On Tue, 7 Nov 1995 lmccarth@cs.umass.edu wrote:

your True Name (verinym) from your name on the net. Many will want to use tentacles (*), er, separate pseudonyms for discussions in different parts of the net. After all, I might not want the c'punks to hear about my past life as a control freak (pun intended) in alt.config. Just a reminder....

(*) Speaking of tentacles, Dejanews reveals that my name is on the long list of people whose signatures have been appropriated by Detweiler ;)

You too, eh?? I wish that Detweiler could (seriously) go back to wherever he came from. Hopefully this time, he can make the attempt ... backwards. I no longer become incensed at his type of spoofing. I understand that a message may look like it appears to come from a site, but it in fact doesn't. Who really knows?? Even a message that is PGP signed isn't guaranteed to be from the person who apparently signed it. Someone might have a web server that asks Netscape Navigator (very politely) to send out someone's secret PGP keyring, or asks Navigator to monitor a person's keystrokes when they enter their password, or heaven forbid their electronic daytimer. Once you have that, it's easy to send a forged PGP SIGNED email. Even worse, most readers of email will tend to believe that an electronic signature is prima facie evidence that a message is from who it appears to be from. It just doesn't work that way. You have to look at the message and use "fuzzy" logic to determine how probable it is that a given message is from the person who it represents itself as coming form. And sometimes, you'll be wrong. Just like the good old, "Dr. Frederick B. Cohen", who posted to this list. Is he really the Dr. Cohen, noted international computer virus expert, the very man who coined the term "computer virus", or isn't he? Is he the man who the US military approached to verify whether missile guidance systems could be compromised by a foreign power utilizing a trojan horse or virus, or not. Do we believe his web page?? Even if we do, do we place a greater degree of trust in his words, than that of say, yours truly, Alice de 'nonymous, or of someone who claims to be Tim May when they BOTH say that there are very serious flaws and deficincies in the Netscape Navigator product? Or do we infer that a "no comment" coming from AT&T and Netscape, acts as confirmation that the *information* in the post is reliably correct. It's impossible to say with certainty. Maybe if someone on this mailing list attended Dr. Cohen's talk today at the Hilton Hotel, in Washington, D.C., and fills us in with what he said, (if we can trust _that_ poster) and we independently verify for ourselves whether what _he_ (Dr. Cohen or Mr. Confirmation) is saying *seems* to be reasonable, then we _might_ be able to say that we _may_ be reasonably certain, that we DO have an international celebrity amongst us and posting to this list, and notifying the world of a serious problem. I mean what would you expect, a Press Release?? Alice de 'nonymous ... ...just another one of those... P.S. This post is in the public domain. C. S. U. M. O. C. L. U. N. E.