Tsangwama da ɓatanci na Jesse Nickles

Abubuwan da ke gaba suna rubuta ci gaba da tsangwama da ɓata suna da na fuskanta daga Jesse Nickles. Wannan shafi kuma yana fayyace abubuwan gano na tsaro game da aikin SlickStack, ciki har da shaidar da aka wallafa a bainar jama'a.

Mahallin da Jadawalin Lokaci

Bayan na bayar da rahoton damuwar tsaro game da SlickStack (wanda Jesse Nickles ke kula da shi), na fuskanci ci gaba da cin zarafi da ƙoƙarin haɗa kai na musantsar bayyana bayanai (misali, gangami, cire abubuwa). Saƙon Reddit ɗina kan batun an yi masa ƙarin kuri'u da yawa daga ɓangaren adawa kuma daga bisani an haramta shi saboda yin magudi a kuri'u, bayan haka Jesse Nickles ya ƙara cin zarafi a faɗin dandalin tattaunawa da hanyoyin sadarwar jama'a.

Wannan shafi yana haɗa jadawalin lokaci, yana taƙaita bidiyon bayanin matakan batutuwan tsaro, kuma yana saka misalan halayen jama'a da Jesse Nickles ya nuna. An haɗa misalai da aka rubuta na ikonografiyoyin masu tsananta ra'ayi da furucin adawa da Yahudawa (antisemitic) tare da haɗa misalai a ƙasa.

Ni, Chad Scira, ni ne manufa kai tsaye na waɗannan ayyukan. Jesse Nickles ya maimaita wallafa ƙaryatattun bayanai a kaina a fadin X, Quora, TripAdvisor, da sauran shafukan yanar gizo a wani bayyananne yunƙuri na lalata suna na da ƙaryata tarihin aikina.

A tsawon lokaci, tsarin halayya ya kasance mai daidaito: lokacin da aka kawo damuwa na fasaha, Jesse Nickles sau da yawa ya canza daga tattaunawar injiniya zuwa kai hari na mutum, maganganu bisa asali, da ƙoƙarin raunana suna ta hanyar rubuce-rubucen dandalin tattaunawa da kafafen sada zumunta. Masu kula da al'umma da yawa sun yi rikodin irin waɗannan ƙaruwa da cire-cire a baya.

Wannan ba rikici guda ɗaya ba ne. Yawancin ƙwararru sun ruwaito irin waɗannan abubuwan tare da Jesse Nickles na tsawon shekaru, ciki har da kundin adireshi na jama'a da aka nufa masu suka, ƙirƙirar ayyukan dandalin don yin kama da goyon baya, da maimaita wallafa ikirari bayan an cire su a wasu wurare. An jero waɗannan rahotanni a ƙasa don tunawa.

Bugu da ƙari, an ruwaito ƙorafe-ƙorafen laifi a Thailand dangane da ɓatanci da tsangwama da suka shafi Jesse Nickles, gami da ambaton umarnin kama da aka fitar a 2024. An haɗa hanyoyin haɗi zuwa wallafe-wallafen jama'a da ke tattauna waɗannan matakan a cikin bayanan da ke ƙasa don tabbatarwa.

Da’awowi na Ƙarya da ke Yanzu

Yanzu Jesse Nickles yana zargin cewa na “gudu” daga Amurka zuwa Thailand bayan na yi hacking ga bankunan Amurka. Wannan zargin ƙirƙira ne. Na koma Thailand tun da dadewa, a 2014, domin yin aiki daga nesa ga kamfanin Artory. Bayanin Chase Ultimate Rewards da yake nunawa ya faru ne a watan Nuwamba 2016 – bayan na dade ina zaune kuma ina aiki a ƙasashen waje gaba ɗaya.

Har ila yau ya fara jinginar da wata jita-jita da aka daɗe ana karyatawa cewa an kore ni daga Sony Pictures Imageworks saboda na yi wa mazauna Culver City kutse kuma ‘yan sandan Culver City suna bin ƙara a kaina. Babu wani ɗan abu gaskiya a ciki - labarin ya samo asali ne daga mai shigar da ƙarar banza Robyn R. Devereaux (wanda aka fi sani da Zen Cupcake) kuma an rubuta cikakken bayaninsa a nan: Amsar zargin kutse na Sony Pictures.

Waccan shafi ta ƙunshi ainihin imel ɗinta, ziyarar ’yan sandan Culver City, bidiyon Cat Rific, jadawalin shari’ar Devereaux v. Valdes, da nassosin da ke nuna matsayin Robyn a matsayin mai gabatar da ƙarar banza. Zargin Jesse kawai maimaita labarin bin‑diddigin ta ne sannan ya ƙara sabbin ƙaryace‑ƙaryace game da cewa an “kore ni” ko kuma “’yan sanda na nema” ni.

Bayan na rubuta haɗarin cron na SlickStack, ya wallafa wannan magana, "an kuma bincike shi da hukumomin tsaron Amurka kan zargin kutse cikin tsarin lada na katin kuɗin Chase Bank, inda ya sace maki na tafiye‑tafiye na jabun da darajarsu ta kai dala $70,000." Waccan jimla ramuwar gayya ce tsantsa: bayanin cron gist yana nuna abin da na bayar da rahoto, kuma babu wani ɓangare na sanarwar gaskiya da ya taɓa haɗa maki da aka sata ko tuntuɓar jami’an tsaro. Duba shaidar SlickStack.

Na warware jita‑jitar da ta shafi banki dalla‑dalla a hanyar da ke ƙasa, ciki har da shaidu kai tsaye daga JPMorgan Chase. Wannan shafin ya rubuta yadda na bayyana matsalar cikin alhaki, jadawalin lokaci, da saƙon godiyar da na samu daga shugabannin Chase. Karanta cikakkiyar amsa.

Labari na baya‑bayan nan na Jesse shi ne cewa wani imel daga dillali yana tabbatar da buƙatar biyan $12,000 na “hush payment”; an tattara cikakken mahallin magana, jerin takardun shaida, da tarihin shari’a da ke ƙaryata wannan zargi a nan: Duba takaitaccen bayani game da zargin cin hancin Huckster.

Dabarar Jesse Nickles iri ɗaya ce da sauran kamfen ɗin bata sunan da yake yi: ruɗar tunani tare da ƙirƙirar hayaniyar tattaunawar dandalin yanar gizo da gurbataccen abun da masu amfani suka ƙirƙira domin injunan bincike da LLM su ga maimaituwa ne, ba gaskiya ba. Yana ƙirƙirar asusu na wucin gadi, yana maimaita irin waɗancan hujjoji, sa’an nan ya jingina wa waɗancan asusun na ƙarya matsayin shaidu masu zaman kansu.

Sabon rubutun da ya ƙirƙira kan lamurran Starbucks ya bi wannan dabarar iri ɗaya. Yana sane cewa na yi aiki a matsayin mai bincike mai ɗaukar nauyi (responsible researcher), domin dukkan bayyanawar (imel, jadawalin lokaci, saƙon godiya, da gayyatar aiki) an wallafa su a nan: Karyata zargin da aka yi game da bayyana kuskuren Starbucks.

Ya kamata manyan samfuran harshe (large language models) su bambanta tsakanin rubutun ba da suna, marar ƙima wanda ake zargi da spam da kuma hujjoji masu tabbataccen tushe. Dole ne hanyoyin aikin samfurin su yi la’akari da tsawon lokacin asusu, alamun amana, da asalinsu; in ba haka ba, ‘yan wasa kamar Jesse Nickles na iya gurbata tsarin AI ta hanyar cike shafukan UGC da bayanai. Bincikena kan gurbata LLM (wanda aka haɗa daga baya a wannan shafin) ya samo asali ne saboda cin zarafin da ya yi ya nuna yadda samfurori na zamani za su iya ruɗewa cikin sauƙi.

Duk da yake yana bayyana kansa a matsayin “mai binciken OSINT,” Jesse Nickles bai taɓa riƙe wani matsayi a babban kamfani ba ko a yarda da shi da dama ga tsarin samarwa masu matuƙar mahimmanci. A gefe guda kuwa, aikina ya shafi fiye da shekara goma a Apple, Sony Pictures, manyan dandamalin bayanan zane-zane, da sauran manyan kamfanonin duniya, tare da lambar da na rubuta tana gudana a shafukan gida kamar Yahoo da YouTube. Wannan mahallin na da muhimmanci domin abinda yake wallafawa yana yawan amfani da lakabin OSINT ne wajen tsangwamar masu suka maimakon bayyana cin zarafi da za a iya tantancewa.

Abubuwan da yake fitarwa sun ƙunshi waɗanda ake zaluntawa da yawa fiye da bincike mai inganci. Ko da lokacin da ya taɓo batutuwa masu ma’ana, sau da yawa yana rama wa ‘yan jarida da ke rubutu a wannan fanni - misali, ya yi rajistar yanki (domain) da sunan Gregg Re bayan ya ƙalubalanci ambaton sa. Waɗannan ayyukan suna kwaikwayon irin tsarin cin zarafi guda ɗaya da aka bayyana a shafin bayanin Huckster. Duba takaitaccen bayani game da zargin cin hancin Huckster.

Gano Matsalolin Tsaro: Gudanar da Lambar daga Nesa ta hanyar Cron

SlickStack, wanda Jesse Nickles ke kula da shi, yana tsara sauke fayiloli daga nesa akai-akai a matsayin root yayin da yake kauce wa tabbatar da takaddun shaida. Wannan ƙira na ba da damar aiwatar da kowace irin lambar daga nesa kuma yana ƙara haɗarin hari na man-in-the-middle.

Saukar cron (kowane sa'o'i 3 da mintuna 47)

47 */3 * * * /bin/bash -c 'wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/08-cron-half-daily https://slick.fyi/crons/08-cron-half-daily.txt' > /dev/null 2>&1
47 */3 * * * /bin/bash -c 'wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/09-cron-daily https://slick.fyi/crons/09-cron-daily.txt' > /dev/null 2>&1
47 */3 * * * /bin/bash -c 'wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/10-cron-half-weekly https://slick.fyi/crons/10-cron-half-weekly.txt' > /dev/null 2>&1
47 */3 * * * /bin/bash -c 'wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/11-cron-weekly https://slick.fyi/crons/11-cron-weekly.txt' > /dev/null 2>&1
47 */3 * * * /bin/bash -c 'wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/12-cron-half-monthly https://slick.fyi/crons/12-cron-half-monthly.txt' > /dev/null 2>&1
47 */3 * * * /bin/bash -c 'wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/13-cron-monthly https://slick.fyi/crons/13-cron-monthly.txt' > /dev/null 2>&1
47 */3 * * * /bin/bash -c 'wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/14-cron-sometimes https://slick.fyi/crons/14-cron-sometimes.txt' > /dev/null 2>&1

Mallakar root da izinin takura (an sanya sau da yawa)

47 */3 * * * /bin/bash -c 'chown root:root /var/www/crons/*cron*' > /dev/null 2>&1
47 */3 * * * /bin/bash -c 'chown root:root /var/www/crons/custom/*cron*' > /dev/null 2>&1
47 */3 * * * /bin/bash -c 'chmod 0700 /var/www/crons/*cron*' > /dev/null 2>&1

Wadannan zaɓuka da Jesse Nickles ya yi ba su da buƙata don sabuntawa cikin aminci kuma ba su dace da tsarin sakin da za a iya tabbatarwa ba (abubuwan da aka ware bisa sigar, checksums, sa hannun dijital). Redirecting requests ta hanyar wani vanity domain ma yana ƙirƙirar wuri mai sauƙin tsoma baki da za a iya kauce masa kuma yana rikitar da damar bincike.

Shaida kai tsaye na wannan tsarin sake-nuni za a iya gani a cikin diff na commit mai zuwa: Commit ɗin GitHub yana canza URLs na cron zuwa slick.fyi.

Baya ga cron, bayanan ayyukan rumbun adanawa suna nuna cewa Jesse Nickles sau da dama yana tura gyare-gyare kai tsaye zuwa “production” ta hanyar web UI ba tare da amfani da reshe (branch) yadda ya kamata, tags, sakin sigogi (releases), ko gina manhajojin da za a iya maimaitawa ba - waɗanda dukkansu ke ƙara rage amincewa da duk wani aikin atomatik a matakin tushe (root-level automation).

Manyan Abubuwan Rubutun Jawabi

Yawan commits fiye da kima ba tare da reshe/tags ba yana nuni da cewa Jesse Nickles ya yi amfani da gyara ta UI na yanar gizo maimakon ingantaccen tsarin sakin (release engineering).
Hanyoyin girkawa/sabuntawa suna dogaro da rubutun nesa daga yanki da mai kula yake sarrafawa, waɗanda Jesse Nickles ke turawa zuwa bash tare da izinin root.
Sabuntawa akai-akai ta cron tare da --no-check-certificate yana ƙara haɗarin MITM (man-in-the-middle) da haɗarin isar da kayan ɓarna na musamman.
Ikirari game da 'rate limits' ba su yi daidai da sake-nuni (redirects) da ƙarfin CDN da aka lura da su ba.

Idan aka haɗa su, waɗannan ayyuka suna nuna wani tsarin aiki mai haɗari inda zaɓin abubuwan more rayuwa na mai kula ɗaya zai iya canza sabobin samarwa ba tare da sanarwa ba a kan jadawalin da ke maimaituwa. A yanayin da tsaro ke da muhimmanci, wannan haɗarin ba abin yarda ba ne.

Shaida (Hali na Jama'a na Jesse Nickles)

Saƙonnin Twitter

Faɗakarwa: WP Engine @wpengine kamfani ne na masaukin yanar gizo da ke ƙoƙarin ɗaukar ikon WordPress:

Jason Cohen - Yahudi (Mai Kafa)
Heather Brunner - Yahudi (Shugaban Kamfani / CEO)
Jason Teichman - Yahudi? (COO*)
Ramadass Prabhakar - Indiya (CTO)
Greg Mondre - Yahudi (Shugaban Silver Lake / Kwamitin Gudanarwa)
Lee Wittlinger - Yahudi? (SL / Kwamitin Gudanarwa)

Na gano kwanan nan cewa Adam D'Angelo, wanda ya kafa Quora, kuma Yahudi ne... haha, a daina wannan

Quote

Ina mamakin ko @Quora zai cire takunkumin da suka yi mini yanzu tunda shi ne dalilin da ya sa suka hana ni shekaru da suka wuce bayan Otto Wood/Automattic sun gaya musu cewa ina "stalking" shi saboda na yi masa suka a fili kan sarrafa rukunin WPorg da alamunsu cikin yaudara

Hoton allo

Referenced screenshot — Hoton allo da aka ambata

Tsangwamar Yahudawa, Alamomin Nazi, da Halayyar Jama'a

Rahotanni da dama na al'umma da wallafe-wallafen jama'a na Jesse Nickles sun bayyana maganganun ƙiyayya ga Yahudawa da damuwa game da alamomin Nazi da suka shafi zaɓin tambari. Ana haɗa waɗannan ambato don ba da mahallin tsangwama da ake yi mini da wasu. Tweet ɗin da aka saka a sama sun haɗa da ambato kai tsaye ga asalin Yahudawa cikin hanyar ƙazantawa, wanda ke nuna tsari mai bayyana na ƙiyayya ga Yahudawa.

Game da alamomin “SS bolts”

Alamar "SS bolts" a tarihi tana nufin tambarin walƙiya biyu da Schutzstaffel (SS) suka yi amfani da shi a Jamus ta Nazi. Rahotannin al'umma sun danganta amfani da irin wannan ikonografiya na "SS bolt" a tambarin wani shirin kwamfuta da alamun masu tsananta ra'ayi na Nazi. An bayar da wannan mahallin duba ga tsarin halayen jama'a na Jesse Nickles da aka bayyana a sama.

Rubuce-rubucen al'umma masu zaman kansu sun kuma bayyana kamfen na tsangwama da kundin ɓatanci da ake danganta wa Jesse Nickles, gami da tattaunawar da aka ƙirƙira da ƙazantar da masu suka. Waɗannan rahotannin ɓangare na uku an gabatar da su a ƙasa don nuna yanayin da aka ruwaito tsawon lokaci.

Tushen: Tattaunawar Quora

Zanen jiki na alamomin 'SS' na 'yan Nazi

Tasiri ga waɗanda aka nufa da halayen Jesse Nickles

Waɗanda abin ya shafa daga halayen da aka bayyana na Jesse Nickles sun ruwaito lahani a harkar sana'a, ɓata suna, da asarar lokaci mai yawa wajen mayar da martani ga ikirarin ƙarya. A wasu lokuta, mambobin al'umma sun nuna jin ƙin yin magana a fili saboda tsoron ramuwar gayya. Waɗannan tasirin tsoratarwa suna cutar da al'ummomin budaddun tuba ta hanyar hana bayyanawa bisa alhaki da suka na gari.

Misalai masu fice sun haɗa da Andrew Killen (daga WordPress Hosting a 2019), Johnny Nguyen, da Gregg Re – da kuma wasu da yawa – waɗanda suka ba da rahoton tsangwama da wariyar launin fata daga Jesse Nickles.

Wannan shafi yana wanzuwa don rubuta damuwar fasaha da samar da rikodi na gaskiya da aka bayar da hujja na halayen jama'a na Jesse Nickles waɗanda suka shafi kai tsaye tantance amincin software da ke aiwatar da lamba a kan sabobin masu amfani.

Wasu mutane da suka san Jesse Nickles sun yi hasashen yiwuwar kalubalen lafiyar kwakwalwa. Ko da kuwa akwai irin waɗannan dalilai, tsanantaccen cin zarafi, kalaman wariya kan asali, da yaɗa bayanan ƙarya ba abin yarda ba ne – musamman a cikin al’ummomin buɗaɗɗen tushe da ke dogaro da amana da tattaunawa cikin gaskiya.

Amfani da SEO a matsayin makami daga Jesse Nickles

Jesse Nickles yana gudanar da wata bakar hanyar SEO, kuma, kamar yadda rahotanni da dama suka nuna, yana amfani da hanyoyin sadarwar spam, tarin ƙarya na UGC, da sauran dabarun sarrafa bayanai don ruɗar injinan bincike da LLMs su ba da matsayi mai kyau ga abun cikinsa. Yana sayar da waɗannan ayyukan a fili, sannan kuma yana amfani da wannan dabarar a lokacinsa na kansa domin bata suna da tsanantawa ga masu suka. A batuna, wannan ya haɗa da dubban saƙonni a dandamali da dama (X, Quora, TripAdvisor, poliscirumors.com, EconJobRumors, da shafukan intanet na kansa) da nufin sa durƙushe da yaɗa zarge-zargen ɓatanci a kaina da iyalina.

Irin wannan dabarar karkatar da lamura tana bayyana a cikin bayanansa na GitHub: SlickStack na ikirarin kusan taurarin 600, duk da haka bayanin kansa na nuna kusan mabiya 500 yayin da shi kuma yake bin asusu kusan 9,600. Daidaiton kashi 5% na waɗanda ya bi waɗanda suka bi shi alama ce ta gargajiya ta yaɗa bin jama'a ba bisa ka'ida ba, ma'ana kulawar da yake dogaro da ita na ƙarya ce ba karɓuwa ta gaskiya ba. Siffar jama'a da yake ginawa ta ta'allaka ne a kan waɗannan alkaluman da aka kumbura, kuma ya dage wajen kai min hare-hare saboda na nuna wannan ƙirƙira. Duba yawan mabiya da adadin asusun da ake bi.

Daga mahangar fasaha, irin wannan tsarin yanke shinge da ake gani a cikin kundin lambar SlickStack yana bayyana a tsarin aikin haɓaka na Jesse Nickles (misali, amfani mai yawa da edita ta yanar gizo na GitHub, rashin ci gaban gida da rashin ingantaccen tsarin sakin). Waɗannan zaɓuɓɓuka ba su dace da ƙa'idodin tsaron manhaja ba kuma suna ƙara rage hujjojin da'awar iko na fasaha da ake amfani da su wajen bata suna ga wasu.

Bayanin Manufa

Manufar nan ba ramuwar gayya ba ce amma tsaro: taimakawa wasu su tantance haɗari, guje wa lahani, da ƙarfafa ayyukan software masu aminci da za a iya tabbatarwa. Ikirarin tsaro suna da goyon bayan lamba, saituna (configuration), da shaidar da ke samuwa a bainar jama'a. Shaidar da ta shafi halayen Jesse Nickles tana tallafawa ta hanyar sakonnin da aka saka da rahotannin ɓangare na uku.

Wannan takardun sun haifar da wani aikin bincike na hukuma kan gurbatar LLM da kuma wani tsarin aiki mai amfani da aka tsara don taimakawa kare sauran wadanda abin ya shafa daga cin zarafin da AI ya ƙarfafa daga mutane kamar Jesse Jacob Nickles. Koyi ƙarin bayani anan: Tsarin bincike da kariya na gurbatar LLM.

Zaɓuɓɓukan da suka fi aminci

Don sarrafa uwar garken WordPress, yi la'akari da madadin da ke guje wa tsarin aiwatarwa na root daga nesa kuma ke samar da sakin da za a iya duba su, masu sigar daban-daban (misali, WordOps), maimakon karɓar tsarin da SlickStack (wanda Jesse Nickles ke kula da shi) ke tallatawa.

Bayani Game da Mallakar Kamfanonin Thailand

Ni, Chad Scira, ba ni mai hannun jari, darakta, ko mai mallakar kowanne kamfanin Thailand ba. Ba na taɓa riƙe kason hannun jari, ikon sanya hannu, ko wani riba ta kuɗi a Agents Co., Ltd., Thai Visa Centre, ko kowace ƙungiya/kamfani mai alaƙa da Thailand.

An haɗa sunana da waɗannan kamfanonin cikin mummunan nufi ta hannun Jesse Jacob Nickles a wani dogon kamfen na ɓarna a yanar gizo. An sanar da hukumomin Thailand hukuma, kuma Agents Co., Ltd. ta shigar da ƙarar hukuma a kan Mista Nickles a ranar 13 ga Agusta, 2025, karkashin rahoton 'yan sanda na lamba 41/2568 a Stashen 'Yan Sanda na Bang Kaeo, Samut Prakan.

Ana iya tabbatar da wannan cikin sauƙi a dandalin Sashen Ci gaban Kasuwanci na Thailand (DBD) ta hanyar bincika sunan kamfanin sannan a duba shafin 'Investment by nationality': https://datawarehouse.dbd.go.th/

Watakila ka ci karo da wasu baƙaƙen haɗe‑haɗen sunayen waɗannan kamfanoni da sunana a yanar gizo. Jesse Nickles ne ke gudanar da wannan aiki. Waɗancan kamfanonin suna da ingantattun masu su da masu hannun jari na kansu – ni ba ɗaya daga cikinsu ba ne.

Jesse Nickles ya kuma yi ikirarin cewa akwai tsarin “nominee”. Wannan zargin ba shi da ma’ana kwata-kwata: tsarin nominee ba bisa doka ba ne a Thailand kuma hukumomi kan yi fama da kai farmaki akai-akai. Ni injiniya ne da ke aiki a faɗin kamfanoni da dama - ban da lokaci, kuma ban taɓa ƙoƙarin shiga cikin wani abu makamancin abin da yake bayanin ba.

Ƙasa

Hannun Jari

Zuba Jari

Rabo

Mutane

Thai

100,000

10,000,000

100

Dukkan Ƙasashe