Karadzic's Website Dragan Dabic a Hoax

Cryptome DVDs are offered by Cryptome. Donate $25 for two DVDs of the Cryptome 12-years collection of 46,000 files from June 1996 to June 2008 (~6.7 GB). Click Paypal or mail check/MO made out to John Young, 251 West 89th Street, New York, NY 10024. The collection includes all files of cryptome.org, jya.com, cartome.org, eyeball-series.org and iraq-kill-maim.org, and 23,000 pages of counter-intelligence dossiers declassified by the US Army Information and Security Command, dating from 1945 to 1985.The DVDs will be sent anywhere worldwide without extra cost.

Also: http://blog.wired.com/sterling/2008/07/the-website-of.html

25 July 2008

A sends:

I would like to add one thing to keep the record clean.

In reference to Byfield on 24 July 2008 I think what really is missing is 
proving the story with pictures and concrete timeline. Secondly, he doesn't 
take into consideration that pictures can be created as copies of pictures 
on the one hand and stills of video streams at the other hand.

24 July 2008

Date: Thu, 24 Jul 2008 16:49:29 -0400
From: t byfield <tbyfield[at]panix.com>
To: Nettime-l <nettime-l[at]kein.org>
Subject: Re: <nettime> Karadzic's website digest [x3: Spaink, Wilson, Young]

It's good to see the diligence that's gone into 'debunking' the Dabic site,
but it isn't clear why anyone would assume the site was "real" -- or what
that would mean. That the HTML was hand-tweaked by a war criminal? Exciting
maybe, but sort of beside the point.

Anyone who grabbed (or wants to grab) the .zip archive I posted will find
an extra file that wasn't in the website's file structure -- a text file of
whois output for the domain. Since all the registration data is anonymized,
the record is interesting for one, and only one, thing: the registration
date. There's a reason I included it, and there's a reason (several,
actually) that I didn't advertise my skepticism about the site -- beyond
noting that archive.org had never heard of it. 

It's unfortunately that subsequent ~discussion got sucked directly into a
real!/fake! dichotomy, which isn't very well suited to navigating the
wilderness of mirrors that is Serbian politics -- especially in the context
of a public charade like the government trading the declining utility of a
war criminal for the inclining utility of EU membership.

OK, let's go through this. The question isn't whether the site is a hoax --
of course it is -- but, rather *whose* hoax?

The chronology so satisfying (I guess) to debunkers has to go something
like this: after the arrest, some wag on the internet (1) registered the
.com domain for his pseudonym, (2) hunted down remarkably high-res candid
snapshots of an obscure Serbian new ager, (3) copied facts and/or text
about him from sites that don't actually mention him (and hadn't yet been
reported), (4) translated them in order to make the site seem more
'credible,' and (5) sorted out hosting details etc. And all of this went so
quickly that the DNS entry for the brand-new domain propagated in time for
the site to make it into the next news cycle around the world.

The droll facts (domain registration, hosting) are hardly in dispute, but
the interesting issues get paved over in the zeal to show that someone's
been duped. Where did the images and bio factoids come from? The debunkers
assume (I guess) that the Dabic site laundered images available elsewhere,
but the chronology makes much more sense if you assume the opposite -- that
the media laundered images first distributed through the Dabic site. 

I did quite a bit of searching and certainly saw some of these images on
the Dabic site first; only later did they appear in mainstram outlets with
the laughable credits to "AP" and "AFP/Getty Images." 

(Hey, and where did AFP get this one?

http://www.thisislondon.co.uk/news/article-23519567-details/Beast+of+Bosnia%27s
+secret+life+revealed:+Karadzic+had+a+mistress+and+drank+red+wine+in+The+Madhouse+bar/article.do 

It's in a series with one of the photos on the Dabic site, but aside from
that its provenance is unknown.)

It's good to be leery of post hoc ergo propter hoc arguments, but I'd be
equally leery -- moreso, even -- of assuming that the Serbian government
completely overlooked how to spin Karadzic's arrest. By which I mean: how
to establish a seemingly credible story. It's one thing to merely say that
he was hiding in plain sight, but how much more effective to *show* it:

here's his website (two, actually, the "fake" one and the "real" one --
says who? AP! -- registered just a few months before), here's a parade of
people duly swearing that if they passed him on the street they'd have NO
IDEA who he was, here's the bar where -- it's strongly suggested -- that 
everyone had a very good idea who he was, etc, etc. 

The official story is awfully hard to swallow: one of the most recognizable
people in the region grows a beard and kooky haircut, and suddenly no one
-- not even the his far-rightist neighbors -- recognizes him: not his
voice, not his mannerisms, not his posture. Pick your favorite political
bogey (Bush or Cheney in the US, for example): a beard would totally throw
you, right? 

When reports surfaced that foreign intelligence agencies (US and UK at
least) were involved in tracking Karadzic down, the Serbian authorities --
which had insisted for years they had no idea where he was -- were quick to
retort that they hadn't needed any help because "his whereabouts have been
known for some time." No doubt. His arrest has been in the works for a long
time now, and, like his hiding, many aspects of it were a hoax. 

DNS doesn't lie, but nor does it exactly tell the truth.

Cheers,
T
-- 

http://b1ff.org

#  distributed via <nettime>: no commercial use without permission
#  <nettime>  is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: http://mail.kein.org/mailman/listinfo/nettime-l
#  archive: http://www.nettime.org contact: nettime[at]kein.org

To: nettime-l[at]kein.org
From: Tjebbe van Tijen <tjebbe[at]imaginarymuseum.org>
Date: Thu, 24 Jul 2008 00:32:16 +0200
Subject: <nettime> visual comment/associations: arrest of Karadicz & the
	beard of Saddam

last resort for a haunted man is to hide behind his beard covering a  
face that became a public icon ~ once his zeal is betrayed and his  
cover is torn, it still will take generations before his defaced idol  
has vanished from all shrines

http://imaginarymuseum.org/karadzic/karadzic_hussein.html

to ridicule and make laughing stock out of a former ennemy is missing  
the opportunity to come to an understanding WHY it was that such a  
man could hold such power ~ it is failing to learn a lesson how to  
prevent it happeming again and again

Tjebbe van Tijen
Imaginary Museum Projects
Dramatizing Historical Information

http://imaginarymuseum.org

A sends:

Regarding the supposed "real" Dr. Dragan web site:

http://paranoia.no/blog/2008/07/24/real-dr-dragan-website-emerges

I don't understand the language from the site, but it's obvious that a strong conflict of
interest is present and that there are individuals or groups from various factions trying to manipulate
public perception of the, until now, secret life of Radovan Karadzic

24 July 2008

From Alan Turnbull, www.secret-bases.co.uk

One of the images on the fake www.dragandabic.com was lifted from here:-

http://www.sombor-cancer.org.yu

More specifically, this page:-

http://www.sombor-cancer.org.yu/HTML/Zdrav_zivot.html

http://www.sombor-cancer.org.yu/IMAGES/ZdravZivot%201.JPG

24 July 2008

Update from Alan Turnbull, www.secret-bases.co.uk

Real Karadzic website is:-

www.psy-help-energy.com

But curiously ... still only registered in May 2008

Website designer (and registrant listed below) is Zoran Pavlovic who has been interviewed on BBC News

Registrant:

PAVLOVIC CONSULTING
Prvomajska 46, mml
Beograd, NA 11050
RS

Domain name: PSY-HELP-ENERGY.COM

Administrative Contact:
Pavlovic, Zoran
Prvomajska 46, mml
Beograd, NA 11050
RS
++38162241310

Technical Contact:
Pavlovic, Zoran
Prvomajska 46, mml
Beograd, NA 11050
RS
++38162241310

Registration Service Provider:
Ecommerce, Inc.,
800-861-9394

Registrar of Record: TUCOWS, INC.
Record last updated on 22-May-2008.
Record expires on 22-May-2009.
Record created on 22-May-2008.

Domain servers in listed order:
ns14.ixwebhosting.com
ns13.ixwebhosting.com

23 July 2008

Errrr .... am I missing some "in-joke" here?

Take a look at the domain reg details:-

http://www.robtex.com/dns/dragandabic.com/whois.html

Registered 22nd July 2008 .. at 13.25 UTC judging by the expiration time.

No wonder it can't be found on Archive.org!!

Feel free to credit me on site!

Alan Turnbull

www.secret-bases.co.uk

A sends 23 July 2008:

Regarding the supposed dragan website, is it really a coincidence that it
expires 22.09.2009 - was it registered yesterday for 1 year?

A quick inspection of the HTTP headers show us that my request for his face:

GET http://dragandabic.com/dragan-dabic.jpg HTTP/1.1

Host: dragandabic.com
User-Agent: Mozilla/5.0
Accept: image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Charset:utf-8
Keep-Alive: 300
Proxy-Connection: keep-alive
Referer: http://paranoia.no/

Gives this response:

HTTP/1.1 200 OK
Date: Wed, 23 Jul 2008 22:20:11 GMT
Server: Apache/2.0.61 (Unix) PHP/4.4.7 mod_ssl/2.0.61 OpenSSL/0.9.7e
mod_fastcgi/2.4.2 DAV/2 SVN/1.4.2
Last-Modified: Tue, 22 Jul 2008 13:49:36 GMT
ETag: "2c68807-3ed2-18303c00"
Accept-Ranges: bytes
Content-Length: 16082
Content-Type: image/jpeg

Last-Modified being the timestamp from the file on the server.

And that it's registered to an obvious front for what looks like a registrar service, 
but whoss webpages are all full of google ads for other registrars?

Domain name: dragandabic.com

Registrant Contact:
    Whois Privacy Protection Service, Inc.
    Whois Agent

    PMB 368, 14150 NE 20th St - F1
    C/O dragandabic.com
    Bellevue, WA 98007
    US

Administrative Contact:
    Whois Privacy Protection Service, Inc.
    Whois Agent (mkhsbymxd@whoisprivacyprotect.com)
    +1.4252740657
    Fax: +1.4256960234
    PMB 368, 14150 NE 20th St - F1
    C/O dragandabic.com
    Bellevue, WA 98007
    US

Technical Contact:
    Whois Privacy Protection Service, Inc.
    Whois Agent (mkhsbymxd@whoisprivacyprotect.com)
    +1.4252740657
    Fax: +1.4256960234
    PMB 368, 14150 NE 20th St - F1
    C/O dragandabic.com
    Bellevue, WA 98007
    US

Status: Locked

Name Servers:
    ns1.dreamhost.com
    ns2.dreamhost.com
    ns3.dreamhost.com

Creation date:
Expiration date: 22 Jul 2009 13:25:00

..

$ host -t mx whoisprivacyprotect.com
whoisprivacyprotect.com mail is handled by 5 eforwardct.name-services.com.
whoisprivacyprotect.com mail is handled by 10 eforward3.name-services.com.

The web pages of name-services.com contains the same google ads farm as whoisprivacyprotect.com

$ host eforwardct.name-services.com
eforwardct.name-services.com has address 216.163.188.58

$ whois 216.163.188.58

OrgName:    Commtouch Software Inc.
OrgID:      COMMTO
Address:    2029 Stierlin Court
City:       Mountain View
StateProv:  CA
PostalCode: 94303
Country:    US

NetRange:   216.163.176.0 - 216.163.191.255
CIDR:       216.163.176.0/20
NetName:    COMMTOUCH-INC
NetHandle:  NET-216-163-176-0-1
Parent:     NET-216-0-0-0-0
NetType:    Direct Assignment
NameServer: NS1.CTMAIL.COM
NameServer: NS2.CTMAIL.COM
Comment:
RegDate:    1999-09-01
Updated:    2002-03-25

and as a final correlation for the theory of the whole thing being put
together yesterday:

$ host -t soa dragandabic.com
dragandabic.com has SOA record ns1.dreamhost.com. hostmaster.dreamhost.com.
2008072202 16220 1800 1814400 14400

That's when dreamhost last edited the dns zone, 2008 07 22. And it was
modified twice before on that day too - hence the "02" at the end, instead of
"00" which would be the first edit of the day.


A blatant hoax and nothing else.