem to find a fit in society”

    Actually hacking is the largest black-market industry on the planet. It is believed that there hackers who control botnets with millions of zombies. It is estimated that the best hacker rings gross billions and operate under tacit governmental support. Its a statistically certainty that some of you are posting from root-kitted zombie computers.

    http://www.computerweekly.com/Articles/2008/04/11/230252/rsa-2008-american-public-ignorant-of-botnet-threat.htm

    http://www.darkreading.com/document.asp?doc_id=150292

    The best way to protect yourself:

    http://www.nsa.gov/selinux/info/faq.cfm#I1

  52. l33tf00l commented on Apr 13

    I remember years ago when blogs first started and Google was still a real search engine (albeit with a butt-simple algo that was ridiculously easy to crack). There was a bot that would use Google to search for mt-comments.cgi and then cache the results and visit each page and leave predetermined links/blurbs/etc at the rate of 5000 blogs per hour.

    The whole cause of all those poor bloggers pain wasn’t some evil 13 year old kid. It was because the difference between being on the front page of Google and anywhere else was the difference between making $500/mo and $40,000/mo.

    Because the Google algo was so easy to figure out, all the ecommerce guys knew they HAD to have as many links with the right keyword text pointing at their sites as possible.

  53. Mikey commented on Apr 13

    It is estimated that the best hacker rings gross billions and operate under tacit governmental support.

    Do the Free Masons have anything to do with this?

    Clearly this poor fuck just needs to get laid. And unfortunately, apart from their lack of social skills, many of these hack3rz are far less smart and more traceable than they believe themselves to be.

    BTW Barry, great blog.

  54. donna commented on Apr 13

    Spammers suck.

    They make me long for the days of the Arpanet and the early Internet, when everybody knew your name, and the flame wars were so much better…..

  55. Dervin commented on Apr 13

    He’s not a Hacker, nor a slashdotter, he’s a script-kiddie.

    Hiding one’s IP address takes about 10 seconds. Rerouting takes about 20. He probably downloaded the code from some message-board.

  56. Simon commented on Apr 13

    Well if this is a “World or American elites” sponsored attack on good information from informed sources I am very sad about that and that they can do it.

  57. paul commented on Apr 14

    the isp / uni most likely will not give out his information

    you alone cannot trace it to a specific dorm room, only the uni can match the logical location to the physical location, unless of course, you have obtained that information

  58. Rock commented on Apr 14

    DavidB. I live in a 3rd world country.
    I see what you talk about everytime I
    leave the subdivision that I live in.
    I see kids begging for money, starving
    and diseased dogs on the street.

    We can throw money at the problem. But
    I believe most rational people would object
    to paying for someone else’s joy-joy or
    supporting their family. I believe you
    shouldn’t have kids you can’t feed and/or
    won’t be able to find meaningful jobs.
    It sucks being a child of these parents.
    Perhaps the government should do family
    planning. My wife is one of six kids.
    Her sister had six more kids.

    There are so many people saying that
    the US shouldn’t be the world police.
    I don’t think we should be world’s
    nanny either.

Posted Under