IRC-Junkie.org – IRC News

All about Internet Relay Chat

More loss for Undernet's Channel Service

Hard times for Undernet’s CService with the loss of a second member this year.

“Tuesday night, our good friend and Channel Service Admin, skewll aka Tonie left us. She was suffering from a serious pneumonia but as we knew, she was improving”, ColdAs1ce announced yesterday on the Undernet website.

A thread has been opened on the Undernet forum for those who like to express their feelings.

Undernet looses CService member

“Today I received a query with the sad news that John aka jwpara has passed away”, CService coordinator LordLuke announced today on the Undernet news page.

JwPara has undergone surgery a few months ago. “Actually I expected his return every day now” LordLuke continues.

“I joined our org around the same time as John and have always loved working and talking with him. He’ll be seriously missed by me and a lot of other people from the Undernet community.”

Those who like to express their feelings can do so on the Undernet forum where a thread has been opened in the memory of JwPara.

Undernet website hacked

Users of the Undernet network have noticed the site has been down for a few days. The website had an old calendar PHP script which was unused, but never deleted from the site.

“The calendar had an exploit that allowed users to read local files on the server by issuing local commands thought the php query string”, the admin of the Undernet website magic explained IRC-Junkie in a reaction.

“The website is running in a jail so he was unable to get anything of importance. He was able to read a very old sql dump where all password except two test passwords was encrypted using MD5.”

Prior to this hack the website have been down as well, which was unrelated to the hack however. “The reason for the original downtime was that the server was rebooted and httpd didn’t autostart as it should and no one noticed.”

CIA funds monitoring of IRC (updated 2)

A university in New York is going to be working on a program to analyse IRC chat which is being funded by the CIA channeled through the National Science Foundation. This document outlines the project including the sum of money involved which is $157673 USD.

“The aim of this proposal is to develop new techniques for information gathering, analysis and modeling of chatroom communications”, the document explains. What the document did not lined out was that it was the CIA who was behind the funding.

Leland Jameson, NSF programme director said last Wednesday that the two year program will probably not see a new term.

In June 2004 the two researchers mentioned in the document , Yener and Krishnamoorthy, released a paper (NSF funded) that described a project where users on the Undernet IRC network were monitored. In the paper they described their work as “could aid (the) intelligence community to eavesdrop in chatrooms, profile chatters and identify hidden groups of chatters in a cost-effective way.”

To monitor chat on Undernet the researchers would need to actually have a client inside the channels they want to monitor. Private messaging between two users is not possible to follow for an outsider, unless the ircd contains code to do so. As the ircd in use on Undernet, ircu, is open source, this seems highly unlikely.

Al Teich, director of science and policy programmes at the American Association for the Advancement of Science has in general nothing about the CIA funding anti-terrorism, but “Whether the CIA ought to be funding research in universities in a clandestine manner is a different issue.”

Several articles can be found using Google News for further reading. Thanks to Ed for initially bringing it to my attention :)

Update: “Undernet has never knowingly been a part of any snooping project for the government. We were totally unaware of this”, said an Undernet official in a reaction to IRC-Junkie.

A PDF explains the initial research and includes the explanation on why they picked out #usa, #philosophy and #political on the Undernet IRC network.

Update2: People have asked me what hosts the bots are using. It is not hard to find the bots online, as the bots are not set +i at all. Doing a who *.rpi.edu quickly shows the next connection:

resh is ~camtes@opt.cs.rpi.edu

resh is Seyit A. Camtepe

End of WHO matching *.rpi.edu – 1 user(s) found

From the PDF we know Ahmet Camtepe is one of the researchers, and that camtes@cs.rpi.edu is his email address. Whoisses of the last few days show that the bots are moving around channels, and have abandoned the 3 channels mentioned in the PDF.