Main
Date: 23 Jan 2008 12:39:19
From: J.D. Walker
Subject: Ulevitch Report
Dear Chess Friends,

This is wonderful long-anticipated news! The third report has shown
definite signs of emerging on the public scene. This is so very welcome
in our current climate of transparency! How many reports do we need
before our skeptics can admit that smoke does indeed strongly suggest fire?
--

Cordially,
Rev. J.D. Walker, MsD, U.C.




 
Date: 24 Jan 2008 13:27:12
From: help bot
Subject: Re: Ulevitch Report
On Jan 24, 12:42 pm, Mike Murray <[email protected] > wrote:

> Actually, they're now harping about whether the underlying data may
> have been compromised. Ark! Ark! Where is Smaxie when they need him.


What about Paul Truong himself? Isn't it
possible, theoretically I mean, that /he/ was
spoofed? A remote-controlled robot, that
looks and walks and talks like PT?

I know this supposed expert says that it's
not possible for this or that to be spoofed,
but hey: if *nothing* could be spoofed, we
wouldn't have the word "spoof" in the
dictionary, right? I say that /something/
can be spoofed, and that's why somebody
invented the word in the first place. We just
need to find that somebody, and ask him
what can be spoofed.


-- help bot








  
Date: 24 Jan 2008 13:59:12
From: Mike Murray
Subject: Re: Ulevitch Report
On Thu, 24 Jan 2008 13:27:12 -0800 (PST), help bot
<[email protected] > wrote:

>On Jan 24, 12:42 pm, Mike Murray <[email protected]> wrote:

>> Actually, they're now harping about whether the underlying data may
>> have been compromised. Ark! Ark! Where is Smaxie when they need him.

> What about Paul Truong himself? Isn't it
>possible, theoretically I mean, that /he/ was
>spoofed? A remote-controlled robot, that
>looks and walks and talks like PT?

We need to contact Donald Sutherland with some questions about Pod
People.


 
Date: 24 Jan 2008 13:16:06
From: help bot
Subject: Re: Ulevitch Report
On Jan 24, 9:51 am, "J.D. Walker" <[email protected] > wrote:
> David Richerby wrote:
> > J.D. Walker <[email protected]> wrote:
> >> She invites the world to chessdiscussion.com to discuss topics about
> >> chess. She lists a series of forum posting rules. None of them say
> >> that we cannot discuss an event like the publication of David
> >> Ulevitch's letter.
>
> > You are participating on somebody's website. They can set whatever
> > rules they want for your participation and operate by whatever rules
> > they want to.
>
> >> Clearly the moderators are operating on a hidden agenda.
>
> > Why are you even slightly surprised that Susan Polgar seems not to
> > want material that appears detrimental to her husband to be discussed
> > on her forums?
>
> > Dave.
>
> I am not surprised. I am commenting on hypocrisy. To publicize a web
> site as a place to openly discuss chess matters in a civil atmosphere is
> not consistent with what we see happening there. She can do what she
> wants with her site, but chess fans would do well to look elsewhere if
> they want to freely and civilly exchange messages about chess.
>
> When you add to this her call for transparency, the hypocrisy is rank...

Just a glance at some of the ludicrous claims
made on SP's Web site tells the tale; whoever
is responsible for those lies, fabrications and
impersonations of her sister's accomplishments,
ought to be hanged first, then given a fair trial.

These clowns -- the Ray Keenes and Susan
Polgars of the world -- need to get a grip on
their humongous egos, even if that means
stretching their hands to the size of a county.


-- help bot


 
Date: 24 Jan 2008 08:34:36
From: The Historian
Subject: Re: Ulevitch Report
On Jan 23, 6:19 pm, "B. Lafferty" <[email protected] > wrote:
> Gregory Alexander posted the following comment regarding Ulevitc's
> credentials:
>
> "Oh gads...
> I have no reservation with his credentials; the guy is a top notch expert in
> the internet field."

But where is the commentary by that sterling chess 'journalist' - ah,
self-described! - P Innes?


 
Date: 24 Jan 2008 11:12:47
From: David Richerby
Subject: Re: Ulevitch Report
J.D. Walker <[email protected] > wrote:
> This is wonderful long-anticipated news! The third report has shown
> definite signs of emerging on the public scene. This is so very
> welcome in our current climate of transparency! How many reports do
> we need before our skeptics can admit that smoke does indeed
> strongly suggest fire?

The point of these reports is that they find the damn fire...


Dave.

--
David Richerby Hilarious Confusing Boss (TM): it's
www.chiark.greenend.org.uk/~davidr/ like a middle manager but you can't
understand it and it's a bundle
of laughs!


 
Date: 23 Jan 2008 20:11:34
From: The Historian
Subject: Re: Ulevitch Report
On Jan 23, 6:19 pm, "B. Lafferty" <[email protected] > wrote:
> Gregory Alexander posted the following comment regarding Ulevitc's
> credentials:
>
> "Oh gads...
> I have no reservation with his credentials; the guy is a top notch expert in
> the internet field."

Let me guess. The rest of the post was along the lines of, 'Fooling
such an expert shows how good the person framing Paul and Susan is.'
Denial is more than just a river in Egypt......


  
Date: 24 Jan 2008 09:42:04
From: Mike Murray
Subject: Re: Ulevitch Report
On Wed, 23 Jan 2008 20:11:34 -0800 (PST), The Historian
<[email protected] > wrote:

>On Jan 23, 6:19 pm, "B. Lafferty" <[email protected]> wrote:
>> Gregory Alexander posted the following comment regarding Ulevitc's
>> credentials:
>>
>> "Oh gads...
>> I have no reservation with his credentials; the guy is a top notch expert in
>> the internet field."
>
>Let me guess. The rest of the post was along the lines of, 'Fooling
>such an expert shows how good the person framing Paul and Susan is.'
>Denial is more than just a river in Egypt......

Actually, they're now harping about whether the underlying data may
have been compromised. Ark! Ark! Where is Smaxie when they need him.


 
Date: 23 Jan 2008 19:15:00
From: help bot
Subject: Re: Ulevitch Report
On Jan 23, 5:05 pm, "J.D. Walker" <[email protected] > wrote:

> Look back in the rgcp queue a few messages for one titled: "Expert
> Opinion: Mottershead Report Valid." There you can form your own
> opinion, quite transparently I might add. :)

Hey, I bet those posts came through back
when my eye was puffed up, and I could not
even lose to the GetClub program because
I was temporarily blind. Hmmm.


-- help bot


 
Date: 23 Jan 2008 17:29:40
From: help bot
Subject: Re: Ulevitch Report
On Jan 23, 5:52 pm, "B. Lafferty" <[email protected] > wrote:

> > So far, I have seen the name of this new report,
> > and nothing else. Why the big secret? Can we
> > see what's actually in the report? Does it say
> > that Sam Sloan was too dumb to impersonate
> > himself in order to get attention, so it had to be
> > somebody a lot ster-- like Paul Truong?
>
> If you fail to see, it can only be because you have failed to open your
> eyes.

Or maybe it is because of the new name,
which I had never seen before, stupid.

BTW, I *am* having trouble seeing, due
to an eye infection. See GetClub losses
in which I keep moving stuff en prise.

Having now seen the "new" report, which
apparently is not new at all, I am left with
the question of how it is possible to tell the
difference between SP and PT, since all
depends on geographic location, and
people seem to believe that they travel
around together. I hope it isn't going to
come down to an imaginary syntax analysis
by some clown with the initials LP... .

For the record, when the Mottershead
report appeared, it was umteen pages
long, the format on my newsreader was
atrocious, and I did not read the thing as
a result. But I have read numerous
commentaries and partial sumies
of it. This formatting problem is why I
generally try to keep my paragraphs
short enough to avoid truncation, with a
carryover to the next line.

I am not "in denial" with regard to PT; I
simply want to know how it can be known
if he or if SP made the Fake SS postings.
You know, you can't narrow it down to two
people and then randomly toss one in jail.
I haven't seen proof that it was PT, only
opinions to that effect.


-- help bot






 
Date: 23 Jan 2008 23:19:15
From: B. Lafferty
Subject: Re: Ulevitch Report
Gregory Alexander posted the following comment regarding Ulevitc's
credentials:

"Oh gads...
I have no reservation with his credentials; the guy is a top notch expert in
the internet field."




  
Date: 23 Jan 2008 18:22:55
From: J.D. Walker
Subject: Re: Ulevitch Report
B. Lafferty wrote:
> Gregory Alexander posted the following comment regarding Ulevitc's
> credentials:
>
> "Oh gads...
> I have no reservation with his credentials; the guy is a top notch expert in
> the internet field."
>
>

I posted a question at chessdiscussion.com asking if there was a
response regarding this new report. Although my question was stated in
a neutral, civil manner, after about an hour, it is still in the
moderation queue, or censored.
--

Cordially,
Rev. J.D. Walker, MsD, U.C.


   
Date: 24 Jan 2008 10:58:08
From: B. Lafferty
Subject: Re: Ulevitch Report

"J.D. Walker" <[email protected] > wrote in message
news:[email protected]
> B. Lafferty wrote:
>> Gregory Alexander posted the following comment regarding Ulevitc's
>> credentials:
>>
>> "Oh gads...
>> I have no reservation with his credentials; the guy is a top notch expert
>> in the internet field."
>
> I posted a question at chessdiscussion.com asking if there was a response
> regarding this new report. Although my question was stated in a neutral,
> civil manner, after about an hour, it is still in the moderation queue, or
> censored.
> --
>
> Cordially,
> Rev. J.D. Walker, MsD, U.C.

I posted the Ulevitch report on Polgar's blog and asked her to comment. She
did not reply and the report was removed a short time after I posted
it--under my own name.




    
Date: 24 Jan 2008 05:10:23
From: J.D. Walker
Subject: Re: Ulevitch Report
B. Lafferty wrote:
> "J.D. Walker" <[email protected]> wrote in message
> news:[email protected]
>> B. Lafferty wrote:
>>> Gregory Alexander posted the following comment regarding Ulevitc's
>>> credentials:
>>>
>>> "Oh gads...
>>> I have no reservation with his credentials; the guy is a top notch expert
>>> in the internet field."
>> I posted a question at chessdiscussion.com asking if there was a response
>> regarding this new report. Although my question was stated in a neutral,
>> civil manner, after about an hour, it is still in the moderation queue, or
>> censored.
>> --
>>
>> Cordially,
>> Rev. J.D. Walker, MsD, U.C.
>
> I posted the Ulevitch report on Polgar's blog and asked her to comment. She
> did not reply and the report was removed a short time after I posted
> it--under my own name.
>
>

She invites the world to chessdiscussion.com to discuss topics about
chess. She lists a series of forum posting rules. None of them say
that we cannot discuss an event like the publication of David Ulevitch's
letter. Clearly the moderators are operating on a hidden agenda.

So what do we have at her site... False forum rules, moderation
according to hidden principles, blatant censorship, and all that is left
are a bunch of trained barking seals that dance to her tune.

This is not my idea of transparency.
--

Cordially,
Rev. J.D. Walker, MsD, U.C.


     
Date: 24 Jan 2008 14:41:35
From: David Richerby
Subject: Re: Ulevitch Report
J.D. Walker <[email protected] > wrote:
> She invites the world to chessdiscussion.com to discuss topics about
> chess. She lists a series of forum posting rules. None of them say
> that we cannot discuss an event like the publication of David
> Ulevitch's letter.

You are participating on somebody's website. They can set whatever
rules they want for your participation and operate by whatever rules
they want to.

> Clearly the moderators are operating on a hidden agenda.

Why are you even slightly surprised that Susan Polgar seems not to
want material that appears detrimental to her husband to be discussed
on her forums?


Dave.


--
David Richerby Addictive Adult Tool (TM): it's like
www.chiark.greenend.org.uk/~davidr/ a handy household tool that you won't
want the children to see but you can
never put it down!


      
Date: 24 Jan 2008 06:51:36
From: J.D. Walker
Subject: Re: Ulevitch Report
David Richerby wrote:
> J.D. Walker <[email protected]> wrote:
>> She invites the world to chessdiscussion.com to discuss topics about
>> chess. She lists a series of forum posting rules. None of them say
>> that we cannot discuss an event like the publication of David
>> Ulevitch's letter.
>
> You are participating on somebody's website. They can set whatever
> rules they want for your participation and operate by whatever rules
> they want to.
>
>> Clearly the moderators are operating on a hidden agenda.
>
> Why are you even slightly surprised that Susan Polgar seems not to
> want material that appears detrimental to her husband to be discussed
> on her forums?
>
>
> Dave.
>
>
I am not surprised. I am commenting on hypocrisy. To publicize a web
site as a place to openly discuss chess matters in a civil atmosphere is
not consistent with what we see happening there. She can do what she
wants with her site, but chess fans would do well to look elsewhere if
they want to freely and civilly exchange messages about chess.

When you add to this her call for transparency, the hypocrisy is rank...
--

Cordially,
Rev. J.D. Walker, MsD, U.C.


     
Date: 24 Jan 2008 06:02:00
From: J.D. Walker
Subject: Re: Ulevitch Report
J.D. Walker wrote:
> B. Lafferty wrote:
>> "J.D. Walker" <[email protected]> wrote in message
>> news:[email protected]
>>> B. Lafferty wrote:
>>>> Gregory Alexander posted the following comment regarding Ulevitc's
>>>> credentials:
>>>>
>>>> "Oh gads...
>>>> I have no reservation with his credentials; the guy is a top notch
>>>> expert in the internet field."
>>> I posted a question at chessdiscussion.com asking if there was a
>>> response regarding this new report. Although my question was stated
>>> in a neutral, civil manner, after about an hour, it is still in the
>>> moderation queue, or censored.
>>> --
>>>
>>> Cordially,
>>> Rev. J.D. Walker, MsD, U.C.
>>
>> I posted the Ulevitch report on Polgar's blog and asked her to
>> comment. She did not reply and the report was removed a short time
>> after I posted it--under my own name.
>>
>
> She invites the world to chessdiscussion.com to discuss topics about
> chess. She lists a series of forum posting rules. None of them say
> that we cannot discuss an event like the publication of David Ulevitch's
> letter. Clearly the moderators are operating on a hidden agenda.
>
> So what do we have at her site... False forum rules, moderation
> according to hidden principles, blatant censorship, and all that is left
> are a bunch of trained barking seals that dance to her tune.
>
> This is not my idea of transparency.

Susan has opened up a question and answer topic at chessdiscussion.com.
It is unclear if she will actually allow discussion or not. Here is
an excerpt of what she said about the Ulevitch letter.

"I was also asked about the latest conclusion from an expert regarding
the Internet report. I have no idea who he is but I have no doubt in his
expertise. However, I gave the USCF evidence which clearly prove that
the report has the wrong conclusion. Without the evidence from both
sides and without having the opportunity to examine the USCF database,
how can one come up with a definitive conclusion?"
--

Cordially,
Rev. J.D. Walker, MsD, U.C.


 
Date: 23 Jan 2008 14:01:02
From: help bot
Subject: Re: Ulevitch Report
On Jan 23, 3:39 pm, "J.D. Walker" <[email protected] > wrote:

> This is wonderful long-anticipated news!

You sound like Bobby Fischer, on September 11, 2001.

Should the Polgars all go back to Hungary? Gata
Kamsky back to Russia? (If *everyone* leaves, I can
then assume my rightful throne: Class A player U.S.
Champ.)


> The third report has shown
> definite signs of emerging on the public scene. This is so very welcome
> in our current climate of transparency! How many reports do we need
> before our skeptics can admit that smoke does indeed strongly suggest fire?

Nearly-Innes is far from a "skeptic"; it's more like
he's hell-bent on beating the "justice" drum, until
such time as Justice does something he doesn't
like; then, he'll do one of his infamous flip-flops.

So far, I have seen the name of this new report,
and nothing else. Why the big secret? Can we
see what's actually in the report? Does it say
that Sam Sloan was too dumb to impersonate
himself in order to get attention, so it had to be
somebody a lot ster-- like Paul Truong?


-- help bot



  
Date: 23 Jan 2008 22:52:09
From: B. Lafferty
Subject: Re: Ulevitch Report

"help bot" <[email protected] > wrote in message
news:[email protected]m...
> On Jan 23, 3:39 pm, "J.D. Walker" <[email protected]> wrote:
>
>> This is wonderful long-anticipated news!
>
> You sound like Bobby Fischer, on September 11, 2001.
>
> Should the Polgars all go back to Hungary? Gata
> Kamsky back to Russia? (If *everyone* leaves, I can
> then assume my rightful throne: Class A player U.S.
> Champ.)
>
>
>> The third report has shown
>> definite signs of emerging on the public scene. This is so very welcome
>> in our current climate of transparency! How many reports do we need
>> before our skeptics can admit that smoke does indeed strongly suggest
>> fire?
>
> Nearly-Innes is far from a "skeptic"; it's more like
> he's hell-bent on beating the "justice" drum, until
> such time as Justice does something he doesn't
> like; then, he'll do one of his infamous flip-flops.
>
> So far, I have seen the name of this new report,
> and nothing else. Why the big secret? Can we
> see what's actually in the report? Does it say
> that Sam Sloan was too dumb to impersonate
> himself in order to get attention, so it had to be
> somebody a lot ster-- like Paul Truong?

If you fail to see, it can only be because you have failed to open your
eyes.




  
Date: 23 Jan 2008 14:05:54
From: J.D. Walker
Subject: Re: Ulevitch Report
help bot wrote:
> On Jan 23, 3:39 pm, "J.D. Walker" <[email protected]> wrote:
>
>> This is wonderful long-anticipated news!
>
> You sound like Bobby Fischer, on September 11, 2001.
>
> Should the Polgars all go back to Hungary? Gata
> Kamsky back to Russia? (If *everyone* leaves, I can
> then assume my rightful throne: Class A player U.S.
> Champ.)
>
>
>> The third report has shown
>> definite signs of emerging on the public scene. This is so very welcome
>> in our current climate of transparency! How many reports do we need
>> before our skeptics can admit that smoke does indeed strongly suggest fire?
>
> Nearly-Innes is far from a "skeptic"; it's more like
> he's hell-bent on beating the "justice" drum, until
> such time as Justice does something he doesn't
> like; then, he'll do one of his infamous flip-flops.
>
> So far, I have seen the name of this new report,
> and nothing else. Why the big secret? Can we
> see what's actually in the report? Does it say
> that Sam Sloan was too dumb to impersonate
> himself in order to get attention, so it had to be
> somebody a lot ster-- like Paul Truong?
>
>
> -- help bot
>

Mr. Bot,

Look back in the rgcp queue a few messages for one titled: "Expert
Opinion: Mottershead Report Valid." There you can form your own
opinion, quite transparently I might add. :)
--

Cordially,
Rev. J.D. Walker, MsD, U.C.


   
Date: 23 Jan 2008 14:25:10
From: J.D. Walker
Subject: Re: Ulevitch Report
> Mr. Bot,
>
> Look back in the rgcp queue a few messages for one titled: "Expert
> Opinion: Mottershead Report Valid." There you can form your own
> opinion, quite transparently I might add. :)

To make this a bit easier, here is the original post copied into this
thread...

==============================

http://chessusa.blogspot.com/2008/01/expert-opinion-mottershead-report.html

Donna Alarie has emailed the following expert opinion regarding the
validity of the techniques used in what has become known as The
Mottershead Report. The expert, David Ulevitch of OpenDNS.com states
the following:

Opinion of Mottershead report submitted to the USCF

David Ulevitch
December 17, 2007


Introduction

On or around October 5th, 2007 I was contacted by a reporter from
The New York Times to provide some background information and expert
advice regarding an article he was preparing that was ultimately
published on October 8th, 2007 as "Chess Group Officials Accused of
Using Internet to Hurt Rivals."

My background in Internet Security spans almost 10 years during
which time I have worked for Internet Service Providers, Universities
and businesses, as well as run a number of my own. I am considered an
expert security practitioner. I have also had extensive experience
working with various national and international law enforcement
organizations in a consulting capacity.

My intention in this letter is to provide a perspective on the
techniques used by Brian Mottershead in his report to the USCF. This
report should be considered a preliminary release. My analysis of the
Mottershead report is complete but I expect I may revise this report
to add clarification as needed based on feedback. I am happy to do so.
For the record, I have never been a member of the USCF, I do not know
any of the parties involved personally and I have no known vested
interest in this issue other than to help provide an honest and
accurate perspective of the Mottershead report.

My initial reaction to the Mottershead report was an appreciation
for the detailed level of evidence and chronology of research that is
provided. Typically, when doing computer forensics, it is common to
attempt to tie what you know with what you don't know. This is exactly
what Mr. Mottershead did, many times in his report. When you can
correlate the known with the unknown as many times as Mr. Mottershead
did in his report you create a crystal clear depiction of activity and
actions that can stand up on their own. Furthermore, subpoenaing
billing records from both ISPs and credit card companies can extend
this chain of evidence by directly linking an IP address to the ISP
and to an individual paying the bills. It is my opinion, and as I'll
show from some examples below, I find this step unnecessary.

Excerpt 1:

Since the IP addresses of Usenet posters are public information,
and in the USCF web logs and database I had information as to the IP
addresses of USCF members accessing the forums, it seemed likely that
I would be able to identify the USCF member account that was being
used by the Fake Sam Sloan to mis-appropriate USCF Issues forum posts
for his posts on Usenet.

Mr. Mottershead is accurate in his explanation of what he wants to
accomplish. He is correct in stating that Usenet postings are tied to
an IP address. The IP address recorded in these types of posts cannot
be spoofed. He also knows the login name for the parties involved on
the internal USCF member forums and their posting IP address. This too
cannot be spoofed. By connecting what he knows, with what is publicly
archived by Google (and others) he can create a direct correlation.

Mr. Mottershead shows clearly through examples (a) (b) and (c)
that the IP addresses posting to Usenet and the physical location of
Mr. Truong are directly connected. He also connects that to the known
forum identity of Mr. Truong. To be clear, three facts have just been
established:

1)The Usenet postings are being posted from the same physical
location that Mr. Truong is believed to be in at the time of the
posting.
2)The IP addresses on the USCF forums, which are tied to the
username used by Mr. Truong, are also being made from the same
physical location that Mr. Truong is believed to be in at the time of
the posting.
3)In nearly all cases, the IP addresses tied to the Usenet
postings are the same as the USCF forum posting IP addresses.

What about someone spoofing all of this?

Often, people say that they were spoofed or that their IP address
was hijacked. While it is possible that someone can sometimes change
his or her posting name on a forum or a message board to look like
that of another user (consider "Bob" and "Bob "), the IP address
cannot be spoofed.
Let me explain why an IP address cannot be spoofed. First, for a
post to Usenet to happen it requires that there exist, at the most
rudimentary level, what is known as the "TCP Three-way handshake."
This handshake is when two machines on the Internet wish to establish
a connection. In layman terms, in order for that handshake to occur
the sender extends a signal to the recipient saying, "Here I am, let's
talk." The recipient replies to the sender saying, "Okay, go ahead."
Finally the sender acknowledges that they have shaken hands. In order
for this back and forth to occur, which is required for any Usenet
posting to happen, the IP addresses cannot be spoofed or the handshake
would never complete.

What if someone was following around Mr. Truong?

This is highly unlikely given the preponderance of evidence,
however it can be easily proven false by correlating ISP billing
records to IP address leases. ISPs maintain a timestamped log of what
customer is assigned what IP address at what time.

What if someone used Mr. Truong's name on the ISP bill?

Again, as we enter areas of criminal identity fraud, it is
unlikely someone would go to these measures to cover their tracks,
however, this can be verified by contacting the credit card issuer and
verifying it is a legitimate account in good standing and correlating
purchases on the card with other known valid purchases.

Conclusion

The report provides over a dozen different data points from IP
addresses to locations to user-agents and more that all lead to a
single conclusion with an overwhelming amount of evidence. The methods
used by Mr. Mottershead were appropriate and accurate. There is also
far too much public evidence for it to have been tampered with. Even
if the forum logs were compromised, that doesn't change the Usenet
postings and the surrounding evidence, which could not have been
altered.

It's my belief that this report has been compiled in an accurate
way that deserves recognition for its comprehensive depth and detail.



Thank you,
David Ulevitch



Briefly, Brian Mottershead issued a report, now known as The
Mottershead Report, on September 26, 2007 in which he charged that
Paul Truong is responsible for assuming others' identities and posting
objectionable messages on Usenet's rec.games.chess.politics.

Robert Jones of Craic Computing LLC had issued an expert opinion
previously as well.

http://rs235.rapidshare.com/files/62649719/mottershead.zip
http://craic.com/forensics/uscf_usenet_analysis/USCF_Usenet_Abuse_Report_20071206.pdf

==============================



--

Cordially,
Rev. J.D. Walker, MsD, U.C.


    
Date: 25 Jan 2008 09:26:40
From: help bot
Subject: Re: Ulevitch Report discredited - Expert?
On Jan 24, 11:08 pm, [email protected] wrote:

> > My reaction to the "Back Orifice" theory of PT
> >being the hapless victim of a super-sophisticated
> >hacker via a remote-controlled trojan, is to wonder
> >why any such person would choose to target Paul
> >Truong, instead of Sam Sloan (or someone else).
>
> super sophisticated hacker using BO??? lol any 12yr old
> could 'hack' with it.
>
> Back orifice or any other script kiddy tool requires 0 sophistication
> or skill to use.

I think you misinterpreted big time; my reference
above was to a *poster* using a moniker of "Back
Orifice", or something very similar. I have not made
any comments about a piece of software by that
name.


-- hlep tob




    
Date: 24 Jan 2008 13:20:43
From: help bot
Subject: Re: Ulevitch Report discredited - Expert?
On Jan 24, 10:22 am, "Ray Gordon, creator of the \"pivot\""
<[email protected] > wrote:
> > It would seem to make more sense to target SS,
> > so that when he started complaining about the
> > Fake SS postings, and after months of such
> > complaints, the "evidence" would show that the
> > Fake SS was... Sam Sloan himself!
>
> That's the 2200 answer.
>
> What's the 2700 answer?

Zzz. : >D


BTW, I have no idea what the "other", supposedly
competing org. is. I thought the USCF was in a
class by itself, founded after the example of FIDE,
and run by self-serving, bloated egotists, just like
its model. The main difference being that FIDE
has millionaires, while the USCF has, well, Sam
Sloan types.


-- help bot


    
Date: 24 Jan 2008 07:05:30
From: help bot
Subject: Re: Ulevitch Report discredited - Expert?
My reaction to the "Back Orifice" theory of PT
being the hapless victim of a super-sophisticated
hacker via a remote-controlled trojan, is to wonder
why any such person would choose to target Paul
Truong, instead of Sam Sloan (or someone else).

It would seem to make more sense to target SS,
so that when he started complaining about the
Fake SS postings, and after months of such
complaints, the "evidence" would show that the
Fake SS was... Sam Sloan himself!

It's a bit like a scene from the movie, Ice Station
Zebra; when the subine captain, played by
Rock Hudson, accuses one of the other main
characters of trying to sink the sub, he simply
replies that, being in charge of the mission, he
could no doubt find some way for it to fail, which
did not entail his own death at the bottom of the
sea. In sum, I fail to see the "logic" in framing
Paul Truong; why /him/? The only person I know
of with a grudge against PT is Sam Sloan... .


-- help bot


     
Date: 25 Jan 2008 04:08:45
From:
Subject: Re: Ulevitch Report discredited - Expert?
On Thu, 24 Jan 2008 07:05:30 -0800 (PST), help bot
<[email protected] > wrote:

> My reaction to the "Back Orifice" theory of PT
>being the hapless victim of a super-sophisticated
>hacker via a remote-controlled trojan, is to wonder
>why any such person would choose to target Paul
>Truong, instead of Sam Sloan (or someone else).

super sophisticated hacker using BO??? lol any 12yr old
could 'hack' with it.

Back orifice or any other script kiddy tool requires 0 sophistication
or skill to use.



      
Date: 25 Jan 2008 10:15:30
From: script-kiddy
Subject: Re: Ulevitch Report discredited - Expert?
J.Lohner <[email protected] > wrote on Jan 24 2008:
>
>On Thu, 24 Jan 2008 07:05:30 -0800 (PST), help bot
><[email protected]> wrote:
>
>> My reaction to the "Back Orifice" theory of PT
>>being the hapless victim of a super-sophisticated
>>hacker via a remote-controlled trojan, is to wonder
>>why any such person would choose to target Paul
>>Truong, instead of Sam Sloan (or someone else).
>
>super sophisticated hacker using BO??? lol any 12yr old
>could 'hack' with it.
>
>Back orifice or any other script kiddy tool requires 0
>sophistication or skill to use.

J.Lohner you are right. If you didnt know, this is about
a chess lawsuit from the political board. The nonexperts
Mottershead, Jones, Ulevitch havent heard of BO, either
NetBus, HackIt, Geddin, Sub7! If it makes it to open
court that expert will be laughed at and demolished when
Truong's team demonstrated how such tools can take over
the remote pc. I played with 2 of these scripts, darned
easy to use. One thing you may not appreciate, the late
update of HackIt (or sub7?) has a cool detonate feature
and do an excellent self wipe (sector-level). The only
traces may be in the firewall logs, if these were on.
The question - could S.Loon do what any 12yr old could?
Which other EB member or other ex-member could? Truong
has no gain from setting himself up in this, he gets to
talk and make love to a beautiful talented grandmaster
when ever he wishes. To contrast, check out what S.Loon
has to make do with, explains a lot. ; >D

Add:: alt.comp.virus,alt.privacy www.samsloan.com



       
Date: 26 Jan 2008 13:50:36
From: help bot
Subject: Re: Ulevitch Report discredited - Expert?
On Jan 25, 4:00 pm, "Ray Gordon, creator of the \"pivot\""
<[email protected] > wrote:

> I would think a simple comparison to Judit would render any further analysis
> of this line moot.

I've always thought there really was no
comparison; that's why I find the lies and
fabrications on SP's Web site to be so
ludicrous.

Oh, wait... you were talking about their
looks! Once again, it would be best if
those who had seen them in person
could comment, as photos can easily be
doctored. Without makeup.


-- help bot


        
Date: 26 Jan 2008 22:26:44
From: Brian Lafferty
Subject: Re: Ulevitch Report discredited - Expert?
help bot wrote:
> On Jan 25, 4:00 pm, "Ray Gordon, creator of the \"pivot\""
> <[email protected]> wrote:
>
>> I would think a simple comparison to Judit would render any further analysis
>> of this line moot.
>
> I've always thought there really was no
> comparison; that's why I find the lies and
> fabrications on SP's Web site to be so
> ludicrous.
>
> Oh, wait... you were talking about their
> looks! Once again, it would be best if
> those who had seen them in person
> could comment, as photos can easily be
> doctored. Without makeup.
>
>
> -- help bot

It might be a blessing to have that eye problem in the morning. :-)


       
Date: 25 Jan 2008 09:35:54
From: help bot
Subject: Re: Ulevitch Report discredited - Expert?
On Jan 25, 5:45 am, "Ray Gordon, creator of the \"pivot\""
<[email protected] > wrote:

> The troll almost had me until "beautiful."

A recent post by Sam Sloan had a link to a
page on which there were some pics of SP
which looked pretty good. Granted, even TV
commercials for White Diamonds perfume
can make someone "look pretty good" by
making extensive use of blur, and shooting
from as far back as Cleveland, but what
egomaniac grandmaster is going to have the
wherewithal to realize they need to doctor
their own photos?

Maybe some people who have seen her in
person could comment.


-- help bot






        
Date: 25 Jan 2008 16:00:27
From: Ray Gordon, creator of the \pivot\
Subject: Re: Ulevitch Report discredited - Expert?
> Maybe some people who have seen her in
> person could comment.

I would think a simple comparison to Judit would render any further analysis
of this line moot.


--
Ray Gordon, The ORIGINAL Lifestyle Seduction Guru
http://www.cybersheet.com/library.html
Includes 29 Reasons Not To Be A Nice Guy

Ray's new "Project 5000" is here:
http://groups.yahoo.com/group/project-5000

Don't rely on overexposed, mass-keted commercial seduction methods which
no longer work.

Thinking of taking a seduction "workshiop?" Read THIS:
http://www.dirtyscottsdale.com/?p=1187

Beware! VH-1's "The Pickup Artst" was FRAUDULENT. Six of the eight
contestants were actors, and they used PAID TARGETS in the club. The paid
targets got mad when VH-1 said "there are no actors in this club" and ruined
their prromised acting credit. What else has Mystery lied about?





       
Date: 25 Jan 2008 05:45:01
From: Ray Gordon, creator of the \pivot\
Subject: Re: Ulevitch Report discredited - Expert?
>>Back orifice or any other script kiddy tool requires 0
>>sophistication or skill to use.
>
> J.Lohner you are right. If you didnt know, this is about
> a chess lawsuit from the political board. The nonexperts
> Mottershead, Jones, Ulevitch havent heard of BO, either
> NetBus, HackIt, Geddin, Sub7! If it makes it to open
> court that expert will be laughed at and demolished when
> Truong's team demonstrated how such tools can take over
> the remote pc.

"Can" does not mean "did" and even if it "did" then the question is "who?"
Even then, there's a question of negligence, given how long this was
allegedly going on.



> The question - could S.Loon do what any 12yr old could?
> Which other EB member or other ex-member could? Truong
> has no gain from setting himself up in this, he gets to
> talk and make love to a beautiful talented grandmaster
> when ever he wishes.

The one he claimed for years to only have a business relationship with?

The troll almost had me until "beautiful."

Dump the chess goggles.


--
Ray Gordon, The ORIGINAL Lifestyle Seduction Guru
http://www.cybersheet.com/library.html
Includes 29 Reasons Not To Be A Nice Guy

Ray's new "Project 5000" is here:
http://groups.yahoo.com/group/project-5000

Don't rely on overexposed, mass-keted commercial seduction methods which
no longer work.

Thinking of taking a seduction "workshiop?" Read THIS:
http://www.dirtyscottsdale.com/?p=1187

Beware! VH-1's "The Pickup Artst" was FRAUDULENT. Six of the eight
contestants were actors, and they used PAID TARGETS in the club. The paid
targets got mad when VH-1 said "there are no actors in this club" and ruined
their prromised acting credit. What else has Mystery lied about?





     
Date: 24 Jan 2008 10:22:58
From: Ray Gordon, creator of the \pivot\
Subject: Re: Ulevitch Report discredited - Expert?
> It would seem to make more sense to target SS,
> so that when he started complaining about the
> Fake SS postings, and after months of such
> complaints, the "evidence" would show that the
> Fake SS was... Sam Sloan himself!

That's the 2200 answer.

What's the 2700 answer?


--
Ray Gordon, The ORIGINAL Lifestyle Seduction Guru
http://www.cybersheet.com/library.html
Includes 29 Reasons Not To Be A Nice Guy

Ray's new "Project 5000" is here:
http://groups.yahoo.com/group/project-5000

Don't rely on overexposed, mass-keted commercial seduction methods which
no longer work.

Thinking of taking a seduction "workshiop?" Read THIS:
http://www.dirtyscottsdale.com/?p=1187

Beware! VH-1's "The Pickup Artst" was FRAUDULENT. Six of the eight
contestants were actors, and they used PAID TARGETS in the club. The paid
targets got mad when VH-1 said "there are no actors in this club" and ruined
their prromised acting credit. What else has Mystery lied about?





      
Date: 24 Jan 2008 15:50:03
From: Super
Subject: Re: Ulevitch Report discredited - Expert?
In article <[email protected] >
"Ray Gordon, creator of the \"pivot\"" <[email protected] > wrote:
>
> > It would seem to make more sense to target SS,
> > so that when he started complaining about the
> > Fake SS postings, and after months of such
> > complaints, the "evidence" would show that the
> > Fake SS was... Sam Sloan himself!
>
> That's the 2200 answer.
>
> What's the 2700 answer?
>
>

Zzzz.










    
Date: 24 Jan 2008 05:54:28
From: Back Orifice
Subject: Re: Ulevitch Report discredited - Expert?
On 23 January 2008 J.D. Walker <[email protected] > wrote:
> http://chessusa.blogspot.com/2008/01/expert-opinion-mottershead-report.html
>
> Opinion of Mottershead report submitted to the USCF
>
> David Ulevitch
> December 17, 2007
>
> Introduction
>
> On or around October 5th, 2007 I was contacted by a reporter from
> The New York Times to provide some background information and expert
> advice regarding an article he was preparing that was ultimately
> published on October 8th, 2007 as "Chess Group Officials Accused of
> Using Internet to Hurt Rivals."
>
> My background in Internet Security spans almost 10 years during
> which time I have worked for Internet Service Providers, Universities
> and businesses, as well as run a number of my own. I am considered an
> expert security practitioner. I have also had extensive experience
> working with various national and international law enforcement
> organizations in a consulting capacity.
>
> My intention in this letter is to provide a perspective on the
> techniques used by Brian Mottershead in his report to the USCF. This
> report should be considered a preliminary release. My analysis of the
> Mottershead report is complete but I expect I may revise this report
> to add clarification as needed based on feedback. I am happy to do so.
> For the record, I have never been a member of the USCF, I do not know
> any of the parties involved personally and I have no known vested
> interest in this issue other than to help provide an honest and
> accurate perspective of the Mottershead report.
>
> My initial reaction to the Mottershead report was an appreciation
> for the detailed level of evidence and chronology of research that is
> provided. Typically, when doing computer forensics, it is common to
> attempt to tie what you know with what you don't know. This is exactly
> what Mr. Mottershead did, many times in his report. When you can
> correlate the known with the unknown as many times as Mr. Mottershead
> did in his report you create a crystal clear depiction of activity and
> actions that can stand up on their own. Furthermore, subpoenaing
> billing records from both ISPs and credit card companies can extend
> this chain of evidence by directly linking an IP address to the ISP
> and to an individual paying the bills. It is my opinion, and as I'll
> show from some examples below, I find this step unnecessary.
>
> Excerpt 1:
>
> Since the IP addresses of Usenet posters are public information,
> and in the USCF web logs and database I had information as to the IP
> addresses of USCF members accessing the forums, it seemed likely that
> I would be able to identify the USCF member account that was being
> used by the Fake Sam Sloan to mis-appropriate USCF Issues forum posts
> for his posts on Usenet.
>
> Mr. Mottershead is accurate in his explanation of what he wants to
> accomplish. He is correct in stating that Usenet postings are tied to
> an IP address. The IP address recorded in these types of posts cannot
> be spoofed. He also knows the login name for the parties involved on
> the internal USCF member forums and their posting IP address. This too
> cannot be spoofed. By connecting what he knows, with what is publicly
> archived by Google (and others) he can create a direct correlation.
>
> Mr. Mottershead shows clearly through examples (a) (b) and (c)
> that the IP addresses posting to Usenet and the physical location of
> Mr. Truong are directly connected. He also connects that to the known
> forum identity of Mr. Truong. To be clear, three facts have just been
> established:
>
> 1)The Usenet postings are being posted from the same physical
> location that Mr. Truong is believed to be in at the time of the
> posting.
> 2)The IP addresses on the USCF forums, which are tied to the
> username used by Mr. Truong, are also being made from the same
> physical location that Mr. Truong is believed to be in at the time of
> the posting.
> 3)In nearly all cases, the IP addresses tied to the Usenet
> postings are the same as the USCF forum posting IP addresses.
>
> What about someone spoofing all of this?
>
> Often, people say that they were spoofed or that their IP address
> was hijacked. While it is possible that someone can sometimes change
> his or her posting name on a forum or a message board to look like
> that of another user (consider "Bob" and "Bob "), the IP address
> cannot be spoofed.
> Let me explain why an IP address cannot be spoofed. First, for a
> post to Usenet to happen it requires that there exist, at the most
> rudimentary level, what is known as the "TCP Three-way handshake."
> This handshake is when two machines on the Internet wish to establish
> a connection. In layman terms, in order for that handshake to occur
> the sender extends a signal to the recipient saying, "Here I am, let's
> talk." The recipient replies to the sender saying, "Okay, go ahead."
> Finally the sender acknowledges that they have shaken hands. In order
> for this back and forth to occur, which is required for any Usenet
> posting to happen, the IP addresses cannot be spoofed or the handshake
> would never complete.
>
> What if someone was following around Mr. Truong?
>
> This is highly unlikely given the preponderance of evidence,
> however it can be easily proven false by correlating ISP billing
> records to IP address leases. ISPs maintain a timestamped log of what
> customer is assigned what IP address at what time.
>
> What if someone used Mr. Truong's name on the ISP bill?
>
> Again, as we enter areas of criminal identity fraud, it is
> unlikely someone would go to these measures to cover their tracks,
> however, this can be verified by contacting the credit card issuer and
> verifying it is a legitimate account in good standing and correlating
> purchases on the card with other known valid purchases.
>
> Conclusion
>
> The report provides over a dozen different data points from IP
> addresses to locations to user-agents and more that all lead to a
> single conclusion with an overwhelming amount of evidence. The methods
> used by Mr. Mottershead were appropriate and accurate. There is also
> far too much public evidence for it to have been tampered with. Even
> if the forum logs were compromised, that doesn't change the Usenet
> postings and the surrounding evidence, which could not have been
> altered.
>
> It's my belief that this report has been compiled in an accurate
> way that deserves recognition for its comprehensive depth and detail.
>
> Thank you,
> David Ulevitch

Ulevitch is no expert, Greg - he never even mentions the possibility that
Paul's PC was corrupted by trojan malware and remote controlled! That way
naturally the IP and User-Agent string will agree with those of Paul's
real posts to the USCF forum - both are coming from the same physical PC,
so no IP-spoofing is involved. Ulevitch would make a very poor cybercrook.
D. Ulevitch needs to instal Back Orifice somewhere. Any suggestion where?
He is as ignorant as Brian Mottershead. At least Jones had some
credibility,
he addressed the likelihood of trojan control though he misunderestimated
its significance until Stray Cat corrected him. When Dr Jones went quiet.

Path: g2news1.google.com!news2.google.com!
border1.nntp.dca.giganews.com!nntp.giganews.com!newsfeed00.sul.t-
online.de!t-online.de!club-internet.fr!feedme-small.clubint.net!
news.mixmin.net!news.bananasplit.info!mail2news
Subject: An open letter to Dr. C.Jones, ref. Sloan v. Truong
CC: [email protected]
Newsgroups: rec.games.chess.politics
From: Stray Cat <[email protected] >
X-Inject: http://www.giganews.com
X-Complaints-To: [email protected]
Message-ID: <[email protected] >
Date: Tue, 01 Jan 2008 17:55:28 +0100
X-Abuse-Contact: [email protected]
Organization: Bananasplit - Mail2News

On Jan 1, 11:55 am, Stray Cat <[email protected] > wrote:

- Hide quoted text -
- Show quoted text -
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

An open message to Dr. C.Jones <[email protected] >

Dr. Jones:

A printout of (part or all, but I think all) of your report was
forwarded to me for comment by someone who wishes at this stage to
stay unnamed, which means that I too must remain anonymous. Hence
this unorthodox mode of communication, for which I apologize. I
am not soliciting or expecting a reply, but I have provided you
with a means of replying that is private, should you so desire.

The motivation of my contact is, AFAIK, the protection of the USCF,
an organization which has afforded both of us pleasure for decades.

In broad terms, my relevant qualifications are on a par with yours.
I agree with most of your report. Therefore, what appears below
comprises either an additional point or a disagreement.

I have checked and found accurate the following table which was
prepared by someone else. It is an analysis of "posting gaps" in
the FSS deposits into Usenet:
--------------------------------------
Jun 30,2005 -- > 12 (1) --> Jul 12,2005
Jul 19,2005 -- > 110 (4) --> Nov 5,2005
Nov 8,2005 -- > 28 (2) --> Nov 26,2005
Jan 12,2006 -- > 11 (0) --> Jan 23,2006
25,2006 -- > 8 (0) --> Apr 2,2006
Apr 14,2006 -- > 23 (3) --> Apr 23,2006
May 30,2006 -- > 6 (0) --> Jun 5,2006
Jul 4,2006 -- > 56 (1) --> Aug 29,2006
Sep 28,2006 -- > 29 (4) --> Oct 28,2006
Nov 18,2006 -- > 11 (1) --> Nov 29,2006
Jan 18,2007 -- > 5 (0) --> Jan 23,2007
Feb 18,2007 -- > 5 (0) --> Feb 23,2007
Apr 6,2007 -- > 5 (0) --> Apr 11,2007
Apr 19,2007 -- > 7 (1) --> Apr 26,2007
May 9,2007 -- > 11 (2) --> May 20,2007
Jun 5,2007 -- > 46 (3) --> Jul 21,2007
Jul 30,2007 -- > 8 (1) --> Aug 8,2007
Aug 12,2007 -- > 10 (1) --> Aug 22,2007
Aug 27,2007 -- > 10 (0) --> Sep 6,2007
Sep 19,2007 -- > 6 (0) --> Sep 25,2007
--------------------------------------

To assist in interpreting the table, an example was given:
"Look at the second line of the dataset. That means there
was a vacation of 110 continuous days from Jul 19 to Nov
5 2005 when EFSS did not post, except for (4) very short
periods of resumption (none of which was more than 2 days
long, and some might be just a couple minutes of posting)."
I add that:
1_ The quoted dates themselves are not included in the gap, but
represent dates of posting at each extreme;
2_ UTC appears to have been used for resolving dates;
3_ I have confirmed that no other "posting gap" exceeding 4 days
existed during the test period as set out in Mottershead. This
analysis can give useful additional insights. While verifying it,
I also verified your interleave analysis.

<quote Jones >
It would require considerable sophistication for some one to hijack
the "chesspromotion" computer and use it to interact with remote
websites without the real user being aware of it. I do not view
this as a likely scenario.
</quote Jones >

I totally disagree with you on your apparent dismissal of the
likelihood of a trojan infection explaining the observations. Your
admitted stated lack of familiarity with the people involved, and
therefore also with their levels of determination, motivation,
time-availability, financial resources and, most importantly,
technical sophistication, renders what might have been, against a
different backdrop, a perfectly reasonable view, into one that is
hard to objectively justify.

Let us hypothetically assume that you possess all the qualities
stated in the preceding para, saving the technical expertise,
which I guess I do not have to go hypothetical about. Are you
honestly suggesting that, given the opportunity for installing
malware such as


     
Date: 27 Jan 2008 01:26:16
From: EZoto
Subject: Re: Ulevitch Report discredited - Expert?

Why is this being posted in the alt.comp.virus NG?

EZoto


      
Date: 27 Jan 2008 03:57:30
From: Solo
Subject: Re: Ulevitch Report discredited - Expert?
In article <[email protected] >
EZoto <[email protected] > wrote:
>
>
> Why is this being posted in the alt.comp.virus NG?
>
> EZoto

I give up. Why are you posting in APAS?



       
Date: 27 Jan 2008 15:45:39
From: EZoto
Subject: Re: Ulevitch Report discredited - Expert?
On Sun, 27 Jan 2008 03:57:30 +0000 (UTC), Solo
<[email protected] > wrote:

>In article <[email protected]>
>EZoto <[email protected]> wrote:
>>
>>
>> Why is this being posted in the alt.comp.virus NG?
>>
>> EZoto
>
>I give up. Why are you posting in APAS?

I apologize for that. I didn't know I was crossposting until I sent
it too late. This sam sloan clown does this all the time. Every
message has to have posts in other groups that have nothing to do with
chess. I should have known better.

EZoto


 
Date: 23 Jan 2008 20:41:10
From: B. Lafferty
Subject: Re: Ulevitch Report

"J.D. Walker" <[email protected] > wrote in message
news:[email protected]
> Dear Chess Friends,
>
> This is wonderful long-anticipated news! The third report has shown
> definite signs of emerging on the public scene. This is so very welcome
> in our current climate of transparency! How many reports do we need
> before our skeptics can admit that smoke does indeed strongly suggest
> fire?
> --
>
> Cordially,
> Rev. J.D. Walker, MsD, U.C.

Truong supporters will never make such an admission.

ChaChing. GUILTY!