Final Post

No – I’m not dead yet!!

This is a final post at Tigerstail.wordpress.com because I am tired of seeking knowledge and bitching about that which is. It is time to use my skills to develope the solutions to all of the problems I have discovered.

Join Me at jimmicap.wordpress.com

Vista Blue Screen of Death!

Did you ever wonder what Microsoft personnel call the world famous “Blue Screen of Death.” Well at least one programmer must have a sense of humor or submitted the following error message as a resignation.

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.0.6000.2.0.0.768.2
Locale ID: 1033

Additional information about the problem:
BCCode: 1000007e
BCP1: C0000005
BCP2: 8B0CAB9F
BCP3: 87599BA8
BCP4: 875998A4
OS Version: 6_0_6000
Service Pack: 0_0
Product: 768_1

Files that help describe the problem:
C:\Windows\Minidump\Mini021908-02.dmp
C:\Users\USER\AppData\Local\Temp\WER-46332-0.sysdata.xml
C:\Users\USER\AppData\Local\Temp\WER43C3.tmp.version.txt

Read our privacy statement:
http://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0409

The biggest improvement over Windows 98 and Windows Me is that the Blue Screen is a quick flash before the computer goes dead whereas in the old days it would stay on your monitor to torment you. None of my friends can recall a blue screen effect with Windows XP SP2 so Vista must be engaging in a nostalgia trip.

GSI 4 Firefox – Cool Tool!

Sometimes you trip on Browser add ons that are a fantastic idea. I mean you hit a site you want to explore and you can click the page links, get lost and never explore both the depth and breadth of the site. You may leave without finding what you want. What the Google Site Index does is draw a site map based on Googlebots knowledge of the public area of the Web site. Now certain cites like youngerbabes.com and young-models.org (which can’t be searched with the site command) cannot be indexed. Others which have thousands of pages like thehun.net yield a very organized site index which is less than a page.

Installation is simple, and once installed it’s easy to use. Just click on tools and open up GSI (or right click on the screen) and up pops the interface. Confirm the Domain, click start and the site is indexed. You should probably stay away from the recursive search as after trying twice with two different sites, it locked both times. Then Google accused me of having a virus and locked me out until I entered some twisted letters.

If I have a complaint, the results pop up as a html page that you can only click on one link before it disappears. The workaround is to save the page as html on your desktop and work from there. If you have basic HTML skills, you might want to open the page in notepad and cut the script at the bottom before you start exploring the site. While GSI indexing is totally anonymous, your site visits are not unless you do the standard Google trick of saving the URL’s in notepad and using the Google cache while stripping all images or by using a proxy.

So far, I haven’t used GSI for anything serious if you don’t count looking at the good, the bad, and the ugly architecture of my own Web sites.

Dissecting a Kiddie Porn Cookie

Cookies can be used to transfer information about you to a website. Now when I started to use a Live CD, I got a little bolder in tracking source code on nasty sites and not shutting down between site visits. After all no permanent images would be stored and there wasn’t all that much information which could be transferred from a machine with no permanent memory of where it had been and what it had seen.

Well I found out there is an awful lot of information in temporary storage. like a cookie from any personal site you have visited, ie gmail, hotmail, hi5, myspace, facebook etc. Since I really hadn’t thought about it and therefore wasn’t avoiding it, I was able to get a peak at what kiddie porn sites wanted to learn about me.

From over at Fatsavage.wordpress.com, the original analysis of the cookie from americanthumbs.com was:

‘ucjc=xucjcxnoref
xucjcxnoref
xucjcx1
xucjcx0
xucjcx0
xucjcx
xucjcx; path=/;’

Now after a session of Google hacking for kiddie porn, I ended up with the following cookie from billpics.com or amglover.com which both use the ucj cookie.

‘ucjc=xucjxnocookie
xucjxnocookie
xucjx1
xucjx2
xucjxnone
xucjx|teens-girls.net|mymasha.com
xucjx; path=/;’

It would seem that a couple of sites I had not suspected of kiddie porn were of interest to the people from UCJ as both of their names show up as a variables in the cookie and the variable that was a 0 has now moved up to a 2. I guess they are counting the nasty places I had been. Apparently, I was cautious in this surfing secession as the “noref” variable had shifted to “nocookie”.

When I got sloppy, the changes in the cookie got really interesting.

‘ucjc=xucjxgoogle.co.vi
xucjxhttp://http://www.google.co.vi/search?hl=en&client=firefox
&rls=org.mozilla%3Aen-US%3Aunofficial&q=hq-teens.com&btnG=Search
xucjx1
xucjx0
xucjx0
xucjx
xucjx;

Well, I sort of figured this would happen so I had turned the machine on and went nowhere else except the Google search bar. Now in addition to my IP, they have my Google cookie, the country version of Google, that I search in English, that I’m using Firefox and that I pressed the search button while looking for information on hq-teens.com.

If I had checked my Hotmail or Gmail prior to the search, they would probably have my user name and everything else.

Tag I’m it, wandering in a forest of honeypots with Federal bees swarming to sting.

Beyond Google – Viral Traffic

If your discussing matters which are touchy to our government, you really have to expect their best effort at suppressing the information. It’s no secret that Google is cooperating with China in suppressing knowledge on a broad range of topics. It’s also obvious that as a socially responsible corporation, they probably hide or fail to list content on a broad range of topics. When they fail to list a site page, they sometimes let you know that the supporting documentation is at chillingeffects.org but only when the content is totally illegal.

For legal but sensitive material, they don’t really acknowledge content filtering but when caught, just release a statement about unintended errors which led to technical difficulties and an inability to find a specific YouTube movie etc. In our particular case, serious content filtering started at my Fatsavage blog with a condemnation of a known kiddie porn site, youngerbabes.com, which is still online. The technical proof of content filtering is offered on this blog.

Of course the immediate effect of content filtering is that your traffic gets slammed and you lose visitors, but there is an obvious solution, just keep on writing. My traffic at fatsavage has started rising again, and the site is ranked in the top million of 20 million sites monitored by quantcast.com. Yeah, I get more traffic if I avoid censored topics, but I’m not a singing caged bird.

Interestingly, my new exulted status is almost independent of Google referrals (Correlation Coefficient 33%) and much more dependent on loyal visitors.

This post is being published at both Fatsavge and Tigerstail Blogs, not because I’m lazy, but because I want the information to get out. If Google were bothering to feed my blog, this would almost certainly get this post de-listed for laziness or plagiarism. However, since they are no longer doing a great job for my traffic, it doesn’t matter which rules I break.

Content Filtering the Fatsavage.

Just because your site traffic drops, it does not mean that their is evidence of Content Filtering. In my last post, I described two blogs which are so dormant that their are no visitors and the information is so stale that there are few Google referrals. Still, this type of stagnant site does not happen overnight. It’s like turning an oven up or down. If you turn it up to speed cooking, it will take 15 minutes or so before you see the obvious effects and when you turn it off, the meal will keep on cooking as long as the temperature is above 140 Fahrenheit.

Following the procedure outlined in the last post, we can check for a stable relationship between site visitors due to Google referrals, regular visitors and how much of a viral effect there is. It’s pretty obvious where the break in the following data is, but even this part of the analysis does not prove that a sudden change occurs, it just proves there is a stable relationship.

Google referrals———–Total Visitors
141———————–291
113———————–231
123———————–250
157———————–340
102———————–231
45————————115
33———————— 81
37————————103
37———————— 92

The relationship is as follows with an incredible correlation coefficient (R squared) of 99%.

visitors equals 1.93(Google Referrals) plus 23.4(Regulars)

At this point, we know we have a stable relationship between visitors and Google referrals and the drop is obvious but is it significant enough to prove Google Content Filtering.

Well for the 21 days prior to the day with 340 visitors there had been a relatively constant rise starting from 112 visitors a day. The equation was:

Visitors equals 7(Day) plus 109(Regulars)

Now the correlation coefficient was somewhat low at only 67% but considering day to day variations in frequency of posting and the strength of the content, that is still a strong relationship. The weaker correlation lead to large Standard Error of the estimate of 32. Putting this in layman’s terms on a day where you expected 200, 95% of the time it would be between 136 and 264, and 99% of the time it would be between 103 and 297.

This broad range seems like we are shooting at the broad side of a barn but after the 24th day when we would have expected 277 or above 180 at the 99% confidence level we only had 115 visitors and after that it got even worse.

It’s pretty obvious, that there was a change and my most popular post at the time could no longer be found short of a direct entry of the title which was “Youngerbabes.com Hack This Site”. I can’t figure out why a rant about a know kiddie porn site which is still on line should have been blocked unless it’s protected government property.

Google Content Filtering in America!

If content filtering exists in America, there ought to be a way to prove it one way or the other. Any experiment should be open to the public with all assumptions identified and the experiment should be reproducible and have a scientific evaluation criteria.

As a working assumption, there should be three elements to the number of site visitors when averaged over time. First, there should be some measure or regular visitors who would average out over time to some relatively constant value. Next there should be a feed from the search engines which is a factor of the public interest in your topic. Also, there could be a viral effect where visitors recommend you to others and therefore one site visit by Google referral or one regular visit may translate into any number of visits. (This is probably highest with jokes and politics and lowest with technical). However, if both groups (regulars and referrals from Google) recommend you to about the same number of people, this doesn’t alter the mathematical approach.

For the past three weeks, this site has varied around 41 to 87 visitors a day with an average around 60 a day but WordPress only holds the search engine data for a week. So I have the following Google Data and site visitors.

Google Referrals—–Visitors
44——————53
51——————67
44——————64
48——————62
50——————75
33——————48
40——————54

Now I ran the above data through an online Linear regression tool and came up with a very high correlation coefficient of 86% (R squared 75%). For a moment just think of a fat reduction pill where the weight you lost was 75% related to the pills you took and independent of all other variables like food and alcohol consumption and exercise or other variables.

The equation is visitors equals 1.3(Google Referrals) plus 4.1(regulars)

Obviously no viral effect and a small number of regular visitors, but if you need the technical information you come because of a Google search.

Now the data is drifting down because the site has not been very active for the month but the average for the data above is 60 with a two standard deviation range of 42 to 78. I would be hard pressed to make a case for effective Content Filtering based on this data set because there is no sharp break in the curve and the number of visitors for the past week is much the same as it’s been for the past three weeks.

Just for fun, I have two very dormant sites one in business (2.6 visitors a day) and the other in recreation (5.4 visitors a day). The equations and correlations are as follows:

visitors equals 1.4(Google Referrals) plus NO(regulars) correlation coefficient 95%
visitors equals 1.0(Google Referrals) plus 1.8(regulars) correlation coefficient 89%

Once again there is no sign of content filtering as the sites just suffer from a lack of interest, both mine in writing on the topic and visitors needing information on the topic.

Content filtering is an on-off switch which is turned on when the content gets out of hand so there should be signs of a dramatic drop in traffic.

At Fatsavage.wordpresss.com I have seen three cases of dramatic content filtering over the past 6 months with two in the past month. Start reading at the home page and work backwards to December 18, 2007. In that short month (about 12 posts), I managed to piss of the Feds twice and been slammed by provable content filtering. Now, I was attempting to be offensive with all of it, but I failed 10 times as only two posts were serious enough to get blocked.

Can you figure out which two?

Born to Be Bad – Will Smith, Kolmic and Hitler.

Will Smith started quite a controversy when he said that he believed that all people are intrinsically good and because he used Hitler as an example the argument degenerated without thought. Well Mr. Smith, I beg to differ and I use as my argument the Internet which I doubt that you know too much about.

Internet usage seems to be dominated by the concept that people do bad just because they can and only do good when they want to. Christ, I might say that that concept even includes Government sites which have a tendency to politicize every fact for political correctness or to dissociate blame. I mean who can possibly believe the psycho who designed the online war game for young people using actual Army equipment interfaces to recruit people. No one could believe this site was designed to do intrinsic good for the nation unless you believe that the use of Gaming addicts as soldiers is the highest and best use of these compulsive children. On the civilian side, what psycho would want to take down Norad for bragging rights or open the secrets of NSA to the world just to prove it can be done?

The internet is full of very twisted people. I casually included Kolmic.com on a list of sites that couldn’t be explored using Google Hacking techniques and immediately people stated flocking to my sites with Kolmic as the search term. Seems I stumbled on Kolmic in my research on American Kiddie Porn and I do mean I was lucky to make the connection to Government supported kiddie porn sites.

On the surface, they are a dramatic success story. They are touted at killerstartups.com as a new search engine. Quantcast.com ranks the site as being 314 in the world while alexa.com ranks them at 1917. IPwalk.com shows them hosting 11,650 domains. Their daily traffic is over 150,000 people per day.

These are incredible numbers considering the site was only organized about 8 months ago and the ownership of this fantastically successful organization is secret with a stealth registration. The IP information suggests Boston but a more realistic guess would put them in Houston working with Everyones Internet.

So what’s bad about a fantastic success in only six months, other than the direct connection to domestic kiddie porn and law enforcement honeypots. It seems that this brand new site is already attracting complaints about URL redirection, start page hijacking and other techniques common to the porn industry and image loading to unsuspecting surfers. One very complete analysis can be found in the comment section of McAfee Site Advisor by phantazm.

Obviously Kolmic.com was a site born to be bad by people with very evil intentions who hide anonymously in cyberspace because of the cowards they are.

Too bad Mr. Smith, there really are some fucking evil people in this world.

Bin Laden, Google and the CIA

Starting about a year ago, credible sources started claiming that Google was feeding information to the CIA. Now I’m not sure why any jackass would even waste a baying breath denying such a rumor when it’s so obviously true. Sans Teaches several courses on Google Hacking and Johnny Long has written several books on the topic. As early as 1999, NATO started publishing an Open Source Intelligence Handbook and by 2002 had issued a separate publication on exploiting information on the Internet. Only the most stupid Google apologist would bother denying that the CIA uses the largest database on the planet to gather information and probably pays them to teach people how to do it.

Now the issues of information filtering, diminished page rankings and generally interfering with your rights is a little more debatable. Two of the four freedoms defined by President Roosevelt were freedom of speech and freedom from fear particularly of an oppressive government. Google used to brag that they had no censorship but as previously discussed they are de-listing pages from the Internet based on complaints without the existence of a Legal Cease and Desist orders. Also, they consented to censor content for the Chinese version of Google including sites only mildly critical of the central government indicating that the have the capability of censorship and the corporate will to do it if paid enough. Their new policy acknowledges that they will engage in censorship to assist law enforcement, obey regulations and as a matter of policy which covers darn near any reason in the world.

It would appear that this policy extends to publishing false listings for controversial anti-government documentary movies.

Now what brought all this to mind was yesterday I told a little Joke about bin Laden and George Bush over at the FatSavage Blog and amazingly a search engine picked it up and it became my most popular single day post. It was so popular that I jumped to number 59 on the listing of most popular WordPress Blogs. Today not a single person reached “My Apologies” by way of a search engine.

Go figure!!! Is my sense of humor being filtered to protect an almost totally tasteless Web or is this just old fashioned censorship?

Is Google Spying?

Seventy seven percent (77%) of Google Users are not aware that Gogle is spying on them and neither was I.

I tried researching the topic but didn’t find much information. I knew that Google used email filters and linked advertising to the content so that when Cousin Ed told you that Auntie Mame died, your email might include an advertisment for coffins and flowers. While that may be cool technology, I avoided it by avoiding a Gmail account.

Even after I read accounts that I would be 92 when my Google cookie expired and their new privacy policy would delete all records after 2 years unless requested to retain them longer by law enforcement, I wasn’t terribly concerned. I mean I have seen the use of Google Cookies which contain my IP, Hotmail account, my surfing habits to other sites and all my porn cookies so fore warned is fore armed and defend yourself. After all these are browser side records and can be erased and wiped when you close your Browser (with quite a bit of effort).

All this changed when I had the need to sign up for an email account under my own name instead of Mr. Daimon, fatsavage or other ficticious names. I cleverly opted out of email advertising so I could avoid coffin offers when my mother dies and did a minimal sign-up with minimal information even avoiding address and location. I didn’t think much about it and only used it for commercial activity under my own name. I only signed up with GoogleTalk to track my email because that’s faster than signing in on their web page and going to their rather slow site only to find you have no mail.

Last week I had the need to sign up as a Google Developer so I paid more attention to their site. Seems there is a button in the upper right that allows you to sign in to Google and that happens rather automatically when you sign in to GoogleTalk or at least it did for me. It showed I have an account and a history which I know I never signed up for.

The history has been keeping track of me more or less since the day I signed in for my Gmail account. It is the default option which you have to work to turn off. Naturally, I checked my history and was appalled. I’m doing a Sans Security Course and am looking up various penetration tools. I am also blogging about some pretty nasty sites. Of the hundreds of searchs I do a day, my Google history only registered the ones which make me out to be a pervert or a security risk.

Of course, I deleted the records but all that means is that I will no longer see them. They already have my IP, my email account, cookies from all accounts, the record of cookies from sites visited etc. I really didn’t accomplish anything by turning off their blatent record keeping. They still have all the rest and have publically stated they will keep it for two years.

It would appear my only real option is to stop using their services. To many that would be a tough choice, but if they have already blocked access to your site and Ask.com is doing a pretty good job of searching and you have no commercial revenues from the web, I can’t think of a serious downside.