cryptoanarchy.wiki

Arise, you have nothing to lose but your barbed wire fences!

1996-05-08 - Chat with WhoWhere.com

Header Data

From: Rich Graves <llurch@networking.stanford.edu>
To: cypherpunks@toad.com
Message Hash: 0c323b9045125e8847d54df091f9d2c48ec77fcaf83887d7d97b96ed102b72ea
Message ID: <Pine.GUL.3.93.960507214739.14261B-100000@Networking.Stanford.EDU>
Reply To: N/A
UTC Datetime: 1996-05-08 11:05:21 UTC
Raw Date: Wed, 8 May 1996 19:05:21 +0800

Raw message

From: Rich Graves <llurch@networking.stanford.edu>
Date: Wed, 8 May 1996 19:05:21 +0800
To: cypherpunks@toad.com
Subject: Chat with WhoWhere.com
Message-ID: <Pine.GUL.3.93.960507214739.14261B-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

So we did lunch. They even paid. I had a turkey club sandwich and a
strawberry/banana smoothie.

At this time, I cannot discuss (publicly) much of what was said, but I can
say that some progress was made.

* There is not currently a "deny" list. I.e., if you ask WhoWhere to
  delete your name, address, and phone number, they will usually do it
  within 48 hours, but it is entirely possible that an automated process
  will reenter your address the next day. They agree that this is
  something that should be fixed.

* They do indeed run an undocumented web spider to search for email
  addresses. Soon, they will register it on the WebCrawler page and follow
  the Robot Exclusion Standard. However, they were not interested in
  shutting the robot down, or sharing the source code.

* They deny association with the "WhoWhere Robot" probes operating out of
  Japan and Australia. I expressed concern that someone may have stolen
  their spider somehow. They'll look into it.

* The person I talked to agreed that WhoWhere's initially writing programs
  to brute-force tens of thousands of addresses out of the okra.ucr.edu
  service was improper. I expressed concerns that the current version of
  their web crawler appeared to have no safeguards against a recurrence.

* Certain other allegations were confirmed, denied, or confidential.

* WhoWhere does seem to take concerns about the inappropriate disclosure
  of information that was never intended to be publicly available
  seriously. :-)

* They do indeed have formal business relationships with ABI, InfoSeek,
  Switchboard, and Netscape (details on the Netscape relationship are not
  publicly available).

* I did not feel at all threatened by remarks made as we were leaving.

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMZAs/Y3DXUbM57SdAQE7KQP/cvth6OaIopocvHM9dIEwkwDnEYqY5gZ0
QlJk00imT3nzBQTXffqZdq8I8lEpYhshibe0VPzAK0KgUthzE7/hyb12DKBQuNYz
mGqkQRNcY0r9Fcg6dbl+pBPltf3XgOE7one1uziRvd12uL9skEyTMBcR41WiFs84
f+uKBfGD2qk=
=hROh
-----END PGP SIGNATURE-----

Thread