Well, I will try to stick to what I suggested that we should discuss
things about FAQ in this FAQ mailing list, but you should not forget
you also called me "moron", "hypocrite", "liar", and that was the
reason why I wanted to get you mad :)
"I am not from the Dream Team; I am the MEAN Team".
O.K. Let's forget this from now on.
> } (1) whether it is possible to alias out the alleged problematic UUnet
> } site. At least, are news administrators able to ignore cancel
> } commands sent out through that UUnet site?
>
> I have serious doubts whether aliasing out uunet would be a good idea.
> UUNET is simply too ubiquitous a passthru site.
I know that UUnet might be the "main" passthrough site, according to your
comments. However, do you mean there is no second connection to bypass
UUnet (if people alias it out)?
> } (2) I am not in the news.answers moderation team. However, is the
> } cancel command affecting the FTP/WWW archiving mechanism for the
> } FAQ's? What happens if someone forge a posting in news.answers
> } with the appropriate "Approved:" header? For instance, Chris Lewis
> } maintains a FAQ on wiring. If bad guys want to target him, can they
> } forge a post by Chris Lewis in news.answers with the goal to "wipe
> } out" the authenticate FAQ by Chris?
>
> That's exactly what happened.
It might depend on how news.answers works (of course you know much more
than I do here). Maybe a cancel is O.K. What I meant is, say, now I
am the bad guy. You have an FAQ on wires. Now I forge a post from you
to news.answers, with the appropriate approval, but dump in irrelevant
contents. In this case, when people go to the MIT site and look for your
FAQ, they will read something like "Chris Lewis is a villain", not the
real FAQ they are looking for.
This might be an analogy of US CIA Web site being corrupted by hackers.
The difference is that this time the "war" does not take place on WWW.
It takes place on news.answers.
Is news.answers equipped with any defense on this? I mean, it might be
"O.K." to have the FAQ cancelled from the *.answers and the related
newsgroups since it won't be a serious damage. The FAQ files simply
disappears from the related newsgroups. However, if it affects
the archives at the MIT ftp site and the other Web sites, that will be
serious.
> } Doug from Dejanews once joked that I should refrain from posting
> } something to give the hackers ideas. However, for the FAQ Maintainer
> } mailing list, I thought the probability that this post falls to the
> } wrong hands might be somewhat small.
>
> Bad guess. Several of the kook cabal post "approved" FAQs (esp. Gonsalez,
> and I think Vulis), and chances are they are on this list.
If that is the case, I apologize here..... But according to what you
said, this kind of attack is already being used. I mean, I did not
proliferate some "classified" information.....
(deleted)
-- Tung-chiang Yang tcyang@ee.ucla.edu Dept. of Electrical Engineering, UCLA, USA Nov 16, 1996
[
Usenet Hypertext FAQ Archive |
Search Mail Archive |
Authors |
Usenet
]
[
1993 |
1994 |
1995 |
1996 |
1997
]
© Copyright The Landfield Group, 1997
All rights reserved