In message <Pine.OSX.4.64.1103310053260.312@cevin-2.local>, Brandon Ross <bross@pobox.com> wrote:
On Wed, 30 Mar 2011, Ross Harvey wrote:
Wait a second, I'm pretty sure that in most contexts, a signature or letterhead means not so much "this is real because it's so obviously genuine", but rather:
"This is real or I am willing to take a forgery rap".
Do you think most providers check the signer's ID to make sure they actually signed their own name? How do you prove that whomever you accuse of signing it actually forged it if not?
Does anyone know of there ever being even a single case where someone was convicted of forgery for this?
Excuse me, but I think that this discussion is starting to stray rather far from either the known or the reasonably plausible facts. In the first place, I do not accept the theory that either Circle Internet or Bandcon were hoodwinked by cleverly forged letterheads, and there is no evidence I am aware of which would support that theory. Until, if ever, additional facts are forthcoming, I believe that it is just as plausible that some spammer simply came to each of these companies and said to them "Hi! I really want to hijack these two unused /16 blocks. Will you help me?" and that one, or another, or perhaps both of these companies simply replied "Yea. Sure. We didn't quite make our quarterly numbers, and we are always on the lookout for new revenue streams. So how much money do you intend to give us if we help you with this, exactly?" In the second place, this amusing "letterhead fraud" theory only holds up if one also believes that, upon being presented with a mere forged letterhead, allegedly coming in "over the transom" as it were, i.e. from a previously unknown source, along with a request to announce some routes to a couple of sizable blocks of IPv4 space, neither Circle Internet nor BandCon even bothered to pick up the bleepin' phone to call the contact number that is/was plainly visible for all to see, right there in the relevant ARIN allocation WHOIS records for the IPv4 space in question. Then there is also the small matter of the name on the _checks_... you know... the checks that _somebody_ had to write, in the first instance, before either BandcCon or Circle Internet would have been likely to provide _any_ kind of service to some new and total stranger. Or was this "duped by clever forgeries" single bullet theory that you folks have been dis- cussing also intended to include the forging of CHECKS in the name of "Hoechst Celanese Corporation"? See, no matter how you slice it, both BandCon and Circle Internet have a lot of explaining to do. At the very least, and even if this implausible "forged letterhead" theory were true... which I gravely doubt... both BandCon and Circle Internet have been rather grotesquely negligent, i.e. in accepting, without any checking whatsoever, the representations made to them by some total stranger who simply para- chutted out of the clouds one day, clutching a forged letterhead in one hand and a bag of unmarked small denomination bills in the other. So that's the very least... the companies were both, at the very least, rather stupendously negligent. At the very worst on the other hand, one or another or both of them may have been entirely "in on" and part of these hijacking schemes/scams from the get-go. I myself would tend to go with the latter theory, simply because it is the only one that would seem to make any sense, you know, logically. Ask yourself which of these theories seems the most plausible? 1) The spammer forged two checks in the name "Hoechst Celanese Corporation" and gave one each to Circle Internet and BandCon, respectively, along with similarly forged letters of introduction and requests for routing of IP space. Unless I am misremembering, this means that the spammer would have engaged in not one but TWO very serious federal fraud offenses. Even sleezy low-life spammers do not customarily accept this level of risk, e.g. just to get their hands on some IPv4 space which, we must remember, is only likely to be of value to them for a relatively brief period of time, EVEN IF they can manage to keep it routed. 2) The spammers gave Circle Internet and BandCon forged letters of introduction (on forged letterheads) and requests for routing services, and gave the two companies -zero- actually money, and nonetheless, both companies started happily announcing routes for the purported "Hoechst Celanese Corporation", even though neither company received a dime for this service, and even though they both CONTINUED to provide this service, utterly for free, apparently for at least THREE FULL MONTHS. 3) The spammers gave Circle Internet and BandCon forged letters of introduction (on forged letterheads) and requests for routing services, and gave the two companies checks that were NOT "Hoechst Celanese Corporation" checks (either forged or otherwise), and then both Circle Internet and BandCon just cashed BOTH of those two checks (which were presumably written against the account of "Joe's Fly-By-Night Spammery and Pizza Parlor") and both companies cashed these two checks without ever even looking at them or even wondering aloud why "Joe's Fly-By-Night Spammery and Pizza Parlor" would be paying for Internet services which were ACTUALLY going to be delivered to the large and internationally-known Hoechst Celanese chemical company (which is, quite obviously, perfecly capable of paying its own ISP bills, thank you very much). 4) The spammers simply went to Circle Internet and BandCon and said "We want to hijack some IP space. If you help us, we'll pay you handsomly for your trouble." and both companies simply replied "Yea. Sure. We like money. And as far as we know, nobody's ever gone to jail for hijacking IP space, so, um, what the hell! When did you want to get started?" The first three theories are, in my opinion, utterly implausible. That doesn't really leave very much to wonder about. Let me put this all to you another way. I would like to respectfully suggest that anybody who is actually taking this "forged letterhead" fairy story seriously should write to both Circle Internet and BandCon, explain to them both that either their competence or their honesty, or both, have been the subject of questions here on the NANOG list, and that they would each do well to make some sort of a clarifying comment... or, if possible, a refu- tation... here on the NANOG list. If they were merly hoodwinked, well then they should come here, admit that, explain to us all exactly how it happened (so that nobody else will get taken in in the same way in future) and thus set the record straight. Yes, it will always be a bit embarrasing to admit that you were hoodwinked, but that is still a damn sight better than being publically reputed to be outright crooked. So please, if you really think that these companies were merely hoodwinked, and that they were NOT in on the (hijacking) deal from the get-go, please invite them to come here to the NANOG list and clear the air, along with their names. I got twenty bucks that says that no verifiable official representative of either company will be making an appearance here anytime soon, or that if they do, they won't be taking any questions. Any takers? Regards, rfg