Google Groups and post 'Properties'

Discussion in 'Computer Security' started by ~BD~, Jan 23, 2009.

  1. ~BD~

    ~BD~ Guest

    Hi :)

    I see this:-

    Please ....... What does this mean? Why is it here? Note date!

    ...
    --> This group is NOT listed here http://aumha.org/nntp.htm - WHY?

    As some know, I'm always ........ 'wondering'!

    Here on my PC the Google Group 'microsoft.public.test.here' has just 9
    (nine) subscribers of which I am one (see here:
    http://groups.google.ca/group/microsoft.public.test.here/topics). Is
    there any way to discover who the other subscribers to (any) Google
    Group may be?

    According to /this/ page -
    http://groups.google.ca/group/microsoft.public.test.here/about
    - there were NO posts after October 2007 until July 2008 - thereafter
    posts are in much reduced numbers.

    Does anyone reading here have any idea why posts would have ceased in
    the first place (and the group disappear) and why it should have been
    resur rected again .......... with the first post (I think I remember
    correctly) being made by 'Marilyn & Bob <> ,
    staunch members of the User2User group at Annexcafe.com.

    My perception is that perhaps there is some interconnection, Why else
    would my adversary, Peter Foldes, make posts such as those that
    follow? Curious. Can anyone explain what he means when he refers to
    "lifting the covers off"?

    Dave
     
    ~BD~, Jan 23, 2009
    #1
    1. Advertisements

  2. ~BD~

    John D Guest

    Here on my PC the Google Group 'microsoft.public.test.here' has just 9
    (nine) subscribers (see here:
    http://groups.google.ca/group/microsoft.public.test.here/topics). Is
    there any way to discover who the other subscribers to this Google Group
    may be?

    According to /this/ page -
    http://groups.google.ca/group/microsoft.public.test.here/about - there
    were NO posts after October 2007 until July 2008 - thereafter
    posts are in much reduced numbers.

    Does anyone reading here have any idea why posts would have ceased in
    the first place (and the group disappear) and why it should have been
    resurrected again.
     
    John D, Jan 25, 2009
    #2
    1. Advertisements

  3. ~BD~

    ~BD~ Guest

    "Guy Macon" <http://www.GuyMacon.com/> wrote in message

    This might help you understand, Guy.
    ***************************

    I appreciate yout honesty on this occasion. Thank you, Mr Lipman.

    I'll explain my thinking just one more time. Cybercrime has escallated
    exponentially since 9/11. 'Bad guys' *are* stealing money on the
    Internet - lots of it!

    Terrorism requires huge amounts of money to be effective. My bet is that
    there are many 'bad guys' operating on the Internet (and probably within
    the Microsoft newsgroups too) whose role is to steal money - not simply
    to buy fast cars, women and drugs etc - but to fund the acts of
    terrorism which kill and maim thousands of people each year. I don't
    approve of that.

    The clever technical experts have been less than efficient at catching
    these murderers. Can you think of a better place to hide on the Internet
    than within groups which purport to be helping out ordinary folk with
    their computer problems? I can't.

    Those reading here will probably know that some 'helpers' fail to answer
    my simple and straight-forward queries. In my book, that is not the
    reaction I would expect from the 'good guys'. My hope is, truly, that
    the Police and/or Security Services monitor these messages and will
    concentrate their efforts by watching those who appear to be reacting
    suspiciously.

    HTH
     
    ~BD~, Feb 2, 2009
    #3
  4. ~BD~

    John D Guest

    I'm glad about that.
    You are entitled to your opinion, Guy.
    I'm pleased to learn that I have honed my skills! :)

    I'd never heard of such things until I first visited a newsgroup just
    over three years ago. I actually trusted people then - Doh!
    I had no idea that you might have noticed my discussions with Peter
    Foldes (I am asuming that is the entity to which you refer). I know much
    about you from your web site. I know much about Tim Jackson from both
    his web site and email correspondence. I believe it all to be true.

    Peter Foldes is supposedly "in business" too - *you* try and determine
    some information about /his/ business!
    Apart from contacting you by email to ask if you would mind such
    contact - and your reply giving me a special address to contact - as far
    as I can remember there has been no detailed correspondence between us
    'off group'.
    Suscinctly put! Tim said "chasing shoals of red herring". You are both
    right - what *can* I do?

    Perhaps it may be of interest to all reading here to learn that I have,
    on many occasions over the past three years, tried to forget all about
    trying to unearth the 'bad guys'. It has been like looking for a needle
    in a haystack ........ without knowing what a needle looks like.

    Each time I've been away from home (and PC) on my narrowboat, I've put
    these matters completely out of my mind, determined that when I came
    home again I'd just 'play' with my computer and enjoy the web just as
    I'd done before I discovered the dark side of the 'net.

    I seem to have a calling to persue matters relentlessly until good
    defeats evil here on the web. It has been extremely lonely at times and
    I'd welcome help from anyone who is willing and able to help me achieve
    His aim.

    I knew little about 'computing' per se 3 years ago - I have learnt much
    about many things, but still know so little. Interestingly, though,
    whenever I'm about to give up, a little prayer seems to prompt another
    thought, opening up yet another route to follow. It really does work
    just that way!
    Thank you for offering your continued help with further questions. That
    is appreciated. :)
     
    John D, Feb 3, 2009
    #4
  5. ~BD~

    John D Guest

    I'd hoped to respond to your last post (here) Tim, before you chipped in
    here. No matter. Perhaps a read of this recent thread at pqlr will help:
    http://pqlr.org/bbs/viewtopic.php?f=3&t=1342

    I'm with you on this! :)
    I regret to admit that I had not. :(

    I found this: "But who has any right to find fault with a man who
    chooses to enjoy a pleasure that has no annoying consequences, or one
    who avoids a pain that produces no resultant pleasure?"

    Mr Foldes has had three years to drop me a brief email and say, perhaps,
    something like " I store important data for international financial
    institutions - an off site facility for them in case of disaster". I
    could relate to that. That was a simple example. He has said nothing -
    nothing at all. No words. No web site. No address. No telehone number.
    Unreal.

    Providing communication facilities for ????????????? Who knows. Might
    ????????? one day blow up a bus upon which your daughter is travelling?

    I'd sooner ask questions and be wrong, than not ask questions and learn
    that that had happened. That's just how I feel.

    He also tried to hide his identity on Annexcafe groups by posting as
    Derek Feldman until he was caiught out by another poster - of right
    across the newsgroup spectrum - called "-jen". Here's an extract from a
    recent Header confirming that he is *still* registered with Annexcafe
    with that name:-

    Newsgroups: annexcafe.general.user2user
    X-Authenticated-User: Derek
    X-Trace: pegasus.annex.net 1233605502 69.70.248.208 (2 Feb 2009
    14:11:42 -0600)
    Little things. Not maiming and killing.

    The original red rag to this bull? It was when Mr Foldes first described
    the death of my son as being 'frustrating'. Would you, or anyone you
    know, describe the death of someone close as being 'frustrating? I'll
    leave you with that thought, Tim.
    He said - and I quote - "If you have an actual question concerning
    computer security, I will be glad to help."

    I acknowledge that he *also* said "I have zero interest in your ongoing
    flamewars in other newsgroups or in "tracking" the participants." That
    I have already accepted. I didn't feel a need to repeat same. Perhaps
    you consider the absense of same obtuse. That is your prerogative - but
    it was *not* intended to be a point of controversy.
    --
     
    John D, Feb 3, 2009
    #5
  6. ~BD~

    John D Guest

    Thank you for being magnanimous, Guy :)
     
    John D, Feb 4, 2009
    #6
  7. ~BD~

    John D Guest

    Whilst you may not expect me to say so, I *really* appreciate your
    comments. I had absolutely NO IDEA about these sorts of things until I
    was 'forced' to learn about what really happens on the 'net.

    It was our police who recommended that I personally learnt everything I
    could in order to protect myself - I feel that I'm part way there!

    The part of the story with which you are not familiar is my being lured
    to Annexcafe by an email - it was there that I 'met' Peter Foldes. I was
    suspicious from the outset .......... !

    In every barrel there can be bad apples - and Bill Castner himself (of
    Aumha) gives me a 'hinky' feeling! I've used every life-skill I have to
    extract information from those I 'think' (hink!!!) are possibly 'bad
    guys' - and they DO make mistakes! After having had my PC cleaned at
    AumHa (by Robear Dyer) I was still uneasy - so reinstalled Windows again
    from scratch! There is no way for an ordinary user to judge whether or
    not their PC is actually clean. They might go to AumHa or any of the
    similar 'help' sites on the 'net, be assured that they no longer have a
    problem ........ but leave the site with a 'nastie' on board which they
    might never become aware of - *put* there by those purporting to help.
    That's BAD! I'm not saying that there IS a connection between Annexcafe
    and AumHa - but I have a sneaky suspicion that there could be!

    I don't want to guide you in any particular direction, Guy. However, if
    you'd like some fun, register with Annexcafe and then post on U2U both
    in the USA and the UK (different time zones). Simply raise a question on
    PC security and judge reaction thereafter! There are some *very* clever
    folk there!

    Clicking on links on U2U (before I knew any better!) took me to all
    kinds of bogus sites. The 'Sysop' of the UK U2U site (Ann) sent me (at
    my request) a jpg screenshot. I opened it with 'notepad' and found about
    12 *live* links which took me to websites typical of Spam (selling
    Viagra etc). She had no idea that her computer was infected!
     
    John D, Feb 4, 2009
    #7
  8. ~BD~

    John D Guest

    Hello again Guy.

    I appreciate that you think I'm chasing after ghosts but I'm not totally
    crazy! ;)

    Here is a Header from (supposedly) a top notch IT expert. There could,
    of course, be many explanations as to why, but you will note that the
    time stamp is 0249 *local* time. What I don't understand is how the
    NNTP-Posting-Host: TK2MSFTNGHUB02.phx.gbl points to *127.0.0.1*. Is
    there a simple explanation?

    From: "Brian Komar \(MVP\)" <>
    References: <>
    In-Reply-To: <>
    Subject: Re: Renew Expired Digital ID?
    Date: Thu, 5 Feb 2009 02:49:46 -0600
    Lines: 20
    Message-ID: <>
    MIME-Version: 1.0
    Content-Type: text/plain;
    format=flowed;
    charset="UTF-8";
    reply-type=original
    Content-Transfer-Encoding: 7bit
    X-Priority: 3
    X-MSMail-Priority: Normal
    X-Newsreader: Microsoft Windows Mail 6.0.6001.18000
    X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6001.18049
    X-MS-CommunityGroup-PostID: {350CC016-D4B2-4724-9009-9B8FDED040EE}
    X-MS-CommunityGroup-ThreadID: 42EAC926-B794-4350-B8EC-BABA72344480
    X-MS-CommunityGroup-ParentID: 42EAC926-B794-4350-B8EC-BABA72344480
    Newsgroups: microsoft.public.security
    NNTP-Posting-Host: TK2MSFTNGHUB02.phx.gbl 127.0.0.1
    Path: TK2MSFTNGP01.phx.gbl!TK2MSFTNGHUB02.phx.gbl
    Xref: TK2MSFTNGP01.phx.gbl microsoft.public.security:105678

    ******************************************************

    If you look at their web site here http://www.identit.ca/events.html -
    other than in Internet Explorer - you will note that the broad grey band
    is in the incorrect position. Maybe they cannot be bothered to put their
    'shop window' right - but it is NOT what I would expect from
    'professionals'. When I mentioned this error to Paul Adare and Mr Komar,
    instead of giving reasoned answers I was deemed a troll and ignored. To
    me, that is not normal behavior. Just my take on things.

    Mr Adare has a link in his signature block. I expect hundreds of people
    click on same without a thought for danger. What an easy way to
    construct a botnet, eh? This is NOT an accusation - just stringing small
    things together to come up with a whole - maybe!
     
    John D, Feb 5, 2009
    #8
  9. And what is wrong with that? It is UTC - 6 hours. (which does appear to
    be an hour off for his location in Burlington, Ontario)
    Perhaps he is running his own news server?
    I've looked at the pages of many Microsoft MVPs over the years. Nearly
    all of them are poorly written, this one included. Few of them seem to
    acknowledge there are other browsers besides Internet Explorer. The page
    you list:

    <http://validator.w3.org/check?verbose=1&uri=http://www.identit.ca/events.html>
    Errors found while checking this document as HTML 4.01 Transitional!
    Result: 20 Errors, 8 warning(s)

    When I increase its silly 8pt text to something I can actually read, the
    whole design falls apart quite badly.

    But it seems typical of MVP sites...
     
    Beauregard T. Shagnasty, Feb 5, 2009
    #9
  10. ~BD~

    John D Guest

    Thanks for your post, BTS. In line replies.

    Maybe I've made an error? This is the DTG here in the UK 05 February
    2009 08:49 (that's GMT)

    I therefore dtermined that the post was made in the middle of the night.

    Am I wrong?

    Maybe so. I have no idea why that should result in 127.0.0.1 ........
    which was why I am asking!


    That's as maybe, BTS, but this isn't *any* MVP is it?

    "The IdentIT Inc. team is made up of some of the most skilled and
    respected technology experts in the industry."

    It says so here: http://www.identit.ca/services.html

    If they are *that* good (!!!) I cannot understand their attitude with
    regard to their 'shop window' nor to their attitude towards me when I
    tried to help them to correct matters.

    Thanks again for taking a look. :)
     
    John D, Feb 5, 2009
    #10
  11. Burlington is 5 hours behind UTC (GMT). "Thu, 5 Feb 2009 02:49:46 -0600"
    would be 4 Feb 2009 18:49:46 local time, or 8:49PM in Canada. Though I
    still think it should have been "-0500" for Burlington, Ontario, which
    is just a few miles west of Toronto. Depends on where the error
    occurred, but the post was probably made at 4 Feb 19:49 his local time.
    Mid-evening on the 4th, not middle of the night.
    Can't say, without knowing where his news server is located.
    Well, it's one of 'em. He/they may be smart at some things, but...
    ....it is apparent that web design is not one of their 'skilled'
    technologies.
    I have also (but not recently) mentioned to a few MVPs about the quality
    of their sites. Even though I used polite terms, they all took offense
    when I pointed out errors and oversights with their markup. I remember
    one replying (paraphrasing), "It works fine in Internet Explorer - why
    would you want to use any other browser?" Well, duh. Internet Explorer
    won't work on my operating system.

    I suppose they have to defend their 'most valuable' status, and they get
    pissed when challenged... :-/
     
    Beauregard T. Shagnasty, Feb 5, 2009
    #11
  12. Beauregard T. Shagnasty replied to hisself:

    4 Feb 2009 20:49:46 local time
    4 Feb 21:49
     
    Beauregard T. Shagnasty, Feb 5, 2009
    #12
  13. ~BD~

    ~BD~ Guest

    Please - would you re-check your maths?

    The time in the Header is, I think, the time when the poster 'drafts'
    his/her message and, as far as I can understand matters, it WAS in the
    middle of the night - 02:49

    On my screen here in the UK, this was the DTG 05 February 2009 08:49
     
    ~BD~, Feb 11, 2009
    #13
  14. Well, that is not what I got from your header...
     
    Beauregard T. Shagnasty, Feb 11, 2009
    #14
  15. ~BD~

    ~BD~ Guest


    Thanks for looking again BTS

    I'm puzzled by this - further help requested.

    If you look at the Header for the post yourself in -
    microsoft.public.security - what do *you* see there?

    The original post was made by 'ctc' on 05/02/2009 at 00:05 (GMT)

    The subject was 'Renew Expired Digital ID?'

    The Header in question is that of the 'answerer' - Brian Komar (MVP)
     
    ~BD~, Feb 11, 2009
    #15
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.