On 2004-04-08, Dan C <youmustbejoking@invalid.org> wrote:
> On Thu, 08 Apr 2004 08:50:51 +0000, Naota wrote:
>
>> Having just found this ng today, I'm impressed. It's Slack specific;
>> didn't think there'd be a group like this.
>
> Stick around a bit, and you probably won't be so impressed. I watch the
> newsgroup, and most all of what's in here is troll wars, and the idiots
> going back and forth about the merits of PGP. Fucking useless. It's
> actually pretty rare that you'll see anything of value, related to
> Slackware, posted in here. Pretty sad, really.

You will get to know how to set up a killfile though, if you get nothing
else out of this newsgroup.

On Thu, 08 Apr 2004 18:18:31 +0000, Julien Mills wrote:

>>> Having just found this ng today, I'm impressed. It's Slack specific;
>>> didn't think there'd be a group like this.

>> Stick around a bit, and you probably won't be so impressed. I watch the
>> newsgroup, and most all of what's in here is troll wars, and the idiots
>> going back and forth about the merits of PGP. Fucking useless. It's
>> actually pretty rare that you'll see anything of value, related to
>> Slackware, posted in here. Pretty sad, really.

> You will get to know how to set up a killfile though, if you get nothing
> else out of this newsgroup.

True enough. I've noticed that none of the PGP morons (on either side)
have responded, either. Interesting.

--
If you're not on the edge, you're taking up too much space.
Linux Registered User #327951

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In alt.os.linux.slackware, Dan C dared to utter,
> True enough. I've noticed that none of the PGP morons (on either side)
> have responded, either. Interesting.

I'll bite.

I hear a lot of people bitching because a few people have been using
gpg in this group to digitally sign their messages. To those people I
whole-heartedly say, "Grow up." There are many reasons to use digitally
signed usenet posts. If you had only googled around this group you
would understand them.

Identity spoofing has occured numerous times in this group by both
talented and untalented trolls who have forged their headers to match
that of a regular poster here in an attempt to discredit that person. I
personally take the theft of identity in any shape or form very
personally. The latest case of this was from a troll here known as AJ
who is so childish that he makes personal attacks against a (former?)
regular poster here against some un-named slight. This AJ started
posting under a near replica of my name, and so here I am signing my
posts.

PGP signing also gives you a proven way of proving that you did or did
not say something months or years later. Sometimes a solid usenet
posting record that shows deep understanding of things going back
several years is the best resume one can show.

Finally PGP is a way of standing up and declaring "Yes, I did say those
things and I had the guts not to cower behind cowardly anonymity."
Using PGP takes balls, because anyone can come back later and dig
through the trash bin of the internet and find something that doesn't
bode well for you. Digital signatures declare that you mean what you
say and you are willing to put your good name on it. Hence this post is
digitally signed.

- --
It is better to hear the rebuke of the wise,
Than for a man to hear the song of fools.
Ecclesiastes 7:5
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFAdfzML3KiNGOqr6ERAhWLAKDZPSzW7VQtDvxEEOLNRy uI1AirCwCePGPP
Q9OZDNBLb+seI3G6vSkAT2M=
=XNfo
-----END PGP SIGNATURE-----

On Thu, 08 Apr 2004 20:30:55 -0500, Alan Hicks wrote:

> Identity spoofing has occured numerous times in this group by both
> talented and untalented trolls who have forged their headers to match
> that of a regular poster here in an attempt to discredit that person. I
> personally take the theft of identity in any shape or form very
> personally. The latest case of this was from a troll here known as AJ
> who is so childish that he makes personal attacks against a (former?)
> regular poster here against some un-named slight. This AJ started
> posting under a near replica of my name, and so here I am signing my
> posts.

From what I've seen in here, the only people who are "victims" of this are
the people using PGP... Or perhaps a person that is truly just a genuine
asshole.

> PGP signing also gives you a proven way of proving that you did or did
> not say something months or years later. Sometimes a solid usenet
> posting record that shows deep understanding of things going back
> several years is the best resume one can show.

Assuming you mean proving what was said using Google Groups, PGP would
have no bearing on it. The archives of Google Groups are pretty much
inaccessible for malicious editing, are they not?

> Finally PGP is a way of standing up and declaring "Yes, I did say those
> things and I had the guts not to cower behind cowardly anonymity."
> Using PGP takes balls, because anyone can come back later and dig
> through the trash bin of the internet and find something that doesn't
> bode well for you. Digital signatures declare that you mean what you
> say and you are willing to put your good name on it. Hence this post is
> digitally signed.

That's a little weak there. I mean what I say just as much, whether I
sign it or not, and I don't think anybody "believes" me more if I sign it.

> - --
> It is better to hear the rebuke of the wise, Than for a man to hear the
> song of fools. Ecclesiastes 7:5

Your signature delimiter is broken, and you should fix it.

--
If you're not on the edge, you're taking up too much space.
Linux Registered User #327951

Alan Hicks <alan@lizella.netWORK> says...

>Identity spoofing has occured numerous times in this group by both
>talented and untalented trolls who have forged their headers to match
>that of a regular poster here in an attempt to discredit that person. I
>personally take the theft of identity in any shape or form very
>personally.

(...Guy does a quick Google search...)

I see that the person who is complaining about PGP signing has started
using my .sig in a crude attempt to impersonate me. So far I have
chosen not to sign my posts, but if someone is pretending to be me,
however crudely, signing my posts is the only way that I can prove
that a particular post came from me and identify the bogus posts as
being bogus because of the lack of a PGP signature. Thus the complainer
is encouraging more use of PGP signing.

The reason for the attacks against me is that I dared to report the
fact that he was spamming. So, on the one hand we have a bunch of
knowledgable folks who help people with Slackware-related questions
and who sign their posts, and on the other hand we have someone who
spams, harasses, impersonates, and complains about PGP signing.
Which group do you suppose most folks would like to be part of?

--
Guy Macon, Electronics Engineer & Project Manager for hire.
Remember Doc Brown from the _Back to the Future_ movies? Do you
have an "impossible" engineering project that only someone like
Doc Brown can solve? My resume is at http://www.guymacon.com/

Dan C <youmustbejoking@invalid.org> says...
>
>On Thu, 08 Apr 2004 20:30:55 -0500, Alan Hicks wrote:
>
>> Identity spoofing has occured numerous times in this group by both
>> talented and untalented trolls who have forged their headers to match
>> that of a regular poster here in an attempt to discredit that person.

>From what I've seen in here, the only people who are "victims" of this are
>the people using PGP...

I am not using PGP, and yet the spammer is making his posts look as
much like mine as he can and still hide behind an anonymous remailer.
I call that untalented Identity spoofing.

--
Guy Macon, Electronics Engineer & Project Manager for hire.
Remember Doc Brown from the _Back to the Future_ movies? Do you
have an "impossible" engineering project that only someone like
Doc Brown can solve? My resume is at http://www.guymacon.com/

Guy Macon <http://www.guymacon.com> wrote:

> I see that the person who is complaining about PGP signing has
> started using my .sig in a crude attempt to impersonate me. So
> far I have chosen not to sign my posts, but if someone is
> pretending to be me, however crudely, signing my posts is the
> only way that I can prove that a particular post came from me and
> identify the bogus posts as being bogus because of the lack of a
> PGP signature.

Using pgp on some posts doesn't prove that other posts without pgp
are not yours. All it means is that you chose - or forgot - not to
use pgp on some posts.

> Thus the complainer is encouraging more use of PGP signing.

Who is impersonating whom? Perhaps he is the real Guy Macon and
you are an impersonator. PGP doesn't prove who the real Guy Macon
is.

> The reason for the attacks against me is that I dared to report the
> fact that he was spamming.

Perhaps you are impersonating him right now to confuse the issue?
Or perhaps he is sick and tired of your whining about spamming and
trolling.

> So, on the one hand we have a bunch of knowledgable folks who
> help people with Slackware-related questions and who sign their
> posts, and on the other hand we have someone who spams, harasses,
> impersonates, and complains about PGP signing. Which group do
> you suppose most folks would like to be part of?

It's too bad that you don't belong to either group, isn't it?
You're just a big fat whining troll. An old lady, always fussing
and fretting and complaining. You are the laughingstock of this
newsgroup. A self-taught "Engineer." Hilarious.

I think I like the other Guy Macon better than you.

cordially, as always,

rm

Guy Macon wrote:
> chosen not to sign my posts, but if someone is pretending to be me,
> however crudely, signing my posts is the only way that I can prove
> that a particular post came from me and identify the bogus posts as
> being bogus because of the lack of a PGP signature.

no. because we would have to take your word for it that you *always* sign
your posts. but what if you don't? if we see a message that looks like
someone trying to impersonate you, what proof do we have that it was *not*
you who posted it?

the only thing pgp signing does is identify all posts with the same
signature as being signed with the same signature. all the rest is a leap
of faith. there is not even a guarantee that two posts signed with the same
signature actually come from one and the same person. since i have no idea
whatsoever who has access to your computer(s), and also no idea who you
share your most personal information with, i have no guarantee that your
private key is not in the hands of other people as well, either because you
gave it to them or they stole it from you.

so even though i detest the kind of impersonating that this group has seen
and find the people who do it pathetic, and even though the people who
complain about pgp signing are IMHO generally whiners, they do have a point
when they say pgp signing does not give you any guarantees.

--
Joost Kremers joostkremers@yahoo.com
Selbst in die Unterwelt dringt durch Spalten Licht
EN:SiS(9)

Joost Kremers <joostkremers@yahoo.com> says...
>
>Guy <http://www.guymacon.com> Macon wrote:
>
>> chosen not to sign my posts, but if someone is pretending to be me,
>> however crudely, signing my posts is the only way that I can prove
>> that a particular post came from me and identify the bogus posts as
>> being bogus because of the lack of a PGP signature.
>
>no. because we would have to take your word for it that you *always* sign
>your posts. but what if you don't? if we see a message that looks like
>someone trying to impersonate you, what proof do we have that it was *not*
>you who posted it?
>
>the only thing pgp signing does is identify all posts with the same
>signature as being signed with the same signature. all the rest is a leap
>of faith. there is not even a guarantee that two posts signed with the same
>signature actually come from one and the same person. since i have no idea
>whatsoever who has access to your computer(s), and also no idea who you
>share your most personal information with, i have no guarantee that your
>private key is not in the hands of other people as well, either because you
>gave it to them or they stole it from you.
>
>so even though i detest the kind of impersonating that this group has seen
>and find the people who do it pathetic, and even though the people who
>complain about pgp signing are IMHO generally whiners, they do have a point
>when they say pgp signing does not give you any guarantees.

Point well taken. If I decide to start signing my posts, it won't be
because of the invalid reasons I gave above. I will do it because a
bully is telling me not to.


--
Guy Macon, Electronics Engineer & Project Manager for hire.
Remember Doc Brown from the _Back to the Future_ movies? Do you
have an "impossible" engineering project that only someone like
Doc Brown can solve? My resume is at http://www.guymacon.com/

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In alt.os.linux.slackware, Dan C dared to utter,
> From what I've seen in here, the only people who are "victims" of this are
> the people using PGP... Or perhaps a person that is truly just a genuine
> asshole.

Guy Macon isn't using PGP and the troll around here is trying to
impersonate him through an anonymous re-mailer.

> Assuming you mean proving what was said using Google Groups, PGP would
> have no bearing on it. The archives of Google Groups are pretty much
> inaccessible for malicious editing, are they not?

Your argument insludes a non-sequiter. Yes, the archives at
groups.google.com are pretty much non-editable, which is partially the
problem. A troll attempting to impersonate you is archived right along
with your posts. It's easy to prove to others that these posts are
signed by me and these others aren't. You don't have to edit the
archives if you if you inject malicious material into the archives
initially.

> That's a little weak there. I mean what I say just as much, whether I
> sign it or not, and I don't think anybody "believes" me more if I sign it.

There you're wrong. I would believe you more if you digitally signed
your data.

> Your signature delimiter is broken, and you should fix it.

We have had this argument before. Digitally signed posts use that .sig
delimeter.

- --
It is better to hear the rebuke of the wise,
Than for a man to hear the song of fools.
Ecclesiastes 7:5
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFAdu/mL3KiNGOqr6ERAm8MAJ9Y6hmZERvSd7SrR4TwcVG1Vgex8gCfY b2k
hBqFXI3yO1P5YhsJ8xQRvho=
=R86z
-----END PGP SIGNATURE-----