Wednesday, August 19, 2009

The Snitch Website/E-Mail

A lot of my Facebookies and conservatives in general are getting or are concerned over the "" "snitch" e-mail address. I don't much care for the idea either, but I am no more afraid of it than I am of the things that would get the lefties all fearful under W. There are a number of reasons for this.

First is that e-mail is free form. How do I know where the e-mailer has named names? How do I know if the name is a friendly person or an unfriendly? Where is the rumor? How do I distinguish between a rumor and other narrative? How about dealing with misspellings and typos?

And as far as holding IPs that too, in general, is difficult. If the e-mail is sent via webmail service such as Yahoo or Hotmail? Sure, the IP of the originator is ultimately obtainable, but it is not easy to get unless those services include the originating IP in the header which is something I am unaware of, can someone clarify this?.

Another problem is dealing with the large volume of e-mail coming in in. A sizable amount of which includes the standard spam e.g. pitches for viogro, notices about winning the Tanzanian internet lottery, requests to help move millions of ill gotten dollars out of Togo, pitches for vicdoin, and those intentionally flooding the e-mail address (e.g. self-reporters). One can code up programs to eliminate a large number of spam notes but not all. I am sure at least one or two people set up spambots specifically to hit that e-mail.

In fact, I find it incredible an administration legend for its online talent did something so stupid (not factoring the constitutional/legal ramifications here). The Whitehouse website probably gets more visits in a minute than all of my sites combined in a year. Still, I learned a long time ago to never expose an e-mail address on a website and techniques to hide those e-mail addresses (while still using them) from spambots. In addition, every form you put up had better have a CAPTCHA challenge on it, otherwise spambots will get at you too.

The only sorta nefarious possibility is that an e-mail list is being driven from e-mail addresses obtained via the flag e-mail. E-mail addresses are easy to glean from an e-mail (in the headers, the subject, or the body) and those e-mail addresses could be harvested and used to populate an e-mail listing. Which some reporting indicates may be going on.

As far as using the identities of those submitted for nefarious purposes (e.g. IRS audits or other governmental harassment) I am extremely skeptical, of course, I expect to hear people report such activity after the next tax season is over. It will be hard to prove such a correlation either way without access to data that would be extremely hard to get.

Just because you get audited and are on the "snitch list" does not mean there is a connection, maybe you really did file a dodgy tax return and the "snitch list" is public information your tax/financial records are not.