Why Not Audit the Smear Claims?

Comment

Comment by Keith Rollman on November 9, 2008 at 8:33am

I'd be happy to answer any question that you have on this subject.

Comment by Laurence A. Lee on October 1, 2008 at 11:47am

No, let's halt this thread. We've both said our peace, so let's put it to rest. Thanks.

Comment by Jared I. Kuroiwa on October 1, 2008 at 9:28am

Could someone else jump into this thread? Please...

Comment by Jared I. Kuroiwa on October 1, 2008 at 9:27am

Remember that KHON and KGMB9 are not the same. The Keith Rollman statement is what he said, but unlike KHON, I know I verified it as that's what we do. We would not take Rollman's word for it. That's why if you read the links to KGMB9, they do not say what you're quoting. If you want to comment on KHON's bad reporting, be my guess, but do not lump us all together.

Don't throw all media together, we don't work together or have the same methods in reporting. That's why I take offense and rightly so, eh? In fact I take great offense to that. Read what we wrote and don't bring KHON, or KITV and KHNL for that matter, into the conversation.

Spoofing headers, easy (and it was)... Spoofing the IP in the header... Not easy. And if a server was compromised, or a PC in John Carroll's office compromised, wouldn't that be in Carroll's defense (he sent out a press release email)? Again Occam's Razor.

And note that our servers would show the compromised server or PC... You would really need the PCs in the Carroll office to verify this and the server at Oceanic that received the packets from the static IP in his office.

Read the email that was sent, you admitted earlier that you had not. It is posted word for word below, it has not been edited by FirePanos. How are you coming to conclusions on motivation without knowing what was said?

http://firepanos.wordpress.com/2008/09/16/anti-railers-are-trying-to-pin-this-website-to-the-hanneman-organization/

Back to GoRailGo.org, look who is on the server and that IP... It will take you to a consulting company here in Hawaii run by a consultant that does political websites. The company that is paying for the host is different than the main site on the server, but they are registered to the same person. Admittedly, Rollman could have paid them to make the site... But if he did, he would have forwarded GoRailGo.com to it... And if you dig deeper, you can find who the lead was working for at the time of the development.

My opinion is that you're angry and biased in your perspective in this. You've stated that already. That's one of the reasons I asked you to contact who you know in either camp and ask about me. I have no bias and would not let that cloud my judgment.

I'll reiterate, do not lump all the media outlets together and think we're all wrong by pasting bits and pieces together from what they all say. That will always give you the wrong answer. I can only give you the view from my end and using my knowledge. You can look that up to, I don't hide anything (other than using a can of Diet Coke for my avatar).

Comment by Laurence A. Lee on October 1, 2008 at 8:37am

Also... I think it's just "too convenient" that Keith Rollman could claim IT Expertise, identify an IP Address, and link it to a physical address "in about an hour" -- where that physical address is related to an Anti-Hannemann group.

That's about as valid as asking a Defendant to be an Expert Witness for his own testimony.

I'm surprised that news outlets like KHON and KGMB would just run with that.

Comment by Laurence A. Lee on October 1, 2008 at 7:24am

GoRailGo.org sitting on a shared Internet Host means very little - the Server may as well be operated by an "Agent" out in the Camden Islands.  While Carroll and SRN try to distance themselves publicly, it's still
common knowledge that they all collectively represent an Anti-Mufi
sentiment, andhave a relationship within themselves.  According to KHON:

"the address belongs to Honolulu attorney John Carroll, who supports Prevedouros’ campaign and rents a portion of the space to Eric Ryan, formally of Stop Rail Now – a grassroots organization opposed to the city’s controversial rail transit project. Both Carroll and Ryan are actively involved in internet campaigns directed against Mufi Hannemann but strongly denied any affiliation to the anti-Prevedouros e-mail and website".

There's no need for the 7-Layer OSI crash course (I agree, spoofing at the packet level is not probable), but thanks for educating others who may have been interested.
As for the motivations and reasons for the email-blast, and the parties dragged into the fray, who really knows what goes in the head of the Script-Kiddie responsible.  It gave buzz and publicity for the FP site, and that's probably the only real intent of it all.

Spoofing Email Headers and blasting messages is rather easy. The usual point of entry is to find (or compromise) an Email Relay and use those to relay the messages.  There are usually a few forged headers passed to the compromised server, which shows up on the email header trail and can often mislead an inexperienced eye.  This is the reason why I've been calling for expert eyes to verify the logs and back up (or refute) the reported claims, as it isn't clear who investigated the message's origin, and what their technical capabilities are.

A lot of
individuals' and organizations' reputations were dragged through the
mud over this, and there are a lot of fingers pointed across the room.  With the stakes so high (over $3.7 Billion), and both sides so
passionate, I'd really like to see if we can identify anyone who's
responsible for smear campaigns, as that completely deflates the
credibility for the arguments they are making in public.  It'd be interesting to see if the Server Logs have enough data to implicate or clear anyone.

All I've been asking is "Where are the Email Server logs?", and "Why aren't Honolulu Techies demanding to examine those logs?"

My apologies if you feel personally insulted by any interpreted innuendo, as none was intended.

Comment by Jared I. Kuroiwa on September 30, 2008 at 5:34am

Also, just because this does irk me... Let's look at how easy is it to spoof the IP of someone else in an email header. I must admit, this is not an area I'd consider myself even moderately good at (not a spammer)... And all that TCP/IP stuff has been put into that space in my head that assembly code went into... So I'm going to get all technical and some expert can tell me if I'm nuts.

You can mask a lot, but forging the sending IP is a bit harder (TCP/IP rules) and even then, you'd mask within the sending ISP as you need to try to modify the source address of every packet sent to the SMTP server. AND even then, you need to hope it all passes through as ACK packets will not go to your server, but to the masked one instead. That's why, if you wanted to mask your IP. This is why spammers hijack PCs or servers...

This is why we said it wasn't impossible... But it's so improbable to hijack a PC in John Carroll's office and send email out from with a masked sender field (now that's an easy one) or the server is from Oceanic.

Ask the experts you trust and see what they tell you. But IMHO, not easy... highly improbable.

Comment by Jared I. Kuroiwa on September 30, 2008 at 3:53am

"KGMB reported the IP Address was traced to a Queen Street address, which corresponded to the SRN Headquarters. If that was wrong, then shame on KGMB." Nope, Stop Rail Now is on Cooke or South, not Queen. Queen is John Carroll's address. Please read through the links (I had to look again to make sure they reported it correctly). And if you know the Stop Rail Now guys, ask them about Carroll and Ryan and their relationship with the organization. We never reported the email was from Stop Rail Now, because Carroll and Ryan are not part of Stop Rail Now. Read carefully through the story

The email did not come from FirePanos... I think you are really missing the point. And even if you trace the email... It proves nothing for FirePanos, all it proves is where the email came from and it's an email smearing Keith Rollman. Why would Rollman send an email from himself with a masked IP? As a defense in case someone called him on it? Occam's Razor, eh?

GoRailGo.org (NOT .com as it is a parked site) is from an outside consulting firm. Trace IP of site back to the shared server it sits on to find who. And if they move it, you can look to older IP's that were linked to the site to find them.

BTW, your innuendos that I'm in some way incompetent or our reporting was incorrect... Ask the Stop Rail Now or Panos camp about who I am... Or even Mufi's camp for that matter. To me, that is the most offensive thing by far in this thread.

Comment by Lance Furuyama on September 29, 2008 at 9:21am

I'm finding this thread to be extremely interesting.

Comment by Laurence A. Lee on September 29, 2008 at 7:37am

Jared,

Sorry, I wholeheartedly disagree -- the controversy is squarely centered upon the FirePaons site. The email-blast was simply a promotional vehicle to get people to look at the childish rants and Photoshopped images. KGMB's superficial reporting about the email-blast only served to give the site some additional PR on Public Television.

My thinking is that it originated from a FirePanos sympathizer (if not the creators themselves; or Keith Rollman if he is responsible for creating that site) solely because the email content was as childish and as inciteful as the site's content. Email-spoofing from "Keith Rollman" (though, I've not seen that particular email-blast if so -- I've seen other blasts), and including SRN Headquarters' IP address in the headers is just a cute antic designed to taunt SRN to lash out at Rollman, and for Rollman to defend himself by pointing at the IP address as a suspected origin point. Probably a 3rd Party, or possibly Rollman pretending to be a 3rd Party.

KGMB reported the IP Address was traced to a Queen Street address, which corresponded to the SRN Headquarters. If that was wrong, then shame on KGMB.

As a Techie (which was the original intent of the blog post), I'm a little irritated that Email Server Logs weren't immediately grabbed and made available for public inspection and audit. I have little faith in an FBI investigation of stale logs, as the logs may have been tampered with or rolled off by the time the investigators come in to collect the data.

All I'm looking for is the data trail to help determine the truth.

I couldn't care less about the script-kiddies running the FirePanos blog site, but I'd be extremely peeved if the email-blast did indeed come from someone inside SRN Headquarters, or if it came from Keith Rollman -- only because they both are Public Representatives of their underlying causes.

I am 100% against Steel-on-Steel Rail through Salt Lake, and though my views may be in the minority, I have a Code of Ethics that mandates I play fair when persuading people to my point of view.

I expect the same from anyone who's a public figure for their causes: StopRailNow, Eric Ryan, Panos Prevedorous, GoRailGo, Keith Rollman, and Mufi Hannemann, and many others on either side of the issue.

By the way, I'd also be interested in your "digging" methods to find the identity of who created the GoRailGo.com site, as the public whois record is anonymized. Do you know of a means of gleaning Authoritative Registrant Data from Tucows that I may have missed?

• ‹ Previous
• 1
• 2
• Next ›
• Page