Monday, April 18, 2005

Find the trolls commenting on your Blog

Introduction

Reverse Engineering is a technology of analyzing the source of the object dismantling it, finding the weakest part of the object, changing this part to serve our needs and reconstructing the object to it’s former shape again. Doesn’t matter the nature of the object it can be a car, software or even in the present time a human being (think about “stem cells”, "cloning" and "Plastic Surgery").

Our technique will not be a much deferent than this and it’s the simplest form of Reverse Engineering, we will use it to discover trolls hiding places. There are two ways to do this the somple one and the hard one but I will stick to the simple method

Now enough bla bla and lets see how this works

Why we love birds?

Our workshop will very simple all we need is an email agent called Thunderbird, you may ask why Thunderbird? The beauty of thunderbird is, it gives you a full details about the senders with a link to “Whois” system to find out where the sender is living, which ISP he is using....etc.

The theory is and I will speak from a point that your blog setting is (you will get an email from every comment on your blog) so we have a part of the object (in our case the object is a Troll) so we will dismantle it and find out the weakest part in it (remember!!! Reverse Technology!! In our example Thunderbird will do the work for us). If you have those information compare it to other (comments=Emails) to find out who is the troll.

If you need more information about the troll consider using Infosyssec, just put the IP number in IP-Range DNS Query hit Submit and....... Rock The Kasbah

13 Comments

#4/19/2005 03:50:00 am Assalam Aleikom Anonymous Anonymous

sounds like an interesting plan, but what if the person was smart enough to use a computer in the lab at his college? or the computer at a public library or internet cafe? and if you dont find this person, what are you going to do? its not likely that he lives in your country and there are few laws regarding the internet. seems like a pointless waste of time to me.

John

 
#4/19/2005 03:55:00 am Assalam Aleikom Blogger Ahmad

Ladybird,

You forgot that the email will be sent through Blogger Server rather than the user ISP Server!

So, unless you get his/her IP address (e.g. using a comments system that logs the IP address), you can't track the troll.

 
#4/19/2005 12:48:00 pm Assalam Aleikom Blogger cile

Electronic Frontier Foundation Media Release
EFF Releases How-To Guide for People Who Want to Blog Safely and Anonymously

San Francisco, CA - With the privacy of bloggers and their news sources coming under fire in the court system (see, e.g., Apple v. Does), it's crucial that web writers know how to express themselves without risking their jobs or social lives.
Yesterday the Electronic Frontier Foundation (EFF) released "How to Blog Safely (About Work or Anything Else)," a How-To guide for bloggers worried about protecting their privacy and free speech.
The guide covers basic measures people can take to keep their blogs anonymous and explores what the law says about discussing work-related issues online. Some advice is common sense; for example, don't post a picture of yourself if you want to stay anonymous. But for bloggers who want strong guarantees of privacy, EFF suggests using technologies like Tor or Anonymizer to prevent your blog-hosting company from logging your computer's unique Internet Protocol (IP) address. Bloggers who fear they could be fired for blogging are also given an introduction to laws that prevent an employer from punishing them for speaking out online.
"There is a lot of misinformation out there about the ways people could get into trouble for blogging," said EFF Policy Analyst Annalee Newitz. "We hope advice about online anonymity and the law will help more people engage in free expression without living in fear of reprisals, legal or otherwise."

How to Blog Safely (About Work or Anything Else)http://www.eff.org/Privacy/Anonymity/blog-anonymously.php

Apple v. Does
http://www.eff.org/Censorship/Apple_v_Does/
For this release: http://www.eff.org/news/archives/2005_04.php#003506

About EFF
The Electronic Frontier Foundation is the leading civil liberties organization working to protect rights in the digital world. Founded in 1990, EFF actively encourages and challenges industry and government to support free expression and privacy online. EFF is a member-supported organization and maintains one of the most linked-to websites in the world at http://www.eff.org/

 
#4/19/2005 01:59:00 pm Assalam Aleikom Anonymous Eddy

There is also the problem of open proxies, which email and irc servers are capable of dealing with, but the average web based comment posting system typically has no hope of dealing with.

 
#4/19/2005 10:59:00 pm Assalam Aleikom Anonymous Anonymous

i agree with everyone else here, it isnt likely this person will be caught. i think the most hopeful plan would be to spam mail blogger and ask them to change the way people can create the same name as each other. this is so weird and im not sure why they allow that. perhaps if enough people complain they will make it impossible for a person to use the same name as another.

John

 
#4/19/2005 11:15:00 pm Assalam Aleikom Blogger ladybird

Ahmed
Does not matter if the troll commenting behinde Blogger server or from a spaceship he still leave his IP behinde

 
#4/19/2005 11:40:00 pm Assalam Aleikom Anonymous Eddy

Ladybird:

On the other hand, even if you have the IP he's currently using, what will you do with it? The police for example won't help because they get too many of these very problems, and also because they get too many false reports. Imagine if the troll got your IP and told the police that you were trolling him.

The IP is still useful for certain things though. If you find one day that a friend is emailing you from an IP that is wildly different from the other IPs that they were using, be careful of that email.

The one thing that trolls never seem to get right is that every person has their own way of speaking that nobody else can emulate. That is nearly always the best way to find them.

Eddy.

 
#4/21/2005 01:32:00 am Assalam Aleikom Blogger richsanter

This comment has been removed by a blog administrator.

 
#4/21/2005 08:10:00 am Assalam Aleikom Anonymous Anonymous

i think its pretty childish to removed posts just because they disagree with your views. there was nothing vulgar about what i said....so whats the big deal? i didnt know this was a communist blog controlled by the all powerful administrators. and you people wonder why nobody pays attention to this lame site anymore? its because of who is running it.

rich

 
#4/21/2005 08:49:00 am Assalam Aleikom Blogger ladybird

Rich
I didn't removed, it was removed before I read it.
one more thing, you are right about this blog and nobody visit it any more if you noticed I rarely post ot write on this Blog because it bother me that it been used by other bloggers to advertise their blog entries and gain visitors. so IBC lost it's main functionality.

 
#4/21/2005 04:21:00 pm Assalam Aleikom Blogger emigre

Richsanter and Ladybird

Here is Richsanter's comment as it originally appeared;

"i think "reverse engineering" is a great idea, but has no correlation with this problem. only a jackass that went to one semester of college, then dropped out, would think this is a genius idea. It's lame and stupid and won't work. i come to this site to see peoples opinions, not to have a "workshop" on finding someone. Some of you people are just as immature as the person doing the vulgar posts. grow up" - by richsanter.

As far as contibutors posts go - people post what they feel like, that's the way it's always been. If someone feels like posting links to other things they're writing - fine. If someone feels like posting about trolling - fine. If someone feels like telling a troll where to go - fine.

 
#4/22/2005 08:34:00 pm Assalam Aleikom Anonymous Eddy.

To be fair, I think that where richsanter is coming from isn't entirely clear.

The term "reverse engineering" has its origins in computer science, and ladybirds definition seems to be correct except for some key misunderstandings.

You see, reverse engineering a car for example is taking it apart and using the information garnered to reconstruct the factory and the process that made the car.

In computer science, reverse engineering is using the information contained within an executable to reconstruct the source code. This is one of the most highly skilled aspects of computer science, rather than being a tool.

Finding out who sent an email using the method ladybird describes does involve some deconstruction, but finding the IP is better described as "garnering".

The real issue I think is that computer science people tend to get peaved when important terms are misused. Terms like "hacker" have been redefined or become meaningless due to misuse.

 
#4/23/2005 11:22:00 am Assalam Aleikom Blogger Mad Canuck

Ahmad makes a valid point - this method won't work for troll-hunting.

There is a bit of a tradeoff between Blogger and Haloscan. Blogger gives you the ability to force people to login, but Haloscan logs the IP address of every commenter. Then, do a lookup at ARIN to find out which ISP the address belongs to and send an email to their "abuse" mailbox. Or, you just post the IP address of the S.O.B. and let your other offended readers do the dirty work (like the Iraq the Model guys have done at times).

A couple of things to note:

1. In order to get the ISP to terminate the troll's account, you need to demonstrate an activity that goes against their acceptable use policy (hacking, spamming, etc.). Simply expressing an unpopular opinion won't cut it.

2. If the commenter is from Iraq, this gets more complicated. Most Internet access in Iraq is via small ISPs uplinked via satellite, and thus, when you trace an IP address, it often looks like it is coming from another country (wherever the other end of the satellite connection is): some Iraqi bloggers I know appear as coming from Lithuania, and some from Lebanon, for instance. In fact, I've never actually seen an IP address that shows it coming from Iraq!

Shawn.

 

Post a Comment

Links to this post:

Create a Link

<< Home

This page is powered by Blogger. Isn't yours? Weblog Commenting by HaloScan.com

Site
Meter