Thread: OT - Looking for a simple explanation - Thunderbird
View Single Post
  #15  
Old March 19th 19, 08:01 PM posted to alt.computer.workshop,alt.comp.os.windows-10
David in Devon
external usenet poster
  
Posts: 76
Default OT - Looking for a simple explanation - Thunderbird
On 19/03/2019 19:05, Carlos E.R. wrote:
On 19/03/2019 12.56, David in Devon wrote:
On 19/03/2019 11:32, Carlos E.R. wrote:
On 19/03/2019 00.09, David in Devon wrote:
On 18/03/2019 22:57, Carlos E.R. wrote:
On 18/03/2019 22.46, David in Devon wrote:
On 18/03/2019 20:54, Big Al wrote:
On 3/18/19 3:57 PM, David in Devon wrote:
Following the detraction of the newsgroups which were hosted hosted
on the Annex.com server for many years, some groups were transferred
to a similar arrangement on the MyPlugBox.com server.

I've set up news.myplugbox.com as a news server on Thunderbird, but
when I try to connect to the server to download the groups, I get
this pop-up asking for my Username and Password.

https://www.dropbox.com/s/n70zlorf2w...2019.36.08.png




A similar pop-up occurs, when I use news.eternal-september.orq but,
after I append my Username and Password once, I do not have to do so
again.

As far as I am aware, *anyone* is entitled to use the MyPlugBox
newsgroups *WITHOUT* the need to even _have_ a Username and Password
- it's purported to be a 'protected' environment but, in reality, it
is a free-for-all.

Can anyone reading here use the MyPlugBox newsgroups *without* a
need
to supply a username and password?

If so, how may the server owner have manipulated Thunderbird to
require me to have to supply them?

When you setup the newsgroup there is a checkbox to determine if you
need to login or not.Â* You have to set that up for no login required.
Server settings-Security SettingsÂ*Â* I think.

Thanks Al :-)

You can see that I've left the appropriate tick-box unchecked:-

https://www.dropbox.com/s/kdq9ufkiw6...2021.19.05.png



No, not the same thing. That's you (your thunderbird) requesting
authentication.Â* But the news server can demand authentication from you
before allowing you in, which is what is happening (I guess).

And once entered, Th may remember the login/pass for ever if you tick
the box on your first photo.

*HOW* can one obtain a Username and Password?

Any clue, Carlos?

By requesting them from the site. Seriously. Or do you intend illegal
entry?

I believe it important to read posts from ALL participants in any thread
in order to garner the necessary background. Mike Easter has made some
valid points which you may care to review and, of course, my responses
to him.

I only see one post from Mike Easter in this thread, and no reply to it.

May I refer you to this thread on Google Groups?

https://groups.google.com/forum/#!to...op/6_GWCeyqRco

Mike' made a number of posts in this thread, but most are confined to
'my' group - 'alt.computer.workshop'.

You can, of course, try the empty login/pass pair.

I did try. That does not work.

Perhaps you have sufficient knowledge to comment further. If I connect
to the myplugbox server, albeit through Thunderbird as a news server, I
suspect that the server owner can determine much about my computer in a
similar way to what's shown at THIS link:-

https://web.archive.org/web/20160424...al/tektest.php

So what?

Can you see that same info. page if you look on the www.tekrider.net
website? (rather than using archive.org as I had to do).

If that is the case, armed with such information a server owner could, I
believe, carry out all kinds of nefarious activity. Do you agree?

No.

He could, maybe, but why would he? If he is such a bad guy running a
server, I would stay away and not try to connect any way at all.

I'd be delighted to discover that DaveH is NOT a 'bad guy'.

But anyone on internet can try to get information about any other
machine on Internet. So what?

A lot of people have no idea at all about that!

I'm not sure how it can be illegal to review messages and post in a
newsgroup. It's no the same thing as cracking a computer!

Well, if it has a login and password in front, I consider it illegal to
try to enter unless he gives me a login/pass pair. I'm not going to even
try or speculate.

I agree with you. I can't understand why any bonio fido organisation
would exclude investigators seeking the truth.

If it really is a public news server, then contact the owner and ask him
what do you need to obtain credentials. Maybe it is not free and you
have to pay for the service, maybe it is not public, only for his friends.

I'm more than willing to pay if that's required. I'm confident that the
newsgroup users are NOT friends on Mr Higham. I'd not be surprised to
learn, though, that many/all have been co-opted into a botnet.

I'm also confident that few newsgroup participants would ever dream of
checking their router traffic with Wireshark or suchlike,

https://www.wireshark.org/download.html

The subject of malware has always been frowned upon by the self-selected
'moderator' of the groups. It's a poster called 'Winston' - C.Winston
Natoli MVP - who is 'ruling the roost there. He made the post now shown
to be made by 'A.User' in this Microsoft forum thread.

https://answers.microsoft.com/en-us/...1-be014e8a8810

I've never known any other MVP lose their status on the Answers forums,
even when they die!

--
David B.
Devon, UK
Ads