Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10 beta 3/9/83; site frog.UUCP Path: utzoo!watmath!clyde!burl!ulysses!allegra!mit-eddie!cybvax0!frog!john From: john@frog.UUCP (John Woods) Newsgroups: net.rumor Subject: Re: Attention, Responsible Net Users! (And K-Mart Shoppers!) Message-ID: <226@frog.UUCP> Date: Mon, 15-Jul-85 14:04:11 EDT Article-I.D.: frog.226 Posted: Mon Jul 15 14:04:11 1985 Date-Received: Thu, 18-Jul-85 20:30:10 EDT References: <4669@mit-eddie.UUCP> <3347@dartvax.UUCP> <4688@mit-eddie.UUCP> Organization: Charles River Data Systems, Framingham MA Lines: 36 > ["And if he left off dreaming about you, where do you suppose you'd be?"] > > From: markv@dartvax.UUCP (Mark F. Vita) > > All right. I give up. What assurance do we netters have that this > > last message is not also a forgery? Will the real Doug Alan please > > stand up? > None! But it isn't. Really! This is me. > > A more critical issue is: how is it possible for someone to post > > a forged message? > Come on. The UseNet is just a bunch of computers that call each up > other over phone lines. There is no hope of security, unless we start > using something like public key encryption (can you say "overhead"?!!). > Anyone who has super-user privileges on a computer on the UseNet can > create a forgery. How many Trash-80s running Xenix and UUCP are there > out there? > > This would seem to be a MAJOR, serious problem with the posting > > software, if it indeed allows this to happen. Anybody could go around > > posting malicious articles and putting other people's names on them. > > Yup, but only super-users. Nope, anyone. I an loathe to state the mechanism, which (probably) just about anyone can use, because just about everyone WILL use it. It's simple, it's fun, and it's been done before, many, many times... And how many CP/M systems run Lauren's UUCP version? Like most problems, this one gets worse the more you think of it. Not afraid to sign a blast from the past, -- John Woods, Charles River Data Systems, Framingham MA, (617) 626-1101 ...!decvax!frog!john, ...!mit-eddie!jfw, jfw%mit-ccc@MIT-XX.ARPA I have a bad habit of thinking of tremendously witty .signatures just before I fall asleep. If I kept paper by my bed, you'd probably be laughing uncontrollably at this very moment. Sorry.