RE: tampering withelectronic health records
Hi, I don't know how I got onto this mailing list, but PLEASE remove me!! Jan LIS Projects Manager Bucks Health Authority Verney House Gatehouse Road Aylesbury BUCKS HP19 8ET Direct Dial 01296 310125 [EMAIL PROTECTED] -Original Message- From: p=NHS NATIONAL INT;a=NHS;c=GB;dda:RFC-822=andrew(u)p(u)ho(a)eudoramail.com; Sent: 28 March 2001 17:27 To: p=NHS NATIONAL INT;a=NHS;c=GB;dda:RFC-822=midgley(a)mednetics.org; Cc: p=NHS NATIONAL INT;a=NHS;c=GB;dda:RFC-822=openhealth-list(a)minoru-development.com; Subject: Re: tampering withelectronic health records Hi Adrian, Good thinking! I suppose you would propose to keep the entire medical record in the Eternity Service? Unfortunately, the Eternity service cannot deliver both availability and confidentiality. That is the design trade-off. The reason why it can deliver availability is because no one needs to have a key or special knowledge to retrieve data. So, you are correct that there is a way to scatter data and that you don't have to worry about loss of a retrieval key since you don't need one to retrieve that data. But the cost is that anyone else will be able to use the same method and get your data. That, actually, is the whole point of the Eternity Service! Ross never claims that it can deliver confidentiality - his aim is to prevent "denial of service" - i.e. provide availability. Delivering confidentiality requires that the system be capable of denying service selectively - hopefully while able to provide availability! Sequentially Distributed Secret Splitting (http://www.txoutcome.org/scripts/zope/library/files/browse/show_contents?objectid=45) is a data scattering method that may provide both confidentiality and availability. Ross Anderson thought it was promising when I sent it to him for review in 1999 (before I submitted the paper). I'll send you his comments if you are interested. Best regards, Andrew --- Andrew P. Ho, M.D. OIO: Open Infrastructure for Outcomes www.TxOutcome.Org Assistant Clinical Professor Department of Psychiatry, Harbor-UCLA Medical Center University of California, Los Angeles On Wed, 28 Mar 2001 09:51:53 Dr Adrian Midgley wrote: Andrew Ho worried about the durability of the replicated information... Ross Anderson solved this a while ago, before P2P became a buzz word, and I commend the paper on The Eternity Service at http://www.cl.cam.ac.uk:80/users/rja14/eternity -- Adrian Midgley Exeter http://www.swis.net/midgley/ Join 18 million Eudora users by signing up for a free Eudora Web-Mail account at http://www.eudoramail.com
Re: Name.
Hi Ignacio and everyone, Names, Negotiations, ... I thought we won't have to deal with all that if we develop under open source/content :-). I think it is time to put everything out in the open since we don't appear to be able to sort things without some external help. After Minoru's SPRIRT was announced, Ignacio told me that he is worried that they will create a proprietary Projects Directory that will siphon readers away from his LinuxMedNews Projects List. I told him that his project list does not contain enough information and that if SPIRIT can provide a better service, then they deserve the readership. Since SPIRIT provides not much information publicly about how they will interface with LinuxMedNews, I can understand Ignacio's concerns. Being a man of action (and opportunity), I suggested to Ignacio that he can work hard to develop a better Project List that, in particular, should have facility for maintaining user feedback. In that way, we can all enjoy a better system regardless of what SPIRIT ultimately delivers. (I also thought it is possible to do better than what SPIRIT can deliver by being very focused on a narrow application and using OIO technology). I sent him a copy of source code for the OIO Library and told him that he could customize one of its modules to handle Projects listing rather than starting from scratch. Unfortunately, he was unable to do much with it. After realizing that, I began working on it myself and was able to go live several weeks ago. After that milestone, Ignacio indicated his willingness to syndicate the content - but, he was not able to modify his site to frame the content after several days. I offered to help him with modifying LinuxMedNews to do the framing properly and he accepted. LinuxMedNews was modified and it became the first site that began carrying content from the OIO Library as of 4 days ago. Now that everything is working, Ignacio is worried about the name. I am calling it the OIO Library and he would like me to change that name to LinuxMedNews project list. I told him that he can put whatever label his wants on the frames that surround the OIO Library content but the feed itself will clearly state who is running the database and editorial services, i.e. the OIO Library. In my view, while this is a small disagreement, it highlights the larger issues of content and rights to content. It appears that even having a open content license does not resolve all the issues. I still hope that the OIO Library can provide a service to LinuxMedNews (and maybe SPIRIT??? and other sites) through a syndication arrangement. Rather than needing to enter my project information and review of other people's projects into two directories (LinuxMedNews and SPRIRT), it makes lots of sense (as a user and project leader) to just do it in one place and know that the content will appear at several news and portal sites! What the OIO Library brings to the field is not just projects directory - but even more importantly the User Reviews! Others may do User Reviews through a portal - the OIO Library provides User Reviews through a free syndicated service! This is definitely not "your father/mother's" Projects list. I thought offering a free service plus using an open content license would do the trick. Ignacio to sell banner ads through the frames that surround OIO Library content and maybe SPIRIT and others will do the same - All because the OIO Library works great (I am biased) and it is free, open content, and doesn't even come with a pop-up ad. :-) But - names are important too. Any suggestions and guidance from the group? I have greatly benefited from the wisdom of many people on this list and have enjoyed a productive association with Ignacio. I am hopeful that we can extend our collaborative relationships through this discussion. (for those who are interested, my original reply to Ignacio's inquiry regarding the name of OIO Library was copied to the open-outcomes-editors mailing list - which is a private list for the editors of the OIO Library). Best regards, Andrew --- Andrew P. Ho, M.D. OIO: Open Infrastructure for Outcomes www.TxOutcome.Org Assistant Clinical Professor Department of Psychiatry, Harbor-UCLA Medical Center University of California, Los Angeles On Wed, 28 Mar 2001 07:54:51 Ignacio Valdes wrote: One word: Oops. This is going to be a bad hair day. -- IV Ignacio Valdes wrote: Please don't post these negotiations to the mailing list. Andrew, this is truly fundamental, if we can't agree on this then I will have to find another vehicle that will accomodate me however long this will take. This will only delay me, but there is no way that I can agree to your terms. I fail to understand why you are insisting on this. Can you tell me in concrete terms how this would not cause confusion and not siphon readers from my site by titling this the OIO Library only? It seems pretty
Re: tampering with electronic health records
P A - Internet to carry these datas, in XML pages, for example. From my point of view, XML is the best and the worst thing. Good because it is a modern data publishing tool, bad because people who don't undestand the difference between classification and description think XML is everything - in a contribution that never reached the list, I expressed very deep criticism in the way DocScope makes that mistake. For example, it is hard to express ontology based description with EN13606. Brian Bray Is this a problem with DocScope or with 13606? If DocScope is to use XML, it will be hard to ignore 13606. The *classical* approach based on data management only leads to over-weighted office management softwares. The new paradigm of knowledge management is a genuine challenge, because *man* is the more complex system ever created (I must confess - and Karsten will agree - that *woman* is probably more complex, but I shall never think of her as a system :-) ), and people that must service it (doctors) belong to a rather disseminated team. Now XML can be a modern way to transport highly structured datas (not easy, but usefull for knowledge management systems) or fresh painting to have horse carts look like automobiles. I am afraid DocScope, as expressed in the presentation, is based on that old mechanical approach. Lets meet in my office, I will show you the gap between standard DTDs and a system based on ontologies. Regards, Philippe Odyssee project www.nautilus-info.com
Re: Name.
Andrew po-jung Ho wrote: Hi Ignacio and everyone, Names, Negotiations, ... I thought we won't have to deal with all that if we develop under open source/content :-). I think it is time to put everything out in the open since we don't appear to be able to sort things without some external help. ...snip... Hmmm, it would seem to me that attribution and acknowledgement of authorship and effort are basic tenets of the open source movement. Andrew Ho, no doubt as a result of great perseverance and dedication in studying the often obscure Zope documentation, has managed to establish a better (but not perfect - too many levels of folders for my liking, and is there a master index?) catalogue of open source medical software than Ignacio Valdes. Andrew Ho has graciously offered to syndicate his site's content to LinuxMedNews, and has set perfectly reasonable terms for this syndication which include retention of the title in the relevant frame. So what is the argument? Ignacio Valdes can either accept these terms and use Andrew's site's content, with attribution in the form of an appropriate title, or he can maintain his own directory of open source medical software independent of Andrew. Ignacio needs to accept that pluralism is also at the heart of open source - if you are not satisfied with something, you are free to try to improve on it - either co-operatively in conjunction with the originator, but quite often competitively in opposition to the originator. A bit like Linux versus the various free *BSD systems. It seems that Ignacio has some growing up to do and he needs to accept that there will inevitably be other Web sites covering the same or similar territory as LinuxMedNews and that some of those sites will be better than his in at least some, and perhaps every respect. Tim Churches Sydney, Australia
Re: tampering with electronic health records
Is this ontology based system similar to GEHR and it's archetype definitions? Thanks, -- Tim Cook, President - FreePM,Inc. Hi, Currently, I don't know GEHR enough to be able to compare. I think both systems are complementary. I can (quickly) describe what Odyssee is. LEXIQUE : The very core of the system is the Lexique : currently a list of more than 35 000 (french) terms, each with a code. A good description of this set of terms would be "the words of medical langage" : so, you will find terms of anatomy, pathology, symptoms, units, biometry... Example : Hypertension artrielle / PHTA01 Kg / 2KG001 Poids / VPOID1 and so on... when 2 terms are genuine synonyms, only the last character of their codes change : HTA / PHTA02 SEMANTIC NETWORK : Nothing original : links between terms of the Lexique to give sens. Links can be "is a" or "belongs to" or "has unit" For example : colitis "is a" inflammatory disease / colitis "belongs to" colon / weight "has unit" Kg DESCRIPTION'S TREE : In Odyssee, we describe all that we can with trees. If we compare the Lexique with medical vocabulary, trees are sentences made of its words. Each node of a tree is an object with fields like Lexique's code/Complement (to store numbers or external codes)/Degree of evidence (from 0=no to 100=certain) Trees can also contain free text sentences. So, we can describe a polyp : Polyp - size -- 3 mm - aspect -- pediculated - location -- left transversal colon - treatment -- ablation --- material and so on... But also the whole colonoscopy (the above tree is a subtree of Description, wich is a subtree of Colonoscopy), or a GP examination, or Biological results (very narrow tree), or whatever you want. In Odyssee, each and every structured document is a tree ; you just have to look at the Lexique term at its root to know what it is. The whole patient record can even be seen as a huge tree with Lexique's term Patient as a root. Trees can be shown *as is* or, for report generation, be translated to natural langage sentenses (that remains virtual - only tree representation is stored). I forgot to say that every Odyssee document can be published as a HTML page, and when that document is a tree, the tree is hidden in the page. FILS GUIDES : Fils guides are probably the major difference between GEHR and Odyssee. Usually, doctors have first to choose a *model tree* (made by an *expert*) and instanciate what he wants to describe in it (when I say a *model tree*, it can be a form as well, a form being a narrow tree). There are two severe problems with that : first a *model tree* made by an expert carry expert's habits as well as expert's knowledge (usually knowledge is close from the leaves), then as you can't mix the trees, you have to choose that one or that one, but patient can have a proctological problem and a headache ! It is not easy to describe what Fils guides are, but I will try : Imagine some expert's trees, then take every branchs and take it apart : you get a set of *crossings*, each of them with some proposals (say one being size/aspect/location and another one moderate/mean/severe and so on). Now, you ask the experts "take each crossing, and tell me what would be the typicall (and more general) path in which that is a good proposal". The path is made with terms of the Lexique, and Jokers (* for every sequence, ? for a single term) for example "colonoscopy/*/polyp" is a path. Those objects, with a path and a set of proposals, are Fils guides ; for example (colonoscopy/*/polyp)-size/aspect/location Now, how does it work ? When you want to describe something (then building a tree), you can - at each step - validate a proposal (made by a Fil guide), or pick any term in the Lexique, or typing free text. If you have completed the tree with a term of the Lexique (first two choices), the system looks at the path you are now in, for example, you have just chosen "Dysphagia" and your path now is "GP examination/reason of encounter/dysphagia" and looks for the Fil guide which path is the closest from your actual path. If there is a Fil guide whose path is "GP examination/reason of encounter/dysphagia", it is immediately chosen, and its proposals become the new way to go forward. If there is no such path, the system will look for "GP examination/reason of encounter/X" where dysphagia "is a" X, and so on - the first (closest) found is chosen. You can imagine you will find a Fil guide whose path is "GP examination/*/dysphagia" or even "*/dysphagia" which is even less specific. That way you can mix experts knowledge, and have it come only when it is appropriate. You can make a set of Fils guides to a colleague, let him try it and keep it or put it apart. It is very important to understand that it is a *non deterministic* paradigm, that's to say that a very Fil guide can be called from a lot of different positions in a tree, and if you validate one of its proposals, you cannot guess which next Fil guide will be elected by the system
Re: tampering withelectronic health records
Good thinking! I suppose you would propose to keep the entire medical record in the Eternity Service? Definitely _not_ (although if it was encrypted before being given to the service it would garantee persistence of an encrypted record, accessible from anywhere, but only decryptable by the owner of the secret key, but that is another matter altogether.) the Eternity service cannot deliver both availability and confidentiality. That is the design trade-off. Granted, but you were only after availability were you not - worrying that somebody could delete the notarised hash of the message digest. Which having been through at least one one way crytpogtraphic function cannot be used to recreate the original confidential notes... BUt the maker of those notes could have been attacked by destruction at the notary of the record of signing of hte notes... But the cost is that anyone else will be able to use the same method and get your data. -- The data in this respect being the signature/notary stamp... Working as designed I think. -- Adrian Midgley Exeter http://www.swis.net/midgley/
Re: tampering withelectronic health records
Reply below. On Wed, 28 Mar 2001, Dr Adrian Midgley wrote: Good thinking! I suppose you would propose to keep the entire medical record in the Eternity Service? Definitely _not_ O.K. then let's examine your proposal in more detail. the Eternity service cannot deliver both availability and confidentiality. That is the design trade-off. Granted, but you were only after availability were you not - worrying that somebody could delete the notarised hash of the message digest. This is how we first discovered the vulnerability but the same vulnerability applies also to the source document. Just to keep things simple, let's only speak of the message digest. Even if you only store the message digest (and not the source document) in the Eternity service, how would you know which message digest in the Eternity service matches your source document? You need a key of some kind that is not stored in the Eternity service. And how are you proposing to protect that key from destruction? Maybe yet another Eternity service? I hope that helps illustrate the problem. Next step. What about using the source document itself as the key to retrieve the message digest from an Eternity service? This also won't work since the source document is just as vulnerable as anything else that is stored outside the Eternity service. Which having been through at least one one way crytpogtraphic function cannot be used to recreate the original confidential notes... As in most system vulnerabilities, the weakness is not in the cryto. It is in the protocol!!! BUt the maker of those notes could have been attacked by destruction at the notary of the record of signing of hte notes... That is another weakness but a given in trused third party schemes. The question at hand is that given a trusted third party that can counter-sign a message digest, what are the weaknesses and thus limitations to such a system. If you read my "balanced" review in the OIO Library, I have no reluctance in admitting that Horst's system is valuable and useful. That is why I think it deserves a closer review :-). But the cost is that anyone else will be able to use the same method and get your data. -- The data in this respect being the signature/notary stamp... Working as designed I think. Right. I agree with you. I merely wanted to point out that it does not protect against destruction attack. Horst and you claimed that it is easy to use wide-scattering / replication to reduce risk from destruction attack. I respectful submit my reasons for disagreeing and referred you to a more appropriate reference that describes an alternative approach that could achieve both non-repudiation and protection against destruction attack :-). Best regards, Andrew --- Andrew P. Ho, M.D. OIO: Open Infrastructure for Outcomes www.TxOutcome.Org Assistant Clinical Professor Department of Psychiatry, Harbor-UCLA Medical Center University of California, Los Angeles
REMOVE
I am not sure how I got on this database or discussion group, but how do I get off it? Is there a REMOVE procedure? Thank you, Richard -- Have a super day, ** Richard Costello, NCPS LAN/ITS Manager BS-History Comp.Sci; MA-Records Management; PhD-candidate Networking 4326 Mail Service Center Raleigh, NC 27699-4326 Email: [EMAIL PROTECTED] (919) 733-0892 office (919) 664-2137 pager (919) 733-9565 fax webpage: http://www.pubstaff.commerce.state.nc.us +++ Numbers 6:24-26 Tobit 11:14-15, Ps.117,150 ** begin:vcard n:Richard;Costello tel;pager:(919) 664-2137 tel;fax:(919) 733-9565 tel;home:(919) 664-2137 tel;work:(919) 733-0892 x-mozilla-html:FALSE url:http://www.pubstaff.commerce.state.nc.us org:NC Utilities Commission Public Staff;MIS version:2.1 email;internet:[EMAIL PROTECTED] title:LAN Manager adr;quoted-printable:;;4326 Mail Service Center=0D=0AM/S: Dobbs Bldg. Room 5018C;Raleigh;North Carolina;27699-4326;USA note;quoted-printable:430 North Salisbury St.=0D=0ARaleigh, NC 27603=0D=0A fn:Costello Richard end:vcard
Re: REMOVE
I too have the same issues, HOW DO GET OFF this mailing list! (Embedded image moved Richard Costello [EMAIL PROTECTED] to file: 03/28/2001 03:44 PM pic30106.pcx) Please respond to openhealth-list To: [EMAIL PROTECTED] cc: [EMAIL PROTECTED], [EMAIL PROTECTED], Ignacio Valdes [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: REMOVE I am not sure how I got on this database or discussion group, but how do I get off it? Is there a REMOVE procedure? Thank you, Richard -- Have a super day, ** Richard Costello, NCPS LAN/ITS Manager BS-History Comp.Sci; MA-Records Management; PhD-candidate Networking 4326 Mail Service Center Raleigh, NC 27699-4326 Email: [EMAIL PROTECTED] (919) 733-0892 office (919) 664-2137 pager (919) 733-9565 fax webpage: http://www.pubstaff.commerce.state.nc.us +++ Numbers 6:24-26 Tobit 11:14-15, Ps.117,150 ** (See attached file: Richard.Costello.vcf) pic30106.pcx Richard.Costello.vcf
Remove me
REMOVE How do I get removed from this mailing list - I'm not sure how I got on. Thanks in advance, Richard Ignacio Valdes wrote: Please don't post these negotiations to the mailing list. Andrew, this is truly fundamental, if we can't agree on this then I will have to find another vehicle that will accomodate me however long this will take. This will only delay me, but there is no way that I can agree to your terms. I fail to understand why you are insisting on this. Can you tell me in concrete terms how this would not cause confusion and not siphon readers from my site by titling this the OIO Library only? It seems pretty clear-cut to me that a Big Mac is a Big Mac, not a Ms. Baird's Big Mac even though they might make the buns. -- IV -- Have a super day, ** Richard Costello, NCPS LAN/ITS Manager BS-History Comp.Sci; MA-Records Management; PhD-candidate Networking 4326 Mail Service Center Raleigh, NC 27699-4326 Email: [EMAIL PROTECTED] (919) 733-0892 office (919) 664-2137 pager (919) 733-9565 fax webpage: http://www.pubstaff.commerce.state.nc.us +++ Numbers 6:24-26 Tobit 11:14-15, Ps.117,150 ** begin:vcard n:Richard;Costello tel;pager:(919) 664-2137 tel;fax:(919) 733-9565 tel;home:(919) 664-2137 tel;work:(919) 733-0892 x-mozilla-html:FALSE url:http://www.pubstaff.commerce.state.nc.us org:NC Utilities Commission Public Staff;MIS version:2.1 email;internet:[EMAIL PROTECTED] title:LAN Manager adr;quoted-printable:;;4326 Mail Service Center=0D=0AM/S: Dobbs Bldg. Room 5018C;Raleigh;North Carolina;27699-4326;USA note;quoted-printable:430 North Salisbury St.=0D=0ARaleigh, NC 27603=0D=0A fn:Costello Richard end:vcard
VIRUS coming through your mailing list!!!, Re: REMOVE
Hi Brian et al at Minoru, Please be advised that a virus is spreading through you mailing list. You may want to setup a delay and moderate all messages to control the spread. Good luck, Andrew On Wed, 28 Mar 2001, Richard Costello wrote: I am not sure how I got on this database or discussion group, but how do I get off it? Is there a REMOVE procedure? Thank you, Richard -- Have a super day, ** Richard Costello, NCPS LAN/ITS Manager BS-History Comp.Sci; MA-Records Management; PhD-candidate Networking 4326 Mail Service Center Raleigh, NC 27699-4326 Email: [EMAIL PROTECTED] (919) 733-0892 office (919) 664-2137 pager (919) 733-9565 fax webpage: http://www.pubstaff.commerce.state.nc.us +++ Numbers 6:24-26 Tobit 11:14-15, Ps.117,150 **
Virus clarification.
Thank you for your note to the Openhealth list regarding a virus. We are looking into the matter but at this point in time, we don't see any evidence of any attachments to messages that may contain a virus. In fact, the message size restrictions that have been in place since the creation of the list make it highly unlikely that an executable file of any size would be permitted. Nevertheless, we are monitoring all email traffic VERY carefully and will respond accordingly should we find the list is being used in an inappropriate or illegal fashion. Thanks again for your concern. -- Dave Scott Minoru Development Corporation; Minoru Development SARL The home of Openhealth(tm): http://www.openhealth.com 3, rue du Colonel Moll, 75017 Paris France +33.6.8750.2465 [EMAIL PROTECTED] On Wed, 28 Mar 2001, Andrew Ho wrote: Hi Brian et al at Minoru, Please be advised that a virus is spreading through you mailing list. You may want to setup a delay and moderate all messages to control the spread. Good luck, Andrew On Wed, 28 Mar 2001, Richard Costello wrote: I am not sure how I got on this database or discussion group, but how do I get off it? Is there a REMOVE procedure? Thank you, Richard -- Have a super day, ** Richard Costello, NCPS LAN/ITS Manager BS-History Comp.Sci; MA-Records Management; PhD-candidate Networking 4326 Mail Service Center Raleigh, NC 27699-4326 Email: [EMAIL PROTECTED] (919) 733-0892 office (919) 664-2137 pager (919) 733-9565 fax webpage: http://www.pubstaff.commerce.state.nc.us +++ Numbers 6:24-26 Tobit 11:14-15, Ps.117,150 **
Odyssee
On Wed, 28 Mar 2001 22:52:53 philippe Ameline wrote: ... FILS GUIDES : Fils guides are probably the major difference between GEHR and Odyssee. Usually, doctors have first to choose a *model tree* (made by an *expert*) and instanciate what he wants to describe in it (when I say a *model tree*, it can be a form as well, a form being a narrow tree). Hi Philippe, Very nice description. The most difficult part is the most facinating part. :-) I am most interested in the FILS guides since it embodies some probabilistic and (soft) constraint information. This is in sharp contrast with both GEHR and OIO where we use hard constraints. Of couse, part of this is because your tree is much bigger than our trees :-). You still have hard constraints which are the terms and links that make up your tree. In particular, your statement that a form is a special case of very narrow tree (which I also read on your web-site) nicely ties in with OIO's forms-based representation (that seeks to build a tree from forms). More below. There are two severe problems with that : first a *model tree* made by an expert carry expert's habits as well as expert's knowledge (usually knowledge is close from the leaves), then as you can't mix the trees, you have to choose that one or that one, but patient can have a proctological problem and a headache ! Therefore, you either need to allow flexible traversal of a giant tree or allow users to use more than one tree. Correct? It is not easy to describe what Fils guides are, but I will try : Imagine some expert's trees, then take every branchs and take it apart : you get a set of *crossings*, each of them with some proposals (say one being size/aspect/location and another one moderate/mean/severe and so on). Now, you ask the experts "take each crossing, and tell me what would be the typicall (and more general) path You are encoding probabilistic information there. What if different prior-conditions (i.e. higher up branch points) lead to different posterior probability? Do you recalculate at every step? Even with a simple scheme where you only encode the most likely branch, there could be so many possible combinations of prior-conditions that you will have a very large encoding task leading to very difficult traversal. How do you address this? ... That way you can mix experts knowledge, and have it come only when it is appropriate. You can make a set of Fils guides to a colleague, let him try it and keep it or put it apart. So a Fils guide is a preferred path through a tree? This is basically what a GEHR archetype and an OIO form is! The difference is that Odyssee lets the user change the "form" (or archetype) during data entry. ... you cannot guess which next Fil guide will be elected by the system (since it depends on the actual user's path). How well does it work in practice? It seems computationally intensive to use the user's current path to pick the best fitting Fils guide to apply. How many Fils guides have you tried in a given set? Do you give users' a choice to turn off the Fils guide? Well, if you are near Paris, I can show. Is this part of the downloadable package? In summary, I am very glad that you published your very nice description of Odyssee in your message! Please let me know if I am wrong in my understanding of your approach. I look forward to reading your response to my new questions and I look forward to reading Thomas' (from GEHR) comments for you! Best regards, Andrew --- Andrew P. Ho, M.D. OIO: Open Infrastructure for Outcomes www.TxOutcome.Org Assistant Clinical Professor Department of Psychiatry, Harbor-UCLA Medical Center University of California, Los Angeles Join 18 million Eudora users by signing up for a free Eudora Web-Mail account at http://www.eudoramail.com
No virus found on the Openhealth list
Just to update the group, we have analyzed the file attachment in the message reported by Andrew Ho. The file is an image that is included in Lotus Notes mail messages as a decorative element. We have scanned this image for possible hidden components and are pleased to report that there is nothing unusual about the file. If you are suspicious about any file attachment, please contact us and we will investigate. And please, if you are concerned about a file attachment, do not open or repost it. -- Dave Scott Minoru Development Corporation; Minoru Development SARL The home of Openhealth(tm): http://www.openhealth.com 3, rue du Colonel Moll, 75017 Paris France +33.6.8750.2465 [EMAIL PROTECTED] On Wed, 28 Mar 2001, Andrew Ho wrote: Hi Brian et al at Minoru, Please be advised that a virus is spreading through you mailing list. You may want to setup a delay and moderate all messages to control the spread. Good luck, Andrew On Wed, 28 Mar 2001, Richard Costello wrote: I am not sure how I got on this database or discussion group, but how do I get off it? Is there a REMOVE procedure? Thank you, Richard -- Have a super day, ** Richard Costello, NCPS LAN/ITS Manager BS-History Comp.Sci; MA-Records Management; PhD-candidate Networking 4326 Mail Service Center Raleigh, NC 27699-4326 Email: [EMAIL PROTECTED] (919) 733-0892 office (919) 664-2137 pager (919) 733-9565 fax webpage: http://www.pubstaff.commerce.state.nc.us +++ Numbers 6:24-26 Tobit 11:14-15, Ps.117,150 **
Apology, Re: Virus clarification
-- Forwarded message -- Date: Wed, 28 Mar 2001 15:12:47 -0800 (PST) From: Andrew Ho [EMAIL PROTECTED] To: Dave Scott [EMAIL PROTECTED] Subject: Re: Virus clarification. Hi Dave, Sorry to have raised the false alarm! I received 5 messages from two different individuals with similar attachments and got worried. You are right that these are rather small attachments and I did not scan them before sending my message. I am on a Linux machine so I don't have a virus scanner handy :-). Also, I got so many copies because the messages were copied to me directly and also multi-posted to several mailing lists that I subscibe to. I was swamped by about one virus attack each week through email over the last couple of month so I am quite jumpy about attachments. I apologize and will investigate more before sounding the alarm in the future. Thanks for looking into it, Andrew
META: How to unsubscribe from the openhealth-list mailing list.
To those who wish to unsubscribe, may I suggest that you send a message to the following address: [EMAIL PROTECTED] with the word "unsubscribe" in the subject line. More generally, if you forget how to unsubscribe to a mailing list, you can almost always find subscribe/unsubscribe instructions by going to the domain after the "@" symbol in the mailing list "From" header. For example, you could find subscription instructions for the "[EMAIL PROTECTED]" by going to http://www.minoru-development.com and following the links to "Services" -- "OpenHealth mailing list" While it takes a bit more time, it will prevent you from making what many perceive to be an irritating faux pas. If for some reason you can't find out how to unsubscribe by the procedure above, or your efforts to unsubscribe fail, then it is appropriate to politely ask how to unsubscribe on the main list. However, demanding to be unsubscribed e.g. "Unsubscribe me NOW!", making multiple requests in a short period of time, and writing in ALL CAPS will generally be perceived as quite rude. In addition, no one except for the list administrator and yourself can unsubscribe you. The list administrator may not monitor the main list all of the time (e.g. he may be on vacation, a business trip, etc.) so your messages will simply fill up the message boxes of the other 100's of subscribers, none of whom can do anything about it. Chris
Re: Mentor-lite WfMS planned to go open source!
You can use Orbacus 4.0, although they charge runtime fees now. But it is open-source. If you want a free ORB, you can try Jacorb: http://jacorb.inf.fu-berlin.de or OpenOrb (http://www.openorb.org) Dave Wayne Wilson writes: Bud P. Bruegger wrote: Well, it seems it's a good approach to just ask. The friendly guys at University of Saar Bruecken already plan to go open source. It will take a few more months to remove dependencies on proprietory code... Great. Someone, perhaps Dave Forslund, might suggest open source CORBA ORB's they could use to replace Iona's. We don't use ORB's in our work, so I don't really know what works well or not.
Re: No virus found on the Openhealth list
On Wed, 28 Mar 2001 18:48:23 John S. Gage wrote: I think it's wise at this point to clarify something. Andrew's message created the impression, at least in my weakened mind, that a virus could be sent in the body of an e-mail and result in infection *without* an attachment. Hi John, The suspicous email messages in question *did* contain an attachment! That is why I was concerned especially since I received 5 copies from two different senders all with similar payload. So, no, I am not suggesting a virus can hide in the body of a message. Dave is correct that the size of those email attachments are smaller than a typical virus (and that's why they got through their filter). But, based on their behavior (multiple postings from two sources), I thought it might very well be a new mailing list virus :-). Just me, always trying to discover something novel. I had previously thought that this was impossible, particularly if one were not using Outlook. Am I right, wrong, misguided? Can't say John. Doing the impossible is always an attractive challenge. Should always exercise "Universal precautions" :-) There is always a first time. I am sure that this is the current challenge facing our colleague who devote their time to creating new infectious life forms. Something small enough to get through size-based filters and/or executes/infects from the browser upon loading! Cheers, Andrew --- Andrew P. Ho, M.D. OIO: Open Infrastructure for Outcomes www.TxOutcome.Org Assistant Clinical Professor Department of Psychiatry, Harbor-UCLA Medical Center University of California, Los Angeles Join 18 million Eudora users by signing up for a free Eudora Web-Mail account at http://www.eudoramail.com
