Computer underground Digest Sun Dec 22, 1996 Volume 8 : Issue 91 ISSN 1004-042X Editor: Jim Thomas (cudigest@sun.soci.niu.edu) News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu) Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Field Agent Extraordinaire: David Smith Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #8.90 (Sun, Dec 22, 1996) File 1--Review of Flanagan's JavaScript (by Warner Winborne) File 2--"Disappearing Cryptography" by Wayner File 3--HPCS'97 CFP (Conference info) (fwd) File 4--ISOC 1997 SYMPOSIUM NETWORK & DISTRIBUTED SYSTEM SECURITY File 5--Cu Digest Header Info (unchanged since 13 Dec, 1996) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION ApPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. --------------------------------------------------------------------- Date: Mon, 02 Dec 96 22:02 CST From: Warner Winborne Subject: File 1--Review of Flanagan's JavaScript (by Warner Winborne) Review of Flanagan's JavaScript (by Warner Winborne) Northern Illinois University David Flanagan's JavaScript: The Definitive Edition (Beta Version) is a noble attempt at making sense of this troublesome language. Flanagan concisely describes JavaScript from top to bottom, from lexical structure to objects, arrays, functions and methods, and in so doing, dispels the myth that JavaScript is merely a watered-down version of JAVA. There are some syntactical similarities between JavaScript and JAVA, but the two languages possess separate strengths and weaknesses. Neither should be considered a substitute for the other, but they may be combined in a highly complimentary fashion. The book documents in painstaking detail the structure and elements of JavaScript. Much of this should be familiar to those who have experience programming in C or C++, but will be difficult reading for the neophyte. Flanagan then turns to the more exciting task of explaining how JavaScript interacts with the client. Since JavaScript is a "scripting language" which interacts with the client, the client's browser, and the browser's contents, client-side JavaScript elements are what can make JavaScript a dynamic language. As Flanagan points out so well, JavaScript possesses great potential. As an HTML-embedded language, it is restricted to the confines of web pages, but within those limitations, it is quite flexible. Adding to the excitement is the possibility of running JAVA applets within JavaScript with "LiveConnect" (available only in Netscape 3.0). This effectively merges the strengths of the two languages. Flanagan closes his text with an impressive and invaluable 260 page reference section, documenting JavaScript functions, methods, arrays, constants and event handlers. But despite the exhaustive reference section and the careful documentation of the structure, JavaScript: The Definitive Edition is not the "definitive" work, as even Flanagan must admit. After all, how can a beta edition be considered "definitive"? JavaScript is a programming language that addresses some of the limitations of CGI scripts, most notably that they run on the server side. Since JavaScript is an interpreted language (that is, it needs no compiling), it is possible for the client to perform many of the functions of CGI scripts, thus reducing the load on the server. But JavaScript can also be used on the server side to supplement (and even replace) CGI scripts. Flanagan's book focuses almost exclusively on the client side. This is reasonable, since server-side JavaScript (a.k.a. LiveWire) is in beta release, and since most HTML authors who wish to program in JavaScript may not have access to the CGI scripts and cgi-bin directory on their ISPs. As a result, most of the programming in JavaScript can be expected to occur on the client side. Therefore, Systems Administrators and those who desire to program in JavaScript on the server side may wish to wait for the server side edition of the book, which Flanagan promises will be forthcoming. In addition, JavaScript is replete with bugs (as most webmasters should know). Flanagan admits that "the most notable feature of JavaScript is its bugs. And the most common experience of JavaScript programmers is frustration." He makes an admirable attempt at documenting the most frequently encountered bugs, but since there are so many of these bugs, and since they vary based upon the client's browser and operating system, Flanagan can only scratch the surface. He acknowledges that "there is a desperate need for a definitive list of known bugs in JavaScript. . . Definitively documenting all bugs in all versions of Navigator on all the platforms it supports would be a task more difficult than definitively documenting JavaScript itself."So, we'll have to wait for JavaScript Bugs: The Definitive Edition. JavaScript: The Definitive Edition is a well crafted, well organized, indispensable resource for the JavaScript programmer. While readers with experience programming in C++ or JAVA while find the book easier to read and understand than will the novice, it is possible for the uninitiated yet dedicated to begin programming in JavaScript with the assistance of Flanagan's book. Yet I remain unconvinced that I should begin to program in JavaScript. The fault lies not with Flanagan and his work, but with the language itself. In the first place, JavaScript is supported by Netscape (versions 2.0 and up) and by Microsoft Internet Explorer 3.0. While Netscape continues to command a large share of the browser market, it is folly to assume that the client will be running a JavaScript-capable browser. Both Mosaic and Lynx will completely ignore all of your hard work with JavaScript. So will Netscape 1.22. Flanagan recommends that webmasters who program with JavaScript instruct clients to upgrade to a JavaScript capable browser. But what of the client who browses with a networked version of Netscape 1.22 (or Mosaic or Lynx)? It is not uncommon for businesses and universities to make networked copies of web browsers available to employees or students. As a result, upgrading is not an option for these clients. Second, JavaScript is unbelievably buggy. In an attempt to corner the client-side scripting language market, Netscape duplicated its strategy to corner the web browser market. JavaScript was thrust upon us early, so that it would become the "default" language. But what we got was remarkably flawed. Flanagan offers two JavaScript "tutorials". The first employs the Date object, which should display the local day, date, and time. The code for this marvel is This may or may not display the true day, date and time. I get the correct day, date and time, but the wrong time zone. A trip to the reference section of JavaScript: The Definitive Edition tells us that "In Navigator 2.0, the Date object has quite a few bugs and is almost unusable." I find it instructive that the first tutorial employs an object so buggy as to be rendered worthless. A further bug worthy of note is the Object.eval() method. This method (with Netscape 2.0 it is a function), is used to evaluate, and return the value of, code that is placed between the (). But for clients using Netscape 2.0 on Windows 3.1 platforms, this function has a different effect. It crashes the browser. Of course, JavaScript is infamous for its security bugs. The initial release of JavaScript (with Netscape 2.0) permitted the creation of code that would read the browser's e-mail address, and then send mail from that address. To its credit, Netscape released Netscape 2.0.1 to fix such security holes, and this particular one was hobbled. But after the release of Netscape 2.0.1, it was discovered that code could be written which would read and write files to the client's hard drive! Finally, and I believe most alarmingly, is Netscape's admission that future releases of JavaScript may not be backwards compatible. Citing Netscape's online documentation of JavaScript, Flanagan writes, "Development of the JavaScript language and its documentation continues. Additional features are planned; some current features could be modified if necessary." Since JavaScript made its debut prematurely, it may be better to jettison the "beta" version of the language when a more stable form is released. Regardless, the news that the JavaScript programming I do today may not work tomorrow does not fill me with the desire to program in JavaScript. Nor am I emboldened by the prospect of creating multiple JavaScript programs (old and new versions) to accomplish one task. With these reservations, I can not help but wonder why Flanagan wrote JavaScript: The Definitive Edition. Flanagan himself shares these same reservations, but claims that he was hounded by HTML authors to produce the book. Well, I can not find fault with him for responding to demand. But I must wonder if the demand was caused by the frustrations experienced by these JavaScript programmers, and by the hope that Flanagan could point out the errors in their programming. Unfortunately, the errors reside in the language itself. Flanagan also claims that, like it or not, JavaScript has become the default programming language for the Web community. But this too may change. SunLabs has just released a plug-in for Netscape 3.0 which permits the browser to run Tcl (Tool Command Language) application code. Like JavaScript, Tcl is an interpreted (i.e. non-compiled) scripting language. And like JavaScript's "LiveConnect" which is a "wrapper" around JAVA code, Tcl is often used with Tk, its wrapper around JAVA and C and C++ code. JavaScript may not be the only kid on the block for long. Furthermore, Tcl/Tk is being released slowly. SunLabs has the benefit of witnessing JavaScript's difficulties with security, and has released Safe-Tcl to limit the security risks on the client side. For the HTML author who simply can not wait to program in JavaScript, David Flanagan's JavaScript: The Definitive Edition is indispensable. Well crafted, organized and documented, this book will be useful to all programmers, whether they are new to the challenges of programming, or "old hands". But for those who, like me, balk at the idea of the frustrations that the author promises will accompany programing in JavaScript, Flanagan and O'Reilly Press will produce a final version of this beta edition, documenting the most recent (and we hope substantially more stable) version of JavaScript. He has also promised the addition of a section with examples of code for common tasks, which should be of great use to the novice. Finally, chapters on server-side JavaScript, or LiveWire, will be added, which should be attractive to those who wish to program on the server side. ------------------------------ Date: Mon, 25 Nov 1996 11:15:46 EST From: "Rob Slade, doting grandpa of Ryan & Trevor" Subject: File 2--"Disappearing Cryptography" by Wayner "Disappearing Cryptography", Peter Wayner, 1996, 0-12-738671-8, U$29.95 %A Peter Wayner pcw@access.digex.net %C 1300 Boylston Street, Chestnut Hill, MA 02167 %D 1996 %G 0-12-738671-8 %I Academic Press Professional %O U$29.95 +1-617-232-0500 +1-800-3131277 app@acad.com %P 295 %T "Disappearing Cryptography" The title seems to allude to, and the book jacket definitely trumpets, steganography, the act or art of "hiding in plain sight". An example of a steganographic message would be one which appears to be an innocuous and ordinary family letter, but which carries detailed information in the background. One chapter of the book does deal with this type of encryption, although only in terms of hiding text data in pictures. The book as a whole seems more like a collection of essays on topics related to encryption. The topics represented cover a broad range of information science. The level of detail provided varies, but in general the explanations are fairly simple. copyright Robert M. Slade, 1996 BKDSCRPT.RVW 960902 ------------------------------ Date: Thu, 12 Dec 1996 18:49:11 -0500 (EST) From: Noah Subject: File 3--HPCS'97 CFP (Conference info) (fwd) From -Noah ---------- Forwarded message ---------- Date--Thu, 12 Dec 1996 18:33:49 +0200 From--Dimitris Serpanos Subject--HPCS'97 CFP ******************************************************************************* CALL FOR PAPERS =============== Also available at: "http://www.ics.forth.gr/events/hpcs97/hpcs97cfp.html" and "http://emperor.arl.wustl.edu/arl/workshops/hpcs/" The Fourth IEEE Workshop on the Architecture and Implementation of High Performance Communication Systems (HPCS'97) Sani Beach, Chalkidiki, Greece June 23-25, 1997 Sponsored by: ============= IEEE Communications Society In Cooperation with: ================================= AUTH, NTUA, ICS-FORTH, CTI, INTRACOM HPCS'97 will focus on all issues related to systems and services for the 21st century. Advances in all areas of computing and networking have resulted in systems that provide a wide range of applications, from digital libraries to real-time games, attracting a diverse population of users, from researchers and students to travellers and shoppers. The rapid changes in the infrastructure used by telephone, cable, and satellite companies and the new competitive environment fosterd by privatization and reregulation as well as the growth of intranets and internet service providers have triggered significant efforts to provide additional services over the network to potential users and buyers. HPCS'97 will focus on the architecture, design and implementation of networks, systems and applications that target these emerging systems. Presentations are sought, which describe original techniques, methodologies, experimental results, design issues and comparative studies related to the general theme. New ideas, approaches and early results are very welcome. Topics of interest include (but are not limited to): - Communication systems architecture, design and implementation - End-to-end Network Architecture - Applications and their requirements - Residential Broadband Networking - Wireless Networks and Mobility - IP/ATM Integration - Active Networks - Quality-of-Service - Multimedia Systems - Internet Telephony - Digital Video Technology - Enabling Technologies - Security, Management and Service Integration - Standards - Regulatory--Social--Economic Issues Important Dates =============== 1/15/97: Paper submission deadline (Extended Abstract - 2 to 5 pages) 3/1/97: Acceptance notification. 4/15/97: Final manuscript due. 4/15/97: Pre-registration deadline. 6/23-25/97: Conference. Submissions =========== Papers are restricted to an extended abstract no longer than five formatted postscript pages. To complete your submission, please send the following items by electronic mail to hpcs@arl.wustl.edu (1) The paper in POSTSCRIPT form (2) The title of the paper, the list of authors with complete contact information in the form of email address and phone number, and an abstract summarizing the paper in PLAIN TEXT. Only if electronic submission is IMPOSSIBLE, papers may be sent to the following mailing address: Dr. Gurudatta M. Parulkar ATTN: HPCS 97 Washington University Department of Computer Science Applied Research Laboratory Campus Box 1045 St. Louis, Missouri 63130 USA Steering Committee: =================== Zygmunt Haas (Cornell U, USA) Ahmed Tantawy (IBM Research, USA) General Chair: ============== Radu Popescu-Zeletin (GMD-FOKUS, Germany) Program Committee: ================== CHAIR: Guru Parulkar (Washington U, USA) ------ Andreas D. Bovopoulos (3Com Corporation, USA) Augusto Casaca (IST-INESC, Portugal) Olga Casals (U of Barcelona, Spain) Jon Crowcroft (UCL, UK) Christophe Diot (INRIA Sophia Antipolis, France) David J. Farber (U of Pennsylvania, USA) Nicolas D. Georganas (U of Ottawa, Canada) Mario Gerla (UCLA, USA) Per Gunningberg (SICS, Sweden) Zygmunt Haas (Cornell U, USA) David Hutchison (U of Lancaster and HP Labs, UK) Manolis Katevenis (FORTH and U of Crete, Greece) Simon Lam (U of Texas, Austin, USA) Hanafy Meleis (Racal Data Group, USA) Yoram Ofek (IBM Research, USA) Michael Paterakis (TU Crete, Greece) Niovi Pavlidou (AUTH Thessaloniki, Greece) Bernhard Plattner (ETH, Switzerland) George Polyzos (U of California, San Diego, USA) Krishan Sabnani (Bell Labs, USA) Pavlos Spirakis (TU Patras and CTI, Greece) George Stassinopoulos (NTUA, Greece) Heinrich Stuettgen (IBM Heidelberg, Germany) Hiroshi Suzuki (NEC, Japan) Asser Tantawi (IBM Research, USA) Don Towsley (U of Massachessets, USA) Yannis Viniotis (North Carolina State U, USA) Martina Zitterbart (TU Braunschweig, Germany) Local Organization Chair: ========================= Leonidas Georgiadis (AUTH Thessaloniki, Greece) Financial Chair: ================ Chatschik Bisdikian (IBM Research, USA) Registration Chair: =================== Yurdaer Doganata (IBM Research, USA) Publicity Chair: ================ Dimitrios N. Serpanos (U Crete & FORTH, Greece) ------------------------------ From: "David M. Balenson" Subject: File 4--ISOC 1997 SYMPOSIUM NETWORK & DISTRIBUTED SYSTEM SECURITY Date: 1 Dec 1996 09:27:59 -0000 Source - Newsgroups: comp.virus ---------------------------------------------------------- THE INTERNET SOCIETY 1997 SYMPOSIUM ON NETWORK AND DISTRIBUTED SYSTEM SECURITY (NDSS '97) 10-11 FEBRUARY 1997 SAN DIEGO PRINCESS RESORT, SAN DIEGO, CALIFORNIA This fourth annual symposium will bring together researchers, implementors, and users of network and distributed system security technologies to discuss today's important security issues and challenges. It will provide a mix of technical papers and panel presentations that describe promising new approaches to security problems that are practical, and to the extent possible, have been implemented. We hope to foster the exchange of technical information and encourage the Internet community to deploy available security technologies and develop new solutions to unsolved problems. WHY YOU SHOULD ATTEND The use of the Internet is rapidly growing and expanding into all aspects of our society. Commercial organizations are coming under increasing pressure to make their services available on-line. This in turn is increasing the need for rapid and widespread deployment of usable and effective network and distributed system security technologies. High visibility attacks on the Internet underscore the vulnerabilities of the Internet and the need to solve its security problems. There is growing concern for securing the network infrastructure itself. Recent trends in software distribution (such as Java and ActiveX technologies) have made certain attacks easier to carry out. Privacy has become an important issue for the Internet. NDSS '97 will bring together researchers, implementors, and users of network and distributed system technologies to discuss today's important security issues and challenges. We have selected the technical papers and panel presentations that describe promising new approaches to security problems that are practical, and to the extent possible, have been implemented. Topics to be addressed include Internet infrastructure and routing security, security for the World Wide Web, Java and ActiveX security, cryptographic protocols, public key management, and protection of privacy. The symposium will have a positive impact on the state of Internet security. You will have the opportunity to actively participate in the dialog. Ask questions of the speakers, raise your important issues during the panel sessions, and let other participants know of your requirements, observations, and experience in this important area. We hope to encourage the wide-scale deployment of security technologies and to promote new research that can address the currently unmet security needs of the Internet community. CONTENTS Preliminary Program Organizing Committee San Diego Princess Resort Registration Information Registration Form - -------------------------------------------------------------------------- P R E L I M I N A R Y P R O G R A M SUNDAY, FEBRUARY 9 6:00 P.M. - 8:00 P.M. RECEPTION - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - MONDAY, FEBRUARY 10 7:30 A.M. CONTINENTAL BREAKFAST 8:30 A.M. OPENING REMARKS 9:00 A.M. SESSION 1: THINGS THAT GO BUMP IN THE NET Chair: Stephen T. Kent (BBN Corporation, USA) Experimental Results of Covert Channel Elimination in One-Way Communication Systems, Nick Ogurtsov, Hilarie Orman, Richard Schroeppel, Sean O'Malley, and Oliver Spatscheck (University of Arizona, USA) Blocking Java Applets at the Firewall, David M. Martin Jr., Sivaramakrishnan Rajagopalan and Aviel D. Rubin (Bellcore, USA) Continuous Assessment of a Unix Configuration: Integrating Intrusion Detection & Configuration Analysis, Abdelaziz Mounji and Baudouin Le Charlier (Institut D'Informatique, Namur, BELGIUM) 10:30 A.M. BREAK 11:00 A.M. SESSION 2: PANEL: SECURITY OF DOWNLOADABLE EXECUTABLE CONTENT Chair: Aviel Rubin (Bellcore, USA) 12:30 NOON LUNCH 2:00 P.M. SESSION 3: PROTOCOL IMPLEMENTATION AND ANALYSIS Chair: Christoph Schuba (Purdue University, USA) An Interface Specification Language for Automatically Analyzing Cryptographic Protocols, Stephen H. Brackin (Arca Systems, USA) Probable Plaintext Cryptanalysis of the IP Security Protocols, Steven M. Bellovin (AT&T Research, USA) Misplaced Trust: Kerberos Version 4 Session Keys, Bryn Dole (Sun Microsystems), Steve Lodin (Delco Electronics), and Eugene Spafford (Purdue University, USA) 3:30 P.M. BREAK 4:00 P.M. SESSION 4: PANEL: SECURITY OF THE INTERNET INFRASTRUCTURE Chair: Russ Mundy (Trusted Information Systems, USA) 7:00 P.M. DINNER BANQUET - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - TUESDAY, FEBRUARY 11 7:30 A.M. CONTINENTAL BREAKFAST 8:30 A.M. SESSION 5: ROUTING SECURITY Chair: Hilarie Orman (DARPA, USA) Securing the Nimrod Routing Architecture, Karen E. Sirois and Stephen T. Kent (BBN Corporation, USA) Securing Distance-Vector Routing Protocols, Bradley R. Smith, Shree Murthy and J.J. Garcia-Luna-Aceves (University of California Santa Cruz, USA) Reducing the Cost of Security in Link-State Routing, R. Hauser, A. Przygienda and G. Tsudik (IBM and USC/ISI, USA) 10:00 A.M. BREAK 10:30 A.M. SESSION 6: SECURITY FOR THE WORLD WIDE WEB Chair: Win Treese (OpenMarket, USA) Securing Web Access with DCE, Brian C. Schimpf (Gradient Technologies, USA) PANEL: SECURITY FOR THE WORLD WIDE WEB Chair: Win Treese (OpenMarket, USA) 12:00 A.M. LUNCH 1:30 P.M. SESSION 7: PUBLIC KEY MANAGEMENT Chair: Jonathan Trostle (CyberSafe, USA) Hierarchical Organization of Certification Authorities for Secure Environments, Lourdes Lopez (Universidad Politecnica de Madrid, SPAIN) Trust Models in ICE-TEL, Andrew Young and Nada Kapidzic Cicovic (Univeristy of Salford, UNITED KINGDOM) Distributed Authentication in Kerberos Using Public Key Cryptography, Marvin Sirbu and John Chung-I Chuang (Carnegie Mellon University, USA) 3:00 P.M. BREAK 3:30 P.M. SESSION 8: PANEL: WEB PRIVACY AND ANONYMITY Chair: (To Be Determined) - -------------------------------------------------------------------------- O R G A N I Z I N G C O M M I T T E E GENERAL CHAIR David Balenson, Trusted Information Systems PROGRAM CHAIRS Clifford Neuman, USC Information Sciences Institute Matt Bishop, University of California at Davis PROGRAM COMMITTEE Steve Bellovin, AT&T Research Tom Berson, Anagram Laboratories Doug Engert, Argonne National Laboratory Warwick Ford, Verisign Richard Graveman, Bellcore Li Gong, JavaSoft Burt Kaliski, RSA Laboratories Steve Kent, BBN Corporation Tom Longstaff, CERT Doug Maughan, National Security Agency Dan Nessett, 3Com Corporation Hilarie Orman, DARPA/ITO Michael Roe, University of Cambridge Christoph Schuba, Purdue University Jonathan Trostle, CyberSafe Theodore Ts'o, Massachusetts Institute of Technology Doug Tygar, Carnegie Mellon University Vijay Varadharajan, University of W. Sydney Roberto Zamparo, Telia Research PUBLICATIONS CHAIR Steve Welke, Institute for Defense Analyses LOCAL ARRANGEMENTS CHAIR Thomas Hutton, San Diego Supercomputer Center REGISTRATIONS CHAIR Torryn Brazell, Internet Society STEERING GROUP Internet Research Task Force, Privacy and Security Research Group SPONSORED BY THE INTERNET SOCIETY Donald M. Heath, President & CEO Martin Burack, Executive Director - -------------------------------------------------------------------------- S A N D I E G O P R I N C E S S R E S O R T LOCATION The Symposium venue is the San Diego Princess Resort, a tropical paradise on a forty-four acre island in Mission Bay, ten minutes from the international airport. Lush gardens landscaped with hundreds of species of tropical and subtropical plants are always ablaze with color and perfect for themed group events. Charming pathways wander among sparkling waterfalls, across quaint footbridges and sleepy lagoons filled with water lilies and waterfowl. A white sand beach curves around the island for over a mile, and the award-winning grounds encompass five swimming pools and six lighted tennis courts. Spouses and family members can catch a convenient Harbor Hopper for a quick trip to Sea World. Plan to visit La Jolla, the world famous San Diego Zoo or Mexico, only 30 minutes by car or Trolley. HOUSING INFORMATION We have reserved a special block of sleeping rooms at the San Diego Princess Resort at the following rates: Lanai Patio Rooms $ 81* Lanai Garden Rooms $114 * This represents the Government Rate for San Diego. A limited number of rooms are available at this rate. Reservations must be made no later than January 13, 1997. You must present a valid government id upon check-in. Based on room type and space availability, the special group rates are applicable two days prior to and two days after the symposium. Current Room Tax is 10.5%. Check-in availability cannot be committed prior to 4:00 p.m. Check-out time is 12:00 noon. The San Diego Princess Resort will make every effort to accommodate any early arrivals, so make sure you give them your arrival time when you make your reservation. TO MAKE A RESERVATION Contact the San Diego Princess Resort at +1-800-344-2626 (+1-619-274-4630 if outside the United States). To receive the special group rates, reservations must be made no later than January 20, 1997. To receive the special goverment rate, you must make your reservation by January 13, 1997. CLIMATE February weather in San Diego is normally very pleasant. Early morning temperatures average 55 degrees while afternoon temperatures average 67 degrees. Generally, a light jacket or sweater is adequate, although, occasionally it rains. - -------------------------------------------------------------------------- R E G I S T R A T I O N I N F O R M A T I O N FEES ISOC Non- Members Member* Early registration (postmarked on/before Jan. 22) $305 $345 Late registration $375 $415 REGISTRATION INCLUDES - Attendance - Symposium Proceedings - Two luncheons - Reception - Banquet - Coffee Breaks * Non-Member fee includes one year Internet Society membership. FOR MORE INFORMATION Contact Carol Gray at the Internet Society at +1-703-648-9888 or send E-mail to Ndss97reg@isoc.org. WEB PAGE Additional information about the symposium and San Diego, plus on-line registration, are available via the Web at: http://www.isoc.org/conferences/ndss97 SPONSORSHIP OPPORTUNITIES AVAILABLE! Contact Torryn Brazell at the Internet Society at +1-703-648-9888 or send E-mail to Ndss97reg@isoc.org. - -------------------------------------------------------------------------- R E G I S T R A T I O N F O R M INTERNET SOCIETY SYMPOSIUM ON NETWORK AND DISTRIBUTED SYSTEM SECURITY 10-11 FEBRUARY, 1997 SAN DIEGO, CALIFORNIA, USA Fill out this form and FAX it to NDSS'97 Registration at +1-703-648-9887, send it via E-mail to Ndss97reg@isoc.org, or mail it to NDSS97, 12020 Sunrise Valley Drive, Suite 210, Reston, VA, 20191, USA PERSONAL INFORMATION __Mr __Ms __Mrs __Dr __Prof __M __Prof Dr __Dip Ing __Ing __Miss __Mlle First Name: ________________________________ MI: ____________________ Family Name: ___________________________________ __Sr __Jr __II __III Badge Name: __________________________________________________________ Please enter your name as you would like it to appear on your name tag. CONTACT INFORMATION Title: _______________________________________________________________ Organization: ________________________________________________________ Street address: ______________________________________________________ ______________________________________________________________________ City: ________________________________________________________________ State/Province: ___________________________ Postal Code: ____________ Country: _____________________________________________________________ Telephone Number (work): _____________________________________________ Telephone Number (home): _____________________________________________ Fax Number: __________________________________________________________ E-mail address: ______________________________________________________ SPECIAL NEEDS? (Vegetarian meals, wheelchair access, etc?) ______________________________________________________________________ ______________________________________________________________________ APPEAR ON REGISTRANTS LIST? ___ Please check here if you would NOT like your name included in the list of registrants. PAYMENT INFORMATION All Payments must be in United States Dollars. Conference Fee -------------- If you are an Internet Society member, you are eligible for a reduced conference registration fee. Non-member symposium attendees will receive a one year Internet Society membership as part of the non-member registration fees. Check one: On/Before After January 22 January 22 ---------- ---------- ___ Internet Society Member Fee US$ 305.00 US$ 375.00 ___ Non-Member Fee US$ 345.00 US$ 415.00 Method of Payment ----------------- Payment must be received on/before February 7, 1997 or we will be unable to pre-register you. 1. ___ Check. Make payable to the Internet Society. 2. ___ Credit Card. ___ American Express ___ Visa ___ Mastercard Name on Credit Card: ____________________________________ Credit Card Number: _____________________________________ Expiration Date: ________________________________________ 3. ___ CyberCash. Account Number: _____________________________ 4. ___ First Virtual. Account Number: _________________________ 5. ___ Wire Transfer* Bank ABA Number: 054000030 Account Number: Internet Society 148 387 10 Riggs National Bank of Virginia 950 Herndon Parkway Herndon, VA 20171 USA Wire Transfer Confirmation Number: ______________________ * Please process wire transfer before sending registration form. 6. ___ U.S. Government Purchase Order* P.O. Number: ____________________________________________ * Please fax or mail a copy of your purchase order along with your registration form. Cancellation Policy ------------------- Refunds (less a $25 processing fee) will be issued for cancellations received on/before February 7, 1997. No refunds will be issued after February 7, 1997. ------------------------------ Date: Thu, 15 Dec 1996 22:51:01 CST From: CuD Moderators Subject: File 5--Cu Digest Header Info (unchanged since 13 Dec, 1996) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send post with this in the "Subject:: line: SUBSCRIBE CU-DIGEST Send the message to: cu-digest-request@weber.ucsd.edu DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS. The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CU-DIGEST Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); and on Rune Stone BBS (IIRGWHQ) (860)-585-9638. CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: In BELGIUM: Virtual Access BBS: +32-69-844-019 (ringdown) In ITALY: ZERO! BBS: +39-11-6507540 In LUXEMBOURG: ComNet BBS: +352-466893 UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/CuD ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #8.91 ************************************