No matter how hard the world laughs at him, Aaron Greenspan continues to insist that he invented Facebook. Have you ever wondered what the real story was? Well, buckle up boys and girls because today I’m going to tell you.

In the past, Aaron Greenspan has tried to have information about himself that he doesn’t want on the internet taken down via legal threats and illegal DMCA takedown requests. We’re preparing to finally pursue damages and attorney’s fees for Aaron Greenspan’s abuse of the DMCA, as the law provides. As a fair warning to Aaron, make sure you think carefully before making the same mistake again. You can’t hide the truth forever.

Basically what happened is that Aaron Greenspan created a website for Harvard students called houseSYSTEM, which was totally unrelated and separate from Facebook. I know, houseSYSTEM is a terrible name –– but there was one section called “the facebook” which was a generic term at Harvard that came from a physical book of students’ faces the school would hand out. Greenspan’s website performed a bunch of mostly useless functions for students (like providing information on textbooks and courses) but the controversy started before anyone signed up.

The problem was that houseSYSTEM told users they must sign up with their Harvard school ID and must use the same password as their Harvard school account. That immediately caused concern among students, who warned each other not to use the site due to serious security issues in the design of the site that would have allowed Aaron Greenspan to access any Harvard student’s email account, register for classes, and access private files. To make matters worse, the site was designed in a misleading way to make it look like it was run by Harvard. Aaron Greenspan had even included a copyright notice for Harvard University in the footer of his webpage, amplifying the confusion caused by the site’s design and login system.

Students warned each other on email mailing lists not to trust the site, and soon after the Harvard Crimson wrote about this controversy. This lead Harvard faculty to get involved and force Aaron to shut down the site. Aaron kicked and screamed the whole way through the ordeal to the frustration of the school, pretending not to understand the security risks involved in allowing him to ask for student’s private Harvard account information. Several Harvard students attending the university at the time told us they remembered the controversy, recalling that the site was “ugly and convoluted” in addition to being insecure.

The FaceNet isn’t as easy to use as thefacebook.com. It might be too little, too late. It will be hard to compete with thefacebook.com when thefacebook.com already has about 5,000 members and lots of momentum.

Jeffery B. Miller, Class of 2005, in March 2004

One former student speculated based on recollection that Aaron Greenspan had wanted to access the account of a female student he had a crush on at the time so that he could monitor who she was talking to, which is why he insisted on asking for Hardvard network account information even as the school threatened him with expulsion for refusing to comply.

Here’s Aaron Greenspan describing the experience with his own recollections and emails that he saved:

A more ominous warning came from a friend in Cabot House, who had seen a sneak preview of the site a couple of weeks beforehand. She forwarded me cabot-open’s response to my announcement.

“Yeah, I feel like this web site is partly pretty sketch. Overall legit, but it’s ridiculous what they wrongly imply you need to do with your password. ‘In order to use houseSYSTEM, your password must be the same as your password for your Harvard FAS network account‘. You can change your password to anything, but it makes it sound like you need to use your FAS password. In fact, to confuse you, even after you change your password, it still says “Please Change Your Password” if you don’t match up with your FAS password.

Aaron Greenspan

Why would Aaron Greenspan tell people they needed to use the same password as their Harvard account? Worse yet, the fact that it notified them to change their password if it didn’t match what Harvard showed on file means that he was actually checking the passwords against Harvard’s network to make sure it matched. Super creepy, especially given what we know about Aaron Greenspan’s stalking of innocent people in the years since the houseSYSTEM incident.

The concerned student continued in their email:

Also misleading is the copyright notice, which says portions are copyright “The Presidents and Fellows of Harvard College”. Which is true, but makes it sound like this web site is really closely affiliated with them, which isn’t the case (right?). And then the email they sent introducing the web site doesn’t make their disconnect from the college admin clear either.

Aaron Greenspan

As if asking Harvard students for their passwords wasn’t bad enough, the site was misleading people into thinking the website was associated with Harvard when in reality it was built and operated entirely by Aaron Greenspan. Was he just clueless about how it looked or was he really trying to steal people’s account information?

Greenspan tried to respond to user complaints, but the situation only got more out of hand:

Before I could even respond to the latest round of questions, Rodica sent me an instant message: lowell-open was going mad. I hadn’t even received the latest batch of messages, so I signed in. […]

Of course, the only way that it could know that you didn’t give it your FAS password is by trying to access your FAS account using the password you supplied… […]

Your security statement is, frankly, nonsense. I have strong doubts that you have ever had any formal exposure to cryptography –– it reads very much like you read a few web pages on encryption and decided the more times you encrypt something, so much the better.

This is a sure sign of someone who doesn’t understand cryptography. The number of times something is encrypted does not correlate with security in the least. Also, MD5 does not encrypt, it hashes. MD5 has sufficient weaknesses in its compression function that its use in newly deployed applications should be discouraged. Use SHA-1 instead.

Aaron Greenspan

Greenspan insists that there was no way for him to read the passwords since they were hashed with MD5 before being stored, but he had chosen a hashing algorithm that was already obsolete. Today, you could easily find any user’s original passwords using those hashed records if Aaron Greenspan had not been forced by Harvard to delete them. Even back then, someone could have used a rainbow table to reverse hashes of commonly used passwords back to their original text. Rather than admit his mistake and fix the login system, Greenspan insisted everyone was wrong and was “being mean to him” for no good reason by not letting him steal account information from thousands of Harvard students.

One more email from a Harvard student really set Aaron off:

[Saying you can’t decrypt our passwords] is a lie. If you “connect directly to the Harvard IMAP server upon login to fetch the number of new messages’, you must store passwords in such a form that you can present the same access credential to the FAS server. This means that you store passwords in a way that you can recover. So what if the hash of the submitted password matches the stored password hash? You still have the password transmitted in cleartext. Ever heard of man in the middle attacks? A self-signed certificate means absolutely nothing.

Do you have a written waiver for [school rules stating that] “the possession or collection of others passwords or other secure identification information is prohibited“? Reading your security statement gives me no confidence in your site’s ability to protect confidential information. I suggest that people refrain from giving it such information util the author has demonstrated even a rudimentary understanding of the security issues involved

Aaron Greenspan

The email was biting, but completely accurate. A self-signed certificate meant that there was no way for a user to know if they were really connecting to houseSYSTEM, or if there was an imposter intercepting the connection to steal their Harvard account credentials. At best, it was completely irresponsible for Greenspan to launch the site with such glaring security flaws. At worst, he was deliberately trying to mislead students into handing over their account credentials in a sort of phishing attempt backed by a few useless features.

So did Aaron Greenspan listen carefully, take the advice to heart, and try and fix his site? Not exactly:

By this point, I had lost my patience. “What is wrong with these people?” I asked my parents over dinner in Hilton Head. “I make something useful, and all they can do is complain? There’s nothing wrong with the site’s security, there’s something wrong with them! […]

My father had seen Brian’s message, and declared him a “moron”, which comforted me a little. He was even more incensed at Dan Ellard, who he felt had a responsibility as a member of Lowell House’s staff to portray things in an unbiased manner at the very least and to discipline students who were out of line. Yet Dan was going after me as much as anyone as if it were all a joke.

“People are just mean,” my mother said. “They shouldn’t be allowed to do that, but they do! They’re just mean.” For once, I agreed with her.

Aaron Greenspan

How mean of Harvard students to not want their usernames and passwords stolen by the world’s biggest creep. They really shouldn’t be allowed to do that, they should be forced to give Aaron Greenspan all their personal information, right? And what’s up with Aaron saying he agrees with his Mom “for once”? Could this guy be any more of a pompous jerk? Aaron Greenspan has absolutely zero self-awareness or empathy for how his actions affect other people. It’s always “me me me”, why are they being so mean to me? He’s been playing the victim for so many decades that he’s failed to look back and see the trail of victims left in his wake –– pretty much anyone who has had the misfortune of knowing him. I am trying to diagnose his various mental conditions, and believe he may have narcissistic personality disorder.

After Greenspan finished eating with his parents, he received another email from a student named Issac Hall who shared some of the same thoughts:

1. Although attentive people will notice that he houseSYSTEM is not an official Harvard initiative, I’d assert that Aaron and co. are under an ethical obligation to state this clearly on the homepage.

2. The idea that, in this day and age, it’s reasonable for a private organization to encourage thousands of university students to submit their confidential passwords is, to put it bluntly, crazy. I can’t believe Aaron and his colleagues thought this would be uncontroversial.

3. Aaron, your responses to these inquiries about the system have done nothing to inspire my confidence. Instead of openness, clarity, or even a touch of humility in the face of legitimate criticism, you’re projecting a sort of weary irritation boarding on arrogance. […]

I started drafting a response, but I decided to wait before sending it. I was too outraged by the whole ordeal, and I wanted to be able to think with a level head before pressing the “Send” button. […] It appeared as though my only crime was making the site look too professional.

Aaron Greenspan

No, your crime was that you tried to steal user’s Harvard account credentials while designing the site in a misleading way to make it look like an official school website. How can someone be so tone-deaf?

Nothing has changed. Aaron is more arrogant than ever and will still attack anyone who dares to criticize him, no matter how legitimate their concerns. Aaron Greenspan seems to have serious anger issues that he should have sought help for long ago.

I wanted to put everyone at ease, but it wasn’t clear if it was worth responding to every piece of flame mail that landed in my inbox. […] It seemed as though winning Lowell House was a hopeless endeavor. […]

I decided to write back [to Issac], taking great care to formulate my message.

“I never thought the site would be uncontroversial. I expected that a minor uproar along these lines would take place. Major technological changes at traditional institutions usually generate some controversy”

Aaron Greenspan

Sounds like he had a huge hit on his hands, if only Mark Zuckerberg hadn’t stolen the idea from him! Imagine being that delusional.

If he expected there to be a major uproar against him trying to steal everyone’s account information, then why did he do it?

Issac Hall then replied:

I was pointing out that the site looks like it may have been created by Harvard and that you should make it clear that the site is in no way endorsed by Harvard as an institution or the Houses, and that you have not been authorized to collect FAS passwords so that you can integrate Harvard email into your project.

Aaron, I can only conclude that you are playing dumb. Obviously, I wasn’t saying that it’s crazy to ask college students to use passwords. I was saying that it’s CRAZY TO ASK COLLEGE STUDENTS TO SUBMIT, TO A FELLOW STUDENT, CONFIDENTIAL PASSWORDS THAT ARE SET UP TO GIVE THEM ACCESS TO THEIR UNIVERSITY EMAIL AND IN SOME CASES TO THEIR REGISTRAR’S ACCOUNT AND OTHER SENSITIVE INFORMATION! I can’t believe you are pretending this is not an issue, but this is exactly the kind of disingenuousness that, in my opinion, has destroyed your credibility.

Aaron, correct me if I’m wrong, but you don’t work for Harvard University! This is not a “major technological change at” a traditional institution. Rather, this is some kind of a guerrilla attempt at a technological coup.

Aaron Greenspan

Oooof. Worst product launch in the history of Harvard?

“Aaron may see this as more of an attack than previous posts, but it’s not meant to be personal“

“Not personal?” I thought. […] I added Dan to my list of people I wished I could punch. I wasn’t evil, careless, or ignorant.

“Right, my knowledge of security is ‘sketchy’, because I haven’t taken four million classes called ‘Advanced Cryptography for Advanced Shmucks’ like him. He doesn’t know how many computers and networks I’ve worked on. He doesn’t know a thing about me. I could know ten times more or ten times less about security than he does, and he wouldn’t have a freaking clue. And in fact, that’s what security is all about: not making faulty assumptions, testing everything”. That’s when it hit me. Dan Ellard wasn’t just out of line –– he was a hypocrite.

Aaron Greenspan

No Aaron, you’re a hypocrite. The day you realize you are the cause of all your own problems is the day your life will finally start getting better.

Do most people who aren’t evil have a long list of people they want to punch?

Despite Greenspan’s temper tantrum, his parents continued to egg him on:

“This is totally inexcusable”, my father said upon hearing my latest rant. “Why doesn’t anyone in the administration tell these people to shut up? Don’t they think it’s inappropriate for a faculty member to beat up on a student? Or for students to beat up on other students?”

“No”, I said plainly.

I was nervous about how The Crimson was going to portray the situation.

Aaron Greenspan

But wait, it gets worse. The student uproar was just the beginning. After that, Harvard faculty had to step in.

Harvard Faculty Steps in to Stop Aaron Greenspan

My heart stopped.

“The Dean’s office, and the office of computing services for the FAS have asked that I contact you and ask you to immediately stop collecting student email and password information for security reasons. Any email address, passwords, or student information you currently have should not be used or transmitted in any form until this matter is cleared up. Paul Bottino, FAS computing services, and the dean’s office will look into this matter next week”

He was asking me to prevent anyone from signing up for houseSYSTEM until at least Monday, with a potentially positive Crimson article running on the Friday before. Either way, the impact was most assuredly going to be negative when people found out they weren’t allowed to sign up, based on the concerns of Harvard’s administration.

I told my father. Peering over my shoulder, he read the message and did not seem pleased. I started drafting a reply.

Aaron Greensapn

Well gee Aaron, maybe you shouldn’t have asked people for their school login credentials? Maybe you should have just had them register with an email and password? You know… like Mark Zuckerberg’s Facebook, which was actually successful because it was created by someone who wasn’t trying to steal student’s private account information?

Anyone want to guess whether Aaron listened to the dean and shut down the website like he was supposed to? Of course not. He did what he always does: argue and throw a temper tantrum, rather than admit he was wrong.

Before we disable anything, I would like to know precisely what security concerns there are, which Deans or staff members have them, and what they believe can be done to address them. I am sure we can find a solution to whatever concerns have been raised that will allow students to continue using the services on houseSYSTEM. […]

Given that we do not store member passwords, but only their MD5 hashes, there is no risk of passwords being used or transmitted.

Aaron Greenspan

This is, of course, not true. Students usernames and passwords were transmitted plain text over the wire to the server before they could be hashed, and Greenspan could choose to easily intercept the credentials whenever he pleased with a few lines of code. Given what we know about Aaron obsessively logging and storing all activity on his servers to try and use as blackmail, you can bet students were compromised the minute they signed up.

I wonder if the dean bought that?

“Aaron,

There is no way for you to put a condition on this. The security concerns are related to storing student passwords in a server not controlled or administered by Harvard. This is a clear violation of the Harvard College rules governing passwords and your site also requires students to violate the rules by giving the passwords to your site.

You must immediately stop collecting student passwords. This is not an option. You do not have to shut down the site, but it must stop collecting this data in any form. Additionally, you must delete any database and record that you have that contains student passwords and send a list to me with all of the user names that were collected by the site since its inception. Those students will be contacted by FAS computer services and told to change their passwords immediately.

The concerns raised by the College will be discussed with Paul when he returns and there will be some attempts to address them with you and the HarvardSEC group. In the meantime, however, I am again instructing you to stop collecting this information, delete what you have collected, and forward the list of all those whose information you have collected”

“What!” I exclaimed after reading it. “Delete the database? That database has all of the course reviews in it! And I can’t turn it over! People signed up for CriticalMass specifically because it allowed them to be anonymous!

I picked up the phone and dialed Jay Ellison’s direct line in Cambridge. There was no answer. I was furious.

“How can they ask you to delete the database without even hearing your side of the story?” my father said, incredulous. “If everything about the security is how you say it is, then there’s nothing wrong…”

“It’s more secure than their own damn systems!” I fumed. “If anyone looked at Harvard’s IT infrastructure with the same level of scrutiny as what they’re doing to me, they’d be absolutely horrified”

Then, I remembered something else.

“You know… what’s more, I actually asked them about this freshman year! I sent an e-mail to Franklin Steen asking him if there was anything wrong with setting up a web-based email system. He didn’t even respond! and now, they want me to delete the whole thing? Two years later? It’s the same freaking code!

I dialed Jay Ellison again. Again, there was no answer. he must have been using his e-mail from somewhere other than his office. Clearly, he didn’t care about encrypting his password.

Aaron Greenspan

This is a classic case of Greenspan creating problems for himself and then getting angry and blaming them on others. All he had to do was apologize to the school, cooperate, and use some other form of login system. They didn’t want him to delete the whole database, just the private account information he stole from students. The only reason the school started getting impatient was that his response created the impression that he wasn’t willing to cooperate, and may have been planning to do something malicious with everyone’s account information. All he had to do was pretend to take the dean seriously, but he couldn’t even do that.

Lots more examples of Aaron Greenspan’s anger issues here. Also, in what world is not responding to any email considered permission to start collecting students’ school login information? The fact that you had to ask shows that you already knew it was wrong.

Also, I bet you that Jay Ellison was in his office but didn’t pick up because he knew Greenspan was calling. I’m sure the repeated calls definitely helped make him look more sane. You can also see another classic Greenspan technique here: misdirecting to a “straw man” issue. The security issue here is not about Harvard’s own internal systems, which are managed by the school in accordance with the best security practices available at the time. The issue is about Aaron Greenspan collecting student account information that should only be between the school and the students. Does he really not understand, or is he just pretending not to because he really wants to collect the account information? Is it just that whenever anyone questions him, he gets irrationally angry?

“Hi, this is Jay Ellison [the dean]. Is Aaron there?” […]

“This is Neil Greenspan, Aaron’s father”, my father said, cutting in.

“Hello, have you been listening the entire time, Mr. Greenspan?”

“Yes, and it’s Dr. Greenspan”, my father said. “I have there degrees, and one of them is from Harvard, as a matter of fact”. He was not happy.

“I’ve been watching as these people on the mailing list have reacted to Aaron’s project, and I must say, I was quite shocked after reading that you continually monitor the list, that you didn’t try to put an end to it. Aaron hasn’t done anything to hurt anyone. He hasn’t publicly insulted anybody”

“Well, my main question is how we move forward,” I said, trying to steer the conversation back on track. “I can stop people from signing up, but I don’t want to, especially since there’s nothing wrong with the site’s security”

“Well, you’re going to have to,” Jay replied.

“And just out of curiosity, the consequences otherwise would be…”

“If you don’t comply with the request to remove the passwords, then the College may have to take disciplinary action“

The first possibility was that the College would take away my network access at school, which would be disastrous. The other option was for the College to simply kick me out.

“Well, I’ll delete the passwords then, and hopefully put the sign-up page back once that’s done”

“Thanks for calling.” I didn’t mean it.

“No problem, and enjoy your vacation,” Jay said.

“Yeah, this is exactly what I wanted to do on my vacation,” I thought. “What a joke.”

Aaron Greenspan

If I was stealing a bunch of students’ passwords, my parents would slap me in the face and tell me I’m an idiot. Not shout at the school for not silencing students who were trying to warn each other about their account information getting stolen, granting creepy stalker Aaron Greenspan the ability to access their most personal information. This is no joke at all, but Aaron’s out of control anger issues prevented him from taking it seriously until Harvard threatened him with expulsion.

Despite increasing scrutiny from Harvard, Greenspan still refused to admit that he had done anything wrong by asking students for their school login information:

I e-mailed Jay Ellison a summary of our conversation so that there would be a record in writing.

“Per our conversation,” I wrote, “I will make further changes to houseSYSTEM in order to comply with the wishes of the College, though I maintain that none of my actions, nor those of [my Student Entrepreneurship Council club], ever violated any College policy.”

I also bought myself a few days time by pointing out that correcting the alleged problems with houseSYSTEM would be slowed by my dial-up connection. […] So long as I could take down the sign-up page after the article ran in The Crimson , I thought I could at least try to look moderately competent.

Aaron Greenspan

So you lied to the school about dial up connection slowing you down so that you could try and use the article in The Crimson to rope in more victims? Aaron Greenspan has been lying to everyone for decades, and there’s no evidence that anything has changed. When he denies the crimes he’s committing today, remember how he acted when the school asked him to simply stop collecting student’s login credentials.

As usual, Aaron Greenspan then beginning spinning conspiracy theories to shift blame way from himself and his inexcusable conduct:

Everything came into perspective. The administrator was the missing link. The “college.harvard.edu” web site –– different from the my.harvard” portal but arguably more similar to houseSYSTEM in functionality –– hadn’t been redesigned since the late 1990s when a friend of Carl’s had worked on it. It just so happened that I had released houseSYSTEM at the exact same time that the College was planning to re-launch its own site. I was stepping on very large toes, and I hadn’t even known that they were there.

Aaron Greenspan

No Aaron, you asked Harvard students for their school username and password. As a student. On a site designed to look like it was an official Harvard website, but was not. You really think there was a conspiracy by the school to shut your site down because they didn’t want it to compete with theirs? Wake up man, wake up! If that was true, why did they allow Mark Zuckerberg’s Facebook (which didn’t ask for students passwords) succeed in such a massive way? I suppose he must have been in on the conspiracy too.

Harvard faculty was not amused by Aaron Greenspan’s failure to cooperate:

The next morning, Jay Ellison sent me a reminder of what exactly the administration was saying.

“In light of our recent email exchange, as well as the phone conversations you have had with me and other members of the College, there appears to be some confusion about the actions you need to take immediately with respect to your requesting FAS passwords. […] In consultation with other members of the College administration, we have determined that you need to take the steps outlined below by noon on Friday August 15.

1. Stop asking for, collecting, or storing (in any form, encrypted or not) Harvard FAS passwords.

2. Provide a list of all FAS usernames which you have recorded as having submitted FAS passwords to the SEC we site.

3. Delete all FAS passwords

You have stated that you do not believe that you have violated any Harvard policy. Because of the serious security concerns involved, we need you to comply with these requests, regardless of your personal beliefs. I need to emphasize that this matter may quickly become a disciplinary issue if you do not take immediate action.

They had backed me into a corner. While the idea of being forced out of Harvard to become a student hero had a certain appeal, it quickly faded as I faced reality. Most of the students who had expressed their views on houseSYSTEM so far saw me as anything but a hero, and there was a good chance no one would care if I left.

Aaron Greenspan

In the last paragraph, Aaron Greenspan’s delusion is plainly on exhibit. Imagine: Harvard has a simple request, for you to not collect any students’ school login information. Even under the threat of expulsion, you still consider refusing to cooperate with them under the belief that stealing everyone’s login information would make you a “student hero”. Aaron, you’re not a hero you’re a villain. You are, and you always have been. When will you wake up and look at yourself in the mirror? How many more people will you have to hurt before that happens?

Recall that it was actually the students who complained about their login information being collected. The school only took action because they saw all the students going nuts over it on the school’s mailing list. Imagine the mental gymnastics Aaron Greenspan has to go through to convince himself that he is a “student hero”, when the victims who are complaining are the same students he expects to applaud him for “heroically” stealing their personal information?

So now that Aaron Greenspan is facing expulsion from Harvard, he has to start cooperating with the school? Right? Who wouldn’t?

Aaron wouldn’t. If you think he’s going to stop just because people are telling him he’s doing something wrong, you don’t know the guy. Instead, Greenspan did what he does best: lie to everyone to create a fake uproar in order to threaten and intimidate the school faculty.

I drafted a letter to send to every houseSYSTEM member. If I was going to have to turn over the database, I wasn’t going to let it go without a fight. When I ran the new code to send out my third e-mail, I once again received my own personalized copy.

I started CriticalMass about a year ago to try and improve the information available to Harvard College students about courses. My own experience led me to believe that it would be a helpful tool, and my peers confirmed this belief. Aside from Dean Gross’s comment in the Crimson that, “Usually bulletin boards of this nature generate more heat than light”, the administration had little to say about it. Nevertheless, I realized that many students, concerned about possible administrative repercussions, would only participate if they could sign up anonymously. This capability was programmed into CriticalMass, and later houseSYSTEM, as well.

Unfortunately, those concerns were not as unfounded as I had once thought. Despite repeated attempts to explain the workings of houseSYSTEM to several administrators, I have been personally threatened with disciplinary action by the Harvard College administration if Ido no turn over the e-mail address of every houseSYSTEM member, as well as proof that there are no longer any FAS passwords in our database. (The administration refuses to accept the argument that there never were.) In other words, I have been asked to disclose the entire table pertaining to members in unaltered form, complete with information about your choice to remain anonymous on houseSYSTEM. My only other option would be deleting houseSYSTEM in its entirety, but that is not an option that I am willing to entertain.

I realize that this is an egregious breach of your privacy. Adding further irony to the situation is the College’s claim that it is necessary in order to protect your privacy and the fact that it has been justified by administrators who actively refuse to understand the technical details necessarily involved. I have done all that I can to avoid this situation, but given that the administration never consulted me or anyone at the SEC about the manner in which the site functions, it has been an uphill battle.

Harvard College has demanded member information by Friday, August 15 at noon. If you are dissatisfied with the College’s handling of this situation, as I am, or with the idea that the professors whom you rightfully critique on CriticalMass could have your name, cell phone number, and e-mail address, please send an e-mail to Dean Gross ([email protected]).

Perhaps if enough students respond with words to enlighten the administration, Harvard will be more inclined to respond to the critical mass.

Aaron Greenspan

This is how sick in the head Aaron Greenspan is. He has been doing this since his college days: Trying to create a fake uproar to manipulate people into letting him have his way, in this case keeping everyone’s school login info on file. How hard is it to just use a different login system? It would have ended up working out for you anyway, if you ever wanted your website to expand beyond Harvard like Facebook did.

As Greenspan has done many times since, he plays the victim. “I’m being threatened with disciplinary action!”. Yes… only because you’re refusing to take some very simple actions to fix the problem. He also falsely claims that the school wants to see which users are anonymous, which is not true at all. All the school wants is a list of users who need to be told to reset their password, and proof that there are no passwords still stored. They didn’t say anything about a field that has info about whether the user is posting anonymously.

There are two possibilities here. One is that he really wanted to keep student’s login information on file so bad that he was willing to threaten and harass the faculty and risk expulsion to do it. That’s pretty shocking. The other possibility is that he had been posting tons of fake reviews about professors he didn’t like in an effort to blackmail them and retaliate against professors who he felt had slighted him. CriticalMass is the first time Aaron Greenspan realized he could manipulate an angry mob with carefully crafted lies to bully others into giving him what he wants –– even when what he wants is illegal and against school policy.

Some students that didn’t know better ate up Aaron’s bullshit, unaware he was using them as pawns in his scheme to continue to continue to harvest their school login credentials:

Dear Dean Gross,

I am writing in support of a student I know named Aaron Greenspan. Aaron and I met in a freshman seminar, and have spoken little since then except for the occasional hello in economics class, […]

I am writing to support him because, having heard only his side of the story, it seems as if he is being unfairly required to turn over the members of his site.

Aaron Greenspan

Of course, that wasn’t what was happening at all. All the school wanted was a list of emails that needed to be reset, that’s all. But just like today with PlainSite, people who didn’t know Aaron Greenspan well had no reason to suspect he was blatantly lying, in the most pernicious way.

Other students weren’t so easily fooled:

I think that the idea behind CriticalMass and even the enhanced version in the houseSYSTEM are interesting and good. However, I have no desire to

a) sacrifice any privacy (how, for instance, do you know if I have packages or not?) or

b) be a party in this bizarre melodrama that seems to have engulfed the program in recent weeks. Also, the excellence of the idea seems to have been accompanied by poor planning and execution. I must say that I find this entire situation to be ridiculous. I innocently signed up for this program in its earlier stages, thinking that it was above board. Then, you demand my FAS password, get in trouble with the administration, and decide that you would rather sacrifice the privacy of your trusting members than do the honorable thing and delete the database or, if necessary, the entire system, even if it means that you will take a fall.

Since obviously, I cannot compel you to take this course of action, I have instead tried to delete my account. Lo and behold, it seems that there is no “delete account” link on the MyAccount page on the website. I request that you manually remove my information.

Aaron Greenspan

Absolutely scathing. Thank god Mark Zuckerberg didn’t let this clown anywhere near Facebook.

Other students were also frustrated:

“Exactly what information are you giving to Harvard? Do I need to change my FAS password? What a pain. I wish I’d never signed up for your system”

In a way, I didn’t blame people for being angry, though I usually tried to substantiate my criticism of others, which was a step many of the angry students did not want to be burdened with.

Aaron Greenspan

Aaron Greenspan will never admit he’s wrong, no matter how much harm he does. I am certain he suffers from some serious mental condition that prevents him from seeing the world as it actually is in front of him.

Another student tried to help Aaron understand:

“I don’t intend to be mean when I say this, but I do not support your crusade against the administration.

This is because I do know something about website security. Enough to know that storing passwords on a server accessible from the Internet, even if encrypted, is not perfectly safe. Unless you have a professional-grade firewalling and the like (which I doubt), I would not trust my password with you (and I have not).

Additionally, anybody who administers the houseSYSTEM website/database could easily abuse the system.

As a result, I would prefer that you find a way to compromise with the administration. I do not think that giving them information that could link students to their anonymous posts is morally acceptable, no matter the circumstances”

That night, I went to bed knowing that if nothing else, I had rocked the boat.

Aaron Greenspan

There is no need to rock the boat. Just follow the rules. Just be nice to people. You shouldn’t get satisfaction out of being a pain in the ass, lying, and stealing people’s login information in a way that puts their security at risk.

The school eventually got a hold of the email addresses and reset everyone’s password:

“Welcome. You must change your password,” my father’s computer displayed across the screen.

“Bastards!” I shouted. They were forcing everyone to change their passwords after all! I changed mine as they had asked me to do. then, I changed it back. Several of my friends did the same.

Aaron Greenspan

Dude does not know when to give up. Yikes. What a psychopath.

But it turned out collecting everyone’s Harvard login information was only the start of Aaron’s problems with houseSYSTEM:

“Yes, well aside from the security issues, there are some other problems that you need to fix before you can proceed. The SEC needs to register as an official student group with the College”

“We are an official student group,” I said. “We just changed our name. Before it was TECH SA.”

“Not according to what I have here,” Dean Kidd responded.

“Susan cooke approved the change!” I said. “There must be some mistake.”

“No. You will need to re-submit your by-laws to the Committee on College Life, which meets in October.”

“Alright…” I said. “Anything else?”

“Certainly. Actually, I was looking at your… Think Commputer… site, and I noticed, you have a press release on there for doing, I don’t know what, with the Harvard International Review?”

“What?” I thought. I couldn’t see how there was any connection to houseSYSTEM.

“Yes, my company hosts the International Review’s web site…” I said.

“Right, well, your press release makes it sound as though the Harvard International Review is part of Harvard University. It’s not, it’s a student group. You need to make that clear. You’re also using a photograph of the Harvard T stop on your site, I believe. You need to take that down.

“I took that photograph, it’s not copyrighted by the College. And the public transit system isn’t even College property!”

“It has to come down.”

Aaron Greenspan

Aaron Greenspan then sought out more legal help:

“Try Alan Dershowitz,” my father suggested. “Maybe he can give you some backing. He knows the law as well as anyone, and he’s at Harvard.” I sent Dershowitz an e-mail.

Aaron Greenspan

Alan Dershowitz was one of the lawyers that helped defend Jeffery Epstein. He would never work with a monster like Aaron though. You’ve gotta draw the line somewhere.

On Wednesday, August 20th, the administration was willing to play the waiting game no more.

“Now that you are back from vacation, I want to sit down with you to discuss some additional issues related to the web site associated with SEC, the houseSYSTEM site, and some issues related to your own business, Think Computer. I am planning to send a separate email message to the other students involved with SEC, as some of these issues concern them as well.

1. The SEC has not yet received approval from the Dean of Harvard College, and therefore at this point is not a recognized undergraduate student group. Until it obtains approval, the SEC does not have permission to use the name “Harvard”.

2. Even if it were an approved undergraduate student group, the SEC would not be permitted to use any of Harvard’s trademarks, including the VERITAS shield which currently appears on the SEC’s home page without explicit permission.

3. Even assuming the SEC becomes a recognized student group, this does mean that a web site operated by the SEC is an “official” Harvard web site. Ass I’ve explained to you before, official Harvard web sites are those operated by the University itself. Currently, the SEC web site and the houseSYSTEM web site are designed so as to appear to be web sites operated or official endorsed by the University. The College is concerned that this may create confusion for students accessing or viewing the site.

4. A good deal of the current content of the houseSYSTEM web site constitutes copyright infringement, for example, the long descriptive passages about each of the Houses.

5. The SEC’s intention to link to House facebooks or otherwise publish identifying information about the students raises separate concerns about student privacy.

6. The description of Think Computer as a “Harvard Student-Run Enterprise,” which appears on the SEC web site, is unclear and potentially misleading. As currently worded, it sounds as though Think Computer is a Harvard business that is run by students, rather than a business that is run by a student who currently attends Harvard. Students with individual businesses may not use Harvard’s name without permission or in any way suggest that their businesses are sponsored or endorsed by Harvard.

There are also several serious concerns about your operation of your business, Think Computer. These issues are as follows:

1. You have not registered your intent to operate a business from Harvard property with the Dean of the College and therefore, have not obtained permission from the College to do so, as the Handbook requires.

2. The Think Computer web site lists your Harvard mailing address and telephone number as one of your offices, which is prohibited.

3. The Think Computer web site states that Harvard University is using one of your products. As stated above, students may not in any way suggest that Harvard endorses a private business.

I have provided this summary as I wanted you to be aware of the issues in advance of our meeting. All of these issues must be addressed in one way or another. As you know, violations of the College’s regulations may lead to disciplinary action.

Aaron Greenspan

Why is it so hard for him to follow rules? He must have no sense of right or wrong. This is the worst product launch in history! So much for inventing Facebook. Instead of coding, building features, and listening to customers he just spent a ton of time arguing with everyone like he always does.

Then, the school had to send an email to all the students to correct the misleading information Aaron had put out:

I emphasize that the College did not ask for personal information about students or your subscribers but only for a list of usernames, so that it could inform those users to change their FAS passwords. Aaron was asked to comply by Friday, August 15, which he did. I note that, in addition to the usernames, Aaron provided information that the College had not requested.

Aaron Greenspan

What did Aaron do when called out by the Dean?

What do you think?

“DO NOT RESPOND to Jay Ellison’s e-mail. I am speaking with a number of attorneys right now,” I wrote frantically to everyone involved as I looked up the number for a law firm that Brad’s father’s friend had recommended.

Aaron Greenspan

So… you’re speaking to them or you’re about to call them? You get your friends in trouble, and then you lie to them?

“Well, it seems as though they’re a little afraid of the competition you’re giving them,” one of the lawyers said. “This could be construed as anti-competitive behavior.”

“I’m not sure I see it like that,” I said, still unsure of Harvard’s real motive.

“Well, regardless that’s what is in a courtroom.” Realizing that my opinion really didn’t mater, I decided to let the lawyers handle the law.

Aaron Grenspan

This must have been the moment Aaron Greenspan realized you need to lie about what’s happening at all times to protect yourself in a situation where you’re breaking the law. Stealing students’ account information is now “competition”. Sounds exactly like the kind of gaslighting Aaron Greenspan is still doing today.

“Now just to clear something up you mentioned a while ago, I’d like you to use me as a conduit to speak to the rest of the administration.”

I let Jay talk, and talk, and talk, re-hashing the same twisted arguments he had put forth over the previous two weeks, which had collectively made my life a living hell. I tried not to scoff or show any hint of emotion. My goal was perfect, icy silence. I would show them how much of a rebel I was.

Aaron Greenspan

Just cooperate with them! Do you not understand that the Dean is telling you he wants you to stop harassing the faculty? The only reason this process is difficult is that you’re trying to be a “rebel”. If you just followed instructions, there would be no need to make absolutely sure your project doesn’t appear to be associated with Harvard in any way. They were embarrassed to see what kind of person Aaron was, and didn’t want his actions and behavior to tarnish the good name of the school. Aaron Greenspan was a complete nightmare to deal with, but the faculty held strong because they knew they needed to protect the other students from people like him. Who knows what would have happened if they had let Aaron continue to run amok?

Aaron then decided to shout at the school dean some more.

“…I found out that Mr. Osterberg, who wasn’t a student, but who claimed to be, had actually signed onto houseSYSTEM not only from his own computer, but from Georgene Herschbach’s computer, in University Hall South. Now, I don’t know what an average HASCS staffer would be doing loging on there, unless he was showing something to someone.”

Jay looked unperturbed. “yes, there was a meeting where I believe HASCS gave some administrators a tour of your site…”

I cut him off.

“That’s not acceptable! I offered to show you everything. I even offered to show you the source code! You said “no!”. If you didn’t want to see it, then why did you have to break in, and instruct someone to sign up under false pretenses?” I was raging mad; my cheeks were on fire.

“Not only that! But you just got finished telling me, for more than thirty minutes, how the club that I was elected President of in February, whatever you’d like to call it, wasn’t even a valid student organization! So, if you really believe that, then Rick Osterberg wasn’t even breaking into one of Harvard’s own servers –– he was breaking into MY server! Think Computer Corporation owns that server! Not Harvard! That Jay, is illegal!”

“And this, right here, is proof. Not from some random person. It’s a signed letter, from the Harvard Registrar, certifying that Richard Osterberg is not, nor has ever been, a student in the Graduate School of Arts and Sciences.”

“You lied! You did this all to find out what was on the site, and you lied to do it! I hope… that I never, ever have to be this disappointed… in my teachers… ever again!”

I couldn’t help it; I had let down my guard by revealing my emotions. Fortunately, I had kept it up long enough that it didn’t mater. Jay Ellison, for a moment, was speechless. When I left, we both knew who was the adult in the room.

Aaron Greenspan

Holy shit. This guy is fucking nuts. You really thought you could ask Harvard students for their school email and password and nobody from the school would try and investigate what’s going on? How exactly is it illegal to register for a website?

Aaron Greenspan clearly has serious mental health and anger issues that continue to this day.

Anyway, that’s the story of how Aaron Greenspan supposedly invented Facebook. He built an ugly site that tried to use the school login info and nearly got expelled for it. After harassing and threatening Harvard’s faculty, rather than simply apologizing and cooperating, he then went on to claim Mark Zuckerberg was evil for stealing the idea from him. Later he claimed Square ripped of Square Cash from his shitty app FaceCash, which was also shut down for breaking the law.

Disciplined by Harvard for breaking the rules with houseSYSTEM. FaceCash, the worst app in Silicon Valley, shut down by the government for failing to comply with the laws around money transmitters after Aaron Greenspan couldn’t raise money due to his own ineptitude. And now harassing and threatening people for cash with Think Computer and the fraudulent Think Computer foundation. Aaron Greenspan’s entire life has been one long story of illegal activity and shocking blatant fraud mixed with impotent rage.

And remember, this is how Aaron tells the story. This is the version that tries to make him look good. Imagine hearing what really happened, from the school’s perspective? Imagine how bad that version sounds.