Subject: RISKS DIGEST 17.15

Subject: RISKS DIGEST 17.15
REPLY-TO: [email protected]

RISKS-LIST: Risks-Forum Digest Weds 28 May 1995 Volume 17 : Issue 15

FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

>>>>> I'm back on-line for a while. PGN <<<<<
***** See last item for further information, disclaimers, etc. *****

Contents:
Prodigy Held Liable (Dave Banisar)
Stuyvesant High School Hackers (Mich Kabay)
J. Schwartz on Decency and Democracy (Mich Kabay)
Defamation by BBS (Mich Kabay)
Defying pitfalls of a cashless society (Brian Randell)
Flightdeck automation problems (Kenneth Funk)
A slightly more global look at time and date issues (Robert J Horn)
"Calling the Ahperator"(William Newman)
Denial of Service attack on ISP (Simon Lyall)
Drug-Addicted Geniuses Built Cyberspace (Daniel Frankowski)
Re: Positive-Ion Dangers: Computers and stress / depression
(Lindsay F. Marshall, Jonathan I. Kamens)
Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc.

----------------------------------------------------------------------

Date: 26 May 1995 23:12:00 -0400
From: "Dave Banisar" <[email protected]>
Subject: Prodigy Held Liable

A New York state trial court ruled on 24 May 1995 that Prodigy is
responsible for the libelous statements of its users because it exercises
editorial control over their posts. In the case, an anonymous Prodigy user
made statements against New York Investment firm Stratton Oakmont accusing
it of criminal and fraudulent acts. Stratton Oakmont sued Prodigy and the
volunteer moderator of the forum where the statements were published.

The Court found that Prodigy was acting as a publisher and therefore was
responsible for the content of the posts. The Court distinguished the case
from the earlier Cubby v. Compuserve decision, which found that Compuserve
was subject to the standards of a bookstore or library. It that case, the US
District court ruled that Compuserve had no editorial control over the text.
According to the New York state court:

In contrast, here Prodigy has virtually created an
editorial staff of Board Leaders who have the ability to
continually monitor incoming transmissions and in fact do
spend time censoring notes. Indeed, it could be said that
Prodigy's current system of automatic scanning,
guidelines, and Board Leaders may have a chilling effect
on freedom of communications in Cyberspace, and it appears
that this chilling effect is exactly what Prodigy wants,
but for the legal liability that attaches to such censorship.

Let it be clear that this court is in full agreement with
Cubby and Auvil. Computer bulletin boards should generally
be regarded in the same context as bookstores, libraries
and network affiliates...It is Prodigy's own policies,
technology and staffing decisions which have altered the
scenario and mandated the finding that it is a publisher.

The court also attempted to downplay the significance of its
decision on the greater area of electronic networks:

Prodigy's conscious choice, to gain the benefits of editorial
control, has opened it up to greater liability that Compuserve
and other computer networks that make no such choice. For the
record, the fear that this Court's finding of publisher status
for Prodigy will compel all computer networks to abdicate
control of their bulletin boards, incorrectly presumes that
the market will refuse to compensate a network for its
increased control and the resulting increased exposure.

The Court also found that the volunteer "Board Leader" of the Prodigy
Bulletin Board was acting as an agent of the company. The Court found
Prodigy exercised control over the Board Leaders though the the Bulletin
Board Leader Agreement and the actions of Prodigy's employees.

Prodigy has said that it will consider appealing the decision. EPIC has
materials on free speech available at http://epic.org/free_speech/ We will
be making a copy of the decision available in the next few days.

David Banisar Electronic Privacy Information Center 666 Pennsylvania Ave,
SE, Suite 301 Washington, DC 20003 202-544-9240 HTTP://epic.digicash.com/epic

------------------------------

Date: 29 May 95 15:38:14 EDT
From: "Mich Kabay [NCSA Sys_Op]" <[email protected]>
Subject: Stuyvesant High School Hackers

>From the Associated Press news wire via CompuServe's Executive News Service:

Hacker High, by RAYNER PIKE, Associated Press Writer

NEW YORK (AP) -- Some of New York's best and brightest set out
to show that they can rush in where high schoolers are not
supposed to tread -- the computer systems of Ivy League colleges.
They succeeded. Their principal was not amused. Their victims
were not impressed. The systems of Columbia and Princeton, as well
as Bucknell University, were targeted by hackers from the elite
Stuyvesant High School.

Key points:

o Principal said, "No harm was done and none was intended."

o School adding ethics classes to computer courses.

o Bucknell University staff said the hack was a prank and not slick.

o "...students got a couple of Bucknell passwords and used them to
send E-mail. They left one note without removing coding that
tracked the sender back to Stuyvesant, a public school for
academically gifted children."

o Students used one Columbia University ID but no obvious damage.

o Princeton IDs and passwords obtained but apparently not used.

M.E.Kabay,Ph.D. / Dir. Education, Natl Computer Security Assn (Carlisle, PA)

------------------------------

Date: 30 May 95 14:47:07 EDT
From: "Mich Kabay [NCSA Sys_Op]" <[email protected]>
Subject: J. Schwartz on Decency and Democracy

>From the Washington Post news wire via CompuServe's Executive News Service:

WP 05/29 NETWORKINGS

Making the On-Line Community Safe for Decency -- and Democracy
By John Schwartz
Washington Post Staff Writer

Sen. James Exon sounds for all the world like a man who's ready
to make a deal. Sitting in his Capitol office, the Nebraska
Democrat puffs amiably on his pipe and discusses the bill that
has made him anathema to many people in the on-line community,
the Communications Decency Act.

Exon's bill, part of the Senate version of a broad
telecommunications bill, would impose jail terms and fines on
those who create or solicit on-line material that is deemed
"obscene, lewd, lascivious, filthy, or indecent."

Key points:

o Massive opposition from all sectors, including the Dept of Justice.

o "For the record, Exon has no personal experience on-line, but
says he finds the positive uses of the networks exciting."

o Christian Coalition's http://www.cc.org home page has support
for such restrictions.

o Sen. Dianne Feinstein (D-CA) wants to clamp down on anarchist files.

o The author writes:

...a Justice Department memo ... describes the bill as an
enforcement nightmare that would criminalize constitutionally
protected speech. The memo concluded it would clash with other
laws and "hamper the government's ongoing work in stopping the
dissemination of obscenity and child pornography and threaten
law enforcement's continued ability to use court-authorized
wiretaps."

o The Exon bill would make materials which are legally available
in print illegal if obtained online.

o Sen. Patrick J. Leahy (D-VT) proposes to help parents exercise
greater control over their children's access to cyberspace using
technology--"lockout boxes" like devices being made available to
cable-TV subscribers.

o The author quotes Sen. Leahy:

"To say that everyone using the Internet is going to be held
to the standard of my neighbor's 7-year-old child is wrong --
and is going to cripple the Internet," said Leahy....
Overly restrictive legislation, he said, "will make one of
the best free-enterprise experiments a hollow shell."

o The article ends with signposts for further information:

The Exon bill is a hot topic on-line. You can find World Wide
Web sites devoted to the bill at http://www.cdt. org and
http://www.eff.org/pub/ Alerts maintained by the Center for
Democracy and Technology and the Electronic Frontier
Foundation, respectively. Folks whose Internet access is
limited to e-mail can get information by sending a message
to cda-infocdt.org in which the text area is left blank and
the subject line reads send-events. Sending the same message
to cda-statcdt.org will get you the current status of the bill.

M.E.Kabay,Ph.D. / Dir. Education, Natl Computer Security Assn (Carlisle, PA)

------------------------------

Date: 30 May 95 14:47:33 EDT
From: "Mich Kabay [NCSA Sys_Op]" <[email protected]>
Subject: Defamation by BBS

[An example of Level I Information Warfare]

>From the Australian Associated Press news wire via CompuServe's Executive News
Service:

AAP 05/25 1443 QLD: CALL FOR CONTROLS ON DEFAMATION SUPERHIGHWAY

BRISBANE, May 25 AAP - A Labor MP whose name and address were
posted on a computer billboard as the contact for buying stolen
telephone cards, today urged the federal government to legislate
to prevent high tech defamation.

MP Stephen Robertson was cleared of all wrong-doing or involvement in the
scandal after investigation by the Criminal Justice Commission. The MP may
nonetheless have suffered damage to his reputation.

M.E.Kabay,Ph.D. / Dir. Education, Natl Computer Security Assn (Carlisle, PA)

------------------------------

Date: Tue, 30 May 1995 16:55:55 +0100
From: [email protected] (Brian Randell)
Subject: Defying pitfalls of a cashless society

Defying pitfalls of a cashless society
Victor Keegan (The Guardian, Economics Notebook, 30 May 1995)

The kingdom of cash is starting to be attacked in a pincer movement:
from in front, by electronic, or digital, cash, and from behind, by the
growing popularity of the barter system Letts - artificial local currencies
(rather like a baby-sitting points system), which people use instead of
real money to pay each other for services rendered. [...]

The world's central banks -- including the Bank of England -- are beginning
to wake up to the fact that digital money could pose a threat to their
hegemony. This is particularly true of the so-called "electronic purses"
(like Mondex, which Midland Bank and others are pioneering) and, much more
so, the digital (and untraceable) cash being-pioneered by DigiCash, the
Amsterdam-based company. [...] As long as these are issued by banks-like
Midland's Mondex-then it is nothing more than another bank deposit, albeit
in electronic form. [...]

Central banks have been sufficiently worried about the provision of
electronic purses getting into the wrong hands to set up a working group of
the European Monetary Institute. The conclusion was predictable: they are
all right-so long as they are restricted to approved credit institutions
(that is, banks), so that they can be properly monitored.

Enter DigiCash, whose founder, the proselytising David Chaum, wants to
create a digital system which could assume a life of its own. He has even
patented a process whereby a bank or a company could validate a secret
number which could be used as a unit of currency even though the issuing
authority could not trace it.

The place just waiting for such anonymous digital money (which would also be
rather useful for kidnappers and launderers of drug money) is the Internet,
the worldwide electronic cobweb of computer data bases. [...]

Should the Net be provided with its own currency, it would suddenly become
not only a global market place, but a virtual economy as well. It could
become the first economy without a government or even a central bank at the
centre. But if there is no government, no one will pay taxes. [...]

We are not talking science fiction. Mr Chaum has already distributed a
million digitised dollars to 5,000 pioneers taking part in a trial. Their
Cybercash can be spent purchasing goods and services from 50 companies
taking part in the trial.

At the other end of the scale, the growth of Lett schemes is not yet a
problem, if only because most of the schemes are small-scale and the people
involved are probably earning below the threshold at which they would be
required to pay tax. In a typical scheme one member might help another
build a wall, thereby earning himself currency points, to be exchanged for
work by someone else or for buying goods.

If such a scheme went nationwide and electronic (so that the participants
carried their points on a micro-chip on a plastic card), this could quickly
evolve into electronic money effectively outside the control of the banking
system and on which the participants would be reluctant to pay tax. The
transactions might even take place through the Internet.

Of course, central banks will move quickly if they feel their supervisory
role and their divine right to print money is being challenged. The point is
that the financial world is moving into uncharted waters. The change could
be as far-reaching as the transition from metals to money in the last
century.

[What I found interesting was the way this article tied together (hi-tech)
developments related to digital cash and the rise in popularity, at least
here in the UK, of (typically low-tech) barter schemes. BR]

Dept. of Computing Science, University of Newcastle, Newcastle upon Tyne,
NE1 7RU, UK [email protected] +44 191 222 7923

------------------------------

Date: Fri, 19 May 1995 11:09:47 -0700 (PDT)
From: Kenneth Funk <[email protected]>
Subject: Flightdeck automation problems

With a grant from the US Federal Aviation Administration, scientists at
Oregon State University, America West Airlines, and Honeywell have compiled
over 2,300 citations of perceived problems with and concerns about
commercial transport aircraft flightdeck automation. These citations are
summarized in a paper available by anonymous FTP from engr.orst.edu. The
paper (in ASCII) is in /pub/funkk/problems.txt.

Ken Funk, Asst. Prof., Ind. & Mfg. Engr., Oregon State Univ., Corvallis,
OR 97331 503-737-2357 [email protected] FAX: 503-737-5241

[Also forwarded by [email protected] (Jim Horning). PGN]

------------------------------

Date: Sat, 20 May 1995 21:01:45 +0059 (EDT)
From: Robert J Horn <[email protected]>
Subject: A slightly more global look at time and date issues

The date/time discussion illustrates two more global risks related issues.

1) There is a risk from overconfidence and lack of proper analysis when the
subject matter is something you have known "completely" since childhood.
People often get very excited or upset when they realize that there is
significant hidden complexity. Most of us have achieved our full
understanding of time by the age of ten. It has no more mysteries (except
perhaps time zones). Discovering just how much more there is to time and
its measurement is a surprise.

QUIZ: For a more timely example than 18th century calendars, when does
Sunday become Monday? (See below)

2) There is a significant misunderstanding around the relative merits
of integer vs floating point notation in general.

If your real world process can be represented as a finite field mapped onto
the integers, then you can eliminate concerns regarding representation
error. This makes an integer representation attractive because it reduces
your error analysis problem to:

a) Prove that the finite field mapping is correct.

If your application involves division, you don't have a finite field.
You also better be sure that the finite field mapping is understood
the same way by all involved. It can be a big problem if well into
your project you discover that you need additional resolution. So
don't skip this step.

b) Analyze the error characteristics of your algorithms in the
confident knowledge that the errors have been reduced to:

initial error = measurement error, and
results error = numerically propagated measurement errors.

Lots of people seem to think that you can skip the numerical analysis just
because your operations are on a finite field. This is not the case.
Measurement error is still present and it still propagates. I've seen too
many instances where people omit the error analysis because "integer
computations are error free". You may have a finite field, but measurement
error must still be analyzed.

Still, the analysis is simpler and integers are often an excellent
representation for measured data.

With floating point representation, you have different advantages:
a) Much greater dynamic range
b) Much more uniform error characteristics (always present, but
lacking the sudden lurch that occurs when your finite field mapping
fails.)
c) The psychological pressure to analyze errors because some error
is always present.

The difficulty is that your error analysis is harder:

initial error = measurement error + representation error
results error = propagated measurement error +
propagated representation error +
representation error.

This can be more work, although I have found that in most real world
situations the measurement errors have dominated. Usually I could
completely ignore representation error because the measurement errors
were orders of magnitude larger.

Oh, and the answer to the quiz:

It depends upon what part of the world you are in. In some areas,
the day ends at sunset. So during some parts of the year, 1730
(local) Sunday occurs before 1800 (local) Sunday, and in other parts
of the year it occurs after. And you need to know the latitude and
longitude to figure out when sunset occurs. Is it any wonder that
people who care about time quickly end up using UTC for everything.
But this is a lurking trap for the unwary who want to make a properly
internationalized application that allows the use of local time.

R Horn [email protected]

------------------------------

Date: Mon, 22 May 1995 05:53:30 PDT
From: [email protected]
Subject: "Calling the Ahperator"

My attempts to reach the long-distance operator from my Washington DC hotel
instead connected me to a voice-activated interface instructing me to say
"Operator" to get through, but my British pronunciation clearly didn't sound
right. I found I could get through with a phony American "ahperader" but
only on the second attempt, the first attempt always getting a lengthy
recorded apology and a repeat of the (even lengthier) instructions. Out of
frustration, I resorted to dialling the number direct, for which my hotel
charged me $95 for a call that would otherwise have cost $52.

It seems strange to require long-distance callers from DC hotels, many of
whom are presumably foreigners trying to reach overseas, to speak with an
American accent. No alternative means of reaching the operator is offered,
and this could be a source of risk in emergency situations. When I got
through to the supervisor to point this out, she agreed, but said, "You could
have dialled zero instead." Why didn't I think of trying this? But the
recorded instructions say nothing about this option.

William Newman [email protected]

------------------------------

Date: Tue, 23 May 95 09:11 NZST
From: [email protected] (Simon Lyall)
Subject: Denial of Service attack on ISP

The following was posted to a Local (New Zealand) group. Both iprolink and
Cybernet are ISP's servicing the Auckland market and targetting similar
customers. Cybernet was in the papers a few weeks ago after someone there
NFS mounted a disk (read & write) at Auckland University (This disk included
/bin directories according to some reports). The mserve machine is the
workstation of a Cybernet staff member.

>From: Craig Anderson <[email protected]>
Newsgroups: nz.netstatus
Subject: Network Attack Mars Internet Show
Date: 22 May 1995 13:51:29 GMT
Organization: Internet ProLink NZ, Auckland

Last week (15-20 May) Internet ProLink NZ, along with InfoTech Weekly,
TUANZ, Megascreen, Atrium on Elliott, and Dymocks, sponsored a week
long series of free Internet demonstrations at the Atrium in Auckland.

The event was marred by an attack on our system during the first three
days of the show. The intent appears to have been to deny us the use
of our Internet connection during the show.

This posting should serve as a warning to system administrators. Note
that eliminating these types of attacks requires filtering at the site
to whom you are connected, and that similar attacks with the traffic
destined to routers can be difficult to monitor.

Monday:
Thousands of ICMP echo packets each minute from 202.36.227.10
(mserve.cybernet.co.nz) saturate our link in both directions.
These high priority packets almost completely prevent us from
using our link at all.

The packets initially were sent to iprolink.co.nz, but later
to router1.iprolink.co.nz.

The attack lasted approximately two hours from about 2:15 pm and
stopped when we unplugged our link for several minutes.

Tuesday:
ICMP packets sent to our router again completely saturate our
link. Attack begins around noon and ends when the University
of Auckland temporarily disconnects Cybernet's link.

Wednesday:
TCP packets (again from mserve.cybernet.co.nz) were sent to
ports 7, 8, 2, 3, 4, 5, 6, 9, 10, 11, 12, 13, 14, 15, 16, 17,
18, and finally port 19 on iprolink.co.nz, where our outbound
link was saturated with traffic for more than one hour. No
further attacks were seen after Cybernet was contacted by the
University of Auckland.

Our apologies to those who turned up for the show during these attacks
only to find that the Internet link was too slow to be used.

Thanks to the University of Auckland Computer Center staff who did a
tremendous job in helping to monitor and stop this attack.

-Craig

------------------------------

Date: Mon, 22 May 1995 17:49:15 -0500 (CDT)
From: Daniel Frankowski <[email protected]>
Subject: Drug-Addicted Geniuses Built Cyberspace

I have the pleasure of presenting one of the most absurd claims I've read in
the mainstream press in a long time.

In the Minneapolis Star Tribune, Monday, May 22, 1995, on page 10A, yet
another inflammatory article about the Internet appeared, titled
``Cyberstoned''. The article is adapted from Boston Magazine, written by
Stephen Rodrick at Boston Magazine and Vladimir Edelman, a Boston-based
freelance writer.

The point of the article was that there is drug dealing on the net, and that
there are net-specific problems for law enforcement. I agreed with parts of
the article, e.g. that law enforcement needs to learn about the net, that
freedom of information and anonymity make law enforcement more difficult,
etc. The writers give away their position when they report that ``after
Internet zealots howled about the loss of privacy, the fate of the Clipper
chip remains in doubt,'' but I forgive them.

Then they make an absurd pronouncement backed up by scant evidence:

In fact, much of the cyberspace revolution of virtual reality, the
Internet and other high-speed technology burst out of the minds of
computer geniuses spaced out on drugs such as acid and ecstasy. In his
book *Cyberia: Life in the Trenches of Hyperspace*, Douglas Rushkoff
traces the creation of the drug culture's special place on the Internet.

`Developments in the computer industry and on the Internet are being made
by the same people who made the counterculture of the '60s possible.
Those willing to explore hallucinatory dreamlike realms that didn't exist
before -- never-before-navigated turf of consciousness,' Rushkoff says.

I have a master's degree in computer science from the University of
Minnesota, and I read newspapers with regularity if not often. I cannot
recall a single story about the arrest for drug possession of a computer
scientist familiar to me from their academic work. Abramson, Tannenbaum,
Liskov, Stonebraker, Lazowska, not to mention my own professors and numerous
others have all thus far managed to hide their dirty little secret.

The risks? Reporters who are not knowledgeable about computer science.
This risk generalizes easily: lawyers who are not knowledgeable about
computer science, patent clerks, politicians, bureaucrats, ..

If the two quoted paragraphs about "much of the cyberspace revolution"
coming from druggies annoyed you as much as it did me, please email the
Op-Ed page of the Minneapolis Star Tribune at [email protected].
Ptooie!

Dan Frankowski [email protected] http://www.winternet.com/~dfrankow

------------------------------

Date: Mon, 22 May 95 09:58:43 0100
From: "Lindsay F. Marshall" <[email protected]>
Subject: Re: Positive-Ion Dangers: Computers and stress / depression

Using a negative ion source is definitely beneficial, however be careful. I
cannot use an ioniser in my office as whenever it I switch it on I get SCSI
errors that result in me not being able to access the external disc on my
Sun. (Could this be a plot by intelligent silicon to keep the world
depressed?)

Lindsay Dept. of Comp. Science, U of Newcastle, Newcastle upon Tyne, UK NE1
7RU UK +44-191-222-8267 http://catless.ncl.ac.uk/Lindsay.html

------------------------------

Date: Mon, 22 May 1995 14:18:31 -0400
From: "Jonathan I. Kamens" <[email protected]>
Subject: Re: Positive-Ion Dangers: Computers and stress / depression

It appears that PGN was duped in RISKS-17.14 by what one poster in
news.admin.net-abuse.misc calls "the slow spammer." The user who submitted
the message about "positive-ion dangers" was not doing it out of the
goodness of his heart or because he felt it was an appropriate, current
topic for RISKS. He was doing it, I believe, because he sells negative-ion
emitters. He has been slowly spamming his message to many newsgroups for
some time now.

Jonathan Kamens | OpenVision Technologies, Inc. | [email protected]

[... and to think that all these years we have put up with SpammoVision.
There is also some moron who has been spamming usenet readers of
comp.risks. I have no control over that, but apologize anyway. PGN]

------------------------------

Date: 24 March 1995 (LAST-MODIFIED)
From: [email protected]
Subject: Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc.

The RISKS Forum is a moderated digest. Its USENET equivalent is comp.risks.
Undigestifiers are available throughout the Internet, but not from RISKS.

SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) on
your system, if possible and convenient for you. BITNET folks may use a
LISTSERV (e.g., LISTSERV@UGA): SUBSCRIBE RISKS or UNSUBSCRIBE RISKS. U.S.
users on .mil or .gov domains should contact <[email protected]>
(Dennis Rears <[email protected]>). UK subscribers please contact
<[email protected]>. Local redistribution services are
provided at many other sites as well. Check FIRST with your local system or
netnews wizards. If that does not work, THEN please send requests to
<[email protected]> (which is not yet automated). SUBJECT: SUBSCRIBE
or UNSUBSCRIBE; text line (UN)SUBscribe RISKS [address to which RISKS is sent]

CONTRIBUTIONS: to [email protected], with appropriate, substantive Subject:
line, otherwise they may be ignored. Must be relevant, sound, in good taste,
objective, cogent, coherent, concise, and nonrepetitious. Diversity is
welcome, but not personal attacks. PLEASE DO NOT INCLUDE ENTIRE PREVIOUS
MESSAGES in responses to them. Contributions will not be ACKed; the load is
too great. **PLEASE** include your name & legitimate Internet FROM: address,
especially from .UUCP and .BITNET folks. Anonymized mail is not accepted.
ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
Relevant contributions may appear in the RISKS section of regular issues
of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise.
All other reuses of RISKS material should respect stated copyright notices,
and should cite the sources explicitly; as a courtesy, publications using
RISKS material should obtain permission from the contributors.

RISKS can also be read on the web at URL http://catless.ncl.ac.uk/Risks
Individual issues can be accessed using a URL of the form
http://catless.ncl.ac.uk/Risks/VL.IS.html
(Please report any format errors to [email protected])

RISKS ARCHIVES: "ftp unix.sri.com<CR>login anonymous<CR>[YourNetAddress]<CR>
cd risks<CR> or cwd risks<CR>, depending on your particular FTP.
Issue J of volume 17 is in that directory: "get risks-17.J<CR>". For issues
of earlier volumes, "get I/risks-I.J<CR>" (where I=1 to 16, J always TWO
digits) for Vol I Issue j. Vol I summaries in J=00, in both main directory
and I subdirectory; "bye<CR>" I and J are dummy variables here. REMEMBER,
Unix is case sensitive; file names are lower-case only. <CR>=CarriageReturn;
UNIX.SRI.COM = [128.18.30.66]; FTPs may differ; Unix prompts for username and
password. Also ftp [email protected]. WAIS repository exists at
server.wais.com [192.216.46.98], with DB=RISK (E-mail [email protected] for info)
or visit the web wais URL http://www.wais.com/ .
Management Analytics Searcher Services (1st item) under http://all.net:8080/
also contains RISKS search services, courtesy of Fred Cohen. Use wisely.

------------------------------

End of RISKS-FORUM Digest 17.15
************************