The perils of technology in the classroom. This one deserves a "SMH" and a "FML".
Last night, at around midnight, my class' Internet board, done through Nicenet, was attacked by Internet spammers. They spent hours posting extremely racist and homophobic content (that the students were discussing James Baldwin may or may not be relevant). Because I get sent a new email every time there is a response, my email box was filled up with hundreds of these racist and homophobic responses today; my students' were the same. I've heard that it might be originated from a group called 4chan, which apparently does these sort of spams. Some students have told me they have a "/b/" mark, and I saw that a few times in the messages I skimmed:
This message is forwarded through Nicenet's
Internet Classroom Assistant
-------------------------------------------
FROM: Anonymous2300325
Sup, raid is successful. /b/lackup delivered. I'll post some CP links shortly, thankyou.
that is all
There's also a bunch of links to gore, sexual depravity, and violence. It's really crazy.
The kids seemed funny and okay with it today, most knowing much more about this sort of raid than I am. One girl named "Jenny" was posting a thesis statement when it started happening. One of the first messages was a response to her, simply saying, "Jenny, you are a bitch." She laughed and laughed about it today. And, the group did post to just some random funny stuff, like this Youtube video, which was put in hundreds of the messages.
They got out of some homework, so I hope none of them are behind it. I don't think they are; most of them seem pretty annoyed by it and their Facebook statuses confirm their annoyance.
Has anyone heard of this before? I mean, I can read the Wikipedia entry for Anonymous group (most messages were signed Anonymous) but I still don't really get it. Why was my class targeted? It had to have been a whole army of people because each stgudent got hundreds of emails. I had to delete my class from the site and am pretty annoyed; I think it's a pretty cool learning tool.
Post-script: I just googled our class' key code and discovered it was one of my students who posted on the 4chan discussion board to blast our Nicenet discussion board so to never have to do homework on it again.
How Disasters Spur Democracy
-
After an earthquake struck southwest China earlier this year, social media
and mobile phones proved instrumental in relief efforts. Patrick Meier
considers...
8 minutes ago
16 comments:
It's not people, it's spambots. I'd recommend using something else, like a ning (ning.com), wiki, or edmodo.com -- all free, and with better security.
Actually, I'm pretty sure it's people. They had to log in, form names, and keep posting and posting. See the post-script (it originated from one of my students).
Thanks for the suggestion. I'd been wanting to figure out ning.
Wow, how will you handle that student?
I have no idea who it is and a friend tells me that the initial message *could* have been a fake from the initial havoc-inducers. The message reads "Do me a favor and troll your brains out so that i never have to use it again" and was written anonymous on this 4chan message board with our key code.
To be safe, I'm going to turn on comment controls on this blog for a few days.
Please continue to comment but it might be a little bit before it is published. I don't want my blog to raided like the message board was.
Hello there,
I frequently visit the 4chan website and it's indeed a fun place for adults. The so called "raids" are not supported (and even banned), but sometimes it just gets through. The point I am trying to make is - /b/ usualy troll something meaningful or big (like TV, popular websites, celebrities etc.) and if it was really doing of 4chan visitors it must of been fueled by something from outside. In my opinion, you should look for the source in your class.
Best wishes,
Anonymous
The actual raid was initiated by a website called www.ebaumsworld.com .
I was on that website's forum on that day and know that they were the cause of the disturbances on your board. Now, I don't want to compare myself to the people who performed this raid, but I know of their actions and the behavior. They always harrass people on the internet and in the end blame it 4chan.org .
I know about your frustration since ebaumsworld.com also raided my Myspace once and it took weeks before the hacks ceased. Although these people seem dangerous at first glance, most of them are simply teens playing pranks on others. I can assure you though, that with 4chan.org you got the wrong culprit.
I am what 4chan would call a "troll". a newbie who stumbled onto the site and doesn't know proper etiquette. I found your blog through 4chan. perhaps I am depraved for surfing 4chan, but their maliciousness and racial and homophobic is pure ignorance. their use of the words "n****rs" and "f*gs" isn't directed at anyone of those groups, just at themselves.
It seems like the assault must have been started by a student because it doesn't seem like you knew anything of 4chan before this onslaught.
As for being spammed by bots, probably not. individuals are responsible for this. As quickly and ignorantly as they refer to themselves as n****rs and f*gs, they are just as quick to attack a message board at the suggestion of one anon.
It wasn't spambots. It was people. /b/ does this crap all the time.
That aside, a few comments. I'm in IT and this sort of thing grinds my proverbial gears partly because my own high school started rolling out "e-learning" solutions with almost no thought as to security.
The issue is partly with this "Nicenet," I'd say. I'm not familiar with it, but it sounds as though to some degree it allows anonymous posting (or posting through some easy-to-bypass registration method). Does it offer any sort of tightened privacy settings?
As somebody in the IT field, the setup as you've described it is a disaster waiting to happen (mostly because of the spam issue to be entirely honest). It goes well beyond the spam issue, though.
Why were people who weren't in the class even allowed to post anything on the classroom discussion board? For that matter, why was the general public even able to view the discussion board in question? If the board is used for educational processes, the things the students write to one another or to you, as the instructor, should be in confidence. The general public should not be granted permission to post on that board. If Nicenet offers no sort of privilege control or privacy control, your school should jettison it quickly and move to a more secure system of e-learning tools (in-house if necessary).
If this sort of setup is what the administration and/or IT at your school asked you to use, sit down and have a chat with them. Classroom discussion boards can and should be secured against access by anybody on the public internet - spammers, /b/tards, or an average Joe with too much time on his hands.
Well, it was accessed because a student (apparently) gave the code out on this 4chan message board. Nicenet is used in a lot of schools (it's not blocked so students can access it, and it's unfettered by ads), and it's really the only unblocked discussion site I know of. I might start looking at some more, but I'm not sure the best site to use - because Nicenet is secure, as long as the code isn't given out. Maybe I can play with the settings there and make it invite-only.
Riss: Where was this blog shown in the 4chan site?
Definitely a good decision to turn off comments.
I've gotten 600 hits on this blog in the last 2 hours. Usually I get 80-100 a day.
There were 25 comments to publish in my blogger account. Most are racist or homophobic.
This is dumb.
hey EiB. i'm a poet who culls strings of text from the internet to write. i regularly use search engines, online databases, and other sources to filter through and select text of interest. one of the sites i most regularly draw from is 4chan because of particularly interesting syntax and morphology. i wrote a paper for a linguistics course on 4chan.
your nicenet site was most definitely hacked by 4chan, at the behest of a student in your class who was probably male. i saw the original 4chan posting that mentioned your site and gave out your class key, although that post has long since been deleted from the /b/ image board on 4chan. a link to your blog was also posted earlier today on 4chan, although i assume it has been deleted since as well.
just so you know, the comment you OK'd from "Anne Hiro" is really a poster from 4chan, and the poster name is a reference to one of the many inane and banal inside jokes on 4chan.
my advice would be to not mention the attack or the phenomenon anywhere on the web, including your blog, facebook profile, or anywhere else as there is nothing anonymous loves more than attention. on the whole they are, after all, children. the fact that you didn't receive thousands of visits today is probably a sign that they've already forgotten about you.
i hope you are able to identify the student who initially posted on 4chan and that you can salvage your lessons, hopefully by using a more secure internet posting place that forces all users to more fully identify themselves and receive proper clearance before posting.
take care.
"I might start looking at some more, but I'm not sure the best site to use - because Nicenet is secure, as long as the code isn't given out."
In other words, it's not secure. The degree to which pre-shared keys are insecure increases with each person who knows the key. As you have seen, there's nothing other than the "honors system" stopping somebody with knowledge of a private key from disclosing it to third parties. It's akin to putting a lock on your door and giving keys to 20 students - except in this case the key can be duplicated ad nauseum with an effective marginal cost per copy near zero.
Does your school have an IT department with a decent budget? Push them to set up something like SSL-encrypted phpbb. Or even a $5/month (or somewhat more depending on traffic) hosting plan with secure forum or wiki software could get your school something better than a "private" board secured with a widely-shared PSK.
PS - it wasn't ebaums. /b/ always stirs up crap and then blames ebaums. It's a running internet gag. (Also, to linguistically quip, /b/'s denizens are not hackers no matter how much they try to claim the moniker. /b/ has a majority of computer-illiterate morons and a small minority of what we call "script kiddies" - on a good day.)
Don't worry. This will blow over.
As to your question to riss about where it was posted, the thread is certainly gone by now.
EiB-
in answer to your question about where it was posted, the anon was right in saying that the thread is certainly gone by now. thats not to say that it won't be mentioned again. but for what it's worth, the thread was found in /b/. 4chan is divided up into different boards and each board is identified by a letter. while /h/ is for hentai and /sp/ is for sports, /b/ is just a random board. anything that doesn't fall into a specifically designated group ends up on /b/. this board is the least patrolled and taken the least seriously, making it the place where the most bored and depraved find themselves.
the post with your site is certainly gone by now, as the site is so popular that it sometimes makes it difficult to keep track of any post for that matter.
Post a Comment