Hi ECOFEMers: Please post the following "call for papers" on as many lists as you can. Thanks. CALL FOR PAPERS: International Ergonomic Association invites you to submit an abstract of a paper (10 min or 30 min) for a symposium or a special session for its 13th Triennial congress in Tampere, Finland, June 29 - July 4, 1997. Papers may be in the following area: Areas for Symposium or Special Session: SHE: Holistic Systems Approach: Safety, Health and Environment (SHE) are Components of a system. Their mission is to provide a safe and healthful environment. These components can not be truly bounded. They act and interact with each other to accomplish this mission. Holistic approach looks at this system as a whole and how a change in any component affects the system, other components, and the mission. Papers are being solicited. Jivan Saran, Professor, Central Missouri State University, Warrensburg, Missouri 64093-5030, USA; Tel/Fax: 1 816 747 8065, E-mail: [EMAIL PROTECTED] >From [EMAIL PROTECTED] Sun Mar 10 16:10:20 1996 by VAXF.COLORADO.EDU (PMDF V5.0-4 #12962) 10 Mar 1996 16:01:21 -0600 (MDT) Date: Sun, 10 Mar 1996 17:06:13 -0600 (CST) From: jivan <[EMAIL PROTECTED]> Subject: Vandana Shiva To: [EMAIL PROTECTED] Hi; Does anyone out there knows the email address, regular address, tel or fax of Vandana Shiva. I would appreciate any lead, Thanks . Jivan e-mail [EMAIL PROTECTED] >From [EMAIL PROTECTED] Sun Mar 10 18:39:45 1996 Date: Sun, 10 Mar 1996 17:39:41 -0800 (PST) From: "S. Grubb" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Fwd: FYI javascript (fwd) While we're talking about computers and the internet, check this out!! -Susan ---------- Forwarded message ---------- Date: Sun, 10 Mar 1996 15:50:34 -0500 (EST) From: Geoffrey F Sauer <[EMAIL PROTECTED]> Subject: Fwd: FYI javascript Hi, For those of you who use the latest version of Netscape, I enclose this message from RISKS DIGEST (an online journal devoted to issues around Internet computer systems security). It seems that the programming language supported by Netscape 2.0 (JavaScript) allows any web site to ask your copy of Netscape to send the server a complete list of the files on your hard drive (and/or any floppy disks currently in the computer). This is a severe security bug. It would allow web sites to collect _a great deal_ of information about readers, without their knowledge or consent. I've just written a small Java file that could collect such information from reader's hard drives, and tested it. It _does_ work. I don't intend to put it on the Server (!), but I wanted to be convinced that this message raises valid concerns. It seems to. And this problem doesn't seem to be repairable, because it's essential to Java's functionality. Some of you might wish to reconsider using Netscape 2.0, at least until some reasonable protection for users (possibly a 2.0.1 patch) is distributed to address this problem. Geoff ---------- Forwarded message begins here ---------- Date: Thu, 7 Mar 96 11:28 PST From: [EMAIL PROTECTED] (John North) Subject: Re: Fwd: From RISKS DIGEST 17.83 (fwd) Sender: [EMAIL PROTECTED] >On Mar 5, 3:08pm, John North wrote: > >> I'M STUNNED! Do you think Java's ability to harvest recently accessed URLs >> was done on purpose? Oh my, what's the world coming to? > >There's a big debate on [EMAIL PROTECTED] about this right now...the >method used is really simple and pretty much inherent to a lot of JS >functionality. JavaScript has the ability to access the <A HREF> (ie, links) >on a page, as well as load the contents given links. > >If JS accesses a URL like "file:/", then the root directory is printed, just >like in Netscape 1.1 . . . but now JS can capture every one of those files as a >link, and continue tranversing down a directory tree. > >For a demo of directory hierarchy capture, check out: > http://www.osf.org/~loverso/javascript/dir.html > >For a demo of tracking: > http://www.osf.org/~loverso/javascript/track-me.html > >Scary. VERY scary. Especially if you've just written an app that relies on JS >for the !$%!^@#$^@% web interface . . . (the sound of flushing you just heard >was either Netscape's stock price, or my project, going down the tubes). > >Brian Thx for the feedback. It's not that such data harvesting capabilities are inappropriate per se, what IS inappropriate is the lack of preemptive disclosure by vendors in general and lack of layperson access to toggling such powerful 'features' on or off. So much for the presumption of an ever advancing society of equals between vendors and their customers. Our vigilance remains ever critical. Good luck on your project. John ___________________________________________________________________ Geoffrey F.K. Sauer Literary and Cultural Theory Postmaster, the English Server Carnegie Mellon English Dept. [EMAIL PROTECTED] Pittsburgh, PA 15213-3890 US http://english-www.hss.cmu.edu ___________________________________________________________________
