This afternoon, the blog passed 12,000,000 all-time hits. While still smaller than some of other sites in the top ten legal blogs, we just passed 11,000,000 not long ago and we have continued to grow. I am very proud of our community and our attempt to offer a place for civil and responsible conversation. I encourage our regulars and visitors to continue to avoid the personal attacks and name calling common elsewhere on the Internet.
The continued growth of the site shows that our approach to blogging resonates with a good number of people. I continue to be concerned in reading comments that take personal shots and use insulting language. I hope that the recent debate over civility in legal blogging will reaffirm the need of our regulars to avoid insults and personal jabs. If you do not like a person’s take on a story, there is no need to characterize the writer or the writer’s motivations. Let’s deal with the ideas and leave the ad hominem attacks to other sites.
Thanks again for making the site such a great success.
Here are the list of countries represented by viewers and commentators on the blog with the first being obviously the most prevalent:
Country Views
United States
Canada
United Kingdom
Germany
Sweden
France
Australia
India
Philippines
Ireland
Singapore
Jonathan Turley
html tag fail, sorry. I am hopeful wordpress will have fixed it.
But regardless of Professor Turley’s disappointment, and with Dr. Kesseler’s $200 opt-out fee and his no privacy terms of agreement posted anywhere and his statement he sees this as his economic freedom he is currently in the process of rebuilding and updating my database for this site
(On the other hand, we have Gene H declaring this to be Kesseler’s “intellectual property” and Otteray Scribe describing it as “a proprietary product”)
And he wrote
In an email exchange during the events last fall (which included all of the guest bloggers), Professor Turley expressed his disappointment in my actions.
Let’s see . . .
You persistently attack a group of people and then want their help in attacking a third person.
Good luck with that.
Mike A, rafflaw, et. al.
On June 3rd 2012, less than a month ago, In the corrections here:
http://jonathanturley.org/corrections/#comment-378229
Kevin Kesseler writes the following:
I would point out that Gene made two factual errors: first, my name is Kevin Kesseler and, secondly, that I haven’t been working on the software. In fact, the software is operational and I’m in the process of rebuilding and updating my database for this site. I maintain that what I do with the software and the intelligence it develops is my business, but I’m willing to submit that judgement to public scrutiny here. In an email exchange during the events last fall (which included all of the guest bloggers), Professor Turley expressed his disappointment in my actions.
So here’s your chance to tell Kevin that you approve or disapprove of his software, his database, and his behavior as well as his $200 fee to remove individuals or otherwise not let them opt-out.
Regarding the $50K/$200.00 thing. Kevin, some folks don’t know when their chain is being jerked. It takes someone with a sense of humor to appreciate what you did there. Unfortunately………
It never occurred to me asking what a sockpuppet was would engender such controversy.Sorry.
Then consider that Dr. Kesseler has said here that he thinks his software is valuable and his database is valuable and he will not delete it until he is paid $50,000, or $200 per individual.
And ask: how will Dr. Kesseler make money with his program and database?
Methods
The simplest method involves spammers purchasing or trading lists of email addresses from other spammers.
Another common method is the use of special software known as “harvesting bots” or “harvesters”, which spider Web pages, postings on Usenet, mailing list archives, internet forums and other online sources to obtain email addresses from public data.
Spammers may also use a form of dictionary attack in order to harvest email addresses, known as a directory harvest attack, where valid email addresses at a specific domain are found by guessing email address using common usernames in email addresses at that domain. For example, trying alan at example.com, alana at example.com, alanb at example.com, etc. and any that are accepted for delivery by the recipient email server, instead of rejected, are added to the list of theoretically valid email addresses for that domain.
Another method of email address harvesting is to offer a product or service free of charge as long as the user provides a valid email address, and then use the addresses collected from users as spam targets. Common products and services offered are jokes of the day, daily bible quotes, news or stock alerts, free merchandise, or even registered sex offender alerts for one’s area. Another technique was used in late 2007 by the company iDate, which used email harvesting directed at subscribers to the Quechup website to spam the victim’s friends and contacts.[1]
There is actually another danger too.
If you MikeA use you real email address in the form below, after all, maybe you want to let Professor Turley email you, and the form says in it that the email is kept private “(Address never made public)”
And if your email address is say at gmail, or yahoo, or hotmail
MikeA at gmail.com
MAppleton at yahoo.com
MikeA at hotmail.com
Then I can compute that MD5 ID for those email addresses and see if I can guess your real email.
Also, in recent weeks we’ve seen lots of email addresses get published, for linkedin, zynga, and many other sites. And determining email addresses is often as simple as using white pages, or dictionaries of names, and appending maybe years, and then an at gmail.com.
So dictionaries of these email addresses and their MD5 ID codes can be computed.
You can then take software like Dr. Kesseler’s, and scrape all wordpress sites: for liberals, conservatives, LGBTQ, whistleblowers, suicide lines, and scrape the MD5 codes out of them and compare to the dictionaries and determine the actual email addresses of people that contribute to these blogs.
And you might think I’m kidding, but no, that’s absolutely possible. Read the bug reports I’ve linked to, and ask friends knowledgeable about software and web development and security.
Then consider that Dr. Kesseler has said here that he thinks his software is valuable and his database is valuable and he will not delete it until he is paid $50,000, or $200 per individual.
And maybe then we can talk about common decency and whether rafflaw, or you or Professor Turley should ask Dr. Kesseler to delete his database and his software and promise not to use it again.
“People have complained about it, and WordPress has decided not to fix it.”
Then your issue is with WordPress.
You have no proof of harm either to yourself or anyone else. If you have a problem with the Gravatar code and you think you can win the case, you should consider suing WordPress if you think it’ll do any good (which it probably won’t). You come here and visit WordPress sites voluntarily. If Dr. Kesseler isn’t interested in assisting your lil’ crusade, that’s his decision. If you want to continue to defame him (and others) and demand he do something other than what he wants with his intellectual property which relies upon publicly published data? You are asking for trouble.
Since your fundamental problem is with WordPress and their Gravatar coding, I suggest you take it up with them or you stop frequenting sites hosted by WordPress or using their software.
This site is hosted by WordPress.
The policies of this site are set and administered by the owner.
If you have a problem with either of those facts, you know where the door is.
Don’t come back.
Problem solved.
OS,
I can’t think of another logical reason either, but I don’t think anon limits himself to logical reasons…
Gene,
I was indeed born on Magrathea–and on Earth as well. (Its a long story involving the hyperspatial factory floor, the construction of the Earth mark II, and a time machine–I have records certified by the President of the Galaxy (or instructions on making a Pan-galactic Gargle Blaster [either way you wont be able to question me afterwards…]))
As I’ve explained before, I know of no website where this would be tolerated, and my mind boggles that this has occurred at the website of a civil libertarian free speech defender.
When you consider my common decency in:
a) asking Kevin to delete the database and release the code
b) writing a paper about his findings and publish it
c) join the people lobbying wordpress to fix it
d) naming Kevin when he comes here for his bad behavior in doing this in the first place
You may wish to consider Kevin’s common decency in:
a) demanding $200 to delete an individual
b) demanding $50,000 to delete the database
And ask yourself:
1. Has Kevin broken anyone’s terms of service?
2. Has Kevin violated the norms at this website?
3. Who owns the data Kevin has scraped?
4. Can Kevin’s data be used to effectuate identity theft?
Mike A,
There is a real sense in which, since I am only a commenter here, and not the person that built the code or maintains the database, that I cannot know what has been exposed or to whom.
If you visit the corrections page here: http://jonathanturley.org/corrections/#comment-272167 you will see six contiguous comments, starting by one from Kevin and then three from me, that I think does a good job of explaining the privacy issue, including three links to other sites where other people involved in the web and software engineering and even the law discuss the same issue.
Basically the issue is this: the gravatar image that wordpress fills in contains a almost unique (consider it unique) ID that is a function of the email address you put in.
Let’s say Mike A, that you are a troubled gay man, that has seen some bad things occur in the Army. You’re a faithful commenter here under the name YourActualRealName, but that at suicidehotlines.com you comment anonymously on their wordpress website as EnderWiggin and that at ALGBTIC.com you also comment anonymously there about retaliation you might (have) face(d) from the Army.
If ALL of these are wordpress sites, or use the wordpress gravatar system, and if you use the same email address across the websites, which you might do, since the email address field says “Email (required) (Address never made public)” then using Kevin’s software against these websites you can identify every comment you made, regardless of the username.
So someone can say, well EnderWiggin is really anonymousguy1 at suicidehotlines and is really army2004 at ALGBITC and IS Actually YourActualRealName at jonathanturley.org.
Even here someone might link YourActualRealName in 99% of your posts with perhaps an anonymous post you post here say on a case you are knowledgeable about but are not really supposed to be posting about (maybe you are a whistleblower.)
This is the fundamental risk of the Gravatar privacy leak.
That separate identities at one website or dozens can be linked together.
People have complained about it, and WordPress has decided not to fix it.
But it doesn’t mean it’s not a privacy leak.
Kevin built that software here and built up that database here.
I asked him to delete it, and his response was to ask for $200 to delete an individual and to claim I was trying to deprive him of his economic freedom. (http://jonathanturley.org/2011/09/25/second-amendment-boogey-man/#comment-272439) and comment-272619
He later asked for $50,000 to delete his database corrections/#comment-272335
And I believe recently said he was going to do more work on the database.
I’ve also suggested several times he write up his work as a security research paper and join the group of people asking WordPress to fix this leak.
Doc, I think he is afraid of the searchable database. I notice that a lot of politicians wish YouTube and Google would go away. Personally, I think every blog should have a user friendly search feature. For example, Daily Kos has an excellent search feature. Under the new Version Four (DK4), they are still working out the bugs, but it is really handy. This site has had 12 million visitors and a lot of comments. Daily Kos has about 1.5 million visitors per month, with about 20 million page views per month. Total visitors since the site was founded in 2003 runs into the billions. I have no idea how many diaries and comments there are, but the search feature makes the site a lot more useful than it would be otherwise.
http://www.dailykos.com/search?text=Search&time_begin=06%2F22%2F2012&time_end=now&text_type=any&text_expand=contains&search_type=search_stories&time_type=time_published&submit.x=20&submit.y=16
Asking someone to destroy a proprietary product because you fear a search feature is ludicrous. The only logical reason I can think of is a fear of being fact-checked.
“It’s sort of like having my very own birther. Thanks again.”
You mean you weren’t born on Magrathea? I’m shocked I tell you! Shocked!
Malisha,
All I know is that wherever you are, that’s where you’ll be.
*pssst* this is a sock puppet–don’t tell anon.
Mike [initial obvious in context 😉 ],
It’s not just you–we’re all missing the point. anon has been unable or unwilling to explain who’s privacy has been invaded and how. It seems to be an article of faith with him that I have done something wrong which apparently entitles him to make baseless accusations against me as needed. It’s sort of like having my very own birther. Thanks again.
You know, there is possibly an explanation of everybody’s untoward behavior on this best of all possible blogs: Dissociative Identity Disorder. Frankly, I am not sure at this time whether it has made it into the DSM-V or not; maybe somebody can help me out here.
In the early days of people trying to understand this diagnosis, I believe folks thought that if a child got a shock in childhood, she might become “a split personality” and behave like Goody-Two-Shoes one day and like Jezebel-the-Man-Eating Monstress the next. Then, somehow or other, a group of specialized folks (either professionals or eager laypersons) came up with the explanation that children subjected to “Satanic abuse” would become essentially many personalities within one person, and some peculiar lawsuits and some bizarre television shows popped up. What seemed to distinguish “Satanic abuse” from other kinds of abuse was the religion designated as Satanism which might not even be one particular religion but could be a sort of group of smaller denominations that are either religion-like or cult-like; there’s too much to figure out. (I will say that a real FBI profiler working in the child abuse area told me personally that he believed organized child sex abuse rings would just add all kinds of weirdo stuff and “Christian images” to their group abuse orgies in order to terrify the children AND to make their retelling of the events seem so preposterous that law enforcement folks would discount them as the ranting of brain-washed juveniles. He said, “If I wanted to molest a kid and get away with it, I’d play wacky music, show films of religious ceremonies, and have an upside-down crucifix in the room, and burn a dead cat. Then no matter what the kid said, nobody would listen.”
Then, however, finally I believe that there began to be actual evidence of a mental disorder found in adults that involved dissociation, regression, and some other forms of “maladjustment,” but that really were quite GOOD adjustments for children who had been horribly abused, sexually, physically and emotionally, as children. (Some of the abuse was called “Organized Ritual Abuse” and fit the description the FBI guy told me about.) “DID” was the result. An adult had various ego-persons who “came out” at different times and who could even be unaware of each other. This was the result of the child needing to “be someone else” to deal with abuse that could not be integrated into normal life. That is, you can’t just be gang-raped one night and in the morning, put on your school uniform and knee socks and go to a parochial school and be an all-A student and appear to have nothing at all wrong with your life.
OK, that said.
Do you think that some of these many personas flying around this free-wheeling blog are alters who are unaware that their other alternate alters are blogging under a different name with the same ten fingers?
And if so, who the “F” am I?
Mike S.:
Touche. And here I was thinking you were still in a Catskills coma.