From the Underworld comes the Troll

Recovered from the Wayback Machine

(Insert your favorite mental image of troll here)

Introducing the troll

We all know what a weblogging troll is; it’s the person, man or woman, who writes a comment or comments in post after post trying to pick a fight with one or more members of a comment thread. This is not to confuse the person with the random abuser who comes in through Google and writes, ‘This site sux’ or something to that effect. No the troll is nothing if not persistent.

A troll can appear, day in and day out, and almost become a friend through familiarity. Almost.

Sometimes the troll only appears when you post on a specific topic. Other times they appear after a long absence, write a flurry of nasty comments, and then disappear again.

I know of one troll who is fast gaining somewhat legendary status among many of the weblogs I frequent for the length of his comments; not to mention the vitriolic nature of most of his writing–when you can understand it.

Now, we can all get into little flame fests in comments, and this isn’t necessarily a bad thing; after all, if this was all sweetness and light it would be extremely dull. In addition, we can all get cranky, passionate, determined, angry, pissy, whatever depending on topic and other people’s responses. But this is not the same as being a troll.

No, a mark of a troll is that their only purpose in commenting in your post is to pull attention away from what you write, and what others write, on to themselves. They want the spotlight, but rather than start their own weblog and maybe dwindle into obscurity (and a troll most likely will, because they primarily only know how to write in an antagonistic style), they’ll come and steal yours. In doing so, they’ll wreck havoc on your space and what could be a good discussion thread.

What’s frustrating about a troll is that they’ll tell you what you’re doing wrong, again and again. If you ask them, then, why they keep coming back, they’ll say something to the effect of, “It’s a freeworld and I’ll go where I want to.”

You can’t appeal to a troll’s better nature to just leave, and it’s illegal to shoot them. So what can you do with a troll?

Bake them, mash them, put them in a pie…

The surest approach is to turn off comments, or require stringent comment registration.

Unfortunately that’s allowing your space to be controlled by another person–a malevant person who wants nothing more than to demonstrate his or her power. In addition, you lose out on the casual passerby who also happens to have something pretty terrific to say; or to the anonymous person who again, has something worthwhile to bring to the topic.

You can keep your space open and delete the troll’s comments, instead.

A good approach. However, this carries with it a risk. For instance, the troll could keep coming back with the same comment, forcing you to spend a lot of time cleaning your comments. In addition, other people will invariably respond to the troll, so you’re left with the dilemma about whether you should delete their comments, too.

You could also block them, by blocking their name or IP address.

This is usually not effective. The troll will just switch providers, or even use a proxy to write their comments; blocking on an IP is not worth the time. Also, anyone can change their name from comment to comment.

In addition, there’s an unsual risk associated with this one. When I blocked that aforementioned troll, who is getting a dubious reputation of troll extraordinaire, he actually went into other people’s weblogs who I read and started writing about me. Some of what he wrote was just odd; others of it was a deliberate attempt to embarrass me. Then I was forced to have to ask the weblogger to remove the comments; not all were happy about having to do this, because they didn’t believe in deleting any comments.

I now have a policy in my comments that you don’t use my space to bash another if the other isn’t around to defend themselves, or if the other isn’t the topic of the post.

Reason with the troll

You’re kidding, right?

Okay, so what can you do.

Don’t feed the troll

Ignore them.

This was the hardest one for me to learn, and is a policy difficult to adhere to at times. However, unless their comment is pretty horrible, letting it slide and not delete it or even acknowledge it exists is a very effective weapon against the troll. It takes away that power they wanted. Nothing deflates the troll more than to just ignore them.

More than that, though, you have to educate your other commenters to just ignore the troll.

There’s a couple of primarily political weblogs I read that have a very persistent troll in them (not the same troll). These are people who write comments almost invariably counter to the general flow of conversation; enough to know that they’re not writing about what interests them, or responding to the thread, as much as they want to pick a fight.

In each of these sites, they get their fight. The other semi-regular or regular commenters almost always fall for the bait and respond and the thread degenerates into an incoherent brawl. Eventually the site owner will come in and say, “If you don’t like what I write, why do you come back?”Of course we know why he or she (mainly he I’ve noticed) keeps coming back — look at the nourishment they suck out from the post and the comment thread each time they come back?

What the site owner should be saying is, “Folks, stop feed the troll.” In other words, educate your other commenters not to respond to the troll.

This isn’t to say that you should ignore people who disagree. Disagreement, even passionate, satirical, biting, snarky disagreement is healthy in this environment. If a person is disagreeing with the topic, you can tell by their writing that they are responding to it.

The troll, on the other hand, is not responding to the topic as much as they are trying to take over both the topic and the thread. Sometimes the difference is subtle; after a while, though, you’ll see a pattern form, and you’ll know if you have a passionate commenter who disagrees, or a troll.

However, even ignoring the troll may not impact on the densest, most obtuse, of the breed. That’s when you have to bring out the big gun…

The big gun in troll defense



Good intentions do not compensate for bad organization

I had volunteered for TechWatch because Missouri is one of the states that had contested election results in 2000 and several of the counties are using the electronic voting system. I heard that they needed experienced tech people, especially people familiar with PHP and MySQL.


One of the emails I received was a call for someone who was an expert database person. I responded, and was sent an Excel sheet with all of Missouri’s counties and asked to find and call the registrar in each and get what voting machine they’re using. Since there is no 800 number that would mean spending about 3 days total in long distance calls on my dime. At the time, extra dollars were scarce.

I declined this ‘expert database’ assignment.

Finally a week or so ago I got my assignment. I was to be the tech support for the EIRS system at a lawyers office in Kansas City. They had me assigned all day, but I informed that I need to vote first, so they put me on afternoon and evening. Okay.

So what is this system, where is the lawyer’s office, and when do I need to be there? Well, this information is forthcoming they say.

I get another email to turn into these phone conference training sessions. Hmmm. Well, okay.

I call into one this afternoon, and get connected to the conference room. I hear a woman trying to instruct people but she’s constantly interrupted with:

“Someone has entered the conference.”

(Person’s name)

“Someone has entered the conference.”

Eventually this was joined by:

“Someone has left the conference.”

(Person’s name)

In the meantime the instructor is having us pull up a Powerpoint slide presentation that is supposed to teach the people how to use the EIRS system. Not mockups of the EIRS system (which is web-based) — a PPT slideshow of it.

I think I said this once before, but this is wrong on so many levels.

I listened and the instructions were for how to take an incident report, nothing on technology. I asked if this was for the tech support people, and was told, no this was tonight.

I call the conference tonight.

“Someone has entered the conference.”


“Someone has entered the conference.”


One of the people connected was from Florida. Another woman cut across the conversation and said she and others were heading down to Florida to monitor these elections — was there a place for them to stay? She wanted to avoid a hotel room. The man paused, and then replied that they were replacing the floor of their home, which was lost during the hurricane, and couldn’t offer a place; but he’d recommend some good places to stay.

(Something all those with good intentions might think on — how much is all of this imposing on a state that’s been badly battered by storms not that long ago, and is now faced with a mass convergence from outsiders, in order to Monitor the Polls. Poor Floridians, yet another hurricane: Hurricane “Oh-hell-we’re-really-screwed-now.”)

Anyway, back to the conference. We were directed to another web page which has a bunch of links. I look for something about technology. There is, but this is for the Poll Monitor people — those monitoring the voting machines. I’m not doing this; my assignment is to provide tech support for the people in the lawyer’s office that are getting incident reports from the field.

And I really don’t want to hear the history of voting machines.

“Someone is leaving the conference.”

In a few days time I have to go somewhere in Kansas City, at sometime during the day, and do something that may or may not be related to technology for something that may or may not have to do with the election. And this is the organization that is monitoring the use of electronic voting machines–to make sure they work right, and that no irregularities occur.

This election is in deep, serious trouble.



Recovered from the Wayback Machine

Excuse me.

The Delta Airlines flight attendant was not fired for blogging. She was fired for posting photos of herself in a rather provocative pose, wearing her uniform, on one of her company’s planes.

She was fired for posting the photo, and that specific photo I have no doubt – not for blogging. If she had posted the photo outside of the weblog, guess what? I have no doubts she would have still been fired.


Following on the theme

Recovered from the Wayback Machine.

Following on the theme of how we can have a lovely time in London, thanks to RDF and the seman…ooops! Semantic Web, has pointed to another set of RDF data related to travel: OpenGuides .

According to the site, OpenGuides is a network of free, community-maintained “wiki” city guides to which anyone can contribute. More importantly, the organization promises to ensure openness of the data by providing RDF/XML for each travel node.

Now this is both great, and a challenge. You see this is a wiki. By ‘node’, in wiki parlance, this means you get RDF/XML for the pertinent page information. So for London, what you’ll get is:

< ?xml version=”1.0″?>
<rdf :RDF

<rdf :DDescription rdf:about=””>
<dc :title>The Open Guide to London: Home</dc>
<dc :date>2004-10-18T21:51:10</dc>
<dcterms :modified>2004-10-18T21:51:10</dcterms>
<dc :contributor>Earle</dc>
<dc :source rdf:resource=”” />
<wiki :version>70</wiki>
<foaf :topic rdf:resource=”#obj” />

<geo :SpatialThing rdf:ID=”obj” dc:title=”Home”>ies –>
<dc :subject>Wiki Info</dc>

<!– address and geospatial data –>
<city>London</city> <country>United Kingdom</country>

<!– contact information –>


(Sorry for the smiley in the code – an annoying, buggy, piece of clever coding on the part of the WordPress developers inserted it. I don’t use smileys. I detest smileys. No offence FOAF people.)

Of course there is more to London than this. However, you have to access each wiki page, and then access each RDF/XML file to get that pertinent bit of information.

To be effective, one would have to build a bot trained to a wiki architecture (where links may or may not go to something that exists), and that can consume any and all related RDF/XML files. It can then be turned loose at a specific wiki; to return to its owner, engorged with lots of juicy, and fully fleshed, data.


In other words, you would need a wiki-aware Smushbot.


ICANN: Enabling the stalker

You’ve had a weblog for a couple of years. You started out with a Blogspot weblog, but have since started your own domain.

You write about politics, but also about your life and interests, just like most webloggers. You’re aware of not giving away much about yourself, so you don’t talk about work or the private, intimate details of your life.

A couple of months ago, you bitched about having to get up so early because you had to be at work. Last week you talked about how early the sun is setting now and it’s almost dark when you get home. It’s full dark when your husband gets home.

Last weekend you and the hubby splurged on a new eMac. You worry about the expenditure because you also bought one of those new Panasoic TVs that project color on the wall behind the TV. You joke how you’re a sucker for all new gadgets that come out.

You’ve made halloween costumes for your kids — look, here’s photos of them. Aren’t they cute? Little Jim is eight and Barbara eleven now, they’re growing so fast. You think about taking them trick or treating, but you don’t know the neighborhood, you haven’t met any of your neighbors. How, when everyone works during the day, and have other activities on the weekend.

Oh, and you’re going to vote for Kerry.

Now, what’s so personal about any of this, and how can it enable a stalker. Shelley, you’re paranoid

Here’s what I know

From your information I know that you’re married, with two young kids. I know that both you and your husband work and are gone during the day. I know about what time you leave for work, and about what time you get home. I also know your husband is home later, which leaves you and the kiddies alone for a time.

You’re not the only one that’s gone during the day — most of your neighbors are, also. And just think, you have a house full of wonderful, and expensive, electronics.

You don’t have a man-eating dog named Bruno protecting the place as you never talk about him.

But then, you have these two cute little kids, and my that’s a pretty little girl, isn’t she?


Of course none of this matters because no one knows where you live. Except…

Except that you have a domain name, and a whois on that domain not only provides your name, but chances are your address and phone number, too.

Let’s face it, an online existence is full of exposure no matter how careful you are. However, it’s made even more precarious when stalking is actually enabled by an organization such as ICANN.

How ICANN Enables Stalking

ICANN is the Internet Corporation for Assigned Names and Numbers, and is the organization responsible for DNS, or the Domain Name System. Anytime you access a site by a name rather than an IP address, you do so through DNS, under the auspices of ICANN.

When you register a domain, at something like Dotster, which is one of my registrars, you’re working with an ICANN accredited registrar, who then ensures your domain name is connected with two different name servers — one as primary, the other as backup. These nameservers, then, are the servers that provide the actual domain name/IP address mapping. For example, this site is using nameservers provide by the hosting company, Hosting Matters.

All of this works remarkably well, and for much of the criticism of ICANN, we have seen it manage an explosive grown in online presence and activity. However, where ICANN fails, and fails absolutely miserably, is in maintaining the privacy of domain holders.

If you go out to the ICANN FAQ, one of the items on it is a response to the question, Will my name and contact information become publicly available?:

Information about who is responsible for domain names is publicly available to allow rapid resolution of technical problems and to permit enforcement of consumer protection, trademark, and other laws. The registrar will make this information available to the public on a “Whois” site. It is however possible to register a domain in the name of a third party, as long as they agree to accept responsibility — ask your registrar for further details.

In other words, to have a domain name, you have to provide contact information. If you do, anyone can use the Whois database and look this up. Anyone. If you try to obscure your contact information, you risk losing your domain.

Why do this? In a nutshell? Intellectual Property rights.

ICANN states that the reason they do this is for resolution of technical difficulties, but is rarely used as such. It’s also used against those who abuse their ISP’s domains or perhaps spam people, but having this information doesn’t do a bit of good. If you don’t get the response you want just by emailing the person responsible for a domain, it’s very unlikely you’ll do any better if you call them, or visit them. Those who have trapped email addresses from comment spammers and contacted the ISPs have discovered this for themselves.

As for illegal activities, well we all know how secure the Internet is from government agencies. Not.

No the main reason for this is so that people can legally go after those who violate their intellectual property rights, either by using a trademarked term at their site; or using copyrighted material such as photos, text, music, and other media in their pages.

That’s it–the reason most of us are exposed to stalkers of one form or another is so that Disney can protect it’s damn Mouse.

Recently a Whois task force was created to address domain names, Intellectual Property issue, and privacy. In July of this year, Robin Gross of IP Justice sent a letter to ICANN saying that ICANN threatens civil rights. In the letter, Gross wrote:

ICANN’s Whois database of personal information (including name, telephone number, home address, and email address) on millions of individuals who register domain names raises a number of significant civil liberties implications. Over-zealous intellectual property holders use the data to threaten and harass people who often have a lawful right to engage in the online activity but lack the resources to defend themselves. Law enforcement agents access the information in the course of investigations, skirting constitutional protections such as due process of law. Although originally collected for “technical purposes”, the Whois database of personal information has become a virtual honey-pot for abuse, irresistible to those seeking identifying information for any reason.

ICANN’s current policies regarding the Whois database of personal information threaten a number of fundamental freedoms, such as freedom of expression, the right to anonymity, freedom of association, and individual privacy rights. Although setting Internet governance policy, ICANN, a private corporation, makes rules that governments would not be legally permitted to make. Many national constitutions and international treaties guarantee freedom of expression and privacy rights to the public that ICANN’s Whois database policies routinely violate. Since ICANN is a private corporation, and not a government, it is immune from the procedural due process guarantees and other civil liberties protections enshrined in most national constitutions and international treaties.

ICANN forces Registrars to violate privacy laws by publishing registrants’ personal information without their consent. And it undermines fundamental freedom of expression and association guarantees by prohibiting anonymous website publishing. To have any legitimacy, ICANN’s policies for management of the Whois database should, at a minimum, measure up to the standards agreed to in international treaties and national courts dealing with freedom of expression and ensuring consumer privacy protections.

You can follow more on Whois Privacy at this ICANN page. If you look at the summary report from the task force’s effort, you’ll see a lot of analogies with cars and bikes and how ICANN needs to change, but change is best in small steps.Which goes to show that the task force has, to all intents and purposes, not listened to the people who sent letters such as Mr. Gross from IP Justice.

As it stands now, the full Whois privacy statement given to registrars to use can be seen at the ICANN site and includes requirements such as having to provide a postal address, complete phone number information, all of which has to be updated yearly (I’m currently overdue for all my domains — I’m thinking of setting the mailing address to Disney’s home headquarters.)

When you do, unless you specifically tell them how to remove you from the lists, you’ll get letters from people trying to intimidate you into registering all variations of your domain (such as,, and so on) or you’ll lose your site ‘identity — not to mention the ocmpanies trying to steal you away from your current registrar.

Even Google, which provides phone number and addresses for people if you search on a name and a city, has an easy to use Phonebook removal page to remove yourself from Google’s Phonebook. ICANN needs something as easy.

(Note to many of you I know — you’re still in the Google Phonebook. In fact, to demonstrate the dangers of this, I came close today to calling several of you, to breath heavily into the phone; except for some odd reason, I was pretty sure many of you would enjoy this, and that’s too kink for me. Regardless, may I suggest you search on the head of household name and city or state and if you see yourself, remove yourself?)

What can you do

Some of us can do more to kick ICANN in the butt about privacy more than others. And hopefully will, and quickly. For the rest of us, you have a couple of options.

First, you can register with a Registrar that’s willing to provide you with a contact for your domain. What this means then is that this contact information will show up in the record during a Whois lookup, not yours. It’s legal, because if they get contacted about your account, because bad you has copied someone’s Mouse picture, they’ll pass that contact on to you, without revealing your name or other information. This is the securest, safest approach to take.

(I’ve started a page at the Wiki to collect URLs for registrars who provide this type of service. If you know of any, and don’t see them on the list, please add them.)

Failing that, you could consider getting a post office box and using this for your address, but this exposes your name and phone number. Of course, many of us put our names with our sites — but not all.


What never fails to amaze me is how the US is leaning towards re-electing the current President largely because of his handling of security against terrorists. We’ve spent billions on this — enough to have provided adequate health care coverage for every person living here. We’ve given up our freedoms, and antagonized other countries. We’ve even invaded another country.

Yet we’ll get weblogs and post photos of our kids on Flickr, start weblogs for our kids, get domain names with our address and contact information, and tell everyone every last bit of our day to day itineary.

Not only that, but we post photos of our home — inside and out– and also provide loving detail of all the nice new gadgets we’ve bought, not to mention our software and music libraries.

We tell everyone where we’re going to be, and when; especially when we’re going to be out of town, and our homes empty. And we think nothing of announcing a general meetup with anyone in an area who wants to come.

I think our priorities are a little off.

Some more safety tips:

  • In addition to using a registrar who will hide your contact information, you should get with your family and establish a security politicy for online activities. This includes monitoring who your kids chat with, as well as talking about what will and will not be featured on weblogs.
  • I love to see pictures of people’s kids online, but this is not a good idea, unless you are weblogging anonymously.
  • Tell people about your trips — after you’ve returned. No need to talk about it before hand. If you want to meet up with people in your destination city, choose from among the people you know already and contact them directly.
  • Don’t give out daily routine information, about the road you travel, and the hours you work. And don’t blare out for all to hear about your home being empty, or your kid all alone.
  • Do not every mention your kids school, or show pictures of your home or other importatant locations in such a way that the addresses can be derived.
  • If you have grandkids, sure post photos of them. And talk about their recent visit — but don’t tell people ahead of time on your weblog that your grandkids are coming to visit this coming weekend.
  • If you’re a pretty young woman (or boy) and you want to post your address and phone number and semi-naked photos of yourself everywhere, please don’t come crying to us when you get stalked — use some common sense.

Use some common sense. That’s the key. We don’t have to be paranoid as much as we should be aware.

I’m one to talk, as my domains are currently wide open. However, now that I have the bucks, I’m in the process of moving my domains to a registrar who will protect my information. Until then, my address is there for all to see. That’s great: send me birthday cards in a couple of weeks, or roses now. Better yet, make that orchids–I love exotic flowers.

After all, I can trust all of you. Right?