Difficult question (added at beginning - photo tracking)

Page 1 of 1 [ 7 posts ] 

natesmom
Veteran
Veteran

User avatar

Joined: 15 May 2008
Gender: Female
Posts: 631

06 Aug 2009, 11:07 am

New Questions: We are actually coming closer to solving this troll. If she is who I think she is, she is the biggest manipulator ever. I never did like her.

So, is there a way to link her pictures to other possible 'pseudopeople" that I think she has posted on there (I am thinking at least one)??? What about seeing if people who posted pictures are using the same camera - make sense?

What is EXIF???







I belong to a small tight knit forum community. Someone from our little community stole a picture and some text files, created a fake facebook account. This fake person copied and pasted photos and text from our forum became "friends" with this persons family (stating she had info) and showed them text and photos (pregnancy photos - they weren't supposed to know) and it has ruined this persons relationship with her family probably forever. Why in the heck someone would do that, I just don't know. I am NT (sort of) and the stupid person is also an NT, obviously.

I spoke with my computer husband (AS). He is WONDERFUL with computer programing. He said that half of the puzzle is knowing that persons IP number which we do have the info on the small forum. We get our forum from bigforumpro - a free site.

My husband said the other half of the puzzle needed to solve the troll and thief is from the apache server information from bigforum admin. You would need to look through those files as to what IP address (check to see that IP's location using some free sites) looked up this individuals information back to back.

If we are not able to get that information from bigforum pro doesn't that mean we can't find out who the thief is?? Any other ideas??



Last edited by natesmom on 07 Aug 2009, 1:38 pm, edited 1 time in total.

V001
Toucan
Toucan

User avatar

Joined: 27 Jul 2007
Age: 55
Gender: Male
Posts: 288
Location: New Mexico USA

06 Aug 2009, 1:38 pm

the person might have used a open proxy so the ip address might not help. And most isp will not with out a court order tell you name of the customer that has what ip address asuming they did not use a proxy. When you look up a ip address it says the name of the isp and an abuse contact number call that or email tell them what is going on they might look them up and do something.



Aoi
Veteran
Veteran

User avatar

Joined: 16 Jul 2009
Age: 58
Gender: Male
Posts: 683

06 Aug 2009, 1:56 pm

Also contact Facebook. Impersonation on Facebook is common, and practically a sport of sorts among certain cyberspace subcultures. Facebook may work with you, or may not.

The IP address will tell you almost nothing. Plenty of people share IP addresses, use a company or school computer, or an open access terminal/computer from a library or WiFi hotspot. You hardly need to proxy hop these days, since the Web basically does that for you. And plenty of people use dynamic IP addresses anyway.

Another problem is that, as your husband will tell you, once something goes online, it basically never comes offline. It will be stored in the caches of major search engines like Google, some ISPs, backup servers at Facebook, and even archived (at least in part) on InternetArchive.org.

I suggest a different approach. Finding the thief (assuming you can) won't undo the damage that has been done. Instead, create several more Facebook accounts, as well as accounts on MySpace, Bebo, etc., each with a slightly different version of the names and other information. In other words, add lots of chaff to the wheat, decrease the signal-to-noise ratio, and otherwise flood cyberspace with enough other info that the fake info can't be identified for what it is.

Finally, the object lesson here is that you never know who you are really dealing with online or what their intentions are. Do not put anything online that you wouldn't want your family, friends, coworkers, boss, etc. to know. Although the risks of them finding it are low, they are non-zero, as you have found out.



natesmom
Veteran
Veteran

User avatar

Joined: 15 May 2008
Gender: Female
Posts: 631

06 Aug 2009, 2:32 pm

Even though we are on a small forum, I know there is a way to at least link the IP address to a specific location - i.e., arizona, right? The admin (or mod on that small forum) has access to the IP addresses and can check those IP address location when that IP address posted (only posted not page view). I know I probably don't understand --- so are you saying that it's almost impossible to know who viewed various specific threads and the same time... (at least what the IP address is so we can find the general location?? Even if the person did it on a library computer on a general IP address, wouldn't we still be able to access where the person lives (what state)?

We would not be asking names only hoping that we can have the apache server list (for the specific days) which we may be able to locate the person's IP address to page view. Since our forum is really small, we believe that we can isolate who visited (not just posted) specific posts. Is this a completely wrong assumption.

I know we probably can't find out who the person is off of facebook. However, since we are the ones who opened the forum (under bigforum pro) and have the same people on it since it is closed, I would think we can see who did the page views on a specific day - somehow. Only 30 people are on this closed forum and they are from different states and countries.

What is a proxy hop?? Does the open proxy mean you can't even locate where the person is at (what state)?

I don't believe this person is sophisticated. In fact, all of us on this forum are pretty darn oblivious when it comes to this thing.

Sorry if I seem out of it, I am pretty much illiterate when it comes to these things. My husband comes home tonight.



Last edited by natesmom on 06 Aug 2009, 6:18 pm, edited 1 time in total.

Aoi
Veteran
Veteran

User avatar

Joined: 16 Jul 2009
Age: 58
Gender: Male
Posts: 683

06 Aug 2009, 4:08 pm

You asked some good questions.

An IP address can be mapped to a very precise location, or not, depending how the network that address is a part of is set up. A simple example is a home network. You have a cable or DSL modem that connects you to your ISP, and connects to a home WiFi router. Now you connect your desktop, laptop, iPhone, or other devices to your router. All will appear to have the same IP address to the outside world, but that IP address won't tell you or anyone else who was using which device. Larger networks similarly may use only a handful of IP addresses with lots of routers to handle the traffic.

Worse, your IP address is managed by your ISP. My IP address shows up as being in various parts of Washington or Oregon, depending how my ISP is shaping traffic on any given day. If I use anonymizing software (such as a software firewall that protects privacy, available as a part of Windows and Mac OS), or use a proxy or anonymizer server, then the IP address represents that server. And proxy hopping is when you connect to a proxy, then from that proxy connect to another proxy, and so on. It's a good way to mask your real IP address, if you want to.

Was your forum open to the public, or did it require login credentials? Can it be found using a search engine? Check these things, particularly with search engines like pipl.com which search the so-called deep web. Your forum may be less private than you think.

As for logs, they depend on sever configurations. Typically, logs will show who looked at a page, who clicked on links, who posted, edited, deleted, logged in or out, etc., and at what time and from what IP address. Reading server logs is rather like reading the phone books for several populous states. They are much denser than you might imagine. Since the person who created the Facebook page probably didn't do anything unusual while on your forum, identifying the IP address may be a practical impossibility. If the person did do something unusual (i.e.: hacking), then identifying the IP address would be easier.

I'd need to know more about the configuration of your forum and the behavior of its members to give you any more specific suggestions as to how to track down the person who created that Facebook page. But one thing to do is monitor that Facebook page closely, since its creator may inadvertently leave information that identifies him/her. At least file a complaint with Facebook regarding DMCA copyright infringement and slander/liability issues. They may respond, since Facebook has been criticized for poor security and privacy policies, as well as problems with inappropriate content.



pakled
Veteran
Veteran

User avatar

Joined: 12 Nov 2007
Age: 68
Gender: Male
Posts: 7,015

08 Aug 2009, 12:25 pm

yeah...they can locate you from web sites; certain (ahem) sites I've been to seem to at least know what city I'm in...;)

This is something admins at Facebook should handle. I do seem to remember that you can take individuals off your page, wall (whatever), and also restrict access to your individual pages. If you want to really get paranoid, you could (outside of Facebook) send an email to the members of the group that you trust, and establish a code word or phrase to allow people to join up.

Worse case scenario - collect your reliable info, and delete yourself, then recreate a new account with a much more restrictive policy. Invite people you trust, add groups slowly, and eventually they may get tired of your not being found.



Aoi
Veteran
Veteran

User avatar

Joined: 16 Jul 2009
Age: 58
Gender: Male
Posts: 683

08 Aug 2009, 5:06 pm

natesmom wrote:
New Questions: We are actually coming closer to solving this troll. If she is who I think she is, she is the biggest manipulator ever. I never did like her.

So, is there a way to link her pictures to other possible 'pseudopeople" that I think she has posted on there (I am thinking at least one)??? What about seeing if people who posted pictures are using the same camera - make sense?

What is EXIF???



EXIF is a standard format for encoding information into a digital photo. The information is generated by the camera when the photo is taken, and usually includes the date and time (per camera settings), exposure information, and other data related to the format of the image. It does not include name or location, which a person could add later using standard photo editing software.

Note that EXIF is not found in GIF or PNG images. It's used in JPEG (expect JPEG 2000), TIFF, and RAW formats.