EDIT: Oh boy I just looked around chessninja and saw a bunch of nonsense such as <I am sort of an expert in the field of "spoofing". IP addresses don't lie: if Paul Truong's IP address was logged in the posts, then the posts had to come from his internet connection.> so please excuse me for giving you guys background on IP addresses and how to steal them. I did this in high school to get around Websense, and anyone could learn to do this without being a "serious" hacker.

First of all, it should be well known that every website can track your IP. For example, the admins here at chessgames.com know and can track your IP. So can Sloan on the USCF pages. What can they know from this? They should be able to tell your location - your city not street address - and ISP unless you are on a proxy - in other words "stealing"/using someone else's IP address.

Now doing about 2 minutes of research you find out Susan's ISP is AOL since her email is Susanpolgar@aol.com. Paul Trong's is USChessOlympiad@aol.com so his is an AOL ISP also.

Now, since Sloan said <IPs travel with Mr.Truong. We obtained the evidence from the U.S.C.F. servers Sloan says.> I assume Sloan tracked their IP's the hard way - the easiest would have been to just email them. Sloan would have needed to make a list of all AOL ISP's that were logging in from Lubbock, Texas - Susan's residence - in order to find out which IP's belonged to who. I'm assuming there wouldn't be alot of users logging in from a city of about 250,000 onto the USCF website consistently. So it's possible there was only one IP address to choose from and there you go. Let's assume there was more than one just in case.

The only way to pin point which IP is hers is call their ISP. Only problem is the ISP isn't allowed to give this sort of information out unless the authorities get involved - in that case they are forced to give it out. How does Sloan solve the problem? Since Susan moved from New York to Texas, find the user from New York, New York with an AOL ISP that has recently ceased to login at all. However, since I believe there is only one or two consistent logins from Lubbock, Texas on the USCF website - I think Sloan didn't have go through all this.

Whatever Sloan spoofed all Susan would need to prove he spoofed is get what's called process accounting logs. It gets a little technical from here so I'll keep it simple. Basically she can prove there was remote access (Sloan's computer) on her computer that wasn't initiated by her computer - hence she was spoofed. Another way is monitoring what's called packets, but that's so long to explain you guys can google it.

EDIT: Oh boy I just looked around chessninja and saw a bunch of nonsense such as <I am sort of an expert in the field of "spoofing". IP addresses don't lie: if Paul Truong's IP address was logged in the posts, then the posts had to come from his internet connection.> so please excuse me for giving you guys background on IP addresses and how to steal them. I did this in high school to get around Websense, and anyone could learn to do this without being a "serious" hacker.>

I'm not gonna argue since you obviously do know yr shi, but we used proxies in highschool :P It was a lot easier.

Because if I understand Mr. Mottershead correctly, the 'fake' posts followed very shortly after posts made by Mr. Truong, even when he moved to Mexico City.

That would mean the hackers knew when Mr. Truong was going to be online, immediately tracked AND hijacked his IP, and used that to post.

But I don't have all the details on that article, that mentioned the <...Mac ID matched up.> (Simply put, each network card have a unique MAC http://en.wikipedia.org/wiki/MAC_ad... kinda like your car having a unique VIN number...)

<Marvol> If someone moves to a different location, and you need to find out the IP, it may take a while for you to succeed. 'Less you have access to the server and knows who/what is going on with your network traffic.

Amongst the many lessons that came out of Watergate, is the lesson of the 'non-denial denial'. This is discussed in "All the President's Men", for example.

The lesson of the 'non-denial denial' goes like this. AAA makes an accusation against BBB. Now, the accusation is either true, or it isn't. But, you can get an important clue regarding the accusation from BBB's response.

Consider these two responses:

BBB: "This is a flat out lie, there is not a single element of truth to this. I'm going to sue you in court."

or

BBB: "At a time when there are a lot of problems, irresponsible accusations like this cause much more harm than good."

The second response from BBB above is the 'non-denial denial'. It is what Richard Nixon's staff tried. It's what let the reporters investigating the story know that they must be absolutately correct - because otherwise, a libel suit would have been happenning that probably would have shut down their newspaper.

"Did I have anything to do with it? Absolutely no.
"

<Any experience individual who has access to my IP can spoof it easily. It does not take a genius for this. Do I know who did it? Absolutely no. Did I have anything to do with it? Absolutely no.>

So, just reading what he's saying:

No, he didn't have anything to do with spoofing his own IP address.

<You can bet your bottom dollar that I will fight this absurd and malicious nonsense all the way. These people tried to discredit me for 11 months without success. Now they have stooped to a new low. The person who launched this "private investigation" and made this charge said in writing that he had the authorization or consent from the ED and Bill Goichberg. I have saved every post of his to be used as evidence in court. Both Bill have since said in writing that they did not make this authorization and they were not even aware of it.>

My preference would be for a statement like this:

Seems like a clear denial (I thought so at first), but it's not, since Truong only refers to spoofing his own IP address. In fact his whole statement doesn't really make sense.

Why couldn't he just say something like: "I never posted anything under fake Sloan's account."?

However, I should be clear that from a technical point of view, Polgar's case looks pretty bad. My thesis was that it would be easy for Sloan to spoof - the hard part is covering his tracks which I assume is what Polgar's side is arguing he did. This is pretty silly since that would actually make it one of those far-fetched conspiracy theories.

I'm a little rusty on how he would do it - I'm sure blind spoofing or further tampering with TCP/IP protocals it would be possible. The amount of time, nonetheless the 18 months of trolling is why - I can't believe I'm saying this - side with Sloan or the evidence.

I was reading through chessninja, but dang, some of those guys go on and on about totally irrelevent stuff.

I personally feel this looks bad for Polgar/Troung, but on the other hand the fact that this is coming from Sloan means anything could be happening.

I dont think I have seen anyone arguing against the fact that "Somebody would have followed Troung and gathered his IP addresses, and then made faked that he was faking them, for 18 months(!), all so that in the end, he would hope somebody would discover that Troung was faking somebody" is absolutely insane.

I dont even think Sloan we be up for something that weird. Keep in mind, even if a person was completely malicious, there are far better ways to use his time, energy and computer prowess than by doing this. Why not just casually delete important files etc. off their computers if he is such a great hacker?

Also, the fact that Polgar's intial posts here were about how some terrible person has perhaps illegally broken privacy rules is hardly satisfying.

I think for the most part technical legalities here are far less important to the American chess player than whether or not one of our board members was going on an 18 month illegal smear campaign.

Even assuming the person getting smeared deserved it (which is already a stretch, Sloan may be bad, but hit him at his own faults, not invented ones), do we really want someone heading the USCF who is willing to stoop to this level.

Does Jimmy Carter play chess? He needs to run for USCF president!

Of course, this is the internet, and crazy stuff can become 'truth' a bit too quickly, so I will withhold judgement (as I hope everyone else does) until a better and more proper investigation is held, ideally involving several independent investigators.