Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!uunet!husc6!rutgers!ho95e!homxb!ihnp4!cbosgd!clyde!watmath!watdcsu!magore From: magore@watdcsu.waterloo.edu (Mike Gore, Institute Computer Research - ICR) Newsgroups: news.admin,misc.legal Subject: A challenge for those who believe that the network has security Message-ID: <4000@watdcsu.waterloo.edu> Date: Sun, 18-Oct-87 16:34:25 EDT Article-I.D.: watdcsu.4000 Posted: Sun Oct 18 16:34:25 1987 Date-Received: Tue, 20-Oct-87 01:59:33 EDT References: <3947@watdcsu.waterloo.edu> Reply-To: magore@watdcsu.waterloo.edu (Mike Gore, Institute Computer Research - ICR) Organization: U. of Waterloo, Ontario Lines: 22 Xref: mnetor news.admin:1198 misc.legal:3172 Mike Gore asserts the following: > Yes you could by faking the header - BUT once the forged message > leaves your site it will leave a trail pointing back to you. Every site > you connect to will tack on it's own part of the full distribution path and > if enough people compare the results it would be simple to determine where > it _didn't_ come from by seeking a common root- and in many cases it would be > possible to track it back to the actual poster _if_ that site keeps logs. If > you do manage to post from several places at once you might cause problems > with this method but there are other methods by using article numbers that > further help to make undetected forgeries harder to do... I challenge him to figure out where this article originated from, where it was inserted into the network, and who really wrote it in the first place. I believe that the network does not have sufficient audit trails to make this possible. And as a courtesy, someone ought to mail him a copy of this article; you see, as a consequence of the forgery method, his site will not get a copy. Of course, this might really be Mike Gore, arguing with himself... # Mike Gore # Institute for Computer Research. ( watmath!mgvax!root - at home ) # These ideas/concepts do not imply views held by the University of Waterloo.