Tuesday, September 15, 2009

USCF Expert Report

I mentioned at one point, USCF should get it's own expert to independently confirm Mottershead's report. Thankfully, they did so. (I'm sure they didn't need me to come up with the idea.) The expert went well beyond Mottershead's work. Brian Lafferty just posted the Executive Summary portion of the expert's report. Of particular interest, is the following passage:

At least 100 unauthorized access attempts to Mr. Hough's email account, some or all of which were apparently successful, including those related to the two specific emails identified above, came from IP addresses that:

(1) were used in comparable time frames to post to the USCF online forum under Alexander's user name, and/or
(2) were used in comparable time frames to post to the usenet forums under Alexander's identity, and/or
(3) were used from an Anonymizer account that identified Alexander as the account holder and that was used from IP addresses (a) assigned to Alexander by Comcast, (b) used to make postings to the USCF online forum from Alexander's USCF account, and/or (c) used to make newsgroup postings under Alexander's identity.

Ouch. That's going to leave a mark!

The report also gives opinions that many of the FSS postings can be linked to Truong:

*I found that the Internet Protocol (IP) addresses recorded as the sources of identified FSS postings were used at the times of those postings by a user logged in as "chessspammer@netzero.net", whose registration data indicated Truong and whose account was paid for over the period in question by Polgar. The terms of service indicate that Truong is responsible, and the same IP addresses and account were used for other business purposes by Polgar and Truong, including a posting to RGCP by Truong under his own name and from his user account at America Online.

*Within 64 out of the more than 200,000 postings to RGCP and RGCM, I found sequences regularly and contemporaneously recorded by servers not in the control or custody of parties to this case that normally record characteristics of computers used to make postings. These sequences were common only to one posting made by Truong from his AOL account and 63 postings identified as part of the FSS postings. This header is consistent with a computer using a Mozilla version 4.0 Web browser on a computer with a Windows NT 6.0 operating system, using AOL 9.0, Microsoft Internet Explorer version 7.0, and with several other specific versions of specific software packages present, and that were only recorded for Truong's posting and FSS postings. This same information was indicated in 80 records of postings made by Truong's identity at the
USCF online forum.

*I found that the same IP addresses recorded as the sources for FSS postings contemporaneously and independently by Web servers not under the control or in the possession of parties to this case, were also recorded in the USCF records, indicating that those same IP addresses were used in postings to the USCF internal forums under the identity used by Truong.

*I found that 9 different "posting account" identifiers were used in the postings identified with FSS. These identifiers are apparently used to indicate a particular login credential, and are recorded by systems not under the control or in the possession of parties to this action. All except one of these posting accounts were used exclusively for postings identified as FSS postings, the same IP addresses used for posting under three of these accounts was also used by Truong for postings from his AOL account, and they were all used from IP addresses also used by Truong's identity at the USCF site contemporaneously.

Finally, the expert gives the opinion that GM Polgar had possession of several of the stolen emails before they were published on the net, which is consistent with Bill Hall's remarks at the end of the litigation forum this August.

*After the time at which the emails in question existed, and before they were otherwise publicly released, Alexander, who worked for Polgar on a voluntary basis and operated her Web site, appears to have accessed an email account containing those emails.

*Those emails or portions quoted therefrom were subsequently released to parties not authorized to have them, via emails sent from Susan Polgar's email account, and she has not disputed having sent those emails.

Lafferty reports that the full report will be available for download. No word on what experts, if any, were designated by Ms. Polgar

Update: The full report can be downloaded here. Polgar did miss her deadline to disclose experts in the Texas action. Since her primary claim in the Texas action was that the Mottershead report defamed her, she will be completely unable to prove that allegation. (Although given that the Mottershead report barely mentioned GM Polgar, that dog wasn't going to hunt anyway.)


  1. This report is devastating to Polgar's case. Since she has not designated any experts and the deadline to do so has expired, this report will be the sole expert testimony before the court. It will be well nigh impossible for the court to conclude anything other than that Polgar worked with Alexander to purloin and leak the emails/reports onto uscf-said.blogspot.com, then she proceeded to file a lawsuit against USCF and various individuals on the basis of the leaks. My guess is that the very best possible outcome for her would be the dismissal of her lawsuits at no further expense to her. And worse outcomes may await her, although I have no idea how a judge might assess legal expenses, etc.

    All that said, I'm not very happy with the outcome, in that I do respect Susan and Paul's work with juniors and Texas Tech, and wish them the very best in their continuing endeavors in those realms.

  2. The tragedy of the whole mess is that is so completely unnecessary. Truong did not need to pull his alleged FSS stunts in order for his wife to be successful.

    There was also the opportunity for Truong to quietly resign before the Mottershead report was made public.

    And at what point in time did hacking Randy Hough's email seem like a good idea?

    GM Polgar didn't have to publicly chain herself to her husband's sinking ship in Dallas, or file this Lubbock lawsuit that is doing nothing but harm to anyone it touches.

    The time, work, talent and money spent on this litigation could have been so much use.

  3. Two points:
    1) Any expert has to have access to the data in order to render a valid opinion. The USCF denied SP access to the USCF's data. This rendered any question of her having an expert moot.

    For example, I may be a tax expert, but dear reader, how can I render any opinion at all on your tax liability if I am not allowed to know what your income or expenditures are?

    This verbiage about Susan missing an opportunity to put in her own expert's report is disingenious at best.

    2) What are the credentials of this "expert"? I seem to recall this name cropping up when this "expert" complained that Gregory called him up and asked this question. (I may be mistaken; so much has happened with this story.) You can be sure that if there are any credentials problems, this will come up in court. If you were a lawyer faced with a witness presented as an "expert" that lacked the credentials, failure to bring this out would practically amount to malpractice, wouldn't it?

  4. Hi Jack,

    It's always good to see you active and engaged! Much appreciate your blog...

    As for your points:

    1. There may have been a time when the USCF denied Susan access to the data. Once litigation commenced, though, the data became available through the discovery process. All Susan's lawyer had to do was ask for access, and it's inconceivable that the trial court would have denied access. One of the fundamental tenets of expert testimony is that the data available to one side's experts are automatically available to the other's.

    2. While Dr. Frederick Cohen may have a thin skin with regard to unsolicited telephone conversations, he also has impeccable credentials. Earned a Ph.D. in Electrical Engineering from USC, has published 200 articles on information security, has written several books on information security, is a member of the editorial board of professional publications that deal with information security--and the list goes on and on and on and on. If you want more detail, Dr. Cohen included a 6 paragraph summary of his CV in the full; Wick posted the link above.

  5. Hi Jack:

    I'm sorry Jack, but your statement "The USCF denied SP access to the USCF's data. This rendered any question of her having an expert moot." is no longer a valid criticism. It was a legitimate criticism of the Mottershead report, but that criticism is no longer valid. Several reasons:

    1. As Mr. Falter correctly notes, Polgar has had access to subpoena power to compel access to the data at issue.

    2. More importantly, data to which Ms. Polgar was the USCF forum data which linked certain IP addresses to Paul Truong's ChessPromotion account. If you read Dr. Cohen's report, he has been able to establish, FROM SOURCES NOT UNDER USCF CONTROL, that the IP addresses were, in fact, linked to Paul Truong's NetZero and AOL accounts. In short, the work of Dr. Cohen is not dependent on the USCF data. The data Dr. Cohen relied upon was equally available to either side. (He did cross check the Mottershead data, and found it consistent with the data from the ISPs.)

    BTW, Dr. Cohen was not identified as being associated with the case before last week. The person Gregory called was either Jones or Ulevitch, who issued reports earlier.