The skinny:

1. Some eTards decided to harass Officer John Nohej for having a MySpace friend who linked to adult content when he was simply trying to reach out to kids at the middle school he is assigned to.

2. Hilarity ensues as netizens rip the eTards apart for this retardedness. The school he works at? They had a link to a domain parking page from a belly up clip art site they linked to. What ads were splashed across that domain parking page? Gay porn, seriously. It got worse for them when I pointed out that the technology-challenged “elite cyber crimes task force” investigating Officer Nohej is guilty of all sorts of stuff that also doesn’t matter on MySpace.

3. In their infinite wisdom, they decided to (screw up while trying to) hide their own “misdeeds”…

Their friend list from a few days back:

Their friend list and comments now:

What the hell?

They ran to another third party site and got code to hide their friend list and comments. And, once again… they didn’t remove the extra code included which links to a site pushing adware:

What kind of places does that site link to?

Yuppers, the ad network that site does business with serves up a ton of Zango banners. Nice.

I think it’s time for this “elite” interweb task force to go ahead and ask one of the kids they are supposedly protecting to help them out with their MySpace.

Update:
They went ahead and deleted every comment from their MySpace page. lolz

I responded to Alex’s blog entry about this with the following:

Ouch. I’ve sent plenty of people their way over the years. This stinks the same as weight loss, penis enlargement, and other nonsense being allowed to make ad buys from Discovery, History Channel, etc.

“We are known to deal with facts and provide the best information possible.”

“Here’s a bunch of money. Let’s exploit that trust you’ve built up.”

“Hells yeah.”

Seriously:

What really pisses me off is that I know FastClick has category options for their publishers. And, I’d bet PaperGhost’s underoos that a site producing as many impressions as Snopes can get them to filter ads from their rotation. Bottom line: they aren’t idiots and are intentionally serving such ads on their site. It’s obviously all about the big bling bling for them.

Might as well find a similar site, with ethics:
Urban Legends (minus Snopes)

If you want to send Snopes a message about this mess, here’s their contact page.

Update:
You probably shouldn’t even bother contacting them. Here’s a thread on their own forum with members bitching about such practices from September of 2005. I saved a copy of that just in case they delete it ;-)

Friday morning I got an interesting email…

Looks like a typical phishing email, right? Sure. There were two things that got my attention though…

1. It got through Gmail’s spam filter.
2. The link went to PayPal’s real login page. WTF?

Usually, a phishing email will use the correct address as the anchor text of a spoof log-in page link. Simply mousing over such a link reveals the true link in your status bar though. So, it’s fairly easy even for a novice computer user to spot as BS.

Example:
https://www.paypal.com/cgi-bin/webscr?cmd=_login-run

Viewing the source code of the original email revealed an epic fail.

<a class="Style5 Style2"
onmouseover="window.status='https://www.paypal.com/cgi-bin/webscr?cmd=_login-run'; return true" onmouseout="window.status="" target="_blank" href="http://pimpyaho.com/functions/us/"> <font size=3D"2">https://www.paypal.com/cgi-bin/webscr?cmd=3D_login-run</font></a> </font>

The above shows that this retard was trying the old use JavaScript to make the status bar display whatever you want trick. Too bad for this idiot, modern email clients filter JavaScript. In both Gmail and Yahoo that code ended up looking like the below.

<a href="http://pimpyaho.com/functions/us/" target="_blank"><font size="2"></font></a>
<font size="2"><a href="https://www.paypal.com/cgi-bin/webscr?cmd=_login-run" target="_blank">https://www.paypal.com/cgi-bin/webscr?cmd=_login-run</a>

So, the link ended up pointing to the real PayPal login. Epic fail, indeed.

Digging further, I saw that the phishing page he intended to send people to was on a porn site. The site is part of a lucrative network owned by a guy whom I made an ad buy from in the past. His ad system requires a person to sign up as a regular member of his site before making a purchase. This explained how I ended up getting that email. His user database had obviously been compromised.

I posted some info about this mess on a forum he hangs out on to make sure he knew what was happening and to get more info.

Here’s the skinny:

1. Homeboy hired an outside company to develop a bespoke chat solution for one of the sites sitting on that server.

2. Said company was given shell access to speed up the delivery of the product, etc.

3. A shoutcast server magically began running on the server - pushing 25Mbit of bandwidth.
Side note: The files had been removed so there was no shoutcast config. Once shoutcast has been started, it doesn’t require its own files in Linux to continue to run, so they were obviously removed in an attempt to hide it.

4. “[After discovering / removing the phishing setup] the files popped back [within seconds]… I then shut down pimpyaho.com, so the site physically wasn’t running… still the files came back. This meant the user HAD to have some sort of shell access.”

5. “Have now sorted the breach and made sure it can’t happen again. I can tell you that they managed to get hold of around 16,000 email addresses, however the [other site’s user] database is up around 80k, so at least they didn’t get hold of that.”

Ouchness++

I stole this blog’s title from the ending thought Alex Eckelberry (someone who understands the interweb) left on his latest blog entry. He gives a solid overview of the current retardedness being shown by law enforcement (people who don’t understand “that interweb thingy”). The last big story like this was the Julie Amero case. Just like in Julie’s case, John Nohejl is being fed to the wolves over total BS.

Kevin Poulsen (he really understands the interwebs, too) explains:
Gulf Middle School resource officer John Nohejl didn’t have porn on his MySpace profile, and he didn’t link to porn. But one of the 170-odd people on his friends list, which seems mostly populated by students at his school, had a link to a legal adult site. Now the New Port Richey Police Department and the Florida attorney general’s elite cyber crimes unit are investigating him for making adult content available to underage children.
Source: Wired.com

Shortly after this story broke, a link going to gay porn was found on the school’s website! The great thing about this is that the school has FULL control over the content of their website. John Nohejl on the other hand has zero control over the content on his friend’s MySpace pages. Who’s the screw-up now?

Alex ended his blog entry with some nice bait:
At least one thing is heartening — the good folks over at the Florida Cybercrimes unit have their own MySpace page. They may quickly see how ludicrious this whole thing is.

Well, I took the bait. After a good ten minutes of looking over the profile of this “elite” cybercrimes task force that’s actively investigating John Nohejl’s MySpace I found the following…

Being the interweb gods that they are, they used code from a third party website to pimp out (add style / graphics) to their profile. Included in that code was five troublesome links they didn’t remove. All five links are promoting two “MySpace page pimping” sites which as a whole are known to be breeding grounds for all sorts of evilness. The two in question here are actively promoting several sites known to distribute adware.

Here’s one button and two text links going to those sites:

Another banner ad:

And, another:

So… Besides having a hideously ugly MySpace page full of broken code, they are sending kids to sites that promote adware. After seeing that, I dug into their friend list to give them a taste of the exact same BS being served to John Nohejl. Here’s what I found on their friends’ pages…

Promotion of some funky head shop “legal weed”:

via this friend.

That same friend has a banner in her comments promoting a site which is known “to steal your MySpace username and password by posing as a profile tracker“. In fact, several friends of theirs have the same thing on their pages. Nice!

Another friend of theirs seems to be a lost cause. That page has links to phishing pages and all sorts of other evil stuff. Those email addresses spammed in the comments… Yeah, those will lure you to sites with boobies all over the place if you dare message them.

Go dig for yourself, there’s plenty of double standard to be found in them hills ;-)

Seeing these eTards go after this cop sure reminds me of someone…

I’m sure these experts are just as ninja at the interwebs as the jackass pictured above.

My buddy PaperGhost just posted this:
Myspace Fake Profile Spammers: This Is How They Do It

It gives an overview of an odd MySpace spamming app that works in conjunction with files hosted on the net. The only thing I can imagine is that we got our hands on this thing early and it’s just a beta of sorts being sold to noobs. The coder is likely working towards making it so that he can infect systems with that garbage, so a botnet (your infected systems) can do his spamming for him…

Another interesting tidbit:
Based on some other files I saw on that url, it looks like the program works in conjunction with a proxy script…