Saturday, August 11, 2012

Don't wait for the app...IT'S RYAN! [UPDATED]


Well, the promises from the Mitt VP app that we'd "get the exciting news before just about everyone else (except maybe Ann)" are up in smoke.

[Yeah, I'm almost 100% certain this website was fake. But the selection of Paul Ryan as VP was real! Oh well...see updates at the bottom of the post and in the comments section...]

Right now, at (click to enlarge):

It's linked to the Mitt Romney Facebook page, which I had already "liked" (I've blacked out the name of one of my friends for privacy reasons):

And the "3,854,427 others like this" matches up with the number I just saw at Romney's Facebook page (3,852,525) a few minutes later:

The campaign is labeling Romney-Ryan as "America's Comeback Team." I like it.

OK, I'm going to sleep. See y'all in the morning! Also, watch for me on Fox 35 Orlando later in the evening to discuss this pick! Follow me on twitter @rumpfshaker to get the exact time.

UPDATE: Went to make sure this posted on Twitter before I went to bed, and got this ironic ad in my Twitter app:

UPDATE II: Ummm...this might not be legit. Or it might be. The domain name "" was purchased in 2010. Did "Peter Crowley" from Astoria, NY sell it to the Romney campaign? When I click through the site, all the internal links are functioning as expected and the domain name at the top still says "" I'm not a tech guru by any means (there's a reason this website is on Blogger, people!), so if you understand what to look for, post something in the comments, OK?

UPDATE III: Yeah, the more I read about this, the more I think this website isn't legit. See here: Erik Soderstrom | Anybody Can Buy A Domain


  1. I told Sarah some things didn't add up with the site. She asked me to add it as a comment here, so here is what I have discovered about the domain in English as much as I can make it. This is going to be pretty much all first draft off the top of my head, so please bear with me. (This will take multiple comments as there is a 4096 character limit in the comment feature.)

    Computers speak numbers, people speak words. So each site has a numerical address called an IP address for the computers to use. But people don't want to have to remember "," they want to go to So you can register a name for your site, and a set of special computers on the Internet called Domain Name Servers translate the words we use into numbers that computers can use.

    You can do a search called a "whois" search and find out who registered a particular domain name (unless they use a private registrar that registers it for you and passes messages between you and people asking about it while protecting your anonymity.)

  2. I did a whois search on and found the record at which says that the domain was registered in February of 2010 for three years. He also got .net .org .biz .info and .us. It's a form of gambling- You pick a domain that may become valuable, register it, list it for sale with the registrar (GoDaddy in this case) and wait for lightning to strike. If you have the GoDaddy bulk domain purchase package the whole bit will likely cost you about $80 for three years.

    Now, here comes the tricky part. You can point a domain name anywhere. I could register "" and point it to You do not have to have access to the destination site to point a domain name at it. ( likely would not last long for reasons I won't go into.)

    Domain speculator and it appearing to land on the official web site made me think that the domain speculator had pointed the domain name to the official Mitt Romney site. But Sarah pointed out all of the links worked. Not a problem, if you landed on the new site all of the links SHOULD work. But the domain name stayed at "" on the linked pages. That made me think it was legitimate and that they had just not changed the registration yet to hide it.

  3. But wait! Each page displayed "" not Something tricky was afoot. So despite having told Sarah I thought it was probably legit right before she tweeted she was heading to bed, I kept digging. I looked at the source code that is used to generate the web page. (I am not an expert, but I can muddle through reading it most of the time.)

    Now we need to talk about another piece of Internet Magic called "iframes." An iframe is a way of pulling a page or an element of a page from someplace else and displaying it on another page. It is a useful feature. For instance, the comment editor on this page (which I am using right now) exists someplace else on Google, and is pulled in on pages as needed. Instead of ten million copies of the editor and worrying about keeping them all up to date there is one editor and a copy is remotely loaded onto any page that needs it using an iframe.

    The source code for is 18 lines long, including 2 lines to declare the document type and 3 blank lines to separate different parts of the code. To build the page you create a frame with a border 0 pixels wide, and pull in a page from There is also an instruction to make the displayed URL be

  4. So, we now have three possibilities I can think of after tweeting with some other people who are savvy about web stuff:

    1. The Romney campaign bought the domain, but left the registration in the name of the domain speculator to avoid tipping off the press.

    2. The domain speculator decided to turn up the heat on the Romney campaign by pulling in the official Romney site, then saying that he will remove that unless they want to buy it.

    3. The domain speculator is a Romney supporter who has decided to make an "in kind" contribution by pulling in the official site. I hesitate to speculate about campaign finance law on Sarah's site (it seems presumptuous) but I suspect the only part that he would have to report would be the value of one year of the domain registration and hosting. Even if it's 3 years, all of the domains he got and hosting for all of them (plus the time to create the sites) would be considerably less than the individual maximum contribution.

    I apologize for the length, but any shorter and what I wrote would have become complete technobabble.

  5. I have one more update to make: Whether the campaign bought the domain or not, the method used to import content from to, which is called iframes, breaks SSL security. This means the donation page of is insecure, and your personal information, including credit card info, could be stolen.

    I did two blog posts last night. The first is mostly the comments above cleaned up and with links added. The second explains why security is broken at

    For now you should donate at, NOT at

  6. One more update- The site no longer points to Some time on Sunday the domain name was pointed to a service that does domain parking. Domain parking services point a domain to an automatically generated page full of ads, usually a search bar, and a note somewhere saying either the domain is parked for now, or saying it is for sale. The domain parking page for currently says the domain is for sale.

    Exactly when it happened on Sunday isn't clear as the DNS record shows a date, not a time for the change. (It gets worse. Once you change the master record it has to spread from one name server to another. Depending on factors I won't go in to this can take as much as 8 hours for the entire US and 24 hours to spread around the whole world.) is still in the hands of the apparent domain speculator according to the registration information. I don't see any evidence at this time that tells me exactly what motivated this change, but for now the danger of credit card fraud an identity theft has been eliminated.

    One last thing: I see no evidence that the apparent domain speculator ever intended to commit either credit card fraud or identity theft. Domain speculation is more akin to buying a lottery ticket. Back in 2010 he bought a winning ticket that is potentially quite valuable in the form of the domain name. This is honest speculation, he put his own money at risk. He bought several other domains at the same time that are now worthless. They were losing lottery tickets. He now stands to potentially make some money in a legal way.

    The danger came from the method used to display the content taken from the site on the site. The method broke the security built into the site. This meant that someone intercepting the data from that site could read all of your personal information. Since campaign finance law requires you supply more detailed information than you would when making a retail purchase the risk of identity theft is larger.


Creative Commons License

Creative Commons License
Permissions beyond the scope of this license are available here.