Please share far and wide!

Monday, January 2, 2012

Trolls a Sign of the Times

Demonstration of what a Troll is

Troll below took a lame pot shot

photo
18 minutes ago(12:38 AM)
I looked at your "calculati­ons". Do you really expect to be taken seriously? You have made so many assumption­s about the dispersion of the isotopes and even their "non Chernobyl" identity that I have to laugh. You are practicing the same kind of deception you accuse nuclear advocates of....that or you don't know what you are doing.

But really you shouldn't embarrass yourself quite so badly...the document you are "laughing about" is labelled with it's source, so obviously you didn't really look.   the source is here for your convenience and embarrassment
http://www.ncbi.nlm.nih.gov/pubmed/22206700

Its from the US National library of Medicine.    Hah! What a joker your are.   Pretending that the USNLIM was actually my work, and then taking pot shot at it.   Well you didn't actual even  muster a pot shot, all you did was say you laughed.

My assumptions in my work were fairly simple, I took a rectangular box that encompassed known EPA published data points, took an independent simulation of particulate spread, then made it smaller to be conservative, and then assumed a uniform distribution within the volume.   Assumptions were clearly stated, backed up with charts and models, and conservative.

The only way that much uranium was in the EPA filters was a massive launch and aerosolization of core or fuel pool material or both.    A little temporary even 3 day fire wouldn't do it.

Contrary to what you said I did not make assumption about dispersion of various isotopes, as I simplifed and made my estimates more conservative by only using the most common isotope U-238.   

So again, just another pot shot from you.  Is that the best you can do, seriously?   If i was paying you to be a troll I would fire you. 

You could reduce my estimates by 87% AND the only logical conclusion would still be a launch of 10's of tons of uranium.  

Here is my original source material for those interested in the truth.

http://nukepimp.blogspot.com/2012/01/uranium-in-air.html

I have also documented your inability to actual mount an argument as an example in the blog.  

8 comments:

  1. found one detection so far.
    pdf's have high probability of being clean, yet cannot say for certain without "real iron" testing.
    I did get headhunted by http://automattic.com/work-with-us/ (strange)

    https ://archive.org /details /atomicnucleus032805mbp

    added spaces to prevent reinfection, if that was one vector.

    analysis: https://www.virustotal.com/en/url/e5963b3d2e8f5242d43fb74af049a822d9cf7a6dee9c7e8642c08fdb63337d80/analysis/1416048420/

    posted: http://enenews.com/govt-issues-inundation-warning-fukushima-daiichi-years-strongest-storm-approaches-tepco-bracing-overflows-officials-warn-torrential-rains-landslides-ground-loosening-south-plant-danger-tornad/comment-page-3#comment-588156


    still efforting ...

    ReplyDelete
  2. We may have a "winner".
    Do bear in mind that none of this should be considered "actionable" until confirmed.
    No sense going off half-Vox'ed. :lol
    Oak's lunatic Ridge likely isn't going anywhere.

    Here's an update to the last candidate link, which only scored as a "Malicious site" on 2/61 URL Scanners:
    http://quttera.com/detailed_report/archive.org
    Quote from "Blacklisting status" --> "Quttera Labs - domain is Malicious. more info"
    That site is long on blacklists, but damn short on details. (Inconclusive)


    -----------------------------------------------------------------------------------------------------------------
    web site included to ensure moderation:
    https://startpage.com/
    -----------------------------------------------------------------------------------------------------------------

    ReplyDelete
  3. Here is another candidate (with spaces for sanity's sake):
    http ://www.uefap .com /reading /exercise /ess3 /gamow .htm

    posted: http://enenews.com/govt-issues-inundation-warning-fukushima-daiichi-years-strongest-storm-approaches-tepco-bracing-overflows-officials-warn-torrential-rains-landslides-ground-loosening-south-plant-danger-tornad/comment-page-3#comment-588284

    Analysis: https://www.virustotal.com/en/url/d2e8d4d5534b9d4ddc16c0599f426eb971bb2af3ea84de6e05da8a68fbf138fc/analysis/1416050535/
    That registers 1/61 detection as a "Malware Site".

    http://sitecheck.sucuri.net/results/www.uefap.com

    Quote: "Website: www.uefap.com
    Status: Site Potentially Harmful. Immediate Action is Required.
    Web Trust: Blacklisted (10 Blacklists Checked): Indicates that a major security company (such as Google, McAfee, Norton, etc) is blocking access to your website for security reasons. Please see our recommendation below to fix this issue and restore your traffic."
    ...
    "Site Likely Compromised"..."Outdated Web Server Apache Found: Apache/2.2.3"
    ...
    "Domain blacklisted By Yandex (via Sophos): uefap.com - reference"

    Reference: http://www.yandex.com/infected?url=uefap.com&l10n=en
    Quote: "Yandex has detected malware on this site that may harm your computer or gain access to your personal information."

    Interesting that only a Russian site puts up red flags.
    Translated Quote: "Yandex periodically checks the page. Last check (less than a week ago) has shown that the site was placed malicious code. This could happen as desired site owners and without their knowledge - as a result of malicious acts. If at the next check code is detected, Yandex stops mark the site in search results as dangerous."
    ...
    "Malware: contains Troj/JSRedir-NG (data provided by Sophos)."
    https://nakedsecurity.sophos.com/2009/12/23/gnu-gpl-malware-trojjsredirak/
    Title: "GNU GPL malware?: Troj/JSRedir-AK" ... "by SophosLabs on December 23, 2009"

    Dud here: Note the differing suffixes.

    Quote: "The next few lines of code do the redirection to a webpage in Russia with the following legitimate strings in its URL:

    google-com-ar
    google.ch
    google.com
    mininova.org
    cams.com
    ip138-com

    I suspect that this code is part of a larger hack and if you find this code on your website please send us samples of other recently modified files."

    Dud here: There might be your Russian web traffic.

    see http://en.wikipedia.org/wiki/Gumblar

    Quote: "Gumblar is a malicious Javascript trojan horse file that redirects a user's Google searches, and then installs rogue security software. Also known as Troj/JSRedir-R this botnet first appeared in 2009."
    ...
    "Gumblar.X infections were widely seen on systems running older Windows operating systems.[2] Visitors to an infected site will be redirected to an alternative site containing further malware. Initially, this alternative site was gumblar.cn, but it has since switched to a variety of domains. The site sends the visitor an infected PDF that is opened by the visitor's browser or Acrobat Reader. The PDF will then exploit a known vulnerability in Acrobat to gain access to the user's computer. Newer variations of Gumblar redirect users to sites running fake anti-virus software."

    Dud here: There is your fake security software via a malicious pdf.

    Quote: "See also: Malware, E-mail spam, Internet crime"


    Still not a "smoking RPV" on it's own though, imho.

    ReplyDelete
  4. Independant confirmation seems in order, including confirmation of 50.142.165.12 as a source.
    Am i correct that the malefactory crew need not have known about the malware?
    It seems to be done in the course of posting hate, sexual harassment, etc., etc.

    Their employer ("Your tax dollars at work?") must love this shit.
    Can i eventually look forward to reading all about this on Lucas W. Hixson's blog?


    You could prolly use a full report of all ManBearPig's links.
    I could use a percentage pay raise at minimum. :P


    Cue 'da 'Ahnold, und 'da Donald to 'da tune of 'da Nylons.
    "Na na na na, na na na na, hey hey hey, goodbye!" :)

    Please reply here --> http://nukeprofessional.blogspot.ca/2014/11/virus-laden-troll-links-at-enenews.html <-- to indicate receipt & need for full list of links for independent analysis.

    Aloha

    ReplyDelete
  5. ManBearPig pdf linking history @ enenews.com
    -----------------------------------------------------------------------------------------------
    disclosure: direct linked pdf's may be malicious files & possible BIOS attack - BEWARE!!!
    (the odds are extremely low, yet cannot be ruled out yet; space added before ://)
    VirusTotal notes for most files (quote)
    "Probably harmless! There are strong indicators suggesting that this file is safe to use."
    Anubis seems potentially more revealing ...
    -----------------------------------------------------------------------------------------------
    October 11, 2014 at 12:24 am - http://enenews.com/latest-govt-models-show-typhoon-making-direct-hit-fukushima-center-vongfong-expected-be-nuclear-plant-tuesday-maps/comment-page-1#comment-585961
    http ://www.safety.vanderbilt.edu/rad/nrc-reg-guide-8.13.pdf

    October 15, 2014 at 8:57 pm - http://enenews.com/govt-issues-inundation-warning-fukushima-daiichi-years-strongest-storm-approaches-tepco-bracing-overflows-officials-warn-torrential-rains-landslides-ground-loosening-south-plant-danger-tornad/comment-page-3#comment-588258
    http ://www.eurosafe-forum.org/files/pe_382_24_1_seminar2_01_2005.pdf

    October 15, 2014 at 10:51 pm - http://enenews.com/govt-issues-inundation-warning-fukushima-daiichi-years-strongest-storm-approaches-tepco-bracing-overflows-officials-warn-torrential-rains-landslides-ground-loosening-south-plant-danger-tornad/comment-page-3#comment-588362
    http ://earth.geology.yale.edu/~ajs/1960/ajs_258A_11.pdf/151.pdf
    https://www.virustotal.com/en/file/40cc4cc26b57e41e55f327634891a5386b7621de999572e26fabefeffa48c0da/analysis/1416046750/
    Quote: "This PDF document contains AcroForm objects. AcroForm Objects can specify and launch scripts or actions, that is why they are often abused by attackers."
    http://anubis.iseclab.org/?action=result&task_id=173d2c99c7ef13cb45531df4c08326f25&format=html
    http ://anubis.iseclab.org/?action=result&task_id=173d2c99c7ef13cb45531df4c08326f25&download=traffic.pcap
    https://www.virustotal.com/en/file/0c43d1c08e84475c91e622b1efdee19abfae1ac2a551d7906329cf87b66fdb57/analysis/1416069787/
    Quote: "PCAP file! The file being studied is a network traffic capture, when studying it with intrusion detection systems Snort triggered 1 alert and Suricata triggered 3 alert."
    ... "Intrusion Detection System
    Snort 1 alert
    Suricata 3 alerts"
    ... "Wireshark file metadata
    File encapsulation Ethernet
    Number of packets 120
    Data size 89088 bytes"
    ... "Snort alerts Sourcefire VRT ruleset
    BAD-TRAFFIC TMG Firewall Client long host entry exploit attempt (Attempted User Privilege Gain)
    Suricata alerts Emerging Threats ETPro ruleset
    ET POLICY Reserved Internal IP Traffic (Potentially Bad Traffic)
    ET POLICY Internet Explorer 6 in use - Significant Security Risk (Potential Corporate Privacy Violation)
    ET INFO PDF Using CCITTFax Filter (Potentially Bad Traffic)"
    ... "earth.geology.yale.edu 130.132.22.55"
    (note: not definative, flagged for further investigation)

    October 17, 2014 at 1:23 am - http://enenews.com/pbs-plague-hit-west-coast-hard-year-biologists-fear-species-going-extinct-experts-largest-outbreak-oceans-terms-numbers-species-affected-geographic-scale-mortality-people-kids-before-theyre-all/comment-page-2#comment-589179
    https ://www.orau.org/ptp/PTP%20Library/library/Subject/Plutonium/plutonium2.pdf
    https://www.virustotal.com/en/url/67f8b5abd8979c791f2786a1e0d177e11e62b1beaaf4b13ac05f2ef08681bc12/analysis/
    Quote: "HTTP Communication error - There was an unexpected error when trying to retrieve the response"
    http://anubis.iseclab.org/?action=result&task_id=1e7a67a95f43b5114c915fef8f923c38a&format=html

    ReplyDelete
  6. October 17, 2014 at 12:42 pm - http://enenews.com/top-5/comment-page-1#comment-589403
    http ://energy.utexas.edu/files/2014/06/Eslinger-2014-JER-Fukushima-Source.pdf
    https://www.virustotal.com/en/file/25ce9ab8f93a2f23b4763ccb77f520da27c392438216eb98b1b043e0375bf1c2/analysis/1416046843/
    Quote: "This PDF file contains an open action to be performed when the document is viewed. Malicious PDF documents with JavaScript very often use open actions to launch the JavaScript without user interaction.
    This PDF document contains 17 object streams. A stream object is just a sequence of bytes and very often is only used to store images and page descriptions, however, since it is not limited in length many attackers use these artifacts in conjunction with filters to obfuscate other objects. "
    http://anubis.iseclab.org/?action=result&task_id=1b0d5dd14764399646db2c039779928c4&format=html

    October 17, 2014 at 12:48 pm - http://enenews.com/top-5/comment-page-1#comment-589414
    http ://energy.utexas.edu/files/2014/06/Eslinger-2014-JER-Fukushima-Source.pdf
    as above (copy)

    October 17, 2014 at 11:32 pm - http://enenews.com/top-5/comment-page-1#comment-589912
    http ://digitool.library.colostate.edu///exlibris/dtl/d3_1/apache_media/L2V4bGlicmlzL2R0bC9kM18xL2FwYWNoZV9tZWRpYS8yMDc5Mjg=.pdf
    https://www.virustotal.com/en/file/ac73c4ab320a3f290a10406e95d217939340688792f12797ed5736a2c2acdb4f/analysis/1416046547/
    Quote: "This PDF file contains 1 JavaScript block. Malicious PDF documents often contain JavaScript to exploit JavaScript vulnerabilities and/or to execute heap sprays. Please note you can also find JavaScript in PDFs without malicious intent."
    http://anubis.iseclab.org/?action=result&task_id=18f7d9ce635b77ce41d85d8497637249e&format=html

    October 17, 2014 at 11:36 pm - http://enenews.com/top-5/comment-page-1#comment-589918
    http ://www.ans.org/pi/ps/docs/ps47-bi.pdf
    https://www.virustotal.com/en/file/2c4223ea228a88540001d1b99fbd5f1316df2270ee886ec955fd7e24a08b50aa/analysis/1416047170/
    Quote: "This PDF document contains 9 object streams. A stream object is just a sequence of bytes and very often is only used to store images and page descriptions, however, since it is not limited in length many attackers use these artifacts in conjunction with filters to obfuscate other objects."
    http://anubis.iseclab.org/?action=result&task_id=193d2f7a4c9b9083441ed989f97831934&format=html
    http ://anubis.iseclab.org/?action=result&task_id=193d2f7a4c9b9083441ed989f97831934&download=traffic.pcap
    https://www.virustotal.com/en/url/03c8e9fd29f38d617ffb906874759641498513c6061f724734ef0feeb8f2542b/analysis/1416070919/
    (inconclusive - download & upload to Anubis)
    https://www.virustotal.com/en/file/7a794cd011c3f5bf64aef63affc33cfb89776b75eb2cfee428a2d7056f2dcac6/analysis/1416071001/
    Quote: "PCAP file! The file being studied is a network traffic capture, when studying it with intrusion detection systems Snort triggered 2 alerts and Suricata triggered 2 alerts. "
    ... "Intrusion Detection System"
    ... "Snort 2 alerts
    Suricata 2 alerts"
    ... "Wireshark file metadata
    File encapsulation Ethernet
    Number of packets 63
    Data size 41788 bytes"
    ... " Snort alerts Sourcefire VRT ruleset
    (spp_sdf) SDF Combination Alert (Sensitive Data was Transmitted Across the Network)
    BAD-TRAFFIC TMG Firewall Client long host entry exploit attempt (Attempted User Privilege Gain)
    Suricata alerts Emerging Threats ETPro ruleset
    ET POLICY Reserved Internal IP Traffic (Potentially Bad Traffic)
    ET POLICY Internet Explorer 6 in use - Significant Security Risk (Potential Corporate Privacy Violation)"
    ... "DNS requests www.ans.org 206.222.45.7, 173.167.163.230, 199.19.56.1"
    (note: not definative, flagged for further investigation - 3 seperate IP Addresses though???)

    ReplyDelete
  7. October 17, 2014 at 11:38 pm - http://enenews.com/top-5/comment-page-1#comment-589922
    http ://web.ornl.gov/~webworks/cpr/v823/rpt/109264.pdf

    October 17, 2014 at 11:39 pm - http://enenews.com/top-5/comment-page-1#comment-589924
    https ://www.oecd-nea.org/science/docs/2007/nsc-doc2007-6.pdf
    https://www.virustotal.com/en/file/945c79fa9bbef9286b01f422e284c6fe2189ff21f5c6e5f9732b8718e5bb4394/analysis/1416064139/
    Quote: "This PDF file contains 1 JavaScript block. Malicious PDF documents often contain JavaScript to exploit JavaScript vulnerabilities and/or to execute heap sprays. Please note you can also find JavaScript in PDFs without malicious intent.
    This PDF document contains at least one embedded file. Embedded files can be used in conjunction with launch actions in order to run malicious executables in the machine viewing the PDF."
    http://anubis.iseclab.org/?action=result&task_id=19a05d41e78269f34257819cc626e920d&format=html

    October 19, 2014 at 11:35 am - http://enenews.com/top-5/comment-page-1#comment-590754
    http ://www-pub.iaea.org/MTCD/publications/PDF/te_1601_web.pdf
    https://www.virustotal.com/en/file/08df0e133e48e87325ca0aa8e083f51afb7a4738efa239989103c30813bde194/analysis/1416047503/
    Quote: "This PDF file contains an open action to be performed when the document is viewed. Malicious PDF documents with JavaScript very often use open actions to launch the JavaScript without user interaction.
    This PDF document contains AcroForm objects. AcroForm Objects can specify and launch scripts or actions, that is why they are often abused by attackers.
    This PDF document has Digital Rights Management or needs a password to be read."
    http://anubis.iseclab.org/?action=result&task_id=10acd33d394d7230419600d32bda8597b&format=html


    October 20, 2014 at 11:49 pm - http://enenews.com/govt-report-reveals-fukushima-radioactive-release-larger-chernobyl-japan-reactors-could-emitted-four-times-cesium-137/comment-page-1#comment-591781
    http ://behavior.vetmed.ucdavis.edu/local-assets/pdfs/Inappropriate_Mounting_in_Dogs.pdf

    ReplyDelete
  8. October 23, 2014 at 5:08 pm - http://enenews.com/sailor-fukushima-impact-dead-thousands-miles-pacific-ocean-between-japan-talking-about-makes-feel-like-cry-birds-fish-sharks-dolphins-turtles-theyre-all-gone-audio/comment-page-1#comment-593778
    http ://apps.who.int/iris/bitstream/10665/78373/1/WHO_HSE_PHE_2013.1_eng.pdf
    https://www.virustotal.com/en/file/aed62e6804e87473726e4c85f2a6b83b8497425eca7c2a06323705aacbe83058/analysis/1416046642/
    Quote: "This PDF document contains 1 object stream. A stream object is just a sequence of bytes and very often is only used to store images and page descriptions, however, since it is not limited in length many attackers use these artifacts in conjunction with filters to obfuscate other objects."
    http://anubis.iseclab.org/?action=result&task_id=1e10c80ec7f86eaa4d5ac2c601dec32ac&format=html
    (Adobe Updater triggered)
    http ://anubis.iseclab.org/?action=result&task_id=1e10c80ec7f86eaa4d5ac2c601dec32ac&download=traffic.pcap
    https://www.virustotal.com/en/url/fee4fac9788a6f12b92816ef7eabec7401bc273652449f75b782fbd5e5bf9c99/analysis/1416072656/
    (inconclusive - download & upload to Anubis)
    https://www.virustotal.com/en/file/37bd9de6bbdb7dbb472612866eff65e94439023b60062a906c70667de3e7ef8e/analysis/1416072923/
    Quote: "PCAP file! The file being studied is a network traffic capture, when studying it with intrusion detection systems Snort triggered 0 alerts and Suricata triggered 2 alerts."
    ... "Intrusion Detection System"
    ... "Snort 0 alerts
    Suricata 2 alerts"
    ... "Wireshark file metadata
    File encapsulation Ethernet
    Number of packets 98
    Data size 48564 bytes"
    ... "DNS requests apps.who.int 158.232.12.85"
    ... "Suricata alerts Emerging Threats ETPro ruleset
    ET POLICY Reserved Internal IP Traffic (Potentially Bad Traffic)
    ET POLICY Internet Explorer 6 in use - Significant Security Risk (Potential Corporate Privacy Violation)"
    (note: not definative, flagged for further investigation)

    ReplyDelete

Insightful and Relevant if Irreverent Comments