iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > News > Security News > N3td3v - Security Trolls
Search:
[ news_security_news ]

N3td3v - Security Trolls



Dan Morrill
Contributing Writer
2006-10-25

SecurityProNews: Insider Reports Insider Reports RSS Feed


N3td3v is/was a security troll that plagued the full disclosure list for quite a while, claiming to be a yahoo security engineer, with his own mailing list at yahoo groups, yahoo personal page and a host of other places that you could find him.

Security Focus did an update on their web site about n3td3v, but here is an interesting Google search on him as well.

Security focus states:

"Even after n3td3v gave up the virtual ghost in September 2006, no one knew the name of the person who infuriated, and amused, so many researchers. Now, an independent security consultant believes that linguistic forensics--a branch of science that attempts to identify authors by the content and style of their writings--has linked n3td3v with a previous security-list troll and hacking group known as Gobbles. In a 19-page report published on Friday, consultant Neal Krawetz argues that statistical analysis of mailing-list messages posted by n3td3v and advisories written by Gobbles indicates that each group appears to be three, or possibly four, people, and the writing styles of the people making up the two groups appear to match. The report uses five different metrics of writing style to determine whether the authors are American or non-American, male or female, and their degree of education. While the five indicators have large margins of error, using the methods together minimizes the error, Krawetz claimed". Security Focus, 2006.

Of course there is dissention in the analysis, which is on page two of the article. The interesting part though is the idea of security trolls; I am pretty convinced that we have all dealt with them in various lists and groups over time that we have subscribed to. While n3td3v was just one of them, there have been a lot of others that make for some interesting reading, if you like that kind of interaction. Flame wars in the security community can provide hours of amusement, but raise the general noise level to the point where sometimes it is just better to back away and move on from the list. I still like full disclosure but no longer subscribe because the noise level got too much to deal with in my inbox.

N3td3v was pretty much both inflammatory and interesting to watch how he worked the list, and which people he kept on working on, while the rest of the list tried to keep on going, and saying don't feed the troll. They were very effective at raising the noise level on FD (Full Disclosure) until they started loosing a lot of folks in what is otherwise an excellent resource on the internet for sharing infosec data. If nothing, they showed an interest in working the crowd, or members of the crowd to continue on with the process, including all the work that has been done to find them. There are no laws against starting a flame war, or being a troll, its annoying, but few people in the lists restrained themselves, and like many situations like that, the process kept on spiraling out of control.

What was interesting was seeing all the security folks that started doing things like making a n3td3v web site at http://n3td3v.com/ as well as a host of other ways of working the internet to track/trap or trace the person. The hand writing analysis, even if inaccurate still shows an abiding interest in n3td3v, not just that we don't know who they are, or if they are a group or a solo person. They did work the crowd well through, so if you are interested in more information on n3td3v the Google search on the tag provides a pile of interesting data about the people that did the trolling.

While n3td3v is just one troll, the amount of energy that went into answering the flames, setting up web sites, tracking the person down, handwriting analysis and other work that has been done to date has been very interesting to watch. While it is unlikely the original n3td3v will ever be found unless they out themselves or the single person that it could be, it's a great way of honing your information security skills, and can provide hours of amusement.


About the Author:
Dan Morrill has been in the information security field for 18 years, both civilian and military, and is currently working on his Doctor of Management. Dan shares his insights on the important security issues of today through his blog, Managing Intellectual Property & IT Security, and is an active participant in the ITtoolbox blogging community.

More news_security_news Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - $line) { echo $line ; } ?> All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds