Larry Gilbert, AOLers, and the Hyper-real flamer

Michael Hohensee mah248 at nyu.edu
Thu Sep 17 07:31:04 PDT 1998



AIMSX at aol.com wrote:
> 
> Hmm, well, you were wrong about many things.
> The ISP runs RH5.1

Which is not significant to this discussion, as Linux does NFS too.  You
have raised an irrelevant point in your (attempt at a) defense. 

Me: 1
You: 0
 
> I don't use the passwd file for anything, as it is shadowed.

What part of "or equivalent" don't you understand?  If you don't already
know, even in a shadowed system, the encrypted passwords reside
*somewhere*.  If you knew that already, you have again raised an
irrelevant point in your attempt at a defense.
 
Me: 2
You: 0

> I don't work there.

So?  I was just giving an example of what it is to have an account on a
network which uses NFS.  I won't even bother awarding myself a point for
this one, but you lose one, for such a pointless statement.

Me: 2
You: -1

> I use 100 accounts because it is so easy to get all the new users, and the
> changed passwords with the way they are set up, so why stop at one, and if
> that one is disabled, I would like something to fall back on.

Ohhhh, I see.  You really *do* have 100 different logins!  Now, back to
my original question: "Wtf do you use 100 different accounts for?"

Hmm, so what you're essentially saying is, you're doing some stuff that
might get your account disabled (such as email bombing, spamming,
posting moronic stuff to usenet, or downloading too much kiddie porn).

Now let's all think really hard for a second.  Who could possibly be the
cause of any disabling that occurs to this fellow's account?  Could it
be, the ISP?  *YES*, (you win a cookie).  Now, if the ISP's sysadmin
looks at this fellow's account and says, hmm, I'm going to disable this
loser's account, mightn't that very same sysadmin think to himself,
"ooo, look at this, the guy's got 99 other accounts.  Maybe I'd better
disable them, too, otherwise, disabling this one account won't have much
of an effect."

Ok class, it's time for a quiz.  In the scenario above, what kind of
good would having 100 different accounts at the same ISP do you?  The
answer?  Absolutely None.
 
> You just don't understand anything about why I do what I do. 

No no, I understand completely.  You're an idiot.  :)

> If you were
> illegally using an account, would you want to ONLY have 1?

Oh, you're using it *illegally*?  Why didn't you say so *before*?  In
that case, my flaming becomes so much easier.  When your (unwitting) ISP
disables one of your accounts, they will very likely run a check on
their system for any other little nasties which may be around.  (as they
will assume that their system has been compromised at superuser level)
They will very easily find the accounts which shouldn't technically
exist, and delete them.  

If, on the other hand, you've just found the passwords for a bunch of
otherwise legitimate users, you'll be screwed when the ISP sends an
email to all the users telling them to change their passwords.

>  Why wouldn't you
> want to know you had something to fall back on if that one is disabled?

Because having X number of extra accounts at a single ISP will *not*
give you anything to fall back upon when one of them is disabled.

But don't worry, I seriously doubt that you have the knowledge necessary
to do anything more obnoxious than send foolish emails to the
cypherpunks list.






More information about the cypherpunks-legacy mailing list