Terry Zink: Security Talk

Discussing Internet security in (mostly) plain English

Maybe the North Dakota judge should watch more South Park...

Maybe the North Dakota judge should watch more South Park...

  • Comments 3

A couple of weeks ago, a judge in North Dakota ruled against anti-spammer David Ritz for conduct against Sierra, Inc, allegedly an enterprise that spams.  In a future post, I'll comment on the case.  But for the time being, the key point to remember is that the judge ruled against Ritz because he did, among other things, publish WHOIS information and conduct a zone transfer against Sierra's servers.  The judge said in her ruling that Ritz performed computer functions not generally known by the average computer user.

I find this comment a little perplexing.  Anything that Ritz did is publicly accessible.  WHOIS information is available to anyone who wants it.  You can learn how to do a zone transfer with a simple Google search.  The fact is, publicly available tools let anyone conduct a whole swarm of research.

Allow me to illustrate my point.  The other day, I was watching South Park.  It was the one where the kids are investigating a terrorist situation.  The episode is spoofing the TV show 24, but the other joke is that all the tools the kids use are available to anyone without the complicated tools that CTU always uses.  Here's a summary of some of the very public websites they use to cross-reference and track down the perpetrator:

  • Using MySpace to find the suspect's favorite band

  • Doing a simple Google search

  • Using realtor.com to find out where the kid lives

  • Using a regular phone to take pictures

  • Looking up a Russian guy on Youtube

  • Checking someone's blog on MySpace

  • Using a Webcrawler search to look for podcasts

  • Checking out links to Ebay, and search a username to see what the suspect is buying and selling

  • Checking for chatter on AOL, and searching for stuff on AskJeeves (even though no one uses it)

  • Reading intel on Drudge report

  • Checking someone's Paypal history and checking for stuff they bought on Craigslist

  • Reading a Russian's eHarmony account

  • Use Google Maps to get live Traffic reports

  • IM'ing the suspect's location to police

You see, a public web tool isn't inaccessible to the average computer user.  There's plenty of stuff you can use to find out if someone is spamming.  A zone transfer may be a little unusual but this is the 21st century and there are several search engines out there.  It wouldn't take a long time to figure this stuff out.

Seriously, this judge needs to watch a little more South Park.

Leave a Comment
  • Please add 4 and 3 and type the answer here:
  • Post
Page 1 of 1 (3 items)