Photo credit: Ben Lieu Song via Flickr (Creative Commons) |
by Peggy Robin
For those who don’t read every single message on the CP Listserv (you don’t??? you should!), let me briefly recap yesterday’s Administrative Note. (It's Message #178709 if you want to read the whole thing...it’s long!). For the past few months, someone has been messing big-time with Groups.io. There seems to be some sort of malware program inserted into a number of the bigger groups across the broad Groups.io platform, causing random messages from these subscription-only groups to be delivered to non-members, who neither want them nor understand why they’re receiving them. They just want it to stop. And these unwilling recipients have been pretty upset at any group owner whose group has unwittingly sent them messages. I’ve heard an earful (well, an inbox-ful) of insults from those who end up getting listserv messages they never signed up for. I went over the mechanics of what happened in my message to the group, posted yesterday.
Now that I’ve set up some barriers to prevent any more faked email addresses from signing on, I think we may have prevented these hackers from doing any further damage. Yes, there still may a few bad email addresses that still need to be rooted out. But I can’t see how any more could be inserted among our membership. And now that we’re done with that phase of this unfortunate business, there’s time to do a little reflecting on the meaning of it all.
By which I mean, the underlying point of the hack. What was it all about? What were they after? Not money. They never sent out scam emails to anyone. Not to “harvest” valid email addresses, either. All they ever did was take some messages – just the usual neighborhood chatter (“Where can I buy the best avocados?” and “What paperwork do I need to bring to the DMV?”) -- and pass them along to random people around the country who had never even heard of Cleveland Park. At most, they annoyed a few dozen members of our listserv. And, I suppose, a much larger number on many others listservs with open memberships in the Groups.io system.
Maybe the annoyance was the point. Or maybe there wasn’t really a point at all. I’m guessing (based on no evidence at all) that the whole project could have been cooked up by some teenagers, just to do mischief. Just because they could.
Another theory is the revenge motive. Suppose the hackers had been running some kind of illegal enterprise on the Groups.io platform, and they’d been found out, and Groups.io had abruptly shut them down --.pulled the plug on them. Maybe the whole thing is someone's way of getting back at the system that undermined their group.
Then there’s the “It’s the Russians” answer. Whenever there’s been hacking or malware anyway, odds are high that it’s coming from an IP address somewhere in Russia. Statistically speaking, that’s where the trail is likely to lead. But to what end? Could be as simple as junior-hackers practicing the skills of their trade? Or maybe just doing any little thing to foster confusion and irritation in American communities….?
Am I starting to sound paranoid? Well, maybe a little. It’s been a rough few months, being on the receiving end of all the complaints and accusations about my group and its misdirected missives.
In the end, I’m left as much in the dark as I was at the start. I’m slowly coming around to the idea that I may never know the why of what happened. But I will never stop wondering…..
-------------------
Still Life with Robin is published on the Cleveland Park Listserv and on All Life Is Local on Saturdays.
No comments:
Post a Comment