Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.1 6/24/83; site mit-eddie.UUCP
Path: utzoo!watmath!clyde!burl!ulysses!allegra!mit-eddie!nessus
From: nessus@mit-eddie.UUCP (Doug Alan)
Newsgroups: net.music,net.rumor
Subject: Re: Attention, Responsible Net Users!  (And K-Mart Shoppers!)
Message-ID: <4688@mit-eddie.UUCP>
Date: Sun, 14-Jul-85 08:30:05 EDT
Article-I.D.: mit-eddi.4688
Posted: Sun Jul 14 08:30:05 1985
Date-Received: Wed, 17-Jul-85 04:29:56 EDT
References: <4669@mit-eddie.UUCP> <3347@dartvax.UUCP>
Distribution: net.music,net.rumor
Organization: MIT, Cambridge, MA
Lines: 40
Xref: watmath net.music:8288 net.rumor:1000

["And if he left off dreaming about you, where do you suppose you'd be?"]

> From: markv@dartvax.UUCP (Mark F. Vita)

> All right.  I give up.  What assurance do we netters have that this
> last message is not also a forgery?  Will the real Doug Alan please
> stand up?

None!  But it isn't.  Really!  This is me.

> A more critical issue is:  how is it possible for someone to post
> a forged message?

Come on.  The UseNet is just a bunch of computers that call each up
other over phone lines.  There is no hope of security, unless we start
using something like public key encryption (can you say "overhead"?!!).
Anyone who has super-user privileges on a computer on the UseNet can
create a forgery.  How many Trash-80s running Xenix and UUCP are there
out there?

> This would seem to be a MAJOR, serious problem with the posting
> software, if it indeed allows this to happen.  Anybody could go around
> posting malicious articles and putting other people's names on them.

Yup, but only super-users.

> Maybe a report to net.unix-wizards or some such is in order?

I'm sure they already know about the lack of security of the UseNet.

> I just hope this isn't some sort of extremely bizzarre joke being
> played out by Mr. Alan...

On you and me.  Certainly not by me!

			"Golden void, he speaks to me
			 Denying my reality"

			 Doug Alan
			  nessus@mit-eddie.UUCP (or ARPA)