Yes it is. And also, all the other times. This has nothing to do with any vulnerability in curl, just that someone might have used curl to script requests. You might as well attack the HTTP protocol.
When you get messages like this, sometimes you end up taking it differently to how it appears as a third party. Any threat of violence online can be interpreted as a joke, it's not easy to tell the difference sometimes and it's harder when you're on the receiving end of it.
If you're looking for ways to be charitable, I found this (and this similar Tim Ferris post[0]) to be eye-opening view into the range of noise that people with large social wakes deal with. It's a small slice of empathy that I (and possibly others) would have lacked otherwise that makes me more understanding in interactions with folks like OSS maintainers, corporate governance, etc.
I agree, there was no need to include names in the article.
This feels to me like a person with some sort of mental illness or breakdown and delusions of grandeur and persecution. Their explanation doesn't make much sense. If I were Daniel, I wouldn't respond any further.
Yeah, I agree. In his place, I either would have done nothing, or, maybe made a police report (not that I'd expect the police to actually do anything at this stage). Generally speaking, the less you antagonize someone whose first exchange with you is "I will slaughter you," the better, IMO.
> maybe made a police report (not that I'd expect the police to actually do anything at this stage).
Indeed. But one shouldn't underestimate the chance that this wouldn't be the first report about this person. Lots of similar reports like this may actually cause them to do something.
I agree, in the sense that someone who has done something of this nature is more likely to have done such a thing in the past. However, in this case, the victim is someone who is being targeted through his email address, which is embedded in open source software that's contained in gazillions of systems worldwide. That makes it significantly less likely that whomever he would report this to would have gotten another report about this particular individual.
I once tried to have a conversation with a women who tried to drive me and my bicycle off the bus lane (where she shouldn't be driving in the first place); and shouted "fuck off you pissy little cunt" to me. For some reason I thought that if I explained my perspective, she would understand.
It ended up with a broken back wheel (she kicked it) and a damaged phone (she took it out of my hand when I wanted to take a picture of the license plate and threw it on the ground).
She was clearly unhinged, but I was stupid as well. I should of just let it go; no one who starts a social interaction with "pissy little cunt" is likely to be calmed down by reason. You have nothing to gain from trying, and much to potentially lose.
A sad sentiment of giving up, but I think it is premature to abandon your approach. I think it may be worth trying for that small-ish fraction (call it 10%?) of people who can be talked back from their anger. Those are good conversations to have for both parties, and worth trying to have, even if it results in failure 90% of the time.
That said, I think the real lesson for you is: don't make yourself more vulnerable (e.g. letting her touch you or your stuff) if you decide to try to start a conversation!
It also points to a theory I've been considering about personhood, and how people like your driver lady is in a mindstate where, in her mind, you're not a person. It's a very, very dangerous situation, because if they don't think you're a person, then there is nothing immoral about saying or doing anything to you, including violence.
> I think the real lesson for you is: don't make yourself more vulnerable (e.g. letting her touch you or your stuff) if you decide to try to start a conversation!
I didn't "let" her, she just did it.
I know you mean well and that you probably didn't intend it like this, but this comment comes off as victim blaming quite a bit.
As for the rest: thus far I've never managed to talk random strangers down from these kind of rages; but maybe I just don't have the charm shrug Last time I tried was with my neighbour and he ended up calling the police three times over a four-day period on me. My crime? I kindly asked him to not play his music so loudly all day long at the start of the lockdown (especially at 7am) and not backing down when he tried to shout me away. I had "invaded his home" by knocking on his front door... This isn't a fit of anger, some people are just like this.
Yeah, had a neighbour lady like this recently. She was always closing her doors VERY loudly (lamps in my aartment were ringing) and when there was some argument with another neighbour, she eventually said that it was I who started banging doors. My best comparison for arguing with such people is like playing chess with pidgeon. It will throw off pieces, shit on board and be happy that it won. And you will be appaled that it didn't follow any rules, angry maybe, but is there any use to all that arguing? They will bring you down emotionally and then you only argue to have a feeling of winning. No meritoric discussion whatsoever. In such situations, just remember, that arguing with them will NOT have any utility or lasting value, it will just waste your time and mental health.
I've recently had an interaction of similar character with a neighbor in my very small apartment building, including, oddly, a door slamming component. We had had an interaction a few weeks prior that just went sideways, which caused this woman to slam her door every time I would walk past it. Since walking past her door is not optional if I want to leave my apartment (small apartment building, remember?), and this door slamming tended to startle my dog, I asked her to stop.
Because the earlier interaction I mentioned went sideways (including, among other things, her literally getting within 4 inches of my face while she was not wearing a mask), I decided to video record this most recent interaction on my phone so I would have evidence if anything went wrong that I could take to the landlord. I knew this would create an inherently more antagonistic vibe, but I felt like I had no choice after the prior incident.
Let's just say this interaction also went bad, culminating in a very minor physical assault (I was not injured -- she slapped the hand I was holding my phone in, because she did not like the fact I was recording), and a restraining order.
End of story, right?
Wrong. That restraining order, it was taken out by her against me. Her petition filing is literally nothing but gaslighting trying to paint me as the aggressor when I literally have video evidence to the contrary.
Unfortunately, due to COVID shenanigans, the court date was delayed a couple of times, and I ended up not being served notice of the actual hearing, which means I lost in a default judgement. I filed a motion to terminate her restraining order and a counter petition of my own, both of which I am currently waiting on a hearing for.
And, like your situation, because it was a neighbor, and because I have to walk past her door to get to and from my apartment, I simply don't have the choice to not interact with this person. Basically anything I could have done would be a lose / lose. Rock, meet hard place, I guess. Le sigh.
I am not blaming you. I am trying to point out places where you could have reduced the chance of being harmed. In particular, when she approached you and came within arms length, you could have put away your phone. Next time, I hope you do. That is NOT the same as saying it was your fault she destroyed it. It is her fault. My advice is based on the sad truth that the cost of getting justice >> the cost of buying a new phone, so I'm saying: when confronted with an angry person, put your valuables away, because getting them to actually replace that item will be more pain than the initial damaging interaction.
As for your neighbor, yes, it sounds like he's a crazy person. And the lockdown has taken even moderately crazy people and pushed them over the edge!
My guess would be that you're too peaceful and it shows.
There are some people who will try to bully their way through life. They will apply violent behavior (e.g. breaking your phone) to get their way. The way to stop that is to make it clear that you can apply violence, too.
Most of society works by peacefully interacting with each other. But it is crucial that everyone knows that there is a threat of violence (e.g. the police) to keep everyday life peaceful.
I wonder if I am just imagining it, but I took martial arts lessons as a kid. I've always felt like just the knowledge that I could fight has caused others to deescalate and be respectful.
Well that only works with people that are not afraid of fighting you and possibly winning against you - and there's always somebody that's better trained and/or stronger then you.
When you encounter that kind of person, if you challenge them, they will step up and fight you, because they will feel they have no other choice. Reasons could range from pride, (imagined) loss of (self) respect to just being aggressive bullies that enjoy hurting other people.
Of course if you're 6'7'' and 240 lbs not a lot of people would want to start arguing with you in the first place.
>A sad sentiment of giving up, but I think it is premature to abandon your approach. I think it may be worth trying for that small-ish fraction (call it 10%?) of people who can be talked back from their anger. Those are good conversations to have for both parties, and worth trying to have, even if it results in failure 90% of the time.
Please do not give terrible advice that will kill people.
It's tautologically true that for any X, if you don't try to do X, you won't succeed. But, you also have to weigh whatever good may come of success against the probability and potential consequences of failure. In cases like these, you're by definition dealing with someone who is a little off mentally, whether that's just a temporary condition (e.g. having a bad day), or serious mental illness. Such people can tend to be unpredictable as a result, which is dangerous in its own way.
So, yes, I agree with you somewhat, but I think the balance of consequences tends to favor not acting in cases like this rather than attempting to do anything.
> ...and shouted "fuck off you pissy little cunt" to me.
There's a name for this incident - "road rage". Very real and dangerous indeed.
People get completely irrational and agitated. Probably due to effect of being locked up, in a way, non-free inside their cars.
When I'm biking, at times I too get mad at some careless and obnoxious drivers encroaching my freedom, I guess they may be finding me just as annoying for simply missing the fatter wheels and a comparable scale on the shared road. Irrational!
As cyclists we are literally more exposed on the road. So whenever such inevitable bout of irrational fury pops, I find the safest option for myself is to steam-off using similar vocabulary. It's more efficient than reasoning with the unreasonable.
Just to be even safer, I'd let the offending four-wheeled furia be gone before naming the whole piece of that motorized content in precisely spoken choice of words...
Moving to NYC couple of years ago I learned the best way to deal with those type of people is to let go and move on.
It really isn't worth wasting your time and energy on those people, because they will just ruin your day. Best case scenario you feel better for couple of minutes and then you forget about it. Worst case you end up dead, in jail or worse.
Publishing the emails is copyright infringement; I don't think it's any other crime. And good luck trying to get someone for copyright infringement when you're threatening them with “slaughter”.
Yeah, I agree. There's probably not much they can do about it (and the individual will probably not end up taking any action), but in case he does, it's nice to have a police record of it all.
Sounds like someone who's developed a prototype which they had grand plans of selling for billions, which then got easily hacked because they don't understand security
The $15k figure implies that's either a bill the hackers ran up on an AWS instance or what they valued their development at
Edit: The blackmail line sounds like a ransomware attack
I disagree. I think this person may not have necessarily programmed anything serious before in their life. Or if they have, probably not a defense project.
If you read the follow-up emails - and apologies for the armchair psychiatry - I think this person is very likely in a psychotic state. Their messages sound very similar to what you find in the "BadBIOS" and other "gangstalking" communities. It's not really tethered to reality.
I think it's extremely likely the author is not a troll and possesses a sincere and high-confidence belief that powerful entities are tracking and persecuting him and that backdoors in lots of software, including curl, were placed by sinister organizations and used to facilitate spying on and attacking him. The software is perceived as a WMD or pathogen partly responsible for this incursion into his life and the damage he thinks has resulted. He's mad because he thinks Daniel is like the mayor of Flint, MI: the water is poisoning people and he's doing absolutely nothing about it. Of course you'd be angry!
This is why it's generally best to not reply to messages as extreme as these. Daniel will never be able to convince him he isn't actually the metaphorical Flint mayor. You just get sucked into a world that's very real to them and not real to you or almost anyone else. It's not possible and not a good idea to try to reason with someone like that.
>walked around my house for a few minutes to cool off
>it hurt me deep in my soul
>you don’t deserve my code
Grow a pair. This would be pathetic enough for a grown man to think or say in private, let alone sook about on a public blog for the world to see.
And it all seems like a thinly veiled excuse to boast about how popular his code is. I'm sorry that there aren't public parades to celebrate your unparalleled genius, your majesty.
Don’t want to delve into any accusatory territory, but I’ve seen several new accounts with names following a similar pattern that post such material and dip.
Not by choice. I'm usually auto-flagged/shadow-banned/banned after one or two comments, so I make a new account to join the discussion when necessary. I would prefer to use the same account but it's out of my hands.
The mod warned me that using a new name each time could be interpreted as deceptive so I've been using the same name (with an incremented suffix) for a little while now to not obscure my identity.
> I'm usually auto-flagged/shadow-banned/banned after one or two comments,
Maybe there is a reason? I had my comments downvoted, but thinking about this, it was deserved, those comments were really not constructive and severely lacking in empathy. No one normal likes reading such things and HN is a place where it matters. It's not a place to just vent.
No one 'normal' in my world would like most of the popular comments here (except to laugh at them). That's subjective.
I don't believe that I should be excluded from participating in good faith because of my race or political views. HN should be a place that welcomes diversity of thought, be it from a BLM activist or a White nationalist.
People are welcome to hit the disagree button. I don't care about that. I don't even mind much if I'm brash and the comment is flagged, as above.
I do care when my civil comments are flagged for wrongthink, and I do care when they are immediately censored. Then it's time for a new account.
The general demeanor of that person, some of the lingo used like "rooting" or "federal server hijacking", the fact that in the screenshot he's using some text editor with ads in it to browse the offending code combined with the fact that he doesn't know what Curl is (if he did he wouldn't have sent this e-mail) screams "script kiddie" to me.
I'm not sure whether this person is actually responsible for a multi-million dollar defense project, but if he really was, it's probably a good thing he lost the deal because I definitely don't want that kind of person managing such a project.
I agree; this seems like someone with so little technical ability, that I wouldn't be surprised if he did manage to talk someone into a buying a multi million dollar defense project he could not deliver...
> I lost my family, my country my friends, my home and 6 years of work trying to build a better place for posterity.
I get loosing your family / home / friends, but a country? Where did that go?
This sounds like the result of unscrupulous "boot camps" that are common in countries like India - people are told if they sign up and pay $life_savings they can become a programmer and be hired by "The US Government" or other companies for enormous amounts of money.
A mundane class is offered with impractical advice and they're left with no money, little skills, and spamming the internet trying to get "their contract" - and if it doesn't materialize and they go back to the boot camp to complain the scammers blame it on "curl" - see the haxx.se domain? Clearly a hax0r ruined your chance at a better life.
I am pretty sure they are not even a script kiddie... they are just a fairly immature troll.
Not sure what caused the original email, but the reply is just a copy/paste of various unrelated things and security incidents that the person Googled without even understanding enough about them to form a comprehensible narrative.
Which tells me they are simply trying to get a rise out of someone.
The way the grammar is constructed I would not be surprised if this came from a pre-teen.
A better analogy is a screwdriver. He made a screwdriver. Screwdrivers have millions of legitimate and essential uses. How would you build anything without one? But a criminal could also use the screwdriver to open stuff he's not supposed to. Blaming the screwdriver manufacturer for that is pointless.
I've been in the government contracting space for about six months but those emails look to me to be about the level of competency I'm seeing with many of my colleagues. Spaghetti code with no unit tests and nobody knows how to use a debugger let alone a profiler. Getting irrationally mad at open source devs for making changes as if they were supposed keep the Jira tickets they were working on in mind specifically. Lack of ownership. Finger pointing. This looks quite real to me.
Trolls prefer to use public fora in order to upset the greatest number of people possible. They don't target individuals through private correspondence.
My bet is on GPT-2 (GPT-3 would probably generate better text). This whole reply just isn't coherent (first it's a defence contract, then it's learning software for kids?).
So either AI generated or someone with some mental illness.
Gov contracting is an ecosystem on its own and those that figure out the bureaucratic hoops can survive a long time without needed much technical knowledge. Some of those individuals lose touch with what is going on outside of the defense industrial base.
It might be he did, or was planning to do, a bid on a government project that wouldn't have stood a chance in hell, but he already imagined he was going to win that bid. And then stuff happened and he felt cheated out of his chance.
We are dealing with a person with mental illness, because nothing is coherent. It's all made up. That's why you don't answer that kind of mail, the goal is to trigger a reaction from you.
I think its the opposite, I think its an unqualified contractor writing code he doesn't understand for complex systems and was subsequently hacked. I see this a lot with people bidding on contracts then hiring staff/developers after it's awarded to duct tape a system together that barely works and is full of holes.
I'm personally not very well-known, but I work for someone who is, and on a project that gets quite a lot of attention because of it. It's surprisingly common that people show up with extraordinary and incoherent stories. Given the author's name and email address are plastered all over, it is not surprising that such people would find him too.
This. The world is full of incompetent people winging it, and the competent ones are busy putting out the fires they left behind. It takes 3000 years to build a Ming-vase, but only a kid playing soccer to destroy it.
Making a mess is a low effort endeavour.
Cleaning it up, might as well be 1/99 of your lifetime. Tech projects are asymmetric warfare between the business side supporting the "cheapest" project approach and engineers allowed to clean it up properly only after the sunken cost fallacy trapped the clueless.
This is the sort of magical thinking that can be a symptom of paranoia, the unfortunate combination of extreme anxiety and a disengagement from realistic thinking. The person clearly does not know what Curl does and simply lashed out like a wounded animal at the first thing that caught his attention.
> - a solid (but wildly misplaced) basis in reality
can you explain this more ? I recognize some traits of these in me and siblings but we're not on meth at all.. so I find the psychological flaws interesting.
You bet, and thanks for your condolences. In short, almost certainly this doesn't apply to you.
The pattern is that in these scenarios, usually the people are quite intelligent and often accomplished. This gives them a repository of valid phrases and concepts to draw upon to breath legitimacy into their boogeymen. The evidence they present, however, is completely benign. That person, however, has quite the story they think is proven. It's literally as if they're showing you a basic electronic device w/ the cover removed and that proves all sorts of maliciousness.
Attempting to argue back is completely ineffective and even if you "win" one point, they'll quickly shift to another and nothing sticks, especially not the next time you talk to them.
I wouldn't even remotely compare this to more commonly contested topics like differing religious/political/social views, even at the extreme. This involves a visceral fear that >you< are actively being attacked, not some nefarious, shadow with a grand plan.
In my experience... a characteristic of this type of condition is a tendency for the brain to make connections too eagerly, and to jump to conclusions. His computer did something weird, therefore it must have been hacked. He heard about the Solarwinds breach in the news, therefore it must be related. He opened some files and saw Daniel's name, therefore he must be responsible. And so on.
It really is what my father does. We're very analytical in his side of the family. We're also prone to narrow view when we have 'attacks' we make huge amounts of logical connections that explains (or try to) what we suppose is happening and it's near impossible to deal with us until the storm is over. A kind of paranoid burst. Maybe not to the extent of your friend but from your words it's really similar.
Have you ever spoken to a professional? Even if you don't feel like anything is wrong, it can be a good to know yourself better. And if anything, potentially face an aspect of yourself that may otherwise surprise you later in life.
I have a very clear idea of what spectrum we're talking about here, but maybe it's better left unspecified to not influence too much (:
Have you ever sat down and had a long, and deep conversation with someone suffering from severe paranoid schizophrenia after they've experienced a psychotic break?
I assure you, you will quickly understand the difference.
Especially if that someone is your previously un-diagnosed friend and business partner.
Bingo! It reads very similar to the GitHub repo of an insane person that was posted here about a year ago. The one where I think he/she talks of special agents and has a bunch of random files with random stuff in them.
Some context: Daniel is the primary maintainer of curl (the ubiquitous utility and library for HTTP requests) [1]
His name often shows up in the licensing disclosures/attributions of applications that include curl.
The general opaqueness of modern software leads people to latch onto him and his email for all manner of things, and for non developers to attribute to him all sorts of bad motives ("You hacked me!").
This is especially unfortunate as Daniel has been such a genuinely positive and helpful face to a popular open source project. I feel awful that his generosity gets repaid with this kind of crap.
That's the exact reason why I don't leave my real information anywhere on public web. Or at least try not to.
Weird that people spend each day on Facebook and Reddit among unhinged bozos, and still fail to realize how it might not be the best idea to spam their name and location on the web for all to see.
> This is especially unfortunate as Daniel has been such a genuinely positive and helpful face to a popular open source project.
I can't agree more, Daniel is one of the friendliest approachable maintainers out there. Several times he takes time to answer menial questions and is friendly about it. I recommend the curl mailing list if you work with it in any manner as for you will learn a lot from other people.
I wonder if Daniel would have received less unwanted correspondence if he had set up some kind of a foundation/shell for curl's IP from an early stage.
For other coming here who didn't immediately get the joke either. The kiddies attacking the sender were using curl to steal data, it wasn't an exploit in curl itself.
The is the equivalent of sending death threats to the car company that manufactured the car that the robbers used to get away in after robbing your bank.
I'm not a psychiatrist, but it seems that this person has some severe psychotic disorder. The whole thing reads like a cheap knockoff of "A Beautiful Mind".
It doesn't read like that to me. It reads like someone who's an arsehole who had grand plans of their prototype being sold for billions and likely getting hacked for having no security knowledge
Seems like a death threat from an icloud.com address. Chances are the real name and location of the sender is available to the authorities (with consent by a judge) from Apple.
Relatedly, someone on the blog posted a comment that it might be more effective to report him to Apple than to turn a credible death threat over to law enforcement! Comments here seem acknowledge that he's delusional, but he may very well have lost a huge contract. He claims he's lost family, friends, house, and can't go back to his home country. What would Apple's move be? To lock him out without warning or due process of any sort. I don't know about any of you, but I KNOW how devastating it would be to suddenly be locked out of MY iCloud account. Do we really think that getting Apple to deplatform him will somehow assuage his stated murderous intent?! What kind of cyberpunk megacorp police state future are we advocating for here? No, the answer is to report this to local LEO and the FBI, let THEM deal with Apple to get his details, and handle whatever comes next.
I wonder what the market is for a sort of super-it lawyer service, that affords the protections of legal counsel in order to secure your data across multiple platforms and protect you from deplatforming as you describe, where they can take YOUR data, and is protected by legal counsel so that it generally can't be deplatformed by governmental entities.
Encryption has a sort of brutal effectiveness at doing this if you distribute copies of your data, but it is hard to maintain and has exposure in extreme events with your health.
Encryption + distributed data + legal protections from counsel could be an offering. It might be a "big fish" service though.
I've seen the theme of "maintainer of popular open source product is threatened by person who doesn't understand it's just a component" show up a few times, but when I think about it most those times have been related to curl specifically. Maybe it's because of the domain haxx.se? Or maybe Daniel just writes about it a lot? Does this kind of thing happen so regularly to others?
It’s because curl and libcurl are used virtually everywhere, and clearly identified. This means in any problematic or malicious device or software, odds are good the first clearly identifiable thing you’ll find are references to curl.
Though the domain probably doesn’t help with the association. If you got hacked and the first clear string you find is “haxx.se” it’s not a big leap to interpret it as a taunt.
I'm guessing it is because people who create these hacking tools often need to do HTTP requests, so they just copy in libcurl source and before you know it Daniel's name is associated with all these tools and attacks.
Judging by what transpired and how the other person behaves, it sounds like he got what he deserved. Such a rotten personality shouldn't be allowed around people, let alone computers.
Daniel was probably warned by many not to respond a second time, or maybe he thinks that this emailer is a crank who isn't worth responding to, but I kinda wish he would. The emailer is either experiencing the effects of curl exploits, and doing a bad job of explaining it, or is very confused about the role curl plays in exploits in general. I'm not willing to assume the latter, although I think that's the assumption most are making here.
I agree: it's a good way to handle angry people by taking it in a soft tone and explaining; it may have a positive impact on the person because someone cares, and if the person was just angry at the moment it may also help them learn something. I often tend to take some time to respond to such kind of angry messages though, you really need to make an effort on yourself to get back to a "kind" state of mind for it to work.
Yeah I think a reply ignoring the threat and just explaining what Curl is would be the best approach here.
Either the person is just a crank and in that case no harm done, or the person has legitimately been affected by an exploit and at the very least it will inform them of what actually happened and how Curl isn't to blame at all.
'man curl' lists Daniel. I think morons that don't know what curl is only see the 'haxx.se' domain and think it's some hacker.. it's sad a person who's written a tool used by so many people and systems everyday has to deal with nonsense like this.
The thing that confuses me about that faulty line of thinking is why would a hacker include a license under their name with the software they use to hack you? What sort of gentleman hacker would follow this legal procedure in the process of illegally compromising your machine? It would be as if a burgler stole all of your stuff but left you a contract so you could legally give them ownership. I just don't understand the reasoning.
264 comments
[ 2.7 ms ] story [ 258 ms ] threadDaniel is clearly smart, but he's not thinking big enough. This is practically inter-galactic.
Either it's scary and get law enforcement involved or it's not and we're gawking and laughing at someone at their worst moment.
In an attempt to take this post at its most charitable I agree, it fucking sucks there's not enough focus on mental health in the world.
I agree, there was no need to include names in the article.
[0] https://tim.blog/2020/02/02/reasons-to-not-become-famous/
Indeed. But one shouldn't underestimate the chance that this wouldn't be the first report about this person. Lots of similar reports like this may actually cause them to do something.
It ended up with a broken back wheel (she kicked it) and a damaged phone (she took it out of my hand when I wanted to take a picture of the license plate and threw it on the ground).
She was clearly unhinged, but I was stupid as well. I should of just let it go; no one who starts a social interaction with "pissy little cunt" is likely to be calmed down by reason. You have nothing to gain from trying, and much to potentially lose.
That said, I think the real lesson for you is: don't make yourself more vulnerable (e.g. letting her touch you or your stuff) if you decide to try to start a conversation!
It also points to a theory I've been considering about personhood, and how people like your driver lady is in a mindstate where, in her mind, you're not a person. It's a very, very dangerous situation, because if they don't think you're a person, then there is nothing immoral about saying or doing anything to you, including violence.
I didn't "let" her, she just did it.
I know you mean well and that you probably didn't intend it like this, but this comment comes off as victim blaming quite a bit.
As for the rest: thus far I've never managed to talk random strangers down from these kind of rages; but maybe I just don't have the charm shrug Last time I tried was with my neighbour and he ended up calling the police three times over a four-day period on me. My crime? I kindly asked him to not play his music so loudly all day long at the start of the lockdown (especially at 7am) and not backing down when he tried to shout me away. I had "invaded his home" by knocking on his front door... This isn't a fit of anger, some people are just like this.
Because the earlier interaction I mentioned went sideways (including, among other things, her literally getting within 4 inches of my face while she was not wearing a mask), I decided to video record this most recent interaction on my phone so I would have evidence if anything went wrong that I could take to the landlord. I knew this would create an inherently more antagonistic vibe, but I felt like I had no choice after the prior incident.
Let's just say this interaction also went bad, culminating in a very minor physical assault (I was not injured -- she slapped the hand I was holding my phone in, because she did not like the fact I was recording), and a restraining order.
End of story, right?
Wrong. That restraining order, it was taken out by her against me. Her petition filing is literally nothing but gaslighting trying to paint me as the aggressor when I literally have video evidence to the contrary.
Unfortunately, due to COVID shenanigans, the court date was delayed a couple of times, and I ended up not being served notice of the actual hearing, which means I lost in a default judgement. I filed a motion to terminate her restraining order and a counter petition of my own, both of which I am currently waiting on a hearing for.
And, like your situation, because it was a neighbor, and because I have to walk past her door to get to and from my apartment, I simply don't have the choice to not interact with this person. Basically anything I could have done would be a lose / lose. Rock, meet hard place, I guess. Le sigh.
As for your neighbor, yes, it sounds like he's a crazy person. And the lockdown has taken even moderately crazy people and pushed them over the edge!
There are some people who will try to bully their way through life. They will apply violent behavior (e.g. breaking your phone) to get their way. The way to stop that is to make it clear that you can apply violence, too.
Most of society works by peacefully interacting with each other. But it is crucial that everyone knows that there is a threat of violence (e.g. the police) to keep everyday life peaceful.
I wonder if I am just imagining it, but I took martial arts lessons as a kid. I've always felt like just the knowledge that I could fight has caused others to deescalate and be respectful.
Please do not give terrible advice that will kill people.
So, yes, I agree with you somewhat, but I think the balance of consequences tends to favor not acting in cases like this rather than attempting to do anything.
There's a name for this incident - "road rage". Very real and dangerous indeed.
People get completely irrational and agitated. Probably due to effect of being locked up, in a way, non-free inside their cars.
When I'm biking, at times I too get mad at some careless and obnoxious drivers encroaching my freedom, I guess they may be finding me just as annoying for simply missing the fatter wheels and a comparable scale on the shared road. Irrational!
As cyclists we are literally more exposed on the road. So whenever such inevitable bout of irrational fury pops, I find the safest option for myself is to steam-off using similar vocabulary. It's more efficient than reasoning with the unreasonable.
Just to be even safer, I'd let the offending four-wheeled furia be gone before naming the whole piece of that motorized content in precisely spoken choice of words...
It takes practice though. Be safe!
The $15k figure implies that's either a bill the hackers ran up on an AWS instance or what they valued their development at
Edit: The blackmail line sounds like a ransomware attack
If you read the follow-up emails - and apologies for the armchair psychiatry - I think this person is very likely in a psychotic state. Their messages sound very similar to what you find in the "BadBIOS" and other "gangstalking" communities. It's not really tethered to reality.
I think it's extremely likely the author is not a troll and possesses a sincere and high-confidence belief that powerful entities are tracking and persecuting him and that backdoors in lots of software, including curl, were placed by sinister organizations and used to facilitate spying on and attacking him. The software is perceived as a WMD or pathogen partly responsible for this incursion into his life and the damage he thinks has resulted. He's mad because he thinks Daniel is like the mayor of Flint, MI: the water is poisoning people and he's doing absolutely nothing about it. Of course you'd be angry!
This is why it's generally best to not reply to messages as extreme as these. Daniel will never be able to convince him he isn't actually the metaphorical Flint mayor. You just get sucked into a world that's very real to them and not real to you or almost anyone else. It's not possible and not a good idea to try to reason with someone like that.
>it hurt me deep in my soul
>you don’t deserve my code
Grow a pair. This would be pathetic enough for a grown man to think or say in private, let alone sook about on a public blog for the world to see.
And it all seems like a thinly veiled excuse to boast about how popular his code is. I'm sorry that there aren't public parades to celebrate your unparalleled genius, your majesty.
(Is all I can think of as an answer)
The mod warned me that using a new name each time could be interpreted as deceptive so I've been using the same name (with an incremented suffix) for a little while now to not obscure my identity.
Maybe there is a reason? I had my comments downvoted, but thinking about this, it was deserved, those comments were really not constructive and severely lacking in empathy. No one normal likes reading such things and HN is a place where it matters. It's not a place to just vent.
I don't believe that I should be excluded from participating in good faith because of my race or political views. HN should be a place that welcomes diversity of thought, be it from a BLM activist or a White nationalist.
People are welcome to hit the disagree button. I don't care about that. I don't even mind much if I'm brash and the comment is flagged, as above.
I do care when my civil comments are flagged for wrongthink, and I do care when they are immediately censored. Then it's time for a new account.
I'm not sure whether this person is actually responsible for a multi-million dollar defense project, but if he really was, it's probably a good thing he lost the deal because I definitely don't want that kind of person managing such a project.
> I lost my family, my country my friends, my home and 6 years of work trying to build a better place for posterity.
I get loosing your family / home / friends, but a country? Where did that go?
A mundane class is offered with impractical advice and they're left with no money, little skills, and spamming the internet trying to get "their contract" - and if it doesn't materialize and they go back to the boot camp to complain the scammers blame it on "curl" - see the haxx.se domain? Clearly a hax0r ruined your chance at a better life.
Or do you just have a prejudice about India and you wanted to make that point anyway?
Based on the rest of your description, those boot camps sound a lot like that Trump University.
Not sure what caused the original email, but the reply is just a copy/paste of various unrelated things and security incidents that the person Googled without even understanding enough about them to form a comprehensible narrative.
Which tells me they are simply trying to get a rise out of someone.
The way the grammar is constructed I would not be surprised if this came from a pre-teen.
Suggests he doesn't even comprehend that curl amounts to 'instructions to copy data'
So the ad is from this Al guy.
Gov contracting is an ecosystem on its own and those that figure out the bureaucratic hoops can survive a long time without needed much technical knowledge. Some of those individuals lose touch with what is going on outside of the defense industrial base.
I think its the opposite, I think its an unqualified contractor writing code he doesn't understand for complex systems and was subsequently hacked. I see this a lot with people bidding on contracts then hiring staff/developers after it's awarded to duct tape a system together that barely works and is full of holes.
An article was shared here a while ago that went into that as well: https://tim.blog/2020/02/02/reasons-to-not-become-famous/
(Discussion: https://news.ycombinator.com/item?id=22280753)
I would take this threat very seriously.
Two words went through my head reading the response. "Crystal Meth".
Likely not, really, but having more-or-less lost an old friend to meth I can't help but compare the similarities (... the "identicalities" actually):
- the desperation and paranoia
- a solid (but wildly misplaced) basis in reality
- the overwhelming externalization of blame
- the need to lash out and draw someone else in
- the completely nonsensical evidence
Bottom line is regardless of the reason, "Al" is extremely unstable. I agree that the lesson here is to not engage these types.
can you explain this more ? I recognize some traits of these in me and siblings but we're not on meth at all.. so I find the psychological flaws interesting.
sorry about your friend too
The pattern is that in these scenarios, usually the people are quite intelligent and often accomplished. This gives them a repository of valid phrases and concepts to draw upon to breath legitimacy into their boogeymen. The evidence they present, however, is completely benign. That person, however, has quite the story they think is proven. It's literally as if they're showing you a basic electronic device w/ the cover removed and that proves all sorts of maliciousness.
Attempting to argue back is completely ineffective and even if you "win" one point, they'll quickly shift to another and nothing sticks, especially not the next time you talk to them.
I wouldn't even remotely compare this to more commonly contested topics like differing religious/political/social views, even at the extreme. This involves a visceral fear that >you< are actively being attacked, not some nefarious, shadow with a grand plan.
I have a very clear idea of what spectrum we're talking about here, but maybe it's better left unspecified to not influence too much (:
Seem like the average person to me :)
I assure you, you will quickly understand the difference.
Especially if that someone is your previously un-diagnosed friend and business partner.
His name often shows up in the licensing disclosures/attributions of applications that include curl.
The general opaqueness of modern software leads people to latch onto him and his email for all manner of things, and for non developers to attribute to him all sorts of bad motives ("You hacked me!").
This is especially unfortunate as Daniel has been such a genuinely positive and helpful face to a popular open source project. I feel awful that his generosity gets repaid with this kind of crap.
1 - https://github.com/sponsors/bagder
Weird that people spend each day on Facebook and Reddit among unhinged bozos, and still fail to realize how it might not be the best idea to spam their name and location on the web for all to see.
I can't agree more, Daniel is one of the friendliest approachable maintainers out there. Several times he takes time to answer menial questions and is friendly about it. I recommend the curl mailing list if you work with it in any manner as for you will learn a lot from other people.
Encryption has a sort of brutal effectiveness at doing this if you distribute copies of your data, but it is hard to maintain and has exposure in extreme events with your health.
Encryption + distributed data + legal protections from counsel could be an offering. It might be a "big fish" service though.
Though the domain probably doesn’t help with the association. If you got hacked and the first clear string you find is “haxx.se” it’s not a big leap to interpret it as a taunt.
Either the person is just a crank and in that case no harm done, or the person has legitimately been affected by an exploit and at the very least it will inform them of what actually happened and how Curl isn't to blame at all.