I was very familiar with the build process and sometimes helped them when problems arose. Both engineering and build used the same source database. No, I didn't have actual access to the build machine but if there were added source there would be a difference in size of the binary between what they built and what was on my development machine. Believe me, I checked this often just to ensure no foul-ups occurred.
I did a lot of testing of throughput including accounting for every single packet received on a port and where it went. These counts occurred in standard industry hardware outside of our proprietary ASICs and FPGA code. I would have noticed a discrepancy. If there was a backdoor in an ASIC it would still have to be triggered or configured by software. Even if there was a secret configurable register, there needed to be software that handled reads or writes to that specific interface. I knew all the low-level software. The only possibility I can see is if the compiler itself had been altered to add secret code to all the builds. I just find that hard to believe the company would go to that degree of trouble and risk screwing up any logic that would be impossible for most of the developers to debug.
The router we were making maxed out at a total throughput of 800Mbits/second which is a rate you probably won't ever see at home. With all ports using VPN it maxed out at 80-90Mbits/second.
I had access to all the code. I did go through a lot of it but not everything (really a lot of code). The stuff I did not go through was not handling the majority of traffic flow in that they implemented specialized protocols. I was privy to all the low-level interaction with the hardware and I knew everything about configuring a mirroring port.
Can you point me to a discussion of backdoors for Cisco? Also, what other router companies are you thinking of?
This was a low-end software based router. Very cheap, but the CPU was just equivalent of a high-end PC for 2006. In this system, the CPU was the choke point for throughput. Adding encryption/decryption without hardware accelerators made it even more of a choke point. So, that's why I am not sure how much current CPUs with multiple cores, along with GPUs or other specialized hardware would be affected. Still I think this is problematic. Read my next comment.
Bluffdale is just a storage center, that is still not capable of handling the raw feed of all the voice/internet traffic that is routed through a distributed set of telecom switching centers. It's scary enough what that data center will be capable of holding but it's not everything and it's not with the additional requirement of acting as MITM to all that traffic.
The more I think about this the less likely I think large scale MITM could happen. It is probably theoretically possible. The NSA would have to redesign all the telecom centers where they currently have taps into communication. Instead of just receiving a one-way feed of mirrored traffic they would have to insert themselves into the core routers. Normally core routers don't have hardware accelerators for encryption/decryption. That functionality is left for edge routers that must implement protocols like VPN. So, those routers would have to be a custom job and at the same time as quick and reliable as the equipment they are replacing. I am sure the current core router complement in these centers is nowhere near capable of handling the extra computational requirement for mass MITM functionality.
A MITM operation requires that every packet received is decrypted and then re-encrypted before re-transmitting. That is computationally expensive. Also, the NSA listening points at telecom centers were just mirroring received traffic. If MITM were a consideration, the NSA would have to insert themselves into the switching points and not just get traffic fed to them through a branch from the switches. If I were designing this I would say the NSA is better off expanding their PRISM capabilities.
Signing code is an entirely different matter. I have always wondered if Microsoft wasn't allowing the FBI/CIA/NSA use their update capability to install code on targeted machines. The, recently publicized, fact that Microsoft was selling or providing security vulnerabilities/exploits to the government undermines that suspicion.
Possibly. That was a seat-of-my-pants estimate. I do know from working on a small router that adding encryption dropped the throughput by an order of magnitude. My estimate may not accurately take into account the gains, since then, provided by GPUs or other hardware that is encryption/decryption specific. Mark Klein described Narus machines filling the small room at the SF ATT center. At that time HTTPS usage was limited. Remember, that with MITM every packet is decrypted and re-encrypted and this is for traffic in both directions. I am wondering why the NSA would go this route rather than demanding more PRISM-like co-operation from the server endpoints.
As far as the router/switch companies go. I worked for a major competitor of Cisco and they did not have anything in the software that secretly allowed for general monitoring. CALEA conformance was basically assigning the use of a general purpose mirroring port which was not controlled separately from full administrative control of the router or switch involved. Any code residing in ASICS or FPGAs had to interact with the software. I can't speak for Cisco's routers, but it would be hard to keep backdoors secret. Usually, any software engineer that worked on a router has access to all the code for that router.
Interesting point. Do keep in mind that MITM could not be done on a mass scale. They could only do this with selected targets as it is computationally prohibitive on a large scale.
One of the repercussions concerning all this is that other countries might demand that Internet governance (i.e. ICANN and Verisign) no longer be U.S. based.
Google is not necessarily involved in this particular program. Remember that the NSA has some 15-20 monitoring points at telecom centers across the U.S. HTTP traffic can be collected, filtered, and indexed in those places. Though, as HTTPS becomes more commonly used then searches using Google will have to be monitored with Google's help.
Back in 1986 I worked on a project that the Marine Corps wanted, adapting the precursor to the Sniffer tool (a network protocol analyzer) so they could monitor their own LAN. I have realized for a long time the theoretical capability of monitoring everything on the Internet. It now scares me to realize this is actually happening. XKEYSCORE takes the cake. I am officially paranoid.
Things that struck me from the power point presentation.
-If you are going to encrypt you're emails, chats, or phone calls, you're drawing attention to yourself. It behooves you to take all possible precautions with the rest of your internet activities. Don't go halfway!
-There are MAC addresses in Excel documents?
-It looks like the NSA analyzes HTTP headers and does browser fingerprinting. This can help to identify your computer even while going through a proxy.
I am going to do another take on this because I was just viewing trailers for the upcoming Hunger Games sequel and ran across a music video done for the movie that I thought was rather good. https://www.youtube.com/watch?v=RzhAS_GnJIc
As I was watching it I thought that the woman singing looked like the pictures I had seen, while putting together the above comment, of Taylor Swift. It was. Now, I have never heard or seen anything else she has done so I have nothing to compare it to. I am partial to female singers with a certain quality like; Sandy Denny, Joni Mitchell, Kate Bush, Tori Amos, and Loreena McKennitt. This particular song fits that esthetic.
So, it is conceivable that a grown man could actually be a sincere fan of Taylor Swift. Apparently, there was one with a sense of humor and still entered the contest despite being fully aware that he did not fit the normal, teenage girl demographic, for Taylor Swift fandom. http://www.gq.com/blogs/the-feed/2013/07/exclusive-we-talk-to-the-creepy-man-behind-the-can celed-taylor-swift-radio-contest.html?mbid=social_tumblr_gqmagazine
Charles Z. entered the contest before anyone at 4-chan/b/ was aware of him. He was definitely the underdog in this contest so two stalwarts of social media took it upon themselves to help him out in a grass roots campaign to recruit supporters and votes. Together they were able to overcome the immense social media support for other, more typical, challengers and he won the contest. What could be a more classic American success story?
It would be classic except that 4-chan/b/, the nursery of Anonymous and practically the inventor of epic internet trolling, was one of these stalwarts. They started the campaign by inventing a persona for Charles as a creepy old guy into sniffing Taylor's hair. It is entirely conceivable that 4-chan and Reddit support united behind one contestant could overwhelm the Facebook/Twitter juggernaut that organized the traditional Swiftian fanbase but was split among multiple contestants. If this was truly a fair contest, I would have expected that result. However, it appears cheating was involved in the form of proxy use. It is suspected that cheating was done on behalf of several contestants. It will never be known how much influence the use of proxies had in this contest. 4chan has a reputation for their skill in the use of proxies, but one could view their use of proxies here as leveling the playing field.
The evidence for the use of an automated script came from a single post to Reddit listing timestamp/city pairs and with the text:
"Just created a script using my company private stuff to vote from 500 different machines around the world every 5 minutes."
This is suspect as there is no explanation as to why he or she needs 500 machines when, if each one is used every 5 minutes then each one has to be capable of altering the source IP via proxy use or otherwise. Why not just use a single machine to do all that? There is also no mention of how the script gets around reCAPTCHA and I believe that capability is very unlikely. There have been serious research attempts at defeating reCAPTHA over the past 5 years. A few have had some success but Google is also fixing these vulnerabilities as they are found. reCAPTCHA is pretty well vetted at this point.
Yet, The Daily Dot accepts this post as truth and Gawker references that and further distorts the situation by describing this as using 500 spambots. This supposed use of a script doesn't even fit the definition of a spambot. Various media outfits, including Techdirt here, have repeated the term spambot without ever doing any fact checking. The end result is that even though Charles won he will never get to meet Taylor Swift because the contest was invalidated by the radio station. It's a story all right, and an entertaining one at that, but it will never be the heroic upset by the underdog it could have been.
Ok, I thought this was pretty funny but let's take a serious look at what is going on so it doesn't appear that the Techdirt community is really as stupid as they are.
-What is the purpose of the contest?
Marketing. Both Taylor Swift and the radio station are marketing themselves. The naive explanation that they are just giving some fan the thrill of a lifetime is BS. That may happen even amid all the marketing and that's OK. Even the marketing is fine. I mention this because the true motivation is what influences the rules and how the contest is set up.
-The contest was rigged by the radio station!
Look at these rules:
Conduct and Decisions.
"By participating in the Contest, participants agree to be bound by the decisions of Company personnel. Persons who violate any rule, gain unfair advantage in participating in the Contest, or obtain winner status using fraudulent means will be disqualified."
"If a contestant receives multiple and/or irregular votes from the same user or users, regardless of the source, the Station reserves the right to disqualify the Contestant its sole discretion"
What is an "irregular vote"? It is not defined, so it is whatever the radio station says it is even after the contest is finished. They have reserved the right to disqualify anyone that doesn't fit THEIR idea of who should win. How is that fair? What if there really was a 39 year old man, who really loves Taylor Swift so much that he dresses up as her in his apartment every night after getting home from work as a longshoreman? Should we disqualify him because he doesn't fall into the right demographic or society's rigid concept of proper gender roles? What about his "thrill of a lifetime"?
-How does one win?
A unique URL is assigned to each contestant. A person can vote for that contestant by clicking on that URL but only once per day at most. A single person is identified as such by the source IP address in the HTTP request. These votes accumulate over a period of days. At the end, the contestant with the most votes wins. A "fair" winner depends upon generating a community of supporters. The winning contestant will have the largest set of supporters who religiously vote every day for their biggest Taylor Swift fan.
-How does one win fairly:
These days one clearly must use social media to recruit supporters for a contestant to win. I assume this is considered fair and was a major part in 4-chan/b/ and Reddit's efforts. How was the contest structured to enforce the fairness of voting within the one vote per contestant/one person/one day regulation? I did not partake in the voting so this is partly speculation but informed by the Reddit discussions. The radio station required resolution of a CAPTCHA, used cookies (maybe, this hasn't been confirmed) to restrict multiple votes, and filtered multiple votes via identification of source IP address.
-How does one game the system?
1). Opponent disqualification:
You get all the top contestants, apart from your chosen one, disqualified by intentionally violating the rules while voting for the opposition. This was actually discussed on Reddit. The radio station could have avoided this type of shenanigans by simply discarding votes recognized as illegal. Understanding this type of manipulation is important, in general, because any security system can be vulnerable to it (e.g. swatting).
2). Paying off voters:
A contestant, or prime supporter, could buy or extort votes. This particular contest doesn't seem to have a valuable enough reward to justify such a tactic. Then again, maybe I misunderestimate the appeal to Taylor Swift fans. Oh, but we're thinking in terms of the U.S. economy when this contest resides on a global internet. What seems a pittance here is not in other countries. The reality of differences in scales of economies across the globe already make possible such, warm body required, things as gold farming and CAPTCHA resolution, so why not votes in Taylor Swift fan contests.
3). Use of Proxies:
A single individual can vote multiple times per day by deleting cookies and using or changing a proxy before voting again. TOR can be used by ensuring that each vote uses a separate exit node. The use of proxies is fairly well understood by teens and tweens to get around parental and school internet filters. 4-chan/b/ & Reddit admit to some proxy use. They also heavily suspect that, at least, the other two top candidates in the contest were also using proxies to stuff the ballot box.
rumor has it that voting on your phone when it is "airplane mode" will act much like changing proxies.
4). Automated voting scripts:
Ideally, a single machine could crank out millions of votes by using a tool like Burp Proxy to alter the source IP address for each vote. This is prevented for most people because ISPs routinely delete packets intended to be sent out of their network that contain a source IP not in the range assigned to them. This may even happen on a finer level by deleting packets sent from your gateway that don't mach your leased IP address. There are those who aren't subject to this restriction but the use of CAPTCHA keeps them from automating the voting. I don't believe anyone involved in this contest was able to get around reCAPTCHA and fully automate the voting. The claim of 500 spambots came from misinterpreting the post on Reddit from one gentleman who claimed to write a script that enabled him to use, through his company, 500 machines throughout the world to vote in the contest. Unless he got around reCAPTCHA he still had to sit there and resolve 500 CAPTCHAs a day (or pay someone in a 3rd world country to do this). I don't think scripts played a major role in this contest.
The end result from the contest shenanigans is that;
-Both Taylor Swift and the radio station get more publicity than they ever hoped for.
-The 14 year girl who trolled 4-chan/b/ & Reddit into helping her win as "Charles", still lost.
-Much help was given to those book reading bots that depend upon reCAPTCHA to get them through the hard stuff.
-All those involved in violating the rules of the contest will be prosecuted under the CFAA.
What cache logjam? Dude, do you live in the future? The post times are Pacific Daylight Time which is my local time as well. So things seem all timely and hunky dory to me.
As a non-lawyer, my legal advice is forget the defamation lawsuit because Claire Perry is spouting tweets that don't make any sense. It is the second tweet that is potentially defamatory but it all hinges on the meaning of "sponsored". The literal meaning of her first tweet is that her website contains a link to Guido Fawkes website that, itself, has a link to pornography. This is so contrary to the reality of the situation that it demonstrates either very confused thinking or extreme sloppiness in the use of the English language. I actually believe she doesn't realize that "sponsored" could mean that Fawkes was an accomplice in hacking her website.
On the post: NSA Agents Told To Withhold Target Information From Those In Charge Of Oversight
On the post: FBI Pushing Real-Time Metadata-Harvesting 'Port Readers' On Service Providers
Re: Packet Size is Content of Communication
On the post: FBI Pushing Real-Time Metadata-Harvesting 'Port Readers' On Service Providers
Re: Contempt of Court
On the post: Latest Leak Shows NSA Can Collect Nearly Any Internet Activity Worldwide Without Prior Authorization
Re: Re: Re: Re: Re:
I did a lot of testing of throughput including accounting for every single packet received on a port and where it went. These counts occurred in standard industry hardware outside of our proprietary ASICs and FPGA code. I would have noticed a discrepancy. If there was a backdoor in an ASIC it would still have to be triggered or configured by software. Even if there was a secret configurable register, there needed to be software that handled reads or writes to that specific interface. I knew all the low-level software. The only possibility I can see is if the compiler itself had been altered to add secret code to all the builds. I just find that hard to believe the company would go to that degree of trouble and risk screwing up any logic that would be impossible for most of the developers to debug.
On the post: Latest Leak Shows NSA Can Collect Nearly Any Internet Activity Worldwide Without Prior Authorization
Re: Re: Re: Re: Re: Re: Re: HTTPS everywhere
On the post: Latest Leak Shows NSA Can Collect Nearly Any Internet Activity Worldwide Without Prior Authorization
Re: Re: Re:
Can you point me to a discussion of backdoors for Cisco? Also, what other router companies are you thinking of?
On the post: Latest Leak Shows NSA Can Collect Nearly Any Internet Activity Worldwide Without Prior Authorization
Re: Re: Re: Re: Re: HTTPS everywhere
On the post: Latest Leak Shows NSA Can Collect Nearly Any Internet Activity Worldwide Without Prior Authorization
Re: Re: Re: HTTPS everywhere
On the post: Latest Leak Shows NSA Can Collect Nearly Any Internet Activity Worldwide Without Prior Authorization
Re: Re: Re: HTTPS everywhere
On the post: Latest Leak Shows NSA Can Collect Nearly Any Internet Activity Worldwide Without Prior Authorization
Re: Re: Re: HTTPS everywhere
Signing code is an entirely different matter. I have always wondered if Microsoft wasn't allowing the FBI/CIA/NSA use their update capability to install code on targeted machines. The, recently publicized, fact that Microsoft was selling or providing security vulnerabilities/exploits to the government undermines that suspicion.
On the post: Latest Leak Shows NSA Can Collect Nearly Any Internet Activity Worldwide Without Prior Authorization
Re: Re: Re: HTTPS everywhere
On the post: Latest Leak Shows NSA Can Collect Nearly Any Internet Activity Worldwide Without Prior Authorization
Re:
On the post: Latest Leak Shows NSA Can Collect Nearly Any Internet Activity Worldwide Without Prior Authorization
Re: HTTPS everywhere
One of the repercussions concerning all this is that other countries might demand that Internet governance (i.e. ICANN and Verisign) no longer be U.S. based.
On the post: Latest Leak Shows NSA Can Collect Nearly Any Internet Activity Worldwide Without Prior Authorization
Re: AGAIN without The Google.
On the post: Latest Leak Shows NSA Can Collect Nearly Any Internet Activity Worldwide Without Prior Authorization
Things that struck me from the power point presentation.
-If you are going to encrypt you're emails, chats, or phone calls, you're drawing attention to yourself. It behooves you to take all possible precautions with the rest of your internet activities. Don't go halfway!
-There are MAC addresses in Excel documents?
-It looks like the NSA analyzes HTTP headers and does browser fingerprinting. This can help to identify your computer even while going through a proxy.
On the post: Boston Radio Station Shutters Online Contest To Meet Taylor Swift Because Of 4Chan Shenanigans
Re: Re: Re: This is really stupid...esp for Techdirt
On the post: Boston Radio Station Shutters Online Contest To Meet Taylor Swift Because Of 4Chan Shenanigans
Re: Re: This is really stupid...esp for Techdirt
https://www.youtube.com/watch?v=RzhAS_GnJIc
As I was watching it I thought that the woman singing looked like the pictures I had seen, while putting together the above comment, of Taylor Swift. It was. Now, I have never heard or seen anything else she has done so I have nothing to compare it to. I am partial to female singers with a certain quality like; Sandy Denny, Joni Mitchell, Kate Bush, Tori Amos, and Loreena McKennitt. This particular song fits that esthetic.
So, it is conceivable that a grown man could actually be a sincere fan of Taylor Swift. Apparently, there was one with a sense of humor and still entered the contest despite being fully aware that he did not fit the normal, teenage girl demographic, for Taylor Swift fandom.
http://www.gq.com/blogs/the-feed/2013/07/exclusive-we-talk-to-the-creepy-man-behind-the-can celed-taylor-swift-radio-contest.html?mbid=social_tumblr_gqmagazine
Charles Z. entered the contest before anyone at 4-chan/b/ was aware of him. He was definitely the underdog in this contest so two stalwarts of social media took it upon themselves to help him out in a grass roots campaign to recruit supporters and votes. Together they were able to overcome the immense social media support for other, more typical, challengers and he won the contest. What could be a more classic American success story?
It would be classic except that 4-chan/b/, the nursery of Anonymous and practically the inventor of epic internet trolling, was one of these stalwarts. They started the campaign by inventing a persona for Charles as a creepy old guy into sniffing Taylor's hair. It is entirely conceivable that 4-chan and Reddit support united behind one contestant could overwhelm the Facebook/Twitter juggernaut that organized the traditional Swiftian fanbase but was split among multiple contestants. If this was truly a fair contest, I would have expected that result. However, it appears cheating was involved in the form of proxy use. It is suspected that cheating was done on behalf of several contestants. It will never be known how much influence the use of proxies had in this contest. 4chan has a reputation for their skill in the use of proxies, but one could view their use of proxies here as leveling the playing field.
The evidence for the use of an automated script came from a single post to Reddit listing timestamp/city pairs and with the text:
"Just created a script using my company private stuff to vote from 500 different machines around the world every 5 minutes."
This is suspect as there is no explanation as to why he or she needs 500 machines when, if each one is used every 5 minutes then each one has to be capable of altering the source IP via proxy use or otherwise. Why not just use a single machine to do all that? There is also no mention of how the script gets around reCAPTCHA and I believe that capability is very unlikely. There have been serious research attempts at defeating reCAPTHA over the past 5 years. A few have had some success but Google is also fixing these vulnerabilities as they are found. reCAPTCHA is pretty well vetted at this point.
Yet, The Daily Dot accepts this post as truth and Gawker references that and further distorts the situation by describing this as using 500 spambots. This supposed use of a script doesn't even fit the definition of a spambot. Various media outfits, including Techdirt here, have repeated the term spambot without ever doing any fact checking. The end result is that even though Charles won he will never get to meet Taylor Swift because the contest was invalidated by the radio station. It's a story all right, and an entertaining one at that, but it will never be the heroic upset by the underdog it could have been.
On the post: Boston Radio Station Shutters Online Contest To Meet Taylor Swift Because Of 4Chan Shenanigans
Re: This is really stupid...esp for Techdirt
-What is the purpose of the contest?
Marketing. Both Taylor Swift and the radio station are marketing themselves. The naive explanation that they are just giving some fan the thrill of a lifetime is BS. That may happen even amid all the marketing and that's OK. Even the marketing is fine. I mention this because the true motivation is what influences the rules and how the contest is set up.
-The contest was rigged by the radio station!
Look at these rules:
Conduct and Decisions.
"By participating in the Contest, participants agree to be bound by the decisions of Company personnel. Persons who violate any rule, gain unfair advantage in participating in the Contest, or obtain winner status using fraudulent means will be disqualified."
"If a contestant receives multiple and/or irregular votes from the same user or users, regardless of the source, the Station reserves the right to disqualify the Contestant its sole discretion"
What is an "irregular vote"? It is not defined, so it is whatever the radio station says it is even after the contest is finished. They have reserved the right to disqualify anyone that doesn't fit THEIR idea of who should win. How is that fair? What if there really was a 39 year old man, who really loves Taylor Swift so much that he dresses up as her in his apartment every night after getting home from work as a longshoreman? Should we disqualify him because he doesn't fall into the right demographic or society's rigid concept of proper gender roles? What about his "thrill of a lifetime"?
-How does one win?
A unique URL is assigned to each contestant. A person can vote for that contestant by clicking on that URL but only once per day at most. A single person is identified as such by the source IP address in the HTTP request. These votes accumulate over a period of days. At the end, the contestant with the most votes wins. A "fair" winner depends upon generating a community of supporters. The winning contestant will have the largest set of supporters who religiously vote every day for their biggest Taylor Swift fan.
-How does one win fairly:
These days one clearly must use social media to recruit supporters for a contestant to win. I assume this is considered fair and was a major part in 4-chan/b/ and Reddit's efforts. How was the contest structured to enforce the fairness of voting within the one vote per contestant/one person/one day regulation? I did not partake in the voting so this is partly speculation but informed by the Reddit discussions. The radio station required resolution of a CAPTCHA, used cookies (maybe, this hasn't been confirmed) to restrict multiple votes, and filtered multiple votes via identification of source IP address.
-How does one game the system?
1). Opponent disqualification:
You get all the top contestants, apart from your chosen one, disqualified by intentionally violating the rules while voting for the opposition. This was actually discussed on Reddit. The radio station could have avoided this type of shenanigans by simply discarding votes recognized as illegal. Understanding this type of manipulation is important, in general, because any security system can be vulnerable to it (e.g. swatting).
2). Paying off voters:
A contestant, or prime supporter, could buy or extort votes. This particular contest doesn't seem to have a valuable enough reward to justify such a tactic. Then again, maybe I misunderestimate the appeal to Taylor Swift fans. Oh, but we're thinking in terms of the U.S. economy when this contest resides on a global internet. What seems a pittance here is not in other countries. The reality of differences in scales of economies across the globe already make possible such, warm body required, things as gold farming and CAPTCHA resolution, so why not votes in Taylor Swift fan contests.
3). Use of Proxies:
A single individual can vote multiple times per day by deleting cookies and using or changing a proxy before voting again. TOR can be used by ensuring that each vote uses a separate exit node. The use of proxies is fairly well understood by teens and tweens to get around parental and school internet filters. 4-chan/b/ & Reddit admit to some proxy use. They also heavily suspect that, at least, the other two top candidates in the contest were also using proxies to stuff the ballot box.
rumor has it that voting on your phone when it is "airplane mode" will act much like changing proxies.
4). Automated voting scripts:
Ideally, a single machine could crank out millions of votes by using a tool like Burp Proxy to alter the source IP address for each vote. This is prevented for most people because ISPs routinely delete packets intended to be sent out of their network that contain a source IP not in the range assigned to them. This may even happen on a finer level by deleting packets sent from your gateway that don't mach your leased IP address. There are those who aren't subject to this restriction but the use of CAPTCHA keeps them from automating the voting. I don't believe anyone involved in this contest was able to get around reCAPTCHA and fully automate the voting. The claim of 500 spambots came from misinterpreting the post on Reddit from one gentleman who claimed to write a script that enabled him to use, through his company, 500 machines throughout the world to vote in the contest. Unless he got around reCAPTCHA he still had to sit there and resolve 500 CAPTCHAs a day (or pay someone in a 3rd world country to do this). I don't think scripts played a major role in this contest.
The end result from the contest shenanigans is that;
-Both Taylor Swift and the radio station get more publicity than they ever hoped for.
-The 14 year girl who trolled 4-chan/b/ & Reddit into helping her win as "Charles", still lost.
-Much help was given to those book reading bots that depend upon reCAPTCHA to get them through the hard stuff.
-All those involved in violating the rules of the contest will be prosecuted under the CFAA.
On the post: Boston Radio Station Shutters Online Contest To Meet Taylor Swift Because Of 4Chan Shenanigans
Re: Re:
On the post: UK Anti-Porn Crusader Responds To Website Hack By Threatening Blogger Who Covered The Story
Next >>