The Newsagent War
by
Matt Giwer © 2001 and 2002
Hail Guido!
Never waste time attacking the software. Attack the person using the software.
Update 21 March 2005

See all Nizkor information

Updated 5 February 2002

In response to requests an origins section has been added.

Zionazi forger sighted in Toronto!
monkeyman drawings

Many people have been subject to a newsagent attack. Newsagent is usually referred to as HIPCRIME.

Introduction
Newsagent gives anyone with a PC/Windows system the ability to do many things but primarily it is used for rogue cancellations. Used correctly it offers almost anonymous cancellations. However there are always traces one way or another which is why law enforcement has become so interested in what appears to be a conspiracy in felonious activities. And of course a chance to put breaking a "real" internet related crime on their resumes.

The press will run it as "Internet used to make death threats" or some such.

Please see note [2] for some observations.

26 April 2001
To make it work with minimal traces one has to find open usenet feeds some place in the world and send the cancellation messages through it.

The first thing I discovered is over half either don't speak English or any language I can use to make myself understood or they don't give a damn. (I did have success in getting an anonymizer in Germany use to send threatening emails shut down in three days.)

Some shut down in a few days or activated a rejection on IP mismatch. A few started putting the mismatch notice in the path but stayed open. And as noted most made no changes.

Now I was presented with the problem of stopping the forged cancellations without ISP cooperation. The solution which has worked so far turned out to be quite simple. Point my newsreader at the same news server which was used to issue the forged cancellations.

While flexible newsagent has limitations. It can target entire newsgroups canceling every post which is not what a psychopath would want to do to silence the opposition. It can also make matches with From: and newsgroup. It can also attack newsgroup and originating IP. It can also select From: and IP.

So by regularly making slight changes in my identity[1] the only option available is to cancel all messages to the newsgroup from the IP. And as they are non-english speaking ISPs it is extremely unlikely to generate complaints from the ISP's users. But that is where newsagent eats itself.

Newsagent also requires a post from a psychotic to the newsgroup to work.

So the news server executes the cancellations on a newest first basis. Which means it first cancels the cancellations. Then finding no other cancellations it has nothing more to cancel.

Voila! One more psychotic bites the dust.

28 April 2001
Never underestimate the actions of a psychotic.

Notice above I said he could not cancel an entire newsgroup without canceling all posts to that newsgroup every place. I was wrong. The psycho found a way to cancel an entire newsgroup on one ISP while propagating individual cancellations. But canceling an ISP's entire newsgroup record? What better way to get the attention of folks with more clout than a lowly user.

He did not find a way to avoid propagating the cancellation message so all I had to do was read the Path: to find the open server, point my newsreader to it and then survey the damage. And make a few taunting posts in the process to see if he will get more obvious in his actions.

Back to the drawing boards and the Java code.

Maybe I will start posting to dozens of newsgroups to encourage the psycho to use this same method and make more enemies. The more finger prints he leaves the more law enforcement has to work with.

The most recent use of this tactic was on an ISP in South Carolina, USA. The ISP was informed as was its domain space supplier, Time Warner as well as networksolutions which registered both Time Warner and Bell Canada who, after repeated notifications are permitting these rogue cancellations to continue without taking action.

I am not saying the internet is at risk but when major players like Bell Canada and Time Warner are too busy with more important things than disruption of the largest disk space consumer on every ISP something is a bit rotten in Denmark. We need an Arnold to take out the trash.

1 May 2001
The Canadian psycho continues to forge cancellations. He clearly does not realize two things.

The first is erasing or doing any damage to anyone's computer by any means even if there is no lock on the door is a federal crime. And the cost of repairing the damages is based upon the hours expended by the sysadmins. In most states of the US the level of a felony is $50. The cost is not the wages but the total cost of employment which runs 160% to 180% of wages. Anything over one hour will likely constitute a state felony.

The second is posts are not erased but simply marked deleted. He is leaving evidence of a felonies no matter what he does.

News servers do not erase posts. They simply mark them for deletion and do not serve the headers to news readers. The headers and and message bodies are there until they fall off the end of the disk by reason of the retention time set or until the disk is compacted. The fingerprints of the felon are there long enough for all the evidence to be recorded. There is no way to force a disk compact without root privilege which compounds the primary felony.

In regard to [3] people knowing of his crimes and not reporting the crimes to the police are considered at the minimum accomplices to the crime, spousal and confessor privilege excepted where recognized. Anyone who is assisting in the commission of these crimes is legally part of a criminal conspiracy. As the simple explanation goes, if a kid steals a candy bar it is petty theft. If two kids plan to steal a candy bar it is ten years.

The amusing part of this is there is more than one person and they have left public posts documenting it in many ways, usually by knowing things only the active party, the patsy, could know and vice versa.

And even after our public postings of where they have gone wrong in failing to cover their actions and in knowing things they could not know unless ... they continue doing it. The gang who couldn't shoot straight. There have been public posts as to their identities being known to the police, the FBI and the RCMP and as to the investigation as a whole.

I am reminded of that character in one of the James Bond movies "I am inwincable" just before meets his end.

What pisses me off is I never wanted to waste my time learning this much about nntp implementation. I do have better things to do with my time. If these guys ever learn enough to be dangerous I just might have to read the RFCs. And that is boring.

Captain's log, Earth date 5 May 2001
As noted above, when newsagent runs on a newsgroup of an ISP it must cancel all the posts in that newsgroup in order to avoid canceling its own cancellations first. The current vexing one (pun intended) is running is Australia. After six notifications and an assurance it was stopped (an admission of the ISP running it) it continued.

Thought of the hour. Odd newsgroups on an ISP will not generate many complaints. But how about including likely popular newsgroups as in this case soc.culture.australia and soc.culture.australian. When newsagent causes the entire local news spool of those groups to be canceled local users are going to complain to the ISP.

On the first tries the posts were not canceled. Some were canceled on subsequent tries but varying the newsgroup order left them uncancelled. There appear to be only a dozen or so Australian newsgroups including alts and porns. If this is working there should be no problem getting the ISP to stop the rogue cancellations or lose customers right and left.

And the beauty of it is he is doing it to himself.

But that failed. The next tried tried also failed. That was to crosspost all messages to control.cancel in an attempt to get the cancellations canceled first. How is that being accomplished? Enter virgin leafnode installations.

8 May 2001
In the last few days it has become clear more than one person is involved as multiple forged cancels on the same message are issued. This by a typical resurrection. If you read the bang list (Path:) to the end you can see the ISPs which have issued these forgeries.

A particularly serious abuser has been optushome.com.au which despite dozens of notifications over the weeks has continued forging cancellations and at present has exceeded 2500 forgeries.

Recently demon.net has joined in the forgeries. Demon.net is one of the largest ISPs in the UK. They set up leafnode which has a useful maximum of about 100 users to issue its forgeries. From the leafnode website ...

Leafnode is a USENET software package designed for small sites running any flavor of Unix, with a few tens of readers and only a slow link to the net. It was originally written by Arnt GulLIandsen and is currently being maintained by Cornelius Krasel <[email protected]>. The current version is 1.9.18.
From this we learn no ISP has any use for leafnode. When we find it being run by an ISP and open to the world we know it is has been done for a purpose. In this case the purpose is to issue forged cancellations.

In investigating these cancellations I always try to point my newsreader to the news spool. If I can logon it is an open relay. If I cannot it means the ISP is guilty of forging cancellations. Which is where leafnode comes in.

Open relays imply innocence. Those which are closed imply guilt. By setting up leafnode which is small and does not interfere with the ISP's operations and leaving it open, guilt or innocence is ambiguous. Of course it also implies gross incompetence in leaving it open after installing as how to stop that is right up front in the README file. You can't complete the installation without reading how to stop it. It also implies gross stupidity by an ISP in choosing leafnode.

On the assumption an ISP is not this dumb nor this stupid the ISP is guilty simply by having it operating.

It is clear an ISP the size of demon.net has no use for leafnode save perhaps for internal use behind its firewall for a small group within demon.net. It is clear whoever set up leafnode on demon.net is inside the company. So we have major companies (if the fire the employee they can be excused) forging cancellations.

This fits with control.cancel not working as a news server has no newsgroups when initiated. Not having a control.cancel newsgroup prevents the crosspost to control.cancel from working. The method to deal with this is to logon to the open relays and read control.cancel. At first it will not be there but the next time it updates it will show up and cancellations will be canceled. At least that is the current tactic. The counter tactic is to set it to never update.

Also in this time cabal.int has become involved by issuing resurrections for the canceled messages. When resurrection messages are canceled cabal.int issues resurrections of the resurrections. This can go on ad infinitum if cabal.int maintains an interest. While it may harm the newsgroups for the moment it has the potential of organizing many ISPs to rooting out the people conducting this campaign.

10 May 2001
In [4] we see a partial list of ISPs who have participated in this over the last two months. We have to ask at some point, could there have been so many accidental discoveries or LIeak-ins so quickly. The answer is unclear.

But we can answer the question, has it all been the work of just one person? Clearly no. In the last week multiple ISPs have been cancelling the same message.

Today tac.net joined in forging cancelations.

Origin
I became involved about three weeks after this started. Prior to that the target was only one person with the forged cancelations being issued by THT.NET in Toronto. I understand weeks of complaints were unheeded. I became involved around the time THT's upstream provider, HUB.ORG was being notified and similarly ignoring notifications.

The foray with HUB.ORG was of value as rather than THT.NET's "F*** You, Eh?" silence [email protected] aka [email protected] was willing to respond. It was a lot of unimpressive stalling until one email. In that email for no reason whatsoever and out of the blue included a name which had not been discussed previously. That person was Ken McVay of NIZKOR.ORG. Ken McVay has a long history of shilling for B'nai LIith.

I have no idea why HUB.ORG implicated Ken McVay in death threats. I would say scrappy has a lot of explaining to do to Mr. McVay.

After that connection with nizkor was made the attacks from THT.NET were transferred to other servers. Anyone connecting the dots identifies THT.NET as the nexus of the on-going criminal activities and disruption of usenet. How McVay of Nizkor fits in is unclear but has been implicated by HUB.ORG as part of the nexus.

Hub.org aka [email protected] aka [email protected] refused in no uncertain terms to shut down tht.net's newsfeed or take any remedial action against it. He also said he had worked for and had been offered a job by tht.net possibly explaining his reluctance to act responsibly. Possibly because he was involved or at least knew the person or persons and was willing to take his legal chances with the charges.

12 May 2001
People not familiar with the internet have heard horror stories about tracking down intruders and hackers. They have asked me why I think this is so easy to correct. Let me take leafnode as an example.

Stopping the abuse via a leafnode installation requires the following steps. The commands are.

  • su [enter password for root which is total control of the system]
  • whereis leafnode [this gives an answer in two seconds at most]
  • rm leafnode [rm = remove and it stops]
And that is all there is to it. Taking days after dozens of notifications does not explain failure to take the above steps which talk less than one minute.

I will admit it may be somewhat more complicated than that on a large multi-server ISP. But then the system administrators should be knowledgeable enough of their system to do the same thing just as quickly. If they cannot then they are incompetent.

I have also been asked another question. How do you know? I have an email from one John Morris, frequent usenet participant, who has identified Larry Schiff, owner of tht.net, at the infamous NAZIHUNTER and the person who has been making the death threats on international telephone carriers. Dr. Morris will not object as he knows his email is not only record but also in the hands of the FBI and RCMP.

I have also contacted Bell Canada on the death threats. Bell Canada knew the person making the death threats but insisted upon protecting his identity. Despite numerous complaints to Bell Canada over the years it has not only protected his identity but taken no action at all against the person whom they know is using their system to make death threats.

I find myself quite amazed at the protective system around the person John Morris has identified. I find it also interesting Dr. Morris has not gone to the authorities with his knowledge. I have no idea what fear prevents Dr. Morris from going to the authorities to avoid being charged as an accomplice which he is now as he has remained silent. His entire professional career is on the line here.

I also have a usenet post offering from tht.net. The only excuse might be he/it used an alias. I recommend anyone before a judge saying, "I used an alias so it is OK." Falsely offering fake is like falsely offering illegal drugs. You get busted on the charges as though it were real.

Doctor Morris has been a long time defender of Ken McVay and other Zionazis who have terrorized those who disagree with them. Harrassing employers is the least of their tactics. I have posted fake employers just to let them waste their phone calls and get charged with harrassing phone calls. When you recognize their tactics, use them. Not the tactics, them.

And as my address has been posted so many times over the years on the internet by tht.net with the invitation to homicidal violence I really have no concern about this clown who is a few candles short of menorah.

I do have a concern regarding how many non-Zionist Jews he is defaming when I post true desciptions in my resurrected subject lines. One of his earliest usenet posts to me was "He is not an antisemite but I am going to make him one." People like this try to make enemies so they can claim to be defamed and justify their criminal actions and let them continue in their business.

Some folks may be gambling the police being stupid on the internet. They are but they are improving rapidly. And the statute of limitations is seven years at a minimum for these felonies. I give the following salutation, "Rotsa Ruck!"

14 May 2001
After ceasing forging cancelations for over a week tac.net returned to its malicious ways today. As before there is no sign of it being a customer of the ISP rather the ISP itself.

I have been asked why I even began these public posts rather than let the law take its course. The first reason is the law will act upon its own priorities which can mean as much at three years. The second reason is several people such as [email protected], Dr. Morris and Ken McVay appear to be in too deep to back out.

Amateurs never comprehend to precepts of the real world. When in a hole, don't dig, and, unlike wine bad news does not improve with age. The constant public posts encourage them to keep on digging and hope to buy time. Thus the recent post by the Zionazi he is taking two weeks off, immediately belied by a test post from newsfeeds.com.

These postings are taunt them to continue, to dig deeper to leave a bigger hole for law enforcement to fall into on top of them. They are to keep the trail fresh so law enforcement will learn how to follow the trail. The Zionazi Monkeys can either continue or go to ground forever.

So far they have taken the bait and dug deeper and left a longer trail. I can't really call it bait as their psychotic personality cannot let go despite their imminent risk of exposure and arrest. These are people who try to hide behind "My ancestors were holocausted before I was born" and other certifiable types.

I have also freely used "they" instead of refering to one person. That is because the record in the newsgroup control.cancel has clearly shown more than one cancelation from different ISPs on the same message. The second to arrive is wasted so Guido does not resurrect a forgred canceled post more than once. No Zionazi Monkey as stupid as this one in Toronto can do that much alone.

These mutiple cancels have likely been an attempt to outsmart Guido which is rather hopeless at the start. Guido is both a Vulcan and a Sicilian.

[Sidebar]
As far as I know I am the only beneficiary of the emails containing viruses from Israel they have continued unabated despite assurances from the offending ISP.

16 May 2001
Today the zionazi from Toronto, please see police sketches above, announced he would pause for two weeks. The most likely meaning of this is he will cancelled every post in the intervening two weeks.

In the process he has implicated [email protected] aka [email protected], netcom.ca and attcanad.ca as participants in his operations. Again folks you know what to do and how to do it if you are interested.

22 May 2001
After a six day break the Zionist is back to his criminal tricks forging cancelations which Guido reposts in minutes. Unlike this person a rational one would certainly stop leaving a trail around the world. A rational person would certianly slow down instead of keeping his trail warm.

Additionally he has started copying the forged cancels to alt.test so fake email is created. That gets even more ISPs pissed at him. Watching this guy you get a feel for the mentality of those who think they are so clever they will never be caught.

I am a rank amateur at this internet stuff and he is upsetting people who do it for a living. Yet I have followed him at every turn and forced him down to the only method he can use and that method leaves a wide open trail. He has not changed his method in weeks.

One has to ask if he wants to get caught.

Yes, again, the crime. Hacking and entering is a federal felony in the US worth five years and $US10,000 fine without a lesser count to plead to. There is peddling under an alias, an alias is not exculpatory. Good enough? All costs of stopping the intrusion and misuse are at the normal billing rate at full burdened rates for all parties involved meaning about double the gross salary at one hour minimum per person. That exceeds felony level every place in this world by definition.

What are these boys going to plead? Poor put upon Jews who could not help themselves? Why do they want to make martyrs of themselves? I have no answers only questions.

27 May 2001
After ceasing for a few weeks, optushome.com.au returns to forging cancelations. Orginally optushome maintained it innocense after an inordinately long time doing nothing. Now it has returned to its criminal ways.

To most this appears to be no more than a harmless prank. ISPs pay for their newsfeeds just like any other information on their computers. Destruction of information contained on computers is a felony in most countries which have gotten around to passing computer related laws including all western countries. The felony is simply doing it regardless of value.

The valuation may be trivial but as it is paid for by each ISP and thus by each customer they trivial amount is multiplied by at least the number of ISPs and perhaps by the number of people connected to the internet. Multiplying this by the number of cancelations and the value mounts.

Add to that the number of hours people all over the world spend dealing with this. Not only the sysadmins but law enforcement where simply processing a report costs hundreds considering all the paperwork and steps in the process.

14 November 2001
The week of 4 November 2001 another form of newsgroup attack began. Rather than cancellations the perps have taken to sending thousands of meaningless posts (spam) to the newsgroups. They contain the From: and other information so that it appears to come from a targetted user making them forgeries. These are known as sporgeries as they are both spam and forgery.

Needless to say these also constitute felony hacking. They use of internet bandwidth and the disk space of ISPs all over the world. As bandwidth and disk space both have a financial worth which adds up quickly the financial harm exceeds the felony threshold.

The targets this time were people in alt.revisionism, talk.politics.mideast, soc.history.ancient, and soc.history.what-if. (Note, alt.revisionism has had this kind of attack off and on for years.) Specifically they were people who were reciting problems with the Old Testament and posting negative material about Israel and Zionism. Thus we infer once again the perpetrator is some combination of Jewish, Zionist or Israeli.

That combination takes us back to Ken McVay of nizkor.org and Laurence Shiff of tht.net who were implicated by [email protected] in the matter of the forged cancellations. Note the targets are the same as in the forged cancellations.

30 November 2001
An unusual number of ISPs have cooperated in spamming USENET. Most have been responsive, several have not. It strains credulity that so many ISPs would leave such a gaping security hole in their systems. Whether or not there is plausible deniability for this several clearly have participating (conspiring) employees.

  • home.com
  • theplanet.net
  • epix.net
  • videotron.net
  • teleglobe.net
  • gt.ca
  • nerim.net
  • meganet.com
  • abs.net
  • bigsky.net
  • icl.com
  • kornet.net
  • qwest.net uncooperative and repetative, likely conspirator
  • netaxs.com
  • nibble.net
  • qis.net
  • telglobe.net
  • vsnl.net.in
  • iinet.net.au uncooperative and repetative, likely conspirator
  • ozemail.com.an 10,000 spammed to soc.history.what-if on 15 December 2001, after repeated complaints by many people. Obviously a conspirator.
  • giganews.com notified several times and always returns to spam again. Not an open relay so it is a company action.
Quite a long list indicating the pervert's strategy is to collect a number of open servers between attacks. One has to ask after his co-conspirators in this criminal hacking endevour. Conspiracy is an automatic five years added to the basic hacking crime.

15 December, Having fun with open relays
When spam postings are posted there are two possibilities, it is accidental or deliberate on the part of the ISP involved. If deliberate then the ISP is complicite and as such it is legitimate to request the Internet Death Penalty be applied to the ISP. And if accidental it is an opportunity to play.

To determine which it is, set your own news reader to the originating ISP, to one of the last last names in the Path. For example with newsfeed.ozemail.com.au!ozemail.com.au!not-for-mail you would use newsfeed.ozemail.com.au in place of where you now have your ISPs news server name. Then try to use it.

If you cannot connect then the ISP is participating in the spam and is liable. If you can connect you can post news. One fun thing to do is post a confession by the perpetrator. If you know who it is be certain to use his name. If you are just annoyed you might post as [email protected] and say how much fun it is to destroy newsgroups. Be creative and have fun.

A Christmas gift to ISPS, filter your news spool
If you have read the spam and are familiar with the method used to generated it you see a filterable consistant feature. If you remove the occasional Re: then the first letter of the first word in the subject is lower case. That is essentially unheardof in real subject lines. Everybody and his brother has their favorite language to use with INN or whatever so I am not going to bother writing one at the moment.

His options are to upper case the first letter of every word in his lists which is equally unheardof and as easily filtered with no loss. The remaining obvious winning strategy is to uppercase every word. That does match the pattern used by some other posters but there is nothing lost by deleting those also.

Merry Christmas

30 December 2001, ozemail returns to forging cancellations
ozmail.com.au in Australia returned to forging cancellations by cracking mediaone.net in the US. That act is a federal felony making ozmail.com.au subject to extradition under US law.

Where to file FBI complaints
An official FBI case has been opened against Larry Shiff for terrorist activities, attacks on the internet. If you wish to add to it go to www.nipc.gov and add to case number 122101-001-51115 or reference it in your complaint.

3 January 2002, NAVIX.NET
NAVIX.NET begins forging cancellations. Due to test messages which appeared I warned NAVIX several days ago that they had an open relay and provided samples. As they did nothing they are clearly cooperating but could possibly plead to the lesser charge of criminal negligence.

9 January 2002, Navix.net spams after over a week of warnings
On 9 January 2002 navix.net having been warned of having an open relay for nearly two weeks spammed 2000 forged messages to soc.history.what-if. Due to the prior warning, navix.net is a criminal co-conspirator in this attack on the internet. See above for adding to the criminal complaint with the FBI.

11 January 2002, In the last two days
Just the tallies. The Toronto Lampshade and his co-conspirators have been busy.

  • nac.net 1000 to soc.history.what-if
  • iinet.au 1000 to soc.history.what-if
  • abs.net run by coretel.net 1000 sporgeries to talk.politics.mideast
  • chello.com adds 1000 sporgeries to soc.history.what-if and another 1000 to talk.politics.mideast

12 January 2002, today's tally

  • iprimus.net owned by optus.net noted by slashdot.com as part of the criminal internet scams run out of Miami with optushome which has previously been involved 1000 to talk.politics.mideast
  • 1300+ split among
    • abs.net 500+ to soc.history.what-if
    • iprimus.com.au 500+ to soc.history.what-if
    • isar.net
  • small number of forged cancellations in soc.history.ancient by uswest.net part of qwest.net

Terrorist attackers of the Internet
By their persistant and knowing attacks upon the internet the RICO criminal organizations are as follows.

  • abs.net
  • nac.net
  • chello.net
  • coretel.net
  • iinet.au
  • optushome.com.au
  • qwest.net
  • uswest.net
All four have been involved in previous attacks on usenet making them either criminally negligent or criminally culpable for the attack and conspiracy. Remember to file criminal complaints with the FBI.

  • Massive Spam Attack and Forgery Attack
    This is coming rather quickly. I haven't had the time to organize the material. So here are my working notes.

    
    2002 01 16
    
    sporger and his criminal accomplices at nac.net, kornet.net and ono.com
    another 1600 sporgeries to soc.history.what-if
    
    starcat.ne.jp 800 not a criminal conspirator yet
    
    2002 01 17
    
    1000+ from ono.com
    
    2002 01 18
    
    1000+ from ono.com
    
    2002 01 21 
    
    1000+ from ttd.net and quicknet.nl 
    
    2002 01 22
    
    1000+ from kih.net
    
    2002 01 23
    
    The following have been almost completely spams identifying this website.
    
    500+ kornet
    
    2002 01 28 
    
    2000+ from kornet
    
    2002 02 02
    
    2000+ from abs.net, ksc.co.th, 
    
    2002 02 03-04
    
    24,000+ from ksc.co.th divided into
    
    	14,945 to soc.history.what-if
    	 8,462 to soc.history.ancient
    	12,011 to ancient
    	16,700 to what-if
    	17,102 to what-if
    	12,301 to ancient
    
    2002 02 04 from wanadoo.fr and kornet.net mostly from kornet
    
    	4,800+ to soc.history.what-if, linux.redhat, comp.os.linux
    	4,600+ " " " 
    	2,000" " " "
    
    	The same sporgery is being flooded to at least 50 other newsgroups I
    have tracked. They are being jointly attacked with soc.history.what-if
    apparently to get the replies in those groups also posted to s.c.w-i. This
    has resulted in only a few hundred such replies.
    
    2002 02 10 from siol.net
    
    	1024 to soc.history.what-if
    	1024 to sci.astro.seti
    	1024 to comp.graphics.apps.gimp
    
    2002 02 11 
    
    	100 to comp.os.linux.redhat from siol.net
    	2000 to sci.astro.seti from usenetserver.com
    	500 to comp.os.linux from uswest.net a long time criminal ISP
    
    2002 02 12
    
    	1500 to soc.history.ancient from uswest.net long time criminal ISP
    	700 to comp.os.linux from usenetserver.com joining the ranks of
    criminal ISPs
    	900 to sci.anthropology from uswest.net
    
    2002 02 13
    
    	800 to sci.astro.seti from usenetserver.com
    
    2002 02 13 evening
    
    	I began using a script to change identifying elements of my posts on
    every post in a deterministics and sort of one way manner. No spams since
    then.
    
    2002 02 14-18 none
    
    2002 02 19 
    
    	900+ to soc.history.what-if from uunet.co.za 
    
    	This flood was a throwback to the old pick a few names and attached
    them to the flood. Four were chosen out of some fifty different ones to ten
    newsgroups. 
    
    2002 02 20 none
    	
    

    The massive increase occurred after I mentioned the Sporderer's Apprentice. If you look at the list of the ISPs which have been part of the attack you find kornet and wanadoo have figured prominently. And they have been notified what they are doing and have continued for a year.


    Who are the targets
    It started with

    • Anyone supporting the Palestinian position against Israel meaning essentially all Islamics and the very large community of anti-Israel and anti-Zionist Jews
    • Anyone reciting archaeological findings in Palestine and the known history of Palestine which brings into question Israel's claim to the region
    and expanded to
    • Anything generally considered politically conservative as the term is defined in the US and Canada.
      • against gun control
      • anti-abortion
      • libertarian in general
      • questioning gay rights
      • questioning open immigration policies
      • questioning dual citizenship
      • anti-socialist/marxist/communist
      • supporting the punishment of convicted spy Johnathan Pollard

    It is a somewhat diverse list but clearly the opposite of pro-Israel and pro-liberal as defined in the US and Canada.

    The list of people being canceled started with one and it now over fifty with almost as many as the ISPs, wittingly or unwittingly, which have participated in these cancellations.


    [1]As it is a windows program it loses all of its setting after each cancellation. That would require reading every message in a newsgroup for content to establish the new names. A daunting task to re-enter everything every time with every variant name.

    Variant names may appear to lose personal identity in a newsgroup. But Matt Giwer and Matt Giiwer and Matt Giwer2 and a finite but very large number of human readable but software unreadable variants exist. Software unreadable as soft matches can not work in automatic extraction of variants from a news spool and automation of the cancel process.

    This approach failed indicating an effort to read all messages. Totally different names require reading all messages posted. An effort beyond all but the most dedicated psychotic.


    [2]This psycho is obviously being fed with information as to who has open feed news servers. I do not wish to put too fine a point on it but those who search for them for fun are enabling psychotic when they indiscriminately share the information. I know there is a ethos of "no responsibility" but remember you could be next. Today's smasher of one icon is tomorrow's smasher of another icon which could be yours. Think about it.


    [3] Of interest are the RICO statutes which are effectively the same in Western Europe, Canada and the US. All people who work towards a common objective even if they do not know all the others are criminally liable for all the crimes of all working towards a common objective.

    The known felonies of one or more participants are computer hacking and destruction of computer records, international telephone death threats and dealing in. The latter is interesting. As with offering fake drugs for sale falsely offering carries the same penalties as offering real drugs.

    The issue involves the juvenile offering it for sale in the name of another person. Using an alias in a felony compounds the felony. Meaning offering it for sale in the name of another is the same as offering it for sale in one's own name. And all persons working towards the same objective are equally guilty of dealing in.


    [4]A partial list of ISPs used wittingly or unwittingly. Most have acted responsibly but usually very slowly. Some have participated in the forgeries. Some have made made forgeries possible. It is partial as it is difficult to keep track of them all.

    Origin of the first forgeries

    • tht.net == Toronto, Ontario, Canada
    • hub.org == Toronto, Ontaria, Canada
      • Refused any action whatsoever for over a month and then the forgeries moved to other ISPs. No action was ever taken.
    • pascal.a2000.nl!newsfeed.a2000.nl!not-for-mail
    • post.newsfeeds.com!newsfeeds.com!pn!anonymous!127.0.0.1!pn
    • netnews.com!opentransit.net!wanadoo.fr!not-for-mail
      • Particuarly adamant in ignoring dozens of complaints for over a week
    • newsfeed.twtelecom.net!216.136.69.31.MISMATCH!216.136.69.31!64.24.114.68
    • ctu-gate!news.nctu.edu.tw!news.ntu.edu.tw!nntp.tfvs.tp.edu.tw!64.24.114.68
      • particularly uncooperative but likely due to the language difference
    • netcom.ca
    • 216.136.69.31
    • telenews.teleline.es
    • webtv.net
    • baran22.ttnet.net.tr
    • news.zeno.nl
    • optushome.com.au
      • extremely uncooperative without a language difference excuse
    • tac.net
    • ick.demon.co.uk == demon.net
    • tpi.pl == stopped it within 24 hours, the most responsive yet
    • jekyl.ab.tac.net == started 10 May 2001
    • netcom.ca == resumed cancelations 12 May 2001
    • gmbtech.net == started 13 May 2001
    • tac.net == resumes forgeries 14 May 2001 more than 50
    • newsfeeds.com == 17 May 2001, a message which precedes forgeries appeared on talk.politics.mideast and soc.history.ancient
    • supernews.com == 22 May 2001, forging test posts,
    • odn.ne.jp == 22 May 2001 begins forging cancelations
    • demon.co.uk == returns to forging cancelations 23 May 2001
    • optushome.com.au == returns to forgering 27 May 2001

    How to deal with cancelations
    This is a typical repost by guido of cabal.int of a message for which a cancelation was forged. Go to the
    ========= WAS CANCELLED BY =======:
    line and look at the Path: statement. The last ISP at the far right is the ISP forging the cancellations. In this example it is tac.net. In an address like this jekyl.ab.tac.net the ISP is almost always the last two names unless it is followed by something like co.il or co.uk. In which case those names are part of the full ISP name.

    Most ISPs can be contacted by emailing to abuse@ in this case [email protected] I have discovered there is better response by also emailing abuse@ the other ISP in the path statement such as direct.ca, execpc.com and sol.net. When including those it is worth requesting the newsfeed of the guilty ISP be suspended. ISPs in this list can also refuse to accept posts from the guilty ISP.

    A whois utility which you may have or you can find at www.geektools.com (top right option) will give you generic contact information. networksolutions.com is also interested in abuse of the internet and has an abuse@ mailbox.

    A general rule of the internet is the Terms of Service which apply to customers also apply to the ISPs. If you would lose your account for doing something the ISP can be terminated for the same reason. If you were forging cancelations as at least one reader of these newsgroups is, then the ISP can be cut off from the internet.

    This is how you can do your part, if you care to do anything other than encouraging the forgeries. The more complaints the better. Make them responsible for their actions. Simply adding abuse@ to a response to the repost in the newsgroup is much easier.


    For the reading impaired
    You can read above the forged cancellation attack began with THT.NET owned by Laurance Shiff of Toronto, Canada. The current attack flooding newsgroups with nonsense is in the same manner.

    The HUB.ORG refused to do anything about THT.NET for over a month and gratuitously included nizor.org and tht.net in a CC: response to attempts to get hub to shut of tht's news feed if it did not stop.

    For those who missed the discussion a few years ago, there were attempts to contact Ken McVay of nizkor by phone including the afterhours number. The afterhours number was answered by the head of the British Columbia chapter of B'nai Brith.

    THT.NET is owned by the person who has used the telephone to threaten people and their families. He is a sick little rich Jew kid with a worthless degree in Babylonian history. He posts under several names the most common is Nazihunter which is what jewish boys play instead of cowboys and indians.

    The only reason he is still free that he has bought the RCMP and they have chosen to stay bought.

    And then we must keep in mind that when I got the first telephone death threats Bell Canada said the phone number was owned by Laurence Shiff. And the same name shows up in all of this. I guess the RCMP protects rich Jews. The rich are greater than us. But why does every Jew resolve to rich?

    And then my son started receiving the same death threats as did my father. What kind of Jew shit is this that he as any defenders at all? Here is a little shit jew who has said he is a jew in the death threats so who am I to argue. Is this forger a neo-nazi or a jew? You tell me.

    Were I to be charitable I would say he is trying to make Jews look bad but Shiff is a Jew and therefore this is what Jews are like. If any Jew objects to that, shut down Shiff. And if you claim it is not clear it is Shiff then turn in your Einstein badge as you are dumber than dog shit. Shut off Shiff or let Shiff be the archetypical Jew. Silence and INaction gives consent.

    I do not want to hear excuses from you Jews out there. You can read on this page how to stop the little jew shit forger. So don't tell me you cannot. And do not try to hide behind a Jew never speaking ill of a Jew in public. I am not telling you to respond in public, just stop him by following what I have explained on this page.

    You can pick your side be claiming this little jew shit is a real Jew but if he is so are you all including flappers like McVay.


    All times Eastern Standard Time, GMT -5

    Why this list? Because the little boy posted a few thousand spams with this website URL in order to generate complaints about it. I want him to read what he has accomplished.

    History: about 2500 hits since first post in June 2001 through the link addition

    2532 noon 28th

    At that time I added a link to my index page directing people to this page if they got my web address from a usenet spam. No one ever said Larry the Lampshade or his apprentice were very bright. There were over 500 hits on this page in the first 10 hours.

    500 in 12 hrs after adding a link referencing this page in the late morning of 1/28/02

    10 hits/hr overnight EDT early morning of 1/29/02

    • 3500 8am 30 Jan
    • 4029 noon 1 Feb
    • 4169 3pm 2 Feb
    • 4268 3pm 3 Feb
    • 5622 2pm 4 Feb
    • 7587 6pm 5 Feb
    • 8252 6pm 6 Feb
    • 8724 6pm 7 Feb
    • 9080 6pm 8 Feb
    • 9336 6pm 9 Feb
    • 9580 9pm 10 Feb
    • 9802 9pm 11 Feb
    • 9960 7pm 12 Feb
    • 10117 7pm 13 Feb
    • 10280 8pm 14 Feb
    • 10392 8pm 15 Feb
    • 10653 9pm 17 Feb
    • 10746 9pm 18 Feb
    • 10858 8pm 19 Feb
    • 10955 9pm 20 Feb
    • 11031 7pm 21 Feb
    • 11112 7pm 22 Feb
    • 11252 7pm 24 Feb
    • 11327 8pm 25 Feb
    • 11503 7pm 28 Feb
    • 11614 9pm 2 Mar
    • 11656 9pm 3 Mar
    • 11701 9pm 4 Mar
    • 11819 3pm 7 Mar
    • 11889 7pm 9 Mar
    • 16377 7pm 11 Nov 2002
      • Enough until the next time the lampshade spamvertises this website
    The bad news is, spamvertising works.


    Page reads: 16777

  •