Wednesday, October 25, 2006

Not hacking, just harassment

Ray Dixon/rikijo wants you to think he’s a bad-ass hacker. In his first blog entry he even goes so far as to describe himself as a network security analyst. Judging from this and other remarks he makes, you might be tempted to think he spends the bulk of his day coding new password-cracking software, infiltrating highly secure government networks, and looking for new unix vulnerabilities to exploit. Yet rikijo’s claim to Kevin-Mitnick-style hacking fame is just as delusional as his claim of saving children daily. This is borne out by a close look at the two methods he has employed in his war against NAMBLA.

Dixon’s first method is what I will dub the honeypot method. It involves him posing as a NAMBLA officer and tricking people into e-mailing him their personal information. To set up his honeypot, Dixon first registers an email account similar to one listed on NAMBLA’s web site. (For instance, one e-mail address he has used is, which is meant to look like, the email address of NAMBLA’s Peter Herman.) Once he has created his e-mail account, he goes to various web forums and social networking sites, pretends to be a NAMBLA officer, and asks anybody interested in the group to e-mail him. The people who respond think they are contacting NAMBLA, so they often hand Dixon their personal information on a silver platter. Occasionally, however, the sender is a little more careful with his personal information, and Dixon has to brandish the ultimate hacker weapon -- the Google Web Search -- in hopes of matching the information from his e-mails with his target's real name. If he's successful, Dixon posts his target's personal information on his blog, claiming to have intercepted the target’s membership application to NAMBLA, and labeling the sender of the e-mail a danger to children everywhere.

Dixon’s second method is what I like to call the illegal technique. Why? Because, well, it’s against the law -- a federal crime, in fact. Since an earlier post has already described this method, a detailed breakdown is not necessary here. Nonetheless, I will note that the compromise of David Thorstad’s e-mail account in March of 2006 appears to be the consequence of this technique. That was 7 months ago. The statute of limitations for this crime is three years.

Both of these techniques can be mastered by any bottom-feeder with a telephone line, an Internet account, and a few minutes of spare time. About the only thing Dixon’s antics have in common with real computer hacking is that both are likely to be illegal. Not that this would stop Dixon, who has amassed quite a criminal record in his 37 years. More on this in the next entry.

Friday, October 20, 2006

Dixon's great slurpee disaster revisited

The earlier post Everybody Hates Raymond reveals how rikijo inadvertently left bread crumbs to his own real-life identity when he forgot to change the calling station number for his fax transmission. An image of the fax was unavailable at the time the post was written, but just last week an anonymous source provided the Predator Tracker with a jpeg image of that very fax. It is included below as a concrete reminder of just how sick (and incompetent) of a person Raymond Dixon is. Does the ellipsis in the closing look a little familiar?

(Click on the picture to see the full-size image.)
Proof of Dixon's Faxing Prowess