home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
DP Tool Club 15
/
CD_ASCQ_15_070894.iso
/
vrac
/
ei_up3.zip
/
EI-UP3.EFF
next >
Wrap
Text File
|
1994-06-18
|
43KB
|
922 lines
EVERYBODY'S INTERNET UPDATE
(formerly the Big Dummy Update)
====================
Number 3 - June, 1994
------------------------------------------------------------------------------
An online publication of the Electronic Frontier Foundation
------------------------------------------------------------------------------
At long last, here it is! If it wasn't one thing, it was another. You'll
note the new name. IDG Books, which has a whole series of "Dummies" guides
("DOS for Dummies," etc.), got increasingly upset with our use of the word
"Dummy." Since they were first, our name had to go, which caused a delay
in getting this out (not to mention the printed version of the guide
itself, appearing soon on a bookstore shelf near you), since we had to come
up with a new name. Then there was the root canal gone bad and, well, you
don't want to hear about it. In any case, what all this means is that from
now on, this Update is officially Everybody's Internet Update. The original
guide itself will be called Everybody's Guide to the Internet in the printed
version and EFF's Guide to the Internet in the online version. See the
Contact Info section below for how to obtain the latest copy of the online
guide and back issues of the Updates.
As always, comments and suggestions are most welcome! You'll find my e-
mail address in the Contact Info section (fortunately, *that* hasn't
changed).
-- Adam Gaffin
CONTENTS:
1. Privacy on the Internet
1.1 Online envelopes
1.2 The keys to protection
1.3 Sealing the envelope with Pretty Good Privacy
1.4 Trust and digital signatures
1.5 A word about credit cards
1.6 The government steps in
1.7 Anonymity on the Net
1.8 Anon caveats
1.9 FYI
2. File transfers, part II
2.1 From mailbox to you
2.2 Sinking your teeth into gopher files
2.3 Uploading files
2.4 Talking MIME
2.5 When things go wrong
3. Haven't I seen you before? Mass mailings infest Usenet
4. Addressing an e-mail problem
5. Online urban legends: another one
6. Faxing gets easier
7. Public-access sites
8. Services of the month
8.1 News of the World
8.2 Mailing lists
8.3 World-Wide Web
8.4 Gopher
8.5 Telnet
8.6 FTP
9. Errata/Updates
10. Contact Info
1. PRIVACY ON THE INTERNET
1.1 ONLINE ENVELOPES
When you drop a letter in the slot of a mailbox, chances are you don't
worry too much about somebody opening the envelope and reading your letter
before it gets to your recipient. But if you go on vacation and dash off
a quick postcard, you assume that everybody along the line, from the
mailman to the person who sorts the mail at work is going to read what you
wrote.
Internet e-mail today is more akin to a postcard than a letter. Chances
are that nobody is reading your messages before they get to your
correspondents -- if for no other reason than trying to read that flood of
mail would tire even the strongest set of eyes. But there's little to
stop somebody who wants to from reading your e-mail -- an Internet message
consists of simple ASCII text that is as easily readable as that postcard.
The issue of e-mail privacy has become a more important one in recent
years, as the Internet moves from a convenience to a necessity for growing
numbers of people. The idea that your e-mail *could* be read by others is
potentially unsettling enough -- Americans and many other people have a
constitutional right to privacy. And would you buy something from an
online merchant if that meant sending your credit-card information via e-
mail?
What we need then, is the online equivalent of a postal envelope --
something that will keep prying eyes away from your messages. That
equivalent is encryption: transforming your ASCII characters into seeming
gibberish that only your recipient can translate.
1.2 THE KEYS TO PROTECTION
If you're of a certain age, you remember decoder rings (maybe you even got
them with your cereal). If you wanted to send somebody a secret message,
you used the ring to come up with replacement characters for the actual
letters on paper. Then, at the other end, your recipient used an
identical decoder ring to translate the characters back into your message.
That's essentially how classic encryption works. It's great for kids and
secret agents, not so great for people who use a worldwide computer
network. For how do you get the "decoder ring" (or more technically: the
key) to the person at the other end? If you send it to her, you have to
do it over the network, which means somebody could intercept your
encryption key and so be able to read any messages you might send over the
network.
Enter public-key cryptography. In this system, you have two keys -- one
public and one private. The public key, available to anybody, lets a
person encrypt a message meant for you. But only the private key, the one
that you hold, can then decrypt the message. Even the person who wrote
the original message cannot decrypt the message once it's been encrypted.
The encryption is based on a complex mathematical formula that,
theoretically, would take even a giant mainframe thousands, if not
millions of years to figure out. What this means is that you can now send
a private message over a public network -- because only the recipient has
the means to decode it. A growing number of commercial applications, for
example, Lotus Development Corp.'s Notes groupware package, use public-key
cryptography to ensure the privacy of messages. You'll sometimes see the
letters RSA used in connection with this form of encryption. It comes
from Rivest, Shamir and Adelson, the three people who came up with the
mathematical formulas used in the process.
1.3 SEALING THE ENVELOPE WITH PGP
Actually using a public-key encryption system is a lot like using uuencode
and uudecode to send binary files via Internet e-mail. Basically, you
write your message, encrypt it, and then send it via e-mail. Unlike
uuencode and many other Internet programs, which you can run on your
public-access site, however, encryption and decryption are things you'll
want to do on your own personal computer. This is because you'll want to
keep your private key, well, private, and the only way to ensure that is
to keep it only on your very own machine.
Pretty Good Privacy (PGP), invented by Philip Zimmermann, has quickly
become the most popular, widely available public-key system, partly
because it works, partly because it's free, so we'll look at how it works.
Before we do, though, there's an important caveat. The most recent
version of the software (version 2.6, released in late May) is legally
available only to U.S. residents and is not supposed to be exported to
other countries (because of U.S. laws relating to the export of munitions,
which, for some reason, have been extended to encryption programs).
Further, the software in PGP 2.6 has been designed so that, after Sept.
1, 1994, earlier versions of PGP will be unable to decrypt messages
encrypted with version 2.6 (this is to resolve some patent issues between
Zimmermann and the people who hold the actual RSA patent).
Americans who want to get a copy of version 2.6 (currently available for
MS-DOS and Unix machines, with a Macintosh version under development)
have to go through a little treasure hunt. First, use anonymous ftp or
ncftp to connect to net-dist.mit.edu. Use cd to switch to the pub/PGP
directory and get two files: rsalicen.txt and mitlicen.txt. These explain
the limitations on the software (for example, it is only for non-
commercial use). Then, use telnet to connect back to net-dist.mit.edu.
Log on as:
getpgp
You'll then be asked a series of questions designed to ensure that you
really are an American and plan only to use the software for non-
commercial purposes. Then, finally, you'll be told the hidden ftp
directory where you'll find the software. The site is run by MIT, which
says it has designed it so that only people using American sites will be
able to get in.
In a word: Phew!
Now, that having been said, version 2.6 has already found its way outside
of the U.S., and both it, and a compatible version called version 2.6ui,
can be found on several Gopher and ftp sites outside the U.S. (for
example, the ftp site ftp.demon.co.uk in the pub/pgp directory).
Assuming you have an MS-DOS computer, in either the U.S. or foreign case,
you'll want to get the files in the directory that end in .zip. Once you
download and unpack the software (it's compressed with PKZIP), the first
thing you want to do is read the documentation. Even if you're one of
those people who toss documentation on the floor, you'll really want to
read the docs with PGP. Zimmermann not only provides a lucid and
comprehensive set of directions for using the software, but a good basic
discussion of the various political and social issues related to
encryption.
After you've read the documentation, it's time to create your public and
private keys. In the MS-DOS version, you do this by issuing the following
command at your command prompt:
pgp -ka
(all PGP commands are issued this way). PGP relies on time stamping to
help authenticate messages (more on why you need authentication in a
bit). If you didn't set a time variable in your autoexec.bat file, you'll
get a warning message (which should remind you to go read Zimmermann's
directions on how to do this). Then, you follow a series of simple
prompts (for example, you'll be asked how strong an encryption you want).
Finally, the software gets ready to generate your unique keys. You'll be
asked to type a series of random characters. PGP keeps track of the amount
of time between each key you hit and uses that to help generate a unique
set of keys for you. You'll also be asked for a password to use with your
secret key, just in case it falls into the wrong hands.
So now you have keys. Now what?
Recall that the basic premise behind public-key encryption is that you use
somebody else's public key to send them a message. So the first step is to
ask them for their public key. Because it's basically a series of
characters, they can send it to you via e-mail . Once you have that, PGP
lets you set up a "key ring" of all your correspondent's keys.
When you use PGP on a message to somebody whose public key you have, PGP
encrypts the message and appends a copy of the public key. It's somewhat
similar to uuencoding a message:
pgp -e docu.txt Fred
would encrypt a file called "docu.txt" to your friend Fred (assuming he's
in your public key ring) and create a new file called docu.pgp, which is
the encrypted message. Assuming you're sending the file via Internet e-
mail (as opposed to, say, handing it to him on a disk, you'll need to add
an -a flag, which lets PGP know that it should "translate" the encrypted
message into a series of ASCII characters, like this:
pgp -ea docu.txt Fred
You can now upload this resulting .pgp file to your public-access site and
then insert in an e-mail message to your friend (see section 2.3 below for
more information on uploading files to a public-access site). One bonus of
PGP encryption is that the message is compressed at the same time it's
encrypted, reducing the amount of time it takes to up/download it.
1.4. TRUST AND DIGITAL SIGNATURES
All of this sounds great, how do you know that the public key in your key
ring is really from Fred and not from, say, Devious System Administrator
Sam, who substituted his own key for Fred's?
The most obvious way is if Fred personally hands you a diskette with his
public key on it, which you then load onto your computer. But this will
not always be practical on an international network. As Zimmermann
explains in his documentation, tultimately, it all gets down to a matter
of trust. What if Bob, whom you trust, gives you a key that he says is
from Fred? Can you trust that it is really Fred's key? There are now
several public-key servers, on which you can download somebody's public
key, but again, the question is whether you can trust these servers.
A related issue is how you can verify whether an e-mail message or Usenet
posting really comes from the person whose name is in the "return" field
in the message header.
That's where digital signatures come in.
PGP lets you embed a unique "signature" in your outbound messages that
could only be generated by your secret key. This lets you prove to
others that you really did or did not send a given message. In addition
the the signature function in PGP, you may also see references to Privacy
Enhanced Mail. This is an Internet digital-signature standard that has
gained considerable currency. Like PGP, it provides a signature. Unlike
PGP, however, it does not need to be part of an encryption system -- if
all you're doing is filling out an order form for something, you may only
want to prove to the recipient who you are, but not care who sees the form
itself.
1.5 A WORD ABOUT CREDIT CARDS
There are now several commercial services on the Net that let you order
their products online, by sending them your credit card numbers in e-mail.
Good idea? The proprietors of these services argue that e-mail is at
least as secure as the counter at your favorite local restaurant, where
you don't think twice about having your credit information imprinted on a
fairly accessibly carbon form.
The difference, however, is that it's relatively hard to get that
information distributed -- and who wants to dive through dumpsters to find
discarded carbons (although that has been done). On the Internet, your
credit information can be quickly distributed worldwide with a few
keystrokes.
Such concerns have helped hold up the development of on-line "malls" on
the Net. Work, however, is being done to overcome this. CommerceNet, a
$12 million Internet joint effort by several U.S. government agencies and
private companies in the Silicon Valley area, will be built around order
forms that use a relative of the encryption offered in PGP. This way,
when you fill out an order form, it will be instantly encrypted before
being shipped to a CommerceNet vendor. Couple this with a digital-
signature standard such as PEM and the result could be the growth of
electronic commerce on the Net.
1.6 THE GOVERNMENT STEPS IN
The Clinton Administration currently has proposals for establishing an
encryption system developed by the National Security Agency as a national
standard. Administration officials argue that as more and more
communications become transmitted in digital form, a system is needed to
protect them from eavesdropping.
At the same time, however, the government proposal calls for creation of
"escrow" databases that would hold the keys to decrypting any
communications encrypted with this NSA system, known generically as the
Clipper chip (the mathematical encryption formulas, officially government
secrets, would be embedded in chips to make reverse engineering of them
more difficult). Under the administration plan, each chip would have its
keys stored in two separate databases, administered by two separate
federal agencies. If a government official wanted to listen in on a given
data link, he would have to go to court (as under current wiretap laws) to
gain access to these keys.
That, at least, is the theory. A coalition of civil-liberties groups
(including the EFF), computer companies and others have united to oppose
the plan. A key concern is the ease with which government agents could
gain access to the keys (those with long memories recall the ease with
which the FBI impinged on the civil rights of Americans citizens in the
1950s and 1960s). Given that the government has said repeatedly it will
not outlaw private encyrption systems, the net effect could be to create a
civil-liberties risk for law-abiding citizens while criminals simply use
other encryption systems to avoid government eavesdropping. U.S.
companies argue that Clipper could harm the competitiveness of U.S.
telecommunications and computer products in the world market -- what
foreign government would let their citizens use products to which the U.S.
government holds the keys?
1.7 ANONYMITY ON THE NET
There are times when you might want to participate in a Usenet
discussion or send e-mail without letting recipients know who you are.
Say you're the victim of abuse and want to discuss that subject. Or
you work for a software company that's releasing buggy software and
you want the world to know. Or you like discussing intimate sexual
practices but would just as soon not have your
boss/friends/significant other find out.
Several "anon" servers around the world can give you the anonymity you
want. Probably the best known is anon.penet.fi, run by Johan
Helsingius (better known on the Net as Julf), of Espoo, Finland, so
let's take a look at how it works.
The basic principal is simple. A database at anon.penet.fi assigns
you a dummy name. Then, every time you send e-mail or a Usenet
posting through the site, this dummy name is substituted for your real
name and e-mail address before the message is forwarded. The software
even knows how to look for standard .signature files (i.e., anything
after "--" at the bottom of a message) and strips those out.
You get assigned your "anon" address the first time you send e-mail or
a posting through the site. It will look like something like this:
an12345@anon.penet.fi. Any e-mail or postings you route through the site
will have that return address. Any replies or messages you get
will be routed to your real address. One twist is that replies will also
be "anonymized" so you will have no way of knowing who the other person
is unless he tells you within his message.
Posting to a Usenet group is the easiest part of using the system.
Compose an e-mail message containing your posting and send it to
newsgroupname@anon.penet.fi, for example:
alt.sex.hamster.duct-tape@anon.penet.fi
You can only post to the newsgroups the server itself gets, so that
might rule out postings in some regional newsgroups.
Sending e-mail anonymous is a little trickier, because of the mechanics
of Internet e-mail. The first thing you want to do is to give yourself a
password on anon.penet.fi (to help defeat any crackers who might try to
use your address). Compose an e-mail message to
password@anon.penet.fi
You can leave the "subject:" line blank. Then, as the message, write
whatever sequence of letters and numerals you want as a password. Once
you get confirmation back from the anon server that you have a password,
you're ready to go. If you really don't want a password, write to
password@anon.penet.fi, only instead of sending a password, write: none).
Now start a message to anon@anon.penet.fi, rather than the person you're
really trying to reach. Fill in the "subject:" line with the real
subject of the message. Here comes the tricky part -- you'll have to put
a couple of odd lines in your message header. The easiest way to do this
is to write, as the very first two lines of your message:
X-Anon-To: user@site.name
X-Password: yourpassword
substituting the real e-mail address you're trying to reach and your real
anon password, of course. Follow these two lines by a blank line and
then your actual message (the blank line is important). If you've told
the password database you don't want a password, you don't need an X-
Password line.
You can also use the X-Anon-To line for cross-posting to several Usenet
newsgroups at once (the method shown earlier only works for one group at
a time). Instead of an e-mail address, write the names of the newsgroups
to which you want to post, separated by a comma (but not a space), for
example:
X-Anon-To: misc.test,alt.test,ne.test
If you have set yourself up with a password on the anon server, you'll
need to include an X-Password line as well.
1.8 ANON CAVEATS
Helsingius' server has proven very popular, so it could take several
hours for your messages to be processed and transmitted.
In his help file about the system, Helsingius writes: "If you intend
to mail/post something that might cost you your job or marriage or
inheritance, _please_ send a test message first. The software has been
pretty well tested, but some mailers on the way (and out of my
control) screw things up." You can post test messages to your heart's
content in the misc.test and alt.test newsgroups.
Can the system be cracked? Helsingius admits that's a possibility.
Password-protecting your messages only works if the messages get to
Finland first. If, for some reason, your message is mis-routed or bounced
somewhere, it could wind up being read (all the more reason to use the
methods discussed above to encrypt private messages).
And there is a "societal" risk to using an anonymous server. Some
people will automatically discount anything that is said in an
anonymous Usenet posting. Some people have even gone so far as to
propose software methods to automatically delete any postings -- on
virtually every Usenet site -- that come from an anon server.
Conversely, Helsingius doesn't want the system to become a haven for
net.abuse by people hiding behind anonymity. He can and does respond to
complaints about such behavior.
1.9 FYI:
Gary Edstrom maintains a five-part "Frequently Asked Questions" series on
PGP and related issues (as well as a list of public key servers). You can
find it posted in the news.answers or alt.security.pgp newsgroups in
Usenet. The latter newsgroup is an excellent source of information on the
latest happenings with PGP. You can also find the FAQ on the ftp site
rtfm.mit.edu. Look in the pub/usenet-by-group/alt-security-pgp directory.
The newsgroup sci.crypt is where you'd go for more technically oriented
discussions on cryptography and encryption, as well as where you'll find
FAQs on public-key cryptography and Internet privacy. Again, many of
these files will be available via ftp or ncftp at rtfm.mit.edu, this time
in the pub/usenet-by-group/sci-crypt directory.
To discuss the ramifications of the Clipper chip, try the
alt.privacy.clipper, comp.org.eff.talk and comp.org.cpsr newsgroups.
EFF's Gopher site (gopher.eff.org) and ftp site (ftp.eff.org) have
extensive collections of documents on issues related to encryption,
online privacy, government actions, etc. On the Gopher server in
particular, simple browsing will yield a large number of interesting
documents.
You can maintain complete instructions for using anon.penet.fi by sending
an e-mail message to help@anon.penet.fi. The system responds
automatically, so it doesn't matter what you write. If you want the
instructions in German, write to deutsch@anon.penet.fi.
There are a number of anon servers besides anon.penet.fi. You can get a
copy of Matthew Ghio's anon list and directions for using these servers by
sending e-mail to mg5n+remailers@andrew.cmu.edu. This address
automatically responds with a copy of the list, so you can write anything
at all.
The Usenet newsgroups alt.privacy.anon-server and alt.anonymous are where
you can discuss anon servers as well as read news about new servers.
2 FILE TRANSFERS, PART II
2.1 FROM MAILBOX TO YOU
Say somebody sends you an e-mail message that you want to transfer to
your own computer. Assuming you're connected to a Unix public-access
site, and that the message is straight ASCII, you have a couple of
options.
The quick and dirty way is to start your computer's screen-capture or
logging function before you open the message. Then call up the message
and, when done, stop the logging, and the file's saved to your computer.
That method's good if you only want to transfer one message. But what if
you want to save several messages to a single file (a bunch of items from
a mailing list, say)? Then you might want to save them to a file on your
public-access site first and then download that.
If you use the Pine mail program, open up the message and then hit your e
key. You'll be asked to enter a file name in your home directory. Once
done, go to the next message and repeat the process. When finished,
you'll have a single large file in your home directory for downloading.
Note that when you do this, Pine will mark the message for deletion, so
if you want to keep it in your mailbox (to reply, perhaps), answer N when
you exit Pine and are asked if you want to delete the marked files.
If you use Elm, instead, hit your s key, either within the message or
with the cursor on its entry in the message menu. You'll get something
that looks like this:
=jdoe
which comes from the e-mail address of the sender. If you hit enter,
you'll save the message to a file called jdoe in your Mail directory. If
you want to save it to a differently named file in your home directory,
hit your backspace key once and then type in the file name you want (but
without the equal sign). As in Pine, the messages will be marked for
deletion, so keep that in mind if you want to retain them in your
mailbox.
In either case, you can now download the file using the comands discussed
in the Big Dummy Update No. 2.
2.2 SINKING YOUR TEETH INTO GOPHER FILES.
Gopher has a similar mechanism for saving files to your home directory.
When you want to save a document or file from a Gopher menu to your home
directory, hit your s key with the cursor on the item you want. You'll
be given a default file name. You can hit enter or backspace over that
name if you want to use something else (Note: if the name is more than a
line long, which could cause problems if you download it to certain
types of computers, you may not be able to back space all the way back.
If so, open up the document and e-mail it to yourself and then save it to
a file).
There is one important difference between saving messages from Pine and
Elm and saving Gopher documents. Unlike the mail programs, Gopher does
not append files to the end of an existing file; instead, it overwrites
them. So say there are three documents in a Gopher directory you want.
Make sure to save them to differently named files.
2.3 UPLOADING FILES
If you want to upload files to a Unix public-access site, you'll have to
let both that computer and your own know that you're about to transfer a
file. First let the public-access site know it's about to get a file. To
do that for a Zmodem transfer, type
rz
at your command prompt and hit enter. Then do whatever you have to on
your end to upload a file via Zmodem. The similar commands for Xmodem
and Ymodem are rx and rb, respectively.
As with downloading files, you can, in many cases, have the two computers
automatically adjust the line endings of ASCII files during the transfer,
by adding an -a flag, for example:
rz -a
2.4 TALKING MIME
In Chapter 9 of Everybody's Guide to the Internet (formerly, the Big
Dummy's Guide to the Internet), you saw how to use programs called uuencode
and uudecode to e-mail binary files (spreadsheets, graphics and the like).
It works, but it's a clumsy process. The past couple of years,
though, have seen the development of the Multi-purpose Internet Mail
Extensions (MIME), which make e-mailing these files very easy.
If you use an e-mail program such as cc:Mail or Microsoft Mail at work,
or if you dial into bulletin-board systems, then you're used to the idea
of file attachments -- you write a message, and then tell the computer
you want to attach a file. MIME is essentially the Internet equivalent.
The one caveat is that your recipient also has to have a MIME-enabled
mail program; otherwise you could run into problems (and in that case,
you'll have to fall back on uuencode).
Probably the best way to use MIME on a Unix public-access site is with
Pine -- it makes it very easy. Let's say you've just uploaded a graphics
file that you want to mail to a friend. Call up Pine and start a message
to your friend. With the cursor still in the header area (i.e., the area
where you put in his e-mail address), hit control-J. You'll be asked for
the name of the file you want to attach. Type in its name (or path if you
put it somewhere besides your home directory) and that's it! You can now
compose a message to your friend and then send it off as you would
normally (only now it will come with an attached file).
Assuming your recipient also uses Pine, when he gets your message, one of
his options will be to hit control-V. If he hits that, he'll be asked if
he wants to view or save the attached file. Assuming it's a binary file,
he should hit his s key and then type in the name of the file under which
to save the attachment. When he exits Pine, he can then download the file
-- without the muss of first uudecoding it.
A number of companies now sell software that lets users of proprietary e-
mail systems send and receive MIME attachments. So if you plan on
exchaning binary files with somebody on one of these systems (our friend,
the cc:Mail user, for example) -- ask if her system can accept MIME
attachments. It will make life a lot easier for both of you.
3. HAVEN'T I SEEN YOU BEFORE? MASS MAILINGS INFEST USENET
All that "Information Superhighway" hype is beginning to take its toll on
increasingly weary net.denizens. Recent months have seen growing
infestations of mass mailings on the Usenet, and there are no signs of
them slowing down. Couple that with a steady increase in junk e-mail (in
recent weeks, your faithful Dummy has gotten unsolicited ads urging him
to do everything from hire a private investigator to buy genuine Soviet-
era rubles) and you can understand why some people are getting a little
cranky.
Usenet has always had people who would post large numbers of messages to
totally inappropriate newsgroups. Collge students, for example,
sometimes think that the rest of the world cares about their tuition
increases. But they tended to do this in as appropriate a manner as they
could, by "cross-posting," which means each site gets only one copy of
their message, and which means that readers generally only get to see the
message once.
Now what we are seeing is people who post large volumes of messages, one
at a time, to several thousand Usenet newsgroups and Internet and Bitnet
mailing lists. This can mean tremendous increases in the load on
individual Internet sites (one fellow who did this in January to proclaim
the imminent end of the world was responsible for sites getting hit with
6 megabytes of postings all at once) and means that you will see the same
exact message in every single newsgroup you read.
A law firm in Phoenix, Arizona pulled this stunt in April to advertise
its alleged expertise in immigration law. Do you read alt.sewing? You saw
their ad. Are you only interested in the New England issues discussed in
ne.general? You saw their ad. Looking for some anti-Bill Gates rants in
alt.fan.bill-gates? Guess what you saw. The law firm repeated the
posting, albeit in fewer newsgroups, in June.
So what to do? One of the great things about the Net is how easy it is
to fight back. In less than 24 hours, that law firm, and the site they
used to post their ad, received some 200 megabytes worth of protests,
enough to crash the public-access site several times (which in a way was
too bad, since that site's administrators quickly pulled the lawyer's
account for such a gross violation of netiquette). When you see something
like this, just hit your 'r' key and respond, politely of course, that you
don't feel Usenet is the place for junk mail. You won't be alone --
thousands of other people will join you in sending these protest messages
(unfortunately, there's no guaranteee it will work -- the lawyers said
they would repeat their escapade in a second because online advertising
has resulted in many new clients).
One thing you shouldn't do is to post your response in Usenet newsgroups.
All you'll be doing is creating more of a mess for others to wade
through. If you want to discuss such "spamming" (from the way the pink
luncheon meat spatters when thrown against a wall), the place to do it is
alt.current-events.net-abuse, which was set up after the attack of the
lawyers.
Now, in the future, there's a chance you may actually see fewer of these
types of postings. An informal network of "spam" watchers (widespread
posting is known as "spamming" from the way, like the original luncheon
meat, these things can get spattered all over) have devised ways to delete
these mass postings from sites around the world. Now some have argued
that, while such mass "cancelling" may be good in these early cases, who's
to stop somebody from doing something similar to non-spam messages he
finds offensive? It's an issue that will likely come up again and again,
in newsgroups such as alt.current-events.net-abuse.
4. ADDRESSING AN E-MAIL PROBLEM
Another word of e-mail advice: be careful when addressing your messages.
adamg@world.std.com is not the same person as adam@world.std.com. A
single missing letter can send your message to the wrong person -- or into
the ether.
5. ONLINE URBAN LEGENDS: ANOTHER ONE
Sooner or later, you'll run into the infamous Dave Rhodes MAKE.MONEY.FAST
letter on Usenet. And not long after, you'll run into a message about
Nieman-Marcus or Mrs. Fields or the Waldorf-Astoria having their secret
cake/cookie recipe divulged by somebody upset at getting billed a large
sum of money for a copy. Wrong, wrong, wrong. None of these
establishments have ever done such a thing (and there is no such
concoction as Waldorf Red Velvet Cake, at least not served at the
Waldorf-Astoria). But for what it's worth, here's the alleged Nieman-
Marcus/Mrs. Fields secret cookie recipe:
2 cups butter 4 cups flour
2 tsp. soda 2 cups sugar
5 cups blended oatmeal** 24 oz. chocolate chips
2 cups brown sugar 1 tsp. salt
1 8 oz. Hershey Bar (grated) 4 eggs
2 tsp. baking powder 3 cups chopped nuts
2 tsp. vanilla (your choice)
Cream the butter and both sugars.
Add eggs and vanilla; mix together with flour, oatmeal, salt,
baking powder, and soda.
Add chocolate chips, Hershey Bar and nuts.
Roll into balls and place two inches apart on a cookie sheet.
Bake for 10 minutes at 375 degrees. Makes 112 cookies.
** measure oatmeal and blend in a blender to a fine powder.
6. FAXING GETS EASIER
TPC, the folks who run the free Internet-to-fax gateways, recently made it
a lot easier to send e-mail to fax machines. You may recall from Update 2
how you had to do a lot of fooling around with the phone number to
translate it into a valid Internet address. Now, you don't have to.
Here's a sample address, for a fax machine with a phone number of 1 (212)
555-1234:
remote-printer.John_Doe/5th_floor@12125551234.iddd.tpc.int
Note that you have to start the number with the country's international
dialing code. And remember how TPC does not reach every single part of
the world. To get a list of covered areas, send e-mail to
tpc-coverage@town.hall.org. Also please note that Digital Chicken, the
Ontario fax service mentioned in Update 2, has stopped offering its free
Ontario fax service.
7. PUBLIC-ACCESS SITES
ILLINOIS
Chicago. WorldWide Access, (312) 282-8605. Charges: $19.50 a
month; $25 a month for SLIP/PPP access. Voice number: (708) 367-1870.
Vernon Hills. WorldWide Access, (708) 367-1871. Charges: $19.50 a
month;$25/month for SLIP/PP access. Voice number: (708) 367-1870.
AUSTRALIA
Canberra. InterConnect Australia. $95 set-up fee; $20 a month
plus 15 cents a minute, $1 per megabyte of FTP'ed files. For dial-in
numbers call one of their voice numbers: 008 818 262 or 03 528 2239.
NEW SOUTH WALES
Sydney. InterConnect Australia. See under Canberra.
Sydney. DIALix Services, (02) 948-6918, log in as: guest. $80 a year
minimum; 1 cent a minute plus 1 cent per every 1,000 bytes of Internet
traffic.
QUEENSLAND
Brisbane. InterConnect Australia. See under Canberra.
SOUTH AUSTRALIA
Adelaide. InterConnect Australia. See under Canberra.
Adelaide. APANA, (08) 373-5485, log in as: guest. $65 a year.
VICTORIA
Melbourne. InterConnect Australia. See under Canberra.
WESTERN AUSTRALIA
Perth. InterConnect Australia. See under Canberra.
Perth. DIALix Services, (09) 244-3233, log in as: guest. $80 annual
minimum fee; 1 cent per minute and 1 cent per 1,000 bytes Internet
traffic.
7.2 FYI:
The Australian sites listed this month come from a list maintained by Zik
Saleeba. You can get the most current version of the list (which also
includes information on sites that provide e-mail and Usenet access) via
ftp/ncftp and World-Wide Web.
For the former, connect to archie.au. Look in the
usenet/FAQs/alt.internet.access.wanted directory for
Network_Access_in_Australia_FAQ file. For the former, point your Web client
at http://www.cs.monash.edu.au/~zik/netfaq.html
8. SERVICES OF THE MONTH
8.1 NEWS OF THE WORLD
Norwaves is a weekly summary of news accounts from Norwegian newspapers,
compiled by the Norwegian Ministry of Foreign Affairs. To subscribe,
send an e-mail message to
listserv@nki.no
Leave the "subject:" line blank. As your message, write:
SUBSCRIBE NORWAVES Your Name
8.2 MAILING LISTS
ESAPRESS is a mailing list to distribute press releases from the European
Space Agency. To subscribe, send an e-mail message to
listserv@esoc.bitnet
Leave the "subject:" line blank, and as your message, write
SUB ESAPRESS Your Name
Bits and Bytes is a monthly compendium of news and views about the
computer industry, compiled by Jay Machado. To subscribe, send e-mail to
listserv@acad1.dana.edu
Leave the "subject:" line blank, and as your message, write
SUBSCRIBE bits-n-bytes
8.3 WORLD-WIDE WEB
CHINA
http://www.ihep.ac.cn:3000/ihep.html. This is the People's Republic's
first Internet connection, run by the Institute for High Energy Physics
in Beijing. The first page on this server has information about the
institute, how to find the e-mail addresses of Chinese scientists and the
like. Go down further for the China Home Page, where you'll find such
things as information about Chinese provinces (under "Chinese Regional
Information") and the addresses and phone numbers of foreign companies in
Beijing.
EATS
http://www.osf.org:8001/boston-food/boston-food.html. If you're hungry
and headed for Boston, check out Ellis Cohen's reviews and news of
some 500 Boston-area restaurants. Reviews are listed by both type of
cuisine and by location.
http://gsb.stanford.edu/goodlife/home.html The Guide to the Good Life
maintains a similar listing of restaurants south of San Francisco.
FINANCES
http://nearnet.gnn.com/gnn/meta/finance/index.html The Global Network
Navigator's newest "meta-center" is a collection of documents and
information links about personal finances.
ROTARY
http://www.tecc.co.uk/public/PaulHarris/ Look here for more information
than you'd ever thought you'd need about the worldwide organization.
8.4 GOPHER
BLACK STUDIES
umslvma.umsl.edu From the main menu, select "Library," "Subjects"
and then "Black Studies." You'll find a variety
of documents and directories on the black
experience in the U.S., as well as pointers to
other gophers related to black studies.
LAW
wld.westlaw.com Westlaw's Legal Directory lets you search for
information about thousands of law firms and
government agencies across the U.S.
8.5 TELNET
GOVERNMENT
cap.gwu.edu The General Accounting Office, the watchdog
agency of the U.S. Congress, now publishes
daily electronic information about its reports
(you can then order the full reports for a
fee). When you connect to this site, log on as
guest
with a password of
visitor
At the main menu, type: go gao
MUSIC
cdconnection.com This site lets you buy CDs online.
8.6 FTP
TRAVEL
ftp.cc.umanitoba.ca The rec-travel directory contains a collection
of travelogues and guides, organized geographically.
The online-info file, updated by Brian Lucas,
is a listing of other travel-related resources
available on the Internet.
9. ERRATA/UPDATES
The ftp path given in Big Dummy Update 2 for Arthur McGee's
listings of black and African Internet resources was wrong
(because of a certain Big Dummy Update's editor's painful
relationship with his keyboard). The correct citation should be:
ftp.netcom.com Look in the pub/amcgee/african/my_african_related_lists
The address given for the Tico Times in Costa Rica in Chapter 10 of the
book is wrong. It should be ttimes@huracan.cr.
------------------------------------------------------------------------------
10. CONTACT INFO
Everybody's Internet Update is published monthly by the Electronic Frontier
Foundation. Current and back copies are available by anonymous ftp at
ftp.eff.org in the pub/Net_info/EFF_Net_Guide/Updates directory; by gopher at
gopher.eff.org (select Net Info, then EFF Net Guide, then Updates); and
by WWW at http://www.eff.org/pub/Net_info/EFF_Net_Guide/Updates/
To obtain a copy of the entire EFF Guide to the Internet, use anonymous
ftp or ncftp to connect to ftp.eff.org and look in the
/pub/Net_info/EFF_Net_Guide directory, or use gopher to connect to
gopher.eff.org and then select Net Info and then EFF Net Guide. You'll
find several versions for different types of computers. The file
netguide.eff is the generic ASCII version.
For general information on the Electronic Frontier Foundation, send an e-
mail message to info@eff.org. To ask a specific question, write
ask@eff.org. To reach Adam Gaffin, write adamg@world.std.com.
Everybody's Internet Update is copyright 1994 by the Electronic Frontier
Foundation, Washington, D.C.
--