Featured post

My First Amendment Victory Over BullyVille.com

I have just won a precedent setting 1st Amendment victory in Texas against the internet vigilante site BullyVille and the histrionic twerp who owns it, James McGibney. Here is a detailed writeup on the case: Lexis: Rauhauser v. McGibney 02-14-00215-CV

I am happy to answer any questions journalists may have – please send a connection request to the Neal Rauhauser LinkedIn account. Here is the press release from my lawyer, Jeff Dorrell of Hanszen Laporte.

Texas’ Second Court of Appeals handed a stunning victory to the appellants on December 11, 2014, unanimously reversing the 67th State District Court and dismissing defamation claims against Neal Rauhauser. Rauhauser was represented by Jeffrey L. Dorrell of the Houston law firm of Hanszen Laporte, LLP.

“This is another important victory for the right to criticize public figures on the Internet,” Dorrell said. Dorrell first became known as a protector of free speech rights when he won a case in the Texas Supreme Court in 2011 reversing the lower courts and affirming the First Amendment right of bloggers to criticize anonymously.

James McGibney sued Rauhauser and others for defamation because they criticized McGibney’s “vigilantism” in the operation of controversial websites known as “Bullyville” and “Cheaterville.” The “Bullyville” website is emblazoned with what appears to be the philosophy and business model of its owner: “Sometimes you have to be a bully to beat a bully.” Rauhauser and others sharply criticized what they characterized as the hypocrisy of McGibney’s tactics. McGibney reacted by suing Rauhauser.

“This was an outrageous example of lawsuit abuse,” said Dorrell. “McGibney filed multiple lawsuits simultaneously in federal and state courts in Texas and California against our client based on the same facts—lawsuits clearly intended to chill his right of free speech,” Dorrell added. Dorrell filed a motion to dismiss under a relatively new law called the Citizens Participation Act. The law requires a court dismissing a suit under the Act to award both attorney’s fees and sanctions—a civil penalty—to the successful party. The 67th District Court failed to act, but the court of appeals reversed and ordered the trial court to dismiss McGibney’s claims and award fees and sanctions to Rauhauser.

Rauhauser is seeking $250,000.00 in attorney’s fees and sanctions of $1,000,000.00. It is not known whether McGibney will challenge the ruling in the Texas Supreme Court. “If he does, we’re ready,” Dorrell said.

Featured post

Zero Customer Knowledge VPNs & @CryptoMoneyExpo

Earlier today CryptoCoinsNews published my Zero Customer Knowledge VPNs article. This introduces a path to more broadly commercializing the innovations of Cryptostorm using Ethereum.

Zero Customer Knowledge VPNs

Zero Customer Knowledge VPNs

I am attending the CryptoMoneyExpo virtual convention on December 5th & 6th, where I’ll be manning the booth for Several Startups. Also appearing at our booth will be ViK from @Badbitcoinorg, graphic artist @AllSquareCat, and the infamous Amber White.

Entrance to the event is free, please come by and see us.

Blockchain Futurist Melanie Swan

We are standing at one of those technological and societal inflection points, those curious times where something new that snuck up on us suddenly burst into broad public awareness. The concept of the blockchain, starting with Bitcoin and triggering a flood of innovation, is one of those things.

I often do my own original work, but the nature of that work is changing. Instead of doing everything from scratch and arriving after the party is over with an in-depth understanding, I am consciously picking (read:curating) sources to heed. This started in a more structured fashion when I read Attention Doesn’t Scaleby @ewengel over a year ago.

One of the people I have picked to watch is Melanie Swan of Institute for Blockchain Studies.

I’ve been writing about Ethereum both here and on CryptoCoinsNews, but the full scope of what it means still eludes me. Distributed autonomous organizations were one advance that wasn’t obvious, and the potential for real Artificial Intelligence was another. I hope I don’t sound like a budding Kopimist here, but with the pace of innovation maybe they really are on to something.

Swan offers a treasure trove of presentations on SlideShare, over sixty of them, and I’ve only sampled a few thus far. Swan’s Technology Philosophy channel contains a large number of short lectures, but I’m not sure they match the presentations.

This window has been open for three hours, because I can’t say anything in less than five hundred words. I’m going to surrender with the job half finished and let Melanie Swan’s work speak for itself.

Debunking (Mostly) #Torgate on hacked.com

Hacked.com was recently purchased by CryptoCoinsNews and they’ve just added my second article, Debunking (Mostly) Torgate. Between these two venues my volume here has dramatically fallen. There is no word yet on what Hacked will do in terms of a Twitter feed, I guess @CryptoCoinsNews will be the outlet until they pick an account name.

Access to those two outlets has radically changed my flow of research & writing. I find it an acceptable price to pay for the expanded readership, but I still want to do one large piece here on a weekly basis.

Debunking (Mostly) Torgate

Debunking (Mostly) Torgate

Programming @ethereumproject with @MintChalk

I just finished an article for CryptoCoinsNews entitled Ethereum’s Brave New World. I had only seen a bit of the Ethereum Video Library and I noticed and bookmarked this video for later watching. I’m really glad I did, because MintChalk is exactly the thing I was needing to ease into programming Serpent, the Python based language for Ethereum’s blockchain.

The site offers a search function and is conceptually a bit like GitHub, where developers host programming projects.

MintChalk  Search Function

MintChalk Search Function

I looked through the available contracts and thought ‘Authoritarian User List’ was the perfect example for a closer look.

MintChalk Authoritarian User List Contract

MintChalk Authoritarian User List Contract

MintChalk is just a basic repository, at least for the moment. Where it shines is in the development environment it provides. The top portion is the code window, lower left is program control, and lower right is a multi-panel inspector that shows you what’s going on inside the system when a contract is executed. The ability to proceed step by step and see the effects of each statement is a tremendous benefit when first approaching a new language.

MintChalk, coupled with the community of the Ethereum Serpent Forum, should provide a smooth path to becoming familiar with creating Ethereum contracts.

Using @KeybaseIO, Trying To Break It

Identity Aggregators Rising was an introduction to Keybase, which you can follow at @KeybaseIO. Having convinced myself the services provided constitute a trend, I set about breaking it.

I had no idea what Keybase was when I received the invite, so I made a hash of the initial setup, choosing the name slavecraton, which is tied to some random email address known to a grand total of two people, and then I piled on a bunch of stuff that actually is me.

slavecraton Profile

slavecraton Profile

Once I understood what it was for I started thinking I should claim my actual name and fully exercise it. I created nealr and opened @nrauhauser long enough to prove I own it. I sealed it back up again and this morning I found a gripe email from the system because the proof of ownership tweet was missing.

nealr Profile

nealr Profile

I decided I’d go service by service and see how the system coped with conversion from one name to another, with duplicate claims on various accounts. I managed to get it to double on my Github account immediately but the Reddit dialog took several tries to even launch, and it fought me every step of the way. The system doesn’t admit to knowing that slavecraton has a claim on my Reddit, instead it just breaks every step of the way.

Let me qualify that statement about breakage. This was happening in a VM running Linux, part of a system I built for myself, which offers many of the features Whonix gateway/workstation dual VM environment. Everything happens through Tor and the browser requires me to approve each script manually. This is a sort of midpoint in terms of a secure environment – Keybase will work entirely from the command line and some time this week I’ll have a go at starting from scratch with a new email.


Although flexible and thorough one, of the unspoken assumptions is that Keybase is going to attract those who either already have PGP keys, or those who are brand new and need keys. There is a broad middle ground of people like me – those who have various keys, various email addresses, a few failed PGP experiments, and just a handful of associates who actually use it. Information Security Thought Princess @SwiftOnSecurity has been riffing on these difficulties for a while. I particularly like the ‘day 3′ tweet.

Swift On PGP

Swift On PGP

Here are a bundle of observations and complaints in no particular order. Something like half of these are just me being clumsy rather than a problem with Keybase itself.

  • Where’s the guide for the PGP-curious who’ve not mastered it yet?
  • No Tumblr? Really? How will @thegrugq confirm his ownership of Hacker Tradecraft?
  • There should be a way to do multiple email accounts.
  • Many professionals have a personal Twitter and a role account for their blog.
  • The command line presumes a skilled operator. There should be a cookbook for newly hatched Linux users.
  • The same goes for those running @Whonix, make it cookbook easy for new users to onboard themselves.

Keybase is the strongest contender I have seen for getting past PGP’s “Day Three Failure“. Instead of needing an email and using the very sparse pgp.mit.edu search engine, Keybase presents many of the services people already use, as well as a social network component where you can ‘track’ others. I am less enamored with the site’s open display of the PGP “web of trust” than I am with the many account types supported, and that looks very amenable to my creating a few Maltego transforms.

If you want to try it for yourself just drop me a note, I’ve got half a dozen invites left.

Identity Aggregators Rising

Which social networks do you participate in? MySpace? Facebook? Twitter? LinkedIn? Or some of the newer, smaller ones? Why would I put a dead end like MySpace on this list? Because I have reason to believe its fate is the norm for social networks, and Identity Aggregators are some tangible proof this theory is correct.

I have been rummaging around on my desktop looking for an academic paper that described the rise and sometimes fall of social networks as epidemics of complex infections. Unlike bacterial or viral troubles, social network epidemics are not something you get from one contact, it’s usually two or more, unless you are one of those rare trend finder/tool evaluator types. I can’t find it right this minute, but I’m going to keep an eye out for it. If correct, we should see Facebook crater over the next two years, losing 80% of its subscriber base. And that is a seismic shift.

How are those four big social networks I named used?

  • MySpace – started out general purpose, devolved to being a music focused platform
  • Facebook – started out college focused, blew up into a personal identity platform, then lost its way
  • Twitter – Started out mobile friendly, became an identity platform, and has largely eliminated RSS feeds as a source of information
  • LinkedIn – intentional professional identity network, unlikely to be dislodged, makes periodic unsuccessful breakout attempts

I’ve had MySpace for various experiments but it was never a social network for me, I was just browsing. I disabled a 3,200 friend Facebook account about two years ago. It gets resurrected occasionally when I need some Facebook data for a social network analysis class, but this is not something I use, nor do I have any urge to replace it. I have grown a couple of Twitter accounts to the point where they had five digit follower accounts and I’ve helped run a couple that had counts in the six digit range. I favor Twitter above all others because it’s light, fast, and easy to program.

I started rebuilding my nealrauhauser LinkedIn account from scratch in late 2012, paying much closer attention to whom I approved. It stands at 550 now but my record keeping of the progress fell to ruin in September, when LinkedIn Labs discontinued their network visualization tool, Inmaps. I just recently found a replacement in Socilab, a more flexible tool, but it doesn’t motivate me to take a weekly screen shot the way LinkedIn’s in house tool did.

The three connected clusters are Democratic political folks, foreign policy and security people, and the smallest are my newly hatched connections in the cryptocurrency realm. Divisions that were located by LinkedIn’s community finding are not visible here, and I’ve not taken the time to sort out why that is, although the fact that it’s not a wholly connected graph with me at the center might have something to do with that.

Socilab LinkedIn 2014-12-06

Socilab LinkedIn 2014-12-06

Defining Oneself

What do I mean when I say ‘identity’? This goes deeper than an account used as the means to log into other services, particularly those where its only role is to be the login credentials. Facebook and Twitter have taken over a large portion of that duty, MySpace was already in its twilight years before that concept took root, and “auth with your LinkedIn account” isn’t a terribly common option. The only thing that is stable for me is the LinkedIn account – all else is subject to whatever experiments I happen to be in the mood to run.

There are a class of sites that exist which can be described as being ‘above’ or ‘below’ these, depending on which metaphor you want to use to describe them. The phrase meta-identity comes to mind here – they exist as containers for two or more of the complex infection sites, and their strategy is to remain important as social networks with engagement features come and go.

Identity Aggregators

There are a couple of identity aggregator sites I’ve used, and I think there is going to be an increase in this, partially due to the normal lifecycle of social networks, and also due to the various cryptocurrencies and their wallet addressing schemes. My very first identity aggregator, about.me/nealr, was idled years ago, and all this one does is serve as a repository for links, a sort of portfolio.

The most recent one I’ve come across was a complex infection. I got an invite from someone, then I noticed someone else in my Twitter timeline talking about it, so I finally signed up. keybase.io/slavecraton is mine, and it’s got all sorts of interesting stuff connected to it.



First, notice the Coinbase and Bitcoin address options? This is about your online financial presence as well as the other stuff. The lengthy key is the fingerprint for a PGP key connected to my gmail account. Gist repositories are for professional contributions. The Twitter account is my usual mix of serious professional, serious silliness, and bait for my unwanted (read: paranoid & delusional) fan club there. The only thing my Reddit account has ever done is go through the keybase validation process.

Unlike earlier identity aggregators, which were happy with whatever HTML links you wanted to add, keybase requires you to prove you control a given account and much attention is paid to cryptographic signing of things. This is meant to be a workspace for your verifiable identity. Here is what they have to say for themselves regarding the hassle of public key exchange:

Keybase is an open directory — no API key needed — so you can request maria’s key, get her proofs, and verify her identity in any software. The goal of Keybase is to let any security software be powered by usernames instead of offline key exchanges.

While the web interface for Keybase is smooth, the inclusion of command line tools at the core are something that sets it apart. I haven’t tried to start a new Keybase account from scratch using the lynx command line browser but I suspect it would work, and once created it’s clear that anything you can do with the web is available via the shell.

Simple, clean access like this is why I preferred Twitter over Facebook. One could be accessed with curl, the other … well … I never did actually figure out how to get Facebook to do anything. It was a labyrinth and every example presumed a web server was making requests rather than some simple command line utility.

Keybase.io isn’t the only effort to consolidate & secure information about social media accounts and cryptocurrency wallets. I also picked up a onename.io account around the same time, which I breezed through and then set aside due to lack of coverage and lack of command line support. There must be others, there are just the two I’ve noticed recently.

keybase.io is still invite only – if you want to look closer let me know, I’ve got half a dozen invites left.