228 DEAR HACKER
228 DEAR HACKER
Dear 2600: I’d agree that Prodigy is a real turkey, if only for its on-screen adver-
tisements, censorship of users’ mail, and remarkably slow response. (Oh, yeah, and its demands for a loaded PC or Mac that few home users can afford.) But STAGE.DAT really is the last straw.
Contrary to the bull given out by them when caught, it is clear that IBM and Sears did intend to read home computers.
I’m aware of two horror stories, firsthand in my role as a computer and private phone system technician, that prove this trick was done for and actually used for marketing purposes.
1. The STAGE.DAT file of one user was found to contain a whole group of mail addresses and telephone numbers when examined. Some of these did correspond to names and numbers in other modem programs the person used, and, since these were in the same sub-directory path as Prodigy, there was a possible legitimate explanation.
The source of other names and numbers was a mystery as they didn’t correspond to names and numbers in any modem dialing list. The user soon found that they were in word processing files, that is to say, in individually addressed letters. (The version of Wordstar used didn’t have a telecom module.) Prodigy had read word processing files in a different sub-directory!
As a test, to rule out an accidental reading of files that were once physically stored where Prodigy is now, Wordstar was booted and a let- ter written to a dummy name with a phone number. Then Prodigy was contacted. After this, STAGE.DAT was looked at again. The new name and number was found within it. This proves that Prodigy deliberately incorporates this information every time it’s run!
2. In a place where I do wiring work, LANs are used within departments to link PCs. If contact has to be made with another work group (whose LAN isn’t gatewayed), it is done through modems, dialing through Centrex.
Now, due to the software involved, these other locations are given proper mailing addresses, numbers, and, since the software demands names, dummy names consisting of a name of the location as family
T H E M A G I C O F T H E C O R P O R AT E W O R L D
ABLE LEGAL, BAKER LEGAL, CHARLEY LEGAL, DELTA LEGAL, ABLE SALES, BAKER SALES, CHARLEY SALES, DELTA SALES, ABLE SHIPPING, etc. are given to each computer.
Furthermore, these arbitrary computer “names” are never used out- side the company. Also, in the company, a person sending a document to a certain computer in the legal department would know that it was in the legal department, but would never know the arbitrary first name given to that computer.
In short, there is no way, apart from reading the program, to know what arbitrary first names were given for system maintenance. And only management can read this password protected file.
Yet, shortly after installing Prodigy on several computers, junk mail from Prodigy arrived at the company address to such “people” as “ABLE SHIPPING,” “ABLE LEGAL,” etc. showing that these names are captured and actually used for marketing purposes!
While MS-DOS has a well-known flaw that allows data to exist after it’s been deleted, these two horror stories prove that it isn’t an accident. It really was a deliberate process. They just got caught.
Big Al Brooklyn
A most interesting account. We think you should demand an explanation from the Prodigy people. If the company can show that this information was not released in any way and can come up with the proof that such letters were received, it should get some attention. We’ve always found it disturbing that so many were so quick to excuse what was happening here without doing a thorough investigation. We hope more people continue to look into this and all future services that may do even worse things.
Dear 2600: Unfortunately, in his letter on Prodigy in the Autumn 1991 issue, Big
Al proves nothing other than his ignorance of how MS-DOS allocates disk space to files. That disk space was once used for a file in subdirec- tory A, which was deleted and has no bearing whatsoever on whether