April 06, 2003
get yer tinfoil hats out!
The weblog community's got itself all a-quiver lately over whether the FBI is watching them. Puh-eeeze people! Gimme a frickin' break.
Web HTTP user agent and referral data is VERY easy to forge. It's possible, with the most trivial of effort, to make a perl script that will visit your site and fake what it sends you in it's referral and user agent fields. What can't be easily forged is the source IP address of the request. THAT'S what's important.
Surprise, surprise, the source IP address isn't from within the government. Of course the conspiracy theorists will undoubtedly find a way to explain that away...
Here's another tip, the browsers surfing out from a secured facility are likely to be proxied. That is, requests from them are likely to have their user-agent and/or referral data stripped off of them. This is the default behavior on most firewalls. This way you see the IP address of the proxy or the firewall, not the actual computer running the browser.
So if someone wanted to make up a referral request that looked like the big-bad-government was out to get you it would be TRIVIAL for them to do it. I'll bet that's the case here. Someone's just fucking with your heads people, wake up from your conspiracy nightmares.
But hey, it's much more fashionable to believe rumor and conspiracy, right? Nevermind truth and realities.
For the morbidly curious:
http://www.mrry.co.uk/index.php?page=1659
http://www.gulker.com/2003/04/04.html
http://inessential.com/?comments=1&postid=2462
http://groups.yahoo.com/group/weblogs-com/message/729
UPDATE: to the overly sensitive types, if I wanted to call people names I'd do so. It's category name so get over yourselves.
