Path: utzoo!telecom-request Date: 30 Apr 91 13:54:39 GMT From: Toby Nixon Newsgroups: comp.dcom.telecom Subject: Re: Prodigy or Fraudigy ??? Message-ID: Organization: Hayes Microcomputer Products, Norcross, GA Sender: Telecom@eecs.nwu.edu Approved: Telecom@eecs.nwu.edu X-Submissions-To: telecom@eecs.nwu.edu X-Administrivia-To: telecom-request@eecs.nwu.edu X-Telecom-Digest: Volume 11, Issue 319, Message 3 of 12 Lines: 66 In article , leryo@gnu.ai.mit.edu (Leryo Malbito) writes: > Upon showing V11 issue 311 (the one with Mark's comments) to a tax > professional friend, he discovered not only confidential tax info on > most of his clients, but logs of Telix sessions which he didn't > remember taking, in addition to the entire Telix dialing directory, > including passwords, macros, etc. An interesting side note is that > Telix is on his D: drive, while stage.dat et al are on his C: drive. > He is still searching through his immense (950K) STAGE.DAT file, > shouting expletives. Since Patrick asked me to respond to this, I'll at least ask this: has he ALWAYS had Telix on his "D" drive? Or, perhaps, did he move it to "D" in order to make room to put Prodigy on his "C" drive? Are these physically separate drives, or just partitions? And how would Prodigy get logs of Telix sessions? You can't have two programs receiving serial data at the same time. I think the operative phrase here is "he didn't _remember_"; let's not attribute to major corporate conspiracy what is best explained as memory lapse. I think that if ANY of us searched through the "free space" (not currently allocated to a file) on our disks, we'd ALL be surprised. This is only turned into "shouting expletives" when one has been convinced by conspiracy-theorists that one is being spied upon. But it just ain't so. I don't mean AT ALL to come across here as defending Prodigy in any way. _I'd_ like to know why they go out and grab so damn much disk space if they're not going to use it right away! Regardless, there are so many REAL violations of our privacy going on, I think it's a shame that so much energy is being expended on this case. By the way, you would do your lawyer friend a great favor by advising him to NOT store his passwords on his hard disk. Aside from the fact that anyone with physical access to his computer (including burglars) can easily get them, he must now realize that deleting those files means that information can be inadvertently released to others. It's quite simple -- all a program has to do is write a partial sector, and that password data could be left there. It's then possible for XMODEM to send that data to others, and you'd never even know it. Even copying the file will preserve the "garbage" at the end. I've heard stories of "heads rolling" at software publishers when programmers used supposedly "empty" disks to produce the master disks that were bulk-duplicated, boxed, and sold. The problem was, of course, that the disk wasn't clean, but that the old files had simply been "deleted" (and not erased) -- so anybody that did a little "garbage collecting" (it's fun; try it some time) got a good bit of the source code of the product!! It's great fun on a multi-user computer to open a new file for random access, and do a write to an arbitrarily high record number -- the system allocates all of the unused space in between to you, but doesn't erase it, so you can merrily read through everything that the other users of the system supposedly "deleted". If you're on a multiuser system, always use an "erase" program that actually overwrites your files rather than just deleting them, or everything you delete will be available to other users of the system. Toby Nixon, Principal Engineer | Voice +1-404-840-9200 Telex 151243420 Hayes Microcomputer Products Inc. | Fax +1-404-447-0178 CIS 70271,404 P.O. Box 105203 | UUCP uunet!hayes!tnixon AT&T !tnixon Atlanta, Georgia 30348 USA | Internet hayes!tnixon@uunet.uu.net