FW: Security

mvana@earthlink.net ("mvana@earthlink.net")
Wed, 26 Nov 1997 21:48:20 -0500

-----Original Message-----
From: mvana@earthlink.net [SMTP:mvana@earthlink.net]
Sent: Wednesday, November 26, 1997 5:37 PM
To: 'augusto@iqm.unicamp.br'
Subject: RE: Security

Actually, the Cornell version of CU allows a person to dial in to an =
already existing conference and "spy" on the conference member called. =
Happened to us in one of our early experiences with CU. Someone dialed =
us back while we were connected with another party and was able to see, =
hear and read chat originating from our computer without us being aware. =
He was very surprised to have been able to do this, and several =
experiments verified that the same glich could be recreated on several =
different machines/connections. As most of the test subjects had =
permanent IP addresses the were extremely dismayed. We soon after =
purchased the WP version.
-----Original Message-----
From: Fabio Augusto [SMTP:augusto@iqm.unicamp.br]
Sent: Wednesday, November 26, 1997 3:18 PM
To: CU-SEEME-L@cornell.edu
Subject: Re: Security

At 09:04 26/11/97 -0600, Jason Williams wrote:
>Presumably..yes..but the person wanting to eaves drop would have to:
>1) Have access to ...
>2) Have a program written that filters ...
>3) Have a program that allows ...
>4) Have a program that takes ...
>5) Have a program that actually displays ...

In few words: the REAL possibility that some hacker is spying CU vid
through net is almost the same for being killed by a meteorite (2 or 3
known cases in 200 years)...

There is a lot of fantasy and misunderstanding about net security.
Although a 100 % safe system doesn't exist, data communication through =
is, as general rule, much more safer than which can be done in other
systems (phone, snail mail, CB radio ...) - if one is afraid of someone
looking at his vid, he firstly should check the keyholes of her room's
doors (the technology to peek through them has been in use for a long, =
time and it's very reliable !!!).