 | | Re: What the F.......
|
|
Okay. So who on rtl posts from mediaOne? It should not be too hard to find the terminal source of the fake message, etc. I've matched up a flamer that way in the past, making use of AltaVista. I'm not sure you can still do it there, but somene who (...) (25 years ago, 11-Jun-99, to lugnet.general)
|
| |
| | What the F.......
|
|
Has anybody read this yet? It was posted on RLT and I'm just quoting it: Subject: Thanks for your input (...) "The text beginning with ">" is not mine but somebody else's." (25 years ago, 11-Dec-99, to lugnet.dear-lego)
|
| |
| | Re: What the F.......
|
|
(...) I had a feeling this was going to happen......I could be true.....or just some evil person who thought it would be a hoot to go and post a fake message saying Lego Direct was fake.......if it is the second of the two I am going to go into my (...) (25 years ago, 11-Dec-99, to lugnet.general)
|
| |
| | Re: What the F.......
|
|
That message was posted from ndnws01.ne.mediaone.net It's too bad all the other messages posted by Brad are gone from my newsserver. That way we could compare if they all came from the same IP. Of course the only one who knows more about these (...) (25 years ago, 11-Dec-99, to lugnet.general)
|
| |
| | Re: What the F.......
|
|
WE HAVE ALL BEEN SHAFTED!!!...!!! How gullible are we all--I guess very much so. After all, the email address looked official enough. And we all want our greatest wishes to come true. But I think we all got burned!!!! I personally did not post a (...) (25 years ago, 11-Dec-99, to lugnet.dear-lego)
|
| |
| | Re: What the F.......
|
|
If someone can decode all this and do a DNS lookup on the IP listed.. Here's the full header from that message. Notice complaints to abuse@mediaone.net it's a cable modem setup. so he's probably able to change his server name on the fly. Path: (...) (25 years ago, 11-Dec-99, to lugnet.general, lugnet.dear-lego)
|
| |
| | Hmmm
|
|
"Brad Justus" wrote stuff about Lego Direct being a scam In the first instance, the posts to Lugnet and rtl were more or less simultaneous, yet there has been no post to Lugnet. One wonders if this might be because Todd's moderation would have (...) (25 years ago, 12-Dec-99, to lugnet.dear-lego, lugnet.general)
|
| |
| | Re: What the F.......
|
|
Let me stop this right now. Whoever posted claiming that LEGO Direct is a scam was not me; and the sentiment expressed in the post could not be more wrong. LEGO Direct is a very real undertaking of The LEGO Company and we are very committed to it -- (...) (25 years ago, 12-Dec-99, to lugnet.dear-lego) !
|
| |
| | Re: What the F.......
|
|
The first message appeared to have come from another isp, interport.net, not mediaone.net, although the original never appeared on my news server so I can't get a look at the complete headers (only what dejanews provides). It's possible that this (...) (25 years ago, 12-Dec-99, to lugnet.general, lugnet.dear-lego)
|
| |
| | Re: What the F.......
|
|
I won't post the headers to the original message because it contains a private email address. The original message from Brad was posted from "interport.net" an RCN company. RCN is a dialup isp that covers the northeast US, and would be a reasonable (...) (25 years ago, 12-Dec-99, to lugnet.general)
|
| |
| | Re: What the F.......
|
|
(...) Welcome to the dark side of the internet, Brad. Please don't let this get you down or spoil you on our community. (...) Mediaone.net's abuse department should be contacted about the impersonation, with extremely vehement complaints, at the (...) (25 years ago, 12-Dec-99, to lugnet.dear-lego)
|
| |
| | Lugnet's security (Was: Re: What the F.......)
|
|
If this idiot from Mediaone.net was a little smarter, he could have faked Brad Justus's post even here as I just did: (URL) please delete the above message. I think everyone should be assigned a password to post here so you couldn't impersonate (...) (25 years ago, 12-Dec-99, to lugnet.dear-lego, lugnet.general)
|
| |
| | Re: What the F.......
|
|
In response to myself: I WAS WRONG. LEGODIRECT AND BRAD JUSTUS (The legitimate one) DO EXIST. Just wanted to help clear this up. The hoax is the retraction posted to RTL, not the posts to Lugnet from Brad Justus. Note: I will not be deleting my (...) (25 years ago, 12-Dec-99, to lugnet.dear-lego, lugnet.general)
|
| |
| | Re: What the F.......
|
|
(...) Lego DOES have an email address. I have it and have sent them email. They just don't give it out because they don't want to be flooded with email from people who want to buy 2 purple 2x2 tiles or something else. (...) I don't think you really (...) (25 years ago, 12-Dec-99, to lugnet.dear-lego)
|
| |
| | Re: Lugnet's security (Was: Re: What the F.......)
|
|
(...) Dan: Just so you know, what you just did is grounds for removal. Please do not ever do it again, even to make a point. Obviously you meant well but this is an extremely important rule not to violate. To repeat from the discussion group T&C, (...) (25 years ago, 12-Dec-99, to lugnet.dear-lego, lugnet.general)
|
| |
| | Re: What the F.......
|
|
(...) Well, I will. I want to have this on record in case the message on Usenet gets cancelled somehow. This is serious. Here are the headers: ------begin------ Path: reader2.news.rcn.net...ed.berkele y.edu!netnews.com!ch...ne.net!24. (...) (25 years ago, 12-Dec-99, to lugnet.general)
|
| |
| | Re: Lugnet's security (Was: Re: What the F.......)
|
|
Thanks. I knew what I was doing when posting the message and just thought you should know it can be done (which you probably do). While I did it under good intentions, some else could do it under bad intentions and if it can be done, someone will do (...) (25 years ago, 12-Dec-99, to lugnet.dear-lego, lugnet.general)
|
| |
| | Re: What the F.......
|
|
(...) Hear Hear. (...) The only defence we've got may be just that - some measure of traceability of messages that are posted. As for a)why someone would do this, and b)how it can be prevented, I don't think there are real answers to those questions (...) (25 years ago, 12-Dec-99, to lugnet.dear-lego)
|
| |
| | Re: Lugnet's security (Was: Re: What the F.......)
|
|
(...) Yes, obviously. That's why the rule in the T&C. --Todd (25 years ago, 12-Dec-99, to lugnet.dear-lego, lugnet.general)
|
| |
| | Re: What the F.......
|
|
(...) The woman who does quality assurance for my company has a cable modem with a Media One account. She lives in Cambridge or Somerville, I think. - chris (25 years ago, 12-Dec-99, to lugnet.general)
|
| |
| | Brad Justus is real
|
|
(...) Brad, I'm very sorry this happened. It seems that cheap attention is easy to be had these days. I wish LEGO the best of luck in determining the source of the forgery on Usenet/rec.toys.lego and hope that it does not discourage the ongoing (...) (25 years ago, 12-Dec-99, to lugnet.dear-lego, lugnet.general, lugnet.announce)
|
| |
| | Re: Lugnet's security (Was: Re: What the F.......)
|
|
(...) Ummm...Can't we just let Todd do his thing and assume that he knows what he is doing? No offense, Dan, but that was a strange thing to do -- especially in light of the RTL post from (I hope) an imposter. Its one thing to have an honest and (...) (25 years ago, 12-Dec-99, to lugnet.dear-lego, lugnet.general)
|
| |
| | Re: What the F.......
|
|
(...) // snip Kevin was refering to the headers of Brad's original message and not the forgery, I believe. Not that it matters, really ... it's clear that the "retraction" was a forgery, and I hope that the loser who posted the forged post loses his (...) (25 years ago, 12-Dec-99, to lugnet.general)
|
| |
| | Re: Brad Justus is real
|
|
In lugnet.dear-lego, Todd Lehman writes: [snip] (...) For me, this hammers in why LUGNET is where I want to be. You notice that the forged posts were posted to USENET and not to here. I'll continue to read r.t.l, but I'm quite fond of having a stand (...) (25 years ago, 12-Dec-99, to lugnet.dear-lego)
|
| |
| | Re: Brad Justus is real
|
|
I thought the same thing, until someone showed how it could be done here as well. But your point is well taken. People here in LUGNET are on the whole mature adults who are responsible people. It is our little utopia (8 wide, of course;) based on (...) (25 years ago, 12-Dec-99, to lugnet.dear-lego)
|
| |
| | Re: What the F.......
|
|
Umm, Todd you posted the header for the "imposter" post, not the original post that I said I wouldn't post the headers for. Obviously Brad is real and I was just trying to support that. Brad, as you know we are an Internet savvy bunch and we had (...) (25 years ago, 12-Dec-99, to lugnet.general)
|
| |
| | Re: Lugnet's security (Was: Re: What the F.......)
|
|
(...) He did post it in the test newsgroup. And it _was_ just a test. (25 years ago, 12-Dec-99, to lugnet.dear-lego, lugnet.general)
|
| |
| | Re: What the F.......
|
|
(...) Yup, OK, sorry. I jumped into the middle of the thread--pointed here on alert by someone who noticed the mess... --Todd (25 years ago, 12-Dec-99, to lugnet.general)
|
| |
| | Re: Lugnet's security (Was: Re: What the F.......)
|
|
Matthew Miller wrote in message ... (...) he is (...) in (...) I've thought about this many times in the past, and realize no test is at all necessary. When I post to Lugnet from work, I post using my Mindspring userid (which is what I've (...) (25 years ago, 12-Dec-99, to lugnet.dear-lego, lugnet.general)
|
| |
| | Re: What the F.......
|
|
I've got email addresses inside of LEGO too, and I guarantee you Brad is for real. What he has expressed is the manifestation of many ideas I have heard before, privately. Make no mistake, LEGO direct is for real. KL (...) (25 years ago, 12-Dec-99, to lugnet.dear-lego)
|
| |
| | Re: What the F.......
|
|
All MediaOne posters take one step forward! -- Bob Fay rfay@we.mediaone.net The Shop (URL) M. Dye" <robdye@writeme.com> wrote in message news:FMM3MA.Mow@lugnet.com... (...) that (...) it (...) match (...) original (...) (25 years ago, 12-Dec-99, to lugnet.general)
|
| |
| | Re: Brad Justus is real
|
|
(...) Actually, no, it's not possible to effectively forge messages here. Yes, you can post messages using someone else's name (easily, even). But it is _not_ possible to forge the originating IP in Todd's logs. Which means that even though _we_ (...) (25 years ago, 12-Dec-99, to lugnet.dear-lego)
|
| |
| | Re: What the F.......
|
|
(...) Well, I have a MediaOne account. I took the opportunity once MediaOne offered their cable modems in our area (which was around October 1998, IIRC). I've posted only rare requests to RTL for sets, and some things here and there in LUGNET. I try (...) (25 years ago, 13-Dec-99, to lugnet.general)
|
| |
| | Re: What the F.......
|
|
(...) Yes, the impersonator has been identified by posting IP address. God bless cable modems and their static IP addresses. I haven't written to abuse@mediaone.net yet because I am wondering how much we as the community should do, and how much Brad (...) (25 years ago, 13-Dec-99, to lugnet.general)
|
| |
| | Re: What the F.......
|
|
(...) From MediaOne's "Terms and Conditions": (I am only posting the relevant portion; I don't think Todd would want me to post the entire document...) 10.3 You agree to abide by the policies of the Road Runner Service as they are electronically (...) (25 years ago, 13-Dec-99, to lugnet.general)
|
| |
| | Re: Brad Justus is real
|
|
(...) Not to spread paranoia, but... offhand, I can think of three different ways to forge the IP in Todd's logs. Supposing someone wanted to pose as Brad Justus: one could a) break into Brad's machine and post from there b) break into Todd's (...) (25 years ago, 13-Dec-99, to lugnet.dear-lego)
|
| |
| | Re: Brad Justus is real
|
|
(...) Point 1, he uses IE on Windows NT (if we can believe the first message, at least). So no remote breaking in. Which leaves physical access - which is IMHO rather unlikely. (...) Break into a high-security FreeBSD box? Highly unlikely, (...) (25 years ago, 13-Dec-99, to lugnet.dear-lego)
|
| |
| | Re: Brad Justus is real
|
|
(...) Why not? BO2K runs on Windows NT and Win2000 boxes. (The new version of Netbus does too, but I'm not sure if that's publicly available yet.) (...) But if you anticipate what packets the remote side will return, you can generate the appropriate (...) (25 years ago, 13-Dec-99, to lugnet.dear-lego)
|
| |
| | Re: Brad Justus is real
|
|
Moving this to .debate, for lack of lugnet.off-topic.comp.risks. (...) BO isn't cracking - it's carelessness on the part of the crackee. Anyone can distribute happy99.exe, but breaking root on an up-to-CERT unix box is something very few can do. (...) (25 years ago, 14-Dec-99, to lugnet.dear-lego, lugnet.off-topic.debate)
|
| |
| | Re: Brad Justus is real
|
|
(...) Sure. But the issue isn't how it happened. The end net effect is the same -- it makes it easy to do something that's coming from someone else's box. (...) Again, true but probably not relevant -- such info certainly isn't in news server logs. (...) (25 years ago, 14-Dec-99, to lugnet.off-topic.debate, lugnet.off-topic.geek)
|
| |
| | Re: Brad Justus is real
|
|
I just want to thank 2 people here. One is Brad for trying to clear this all up as quickly as possible. I find it sad that some would want to disrupt something that we have all been hopeing for for a long time. I too thought that Brads appearance (...) (25 years ago, 14-Dec-99, to lugnet.dear-lego)
|
| |
| | Enhanced verification (was: Re: What the F.......)
|
|
In lugnet.dear-lego, Brad Justus wrotes: (...) I've been cogitating on this from a technical standpoint and I think I have come up with a general workable solution, all things considered. I agree that if something can be done, it should be done. (...) (25 years ago, 14-Dec-99, to lugnet.dear-lego, lugnet.admin.general)
|
| |
| | Re: Brad Justus is real
|
|
Eric Kingsley wrote in message ... (...) >I too thought that Brads appearance was too good to be true (...) My little squeak from New Zealand. I agree, that Brad offers lots of hope for AFOL's, even way down here. Hopefully we will get the same (...) (25 years ago, 14-Dec-99, to lugnet.dear-lego)
|
