About Spoofing

[Tim Clark]

About Spoofing,
I think we should all call attention to messages "spoofing" us by a simple
reply,

"SPOOF ALERT" The above message was not posted by me.

At this point I am still uncertain as to the status of some of yesterdays
messages.

1. I still do not know if the "piggy back" by "Engel" on Randy's message was
genuine.
2. I still do not know if the "get a mac" by "Engel" in reply to me was
genuine.
3. I believe the original "PING Engel" from Randy Was genuine as his apology
does not refute it. (I there fore believe occam is incorrect in thinking
Randy was spoofed)
4. I am sure the "Hey brown nose" reply to Randy was Not Engel.

?:-(
Tim

 

[Ron H]

I got to admit that I'm still bothered about what happened yesterday,
and i'm not so sure who is who and who is not. I've been here long
enough to say No Engel wouldn't call someone here brown nose , But
there has been a couple of posts from him where i said to myself my
friend has had a little too much wine. Yes someone can register in
this newsgroup in the name of Engel and right down what that person
put in their profile BUT can they put the information that was NG installed,
amount of posts, people you've helped, etc. Doesn't this stuff pertain to a
specific IP, and i don't think jass hacked the newsgroup.

I still haven't told myself that it wasn't him and i'm still wondering why
he hasn't let us know. During these weird posts Engel with shield
posted in General about the same time as Engel without shield was
posting in announcements and you can tell the different letter types.

So I'm wondering if someone is spoofing Engel how is his profile
showing up from a different IP and being able to show HIS recent
posts, that is NG controlled. And i just can't get over that Get A Mac
to you Tim, it had a certain Engel ring to it. Hey Tim, Nice Post and
your right we should not clink on any links here untill we know for sure
it's dangerous anyway. Ron

 

[Alan]

Hi Ron,

For those of us using a news reader such as O/E to access these groups, we
don't get to see things like amount of posts and people who have been helped
by a poster.

I don't know if I'd be more, or less, confused if I saw this kind of
informations from posters.

I do agree that it's getting hard to keep track of who is whom lately.

I'm not sure if any of this will be helpful in trying to figure out the
"real" Engel in these Security newsgroups, but here's the header information
for whom I believe is the real Engel that was posted in
microsoft.public.windowsupdate on January 9:

Thread-Topic: 0x8007041D error when attempting to update Windows XP
Professional
thread-index: AchTRYPkX1i/IsRvT1e+wlWcCCi1TQ==
X-WBNR-Posting-Host: 207.46.19.168
From: =?Utf-8?B?RW5nZWw=?= <[email protected]>
References: <[email protected]>
Subject: RE: 0x8007041D error when attempting to update Windows XP
Professional
Date: Wed, 9 Jan 2008 20:59:01 -0800
Lines: 29
Message-ID: <[email protected]>
MIME-Version: 1.0
Content-Type: text/plain;
charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
Newsgroups: microsoft.public.windowsupdate
NNTP-Posting-Host: tk2msftibfm01.phx.gbl 10.40.244.149
Path: TK2MSFTNGP01.phx.gbl!TK2MSFTNGHUB02.phx.gbl
Xref: TK2MSFTNGP01.phx.gbl microsoft.public.windowsupdate:264629

Alan

 

[Bill Sanderson]

I have a couple of concerns about these issues:

1) A fundemental difficulty with NNTP versus web forums is the lack of any
method to provide "reputation" other than the collective memories of the
regular users of a forum over time--or, perhaps, using Google to provide
that longer term view.

The web forum has a mechanism that is supposed to provide that---for
example, while I was an MVP, the web forums showed a symbol by posts that I
made via the web that indicated that status--this was not spoofable unless I
lost control of my Passport credentials. Engel, similarly, has had a Bronze
level contributor symbol by his posts (or maybe better by now?!) so--I went
to the web forum to see whether that symbol showed on the posts that may
have been spoofed. Unfortunately, I didn't spot any of those symbols in the
few pages I looked at. I don't know whether that feature is no longer
working, or what.

So--this is a strength of web forums versus NNTP, but it doesn't seem to be
helping me at the moment for this particular set of spoofed messages.

2) I'd recommend that we minimize the online discussion of these issues.
This is trollery, and the confusion and discussion that it engenders is an
intended result--so public complaints against other posters are somewhat
like responding to the troll--better avoided. Maintaining the online
discussion on a professional level is the best way to keep the forums a
welcoming place for new folks with technical issues. I think we can
leave it to Microsoft to deal with the trolls.

Every one of us is a multi-faceted human being--so posts that are out of the
ordinary line are to be expected on occasion, but I'd hope that we can avoid
posts that are malicious, as has often been the case in some of the troll
posts, and those apparently spoofed posts in recent days.

Thanks for caring, and here's to a better level of communication in the days
ahead!