How to destroy an analyst firm from inside

by Volker Weber

  1. You publish a biased report.
  2. Your report is shred to pieces.
  3. You "anonymously" post comments from your company's IP address.
  4. You send intimidating emails from the same IP address.
  5. You get caught by simple triangulation of your IP address.
  6. You continue to post anonymous comments, this time from a second IP address.
  7. You get caught again.
  8. You apply the same trick and leave an even wider trail by sending more intimidating email "anonymously".
  9. You intimidate the wrong person.
  10. Grande finale.

If you or your boss has received intimidating email concerning this incident, I want to have it. I need the full message, including the full SMTP header. If you want to send that mail encrypted, please leave a note and I will send you a signed message, so you can reply via X.509 mail.

If you don't know what I am talking about, just ignore this message.


I love it when you put your detective hat on vowe ;o)

Ben Poole, 2004-08-02

The Sherlock Holmes' style does not really fit me. The best I can come up with would be the Tilley Hat. :-)

Volker Weber, 2004-08-02

not into pipe smoking? ;)

john head, 2004-08-02

As long as you're investigating, perhaps it would be worth trying to find out where the good doctor got her PhD? This is usually something worth trumpeting, but I have been able to find ZERO references to it.

Nathan T. Freeman, 2004-08-02

Remind me never to get on your bad side....

Chris Melikian, 2004-08-02

Nathan, no, I am not interested in that. I am not trying to destroy anyone. I am interested in the dirty tactics.

Volker Weber, 2004-08-02

Interesting. From your mails I have established exactly TWO addresses that they are all originating from. Both addresses are in the same block. One of them is known to belong to the analyst firm. The other one is currently unknown but also all over the place. The sender is unaware of the fact that anonymous webmail leaves a trail to him.

Now all we need is someone working for SBC (PacBell) to turn that into a street address.

Volker Weber, 2004-08-03

You have peaked my curiosity as I have not received any intimidating e-mails.

In your response to Nathan, you said that "I am not trying to destroy anyone. I am interested in the dirty tactics." I do not think it is as simple as that. None of us are trying to destroy a person (at least I hope not). We are learning more and more each day that questions the credibility of this company, a company which by name is tied to the principal. I have finished reading the IBM response and the blatant contradictions in the various reports. So I wonder what research methodology was employed. The training, education and background of the company principal, who says they are "Editor-In-Chief" is a key component.

Christopher Byrne, 2004-08-03

Sorry, but political correctness not to disclosure names of anonymous postings on all those blogs and anonymous mails makes you happy as you are probably able to track back who it is. Some of your readers share this information with you and will know but it is a little bit boring for all others just to get half of the story...

..i don´t think the postings on Eds 74 comments thread and final publishing of a name did not destroy somebody but showed us all how all that fits together. Please keep us informed. And one more point: What about "destroying" people if you read Bruce Elgorts entry from yesterday. Somebody is obviously trying to destroy him, or am i wrong? Stop those people if you can !

Huptus, 2004-08-03

I can confirm now that we have two IP addresses, that all anonymous postings and intimidating emails originated from. The first one is used by the Internet access router of said firm. The other one is

It is a permanent IP address attached to an ADSL line and is in the same address space as the access router of said firm.

On July 29 there was a mail account registered on Yahoo and subsequently used from this address to send those emails. It has also been used for the comments in question.

If you are able to attach a proper name and street address to it, let me know by mail. I also ask you to filter a) your web server log file and b) your email communication. Watch out for the SMTP headers that say "Received from". It would be interesting to learn when this address hit your server for the first time, and also at what time of the day it was used.

Volker Weber, 2004-08-03

I am constantly amazed at how stupid "smart" people can be.

What I do like is that if you're going to do something (stupid) on the web, you better be ready to take responsibility for it, especially with on the job.

Tony S Lee, 2004-08-03

Old archive pages

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.


Paypal vowe