hacked and tracked

wolfright

Patron
So, apparently my esmb account was hacked by someone at the church and traced back to my location.

What happened was, I have only accessed this site from a friend's house, not my own. I didn't have internet access at my own place. No one knew this friend, their number, or anything.

While at my friend's house, I got a phone call on their phone asking for me by my legal name, not the name I go by now. Someone I have never heard of said they "knew me before" and had "tracked me down on the net". This is a lie as I hve done extensive searches for my various names and numbers and I am NOWHERE. Even if I was, they would have called my cell or home, not my FRIEND'S house. The only tie between us was that I was using her ISP to access this site. I pressed the caller hard and she wouldn't say how she got that number, anyway. She was calling to "find out where I was on lines" and wanted specific names and locations of people I was in touch with, yeah right! When I told her it was none of her business, she was quite miffed.

I guess the call was to verify that it was really me posting here.

It doesn't really matter to the rest of you, just be careful if you still care whether they know who you are. I have decided I don't care anymore.

But JEEZ they are paranoid jerks!!! (who cares what laws you break, right? it's all for the cause!) Christ.
 

Voltaire's Child

Fool on the Hill
CofS hates critical forums. There has been court testimony about how they monitor alt.religion.scientology and I know that they've attacked Andreas Heldal-Lund a number of times because of his forum. (xenu.net)

CofS members who post on their own without CofS' blessing, so to speak, will get hassled. I experienced it and so did numerous people I've known.

They're obsessed with intel and security.

Wouldn't it be nice if all the effort they put into intimidatioin, intel, security, etc, was put into handling their own crap?
 

Emma

Con te partirò
Administrator
Sounds like you've been tracked, but I dunno about hacked. In this thread alone you probably give away enough about yourself to be identified.

http://www.forum.exscn.net/showthread.php?t=1761

There has been enough scare tactics about the security of ESMB used against me in the last week. Please get your facts straight before making these allegations.

For OSA to have tracked you down by IP address, not only would they have to have the IP address but they would also have needed your ISP to give up account owners name. In most instances this requires a court order.
 

PirateAndBum

Gold Meritorious Patron
Exactly Emma, noone is going to track an IP to a home without havinging a court order or someone planted inside the ISP illegally giving them the information.

Did you use your friend's machine to go to other places on the net as well?

Are you still in the LA area? -- if so your ISP could have scientologist working there.

If not that, then it is possible they figured out who you are from your postings -- you have given considerable information about your contacts in the SO. Don't know why they'd be following you - do you? (Not that they are)
 
Last edited:

wolfright

Patron
Exactly Emma, noone is going to track an IP to a home without havinging a court order or someone planted inside the ISP illegally giving them the information.

uuhhh nooo, I have friends that do that kind of stuff. Don't you know what a hacker is? :)

anyway, I was just surprised that they would put out that much effort for someone who hasn't even posted that much here.
 

Alanzo

Bardo Tulpa
uuhhh nooo, I have friends that do that kind of stuff. Don't you know what a hacker is? :)

anyway, I was just surprised that they would put out that much effort for someone who hasn't even posted that much here.

It's what and whom you know, and what you can say.

Not how much you post.

Maybe it's a sign that you need to tell ALL and post MORE!
 

PirateAndBum

Gold Meritorious Patron
uuhhh nooo, I have friends that do that kind of stuff. Don't you know what a hacker is? :)

anyway, I was just surprised that they would put out that much effort for someone who hasn't even posted that much here.

You mean hacked this board? I suppose that is possible, it's not my area of expertise.

I imagine you may be hearing more from your caller or associates thereof in the near future. Keep us posted...
 

Div6

Crusader
So, apparently my esmb account was hacked by someone at the church and traced back to my location.

What happened was, I have only accessed this site from a friend's house, not my own. I didn't have internet access at my own place. No one knew this friend, their number, or anything.

While at my friend's house, I got a phone call on their phone asking for me by my legal name, not the name I go by now. Someone I have never heard of said they "knew me before" and had "tracked me down on the net". This is a lie as I hve done extensive searches for my various names and numbers and I am NOWHERE. Even if I was, they would have called my cell or home, not my FRIEND'S house. The only tie between us was that I was using her ISP to access this site. I pressed the caller hard and she wouldn't say how she got that number, anyway. She was calling to "find out where I was on lines" and wanted specific names and locations of people I was in touch with, yeah right! When I told her it was none of her business, she was quite miffed.

I guess the call was to verify that it was really me posting here.

It doesn't really matter to the rest of you, just be careful if you still care whether they know who you are. I have decided I don't care anymore.

But JEEZ they are paranoid jerks!!! (who cares what laws you break, right? it's all for the cause!) Christ.



This is interesting. Were you "online" at the time they called?
Does your friend use AOL or some other ISP? (Earthlink?)

Is it an XP box? Is it patched regularly? Have you visited any CoS sites from that account? CallerID on your friends phone? Can you get the number of the person that called?

In general, if things like this happen, the idea is to engage the person in comm...track down "where and how" they knew you, and try to get as much info as possible while not giving out any information...

Sounds like this board has them worried.....a successful "cult survivor's board"
on DM's watch....with tales of rampant child neglect and worse...

Also, they seem to be obsessed with "sleepers", ie people still "on lines" but not with the program...since you mentioned you still have friends in, I bet they will get a little briefing about you now.
 

Terril park

Sponsor
Exactly Emma, noone is going to track an IP to a home without havinging a court order or someone planted inside the ISP illegally giving them the information.

Did you use your friend's machine to go to other places on the net as well?

Are you still in the LA area? -- if so your ISP could have scientologist working there.

If not that, then it is possible they figured out who you are from your postings -- you have given considerable information about your contacts in the SO. Don't know why they'd be following you - do you? (Not that they are)

Something I wondered about a long time ago is to what extent COS
has infiltrated companies like yahoo and hotmail. And what info they might have access to if they had.
 

Mick Wenlock

Admin Emeritus (retired)
So, apparently my esmb account was hacked by someone at the church and traced back to my location.

Not true. Unless your ESMB account includes where you are posting from exactly including the physical address. Servers - any servers not just ESMB - record IP addresses but IP addresses are transient.

In order for the CofS to find out who YOU are merely from your ESMB account - they would have had to subpoena the records of your friends ISP. They would have had to have tracked not just the IP address but at what time it was used. And then traced back from the ISP to your friend.

What happened was, I have only accessed this site from a friend's house, not my own. I didn't have internet access at my own place. No one knew this friend, their number, or anything.

You have given enough information - Emma cites an excellent example in another thread - to identify you completely. Occams Razor.

While at my friend's house, I got a phone call on their phone asking for me by my legal name, not the name I go by now. Someone I have never heard of said they "knew me before" and had "tracked me down on the net". This is a lie as I hve done extensive searches for my various names and numbers and I am NOWHERE. Even if I was, they would have called my cell or home, not my FRIEND'S house. The only tie between us was that I was using her ISP to access this site. I pressed the caller hard and she wouldn't say how she got that number, anyway. She was calling to "find out where I was on lines" and wanted specific names and locations of people I was in touch with, yeah right! When I told her it was none of her business, she was quite miffed.

In order for the CofS to have tracked your friend's home address and home number they either a) got a sub poena or b) pretexted. Either one is easy to verify. Have your friend phone the ISP and ask them if they have received enquiries about her account. Better yet, have an attorney contact them and demand information.
 

Mick Wenlock

Admin Emeritus (retired)
uuhhh nooo, I have friends that do that kind of stuff. Don't you know what a hacker is? :)

If you have friends who are real hackers - and not just PITAs - then they can explain to you fairly easily that "hacking your account on ESMB" would be a worthless thing to do if the idea was to locate you. The ONLY reason to "hack" an account would be to gain access to posting as that ID.

anyway, I was just surprised that they would put out that much effort for someone who hasn't even posted that much here.

It was probably done to get you to do what you did - freak out.
 

Pascal

Silver Meritorious Patron
IP hack

You must be important for OSA to hack you. They are desperate to get stats. Once that Tom Cruise biography goes out, they are dead meat. The Church will fall in flames with David Miscavige's stupid name dragged in the mud where it belongs. I can see hordes of reporters wanting to interview him and ex's. All to confirm and get attention on the book. Glorious! The end is near.
 

Terril park

Sponsor
If you have friends who are real hackers - and not just PITAs - then they can explain to you fairly easily that "hacking your account on ESMB" would be a worthless thing to do if the idea was to locate you. The ONLY reason to "hack" an account would be to gain access to posting as that ID.



It was probably done to get you to do what you did - freak out.

No doubt in the hope of making people feel unsafe to be on ESMB. Its
more likely to be an attack on ESMB than you. Particularly in the light of recent events.
 

lionheart

Gold Meritorious Patron
Sorry Wolfright, I don't get it.

Are you saying that somehow the CofS tracked your friend's IP address, from this they got your friend's phone number and your "legal name"?

Seems unlikely to me.
 
Clarification on "hacked account" and IP addresses

Hello Wolfright,

Nice to meet you. I wanted to offer some more info here and post something about IP tracking an anonymous browsing I've wanted to post for months. This thread just turned out to be the time I decided to do so, I hope you and others find it helpful.

It is exceedingly unlikely your ESMB account was hacked and your location determined from that account. Hacking a users forum account is possible (just by brute forcing the password) however that would NOT allow access to the logs where IP addresses of visitors are stored. An analogy would be, just because someone can break the window of a bank with a brick, they are a longs ways off from the vault.

The reasons are that those logs are in other directories, those directories have permissions set on them to only allow privileged users to access them. You would have to hack the administrators account and in this case that still might not do it for you as (in this case) Emma herself does not have full privileges to all files on the server where the site is hosted. The logs containing the IP are accessible to her, but you would have to BE HER - not you.

Permissions and regulating access to files on servers is very structured and actually works quite well. Of course, site can and do get hacked - but hacking your account specifically would not in any way reveal your IP address to the attacker.

I think it is safe to say that if OSA had hacked the admin access to the account and acquired the IP logs, you would hardly be the only person targeted. And the site would likely mysteriously get nuked.

THE BEST SOLUTION is to mask your IP. There has been much talk of this in earlier posts, and much talk of web poxy servers and discussion of setting up your own proxy, etc. etc. etc. Some of the recommendations are not accurate and would not actually help mask you at ALL.

But this is VERY easy to do. Just download Tor - it sends all your web requests through the tor network of proxy servers and then to your destination. It works VERY well. Your IP recorded on ESMB will be from constantly changing locations, even different countries, etc.

http://www.torproject.org/

You actually download three programs:

Tor & Privoxy & Vidalia & Torbutton bundle

They all get installed. Also you can then install the TorButton add-on for Firfox which integrates with the above. Slick.

After you have it all installed, go to:

http://whatsmyip.org/

or if you want a good laugh try this one instead:

http://www.moanmyip.com/
(Do please try this one, it is vital)

As you surf and go back to this site you will see your external IP is constantly changing. If you go to google.com and other sites you will see if often comes up in another language, based on the language of the IP you are using.

Now, whenever you go to ESMB you will have a random IP.

Please note: This makes your browsing MUCH slower as the requests are relayed through the Tor network. Also, when you write a post make sure you copy it to the clipboard prior to hitting "submit reply" as you will most likely have to sign in again. (This is because when you hit submit you may have a new IP). No problem and most of the time when you sign back in the post is still there - but just in case you have a copy in the clipboard.

To be honest this does make browsing much slower and it is annoying.

But it does work. Your recorded IP will be, quite literally, all over the map.

For anyone concerned about masking their identity, this is a great tool.

There are many other ways to cover your tracks, but this alone will remove about 95% of the chance the church would ever locate you even if they had all the server logs.

You are MUCH more likely to be located by determining your identity from your posts. After all - there are just not that many Scientologists and if you say much about where you where, when you were there, what Orgs you were at - well, that is a pretty small number of people. A few less than the claimed 10 million :D

Hope this helps, and again Wolfright, it's a pleasure to meet you.

Crusty Old Bastard
 
Top