nessus@mit-eddie.UUCP (Doug Alan) (07/09/85)
I hope none of you seriously believe that I would entertain such frivolous discussions on the merit of J.S. Bach's music. I have admired many of JSB's works, and although you all know how I feel about Kate Bush's music, even to talk of such a comparison is obscene. Once again, it looks like this is the work of the fun-people eunuch-wizards. It was slightly amusing the first time they forged news article by me but I am beginning to get annoyed. I have attempted to contact David Dobkin, the site administrator-administrator at Princeton, in order to straighten things out. Is there anyone out there that is as upset as I am? If this keeps up the net will be in peril of losing its credibility. "We don't need no education" Doug Alan nessus@mit-eddie.UUCP (or ARPA)
nessus@mit-eddie.UUCP (Doug Alan) (07/12/85)
["Let me see: four times five is twelve, and four times six is thirteen, and four times seven is -- oh dear! I shall never go to twenty at that rate!"] > From: Judd Rogers <ihnp4!seismo!tove.ARPA!judd> > Since no-one else seems to see these aleged forgeries why don't you ignore > them? > In anycase, don't tell us at net.rumor since it is not a rumor (a > halucination but not a rumor) It's kind of interesting that you should say that when the posting that you are responding to is indeed a forgery! Mit-Eddie doesn't receive these forgeries, so I may not have seen them all. I received the following posting via personal mail from my bestest friend in the whole universe. I did not post this -- it is the second forgery that I know of: > From nessus@mit-eddie.UUCP > I hope none of you seriously believe that I would entertain such > frivolous discussions on the merit of J.S. Bach's music. I have > admired many of JSB's works, and although you all know how I feel about > Kate Bush's music, even to talk of such a comparison is obscene. Clearly I don't really believe that such a comparison is obscene, for no forger would flame as long as I have on the subject. > Once again, it looks like this is the work of the fun-people > eunuch-wizards. It was slightly amusing the first time they forged > news article by me but I am beginning to get annoyed. Yup! > I have attempted to contact David Dobkin, the site > administrator-administrator at Princeton, in order to straighten > things out. I have no idea who David Dobkin is. > Is there anyone out there that is as upset as I am? If > this keeps up the net will be in peril of losing its credibility. Did it ever have any? In the future, people might want to use this algorithm to determine if a message is really from me: If you say to yourself "My goodness that was a wonderful posting. Doug Alan must be a real genius!" then assume it is really from me. If you say to yourself "My God what a stupid article! Doug Alan is a real asshole!" then assume it is a forgery. This may not give you an accurate picture of the truth, but I don't mind.... What does 'I' mean? Doug Alan nessus@mit-eddie.UUCP (or ARPA)
markv@dartvax.UUCP (Mark F. Vita) (07/13/85)
> ["Let me see: four times five is twelve, and four times six is thirteen, > and four times seven is -- oh dear! I shall never go to twenty at > that rate!"] > > > From: Judd Rogers <ihnp4!seismo!tove.ARPA!judd> > > > Since no-one else seems to see these aleged forgeries why don't you ignore > > them? > > > In anycase, don't tell us at net.rumor since it is not a rumor (a > > halucination but not a rumor) > > It's kind of interesting that you should say that when the posting that > you are responding to is indeed a forgery! > > Mit-Eddie doesn't receive these forgeries, so I may not have seen them > all. I received the following posting via personal mail from my bestest > friend in the whole universe. I did not post this -- it is the second > forgery that I know of: > > > From nessus@mit-eddie.UUCP > > > I hope none of you seriously believe that I would entertain such > > frivolous discussions on the merit of J.S. Bach's music. I have > > admired many of JSB's works, and although you all know how I feel about > > Kate Bush's music, even to talk of such a comparison is obscene. > > Clearly I don't really believe that such a comparison is obscene, for no > forger would flame as long as I have on the subject. > > > Once again, it looks like this is the work of the fun-people > > eunuch-wizards. It was slightly amusing the first time they forged > > news article by me but I am beginning to get annoyed. > > Yup! > > > I have attempted to contact David Dobkin, the site > > administrator-administrator at Princeton, in order to straighten > > things out. > > I have no idea who David Dobkin is. > > > Is there anyone out there that is as upset as I am? If > > this keeps up the net will be in peril of losing its credibility. > > Did it ever have any? > > In the future, people might want to use this algorithm to determine if a > message is really from me: If you say to yourself "My goodness that was > a wonderful posting. Doug Alan must be a real genius!" then assume it > is really from me. If you say to yourself "My God what a stupid > article! Doug Alan is a real asshole!" then assume it is a forgery. > This may not give you an accurate picture of the truth, but I don't > mind.... > > What does 'I' mean? > > Doug Alan > nessus@mit-eddie.UUCP (or ARPA) All right. I give up. What assurance do we netters have that this last message is not also a forgery? Will the real Doug Alan please stand up? A more critical issue is: how is it possible for someone to post a forged message? This would seem to be a MAJOR, serious problem with the posting software, if it indeed allows this to happen. Anybody could go around posting malicious articles and putting other people's names on them. Maybe a report to net.unix-wizards or some such is in order? I just hope this isn't some sort of extremely bizzarre joke being played out by Mr. Alan... -- Mark Vita Dartmouth College USENET: {decvax,cornell,linus,astrovax}!dartvax!markv ARPA: markv%dartmouth@csnet-relay CSNET: markv@dartmouth
mwm@ucbtopaz.CC.Berkeley.ARPA (Mike (I'll be mellow when I'm dead) Meyer) (07/14/85)
In article <4669@mit-eddie.UUCP> nessus@mit-eddie.UUCP (Doug Alan) writes: >In the future, people might want to use this algorithm to determine if a >message is really from me: If you say to yourself "My goodness that was >a wonderful posting. Doug Alan must be a real genius!" then assume it >is really from me. If you say to yourself "My God what a stupid >article! Doug Alan is a real asshole!" then assume it is a forgery. >This may not give you an accurate picture of the truth, but I don't >mind.... > nessus@mit-eddie.UUCP (or ARPA) Aha! Then this must be forgery :-). Actually, I suspect that Nessus's heads are posting behind each other's backs. <mike
nessus@mit-eddie.UUCP (Doug Alan) (07/14/85)
["And if he left off dreaming about you, where do you suppose you'd be?"] > From: markv@dartvax.UUCP (Mark F. Vita) > All right. I give up. What assurance do we netters have that this > last message is not also a forgery? Will the real Doug Alan please > stand up? None! But it isn't. Really! This is me. > A more critical issue is: how is it possible for someone to post > a forged message? Come on. The UseNet is just a bunch of computers that call each up other over phone lines. There is no hope of security, unless we start using something like public key encryption (can you say "overhead"?!!). Anyone who has super-user privileges on a computer on the UseNet can create a forgery. How many Trash-80s running Xenix and UUCP are there out there? > This would seem to be a MAJOR, serious problem with the posting > software, if it indeed allows this to happen. Anybody could go around > posting malicious articles and putting other people's names on them. Yup, but only super-users. > Maybe a report to net.unix-wizards or some such is in order? I'm sure they already know about the lack of security of the UseNet. > I just hope this isn't some sort of extremely bizzarre joke being > played out by Mr. Alan... On you and me. Certainly not by me! "Golden void, he speaks to me Denying my reality" Doug Alan nessus@mit-eddie.UUCP (or ARPA)
john@frog.UUCP (John Woods) (07/15/85)
> ["And if he left off dreaming about you, where do you suppose you'd be?"] > > From: markv@dartvax.UUCP (Mark F. Vita) > > All right. I give up. What assurance do we netters have that this > > last message is not also a forgery? Will the real Doug Alan please > > stand up? > None! But it isn't. Really! This is me. > > A more critical issue is: how is it possible for someone to post > > a forged message? > Come on. The UseNet is just a bunch of computers that call each up > other over phone lines. There is no hope of security, unless we start > using something like public key encryption (can you say "overhead"?!!). > Anyone who has super-user privileges on a computer on the UseNet can > create a forgery. How many Trash-80s running Xenix and UUCP are there > out there? > > This would seem to be a MAJOR, serious problem with the posting > > software, if it indeed allows this to happen. Anybody could go around > > posting malicious articles and putting other people's names on them. > > Yup, but only super-users. Nope, anyone. I an loathe to state the mechanism, which (probably) just about anyone can use, because just about everyone WILL use it. It's simple, it's fun, and it's been done before, many, many times... And how many CP/M systems run Lauren's UUCP version? Like most problems, this one gets worse the more you think of it. Not afraid to sign a blast from the past, -- John Woods, Charles River Data Systems, Framingham MA, (617) 626-1101 ...!decvax!frog!john, ...!mit-eddie!jfw, jfw%mit-ccc@MIT-XX.ARPA I have a bad habit of thinking of tremendously witty .signatures just before I fall asleep. If I kept paper by my bed, you'd probably be laughing uncontrollably at this very moment. Sorry.
training@rtech.UUCP (Training account) (07/19/85)
> In the future, people might want to use this algorithm to determine if a > message is really from me: If you say to yourself "My goodness that was > a wonderful posting. Doug Alan must be a real genius!" then assume it > is really from me. If you say to yourself "My God what a stupid > article! Doug Alan is a real asshole!" then assume it is a forgery. > This may not give you an accurate picture of the truth, but I don't > mind.... > > What does 'I' mean? > > Doug Alan > nessus@mit-eddie.UUCP (or ARPA) My God! The REAL Doug Alan has NEVER posted anything to net.music! Shouldn't someone contact the real Doug Alan at MIT (who probably doesn't even know that such a thing as net.music exists) and let him know that he's getting a (probably undeserved) reputation as an asshole? Robert Orenstein Relational Technology
anon@sphinx.UChicago.UUCP (Anonymous) (07/21/85)
You mean it's possible for someone to disguise the origin of a posting!? I just don't believe it! Anon.
spaf@gatech.CSNET (Gene Spafford) (07/21/85)
I know not whether news postings are being propagated with Doug Allen's
name on them. I can safely say, however, that it is a relatively
simple matter for someone to forge an article and submit it to
the net. The easiest method of performing such a forgery would keep
the article from showing up at the site where is was allegedly "posted."
This is a problem with the news software/uucp interaction, and there is
no practical fix known or available. As such, I hope you'll pardon
me if I don't explain how to forge a news article.
Possibly posted by,
--
Gene "3 months and holding" Spafford
The Clouds Project, School of ICS, Georgia Tech, Atlanta GA 30332
CSNet: Spaf @ GATech ARPA: Spaf%GATech.CSNet @ CSNet-Relay.ARPA
uucp: ...!{akgua,allegra,hplabs,ihnp4,linus,seismo,ulysses}!gatech!spaf