Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Reputation
Culpable for being compromised? Also: A further question; and about that hash...
by
nullius
on 08/03/2018, 19:15:12 UTC
Quote from: tmfp on March 08, 2018, 05:40:08 PM
Quote from: suchmoon on March 08, 2018, 05:24:39 PM
Quote from: aTriz on March 08, 2018, 05:47:31 AM
Quote from: suchmoon on March 06, 2018, 11:35:21 PM
Can you post the script alia gave you? If not - why?
No, I'm not allowed due to the threat of my dox being released, you can try ask alia for it.

And you trust the unstable lying shitcunt (thanks TMAN) to keep her word and NOT dox you... and NOT blackmail you further... good luck with that.

You're really making it harder to trust you. You said you'll find it. You told alia to do her worst. You're now backpedaling. I think the answer to the OP's question is "probably not".

Yeah, this ^^^^
Now that you've shown that your actions are under the influence of an unstable entity because blackmail, it would be difficult to see how to trust that any of your future actions will also not be vulnerable to his/her/its demands, especially in the marginal world of shit tokens where you do business.

@suchmoon, @tmfp, you make a reasonable point—but thereupon, I have a reasonable question for you:  When a good-faith party makes naïve mistakes which cause him to get backed into a corner by a criminal extortionist who obtains personally identifiable information, what is the best strategy to recover?

Having reviewed the matter carefully, I think that the best possible assumptions about aTriz are the most probable assumptions:  A naïve individual with some admitted flaws (including past gambling addiction) was acting in good faith, and got fooled worst by a “confidence artist”—one who also fooled many other people to various degrees.  And I think it’s clear that the principal question about aTriz (the vouch for the script) was in a different category than assigning blame for a leak of PII.  Really, could you hold aTriz culpable for the unforeseen consequences of having made a Paypal transaction!?

(N.b. that my assessment hereby is the polar opposite of that with Alia:  I still have some scintilla of reasonable doubt on certain points about Alia, whereas the preponderance of the evidence is against Alia.  Here, I find that the preponderance of the evidence is that aTriz acted in good faith, and did not commit any knowing wrong (here speaking to culpability, mens rea).  I am ultraconservative in matters of trust; and I am not yet more than barely acquainted with aTriz, beyond his hereto sound public reputation.  Therefore, I have been proceeding in this matter cautiously—and I mean that statement both ways.  I observe that in general principle, it would be outright horrific to see an innocent scam victim get his reputation ruined through being sucked in and dragged down by a scammer.  For my part, I would not be the unwitting executioner in such an injustice!)

Add to this certain allegations upthread as to aTriz’s age.  I do not know (and do not wish to ask) whether or not those statements be true.  But if they so be:  A relatively youthful (under-30) age is never an excuse for dishonest dealings, but is certainly an excuse for naïveté, trusting too fast, plus some awful opsec when dealing with an apparently bona fide new business counterparty.  I myself was “guilty” of all these things, at that age.  And nowadays, people who grew up with Skype and Gmail do not have the benefit some of us had of learning this Internet thing anew.  (I say this as one of Google search’s earliest addicts; that was terribly naïve of me in retrospect, but dang, it worked so much better than Altavista.)  aTriz’s mistakes in getting himself into a position to be blackmailed seem to be simply a sign of the times.

In sum:  Based on the current record, I am most inclined to help aTriz recover from this scam, and improve his operational security going forward.  If this thread concludes as I expect, then I will offer aTriz that if he desires, I will provide him some free nym.zone consulting in basic, best-practice measures to prevent this type of doxing/extortion situation in the future.  Meanwhile, I should like to continue examining the substantive questions which have been raised—in a fair manner, with appropriate sensitivity to the fact that I am asking questions of someone who is backed into a corner by a malicious threat.


@aTriz, a further question:

Did you have any non-public communications with Alia on the date of 1 March 2018 (UTC)?  —If so, please briefly describe the nature and content of the communication.

As to my request for commitment of the SHA-256 hash of the script:

I have considered the matter carefully.  I doubt that committing a SHA-256 hash would cause you to get doxed in retaliation, for the simple reason that Alia would then lose leverage to prevent you from releasing the script itself.  Though I can’t vouch for Alia’s rationality (!), it would be ridiculously stupid for Alia to shoot her bolt at you over a hash which reveals no information about the script itself.  That would be incompetently evil.  I state this on the very reasonable presumption that the only leverage Alia has is your dox.

Wherefore, I reiterate my request that you publicly commit a SHA-256 hash of the script.

If Alia were to dox you in retaliation for that—well, then, you would have no remaining reason not to release the script itself.  Alia knows this.