Quote of the afternoon
US Army Public Affairs Officer Col. Steve Boylan to nutroots blogger Glenn Greenwald: “…it is nice to live in a fantasy world.”
Update: See all the latest developments at Jules Crittenden’s.
Posted in: Iraq, Scott Thomas Beauchamp
See what others have said
Note from Michelle: This section is for comments from michellemalkin.com's community of registered readers. Please don't assume that I agree with or endorse any particular comment just because I let it stand. A reminder: Anyone who fails to comply with my terms of use may lose his or her posting privilege.
Trackbacks
- Take Our Country Back
- First Manassas « his vorpal sword
- A Military of the “Republican Right-Wing Noise Machine” at Forward Deployed
- Junior High School Confidential « his vorpal sword
Comments
You must be logged in to post a comment.
Categories: Iraq, Scott Thomas Beauchamp
Pundit & Pundette
» Obama's drop in popularity and Michelle's handbag controversy
Pundit & Pundette
» Is the tide turning?Patterico
» Democrats Attack the CIATigerHawk
» The Blue Dogs are barkingRiehl World View
» Classless Paid Sarah Palin Assassin Mike Murphy (R)Weekly Standard
» Anchor MenRedstate
» $18 Million to Redesign Recovery.gov
That says it all!
Paging Ron Paul, paging Ron Paul.
correction: GG should be: Colonel Steven A. Boylan, Public Affairs Officer for General Petraeus.:)
Best not to pile on this story just yet. The Colonel denies writing that e-mail. Something is not right.
Colonel Boylan denied writing that email but apparently is has been traced to his IP address in Iraq.
So either he’s lying about writing it or someone is able to send fake emails from his Iraqi IP address…neither of those of good things…
Although I agree with the sentiments, don’t they seem a bit over the top for a
Colonel, a PA Officer for the top General in theater?
I wouldn’t be surprised if this is a stunt document to equate, or at least “muddy” the authenticity of the Beauchamp transcripts. In essence, a phony talking point for the nutroots to run with.
Then again, maybe Colonel Boylan has some Patton in his blood.
Nice.
I am also glad he acknowledges Alan Comes as the talent. 98% of the time I don’t agree with the man …but never with his facts. Just with his interpretation of them. Alan is one of the least irritating liberals out there.
Sock Puppet GG is looking for an IP sleuth to confirm the validity of the email. Ace Ventura has declined the assignment. Does anyone know where Sam Spade is?
laying the smack down on the loony liberals
GG says: wahhh!
I wonder if that includes removing keys from computer keyboards, ala the Clinton years…
I’m inclined to agree with #6 - BrianNY on this one. Probably a smokescreen.
This email is easy to spoof. Here is why.
The originator address for the email is from a mail server at ip address 10.70.20.11
That ip address is from one of the reserved ip address blocks for private nodes which are basically address that refer to a piece of equipment or software on your internal lan and not out in the internet land where mail travels around.
All I have to do is setup a mail sending program on a server match it up with the same ip internal address in it’s config file, scam the same ip in my net router that that the wide area network sees and have my mail sender configured to port its outbound email to the second in line mail server in the path chain for a real email from the PAO and boom I just made it look like it came from them.
It is one of the oldest tricks in the book that commercial spammers have used for years to keep return mail from people tired of getting all the spam to send hate mail back to them but instead it goes to some poor unsuspecting slug who they are pretending to be.
If for some reason I cant insert the email at the first point in the custody chain I can do it any where along the line before the endpoint where I can find an open server in the path as long as I fake the nodes in the list that existed prior to the insertion.
CommentGuy…
You obviously know a lot more about emails than I do. I hope you’re wrong because I absolutely loved reading this email. We’ll see how this plays out.
The irony meter explodes when Greenwald/Ellensberg/Ellers start whining about Sockpuppets.
The bogus email will reach the endpoint if I can find an open insertion point.
Very busy email servers will not usually compare the incoming mail header with the actual ip address of the sending mailer because of all the overhead it takes to do that if you are handling millions of emails a day average traffic.
The only way it will be known is if someone searches for it in their mailer log or if they are doing the checking and then it would fall into their bad mail bin and not be passed down the line.
#12 -
I have to say, I will trust your judgement because you sound like you know what you are talking about - I hope it is not true though
Unfortunately, reading your post (for the feebs) = about the same reaction as I get when biting into a popsicle with my front teeth.
IT people in my company usually avoid me at all costs.
Sure — if you’ve hacked into Salon’s mail servers or Centcom’s mail servers. Otherwise, not so much.
Also, “Dread Pundit” needs to learn how to read. Greenwald never claimed that the excerpts he posted were the entire e-mail. Greenwald linked to the entire e-mail — it’s not like he’s hiding it.
Mark
As long as I can find an open server any where in the chain to accept the email where I am faking the header info I am home free unless someone takes the effort to ask each mailer in the chain it went through to check their logs against the mail header data.
High traffic servers generally do not do that kind of validation and in fact many of the set the log detail to the lowest level or turn off logging completely because of the overhead of the processing time to log the information and the disk space required to store the log itself.
Even after checking the mail chain to find out where the bogus email was inserted then they have to go through all the points the email traveled getting to the mail server back to where I logged onto the net to send it to start with.
If I do it through a public wifi hotspot I can send the email in under a second and am gone with a big poof with not a single way for anyone to prove who the bad guy was.
What I have described is how it can be done from the outside net to worm a bogus email into the system.
The weak point of the email routing structure is the inside job.
Lets say the email in this case for the sake of argument went through BellSouth or now AT&T at some point in the path.
If I have a buddy who works in the IT staff and I IM him with enough info he could play a gag on Glenn by insertion of a bogus email into the stream directly on the mail server as long as he is smart enough to disable or bypass the fact he is doing it from a local login to the system.
This was a public routed email it was not an end to end encrypted mail bundle or a VPN (Virtual Private Network) tunnel through the ip world.
Any script kiddie wannabe hacker could do this in their sleep.
Agreed, in theory, but did you look at the headers? It went from Centcom to Salon to Greenwald.
That would require a breach in Salon’s mail server or Centcom’s mail server. There are no other points of injection.
Also consider that the signature was the same. Consider that the writing style was the same (this may be the hardest thing to spoof!)
Occam’s razor says that Boylan wrote the e-mail and now he’s lying because it makes him look bad. Note how he’s rude and evasive in his replies. He’s cornered, and he’s losing his cool.
If the Colonel did write it, I say Give him a medal. Heck, even if he didn’t write it, give him a medal.
I read the first line of it and knew he didn’t write it.
First of all, as a PA he’s not really allowed to write emails like that. And as a Colonel he would know better.
If he did write that email, he would not have listed his name and rank at the bottom of the email. If he did do that, he’s stupid. He will get into trouble for writing something like that.
Unfortunately for the military, they fight for freedom of speech but they do not have it. My father can not comment on websites, issues, write letters, anything. Occasionally, he’ll write me and ask me to post something on something. Or my mom will do it. But as an officer in the military, they are severely discouraged from writing letters like the one in question.
After reading through the list of Greenwald’s updates … I’m still not convinced.
I’m trying to remember if secretaries have access to Colonel email (if Colonel’s have secretaries I guess is what I’m getting at.)
My first reaction was … no PA wrote this. If he did … he’s a really bad PA and probably won’t get to keep his job.
Once you break the chain at any weak link in the path the email travels ( and Glenn provided all the info you need to do it ) a script kiddie could have either end or both sending Valentines Day greetings to their favorite 4 legged friend at the nearest petting zoo and no one could prove a single thing short of maybe NSA if they had a warrant and were watching the traffic.
The whole thing reeks of a non-story, ie, phony story but, it is fun making the jerk look more like a jerk.
Yeah, once you break the chain. Which is my point. The only way it is a spoof is if Centcom’s or Salon’s e-mail servers have been compromised, such that someone could forge a message at one of those two points. Beyond hacking in to one of those servers, they would have already have to had access to mail that had been sent from Steve Boylan (headers and all) so that the private IP and appropriate MS Exchange headers could be forged. Then, they would need to have had access to a lot of writing from Boylan in order to copy his distinctive writing style.
All this to write a mildly-damaging letter that Boylan could just deny writing.
That is quite a conspiracy theory for such a small payoff.
Here’s my theory: Boylan is a rude military spin doctor who got angry and fired off an e-mail that he regretted having written. Instead of manning up, he decided to deny having written it.
I am thoroughly enjoying Comment Guy’s and Mark Jaquith’s take on this one. My gut senses some I/T shenanigans, only because I can’t believe one of the most important PA officers (and a colonel to boot) would pen such a personal letter in such a tone.
We shall see…
Hey, I’m still waiting on an answer to the Columbia University/noose scandal = why haven’t the NYPD announced a suspect or person of interest WEEKS after they were so certain that the professor had NO involvement?
Been doing a little snooping around for info on the net and I have been able to determine the Salon server sits in NYC and the Military Server that forwarded the Email to them sits in Baghdad. That server routes its traffic back to the US via Stuttgart Germany among other places. But eventually it surfaces in the US via the NIPR net gateway in Washington DC.
The point of saying all that is that there are at least 20 or more hops from Iraq to NYC. Any where along the path if someone was on the inside and had it in for someone he considered to be a dork when he saw this flap boiling up could have inserted a bogus email as a man in the middle attack or like I said before a script kiddie with the right software could easily dump it in at a DC wifi spot with an anonymous login.
An unencrypted plain text or html email has multiple ways of being spoofed.
The only way you can insure that an email is from a specific person is to have the email digitally signed with a valid certificate or as another possibility to send it encrypted with a program similar to pgp which will have the public key as part of the email body info and then the salon server would have to retrieve the other half of the key from any of the pgp escrow servers to decrypt the email which would validate the sender.
Since that did not happen here there is almost no way to prove it with 100% assurance.
My gut feeling is that unless the PAO flipped out its a fake. By now MNF Iraq without a doubt has heard of the flap and my guess looked at all their mail server logs and such and know the story for sure, including having a look see at any computers the PAO has mail access from and if their even exists an email with the matching message body.
For most any secure mail relay server there may be a person who can login and access the mail server itself and could fudge with the emails. But to keep from having that one person from playing with things they usually locate the logs for the mail program on a different server and don’t allow the person who accesses the mail server to have access to the log server thus he can remove the entries related to his fussing with the email server from the logs to cover his tracks.
The weak point is if the mail server guy and the log server guy are good buds they could work together to do an undetectable insert and no body would be the wiser.
MM’s link to Jules Crittenden shows a further exchange between Glenn Greenwald and Col. Boylan:
CommentGuy,
If it is difficult to prove where such an email routing breach could have occured, could it be easier to prove that the email received by Greenwald wasn’t the same message sent from Col. Boylan’s address…if that was the case?