A 28 year old SadMonkey from St. Louis Missouri

[May 11 2011 19:48:59] *** Joins: Mojo(~home@97-85-145-160.dhcp.stls.mo.charter.com)
[May 11 2011 22:55:44] <Mojo> no. I'm SadMonkey
[May 25 2011 00:38:36] <Mojo> I'm from St. Louis and Used to live in Ferguson.
[Aug 17 2011 22:02:08] <Mojo> http://josephevers.blogspot.com/p/encyclopediadramaticach-irc-users.html KILL THAT MOTHERFUCKER!
[Nov 30 2011 14:34:12] <Mojo> Hey guys. This may be old news, but we took care of the guy who ran the josephevers blog, right?

ED's Google shopping cart

On Sep 5 2011:

garrett changes topic to "EncyclopediaDramatica sucks. | Several hundred dollars worth of hardware is toasted, we need suggestions/donations for some new servers. PM garrett if you know of a host who can handle us."

Maybe something you did caused your last three hosts to drop you.

This is the same shopping cart that Ryan Cleary used when he was running ED, and that is his home address. One condition of his release from jail while he awaits trial is he is forbidden from using the internet.

The judge issued a stark warning to both defendants to comply with their bail conditions as he fixed their plea and case management hearing for January 27, 2012. 

Perhaps his attorney, Ms. Karen Todner should be informed.

Cloudflare Enables Miscreants

Matthew Prince, founder and CEO of Cloundflare

CloudFlare provides security, a CDN-like service, high-level compression and web content optimization, according to Web Host Industry Review.

Cloudflare says

On average, a website on CloudFlare ...
... loads twice as fast
... uses 60% less bandwidth
... has 65% fewer requests
... is way more secure
All for free!

Because Cloudflare reduces bandwidth usage, obscures who is the actual hosting company of a website and offers its basic services for free, it has become popular among low-budget websites with controversial content.

An endorsement by Cloudflare's most infamous client to date, Lulzsec, helped  fuel a rapid growth that in turn helped them to secure an additional US$20 million in funding. Lulzsec's webmaster and spokesman, Jake Davis, was arrested July 28 2011 and charged with crimes relating to Lulzsec's activities. Their website was used to host documents that were obtained by stealing databases and other files from servers they had compromised by SQL injection or zero day exploits.

Cloudflare has a comprehensive terms of use policy that would seem to preclude their providing services to Lulzsec and similar sites. It states in part:

SECTION 11: PROHIBITED USES

You shall not post, transmit, retransmit, cache, or store material on or through CloudFlare's Service which, in the sole judgment of CloudFlare (a) is in violation of any local, state, federal, or foreign law or regulation, (b) is threatening, obscene, indecent, defamatory, or that otherwise could adversely affect any individual, group, or entity (collectively, "Persons"), or (c) violates the rights of any Person, including rights protected by copyright, trade secret, patent, or other intellectual property or similar laws or regulations including, but not limited to, the installation or distribution of "pirated" or other software products that are not appropriately licensed for Your use. You agree that you will NOT knowingly use the Service, among other things, to:

1. upload, post, transmit, or otherwise make available any content that is unlawful, harmful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, libelous, invasive of another's privacy, hateful, or racially, ethnically, or otherwise objectionable;
2. harm minors in any way;
3. impersonate any person or entity, including but not limited to a CloudFlare official, forum leader, guide, or host, or falsely state or otherwise misrepresent your affiliation with a person or entity;
4. forge headers or otherwise manipulate identifiers in order to disguise the origin of any content transmitted through the Service;
5. upload, post, transmit, or otherwise make available any content that You do not have a right to make available under any law or under contractual or fiduciary relationships (such as inside information, proprietary, and confidential information learned or disclosed as part of employment relationships or under nondisclosure agreements);
6. upload, post, transmit, or otherwise make available any content that infringes any patent, trademark, trade secret, copyright, or other proprietary rights of any party;
7. upload, post, transmit, or otherwise make available any unsolicited or unauthorized advertising, promotional materials, "junk mail," "spam," "chain letters," "pyramid schemes," or the like;
8. upload, post, transmit, or otherwise make available any material that contains software viruses or any other computer code, files, or programs designed to interrupt, destroy, or limit the functionality of any computer software or hardware or telecommunications equipment;
9. interfere with or disrupt the Service or servers or networks connected to the Service, or disobey any requirements, procedures, policies, or regulations of networks connected to the Service;
10. intentionally or unintentionally violate, attempt to violate, or avoid any applicable ICANN regulation or policy;
11. intentionally or unintentionally violate any applicable local, state, national or international law, including, but not limited to, regulations promulgated by the U.S. Securities and Exchange Commission, any rules of any national or other securities exchange, including, without limitation, the New York Stock Exchange, the American Stock Exchange, or the NASDAQ, and any regulations having the force of law;
12. provide material support or resources (or to conceal or disguise the nature, location, source, or ownership of material support or resources) to any organization(s) designated by the United States government as a foreign terrorist organization pursuant to section 219 of the Immigration and Nationality Act;
13. "stalk" or otherwise harass another; or
14. promote or provide instructional information about illegal activities, promote physical harm or injury against any group or individual, or promote any act of cruelty to animals. This may include, but is not limited to, providing instructions on how to assemble bombs, grenades, and other weapons, and creating "Crush" sites.
    

    SECTION 14: TERMINATION

    CloudFlare's policy is to investigate violations of these Terms of Service and terminate repeat infringers. You agree that CloudFlare may, under certain circumstances and without prior notice, immediately terminate your CloudFlare account, any associated email address, and access to CloudFlare.com and associated Services. Cause for such termination shall include, but not be limited to: (a) breaches or violations of the Terms of Service or other incorporated agreements or guidelines; (b) requests by law enforcement or other government agencies; (c) a request by you (self-initiated account deletions); (d) discontinuance or material modification to the Service (or any part thereof); (e) unexpected technical or security issues or problems; (f) extended periods of inactivity; (g) you have engaged or are reasonably suspected to be engaged in fraudulent or illegal activities; (h) having provided false information as part of your account; (i) having failed to keep your account complete, true, and accurate; (j) any use of the Service deemed at CloudFlare's sole discretion a Prohibited Use as defined above; and/or (k) nonpayment of any fees owed by you in connection with CloudFlare.com and associated Services. Further, you agree that all terminations for cause shall be made in CloudFlare's sole discretion and that CloudFlare shall not be liable to you or any third-party for any termination of your account, access to the Service, or any disruption to your services such a termination may cause. You expressly agree that in the case of a termination for cause you will not have any opportunity to cure. You further acknowledge and agree that notwithstanding any termination, your obligations to CloudFlare set forth in Sections 9, 10, 11, 12 and 13 shall survive such termination.

When asked about Lulzsec's use of their services, Cloudflare CEO Matthew Prince gave a standard response that is now used corporate wide:

"It's interesting to have public enemy number one using our service but it is important to note that we are not the hosting provider; we're much more similar to something like a network provider where traffic is passing through us and we're not actually storing any of the data," Prince says. "Importantly, if we were to kick them off of our network that wouldn't take the content off the Internet it would just be a little bit slower."

I asked Cloudflare's abuse response team by email if they have ever enforced their terms of service. They responded with the non sequitur:

We are not a web host and we don't censor content on the internet.
Even if we remove a site from CloudFlare it doesn't remove the content
from the internet in any way, shape, or form.When a complaint comes in we provide the direct IP to the site in question so that the person
with the complaint can take their complaint directly to the web host
of the site -- the only people who can ACTUALLY remove the site and
its content from the internet. We comply with every complaint that we receive.

I replied and reiterated my question, and it was ignored.


Later, The Whir reported from HostingCon that Prince said,

"… the LulzSec website had 18 million legitimate page views over 23 days. LulzSec had seven different hosts over 23 days, initially in Montreal. He says the other hosts were based in Malaysia, several US-based hosts, and ultimately had a German hosting provider."

The obvious implication, which escapes Mr. Prince, is that the lulzsecurity.com site would have had a very hard time staying online if they weren't hiding behind CloudFlare.

Lulz

Met hold online hacking group suspect

London’s Metropolitan Police have arrested a 19-year-old man on suspicion of being a founder and spokesman for a hacking group believed to be responsible for a series of cyberattacks on organisations such as the CIA and News Corporation.
The man used the online nickname Topiary, and “presented himself as a spokesman for the group” called Lulz Security, Scotland Yard said. Scottish authorities participated with the Met’s eCrime unit in making the arrest on Tuesday in the Shetland Islands.

He was being taken to a police station in central London, said the Met.
The arrest is the most significant to date in the investigation of Lulz and a related but larger group called Anonymous. In recent weeks, the Met arrested Ryan Cleary and another teen said by police sources to have used the name Tflow.

Topiary controlled the Twitter account LulzSec, which was the main way the group communicated to the public during a prodigious 50-day hacking spree this year that alarmed law enforcement and national security officials. That account has more than 340,000 followers.
In internal Lulz chats that were later leaked, Topiary wrote that “Tflow/Sabu/myself/kayla started” the group.

Ryan Cleary is the founder of Encyclopediadramatica.ch and Tflow was one of his first administrators. The FBI is still on the hunt for kayla* and Sabu.
*Kayla is now thought to be two British men who were recently arrested in September. 

Garrett E. Moore mentioned on ED's IRC channel:

Jul 26 2011 09:53:38 <garrett> ive known kayla waaaaay longer than tflow

I wonder to what extent Garrett's connection is to Lulzsec?

Here is Garrett, using the handle KnownCyberbully on Twitter, chatting with Sabu.

@anonymouSabu Hey dude, missed your PM. Hit me up whenever, glad you aren't dead. <3

Here is Sabu, more recently.

@Le_Researcher You fucking scrub - you got that from Ryan (who is violating his online prohibition) and that IP is a public Proxy. GOOGLE.
about 18 hours ago from web in reply to Le_Researcher

He doesn't mean Ryan Cleary, does he?

Ryan Cleary Arrested

Ryan Cleary,  photo borrowed from Sky News

Ryan Cleary, pictured here at age 13, photo from the Daily Mail

update: Ryan Cleary has been charged with five offences under the Computer Misuse Act, police said. It was also revealed the FBI seized servers in Virginia, run by Swiss web hosting company DigitalOne, around the time Cleary was arrested. Sven Slootweg, AKA Joepie91 owner of Anonnews.org, was named by the Daily Mail as a Lulzsec member. Slootweg is also active on encyclopediadramatica.ch and recently removed Cleary's systems administrator privileges because of his jailing.

It was first reportied Tuesday morning Jun 21 2011 that encyclopediadramatica.ch owner Ryan Cleary was arrested.

Ryan Cleary, an alleged member of the hacking group behind the claim, LulzSec, was arrested in Essex this morning by specialist cyber crime officers from Scotland Yard.

The 19-year-old was taken to a central London police station and remains in custody on suspicion of Computer Misuse Act and Fraud Act offences.

A “significant amount of material” was also seized from an address in Wickford, Essex.

Scotland Yard has also confirmed that a 19 year old resident of Wickford, Essex is in custody.

Officers from the Metropolitan Police Central e-Crime Unit (PCeU) have arrested a 19-year-old man in a pre-planned intelligence-led operation.

The arrest follows an investigation into network intrusions and Distributed Denial of Service (DDoS) attacks against a number of international business and intelligence agencies by what is believed to be the same hacking group.


The teenager was arrested on suspicion of Computer Misuse Act, and Fraud Act offences and was taken to a central London police station, where he currently remains in custody for questioning.

Searches at a residential address in Wickford, Essex, following the arrest last night have led to the examination of a significant amount of material. These forensic examinations remain ongoing.

The PCeU was assisted by officers from Essex Police and have been working in co-operation with the FBI.

More from the BBC.

The teenager's mother spoke to BBC Radio Essex and confirmed her son had been arrested at 0330BST on Tuesday.

She said he had been obsessed with computers since he was 12 and added: "Computers were his world."

More from The Daily Mail:

Ryan, a loner whose family says 'lives his life online', faces the prospect of extradition to the U.S where he could face 60 years' behind bars for allegedly hacking into the CIA and Senate websites.

Ryan's mother Rita, 44, said her son suffers from agoraphobia and attention deficit disorder and had not left his bedroom for four years.

Speaking at the family's home in Wickford, she said Ryan was an introverted boy who 'lives his life online'.

She added: 'He has a history of mental problems.

'He left school at 15.

'He has stayed in his room for the last four years in front of his computer.

'He is bright, but does not have any social skills.'

The teenager attended Heath School, in Stanway, Colchester, a school for children with special needs, and is said to have constantly spoken in 'computer jargon'.

Police arrived at the house on Monday night and are said to have spent five hours talking to Ryan. 

More from The Sun: 

Police sources said a "mind-boggling amount of information" had been seized from one of the nerdy lad's two computers.

They added the swoop was just the start of what could be a "long and complex" inquiry - and further arrests were possible.

Stunned Rita, a nurse at Southend Hospital, said her son "lives his life online".

She told how he has a history of mental illness and suffers from agoraphobia, a fear of open spaces, but is highly intelligent. Rita added that she thought he was playing computer games in his bedroom and cannot believe he was hacking into security agency websites.  

All the websites on the netblocks owned by Saad Naveed were unavailable for a short while Tue Jun 21 2011.

Turkish Patriots Take Down ED's Forums

Forum.encyclopediadramatica.ch, along with other domains associated with the 21 year old Ryan Cleary were unavailable yesterday because of DDoS attacks originating from Turkish patriots that were targeting Anonnews.org. Crusadegaming (owned by Saad Naveed), ED's forums and several other sites apparently suffered from collateral damage because they all are routed through a bottleneck at vps.anon.su (209.212.145.6).

Ryan at Crusadegaming: (09 June 2011 - 07:00 PM) Sorry for today's downtime, massive DDoS

AnonNews.org: AnonNews is having capacity issues

AnonNews'in basin bildirisini host etmek disinda OpTurkey'le bir ilgisi bulunmamaktadir. Bu yuzden lutfen AnonNews'e saldirmaktan vazgecin

As of now (Fri Jun 10 2011), Anonnews remains unavailable while the other sites appear to be back to normal. A statement from Ayyıldız Tim indicates they want an apology directed to the Republic of Turkey before they will cease the disruption. An unadvertised mirror, on the same netblock owned by Saad Naveed as anonnews.org, is still up.

Update Sat Jun 11: anonnews.org is back up at 66.228.47.225


In a related story, Cleary is now hosting IRC coordination channels for Lulzsec. (irc.lulzco.org and irc.encyclopediadramatica.ch share six IP numbers (66.228.59.138, 66.228.41.216, 72.14.185.117, 109.74.206.187, 66.228.41.214, 173.255.216.105). )
[Jun 9 2011 07:56:44] *** Joins: Ryan (~b@LulzCo-63BAB37A.anon.su)
[Jun 9 2011 20:43:06] *** Joins: Ryan (~b@LulzCo-CD8A653B.zone12.bethere.co.uk)


Update Wed Jun 15:

irc.lulzco.org is now using 69.65.55.24  and 209.212.149.108. Arcusvoice.com also points to 69.65.55.24.

Responses to this blog, part 2

A couple days ago, after ryan@encyclopediadramatica.ch sent fan mail to jevers.ceo, several thousand new emails were found in the inbox from [some random number]Attacker.com. When I looked through the headers of those, over 2100 contained the IP address 188.221.245.8. I know this is Ryan Cleary's residential broadband account because he had used it previously to send emails as Ryan and as Francis Madsen. Many of those in the inbox were also sent using a php script with the page title "SyRiAn Sh3ll ~ V5.6~ [ B3 Cr34T!V3 Or D!3 TRy!nG ]", that is currently (May 20 2011) installed on the compromised web hosts.

The Syrian Shell is described by its original author as

"a PHP Script that coded to help hackers with there hacking trip . with this script  you can so easily hack scripts , inject databases , send spam emails , bypass latest security  Updates  , collecting information , encrypting and decrypting strings , connecting dealings and  more ... in this website . I'll show you the features of this PHP shell , some codes in it and  some wonders that you haven't ever seen like it . :)"

Edit Jul 10 2011: I've removed the listing of 39 websites that hosted the scripts Ryan Cleary used to send thousands of emails to people he admires were installed, because one of the incompetent website owners asked nicely:

I kindly request you to remove from your blog any references to my web site or myself as soon as possible. Should those references do not disappear from your website, I will be obliged to take further action and contact your hosting provider (blogger.com).

Hoping we can solve this issue in a prompt manner,

Kind regards,

Meepsheep

Since this post was first published, there has been a steady stream of people arriving at this page who were searching for nude photos of children. One would hope that the majority of those searches were made by law enforcement officials.

Meepsheep was contacted by local police after this post first appeared.

Ryan Cleary, Age 21, Admits to DDoSing Sony and Dreamhost

Contrary to news reports, Ryan Cleary is not 17, 18 or 19.

[May 11 19:39:59] DildoBaggins: hey ryan are you really only 17?
[May 11 19:40:02] Ryan: nah
[May 11 19:40:05] Ryan: those dox are old
[May 11 19:40:10] Ryan: 2007ish
[May 11 19:40:17] Ryan: the birthday is wrong too, im a scorpio ^_^
[May 11 19:40:21] DildoBaggins: lulz
[May 11 19:40:39] Ryan: anons have been flooding ED all day with no success
[May 11 19:40:45] Meepsheep: lol
[May 11 19:40:52] Ryan: we peaked like 400 req/s
[May 11 19:40:55] Ryan: try harder pls anons
[May 11 19:41:19] Ryan: http://encyclopediadramatica.ch/stats/web/web/varnish_request_rate-day.png
[May 11 19:41:21] Ryan: pretty graphs yay

His profile page on Crusade Gaming (mentioned in this previous blog post) lists his date of birth as November 17, 1989. On a now deleted page listing their staff structure, he is labeled an "Executive" [who takes] care of server's security".

In a recent interview with Cleary, the Tech Herald's Steve Ragan reports:

In a public chat taunting the others from AnonOps, he openly admitted to several actions on his own. For example, posted logs show him and one other person issuing commands to bots in order to attack Sony and BMI during Operation: Payback. Other logs, as well as his public admission, show Ryan directing the bots to target DreamHost on May 1.

Ryan claimed that OpSony and the attack on BMI were going nowhere until he added his support. This support came by way of 5-10,000 bots, out of an install base of 50,000 to pull from. In addition, he added that the use of LOIC to attack targets was just a scam for the public.

“During OpSony we had a maximum of 40 [LOIC canons],” Ryan told us. “The bot shit was kept secret because it'd be bad PR. If they knew it was bots instead of [LOIC], then what’s the point of the public coming in?”

Further reading: It is an offence to launch a denial of service attack in the UK, punishable by up to ten years in prison.

Ryan Cleary, #OpSony and the LOIC

anon.su resides on the 209.212.149.96/28 netblock owned by Saad Naveed.  The email contact for that domain is listed as ni@id.ru. Two days ago, I received fan mail from "Francis Madsen" <ni@id.ru> that originated from the IP address 188.221.245.8. Prior to that, someone forwarded to me emails that they received from "Ryan" <ryan@encyclopediadramatica.ch>. They also originated from 188.221.245.8.

A subdomain, sonyns.anon.su, currently points to four nameservers owned by Sony Computer Entertainment America.

canonical name	sonyns.anon.su.
aliases
addresses	160.33.160.127 160.33.44.67 160.33.44.69 160.33.56.28

In early April, "Anonymous" issued three press releases regarding a Distributed Denial of Service attack targetting Sony on the website anonnews.org. That website is run by Sven Slootweg.

What is all this, then? It appears, that at the least, Ryan Cleary facilitated the DDoS attacks against Sony by pointing sonyns.anon.su at Sony's nameservers, then many "Anonymous" pointed the LOIC application at sonyns.anon.su.

Salvando animadoras

‎#OpSony
Nuevo objetivo: sonyns.anon.su.
Hive: loic.anonops.in, canal #loic.
Información sobre el enemigo en http://pastebin.com/xPYhueiS.

Salvando animadoras: DDoS

www.salvandoanimadoras.com

La guerra de la información en tus manos. WikiLeaks, los ataques DDoS, Anonymous, el proceso de Julian Assange, LOIC, los cables de la Embajada americana, AnonOps, la Ley Sinde y la lucha por la libertad en Internet no tienen secretos para las animadoras.

April 6 at 2:16am · Like · Comment

 

 

Ryan Cleary, Saad Naveed, Encyclopediadramatica.ch and Anonymous

See also  Encyclopediadramatica.ch IRC users

Typical residents of South Beech Ave Wickford

Saad Naveed, born Nov 18 1992

Sven Slootweg, born Aug 9 1991

In a January 2011 interview titled "An Interview with Anonymous", Sven Slootweg is described as the Dutch owner of anonnews.org. He owns the domain name encyclopediadramatica.ch and is also known as Joepie91.

Ryan Cleary owns the netblock 75.126.38.112 - 75.126.38.119

Ryan Cleary incorporated Arcusvoice on Apr 1 2011 in the UK.

Name & Registered Office:

ARCUSVOICE LTD

10 SOUTH BEECH AVENUE

WICKFORD

ESSEX

ENGLAND

SS11 8AH

Company No. 07480848

A few months earlier, he registered arcusvoice.com with a fictitious address in New Jersey.


Saad Naveed incorporated Appos Inc. on May 18, 2010 in Texas. That corporation owns crusadegaming.com. 
 

Entity Information:     APPOS INC

16522 PILGRIMS CIR

SPRING, TX 77379-7278

Status:     IN GOOD STANDING NOT FOR DISSOLUTION OR WITHDRAWAL through May 16, 2011

Registered Agent:     SAAD NAVEED

16522 PILGRIMS CIRCLE

SPRING, TX 77379

Registered Agent Resignation Date:    

State of Formation:     TX

File Number:     0801270162

SOS Registration Date:     May 18, 2010

Taxpayer Number:     32041876775

Saad Naveed owns several netblocks. 3 of them are 69.65.55.16 - 69.65.55.31, 209.212.149.96 - 209.212.149.111 and 209.212.145.6.


Gigenet has obfusecated the owner of these subnets as
network:Org-Name:PRIVATE CUSTOMER
network:Street-Address:PRIVATE RESIDENCE
network:City:SPRING
network:State:TX
network:Postal-Code:77379

However, a cached copy of rwhois of 209.212.149.100 gives the unobfuscated name and address.

network:IP-Network:209.212.149.96/28

network:IP-Network-Block:209.212.149.96-209.212.149.111

network:Organization;I:ECOMD-643BC3AE

network:Street-Address:16522 PILGRIMS CIRCLE

network:City:SPRING

network:State:TX

network:Postal-Code:77379

network:Country-Code:US

network:Tech-Contact;I:

network:Created:20110303

network:Updated:20110303

network:Updated-By:

network:POC-Name:Saad Naveed

network:POC-Email:

network:POC-Phone:2816509766

network:Tech-Name:Saad Naveed

network:Tech-Email:

network:Tech-Phone:2816509766

The Google street view of his residence shows that all images recorded of his house are purposefully blurred out, but "16522" is still clearly visible on the curb.


The IP addresses and websites are updated as of Jul 1 2011, struck items were correct in May 2011, but are no longer:

69.65.55.16 sandbox.crusadegaming.com

69.65.55.18 mail.anonops.ru mail.anono.ps mail.anonops.net ns2.lebvoice.net

69.65.55.20 crusadegaming.com excellentbuys.net thebritishnetwork.net

69.65.55.21 direct.encyclopediadramatica.ch cp.arcusvoice.com

69.65.55.22   static IP for anonnews.org

69.65.55.23  static IP for forum.encyclopediadramatica.ch (broken by hackers)

69.65.55.24 arcusvoice.com thedirectdealbulletin.com

69.65.55.26 ns1.2c7.net ns1.crusadegaming.com

69.65.55.27 ns2.2c7.net

69.65.55.28 us1.anonops.ru

69.65.55.30   static IP for anonnews.org

209.212.145.6 vps.anon.su

209.212.149.97 mail.encyclopediadramatica.ch

209.212.149.100 web.anon.su

209.212.149.101 ns1.anon.su ns1.lulzco.org

209.212.149.102 ns2.anon.su

209.212.149.104 anonops.ru anonops.net anono.ps anonops.in

209.212.149.105 ftw.so srsbiz.info

209.212.149.107 mc.encyclopediadramatica.ch

209.212.149.109 Shows a list of irc.anonops.ru IRC channels relating to ED

209.212.149.111 static IP anonnews.org

Related IP addresses
72.20.44.188, 72.20.44.189, 72.20.44.190 irc.anonops.ru irc.iranserv.com


217.114.62.129 irc.ddosing.eu irc.808chan.org za.l.to

66.63.160.250 dl.encyclopediadramatica.ch

The Rebirth of Encyclopedia Dramatica

encyclopediadramatica.com now redirects to Thornton and DeGrippo's new venture, Ohinternet. Many links on this blog no longer work.

Much of the content that was on ED is now being hosted by encyclopediadramatica.ch.

For more information on Encyclopedia Dramatica, see also

Encyclopediadramatica.ch IRC users

Edrama LLC

The Last Words of Sean Carasov  

Andrew 'weev' Auernheimer Negotiating Plea Deal

From The Smoking Gun, Apr 7 2011

In a U.S. District Court order, Judge Claire Cecchi reported last week that federal prosecutors and lawyers for defendants Andrew Auernheimer and Daniel Spitler are in the midst of plea negotiations.

Andrew 'weev' Auernheimer Released On Bail From Federal Custody

Updated Feb 28 2011


Andrew Auernheimer released on $50,000 bail today. 

Auernheimer, from a recent US Marshals Service mug shot

 The New Jersey Star-Ledger:
[weev] was freed on $50,000 bail today by a magistrate who threatened to send the defendant back to jail if he uses the internet for anything other than work. At a hearing in Newark to discuss the bail conditions, U.S. District Magistrate Madeline Cox Arleo also told Auernheimer his computer at both work and home will be monitored by the court. He will be permitted to have a cell phone, but it cannot have internet access, she said.
And he cannot have any contact with the alleged victims of e-mail theft or with members of Goatse Security, a loosely structured group of internet hackers.

The Smoking Gun:
In a January 18 financial affidavit, Auernheimer reported that he has been unemployed since November 2008, and claimed to have only made $200 during the previous year. A father of two minor children who live overseas, Auernheimer’s residence appears fluid. He “lives w/friends, motels,” according to the affidavit.

Earlier, from the New York Times, Arkansas Business and Washington County Sherrif's Office:

Two Are Charged in iPad Security Breach

 

By NICK BILTON and JENNA WORTHAM

Published: January 18, 2011

NEWARK — Federal prosecutors arrested two men on Tuesday on charges of fraud and conspiracy for obtaining and distributing the e-mail addresses of 114,000 iPad 3G owners.

Daniel Spitler, 26, and Andrew Auernheimer, 25, who are part of a group known as Goatse Security, gained national attention last June when they discovered a security loophole on AT&T’s Web site that allowed them to access the addresses and corresponding iPad identification numbers.

Those affected by the breach included military personnel, members of the Senate and the House of Representatives, and employees of NASA and the Department of Homeland Security.

Mr. Auernheimer, of Fayetteville, Ark., was taken into custody by the F.B.I. in Arkansas on Tuesday and was charged in federal court there. Mr. Spitler, a San Francisco resident, surrendered to the authorities and was taken into custody in Newark.

Criminal Complaint: US v. Daniel Spitler and Andrew Auernheimer
Archived copy

The Associated Press reports Auernheimer, 25, is in custody in his hometown pending a bail hearing Friday Jan 21. He has mocked the case against him, telling federal officials in the courtroom, "This is a great affidavit — fantastic reading."

Jan 21 2011:
Auernheimer waived a bail hearing today and remains in custody. His status of being homeless, unemployed and alienated from his family left him little chance of making bail. He will be transferred to New Jersey to face charges in the next two weeks.




















 
Feb 08 2011:
Auernheimer was released today by the Washington County, Arkansas Sheriff's Office and his custody was transferred to the U.S. Marshals Service and escorted to the Federal Transfer Center in Oklahoma City.

Court order authorizing Auernheimer's transfer
Department of Justice press release. It notes that Candace Hom, a federal public defender, will be representing Auernheimer.

Feb 23 2011:
The Associated Press reports that Auernheimer made his first court appearance in New Jersey today. He did not enter a plea, and a bail hearing was scheduled for next week.
 
"There is a serious risk of flight," Assistant U.S. Attorney Lee Vartan told Shwartz at Wednesday's hearing. "He has no real connection to New Jersey or, really, to any location at all."

Encyclopedia Dramatica Deletes Some Offensive Content

Soon after ED came back after an extended down time on Sun Jan 23 2011, which Sherrod DeGrippo characterized as a "front end configuration mistake", their site administrators began deleting some offensive and racist content. Gone are their original articles on Niggers and Jews, and the infamous "Offended" page has been turned in to a page that encourages racial and religious tolerance. The most significant deletion was the removal of the page on Aboriginals.

When Steve Hodder-Watt discovered that page more than a year ago, he filed a complaint with the Australian Human Rights Commission and Google. That complaint eventually led to Google removing it from their Australian search engine results and wide-spread coverage from blogs and news organizations. ED responded with a blustery missive on their official blog penned by "Joseph Evers".

Quote:

Encyclopedia Dramatica will never be censored in any way. We will keep publishing this content and our Australian users will be able to view it up until the point that your God-forsaken government blocks it with their soon-to-be-implemented secret list of banned material.

There has been no official explanation for ED's purge of offensive content, but one insider told me that it was because DeGrippo wanted to make the site more advertiser friendly. If she is serious, she should also consider deleting the hit job on Steve Hodder-Watt.

Encyclopedia Dramatica receives court order?

On December 8 2010, there was an unconfirmed report on Valleywag  that ED received a federal court order to take down material relating to Operation Payback. Let it be noted that Daniel Shockey deleted ED's article on the subject shortly before Valleywag's report, and also DMCAbot (which is not really a bot, but more like an official account used by ED's owners to respond to legal threats) deleted 22 related images. An archived copy of the Encyclopedia Dramatica article that was deleted is available here.

ED's article that describes how to obtain and use LOIC, the software used by Anonymous for Operation Payback, has not been taken down as of Dec 9 2010. It is archived here.

Update Jan 29 2011

Five were arrested in the UK and The FBI executed more than 40 search warrants Thursday. Quoted from the New York Times,

The F.B.I. investigation is part of a larger international inquiry into a loose confederation of hackers calling itself “Anonymous” that coordinated the cyberattacks against the Web sites of companies like PayPal, Visa and MasterCard late last year after they severed ties with WikiLeaks.

Law enforcement agencies in France, Germany and the Netherlands have also sought to find members of the group.

Meanwhile, ED continues to advise people on how to obtain and use LOIC for DDoS attacks and to lie to the FBI if caught and questioned.
Quoted from ED article on the LOIC:

Newfags FAQs

What if I get caught and [arrested]?

• You probably won't. It's recommended that attack with over 9000 other anons while attacking alone pretty much means doing nothing. If you are a complete idiot and LOIC a small server alone, there is a chance of getting V&. No one will bother let alone have the resources to deal with DDoS attacks that happens every minute around the world. Then theres always the botnet excuse. Just say your pc was infected by a botnet and you have since ran antivirus programs and what not to try to get rid of it. Or just say you have NFI what a DDoS is at all.

PROTIP: If you do get [arrested]: ALWAYS deny it, Explain it was botnet, Say you have dynamic IP and that they have the wrong guy. Also, epic lolz will be achieved because you are a fag. DDOS ONLY IN GROUPS

Kale Davis is Heartless

Kale Davis, AKA Karbraxis on Ohinternet, photo © Tamara Mann

Kale Davis was recently stationed in Grafenwöhr Germany and was a member of the 57th Signal Company, 172D Infantry Brigade.  He is currently in Korea. He often regaled other Encyclopedia Dramatica users on IRC with tales of his exploits which were then chronicled on ED.  One tale they have not yet told occurred the night of Oct 30, 2010, when Sean Carasov put a gun to his head and pulled the trigger after chatting on IRC. Davis, apparently for his own amusement, wanted Carasov to broadcast his suicide live on the Internet. The following log is excerpted from The Last Words of Sean Carasov. Kale Davis was using the nickname HardServ and Carasov was OldDirtyBtard.

[Oct 31 00:08:14] * kale_ is now known as HardServ

[Oct 31 00:30:37] OldDirtyBtard: i'm looking for my .45
[Oct 31 00:30:41] OldDirtyBtard: brb

[Oct 31 00:35:37] OldDirtyBtard: i cant find my clip
[Oct 31 00:35:41] OldDirtyBtard: brb
[Oct 31 00:36:00] OldDirtyBtard: um
[Oct 31 00:36:10] HardServ: OldDirtyBtard: do it on cam
[Oct 31 00:36:37] OldDirtyBtard: HardServ: too complicared
[Oct 31 00:36:55] HardServ: lol get on tinychat click broadcast
[Oct 31 00:36:57] HardServ: not to hard

[Oct 31 00:37:12] OldDirtyBtard: i'll be dead in 30 miins
[Oct 31 00:37:12] HardServ: ill even make the channel

[Oct 31 00:38:11] OldDirtyBtard: plox tto be tellling sheneequa to fix my ED pages

[Oct 31 00:40:50] OldDirtyBtard: tay
[Oct 31 00:41:14] OldDirtyBtard: found a fully loaded clip
[Oct 31 00:41:33] HardServ: OldDirtyBtard: ill make the tinychat rom
[Oct 31 00:41:37] OldDirtyBtard: i'll post some pix
[Oct 31 00:41:56] OldDirtyBtard: HardServ: no 

[Oct 31 00:42:32] OldDirtyBtard: i'm going into the bushes
[Oct 31 00:42:56] OldDirtyBtard: fuck the ix
[Oct 31 00:43:04] OldDirtyBtard: pix
[Oct 31 00:43:27] OldDirtyBtard: 'i'm  done' 
[Oct 31 00:53:01] * HardServ ([anonymuncule.irc] Local kill by HardServ (...)) quits
[Oct 31 00:53:02] * HardServ_ (kale@l0ld0ngs-89DEDF90.aus.us.siteprotect.com) has joined
[Oct 31 00:53:14] * HardServ_ (Quit: ...) quits