Subj : I received a warning from a IdentIt.ca
To   : All
From : Davidb@nomail.afraid.invalid
Date : Sat Dec 31 2016 12:23:00

Subject: I received a warning from a IdentIt.ca
From: "David B." <DavidB@nomail.afraid.invalid>
 
On 31/12/2016 11:31, Shadow wrote:
> On Sat, 31 Dec 2016 10:10:44 +0000, "David B."
> <DavidB@nomail.afraid.invalid> wrote:
>
>> I have been trying to convince the guys at
>> Microsoft of the danger posed by the site
>
> ... since 2006. Since it posed no danger at all, you were repeatedly
> BANNED from M$ forums for STALKING.
 
There were *NO* Microsoft forums in 2006!
 
> Note that the original site DID NOT BELONG to M$.
 
Correct.
 
The site belonged to THIS chap:- https://ca.linkedin.com/in/pauladare
 
> Why you would "report it to M$" is still a mystery
> to everyone. You report a hacked site to the hosting service, not an
> unrelated software forum.
 
The site was being advertised in the 'signature' of every post made by 
Mr Adare on the Microsoft Answers forums
 
>> Seems like it's still not dead!
 
> No, the registration expired, and it was bought by an individual that
> gave an American address. The new owners are rebuilding the site. It's
> very much alive.
 
Well I'm glad we agree on SOMETHING!
 
>> "The server encountered an internal error or misconfiguration and was
>> unable to complete your request.
>
> They are obviously updating the site. That is a standard response.
 
NOTHING is "obvious".
 
>> Please contact the server administrator, webmaster@identit.ca and inform
>> them of the time the error occurred, and anything you might have done
>> that may have caused the error.
>
> You DO realize you are posting an email address to the NEW owners ?
 
Really. Exactly WHO *are* the new owners?
 
> The guys hosting malware ? (according to you, Google says the new site
> is malicious).
 
I didn't say that. Here is the evidence which I put forward:-
 
https://www.dropbox.com/s/0bv02nqdhnvbivz/IdentIt.ca%20-%20Phishing%20warning.t
iff?dl=0
 
That's from Web of Trust IIRC
 
> WTF, spamming ransomware like that is illegal !!!!!
 
WTF????  Ransomware? Where did THAT spring from?
 
> You KNOW the site was sold.
 
Just *HOW* would I know that? Do explain, please.
 
> Some noob might actually write to the address and get an attached
> trojan in return.
 
As you should be aware, my computer-savvy pal Andrew Taylor, who lives 
nearby in Toronto, DID email the outfit on my behalf.
 
> Just report it to the hosting company. Pick up the phone. Oh wait, you
> don't have the balls. Ex-military guys specialized in blow-jobs never
> do.
 
Now you are just being rude and spiteful - in front of all your friends 
too. Shame on you! <shakes head>
 
> PS The original owner abandoned the site in 2011, as can be seen in
> archive.org.
 
What on earth makes you think that? There's *NO* evidence AFAICT
 
> No changes from 2011 - 2015, when the registration
> expired and the domain was resold.
 
So who was paying for it to be hosted on the Internet all those years?
 
> BTW, the new site, although a
> look-alike, is written in Perl. Unlike the old site, which was
> Javascript. It's look-alike so fools think it's the same owner.
 
Wow! Is that REALLY the case? What proof of that can you offer?
 
> Is it true love ? You've been STALKING the former owner for 10 years.
 
That's another of your lies. I had never heard of him 10 years ago. This 
fellow you mean? https://www.linkedin.com/in/pauladare
 
You'll note that there is no mention of Paul Adare actually working for 
Microsoft as claimed by one of his MVP colleagues in the now 'missing' 
thread. This may help:- 
https://www.dropbox.com/s/au6zjy3pbj9urwj/Reply%20to%20Rob%20in%20Microsoft%20A
nswers%20%28JPG%29.jpg?dl=0
 
> HE NO LONGER OWNS THE SITE.
 
So just who *DOES* own the site - and *WHY*?
 
> Just get a plane to Canada and take plenty
> of lube if you want to get together, assuming he shares your sexual
> orientation. What could go wrong ?
 
Don't you think I'm shafting him well enough from here?
 
> AND STOP SPAMMING THE NEW MALWARE-RIDDEN (according to the Google
> report you posted) SITE.
 
I simply asked the following .....
 
=
 
I know little about code but noticed this in the source code of the 
IdentIt.ca web page:-
 
href="http://www.nikeairmaxsite.com/">nike air max sneakers</a><a 
href="http://www.toplacoste.com/">Lacoste Outlet</a><a 
href="http://www.nikedunksales.com/nikesbdunkhigh-c-7.html">nike dunk 
high</a><a href="http://www.frchristianlouboutin.com/">christian 
louboutin sale</a><a href="http://www.nikedunksales.com/">nike 
dunk</a><a 
href="http://www.nikedunksales.com/nikesbdunkmid-c-13.html">nike dunk 
mid</a><a 
href="http://www.frchristianlouboutin.com/christian-louboutin-shoes-c-5.html">c
hristian 
louboutin shoes</a><a 
href="http://www.lebronsky.com/kobebryant-c-21.html">kobe bryant 
shoes</a><a 
href="http://www.airforce1fashion.com/air-force-1-premium-mid-c-239.html">air 
force one mid</a><a 
href="http://www.frchristianlouboutin.com/">christian louboutin 
discount</a><a 
href="http://www.lebronsky.com/kobebryantnikezoomkobev5-c-21_28.html">kobe 
v</a></marquee></div>
 
view-source: http://identit.ca/
 
Can anyone reading here suggest any reason why these links are present?
 
=
 
The whole thread may be read here:-
 
https://productforums.google.com/forum/?utm_medium=email&utm_source=footer#!msg
/webmasters/2g6ScUvOgdA/KVgSXCVLAwAJ
 
 
-- 
"Do something wonderful, people may imitate it."
 
I wish all readers a Happy New Year!  :-)

--- ViaMAIL!/WC v2.00
 * Origin: ViaMAIL! - Lightning Fast Mailer for Wildcat!  (1:261/20)

.