If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!
today one of the projects I work on tracked a user repeatedly trying to get contact information from our younger members, actually only our younger female members. We’re kid friendly so always watch out for certain types of communcation.
After repeat bans we then did an ip ban, because he keep coming back to try and contact more users. To me that seems like a red flag, so after a bit of googling and reverse lookups I contacted verison as they would know whether this was some hopeless kid or an actual threat.
The first number listed is a voicemail telling you were to email, the next number agreed with me and put me through to the non voicemail number for verisons online security team.
Their security team turned out to be something that sounded like a call center in some country, their response? call the police. WTF?! No offense but I’m bring this to your attention, because you have the account information and can confirm if this is an action item as soon as I’m off the line and you look at the account… right?
30 minutes later I get a call back from the call center saying: “Hi you just called called, now what type of child pornography does this user have?”. How me trying to simply pass on a possible threat goes to me reporting child porn I have no idea.
after 20 minutes of explaining again the situation the call center employee finally understood why I was calling, and submitted a request to check out the account because of what happened on that site.
This took about 1 1/2 hours and 4 calls - Holy Crap! It really takes an hour and a half + 4 phone calls to submit a BOLO. There has to be an easier way to simply pass on information like this to isp’s.
There seriously needs to be a better way for admins to notify isps when one of their users is aggressively displaying strong indications of being a child predator. Or at least some form of SOP.
I propose they do the following:
- Admin contacts ISP, tells them situation. (2-5 minutes)
- Verify the admin is actually an admin of the site mentioned via email ( 3 - 7 minutes )
- Verify the site is active and general content of site. Already done
- Verify the ip (30 seconds)
- Verify household / age of user
- Notify whoever needs to be notified and request documentation if needed
- Send follow up thanks for the heads up email
Maybe I’m to used to SALUTE’s, BOLO’s, etc. But it seems like common sense to make it easy for the people who run these sites to be able to report activities like this. Maybe I’m the only one that thinks that.
Anyways his ip’s blocked and the iprange as a whole is getting extra careful watching.
elsid out - I got deadlines to hit.
