[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Tuna fish and spam sandwich




I am curious about what is happening on alt.test.  

Someone is apparently forging letters containing the line:

I am (insert True Name and address here)

from a large list of account names and sending them through [email protected] 
to alt.test.  If the address is not previously registered with 
penet.fi it generates a new acct number (thus the long list of messages 
with sequential acct nums anXXXXXX) however every once in a while 
there will be a message 

(they are all 43 lines long, and have the subject "tuna fish 
test numero nnn" making them easy to spot from real anon.testers) 

that will have an account number that is out of sequence (e.g. a much
lower number).  It would seem that this is revealing the anon acct numbers
of people who have already got accts at penet.fi.  There are a number of
messages posted to alt.test from apparently real acct addresses saying
that they never requested anon accts. and generally disavowing all
knowledge of how the "tuna fish" messages ended up posted.

Does this form of "lunch-sack" attack really work?  By spamming penet.fi
with "tuna fish" messages with forged From: lines can one really get the
true names and corresponding anon acct numbers of people from a list of 
addresses?  If this is possible then I'm sure it wouldn't take long for 
one of you mail-gurus to whip up some code to download a "who cypherpunks"
and feed it through a spam grinder to recover true names.  So much for 
trusting a Finnish Identity Escrow Agent.
HH
 C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<[email protected]>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )