Adam Back wrote:
Mailing lists are pretty vulnerable to spoofing in various ways. At the time of the attack, an additional possible class of spoof which may or may not have been occuring would have been:
For someone to use the list of subscribers available for the lists homed at majordomo @ to fuck with peoples minds. For example by sending messages with forged From & other headers making them appear as if they did come from to all subscribers, or some subset of them.
That would allow one to construct some very interesting problems: for example Sandy apparently passing to the edited list something which seemed violently out of character, but sending it to everyone but him, so that he would deny seeing it even, and look like every one else as if he were blatantly lying.
Or to generally mess with who you sent to for different lists and combinations of lists. This would allow you to construct all sorts of apparently independently confirmable conspiracy theories.
I'm not sure some of these things weren't happening. There are a few current and former list members who delight in this kind of clever prank.
Many weird things happened during the course of the list censorship, not the least of which was that every time someone on the list pointed out apparent discrepancies between what was announced as being done and reality, the mechanizations behind the list would change to become more obscure. More than one list member called this bullshit when I pointed it out, then shit a brick when they researched the matter themselves, and found it to be true. I was subscribed to all three lists at one time or another, and was also subscribed from more than one account. I also had another list member forward me their archive of posts from the lists. There was a variety of interesting things which one could divine from the different 'versions' of the list that appeared from these three sources, one of which was that some controversial posts seemed to go out from to *only* the person who sent it (or to people who were cc:'d on the post), making it appear to the sender that their post had gone out to everyone on the list. I had already suspected this from the fact that some rather outrageous posts seemed to go unnoticed on the list, and I had confirmed it to a certain extent by cc:'ing and bcc:'in certain individuals, but an analysis of all the posts in my possession, from different sources, confirmed it beyond doubt. Although a variety of individuals could confirm various details of what I have described, the 'facts' are still pretty much meaningless to those who did not personally do the footwork themselves. Much the same applies to the Corporate Message Recovery of the new alien-PGP being discussed on the Cypherpunks list. Your best weapon is your nose. When something smells bad, it usually is. All of the analysis I did of list posts served mainly to convince myself that my original deductions, based on far less information, were correct. My main problem with the new product is that it trades on the name and reputation of PGP to promote a product which serves a totally different market and need. It is similar to my using the status of a long-established "TruthMonger's Crazy Ramblings" mailing list to promote "TruthMonger's Trustworthy Health Products Mailing List" to the three list subscribers. (Or the use of John Lennon's music to sell sneakers...<barf> <barf>) The *real* question is: "Does the packaging have a picture of an actor in a white smock, with a stethescope around his neck, a big-breasted nurse, licking her hot, wet lips, and a child, petting a dog?" If it does, then buy all of the company's stock that you can get your hands on. TruthMonger