Tuesday, January 22, 2008

Money. Mouth. You can take it from there, right?


Over at Where'd That Bug Go?, commenter "Blazing Cat Fur" isn't going down without a fight:

Evidently you missed this on SDA;)

Cable IP addresses tend to stay the same for long periods of time. Mark was on Shaw cable in Edmonton and he had the same IP address for three years.

We are using Cogeco cable now and we have had the same IP address since we set it up (a year and a half).

But, the IP address is only half the story. The operating system and browser were also a perfect match.

... yadda yadda yadda ...

Well then, BCF, here's a simple challenge -- if you're so confident about Free Dominion's evidence, why don't you make the same accusation on your blog that others have been frantically backing away from lately? Come on -- you think FD has a slam-dunk case against Warman here, let's see you stand with them and not just cheerlead from the safety of the sidelines.

So let's see it, BCF -- explicitly and unambiguously accuse Richard Warman of having written the contentious post in question. I'm waiting. Otherwise, shut the fuck up.

21 comments:

Ti-Guy said...

I love how the comment ended with the "ta ta."

It's so Heather-ish.

Since I'm assuming children and young adults should be in school right now and not trolling the internet, I have a hard time imagining just what kind of adults these people are.

Feh. Progressives should start banning/deleting anyone who's even remotely associated with these haters (Blazing Cat Fur is associated with RightGirl); they're not going to tell us anything new.

Dr.Dawg said...

BigCityLib made an interesting observation at my place--he said the IP address in question (66.185.84.204) sounds like a public site.

Try Googling it. You get everything from a website entirely in Thai, to another in Italian for Libux users, to a comment about a Northern Ontario beauty pageant...

I think BCL is onto something.

Dr.Dawg said...

Linux, sorry.

CC said...

Dawg:

I'm just heading out the door, but perhaps someone with a few spare minutes can try to do a reverse DNS lookup on that address and see what surfaces.

Reality Bites said...

Google results don't matter. A Whois shows that, for better or worse, that address belongs to Rogers.

counter-coulter said...

Here's the information for that IP address:

IP address [?]: 66.185.84.204 [Copy][Whois]
IP address country: Canada
IP address state: Ontario
IP address city: Ottawa
IP address latitude: 45.416698
IP address longitude: -75.699997
ISP of this IP [?]: Rogers Cable

Ti-Guy said...

Yeah, its current assignment won't tell us anything.

IP addresses are almost useless without records from the ISP, which usually have to be subpoenaed.

...although I'm sure some telecoms hand them out to the highest bidder.

Dr.Dawg said...

Why don't Google results matter? Is Richard Warman, an Ottawa lawyer, fluent in Thai, a Linux user who posts on an Italian site, etc.? Maybe. But this seems like a suspiciously wide array of interests and abilities for one person.

counter-coulter said...

One thing that can be gleened from this IP address is that it (at least currently) originates out of an Ottawa router. This is different than Rogers whois which is registered in Toronto:

OrgName: Rogers Cable Communications Inc.
OrgID: RCC-104
Address: One Mount Pleasant
City: Toronto
StateProv: ON
PostalCode: M4Y-2Y5
Country: CA

Ti-Guy said...

Why don't Google results matter?

Because they won't tell us to which device the IP address was assigned at the time it was used to conduct whatever transaction is being called into evidence.

...although I really haven't examined Lemire's artifacts in this case. I really don't care to, as fascists (proto- or otherwise) have a peculiar way of using language and logic and evidence that I find rather alien. Personally, I think they're mostly paranoid delusionals or psychopaths.

There are people who are paid to do that kind of work, in any case.

counter-coulter said...

Ti-Guy said...
Because they won't tell us to which device the IP address was assigned at the time it was used to conduct whatever transaction is being called into evidence.


I think you've nailed it exactly. In this case, only Rogers knows who was assigned that IP address at the time of the alleged incident. I'm guessing that they'll be subpoenaed for those records soon enough, if they haven't already been.

Dr.Dawg said...

Thank y'all. Seems this will be a war of the techies, all right. Check this out:

http://scottdiatribe.gluemeat.com/2008/01/22/i-wouldnt-mourn-at-all/#comment-12560

Ti-Guy said...

I take a dim view of blogger forensics. It ends up spreading a lot of misinformation, no matter how well-intentioned the motivation.

And as we've seen with Teh Boggin Torees, it often isn't well-intentioned at all, and it's quite often used to generate disinformation. Ringing bells that can't be later unrung, as some wise person said recently.

buckets said...

The wide usage suggests that it was for a time an open proxy, something like Tor. This would mean that anyone in the world could have used it to post those messages.

valiantmauz said...

I'd like to know what the logging system was for the site where these posts were allegedly made, and whether the site operators had access. Both databases or plain text logs are wide open to manual edits and the changes would be untraceable. FreeD is dreaming in technicolour if they think they have a case on this.

I don't know libel law - does Warman have any burden of proof, or is it up to FreedD to provide convincing evidence? If the latter, they are up shit creek. I'm not even a good programmer, but I could manipulate a log with little or no effort.

Dr.Dawg said...

Truth is a defence in libel. But the burden of proof is on the person making the statements in question.

I wish I knew more about the technology. As I understand it, Warman agreed under oath that he had used the name "Lucy." He denies that he used the name "90sareover" a few weeks previously. The allegation is that the IP addies are the same.

The only explanation that works for me is log-fakery. Other explanations just seem too tortuous.

I'm staying till the end, but I'm switching from popcorn to ice-cream. Enough is enough.

KEvron said...

i had a troll showing up on my blog with all kinds of ip#'s from all over the world.

"anyone who's even remotely associated with these haters"

the genuinely conerned seraphic single refers to shaidle as "my mean lady". blechh.

KEvron

bigcitylib said...

Dr. Dawg,

Why not just that the IP address was assigned to different computers at different times, as per Mike's remarks?

Dr.Dawg said...

The only problem with that is that it's just a wee bit too coincidental that two unrelated users, on separate computers, sent messages with broadly similar themes to the same wacky site, just when it happened that their IP addresses coincided.

If someone could explain how this could be done against the odds, I would dearly love to hear the explanation. I'm a bit of a techno-peasant when it comes to this area of expertise. I still favour log-fakery as a more likely explanation, if Warman in fact did not do what people are, er, "alleging" he did.

Mike said...

Dawg,

It is highly unlikely, but possible. But it may also be that, as I said over at Stageleft, that someone changed a legit message by hacking the forum software or the database.

Stating that the IP in question along with the OS (Windows 98 apparently) and browser (MSIE 4.0) makes it uniquely Warman is ridiculous. That combination probably accounts for thousands of Rogers customers.

I suspect the log or the comment was faked and that requires someone with access - from the inside or hacked in.

The point is, FD needs WAY more evidence than this and of a WAY higher quality. I work in IT security at a software security company and there is no way this would be used to accuse anyone of anything, without, as TI-Guy says, the ISP logs.

And as buckets says, that IP could have been a Tor exit node, meaning it could have come from anywhere.

Do they have a MAC address match?

If I wanted to make such an accusation, I would have a hell of a lot more evidence than this before posting it.

And besides, if coincidences didn't sometimes happen, they'd be called impossibilities. As unlikely as it seems, it may be that it was a coincidence.

Dr.Dawg said...

Fair enough. I shall now ease back into my comfy chair, have another Richard Dee Almond Vanilla, and watch the show until the end.