Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sun-barr!olivea!tardis!jms
From: jms@tardis.Tymnet.COM (Joe Smith)
Newsgroups: comp.org.eff.talk
Subject: Re: Prodigy charged with invading users' privacy
Keywords: Prodigy, STAGE.DAT, testing
Message-ID: <1808@tardis.Tymnet.COM>
Date: 6 May 91 21:08:40 GMT
References: <1991May1.215612.2978@ruacad.ac.runet.edu> <1991May2.160352.8928@craycos.com> <1991May6.045004.24145@qualcomm.com> <21151@brahms.udel.edu>
Reply-To: jms@tardis.Tymnet.COM (Joe Smith)
Organization: BT Tymnet, San Jose, CA
Lines: 21

In article <21151@brahms.udel.edu> skymaste@brahms.udel.edu (Paul S Masters) writes:
>All they have to do is place an EOF charactor where there data stops, and have 
>there software respect it. Since they don't implement such a simple solution, 
>then I guess I just have to wonder about there stand on privacy. 

From what I've read of their rebuttal, that is EXACTLY what they are doing.
Near the beginning of the file is a count of bytes that have valid data,
and they say that their software does NOT access anything past that point.

Putting a single EOF character (Control-Z) in a binary file does not prevent
access to the rest of the file.  As long as the blocks are allocated,
they are accessable.

The place where Prodigy goofed is where they pre-allocate the space for
STAGE.DAT.  Before they write any data into the newly created file, they
should have filled all blocks of the file with dummy data, such as ^Z.
-- 
Joe Smith (408)922-6220 | SMTP: jms@tardis.tymnet.com or jms@gemini.tymnet.com
BT Tymnet Tech Services | UUCP: ...!{ames,pyramid}!oliveb!tymix!tardis!jms
PO Box 49019, MS-C51    | BIX: smithjoe | CA license plate: "POPJ P," (PDP-10)
San Jose, CA 95161-9019 | humorous dislaimer: "My Amiga 3000 speaks for me."