[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Postscript and 50 ways [MAJOR NOISE] [long]

Man oh man oh man...

	<Here> - <We> - <Go> - <A!Gain>...

	Rather than plague everyone with separate haranges for each of
numberous messages about two separate obnoxious nusanse threads going
on here - I've combined several messages together.  I think I have
kept the attributions straight.  I've tried to add attributions where
missing based on the "In-Reply-To:" headers.  If I screwed anything
up - sorry, I tried...

	It is long and contains history from another mailing list haunt.

	* WARNING - Category 5 Ad Hominem Attack on Full *
	*	Afterburners dead ahead!		 *
	*						 *
	*	Hit delete NOW if not interest!		 *
	*						 *
	*	You have been warned!		 	 *


	To quote a line from one of the "Nightmare on Elm Street" slasher
flicks - "Freddie's Back!"

	There are several individuals on this list that I believe I
recognize from the firewalls list.  Those individuals are most likely
already familiar with most of what I'm about to relate.  Forgive me
with dredging up old news in a new forum.

	"Dr." Frederick B. Cohen was a frequent contributer to the
firewalls mailing list.  Many of his contributions were ill researched
and he often took great offense when anyone questioned one of his postings.
Out of the thousands of contributers I've read from literally dozens and
dozens of high volume lists I subscribe to, this is the only character I
know who puts a "Dr" in his address.  There are degrees floating all over
the place out here (even got a couple myself - so what?).  He appears
to be the only one who seems to need this annointed authority to
back his words.  He may not realize that to some of us, waving a
degree around like that, is a red letter warning to check everything
he's preaching and that he's probably more full of shit than a
christmas goose (his words tend to confirm that impression).

	He got into several disputes with some of the other lurkers
on the firewalls list, including the moderator, Brent Chapman.  Several
of us got into debates, some on line, some off line, as to whether he was:

	1) Really that ignorant and arrogant.
	2) Baiting people because that's how he got his jollies.
	3) Looking for any excuse to push his Info-Sec ad-signature.

	Many of us were of the opinion that it could have been a
combination of all three but #3 was the decided front runner.

	Whatever his degree - the phrase "educated above and beyond his
intellegence" comes to mind when I read one of his posts.  Ill informed,
opinionated, arrogant, and seemingly obsessed with his self worth are
other terms.

	He developed a reputation about pontificating about things which
he seemed to have little knowledge but to which he seemed to consider
himself an authority on.  He seem to have little interest in researching
a topic before shooting his mouth off, and seemed to feel that his "Dr."
conveyed some sort of infalibility on his opinions, turning opionion into
fact, so to speak.  To say he was less than graceful when someone would
foolishly point out some of his errors would be putting it mildly.

	His tirads prompted one lurker on the firewalls list to add
a line to his signature that went something like this: "Fine, so
you've got a PhD, just don't touch anything!"

	In one posting he recommended "cutting the wire to the record
head" on a floppy disk drive as a way to make it write protected.  This
was rather interesting in light of the fact that disk drives use combined
read/write heads and have no separate "record head".  Must have been
thinking it was a tape recorder.  His silly idea would have made
the drive both write protected and read protected as well.

	When I quoted his article and pointed it out as a source
of misinformation, he wrote me a message off-line wanting to know
why HIS information was included in my article about misinformation.
I had quoted most of his message, including his signature, in my
posting.  The information he quoted back to me was his "Info-Sec"
signature.  It seems his little tag line advertisements were more
important to him than the BULLSH*T he was thumping on about.
(Note point #3 above).

	In my reply, I asked him if the misinformation in the body
of the message was in fact his or was someone forging messages in
his name to discredit him.  He did admit it was his.  At this point,
I will give him credit - he was very gracious in that instance,
and admitted he had made a mistake.  It was a distinct contrast,
in private E-Mail, to his tone and manner on the public mailing lists.

In <[email protected]> [email protected] wrote:
> In <[email protected]> "Dr. Frederick B. Cohen" wrote:
	(^^^^ Attribution added - mine ^^^^)
> > 50 Attacks: a.k.a. Why Not to Run Hot Java in your netscape (or
> > other) browser:
> >
> > Concept 1 - Hot Java code that, once started, takes and retains
> > control of the viewer.  It includes hot buttons, etc.  that let you
> > use common resources on the net, store favorite places, etc.  When
> > you push any button in this window, it simulates Hot Java within its
> > own code, but all reads and writes contain code to restart the
> > program (such as the "remember favorite places" button, etc.).
> You are obviously disillusioned/ignorant about how the java runtime
> enviroment works, and what is possable with with its base class
> libraries. I'll bet that you have never ever read the programming
> guide or the virtual machine specs, and I encourage you to do so
> before you embarass yourself even more.

	He doesn't seem to research his ideas before spouting them as
gosphel.  Once he has reached his "conclusion" he takes it as fact
and expects us to accept it because he's a "Dr".

	I read the original "50 ways" article.  I initially took it to
be dead serious.  Until I notice who the author was.  Then I thought
"it figures, validity = 0 -> drop in bit bucket".  I came away with the
impression that he was just spouting off, as is his way, and had not
only not tested one single idea espoused therein but really hadn't a
clue as to the validity of any of it.  I got the impression that he
expected us to accept his points on the weight of his degree alone,
since he provided no evidence, just random speculations.  I certainly
did not see any humor in the article as he later would allege.

> Christopher

> P.S. Coming Soon! 50 things that could happen to flying pigs!

	No joke.  No doubt he will claim that they should be secure pigs!

In <[email protected] communities.com> [email protected] (Chip Morningstar) wrote:
> [email protected] (Dr. Frederick B. Cohen) writes:
> >50 Attacks: a.k.a. Why Not to Run Hot Java in your netscape (or other) browser:
> > ... (drivel elided)
> This fellow seems to be systematically (if not deliberately) ignorant
> about these things.

	Keep that point in mind.  This may not be "accidental" ignorance here.

> One of my co-workers reviewed his book on computer viruses in IEEE
> Multimedia and noted that it manifests many of the same fallacies. You
> can read it (the review, not the book) at
> http://www.communities.com/paper/itsalive.html
	: Signature deleted :

	That would be very consistant with his writings on the firewalls
list.  I'll have to take a look at the review.  Should be good for a few
laughs at the very least!

In <[email protected]> [email protected] (cjs) wrote:
> [email protected] (Dr. Frederick B. Cohen) wrote:
	(^^^^ Attribution added - mine ^^^^)
> > Boy, you people just don't appreciate anything that has a little bit of
> > humor mixed with a little bit of reality. 

	Got'm!  Now he claims it was humor.

> A little reality?? I've seen episodes of Star Trek with more reality.


> Get real,

	Don't hold yer breath - that's not the gas he runs on.  :-)

> Christopher

In <[email protected]> [email protected] (Patrick Lamb) wrote:
> [email protected] (Dr. Frederick B. Cohen) wrote:
>>> > The point I have been trying to make that many on this list seem to ignore
>>> > again and again, is that Netscape makes the security claims.  If you don't
>>> > provide effective protection, don't make the claim.  If you want to make
>>> > the claim back it up with something other than media hype.
>>>   We are working on clarifying our security claims.  Here is an
>>> example from the San Jose Mercury news on Aug. 17, 1995:
>>>     "We have said for a long time that given the right amount of
>>>     computer power, that a 40-bit key encrypted message could be
>>>     decrypted," said Mike Homer, Netscape's vice president of marketing. 
>> "We" - I take it you are now speaking officially for Netscape?  So how come
>> Netscape doesn't even know how about Integrity shells and yet claims to
>> be able to design secure systems for money transfers?
>Give it a rest, Doc.  You give all the rest of us Ph.D.'s a bad rep with
>this crap.  Of course, if you went to that 4-year vocational school to get
>an M.D., I guess that's understandable.

	Look beyond his statements.  The more this continues the more
excuse he has to post follow-ups, no matter how trivial.  Maybe his
motive is not to just drive home a point or rattle cages.

	But you are right - by waving his degree around like he does
he's confirming all the stereotypes of "college" people who haven't
got a clue or any connection with reality.  That makes ALL of us look
real bad and probably contributes to why some of us no longer think
that a degree is all that very important any longer.

>If you are so illiterate that you can't read the ascription (it says right
>up there, "said Mike Homer, Netscape's vice president of marketing"), then
>why do you (a) waste bandwidth and our time to go through this drivel, and
>(b) flame one Netscape employee for not knowing everything you know?  If
>there are all of 5+ refereed publications in this area, how about giving
>references?  It would take up less space than your recurring venom eruption!
>Or couldn't you understand the papers, given that you couldn't understand
>the news clip...

	He would seem to be both illiterate (educated - maybe; degreed
yes; literate - unlikely) and lacking in the ambition to research his
topics.  Maybe he's just so self assured in his inflability that he's
just naturally a cocky bastard.

	Maybe it's a PhD in religion.  That would fit.
	(Argh - sorry - cheap shot -
		appologies to any religious folk out there)


In <[email protected]> Fredrick B. Cohen
> In <[email protected]> "Aleph One" wrote:
>> I belive you have been told *SAVERAL* times you *WONT* get an answer
>> on this list, and to contact their PR department. Why dont you do us all 
>> a favor. Contact the PR department if this questions really burns you so 
>> much. Get an answer. And post it on the list.
>So the PR department defines security at Netscape?
>-> See: Info-Sec Heaven at URL http://all.net
>Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236

	This is exactly the trivia that makes so many of us believe that
he's just in it for the shear numbers of posts he can crank out with his
Info-Sec ad-signature.  This shot carried nothing new or useful and
accomplished little except furthering his efforts to always get the last
word in and get another copy of his ad-signature out in front of everyone.

	Point - This signature is much smaller that the one he was
plaguing the firewalls list with.

	This finally got so bad on the firewalls list that Brent Chapman
ended up putting ole' Freddie on notice that he was on a short leash and
no more of his nonsense would be tolerated or reposted.  Brent exersized
the patience of a glacier while many of the rest of us were sick and
tired of this character.  Brent finally acted to maintain the list
in a state where the rest of us could get something productive from it.

	As is his way in trying to get the last word in, he shot off
a snippy remark to Brent to "test" the moderator filter.  Of course
Brent let that one through to illustrate the author's pettiness,
childishness, and immaturity.  Let it not be said that Brent does not
have a sense of humor, he let Freddie hang himself right pretty.


 Michael H. Warfield    |  (770) 985-6132   |  [email protected]
  (The Mad Wizard)      |  (770) 925-8248   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!