In The Queer Kitchen: 'Food That Takes Pleasure Seriously' by Stephanie Rosenbaum Klassen
Wednesday July 6th, 2016 at 9:06 AM

NPR: The Salt
2 Shares

Writer John Birdsall (from left),
Writer John Birdsall, photographer Nik Sharma, restaurateur and chef Preeti Mistry talk about the concept of the "queer kitchen" with Lukas Volger, the editor of Jarry, a gay men's food magazine.

Stephanie Rosenbaum Klassen for KQED

What is a queer kitchen? Is there a recognizable queer style or sensibility that can be expressed through food?

These questions and more were at the heart of a recent conversation hosted at the Williams Sonoma flagship store in San Francisco's Union Square during the city's Pride Weekend. The gathering was organized by the New York-based gay men's food magazine, magazine Jarry, a twice-yearly print publication launched last fall.

Writer and former chef John Birdsall firmly believes there is a queer aesthetic in modern food culture, rooted in the work of three great American food writers: James Beard, the longtime New York Times food critic Craig Claiborne, and expat ex-pat Richard Olney, whose cookbooks helped introduce Americans to the joys of French cuisine. The sensibilities of this trifecta of closeted gay men had far-reaching influence, changing the way Americans cooked and ate. As Birdsall has written, "It's food that takes pleasure seriously, as an end in itself, an assertion of politics or a human birthright, the product of culture — this is the legacy of gay food writers who shaped modern American food."

It's a legacy that Birdsall thinks more people especially straight chefs should acknowledge.

"I love Lucky Peach [magazine]," said Birdsall. "But the first couple of issues were really reflective of that male, straight, bro-y chef culture." It was this narrowly macho focus that led Birdsall to set the record not-so-straight with America, Your Food Is is So Gay, his Lucky Peach essay that won a James Beard Journalism Award in 2014. Birdsall, now 56, remembers he and a boyfriend reading aloud from Olney's writings, feeling like they were getting a glimpse of a secret gay world — one that was, by necessity, elusive. It was a world both coolly cerebral yet infused with the sensuality of Olney's adopted home in the south of France, its brilliant light, its hillsides of thyme and lavender.

By the 1990s, a culture that was once coded and discrete had exploded into we're here, we're queer, get used to it — especially in San Francisco. When Preeti Mistry, co-owner and head chef of Oakland's Juhu Beach Club, first came to San Francisco in 1996, she encountered lesbian chefs like Elizabeth Falkner, Traci Des Jardins and Elka Gilmore, Jardins, and Elka Gilmore who were putting their stamp on the evolving California cuisine of the time. Mistry, who originally wanted to be a filmmaker, was inspired by these chefs' creativity and fearlessness, so much so that she left a job in the "gay bubble" of Frameline to start training in fine dining at Claridge's in London.

"These women were my heroes," she said. It wasn't just that these women were out, at a time when restaurant kitchens could still be tough places for women, gay or straight. It was that they were changing the game, on and off the plate.

A copy of Jarry, a gay men's food magazine, next to tote bags that read "Cheers Queers."

Stephanie Rosenbaum Klassen for KQED

"At Citizen Cake, Elizabeth changed the presentation of pastry," said Mistry. Falkner's cakes were architectural, pierced with sugar shards, piled with kitschy frosting, shag-carpet deep. They were disruptive, deconstructed, even a little bit dangerous. (It's no surprise that Falkner's first cookbook, written in the form of a comic book, was titled Demolition Desserts.) Mistry remembers a dinner with Jim Dodge, then a well-known pastry chef trained in a more classical style. "When Elizabeth's dessert came out, he said, 'What is this crap?' " It was a clash of sensibilities, his gay, hers queer.

Nik Sharma of the blog A Brown Table was a pharmaceutical researcher before becoming a photographer specializing in food. The youngest of the group, he says coming out wasn't an issue, but finding a gay social circle when he first started medical school wasn't easy. A chat with a gay professor led to an invitation to the med school's "secret gay potluck" secret not out of fear, but simply because "they didn't want any straights to come," said Sharma.

Sharma, like Mistry, is of Indian heritage. He says calling out his brownness in the title of his blog and often photographing his own hands as he makes pastry or squeezes oranges was a deliberate choice. It is, he says, a way to make visual space for his immigrant perspective and culture within a blogging world that was overwhelmingly overwhelming white and female. His work has paid off: He has a new column, A Brown Kitchen, in the San Francisco Chronicle, and his blog has won numerous awards for photography.

Birdsall, who won a second James Beard Award for Straight Up Passing — an article about gay chefs in Jarry's first issue — sees queer cooking as an act of anti-normative transgression and resistance. It's not a concept that all the chefs he spoke to agreed with. In fact, fact several high-profile, out chefs bristled at being categorized as "gay chefs," much in the way that many artists resist being defined as "women writers" or "female musicians." These chefs, he says, felt that their sexuality had nothing to do with how they cooked. Or was it just that these chefs white and cisgender, as Mistry points out still feared the repercussions of embracing a higher-profile gay identity, even in these more equal times?

Birdsall feels that the transgressive spirit of the queer kitchen can be adopted even by non-LGBT non-gay LGBT chefs. He points to Danny Bowien's boundary-breaking cooking at Mission Chinese Food, where idiosyncratic, cross-cultural flavor bombs like chorizo-stuffed chicken (inspired by a Filipino recipe) loop around Sichuan cuisine. Looking further back in history, there's the work of Jeremiah Tower (who was mentored by both Beard and Olney), who played a critical role in shaping California cuisine in the 1980s. Birdsall sees Tower's cooking as "a repudiation of the more formal cuisine that came before, as an expression of intense pleasurability."

As for her own aesthetic in the kitchen, Mistry says, "I'm not interested in forcing something that's not natural, in over-manipulation" of ingredients or presentation. "We're not distilling things; it's fire and food and spices." And while plating matters to her("It's not a trough!"), she doesn't see the need to torture her food with stylists' tweezers, either. More important to Mistry is creating a workplace, and a dining room, that's diverse and welcoming in ways that restaurants haven't always been, both for diners and employees. The vulgar humor that's long been seen as a staple in restaurant kitchens has no place in hers. "We make jokes and laugh all day long," said Mistry, but her employees learn fast that dumb anatomical jokes won't fly. "We just shame and humiliate them if they try. Like, 'That's 'that's the best you come up with? Really?' " Mistry said. "They have to work harder than that."

As a butch woman of color, Mistry has experienced firsthand first-hand the stark contrast between how she and her wife, Juhu Beach Club co-owner Ann Nadeau, are treated in restaurants when they are and aren't recognized. If she's recognized from her stint on TV's Top Chef and Anthony Bourdain's Parts Unknown food and travel show, they get the industry hotshot treatment. If not, they've been ignored by bartenders and slighted by hostesses. Part of running her own restaurant is the freedom to speak out for causes and issues she and Nadeau feel strongly about. "When Alicia Garza, a co-founder of the Black Lives Matter movement, comes in, we treat her like a rock star," Mistry said.

"The tides are changing, both in race and gender," Mistry said. "People are used to seeing brown people in the kitchen. We'd like to have an equal diversity in the front of the house."

Stephanie Rosenbaum Klassen is a food writer based in the San Francisco Bay area.

A version of this story first appeared on KQED's Bay Area Bites.
Copyright 2016 KQED Public Media.
Copyright 2016 NPR.
To see more, visit KQED Public Media. NPR.

Read the whole story
rosskarchner
3391 days ago
reply
Share this story
Delete

CNU student, a Republican Muslim, caught in the storm by Travis Fain
Monday July 4th, 2016 at 12:37 AM

Politics - Daily Press
1 Share

Nadia Elgendy finds herself at the intersection of race, religion and politics that has become such a large part of this presidential election cycle.

The rising Christopher Newport University junior may be the first Muslim to ever sit on the Republican Party of Virginia's policy-making State Central...

Read the whole story
rosskarchner
3393 days ago
reply
Share this story
Delete

Farm-related accidents claim a child's life every 3 days, and there are 33 injuries a day by noreply@blogger.com (Tim Mandell)
Friday July 1st, 2016 at 7:24 PM

The Rural Blog
1 Share
Every three days a child dies in an agriculture-related accident, says the 2016 Childhood Agricultural Injuries Fact Sheet produced by the National Children's Center for Rural and Agricultural Health and Safety.

One-quarter of the deaths involved machinery, and 17 percent motor vehicles; 16 percent were drownings. Tractors were the leading source of deaths, followed by ATVs. Non-fatal injuries occurred at a rate of 33 per day, with vehicles being the leading source of injury for household youth and animals the leading source of injury for household non-working youth and visitors. Sixty percent of injuries occurred to young people who were not working at the time of the injury. About 893,000 youth lived on farms in 2014, and 51 percent worked on the farm.
"While overall numbers of farm injuries are declining, injuries to household youth have held steady," says the report. "Among household youth on farms, injury rates increased in 2014 for youth 10-19 years. From 2003 to 2010, among workers younger than 16 years, the number of worker fatalities in agriculture was consistently higher than in all non-agricultural industries combined." The cost of youth agricultural injuries are an estimated $1 billion per year and fatalities an estimated $420 million per year.
Read the whole story
rosskarchner
3395 days ago
reply
Share this story
Delete

Virginia AG's office asks court to reject anti-Trump lawsuit filed by GOP delegate by gmoomaw@timesdispatch.com(Graham Moomaw)
Friday July 1st, 2016 at 6:51 PM

www.richmond.com - RSS Results in news/virginia/government-politics* of type article
1 Comment
Read the whole story
rosskarchner
3395 days ago
reply
Had no idea state law was relevant to this, I thought it was simply governed by party policy
Share this story
Delete

How to Compromise the Enterprise Endpoint by taviso (noreply@blogger.com)
Wednesday June 29th, 2016 at 10:48 PM

Project Zero
2 Comments

Posted by Tavis Ormandy.


Symantec is a popular vendor in the enterprise security market, their flagship product is  Symantec Endpoint Protection. They sell various products using the same core engine in several markets, including a consumer version under the Nortonbrand.

Today we’re publishing details of multiple critical vulnerabilities that we discovered, including many wormable remote code execution flaws.

These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.


As Symantec use the same core engine across their entire product line, all Symantec and Norton branded antivirus products are affected by these vulnerabilities, including:


  • Norton Security, Norton 360, and other legacy Norton products (All Platforms)
  • Symantec Endpoint Protection (All Versions, All Platforms)
  • Symantec Email Security (All Platforms)
  • Symantec Protection Engine (All Platforms)
  • Symantec Protection for SharePoint Servers
  • And so on.


Some of these products cannot be automatically updated, and administrators must take immediate action to protect their networks. Symantec has published advisories for customers, available here.


Let’s take a look at a sample of the vulnerabilities we found. As usual, I’m deliberately ignoring the question of product efficacy to focus on attack surface and vulnerabilities.


Unpackers in the Kernel: Maybe not the best idea?


Many developers will be familiar with executable packers like UPX, they’re tools intended to reduce the size of executables by compressing them. This causes a problem for antivirus products because it changes how executables look.


Antivirus vendors solve this problem with two solutions. First, they write dedicated unpackers to reverse the operation of the most common packers, and then use emulation to handle less common and custom packers.


The problem with both of these solutions is that they’re hugely complicated and prone to vulnerabilities; it’s extremely challenging to make code like this safe. We recommend sandboxingand a Security Development Lifecycle, but vendors will often cut corners here. Because of this, unpackers and emulators continue to be a huge source of vulnerabilities, we’ve written about examples in Comodo, ESET, Kaspersky, Fireeyeand many more.


Let’s look at an example from Symantec and Norton Antivirus. This vulnerability has an unusual characteristic: Symantec runs their unpackers in the Kernel!

CVE-2016-2208: Vulnerability Details



ASPackis commercial packing software that’s been around for a long time, and Symantec has dedicated unpackers for a few older versions. Reviewing Symantec’s unpacker, we noticed a trivial buffer overflow when a section’s SizeOfRawDatafield is greater than SizeOfImage. When this happens, Symantec will allocate SizeOfImage bytes and then memcpy all available data into the buffer.


Effectively, we can get Symantec to execute a sequence like this:

char *buf = malloc(SizeOfImage);

memcpy(&buf[DataSection->VirtualAddress],
DataSection->PointerToRawData,
SectionSizeOnDisk);


All of these values are attacker controlled, resulting in a very clean heap or pool overflow. To build a test case, I researched how to identify ASPack on OpenRCE’s packer database:


.aspack:00412001                 public start
.aspack:00412001 start           proc near
.aspack:00412001                 pusha
.aspack:00412002                 call    skipBytes
.aspack:00412002
...
.aspack:00412014                 pop     ebp
.aspack:00412015                 mov     ebx, 0FFFFFFEDh
.aspack:0041201A                 add     ebx, ebp
.aspack:0041201C                 sub     ebx, 12000h
.aspack:00412022                 cmp     dword ptr [ebp+422h], 0
.aspack:00412029                 mov     [ebp+422h], ebx
.aspack:0041202F                 jnz     END_OF_PACKER
...
Abbreviated sample ASPack sample code from http://www.openrce.org/reference_library/packer_database_view/17


This was enough for me to make a testcase in NASMthat reliably triggered Symantec’s ASPack unpacker. Once I verified this work with a debugger, building a PE header that mismatched SizeOfImage and SizeOfRawData would reliably trigger the vulnerability.


VirtualAddress      equ 0x10000-0x08    ; VirtualAddress of section data, offset where copy starts.
SizeOfImage         equ 0x12000-0x0C    ; Size you want to allocate.
SectionPadding      equ 0x2000          ; SizeOfImage-VirtualAddress

; Section Headers
db ".data", 0, 0, 0                 ; Name
dd 0                                ; VirtualSize
dd VirtualAddress                   ; VirtualAddress
dd 0xffffffff                       ; SizeOfRawData
dd __data                           ; PointerToRawData
dd 0                                ; PointerToRelocations
dd 0                                ; PointerToLinenumbers
dw 0                                ; NumberOfRelocations
dw 0                                ; NumberOfLinenumbers
dd 0                                ; Characteristics
Configuring PE section headers to trigger ASPack overflow.


The full source code is available in the issue tracker.


On Linux, Mac and other UNIX platforms, this results in a clean heap overflow as root in the Symantec or Norton process. On Windows, this results in kernel memory corruption.


Because Symantec uses a filter driver to intercept all system I/O, just emailing a file to a victim or sending them a link to an exploit is enough to trigger it - the victim does not need to open the file or interact with it in anyway. Because no interaction is necessary to exploit it, this is a wormable vulnerability with potentially devastating consequences to Norton and Symantec customers.


An attacker could easily compromise an entire enterprise fleet using a vulnerability like this. Network administrators should keep scenarios like this in mind when deciding to deploy Antivirus, it’s a significant tradeoff in terms of increasing attack surface.


PowerPoint Stream Stack Buffer Overflow



Parsing PowerPoint and other Microsoft Office files is no simple feat. The data itself is stored in a series of contiguous records documented in [MS-PPT], but just extracting those records requires parsing a series of streams stored in a filesystem-like container called the Compound File Binary format documented in [MS-CFB].


Symantec has implemented an I/O abstraction layer that exposes the PowerPoint streams stored in a Compound File via a stdio-like interface. This framework is part of Symantec’s “decomposer” library, and is used for things like extracting document metadata and embedded macros.


As with stdio, I/O to and from the underlying storage is buffered for performance, so reads can sometimes be satisfied directly from the cache. I noticed that It is possible to force the cache into a misaligned state with combinations of odd-sized records. When this happens, a bug can cause reads to be incorrectly rounded-up, resulting in a buffer overflow.


By forcing the cache into a misaligned state, we can force a request like this:






When this happens, a bug causes the size to be rounded up like this:








This bug can result in a buffer overflow. I found an invocation that looked exploitable, but there’s a significant problem: This routine is only called when using what Symantec calls “Bloodhound Heuristics”.


BloodHound Heuristics



Symantec exposes a setting to administrators called “Bloodhound Heuristics”, this is called “Advanced Heuristic Protection” on Norton Antivirus, but is effectively the same thing.


Symantec has a whitepaper on their heuristics here. There are three options available to administrators: Low, Automatic and Aggressive. The default setting is Automatic, which increases the number of tests run dynamically.


I wrote a simple test case that triggers the vulnerability, and it crashes reliably with the “Aggressive” mode, but didn’t work in the default configuration. Requiring a non-default setting would reduce the severity of this vulnerability significantly, so I looked into what would trigger “Aggressive” heuristics automatically.


I downloaded an archive of powerpoint files from VirusTotal Intelligenceto see if any of them triggered the aggressive heuristics by putting a few breakpoints on tests I was interested in. I got lucky, a few of the files did cause aggressive heuristics mode.


Examining the files and their structure, one stream stood out as unusual, containing an ExOleObjStgCompressedAtom. Rather than create my own, I simply extracted the compressed object and %incbin’d it into a stream in my testcase.


settings.png

Exploitation



All PROT_EXEC mappings on Norton Antivirus use ASLR on Windows, but the decomposer library is part of a 32-bit process. As the scan service automatically respawns, brute force should be entirely possible.


However, with careful manipulation of the cache, we can partially overwrite the return address, meaning we don’t have to leak any module address to reliably predict the location of code relative to the return address.
The first stage is to see what we have available, to test this let’s search for an int3 instruction within range.


0:069> s (@eip & 0xffff0000) Lffff cc 1
6cbc9ba3  cc 01 00 00 80 bb 68 46-00 00 00 0f 84 82 00 00  ......hF........


That will do, let’s see if it works….


crashss.png


Perfect! It works every time. The next stage would be to find a sequence of gadgets that extends the range available, and then turn it into a standard ROP exploitation problem.


The source code for this exploit is available on the issue tracker.


It’s a 100% reliable remote exploit, effective against the default configuration in Norton Antivirus and Symantec Endpoint, exploitable just from email or the web. As the bug is in the core scan engine’s decomposer library, all Symantec and Norton branded products are affected. This includes but is not limited to:


  • Norton Antivirus (Mac, Windows)
  • Symantec Endpoint (Mac, Windows, Linux, UNIX)
  • Symantec Scan Engine (All Platforms)
  • Symantec Cloud/NAS Protection Engine (All Platforms)
  • Symantec Email Security (All Platforms)
  • Symantec Protection for SharePoint/Exchange/Notes/etc (All Platforms)
  • All other  Symantec/Norton Carrier, Enterprise, SMB, Home, etc antivirus products.
  • And so on..


On Windows, this results in remote code execution as SYSTEM, and root on all other platforms.


Vulnerability Management


As with all software developers, antivirus vendors have to do vulnerability management. This means monitoring for new releases of third party software used, watching published vulnerability announcements, and distributing updates.


Nobody enjoys doing this, but it’s an integral part of secure software development.


Symantec dropped the ball here. A quick look at the decomposer library shipped by Symantec showed that they were using code derived from open source libraries like libmspackand unrarsrc, but hadn’t updated them in at least 7 years.


Dozens of public vulnerabilities in these libraries affected Symantec, some with public exploits. We sent Symantec some examples, and they verified they had fallen behind on releases.


Conclusion



As well as the vulnerabilities we described in detail here, we also found a collection of other stack buffer overflows, memory corruption and more.

Thanks to Symantec Security Team for their help resolving these bugs quickly.
Read the whole story
rosskarchner
3397 days ago
reply
Holy crap
Share this story
Delete

Scientology Seeks Captive Converts Via Google Maps, Drug Rehab Centers by BrianKrebs
Monday June 27th, 2016 at 3:38 PM

Krebs on Security
2 Comments and 4 Shares

Fake online reviews generated by unscrupulous marketers blanket the Internet these days. Although online review pollution isn’t exactly a hot-button consumer issue, there are plenty of cases in which phony reviews may endanger one’s life or well-being. This is the story about how searching for drug abuse treatment services online could cause concerned loved ones to send their addicted, vulnerable friends or family members straight into the arms of the Church of Scientology.

As explained in last year’s piece, Don’t Be Fooled by Fake Online Reviews Part II, there are countless real-world services that are primed for exploitation online by marketers engaged in false and misleading “search engine optimization” (SEO) techniques. These shady actors specialize in creating hundreds or thousands of phantom companies online, each with different generic-sounding business names, addresses and phone numbers. The phantom firms often cluster around fake listings created in Google Maps — complete with numerous five-star reviews, pictures, phone numbers and Web site links.

The problem is that calls to any of these phony companies are routed back to the same crooked SEO entity that created them. That marketer in turn sells the customer lead to one of several companies that have agreed in advance to buy such business leads. As a result, many consumers think they are dealing with one company when they call, yet end up being serviced by a completely unrelated firm that may not have to worry about maintaining a reputation for quality and fair customer service.

Experts say fake online reviews are most prevalent in labor-intensive services that do not require the customer to come into the company’s offices but instead come to the consumer. These services include but are not limited to locksmiths, windshield replacement services, garage door repair and replacement technicians, carpet cleaning and other services that consumers very often call for immediate service.

As it happens, the problem is widespread in the drug rehabilitation industry as well. That became apparent after I spent just a few hours with Bryan Seely, the guy who literally wrote the definitive book on fake Internet reviews.

Perhaps best known for a stunt in which he used fake Google Maps listings to intercept calls destined for the FBI and U.S. Secret Service, Seely knows a thing or two about this industry: Until 2011, he worked for an SEO firm that helped to develop and spread some of the same fake online reviews that he is now helping to clean up.

More recently, Seely has been tracking a network of hundreds of phony listings and reviews that lead inquiring customers to fewer than a half dozen drug rehab centers, including Narconon International — an organization that promotes the theories of Scientology founder L. Ron Hubbard regarding substance abuse treatment and addiction.

As described in Narconon’s Wikipedia entry, Narconon facilities are known not only for attempting to win over new converts, but also for treating all drug addictions with a rather bizarre cocktail consisting mainly of vitamins and long hours in extremely hot saunas. The Wiki entry documents multiple cases of accidental deaths at Narconon facilities, where some addicts reportedly died from overdoses of vitamins or neglect:

“Narconon has faced considerable controversy over the safety and effectiveness of its rehabilitation methods,” the Wiki entry reads. “Narconon teaches that drugs reside in body fat, and remain there indefinitely, and that to recover from drug abuse, addicts can remove the drugs from their fat through saunas and use of vitamins. Medical experts disagree with this basic understanding of physiology, saying that no significant amount of drugs are stored in fat, and that drugs can’t be ‘sweated out’ as Narconon claims.”

whatshappening

Source: Seely Security.

FOLLOW THE BOUNCING BALL

Seely said he learned that the drug rehab industry was overrun with SEO firms when he began researching rehab centers in Seattle for a family friend who was struggling with substance abuse and addiction issues. A simple search on Google for “drug rehab Seattle” turned up multiple local search results that looked promising.

One of the top three results was for a business calling itself “Drug Rehab Seattle,” and while it lists a toll-free phone number, it does not list a physical address (NB: this is not always the case with fake listings, which just as often claim the street address of another legitimate business). A click on the organization’s listing claims the Web site rehabs.com – a legitimate drug rehab search service. However, the owners of rehabs.com say this listing is unauthorized and unaffiliated with rehabs.com.

As documented in this Youtube video, Seely called the toll-free number in the Drug Rehab Seattle listing, and was transferred to a hotline that took down his name, number and insurance information and promised an immediate call back. Within minutes, Seely said, he received a call from a woman who said she represented a Seattle treatment center but was vague about the background of the organization itself. A little digging showed that the treatment center was run by Narconon.

“You’re supposed to be getting a local drug rehab in Seattle, but instead you get taken to a call center, which can be owned by any number of rehab facilities around the country that pay legitimate vendors for calls,” Seely said. “If you run a rehab facility, you have to get people in the doors to make money. The guy who created these fake listings figured out you can use Google Maps to generate leads, and it’s free.”

TopSeek Inc.'s client list includes Narconon, a Scientology front group that recruits through a network of unorthodox addiction treatment centers.

The phony rehab establishment listed here is the third listing, which includes no physical address and routes the caller to a referral network that sells leads to Narconon, among others.

Here’s the crux of the problem: When you’re at Google.com and you search for something that Google believes to be a local search, Google adds local business results on top of the organic search results — complete with listings and reviews associated with Google Maps. Consumers might not even read them, but reviews left for businesses in this listings heavily influence their search rankings. The more reviews a business has, Seely said, the closer it gets to the coveted Number One spot in the search rankings.

That #1 rank attracts the most calls by a huge margin, and it can mean huge profits: Many rehab facilities will pay hundreds of dollars for leads that may ultimately lead to a new patient. After all, some facilities can then turn around and bill insurance providers for tens of thousands of dollars per patient.

WHO IS JOHN HARVEY?

Curious if he could track down the company or individual behind the phony review that prompted a call from Narconon, Seely began taking a closer look at the reviews for the facility he called. One reviewer in particular stood out — one “John Harvey,” a Google user who clearly has a great deal of experience with rehab centers.

A click on John Harvey’s Google Plus profile showed he reviewed no fewer than 82 phantom drug treatment centers around the country, offering very positive 5-star reviews on all of them. A brief search for John Harvey online shows that the person behind the account is indeed a guy named John Harvey from Sacramento who runs an SEO company in Kuilua, Hawaii called TopSeek Inc., which bills itself as a collection of “local marketing experts.”

A visit to the company’s Web site shows that Narconon is among four of TopSeek’s listed clients, all of which either operate drug rehab centers or are in the business of marketing drug rehab centers.

TopSeek Inc's client list includes Narconon, a Scientology front group that seeks to recruit new members via a network of unorthodox drug treatment facilities.

TopSeek Inc’s client list includes Narconon, a Scientology front group that seeks to recruit new members via a network of unorthodox drug treatment facilities.

Calls and emails to Mr. Harvey went unreturned, but it’s clear he quickly figured out that the jig was up: Just hours after KrebsOnSecurity reached out to Mr. Harvey for comment, all of his phony addiction treatment center reviews mysteriously disappeared (some of the reviews are preserved in the screenshot below).

“This guy is sitting in Hawaii saying he’s retired and that he’s not taking any more clients,” Seely said. “Well, maybe he’s going to have to come out of retirement to go into prison, because he’s committed fraud in almost every state.”

While writing fake online reviews may not be strictly illegal or an offense that could send one to jail, several states have begun cracking down on “reputation management” and SEO companies that engage in writing or purchasing fake reviews. However, it’s unclear whether the fines being enforced for violations will act as a deterrent, since those fines are likely a fraction of the revenues that shady SEO companies stand gain by engaging in this deceptive practice.

Some of John Harvey's reviews. All of these have since been deleted.

Some of John Harvey’s reviews. All of these have since been deleted.

WHAT YOU CAN DO ABOUT FAKE ONLINE REVIEWS

Before doing business with a company you found online, don’t just pick the company that comes up tops in the search results on Google. Unfortunately, that generally guarantees little more than the company is good at marketing.

Take the time to research the companies you wish to hire before booking them for jobs or services, especially when it comes to big, expensive, and potentially risky services like drug rehab or moving companies. By the way, if you’re looking for a legitimate rehab facility, you could do worse than to start at the aforementioned rehabs.com, a legitimate rehab search engine.

It’s a good idea to get in the habit of verifying that the organization’s physical address, phone number and Web address shown in the search result match that of the landing page. If the phone numbers are different, use the contact number listed on the linked site.

Take the time to learn about the organization’s reputation online and in social media; if it has none (other than a Google Maps listing with all glowing, 5-star reviews), it’s probably fake. Search the Web for any public records tied to the business’ listed physical address, including articles of incorporation from the local secretary of state office online. A search of the company’s domain name registration records can give you an idea of how long its Web site has been in business, as well as additional details about the company and/or the organization itself.

Seely said one surefire way to avoid these marketing shell games is to ask a simple question of the person who answers the phone in the online listing.

“Ask anyone on the phone what company they’re with,” Seely said. “Have them tell you, take their information and then call them back. If they aren’t forthcoming about who they are, they’re most likely a scam.”

For the record, I requested comment on this story from Google — and specifically from the people at Google who handle Google Maps — but have yet to hear back from them. I’ll update this story in the event that changes.

Read the whole story
rosskarchner
3400 days ago
reply
Krebs vs. Scientology. I'll bet on Krebs.
Share this story
Delete
Next Page of Stories