ISOTF Critical Internet Infrastructure WG is now open to public participation.
The group holds top experts on internet technology, critical infrastructure, and internet governance, from around the globe.
Together, we discuss definitions, problems, challenges and solutions in securing and assuring the reliability of the global internet infrastructure, which is critical infrastructure for a growing number of nations, corporations and indeed, individuals -- world wide.
The group started as a closed and private forum, to discuss technical and operational risks, as other venues limited discussion of critical internet resources to politically charged subjects such ascontrol of ICANN and ARIN, thus overshadowing other important aspects.
As of November 18th 2009, the list is open for public access, to advance public awareness of the issues, and bring new talent on board.
The group is hosted by the ISOTF, but is governed by members.
Note: SCADA, network operations, and other related issues should be discussed in the appropriate forums, elsewhere. This group deals with the internet.
To subscribe:
http://isotf.org/mailman/listinfo/cii
Gadi Evron for ISOTF-CII-WG.
Wednesday, November 18, 2009
Friday, November 13, 2009
China, is it our cyber defense red herring?
There are thousands of articles perpetuating the claim that China is out to get us on the Internet. And yet, all these discussions are begging the question, is it China attacking? Also, are they even the "usual suspects"?
While I can point to real facts of China making active use of information warfare, cyber warfare, or whatever else you choose to call it (such as the release of 0 days being patched by Microsoft
and originally reported by the Taiwanese government, search Microsoft's site), I can also point to Germany (intelligence Trojan horse), the US (The Farewell Dossier) and other countries such
as North Korea (without much detail, so questioned).
We have a failing, that even as experts we see an IP source in China for an attack, and as it is popular, and we are still used to think in the physical world, jump to the conclusion the actor is from China. The actor is often from the US, Eastern Europe, Russia, Brazil, and many other countries. That in turn does not mean these actors are then sponsored by these countries. Information warfare is about covertness, not about being loud. The Internet is perfect for plausible deniability, as I've learned when writing the postmortem analysis of the 2007 attacks against Estonia, for the Estonian CERT.
The Chinese know more about the uses of being covert than any of the rest of us, in their strategy, their actions, and their history. If they are being so indiscreet it is for a specific reason, perhaps as a smoke-screen, or indeed, they are not doing it to begin with.
I am not saying the Chinese government does not attack, I am saying naming them continually is nothing but a baseless red herring, and an easy scape-goat we have all grown used to. Thus, blaming China by itself has become acceptable just because people did it often enough. The story of Ethos manufacturing itself.
Malicious computers in China are a problem we can't and shouldn't deny. However, continually claiming China is the Big Bad and attributing every attack to them, is beyond ridiculous. Nothing to see here, move along.
Then again, maybe if we keep saying it's the Chinese with every attack we see, they will get some ideas and make it true for us. It may eventually prove true, but our current proof is based mainly on people claiming it in the past. We are better than this.
Gadi Evron,
ge@linuxbox.org.
While I can point to real facts of China making active use of information warfare, cyber warfare, or whatever else you choose to call it (such as the release of 0 days being patched by Microsoft
and originally reported by the Taiwanese government, search Microsoft's site), I can also point to Germany (intelligence Trojan horse), the US (The Farewell Dossier) and other countries such
as North Korea (without much detail, so questioned).
We have a failing, that even as experts we see an IP source in China for an attack, and as it is popular, and we are still used to think in the physical world, jump to the conclusion the actor is from China. The actor is often from the US, Eastern Europe, Russia, Brazil, and many other countries. That in turn does not mean these actors are then sponsored by these countries. Information warfare is about covertness, not about being loud. The Internet is perfect for plausible deniability, as I've learned when writing the postmortem analysis of the 2007 attacks against Estonia, for the Estonian CERT.
The Chinese know more about the uses of being covert than any of the rest of us, in their strategy, their actions, and their history. If they are being so indiscreet it is for a specific reason, perhaps as a smoke-screen, or indeed, they are not doing it to begin with.
I am not saying the Chinese government does not attack, I am saying naming them continually is nothing but a baseless red herring, and an easy scape-goat we have all grown used to. Thus, blaming China by itself has become acceptable just because people did it often enough. The story of Ethos manufacturing itself.
Malicious computers in China are a problem we can't and shouldn't deny. However, continually claiming China is the Big Bad and attributing every attack to them, is beyond ridiculous. Nothing to see here, move along.
Then again, maybe if we keep saying it's the Chinese with every attack we see, they will get some ideas and make it true for us. It may eventually prove true, but our current proof is based mainly on people claiming it in the past. We are better than this.
Gadi Evron,
ge@linuxbox.org.
Friday, October 30, 2009
Cyber War and Cyber Deterrence
A few days ago a Google Alert on my name let me know that I was referenced in a paper from RAND. I have high appreciation for RAND's work, so naturally I went to look.
The work by one Martin Libicki discusses cyber war and cyber deterrence. He is against the silly notion, much like I am.
I've grown so tired of repeating "these discussions the past two years in US defense circles are just ... stupid." I am happy that someone else, as articulate as Libicki, joined our side of the debate. Just because US experts are so used to deterrence as a strategy after 70 years, does not mean it fits the bill with the Internet. In fact, it is extreme folly.
I don't agree with everything Libicki says, but I do agree with him on this matter.
However...
Unlike many, I believe offensive capabilities are critical for any nation nowadays, but that thinking it would assist in defense is delusional.
Libicki's actual RAND paper can be found here:
www.rand.org/pubs/monographs/2009/RAND_MG877.pdf
Maybe now I can finally write a paper I want to write, on when deterrence actually does work on the Internet. There are cases where it does, but raising these before now would have muddied the water.
I also plan to be more vocal in the debate in the coming months, and pull out of the drawer some articles I wrote on the subject, for when it warms up and they can make a difference.
Gadi Evron,
ge@linuxbox.org.
The work by one Martin Libicki discusses cyber war and cyber deterrence. He is against the silly notion, much like I am.
I've grown so tired of repeating "these discussions the past two years in US defense circles are just ... stupid." I am happy that someone else, as articulate as Libicki, joined our side of the debate. Just because US experts are so used to deterrence as a strategy after 70 years, does not mean it fits the bill with the Internet. In fact, it is extreme folly.
I don't agree with everything Libicki says, but I do agree with him on this matter.
However...
Unlike many, I believe offensive capabilities are critical for any nation nowadays, but that thinking it would assist in defense is delusional.
Libicki's actual RAND paper can be found here:
www.rand.org/pubs/monographs/2009/RAND_MG877.pdf
Maybe now I can finally write a paper I want to write, on when deterrence actually does work on the Internet. There are cases where it does, but raising these before now would have muddied the water.
I also plan to be more vocal in the debate in the coming months, and pull out of the drawer some articles I wrote on the subject, for when it warms up and they can make a difference.
Gadi Evron,
ge@linuxbox.org.
Tuesday, September 29, 2009
Medical Vaccines as an Analogy to Information Security
In the information security field, we often encounter an ethical dilemma. Should information become public, so that people can protect themselves, or better decide how to do so. Or should it remain secret so that larger harm is prevented? The world of Vaccines shows us an image of how medical professionals deal with the issue.
I recently wrote a blog post on an unrelated subject, vaccines and their risks. I have been gathering information on whether they are safe for some time now.
While they are in fact, in the vast majority of cases, safe, there is no easily available information online as to the risks associated with vaccination. Most of this data, therefore, can be found in scare-monger websites, spreading fear, uncertainty and doubt.
Whatever reason vaccine professionals have to take the party-line, we can assume one reason they do not wish public debate to avoid risk of more people not vaccinating, potentially increasing the death-toll and causing epidemics.
The similarities don't end there, and it truly is fascinating. For example the World Health Organization (WHO) monitors disease globally, detects new epidemics and responds accordingly, and thus monitoring the success of vaccines as well.
An interesting anecdote is on global risk analysis. How regulation trumps personal liberties world-wide in vaccination programs for new-born babies, as the risk of epidemics outweighs the infringement. Some people claim that this is no longer the case, and that these programs need to be reexamined. They seem to be wrong, but information is not easily available online. It is interesting to note, as once successful, even if it was no longer helpful I very much doubt society would easily change in this regard, much like I am sure it was difficult to initiate this program to begin with.
I doubt such regulation will happen in information security, but a common stance such as vaccine developers and medical doctors have on emerging threats could be highly beneficial to our field, when approaching the public.
Many interesting strategic and psychological lessons can be learned by examining this field, when compared to information security.
Gadi Evron,
ge@linuxbox.org.
I recently wrote a blog post on an unrelated subject, vaccines and their risks. I have been gathering information on whether they are safe for some time now.
While they are in fact, in the vast majority of cases, safe, there is no easily available information online as to the risks associated with vaccination. Most of this data, therefore, can be found in scare-monger websites, spreading fear, uncertainty and doubt.
Whatever reason vaccine professionals have to take the party-line, we can assume one reason they do not wish public debate to avoid risk of more people not vaccinating, potentially increasing the death-toll and causing epidemics.
The similarities don't end there, and it truly is fascinating. For example the World Health Organization (WHO) monitors disease globally, detects new epidemics and responds accordingly, and thus monitoring the success of vaccines as well.
An interesting anecdote is on global risk analysis. How regulation trumps personal liberties world-wide in vaccination programs for new-born babies, as the risk of epidemics outweighs the infringement. Some people claim that this is no longer the case, and that these programs need to be reexamined. They seem to be wrong, but information is not easily available online. It is interesting to note, as once successful, even if it was no longer helpful I very much doubt society would easily change in this regard, much like I am sure it was difficult to initiate this program to begin with.
I doubt such regulation will happen in information security, but a common stance such as vaccine developers and medical doctors have on emerging threats could be highly beneficial to our field, when approaching the public.
Many interesting strategic and psychological lessons can be learned by examining this field, when compared to information security.
Gadi Evron,
ge@linuxbox.org.
Friday, September 11, 2009
Lessons I Learned from Cyber Crime, an Article Series
I have been slow on updating this blog due to blogging on Dark Reading. I will make amends and start updating here more often. I will also start to cover my more interesting blogs on Dark Reading, here. You can also read my personal blog where I write about things I find interesting, or funny.
A few months ago I wrote a short series on some of the lessons I learned from the world of security and cyber crime. About systems and networks, people and communities, and finally, projects and making things happen, the first one begins with:
1. Lessons From Fighting Cybercrime
Gadi Evron,
ge@linuxbox.org.
A few months ago I wrote a short series on some of the lessons I learned from the world of security and cyber crime. About systems and networks, people and communities, and finally, projects and making things happen, the first one begins with:
"The history of anti-spam teaches us about half-baked ideas and how people succeeded or failed to implement them. The analogy of evolution, while limited, demonstrates how reactionary solutions can achieve strategic goals before they are made obsolete by countermeasures.The three posts in question, are:
How do you herd cats? In a series of blogs starting today, I'll explore the history of fighting cybercrime and how and why certain solutions worked while others failed, how we can recreate success, and what lessons we can distill to build business solutions, affect change in communities -- and even fight terrorism."
1. Lessons From Fighting Cybercrime
"... Criminals were forced to evolve in a desirable direction, which is a victory on its own. Evolution in capabilities occurs to circumvent security measures. By limiting the spammers' options they evolved to a technological battleground where we have more control."2. Lessons From Fighting Cybercrime, Part 2
3. Cybercriminals: More Obvious Than They Think?"... It enumerates ways by which "new" and "amazing" suggestions on solving the spam problem go wrong... If only "everyone" (or most people) used their solution or "forced users" to act counter intuitively (and similar truisms), spam would be "gone". It is well worth a read.
Trying to map how some solutions work while others can't even get off the ground and seeing how communities and social systems change is fascinating. The examples above and many other lessons of fighting cybercrime are illuminating. Especially when we consider they are mostly derived from failures of technical solutions to solve a human problem, a common design fallacy this day and age."
I hope you find these posts interesting. Do share your thoughts with me. Any anecdote, epiphany or even just an insight from your own experience will be appreciated.
- "...Let me pose it this way: It's a hot summer day, and you're drinking a beer at the beach. People are having fun and relaxing. Suddenly, you see a person wearing an heavy coat. Is this suspicious?"
- "... Encryption is a great tool, but it also draws attention to you for using it. In your organization, how likely is an attacker to identify important resources just by watching for encrypted traffic? In some cases, it may be better to stay obscure, in the background as noise, than to use encryption. If the malware sample is new and therefore undetected by antivirus, then the same unfortunately applies to malware authors."
Gadi Evron,
ge@linuxbox.org.
Friday, May 01, 2009
My Recent Posts on Dark Reading - April 2009
As I mentioned before, I blog on Dark Reading.
Here are more of my posts from this past month:
Social Networks Blurring The Line Into Citizen Journalism
http://www.darkreading.com/blog/archives/2009/03/a_police_office.html
http://www.darkreading.com/blog/archives/2009/03/is_conficker_a.html
SCADA Security: What SCADA Security?
http://www.darkreading.com/blog/archives/2009/04/scada_security.html
I'm Interested, But In You
http://www.darkreading.com/blog/archives/2009/04/im_interested_b.html
http://www.darkreading.com/blog/archives/2009/04/planning_for_hu.html
ge@linuxbox.org.
Here are more of my posts from this past month:
Social Networks Blurring The Line Into Citizen Journalism
http://www.darkreading.com/blog/archives/2009/03/a_police_office.html
In 2006, Israel sent forces into Southern Lebanon during what is now known as the 2006 Lebanon War. Israel had security concerns about missiles harming its civilian population, but what it didn't bargain for was military citizen journalism.Conficker's Real Threat
Think, for a moment, about the potential chaos of such live war reporting: SMS messages from soldiers up front telling of deaths before families can be notified, or live videos of bloody battles recorded from cell phones and sent to the press.
http://www.darkreading.com/blog/archives/2009/03/is_conficker_a.html
Conficker is a real problem, but the world won't end on April Fool's Day. Here's why.I love predicting the future and being right. I am proud for not jumping into the Conficker FUD circus.
SCADA Security: What SCADA Security?
http://www.darkreading.com/blog/archives/2009/04/scada_security.html
SCADA, the control systems for such infrastructure services as water and energy, has us worried whenever critical infrastructure defense is mentioned. Why, then, is it the most insecure industry on the planet?I published that a day before the WSJ published their hyped story on SCADA spies. I was a good and timely reference. Nice timing!
I'm Interested, But In You
http://www.darkreading.com/blog/archives/2009/04/im_interested_b.html
Social engineering is a disturbing aspect of overall security threat analysis because it is the human element that is least in our control. Security and psychology -- once again -- go hand in hand.Analyzing Security Psychology
Roughly two years ago I wrote about a personal experience that exemplifies how salespeople can try to manipulate you using body language, bringing us to a subject close to hackers' hearts: social engineering.
http://www.darkreading.com/blog/archives/2009/04/planning_for_hu.html
The integration of psychology into the security strategic-thinking process is critical for the advancement of information security. The human element influences all security controls because all of these controls seek to regulate human behavior.Gadi Evron,
ge@linuxbox.org.
Tuesday, April 28, 2009
One shoot remote root for Linux?
While I am the first, I am sure soon I will just be one among thousands blogging this.
Sometimes news finds us in mysterious yet obvious ways.
HD Moore set a status which I noticed on my twitter:
@hdmoore reading through sctp_houdini.c - one-shot remote linux kernel root - http://kernelbof.blogspot.com/
I asked him about it on IM, wondering if it is real:
"looks like that
but requires a sctp app to be running"
Naturally, I retweeted.
I left a comment on the guy's blog:
@gadievron
Sometimes news finds us in mysterious yet obvious ways.
HD Moore set a status which I noticed on my twitter:
@hdmoore reading through sctp_houdini.c - one-shot remote linux kernel root - http://kernelbof.blogspot.com/
I asked him about it on IM, wondering if it is real:
"looks like that
but requires a sctp app to be running"
Naturally, I retweeted.
I left a comment on the guy's blog:
It's always nice to have good and talented people show us how we forget the obvious, continually. This somehow brings memories of Ciscogate to mind, but just by similarity of the original DoS vulnerability story.Signed,
Thanks for your work and for keeping full disclosure alive and well (where responsible). Everyone should be patched by now, unless they don't believe DoS vulns to be "important enough".
@gadievron
Sunday, April 26, 2009
Debugging for Medical Doctors
Today I wrote a blog post named: Debugging for Medical Doctors. In retrospect, I think it shows the difference between handling technology and handling humans, performing the same action.
Debugging for Medical Doctors
http://gevron.livejournal.com/18191.html
Gadi Evron,
ge@linuxbox.org.
Debugging for Medical Doctors
http://gevron.livejournal.com/18191.html
What's debugging you ask? When you know there is a bug in your program, you find it by the process of debugging. How do medical doctors do it? And how they may be doing it wrong.I hope you find it useful.
Gadi Evron,
ge@linuxbox.org.
Monday, April 20, 2009
Proposal: This House Will Legalize Spam
I sent this today to the newly formed debate mailing list. While this is not necessarily my opinion, I am picking a side and running with it.
In other words, the opinions presented in this debate are not necessarily my own. People will either support this proposition, or tear it apart.
Proposal: This House Will Legalize Spam
Spam is a service answering a demand. Making the product legal will will inject our suffering economy with much needed currency and allow our government to tax this billions of dollars industry.
We have seen this happening with alcohol during the prohibition. Alcohol is no longer illegal, and great benefits resulted from that decision with a booming world-wide industry and disappearance of the black market economy.
Spam is a black market economy. Medicine is sold for high prices in the US, so black market spam operations answered the demand and sell drugs from Canada for a lower price. Many of these are fake and result in poor care in the best of scenarios.
Economically, the pharmaceutical industry is suffering and the government is losing potential taxation revenue. More importantly, if spam was regulated controls could be put in place to protect public health.
We have been waging a "war on spam" for two decades now with no victory in sight. More than that, the email system is under continued threat of no longer being usable.
Similar misuses have been addressed by legalization in the past. This includes post spam and fax spam, which today have clear regulation.
Most of the email traffic on the Internet today is spam, resulting in:
Our respected opposition may claim that legalizing spam will open the door for other sorts of legalization. We believe this claim is a logical fallacy, falsely claiming a slippery slope to muddy the waters.
We believe that taking this route on spam is positive, other directions with other "products" should be considered on their own merit. It is a fact that the end of prohibition did not result in legalization of drug usage.
In support of my case I bring before you a case study (below), written by me two years ago for a zdnet blog. I demonstrate how an unrelated legalization caused a large percentage of spam to stop and spam operations to collapse, when the demand ceased.
Gadi Evron,
ge@linuxbox.org.
---
Taking down spammers: Successful spam fighting via legalization, regulation and economics
Original URL:
http://blogs.zdnet.com/security/?p=720
By Gadi Evron
Working in the Israeli city of Netanya, next door to our offices was a spam operation with roughly 30 employees. One day they weren’t there anymore.
They were blog comment spammers, but officially were doing Search Engine Optimization or SEO. Instead of optimizing content, they posted illicit comments on many blogs with commercial or misleading messages leading to their clients’ web sites, mainly for the purpose of increasing their clients’ web sites visibility in search engines such as Google. They would do this using an illegal tool such as botnets, and make quite a bit of money.
The reason for their disappearance soon became clear; nearly all their clients were gone. A law was passed in the United States which addressed online gambling operations (”Unlawful Internet Gambling Enforcement Act” - UIGEA). As a result, the public gaming industry ceased accepting online wagers. More than that, UIGEA addressed processing payments to and from Internet gambling sites. In a day, most of US-based gambling web sites ceased to exist (others moved over-seas, although quite a bit of the world’s credit processing is done by US firms). This effectively caused
the death of numerous black hat SEO companies–comment spammers. Perhaps the UIGEA measure against processing of payments proved too difficult to overcome. Not being a lawyer I can’t say exactly how UIGEA caused this death. No matter, US online gambling operations were effectively destroyed.
Spam decreased. The underlying cause for that was that the clients weren’t there due to the inability to process payments because of the online Casinos law.
....
More...
In other words, the opinions presented in this debate are not necessarily my own. People will either support this proposition, or tear it apart.
Proposal: This House Will Legalize Spam
Spam is a service answering a demand. Making the product legal will will inject our suffering economy with much needed currency and allow our government to tax this billions of dollars industry.
We have seen this happening with alcohol during the prohibition. Alcohol is no longer illegal, and great benefits resulted from that decision with a booming world-wide industry and disappearance of the black market economy.
Spam is a black market economy. Medicine is sold for high prices in the US, so black market spam operations answered the demand and sell drugs from Canada for a lower price. Many of these are fake and result in poor care in the best of scenarios.
Economically, the pharmaceutical industry is suffering and the government is losing potential taxation revenue. More importantly, if spam was regulated controls could be put in place to protect public health.
We have been waging a "war on spam" for two decades now with no victory in sight. More than that, the email system is under continued threat of no longer being usable.
Similar misuses have been addressed by legalization in the past. This includes post spam and fax spam, which today have clear regulation.
Most of the email traffic on the Internet today is spam, resulting in:
1. Increased operational costs for networks and service providers.
2. Clogged mail boxes, user annoyance and legitimate email being lost, resulting in loss of productivity.
3. A support infrastructure for other criminal activity ranging from phishing to child pornography.
Our respected opposition may claim that legalizing spam will open the door for other sorts of legalization. We believe this claim is a logical fallacy, falsely claiming a slippery slope to muddy the waters.
We believe that taking this route on spam is positive, other directions with other "products" should be considered on their own merit. It is a fact that the end of prohibition did not result in legalization of drug usage.
In support of my case I bring before you a case study (below), written by me two years ago for a zdnet blog. I demonstrate how an unrelated legalization caused a large percentage of spam to stop and spam operations to collapse, when the demand ceased.
Gadi Evron,
ge@linuxbox.org.
---
Taking down spammers: Successful spam fighting via legalization, regulation and economics
Original URL:
http://blogs.zdnet.com/security/?p=720
By Gadi Evron
Working in the Israeli city of Netanya, next door to our offices was a spam operation with roughly 30 employees. One day they weren’t there anymore.
They were blog comment spammers, but officially were doing Search Engine Optimization or SEO. Instead of optimizing content, they posted illicit comments on many blogs with commercial or misleading messages leading to their clients’ web sites, mainly for the purpose of increasing their clients’ web sites visibility in search engines such as Google. They would do this using an illegal tool such as botnets, and make quite a bit of money.
The reason for their disappearance soon became clear; nearly all their clients were gone. A law was passed in the United States which addressed online gambling operations (”Unlawful Internet Gambling Enforcement Act” - UIGEA). As a result, the public gaming industry ceased accepting online wagers. More than that, UIGEA addressed processing payments to and from Internet gambling sites. In a day, most of US-based gambling web sites ceased to exist (others moved over-seas, although quite a bit of the world’s credit processing is done by US firms). This effectively caused
the death of numerous black hat SEO companies–comment spammers. Perhaps the UIGEA measure against processing of payments proved too difficult to overcome. Not being a lawyer I can’t say exactly how UIGEA caused this death. No matter, US online gambling operations were effectively destroyed.
Spam decreased. The underlying cause for that was that the clients weren’t there due to the inability to process payments because of the online Casinos law.
....
More...
Friday, April 10, 2009
Debate and general discussion mailing list, with good arguers
Hi all,
Do you want to participate in a debate and general discussion mailing list which will have members who are good and intelligent arguers?
Please contact me if you do.
Gadi Evron,
ge@linuxbox.org.
Do you want to participate in a debate and general discussion mailing list which will have members who are good and intelligent arguers?
Please contact me if you do.
Gadi Evron,
ge@linuxbox.org.
Thursday, April 09, 2009
Reimage named "Cool Vendor" by Gartner. They are COOL
My friend Zak Dechovich started a startup named Reimage and I am very exited because Reimage was just named by Gartner as a "cool vendor".
While I was a disbeliever at the very beginning, I saw the light. I am VERY excited Reimage does. They are COOL.
The original idea behind the company was to help US, the computer savvy folk who have to fix our family's computers all the time, by creating easy to use software that does it for us.
While it originally was unintentional, they remove a lot of malware while they are at it. Making it a very useful security product to boot.
Reimage's web site:
http://www.reimage.com/
Gadi Evron,
ge@linuxbox.org.
While I was a disbeliever at the very beginning, I saw the light. I am VERY excited Reimage does. They are COOL.
The original idea behind the company was to help US, the computer savvy folk who have to fix our family's computers all the time, by creating easy to use software that does it for us.
While it originally was unintentional, they remove a lot of malware while they are at it. Making it a very useful security product to boot.
Reimage's web site:
http://www.reimage.com/
Gadi Evron,
ge@linuxbox.org.
Wednesday, April 08, 2009
Fascinating Omegle Chat Logs
I have been chatting on Omegle all night, and some of the chats are absolutely fascinating. I don't want to flood this blog like I do my fun one. I will summarize here with links.
So far, I spoke with a dirt-road worker from Australia and a 15 years old sophomore girl tennis player from Maryland (trying to explain without sounding parent-yy about not sharing private information on the net).
I have been sharing these logs with a group of social scientists in an email thread. This is so intriguing.
The more interesting chat logs:
1. NSFW, very funny log where you see how anonymity lets people let loose.
2. A guy (apprently) coming out of the closet on Omegle.
3. Seeing social responsibility as base for good and evil
You may find this one boring, but I found it absolutely fascinating seeing how a person views the world in a way I find fscked up.
The person's social identity is what builds her (my guess) view of good and evil. I am thinking 17 years old.
Gadi Evron,
ge@linuxbox.org
So far, I spoke with a dirt-road worker from Australia and a 15 years old sophomore girl tennis player from Maryland (trying to explain without sounding parent-yy about not sharing private information on the net).
I have been sharing these logs with a group of social scientists in an email thread. This is so intriguing.
The more interesting chat logs:
1. NSFW, very funny log where you see how anonymity lets people let loose.
2. A guy (apprently) coming out of the closet on Omegle.
3. Seeing social responsibility as base for good and evil
You may find this one boring, but I found it absolutely fascinating seeing how a person views the world in a way I find fscked up.
The person's social identity is what builds her (my guess) view of good and evil. I am thinking 17 years old.
Gadi Evron,
ge@linuxbox.org
Subscribe to:
Posts (Atom)
