Tag Archives: document fraud

Sandy Hook Massacre: The People v. Crisis Management Institute

This thread is a continuation of the January 26 post, “How we know a guide on counseling children about Sandy Hook predated the massacre.

For the back story of this, see “Guide on how to talk to children about Sandy Hook 4 days BEFORE massacre,” Jan. 16, 2013.

Peter, the author of “How we know a guide….,” continuea to make his case with “Exhibits” on some highly technical aspects of “How we know….” I will be adding to this post, so please check back for updated material.

If you write a comment, please refer to the particular Exhibit to which you’re addressing, as in “re. Exhibit #1″ or “re. Exhibit #2.”

Peter will present his case as a prosecutor at a criminal trial. Let’s call it “The People v. Crisis Management Institute-Arlington Red Devils.” Below is his “Opening Statement.” I will be adding his Exhibits, as he writes them.

~Eowyn

_______________________________________________

The People v. Crisis Management Institute-Arlington Red Devils

So that I can place all the information I have for you to consider here in an orderly fashion I will present it in the fashion of a prosecutor in a criminal trial.

At the start of a Criminal Trial the Prosecutor makes a statement explaining what the Crime consists of, who he thinks is the criminal, and outlines how he intends to provide evidence showing that his case is accurate.

OPENING STATEMENT

On December 14, 2012 there was a School Shooting Incident at the Sandy Hook School. Some days after the actual shootings, Documents 1, 2 & 3 in “How we know a guide on counseling children about Sandy Hook predated the massacre were found on the Internet. We will examine all 3 very closely to determine how they came to exist.

Documents 1 & 2 were found in Google’s Webcache, a place that records all public documents Google finds on the Internet.

Document 3 was found using the Google search engine.

The published dates displayed on all three documents predate the events of Dec 14, 2012.

Document 1 shows Dec 10, 2012, Documents 2 & 3 show December 13, 2012.

Our task here is to examine and present all the evidence available to us in order to determine whether the documents originated before or after Dec 14th, 2012.

The process will have 3 stages.

1. Determine if there is enough evidence to proceed with this investigation. If there is not enough evidence stop here. If there is enough evidence go on to stage 2.

2. Determine the date the documents were created. If the document are shown to originate after the events stop here. If the documents are shown to predate the actual event proceed to Stage 3

3. Determine who is responsible for creating Documents 1, 2 & 3 as they appear within Google’s servers.

If it is proven the documents did originate before Dec 14, 2012, it means that someone had foreknowledge and it was likely a massive preplanned event rather than a random shooting caused by a deranged individual.

Determining who falsified the documents will point to the guilty party by determining who had the access required to change them and also who had a motive to change them.

EXHIBIT 1: Who Had Access?

The Arlington Schools, not school Website functions within computer software called SpireCMS, the developer of this software and most likely the designer of the website is present here as commenter Jeremy.

I owe him an apology for something I had written in public on this thread. [Note from Eowyn: I've since deleted Peter's accusatory comments about Jeremy, and have apologized to Jeremy.] I said what I said in public because my communication with the staff here is limited. I am only a guest here as Jeremy is. I am ALWAYS open to changing my opinion if I discover I have been wrong.

Jeremy could provide much valuable information about the site in question if he chooses to do so. I hope he does.

I am going to place many urls / weblinks in this thread which will allow you to go to the actual sites being discussed whenever possible.

The first website is: http://www.arlingtonlocalschools.com/

To go to the site, copy and paste the url above into another window of your browser.

Visting the site shows us the schools are located in Ohio. The website shows an address of 336 South Main Street, Arlington, Ohio 45814; phone: 419-365-5121; fax: 419-365-1282. I assume this is their School District’s Office.

There is an Internet Tool called Whois which when used in conjunction with a search engine such as Google will return detailed information about websites.

To find out where the computers that hold the Arlington Schools Website are located, I did a whois and checked two different databases.

1. http://www.ip-adress.com/whois/arlingtonlocalschools.com

The results are:

This report on Arlingtonlocalschools was run on January, 01, 2013.
Arlingtonlocalschools.com Server Details
IP address:
184.106.51.33
Server Location:
San Antonio, TX in United States
ISP:
Rackspace Hosting

2. http://whois.domaintools.com/arlingtonlocalschool.com

The results are:

25 other sites hosted on this server. Remember this it will be important.
IP Address:
184.106.51.33
IP Location:
United States – New York – New York City
Domain Status:
Registered And Active Website

I have not included all the information available, only what is relevant here. You can verify what is here is accurate by using the url’s.

I won’t explain what everything here means, just tell you what it tells me in plain English. Other techies are welcome to comment if they feel I am wrong.

The Arlington School’s Website is not physically located in Ohio where the schools are. Until at least Jan 1, 2013, they were on a server located in Houston, Texas. The site was recently moved (Jan 1, 2013) to a server located in New York City.

The above means that when staff at the Arlington Schools’ Office sit down at a computer to manage the website, they are not working on a Website hosted locally on a computer in their offices. Until Jan 1, 2013 they were managing their website on a server located in Texas and from that date to the present on a server in New York.

Jeremy’s SpireCMS is what easily, without technical skills, allows them to do this.

SpireCMS, that’s used by Arlington Schools, is an example of Content Management Systems (CMS). So is WordPress, that’s used to create and manage this blog, FOTM. Content Management Systems easily allow owners with very minimal technical computer skills to make available to the public whatever information they like.

The staff person at the school in Arlington who maintains the website, could as easily be sitting here beside me in Ocean Falls and do everything they could from their office. Neither location is where the Website server computer is.

All that is required to do this is for the staff person to have a username and password with authorization as an administrator.

Obviously you don’t want everyone who uses the site to have administrator rights as anyone could then possibly do serious damage or steal confidential information.

CMS systems commonly allow a number of different levels of access, such as (I won’t mention all of them here, only enough to illustrate what is needed):

  • End Users: such as parents or children who can only comment as we guests on FOTM can. They can also possibly access areas of the site not open to the public.
  • Authors: Authors are allowed more privileges than End Users but not all the privileges of an administrator. They cannot change the site layout or functioning, they can only create documents and place them where needed. While creating documents they are allowed to upload files from their own local computer to add to the document they create. The uploaded documents can be pretty much anything, a picture, a video, a song, a pdf file.
  • Administrator: An admin can do everything an author can plus tweak all the controls on the site.

The link below is live and can be clicked directly to see how authority is set:

http://www.oceanfalls.org/misc/sh/a2/wpuser.jpg

It will show the section of the WordPress control panel on one of the sites I manage which allows an administrator to authorize each member with their own unique privileges.

All that the staff person at Arlington Schools would need to do to authorize a trusted person to upload and create content on the site is to go to that member’s profile record, partially shown above, open the dropbox as illustrated, and decide what they will allow that person to do.

That person could then access the School’s website — Arlington Red Devils — from any Internet connection in the world.

Giving such a person any privilege from author up, would allow them to do everything required to create and place the Documents 1, 2, & 3 we are discussing, without the intervention from anyone directly associated with the school.

If Jeremy would be so kind as to confirm spireCMS works similarly to this and has the same capability, it would prove someone could place the documents without anyone at the school knowing about it.

If Jeremy won’t confirm this, I will ask Eowyn, the owner of this site, to temporarily elevate my privileges so I can demonstrate how it is done.

The above proves to me conclusively that the possibility that someone not directly associated with the school could have uploaded and created the content we are discussing.

If we all agree with my conclusion we can continue on and next try to determine if anyone outside the school had opportunity to create the material by being given such authority.

-Peter

================================================

Update (Feb. 8, 2013):

Peter continues to make his case by examining two Google cache documents. See “A computer forensics analysis of 2 Sandy Hook documents,” Feb. 8, 2013.