SCO News Roundup

Ok, it isn't quite time yet for today's non-PJ items. Instead, we interrupt your normal programming for an exciting update on the blogspam I've been getting recently. The post with the name-and-shame details got this anonymous comment earlier today:

Be careful about publicly naming people. It happened to a mate of mine and he was sued under the freedom of information act in the uk.

.

This was followed almost immediately by a nasty email:

From: m@il2.us
Subject: http://sconewsroundup.blogspot.com/
Date: Fri, 16 Feb 2007 19:49:59 -0000
Remove my name and contact details immediately from the blog and the public domain. I have received harrassing telephone calls and will be filing a law suit against yourself and the company you represent.

Rowcliffe

My response:

Dear Mr. Rowcliffe,

All of the information posted on SNR comes from public WHOIS records. Anyone can find the same information with a brief, trivial search, without ever visiting or hearing of my site. Try it yourself if you don't believe me: Go to www.whois.net (for example), enter one of your domains in the provided form, and examine the results.

You haven't said anything so far about the bargainplace blogspam I've been getting. You haven't denied it's yours. Nor have you expressed any remorse about the annoyance it's caused, or the time I've wasted deleting all that spam. And yet you want me to bend over backwards to make *you* happy. Doesn't that strike you as a bit odd?

That said, if you truly have been receiving harassing phone calls, that's not ok with me. Purely out of the kindness of my heart, I'll remove the two phone numbers shown in your contact data, even though I have no legal obligation to do so, and you didn't even ask nicely.

Don't expect this to stop the flood of angry phone calls, though. Anyone on the entire net can easily find the same phone numbers without any help from me.

Spam is very annoying. A Google search for "bargainplace.co.uk" shows similar spam posts on a large number of other blogs. You should reasonably assume that behind each of these blogs is an annoyed blogger, and any one of these people could look up your WHOIS data just as easily as I did. If you don't like the reaction the spam's been getting, I'd encourage you to consider a different business model.

Regards,
-a

I meant what I said about the phone harassment thing. That's not ok with me, and I don't want to encourage that sort of behavior, so I've removed the phone numbers from the post. Quite honestly, I never would've guessed those were legit phone numbers in the first place. What sort of spammer gives out a real phone number in his WHOIS data, anyway?

While I was busy writing that last email, I got two more emails from our delightful Mr. Rowcliffe:

#1:

If my personal details are not removed from the site by 00:00 GMT I will be contacting the FBI under the terms of data protection.

#2:

Remove my name and contact details immediately from the blog and the public domain. I have received harrassing telephone calls and will be filing a law suit against yourself and the company you represent.

Rowcliffe

And just now, two more emails. Apparently he's not satisfied with my response.

To: security@google.com
CC: atul666@yahoo.com
Subject: Internet Security Breach
Date: Fri, 16 Feb 2007 22:02:29 -0000
RE: http://sconewsroundup.blogspot.com/

This individual has placed my personal details in the public domain - a clear breach of Data Protection laws. Please can this blog be removed immediately and the listing removed from Google.com.

Thanks
Ian Rowcliffe

And:

From: m@il2.us
To: security@google.com
CC: atul666@yahoo.com
Subject: Fw: Internet Security Breach
Date: Fri, 16 Feb 2007 22:04:45 -0000
I have received an email from the individual responsible and he refuses to remove my details from his blog. I reiterate please remove this blog immediately.

I should point out at this point that we don't have a UK-style Data Protection Act here in the US.

I'll update this page if there are any more fun developments in this thrilling saga.

---

Updated: Another email from my new friend across the pond. It seems he's feeling a little belligerent.

From: m@il2.us
To: atul666@yahoo.com
Subject: Re: http://sconewsroundup.blogspot.com/
Date: Fri, 16 Feb 2007 22:16:18 -0000


You obviously haven't a clue how the law works pal - a good job you're
not stood in front of me now ywpos.

Anybody know what a "ywpos" is?

---

Updated II:

Nothing new from ol' whatsisname, but I've turned on word verification and turned off anon posting, at least for the time being. I realize that's an annoyance, but at least it should cut down on the spam. Given that last email, there's no telling what sort of reckless thing he's going to try next. It's always an adventure here at SNR...

---

Updated III:

It's about 3am GMT now, and I haven't heard another peep out of "Lord" Ian so far. I'll keep y'all posted if anything else happens on the blogspam front.

Oh, and I'd just like to point out one fun bit: The domain registration he's upset about is a .com registration, via Arizona-based GoDaddy. They also host his FreePremiership site, while his Bargainplace.co.uk site lives Texas-based Alpha Red. They appear to specialize in pr0n hosting. I'm not saying there's anything wrong with that. I'm just saying.

On top of that, Google/Blogspot is out of California, and I'm in Oregon. In short, everyone except Rowcliffe himself is on this side of the Atlantic. So I imagine he's going to have a spot of trouble getting everyone to knuckle under and submit to random EU directives out of Brussels. I just sort of don't see that happening.

And if we are going to go down the path of assuming his laws apply to me, mine presumably apply to him as well. Here's Oregon's anti-spam law. When someone posts here, Blogger automagically emails it to me, so it seems pretty clear that the email spam provisions apply to Mr. Rowcliffe's marketing efforts. I'm not sure yet what Texas' laws are about spammers. If you're lucky, they probably just send you to Guantanamo or something.

Oh, and an IV poster pointed out that the UK's data protection rules only apply because Lord Whatsisname claimed to be "non-trading". Since he's advertising, he's clearly running a business and engaging in trade (or at least attempting to do so), therefore EU privacy rules don't apply anyway. I don't know if there are actual penalties for misrepresenting one's business as non-trading to exploit privacy laws, but I'm sure it can't be a positive thing. And heck, the UK probably has laws about misrepresenting oneself as a "Lord", too. But maybe he's already realized all this stuff on his own, and that's why I haven't heard from him lately. We'll see, I guess.

---

Updated IV: Still no word from Lord Ian of Spamalot. Which is fine by me, really. But here's some more info about the guy that various people have dug up:

• He made a 2002 list of top non-US-based registrants in the .US domain. The domains he was "lord" of, as of that date:
  

  
  3dtv.us, activ8.us, cat5e.us, cat7.us, christen.us, contax.us, coupling.us, cybersurf.us, cyberzine.us, domainrent.us, dvcam.us, dvt.us, earthcam.us, e-commercial.us, e-comms.us, e-conomy.us, econsultancy.us, educ8.us, e-i.us, e-id.us, e-it.us, e-technology.us, freefone.us, freesoft.us, fxck.us, galore.us, ibanker.us, ipatent.us, ipcall.us, iportal.us, itdept.us, itechnology.us, liverpoolfc.us, look2.us, lotterywinner.us, matureporn.us, moneybroker.us, mufc.us, qualitydomains.us, readerswives.us, sexandthecity.us, singlesclub.us, squat.us, stalker.us, sunbed.us, sunbeds.us, surf4.us, surferswives.us, svcd.us, telecomms.us, ustld.us, virtua.us, virtualpc.us, webclick.us, webdj.us, webdns.us, webseek.us
  

  
  
  I'd guess from those domain names that he was doing a bit of cybersquatting on the side. Clearly he doesn't realize how rarely the .US domain is used. And "matureporn.us"? Eew.
  
  
• As an example, here's his registration for look2.us. A quick google for "Lord Rowcliffe" comes up with this page, plus the .US pages at Harvard, plus SNR.
  
• It's not 100% certain, but this may be our guy. He lists occupation as "Computer related (other)", which I guess is true, and under "Here for?" he answered:
  Dating: False
  Relationship: False
  Networking: False
  Friends: False
  Publishing: False
  And I can see all of that being true as well, except possibly the "publishing" bit.
  
• One of his spams wasn't just signed "Ian Rowcliffe", it even included a map to some sort of location in Blackpool. That seems like a rather silly thing to do, if one is going around spamming people left and right.
  
• Oddly, he's neglected to acquire ian-rowcliffe.co.uk or similar domains. If I thought he was worth the £1.99, it'd be a tempting thought.
  
• Another astute reader contributed a list of other domains associated with the Bozo of Blackpool:
  
  omega-3shop.blogspot.com
  omega3shop.blogspot.com
  thebestsitefor.blogspot.com
  wwwomega3.com
  omega-3-6-9.co.uk
  omega-3-6-9.com
  o3p.co.uk
  look2.us
  paypal-signup.com
  ebay-signup.com
  talktalk-signup.com
  sky-signup.com
  aa-signup.com
  rac-signup.com
  ntl-signup.com
  coolcreditcards.co.uk
  gaselectricitysuppliers.co.uk
  www-uswitch.com
  www-ebooks.com
  wwwdomain-registration.com
  www-fa.com
  www-barclays.com
  www-itv.com
  argosonlinecatalogue.co.uk
  www-argos.com
  www-nhs.com
  www-nhs.co.uk
  essentialforbodyandmind.com
  
  
  ...while also noting that A "James Smithson" using toasttopper@hotmail.co.uk also promotes some of the above.
  
  If we're going to look at this with a generous eye, he's merely looking for hits from poor typists. Or possibly these are for phishing purposes, or perhaps squatting on domains real phishers might want. Can't rule either out, based on names like those. paypal-signup.com? www-nhs.co.uk? The guy's really playing with fire, WIPO-style.
  
  
• Domains in the second set tend to come with contact info different than what was posted earlier. (And let me point out here that the "administrative contact" and "technical contact" WHOIS fields use the word contact for a reason. Precisely the reason I'm using the info for, in fact.)
  
  Ian Rowcliffe
  174 Norbreck Rd
  Blackpool, Lancs fy5 1qg
  United Kingdom
  
  And the aforementioned map points to an location somewhere on Norbreck Road. So either that's his real lair, or he wants people to think that's his real lair, and either way he's giving the info out for weird, inscrutable reasons of his own. Right now I'm inclined to think it's not a residence, since a quick Google indicates that street is full of tourist amenities: trinket stands, fish-and-chip shops, and the like. Plus he acts like a business, he says he's a business, he advertises himself as a business, so it's perfectly reasonable for me to assume this is a business address, and not just mum and dad's basement or something. I wonder what a spammer's real live brick-and-mortar storefront looks like, anyway?
  
  I should point out that I'm looking into this stuff strictly out of morbid but purely idle curiosity. He hasn't been back here, and he hasn't managed to spam me again since our fun episode on Friday. I'm not sure we've seen the last of the guy, though, and since the guy keeps threatening me, it's clearly in my best interest to learn as much as I can about the guy, just in case he tries something stupid. I guess we'll just have to wait and see what happens next.
  
  
• As for the "Smithson" angle, here's one example. The entry lists Rowcliffe's "wwwomega3.com", a Norbreck Rd. address, and the same phone# as one listed on His Lordship's freepremiership.com registration. (Please note that I'm mentioning the phone# bit strictly for correlation purposes.) I also like how the listing claims that Omega-3 fish oil is good for cancer and AIDS. Ok, so he's not a doctor, but he plays one on the Interwebs. Niiiice.
  
  
• The ironic thing about all this is that he could've easily avoided all this unpleasantness. For starters, he could've just not spammed me. That would've been nice. But suppose he had, and I'd posted that WHOIS data. There were all sorts of other approaches he could've tried that might've worked better than immediately threatening me. He could've apologized and sworn never to spam anyone again. He could've sworn up and down he had nothing to do with the spams. He could've even admitted to it and said he was only doing it because he really needed the money and had a good reason for it, like paying off a gambling debt, or getting mum a liver transplant, or something. In any of those cases, I might've been persuaded to ditch that WHOIS info, because I'm a nice person and I try to be understanding about these things. But no. Nothing but threats from the get-go. And here we are now.
  

---

Updated V (2/21/07):

Got this in my inbox earlier today:

Date: Wed, 21 Feb 2007 16:20:52 -0800
From: "Blogger Help"
To: m@il2.us
CC: atul666@yahoo.com
Subject: Re: [#114154105] Internet Security Breach

Hello,

Thanks for writing in. If you could provide us with the confidential
information that is being posted as well as links to the specific posts
containing this information, we can investigate the issue further.
Thank
you for your continued patience.

Sincerely,
The Blogger Time

If Rowcliffe replied to that, he didn't cc me. And if he replied, I imagine that there are certain crucial details he'd leave out of his account, like the spam bit for example. So I took the liberty of composing a reply of my own. I cc'd Rowcliffe, of course, since I'm all about the free flow of information.

From: "atul666@yahoo.com"
Subject: Re: [#114154105] Internet Security Breach
To: "Blogger Help" , m@il2.us
CC: atul666@yahoo.com


Hello,

Thanks for writing in. If you could provide us with
the confidential information that is being posted as
well as links to the specific posts containing this
information, we can investigate the issue further.
Thank you for your continued patience.

Sincerely,
The Blogger Time


I'm the individual Mr. Rowcliffe complained about in
the original mail. Here's some additional detail on
the situation. For some time now, I've been getting
constant blogspam advertising the sites
"bargainplace.co.uk" and "freepremiership.com", both
of which are registered to Mr. Rowcliffe, according to
publicly available WHOIS data. You can see many
examples of what I was having to put up with by
searching on either URL. For example:

http://www.google.com/search?hl=en&q=bargainplace.co.uk

So I posted that public WHOIS data, in an attempt to
get the guy to stop spamming me. Here's my original
post on the topic (look towards the bottom of the
post):

http://sconewsroundup.blogspot.com/2007/02/212-snr.html


And my further adventures with Mr. Rowcliffe can be
found here. Instead of leaving me and my blog alone,
which is all that I wanted, he started sending me
threats. As you can see, at one point he even
threatened me with physical violence, all because I
was sick and tired of having my blog spammed all the
time.

http://sconewsroundup.blogspot.com/2007/02/blogspam-update.html

As with the first post, every last bit of the info in
the second post is publicly available and can be found
easily with a bit of Google-fu.

As I mention in the second post, I've reluctantly
turned word verification on now, and I haven't gotten
any blogspam since then. In retrospect I really
should've done that from day 1, but you live and
learn, I guess.

I don't believe that anything in either of those posts
is over the line, since it's all 100% public
information. I wouldn't have posted it, otherwise.
As far as I can determine, Rowcliffe wants to prohibit
any criticism of his "business practices" anywhere on
the net, which strikes me as a bit on the unreasonable
side. All that said, if there's anything in either
post that shouldn't be there, let me know and I'll
make the appropriate adjustments.

Thanks for listening,
-a

So we'll see where this thrilling circus goes from here.

---

Updated VI:

I figured that last exchange would elicit a response from Rowcliffe, and I was right:

From: "Ian Rowcliffe"
To: "Blogger Help", security@google.com
CC: atul666@yahoo.com, "Ian Rowcliffe"
Subject: Re: [#114154105] Internet Security Breach
Date: Thu, 22 Feb 2007 09:40:55 -0000

I am not aware of anyone I know spamming this gentleman's blog account
and in fact had never even visited it or even heard about it until I found
that the blog had been indexed in the Google search engine.

Obviously, the information this individual is spreading around the
public domain is confidential and he has absolutely no justification in doing
it.

His further posts to various blogs is not only damaging to my
reputation but is cyber bullying and is highly illegal in that Data Protection Laws in
the UK and US do not permit such an activity - see
http://www.census.gov/privacy/files/data_protection/002777.html

Extract:
a.. Private Information is Never Published
It is against the law to disclose or publish any private information
that
identifies an individual or business:
a.. No names
b.. No addresses
c.. No Social Security Numbers or Employer Identification Numbers
d.. No telephone numbers
b.. We Collect Information to Produce Statistics
We use your information to produce statistics. Your personal
information
cannot be used against you by any government agency or court.
c.. Sworn for Life to Protect Your Confidentiality
Every person with access to your information is sworn for life to
protect
your confidentiality.
d.. Violating the Law is a Serious Crime
If anyone violates this law, it is a federal crime; they will face
severe
penalties, including a federal prison sentence of up to five years, a
fine
of up to $250,000, or both.

It is for this reason that I have had to contact the FBI in America who
are in the process of investigating this matter - penalties for such an
offence are clear for all to see. I gave this individual plenty of time to
comply with my request but instead prefers to post more spurious blurb and has
been obsessively hounding me by contacting my domain providers.

Finally as a result of this gentleman's rather obsessive actions I
havebeen inundated with nuisance telephone calls around the clock for over a
week and this is very disturbing, frightening and upsetting for my wife and
young children. I have made the individual aware of this but he clearly does
not wish to comply with removing the offensive data.

As this information is currently held on your servers, I am kindly
requesting that you remove any information relating to the name
Rowcliffe off your servers as soon as possible. I do not give permission for
this information to be held on your servers.

Damaging blogs that I am aware of - there could be more:

http://feeds.feedburner.com/ScoNewsRoundup
http://sconewsroundup.blogspot.com/

The guy tells a few real whoppers in there, so I felt I had to reply:

From: "atul666@yahoo.com"
Subject: Re: [#114154105] Internet Security Breach
To: "Blogger Help" , security@google.com
CC: atul666@yahoo.com, "Ian Rowcliffe"

I hate to drag out this silly situation any further,
but Mr. Rowcliffe's latest email contains a number of
false statements that I can't let stand uncorrected.


I am not aware of anyone I know spamming this
gentleman's blog account.


The available evidence *strongly* suggests otherwise. A Google search on "freepremiership.com" (for example)
shows many, many examples of spam advertising that site. A WHOIS search on the same domain name returns
your name, email address, and other particulars.

What part of this situation are you not involved in, Mr. Rowcliffe?


he has absolutely no justification in doing it.


My justification is actually quite simple. I want the spam and harassment to stop.


Data Protection Laws in the UK and US do not permit
such an activity - see
http://www.census.gov/privacy/files/data_protection/002777.html


The law Mr. Rowcliffe refers to applies only to the release of US Census data. It's utterly ridiculous to suggest it applies to public WHOIS records.

And as Rowcliffe owns literally dozens, perhaps hundreds, of domain names, it seems wilfully dishonest for him to suggest he doesn't know what WHOIS records are. That idea boggles the mind, and defies basic common sense.


has been obsessively hounding me by contacting my
domain providers.


A complete fabrication. Perhaps some other blogger he's offended (and I imagine there are many) has done this, but I have not. I'd be well within my rights if I chose to do so, but so far I haven't.


I have been inundated with nuisance telephone calls
around the clock for over a week


If this accusation is really true, the callers could not be obtaining this information from my blog at this point. My posts have been scrubbed of any phone numbers, as I strongly oppose that sort of thing. I've explained this to Mr. Rowcliffe before, to no avail.

The information is elsewhere on the net, though, and can easily be found by anyone out there without ever visiting my blog. Rowcliffe wants a harsh punishment meted out without even knowing where the alleged callers -- if they even existed -- got the information, which is just plain ridiculous.


Damaging blogs that I am aware of - there could be
more:

http://feeds.feedburner.com/ScoNewsRoundup
http://sconewsroundup.blogspot.com/
<<

Another strange notion. The Feedburner URL is simply an enhanced RSS feed for my existing blog, not a second blog. See http://www.feedburner.com/fb/a/help/blogger_quickstart



Anyway, thanks again for your time and patience in this matter. Don't hesitate to contact me if I can be of any further assistance.

-a

The fun just never stops, does it?

---

Updated VII (5/4/2023): Yes, I'm posting this over 16 years after the previous updates. Seems this post was flagged as "adult content" and placed behind a warning that users have to click through, and I imagine that whole process is completely AI-driven at this point. I thought about just letting it slide, since this blog hasn't been updated in ages and almost certainly won't be ever again. But then I reread the post and remembered what a dishonest asshole this guy was, and presumably still is. The notice received asked me to update the post and request that it be re-reviewed, so I'm adding this update here, and I'm going to request a review, and ideally the reviewer(s) will notice there never was any adult content here in the first place, and that the complaint was made maliciously and is entirely without merit.

Labels: linux, open source, sco, tech