Obama resists calls for him to remain in office

Posted on January 11, 2017 by Dr. Conspiracy

Birthers have long predicted that Barack Obama would pull some stunt to remain in office following his elected term as president. Some have claimed he was planning a mock invasion of the US over the Mexican border through tunnels connecting abandoned Walmart stores. ISIS camps were just over the border. Some thought he would unleash Ebola to create the crisis.

The “sell by” date on those conspiracy theories is rapidly approaching, and the expired and unwanted product will be thrown into the dumpster of history.

Last night, President Obama gave what was billed as his “Farewell Address” in Chicago. The partisan crowd at one point started chanting “FOUR MORE YEARS.” The President responded:

image

I can’t do that

Of course he can’t. For all the birther name calling: traitor, usurper, hater of America, our President does believe in the Constitution and for better or worse, he will leave office at noon on January 20.

View the video and transcript at the New York Times.

Posted in Lounge, Videos | Tagged , | 11 Comments

New birther web site demonstrates irrefutable evidence of copying

Posted on January 10, 2017 by Dr. Conspiracy

It’s not approximate; it’s exact.

The domain was registered early in 2014, but I only became of aware its existence today. The site is a birther site called “WOBC2.com.” It prominently promotes the Sheriff’s Kit, a collection of videos from former sheriff Joe Arpaio’s Cold Case Posse that purport to show proof that Obama’s birth certificate is a forgery. The site’s icon is IIRC the same one that appeared on the now-defunct Cold Case Posse website that comes from the Joomla content management system; however to my mildly experienced eye, the site appears to be hand-coded rather than content managed. The author’s name in the HTML source is “Bill.”

The prominent topic of the site is the most recent offering from former (oh, I love typing that word) sheriff Joe Arpaio and Mike Zullo. Videos and interviews are featured. As we all know, the centerpiece of Zullo’s claim is that 9 aspects of Obama’s birth certificate are identical to a certificate from another Hawaiian born the same month. The degree of similarity asserted by Zullo has been challenged by me and in more detail by others; however, on WOBC2 site I found new evidence of similarity, evidence that is not easily dismissed.

Upon examination, the WOBC2 website has a background image of green basket weave security paper. I downloaded the file, BirthCertificate.jpg, from the site and present the copy here:

BirthCertificate

That image looks remarkably similar to another that appears here on my website. That file is named BasketWeave2.jpg and appears below:

BirthCertificate

Lest anyone think that I am manufacturing evidence, I have made each image link to a copy of it at the Wayback Machine, mine way back in 2012.

One might argue that these are visually similar because they were made for the same purpose, but it’s more than that. Here are the results of running a cryptographic hash on the two files:

File name: C:\temp\BasketWeave2.jpg
File size: 3556 bytes
CRC16: E861
CRC32: EC03DCAD
MD2: 76FA8AFA7F5A97DC48B2BAF5B1CFF299
MD4: 2442D9CD6B0C4B4164EE9051831CC4EA
MD5: F5CEAC402F3EAA2751F7810C40F5A8EF
SHA-1: 3CF7706D3A014315DE0776EA1EA31C68B862CDC0
File name: C:\temp\BirthCertificate.jpg
File size: 3556 bytes
CRC16: E861
CRC32: EC03DCAD
MD2: 76FA8AFA7F5A97DC48B2BAF5B1CFF299
MD4: 2442D9CD6B0C4B4164EE9051831CC4EA
MD5: F5CEAC402F3EAA2751F7810C40F5A8EF
SHA-1: 3CF7706D3A014315DE0776EA1EA31C68B862CDC0

You can see that the files themselves are identical. This test not only shows that the image is identical, but all internal markers, signs and tables are identical, proving that they were created by the same software libraries.

My file was created by taking a screenshot of the White House short form birth certificate (it was done before Obama released the long form) and cropping it by hand using a software program called PhotoImpact.

I confidently conclude that WOBC2 is not an authentic original long-form web site because a part of it was indisputably copied either from this web site or from another source that got it here.

Update: The original version of this article “speculated” that the site was a new version of Mike Volin’s “Where’s Obama’s Birth Certificate.” Volin says that the site is not his.

Update 2: The plot thickens

I sent Mike Volin a brief apology for my earlier speculation, and I got a reply stating that WOBC2.com is not his site, and that he doesn’t have access to it. I take him at his word on this.

I looked a little more closely at the two sites and found these at the bottom:

imageimage

That’s the one from Volin’s site on the right. Now here’s the amazing fact: a search of “Kellyville Productions” (plural) on Google returns no other web sites except these two. It looks like there’s more copying out there than I first thought. WOBC2 links to Volin’s Blog Talk radio page, by the way.

In addition to the website, there is an @WOBC2dotCom” Twitter account. a Google+ profile, with these folks in his circle:

  • Kelly Deysher
  • Ed Sunderland
  • Barry Soetoro
  • Mona Alexis Pressley
  • Mike Macoy

and an Intense Debate profile with no comments (and no matching email address).

Posted in Foolery, Lounge | Tagged , | 58 Comments

Arpaio press conference spikes interest

Posted on January 10, 2017 by Dr. Conspiracy

Birther Ed Sunderland yesterday at The Post & Email commented:

At the website blog wheresobamasbirthcertificate.com the international feed counter has been clocking site visits from all over the world and picked up recently when Sheriff Arpaio made his last press conference.

Canada, France, Italy, Germany, S. Korea, Belgium, Kenya, Britain, Spain, and it goes on and on. Folks from all over the world are hungry for information about this fake and fraud in the White House.

That reminded me that I hadn’t looked at my site statistics for this past month, including the December 15 Arpaio/Zullo press conference. Sunderland didn’t share any absolute numbers, but of course my numbers are and always have been transparent.1

image

That peak number was 2040. Unfortunately, I didn’t have much for them right away.

My site’s peak since recording statistics occurred on April 27, 2011, the day Obama released his long-form birth certificate with 7236 unique users, closely followed by November 9, 2014, with 6752 unique users visiting a few days after the election. (Oh, for they heady days of Yuri Gagarin when the world trembled at the roar of our debunking!)

I track statistics from the 23rd of the month until the 22nd of the next month. Looking over the country list from the most recent period, I had users from a total of 128 different countries, the majority of course from the United States. These are the numbers of sessions.

  1. United States – 16,512
  2. Canada – 617
  3. United Kingdom – 555
  4. Australia – 400
  5. Russia – 161
  6. India – 110
  7. Germany – 104
  8. Spain – 95
  9. South Africa – 84
  10. Norway – 82 (how did they know I’ve been watching Norwegian YouTube Videos?)
  11. Netherlands – 64
  12. China – 55
  13. Nigeria – 49
  14. France – 48
  15. Italy – 48
  16. Sweden – 48
  17. Switzerland – 47
  18. Philippines – 47
  19. Mexico – 45
  20. Puerto Rico – 44
  21. Kenya – 43

Followed by Japan, Israel, Barbados, New Zealand, Ireland, Finland, Malaysia, Singapore, Denmark, Indonesia, Saudi Arabia, Brail, Belgium, Poland, Taiwan, Pakistan, Thailand, Vietnam, Czech Republic, South Korea, Hong Kong, Costa Rica, Panama, Turkey, Portugal, Romania, Dominican Republic, Latvia, United Arab Emirates, Austria, Croatia, Hungary, Bangladesh, Côte d’Ivoire, Chile, Greece, Jamaica, Nepal, Cameroon, Ecuador, Estonia, Ethiopia, Guatemala, Cambodia, Kuwait, Kazakhstan, Serbia, Ukraine, Zimbabwe, Bahrain, Belize, Cyprus, Algeria, Ghana, Guam, Moldova, Malta, Qatar, Slovenia, Trinidad & Tobago, Uganda, U. S. Virgin Islands, Afghanistan, Argentina, Belarus, Colombia, Djibouti, Greenland, Iceland, Sri Lanka, Macedonia, Mauritius, Peru, Papua New Guinea, Rwanda, Sudan, Slovakia, Suriname, Tanzania, Uzbekistan, Zambia, Angola, Bulgaria, Bolivia, Botswana, Curaçao, Egypt, Fiji, French Guiana, Haiti, Iraq, Jordan, Kyrgyzstan, Lebanon, St. Lucia, Liberia, Lithuania, Montenegro, Martinique, Malawi, Niger, Palestine, Réunion. Somalia, Sint Maarten, Togo and Tunisia.

Site statistics have been updated for November and December.

1Alexa.com shows wheresobamasbirthcertificate.com ranked 3.9 millionth in the world, and this site about 1 millionth.  Alexa ranked what it called “similar” sites as follows:

  • wobc2.com – 14,306,067
  • obamadocuments.wordpress.com – 16,462,586
  • obamabirthbook.com – 17,996,352
  • cdrkerchner.wordpress.com – 4,900,863
  • surpriseteapartypatriots.com – 20,607,402

One has to subscribe to see the entire “similar” list, but I guessed some:

  • birtherreport.com – 905,550
  • birthers.org – 6,934,617
  • orlytaitzesq.com – 416,916
  • fellowshipoftheminds.com – 78,840
  • puzo1.blogspot.com – 5,855,931
  • canadafreepress.com – 77,980
  • judicialwatch.org – 49,022
  • rcradioblog.wordpress.com – 5,309,401
  • commieblaster.com – 1,101,159
  • theobamafile.com – 2,098,534
  • devvy.com – 1,554,808
  • carlgallups.com – 1,969,798
  • ppsimmons.com – 6,179,479
  • moralmatters.org – 1,245,285
  • thejaghunter.wordpress.com – 8,224,359
  • thepostemail – 502,532
  • lamecherry.blogspot.com – 296,329
  • wtpotus.wordpress.com – 2,417,908
  • theobamafile.com – 2,098,534
  • thedailypen.blogspot.com – 8,036,922
  • americanthinker.com – 11,042
  • drkatesview.wordpress.com – 17,476,540
Posted in Joe Arpaio, Lounge, Mike Zullo | Tagged , | 14 Comments

Security Alert–Faux Chrome update

Posted on January 10, 2017 by Dr. Conspiracy

I doubt anybody reading this site would click on something like this that just popped up on their browser.

image

Chrome updates itself in the background. It looks like this malware downloader is coming through compromised advertising on a web site. I’ve seen it maybe 4 times, and my wife caught it once.

I wouldn’t have mentioned it here except that I found this one at the Post & Email. It’s also appearing at reddit, Facebook and Yahoo mail. There is an extensive discussion of it on the Google product forums, and it is not to be taken lightly.

Posted in Lounge | Tagged | 1 Comment

WorldNetDaily still beating the Birther drum

Posted on January 9, 2017 by Dr. Conspiracy

Bob “The Birther” Unruh has another rehash of the Cold Case Posse news conference in a new article, “Even more evidence Obama birth certificate fake.” I left a comment:

Wake me when Zullo releases those forensic reports. His fuzzy video doesn’t support what he claims it does.

There is no actual new content in the article.

WorldNetDaily publisher Joseph Farah claims to have created interest in the birth certificate, sort of the instigating fake news story that got things rolling. In the middle of the story is a huge ad for Jerome Corsi’s epic failure, “Where’s the Birth Certificate.”

A fairly rabid crew of birthers has congregated in the comments section.

Posted in Birth Certificate, WorldNetDaily | Tagged | 14 Comments

The confession of Dr. Conspiracy–Part 3

Posted on January 9, 2017 by Dr. Conspiracy

In Part 2 I talked about identifying sock puppets at Birther Report by exploiting information in its avatar system. The underlying email addresses are obscured by a cryptographic digest, but is there a way around that?

Troll Hunter

It started two years ago with my article, “Troll hunter.” It’s about a Swedish group’s attempt to expose individuals who posted at a right-wing web site, taking advantage of a poor security model in the popular Disqus commenting system. Disqus provided, through a public interface (API), a cryptographic digest or hash of a commenter’s email address. Troll Hunter’s approach was to collect a huge number of email addresses (around 200 million), compute their cryptographic hashes and match them to commenters on the right-wing web site. When the email hash matches the commenter’s hash, then the commenter’s email address is exposed.

Disqus subsequently changed its API, and the specific approach used by Troll Hunter no longer works, but I wondered if a similar approach would work at Birther Report. There were two initial goals: one was to determine if any prominent person was secretly a birther, and the second was to figure out the identity of the BR commenter named ★FALCON★. BR uses the IntenseDebate plug-in, and to my knowledge it has no public API. It does, however, leak user email MD5 hashes for commenters who use Avatars supplied by gravatar.com, that is, most of them.

In order to display the avatar (unless the user signs in with Facebook), IntenseDebate generates a URL, for example this one for me:

http://gravatar.com/avatar/561bb74e93a2400ed235cd5d3fc5fa43?s=86&d=identicon

The bit between the slash and the question mark (“56 1b b7 4e 93 a2 40 0e d2 35 cd 5d 3f c5 fa 43”) is the MD5 hash of my email address here at obamaconspiracy.org. All it takes to get that URL is to right-click on the avatar and select “Copy image address” (in Chrome) from the context menu. Even some generic looking avatars may have an MD5 hash, sometimes even users with the name “Guest.” Without an API, harvesting these gravatar MD5 hashes and entering them into a database is a tedious and time-consuming manual task, but I did it over several months, and collected 711 of them from BR (not counting a huge number of sock puppets I discovered and discarded). While my focus was Birther Report, it was not the only web site I looked at and found leaking MD5 hashes. CDR Kerchner, Fellowship of the Minds, drkatesview, Citizen WElls, Western Journalism, JAG Hunter, Impeach Obama Campaign and wtpotus were some others. Fortunately, not all websites required manual right-clicking, copying and pasting. Some could be scanned with automation that read the site’s HTML and navigated from page to page. All in all, I recorded 4,308 screen names and 4162 distinct email hashes from 27 sites (not all of the harvested email hashes belonged to birthers and not all sites were exclusively birther sites).

The next step was to collect lots of  email addresses. While that process was largely automated, it took months also. Various Internet web sites contain bulk lists of emails in various formats, typically a hundred or two per page. Some accidentally leave lists around. I found a magazine’s subscriber list. I found lists of results from hacking attacks posted on the Internet at dazzlepod.com. I used email addresses listed in birther lawsuits, sloppy redaction by Orly Taitz, and amazingly an XML export of all the comments from a prominent birther website that was just laying around for Google to find. (I notified the site owner that the file existed and I believe it has since been deleted.) Eventually, I collected 146 million email addresses in my Microsoft SQL Server database, far more than I ever expected. I would let scanning and scraping programs run for days to get the email addresses from tens of thousands of pages of email listings. Some sites figured out what I was doing and blocked my IP address. I went to the Google cache. I could not have done this without my programming background and sometimes 10-hour days coding.

In none of this was anyone “hacked” nor any web site penetrated. No passwords were guessed. No malware was employed. No social engineering was used. All of the collected information, both hashes and email addresses, was freely available on the Internet. I just looked really hard and really long and really smart. Long story short, many emails were identified, but not Falcon’s.

Continue reading

Posted in Dr. C. Comments | Tagged , , , , , , , , , , | 26 Comments