Sony Online / Lithum / Matrix Online Forums Privacy Exploit

Few have much nice to say about Sony Online Entertainment. I will say that they try to give a decent product to their clients. Sometimes they succeed. Sometimes the excel (and then ruin it by changing it).

However this is about Sony Online Entertainment not protecting user privacy. You need to know how to protect yourself since they have chosen not to.

I sent a detailed email to SOE explaining how users can (and some were) log on to the Sony Online Matrix Online forums as other users and even administrators. It should be noted that I also sent this same information via the Sony Online Matrix Online Forum system as a Private Message to Walrus (He is essentially the head honcho for the gaming community relating to The Matrix Online). I never received a response so I sent an email to Bruce Economy since he seems to be the highest up email address I could find.

Here is the content of the email:

---

From: John Hasson [mailto:john@unigrep.com]
Sent: Monday, December 05, 2005 10:49 AM
To: Economy, Bruce
Subject: Found big exploit on forums (by accident even) -- Matrix Online -- can log in as admin or other user

Here is how it goes.

On my sig... I track the referring URL.
The recent list can be seen at http://mxoHouston.com

When someone is replying to a post with my sig the system passes their sessionId in the URL.-- (If they are logging in to reply to the message)

You will see something like this... the sessionServerID is what gets ya.
......action=view_main&id=11711&t=inbox&sessionServerID=JpVq3Ykr7cAfd%3FC0

If you click on that link with the SessionID around the same time period they have logged in then you are logged in as if you are them.

I noticed it by accident when I accidentally posted a reply as Harpalos

http://mxoboards.station.sony.com/matrix/board/message?board.id=mission&message.id=2076#M2080

I quickly edited it of course...

And tracked down what happened.

Suggestion:
Have the board set a cookie without passing the sessionId along the URL. That way it can't be taken advantage of.

If this is not fixed.. someone could log in as an Admin or a Moderator

If you cant fix it... I suggest making sure that the Admins or Mods make sure they log in first using the standard log in link on the main page before they start replying to messages. But players will still be able to take over each other's forum accounts.

John Hasson
john@unigrep.com

---

To his credit, he replied very quickly telling me it would get sent to the right group. See his quick response.

---

From: Economy, Bruce [mailto:beconomy@soe.sony.com]
Sent: Monday, December 05, 2005 11:58 AM
To: John Hasson
Subject: RE: Found big exploit on forums (by accident even) -- Matrix Online -- can log in as admin or other user

Hello,

Thanks for sending this to me. I’ll get it passed on to the right group.

Sincerely,

Bruce W Economy
Senior CS Supervisor
Star Wars Galaxies - Planetside - Matrix Online
Sony Online Entertainment
beconomy@soe.sony.com

http://www.station.sony.com/

---

I thought ok great. They will tell lithium (who makes the forum software) and they will get it fixed.

Well between then and now, I was banned. A few weeks later I got permission to come back. The game just wasn't the same anymore and eventually left the game again.

For those wondering if this is why I got banned. It isn't. It may have caused them to put a “watch” on my account, but I was banned for something else (that will go in a future post).

Well five months later it STILL isn't fixed. So I figure I'll send one more email to Bruce to see if he can light a fire to protect people's privacy.

Here it that message that I sent today.

---

From: John Hasson
Sent: Thursday, May 18, 2006 3:50 PM
To: 'Economy, Bruce'
Subject: RE: Found big exploit on forums (by accident even) -- Matrix Online -- can log in as admin or other user

Hi Bruce, I no longer play any SOE games (for the moment) but this is something that you should know about.

5 months ago I emailed you about this exploit. It is still not fixed and people can still log in as other people. Even worse I have been contacted by others who also knew of this and used it for their own gain so I know it has caused issues in the past.

This concerns me because you claim to protect user privacy.

http://www.esrb.org/confirm/soe-confirmation.jsp

This is simply not the case. I'll have to go public with this shortly so users can know how to protect themselves.

John

Hi Bruce, I no longer play any SOE games (for the moment) but this is something that you should know about.

5 months ago I emailed you about this exploit. It is still not fixed and people can still log in as other people. Even worse I have been contacted by others who also knew of this and used it for their own gain so I know it has caused issues in the past.

This concerns me because you claim to protect user privacy.

http://www.esrb.org/confirm/soe-confirmation.jsp

This is simply not the case. I'll have to go public with this shortly so users can know how to protect themselves.

John

---

And here is the reply.. well not much of a reply :)

---

Economy, Bruce on 5/18/2006 3:49 PM
The e-mail account does not exist at the organization this message was sent to. Check the e-mail address, or contact the recipient directly to find out the correct address.
...<beconomy@soe.sony.com>... User unknown>

---

This means two things. Either Bruce no longer works there or he changed his email address because too many customers players were emailing him.

To summarize:

SOE has known about this privacy breach for 5 months now. That is plenty of time for them to fix it. So I am posting here to tell the users of lithium forum software how to protect themselves.

NEVER LOG IN WHEN REPLYING TO A MESSAGE. EVER!

Only log in from the main page and then browse the forums and reply after you have logged in.

3 possible ways for Lithium or SOE to fix it.
1) Don't pass the session in the URL before you set it as a cookie.
2) Don't allow users to link to external images for their forum signatures
3) Don't link to external images/links when processing a login

There may be other ways to fix it, but any of those will work.

Whats really sad is that this is not a really elaborate exploit.

Subscribe Via RSS

Adam Herscher @ Microsoft Responds

His post can be found here: On Blogging and Bug Bashes

To summarize: They are paying Non-Coders (the "everyone else" group @ Microsoft) for bugs they find that are fixed.
So.. if Joe Marketing finds a bug and reports it. When that bug gets fixed Joe Marketing gets $100. (at least I think it is when it gets fixed, it would be crazy to pay them for each bug they find regardless of if it gets fixed)

He goes on to say how we are all spinning the original post the wrong way. Look at the original post mirrored here (the original was taken down).

I don't see how it could be taken any other way then the famous dilbert comic.

I'll have to digg around for the original post if I can even find it, but I seem to remember someone else at Microsoft reporting annoyances from Vista as bugs. They were talking about Vista's constant nagging the user on things. (Do you want to do [this]? Are you sure? It might be a security risk, etc.. )
His concern (and it is valid) is that users will simply start clicking yes all the time (like they did in IE) He reported it to the Vista folk. Turns it isn't considered a bug since it is by design. So.. no $100 for him :) He ends his post with stating that real bugs are easy to fix. Design changes are hard late in a project.
*I have not tested Vista so I have no first hand experience with it yet.

Most issues the non-qa/coding group will find are going to be design issues and not actual bugs (since if they aren't normally doing this type of thing they won't really have the experience to find actual bugs).

This will lead to frustration on their part because most “bugs“ reported will come back as “That's not a bug. We did that on purpose.“ It will spiral from there.

So.. I still call pointy-haired boss on this idea unless they take their user interface input into consideration (since that is mostly what the non-techie group would find).

Subscribe Via RSS

Microsoft has Pointy Haired Boss named "Brian V"

Here is the link: http://blogs.msdn.com/mpoulson/archive/2006/05/12/596319.aspx

Aparently they are being paid for each bug they find and fix.

Snippet incase it gets taken down:

• “MSFT employees get paid extra $$ to find bugs in Vista Beta 2
  Today Brian V sent mail out that told msft employees on the Vista teams they will get paid $100.00 for each bug we file and get fixed in Beta 2.
  
  The person with the most bugs filed and fixed will get an extra $500.00.
  
  How SWEET is this!“

What does this remind you of? ...

Dilbert :)

Subscribe Via RSS

American Inventor Scam

I've been watching American Inventor for the past few weeks.

I fast-forward through everything but the actual inventions. To me it is not about their background or who had the worst childhood.

It is about who has the best invention.

Best inventions in the show: (Both rejected by the “judges“)

1. Portable Air Conditioning Unit (Inveneted by a 14 year old kid)
   Granted, the kid wanted to use it to leave the dog in the car it had a lot of other uses.
   
   
2. Bathroom clip to keep stall doors closed.
   Neat idea. I don't see why the judges had her bulk up the invention by adding a bunch of extra stuff into a bathroom kit.

Most annoying things about the show:

1. They seem favor minorities for the finalists.
2. They spend too much time trying to make you feel sorry for the inventor.

Half of the finalists' “inventions” aren't even new ideas

1. The Football Receiver Trainer
   This one is a good idea.
   
   
2. The Two Person Bicycle
   (Already been invented) http://www.bilenky.com/viewpnt.html
   
   
3. The Word Game
   This one is also a good idea and should win because it has the greatest overall appeal.
   
   
4. The “Womb-like“ Car seat
   (Already been invented) http://www.safetyegg.com/

Subscribe Via RSS

Zango Cash Experiments

I created Encrypted Messenger... wait let me back up and give a little history.

My friends and I had been dreaming of how nice it would be to encrypt our Instant Messages.

Around October 2001 or so, I ventured into the contract programmer realm.

On New Years Day a few months later I got a programmer's itch. A programmer's itch is when you are super focused and skip food, sex, sleep, etc. to get whatever it is you want done. This turned into an 11 hour programming session.

Success! It worked pretty well. I release version 1.0 to the world for free with a stipulation that it could only be used for personal use.

A few months later I was contacted by a company that wanted to use it for corporate use.

But of course they wanted a few things added... Thus, the following features were added

• RSA Key Encryption (This means you don't have to really know what your password it will make a random password for you)
• The ability to have several people in one encrypted chat conversation with random keys (that was kinda a pain to get working)
• The ability to send encrypted files through NAT. (Sending files even when you don't have a direct connection to the Internet or your chat buddy)

Word got around...

People came and asked for it to work with Yahoo, AIM, etc..

Yahoo was the most painful to get working. But once I figured out how to connect with the internal Web Browser window the interface with it became the best interaction of all the IM programs I have done it with....

People requested updates and changes were made (when they made sense), I started charging for the software.

Hooray! I was making money off of software that I made.

Then all of the sudden the income stopped. It was like someone just turned it off.

A few days later I got an email from a pirate/software crack group bragging that they had cracked the authentication for Encrypted Messenger.

(It's not like I have a really sophisticated security mechanism, but they wanted to make sure I knew that they were responsible.)

So I tried making a few changes to the code. As soon as I did new cracks would show up...

I went back and forth with a few different updates. But it really didn't matter. I just gave up at that point. I stopped updating the software as much. A friend pointed me to those ad companies that pay you to bundle their software with yours. As much as I detest stuff like that I figured, why not. I'm already being ripped off by people anyways.

So I released a new version that is Ad-Supported with Zango. People can still pay for it to get the non-ad version and people with a real us military email address can still get a key for free. (The US Military thing is a story for another time)

The results with Zango Cash are so-so. I make more than I was before I started using them. I made doubly sure that Zango Cash was easy to remove from people systems. I don't make a killing but it somewhat makes up for the whole piracy thing.

Subscribe Via RSS

15 Ways to Live Longer - Source Forbes Magazine

Get Forbes Magazine - Save $64 + Free Gift

1) Don't Oversleep

Here's a reason not to hit the snooze button anymore: Sleeping too much can reduce life expectancy, according to a February 2002 study in the Archives of General Psychiatry. The study found that people who sleep more than eight hours per night had a significantly higher death rate than normal. But late-night-party-goers shouldn't rejoice: researches say that sleeping less than four hours also increases death rates. People who sleep between six and seven hours per night were shown to live the longest.

2) Be Optimistic

Researchers at the Mayo Clinic in Rochester, Minn., found that optimistic people had a 50% decreased risk of early death compared with those who leaned more toward pessimism. The results, published in the August 2002 issue of Mayo Clinic Proceedings, make sense: Those with a positive outlook on life are probably less stressed, better equipped to deal with adversity and, consequently, healthier. Optimists also tend to have lower blood pressure than pessimists, which, again, is most likely related to how positive thinkers respond to stress.

3) Have More Sex

No complaints here. There's decent evidence that sex helps keep us healthy, and thus increases longevity. But according to researchers, it's not necessarily an actual biological response generated by sex that makes us live longer. What's more likely is that having intimate sex means you are less stressed, happier and better rested--all factors that can lower blood pressure and protect against stroke and heart disease. A study published in the April 2004 Journal of the American Medical Association found that "high ejaculation frequency was related to decreased risk of total prostate cancer."

4) Get A Pet

People who own pets, especially dogs, have been shown to be less stressed and require fewer visits to their physicians than non-owners. Survival rates for heart-attack victims who had a pet have been shown to be 12% longer than for those who did not have one, according to one of the first studies dealing with the impact pets can have on our health, led by researcher Erica Friedmann. Pet owners have also been shown to have lower blood pressure. The reasons are most likely related to an array of psychological factors, such as the facts that owning a pet decreases loneliness and depression, encourages laughter and nurturing, and stimulates exercise.

5) Get A VAP

It's estimated that about half of the people with heart disease--the No. 1 killer in the U.S.--have normal cholesterol levels, which raises serious doubt about the ability of traditional cholesterol tests to detect risk. But more advanced cholesterol tests, like the VAP test, made by the Birmingham, Ala.-based lab Atherotech, may remedy that. VAP measures important metrics that traditional tests miss. Regular tests only detect half of the people with heart disease, while the VAP has been shown to detect 90% of heart disease patients. That's important because lipid abnormalities can most often be rectified with medication and dietary changes. And the sooner you start making changes, the better.

6) Be Rich

According to the National Center for Health Statistics, 24% of Americans whose family income is less than $20,000 are "limited" by chronic disease, whereas only 6% of people with an income of $75,000 or more have this problem. In general, population groups that suffer the worst health have the highest poverty rates and the least education. One possible explanation: Higher incomes permit access to better food and housing, safer neighborhoods and increased medical care. Higher incomes also increase the opportunity to engage in health-promoting behaviors. Of course, being a chief executive certainly exposes you to a high level of stress that can decrease life expectancy. But according to the data, striving to be financially comfortable is a good goal for aspiring centenarians.

7) Stop Smoking

To say that smoking is bad for your health is, of course, not revelatory. But it still cannot be denied that quitting can significantly improve your prospects for a long life. Middle-aged men who are long-term, heavy smokers face twice the risk of developing more aggressive forms of prostate cancer than men who have never smoked, according to findings that appeared in the July 2003 issue of Cancer Epidemiology, Biomarkers and Prevention. According to a recent study in the Archives of Gerontology and Geriatrics, cigarette smoking has been clearly linked to the most common causes of death in the elderly.

8) Chill Out

A study led by the Johns Hopkins University School of Medicine in 2002 found that men classified as having the highest level of anger in response to stress were over three times more likely to develop premature heart disease than men who reported lower anger responses. They were also over six times more likely to have a heart attack by the age of 55. One possible explanation is the correlation between anger and high blood pressure, a condition that commonly develops in highly stressed individuals. The lesson is simple: Try as much as you can to let unavoidable, everyday stresses roll off your shoulders.

9) Eat Your Antioxidants

Antioxidants, substances that are found in foods ranging from cinnamon to blueberries, can scavenge free radicals, compounds whose unstable chemical nature accelerates the effect of aging on our cells. Until these excess free radicals are quenched by antioxidant molecules, cellular damage accumulates. This contributes to an array of degenerative diseases, including atherosclerosis, Alzheimer's and cancer. Research shows that certain types of beans (kidney, pinto, black) are among the best sources of antioxidants, while blueberries and other berries follow close behind.

10) Marry Well

While the phrase "marry well" is typically used to describe people who marry someone rich, we are talking about something entirely different: genetics. Apparently, longevity genes can be inherited. According to a February 2005 study in Mechanisms of Aging and Development, exceptional longevity and healthy aging is an inherited phenotype across three generations. So, for the single people out there, pick a spouse whose grandparents are still alive. This won't make you live longer, but it might help your children.

11) Exercise

Get up and start moving. Not only does exercise help us maintain our weight, it improves our cardiovascular health, strengthens the bones and increases endorphins in the body--hormones that give us energy, make us happier and help ward off stress and disease. "If you don't use it, you lose it," says Dr. Merl Myerson, director of cardiovascular prevention at St. Luke's/Roosevelt Hospital in Manhattan. "We find that active people will do better, live longer."

12) Laugh A Little

Laughter reduces levels of stress hormones like adrenaline and cortisol. It also releases endorphins that work as pain killers and gives your blood circulation a boost. Not to mention it relaxes blood vessels and keeps a person from being angry--a significant predictor of heart disease. "The higher you score on anger and hostility, the greater the likely hood you'll have a heart attack," says Dr. David Fein, medical director at Princeton Longevity Center in New Jersey.

13) Lose Weight

For people who are overweight or obese, life is a ticking time bomb. They have increased risk of heart disease and several types of cancer, along with higher risk of developing Type 2 diabetes--a condition that is becoming an epidemic in the U.S. "The real way to lose weight is to cut back on food intake," says Dr. David Fein, Medical Director at Princeton Longevity Center in New Jersey. "People are under the impression that they can exercise weight off, but exercise is a means to maintain weight.

14) Manage Stress

Everyone has stress to a certain degree, but not everyone knows how to manage it. The key is to recognize what the big factors are in your life and how to mitigate them. Constant stress produces high levels of cortisol, which has been shown to impair cognitive functioning and weaken the immune system. "I think stress kills more people than just about anything else," says Dr. David Fein, medical Director at Princeton Longevity Center in New Jersey.

15) Meditate

According to Dr. Woodson Merrell of Beth Israel Hospital in New York City, the most powerful healing tool for stress and prolonged life is meditation. It clears the mind of thought and lets a person concentrate on tranquility. Fifteen minutes of meditation has been shown to produce a much more relaxed state of mind than one hour of the deepest sleep. Even starting the day with just two minutes of meditation can be beneficial. Sit with your spine erect and try to quiet your thoughts; it may help to concentrate on one word.

Get Forbes Magazine - Save $64 + Free Gift

Subscribe Via RSS

I got .text Blogging Software Working. Here's how.

Well, I finally got .Text to work. I had to make some changes to the code to get it to let me do a few things on the backend. I also relieve heavily on internet archive. Web Archive of Scott Water's Dottext InstallationWalkThrough11

I'll cache the steps here so others can figure out how to set it up: (incase it dissappears from the web)

---

Before you get going, you have to make one choice. Will you be hosting a single blog or multiple blogs?

OK, now that choice has been made. We will walk through the basic steps.

1. Unzip the files somewhere on your local directory
2. Create a new web application (virtual directory or site) pointing to your directory (the DottextWeb folder) *
3. Create a new SQL Server Database (you can also use an existing DB, all .Text objects start with blog_, so it should play nice)
4. Run the full database setup script (found at data\FullDBSetup.sql for binary installs and data\Dottext_095_FullDB.sql for source code installs)
5. Configure you web.config: See BasicConfiguration

To make this step a little easier, I included 4 sample web.config files in both downloads (in the config folder and otherstuff project). These are preconfigured for basic setups. Each file contains a description of what needs to be deleted at the top. Please make sure you deleted the comments once you have made your changes.

6. Add new blogs (I recommend using DottextHelper)

7. If using a multiple blog setup (community site), you need to decide if you will need to make an additional decison: How do you want to add blog directories?

• Option1 Folder/Directory setup. For each new blog you create, you will need create a folder (same directory as the code) with the same name as the blog and with an empty default.aspx file. ASP.Net will not handle non-asp.net requests by default. Since the requested blog exists in a folder does not exist, without the default file, asp.net will never know about your request.
• Option2 If you want to elminate the need to create the blog folders and default files, you can tell IIS to pass along all requests to the aspnet_isapi.dll. To accomplish this you will need IIS access. For Windows 2000 and Windows 2003 instructions see this article: [Wildcard] Mapping all requests to asp.net is a powerful feature, but it does not come without issues. See WildCardIssues for more details.

Other helpful links

.Text relies on two primary values from you database for each blog: Host and Application See HostApplication for help with this.

* If you are installing the source, the virtual directory should be called DottextWeb

Possible Issues:

Step 4 from source. FullDbErrorMessages

---

A few comments... you dont have to call the virtual directory DottextWeb if you are installing the source. (At least I didn't have to)
The Dottexthelper is a command line utility in the Source Zip. I include the source Zip here incase that also goes away.

You can download DotText .95 Here (1.3M)

Original Download Source

Subscribe Via RSS

IRC Overlay and Radio Player for Full Screen DirectX Games

Why is this cool? It overlays IRC and an Internet Radio on top of your full screen DirectX Game. This mean people that don't have 4 monitors and 8 computers can still participate in online radio events and chat game/server wide in IRC channels without having to run in window mode or keep an eye on a seperate window.
No DJ logged into your current game? No problem..send the request via IRC :) Want to know where things are happening before you hear it on air? Watch the IRC. Want to be able to say things in games that the chat is heavily monitored?...

Demo Video at the Bottom of the Page

Here is what it does.
-It connect to the server here to verify the version number (if you don't have the right version, it won't run till you get the right version)
-It creates a window that will be on top of your video games/screen (the fancy word for it is "overlay")
-Then it downloads online radio stations, their IRC Channels and tiny images for buttons
-Once all this is done you will see a few buttons along the bottom. You click on the button and it tunes in to that radio station and connects to their IRC Channel.

Other things of note:
-The tiny Plus and Minus are for volume control
-This version does not save any user settings
-Ctrl+Alt+Shift+O will make it reappear after you hide it. (You can also use that key combination to hide it)
-The X (top right) will hide the overlay, but will not unload the program from memory. You will need to use the Icon in the Tray by your clock to do that.
-The \/ (Top Left) makes the main text area transparent.
-Can only connect to one server and channel at a time.
-You can drag it around bu clicking on the title bar and dragging it
-It requires .NET 1.1 mainly because I wanted to see what would be needed to code the overlay in .NET. I coded the test versions in VC7 and then in VB6--Maybe I'll release that code so others can play around with it.

Things To Do:
-Universal Support...(it seems to work fine on RADEON gfx cards but not Nvidia...)
-Handle IRC color command (probably just strip them out?)
-Create an Installer.
-Make the scroll arrows work.
-A better interface for multiple IRC servers/channels
-Allow resizing the window
-Testing, Testing and Testing
-Public Skins Interface?
-Interface for selecting user radio and irc channels (so you can listen/connect to something besides what is on the server here)
-Highlight the buttons when you move the mouse over them.

If you want your online radio station to show up in the buttons you need to send me:
1) A png image exactly 10 pixels tall. Keep the width reasonable.
2) Your IRC server/channel
3) A Windows Media Player compatable URL for tuning in
4) An email with 1-3 to john[at]johnhasson.com -- no promises that it will be put in there.

Have you read all that?
Requirements:
1) .NET 1.1
2) Probably The Latest Version of DirectX
3) A Graphics card that can handle my overlay code.
Update - So far the only reported successes have been with RADEON cards

I am not responsible for dataloss, errors, floods, earthquakes or migratory pattern changes due to this applicaiton.
By downloading and running this you understand that you do so at your own risk.

Download latest beta here 128k zip -last updated 5/2 2:31 PM MST

Send crash reports to john[at]johnhasson.com Subject Line: Overlay Crash and then give as much detail as you can. Short and useless crash messages are subject to mockery and posting on the internet.

I'll be watching for comments and offering support in the following places:
Subnova - Post comments
Thread in Rumbaar's Matrix Forum
#subnova IRC Room
#siradio IRC Room
The email address above. Put something about the overlay in the subject line.

Supported Commands

/join	/join #subnova This will leave your current channel (if you are in one) and you will join the specified channel
/leave	/leave This will leave your current channel
/play	/play http://www.siradio.fm This will tune the internet radio station into the specified URL /play This will start playing the last radio station selected (either by clicking on one of the buttons or manually entering the url as above)
/stop	/stop This stops the radio from playing (useful for when you just want it quiet for a minute)
/me	/me jumps for joy. This will show you jumping for joy in the IRC channel you are in
/server	/server irc.subnova.com This will disconnect you from your current IRC server (if you are connected) and connect you to the default IRC port on the specified server /server irc.subnova.com:6667 This will disconnect you from your current IRC server (if you are connected) and connect you to the default specified IRC port on the specified server /server irc.subnova.com/subnova This will disconnect you from your current IRC server (if you are connected) and connect you to the default IRC port on the specified server It ALSO will join you to the #subnova channel once you have connected /server irc.subnova.com:6667/subnova This will disconnect you from your current IRC server (if you are connected) and connect you to the default specified IRC port on the specified server It ALSO will join you to the #subnova channel once you have connected
/nick	/nick TasteeWheat This will change your nickname to the specified name if it is available
/msg	/msg Username Message This sends a private message to the username
BUTTONS	Click one of these buttons. It will Tune into that radio station and connect to their IRC Channel.

WMV Download Link Video is 9.9M

Subscribe Via RSS

Old Links for Matrix Report from the MatrixOnline Game

If you were redirected from matrixreport.com.

You can get to the old content here
The Final Event for TasteeWheat re-entering the matrix: http://matrixreport.com/event.aspx

All the old stuff on matrixreport.com:
http://matrixreport.com/oldhome.aspx

Seyella's Blog after re-entry:
http://seyella.blogspot.com

Subscribe Via RSS