Posts by MeanMrMustard

"My IP address for example shows my neighborhood, but since I'm with Comcast it could be anyone in the area. When I look it up, it cannot even pinpoint my house."

Me too - when I look up my location, it gets pretty close. But I don't think the WT would look for a specific address. Even if you hit the same city, that narrows it down. For example, what if you are looking to get the ID of some of the rouge elders here on JWN, and you managed to get the IP address, and it showed a certain city.

Well, how many elders are located within that city? Not that many. They would use other means after that to find out the identity. For example, I believe it was miseryloveselders (could be wrong) that posted his observations about the recent elder's school. His decriptions contained a lot of details to help profile him. For example, he said the older elders were surpised when it was mentioned the new manual was leaked on the internet. Well, so he's not an older guy. Perhaps other details could be gleaned from some of his other posts... see what I mean?

Again, its still not probable this is occuring, I'm just exploring the possibility...

MeanMrMustard

32

Jonny, the WTB&TS, and hacking

by MeanMrMustard in

jw
friends

this is my first thread at jwn.

i have posted only a few times on other threads.

i am a third generation jw turned ex-jw, inactive for six years.

MeanMrMustard

@batar447:

You wrote:

"All you would need to do is take a 1x1 pixel image hosted on your server externally somewhere, imbed it into a post that you make, on the back end you can setup logging to see what ip addresses hit your image.

...

At least that's an easy way to gather IPs from a site, you could probably use javascript creatively to further isolate users to IPs."

Ahhh.. you are right. But the 1x1 image (or any image for that matter) linked back to your server would give you a flood of IP addresses, with no connection to usernames. Even the IP addresses of non-members.

I was pondering the realistic possibility of someone harvesting IP address/username combinations. Like some of the other users have stated (as well as you), what do you do with it even if you get the IP address? You can't get the exact ID of the person from the IP, and that alone casts doubt on JTB's claim - because there's no payoff. The payoff for all this "hacking" would be the identities of the active elders and users that leak information they don't want leaked, I would think. But JTB was claiming getting the IP address for forum users was very simple. Even this doesn't seem to be the case...

Now what do you mean about creative javascript? There would have to be some way to get javascript, within script tags, into the post. Linking to an image is one thing, causing the browser to connect to the image URL to download the image (which would give the server the opportunity to log the IP); but if you wanted the broswer to download and run a script, even if it was located on another server, you need to get some script tags in there. I noticed that JWN has an HTML edit option, what happens if you put some javascript in there?

MeanMrMustard

32

Jonny, the WTB&TS, and hacking

by MeanMrMustard in

jw
friends

this is my first thread at jwn.

i have posted only a few times on other threads.

i am a third generation jw turned ex-jw, inactive for six years.

MeanMrMustard

@trevorbv:

I agree that its not very probable that the WTB&TS is doing this. Like I said, we know for sure that they monitor websites for copyrighted information. And I bet they monitor websites for any reason to file a lawsuit (like libel). But what's the payoff for 20 guys trying to get IP addresses? I'm sure they would love to know the identities of the active elders posting letters and manuals. My focus was on whether they could even get the IP address *attached to the specific username*. It's tough just to do that, it seems. But once you have it, what next? I tried to get my location from my IP, and it comes pretty close to my actual address. However, looking at the other posts, its not always so close.

You wrote:

"Even if they would manage to identify someone, how can they use the information?"

Well, I can think of a few things. If they got the identity of a few of the active elders posting on JWN, I'm sure the velvet glove would come off, so-to-speak. If they knew who was leaking the new elder's manual, those individuals would be DFed.

You wrote:

"First you really need to be a real guru in hacking...<snip>... but WTBTS lacks the skills to do it and the motivation."

I don't think you need to be a real "guru". The WT has produced the MEPS system. They produce the WT-Library app, and even though its not a huge application, it shows there are programmers working for the WTB&TS. At the very least, I think the WTB&TS does have the skills and resources to try some of this stuff. But the motivation... well, that's the question isn't it? - whether or not there are 20 or so guys in Bethel commissioned to this kind of stuff.

About jw.org - yes, I have thought the same thing. I've wanted to take a look at the this site too. But I think it would be a mistake to try to hack it while sitting at home. Your best bet is to befriend an older elder, and while visiting his home, see if he has a sticky note with his username/password attached to his monitor.

Thanks,

MeanMrMustard

23

"The Return of Jonny the Bethelite"

by koolaid-man in

jw
friends

the conference call from saturday night went great; with returning guest "jonny the bethelite".

he is making quite a stir on the conference call!.

if you missed it, the call is up on the site.. we also have a newer, simpler and user friendly site.

MeanMrMustard

lisaBObeesa,

Right click on the link and download the MP3 first.. I had that problem too. Also, you can't jump around easily from the site's player.

MeanMrMustard

23

"The Return of Jonny the Bethelite"

by koolaid-man in

jw
friends

the conference call from saturday night went great; with returning guest "jonny the bethelite".

he is making quite a stir on the conference call!.

if you missed it, the call is up on the site.. we also have a newer, simpler and user friendly site.

MeanMrMustard

Does someone know the hour:min that Jonny comes into the call? I don't want to listen through hours of call.....

32

Jonny, the WTB&TS, and hacking

by MeanMrMustard in

jw
friends

this is my first thread at jwn.

i have posted only a few times on other threads.

i am a third generation jw turned ex-jw, inactive for six years.

MeanMrMustard

Hello all,

This is my first thread at JWN. :). I have posted only a few times on other threads. I am a third generation JW turned ex-JW, inactive for six years. I am not disfellowshipped and I am not disassocated, but I do not consider myself a JW any longer.

I was facinated by the first Jonney call, and I have to admit that I have my doubts. Some of what he says seems plausible (like the mental health issues), and some claims do not seem very plausible. I wanted to start this thread to talk specifically about the "hacking" claims made by Jonny the Bethalite (JTB for the rest of the post).

I am a computer programmer by trade, and while I do most of my development on large enterprise applications, I know a little bit about the possibilites. Perhaps if there are other programmers here, it can be exaneded upon. I don't claim to know everything about this topic (hacking forums). I spend most of my time programming apps (and teaching programming), and not a lot of time figuring out how gather IP addresses from forums or break into websites. The programs I build and maintain are normally executable applications, not websites.

First of all, JTB claims there's a group of about 20 IT-savvy witnesses at headquarters commissioned to monitor various hostile websites and forums. I would assume that JWN is one of those sites. We know that JWN is monitored because when the new elder's manual was coming out, the links on sendspace (or any other file sharing site) we taken down rather quickly. Other copyrighted content is taken down from YouTube all the time. Even the pro-Witness morning text website was taken down. I could list others, and I'm sure some of the long-time members here know of more. So the idea that the WTB&TS is monitoring the web is not a big revelation. And if the WTB&TS was to monitor the web for copyrighted content, I would also assume they have assigned people to do so, maybe even 20 people. What seems to be new (at least to me), is the claim that the monitoring of the web goes beyond searching for copyrighted information, and moves into the domain of uncovering personal information of some who post on forums and even facebook.

Claim #1: WTB&TS will actively try to retrieve the IP address of forum posters

When this topic came up, JTB was questioned. Somebody *did* ask how he would be able to gather the IP address of forum posters. I was listening with great interest at his answer, but was disappointed. I was hoping for a more technical answer. He claimed that it was possible to respond with a trojan post, if you will, that would use whatismyip.com to gather the IP address of the poster.

(and here is where someone else might be able to enlighten me)

How in the world do you make a "trojan" post to a forum? I understand what a "trojan" is: its a program that runs on the computer that you wish to hack into, and it let's the hacker in or gathers info to send out. The program is called a "trojan" because the only reason its running on the target machine is because the target user got fooled into thinking the program was harmless (or something desirable) and executed it. But how do you do that with a forum post? The "hacker" would have to get some code to run on the target machine, and the only program running on the target marchine is the browser itself - so it would have to be getting the target browser to run some specific script embeded in the HTML. Script from where? Well, the broswer is reading the forum HTML sent to it by the forum internet server. So how is it that a potential forum hacker can get the forum internet server to send out scripts to the browser to execute? I don't think it could be in the forum post itself, this is just the text displayed to the forum. I suppose that a hacker could embed a script into his/her signature IF and ONLY IF the furum allowed HTML signatures with <script> tags. Do forums allow this?

And let's suppose that, for example, JWN (or any other apostate forum) did allow this? What would that do? Sure, it would mean that users would go to the site and view the forum posts. And yes, it would mean that the browser would download the signature HTML with the embeded script. And yes, the browser may run it (if the browser security is tuned down). And let's assume that the script could successfully go to whatismyip.com and get the IP address, and transmit that to WTB&TS headquarters. If all of this were true, it would give the WTB&TS a barrage of IP addresses coming from everywhere... hundreds... thousands of them, flooding in as viewers went to the forum. If all of this worked, it would return the IP addresses of each person as they loaded the forum page and their browser ran the script, not of any specific user.

A thought that just occured to me - I guess the script could also traverse through the DOM and try to extract the username from the HTML. For example, on JWN the user name is displayed in the upper-right.... I would assume if the script has access to connect to whatismyip.com and gather the ip address, it would also have access to the DOM.. correct? This, of course would work if the user wasn't signed in, not if it were just some lurker.

I was thinking there could be another way specific IP addresses can be harvested from forums - If the forum encodes the poster's IP address within the page in some way. I believe JWN does this for each user. For example, if you look to the right each each poster's name on each individual post, there is a graphic displayed. This is an idenitcon. Its a way of displaying the IP adddress of the user in a graphical way. It's like a graphical hash function. Now, I'm sure there is no reasonable way to take the identicon and calculate backwards to the IP address. After all, its supposed to be a hash function. But I don't think you have to. Why not crack it like other hashed passwords? For example, Windows passwords are stored within the registry as a hashed value. You can dump these password hashes from the registry easily. (see here to get pwdump http://www.foofus.net/~fizzgig/pwdump/downloads.htm). Once you get them, there's no way to calcuate the password from the hash, but since the algorithm used to produce the hash is public knowledge, why not generate a table of all permutations of passwords of a certain length and then compare? There are programs that do this (see: http://ophcrack.sourceforge.net/). Sure the table might take up alot of space, and sure it might take a while to calcuate, but after you are done, you can take any hash, find it in your table and know exactly what the password is. ophcrack, given a hash from pwdump, will usually give you the password in about 30 seconds, if you have the right tables.

The question is: is the identicon algorithm public? I found a few free .NET versions when googling it. The algorithm works fast, so assuming you wanted to go through all permutations of ip addresses (32-bit IP addresses at this point), you would have 2^32-1 combos (and I don't think you would need to do all of these - some IP address ranges are not going to be valid), and assuming you could do 1 per millisecond, then you are looking at gathering all the combos in about 40 days... combos/1000/60/60/24. Of course, if you had a few computers to divide the work (this computer will take this IP-range, that computer another, then it cuts down the time more).

Of course, the identicon way could be thwarted if more than the ip address went into the creation of the identicon. BUT - Usually its only the IP address, because the identicon is used as a way of showing if a user is posting under multiple usernames - different users, but equivalent idenitcons...

So what would the WTB&TS do with the IP address? They can get the geographical location from the IP. http://www.iplocationtools.com/ will do it for your IP if you go there. I found several free code downloads too. iplocationtools has free API, for example.

So technically, if they get your IP address, they can get its location and find out what congregation the apostate is in, not a specific name, though.

Thoughts?

Claim: WTB&TS is hacking Facebook

At first this made me laugh. No doubt Facebook is running intrusion detection software, and if the WTB&TS were caught actively hacking Facebook, there would some serious legal trouble. I've seen a couple other posters say the same thing. But then I thought - that's not what hacking usually is. "Hacking" is a very loose term. If I wanted to "hack" your facebook account, and do it legally, I would just create a user with a name you trust and send you a friend request. Heck, I might even put a profile picture of the person you know. When you accept the request, I'm in. Nothing illegal about it.

Thoughts?

Conclusion:

I think its logically possible that the WTB&TS could be doing this. Do I think its probable? I would have to say it is more probable that the WTB&TS is monitoring sites for copyrighted content only. It's far less probable that they are doing an active "hacking" campaign. Again, what Jonny says could be *possible*, and this post was exploring the technical side of his claim. But its still an extraordinary claim. And extraordinary claims call for extraordinary evidence. I could be be convinced to believe Jonny... but I would need some hard evidence.

To Jonny or Rick: How about some evidence? I think he is now claiming that if he leaves Bethel he will be DFed, along with his entire family. Why? I would think he would be dragged into some back room with ten lawyers and explained just how DFed he is. I picture a dark room with a single light. They would take out a graph and say, "This line all the way to the left of the paper is a JW in good standing. The line in the middle is a DFed JW. You're not even on the paper, you're over by the wall. Don't even think of applying for reinstatement."

Unless, of course, that briefcase he claims he has is stocked full of juicy evidence... Soooo, let's have it. JTB - you wanted to leave JWs and Bethel anyway, and if they DFed your family, you wouldn't lose them either - sounds like a win/win. Let's have it...

MeanMrMustard

62

What silly things have you been counselled on or simply been told off for?

by 3Mozzies in

so what silly things have you been counselled on or simply been told off for?.

back in my early 20's, i had a pair of comfy old jeans that started to tear in about 3 places on the leg.

it was the fashion at the time so not only did they feel great to wear, they also looked 'in', not that i cared for that, but it was a bonus .

MeanMrMustard

Now.... wearing a looney tunes tie on a KH stage makes perfect sense.

I actually had a daffy duck one as well. My Grandmother gave them to me. She was always getting me stuff I could wear at the meeting and service. I never got caught with the daffy duck tie on stage, but I wore it up there. I wore those out in service as well ...

I found a picture of the daffy one:

62

What silly things have you been counselled on or simply been told off for?

by 3Mozzies in

so what silly things have you been counselled on or simply been told off for?.

back in my early 20's, i had a pair of comfy old jeans that started to tear in about 3 places on the leg.

it was the fashion at the time so not only did they feel great to wear, they also looked 'in', not that i cared for that, but it was a bonus .

MeanMrMustard

I once wore a looney tunes neck tie on stage while giving a talk. It had Foghorn Leghorn in the middle, and I buttoned my coat so nobody really knew I was wearing it. It was only after the meeting when I unbuttoned my coat and an elder saw that I had worn it on stage that I got pulled into a back room. It didn't matter that it looked like a normal black tie when my coat was buttoned, and that nobody knew I was wearing it. It was the principle of it I guess... the sheer idea of wearing a looney tunes tie on stage made it counsel-worthy...

I have been counseled at least three times about not wearing my convention badge and "meeting clothes" out to local restaurants after district convention sessions...

When I was single I bought stamps at the grocery store. The local grocery store offered little variety, so I just took whatever stamp they had. I didn't care, I just needed to pay my bills. I honestly didn't pay any attention. I had purchased a Christmas themed stamp book once. I received a shepherding visit (elder and an MS). The MS saw the book of stamps and told the elder that I must be sending Christmas cards. The next meeting, I had to explain why I had Christmas stamps. One hour of my life I will never get back...

67

WT Society's Paranoia Over Spiral Binding of Elder's Textbook - Crazy

by flipper in

jw
friends

this letter was sent as an addendum to the elders regarding their latest elders textbook.

i think you'll find this interesting and also disconcerting as well.. to all bodies of elders.

re: spiral binding of shepherding textbook.

MeanMrMustard

Hello everyone,

First post here. I am an inactive JW for about 6 years now.

My take on this is that they knew 1) the manual would be leaked very quickly, and 2) knew the letter telling all the elders to keep it secret would also be leaked quickly. I don't think its the content of the manual itself that they care about - its all the notes that go into the margins that they want to keep secret. They can tell an elder anything they want, and when the elder adds it to his book, its HIS head on the line. If it gets leaked later, the WTB&TS will just say that the elder in question misunderstood what was said, and those are his own words, not those of the WT. This protects them legally, but all of us know what's going on and any R&F member would also know whats going on too - that it was instruction from the GB. For example, if you look on pp. 72 of the 1991 manual, leaked with comments, a few years back, there are some interesting comments regarding the destroying of records in regards to known child molesters who have the opportunity to be used as elders again.

I would expect the letter to be very general in nature... After all, they didn't want to say, "Brothers, remember the information in the book is confedential because some of the notes might implicate you in a later lawsuit if it gets out." If they did that, then we would all focus on the notes. And it would connect the WTB&TS to the notes.

IMHO - we need to get a copy of the recent manual WITH the notes. A COs copy would be good...

MeanMrMustard