Xref: utzoo news.sysadmin:1961 comp.mail.misc:1492 news.misc:2449 comp.mail.uucp:2539 news.admin:4326 Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!ames!amdahl!pacbell!ditka!bucket!whizz!bbh From: bbh@whizz.uucp (Bud Hovell) Newsgroups: news.sysadmin,comp.mail.misc,news.misc,comp.mail.uucp,news.admin Subject: Re: bigoted racist misuse of email and computer accounts must be dealt with Summary: ....all well and good... Message-ID: <571@whizz.uucp> Date: 11 Dec 88 02:19:59 GMT References: <10676@ihlpa.ATT.COM> <11242@dartvax.Dartmouth.EDU> <7112@chinet.chi.il.us> Organization: Overture Systems Corp - Lake Oswego, Oregon Lines: 54 In article <7112@chinet.chi.il.us>, les@chinet.chi.il.us (Leslie Mikesell) writes: > In article <558@whizz.uucp> bbh@whizz.uucp (Bud Hovell) writes: > > >A second complaint would almost certainly cause me to take more severe action. > >Would I cut off the site from which it is originating? You are bloody right, I > >would! > > Don't forget that it is trivial to fake the user name on mail messages > (SysV /bin/mail uses LOGNAME from the environment), and it only requires > knowledge of the uucp login and password to fake the machine name (if > you have root access to a different machine, or a PC running uupc). And, I think that the fact that this *might* be a possibility does not warrant the assumption that it is therefore necessarily so and that one could therefore assume that the pursuit will be unsuccessful. I cite, for example, the recent postings that originated from "JJ" at portal. last I heard, they identified who he was, and he is now history. > of course, anyone with root access on any machine in the path could > intercept and modify the message (no one would actually do that...). Yeah, could happen. But it limits both motive and opportunity to a tiny level when the person must be *on* the path *and* have root access *and* also want to send hate mail to someone specific who just *happens* to be getting a piece of mail from someone else at the opportune moment. As you suggest, this one is kind of a non-starter at a practical level. > Anyway, it would be wise to treat net email like an unsigned paper document. Note that I indicated that after a second incident, I would take action. If I first notified the sysad at the allegedly offending site, then I would expect them to take more than a casual interest in the proceeding. If they are being locally sloppy in password control, then I would expect that to change ON THE SPOT! If there is sloppy control of who is allowed to log in and what casual users are privileged to do on that system, then the named site isn't a victim - they are cutting their own throats! Which is ok, as long as no one else gets bloodied along with them. If they are running so loosely that they can neither identify the problem down to a small group of possible people (and go have an eyeball-to-eyeball talk with those few), nor take suitable measures to prevent a recurrance, do you doubt for minute that I would cut them off? In a heartbeat! OVERTURE SYSTEMS CORP. Bud Hovell Operations Specialists Lake Oswego, Oregon :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: : USENET: {attmail! | tektronix!tessi!bucket! | pacbell!safari!} whizz!bbh : : TELEX: 152258436 (Whizz/Bud Hovell) VOICE: 503-636-3000 : :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: "Follow your bliss" - Joseph Campbell