Category Archives: Uncategorized

How Ashley Madison cheated me by not verifying email addresses.

Results from

Results from

The earlier you got a Gmail account, the more likely it is to appear on the Ashley Madison hacked user list. This assumes you picked a short, easy to remember username on Gmail. You are also likely to:

  • Send money in India via mobile payments on a daily basis
  • Submit applications to start home mortgages in multiple states under multiple names each year
  • Get added to a dozen political campaign lists every season
  • Not be able to use your email address on sites as popular as because someone, years ago, already used your email address when they signed up for an account

Pretty much anything popular that doesn’t require a verification of email, you’ll eventually get signed up for.

And by “you” I may mean you, but I certainly mean me.

My Gmail account is a decade old and has a short username that is super easy to remember. I get compliments on it when I give it at the dentist and doctor’s office (hey, I will take all the compliments I can get), but it can come with annoyances.

I remember seeing an Ashley Madison email appear in my inbox sometime in the last year. I figured it was likely a phishing attempt and marked it as spam.

Yesterday I ran my email address through a couple sites that are hosting the Ashley Madison hacked email list, and there was my email. Still surprising, but somewhat expected, given what I indicated above. One lookup site was nice enough to put this in the results:

xxxxxxxx@gmail was found. However, someone else could have signed up using their email addresss

Are the email addresses verified by the account owners?

No. It is possible someone accidentally or deliberately registered with the wrong email address. Determining the likelihood of this is left to you.

You’d be amazed how many people apparently don’t know their own email addresses, so be skeptical about the results, especially if the person’s name is common.

And that’s the thing with Ashley Madison. They sign up users without verifying email accounts and then proceed to email, almost daily, if my spam and Social Promotions Gmail tab is any indication. My email account is composed of roughly 30% relevant personal emails, 60% lists I signed up for, and 10% emails where someone else signed up for something, using my common email.

To be clear, I didn’t sign up for Ashley Madison.

I would like to look up the Ashley Madision account details, associated with my email address. I am in the small percentage affected by hack, where having access to the actual information associated with the email address would be a benefit. But that is fairly difficult to do.

To quote Gawker:

The hacked data is also (until someone inevitably makes it easily searchable), a huge pain in the ass to sift through. The leak is basically an enormous, unwieldy text dump chopped up into a handful of folders.

When the database gets release in an easy to read format, I will have a look, if there aren’t any legal risks, and update this post, . Having a popular email address is causing enough annoyances, as it is, without risking some malware install from a Dark Net zip file or a Pirates Bay file. All I know about the account is what I found when I clicked on one of the links that was in my Google Social Tabs folder.

AM Screen Cap

Including this screen cap as it doesn’t seem to include any detailed personal information.

I am fortunate that my wife knows me well enough and our relationship is solid enough that isn’t necessary for me to go searching Tor or Pirates Bay for the database and learn how to navigate Open SQL (right, honey? right? – she is my editor). Editors Note — I believe him. We researched this piece together. I also looked at the account in question.

She also knows about getting signed up for things based on a common email address. She got her Gmail account a decade ago. Her two-name email is signed up for random lists almost weekly by other people. She even she gets important documents intended for other people of same name, and she tries to educate the sender. I just hit the spam button.

Someone who chooses an obscure email address is less likely to have it entered by someone randomly, but it does happen. Does this provide plausible deniability to the 30+ million people who were in the Ashley Madison database? Likely not, but I have to imagine tens of thousands of people fall into a similar situation.

On Twitter, I experience something similar. I have used @JoshD on Twitter for close to three years and routinely get @messages intended for other people whose users names begin with “@JoshD”. They are either incorrectly entered or simply get cutoff when some app does a manual retweet.

If you have a short username on any popular network or services, you may have experienced the same thing.

The Ashley Madison hack is a potentially destructive to some people and a diversion for others. I felt like writing about my experience with this cultural phenomenon as it may be relatable to some of my digitally-active audience. I am not vain enough to think everyone (or even anyone) I know is entering my email address in these lookups, but this database is going to live on the Internet forever, so I also don’t want anyone to get the wrong idea.

This hack has more importance to the personal lives of more people than any hack before. Most of us have had some of our personal information hacked before. The fact that I have an Adobe software subscription isn’t judgement-worthy. That fact that my email is associated with an Ashley Madison account likely is.

Digg has put together a good list of information on this hack if you are wanting to get caught-up or explore this issue further.

I chose to not list my email address on this post. If you know me personally, it is the primary one I use for the last five years, but given all the security issues around it, I have left it off. If you are a journalist who has access to the full data base, I am happy to provide my email address (and authenticate it) in order to get the details associated with the account and answer any questions.

Have constructive comments? You can leave them below or you can message me @JoshD. If you get the username wrong, I am sure someone like @Josh will completely understand. He likely gets even more random tweets than I do.

Pinterest’s Twitter account hacked?

Many Pinterest users have dealt with their accounts being hacked in the past, but this morning, Pinterest’s own Twitter account seemed to have been compromised.

This tweet clearly stood out as not being a normal Pinterest tweet. Clicking on the link directed the users to fake news story on “the power of the Acai Berry”.

Over 20 minutes after the tweet was posted it remains up and had been retweeted 11 times with 22 people favoriting it.



someecards 12 interest facts

12 Things You Didn’t Know About someecards

These popular ecards have become one of the staples of Interent humor and general snarkyness. I wanted to learn more about this company that is everywhere on Pinterest and Facebook. Here is what I found…


1. They didn’t like their own website name

The whole double “e” made it hard to type. People were unsure how to pronouce it. They even considered changing the name a couple months after starting it, but they couldn’t think of anything better. Even now it looks weird typing out someecards. (Source)


2. Valentines Day is when their website is the busiest

Either people are sending the cards to lovers or creating clever ones to celebrity (read: survive) their singleness. (Source)


3. We can all thank Hallmark and American Greetings for not being real

When either of the someecard founders went to existing online greeting card sites in 2008, “there wasn’t a single message there that we’d ever want to send.” (Source)


4. yourecards have gotten much better - When someecards first started allowing user submitted cards it was like,
A year and a half after the site debuted, they started letting users create their own cards (now called yourecards). It didn’t go well at first. The founder compared it to, “walking into a prison — no one in charge, and jokes that were over the top and were more horrifying than clever.” (Source)


5. They are Mad Men with a slice of Onion

Both of the founders were working at ad agencies when they came up with the idea to start the website.  And one of the founders used to work for The Onion. (Source)


6. They tried to get you to vote, but gave up.

No, not vote on the best ecard, but they wanted you to actually vote in government elections. Early on they created the spinoff website It must not have gone well as the site now goes to an Japanese language website. (Source)


7. The New York Times took the unusual approach of using a someecare to illustrate a story on Planned Parenthood funding.


8. Who needs social media?

Sites like Pinterest have obviously raised awareness of the someecards to a whole new level, but one of the founders doesn’t use social media at all. His excuses is that he is working on their site, so I guess we can forgive him. (Source)


9. They predicted Kim Kardashian’s divorce. - Here's hoping Kim Kardashian's marriage lasts until her wedding special airs in October

I know, not difficult.


10. They have a dating site

I guess a shared, blunt and humorous look at the world might be the first step to a lasting relationship. (Source)


11. They whore themselves out.

Ok, way too harsh, but they came from advertising so they have heard all the jokes. Over 25 companies have paid them to create custom eCards for their brands. Walking Dead and Virgin America are two companies that got clever cards made for them. (Source) - In a zombie apocalypse I'd eat you last


12. Apple didn’t always get someecards’ sense of humor

In 2009, when someecards introduced their iPhone app, Apply rejected it. Apple didn’t like cards that poked fun at maligned, but public figures like Roman Polanski and yes Hitler. Apple and someecards must have figured it out because who is more public than Kim Kardashian? (Source)


What do you think of someecards? Do you general enjoy seeing them? Post your thoughts in the comments.



Dot Unicorn Domain Extension

From A to Unicorn to Z. Irreverent look at the most popular new domain name extensions.

ICANN released the full list of new domain name extention applications today. While some things have changed since the last round of domain name extentions (APP is now most requested), many of the most popular extensions could have been guessed at before the Interent even existed.

Here is my irreverent look at the most popular new extensions for every letter in the alphabet.

APP (13 Requests)

When every business has an app, and no one is actually using them, we will still be able to find them. The most requested domain extension starts us out.

BOOK (9)

Books are not dead, but somehow I doubt these groups are thinking of paper.


Until the apocalypse, the cloud isn’t going away. Ok, even then there might be a different type of cloud.


It isn’t just Apple telling us that design matters. This term won the ICANN cage match vs DATA.

ECO (4)

These groups actually care about the environment or at least cashing in on it.


How happy was I to see that the word FREE still has some value. Reference: @free on Twitter.

GMBH (6)

I felt I might be out of touch with hipster terminology, but this is actually an abbreviation for a German term meaning “a company with limited liability”. Thanks Wikipedia.

German. Not sure on his hipster credentials or business ownership.

HOME (11)

Trying to figure out if the intended use will be a “home” page or if it is for “home” decor. Thinking the former, but didn’t Google buy our home page (read: souls) from Microsoft?

INC (11)

You should likely register .ink right now. Don’t act like you don’t know anyone that won’t be confused.


Juegos means games. I am sad to say I had to Google this one too.

KIDS (2)

We aren’t having as many of them, but just enough that two groups applied for this extension.

LLC (9)

If you ever started a business you read a whole book that could have been summarized in three words:

Form an LLC


How appropriate that we have a tie. Entertainment isn’t going anywhere, and I am getting tired of movies needing to use 40 character domain names to host their sites.

NEWS (7)

Another supposed dying industry that is still important to our lives. This is true even if the majority of our news now involves cute cats and celebrity breakups.

I am not judging. I follow @Gawker on Twitter. 😐


You are online right now. Did I guess that right?


Sounds like a good night to me.


Scrabble players should have been consulted. They know all the best “Q” words.


Listening to the radio (sorry podcast), sitting in a house (these days more like an apartment) & eating delivered food. They got the last part right.

SALE (9)

Couldn’t figure this one out. Surely all nine of them meant SAIL. Oh yeah, the last quarter of the year, when I can’t stop buying things.

TECH (6)

I predict you are using some piece of technology to view this page. Sorry. Is getting near the end, forgive my lack of intelligent comments.


VIP (6)

Beating out VIDEO, and I know you will be shocked, VOTE. Because everyone likes to think they are special.

Web (7)


A tie only because .XXX was already taken.

YOGA (3)

Hope for humanity. A semi-physical activity has three suiters.



All images credited to me. Yes, me. I paid $1 for the right to use that Unicorn image! 😐 One of the proudest moments of my life.

What domain names are you surprised to not see show up? Add your insightful or snarky comments below.

For those looking for something more serious. Here is the full list of domain name extensions applied for:

GTLD strings June 2012


Kickstarter & IndieGoGo misuses continue to surface with wearable video recording projects.

Vergence Lab’s Kickstarter project suspended.

Wearable glasses that record video are becoming a becoming a “lense” which puts the focus on some of the key issues with crowd funding. A previously popular project, Eyez,  has been labeled as theft, and a new project by Vergence Lab has been suspended by Kickstarter and now resurfaced on IndieGoGo. While the Vengence Lab teams seems to have some technical expertise and mainstream press coverage, their apperent spam techniques likely resulted in their Kickstarter suspension and even prompted a Google Glasses engineer to comment on the situation.

Wearable glasses that recored video

The Eyez by ZionEyez HD Video project was a hit on Kickstarter raising over $340,000 in July of 2011. But since the funding was raised, the project creaters have not delivered the product, and updates have gotten less frequent. Chase Hoffberger wrote a piece on this situation that leads with this line, “Kickstarter bandits have made off with nearly $344,000.”

I was actually a backer of the Eyez project. I wasn’t particuarlly upset about the lack of actual results, but it has made me think more deeply about how the Kickstarter system works. It also linked me (or at least my email) with the likely designation of “a mark”.

Email Spam

This morning I received an email with the subject line:

Holy crap! Even better than Google Glass

The body of the email stated:

Social video glasses record your life handsfree!

Look at this fun crowd-funded project at IndieGoGo!

Social electric eyewear video-record your POV experience:

Tell your friends and help spread the word!

To unsubscribe:

At first I thought it was just the Eyez guys doing the project again, but after reading coverage by The Daily Dot and BetaBeat, I realize it is different group…

Vergence Labs

Vergence Lab’s IndieGoGo page.

Vergence Labs looks more legitimate with at least one of the member having a Stanford degree as well as a history in being in the incubator program StartX. They also got a brief writeup on Tech Crunch.  Unlike the Eyez project, Vergence Labs seem to have a working demo as evidenced by their IndieGoGo video gallery.

But as the BetaBeat article indicated, Kickstarter suspended the initial project hours before it would have successfully been funded.

Despite Vergence Lab’s more legitimated pedigree, the email I was sent was spam. I had no previous association with IndieGoGo or the Vergence Lab’s team. The email address it was sent to is not one I use regularly. The most likely scenarios are that Vergence Labs got hold of the Eyez email list in some way, or someone is trying to set them up. I would think it was the latter, but…

Twitter Spam

The IndieGoGo project being promoted with @spam on Twitter.

Vergence Lab is using bots to send spammy @messages on Twitter promoting the IndieGoGO project at the rate of five tweets a minute.

Example account:!/HyperViral

On Friday morning it looked like they were slowly  shutting down the @message spam, but it has increased again this afternoon.

Based on looking at Twitter url sharing records, they sent over 10,000 Twitter messages just associated with the IndieGoGo project.

Since Kickstarter won’t comment on why projects are suspended, we won’t be getting an official word, but it is likely that  the Twitter spam is the reason that the project got suspended. Kickstarter’s Project Guidelines naturally prohibits spam to promote a project, and the guideline actually mention @message spam in particular.

I got in email contact with a representative of Vergence Lab and sent some questions. Since this spam is ongoing and the project continues to get backers, I will add any of their comments if they respond.

Google Glasses engineer comments on the aggressive/spam nature of promotion.

Stephen Lau, a senior software engineer at Google, likely got it right when he answered a question on Quora about why the Vergence Lab’s Kickstarter project might have got suspended. He wrote in part:

(Full disclosure: I work on Glass and have no particularly strong opinion on the Vergence Labs Epiphany Eyewear product one way or another)

I suspect it was likely due to the spam (or perceived spam) sent by “Sergey ‘Grin'”, or perhaps the comments left on many articles/blogs covering Project Glass pointing readers to the Vergence Labs Kickstarter.  The Kickstarter Community Guidelines at do explicitly say:

  1. Spread the word but don’t spam. Spam includes sending unsolicited @ messages to people on Twitter. This makes everyone on Kickstarter look bad. Don’t do it.
  2. Don’t promote a project on other projects’ pages. Your comments will be deleted and your account may be suspended.

Implications for crowd funding

This may be the case of a couple ambitious college grads trying to drum up interest in a project that they are passoionate about, but their use of least two different spam methods puts a cloud over the project. In addition, the fact that they almost raised $50,000 on Kickstarter, and currently have raised over $20,000 on IndieGoGo points to the effectiveness of pitching a compelling project and using spam methods to get backers.

When you contribute to Kickstarter you are not entering into a two way contract. If the project reaches the funding goal, your contribution is charged to you, but any perks associated with the project or even the completion of the project are not guaranteed. If the project isn’t completed, or even started, you don’t get any type of refund.

Not surprisingly, those with an idea, but not the experience to execute the project are frequently on Kickstarter. When the project is producing and new album or piece of art, the scrutiny is justifiably low, but some of the most popular Kickstarter projects have focused around unique tech projects that require and ask for substantial funding.

This same method could be used by modern day scammers by associating hot product ideas like the iPhone accessories, and the current crowd funding model doesn’t provide any accountability to whether a project is even attempted. The crowd funding communities will have to continue to be vigilent to make sure that those with an idea have the experience to execute it and that the projects themselves are being created with the proper intent.