hope me get rid of the blue nasty July 23, 2009 8:44 PM   Subscribe

I stupidly clicked on that post that was just deleted that showed the terrible picture and tried to force videos. None of the videos opened-- the browser bounced around. I force shut down my computer by holding down the power button. Now whenever I open firefox 3 on OS X (leopard) that website appears. What do I need to do to fix that/secure my computer? I am posting this to metatalk in case anybody else was also affected.
posted by stresstwig to MetaFilter-Related at 8:44 PM (136 comments total) 2 users marked this as a favorite

It's called "last measure" and is a well known shock site. Thankfully I have noscript so nothing happened to me. I can't even imagine how big an asshole you'd have to be to post that shit here.
posted by dead cousin ted at 8:45 PM on July 23, 2009


Do I need to worry about it infecting my computer, or did it just simply change my homepage?
posted by stresstwig at 8:47 PM on July 23, 2009


My eyes! And I was just getting to wind down my day, too... I had to just let it play out and then individually close all the windows, which is hard to do if you're trying to not look at anything.
posted by runningwithscissors at 8:48 PM on July 23, 2009


I stupidly clicked it too. Problem is, I'm at work. Now I know better. Comments only from now on. It isn't automatically trying to restore your last page is it? I killed the process in windows process manager, and it didn't start back from that page. Here's hoping I can explain this one away if they check the logs...
posted by FireballForever at 8:48 PM on July 23, 2009


Yeah, I'm super sorry about that. nimp.org is a really fucked-up griefing site and I didn't ever expect someone to front-page that shit.

I've got Firefox set to prompt me on startup for whether I want it to continue my existing session vs. start a new session; I'm not sure off-hand how to force it to prompt for that, but I'd bet there's something you can tweak to force that prompt at startup, and hopefully someone can walk through that here for your sake and for the sake of anybody else affected.

Barring that, you may be able to just brute force through by ignoring the autoloading shit and going to Firefox -> Preferences... on FF startup; from there, the drop-down at the top of the dialog on the Main tab can be set to "show a blank page" or such, which could do you after another quit-and-restart.
posted by cortex (staff) at 8:50 PM on July 23, 2009


And for what it's worth, that sort of thing hasn't happened in years (if ever) and is grounds for just about the quickest and hardest ban we hand out. It's pretty fucked up that someone did that.

There's always a degree of caveat surfor anywhere on the internet, but please don't let this one fucked-up incident spoils you for general FPP-exploration. Just keep an eye out for "nimp.org" in the domain name and avoid like the plague if you see it.
posted by cortex (staff) at 8:52 PM on July 23, 2009 [1 favorite]


Couldn't you just start firefox in safe mode and then change your preferences from there?
posted by felix betachat at 8:52 PM on July 23, 2009


Tools/Options/Main/When Firefox Starts

is where you tell it whether to restore old tabs on start.
posted by drjimmy11 at 8:55 PM on July 23, 2009


Just keep an eye out for "nimp.org" in the domain name and avoid like the plague if you see it.

Will do. I never got a chance to really see the domain so I'm very happy to know it now.
posted by NoMich at 8:56 PM on July 23, 2009


I wonder what would possess someone to do that, actually. That guy had been here for a while and seemed pretty normal.
posted by dead cousin ted at 8:57 PM on July 23, 2009


Try opening Firefox in safe mode or opening Firefox from the command line specifying the home page you want to load on start up. See Mozilla KB for details.
posted by mathlete at 8:58 PM on July 23, 2009


Yeah I realized since I brute-shut down firefox was just trying to restore the last tab. It doesn't appear anymore. I'm more concerned as to whether or not it could have done anything further-- basically I got all of the bouncing around with goat.se and then it tried to open several wmv's which prompted me to either download or open with vlc. None of them opened. I then got a notification saying Firefox was attempting to allow incoming traffic. I blocked it. Is there anything besides that? Am I safe to take Firefox off of my firewall list?
posted by stresstwig at 8:58 PM on July 23, 2009


Yeah, I know cortex. i don't expect much grief from the superiors (hopefully), it was just really (really) surprising. I'll probably be running a virus scan before I punch out. And just looking at Mozilla site, safe mode is probably a best bet since the browser's almost worthless with all that windows resizing going on.

Well, it was an exciting lunch break, if nothing else.
posted by FireballForever at 9:00 PM on July 23, 2009


For me on windows, it tried to send emails out. No idea what it would have tried to email out, or to whom...
posted by WL at 9:10 PM on July 23, 2009


Did you guys nuke the post from orbit? It's not showing up as deleted with the greasemonkey script I have installed to show the deleted posts.
posted by chiababe at 9:11 PM on July 23, 2009


Did you guys nuke the post from orbit? It's not showing up as deleted with the greasemonkey script I have installed to show the deleted posts.

It'll show up once someone else makes another post, right now it's the most recently made post so it's not shown.
posted by dead cousin ted at 9:13 PM on July 23, 2009


Didn't nuke it from orbit, but did neuter the url. Since it's the most recent post, the deleted-post scripts don't know about it because they start indexing from the largest visible post-id and work down incrementally from there. It'll show up once someone makes another post.
posted by cortex (staff) at 9:13 PM on July 23, 2009


Just keep an eye out for "nimp.org" in the domain name and avoid like the plague if you see it.

Would it be at all possible for such links to be automagically de-linkified?
posted by Sys Rq at 9:14 PM on July 23, 2009 [2 favorites]


Ah, it makes sense now. Thanks for saving the world (well, most of it) from assholes, cortex.
posted by chiababe at 9:18 PM on July 23, 2009


Huh. I didn't click on that one (I didn't even see it), but I did click on this one and it seemed to do all the stuff to my computer that is being described, except for the showing nasty pictures stuff. It reset my homepage, installed a bogus "your computer is infected" script that kept trying to get me to register for spyware protection, etc. In that case, I restored my system to a previous saved spot, and I don't seem to have any problems, but should I have done anything else?
posted by yhbc at 9:21 PM on July 23, 2009


Would it be at all possible for such links to be automagically de-linkified?

Linking that sort of thing is so unprecedented, and such a manifestly bad idea, that bothering to filter for it may be borderline-quixotic, but if pb has a notion to add a little bit of low-impact blacklist action to our posting filter I suppose it's not a terrible idea.

Really, one of the things I like about mefi is that we don't really have much practical need for technological solutions to this sort of problem because it's such a weird bullshit freak occurrence in the first place.
posted by cortex (staff) at 9:25 PM on July 23, 2009


Turn off internet, open Firefox, clear all cookies and shit, set homepage to whatever, turn back on internet.

Lame though. Glad he or she got banned so hard.
posted by lazaruslong at 9:26 PM on July 23, 2009 [1 favorite]


Lazarus has a good point: disconnect your ethernet temporarily.
posted by Chocolate Pickle at 9:32 PM on July 23, 2009


Did that guy do that because his hypothetical askme was deleted?
posted by Rhomboid at 9:40 PM on July 23, 2009


Turn off internet

???

Blasphemy.
posted by jschu at 9:44 PM on July 23, 2009 [7 favorites]


Well now you've got me curious (greasemonkey script; missed the post itself).

But not that curious.
posted by Durn Bronzefist at 9:46 PM on July 23, 2009


Hey, this is tangentially related. I recently came across a host file that blocks unpleasent pages and tons of spammers.

Check it out.
posted by hellojed at 9:47 PM on July 23, 2009 [4 favorites]


Thanks, cortex, for getting rid of it so quickly - it was up for what, like four minutes?

I, unfortunately, did click on it. I quit Firefox via Task Manager. I've deleted cookies and Firefox seems to be normal (no change in homepage, no strange behavior).

But like the poster above, the script did try to send e-mails. It tried to open Outlook, which is bizarre since I've never used it ... and it got stuck on a 'create new account' wizard. I closed that, too.

Should I worry that anything else nefarious got installed on my system, like a virus or trojan or rootkit or keylogger or some such? I don't completely know what I should be looking out for, or what tools I should use to find out (other than a virus scan and AdAware, both of which came up negative). Suggestions?
posted by Chanther at 10:12 PM on July 23, 2009


Kudos cortex on how fast you nailed that! You had to have knocked that down within a minute or two. I clicked on the link I think just after it was posted, and in the time it took me to close the browser and reopen it it, the link the was gone.

I feel a little safer knowing you're protecting the castle.
posted by Slack-a-gogo at 10:16 PM on July 23, 2009


Did that guy do that because his hypothetical askme was deleted?

Don't know, don't much care at the moment.

Thanks, cortex, for getting rid of it so quickly - it was up for what, like four minutes?

The system at work, plus some lucky timing (evening, but I was at the computer right when it happened). Far and away most of the sketchy bullshit we see is from first-time poster or, less so, from existing members with a history of weirdness/problems. We get an email when a first/new post goes up, and I recognized the nimp.org domain, which made rapid deletion priority one.
posted by cortex (staff) at 10:17 PM on July 23, 2009


If this is the thread that we are all talking about than that means it was posted by a user with a harmless posting history. This looks like account theft.
posted by The Devil Tesla at 10:17 PM on July 23, 2009


I'd like to think it's something like that—guy's a long-time Music contributor, hard for me not to be kind of upset about the whole thing in general—but I'm also not about to hand someone a post-hoc alibi on a platter. IP records don't really suggest that's the case either.

An ill-considered post is one thing. Flat-out browser-hack griefing, targeted at thousands of members and readers, that's something else entirely.
posted by cortex (staff) at 10:25 PM on July 23, 2009


This looks like account theft.

Or schizophrenia.
posted by The Deej at 10:25 PM on July 23, 2009


OK, I'm curious. I'm going in!
posted by nowonmai at 10:36 PM on July 23, 2009


My money's on vengeance.
posted by CunningLinguist at 10:42 PM on July 23, 2009 [2 favorites]


I'm also not about to hand someone a post-hoc alibi on a platter

Probably a good idea. Hopefully this can be sorted out if it wasn't the account owner's fault.
posted by The Devil Tesla at 10:49 PM on July 23, 2009


That was a mistake! I think I have learned not to be so blasé about malware just because I'm on a Mac. It might indeed be worth filtering out this kind of thing - nasty pictures and hilarious sound files is one thing, but this business with the email client and the terminal windows? Not good! Enough to drive a man to drink. Speaking of which.
posted by nowonmai at 10:50 PM on July 23, 2009


If it was thread 83539, perhaps cortex could add a warning to his deletion message. Otherwise some folks running the Greasemonkey script might fall for the link.
posted by hydrophonic at 11:20 PM on July 23, 2009


Those are just mailto and telnet urls. They are completely benign. The browser opens whatever you've configured as your default email client when you click on one, and from there on the mail client is in charge. There is no way for the browser to do anything but suggest a subject line. All the griefer site does is simulate clicking on the link with JS, same as if you had clicked on it.
posted by Rhomboid at 11:24 PM on July 23, 2009


And the links in the post have already been nerfed with example.com, same as with all self-linker deleted threads.
posted by Rhomboid at 11:26 PM on July 23, 2009


Ah, good deal. Nerfs for everyone!
posted by hydrophonic at 11:28 PM on July 23, 2009


At least we know why he never had any spouses.
posted by iamabot at 11:29 PM on July 23, 2009 [1 favorite]


Last measure is just meant to gross you out and be annoying. It theoretically meant to crash/slow your browser but as far as I know, it doesn't install any malware or anything else.
posted by dead cousin ted at 11:34 PM on July 23, 2009


Wow, weird; poster with a very solid history is so not who I would have bet on to go postal.

I wonder if it's someone who browses with Lynx or has every ad blocker and pop-up blocker going and no JS, for example, who legitimately didn't realise that was a griefing site. (I'd never heard of nimp, and I would not have known.)

I'm doubly bummed because actually, I'd be very interested to know what world events I missed while I was ignoring the Michael Jackson hoopla. Is that article/info really there or was this pure link bait?
posted by DarlingBri at 11:37 PM on July 23, 2009


I wonder if it's someone who browses with Lynx or has every ad blocker and pop-up blocker going and no JS, for example, who legitimately didn't realise that was a griefing site. (I'd never heard of nimp, and I would not have known.)

Not likely since the only content on that page is last measure. The guy that posted that definitely knew what he was doing.
posted by dead cousin ted at 11:40 PM on July 23, 2009


Wow. I actually met this guy in person, not that I know him really well or anything, but he did try to help me get a job. Weird. I have seen his computer screen and he does not browse using lynx, and he also frequents reddit, where some users make a habit of trying to trick people into clicking on last measure links (if the WMV files had autoplayed it would have been a voice announcing proudly "HEY EVERYBODY!! I'M LOOKING AT GAY PORN!!").

As an aside, I am fascinated with this sort of homophobia that requires such an intimate familiarity with fringe gay porn. I mean the people who made sites like lemonparty and goatse and final measure clearly had to look at the content, and even go so far as hosting it. But the framing of the content seems so homophobic. Funny stuff. They must have found and sifted through lots of less shocking gay porn in the process of looking for the really shocking stuff, right? The mind boggles.
posted by idiopath at 12:04 AM on July 24, 2009 [4 favorites]


Thats such an odd, shitty thing to do. I've seen random killing sprees that actually make more sense than that.
posted by Avenger at 12:18 AM on July 24, 2009


I am fascinated with this sort of homophobia that requires such an intimate familiarity with fringe gay porn.

That's IRC.
posted by Blazecock Pileon at 12:23 AM on July 24, 2009 [2 favorites]


I am fascinated with this sort of homophobia that requires such an intimate familiarity with fringe gay porn.

I thought it just went without saying that homophobes spend alot of time looking at gay porn. Kinda like saying, "Well, I know some Muslims who occasionally pray towards Mecca..." etc.
posted by Avenger at 12:30 AM on July 24, 2009


he also frequents reddit

Great, I went to my local 10th dressed in a reddit shirt, I'm tainted now....
posted by hellojed at 12:41 AM on July 24, 2009


I got 8/5 that it's an acccount hijack.
posted by Jofus at 1:08 AM on July 24, 2009


I'm reasonably sure this is his Twitter profile (same username, both are musicians, both are near Portland). Somebody on there should drop him a line and find out what the fuck just happened. (Though judging by the quality of his Reddit contributions, I wouldn't be surprised if this was all him instead of an account hack.)
posted by Rhaomi at 1:31 AM on July 24, 2009


Is this something I would have to have a virus to understand?
posted by davejay at 1:46 AM on July 24, 2009


So glad this happened while I was sleeping or I would have been among the casualties.
posted by DU at 5:03 AM on July 24, 2009


Is this still up, or are my ISP blocking it? Chrome just gives me a server not found for anything at nimp.org.
posted by fightorflight at 5:24 AM on July 24, 2009


o, there it is. That was uber tame in Chrome. Lots of Mail windows that all closed with command-option-W, and it tried to open Unison.
posted by fightorflight at 5:26 AM on July 24, 2009


Nerfs for everyone!

Tiny American flags for others!

I was already in bed when this happened, but it does serve as a good reminder that I've gotten pretty blase about clicking on anything not explicitly labeled NSFW at work. Not to mention "oh I'm on a Mac/I use Firefox. The internets can't harm me."
posted by Horace Rumpole at 5:27 AM on July 24, 2009 [1 favorite]


I just thought somebody had linked to some awesome gay porn and a masturbated to it. I'm not even gay, but I didn't know what else to do.
posted by Astro Zombie at 5:33 AM on July 24, 2009 [7 favorites]


That sucked. My SO was in the room, probably thought I clicked on some nasty stuff.
posted by sswiller at 5:43 AM on July 24, 2009


I was listening to Negativeland when I hit the link last night, and for a second I thought it was part of the Negativeland song until I noticed the dance of the cascading windows.
posted by Slack-a-gogo at 5:51 AM on July 24, 2009 [2 favorites]


"THIS JUST IN: Last night a snowflake homicide on Ask Metafilter sparked a drive by griefing that left thousands of browers injured and one user hard banned."
posted by The Straightener at 6:13 AM on July 24, 2009 [10 favorites]


Privoxy is what I use for adblocking. You can also set it up to block URLs you never ever want to see, much like the hosts file listed above. (It's cross platform too, I run it on my mac as well as my work PC.)
posted by chunking express at 6:26 AM on July 24, 2009 [1 favorite]


It's also good because it works with any browser, since it's a proxy you run on your machine.
posted by chunking express at 6:29 AM on July 24, 2009


If that reddit account is the same guy what pathetic little loser. I am thinking 14 year old boy enamored with fart jokes.
posted by caddis at 6:55 AM on July 24, 2009 [1 favorite]


So wait, was this the same thing (more or less) as this?
posted by Navelgazer at 6:56 AM on July 24, 2009


CunningLinguist: "My money's on vengeance."

Mine too. To me the story goes:

Dude joins in January 2008, finds AskMe in May 2008, and promptly develops himself a little AskMe habit.

On their own, any one of the questions would have been unremarkably acceptable, but as an oeuvre, clearly he was addicted to chatfilter. (You know the type -- folks who take advantage of the goodwill of the community in order to create interaction or attention for themselves.)

He pushes it up to the line, and finally gets a deletion... then snaps like Sarah Palin in a televised interview, assuming that he will just burn it down on the way out the door.

Fortunately, little neo maxi zoom dweebies are no match for the MetaFilter Hall of Justice!
posted by pineapple at 7:13 AM on July 24, 2009 [1 favorite]


I look at Metafilter from my iPhone. I wonder what would have happened to me.

Also, I apparently fail at the Internet, can someone explain what a grief site is?
posted by silkygreenbelly at 7:18 AM on July 24, 2009 [1 favorite]


Wow and I thought my posts were bad? I fail to see the logic for doing something like this. Why would a member on here, knowing how "johnny on the spot" our mods are, post something like that? I bet friends/assholes jumped on the account and posted it. If not then I'm sure Christ what an asshole is the right term to be used here.

Also I wish I had the power to nuke things from orbit..... its not that I would ever do it, but it would be nice to know I could.
posted by Mastercheddaar at 7:38 AM on July 24, 2009


For once, I'm not sorry to have missed all the fun.

Has anyone affected checked .pdf files on their drive? I read a couple of reports that Last Measure includes a PDF corrupter.
posted by hippybear at 7:38 AM on July 24, 2009


"Griefing is the act of chronically causing grief to other members of an online community, or rather, intentionally disrupting the immersion of another player in their gameplay. The term Griefer originated in the online gaming world... Griefers are very similar to trolls, with the main difference being that griefers will often act to deliberately antagonize other members of the community, whereas trolls will more often act by baiting other members in an attempt to disrupt, by causing other community members to waste time in dealing with the troll's actions. Both griefers and trolls are usually acting out in a desire for attention." (Wikipedia)
posted by ocherdraco at 7:42 AM on July 24, 2009 [1 favorite]


If you look at the guy's Ask questions, he wanted to know how too look tough walking down the street, how to avoid panic attacks on an airplane, and how to perform well sexually after four years with no action. I'm no FBI profiler, but it seems to me that snapping in frustration and doing something vengeful from the safety of his computer is not completely out of the question.
posted by Pater Aletheias at 7:43 AM on July 24, 2009 [10 favorites]


If it's any consolation to the shock-sited, apparently he's either a paranoiac or the world's biggest loser.
posted by Optimus Chyme at 7:43 AM on July 24, 2009


I apparently fail at the Internet, can someone explain what a grief site is?

Shock site.

As an aside, I am fascinated with this sort of homophobia that requires such an intimate familiarity with fringe gay porn. I mean the people who made sites like lemonparty and goatse and final measure clearly had to look at the content, and even go so far as hosting it. But the framing of the content seems so homophobic.

Although I'm rarely on the side of defending trolls, I think the homophobia associated with shock sites is more about the cultural taboos involved than the mentality of the people who host and link to shock sites. My guess is that the kinds of people who are really "into" shock sites are jaded enough that they can watch them without batting an eye, whereas it's the victims of the sites that actually find them disturbing. It's sort of the same sort of thing as when little boys find toads or worms and torment little girls with them, it's about provoking a reaction from the victim.
posted by burnmp3s at 7:46 AM on July 24, 2009 [2 favorites]


Has anyone affected checked .pdf files on their drive? I read a couple of reports that Last Measure includes a PDF corrupter.

Mine seem fine so far. Mac running Firefox.
posted by runningwithscissors at 7:55 AM on July 24, 2009


Any sense in a cooling off period of a couple of hours across all sites, except MeTa, if you have a post deleted?
posted by IanMorr at 8:13 AM on July 24, 2009


Any sense in a cooling off period of a couple of hours across all sites, except MeTa, if you have a post deleted?

Well, again, this is such a weird outlier that trying to deal with it systemically isn't something I think makes sense. Having a post deleted most often leads to (a) some email or (b) absolutely nothing, so we'd be punishing the 99.9% of users who don't have a freakout or whatever by imposing an arbitrary additional limitation on them.

Most of the (rare) freakouts we encounter ARE in Metatalk; every great once in a while I've seen someone go on a sort of littering spree in the blue or the green when they're upset about some moderation, but that tends to get flagged quickly by other users and leads to a timeout to enforce a cooldown period in the few cases where it's needed.
posted by cortex (staff) at 8:24 AM on July 24, 2009


I'm reasonably sure this is his Twitter profile (same username, both are musicians, both are near Portland).

Well, he did just discover Ayn Rand.
posted by grobstein at 8:41 AM on July 24, 2009


Or Neal Stephenson and he simply can't spell.
posted by Navelgazer at 9:01 AM on July 24, 2009 [2 favorites]


Hard to say. Both books suck, each in their own way.
posted by chunking express at 9:11 AM on July 24, 2009


Insane PDX Posse
posted by lukemeister at 9:24 AM on July 24, 2009


Out of morbid curiousity and a sense of relative Mac-inspired invulnerability (plus I'm home, not at an employer), I went to nimp.org to see what the fuss was about. Nothin': I get a "server not found" message. Trying it in Safari, I just get "You don't have permission to access / on this server. Apache/1.3.34 Server at dummy.zoy.org Port 80." I'm not behind any protective things that would have auto-zapped it, at least not that I know of ...
posted by WCityMike at 9:26 AM on July 24, 2009


Oh wait, did this all happen because of this? What a dimwit.
posted by roll truck roll at 9:29 AM on July 24, 2009


It's possible that unqualified nimp.org serves up nothing, though I'm just speculating there. The usual vector for a nimp link is subdomain-as-bait, so like recovered.apollo.mission.tapes.nimp.org or britneyspearsvaginayetagain.nimp.org or such.

So if you're feeling adventurous still, try hitting up something with a subdomain attached and see if that gives you the payload.
posted by cortex (staff) at 9:30 AM on July 24, 2009


I got 8/5 that it's an acccount hijack.

Maybe. But it'd be odd that it got hijacked just a half an hour after his askme was cut. Smells a little too coincidental to me, but then it's always weird when an otherwise normal member has a meltdown over something so trivial. I imagine that it's why we try to find alternate explanations.
posted by quin at 9:42 AM on July 24, 2009


I DO NOT LIKE THE SMELL OF COINCIDENCE
posted by Astro Zombie at 9:51 AM on July 24, 2009 [2 favorites]


I believe the subdomain needs to include on.nimp.org to work. MetaFilter.on.nimp.org for example.
posted by spikeleemajortomdickandharryconnickjrmints at 10:00 AM on July 24, 2009


Actually, that's not coincidence. Someone left the burner on.
posted by roll truck roll at 10:13 AM on July 24, 2009


I'm kind of disappointed that none of you have diagnosed him with Asperger's yet. I think it probably means you all have Asperger's. You may want to get that checked out.
posted by ND¢ at 10:13 AM on July 24, 2009 [15 favorites]


Huh. I didn't click on that one (I didn't even see it), but I did click on this one and it seemed to do all the stuff to my computer that is being described, except for the showing nasty pictures stuff. It reset my homepage, installed a bogus "your computer is infected" script that kept trying to get me to register for spyware protection, etc.

....Huh.

Okay, that page that gave that result may have been an innocent hacking. My theater company's web site was one of a number of sites attacked this past fall -- we suddenly started getting a bunch of complaints from people trying to look up our playwriting contest on Google, Yahoo, etc. that they were getting viruses. We checked into it: if you typed the URL of our page directly into your browser, it was fine, but if you followed a link from anywhere, suddenly you got the "your computer is infected" script and the registring for spyware protection...

We looked into it, and found out that someone had hacked into our hosts' files and tacked a script onto our page and a couple of other pages, to the effect that if someone was trying to access those pages by following a link, they would be redirected to this "ohnoes you have spyware" site. It was simple enough for the hosts to fix, apparently.

But maybe that's what's happening in this instance -- the poster was trying to send you to a legit link, but the site had that redirect script in it unbeknownst to them.
posted by EmpressCallipygos at 10:15 AM on July 24, 2009


I'm kind of disappointed that none of you have diagnosed him with Asperger's yet.

No, but I watched Twilight last night, and I'm about 90% certain that the two main characters both have it.

And if not, it made the movie much more entertaining when viewing it from that perspective.
posted by quin at 10:19 AM on July 24, 2009 [1 favorite]


I feel really bad for this guy.
posted by kathrineg at 10:23 AM on July 24, 2009


kathrineg: "I feel really bad for this guy."

Why?
posted by pineapple at 10:25 AM on July 24, 2009


total aside:

cortex: I'm also not about to hand someone a post-hoc alibi on a platter

I use 'post-hoc' like this, but I recently realized that I think I've been using it wrong for years and in fact 'ex post facto' is the appropriate expression in this instance. 'Post hoc' actually just refers to the 'correlation not causation' fallacy so beloved by Mefi. On the other hand, ex post facto, when I read its definition, seems more what I mean, and what cortex means in this case. But I feel like lots of people use 'post-hoc' in this way. Is this just a case of populist semantic migration? Or what's going on here?
posted by skwt at 10:28 AM on July 24, 2009 [2 favorites]


I prefer ipso fatso.
posted by The Deej at 10:42 AM on July 24, 2009 [1 favorite]


I'm no expert, but I'm fairly certain that post hoc refers to receiving expectoration through the mail.
posted by found missing at 10:51 AM on July 24, 2009 [10 favorites]


I feel really bad for this guy.

I feel really weird about the whole situation. That said, maybe not so much with the fisking of his twitter stream et al. I know people are feeling burnt—I know I am—but this whole thing is strange in part because they guy hasn't particularly been a jerk in the past or whatever, and going fishing for things to get on his case for doesn't really seem necessary.

Is this just a case of populist semantic migration?

Probably, yeah. I tend to (lazily, informally) think of post hoc and ad hoc as a matching set, as far as this usage goes.
posted by cortex (staff) at 10:54 AM on July 24, 2009


I will not take that spit from your envelope.
posted by Kirth Gerson at 10:59 AM on July 24, 2009


spikeleemajortomdickandharryconnickjrmints: "I believe the subdomain needs to include on.nimp.org to work. MetaFilter.on.nimp.org for example."

*shudder* That ended up being the trick, and served me up some shock images I hadn't yet seen ... and wish I hadn't.
posted by WCityMike at 11:14 AM on July 24, 2009


Yeah, you should hold out for the propter hoc.
posted by lukemeister at 11:15 AM on July 24, 2009


Err, go.
posted by pineapple at 11:17 AM on July 24, 2009


According to Urban Dictionary, nimp.org, zoy.org, and lastmeasure.com are all part of the same network of griefing, so keep your eyes out for those as well if you are wont to wander the dark underbelly of the internet.
posted by Night_owl at 11:48 AM on July 24, 2009


*Remembers Jedi code, eschews the dark side*
posted by Cranberry at 11:55 AM on July 24, 2009


Boy am I glad I went to bed early.
posted by desjardins at 12:26 PM on July 24, 2009


Actually, it looks like that wonderful little attack has been open-sourced -- lastmeasure.com doesn't appear to be an attack site itself, but merely the source for the code ...
posted by WCityMike at 12:38 PM on July 24, 2009


Huh. I wouldn't think there'd be much crossover between the open-source community and the shock-site community.

Imagining what the "shock-site community" would look like is kind of funny.
posted by roll truck roll at 12:41 PM on July 24, 2009 [1 favorite]


One word: conventions.
posted by goodnewsfortheinsane at 1:49 PM on July 24, 2009


There's crossover alright. At DEFCON 12, someone did a nice little hack called airpwn that took people's WiFi connections and replaced incoming images (over HTTP) with the infamous hello.jpg of goatse.cx fame. Shocking? Check. Community? Check? Open? Well ... in more ways than one.
posted by adipocere at 2:50 PM on July 24, 2009


It is just dawning on me: dude probably isn't gonna share his million ill-begotten dollars with me :(
posted by idiopath at 3:50 PM on July 24, 2009


Imagining what the "shock-site community" would look like is kind of funny.

Crossed eyes, drooling, acne.
posted by Blazecock Pileon at 3:54 PM on July 24, 2009


We live in a post hoc world.

I will not take X from your hand needs to be in the wiki. Wikisherpas, ho!
posted by fleacircus at 4:39 PM on July 24, 2009


I'm not about to go firing up Last Measure, but just out of morbid curiosity, what does it have on it for "shock" value?

Generally they fall into the categories of either extreme pornography or animal cruelty. The porn doesn't really bother me (this may be a sign I've been on the Internet too long) but I'd rather avoid seeing any animal cruelty, it makes me too angry.
posted by Kadin2048 at 6:06 PM on July 24, 2009


kadin2048: people doing messy dirty yucky things with their private parts and poopoo. And some elderly people having sex.
posted by idiopath at 6:45 PM on July 24, 2009


Oh, okay. Well, carry on then.
posted by Kadin2048 at 7:03 PM on July 24, 2009


Kadin2048: Mostly graphic gross out images like stuff from orgish and lemon party/tubgirl/goatse, no animals unless you count an animated gif of penisbird.
posted by dead cousin ted at 7:05 PM on July 24, 2009 [1 favorite]


lemonparty is such an odd-one-out for me. I mean, yes, you don't want it to show up on your monitor at work or anything, but it's a very "one of these things / is not like the other" thing as transgressive images go:

- tubgirl firing an arc of human waste(-simulacrum?) out of her anus, and
- goatse stretching his rectum to absurd circumference, and
- knifebutt with a knife, you know, sticking bloodily through a butt cheek, and yes but then
- some old gay dudes who still know how to party.

It's like, go old gay dudes.
posted by cortex (staff) at 7:19 PM on July 24, 2009 [37 favorites]


Well they did seem to be having a lot of fun, yes.
posted by dead cousin ted at 7:21 PM on July 24, 2009


I couldn't get anything past http://static.nimp.org/images/ but if anyone has wants to, good luck
posted by dead cousin ted at 8:05 PM on July 24, 2009


I had forgotten about PenisBird!






(blessedly.)
posted by potsmokinghippieoverlord at 10:23 PM on July 24, 2009


Oh cortex, your comments have such an incredible tagline density potential.
posted by YoBananaBoy at 10:23 PM on July 24, 2009




Perhaps I'm too curious but these Metafilter mysteries always interest me. There are so many unanswered questions!

What was this person thinking?
Was it a hijacked account?
What does tubgirl, lemonparty and knifebutt actually look like (I've somehow avoided seeing all those, despite spending my teenage years online. I got goatse'd pretty early on however -__-)?

I hope somebody figures it all out.
posted by carpyful at 1:36 AM on July 25, 2009


It wouldn't be a Lemon Party....

I love how OBSCURE their jokes are on 30 Rock!
posted by crossoverman at 1:55 AM on July 25, 2009


WCityMike An open source griefing site network? Ah, progress. Is there anything it can't do?
posted by dabitch at 3:59 AM on July 25, 2009


What does tubgirl, lemonparty and knifebutt actually look like

For each of these, just google the word and then view the images results. I'd never heard of them either, so that's what I did (to my immense sorrow).
posted by Houstonian at 6:19 AM on July 25, 2009


I would like to thank cortex for introducing me to knifebutt, though I am slightly disappointed I had not heard of it sooner.
posted by mathlete at 6:39 AM on July 25, 2009


I think I may have discovered to my surprise and mixed dismay/delight that knifebutt is a fairly local phenomenon, relatively speaking—I found out about in #mefi on IRC, and that may be one of the local epicenters of a shock meme that never really broke out into mainstream appeal.

That I feel this way about a picture of a knife in someone's ass rather than some awesome obscure local band is kind of troubling, though.
posted by cortex (staff) at 8:21 AM on July 25, 2009 [1 favorite]


What does tubgirl, lemonparty and knifebutt actually look like

cortex describes them very well.

I know someone who once had a job writing descriptions of what took place in mainstream movies for some copyright reason I don't exactly understand. I wondered if he had a counterpart who wrote descriptions of what took place in porn, and whether that person was the most awesome or the most depressingly jaded human alive.
posted by Sidhedevil at 8:38 AM on July 25, 2009 [1 favorite]


He always seemed so nice--he kept mainly to himself. Quiet. Good neighbor, kept his place neat. Didn't really talk too much, but you gotta respect that. This came as quite a shock to all of us. Makes you think, you know?
posted by maxwelton at 9:22 AM on July 25, 2009 [4 favorites]


Whether it's an accident or intentional, he won't get the account back. What's to stop him coming in w/ a new $5 name? The prompt deletion (thanks, cortex) makes it a not very satisfying attack; maybe he'll look for more fertile ground.
posted by theora55 at 9:50 AM on July 25, 2009


What's to stop him coming in w/ a new $5 name?

A prompt refund and a "no, thanks" when we see the new signup, basically. It's something we've had to do with a couple other unwelcome returnees in the past.
posted by cortex (staff) at 9:59 AM on July 25, 2009


What's to stop him coming in w/ a new $5 name?

A prompt refund and a "no, thanks" when we see the new signup, basically. It's something we've had to do with a couple other unwelcome returnees in the past.


Aw, man, seriously? That's depressing. I've been secretly hoping sixcolors would come back. I liked her.
posted by Captain Cardanthian! at 11:48 AM on July 25, 2009


I wondered if he had a counterpart who wrote descriptions of what took place in porn

I'm not entirely sure, but I think I was offered that job a couple years ago, when I was unemployed and desperate for copywriting gigs. Sometimes I wonder where I'd be now if I'd have taken it.
posted by roll truck roll at 12:10 PM on July 25, 2009


I know someone who once had a job writing descriptions of what took place in mainstream movies for some copyright reason I don't exactly understand.

Television for the blind? Maybe?
posted by NoMich at 12:36 PM on July 25, 2009


What does tubgirl, lemonparty and knifebutt actually look like

Use your words
posted by lukemeister at 1:15 PM on July 25, 2009


I'm putting him down for borderline personality disorder. That's always a good fallback position for psixty-psecond psychoanalyses.
posted by Halloween Jack at 3:19 PM on July 25, 2009


re: - tubgirl firing an arc of human waste(-simulacrum?) out of her anus, and

Shocksite trivia: I've heard it two ways, first is that it's an orange juice enema, second is that it's a Photoshop. My money's on the former.

Goatse's entirely real, someone managed to contact and interview the dude - he's a fisting/anal stimulation enthusiast who, at the time of the interview, had worked his way up to those two liter plastic soda bottles.

re: some of the general claims about the mentality of people who are into this sort of thing...

Homophobia is entirely missing the point - there is a higher incidence of that than, say, Metafilter. But nothing beyond anything like 'normal' on the Internet. The goal is simply to get as much 'lulz' as possible by prompting the strongest negative reaction possible. Even the most homosexuality-tolerant person - not to mention a fair number of gay people I know - will find some of the more visually repellent examples of actual homosexual intercourse to be pretty rough viewing. Ditto heterosexual intercourse involving menstrual blood.

As to claims to basement-dwelling loserdom, again there's a higher incidence of that then, say, Metafilter. But nothing *substantially* beyond anything like 'normal' on the Internet. Some of the biggest shock site enthusiasts (what else would you call them?) I know have been successful CEOs, lawyers, sysadmins, etc. I've only known a couple that I'd call socially crippled in any sense. Disaffected, certainly, but in general capable of normal human relationships. The key seems to be a sense of humor that receives strong affirmation from the discomfort of others, the ability to smirk in the face of the scatological, and a *lot* of time on one's hands.

...and now I can never run for President.
posted by Ryvar at 5:59 AM on July 27, 2009 [2 favorites]


« Older You're no FUN!   |   Posting pony petition Newer »

You are not logged in, either login or create an account to post comments