The Photo News Anonymity & Censorship: How-to Part 2
In the first part of our series on The Photo News Anonymity & Censorship, we focused on the brute-force method that The Photo News (TPN) has chosen to restrict comment: IP Blocking. In large measure, locking out the unique Internet address of the user has become the method of choice for TPN to squelch dissent and balanced comment. While this can be an effective step toward maintaining order, that’s the exact opposite of the behavior it enables. The result is that the bad actors are permitted full run of the blogs while those who have created accounts using their authentication — Disqus — are more easily blocked.
But IP Blocking alone is ineffective as we demonstrated through the use of anonymous proxies and virtual private networks. And IP Blocking is not the only tool in TPN’s bag of tools. This installment will explain some of the other measures used and how to continue to leverage anonymity in posting on TPN.
As with our previous installment, this is provided for public consumption only and as a public service to our readers in order to balance the influence of journalism and help balance the very toxic environment the Photo News blogs have become.
We do not endorse the use of this information for any illegal purpose, and take no further responsibility for actions taken by anyone who might use the advice contained within. All of the information in this piece can be found through research on the Internet.
E-Mail Address Filtering
Suppose you are posting an “anonymous” comment on a commenting system that uses Disqus and permits the use of “Post as Guest”. You will need two items to satisfy the requirement for your post to be accepted.
- The first is a name (I’ll post links to these momentarily, but you can make something up as most anonymous bloggers do). Be creative though not overtly profane.
- The second is an email address (I’ll also provide a link to about 25,000+ of these shortly).
You can Google these and come up with thousands of lists in practically no time. The ones I’ve chosen are known SPAM’ming accounts, and there’s nothing like a bit of retribution behind returning the favor to a SPAM factory.
The second link below is a list to truly witty names that can be used, some real and some fake. Courtesy of Ethan Winer.
This is the easy way to do it. If you don’t want to invest time in harvesting or making up names and e-mails, this is the quickest way to fulfill that requirement. Here are another few hints:
- There are a ton of sites that are havens for SPAM/Bulk Unsolicited Email. Websites from Eastern European countries (Russia, Belarus, Ukraine, etc.)
- Harvest your own SPAM. Everyone has gotten emails for how you can get free US government grants, beat the IRS, little known ways of paying off your mortgage, erectile enhancements, diabetes cures, weight loss secrets, mail-order brides from the Ukraine, and any number of other annoying mails.
Other email providers of note that are rarely questioned:
While this may or may not be part of the terms of service for a website, any site that permits posts as guests through proxies without authentication subjects themselves to such behavior and can do little to prevent it other than — wait for it — enabling authentication.
In fact, for TPN, there is very little that is done to test an email address other than banning ones that have been filtered for prior SPAM. So every country on the planet can have an email address in the form of firstname.lastname@example.org, or email@example.com.
Some addresses, however have been filtered. If at first your email address is not accepted, try another. Or simply make one up that isn’t your own. This could take a couple of tries.
This is not a foolproof solution, and in fact it’s a rather clumsy one that requires a lot of moderation overhead. As we’ve stated previously, the simpler solution would be authentication, but since TPN appears to condone anonymity, we’re only providing a method of exploiting that policy. Be there are other options.
Burner email addresses
Just like a “burner cell phone”, you could also get an e-mail address that could be simply thrown away.
A Google search will reveal sites where you can quickly obtain an address that can be used for a limited period of time. In this case, it would be very limited because you aren’t actually intending to use the address for anything but providing an authentic-looking email address. Once you’ve used an anonymous proxy to request the address, it becomes slightly more difficult — not impossible, but difficult — to track the origin. A site such as 10minutemail.com is useful for this purpose.
While this may or may not be part of the terms of service for a website, any site that permits “posts-as-guests” through proxies without authentication subjects themselves to such behavior and can do little to prevent it other than — wait for it — enabling authentication.
Other VPN Extension options are available, and a quick Google search will reveal them.
Net Privacy & Footnotes:
As a final note in this part of the series, let’s get one thing perfectly clear: Once you are on the World Wide Web, you ARE NEVER anonymous. Period. For IP (internet protocol) addressing to work, you must be assigned to an address. And while there are ways of making the process of detection more difficult, NOTHING is 100% fool-proof.
This Website does not endorse any illegal or unlawful use of the information that we’ve provided. This information, while available in the public domain, is only assembled to facilitate its correct and lawful utilization to protect your identity during legal Internet activity. While we wish it were not necessary to post this information so publicly, it provides a valuable service to those who want to ensure balanced, fair, and ethical journalism. We know that several people have contacted The Photo News’ management and expressed concerns about their apparent condoning of poor moderation and allowing of personal and unjustified attacks by a small minority of readers.
Had Photo News management enabled authentication, this series would not be necessary. They still have the opportunity to make this right by enabling responsible authentication and comment moderation. Until they do so, however, it would be irresponsible and continued imbalance to require others to identify themselves when all users are not required to do so, and the current behavior continues unchanged.
We invite The Photo News to make the right decision.