Identify bad guys through writing style

This month’s Social Engineer podcast discussed a tactic to identify bad guys through writing style, something the hosts expressed surprise was possible.

This won’t be news to anyone who minored in English or Communications or Journalism. A lot of factors go into style—where we grew up, where our parents are from, what we read growing up, our life experience, and it really is like a fingerprint. Fitzgerald’s Gatsby called everyone “Old Sport,” and we all have something like that, it’s just usually more subtle. I’ll say, “taste this,” when my wife or mother in law will say “taste of this.” That’s a regional thing. I pick up on that because I’m interested in language. A really good linguist can pick up on a lot more than that, and machine learning can potentially pick up on still more.

If you recall, it was the Unabomber’s long manifesto that brought down Ted Kaczynski.  Other forensics proved it, but the investigation began with his brother’s observation that the manifesto “sounded like Ted.”

Read more

How to become an Info Assurance Analyst

So, CNN/Money ran a story on the best 100 jobs in the United States, based on pay, projected job growth over the next 10 years, and quality of life ratings. And there was my job title, at #9. I think you should want to become one, so here’s how to become an Info Assurance Analyst.

The field desperately needs more of us, so I’m happy to share with you how to become someone like me. Read more

Defusing in person

My name, and my department’s name in general, gets thrown around a lot at work. We have a bit of a reputation as the can’t-do guys.

Professionalism dictates I not go into specifics about what kinds of things we reject or disapprove, but if I were to explain them, no security professional would disagree with me.

The other side of the argument, of course, is that the system still does its job the way it’s supposed to do and the system cost a lot of money. Here’s a story of a tense situation and how we were able to come to an understanding. Read more

Tech Central in South Africa trolls the tech support scammers

Apparently the fake Microsoft tech support scammers call South Africa too. Tech Central’s experience is close to mine, but since they actually let these jokers into one of their machines, they found out something about their game that I’ve never seen.

Apparently, once you get further into their sales pitch, they get into your machine, ask for payment, and if you hesitate to pay or refuse, they start deleting files out of revenge.

I’ve never actually let these guys get into a system I care about, though I have actually let one in to a system that really did have a couple of viruses on it. I wanted to see if they would find any real problems. They didn’t.

So, knowing that they maliciously delete would-be customers’ data if they show second thoughts, I think it’s a good idea to string these guys along for as long as we can when they call those of us who know better. Two of us doing that each night is enough to save one person from being victimized.

Random thoughts from the day after bin Laden died

It was 9:15. I was tired. I’d been reading, then I went to my computer to check baseball scores. I saw that the president had called a press conference for 9:30 CST, with no indication what it was about. 9:30 PM on a Sunday night isn’t when you usually call press conferences, and there’s usually some indication what the subject will be. I was curious enough to click around to see what was going on, but when I didn’t find anything right away, I went to bed.

This morning I woke up, went straight to the Kansas City Star’s baseball page to get an account of last night’s Royals-Twins game, and out of the corner of my eye, spotted the last headline I ever expected to read: “The Raid that Killed bin Laden.” What? Beneath it was a similar headline. I clicked, read the first two sentences to make sure I was reading the right thing, then raced into the bedroom, where my wife was getting our two sons dressed.

“They got bin Laden,” I said. And she did the same double-take that I did, and made me say it again.

Read more

And we have safely arrived in the 21st century.

It wasn’t the smoothest of transitions, but it went a whole lot better than it could have. I’ve moved the venerable Silicon Underground, with its nearly 1,800 posts spanning a little over a decade, to WordPress 3.0.1.

This blog’s been pretty stale for a long time. Some of that is due to the software. Some of it’s my fault. Blogging software has really advanced a lot in the last few years, and the software I’ve been using since 2004 was a bit behind the curve even then. In its defense, in 2004 nothing could do everything I wanted, and the system I chose was one of the few that required login and authentication, which I desperately needed in order to stop spam. But then registration broke, and I didn’t fix it, which meant only longtime readers could comment.

For commenting, we’re going back to username and e-mail address with optional URL, and with some spam analysis tools hopefully filtering out the spam. Users are moderated until their second comment, which will help take care of the trolls. Comments containing multiple hyperlinks automatically go to moderation. And comments will be closed after some period of time, probably 14 days. Discussions usually go downhill as time goes on.

Will I post more now that it’s easier? Probably.

Modern blogs can interact with one another; mine was always an island. Now I can trackback and pingback like everyone else, which will probably prove useful.

I’m sure I’ll be making changes for a while, but this is a big improvement.

I’d like to thank Steve D. and Rich P. (you know who you are) for their help with the migration. It only took me what, three years to go through with it? Four? And then it ended up taking about two hours of real work, if that, spread out over the course of a couple of weeks.

The Megan Meier Myspace suicide, 10 days later

It’s been about 10 days since the story first broke about 13-year-old Megan Meier being harassed online by a 48-year-old neighbor posing online as a 16-year-old boy and eventually being driven to suicide. The blogosphere has gone nuts, the story has national and even international attention, and while none of this will bring Megan Meier back, at least there’s been some progress.On Monday, the St. Louis Post-Dispatch named the 48-year-old impersonator. From what the story said, the family gets very little peace, and the neighbors don’t care much for them. Their life wasn’t good even before the story broke, and it hasn’t gotten any better in the past week.

Comments on various blogs indicate the impersonator’s phones have been disconnected. As widespread as that information had become, their phones probably never stopped ringing. This harassment is illegal, but I still have a hard time feeling sorry for them.

The original police report showed up on The Smoking Gun. Reading it made me even madder. The part that bothered me the most:

Despite the recency of the suicide and several neighbors recommending she not contact the Meier family (especially on Thanksgiving), Meier stated she and her husband attempted to contact the Meier family three times, “banging on the door” even though Mr. Meier had already told them to leave. [She] wished the current tension be documented in case any of her property is damaged. Further, [she] insisted on contacting the family to “inform them of what she knows.” [She] stated she “just needed” to tell them to relieve herself of the “responsibility” and apparent guilt.

Relieve herself of responsibility and apparent guilt? Document the tension in case of property damage?

How about a good old-fashioned apology?

At least one company that advertised with the impersonator’s coupon magazine, a carpet cleaning business, stated in public that they will be ending that relationship. They had already committed to being in the next issue, so they may appear in it, but that will be the last.

Two businesses expressed indifference, according to one commenter, but all it takes is a few businesses pulling their ads to make it difficult to pay the bills.

A blog surfaced on Sunday, titled Megan Had it Coming. It claims to be written by someone who knew Megan.

I read the single post there, and I have serious doubts that the author is 14 years old. The spelling and grammar are much better than the typical 14-year-old, and the paragraphs tend to be more complex than I would expect from a 14-year-old. The paragraphs for the most part follow the structure one is taught to use in college.

That said, some of the elements of the writing are too bad for a gifted 14-year-old. I could write that well (or better) at that age and I know several other people who could too. But the logic is extremely flawed. I believe any English teacher who saw a student capable of writing like that at age 14 would hammer on the child’s logic. English teachers aren’t satisfied with that quality of work from someone who exhibits this much ability at 14.

For these reasons, I believe the author is older, and probably had at least the introductory composition course in college. She (I believe the author is probably female) may not have done all that well in the class, or she may have been intentionally making mistakes in an attempt to appear to be a younger and less sophisticated author. When I was a journalism major at Mizzou, I was a go-to guy for people who were having trouble in their Introductory Composition class, so I read a lot of those papers. This piece really reminded me of those papers.

Let me also say that the most difficult thing for an author to do is to appear to be something that he or she is not. So if a piece of writing doesn’t look or sound like that of a 14-year-old girl, then it probably isn’t.

I agree with the author that Megan Meier wasn’t perfect. Let’s give her the benefit of the doubt and assume everything she said about Megan is true. The Megan she portrayed reminds me of pretty much every girl aged 12-14 I remember growing up with. Some girls stay that way a lot longer. I definitely remember elements of that kind of behavior in two ex-girlfriends, both of whom were in their early 20s when we dated. A few girls I knew got over it early, and I remember having trouble knowing how to react to them, because they were so different.

If Megan Meier deserved to die because she was self-conscious, oversensitive, shallow, fickle, difficult to be around, and prone to overreact, then that means virtually every teenager in the world deserves to die. Those flaws are the very essence of that phase of life. It’s all a phase, and most people grow out of it. It’s not a cause for deserving death. It also doesn’t mean that someone who exhibits those characteristics is automatically going to commit suicide.

It’s a terrible logical fallacy.

I also disagree with the assertion that Megan deserved this fate because a 48-year-old vs. a 14-year-old isn’t a fair fight, no matter how you cut it. I would have far more sympathy for the impersonator if the impersonator had been another teenager, acting alone.

The author tends to talk down, as if she’s already outgrown this phase, and even if a 14-year old was already through all this, I don’t think she would have enough perspective to comment about it this way. I can’t really put my finger on specific phrases, but the whole piece gives me a sense of looking back at 14, rather than being in the thick of 14.

I have no way of knowing who the author of this one-off blog is. Given writing samples, I can usually figure out if a piece in question was written by the same person, but I have no writing samples to compare. The author could be the original impersonator who is now vying for the title of most hated woman on the Internet. It fits her pattern of behavior. It could also be one of the many contrarian random trolls who are popping up on any blog that mentions Megan Meier and her impersonator by name.

My friend who lives in the area observed that the blogger referred to a local sports complex as “Tri Sports.” The proper name of that complex is the Renaud Spirit Center, and the address is 2650 Tri Sports Circle. Tri Sports Circle is one street over from the street where the Meiers and the impersonators live.

So the author of this piece is almost certainly local. Given that the impersonator has few or no friends left in the neighborhood, and given how the author of this piece went out of her way to defend the impersonator, I believe the author of this one-off blog probably is none other than the same mind that brought us Josh Evans, the fake-16-year-old boyfriend.

In case anyone\’s wondering why I don\’t run an open forum anymore…

I think David Pogue sums up what’s wrong with online etiquette pretty well.I know I got sick and tired of ducking rocks from anonymous know-it-alls. That irritated me as much as spam. My blog is a hobby. It brings in a little bit of money, but I’m not sure that the money covers the increase in my electric bill. I run my blog because I enjoy writing and because I’ve found a shortage of some types of useful information, so I tried to remedy that shortage when and where I could.

So I started requiring registration. In the process I pretty much ruined the blog, because I ditched b2 in favor of the software I’m using now. Of course, a few months after I made that change, b2 evolved into the lovely and wonderful WordPress, which now everyone and his brother is using.

Then Southwestern Bell started blocking SMTP traffic, preventing my software from sending out registration notices. There’s a workaround out there for that, but I still haven’t convinced myself, two years after I became aware of the problem, that it’s worth fixing. I’m sure I’m losing readership because people who want to be able to sign in and comment can’t, but I find I rather enjoy not having to deal with idiots. The dozen or so people who are left are nice people who say intelligent things.

Don’t get me wrong, I deal with some rude and poor-intentioned people at work. The rudest and most difficult, not coincidentally, are the people I’ve never seen but only spoken with over the phone and e-mail. But even they control what they say a little bit. There’s always the danger that we’ll run into each other someday, after all.

I remember about seven years ago when I wrote something that made the front page of Linux Today. It was a thrill. I even ended up exchanging e-mail with the president of Mandrake, and some suggestions I made for features found their way into later versions of that Linux distribution. Those were fun times.

What goes through my head when I realize that I’ll never make the front page of Digg?

One word: Good.

I still love to write, and I may have even figured out how to make enough money writing to make it worth my while to write regularly again. To be honest, right now I don’t have time to write regularly, but when it’s worthwhile, I can always find ways to make time.

Blogging fits into that equation, so I guess sometime between now and then, I’ll have to figure out some way to deal with the trolls.

WordPress Appliance - Powered by TurnKey Linux