As you may know, Lydia Cornell -- who is a blogger, a writer, an actress, and an all-around lovely person -- is writing a book about Ann Coulter. In retaliation, Coulter published Lydia's home address and contact information. The usual right-wing threats and hate-gasms ensued.
But that was only the beginning. Lydia informs me that unknown parties hacked into her email account (from a major internet service provider). She switched to another email account, from another provider -- alas, as I just now told her, that's not very secure either.
Some of the things that Lydia reports are downright frightening -- continued threats, strangers rummaging through her (physical) mailbox, attempted arson, and interference in a private family matter. Apparently, her friends have also had their email accounts hacked; unknown parties have used these hacked accounts to post ugly messages to a liberal blog.
If I change my own email account soon, you'll know why. I'll also be beefing up my system's security.
In fact, all progressive blog writers and commentators should engage in an ongoing discussion on how to improve computer security. We need to trade tips on the best firewalls, best anti-trojan scanners, best email accounts and so forth. Since most of us are not well-heeled, freeware and low-cost solutions are preferable.
27 comments:
1. not sure any relation, or just my personal s/w gremlin, but your site has not -to my dismay- updated and shown new additions since the 'leaks on the leak' entry...
i prob visit at least once a day, and maybe more, if i don't see a new entry; but the 'leaks' entry has been your homepage i got to since -i presume- the 26 aug date of the post... (url *says* the homepage one)
after refreshing (which i never had to do before), it shows newer stuff...
2. not sure i want to get into a 'looksist' rant or not, but it should be beside the point that ms cornell (or anyone) is/isn't foxy/hunky, in order to garner popular support and solidarity in resisting the repellent reichwing nastiness...
(i *guess* ameliorated by her actress / glamorous vocation, still...)
just passing through...
art guerrilla
aka ann archy
eof
Symantec/Norton Antivirus with subscription.
Security Task Manager (marginal) http://www.neuber.com/taskmanager/index.html
Spybot Search and destroy (marginal) http://www.spybot.info/
Spyware Blaster http://www.javacoolsoftware.com/spywareblaster.html
Spyware Doctor http://www.pctools.com/spyware-doctor/
Rootkit Revealer http://www.sysinternals.com/
Lavasoft AdAware and Adwatch http://www.lavasoft.com/default.shtml.en
I also STRONGLY recommend visiting the shields-up website frequently to check your system and to download and use the many security applets available there.
Of course, a good router is of paramount importance. I utilize ALL of these.
This is unbelievable. She is such a nice person. These reichwing freaks are out for blood.
No, it's time to start finding out who these Nazi assholes are and lock their terrorist asses up in jail.
It's time for America to stop putting up with this bullshit.
This is Gladio all over again. Right wing politicians play front man with fake smiles on their faces while their Nazi goons go out and terrorize people to force them to accept more authoritarianism.
I have no explanation why the new posts have not loaded up for "art guerrilla." I hope that's not an issue for anyone else.
While I think Lydia Cornell is pretty (so does everyone else), when I called her a lovely person, I meant that in the broadest sense of the term. It's not as though I've loaded up this blog with cheesecake-y shots from her old show. Fellow blogger Gary Buell would not have hesitated...
(art guerrilla called me an "asshole" in private. So she does NOT my conform to my idea of a lovely person.)
Regarding security issues:
You can be surprisingly safe using freeware solutions: Ewido, a-squared, Ad-Aware, Spybot, Spyware Doctor, AVG and ClamWin are all good, and can be used in conjunction with each other.
WinPatrol tells you when something new tries to affect your registry. And it also puts a cute scotty dog in your tray).
We need a free or cheap firewall that does everything ZA does -- from a company in which we can place absolute trust.
People have learned how to hack into accounts offered by the big email providers. I'm really in search of some good suggestions there. The ideal would be something secure and free that offers web-based mail, maybe with POP access.
Joseph,
Thank you for your support in bringing this serious issue to attention. Last night I met John Dean and Gore Vidal at a C-Span and Progressive Democrats of Los Angeles event. John Dean's new book "Conservatives Without Conscience" delineates the exact same type of malicious, amoral smear-tactics and personal threats he and his wife Mo received from conservatives. This is how they operate and it's shocking to Democrats because we do not view our fellow man as a stepping stone to power.
There are things I haven't told anyone that have happened to us, which would chill you to the bone. I honestly don't know if I'm doing the right thing, but fear there's no turning back.
For you email account, be sure to to use a strong password (search terms: "secure password generator").
If you use gmail, access it though a secure link: https://www.gmail.com
If you use a pop mail service, be sure to access it through an SSL connection (read the docs for the service). If the service does not offer it, find one that does.
...Some donations would help Joseph beef up his personal and data security, I'm sure...
Regarding passwords: There is, I understand, a trick which allows a hacker to fool certain big providers into sending the password for another person's account. Or so I've read. I've not actually done this or confirmed it. I know that what I've said may sound impossible. It would be irresponsible for me to give further details.
Is it possible on blogger to get a better firewall? Or since Blogger is a free service, they don't trace people's IP addresses like they do on typepad? Does anyone know how to make blogger safer...
Great article and important stuff for people to know.
I myself work in the information security field, so I will be happy to share a few pointers.
The first and foremost is this.
Firewalls will not protect you from a hostile site.
I'll repeat that.
Firewalls will NOT protect you from a hostile site.
What this means is simple. A firewall is designed to do two things.
1. Block unauthorized connections to your computer from the internet
2. Permit authorized connections to your computer from the internet (normally this will be connections RESPONDING to a connection that you initiate to a server on the Internet).
Think of a Firewall like a bouncer at a private membership night club. If you're not on the membership list, the bouncer is not going to let you in. If you are on the list, in you come.
Once a person comes into the club, and their hand is stamped, they don't have to stop to prove they are on the list, they merely show their hand stamp when going out and coming in.
This is pretty much how a process known as "Stateful Inspection" works.
Data packets leaving your computer to connect to an internet sefver, say a Blog server, are permitted out, and the responding packets coming from the Blog server, are naturally permitted back to your computer.
In other words, if the server you are connecting to, say a Right Wing Blog server, wants to push some sort of malware or trojan to your system, your firewall is NOT going to stop it.
So what do you do?
Make sure you have valid anti-virus software. Also make sure you have a malware scanner like Pest Patrol or F Secure. These will catch bots that are loaded on your system and help identify them, although they may not catch it in the HTTP stream (returning traffic from the server).
There are other things to do and this post is not very detailed, but it should give help people understand that they want to make sure they know who is running the server they are connecting to.
If I have time I will put together some more detailed tips later, but for now, my advice? Stay away from right wing blogs. Never know what they're up to these days.
Joseph great site, i'll have to visit it more often.
Personally I think sharing security tips is a great idea.
Lydia I think your blog is down, all I get is a gret screen, I am finishing up John deans book also, it is a great book that really shows how these slimeballs operate and what they are capable of, I highly reccommend "Conservatives Without Conscience" to everyone
Worfeus, I know we've been down this road once before, but I really need to talk to you outside of a public blog, I have some security issues I want answers to, you can consider it a paying job and normal business if that makes a difference to you.
My friend went into my files and found a corrupted template, with a lot of new code added. He backed up my files and just published a new (green) template, but all the customization is missing. I'm moving to a new server soon. I am going to Indiana to host a radio show for syndication in October. We will have our own news server site, which will be tamper proof (like CNN, etc.)
This is insane. Today we got a lot of harrassing phone calls as well. This has happened several times, but for a few hours today there was no blog at all, just blank space.
We need to get evidence on these guys. I know their handles and they've maliciously slandered me and my family on several websites. This is how the right wing sociopaths operate.
Joseph you wrote a brilliant piece earlier on Michelle Malkin posting some phone numbers on her site. I will put a link up to this.
Also, thank you for the Disney 911 info above. I called Scholastic. This is so corrupt.
If you're looking for a free option you may want to try downloading the new Windows Defender from Microsoft. Its free, but it is of course a Beta meaning you're the Guinea Pig, but its a 2nd generation Beta so it should be ok.
DOWNLOAD MICROSOFT DEFENDER HERE
I heartily recommend people visit spywarewarrior. They advise on safe/unsafe protection software and have great technical assistance forums.
wilderssecurity and castlecops do a similar job.
CANNONFIRE, please put an index in your home page so we can find articles like this one on Lydia Cornell. It's hard to find past articles and I forgot to bookmark this one yesterday for the security tips. Thanx, great site.
I have heard that Mozilla's firefox is more secure than IE, I think much of what these hackers do on Lydia's site is browser related, particularly IE.
Also we think one of these people may be an isider at E-Blogger, so if you start to have problems here, keep that in mind.
Did TP have hacker problems yesterday? I heard that too. right wing blogs are able to capture your IP i think. creeps
Okay so I spoke to a blogger who can't access Lydia's blog for several days. He's been blocked from her site. how do the hackers do this?
Lydia's blog seems to get hit more than other progressive sites.
It slowed down when she moved to a different blog site, because she would have access to more information.
I think anyone on E Blogger is at risk.
I agree that anyone at E Blogger is at risk they a bunch of enablers to the criminals, they look the other way while emplyees and/or hackers committ crimes on their system and silence bloggers freedom od speech, compromise their privacy by allowing these thugs access to bloggers identies and allow them to use the e-blogger server to hacl bloggers computers.
Lydia had her blog moved to Typepad and she didn't have all these problems.
The troublemakers stayed away because they didn't want anyone to know who they were.
E blogger seems to care less what happens on their system.
I thought BLOGGER was owned by Google, a left wing company. We assume they're honest. wonder what's going on. Maybe they're just hackable.
A couple more notes to those of you who had questions about being hacked in a blog.
The first one is the most important.
1. No one can hack into your computer because of a blog UNLESS they've FIRST hacked the blog server.
2. Once a blog server (or any web server) has been hacked, it is almost impossible to protect yourself from being hacked as well.
Number one is simple.
In order to hack your computer, someone must know the IP address of your computer. And if they don't know anything about you, then they have no way of finding that out. Unless of course you give it to them, OR, if they've hacked a server that you connect to regularly.
Number 2 is also simple.
Once a server has been hacked, firewalls will not inspect the traffic to and from that server, other than maintaining "state" information. State information is merely communication status of your session with the server. It doesn't look at anything else. Anti Virus software will detect viruses and trojans possibly in the data stream but hacking commands will still get through unnoticed.
In other words, make sure you know the server you're connecting to.
How can you know which server you're connecting to?
This is terrible - to be hacked into and spied on.
Post a Comment