This is From the archives, #1.
I'm reposting some of the more ancient KGB Report entries using our current blogging software. This eliminates many of the bad link and missing image problems, makes the material easier to read and also easier to find.
Note that these items are over a decade old. They've been edited only to remove dead links. Updated information and observations appear as comments.
(Originally published January 13, 2000)
How Network Solutions, Inc.
Made Me A Child Pornographer
I Don't Even Have a Pornograph!"
I was going through my daily US Postal Service dump of delinquent credit card statements and IRS notices (where's the Y2K bug when you really need it?) when I came across an odd-looking envelope with a München, (Munich) Germany return address.
I immediately assumed it was from a fan of my old DCL Dialogue column, which ran for a number of years in the now-defunct DEC Professional magazine.
Although I stopped writing for the publication five years ago, DEC Pro was one of those rare trade journals that contained solid, unbiased technical information. For that reason, it was rarely thrown away. System managers frequently stashed their collection in some secret place in their offices and rarely allowed their copies to be borrowed by others.
To this day, clueless new hires placed in charge of VMS computer systems frequently discover their predecessors' DEC Pro cache, read the mags cover to cover and send me requests for the various items I offered in my column.
So, you can imagine my surprise when I opened the envelope and read the following:
Dear sir or madame,
you have on your webpage www.lo-li-ta.org nice pictures, so I want to ask if I can buy pictures and videos on CD or tape from you? Please send me a list with prices. If I can't get them from you, please tell me another enterprice where I can get them from.
Nice pictures? www.lo-li-ta.org??
A quick trip to the address revealed a members-only porn site featuring nude photographs of young women.
Very young women.
Very, very young women.
25-to-life at a federal institution young women.
Surely this was a mistake. I checked the domain registration records for lo-li-ta.org and was stunned to find:
WHOIS information for lo-li-ta.org
Registrar: NETWORK SOLUTIONS, INC.
Organization: KGB Consulting, Inc.
address: 1512 Annette Avenue
Pennsylvania, PA 15129 US
Admin contact: Barkes, Kevin
phone: 412 8542550
fax: 412 8542550
tech contact: Hostmaster
I did what any other liberal Democratic male 45-year-old self-employed American businessman with a windowless basement office loaded with a dozen networked computers and a dedicated T1 connection to the Internet during a U.S. presidential election campaign year lousy with right wing ultra-conservative candidates would do.
First, I changed my pants.
I also purged the temporary browser caches and history lists off all my computers, stuck a Post-It note with the number of the local chapter of the ACLU on my system's display and scrawled my attorney's telephone number in indelible laundry marker on appropriate body parts. Then I sat down and tried to review the situation rationally.
Obviously, the domain registration was bogus. The address was listed as "Pennsylvania, PA 15129" instead of Library, PA. Indeed, that was the address printed on my German friend's envelope. The letter somehow managed to make its way across the Atlantic and into my mailbox.
The email address listed had the MAIL.RU domain, which is located in Russia.
Ah... it was beginning to make sense.
I registered the kgb.com domain name in 1993, before the explosive growth of the Internet and the invention of the World Wide Web. It's an easy to remember name. In addition to being my initials, KGB was, of course, the moniker of the dreaded Soviet secret police.
Even though the real KGB was disbanded in 1991, everyone still remembers the name, and my use of it generally elicits chuckles from baby boomers raised on cold war spy movies.
Having such a popular domain name does have its downside. Daily reviews of my mail server's log files show scores of rejected e-missives to such addresses as email@example.com, firstname.lastname@example.org, email@example.com... you get the picture.
About a third of the people who visit the website are looking for information about the KGB. We added a page with links to historical information about the agency, as well as a link to the makers of KGB Vodka. (They had contacted me a few years ago about buying the kgb.com domain name from me. I declined to sell, but they were very nice about it. You can find them on Facebook these days).
(Yeah. We were mistaken for them. A lot.)
The person who set up lo-li-ta.org was probably based in Russia, needed someone's name to stick in the application as domain administrator, and decided it would be funny to connect the KGB to kiddie porn.
Unfortunately for me, when you enter "KGB" into a search engine, my site comes up second after something called "KGB's World of Harness Racing" at http://www.kgb.se. The ".se" indicates the host is located in Sweden, which, if you think about it, is probably a more appropriate place to register a porn site. But I digress.
The problem is you can't easily register the country-specific .se domain name. My Russian buddy knew that, moved on to the next site on the list- kgb.com- and found what he was looking for. He accessed the online registration information for kgb.com and was ready to go.
The host site he picked, easyspace.com, is located in the United Kingdom. Like most hosting services, Easyspace offers automated domain name registration and web site configuration.
Neither Easyspace nor their domain name registrar, Network Solutions, Inc., checks to see if the information entered into the online form is really accurate. As long as the supplied email address is valid and responds to automated inquiries, and the credit card number entered to pay for the services clears the bank, the whole magillah goes through automatically.
Okay, I figured out what happened. Now I had to do something about it.
First, I sent a nasty note to firstname.lastname@example.org, the email contact listed by Network Solutions as the administrator for the lo-li-ta.org site.
Surprisingly, I did get a response:
Subject: Re: Legal action will be initiated.
Date: Tue, 11 Jan 2000 23:28:15 +0300
What's up with www.lo-li-ta.org ????
Well, that was productive.
An examination of the mail header attached to the message revealed his reply came from a different email account than the one to which I had sent my original message. I also learned it was routed through a dialup service called wm.westcall.ru.
The dumb act was not amusing. I sent another email, and received:
Subject: Re: Legal action will be initiated.
Date: Wed, 12 Jan 2000 00:00:14 +0300
Hey, It's not mine!!! I am from Belorussia, but not ameriCan!!! ;-)) I think some one from you friend jest you, but why my e-mail there?? He-he-he!
And watch out for moose and squirrel.
Notice the clever change in the sender's name from Pchelkin_Vladimir to "Speedy Racer". Obviously, a wild and crazy guy.
I realized Ol' Vlad wasn't going to be much help, so I sent a nasty email to the hosting service, Easyspace. I didn't receive a response to my message, but within an hour the plug was pulled on www.lo-li-ta.org.
I also sent an email to Network Solutions. Well, sort of. There is no direct email address posted anywhere on the site, so I filled out a web-based "customer feedback" form requesting immediate action.
I got an automated response informing me my message was received. I still haven't heard from them, and the domain information for lo-li-ta.org remains accessible and continues to list me as the administrative contact.
Still not comfortable, I called the Pittsburgh office of the FBI and related my tale to a very nice lady who told me that no real crime had been committed, so the Bureau really couldn't do anything.
She suggested I call the CERT Coordination Center at Carnegie Mellon University's Software Engineering Institute here in Pittsburgh. CERT, primarily funded by the Department of Defense, provides technical assistance for responding to computer security problems. I knew I didn't have a security problem per se, but I'm not one to ignore recommendations from a division of the United States Department of Justice. (Would you want to tick off U.S. Attorney General Janet Reno?)
The CERT fellow agreed with me that my problem wasn't security-related. He also agreed that I was doing the right thing by pre-emptively notifying the feds, who have a well-publicized zero-tolerance policy concerning child pornography and a well-documented history of seizing computer equipment first and asking questions later. Usually after the press conference.
To be really safe, I decided to document my experience here inKGB Report and distribute it as widely as possible.
Of course, my dilemma still exists. Network Solutions still lists me as the administrator of a kiddie porn site.
Even more disturbing, I have no way of knowing if my name has been attached to other sites featuring objectionable material. Indeed, the only reason I learned of the present situation was because a pervert in Germany was so anxious to obtain kiddie porn that he mailed a letter to a complete stranger 5,000 miles away.
Even scarier: there's no way for me to search through the millions of registered Internet domain names to see if anyone else is misusing my identity. And I fear that since my name has been used once, it will probably be used again. My nightmare: I get raided by the feds and hauled off to the pokey for having my name attached to an illegal or immoral Internet-based business about which I know nothing.
I suppose I could raise public awareness of the issue and my predicament by registering "Strom's-South-Carolina-Sweeties.com" to Senator Strom Thurmond and supplying the Network Solutions domain name information to the liberal east coast media cabal, but anyone with a valid credit card and email address can do that. I prefer the direct approach.
My experience is probably not unique. It highlights three serious problems with e-commerce: verification of automated transaction systems; the need for a uniform, secure electronic signature or identification technology; and the lack of recourse available to humans screwed over by Internet businesses which fail to provide voice telephone numbers or postal addresses. It's rather pathetic when I get a prompt response from the miscreant responsible for my situation, but silence from the companies who actually executed the transgression.
I'll keep you posted.
[NOTE: Future "From the archives" posts will contain the follow-ups to this story]
Told you so... In last week's issue, we said:
"Fear mongers who were exploiting Y2K paranoia, here's a hint: redirect your marketing efforts to capitalize on the remaining media-hyped potential catastrophe, global warming."
Apparently dismayed that there are only half as many near-earth killer asteroids as originally thought, the Wednesday, January 12 edition of the CBS Evening News With Dan Rather ignored that upbeat news completely. Instead, here's Dan's lead story summary from the CBS News website:
"Our lead story this evening focuses on the mounting concern over global warming and the growing scientific consensus that it is real... we'll take a look at today's National Research Council report on the subject and we'll also have a report on how the increase of jellyfish in American waters, especially on the Gulf Coast, could be a harbinger of climate."
Coming this summer: When Jellyfish Attack. Just in case those doofuses at the National Hurricane Center screw up again and disappoint us by not destroying Miami.
Stan's still the man... After 17 years, Miller Freeman, Inc. has pulled the plug on Performance Computing, meaning Stan Kelly-Bootle's marvelous monthly Devil's Advocate column has lost its print-based home.
Fortunately, the good folks at Aurora Software have provided an online venue for DA's successor, SODA (Son of Devil's Advocate.)
Please support Stan's new effort by reading his always witty prose at http://www.sarcheck.com/skb/.
[Note: Stan is 83 now. Our last e-mail correspondence was slightly less than two years ago. I'll let you know if he responds to a recent ping.]
Answer to our previous question: In an attempt to cash in on the success of ABC's Batman, in 1967 NBC aired Captain Nice, starring William Daniels, and CBS broadcast Mr. Terrific, starring Stephen Strimpell. Both shows tanked.
This week's question: The cable network TVLand is now airing the cult 80s shows Misfits of Science and Airwolf back-to-back on Saturday and Sunday mornings beginning at 8 eastern time. One of the stars of Misfits, Courteney Cox, went on to become a star playing Monica Geller on Friends. Jan-Michael Vincent, who was pilot Stringfellow Hawke on Airwolf, also appeared in an episode of NBC's late 60s revival of a hit 50s show. Name the show and the title of the episode. Hint: it's also currently airing on TVLand. Use your lifelines and email your final answer to email@example.com.
[Note: In 12 years, the Internet has made questions like those above minor search exercises. Sigh.]
UselessWeb Site of the Week
http://www.pencils.com contains more than you could ever want to know about the ubiquitous writing utensil, such as:
· 75% of the pencils sold annually in the US are painted yellow.
· William Monroe, a cabinetmaker in Concord, Massachusetts, made the first American wood pencils in 1812.
· Most pencils sold in Europe have no erasers
Quotes of the Week
Douglas Dahlberg (IT manager) "You live in a democracy. You don't work in one."
Fadel Gheit, oil industry analyst, Fahnestock & Co.: "The Y2K bug was a bunch of computer geeks blackmailing the world."
Bill Maher: "We spent all this money for nothing. It's like a world-wide Ken Starr investigation."
Ed Howe: "A good scare is worth more to a man than good advice."
Carl Bernstein: "[T]he weird and the stupid and the coarse are becoming our cultural norm, even our cultural ideal."
New Yorker cartoon caption:
(via Condé Nast)
James Thurber: "You can fool too many of the people too much of the time."
Categories: From the archives