[lbo-talk] Speaking of fakes (was Re: turnout, GMU e-mail spoof update)

Joseph Catron jncatron at gmail.com
Wed Nov 12 08:39:34 PST 2008


Who else has seen today's "alternative" New York Times?

On Wed, Nov 12, 2008 at 11:32 AM, Sean Andrews <cultstud76 at gmail.com> wrote:


> On Tue, Nov 4, 2008 at 10:49 AM, shag <shag at cleandraws.com> wrote:
>
> > Today, at GMU, someone 'hacked' the university email system, sending out
> a
> > message that appeared to be from the GMU president telling people to vote
> > 11/5. The rumor that Democrats should vote 11/5 has been circulating here
> > for over a week and on local blogs and forums, there are random trolls
> > posting every couple dozen posts, telling people to vote tomorrow --
> > saying that the polling places are overwhelmed so they've decide to
> extend
> > polling. Crap like that.
>
> [Since shag seemed tuned into this occurrence, I thought I'd forward
> the explanation of what happened from the Provost's office. The
> upshot is that they don't know who did it, but it seems like it only
> worked because there was another message being sent that was official
> at the same time. Is this just a coincidence or did the spoofers have
> someone on the inside? I guess we'll just have to wait for what the
> efficient spooks at the FBI uncover. -s]
>
> Message from Joy R. Hughes, Vice President and CIO, GMU, sent today:
>
> Early in the morning of November 4th, the university's central
> announcement system sent an email from the Provost to members of the
> university community negating two rumors about the national election
> that had been circulating on campus. Someone used this opportunity to
> utilize a form on an outside web server to "spoof" the email address of
> the account authorized to send to the announcement list. Using this
> form, the person then sent a message purporting to be from the Provost
> that stated that the date of the election had been moved to November 5th.
>
> While it is simple to spoof an address, the information contained in the
> header of the message revealed the true path of the message, clearly
> indicating it did not originate with the Provost or from any university
> system. The company that owns the outside web server has disabled the
> form on its site that allowed the person to send this spoofed message.
>
> Since tampering with elections is a Federal offense, the cybercrime
> expert in Campus Police was notified and he immediately contacted his
> counterpart in the FBI. The FBI is now investigating.
>
> The sender was able to send the message via the central list because the
> sender took action while the system was still delivering the original
> message and so the names of recipients had not yet been cleared out of
> the announcement database.
>
> In order to avoid future incidents of this type, a manual verification
> step has been added to the central process to send announcements. All of
> the university's central announcement lists will be subject to the new
> verification process, thus eliminating the potential for a spoofed
> message to be sent via a central announcement list.
> ___________________________________
> http://mailman.lbo-talk.org/mailman/listinfo/lbo-talk
>

-- "Hige sceal þe heardra, heorte þe cenre, mod sceal þe mare, þe ure mægen lytlað."



More information about the lbo-talk mailing list