Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!uunet!panews!rchland.ibm.com!seurer+ From: seurer+@rchland.ibm.com (Bill Seurer) Newsgroups: comp.org.eff.talk Subject: Re: Prodigy charged with invading users' privacy Message-ID: Date: 1 May 91 15:17:40 GMT References: <1991Apr30.185752.4913@mnemosyne.cs.du.edu> <1991Apr30.225133.8165@craycos.com>, <1991May1.051734.24594@pcserver2.naitc.com> Organization: IBM Rochester, Mn Lines: 100 In-Reply-To: <1991May1.051734.24594@pcserver2.naitc.com> The Prodigy experiment Because of all the rumors flying around of Prodigy uploading data off of user's harddisks I decided to test if this was happening. All of these rumors are based on the fact that the staging file (STAGE.DAT) Prodigy uses to buffer its screens on the harddisk sometimes is found to contain bits and pieces of user files and directories. Some users claim this proves Prodigy is uploading the data while others just say it is an artifact of the way that DOS allocates files and because Prodigy does not initialize the file when it is created. I devised and carried out the following experiment in order to test if this was happening. The results are: Prodigy does not appear to be uploading any data. The STAGE.DAT file contains bits and pieces of ERASED files. The experiment went as follows: 1) Re-installed Prodigy. I erased all of the files Prodigy had installed on my system. 2) Modified CONFIG.SYS and AUTOEXEC.BAT to remove all TSRs and have 0 DOS buffers. I removed the disk caching software I usually use. This was to prevent any leftovers in buffers or caches from showing up in STAGE.DAT and so that I could monitor what the harddisk was doing more easily. 3) Defragmented the harddisk so that all files were in contiguous blocks. 4) I ran CLEANDSK and CLEANEND to write zeroes over all the unused parts of the disk and over the unused ends of DOS files. 5) Powered the PC off and then on. All memory was therefore flushed and the minimal system with no buffers was in use. 6) I created several large (500k) files each containing a different pattern of characters. After all were created, I erased them. This was to test whether STAGE.DAT is picking up bits of erased files. 7) I installed Prodigy using a large buffer. This created a STAGE.DAT file that was just under 1 meg in size. 8) I browsed STAGE.DAT to see what was inside. The first 250k or so had interesting stuff and the other 750k was 0's. The interesting stuff was mostly buffered Prodigy windows (I could tell by the text that was mixed in) along with scattered pieces of one of the files I had created and deleted in step 7. This file made up about 100k of STAGE.DAT. and given where the data was I'd guess that the first 200k or so of STAGE.DAT had been overlaid on the disk where this file used to be. The *ONLY* non-Prodigy thing that I saw was a copy of my environment variables (COMPSEC, PATH, and PROMPT). I noted that the windows that were buffered were the "old" windows (Prodigy has changed many of its windows since I got my installation kit). 9) Made a copy of STAGE.DAT so that I could compare it with an updated copy after I signed on. 10) I again powered the PC off and on to clear all the memory. 11) I signed on Prodigy. While on I read some mail, sent some mail, read a few BBS appends, and looked at a couple of ads. Then I signed off. I noticed some things when I signed on. First of all, it took a looooong time. I surmised that all those "old" windows I had seen in STAGE.DAT were being updated. I carefully watched my modem lights and harddisk light (remember, I had no buffering). About 95% of the time (at least!) the modem was receiving data. At the end of each long receive (some were 4 or 5 seconds long) the hard disk would be used briefly and the modem transmit light would flicker on. Then there would be another long receive and etc. At no time was my modem transmitting for more than a fraction of a second. 12) Using a hex/ASCII file comparison tool I compared the contents of the STAGE.DAT that I had saved with the updated one after I logged off Prodigy. Many of the menus I had noticed the first time I looked were changed to the newer formats. Also, the sign off menus and some of the messaging menus had either overwritten some (but not all) of the data from the file I had created and deleted in step 7 or been added at the end of the 250k of initially used area in STAGE.DAT. STAGE.DAT now had about 280k of used area less perhaps 80-90k of data from the file in step 7. From this experiment I would say that all the stuff about Prodigy uploading files is rumors started by people ignorant of how DOS works. Some people said that they reinstalled Prodigy to see if that changed STAGE.DAT but they didn't defragment/zero out their disks first so their data is highly suspect. If they had watched their modem lights they would realize that almost no time is spent sending data to Prodigy when signing on but is almost all sent receiving it. If I were to run this again I would change step 7 to completely fill up the unused portion of my harddisk with the dummy files and then erase them all. My guess is that the 750k of space at the end of STAGE.DAT would then contain bits from those files. Later this week I think I'll try this and see. My set-up in case you're interested is: IBM PC-1 (the original) with an Intel Inboard/386, 40 meg harddisk, and 2400 modem. I use DOS 3.2 and the version of Prodigy I installed was 3.1 which is the latest I believe. If you have any questions about the experiment I'm more than happy to answer them. Also, if you have suggestions for more things to try next time let me know. - Bill Seurer IBM: seurer+@rchland Prodigy: CNSX71A Rochester, MN Internet: seurer+@rchland.vnet.ibm.com