Michael Heiming wrote:
You have just made a big mistake:

From: Michael Heiming <michael+USENET@www.horning.de>
Newsgroups: comp.os.linux.advocacy,alt.os.windows-xp,comp.os.linux.misc

That message you cancelled does appear to contain your email address.
You have just maliciously cancelled someone else's post.

ISP will been notified with full headers.

Thank you for playing.




< full header of cancelled message below >

Path:
sea-read.news.verio.net!dfw-artgen!sjc-peer.news.verio.net!news.verio.net!ha
mmer.uoregon.edu!news.cc.ukans.edu!solaris.cc.vt.e du!news.vt.edu!Spring.edu.
tw!news.nctu.edu.tw!netnews.eranet.net!news.ttn.ne t!netnews.hinet.net!nntp.i
nfostrada.it!newsfeed01.sul.t-online.de!newsmm00.sul.t-online.com!t-online.d
e!news.t-online.com!not-for-mail
From: Michael Heiming <michael+USENET@www.horning.de>
Newsgroups: comp.os.linux.advocacy,alt.os.windows-xp,comp.os.linux.misc
Subject: Cancelleding the your posts!
Date: Wed, 11 Feb 2004 21:44:48 +0100
Organization: huhu
Lines: 104
Message-ID: <0x9384e0c.eiu.ln@news.heiming.de>
NNTP-Posting-Host: 61-221-128-176.hinet-ip.hinet.net
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
NNTP-Posting-User: hj
X-Trace: news.t-online.com 1076532351 03 32493 ukUYGnGJTsQR1Qr 040211
20:45:51
X-Complaint-To: usenet-abuse@t-online.de
User-Agent: tin/1.7.3-20031220 ("Taransay") (UNIX) (Linux/2.4.22 (i686))
X-Old-Xref: dfw-artgen comp.os.linux.advocacy:709296
alt.os.windows-xp:171468 comp.os.linux.misc:297607

In comp.os.linux.misc paul cooke's tax attorney <paul@lbogus.email> wrote:
Hmm ... what mistake might that be?

What message? And if that is taken from it above, what is the
relevance?

No - he's cancelled someone's attempt to forge a post from him. Are you
playing funny, or are you the forger (and YES, I CAN read headers,
including the one [mis]quoted above, and I can spell, and read ...)

Then you had better be prepared to discuss your account with your own
ISP!

He isn't playing. If you can't tell the difference, I suggest you move
home, now.

faked x-complaint, to go with faked traceback
Would you mind posting your PGP sig, 'ol man?

Peter

P.T. Breuer wrote:
The silly fuck just cancelled one of my messages.


--
Your Free Insult: Thou flickering, dehorning, knitted frat house masquerading garbage collector.

P.T. Breuer had a bit too much beer when he wrote:
Apparently not.


BWAAAHAAHAAHAAHAA!! Please, go ahead.

Have a look here, you lying cunt:

Heiming Michael (0 xx xx) xx 51
48653 Co...., ...... XX
Heiming Michael (0 xx xx) xx 29
59597 E...., ......... XX
Heiming Michael (0x xx) 31 xx 14
45326 Es....., ........ Str. XXX
Heiming Michael (0 xx xx) 93 xx 10
48161 M......, ...........-Str. XX
Heiming Michael (0 xx xx) xx 41 xx
46348 R........, ............ XX

Courtesy of das telefon buch, you lying bag of shit.

http://www.telefonbuch.de/NSAPI/Anfrage

Look at all those thieves in Germany stealing your bum-chum's identity.
I have more of those, if you wish to see them.

Are you claiming copyright and world exclusivity to the name Michael Heiming?
Are you condoning the actions taken by Mr. Heiming's abuse of control.cancel?

Do you know the meaning of "identity theft"?

P.T. Breuer wrote:
What's the hold up? Are you all barf and no bag?


Good.



Exactly.


What the fuck are you talking about and what does this have
to do with people posting with the same name but different
email addresses?


Give the retard a prize.

Then you admit he maliciously cancelled a post just because
it bore the same name.

Your concent has been noted.


You're not trying hard enough.

In comp.os.linux.misc Kadaitcha Man <nospam@rainx.cjb.net> wrote:
Perhaps you might like to pgp sign your messages, so that we could check
the claim. There is a forger around, you know! ISPs don't take
anonymous (or patently mischevious) complaints, BTW.

Moreover the post that I remarked upon was paul@lbogus's (badly) quoted
version of something which WAS a forgery. It claimed to be from Michael
Heiming, had a forged news path from his ISP (through taiwan) and had a
forged collection of other headers pointing (forgerredly) back to his
ISP. The only respect in which it was not a good forgery were (1) a
small misspelling of the domain in the From: header (alone), and (2) the
inevitable extra gunge in the news path. I also presume (3) the pgp
signature on it was bad, if it had one.


Peter

In comp.os.linux.misc paul cooke's tax attorney <paul@lbogus.email> wrote:
It'll be an ISP to ISP thing.

I believe you have misspoken. I'll leave it to your good judgement to
figure out where.

Are you suggesting that you were forging letters from them? ... You
know, when you forge a dollar, the fact that there other people with the
name of the secretary of the treasury (or whoever signs these things)
does not save you from a charge of forgery. Think again.

They aren't thieving it - they have their own identity (which may or not
share a name in common with Michael!). If, OTOH, they were to begin
posting and trying to pass as our Michael, that would be another matter.
But they aren't.

No. Neither is Michael. I don't think you can copyright common names,
or even surnames .. can one?

Yes - if he cancelled a post purporting to be from him, then I entirely
support his action.

Try.


Peter

P.T. Breuer <ptb@oboe.it.uc3m.es> wrote:
Quite possibly, since last weekend I can't even trust my own post
before checking:

Message was signed by Michael Heiming (Remove +SIGNS and www. to
contact me!) <michael+USENET@www.heiming.de> (Key ID: 0xEDD27B94).
The signature is valid and the key is ultimately trusted.

Recently a great percentage of posts are forged, not only mine,
even if it looks like I'm the main victim, none can tell for sure,
unless posts are GPG signed and one can trust the key.

--
Michael Heiming (GPG-Key ID: 0xEDD27B94)

Remove +SIGNS and www. if you expect an answer, sorry for
inconvenience, but I get tons of spam.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

P.T. Breuer <ptb@oboe.it.uc3m.es> wrote:
Quite possibly, since last weekend I can't even trust my own post
before checking:

Message was signed by Michael Heiming (Remove +SIGNS and www. to
contact me!) <michael+USENET@www.heiming.de> (Key ID:
0xEDD27B94).
The signature is valid and the key is ultimately trusted.

Recently a great percentage of posts are forged, not only mine,
even if it looks like I'm the main victim, none can tell for
sure, unless posts are GPG signed and one can trust the key.

- --
Michael Heiming (GPG-Key ID: 0xEDD27B94)

Remove +SIGNS and www. if you expect an answer, sorry for
inconvenience, but I get tons of spam.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFAK/xoAkPEju3Se5QRAlPQAJ44kl9Yl2ifhGobnmuwFDL0nMyoawCf fgJE
L50JkeQhb4TDB29xaal6NUU=
=Ykx8
-----END PGP SIGNATURE-----

P.T. Breuer wrote:

You stupid fuck. Just because _you_ agree with it does not, by any stretch
of the imagination, make it right, valid or even legal.


--
Your Free Insult: Thou directing, acquitting, fading gonad flopping cornhole.

P.T. Breuer wrote:
Just how stupid are you? Please explain, in your best gibberish, how a PGP
signature will prevent some stupid twat cancelling a post or will provide
any validation other than confirming that the post was sent by the whoever
actually signed it.

Read:

The cancel path:

Path:
lon-reader.news.telstra.net!lon-numberer.news.telstra.net!lon-spool.news.tel
stra.net!lon-transit.news.telstra.net!ken-transit.news.telstra.net!news.tels
tra.net!newsfeed.media.kyoto-u.ac.jp!newsfeed.icl.net!newsfeed.fjserv.net!ne
wsfeed00.sul.t-online.de!t-online.de!npeer.de.kpn-eurorings.net!newsfeed.kab
elfoon.nl!195.129.110.21.MISMATCH!bnewsfeed00.bru. ops.eu.uu.net!bnewsinpeer0
1.bru.ops.eu.uu.net!bnewspost00.bru.ops.eu.uu.net! emea.uu.net!news.eplus-onl
ine.de!not-for-mail

Germany > Netherlands > Germany > UK > Japan > Australia.

So, one of the only two remaining questions is, can the message ID be
trusted? ... Pick a couple at random from google...

http://groups.google.com/groups?selm...&output=gplain

http://groups.google.com/groups?selm...&output=gplain

<402914db$0$260$f4da8220@news.eplus-online.de>
<40054130$0$266$f4da8220@news.eplus-online.de>
<4019fe80$0$264$f4da8220@news.eplus-online.de>
<402bac36$0$265$f4da8220@news.eplus-online.de> <--- cancel message ID

So, if the cancel itself is a forgery, the perpetrator went to exceptional
lengths to disguise it, or got very lucky and found an open proxy on a
machine with a connection to eplus-online.de

Now, the last question, has Heiming ever posted out of eplus-online.de?

Google showed nothing at all in connection with Heiming and eplus. So, why
would Heiming cancel messages from e-plus instead of from t-online, where he
normally posts from? Does t-online support cancels? Would that explain why
the cancel came via eplus instead of t-online? Who gives a fuck?

Some cunt posting from eplus erroneously cancelled a message that should not
have been cancelled. It's been netKKKopped. If it was Heiming or someone
else sending from e-plus, then they should get their just deserts. If it was
from an open proxy, then with a bit of luck, there's going to be one less
proxy.



--
Your Free Insult: Thou orphaning, subjoining, damnable dick wipe blenching floozy.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Kadaitcha Man <nospam@rainx.cjb.net> wrote:
What are you talking about anonymous poster, I already stated:

First some anonymous trolls steal my identity, forge shit loads
of crap with my name, after starting using gpg to protect my
postings, they are even posting with my faked signature. Now they
start whining after I canceled probably most of the crap, there
were tons!

So I can't tell for sure which I canceled, I was inundated with
this crap in the last few days, a bit strange, that some
anonymous poster now accuse me of things, I might have done, or
not, while it looks like they are the same who started all this!

Really sad!

*Plonk*

- --
Michael Heiming (GPG-Key ID: 0xEDD27B94)

Remove +SIGNS and www. if you expect an answer, sorry for
inconvenience, but I get tons of spam.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFALAb3AkPEju3Se5QRAj8yAJ9Kv/+2EFfZZk8wbo2X1qOP3KF46ACfST26
k/E6G067xQr/Vx+PikDQ8Uo=
=h65g
-----END PGP SIGNATURE-----

Michael Heiming wrote:
Here, below, is Michael admitting he sent the cancel control messages
that came from "eplus-online.de":


Here, below, is Michael reaffirming that he did, indeed, cancel
those posts:

All of Michael Heiming's so-called "impersonating messages"
were cancelled with messages received from "eplus-online.de".

I believe the proper reaction here is ....

BWAAAHAAHAAAHAAHAAHAAHAAA!!!!!

In comp.os.linux.misc Kadaitcha Man <nospam@rainx.cjb.net> wrote:
<gibberish> It will validate that it was sent by whoever signed it - in
the case that that person is not the person who the post purported to
be from, it will allow the first party to complain that the second party
has cancelled a post belonging to the first party. </gibberish> Clear?


Well, I like the netherlands injection! At least it was well marked.

The (quoted post)'s headers:

(for your reference)

Well spotted. There are two forgers, or one person in taiwan with
access to a relay in the netherlands.

I fail to follow you, but I am getting confused.

Not that I have ever seen.

Dunno. I don't see how a message can legitimately go de->nl->de, and I
noticed a nl injection before this in one of these threads.

Whatever. I'm bored.

Peter

Kadaitcha Man wrote:
Urgh?! <gulp>




--
Some Big Cunt

P.T. Breuer wrote:
What is clear is the needlessness of PGP. There are a multitude of other
ways of showing who sent what. Even if a post came through an anonymous
gateway, one can often establish, almost to the level of on the balance of
probability, who sent it. You merely need the equipment... a brain, some
knowledge, and the ability to think.

It would have been even clearer had it been injected at, say ...

jij.een.zeldzame.achterbakse.endoplasmatische.nul

!ha
I am saying that the originating path was indeed news.eplus-online.de and
nowhere else. That the path is forged can be reasonably discounted on the
evidence of the message ID, as well as on the empirical fact that forgers
generally do not have the brains to forge what looks like a very valid
message ID for a mere cancellation. What's more, it's a very rare host
indeed nowadays that allows a forged NNTP-Posting-Host header to go through
without it being renamed or the message being silently dropped.

It all depends on who has feed agreements with whom. That chermany and
Holland are next to each other and that the message appears to have bounced
from one place to the next and back again does not indicate any kind of
nefariousness in the path. The chermany > holland > chermany move is
innocuous.

A bit of analysis too much for you, huh.


--
Your Free Insult: Thou hatching, dentising, twopenny geezer palling illiterate.

Razia Cheathum wrote:
Sucker.


--
Your Free Insult: Thou boating, living, overlarge drug baron designing barn animal.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Kadaitcha Man <nospam@rainx.cjb.net> wrote:
[..]

The only thing really clear, is your GAME, first you make someone
angry with forging shit-loads of posts with his name,
impersonating, faking GPG signatures. Now, if this guy or someone else
should happen to strike somehow back, no wonder after you made
this guy really angry, you simply are the good boy and this guy
is the bad one. So you had your fun with me, now go your way.

*PLONK*

- --
Michael Heiming (GPG-Key ID: 0xEDD27B94)

Remove +SIGNS and www. if you expect an answer, sorry for
inconvenience, but I get tons of spam.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFALBW5AkPEju3Se5QRAi8kAKCM1hzA9J6LTEAsPnxjVT epQ07z1ACeNGyc
S7zHboiEBX8lv+O/FxAExds=
=qR0q
-----END PGP SIGNATURE-----

In comp.os.linux.misc Kadaitcha Man <nospam@rainx.cjb.net> wrote:
(weell, not here)

The point is that the (forged) header below contains Michael's outgoing
feed (forged) at its end. And Michael's cancel messages ought to follow
the same route out as his ordinary messages. They are just messages!

Achterbakse? Your inventiveness is overtaking your fingers.
"Schnieeutropflock" is all I can say to you.


Hmmm.

Yes - for example, going to DESY (hamburg) is a possibility for a
subsequent fast link to the uk, but the cancel message should still
follow the same path as the other messages.

But explain why it is not the same path as for the normal messages.

There is a forger in nl, as far as I noticed, and that makes me
suspicious.

It's fair analysis, yes.

Peter

"P.T. Breuer" <ptb@oboe.it.uc3m.es> wrote in message
news:ns5h0c.90o.ln@news.it.uc3m.es...
That question was posed, but you got confused and bewildered, remember?

DUH!

Ik denk dat je kan doorgaan als een geragte verdraaide drollendouwer.

No. Not at all. Some hosts do not honour cancels themselves but pass them
on. Some hosts just drop cancels all together and never record them. It is
also possible, speculation but possible, that t-online.de does not support
cancels and so, if the canceller was Michael (who normaly posts from there),
then he can only cancel from another host. Sheesh. What is so hard about
that?

What is more, given what I just said about cancels, it is not unreasonable
for a cancel to take a different route. The problem here is the origin, not
the path.

I did, several times but you got bewlidered, remember?

Blame Keyser Soze from aow-xp. I do.

LOL.