I recently had the same trouble with the Centers for Disease Control (CDC) - who were calling around to followup on infant influenza innoculations given last fall.
Ultimately, they wanted me to provide authorization to them to receive HIPPA protected patient records from my son's pediatrician, and I couldn't figure out how to get them to definitively pursuade me that they were really the CDC, who I was willing to be so authorized. Such research MAY be appropriate, and in this case, I'm a believer in the flu shots, and am generally supportive. But, while I could (and had to) identify myself to them (it was a random-number dial canvas), they had no way, short of giving me an 800 number to call (with obvious trust bootstrap problems with that) to get past it. Eventually, I found enough information on the CDC websites (assuming that DNS wasn't hacked, that my ISP wasn't redirecting my http queries to a Russian web site, and that the CDC site hadn't been hacked) to cooperate (talked with 2 supervisors, 5 followup canvasers, etc.) This is a problem that "real life" has. This sort of problem has been around since telephones came into existence (I didn't think to check the caller-id on the call, presuming it would point me to a call center located somewhere on the planet). We cope. And when the annoyance gets too bad, we kvetch, pass laws, and file law suits. Isn't that pretty much what's happening, now? Thought-control countries present separate problems (whether that's the Patriot Act or the Chinese censorship of SMS messages). For them, we have to rely on the Internet to route around censorship. And facilitate alternate routes (silent ones?) when the routers are own3d by the censors. (sorry - cross-over to another thread). Ed >>> Dave Howe <[EMAIL PROTECTED]> 7/3/2004 8:22:56 PM >>> Joseph Ashwood wrote: > I am continually asked about spam, and I personally treat phishing as a > subset of it, but I have seen virtually no interest in correcting the > problem. I have personally been told I don't even know how many times that > phishing "is not an issue." Well if nothing else, it is impossible for my bank to send me anything I would believe via email now.... To take this even slightly more on-topic - does anyone here have a bank capable of authenticating themselves to you when they ring you? I have had four phone calls from my bank this year, all of which start out by asking me to identify myself to them. When I point out that they must know who I am - as they just phoned me - and that I have no way of knowing who they are, they are completely lost (probably takes them away from the little paper script pinned to their desk) --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED] --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]