1994-08-02 - Re: “Anon” fake…

Header Data

From: Lyman Hazelton <lrh@crl.com>
To: cypherpunks@toad.com
Message Hash: 6b98cdd6dcf9acede897c484b0c9561afd53dec5bed785616eb37a635f7da5f4
Message ID: <Pine.3.87.9408021022.A26442-0100000@crl.crl.com>
Reply To: <9408021528.AA10247@snark.imsi.com>
UTC Datetime: 1994-08-02 17:18:54 UTC
Raw Date: Tue, 2 Aug 94 10:18:54 PDT

Raw message

From: Lyman Hazelton <lrh@crl.com>
Date: Tue, 2 Aug 94 10:18:54 PDT
To: cypherpunks@toad.com
Subject: Re: "Anon" fake...
In-Reply-To: <9408021528.AA10247@snark.imsi.com>
Message-ID: <Pine.3.87.9408021022.A26442-0100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain

On Tue, 2 Aug 1994, Perry E. Metzger wrote:

> nzook@fireant.ma.utexas.edu says:
> > Folks, we GOTTA do something about this...
> The obvious and simple fix is to put code into the Majordomo
> implementation to prevent the subscription of an*@anon.penet.fi (note
> -- this wouldn't prevent subscriptions as na*@anon.penet.fi). I've
> pointed this out before -- unfortunately, the list maintainers don't
> have time to do it. Maybe someone could volunteer to do the change?
> You'd have to talk to Eric Hughes about how to do the work.
> Perry

Perry (and other c'punks),

  I don't think the mechanism employed by the hacker is using "who" at 
all.  Rather, it is someone who is subscribed to the list and has a 
program which looks at the author of each message to see if it is someone 
already in their database.  If it is someone new, it automatically sends 
a message for that person into the anon service.  If not, it simply 
ignores the message.  There are LOTS of silent listeners on the list and 
it could be ANY of them.  Stoping this is not going to be easy.  I don't 
suppose Julf@penet.fi would be interested in recording the name of the 
site where all these requests are originating?  Any other ideas?


Finger lrh@crl.com for PGP 2.4 Public Key Block.