teatalk.org and teaspring

I, for one, owe Gary an apology. I was quick to jump to conclusions before all of the facts were out. For that I apologize - Gary.

The possibility that Gary is being truthful and that his service was simply abused is a very real one and, due to the anonymity of the service, there is no evidence that points to anyone in particular including Gary.

Fair is fair, the guy may indeed be totally innocent here.....

Mike

mike, thank you for the apology. i don't blame anyone directly, except the original poster of the teaspring thread. i have bought from teaspring and it was a very positive experience. i was disheartened to see them attacked in the groups and encouraged by the rally to their defense.

then everything turned ugly.

thank you again, mike. your sincerity will be remembered.

-gary

Gary, I am not going to appologize, but I would extend an opportunity for you to explain how your site/server was breached and posts were made from it. If you have been doing this for over a decade then you should know how to look into the logs and do some research. I am a computer professional and have multiple degrees in this field, I can't fully sympathize with you for a few reasons:

1.) If your site/server was breached and used in this manner without your knowledge then your #1 priority should be discovering how it happened and fixing it so that this does not happen again. Simply walking away leaving the door open is negligent at best. 2.) There seems to be a major flaw in your story in that this person was *posting* to news groups from that IP address. That means that the person most likely had *physical* access to that server or a computer within that domain. Which would mean that it was either you or someone you would know in some way. Again, not an accusation just the reality of the situation unless you are running a *nix server with some sort of commandline NG reader available.. again easily traced.

Working in the field I do has made me less sympathetic to admins who do not fully understand or take precautions to prevent this sort of thing. It is tantamount to leaving the keys in your car and the doors unlocked. More than half of the spam and virus traffic on the internet today is directly attributed to this exact problem.

- Dominic

Greetings Gary,

Thank you for talking quick action regarding the abuse on teatalk. I for one do believe these posts did not come from you personally, but from someone posting through teatalk or spoofing your IP.

Unfortunately, unless you have a lot of time to securely set up and administer a message forum, abuse can get out of control. It's always been that way, even before the internet, back when I used a BBS.

It is regrettable that you had to shut down teatalk, but as you said, there is still access from google for those without normal usenet access.

-Robit

gary wrote:

Please checkout

It is a web interface to usenet. No one required physical access to my servers to post.

The fact that I do not require people to validate their email address before posting is a matter of personal choice, not a security breach. We all know that google was forced by the dept of homeland security to hand over logs on what people search for or do on google. The fact that teatalk allowed anonymous use does not mean that it was not secure. It's a matter of principle and the choice I made. For my part, its shut down so you won't have to worry about anonymous posts from this service anymore.

I hope that explains it and puts this to rest. The mob already has the torches lit and the noose ready, but the facts are being ignored.

-Gary

One of the single issues with any group or organization is liability and culpability. What transpired against Teaspring was not only wrong but both defamatory and slanderous by law. Slandering anyone, but especially a business, in any public forum is libelous. The issue for me has always been seeing both a friend and a reputable business being assaulted.

My complaint with Gary and Teatalk.org is not a personal one nor is it directly related to either but both are nonetheless culpable and negligent.

This whole matter began on March 20th and here we are now March 31st finally with a response from Gary and Teatalk.org.

This is a public forum and publishing here is little different than publishing in a newspaper or magazine. Teaspring and Daniel were slandered in a very public way. I am not certain what, if any, damage has or will be done to them but it is clear that an assault was leveled against them both personally and professionally.

Timing is everything in life and if you are going to host any kind of public forum you had best be willing to moderate it especially if you have a business linked to the forum.

My personal view is that it was unwise to continue a public forum linked to a business entity to begin with because it sets up all kinds of liability questions.

In the end, I think action should have been taken far sooner that it was and matters should have been corrected not by shutting down Teatalk but by issuing a public statement apologizing to Teaspring and Daniel and disavowing any direct involvement from Teatalk.org or Gary or his business and employees generally.

Allen Miller

I understand where you are coming from, but how in this do you not see your own error or at least your part in all of this? Anonymous access is what has placed all the fingers pointing at you, because honestly you are the source, you facilitated the postings. Anonymous access - above all - needs to have checks and balances in place. Legally if Teaspring could prove the damages, and was so inclined, they would have a legitimate case against you.

I may have sounded harsh in my above post, but believe me it is pure experience talking. I have seen good guys take some big falls for poor decisions or negligence. Unfortunately as with any law, ignorance is not an excuse. There are no laws guaranteeing the right to anonymous newsgroup posting, and as with all services involved in this sort of thing the liability falls on the provider when shit goes pear shaped. Please take my posts and advice as informational if nothing else, I honestly believe it was not you... however it is not OK with me, and you are seeing the downside of anonymity.

No doubt you have worked hard to get where you are, and to create what you have, and while your intentions are good you have not taken the proper precautions and safegaurds to protect yourself from what is happening. I wouldn't take it out on the folks here or elsewhere, because as I stated originally all of the data points squarely at you... what other conclusion would people come to? On a personal note, I could not see what benefit pure anonymity would provide on a tea newsgroup. I also am someone who highly values my privacy, yet there are limits and in some cases total anonymity simply breeds illegal activity, misconduct, and more. If nothing else it is a lesson learned, your hard work to provide anonymous access has been abused by one or more bad apples and you end up holding the bag.

- Dominic

i'll answer any questions you have. if it is to be a public trial, with my livelihood on the line, everything i've worked for, then so be it.

i did not answer the thread of emails earlier because i did not know that the post came from my server and i was not reading the newsgroup during the time that everything exploded.

as for moderating teatalk.org, there is clear case law precendent that shows you cannot moderate any posts, otherwise you assume liability for the posts. this is why google groups and every isp providing access to usenet does not moderate the groups. i know the law, that is why i do not, could not, moderate the posts from teatalk.org. would you ask google groups to moderate usenet as well?

i'm sorry for what happened to teaspring. but i think in the end they got a lot of good press out of it. whereas dragonwater, which did nothing wrong. really. has lost a lot. i've spent my whole life building up this business. it's all i've got and i'm getting too old to be successful at anything else. it barely supports me and my family. and now you will take that away from me. what have i done to deserve so much suffering? does it really equal the "crime"?

-gary

Thank you Gary for your apology, I for one am still willing to set aside the negative feelings I have felt regarding the slander of teaspring and trust that your apology is a sincere one.

it is. teaspring is a wonderful company and no amount slander can change that.

No one mentioned moderation, what I have stated was logging, accountability, and possibly registration. All good ideas regardless of anything else.

I'm sorry Gary, but please spare us. Maybe you should keep to standard business practices and keep personal and business entities mutually exclusive. Your responses so far have been, for the majority, lacking real remorse and proper dilligence/accountability. The paragraph above is insulting, irritating, and bothersome on a number of levels. I can only hope all of this "good publicity" extends in your direction as well. Unreal. It's probably better that you do slink away slowly, I may just be inclined to assist Teaspring pro bono.

- Dominic

no one asked for my log info. of course there is logging. there is only one ip that posted on march 20th, the date of the teaspring posts. this doesn't mean this ip posted those posts. i can't associate the post with the ip directly in my logs, but this is the only ip recorded.

60.48.240.209

-gary

This is Malaysian, based in Kuala Lumpur. It resolves to an ISP/Network/Telecom provider there called "Telekom Malaysia Berhad"/"Network Strategy"/"Wisma Telekom"

Contacts:

person: Darmataksiah Abai nic-hdl: DA5-AP e-mail: address: Telekom Malaysia Berhad address: Network Strategy address: 5th Floor, North Wing address: Menara Telekom address: Jalan Pantai Baru address: 50672 Kuala Lumpur phone: +603-2240-7307 fax-no: +603-7958-2034 country: MY mnt-by: MAINT-AP-STREAMYX changed: 20031112 source: APNIC

person: Napizah Alang Jaafar nic-hdl: NA16-AP e-mail: address: Telekom Malaysia Berhad address: Network Strategy address: 5th Floor, North Wing address: Menara Telekom address: Jalan Pantai Baru address: 50672 Kuala Lumpur phone: +603-2240-7327 fax-no: +603-7958-2034 country: MY mnt-by: MAINT-AP-STREAMYX changed: 20031112 source: APNIC

Which is basically brimming over with zombie machines.

Not that it couldn't well have been someone from Malaysia posting, but because of the high ratio of zombified machines on Wisma, it's hard to be sure.

We block most of telekom.net.my at the routers here because of the various problems. It's a shame to have to do that.

--scott

Teasping's reputation is affected Gary is somewhat disgraced We are here still drawing blood The spoofer and real culprit is probably reading all these And snickering at us all demanding justice from Gary Let the one who has never commited a mistake Or overlook one's work however minute Cast the first stone I don't think we should allow the spoofer More joy at stirring storm in a teacup If you wish to continue this inquisition further May I suggest you take it up with Gary offline? I would hate to imagine that the spoofer is Beaming with joy at his little genius now At our expense. And I don't think Daniel wish for this to turn into A vaudeville. Daniel has not spoken Perhaps he wishes for all these to be forgotten as soon as possible.

Danny