Hmm, Merit's mailer gives me some headaches. Maybe it's because the mail already had a "Delivered-To: header when sent (how to insert that into incoming-only mail in Sendmail has remained a mystery to me). I sent it with the wrong return address, too, so this might have been the true reason. Please be not be distracted from the content of the message itself. [...] The Postfix program <nanog@merit.edu>: mail forwarding loop for nanog@merit.edu [...] From: Kai Schlichting <kai@conti.nu> Subject: a privacy violation at the DC Renaissance Hotel - to all NANOG 20 conference participants Cc: postmaster@stsn.com, wwest@SUITECORP.COM, notphast@MSN.COM, domain.administrator@MARRIOTT.COM, postmaster@MARRIOTT.COM, postmaster@renaissancehotels.com This is a message to all NANOG 20 participants staying at the Renaissance Washington DC conference hotel, October 22-24th (and probably to countless other guests over time that are not affiliated with NANOG). If you have surfed accessed-restricted websites belonging to your employers while using the hotel's in-room Internet service (provided by SuiteCorp, stsn.com), you have good reason to be concerned now, as your privacy has been violated. STSN apparently uses a transparent proxy (which I have no problem with) that continually keeps a copy of what is accessed for a very long time (which I have a BIG problem with) - but it doesn't stop there: it's doing conditional re-GET's on those objects in the cache, keeping it up-to-date (and I will not allege that the STSN admins are "surfing the logs" so to speak, there is not evidence for that). This is a gross privacy violation and a damn good reason not to use secured, private, privacy-sensitive non-SSL websites when using any hotel in-room Internet service like STSN. It's also a damn good reason to sue if you feel like it (I don't, at least not right now). The last 5 accesses in the log below are such cache-refresh accesses, those leading up to it are from my accesses in the room and from the conference network gratiously provided by AOL. p3.stsn.com - - [22/Oct/2000:20:16:22 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" p3.stsn.com - - [22/Oct/2000:23:03:30 -0400] "GET /~kai/home646.html HTTP/1.0" 200 5899 "-" "Mozilla/3.01 (compatible;)" p3.stsn.com - - [22/Oct/2000:23:05:31 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/3.01 (compatible;)" p3.stsn.com - - [23/Oct/2000:08:26:39 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/3.01 (compatible;)" nanog-18-142.atdn.net - - [23/Oct/2000:09:02:13 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/4.75 [en] (Win98; U)" nanog-19-66.atdn.net - - [23/Oct/2000:11:09:07 -0400] "GET /~kai/home646.html HTTP/1.0" 200 5899 "-" "Mozilla/4.75 [en] (Win98; U)" p73.stsn.com - - [23/Oct/2000:16:58:52 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/4.75 [en] (Win98; U)" p73.stsn.com - - [23/Oct/2000:17:02:34 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/4.75 [en] (Win98; U)" p73.stsn.com - - [23/Oct/2000:17:59:04 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/4.75 [en] (Win98; U)" 12.23.124.37 - - [23/Oct/2000:21:33:46 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/4.75 [en] (Win98; U)" p244.stsn.com - - [24/Oct/2000:08:57:28 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/4.75 [en] (Win98; U)" nanog-18-140.atdn.net - - [24/Oct/2000:09:26:26 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/4.75 [en] (Win98; U)" p3.stsn.com - - [28/Oct/2000:10:07:51 -0400] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/3.01 (compatible;)" p3.stsn.com - - [03/Nov/2000:04:04:11 -0500] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/3.01 (compatible;)" p3.stsn.com - - [10/Nov/2000:13:31:57 -0500] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/3.01 (compatible;)" p3.stsn.com - - [19/Nov/2000:21:40:56 -0500] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/3.01 (compatible;)" p3.usslc14.stsn.com - - [29/Nov/2000:10:27:01 -0500] "GET /~kai/home646.html HTTP/1.0" 304 - "-" "Mozilla/3.01 (compatible;)" Thanks, bye,Kai ps: yes, that page is gone now. -- "Just say No" to Spam Kai Schlichting New York, Palo Alto, You name it Sophisticated Technical Peon Kai's SpamShield <tm> is FREE! http://www.SpamShield.org | | LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFax-Data-Muxes WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-ReallyHardMath