Schneier on Security
A blog covering security and security technology.
« Bypassing the Airport Identity Check |
| Airport Security Failure »
March 14, 2006
On March 4, University of California Berkeley (Cal) played a basketball game against the University of Southern California (USC). With Cal in contention for the PAC-10 title and the NCAA tournament at stake, the game was a must-win.
Victoria was a hoax UCLA co-ed, created by Cal's Rally Committee. For the previous week, "she" had been chatting with Gabe Pruitt, USC's starting guard, over AOL Instant Messenger. It got serious. Pruitt and several of his teammates made plans to go to Westwood after the game so that they could party with Victoria and her friends.
On Saturday, at the game, when Pruitt was introduced in the starting lineup, the chants began: "Victoria, Victoria." One of the fans held up a sign with her phone number.
The look on Pruitt's face when he turned to the bench after the first Victoria chant was priceless. The expression was unlike anything ever seen in collegiate or pro sports. Never did a chant by the opposing crowd have such an impact on a visiting player. Pruitt was in total shock. (This is the only picture I could find.)
The chant "Victoria" lasted all night. To add to his embarrassment, transcripts of their IM conversations were handed out to the bench before the game: "You look like you have a very fit body." "Now I want to c u so bad."
Pruitt ended up a miserable 3-for-13 from the field.
(See also here and here.)
Security morals? First, this is the cleverest social engineering attack I've read about in a long time. Second, authentication is hard in little text windows -- but it's no less important. (Although even if this were a real co-ed recruited for the ruse, authentication wouldn't have helped.) And third, you can hoodwink college basketball players if you get them thinking with their hormones.
Posted on March 14, 2006 at 12:11 PM
• 104 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
lol... Priceless... absolutely priceless.
Lou the troll
If you've got a guy thinking with the head dangling between his legs, then you can pretty much get him to do anything. This looks like an interesting variation on one of the older tricks in the book.
In the college and geek world, this is called a "hack", not a prank. And this is one of the best MIND HACKS I've ever heard of. Good for Berkeley!
That phone number was the player's, not the girl's - a touch more psychologically devestating, I think.
That does not seem at all sportsmanlike, and invites equally brutal retaliation.
> invites equally brutal retaliation.
There's your unintended security failure. You intend to jar the opposing team's player, but your consequence is that next year they hire a prostitute to *really* mess with your star player...
Question is, if you get an unsolicited IM, "Gosh, are you really Gabe Pruitt?" ... how do you authenticate?
If one were to use video chat, unless you ALWAYS use video chat, you have no assurance that it's the same person.
@ Jim Thompson
Hacks are defined to be harmless. Pranks need not be. This was a prank, not a hack.
Sex is the human male's oldest exploit. (think world's oldest profession..) It's patchable, but only in the permanent, Marshall Applewhite way. That said, I really don't see anything clever about this.
I was at the game. Yes, he's #34. Yes, he was shocked, than humiliated, then angry, then accepting, and eventually he was laughing about it. And he still had his worst game of the season.
I've seen some pretty funny interactions between the crowd and players before. I've seen plenty of player taken completely out of a game by clever crowds, but this takes the cake in terms of preparation and effectiveness, which is almost sad for me to admit being a Stanford grad. Good job Cal!
Revolting "joke." If this is truly what students are now doing at Berkeley, I'm ashamed of my own college.
As a graduate of the sister University of California institution from down the coast, I am shocked and appalled by this disgusting joke. To boot, I am even more ashamed that we at the UCLA rally committee didn't think of this first.
I think this crosses the line. What happened to the fight for privacy online? Like the government or random companies aren't enough to worry about...
I applaud the cleverness of it, and the thoroughness with which they pulled it off.
That said, this would have been a lot funnier before college hoops fans started making sexual comments about players' mothers and underage sisters.
All is fair in love and war.
I wonder, was this the first player they attempted this hack on? Or, was he just the first player stupid enough to fall for it? USC students are usually a very moronic and simple minded bunch.
If the prank influenced the player's performance, why didn't the coach make a substitution? Regardless of the reason, I think if you have a player who is having a bad night, it is up to the coach to recognize that and make adjustments.
Well, my first reaction was to check and see if 3 of 13 (23%) was an anomaly. Maybe I'm missing something, and I'm no Basketball stats expert, but I do not see the "causation" link from the data. He has a high total average (40% in 2005-2006) with some off days:
12/29 California 5 of 14 (35%)
12/31 Stanford 2 of 7 (29%)
1/18 @UCLA 1 of 9 (11%)
3/2 @Stanford 4 of 13 (30%)
3/4 @California 3 of 13 (23%)
3/9 @California 5 of 15 (33%)
The anecdote about the fans is amusing, but I'm not seeing the connection. Maybe if he had some huge deviation from the stats like not scoring at all...and even then, it might just be Cal at home doing a good job or having a good night.
My second reaction was to wonder if all the "player talk" on the court should be lumped in with what you would call social engineering. I would say no, and not just because it reminds me of the awful lines in Rocky movies. Generally speaking social engineering seems better defined as trying to get someone to give you something (e.g. access, data, a ride, etc.) rather than just any human interaction designed to get a reaction. It's kind of an insult to engineering (let alone social engineers) to say all you have to do is insult or trick someone and you've "engineered" a reaction.
> Hacks are defined to be harmless. Pranks need not be. This was a prank, not a hack.
It is just a game, so there wasn't any harm in effecting it's outcome.
I find this prank a bit much. Sure, people shrug and say it's just a "game", but then why go so far as to manipulating with someone so personally for it?
You guys take your sports too seriously.
College is for learning lessons about how to get along in the real world. An athlete goes through the same thing, but a tradeoff for a scholarship and maybe a career is the media spotlight. The poor kid will NEVER be sucked in that good again!
The photo is priceless.
Not a very original or clever prank.
Okay, in terms of the sheer effectiveness of the hoax, I consider the execution brilliant.
In terms of the overall sportsmanlike conduct, I consider the hoax inappropriate.
I'm not a sports fan in any measure of the concept. That said, I think "sports" implies a rule-based arena in which to compete according to the rules for the purpose of measuring overall individual or team effectiveness in competition with another individual/team.
It seems to me that there was a lot to lose: "the PAC-10 title and the NCAA tournament."
I don't need to be a sports fan to appreciate the gravity of this outcome.
Again, brilliant but inappropriate is my vote.
I think this prank is horrible, cruel and really mean spirtited. We have all experienced some variation of a situation like this, even if it was in third grade and someone told you so-and-so liked you but when you approached them they didn't know what you were talking about. I really think this is a malicious thing to do, and to a stranger who has done nothing other than play basketball well. I really hope the universities or athletic associaction step in. If you can only win by publicly humiliating someone, you should not play.
Next time they should threaten to kill his mother if he doesn't throw the game...
(I'm both ashamed of and amused by my alma mater. To be honest this was pretty clever and made me laugh, but is clearly inappropriate.)
"It seems to me that there was a lot to lose: 'the PAC-10 title and the NCAA tournament.'"
USC had no chance at winning the Pac-10 title and getting into the NCAA tourney. It was Cal who had a chance (and despite winning the game, they did not win the title).
A funny prank. I'm a biased Cal grad, but I do not think that this is horrible or cruel. It is very meanspirited, but that's to be expected in sports.
"A funny prank. I'm a biased Cal grad, but I do not think that this is horrible or cruel. It is very meanspirited, but that's to be expected in sports."
So whay you're saying is that "Good Sportsmanship" and "Fair Play" are antiquated concepts that have no place in modern collegiate athletics? Next time why don't we just call in a bomb threat the hotel where the opposing team is staying? When they let them back in, call in another one. They won't get any sleep and will fall on their face in the game. Cruder and less clever, but hey, a W is a W, right? The people behind this sophmoric stunt should be charged with felony harassment, and the NCAA should penalize UCB(no tournament play for 10 years should effectively discourage anyone who feels compelled to repeat this hateful prank).
Yeah it's mean spirited but these guys are used to being geered and picked on when they travel for games. This isn't any different... and I doubt he was horribly upset afterwards
You should more directly attribute the middle of your post to the first blog that you link to (http://sarcastipundit.blogspot.com/2006/03/victor-victoria.html). Most of it seems to be a slightly-reworked version of the text from there.
I have mixed feelings about this. The young man was hazed, no doubt about it. As a UCLA grad, I generally enjoy it when something like this happens to a USC person. As the brother of a Cal grad, I have to say, way to go UC!
(Back when I was at UCLA, we did mercilessly ride opposing players, and they generally did not have very good games)
One important note which this post gets wrong. They didn't show "Victoria's" (presumably fake) phone number. They showed Pruitt's phone number. Sounds like a pretty underhanded invasion of privacy to me.
Before you say it was just a prank, think about how you'd respond it this had been done by a corporation (ChoicePoint, perhaps) instead of some students.
I'm very intrigued that the self-described sports fans are all commenting 'ooh, good one,' while the self-identified non-sports-fans are saying 'this is inappropriate because it is not fair play.'
as a bruin fan who hates the trojans, this story was good for my morning yukk.
gabe pruitt must not be very bright. beware mysterious admirers chatting you up on im.
Some of u guys sound angry. Are u strong with a fit body? I want to c u so bad.
I'm not a fan of public humiliation so if I were that player then I'd probably get some friends together and do some ass-kicking. If it had to be done on the down low then I'd probably consider damaging their personal property or setting their dorm room on fire.
A joke among a few people is fine, but this kind of humiliation is just wrong. It's similar to how high schoolers have gone from passing notes about people to writing things in public forums like MySpace. Instead of 5 or 10 people laughing at them, it's 50 to 100 to 1,000.
Personally, I'd find every member of that rally squad and hurt them pretty badly. If you think it's just a joke then you're a twat. Maybe I should scam you then figure a way to embarrass you in front of all of your friends or co-workers. Yeah, that'd be a cool joke.
But all of this really depends on the extent to which he conversed with Victoria. If it was a few messages then that's fine, but if he had some psychological investment in "her" or meeting her then I would retaliate in a bad way. Then we'd see who's laughing.
IM me some time Anonymous. Let's talk. Hope to c u around.
You people who think this was a) unoriginal, b) not funny, c) cruel or d) morally "wrong" are e) retarded. f) YOU.
This is the sort of thing student cheering sections DREAM of. As a current college junior, I can attest that there is nothing better than finding "dirt" on another team's player then using it in a chant. It's part of the home court advantage. You know darn well that the other team's fans will do the same to your team when you play in their gym.
Guess what? If the player is good enough, they'll be able to tune it out. Obviously some things (recent deaths in the family, perhaps questioning the virtue of female family members) cross the line, but this? No chance. The guy was getting excited about pictures sent over the internet in an online chat. That deserves to be made fun of.
Everyone here complaining about this being shameful or inappropriate or better yet, calling for 10 year NCAA sanctions for this are hilarious and really need to loosen up. Tell me, what's it like being the killjoy amongst your circle of friends?
Even the victim eventually had to laugh about what happened. Why can't you? Maybe that'll teach him to post his IM on myspace, which I'm 90% sure is the way he got contacted by "Victoria" in the first place.
As a former athlete (like i'm sure there are a few on here), I applaud the joke for it's planning....which I'm sure the ball player in question will also many years from now. At that particular moment though...not cool and very embarrassing. Now, I wouldn't resort to violence in this situation (or any for that matter), but I would hope that I would take my game to another level and make them pay for it. It's up to the Athlete to figure out what kind of player will you be today in a situation like that. Will you throw in the towel and play crappy or will you use it to have the game of your life. Clearly he wasn't mentally prepared to bounce back from it. Of course he wasn't expecting this to joke to occur, but you find out what kind of person you are by the way you react to things that happen to you and/or around you.
Look, for those of you who are getting all serious about this, go fly a kite. This prank was beautiful - an academy award goes out to the one behind it. It was harmless and points out that you should always be careful when "hooking up" online. There was nothing illegal or otherwise and as far as morals, well, LIGHTEN UP.
Oh, and GO BADGERS!
A few replies to fellow-commenters:
Geoff: if "meanspirited" is to be expected in sports, what is the relevance of "sportsmanship" in sports? Do you not find these two terms at odds?
# meanspirited: having or showing an ignoble lack of honor or morality.
# sportsmanship: Conduct and attitude considered as befitting participants in sports, especially fair play, courtesy, striving spirit, and grace in losing.
mike: here, here!
smokeup: the overall ignorance of your shallow commentary embarrasses me on your behalf; you embarrass yourself by publicly posting such Neanderthal blather.
RichardT: I noticed the same thing; interesting indeed given the distinction between "meanspirited" and "sportsmanship" (see above).
"Victoria": LOL! Nice touch! :-)
All might be fair in love and war but this is basketball. It's not funny, it's pretty vicious.
Funny prank; it shows good character that he ended up thinking it was funny.
On a side note, can we please, please retire the term "co-ed"? Calling female students (even imaginary ones) co-eds suggests that it is novel and noteworthy that female students are allowed in a given school. It's been 30 years since that was true of most universities in the US.
This i sone of the funniest things I have ever read!!! OMG!!
Sun Tzu's Art of War states in one way or another that...
in order to defeat the enemy physically, one must find a way to enter his conscience and break his spirit from within.
To be able to humiliate one's adversary even before battle is to build morale within his own camp while lowering that of the enemy's. This could've lead to two different scenarios:
1) the enemy shows fortitude and fights to regain his credibility. If the player had managed to do this, he would've shown the enemy that their tactics hadn't worked on him, the effects of which would break his stigma and turn the attention towards UCLA. If USC had won that game, UCLA would've been remembered for using underhanded tactics before the game, and failed. They would've been the pun of the joke, not Mr. Pruitt. However, we all know this is not how things went down. This is a game USC will not soon forget. I believe they will go at nothing to beat UCLA next year if they meet, because a morale breaker followed by defeat will turn into a morale booster over time. This is the Art of War.
2) how things actually went down. UCLA's hoax got to the man, and understandably. But I say, UCLA beware... in war, gaining without fighting is smart, but awakening the enemy is lethal. Next year, I predict UCLA will have their worst win-loss record in history. Now, on what do I base my prediction? Simple: people on the internet may find this funny, but I doubt the players and coaches of other US college basketball teams feel the same way. Even if they were amused, any basketball team who plays UCLA in the next year will remember this story... and these teams will be on very HIGH alert. Which, if you think about it is a bad thing for UCLA.
Hey, I might be wrong, but I assure you that by the end of next year, UCLA would've wished that USC had won that game.
My 2 cents.
Just a game? Maybe. But an interesting way to hedge your bets if you are into sports gambling. Or a good cover for point shaving.
I think the point is that we generally don't expect or properly prepare for out-of-band attacks. What the folks at UCB did was very similar to what the 9/11 terrorists did - they used something that is not inherently a weapon, and is generally (one hopes) not used as a weapon, in an unexpected way.
And like with 9/11 (admittedly a somewhat more serious incident), the right thing to learn is probably something along the lines of "think outside the box, because that's what your opponent is already doing," not "OMFG, let's retaliate, and let's blame this whole thing on girls and be really misogynistic from now on."
And yes, I think censuring the students who did this prank would be a good idea. Moralism aside, people are strange, and you never know whether someone who's been treated this way is going to laugh it off or climb up a clock tower somewhere with a gun. So punishing students who do things like this strikes me as a good way to de-escalate; letting them go unpunished is risky.
Actually,"Dinger", she was depicted as "Catholic" and the "negro" is a "Protestant", so this potential miscegenation is truly an abomination. Another example of "godless" use of the "internet!"
I guess it's funny to some, but this wasn't very cool. It is the kind of sh!t that might make the wrong person go Columbine. I don't agree with public humiliation unless it is some form of punishment.
If I were that guy I would find out who the "pranksters" were and go give them a good ass kicking.
I find it hilarouis that the sports fans seem to find nothing wrong with this prank, but everyone else seems to be in agreement that it was meanspirited and should not be allowed.
I completely feel this joke was inappropriate and should be severely punished, I think the 10 year ban is extreme. But the NCAA does have sportmanship and conduct rules, i'd be curious to know exactly what they are and if this is a violation of those rules. But plain and simple, it's just wrong, I don't know how people can justify it "they would lose anyway" as if picking on a weak team makes it acceptable. This is a good example of what's wrong with sports, people, kids, schools and just about everything else today. When you are wronged you're told to suck it up, quit being a crybaby, without anyone ever considering the fact that it's just not nice or polite behavior to insult degrade or humiliate someone. The players are there to leverage their physical skills against an opponent in a matched game, not defend or deflect mental attacks from the opposing team.
and on a less serious note, I have to agree with the poster who makes the comment about calling repeated bomb threats into a hotel. Granted that has it's own legal tangles, but there are many examples you could use tha twould not have those legal tangles that would be just cruel and degrading.
This isn't about whether it was fair from a sport standpoint, it's about whether it's a gross invasion of privacy. They were passing around transcripts of the the entire IM conversation, and displaying his cell # - what's next, using a real co-ed on webcam to get him to expose himself then displaying the photos?
And the people saying he's stupid for falling for this are hypocrites - I'm sure they did, or easily could have, used a real co-ed to front so it would have been impossible to find out it was fake. And would any of us, in his position AT HIS AGE been able to resist some hot woman IMing to say she was a fan and wanted to hang out after the game?
This is the sort of thing student cheering sections DREAM of. As a current college junior, I can attest that there is nothing better than finding "dirt" on another team's player then using it in a chant. It's part of the home court advantage. You know darn well that the other team's fans will do the same to your team when you play in their gym.
Further evidence, if any were needed, that student cheering sections are full of detestable shits.
Big time college athletics is a cesspool, and it's hard to imagine a university that wouldn't be better off without them.
lol@all these dumbshits who don't have a sense of humor, particularly the two who suggested violent retaliation. the prank didn't break the law, violent retaliation would. what if the prankster has a carry permit like i do? are you willing to die for your humorlessness?
an extra laugh for the guy who didn't know the difference between uc berkeley and ucla, and suggested that usc would beat ucla next year in basketball. this statement betrayed a profound ignorance of basketball reality in the pac-10. go bruins!
"this statement betrayed a profound ignorance of basketball reality in the pac-10"
gasp....an ignorance of basketball reality in the pac-10?? What greater sin could there be???
Previewing your Comment
As a Cal grad (and former member of RallyComm), I am both amused and appalled by the incident.
Amused, as this continues the tradition of trying to get the visiting players out of their A-game (or "on tilt" in poker terms). One of the longstanding traditions at Haas pavilion is to name one visitor "tuna" in the second half. For the remainder of the game, any time the ball is in that player's hands, the student section (led by the band) yell "Tuuuuunaaaaaaa!" The yell stops the instant the ball leaves his hands. Harmless, mostly. Amusing to the student section, definitely. Distracting to the target, sometimes. (Although many/most players can rise above the odd distraction from the crowd.)
Appalled, on the other hand, as this does seem to cross the line to me. At a Cal-USC football game a few years back in LA, traveler (the horse) got spooked while passing in front of the Cal section of the stands. Many SC fans posting on the Cal and SC football boards insist it was a deliberate, organized attempt to spook the horse by the Cal students that caused the incident. True or not, that meme propagates through the USC fan base/student body, causing additional animosity between the schools/fans.
Pruit was stupid enough to fall for it and the opposing fans took advantage of it. Very funny! He's just lucky he didn't give out more info!
To everyone who thinks this prank was terrible, uncalled for, out-of-bounds... this is ~college~. Nobody got hurt. It was extremely amusing.
What did you do in college? Study?! Get real.
Similar tactics as the 9/11 terrorists? I think we need a new corollary to Godwin's Law. Because seriously, anyone who uses "that's like the 9/11 terrorists!" in an online debate about a completely unrelated subject should automatically lose.
You have to love, as usual, a few idiots are sitting here insult everyone in their juvenile way. Get a life dinger...
Gee, now I know why I don't attend the "big time" sports. When a sport reaches the point you can't cheer a good play regardless of who makes it, it's time to walk away.
And I like a good prank...
What makes this "clever" and "brilliant," anyway? Instant messaging under false colors is a well-known social engineering technique, frequently referenced in popular culture. (Maybe they got the idea from the comic book issue where Beast gives out seekrit X-Men type information to a girl he meets online, who turns out to be The Blob.) Using it to harrass an athlete isn't exactly on a par with discovering the double helix. I guess it's more original than stealing the other team's mascot the night before the big game, but still, anyone could have thought of this -- most people just wouldn't have gone through with it.
Sure it's funny, in the way that getting one over on someone is usually funny. But these hoaxsters don't deserve to be treated like geniuses for an exploit that's really just kind of sordid.
I got a good chuckle from this but man the maturity of college students seems to be way down from when I went. While there are good posts people like "bruin4ever" and "Ray" put me to shame.
"gasp....an ignorance of basketball reality in the pac-10?? What greater sin could there be???"
I can think of one, Mark. Being completely bereft of any sense of humor like you, and seeing this not as a classic college prank, but as some "gross invasion of privacy." Ask yourself how "Victoria" got a hold of Pruitt's IM in the first place.
Oh and Ted Lemon, your attempt to parallel this incident with 9/11 makes you an instant candidate for idiot-of-the-month.
This is amazing. Terrific idea and execution. Those of you who think it's morally reprehensible do not watch college sports or understand the nature of student sections. I hear people in my own threatening to kill opposing players and chanting "the ref beats his wife." I find those to be extremely low class. This, however, is completely fine. The player set himself up for this and volunteered all information an anonymous online person. Isn't that what you're supposed to warn children against? If it happens to an adult, well, he reaps the consequences of his own carelessness. And those consequences were very mild.
As someone who's been working with schoolkids on the issue of bullying for several years, I have found many of the responses to this incident disheartening.
The people who are saying, "lighten up", or "it was just a joke", or, "it's no big deal" sound an awful lot like the same people who say, "they're just kids, how bad can it be?" or, "boys will be boys". It's an example of the perpetuation of hostile and harassing behavior in our culture that often starts in grade school and continues all the way through life.
Bullying ought not to be permitted, at any level, in any form, by any school. The kids who thought this up ought to have known better - "it's only a game" is no excuse - and I hope that they are punished swiftly and surely in order to teach them a lesson that their parents were obviously unable or unwilling to.
Now, the really funny thing would be if "Victoria" could convince him that some unscrupulous Cal fan had hacked her computer and stole her IM info, but hey she still wants to meet up. ;)
Oh wait, better not....I forgot that playing a joke on someone is MORALLY WRONG (capitalization to emphasize the fiery hell awaiting all those whose idea of humor encompasses something other than "Everybody Love Raymond").
Rather than yell and scream at the people who perpetrated the prank, and heap all the blame on them, let's think about this situation for a second. In order for this to be a successful prank, hack, whatever, they had to get something embarassing from the player. Let's think about the situation he's in. He gets an unsolicited message from someone he doesn't know, with little or no way of authenticating that person's identity. Sound familiar in the internet world? Spam, maybe? If he had guarded himself, and acted in an upright, morally defensible manner, then what could the opposing team have used to embarrass him? Instead, he let down his guard, and got suckered. Luckily for him, is was just a prank. Next time, it might be identity theives, contacting you through email. This sort of thing goes on every single day, between hundreds of people, sometimes with more grievous consequences, and sometimes with no consequences at all, for either party.
As for the discussion of sportsmanship, I'm sure a read through the transcript of the IMs would reveal some things that may not quite meet the expectations one should hold for an athlete at that level. And if that happened off court, and it's none of anybody's buisness, then why is any of this anyone's buisness?
Don't be haters all you fit-bodied men. Someone hacked into my IM account. I still want to c u bad!
In my previous rant, take "UCLA" whenever you see it and plug "UCB" in, whatever. I may not be a basketball genius, but you don't need to be a rocket scientist to understand the Art of War.
I wonder... what's going to become of G. Pruitt?
Interesting yet pathetic ploy. Just think: a blog concerning "security" takes part in breaching a student-athlete's privacy.
Unfortunately for Mr. Schneier, it's too bad that the guy in the picture is not Gabe Pruitt, not to say that Pruitt had been playing injured for the majority of the 2005 season. Oh, and the picture shown not only misidentifies him, but it also shows Pruitt SMILING. I love it how the so-called "pranksters" misread immaturity for brilliance.
Totally off-topic, but I'd say the most amazing sports prank I've seen in recent years occurred during the 121st Yale-Harvard football rival game in 2004...apparently, a bunch of Yale students dressed up as members of
the "Harvard Pep Squad," passing out pieces of paper to the Harvard student section.
The Harvard fans were told that the pieces of paper would join together to spell "GO HARVARD." Little did they know, when held up at just the right
moment, the pieces actually spelled "WE SUCK."
Not entirely original, but amazing that the prank actually worked.
hehe, very cool story though!
I've heard about it via a german News-Website. One of the best internetpranks I've ever heard about! I hope his BB-skills won't suffer after this =)
Hahahaha! This sounds like a prank out of a movie. Very nice!
I don't believe this. This is not a science project, nor is this a war manuever. This is an assualt on an individual, something very sinilar to the torture ("abuse") at Abu Ghraib.
Sure, the assualt is mental, not physical. But as has been said by Senator John McCain, who was tortured a s a POW, "If given a choice between mental torture or physical torture, I would choose the physical."
What exactly did this kid do to deserve this? Is he so evil that he deserves to have this act of evil thrown upon him?
Yeah, laugh it up you evil dirtbags. A hearty middle finger to Bruce Schneier for amplifying this poor kid's pain.
This is fucking horrible.
I can't believe that people are idolizing actions equivalent to spammers and bullies. Sports culture is screwing up the "developed" world. So many people who are either unaware of the world around them, or disrespect their fellow humans, because of their obsession with rivalry. Just wrap it up in a "sports" or "entertainment" facade - and you can justify almost any atrocity.
A couple of comments on the comments here:
1) "Privacy" - calling an IM conversation "private" is like calling a conversation in a bar "private". It's not private at all, it's just that the amount of noise in the environment makes it unlikely someone is listening to you.
2) Comparing this to Abu Graib or 9/11 is hyperbole of the worst form; it degrades serious incidents and makes your side look like hysterical fools. However, it IS bullying of the kind that goes on unchecked in our educational system all the time.
3) I can't say as I approve of the tactic, but it really was cunning. Whether it affected the actual outcome of the game or not, it was a cunning idea. However, I'm pretty sure I don't want to know or be associated with the people who tried it - it may be cunning, but it's still nasty.
the comments on here crack me up. all these handwringing censorious moralists coming out of the woodwork with calls for swift punishment, comparisons to abu ghraib and senator mccain's torture, you guys are a hoot. the yoyo from yesterday who didn't know the difference between ucla and uc berkeley came back, calling the latter institution "ucb", duuuude, it's "cal".
the only long-term consequence of this prank i can see is that it may be more difficult for young babes to hook up with college athletes over instant messenger. is that such a bad thing? eagerly awaiting next year's headline "sex-starved trojans choke in westwood" (or tempe, or berkeley, or palo alto...).
i disagree with bruce schneier and the others who think the "victoria effect" lasted the whole game and resulted in "a miserable 3-13 from the field." he was at the free throw line when they sprung it, and the victoria effect lasted for two free throws.....which he missed badly. athletes at this level are highly focused, and trained to blow off distractions quickly. the only consequence for gabe pruitt - it meant he wouldn't be able to drive over to westwood after the game and "get lucky". he was foolish to think he could do that in the first place. this kind of disappointment is a universal experience for young men in college, and college teaches them to react to it, as gabe pruitt did, with equanimity. gabe pruitt is more mature than at least half of you.
"the guy in the picture is not gabe pruitt...the picture shown not only misidentifies him, but it shows pruitt smiling..."
do you see the problem with this statement?
I second the corollary to Godwin's Law. Too bad Lemon Law is already taken.
Psychological warfare has always been a part of sports.
this is funny. and everyone who dislikes it is jealous of the creativity. a smarter player would have figured it was a prank by simply asking to meet "Victoria" before the game.
and a basketball player such as Pruitt should have a girlfriend, right????
Although directed only at the last posting, consider this a reply to all the "harmless fun, get over it" crowd.
"everyone who dislikes it is jealous of the creativity."
Ah, so everyone who doesn't think like you do is driven purely by base motives. And you used telepathy to determine this.
"a smarter player would have figured it was a prank..."
This sounds like a con-man who absolves himself of all responsibility for his crimes by saying "It was their fault for trusting me."
I dislike this "prank" because it is deliberate emotional cruelty, and because we shouldn't *have* to go through life like it is a minefield, where anything bad that happens to us is "our fault" if it wouldn't have happened to a parnoid recluse.
Say what you will about the prank and whether you found it funny or mean, but don't call this guy "stupid". He was manipulated, and lied to, and believed the lie. Any of us could have bought into something like this if it was presented in a way that was believable. It's easy for us in hindsight to call this guy stupid, but why shouldn't he have believed that this woman wanted to get together with him?
u r so hot
u hav such a fit body
i wanna c u so bad
Errr.... I don't get it.
I'm not sports fan. I've been a student at Berkeley for some years, I've never been to a college sporting event. But, I *am* a prank fan.
This prank isn't particularly unethical or mean spirited. Unfortunately, it also isn't very funny.
Let's go over the details: A group of mixed gender college-student sports-fans where able to convince an athlete that they were. . . a female college-student sports-fan. Not exactly an astounding feat of acting.
Then, they *tricked* the athlete into giving out his phone number and saying some slightly dumb sounding things while flirting. Seems to me that requires roughly as much social engineering skill as, say, tricking a door to door salesman into telling you what he does for a living.
Then, they printed those slightly dumb things on paper and told the athlete in a very public way that the person he'd been flirting with wasn't real. As a result, he felt bad.
Not exactly an example of social engineering wizardry or technical acumen, is it?
Where's the punch line? What the hell has the joke got to do with the sport, or the schools involved, or anything else? It doesn't even send up the athlete in any way which is specific to him. (Anyone would have responded in a similar way.) It doesn't show off the prankster's proficiency at anything. All it does is force one dude to change his evening plans, and perhaps sadden him slightly.
The frustrating thing is that they had the perfect setup for an actual prank. The sort of prank which one could recount starting with the lines, "We invented a female fan and got him to give her his personal information" and then goes on for a dozen more paragraphs instead of ending abruptly with "then we told him that it wasn't true and he felt bad."
Convincing a student athlete that you're the head coach from a pro sports team and getting him to pay for his own trip to meet you at a secret training resort in the middle of a desolate swamp would be funny.
Tricking two (straight) student athletes from the same team into flirting with each other by passing their text through a nimble-fingered real time editor, then letting them arrange a meeting with each other after the game with no interference from you would be funny. (Extra points if you can fully automate the bridge.)
Getting lots of personal information about a student athlete and then using it to impersonate him over the course of a year in order to implicate him in a series of ever-escalating, over-the-top embarrassing acts would be funny. (I'm thinking something along the lines of coincident orders for a dozen live chickens and the most outrageous fetish sex toys one can find, ordered on his credit card from his own computer and delievered to his dormatory loading dock.)
Convincing a student athlete that you're an attractive fan and then getting him to do publicly embarrassing things on the field in order to win your affections would be funny.
Convincing a student athlete that you're the girlfriend of one of his teammates and engaging him in a secret, online-only affair behind his buddy's back would be slightly amusing.
Convincing a student athlete that you're an attractive fan and then telling him that you're not really one is just lame.
Chill out, people.
It was a prank. No, it wasn't a brilliant one, and anybody can name some more creative ones. But it was funny in the context of the game, the season, and the history between the two schools.
It wasn't psychological torture. It wasn't the Viet Cong locking up John McCain for five years or England and Graner stacking Muslim men into naked pyramids. It wasn't 9-11.
It was a joke. Even Pruitt's dad thought it was funny (according to the Daily Trojan).
If you didn't like it, forget about it and move on.
actually, no Munpfazy, your ideas are not funny. The prank was funny.
interesting how the people who defend this prank all seem to have the intelligence and eloquence of a monkey on Viagra, and spelling/grammar/writing skills to match.
What the fuck is happening to education in this country?
I wouldn't be too concerned if I was the basketball player. The students at Cal are all liberals, and most of them will be miserable the rest of their lives. At the same time, this basketball player goes to USC, where some of the most beautiful women in the world are. I thiink he'll be the one who ends up happy. While Cal students are trying to figure out what gay thing to protest next, this basketball player will try to decide what beach he will visit that day.
With talent on loan from God.
(yes I said God, I know that offends you Cal students.)
I mean really, Pruitt's got to feel some honor in being chosen as the target for something like this. He was considered important enough to occupy space in the Berzerkley (OK -- "Cal") fans' heads long enough for them to cookup and implement this gem. After all, it *is* just a game -- and *he* gets the story of a lifetime out of it!
Now, as security professionals, it's up to us to take a good, fun-to-tell story, and use it to educate the less-savvy. Right on, Bruce!
"Not a very original or clever prank." poopscooper, youre a moron. it worked. name 2 other stories like this to prove that this isnt "orginal."
"All is fair in love and war."
So why the furor over Abu Ghraib?
Hey Matt Harris,
Nice over-generalization about us Cal students! I am impressed, you nailed us!
Cal student, practicing Catholic, moderate, straight, has never been to a protest, and not leading a miserable life.
Any mention of Sun Tzu's "The Art of War" within a thread regarding college sports shall be immediate cause for the moderator to close comments.
1) For those who don't understand the "engineering" part - it was also getting the crowd in on the prank. If you need more detail than that then I suggest you turn off your computer and go watch more reality TV.
2) I have no sympathy for the player. He should have known the importance of not giving personal information over IM to someone he doesn't really know.
3) I am not a sports fan, but I'm old enough to have heard just as bad pranks done during play-offs over the years - some of them even medically dangerous. Giving out a phone number isn't as bad as some of you seem to think. First off, it's really easy to get a new phone number free of charge when there is evidence of harrassment. Second, I'm willing to bet that most of you haven't even taken the basic steps to cover your own privacy. Try looking yourself up on the Internet. You might be surprised what's there.
A quick test, type your full phone (with dashes) number into Google and see what happens. If you see your name and address, don't panic too much. Click on the link and you can ask Google to suppress your information. Be grateful for that. Not all search engines give you that option so clearly.
...And then you have all the white pages phone sites.
The thing is - there is only ONE person responsible for your personal safety - YOU! That's because even if society could put measures into place to completely protect your security (which would take nothing short of a police/facist state) they can't protect you, if YOU give the information yourself. No one can.
But at least of all the information someone can get on you, your phone number is one of the easiest to change and safest to have shared. It's not like they gave out his Social Security number or something a crook could use. If that was the case, then we all should protest the printing of phone books.
Some people seem to see this in terms of online privacy, but it's just a contemporary spin on traditional pranks. this could just have easily have happened by phone in the 50s or telegram in the thirties.
A bit bitter there, Matt Harris, aren't we?
If some of the most beautiful women in the world attend USC, why would Pruitt try to start a romance with "Victoria"?
As well if i were a USC grad, I wouldn't get into an argument with Cal people about the quality of the lifestyle and environment around campus...
to Harvard Irving,
ask our president?
Hahaha! some of you people are so simple and funny! The joke was rad... and creative (those who say it wasn't, I'd like to hear a better and/or more effective tactic come from you).
Relating it to the 9/11 terrorist attacks... totally genius and relevant and that was definitely the first thing to come to my mind, too!!!!! yeah, right.
Whoever wanted to retaliate with vandalizing their personal property or kicking their asses: wow, you're really educated... obviously.
And it's not poor sportsmanship or whatever, the crowd always yells stuff to distract the other team... it's like in football when the crowd yells and gets too loud for the offense of the opposing team to hear the quarterback's calls. OOO! should we call Bush and say we've got terrorist-like activity going on in Memorial Stadium up at Cal, too? Come on.
Get over it.. it's a game, and rally-comm and the crowd not only did their part to help Cal win the game, but they got people talking about their school. Great publicity. Good job, rally comm, and GO BEARS!
Again, if you think this is bad, you are completely ignorant to the life of a college student. Maybe you should do some research.
"this is funny. and everyone who dislikes it is jealous of the creativity. a smarter player would have figured it was a prank by simply asking to meet "Victoria" before the game."
If you knew anything about college basketball, you would know that teams' traveling schedules are very regimented. From the moment they land, players are expected to focus on the upcoming game. Some don't, surely, but Coach Floyd is very much in control so as to maximize his team's chances going in.
"and a basketball player such as Pruitt should have a girlfriend, right????"
He should? So what if Nick Young and Carol Rodriguez have been an item for over a year? Many of the players do not have girlfriends. And as a matter of fact, particularly after this incident, Gabe and George (his father) both have said that basketball is Gabe's girlfriend.
P.S. The setup happened via Facebook, not Myspace, before users had the choice of blocking their profiles.
Awesome example for social engineering....can't be better than this....
Some time around 1980, USC basketball player Purvis Miller had an incident in the 'SC dorms where he brandished a gun. Everything shook out legally (no one was hurt by the way) and I think Purvis got probation. 'SC being 'SC, Purvis was allowed to play on the team, I think even made a team captain.
When the Toe Jams came to Pauley Pavillion to take on the Bruins, every time he touched the ball we pulled out toy handguns and waved them while shouting "Shoot, Purvis, shoot!"
I'm pretty sure he was a stunned 0 for whatever.
Damn we did things in poor taste then! Can't dream of being allowed to bring in toy handguns today.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.