From warnold Tue Nov 26 07:17:44 1991
Received: by eff.org id AA09197
(5.65c/IDA-1.4.4 for cafb-list@eff.org); Tue, 26 Nov 1991 12:17:53 -0500
Reply-To: comp-academic-freedom-talk
From
From: comp-academic-freedom-talk
Precedence: bulk
To: comp-academic-freedom-talk
Errors-To: comp-academic-freedom-talk-request
Date: Tue, 26 Nov 1991 12:17:44 -0500
X-Digest-Sender: "William W. Arnold"
Message-Id: <199111261717.AA09190@eff.org>
Subject: Computers and Academic Freedom mailing list (batch edition)
Computers and Academic Freedom mailing list (batch edition)
Tue Nov 26 12:17:18 EST 1991
[For information on how to get a much smaller edited version of the
list, send email to archive-server@eff.org. Include the line:
send acad-freedom caf
- Billy ]
In this issue:
kadie@eff.org (Car : CAF bibliography
kadie@cs.uiuc.edu : (comp.admin.policy) Re: (Warning procedures) Re: Re; Brack
kadie@eff.org (Car : Abstract of CAF-News 01.39
chooper@cc.curtin. : Re: Schools that outlaw on-line searches of library catal
nbc2134@dsacg2.dsa : Re: Reply from Boston U. Wanted! Was: Re: Schools that ou
brack@uoftcse.cse. : Re: System Accounting: Fascist
kadie@eff.org (Car : Re: System Accounting: Fascist
kadie@eff.org (Car : Re: Reply from Boston U. Wanted! Was: Re: Schools that ou
The addresses for the list are now:
comp-academic-freedom-talk@eff.org - for contributions to the list
or caf-talk@eff.org
listserv@eff.org - for automated additions/deletions
(send email with the line "help" for details.)
caf-talk-request@eff.org - for administrivia
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: CAF bibliography
Message-ID: <1991Nov24.005758.19865@eff.org>
Date: Sun, 24 Nov 1991 00:57:58 GMT
=================
bibliography
=================
This is an unorganized list of books related to Computers and Academic
Freedom.
In the future, this list should be organized by
* putting listings in standard form
* referencing CAF notes that reference these books
* annotating the listing with brief comments
---------------------
ACLU's Handbook on the _Rights of Authors and Artists_ (1984).
ACLU handbook _The Rights of Teachers_, revised edition, by David
Rubin, 1984
_A Practical Guide to Legal Issues Affecting College Teachers_ by
Partrica A. Hollander, D. Parker Young, and Donald D. Gehring.
(College Administration Publication, 1985).
_School Discipline and Student Rights: an advocate's manual_ by Paul
Weckstein, revised edition, 1982, Center for Law and Education.
_The Redefinition of the Exclusionary Rule as to Student Procedural
Due Process in High Education_. A monograph from the Office of the
General Counsel [of Southern Illinois University] by Dr. Larry L.
French, General Counsel, 1977.
_Procedural due process guidelines for disciplinary hearings resulting
in suspension or expulsion in higher education_ by Ernest T. Buchanan
III. Published by Education/Law Research Associates, 1972
_Teacher's and the Law_, 3rd edition, by Louis Fischer, et al.
Published in 1991 by Longman.
_In the Interest of Children_, R. Mnookin (Ed.), Franklin E. Zimring
and Rayman L. Solomon (Contrib. Authors).
_The First Amendment Book_ by Robert J. Wagmam
ACLU's Handbook _The Right of Students_ 3rd Edition
by Janet. R. Price, Alan H. Levine, and Eve Cary.
_Due Process for School Officials: A Guide for the Conduct of
Administrative Proceedings_ by Edgar H. Bittle (1986)
_Public Schools Law: Teachers' and Students' Rights_ 2nd
Ed. by Martha M. McCarthy and Nelda H. Cambron-McCabe, published in
1987 by Allyn and Bacon, Inc.
_Law of the Student Press_ by the Student Press Law Center (1985,1988)
_50 Ways to Fight Censorship & Important Facts to Know about Censors_
by Dave Marsh. Published by Thunder's Mouth Press in 1991>
_American Library Laws_ (5th edition)
_Cuckoos Egg_
_Prelude to Foundation_
_American Psycho_
_The Joy of Lesbian Sex_
_SpyCatcher_
_Libraries, Erotica, and Pornography_
_Censorship, Libraries, and the Law_
_A Book of French Quotations_, Norbert
Dorothy L. Sayers, _Busman's Honeymoon_
_Constitutional Law_ by William Lockhart
_The Dictionary of Computer Terms_ (2nd Ed.), by Barron's
_Anarchist Handbook_
_The Freedom to Publish_ edited by Haig A. Bosmajian. Published by
Neal-Schuman Publishers 1989
_The Freedom to Read Books, Films, and Plays_ edited by Haig A. Bosmajian
_Freedom of Religion_ edited by Haig A. Bosmajian
_Freedom of Expression edited by Haig A. Bosmajian
_Academic Freedom_ edited by Haig A. Bosmajian
ALA Policy Manual
_Intellectual Freedom Manual_ Third Edition, published by the American
Library Association.
343.730998P782T POOL, ITHIEL DE SOLA, 1917-
TECHNOLOGIES OF FREEDOM$ CAMBRIDGE, MASS. 82-24498
Academic Freedom and Catholic Higher Education by Annarelli.
Policy Documents and Reports by the AAUP
KF4225.A59B45 BICKEL, ROBERT D.
THE COLLEGE ADMINISTRATOR AND THE COURTS$ ASHEVILLE, N.C. 79-107650
379.14C686 THE COLLEGE STUDENT AND THE COURTS $ASHEVILLE, N.C 76-648745
1929528 1 ADDED: 790609 SER
379.1402H71L HOLLANDER, PATRICIA.
LEGAL HANDBOOK FOR EDUCATORS $BOULDER, COLO 77-26092
PN4748.D44S871989 SUSSMAN, LEONARD R.
POWER, THE PRESS AND THE TECHNOLOGY OF FREEDOM$ NEW YORK, N.Y. 89-16806
KF2750.G67X GORA, JOEL M. THE RIGHTS OF REPORTERS$ NEW YORK 74-21647
3504663 1974 1 ADDED: 890304
025.21878R272C REICHMAN, HENRY, 1947-
CENSORSHIP AND SELECTION$ CHICAGO, ILL. 88-16815
025.213B393 MICHIGAN LIBRARY ASSOCIATION. INTELLECTUAL FREEDOM COMMITTEE.
BEFORE AND AFTER THE CENSOR$ MICHIGAN
QA76.9M65F671990 FORESTER, TOM. COMPUTER ETHICS$ OXFORD, UK 89-28265
581358 1990 1 ADDED: 901227
016.37914T43S TICE, TERRENCE N
STUDENT RIGHTS, DECISIONMAKING, AND THE LAW $WASHINGTON 77-985494
KF4175.Z9F55 FISCHER, LOUIS,1924- TEACHERS AND THE LAW$ NEW YORK 80-23394
515737 1981 2 ADDED: 810815
KF4243.H41986 HENDRICKSON, ROBERT M.
THE COLLEGE, THE CONSTITUTION, AND THE CONSUMER STUDENT$ WASHINGTON, D.C.
KF4243S881983 STUDENT AFFAIRS AND THE LAW $SAN FRANCISCO 82-84204
376685 1983 1 ADDED: 840209
174P238EA PARKER, DONN B.
ETHICAL CONFLICTS IN INFORMATION AND COMPUTER SCIENCE, TECHNOLOGY, AND BUSINESS
$ WELLESLEY, MASS. 89-38890 318040 1990 1 ADDED: 910627
025.21878AM35W
:AMERICAN LIBRARY ASSOCIATION. OFFICE FOR INTELLECTUAL FREEDOM.:
WORKBOOK FOR SELECTION POLICY WRITING$ CHICAGO
Z658.U5F571984 MCCOY, RALPH E. (RALPH EDWARD), 1915-
THE FIRST FREEDOM TODAY$ CHICAGO 84-461
Z658.U5F571984 MCCOY, RALPH E. (RALPH EDWARD), 1915-
THE FIRST FREEDOM TODAY$ CHICAGO 84-461
*Charter 19 book
*interlibrary loan book
--
Carl Kadie -- kadie@eff.org, kadie@cs.uiuc.edu, or (anonymous) ap.4352@hri.com
I do not represent EFF; this is just me.
-------------------
From
From: kadie@cs.uiuc.edu (Carl M. Kadie)
Subject: [comp.admin.policy] Re: (Warning procedures) Re: Re; Brack Expulsion. What Happened?
Message-ID: <9111241722.AA02992@m.cs.uiuc.edu>
Sender: kadie@cs.uiuc.edu
Date: 24 Nov 91 05:22:36 GMT
From
From: phillips@syrinx.umd.edu (Felan shena Thoron'edras)
Subject: Re: (Warning procedures) Re: Re; Brack Expulsion. What Happened?
Message-ID: <10388@umd5.umd.edu>
Date: 18 Nov 91 16:47:17 GMT
In article scs@iti.org (Steve Simmons) writes:
>phillips@syrinx.umd.edu (Felan shena Thoron'edras) writes:
>Explaining the admins job to users isn't part of the admins job. Nor
>should it be. The confusion here is who the admin is providing service
>to, the computer or the users. In a significant number of shops, it
>is to the computer. User service should be an entirely different arena.
So the users shouldn't even be talking to the admin. _Someone_ should
explain _why_ it's impossible to help _right this minute_. User support
if you've got one. Your boss if necessary (last resort, though).
Honest: explaining _why_ really does help. For some, anyway. At least,
for one (which, logically, is also some). Knowing _why_ will leave me
a bit frustrated, but accepting (and leads to me doing things like saying
"well, okay, you can't fix this software right now...but if I ftp it from
somewhere, and compile it and test it, will you put it into the right
directory so everyone else who needs it has it too?". So far, the admins
I've tried this on have been perfectly happy to let me do that (for
software they wanted on their machine, at least). I think it works out
well).
>The real issue is user training/help vs admin staff responsibilities.
>A well-run semi-public site must provide both, and must realize that
>they are two quite different skills. The person who can make your
>system run like a bat out of hell is rarely the same one who can deal
>one-on-one with non-computer staff who are inadvertantly using the
>systems in ways other than those intended.
So have user support, and admins, and make sure the _users_ know they're
separate; make sure the users know that the user support will deal with
the admins if the users need it. That's how it works at my school, and
it works pretty well, I think (except for people like me who do things like
offer to put in the software we want ourselves; we go to the admin...through
mail, so he has time to respond when he has time to respond)...
But user education is _important_. Knowing everything, or at least the
background thereof, of what's going on (in a general way) with the
computer helps a lot in making the users understand things like why the
system is _always_ slow in the middle of the night (backups), or why the
links can crash, on Bitnet (there's a thunderstorm up near our link site,
do you _really_ expect the phone line to stay working through that, no
matter what? Of course not, no more than normal phone lines; if a tree
falls on it, whammo, no phone line, and no phones/computers), etc. It
does help.
It's even more important for _policy_ such as "no multiple copies of
100 page documents, please" and things like that. If they know why,
they're more likely to accept it as reasonable.
Leanne Phillips
"Go not unto the Elves for counsel, for they will say both yea and nay."
"Now is _not_ a good time, Keiko!" - Worf, "Disaster"
"Variety is the spice of life, and I don't want to die." - Scott Borst
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: Abstract of CAF-News 01.39
Message-ID: <1991Nov24.232410.13856@eff.org>
Date: Sun, 24 Nov 1991 23:24:10 GMT
This is an abstract for the most recent "Computers and Academic
Freedom News" (CAF-News). Information about CAF-News followings the
abstract. The full CAF-News is available via email. Send email
to archive-server@eff.org. Include the line:
send caf-news cafv01n39
--- begin abstract ---
[Week ending November 24, 1991
========================== KEY ================================
The words after the numbers are a short PARAPHRASE of the
article, NOT AN OBJECTIVE SUMMARY and not necessarily my opinion.
===============================================================
Notes 1-2 are about academic freedom incidents.
1. (A student:) Mohawk Valley Community College suspended my computer
access (without any hearing) for 1) setting the (correct) time on the
PCs in the lab where I worked and 2) sharing simple utility programs
with other users. Administrative appeals were futile. I failed my
English class when the sys admin refused to give me copies of my
files. I eventually transferred to another school.
<1991Nov15.152856.25079@pool.info.sunyit.edu>
2. According to the LA times, 'A reproduction of a famous Goya
painting of a nude woman has been taken down from a classroom wall at
Penn State following a complaint from a woman professor that it was a
form of sexual harassment.' The painting was moved to the student
center. When we can't leave, "[w]e should "be free *not* to be
subjected to things we find offensive ...".
<91319.162616JKH107@psuvm.psu.edu>
Notes 3-7 are about Steven Brack and Ohio State University.
3. (Steven Brack:) "The only action I ever performed that had any
impact on the system was the fixman command". I ran it the because its
manual page led me to think that it would improve the display time of
my manual pages. My action was noticed because fixman acts globally,
not locally, and because it kept running (for hours) after I thought
that I had killed it.
<9111190335.AA14297@uoftcse.cse.utoledo.edu>
4. "This brings up an interesting point. Should administrators
remove/disable the man pages for administrative commands? "Perhaps a
blanket note in the admin man pages is appropriate; something like
'This is an administrative commands; general users should not execute
it. This man page is provided for information ONLY!' might do the
job."
<1991Nov19.215003.27317@ms.uky.edu>
5. (Steven Brack:) "I did everything I could to get the charges &
specifications, but OSU wouldn't give them to me." Also, "[a]lthough I
disagree that my actions needed defending, I did defend them [at the
formal hearing]. I explained each action in terms of why I did it &
what its effect was. I also explained how little guidance I had from
ACS as to what was permissible & what wasn't."
<9111190356.AA14385@uoftcse.cse.utoledo.edu>
6. (Steven Brack:) "I am retaining counsel, and will fight OSU from a
legal standpoint, rather than being trapped playing their game, by
their rules, on their field."
<9111190340.AA14311@uoftcse.cse.utoledo.edu>
7. A student should be given the findings of fact upon which the
formal hearing board bases its decision. In the Brack case, no
findings of fact were given. This is unfair and likely illegal. (Legal
references are enclosed.)
<1991Nov19.192831.1996@eff.org>
Notes 8-9 are about universities and the law.
8. According to a monograph (with legal references) by the General
Counsel of Southern Illinois University: State universities are
constrained by the 14th amendment. The _Goss v. Lopez_ due process
decision applies to public universities as well as to secondary
schools. Students subject to expulsion or long-term suspension must be
given adequate notice (i.e. written, explicit, specific) of charges.
<1991Nov23.190239.14673@eff.org>
9. According to a law book: "'In _Papish v. Board of Curators of
University of Missouri ... the high Court ruled that the use of
["motherfucker"] in a paper distributed on a college campus was not
disruptive of the school environment."' Student control of media
decreases the chance university liability. "[T]he _Hazelwood_ decision
that allows censorship of sponsored high school newspapers does not,
according to a footnote in the decision, apply to universities."
<1991Nov19.202845.3261@eff.org>
Notes 10-12 are on miscellaneous topics.
10. (A sys admin:) The goal of limiting the user-admin ratio is
worthy, but difficult. The goal of communicating and educating users
is practical and productive.
<1991Nov18.150215.11121@ms.uky.edu>
11. Enclosed is the privacy policy for the University of Pennsylvania
Campus Wide Information System (CWIS). It ways that
personally-identifiable use records will not be kept.
<199111221525.AA11205@eff.org>
12. Rules that outlaw offensive computer expression also outlaw
on-line searches of library catalogs because many catalogs contain
offensive titles.
<1991Nov21.182340.11577@eff.org>
- Carl]
--- end abstract ---
CAF-News is a weekly digest of notes from CAF-talk.
CAF-News is available as newsgroup alt.comp.acad-freedom.news or via
email. If you read newsgroups but your site doesn't get
alt.comp.acad-freedom.news, (politely) ask your sys admin to
subscribe. For info on email delivery, send email to
archive-server@eff.org. Include the line
send acad-freedom caf
Back issues of CAF-News are available via anonymous ftp or via email.
Ftp to ftp.eff.org. The directory is pub/academic/news. For
information about email access to the archive, send an email note to
archive-server@eff.org. Include the lines
send acad-freedom README
help
index
Disclaimer: This CAF-News abstract was compiled by me, Carl M. Kadie.
It is not an EFF publication. The views I express and editorial
decisions I make are my own.
--
Carl Kadie -- kadie@eff.org, kadie@cs.uiuc.edu, or (anonymous) ap.4352@hri.com
I do not represent EFF; this is just me.
-------------------
From
From: chooper@cc.curtin.edu.au (Todd Hooper)
Subject: Re: Schools that outlaw on-line searches of library catalogs
Message-ID: <1991Nov25.120702.10871@cc.curtin.edu.au>
Date: 25 Nov 91 04:07:01 GMT
Article-I.D.: cc.1991Nov25.120702.10871
References: <1991Nov21.182340.11577@eff.org> <1991Nov22.155626.11919@eff.org> <1991Nov22.183858.26504@ms.uky.edu>
In article <1991Nov22.183858.26504@ms.uky.edu>, morgan@ms.uky.edu (Wes Morgan) writes:
> How about appending the phrase "when applied to individuals" to these
> four statements?
I think half the problem with most of the policies quoted is that they don't
have the word 'unsolicited' in them. Sure, if someone sends you mail that is
unsolicited and contains swearing, it is probably harassment. But if you went
out of your way to get something offensive, you've solicited it. The same goes
for an online library search.
Including the magic word also frees up posting to groups like alt.sex. Sure, a
users posting might be offensive in some peoples views. But a group such as
alt.sex effectively solicits a posting of this nature, so there is no problem.
On a side note, this whole OSU thing has rather soured my view of that
institution. Conciously or not, OSU will always be associated in my mind with
the shootings in the sixties (?) and the Brack case.
Todd
-------------------
From
From: nbc2134@dsacg2.dsac.dla.mil (Robert F Solon)
Subject: Re: Reply from Boston U. Wanted! Was: Re: Schools that outlaw on-line
Message-ID: <9111251335.AA11482@dsacg2.dsac.dla.mil>
Sender: nbc2134@dsacg2.dsac.dla.mil
Date: 25 Nov 91 03:35:41 GMT
In reply to the mail from ...
-------------------------------------------------------------------------------
>
>nbc2134@dsacg2.dsac.dla.mil (Robert F Solon) writes:
>
>[...]
>>It's your interpretation of the B.U. policy fragment which is
>>unreasonable, not the policy itself.
>[...]
>
>As specified in the first note, the full policy is available via
>anonymous ftp as ftp.eff.org:pub/academic/polices/bostonu.edu. In
>addition, it is available via email. Send email to
>archive-server@eff.org. Include the lines:
> send other-comp-policies bostonu.edu.
>
>The full rule is:
>
> 5. You must not use the system irresponsibly, or needlessly affect
> the work of others. This includes transmitting or making accessi-
> ble offensive, annoying or harassing material; intentionally dam-
> aging the system; intentionally damaging information not belonging
> to you; or intentionally misusing system resources or allowing
> misuse of system resources by others.
>
>I argue that:
>
>1) The rule clearly says that making offensive material accessible is
>irresponsible (and/or needlessly affects the work of others). And that
>such irresponsibility is prohibited.
Granted.
>
>2) If it is irresponsible and bad for a user to make offensive
>material available, then it is at least as as irresponsible and bad
>for the University to make offensive material available.
1. The inverse is not always true. You are asserting that, since it's bad
for a user to do something, it also bad for the University. You must proove
your assertions before they can be accepted. You have not done so, therefore
your interpretation is unreasonable.
2. The policy is written for users. Nowhere is the University as a user
implied or stated. Attempting to infer an extension to the University is
unreasonable.
3. It is not the role of the University to determine what is permissable and
what isn't, in this context. Apparently you would like the University to
censor all bulletin board access. Of course, this goes totally against
practically everything you have stated about academic freedom to date. Users
must take responsibility for themselves. There's not reason to expect or
require the University to do so. Given the implications of your position, it
is unreasonable.
>
>3) By the criteria use by the FCC and the Supreme Court, the titles of
>some books are offensive.
The FCC and the USSC were refering, I believe, specifically to broadcast
media, where there is some lack of control on the part of the viewer, i.e.,
the user cannot know ahead of time that something one is about to view will be
offensive to one. In this context, however, the user has requested material
with the expectation that one might find potnetially offensive material. The
difference here turns on whether the material was requested; (I refer to other
responses to this thread that have already advocated this position) since it
was requested, and since in order to get a list of books with titles
containing the word "fuck" in them (as per your original example), one must
_ask_ for such a list with specific search criteria, the FCC and USSC policies
do not, barring appropriate case citations, specfically apply here.
>
>4) Therefore, the Boston University should either change its policy or
>stopping making library catalogs available.
The Boston University policy does not on its face prohibit searches of on-line
catalogs. The policy refers to making offesive material available to others;
the University has no responsibility to ensure that individuals users, working
on their own, are not offended. If I were to save the results of my search
and then post them or mail them to others, and they were offended, then my
actions would violate the B.U. policy. Simply conducting a search for my own
uses does not. It is unreasonable to believe otherwise.
Bob Solon, DSAC-BCC
Administrative Information Branch -- APCAPS
"We Code, You Explode!!"
-------------------
From
From: brack@uoftcse.cse.utoledo.edu (Brack)
Subject: Re: System Accounting: Fascist Tool?
Message-ID: <9111251523.AA05399@uoftcse.cse.utoledo.edu>
Sender: brack@uoftcse.cse.utoledo.edu
Date: 25 Nov 91 15:23:48 GMT
In article <1991Nov20.141526.10801@ms.uky.edu> you write:
> brack@uoftcse.cse.utoledo.edu (Brack) writes:
> >> > The system was set up to log everything, including what commands
> >> > were run. The sysadmins seem to operate in full fascist mode most
> >> > of the time, and so tend to notice everything, no matter how minor.
> >>
> >> Um, I wouldn't call it fascist mode. Most systems run some form of process
> >> accounting. Any user can check the actions of any other users.
> >
> > I'm talking about how sensitive they were to the one command.
>
> Well, I must admit that I would be surprised (and perhaps concerned) to
> see a "regular" user executing an "administrative" command. My level of
> concern would reflect the possible impact of that particular command. A
> user running, for instance, acctcom (review accounting data) is not going
> to get the same treatment as one running (or trying to run) fsck (file sys-
> tem integrity checker).
Agreed. But, I hold that there were better ways to resolve the admins'
concern than locking me out of my account.
>
> >> So someone did a ps(1) and saw your process; that isn't really "fascist
> >> mode" operation. Any user at all could have seen that job running.
> >
> > How many sysadmins have the time to sit around ps'ing their
> > users?
>
> Well, I'm usually logged in to at least one of our systems at any given
> time. I usually run a ps about once an hour (if/when I think of it). Part
> of my job is system configuration/tuning; to do that properly, I *have* to
> keep track of what the users are doing. I also review the previous day's
> accounting each morning. If I see that an administrative command was
> run, *and* I know that the staff didn't run it (easy to do; we only have
> 5 people on staff), I might set up a filter to watch for the execution of
> that command.
But isn't ps a little wasteful, since system accounting keeps this
sort of information anyway? At the least, a cron process with output
piped to a file would be a better use of admins' time, as the created
file could be reviewed automatically, preserving users' privacy.
>
> > They probably had to be watching all users very closely to have
> > noticed me running fixman.
>
> Well, you said that it ran for about 3 hours, even though you thought you
> had killed it. I would *definitely* notice a program that had been running
> for several hours.
I've logged off without terminating rn, & come back days
later to find the process still running.
>
> > Also, I don't think it's the admins'
> > business what notesfiles I read,
>
> It's the business of one admin, the news administrator. Many sites base
> their feed on readership statistics. The only way to find that informa-
> tion is to keep stats on which users read which groups. I agree that the
> information should be kept "blind"; the reports should only say "X users
> read sci.foo", not "Joe Shmo reads sci.foo".
I agree that it is the news admin's business to know what newsgroups
the users, as a group, read, not that the consultant noticed that user
foobar was reading alt.sex.really.disgusting.stuff.
>
> > or who I "mail" to.
>
> Again, there's one admin who needs that information; in this case, it's
> the postmaster. Frequent mail to a given site usually indicates that
> the site should be included in /etc/hosts (to ensure a direct delivery
> instead of a multi-site routing; we *do* want to make the mail system
> more efficient, you know). Some sites (such as ours) are also
> asked to provide reports of facilities use on a departmental basis. In
> that case, I'd go through the mail log, extract all users in a given
> department (cross-index to password file), and generate the report. As
> in the situation above, the information is "blind"; my reports say things
> such as "Electrical Engineering students have sent XXXX mail messages this
> month, of which YYY were local, ZZZ were on-campus, and AAA were off-campus"
> instead of "Joe Shmo sent XX messages to these sites......". We have some
> classes in which electronic mail is used for class assignments/discussion.
> Professors/academic staff have a natural interest in the effectiveness of
> their method; as a result, we have to prepared to give them a general re-
> port of the type I described.
As you said, this should be blind. Admins should not know which sites
or users send mail to me, or which sites or users I send mail to.
The most invasive postmaster action I could forsee as not being an
invasion of privacy is the monitoring of mail volume, for the
purpose of enforcing policies against running mailing lists &c.
>
> There are occasions on which I do look at an individual's mail usage.
> As part of my normal diagnostics, I extract all the error messages from
> the mail logs. If I see that a particular user has a lot of problems,
> I'll send that user some email to offer help. That's between me and
> that user; I certainly don't broadcast the information.
OK. THere are two instances when I could see personal mail review as
a "good" thing. But, in neither of the above examples do you monitor
users' mail for later administrative use. From my own experience,
the only reason I can see for being implicated in the forgeries
from egee@nyx.cs.du.edu was that I received e-mail from that account.
Since I didn't forward the message to my admins 8), how did they
find out about it?
>
> > But that's not
> > the point. Statistics can be taken from syslog files without ever
> > associating a process with a user.
>
> Yes, they can; however, the default accounting tools link the information
> with a userid. I have written shell scripts to extract the information I
> need in a "blind" manner; I'm sure that many sysadmins have not.
Yes, and on most systems, root is defaulted to world write.
Just because something is the default behavior of Un*x doesn't mean
that it is a "good thing," & shouldn't be an excuse for not
making the necessary changes.
>
> > I grant your point. But when any process, including accounting, is
> > used to "persecute" (not exactly what I mean, but I'm tired) a user,
> > it becomes a bad thing. I believe a shell script could give
> > usage statistics without revealing users' "private" information.
>
> Agreed. Many sysadmins, for whatever reason, choose to use the built-in
> accounting tools.
>
> Part of the problem is the basic design of the Unix operating system.
> Unix has always been an extremely open OS; any user can get a huge
> amount of infomation about the system and its users. Some vendors are
> trying to overcome this; there are some very secure variants of Unix
> available (Gould UTX and AT&T System V MLS come to mind; both of those
> have been certified as B1-capable by the NCSC). However, academic
> installations have traditionally maintained the "open" nature of Unix.
> In a situation such as this, it becomes the admin's responsibility to
> safeguard the information to which he has access. Some admins do a
> better job than others; you can't lump us all in the same group.
If the sysadmin community doesn't want to be tarred with the same
brush as the admins who abuse their power, then they should probably
see to it that the minority that is creating a bad image cleans up
its act. The BBS community failed to do that when cracking became
a problem, and now all BBSers are held in the same piopular
perception. I don't maintain that this is right, but that this is
the status quo. If it is to be changed, it must be changed by those
in a position to do so.
>
> > Would tyou justify purchasing a new disk by checking what sort of files
> > users had in their directories? I would hope not. You would probably
> > look at disk information (from du probably), rather than individual
> > users' files.
>
> When we present an item for purchase, the money often comes from a general
> "improvement fund". The various academic departments, naturally, aren't
> always pleased to give us the money. If, however, we present a graphic that
> shows that, for example, the ME Department's students are taking up 65% of
> our disk space, the ME Department is far more likely to support the expense.
> If a department wants us to install a particular program, I'd want to know
> how much disk space its users occupy. I recently had a call from another
> admin who was being asked to install ansys (a finite elements package); he
> wondered how much space ansys users would need. I got him an answer with
> three "ls -lR|grep xxxxxx|awk" commands. For those of you who haven't
> caught on yet, this information was also "blind"; I don't care how much
> space user XXXXXX swallows, as long as he's under quota. I *do* however,
> need to know what types of files my users have (in a general sense).
An admin at OSU complained to me aboput the sexual nature of some of
the files he read in my account. I don't mind dealing with complaints
about being over quota, but when admins read users' files, I get just
slightly upset. 8-S
>
> >> Don't misinterpret normal activity as "snooping" or "fascism".
> >
> > While such activity may be normal, I quarrel with the use it was put
> > to, namely finding "dirt" on users.
>
> "Finding dirt" implies that someone was watching your actions closely.
> That may have been the case; however, your "fixman" job would have drawn
> attention from *anyone* running a ps command, whether or not they were
> specifically looking for you. I have users who check ps themselves, when
> the system response is slow. I often get mail saying "what is this pro-
> gram XXXX that YYYY is running? It's been going for days!". Of course,
> I usually reply with something like "it's ok, that's not a runaway job",
> since user XXX doesn't need to know that particulars of user YYY's work.
And if I don't think it's any business of my fellow users what
processes I am running, what can I do? Nothing. My privacy
is compromised.
>
> In conclusion, let me say (one more time) that sysadmins do, on occasion,
> need some specific information on user activities. I believe that all
> admins should strive to obtain the information they need in the most general
> method possible. I understand your strong feelings in this area, but I
> can't agree with the broad strokes with which you're painting our work.
> System administrators may be obnoxious, but system administration is not.
And in conclusion, let me say that none of this changes my initial
point, that if the sysadmins don't want users running certain
commands, then they should _At Least_ make their wishes known to the
users, rather than coming down hard & fast on them when they actually
run one of the forbidden commands.
I would also like to say that the admins here at Computer Science &
Engineering @ the University of Toledo are, as a rule, the least
obtrusive sysadmins I have yet to come across on a non-public system.
They make it very easy to do what I need to do without a great deal
of administrative rigamarole. As to public systems, both
bluemoon.rn.com (Grant DeLorean) and nyx.cs.du.edu (Andrew Burt) have
constantly displayed the same attitude of respect for users that I
find lacking at OSU's ACS. Even the engineering computing site @
OSU easily beats ACS for user service & courtesy.
So, the majority of the systems I have used have had what I would
consider "good" sysadmins. ACS had really been my only bad
experience, but my "bad" experience there was several orders of
magnitude worse than my other experiences were "good."
>
> --
> morgan@ms.uky.edu |Wes Morgan, not speaking for| ....!ukma!ukecc!morgan
--
Steven S. Brack | brack@uoftcse.cse.utoledo.edu
2021 Roanwood Drive | STU0061@uoft01.utoledo.edu
Toledo, Ohio 43613-1605 _________/^\_______ sbrack@bluemoon.rn.com
+1 419 474 1010 | MY OWN OPINIONS | sbrack@nyx.cs.du.edu
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: Re: System Accounting: Fascist Tool?
Message-ID: <1991Nov25.162134.6865@eff.org>
References: <9111251523.AA05399@uoftcse.cse.utoledo.edu>
Date: Mon, 25 Nov 1991 16:21:34 GMT
How about this as a statement for debate:
Resolved: Use of the Unix "ps" command should be severely restricted
for the sake of user privacy.
Believe it or not, I'm going to take the negative position and defend
"ps".
-------
Use of "ps -aux" should not be severely restricted because it allows
users and sys admin to see the amount of computer resources being used
as they are being used. This allows high-CPU runaway jobs to be
identified and stopped before they waste more resources (e.g. fixman).
This allows users to make intelligent decisions about when and where
to run new jobs. This allows peer pressure to be applied to users who
use an unfair amount of resources for the given situation.
As an example of all the points. Suppose, a class of 10 students must
run their program on 5 big test cases. If one student program has a
bug that puts it into an endless loop, "ps -aux" will give the sys
admin and other users a chance to notice the run away program. With
"ps -aux" a student may notice that no one else is running big
programs on the computer and decide that it would be OK to run all
five of his or her programs at once. If he or she was wrong about
being the only one needs to run big programs, other students, using
"ps", will be able to identify who is hogging the CPU. They can then
send email to the effect, "hey, there are others of us here, too. How
about running just one program at a time?"
With "ps", the computer is a shared resource. Without "ps" the
computer is a PC with an unpredictable CPU rate.
- Carl
p.s. I like "top" even better than "ps".
--
Carl Kadie -- kadie@eff.org, kadie@cs.uiuc.edu, or (anonymous) ap.4352@hri.com
I do not represent EFF; this is just me.
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: Re: Reply from Boston U. Wanted! Was: Re: Schools that outlaw on-line
Message-ID: <1991Nov25.163959.7246@eff.org>
References: <9111251335.AA11482@dsacg2.dsac.dla.mil>
Date: Mon, 25 Nov 1991 16:39:59 GMT
Let's zero in on the weakest part of my argument:
>>2) If it is irresponsible and bad for a user to make offensive
>>material available, then it is at least as as irresponsible and bad
>>for the University to make offensive material available.
nbc2134@dsacg2.dsac.dla.mil (Robert F Solon) writes:
>1. The inverse is not always true. You are asserting that, since it's bad
>for a user to do something, it also bad for the University. You must proove
>your assertions before they can be accepted. You have not done so, therefore
>your interpretation is unreasonable.
>2. The policy is written for users. Nowhere is the University as a user
>implied or stated. Attempting to infer an extension to the University is
>unreasonable.
The rule says that the making available of offensive material is
irresponsible. It then says that users are, therefore, prohibited from
making available offensive material.
I concede that the rule only applies to users and not the University.
But if University officials really believe that making material
available is irresponsible, isn't it hypocritical of them to stop
users from making the material available while allowing themselves to
make offensive material available?
>3. It is not the role of the University to determine what is permissible and
>what isn't, in this context.
And yet, when it comes to what users are allowed to make available,
they are more than willing to make this determination.
> Apparently you would like the University to
>censor all bulletin board access. Of course, this goes totally against
>practically everything you have stated about academic freedom to date. Users
>must take responsibility for themselves. There's not reason to expect or
>require the University to do so. Given the implications of your position, it
>is unreasonable.
I don't what the University censor any access; I want them to change
their policy. As you say, users must take responsibility for
themselves.
Given the implications of their policy (applied without hypocrisy),
the policy is unreasonable.
- Carl
--
Carl Kadie -- kadie@eff.org, kadie@cs.uiuc.edu, or (anonymous) ap.4352@hri.com
I do not represent EFF; this is just me.
--------------------
--
| William W. Arnold | warnold@eff.org | has8wwa@cabell.vcu.edu |
| Co-moderator: Computers and Academic Freedom Mailing list |
| I speak for myself, not {him, her, it, eff}. |
From warnold Tue Nov 26 07:19:54 1991
Received: by eff.org id AA09557
(5.65c/IDA-1.4.4 for cafb-list@eff.org); Tue, 26 Nov 1991 12:20:00 -0500
Reply-To: comp-academic-freedom-talk
From
From: comp-academic-freedom-talk
Precedence: bulk
To: comp-academic-freedom-talk
Errors-To: comp-academic-freedom-talk-request
Date: Tue, 26 Nov 1991 12:19:54 -0500
X-Digest-Sender: "William W. Arnold"
Message-Id: <199111261719.AA09552@eff.org>
Subject: Computers and Academic Freedom mailing list (batch edition)
Computers and Academic Freedom mailing list (batch edition)
Tue Nov 26 12:18:43 EST 1991
[For information on how to get a much smaller edited version of the
list, send email to archive-server@eff.org. Include the line:
send acad-freedom caf
- Billy ]
In this issue:
treeves@magnus.acs : I am from ACS at OSU
FANSHEN@ccvm.sunys : Re: Schools that outlaw on-line searches of library catal
kadie@eff.org (Car : Re: I am from ACS at OSU
jones@pyrite.cs.ui : Alt.sex flap at U of Iowa
thakur@zerkalo.har : Re: Schools that outlaw on-line searches of library catal
brack@uoftcse.cse. : Re: System Accounting: Fascist
kadie@eff.org (Car : Re: System Accounting: Fascist
kadie@eff.org (Car : (eff.mail.com-priv) Re: Alt.sex flap at U of Iowa
U15289@UICVM.uic.e : On "Personal Use" restrictions
kadie@eff.org (Car : (eff.mail.com-priv) Re: Alt.sex flap at U of Iow
treeves@magnus.acs : Re: I am from ACS at OSU
kadie@eff.org (Car : Re: On "Personal Use" restrictions
kadie@eff.org (Car : Re: I am from ACS at OSU
pthomas@isis.cs.du : Re: System Accounting: Fascist
morgan@ms.uky.edu : Re: System Accounting: Fascist
morgan@ms.uky.edu : Re: System Accounting: Fascist
rickert@cs.niu.edu : Re: System Accounting: Fascist
thompson@se01.wg2. : Re: System Accounting: Fascist
The addresses for the list are now:
comp-academic-freedom-talk@eff.org - for contributions to the list
or caf-talk@eff.org
listserv@eff.org - for automated additions/deletions
(send email with the line "help" for details.)
caf-talk-request@eff.org - for administrivia
-------------------
From
From: treeves@magnus.acs.ohio-state.edu (Terry N Reeves)
Subject: I am from ACS at OSU
Message-ID: <1991Nov25.165500.11219@magnus.acs.ohio-state.edu>
Sender: news@magnus.acs.ohio-state.edu
Nntp-Posting-Host: top.magnus.acs.ohio-state.edu
Distribution: usa
Date: Mon, 25 Nov 1991 16:55:00 GMT
Well, I bet that subject got some attention! I can hear the boos and hisses
from here!
DISCLAIMER This is not ACS, just me. All of this is purely personal opionion.
No one "made" me say that or even asked me to. I just think its a good idea,
as I think I am in somewhat hostlile territory. Please don't bother
defending yourself - if you feel the need you are too sensitive :-)
First here is proof that we are READING this discussion and that we CAN post.
Ugly rumours about censorship at ACS are ridiculous.
Of course we can't talk about (well, you know, what can't talk about... )
[recurses infinately] that's the law.
Now with regards to policy. A question. I would like to read an actual
approved, in force for a fairly long time, policy of a university that this
group, especially Karl, approves of, or mostly approves of.
Note it must be in actual use. Theoretical policies are untested and somewhat
well, theoretical. Anyone got one by ftp or post here or e-mail to me?
This is a sincere question folks not some sort of cynical remark.
I have been reading here since may/june and I think such things have been
mentioned and I want to find one.
I am not going to defend ACS policy. Those at the top have choosen not to
(if they are reading this, and I think they are). There has been no
announcement to this effect folks, they just have not done it. I could answer
some attacks, I might agree with others, but frankly I don't really think it's
my place. I am not the policy maker. That's who your argument is with.
Naturally, as an ACS staffer it is part of my job to point out ways we can
improve, and work for better service to the campus. I do have some
suggestions of my own about policy. But rather than post them here I will
make them internally. It would be rather odd, I think, for me to give them
a first airing here, or even post them at all when the people I need
to persuade are all in the building with me.
Opinion - can't prove it - but my experience is ACS is filled with people
who strongly believe in electronic freedom, open computing, call it what you
will.
We brought usenet & e-mail to the masses here. We fought for it, we are
fighting for it.
Some people regarded as villains here are trying hard to make computing
more open and useful on campus. The major limitation is money - or put
another way people at the very top of osu & state gov't have to see computing
as basic part of education. We do.
--
_____________________________________________________________________________
| That's my story, and I'm sticking to it! |
|_____________________________________________________________________________|
| Public Sites micro software support | treeves@magnus.ACS.OHIO-STATE.EDU |
-------------------
From
From: FANSHEN@ccvm.sunysb.edu (Frank Anshen)
Subject: Re: Schools that outlaw on-line searches of library catalogs
Message-ID: <199111251753.AA08590@eff.org>
Sender: FANSHEN@ccvm.sunysb.edu
References:
Date: 25 Nov 91 17:44:19 GMT
Wes, Clearly there is a difference between finding "Fuck you" as the name
of a publication and finding a message which says "Fuck you, Wes Morgan."
However, this does not mean that the former may not be found offensive,
albiet less so than the latter. I teach sociolinguistics and usually include
a lecture on obscenity. All of the words are used as mention, I do not
wish maledictions upon anybody, but some students still find the lecture
offensive.
Clearly, I hope, even the authors of the policy in question do not wish
to affect on-line library searchs, but if this is true, they should make it
clear. There is a long history of laws which common sense says should not
be used for a any but their ostensible purpose being used for other purposes
when it is convenient. One example which springs to mind is RICA being applied
to anti-abortion demonstrators. The fact is that the policy in question is
unacceptably vague (I think it is bad policy even if made precise, but that
is a matter for another diatribe) and arguments to the effect that "reasonable
people will not interpret it that way" are beside the point. There are some
very unreasonable people out there and they all seem to be in positions of
authority.
Frank Anshen
FANSHEN@SUCCVM.BITNET
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: Re: I am from ACS at OSU
Message-ID: <1991Nov25.181452.9288@eff.org>
References: <1991Nov25.165500.11219@magnus.acs.ohio-state.edu>
Distribution: usa
Date: Mon, 25 Nov 1991 18:14:52 GMT
treeves@magnus.acs.ohio-state.edu (Terry N Reeves) writes:
[...]
>Now with regards to policy. A question. I would like to read an actual
>approved, in force for a fairly long time, policy of a university that this
>group, especially Karl, approves of, or mostly approves of.
[...]
I can think of two.
The draft policy at the University of Delaware (Even though it is a
draft, it has been used for a while and is the basis of other schools'
policies.)
[ftp.eff.org:pub/academic/policies/udel.edu]
The policy of Rice University (This policy is being used, but may be
modified to reflect recent comments from comp.admin.policy,
alt.comp.acad-freedom.talk, and a recent meeting with users.)
[ftp.eff.org:pub/academic/policies/rice.edu]
Also, be sure to look at files README, udel.edu.critique,
and rice.edu.critque.
(For information on email access, send email to archive-server@eff.org,
including the line:
send other-comp-policies README
)
[...]
>Naturally, as an ACS staffer it is part of my job to point out ways we can
>improve, and work for better service to the campus. I do have some
>suggestions of my own about policy. But rather than post them here I will
>make them internally. It would be rather odd, I think, for me to give them
>a first airing here, or even post them at all when the people I need
>to persuade are all in the building with me.
[...]
The policy making at many schools could be improved with more openness
and user participation. As the Joint Statement says:
"The responsibility to secure and to respect general conditions
conductive to the freedom to learn is shared by all members of the
academic community. Each college and university has a duty to develop
policies and procedures which provide and safeguard this freedom. Such
policies a procedures should be developed at each institution within
the framework of general standards and with the broadest possible
participation of the members of the academic community."
[ftp.eff.org:pub/academic/student.freedoms]
- Carl
--
Carl Kadie -- kadie@eff.org, kadie@cs.uiuc.edu, or (anonymous) ap.4352@hri.com
I do not represent EFF; this is just me.
-------------------
From
From: jones@pyrite.cs.uiowa.edu (Douglas W. Jones,201H MLH,3193350740,3193382879)
Subject: Alt.sex flap at U of Iowa
Message-ID: <9300@ns-mx.uiowa.edu>
Date: 25 Nov 91 18:27:40 GMT
Sender: news@ns-mx.uiowa.edu
Followup-To: alt.comp.acad-freedom.talk
Today's Daily Iowan, Monday Nov. 25, 1991, has joined the fray.
On the top of page 3A, on the left, is the headline "UI Computer Files
Contain Pornography", followed by the same kind of incisive reporting
of the alt.sex newsgroups that we have become used to from the print
media. The article does mention that the "pornography" is carried by
USENET, but no mention is made of other material on USENET. The article
indicates that the U of I computers contain "over 70,000 pages" of
pornography, which is nonsense -- this is roughly the total number of
postings that have been delivered to Iowa's machines over USENET, but
nobody at the DI seems to have noticed that things get deleted on a
regular basis.
Appearing as it does on top of the recent flap about movie Taxi Zum Klo,
this will certainly put more pressure on the University of Iowa to censor
things on campus. In the case of the movie, the local county attourny
has decided that it is "non pornographic but one scene contains depiction
of sexual exploitation of a minor, and that scene must be edited out in
any showing of the movie."
One consequence of the Taxi Zum Klo flap is that the state legislature
will probably review the current exemptions from the "sexual exploitation
of a minor" laws that applies to educational institutions and public
libraries. As currently written, the Iowa law allows for educational
use of such material in such institutions, and the law may be rewritten
to forbid this. (So, if I wanted to teach a course on the impact of
pornography on the sexual development of children in modern western society,
I wouldn't be able to use these materials under the proposed changes to the
law.)
Doug Jones
jones@cs.uiowa.edu
-------------------
From
From: thakur@zerkalo.harvard.edu (Manavendra K. Thakur)
Subject: Re: Schools that outlaw on-line searches of library catalogs
Message-ID: <9111251920.AA08403@zerkalo.harvard.edu>
Sender: thakur@zerkalo.harvard.edu
References: <1991Nov25.120702.10871@cc.curtin.edu.au>
Date: 25 Nov 91 19:20:50 GMT
>>>>> On 25 Nov 91 04:07:01 GMT, chooper@cc.curtin.edu.au (Todd Hooper) said:
> In article <1991Nov22.183858.26504@ms.uky.edu>, morgan@ms.uky.edu
> (Wes Morgan) writes:
>> How about appending the phrase "when applied to individuals" to
>> these four statements?
> I think half the problem with most of the policies quoted is that
> they don't have the word 'unsolicited' in them. Sure, if someone
> sends you mail that is unsolicited and contains swearing, it is
> probably harassment. But if you went out of your way to get
> something offensive, you've solicited it. The same goes for an
> online library search.
In my opinion, the phrasing should be along the lines of "unsolicited
or unwanted". Something unsolicited is not necessarily unwanted.
I agree with you that inserting the term "unsolicited" into the
description solves a lot of problems. I just think the term
"unwanted" should be added, because it refines the standards for what
constitutes harrassment: If, after the recipient has informed the
sender that the material in question is unwanted, the sender persists
in sending the material, then that constitutes harrassment.
Note that the unsolicited part also helps protect system
administrators of machines that carry alt.sex etc. The "unwanted"
part gives recipients of harrassing or threatening mail an additional
tool to prosecute the perpetrators.
> On a side note, this whole OSU thing has rather soured my view of
> that institution. Conciously or not, OSU will always be associated
> in my mind with the shootings in the sixties (?) and the Brack case.
Uh, that was *Kent* State, not Ohio State. Check your history
books....
Manavendra K. Thakur Internet: thakur@zerkalo.harvard.edu
Systems Programmer, High Energy Division BITNET: thakur@cfa.BITNET
Harvard-Smithsonian Center for DECNET: CFA::thakur
Astrophysics UUCP: ...!uunet!mit-eddie!thakur
-------------------
From
From: brack@uoftcse.cse.utoledo.edu (Brack)
Subject: Re: System Accounting: Fascist Tool?
Message-ID: <9111252053.AA09129@uoftcse.cse.utoledo.edu>
Sender: brack@uoftcse.cse.utoledo.edu
Date: 25 Nov 91 20:53:52 GMT
In article <1991Nov25.162134.6865@eff.org> you write:
: How about this as a statement for debate:
:
: Resolved: Use of the Unix "ps" command should be severely restricted
: for the sake of user privacy.
:
: Believe it or not, I'm going to take the negative position and defend
: "ps".
:
: -------
:
: Use of "ps -aux" should not be severely restricted because it allows
: users and sys admin to see the amount of computer resources being used
: as they are being used. This allows high-CPU runaway jobs to be
: identified and stopped before they waste more resources (e.g. fixman).
: This allows users to make intelligent decisions about when and where
: to run new jobs. This allows peer pressure to be applied to users who
: use an unfair amount of resources for the given situation.
It is not the users place to decide what processes are allowed
to be executed by other users. That is a function of the
sysadmin (remember the concierge theory?). I don't want
anyone who does a ps -a to know what I'm doing. If I want\
people to know, I'll tell them, but I don't want information
private to me to be given to anyone who asks without my permission.
There are other ways to get system load w/o using ps. Under
windows, we have xload. There is a shell command that will
return system load & other statistics, but I can't remember its
name. I've used it under HP-UX & BSD, so if someone could supply
the name...
:
: As an example of all the points. Suppose, a class of 10 students must
: run their program on 5 big test cases. If one student program has a
: bug that puts it into an endless loop, "ps -aux" will give the sys
: admin and other users a chance to notice the run away program. With
: "ps -aux" a student may notice that no one else is running big
: programs on the computer and decide that it would be OK to run all
: five of his or her programs at once. If he or she was wrong about
: being the only one needs to run big programs, other students, using
: "ps", will be able to identify who is hogging the CPU. They can then
: send email to the effect, "hey, there are others of us here, too. How
: about running just one program at a time?"
What good would it do the other users to see his/her runaway
process? The only ones who can stop it are the student &
the admin, in any case.
Basic system load information would tell users what they need to
know, without revealing private information.
: Carl Kadie -- kadie@eff.org, kadie@cs.uiuc.edu, or (anonymous) ap.4352@hri.com
: I do not represent EFF; this is just me.
In general, users should not be able to gather information on other
individual users. Therefore, if we really want ps, give ps w/o
uids. That way, all that nosey/concerned users would know is that
someone is doing "more really.controversial.text," rather than that
foobar is reading really.controversial.text
--
Steven S. Brack | brack@uoftcse.cse.utoledo.edu
2021 Roanwood Drive | STU0061@uoft01.utoledo.edu
Toledo, Ohio 43613-1605 _________/^\_______ sbrack@bluemoon.rn.com
+1 419 474 1010 | MY OWN OPINIONS | sbrack@nyx.cs.du.edu
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: Re: System Accounting: Fascist Tool?
Message-ID: <1991Nov25.213447.14114@eff.org>
References: <9111252053.AA09129@uoftcse.cse.utoledo.edu>
Date: Mon, 25 Nov 1991 21:34:47 GMT
kadie@eff.org (Carl M. Kadie) writes:
>: Use of "ps -aux" should not be severely restricted because it allows
>: users and sys admin to see the amount of computer resources being used
>: as they are being used. This allows high-CPU runaway jobs to be
>: identified and stopped before they waste more resources (e.g. fixman).
>: This allows users to make intelligent decisions about when and where
>: to run new jobs. This allows peer pressure to be applied to users who
>: use an unfair amount of resources for the given situation.
brack@uoftcse.cse.utoledo.edu (Brack) writes:
> It is not the users place to decide what processes are allowed
> to be executed by other users. That is a function of the
> sysadmin (remember the concierge theory?). I don't want
> anyone who does a ps -a to know what I'm doing. If I want\
> people to know, I'll tell them, but I don't want information
> private to me to be given to anyone who asks without my permission.
[...]
> What good would it do the other users to see his/her runaway
> process? The only ones who can stop it are the student &
> the admin, in any case.
[...]
Well, if I see that you have what looks like a run away process, I can
send you and/or the sys admin email. Why should I be the one doing
this? Because, I'm the one who wants the cycles. The sys admin isn't
logged into the computer, or isn't paying close attention. You may
have logged off or started work on another task, not realizing that
your job is still running.
> Basic system load information would tell users what they need to
> know, without revealing private information.
[...]
At the very least, I want to know how much load each user is putting
on the system. If five users are each running five cpu-bound jobs,
causing my cpu-bound job to run slowly, I won't say anything. If,
however, one user is running five cpu-bounds jobs, causing my one
cpu-bound jobs to run slowly, I may send that user email asking that
he or she, say, lower the priorty of his or her jobs.
Why should he or she cooperate with me? Because, tomorrow he or she
may want to send me a similar note.
Without per-user load information, cooperation is very unlikely.
Knowing the program being run (g++, Lisp, etc) is also helpful, but
not as important.
- Carl
--
Carl Kadie -- kadie@eff.org, kadie@cs.uiuc.edu, or (anonymous) ap.4352@hri.com
I do not represent EFF; this is just me.
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: [eff.mail.com-priv] Re: Alt.sex flap at U of Iowa
Message-ID: <199111252135.AA14168@eff.org>
Sender: kadie
Date: 25 Nov 91 11:35:27 GMT
From
From: thakur@zerkalo.harvard.edu (Manavendra K. Thakur)
Subject: Re: Alt.sex flap at U of Iowa
Message-ID: <9111252038.AA08543@zerkalo.harvard.edu>
Date: 25 Nov 91 20:38:01 GMT
In my message about the alt.sex flap at the U. of Iowa, I wrote:
> I read in this past Sunday's New York Times (25 Nov. 1991) that when
> the film in question (Taxi Zum Klo) was shown again at U. of Iowa, the
> theater hall was jam packed full.
Sorry, the date is wrong. It should be Sunday, 24 Nov. 1991.
My apologies for the mistake.
Manavendra K. Thakur Internet: thakur@zerkalo.harvard.edu
Systems Programmer, High Energy Division BITNET: thakur@cfa.BITNET
Harvard-Smithsonian Center for DECNET: CFA::thakur
Astrophysics UUCP: ...!uunet!mit-eddie!thakur
-------------------
From
From: U15289@UICVM.uic.edu
Subject: On "Personal Use" restrictions
Message-ID: <199111252159.AA14818@eff.org>
Sender: U15289@UICVM.uic.edu
Date: 25 Nov 91 20:06:41 GMT
In an October 26 posting to comp-academic-freedom-talk, Carl Kadie
commented on the policies of the SEASnet system at UCLA:
>1. The policy says:
>
>>* Use of SEASnet's Computing Facilities
>> Use of SEASnet's computing facilities, including
>> hardware, software, and networks is restricted to the
>> purposes for which SEASnet accounts are assigned. These
>> uses are limited to research and educational purposes.
>> Any personal or commercial use of SEASnet equipment is
>> prohibited.
>
>But then:
>
>> * Game Playing
>> Various games are available on the system.
>> however, you must not play games when other
>> users need a terminal for any other activity. If
>> you are playing games, you must log out whenever
>> users are waiting, and offer them your terminal.
>> it is not ethical or polite to stay logged in
>> until the person waiting asks you to log out, or
>> to expect a waiting user to wait for you to
>> finish playing.
>
>Isn't game playing an example of personal use? Isn't much email use
>personal? If the members of a student organization (say, the sailing
>club) keep the the club roster on-line, isn't that a personal use?
>How about if someone accesses the library computer to find a book on
>bicycle repair?
>
>The policy could be improved by applying the "game policy" to all
>noncommercial personal use.
I strongly disagree that limitations on the use of games, _qua_ games,
should be extended to other "noncommercial personal use" (hereinafter referred
to as "NPU"); I find the prospect of blanket restrictions on NPU _per se_
even more disquieting.
Admittedly, more of an argument can be made for such a policy on the
in-house system of an individual academic unit (which it is my impression that
SEASnet is, on the assumption of it being an acronym for "School of Engineer-
ing and Applied Science" or something to that effect) than on a system run
for general use by an all-campus computer center. It is also possible to
enforce such a policy more efficaciously in the former case than in the
latter. (But, as I shall discuss below, all-campus installations are not
immune to having blanket NPU restrictions at least nominally in effect.)
It gives me pause, as I think it should to all readers of this mailing
list, that posting, or reading the postings of others, to comp-academic-freedom
-talk itself would apparently be a technical violation of such policies,
inasmuch as it presumably is not being done in the service of specific course-
work or research. The same goes for reading, or posting to, the lion's share
of newsgroups on USENET/NETNEWS, as well as--of course--much if not most email
correspondence, and the other examples which Carl cites at the end of his own
comment on the SEASnet policy.
As mentioned above, broad prohibitions on NPU do occur at all-campus
computer centers. For instance:
>The following uses of computers supported by Academic Computing Services,
>including public microcomputers, are specifically approved:
> [...]
>D. Personal computing for the improvement of computing literacy and not asso-
> ciated with a scheduled class. Such "improvement of computing literacy"
> must be consistent with Loyola's mission of education, research, and
> health care. _This category of use must not be used to justify activities
> such as personal correspondence of personal business._ [Emphasis added.]
>
> This means that once a computer skill associated with a resource is
> learned, that resource may only be used for instruction or research.
(Source: Loyola University of Chicago, "Information Systems Computing Policy,
Policy No. 1: Authorized Uses of Public Academic Computing Facilities," 1984)
At my own institution, a recent document states that account suspension is
possible for "frequent frivolous use of computing resources," which is enumer-
ated separately from "playing computer games," also given as a cause of action.
(Source: University of Illinois at Chicago Computer Center, "Penalties for
Misuse of UIC Computing Resources," 1991) This presents serious questions of
vagueness and overbreadth, over and above any specific chilling effects it
may have--at least in theory--on benign noncurricular uses of an all-campus
system.
To be sure, the policy Carl seemed to be speaking favorably of simply
posited a moral responsibility for those using a system for noncurricular
applications at a given moment to yield to those desiring to use it for
curricular ones, in the event of a shortage of available workstations, rather
than declaring noncurricular uses actionable _per se_. Even so, I think it
is crucial to draw a distinction between those activities that have an argu-
able nexus to the communication of ideas and those that do not (by which I
refer principally to computer games). I remain uncomfortable with any formal
policy statement which draws invidious distinctions between activities in the
former group which do not happen to have a clear curricular connection, and
those that do, at least in the case of systems intended for general campus
use.
Mitch Pravatiner
Internet: U15289@uicvm.uic.edu
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: [eff.mail.com-priv] Re: Alt.sex flap at U of Iow
Message-ID: <199111252202.AA14998@eff.org>
Sender: kadie
Date: 25 Nov 91 12:02:44 GMT
From
From: chris_taylor@qmbridge.calstate.edu (Chris Taylor)
Subject: Re: Alt.sex flap at U of Iow
Message-ID: <9111252117.AA24712@uu.psi.com>
Date: 25 Nov 91 05:15:51 GMT
Reply to: RE>Alt.sex flap at U of Iowa
Manavendra K. Thakur writes:
> I read in this past Sunday's New York Times (25 Nov. 1991) that when
> the film in question (Taxi Zum Klo) was shown again at U. of Iowa, the
> theater hall was jam packed full. The county attorney's edict about
> the censoring the "sexual exploitation of a minor" scene was effected
> by placing a piece of cardboard in front of the projector when the
> scene came on -- as the audience erupted in laughter.
I wonder if the University of Iowa is one of those "higher" education
institutions mentioned in a recent article of the Orange County Register
as passionately interested in limiting free speech if it happens to not
be politically correct and/or is considered to be "offensive" to some
ethnic groups?
If so, then their response ("the audience erupted in laughter) would
call into question their sincerity to the lofty goal of protecting the
sensitivity of others who are all to often exploited in our society
(ie. minorities, children...)
> The power of
> the press in this regard is all too real. Unfortunately, so is the
> overreaction of the college administrators and local politicians.
>
> At least the students at U. of Iowa haven't lost their perspective on
> things.
One can wonder...
Chris Taylor
California State Univeristy
chris@csu.net
-------------------
From
From: treeves@magnus.acs.ohio-state.edu (Terry N Reeves)
Subject: Re: I am from ACS at OSU
Message-ID: <1991Nov25.215223.16695@magnus.acs.ohio-state.edu>
Sender: news@magnus.acs.ohio-state.edu
Nntp-Posting-Host: top.magnus.acs.ohio-state.edu
References: <1991Nov25.165500.11219@magnus.acs.ohio-state.edu> <1991Nov25.181452.9288@eff.org>
Distribution: usa
Date: Mon, 25 Nov 1991 21:52:23 GMT
thanks for pointer to policies, I have them now.
>The policy making at many schools could be improved with more openness
>and user participation. As the Joint Statement says:
absolutely! but you folks are not (mostly) our users. A much better forum for
that would be acs.magnus or osu.general
--
_____________________________________________________________________________
| That's my story, and I'm sticking to it! |
|_____________________________________________________________________________|
| Public Sites micro software support | treeves@magnus.ACS.OHIO-STATE.EDU |
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: Re: On "Personal Use" restrictions
Message-ID: <1991Nov25.223548.15641@eff.org>
References: <199111252159.AA14818@eff.org>
Date: Mon, 25 Nov 1991 22:35:48 GMT
One small clarification of my suggestion to UCLA.
The UCLA SEASnet policy says:
"Any personal ... use of SEASnet equipment is prohibited."
And,
"Various games are available on the system.
however, you must not play games when other
users need a terminal for any other activity."
I said:
"The policy could be improved by applying the "game policy" to all
noncommercial personal use."
In other words, instead of banning nongame, noncommercial personal
use, SEASnet should at least allow nongame, noncommercial personal use
on the same basis that it allows game playing.
In other, other words, I was not suggesting *adding* a restriction; I
was suggesting *removing* a restriction.
- Carl
--
Carl Kadie -- kadie@eff.org, kadie@cs.uiuc.edu, or (anonymous) ap.4352@hri.com
I do not represent EFF; this is just me.
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: Re: I am from ACS at OSU
Message-ID: <1991Nov25.224752.16015@eff.org>
References: <1991Nov25.165500.11219@magnus.acs.ohio-state.edu> <1991Nov25.181452.9288@eff.org> <1991Nov25.215223.16695@magnus.acs.ohio-state.edu>
Distribution: usa
Date: Mon, 25 Nov 1991 22:47:52 GMT
kadie@eff.org (Carl M. Kadie) writes:
>>The policy making at many schools could be improved with more openness
>>and user participation. As the Joint Statement says:
treeves@magnus.acs.ohio-state.edu (Terry N Reeves) writes:
>absolutely! but you folks are not (mostly) our users. A much better forum for
>that would be acs.magnus or osu.general
[...]
It would be wonderful if the current policy makers posted requests for
comments to acs.magnus and osu.general. When (if?) this happens, I
hope that the CAF discussion/archive/etc will be a valuable resource
for the OSU discussants.
- Carl
--
Carl Kadie -- kadie@eff.org, kadie@cs.uiuc.edu, or (anonymous) ap.4352@hri.com
I do not represent EFF; this is just me.
-------------------
From
From: pthomas@isis.cs.du.edu (Pete Thomas)
Subject: Re: System Accounting: Fascist Tool?
Message-ID: <1991Nov25.221911.26899@mnemosyne.cs.du.edu>
Sender: usenet@mnemosyne.cs.du.edu (netnews admin account)
References: <9111252053.AA09129@uoftcse.cse.utoledo.edu> <1991Nov25.213447.14114@eff.org>
Date: Mon, 25 Nov 91 22:19:11 GMT
I rarely post to these discussions, although I find them quite interesting.
It seems like in the fracas over allowing or disallowing information on what
information one should be allowed to obtain about other users, we hit one of
the cusps of the conflict of one user's rights over another, and the rights
of system administrators.
Several points:
1) Computer use is a social contract issue; in agreeing to make use of a
shared resource such as a central computing resource, you needs must make
some agreement between yourself, the other users, and the administrators of
the system. One goal that I see the EFF pursuing is the active pursuit of
quantifying this agreement at as many sites as possible. The current
hodge-podge of "unwritten laws" and sweeping powers for administrators is
ludicrous. However, to say that you as a user have an unqualified right
on all systems, at all times, to have your process information held private
is insane.
2) As system security and administration software matures into the new shape
of operating systems in the information age some new possibilities arise.
Suppose you as a user could see information about other processes, but not
with the actual userid attached--what you saw was an encryption of it. You
could still see if one user was taking up the CPU, and you could use an
anonymous mail facility to send a (hopefully polite) note to the offending
party. Administrators would be able to decrypt the output. We've got the
ability to do such things, so why not.
3) However, I don't think that this sort of thing is necessary on all systems;
in the case of an information provider with a large array of services and
customers who might be competitors (for instance), security of this sort might
be a good idea. On other systems, as long as the user is given a clear
statement of what their rights and responsibilities are why should there be a
problem?
--Pete
-------------------
From
From: morgan@ms.uky.edu (Wes Morgan)
Subject: Re: System Accounting: Fascist Tool?
Message-ID: <1991Nov25.223847.10129@ms.uky.edu>
Date: 25 Nov 91 22:38:47 GMT
Article-I.D.: ms.1991Nov25.223847.10129
References: <9111251523.AA05399@uoftcse.cse.utoledo.edu>
brack@uoftcse.cse.utoledo.edu (Brack) writes:
I was in agreement with almost everything Steven said, until I read:
> And if I don't think it's any business of my fellow users what
> processes I am running, what can I do? Nothing. My privacy
> is compromised.
There is something else you can do; use another system! Use a PC, if
you like. Use VMS/CMS/PRIMOS/[fill in the blank].
The privacy of your files may (or may not, in some cases) be guaranteed,
but your usage of the system does not fall under that umbrella.
Are you suggesting that "ps" be removed/modified? If that's the case,
then shouldn't "who" and "finger" be completely shelved? After all, it's
not anyone's business when you're logged in, right? I guess we'll have
to take the Date: line out of electronic mail, since that reveals when
you were reading mail. The From: line tells us which system you use
for reading mail, so I guess that has to be changed as well, eh?
Privacy is a worthy goal, but remember that you are using a PUBLIC
computer system. If you purchase your own workstation and wire it in, you
can certainly disable rwho, finger, remote shells, and the whole works; I
know a few people who have done that. If you're using a PUBLIC system,
there will be tradeoffs.
Unix is a powerful operating system. With that power comes a certain
degree of openness. The tradeoff for that openness is the "total user
privacy" you seem to be espousing (among other things).
--
morgan@ms.uky.edu |Wes Morgan, not speaking for| ....!ukma!ukecc!morgan
morgan@engr.uky.edu |the University of Kentucky's| morgan%engr.uky.edu@UKCC
morgan@ie.pa.uky.edu |Engineering Computing Center| morgan@wuarchive.wustl.edu
-------------------
From
From: morgan@ms.uky.edu (Wes Morgan)
Subject: Re: System Accounting: Fascist Tool?
Message-ID: <1991Nov25.224909.13936@ms.uky.edu>
Date: 25 Nov 91 22:49:09 GMT
References: <9111252053.AA09129@uoftcse.cse.utoledo.edu>
brack@uoftcse.cse.utoledo.edu (Brack) writes:
>
> It is not the users place to decide what processes are allowed
> to be executed by other users.
True; however, the information gleaned from ps can be valuable to an
exploring student.
> I don't want
> anyone who does a ps -a to know what I'm doing. If I want\
> people to know, I'll tell them, but I don't want information
> private to me to be given to anyone who asks without my permission.
The information is not private. You are using a PUBLIC computer system.
Your usage of that system is critical to the management, expansion, and
profiling of that system. We could go with the "open records" analogy
and state that accounting records are subject to viewing by the public
on the same basis as any other records/files kept by the state. If they
are available in an interactive forum through "ps", what's the difference?
> There are other ways to get system load w/o using ps. Under
> windows, we have xload. There is a shell command that will
> return system load & other statistics, but I can't remember its
> name. I've used it under HP-UX & BSD, so if someone could supply
> the name...
But those utilities don't tell you *which* programs are swallowing
resources. When there are 20 people logged in, how can you be sure that your
program (or "his" program) is the one chugging CPU?
> What good would it do the other users to see his/her runaway
> process? The only ones who can stop it are the student &
> the admin, in any case.
The good comes from users policing themselves. I've seen users explain
the ps command to "resource hogs", few of whom had any idea of the load
their programs placed on the system. The good results are:
-- The users have a better system to use
-- "Resource Hogs" learn how to check their jobs
-- Users become more responsible for their actions
-- Users don't have to track down the admin as often
-- The admin doesn't have to spend the time explaining
things to "resource hogs"; the users take of that!
> Basic system load information would tell users what they need to
> know, without revealing private information.
Most Unix compilers name their executable output file "a.out". There may
be 20 different "a.out" programs executing at a given time. How the heck
will you tell them apart?
--
morgan@ms.uky.edu |Wes Morgan, not speaking for| ....!ukma!ukecc!morgan
morgan@engr.uky.edu |the University of Kentucky's| morgan%engr.uky.edu@UKCC
morgan@ie.pa.uky.edu |Engineering Computing Center| morgan@wuarchive.wustl.edu
-------------------
From
From: rickert@cs.niu.edu (Neil Rickert)
Subject: Re: System Accounting: Fascist Tool?
Message-ID: <1991Nov25.232708.27961@mp.cs.niu.edu>
Sender: rickert@cs.niu.edu
References: <9111252053.AA09129@uoftcse.cse.utoledo.edu>
Date: 25 Nov 91 23:27:08 GMT
In article <9111252053.AA09129@uoftcse.cse.utoledo.edu> Stephen Brack writes:
>In article <1991Nov25.162134.6865@eff.org> Carl Kadie writes:
>:
>: Resolved: Use of the Unix "ps" command should be severely restricted
>: for the sake of user privacy.
>:
>: Believe it or not, I'm going to take the negative position and defend
>: "ps".
This must be a first. I can actually agree with Carl.
> sysadmin (remember the concierge theory?). I don't want
> anyone who does a ps -a to know what I'm doing. If I want\
There is a simple command you can execute to make sure people can't
use 'ps' to find out what you are doing. It is 'logout'.
I much the same way, if you don't want casual passers to know anything
about what is happening in your house, you can get used to leaving the
lights always off, and managing in the dark.
You can prevent people seeing how you drive by simply not driving.
You can prevent people finding out which TV channels you watch by either
not watching TV, or by installing very expensive screening to prevent
stray radiation from the oscillator in your tuner.
------------------
In the computer, as in life, your basic privacy is dependent on the fact
that closely monitoring you is likely to be quite boring. If you would like
to be monitored, start doing lots of very unusual things, and you will soon
have as much monitoring as you can handle. (Come to think of it, isn't that
about what happened to you at OSU).
--
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
Neil W. Rickert, Computer Science
Northern Illinois Univ.
DeKalb, IL 60115 +1-815-753-6940
-------------------
From
From: thompson@se01.wg2.waii.com (Jim Thompson)
Subject: Re: System Accounting: Fascist Tool?
Message-ID: <9111261414.AA19022@se33.wg2.waii.com>
Sender: thompson@se01.wg2.waii.com
Date: 26 Nov 91 14:14:53 GMT
morgan@ms.uky.edu (Wes Morgan) writes:
> brack@uoftcse.cse.utoledo.edu (Brack) writes:
> >
> > It is not the users place to decide what processes are allowed
> > to be executed by other users.
>
> True; however, the information gleaned from ps can be valuable to an
> exploring student.
>
> > I don't want
> > anyone who does a ps -a to know what I'm doing. If I want\
> > people to know, I'll tell them, but I don't want information
> > private to me to be given to anyone who asks without my permission.
>
> The information is not private. You are using a PUBLIC computer system.
> Your usage of that system is critical to the management, expansion, and
> profiling of that system. We could go with the "open records" analogy
> and state that accounting records are subject to viewing by the public
> on the same basis as any other records/files kept by the state. If they
> are available in an interactive forum through "ps", what's the difference?
It seems to me that this is the key issue in the debate over ps (and maybe I'm
stating the obvious)--where does the user's right to privacy exceed the
public's right to know? In this case, it seems to me that the users' right to
know how time is being allocated by their CPU outweighs any privacy benefit to
the individual user. Why? Well, consider the information provided by ps -a
that could compromise a user's privacy:
1. The name of the process;
2. As much path to the executable as the user had to type to run it (usually,
this will be either just the program's name, if it lies in his PATH, or
the full path to the program);
3. Any arguments given to the program.
This (usually) boils down to: what program is being run, and what it's been
told to do. There are two ways this basic information can give away something
about the user's activities.
First, by telling us what program she's running, ps can give us a general idea
of what a user is doing. If she's running a program named 'rogue', chances
are she's playing games; if she's running 'crack', chances are she's either
trying to get someone's password, or trying to see if her own is secure.
Second, by telling us what arguments a person has given to a program, ps can
sometimes tell us more specifically a user is up to. For example, if we see a
user running 'vi -x ~/files/resume', we might be able to guess that he is
about to apply for a job.
Now, unless I've overlooked something, this is the extent to which ps subverts
a user's privacy; what of it? Well, in the first case, I would question
whether the user, in a shared environment such as a university computer,
really has the right to work in absolute secrecy. On its face this seems like
an extreme statement, until you get back to the central issue: that the CPU's
time is resource which must be shared among the users, and that those users
have a right to know how that resource is being allocated.
I consider this to be roughly analogous to how the city council spends its
budget; I, as a taxpaying citizen, have a right to know whether my tax dollars
are being spent on roads and bridges, or on 5-martini dinners and topless
bars. As a user of the university computer (hypothetically speaking), I have
a right to know whether its sluggish response is due to the fact that one user
is running 5 crack processes which are eating minutes of CPU time, particularly
if I'm trying to compile and debug a program as a class assignment. (Others
have done a better job of making this point--see previous posts.)
The second case, of the arguments to the programs, is the more serious. In my
example, ps revealed to us that some user had a file named ~/files/resume; in
situations like this, it is possible for ps to reveal the names of files, and
for people to infer the contents of those files. So, clearly, it is possible
for ps to assist in fundamental breaches one's right to privacy.
However, by taking some simple (!) precautions, it is also possible for users
who wish to maintain their privacy to do so: (1) most (all?) interactive
editors such as emacs and vi allow the user to specify the name of the file
from within the edit session (:e or C-x C-f); (2) names of files, especially
those whose contents are sensitive, may be chosen so as to prevent others from
guessing the file's contents given its name. When (1) does not apply (i.e.,
you're compiling rogue.c), resort to (2).
So I would have to agree with Mr. Brack in saying yes, it is possible, in some
cases, for ps to be used to the detriment of one's privacy. However, it is
relatively easy for the user to protect against such revelations.
Furthermore, because the CPU (or, more accurately, allocation of its time) is
resource shared among a community, the members of that community have the
right to know how their resources are being allocated.
I would also add that, in the interest of protecting those who aren't
unix-savvy, the sysadmin powers-that-be have an *obligation* to their users to
inform them of ps, its dangers, and how to protect against them. (And probably
also about lpq or lpstat.)
--
Jim Thompson - thompson@se01.wg2.waii.com | Conjunction Junction,
Western Geophysical Exploration Products | what's your function?
Houston, Texas |
--------------------
--
| William W. Arnold | warnold@eff.org | has8wwa@cabell.vcu.edu |
| Co-moderator: Computers and Academic Freedom Mailing list |
| I speak for myself, not {him, her, it, eff}. |
From warnold Wed Nov 27 08:41:20 1991
Received: by eff.org id AA13331
(5.65c/IDA-1.4.4 for cafb-list@eff.org); Wed, 27 Nov 1991 13:41:24 -0500
Reply-To: comp-academic-freedom-talk
From
From: comp-academic-freedom-talk
Precedence: bulk
To: comp-academic-freedom-talk
Errors-To: comp-academic-freedom-talk-request
Date: Wed, 27 Nov 1991 13:41:20 -0500
X-Digest-Sender: "William W. Arnold"
Message-Id: <199111271841.AA13326@eff.org>
Subject: Computers and Academic Freedom mailing list (batch edition)
Computers and Academic Freedom mailing list (batch edition)
Wed Nov 27 13:40:32 EST 1991
[For information on how to get a much smaller edited version of the
list, send email to archive-server@eff.org. Include the line:
send acad-freedom caf
- Billy ]
In this issue:
kadie@eff.org (Car : Re: System Accounting: Fascist
kadie@cs.uiuc.edu : (comp.org.eff.talk) Re: Finger & Liberty
CHOWNING@ACUVAX.AC : Re: Dave (The Stud) Duke likes Republicans!
morgan@ms.uky.edu : Re: System Accounting: Fascist
kadie@eff.org (Car : (alt.irc) Re: Sysadmins banning IRC...
kadie@eff.org (Car : (alt.irc) Re: Sysadmins banning IRC...
kadie@eff.org (Car : (alt.irc) Re: Sysadmins banning IRC...
kadie@eff.org (Car : (alt.irc) Re: Sysadmins banning IRC...
kadie@eff.org (Car : (alt.irc) Re: Sysadmins banning IRC...
kadie@eff.org (Car : (alt.irc) Client creation...(IRC banned)
kadie@eff.org (Car : (alt.irc) Re: Client creation...(IRC banned)
kadie@eff.org (Car : (alt.irc) Creating Clients....(IRC banned)
sigma@sun.ipl.rpi. : Re: System Accounting: Fascist
fsars@acad3.alaska : Re: System Accounting: Fascist
The addresses for the list are now:
comp-academic-freedom-talk@eff.org - for contributions to the list
or caf-talk@eff.org
listserv@eff.org - for automated additions/deletions
(send email with the line "help" for details.)
caf-talk-request@eff.org - for administrivia
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: Re: System Accounting: Fascist Tool?
Message-ID: <1991Nov26.161123.7594@eff.org>
References: <9111261414.AA19022@se33.wg2.waii.com>
Date: Tue, 26 Nov 1991 16:11:23 GMT
thompson@se01.wg2.waii.com (Jim Thompson) writes:
[...]
>I would also add that, in the interest of protecting those who aren't
>unix-savvy, the sysadmin powers-that-be have an *obligation* to their users to
>inform them of ps, its dangers, and how
>to protect against them. (And probably
>also about lpq or lpstat.)
[...]
Maybe we have an outline of a confidentially policy for the Statement
on Computers and Academic Freedom.
1. Family Privacy Act
Information about users should not be disclosed to outsiders except
under the conditions specified under Federal law.
2. Email and news reading
Library confidentially policy applies to use of email, Netnews,
anonymous archives, and similar media. This limits the collection,
retention, and dissemination of personally-identified use records.
3. User control
Unless there is a good reason, information about a user
should either be confidential or under each users control.
4. Disclosure
When there is a good reason for making information about
users available:
a) that reason should be made explicit
e.g. "The 'ps' command is allowed because (we think) it
enables better cpu and memory sharing on computers."
(Not "Because if you don't like you can use a PC.")
b) Users should be informed of what kind of information might
disclosed (i.e. if you signed on, when you last read mail, how much
CPU you are using, what command you have run in the last 2 days) and
to what kind of person (i.e. sys admins, other users, anyone on the
Net, etc)
Open questions:
Is there already a good statement on privacy what we
can adopt/adapt?
What exactly does the Famaily Privacy Act say?
Should its procedures be applied to nonstudent users?
How should library-like uses be distinished from other uses?
What are all the ways that information is disclosed, say,
on a Unix system? (finger, ps, top, ...) Hasn't
someone somewhere already documented theses?
References
The draft, unofficial Statement on Computers and Academic Freedom
(with discussion) is available via anonymous ftp as
ftp.eff.org:pub/academic/caf-statement. Or send email to
archive-server@eff.org, including the line:
send acad-freedom caf-statement README
American Library Association policy is available via anonymous
ftp from directory ftp.eff.org:pub/academic/libraries. See
files: confidentiality.1.ala and confidentiality.2.ala. Or,
send email to archive-server@eff.org, including the lines:
send library-policies confidentiality.1.ala
send library-policies confidentiality.2.ala
send library-policies README
- Carl
--
Carl Kadie -- kadie@eff.org, kadie@cs.uiuc.edu, or (anonymous) ap.4352@hri.com
I do not represent EFF; this is just me.
-------------------
From
From: kadie@cs.uiuc.edu (Carl M. Kadie)
Subject: [comp.org.eff.talk] Re: Finger & Liberty
Message-ID: <9111261619.AA11391@m.cs.uiuc.edu>
Sender: kadie@cs.uiuc.edu
Date: 26 Nov 91 04:19:32 GMT
From
From: kadatz@fraser.sfu.ca (Blake Carl Kadatz)
Subject: Re: Finger & Liberty
Message-ID: <1991Nov24.014344.9309@newsserver.sfu.ca>
Date: 24 Nov 91 01:43:44 GMT
In article edwardp@pro-angmar.UUCP (Edward Piecewicz) writes:
>Jester,
>
>How's this sound:
>
>If someone accesses the finger command, all it would show is your name,
>location, time and date of last logon, nothing else.
>
>That is all I see on this system when I enter a finger command.
Variations:
-----------
[128.100.8.20]
Login Name TTY Idle When Office
elder ELDER J David q0 5 Sat 19:49 Aero125 research
hamann HAMANN Gilbert Ewal *q1 Sat 19:36 pFrFuJ5L7xA MASc
murraya MURRAY ALEXANDER W q2 Sat 20:34 q6Oi1EHpy5o ele9T3
ikeuchi Kenji IKEUCHI q3 Sat 20:35 WB56 M0
atashba ATASHBAND ARASH q4 8:29 Sat 12:03 5MNo0CvcmGI
momaya MOMAYA KIRANKUMAR q8 2:27 Sat 18:05 VDutRI4GeEQ CivMASc
Notice that the above one apparently shows a part of the encrypted password.
[128.100.8.20]
Login name: elder In real life: ELDER J David
Office: Aero125, research Home phone: M0
Directory: /research/elder Shell: /bin/shells/Research
On since Nov 23 19:49:44 on ttyq0 48 seconds Idle Time
No Plan.
As above, it shows the office number, and a place for the home phone number.
>
>Ed
>---
>ProLine: edwardp@pro-angmar
>Internet: edwardp@pro-angmar.alfalfa.com
>UUCP: uunet!alfalfa!pro-angmar!edwardp
-Blake Kadatz, e-mail: kadatz@mailserver.sfu.ca
-------------------
From
From: CHOWNING@ACUVAX.ACU.EDU (CHELAGOI)
Subject: Re: Dave (The Stud) Duke likes Republicans!
Message-ID: <911126163245.e3a8@ACUVAX.ACU.EDU>
Sender: CHOWNING@ACUVAX.ACU.EDU
Date: 26 Nov 91 10:32:45 GMT
I really do not understand what in the world you are refering to.
I have not seen any subject that would call the type of language you
used in your message. Could you be a little clearer in personal
message to me.
--- Chelagoi
-------------------
From
From: morgan@ms.uky.edu (Wes Morgan)
Subject: Re: System Accounting: Fascist Tool?
Message-ID: <1991Nov26.232012.2924@ms.uky.edu>
Date: 26 Nov 91 23:20:12 GMT
References: <9111261414.AA19022@se33.wg2.waii.com> <1991Nov26.161123.7594@eff.org>
kadie@eff.org (Carl M. Kadie) writes:
>thompson@se01.wg2.waii.com (Jim Thompson) writes:
>>I would also add that, in the interest of protecting those who aren't
>>unix-savvy, the sysadmin powers-that-be have an *obligation* to their users to
>>inform them of ps, its dangers, and how
>>to protect against them. (And probably
>>also about lpq or lpstat.)
"dangers"? "dangers"??!!
The length of the list of "privacy-invading" programs/utilities continues
to amaze me. In this thread, various posters have condemned:
-- who
-- finger
-- ps
-- lpq/lpstat
-- acctcom
How far is this going to go? Are you folks going to speak against the
inclusion of date/time stamps in electronic mail? After all, those lines
tell people which machine you used for email and when you used it; horrors!
Let's refute these 5 sample cases on an individual basis:
Note: These rebuttals are based on the academic model; corporate or
private systems are completely outside of this model. Users of
academic systems are using University resources, which makes their
usage a public matter, in my opinion.
-- who
Con: It's nobody's business whether or not I'm logged in!
Pro: Many users check who before starting large jobs. If
they see, say, 6 people from their class logged in,
they may not want to run their huge fortran program
at that time.
Many users have discovered that their passwords were
compromised by checking who.
-- finger
Con: It's nobody's business when I last read my mail!
It's nobody's business if I use a pseudonym!
Pro: When people receive unrequested email or messages,
finger is the first step in identifying the source.
When admins (or professors, or bureaucrats) need information
about a user, finger is often the first stop. In official
matters, pseudonyms are unacceptable.
When users are trying to contact each other, finger is often
a first step ("Did he have a chance to read the mail I sent?")
-- acctcom
Con: It's nobody's business what I use the computer for!
Pro: Many systems are intended solely for academic use.
acctcom can be an indicator of possible abuses of the
system.
While the "academic use" condition is usually very broad,
many sites have a strict "not for profit/private business"
policy. acctcom can be an indicator of possible abuses.
On systems with fees/charges, many department heads/managers
use accounting tools to enforce system policies
-- ps (and w and top, as well)
Con: It's nobody's business what my processes are doing!
Pro: Many users schedule their work based on the system load.
If their jobs are not completed within the norms, users
usually use ps to get a general picture of the system.
Sysadmins use ps for gross system optimization.
Many classes (especially in CS/EE) use system monitoring
tools such as ps to demonstrate "how real systems are used".
-- lpq/lpstat
Con: It's nobody's business what I print!
Pro: User schedule their printing based on the system load.
Some systems charge for printing; lpq/lpstat become valuable
tools for department heads/managers, who do not normally have
sysadmin privileges.
>Maybe we have an outline of a confidentially policy for the Statement
>on Computers and Academic Freedom.
>Information about users should not be disclosed to outsiders except
>under the conditions specified under Federal law.
If the system contains such information, it should certainly be protected.
Examples of this would be SSNs, home addresses, and the like. Of course,
my systems only say "User jbfoo01 is John B Foo, and he's a Mechanical
Engineering student"; that's hardly private information.
>2. Email and news reading
>
>Library confidentially policy applies to use of email, Netnews,
>anonymous archives, and similar media. This limits the collection,
>retention, and dissemination of personally-identified use records.
Yes and no; I've often been asked for my name and position when using
public library facilities, such as PC labs, microfiche machines, and
other semi-controlled facilities. I'm sure that those records still
exist. I would point out that those records merely state that I was
using a microfiche machine; they don't say anything about the individual
fiches I was perusing. That's an important distinction, which I'll talk
about later in this posting.
>3. User control
>
>Unless there is a good reason, information about a user
>should either be confidential or under each users control.
Nope. I don't buy this one. There is nothing wrong with disseminating
how my systems are used. I don't see anything wrong with seeing that
jbfoo01 was running "vi junk.f". If he's protected his files from other
users, what "private information" is being revealed here? "junk.f" might
(or might not) be a Fortran program, which he might (or might not) be
building for a class. It might actually be a love letter to his girlfriend
Flo. Assuming that information belonging to users (i.e., files) are protected
by privacy policy, I don't see anything wrong with making the typical "ps"
information available.
>e.g. "The 'ps' command is allowed because (we think) it
>enables better cpu and memory sharing on computers."
>(Not "Because if you don't like you can use a PC.")
OK, you asked for it:
"We do not find the normal Unix command set invasive of user privacy.
Therefore, we have chosen to make the default installation of Unix
available to you. You can find more information in the online help
files or in the printed manuals in room XXX."
>b) Users should be informed of what kind of information might
>disclosed (i.e. if you signed on, when you last read mail, how much
>CPU you are using, what command you have run in the last 2 days) and
>to what kind of person (i.e. sys admins, other users, anyone on the
>Net, etc)
Carl, you just added 5-10 pages to my policy statement with this
statement. Is it really necessary? In 15 years of working with
computers (the last 5 as a full sysadmin, with assistance experience
prior to that), I have never heard a single complaint about these
facilities.
By the way, would you like to try explaining all of these commands
to incoming freshmen with zero large-system experience? They don't
even know what a "process" is, much less what the status would be!
(for you non-Unix types, "ps" stands for "process status")
Rather than
arbitrarily promoting privacy screens, let's nail down the reasons
by which these standards should be imposed. So far, all I've seen
is "It's nobody's business!".
Remember, this thread started with a user who didn't want to have
his real name attached to a user account on a University system,
which was given to him at the expense of said University. Can
you imagine trying to manage a system where all the
usernames were tied to pseudonyms? Suppose that "finger al3w" resulted
in "Name: The Zorkmeister"; wasn't that helpful? Sheesh. Suppose that
someone's faculty advisor is trying to get in touch with you; I guess
he just loses, eh? No, you lose, because you are making it impossible
for people to use the system effectively to contact you.
Please, let's nail down the need before we start finding
solutions.
>What are all the ways that information is disclosed, say,
> on a Unix system? (finger, ps, top, ...) Hasn't
> someone somewhere already documented theses?
Yup, it's freely available to any user in almost any Unix text I've
ever seen. The online man pages and printed manual for your particular
system are the best place to start.
In conclusion, the computer is a tool; it's applications are much like
those of an audio/visual lab. The a/v lab needs to know if you are
using the microfilm machine. They don't need to know what you're using
it *for*, but they need to know that you're using it. The computer lab
users need know if you are using ANSYS; they don't need to know what you're
using it FOR, but they need to know that you're using it.
If you approach a computer system as a collection of tools (just like
the a/v lab is a collection of tools), then the need for this information
becomes apparent. Your use of a given computer system affects all other
users of that system, just like your use of the microfilm machine affects
all the other users of the a/v lab. What's the difference?
--
morgan@ms.uky.edu |Wes Morgan, not speaking for| ....!ukma!ukecc!morgan
morgan@engr.uky.edu |the University of Kentucky's| morgan%engr.uky.edu@UKCC
morgan@ie.pa.uky.edu |Engineering Computing Center| morgan@wuarchive.wustl.edu
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: [alt.irc] Re: Sysadmins banning IRC...
Message-ID: <199111270046.AA20439@eff.org>
Sender: kadie
Date: 26 Nov 91 14:46:23 GMT
From
From: yesowitc@ucunix.san.uc.edu (Doogie)
Subject: Re: Sysadmins banning IRC...
Message-ID: <1991Nov18.162546.10655@ucunix.san.uc.edu>
Date: 18 Nov 91 16:25:46 GMT
This is a retransmission of a article that appeared in comp.unix.admin last
year from the system administrator for the engineering college machines here
at the University of Cincinnati. This post lead to IRC and any type of MUD
being banned and monitered on ALL university systems. [except 2...one with
a busy sysadmin who didn't really care and one affiliated with the college of
business where his users were too brain dead to look for things like IRC so
he never had to worry about it.] My point is there are system admins who
will ban IRC because they don't like it. I and many other IRC users including
Trillian, who is a former student at UC tried to talk to him and he wouldn't
listen to our arguments, saying only that they
had validity but his reasons were more compelling then ours.
>From uccba!uceng!pmartin Thu Mar 14 12:39:32 EST 1991
Article 1188 of comp.unix.admin:
>From: pmartin@uceng.UC.EDU (Paul Martin)
Subject: IRC and Security
Keywords: IRC SECURITY
Message-ID: <7748@uceng.UC.EDU>
Date: 13 Mar 91 14:04:17 GMT
I am sure that the following post will bring out religious fervor by
a few fanatics, however I am prepared to don my asbestos suit.
Disclaimer: I am not the net police, just a system manager who has been
burned.
I am a Unix system administrator here at the University of Cincinnati.
I have just recently discovered a band of computer hackers/pirates that
have been using the Internet to pirate commercial software. There were
more than twenty individuals involved. In talking to many of those involved,
there seems to be a common thread, IRC or Inter Relay Chat. These people
told me that they were passing the passwords through IRC as well as meeting
other hackers. I believe that IRC has potential to do some good, however
I believe that it attracts those with little to do with their time and those
immature people who use IRC as a big teenage party line. We have removed
IRC because of the problems that I described above. I urge all administrators
who are interested in preventing unauthorized use of their system and who
have IRC installed, to re-evauluate their desision to keep IRC. To illustrate
the point of IRC being used by those with nothing better to do with their
time I have enclosed a copy of a message posted to alt.irc which describes
a plan to use the internet for fantasy role playing games:
***This is Doogie again...I deleted this part...I didn't want it to get too
long...if you really want it, I'll mail it to you.***
Thanks,
-doogs
-marci yesowitch
*****************************************************************************
** M.D. Yesowitch University of Cincinnati Major: **
** 145 W. McMillan Apt. 328 Primary Mail location: *sigh* **
** Cincinnati, OH 45219 yesowitc@ucunix.san.uc.edu Year: **
** yesowitc@ucqais.uc.edu Junior **
** darling doogie: The Triumph of Idiocy over Planning **
*****************************************************************************
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: [alt.irc] Re: Sysadmins banning IRC...
Message-ID: <199111270046.AA20513@eff.org>
Sender: kadie
Date: 26 Nov 91 14:46:59 GMT
From
From: sfrazier@sol.ulowell.edu (Scott W. Frazier)
Subject: Re: Sysadmins banning IRC...
Message-ID:
Date: 23 Nov 91 17:17:00
Greetings,
I've read the previous messages about IRC being banned and I've
noticed a really striking thing. The majority of the people don't seem
to recognize that IRC is not an academic priority. IRC is entertainment,
just like MUD, nethack or moria. The fact that you are talking to
someone on the other end is completely irrelevent. I've watched IRC for
months and I've yet to find any discussion of any academic merit. I'm
not criticizing the resource but the way the resource is being utilized.
To say that it is the system administrators job to make the
students happy is also incorrect. The system administrators job is to
keep the machines running and ensure that people can do their research
and coursework. IRC is a plaything, and as a plaything it doesn't
deserve a sysadmins undivided attention nor should it get a lions share
of resources. If IRC were causing security problems here, I'd definitely
recommend that it be banned. MUD was causing two security problems a
week, so it was banned.
You must recognize that university computing resources are not
there to provide a place to play. If there are times when those
resources aren't being used, then I'm all in favor of putting irc, mud,
moria or whatever you want on it. I don't like seeing resources go
unutilized, but the machines belong to the CS department and the CS
department retains the right to control who uses their machines and what
they are used for. It's not that a system administrator "doesn't like" a
piece of software as much as from a sysadm's view, IRC is a waste of
resources in the sense that it consumes cycles that could be put to
better use. That is a judgement call that must be made by every system
admin, and resorting to name calling or screaming that the person
deserves to lose their job because of something this stupid is assanine.
To ban entertainment software that interferes with projects and student
course work is part of the sysadm's job. Any sysadm that was willing to
allow games to interfere with the primary purpose of the
systems/department s/he supports deserves (in my opinion) to lose his/her
job. A sysadm who allows that to go on isn't doing their job.
Sorry this message got so long, but I thought you might be
interested in the view from the other side of the fence. Perhaps some
day IRC will be put to more intelligent use, but that problem is with the
user base, not the resource itself. As always these opinions are mine
and do not reflect official policy of the University of Massachusetts,
Board of Regents, or anyone else who's opinion actually matters. :)
Regards,
S. W. Frazier
BTW, I don't read this newsgroup religiously, so if you care to flame me
or otherwise reply, please either send me e-mail or follow-up to this
newsgroup and cc: a copy to me.
--
Scott W. Frazier sfrazier@cs.ulowell.edu
System Operations Intelligensia sfrazier@dragon.cpe.ulowell.edu
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: [alt.irc] Re: Sysadmins banning IRC...
Message-ID: <199111270047.AA20599@eff.org>
Sender: kadie
Date: 26 Nov 91 14:47:34 GMT
From
From: sean@coombs.anu.edu.au (Sean Batt)
Subject: Re: Sysadmins banning IRC...
Message-ID:
Date: 25 Nov 91 07:25:22 GMT
G'Day all,
Scott's got it right, you know: IRC doesn't have very much academic
respectability and hence has a low priority when it comes to resource
allocation. In an environment where computing resources are finite,
system administrators really must be able to restrict or deny access
to apparently unproductive programs like IRC, or talk, or news or even
mail. Sysadmins, remember, often have a clearer picture of overall
resource usage than do their users.
Around assignment deadline time in the undergraduate terminal rooms
here, for example, I've seen people queue for terminals some of which
were being used to run IRC. Certainly, denying IRC access unilaterally
hurts the concientious, fair minded IRC users who don't unfairly
monopolise these resources, but how on earth do you cheaply implement
a fairer policy? (Suggestions greatfully appreciated!)
I have some sympathy for the view of the sysadmins who see IRC as a
security risk. Unfortunately it would seem that IRC has been
indirectly responsible for two counts of electronic trespassing (read
cracking) at my site. I've provided a guest account for people to use
IRC, and tried quite hard to stop malicious use of that service, but
I've still been able to track a copy of my passwd file on uunet to a
guest user. (Doesn't that just rot your socks? Sheesh! Try and be nice
and someone still takes advantage of you.)
Balancing that however, I've found IRC to be a very valuable service,
both professionally and personally; I've "met" some really nice people
and recieved advice on how to clean up after a crack (1/2 :-), for
example.
So IRC has a >0 cost and a >0 benefit, and presently the benefits
outweigh the cost so I provide IRC services. If the balance changes
adversely, I'll limit the service or remove it completely.
Sean (a.k.a. MupBear)
--
------------- Sean Sebastian Batt - sean@coombs.anu.edu.au -------- .______.
-------- Coombs Computing Section - Telephone: +61 6 249 3296 ----- | Damn |\
-- Australian National University - GPO Box 4 Canberra City 2601 -- | Fine |/
------------------------------------------------------------------- `------'
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: [alt.irc] Re: Sysadmins banning IRC...
Message-ID: <199111270048.AA20782@eff.org>
Sender: kadie
Date: 26 Nov 91 14:48:32 GMT
From
From: pjd@magnus.acs.ohio-state.edu (Peter J Dotzauer)
Subject: Re: Sysadmins banning IRC...
Message-ID: <1991Nov19.192349.6858@magnus.acs.ohio-state.edu>
Date: Tue, 19 Nov 1991 19:23:49 GMT
In article <1991Nov18.162546.10655@ucunix.san.uc.edu> yesowitc@ucunix.san.uc.edu (Doogie) reposts this:
>>From uccba!uceng!pmartin Thu Mar 14 12:39:32 EST 1991
>Date: 13 Mar 91 14:04:17 GMT
>Organization: Univ. of Cincinnati, College of Engg.
>
>I am a Unix system administrator here at the University of Cincinnati.
>I have just recently discovered a band of computer hackers/pirates that
>have been using the Internet to pirate commercial software. There were
>more than twenty individuals involved. In talking to many of those involved,
>there seems to be a common thread, IRC or Inter Relay Chat.
Holy horror! I've heard of a gang who used simple telephones to communicate
and coordinate their criminal activities. It's high time we do something
about telephones, too. Just eliminate them, I say!
-
--
Peter Dotzauer, Analyt.Cart.& GIS, Dept.of Geogr., OSU, Columbus, OH 43210-1361
TEL +1 614 292 1357 FAX +1 614 292 6213 FIDO 1:226/50 IRC/Relay Ratzer
INTERNET pjd+@osu.edu BITNET pjd+@ohstmail UUCP ...guug!pjd
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: [alt.irc] Re: Sysadmins banning IRC...
Message-ID: <199111270048.AA20692@eff.org>
Sender: kadie
Date: 26 Nov 91 14:48:04 GMT
From
From: stealth@engin.umich.edu (Mike Pelletier)
Subject: Re: Sysadmins banning IRC...
Message-ID:
Date: Mon, 25 Nov 91 13:28:35 EST
In article sfrazier@sol.ulowell.edu
(Scott W. Frazier) writes:
> I've read the previous messages about IRC being banned and I've
>noticed a really striking thing. The majority of the people don't seem
>to recognize that IRC is not an academic priority. IRC is entertainment,
>just like MUD, nethack or moria. The fact that you are talking to
>someone on the other end is completely irrelevent. I've watched IRC for
>months and I've yet to find any discussion of any academic merit. I'm
>not criticizing the resource but the way the resource is being utilized.
The only sample you're using is what you can see and have access to.
People having discussions about research collaboration or textbook
writing aren't going to be doing that on +hottub -- they'll either
use a private or secret channel, or send private messages back and forth,
both things that you can't see. And if you don't happen to be around at
the right time, you'll miss it.
> To say that it is the system administrators job to make the
>students happy is also incorrect. The system administrators job is to
>keep the machines running and ensure that people can do their research
>and coursework. IRC is a plaything, and as a plaything it doesn't
>deserve a sysadmins undivided attention nor should it get a lions share
>of resources.
As I stated above, your conclusioin that IRC is a plaything is not
valid. It is simply a communication tool. As an example of one of the
things that is going on that you haven't noticed, Holly Towne, a computer
literacy teacher in Knoxville, Tennessee, recently had a grant proposal
approved to network Knoxville area public schools and connect them to the
vast information resources that are available on the Internet. She learned
the ropes and learned about what is available through help she recieved
on IRC, and she is currently helping her students use IRC, and the ability
to instantaneously talk to peopel from all over the world is helping to
generate a sense of excitement and wonder that will carry them through the
tough parts of learning about computers. What could be better than a
bunch of seventh graders who are truly excited about the possibilities
of computers and networking, and who *want* to learn all they can about it?
She can relate this much better than I, her address is:
towne@shadowfax.knox.tn.us
> If IRC were causing security problems here, I'd definitely
>recommend that it be banned. MUD was causing two security problems a
>week, so it was banned.
Your assumption that IRC is useless has you come to that conclusion.
My viewpoint is that IRC is on par with e-mail and the fingerd. Both
have been known to cause serious security problems, and yet, here they are.
Thus, I come to a different conclusion -- namely, that I should fix the
security holes.
-Mike.
--
Mike Pelletier | Administrator of the systems that people tend
The University of Michigan | to be touchy about -- USENET News, Mail, and IRC.
College of Engineering | My asbestos suit is always close at hand.
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: [alt.irc] Client creation...(IRC banned)
Message-ID: <199111270052.AA21080@eff.org>
Sender: kadie
Date: 26 Nov 91 14:52:36 GMT
From
From: cpccs@marlin.jcu.edu.au (Cameron Stockwell)
Subject: Client creation...(IRC banned)
Message-ID: <1991Nov23.090130.8226@marlin.jcu.edu.au>
Date: 23 Nov 91 09:01:30 GMT
Hi there...
Well, alas I cannot join IRC as often as i would like, since the admin
here considers use of FTP or Telnet to off-campus sites illegal, and,
accounts will be shut down if anyone is caught doing so. My only access
to IRC is via a server outside this uni.
To solve this I have been told to create my own client. I would think
that the admin would be really pissed if I created one....
Is there another solution? You guys in OZ...any ideas? Geggle? Avalon?
How would I go about creating a client?
Any ideas will be greatly appreciated......Thanx
Cameron.....'Isiah'
_________________________________________________________
E-Mail: cpccs@marlin.jcu.edu.au
"We don't like cricket......WE LOVE IT!"----Go Qld
---------------------------------------------------------
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: [alt.irc] Re: Client creation...(IRC banned)
Message-ID: <199111270053.AA21148@eff.org>
Sender: kadie
Date: 26 Nov 91 14:53:01 GMT
From
From: stealth@engin.umich.edu (Mike Pelletier)
Subject: Re: Client creation...(IRC banned)
Message-ID:
Date: Mon, 25 Nov 91 13:35:59 EST
In article <1991Nov23.090130.8226@marlin.jcu.edu.au> cpccs@marlin.jcu.edu.au
(Cameron Stockwell) writes:
> the admin
>here considers use of FTP or Telnet to off-campus sites illegal, and,
>accounts will be shut down if anyone is caught doing so.
Well, what the f*ck does he have a network connection for, then?
Seems like a really asinine policy, considering the WEALTH of information
and resources that are available via FTP and telnet.
--
Mike Pelletier | Administrator of the systems that people tend
The University of Michigan | to be touchy about -- USENET News, Mail, and IRC.
College of Engineering | My asbestos suit is always close at hand.
-------------------
From
From: kadie@eff.org (Carl M. Kadie)
Subject: [alt.irc] Creating Clients....(IRC banned)
Message-ID: <199111270053.AA21230@eff.org>
Sender: kadie
Date: 26 Nov 91 14:53:55 GMT
From
From: cpccs@marlin.jcu.edu.au (Cameron Stockwell)
Subject: Creating Clients....(IRC banned)
Message-ID: <1991Nov26.075113.2064@marlin.jcu.edu.au>
Date: Tue, 26 Nov 91 07:51:13 GMT
Well, I recevied a chain letter yesterday, and as a result of reporting
it to my admin, my account is to be shut down on Friday. Because of
this, there is no point in compiling a client. Without saying it, my
admin blames IRC for th echain letter, and since it is illegal here, my
account is now history.
MY THANKS TO THE PPL WHO SEND THE CRAP LETTERS.
Bye
Cameron
'Isiah'
-------------------
From
From: sigma@sun.ipl.rpi.edu (Kevin Martin)
Subject: Re: System Accounting: Fascist Tool?
Message-ID: <1jgq9l=@rpi.edu>
Nntp-Posting-Host: ipl.rpi.edu
References: <9111261414.AA19022@se33.wg2.waii.com> <1991Nov26.161123.7594@eff.org> <1991Nov26.232012.2924@ms.uky.edu>
Date: 27 Nov 91 03:07:42 GMT
morgan@ms.uky.edu (Wes Morgan) writes:
>The length of the list of "privacy-invading" programs/utilities continues
>to amaze me...
> -- lpq/lpstat
> Con: It's nobody's business what I print!
> Pro: User schedule their printing based on the system load.
> Some systems charge for printing; lpq/lpstat become valuable
> tools for department heads/managers, who do not normally have
> sysadmin privileges.
Here at RPI, the large mainframe printers are used by people from all
across campus - students, faculty, space aliens, etc. On a machine which
has many users running print jobs, lpq often reports several hundred jobs.
Those jobs include the job number, user's name, size of the job, name of
the file, etc. This information could be scanned for interesting sounding
files like 'mbox' or 'exam3.dvi' and a malicious person could then simply
go pick these printouts up from the racks. No questions asked.
Of course, professors should really know better - they can specify that
their job be held behind the counter. And other than the above-mentioned
problem, the most amusing information I've obtained from 'lpq' is the
percentage of jobs which are stories from rec.arts.erotica, at any given
time. Roughly 25-30%, I'd say.
--
Kevin Martin
sigma@ipl.rpi.edu
-------------------
From
From: fsars@acad3.alaska.edu (Allen R Sparks)
Subject: Re: System Accounting: Fascist Tool?
Message-ID: <1991Nov26.173434.1@acad3.alaska.edu>
Sender: news@raven.alaska.edu (USENET News System)
Nntp-Posting-Host: acad3.alaska.edu
References: <9111261414.AA19022@se33.wg2.waii.com> <1991Nov26.161123.7594@eff.org> <1991Nov26.232012.2924@ms.uky.edu>
Date: Tue, 26 Nov 1991 21:34:34 GMT
I've been reading this thread with some interest. There are a lot of
commands that one can use to find out things about a user and
depending on the machine, you don't necessarily have to have an
account on it to use. For example, many machines have finger servers
that allow one to find out who is logged on, and even what they are
doing while logged on. In fact, many machines return ps output when
fingered remotely.
I don't have a problem with that. Many machines can disable that.
Sysadmins can disable finger if they don't want their machine to be
that public.
Nevertheless, I support these accounting measures. As has been
mentioned before, these are PUBLIC machines (we are talking about the
academic environment). Nowadays, there also so many of them. On
many campuses, users have a lot of choices as to which machine to log
on. Most of ours here at UAF, are public. But there are no fees
charged for the use of these machines (that may change). The one
machine on our campus that does charge for the use of CPU time, has no
finger server, nor does it allow one to find users through the VAX/VMS
phone utility (it's a VAX/VMS machine).
BTW, even VAX/VMS machines are running finger these days. It is
possible for users to find out what other users are doing on non-unix
machines using unix-like programs. While I don't need to know who is
using what program, I have found it consistent with my right to know
as to how many people are running some sort of game, how many people
are running mail, etc. Without this information how can I
significantly contribute to the discussion on that machine's useage?
If the machine is slowing down a lot while I'm trying to do my
homework, finding out who is using what is one way to find out why.
=== Al Sparks
--------------------
--
| William W. Arnold | warnold@eff.org | has8wwa@cabell.vcu.edu |
| Co-moderator: Computers and Academic Freedom Mailing list |
| I speak for myself, not {him, her, it, eff}. |
From warnold Sun Dec 1 06:33:15 1991
Received: by eff.org id AA29596
(5.65c/IDA-1.4.4 for cafb-list@eff.org); Sun, 1 Dec 1991 11:33:19 -0500
Reply-To: comp-academic-freedom-talk
From
From: comp-academic-freedom-talk
Precedence: bulk
To: comp-academic-freedom-talk
Errors-To: comp-academic-freedom-talk-request
Date: Sun, 1 Dec 1991 11:33:15 -0500
X-Digest-Sender: "William W. Arnold"
Message-Id: <199112011633.AA29591@eff.org>
Subject: Computers and Academic Freedom mailing list (batch edition)
Computers and Academic Freedom mailing list (batch edition)
Sun Dec 1 11:32:37 EST 1991
[For information on how to get a much smaller edited version of the
list, send email to archive-server@eff.org. Include the line:
send acad-freedom caf
- Billy ]
In this issue:
thompson@se01.wg2. : Re: System Accounting: Fascist
kadie@cs.uiuc.edu : (news.admin) Re: Tracking news reading (a different angle)
jon@cyclone.MITRE. : Re: Ohio State ACS policy (was Re: Re; XXXXX Expulsion. W
sean@ms.uky.edu (S : Re: (alt.irc) Re: Sysadmins banning IRC...
brack@uoftcse.cse. : Canada: Police Seize BBS, Software Piracy Charges Expecte
NEELY MP@DARWIN.NT : BBS siezure
fsars@acad3.alaska : Re: BBS siezure
kadie@cs.uiuc.edu : (comp.admin.policy) Gaming
mike@kaplaah.UUCP : Re: Watch What You Post!!! (1984 Revisited)
The addresses for the list are now:
comp-academic-freedom-talk@eff.org - for contributions to the list
or caf-talk@eff.org
listserv@eff.org - for automated additions/deletions
(send email with the line "help" for details.)
caf-talk-request@eff.org - for administrivia
-------------------
From
From: thompson@se01.wg2.waii.com (Jim Thompson)
Subject: Re: System Accounting: Fascist Tool?
Message-ID: <9111271314.AA02555@se33.wg2.waii.com>
Sender: thompson@se01.wg2.waii.com
References: <1991Nov26.232012.2924@ms.uky.edu>
Date: 27 Nov 91 13:14:08 GMT
morgan@ms.uky.edu (Wes Morgan) writes:
> kadie@eff.org (Carl M. Kadie) writes:
> >thompson@se01.wg2.waii.com (Jim Thompson) writes:
> >>I would also add that, in the interest of protecting those who aren't
> >>unix-savvy, the sysadmin powers-that-be have an *obligation* to their users to
> >>inform them of ps, its dangers, and how
> >>to protect against them. (And probably
> >>also about lpq or lpstat.)
>
> "dangers"? "dangers"??!!
To privacy. I guess "dangers" is a bit extreme, though; perhaps "risks" would
have been a better choice. But the point is the same: a careless or ignorant
user can, under certain circumstances, reveal things about himself.
>
> The length of the list of "privacy-invading" programs/utilities continues
> to amaze me. In this thread, various posters have condemned:
>
> -- who
> -- finger
> -- ps
> -- lpq/lpstat
> -- acctcom
You implicitly lump in with these "various posters". Please. I did not
condemn ps, I merely presented a few facts and (admittedly contrived)
examples. I rejected, and continued to reject, the notion that ps is
"privacy-invasive"; if anything, I tried to put the burden where it belongs:
on those who wish to protect every bit and byte of information regarding
themselves.
> >b) Users should be informed of what kind of information might
> >disclosed (i.e. if you signed on, when you last read mail, how much
> >CPU you are using, what command you have run in the last 2 days) and
> >to what kind of person (i.e. sys admins, other users, anyone on the
> >Net, etc)
>
> Carl, you just added 5-10 pages to my policy statement with this
> statement. Is it really necessary? In 15 years of working with
> computers (the last 5 as a full sysadmin, with assistance experience
> prior to that), I have never heard a single complaint about these
> facilities.
It shouldn't be necessary to add 5-10 pages to your policy statement. That
is, you needn't give new users a lesson in ps, lpq, ad nauseam -- just point
out the specific commands, what sort of information they reveal, refer the
users to the man pages, and let them RTFM.
I can appreciate that you've never had problems with these commands at UK, but
remember that Carl is formulating a general statement to be used as a guide
for making policy at any given academic computing site (correct me if I've got
this wrong, please, Carl). As such, I think that the statement should include
a recommendation that users be informed of the privacy issues. Users have a
right to know, up front, what information about them might be disclosed, and
how -- even if they have no choice about some of it, for example their real
name being associated with their uid via finger.
--
Jim Thompson - thompson@se01.wg2.waii.com | Conjunction Junction,
Western Geophysical Exploration Products | what's your function?
Houston, Texas |
-------------------
From
From: kadie@cs.uiuc.edu (Carl M. Kadie)
Subject: [news.admin] Re: Tracking news reading (a different angle)
Message-ID: <9111272057.AA18783@m.cs.uiuc.edu>
Sender: kadie@cs.uiuc.edu
Date: 27 Nov 91 08:57:23 GMT
From
From: root@mjbtn.jobsoft.com (Mark J. Bailey [ADMIN])
Subject: Re: Tracking news reading (a different angle)
Date: Mon, 25 Nov 1991 04:01:48 GMT
Message-ID: <1991Nov25.040148.2995@mjbtn.jobsoft.com>
In <1991Nov21.095625.3182@bohra.cpg.oz.au> als@bohra.cpg.oz.au (Anthony Shipman) writes:
>smee@bristol.ac.uk (Paul Smee) writes:
>I have a program that I used to run that scanned all news groups, scanned all
>readers' .newsrc files and built a profile. Based on some heuristics
>hard-wired into the code it generated an explist file for C news. (At the
>moment I have lots of space and have stopped running it.) If enough people are
>interested I could posts it somewhere.
Yes, please do !
Mark.
--
Mark J. Bailey, N4XHX _______/====X11====\_______
USMAIL: 511 Memorial Blvd., Murfreesboro, TN 37129 | JobSoft |
VOICE: +1 615 893 0098 | Design & Development Co.|
UUCP: ...!uunet!mjbtn!mjb, ...!raider!mjbtn!mjb | Murfreesboro, TN USA |
DOMAIN: mjb@mjbtn.JOBSOFT.COM CIS: 76314,160 ---------------------------
-------------------
From
From: jon@cyclone.MITRE.org (J. E. Shum)
Subject: Re: Ohio State ACS policy (was Re: Re; XXXXX Expulsion. What Happened?)
Message-ID: <1991Nov28.003902.2021@linus.mitre.org>
Date: 28 Nov 91 00:39:02 GMT
Article-I.D.: linus.1991Nov28.003902.2021
References: <1991Nov7.153727.28800@eff.org>> <1991Nov9.140334.9055@eff.org> <1991Nov11.045906.26633@eng.umd.edu>
Sender: news@linus.mitre.org (News Service)
Originator: jon@cyclone
Nntp-Posting-Host: cyclone.mitre.org
In article <1991Nov11.045906.26633@eng.umd.edu>, russotto@eng.umd.edu (Matthew T. Russotto) writes:
>
> > o Respect the finite capacity of systems, and limit your own
> > use so as not to interfere unreasonably with the activity of
> > other users.
>
> This looks like license to punish for _ANYTHING_! (WHAT! You were running
> TWO copies of gnuemace while compiling your program? CPU HOG!)
>
I don't see it that way. To me it means that one should remember that one
is a member of a community of users who have a need to use the system that
is just as genuine as one's own need to do so and act accordingly. As a
sysadmin with nearly 7 years experience on Vaxes, PDPs, and Suns I am
continually amazed at the disregard that the average user has for others
on the system.
> > o Respect the procedures established to manage the use of the
> > system.
>
> This is a blank check-- means the users have to abide by any policies
> unilaterally established in the future.
>
Again, I see it differently. Circumstances change. New equipment comes
in. Users come and go. As a result policies have to change; sometimes
with little or no notice. This just looks like a CYA for that situation
to me.
--
J. E. Shum, 20904-6188, U.S.A.
If you have a hero, look again. You have probably
diminished yourself in some way. -Sheldon Kopp
-------------------
From
From: sean@ms.uky.edu (Sean Casey)
Subject: Re: [alt.irc] Re: Sysadmins banning IRC...
Message-ID: <1991Nov28.061832.23555@ms.uky.edu>
Date: 28 Nov 91 06:18:32 GMT
References: <199111270047.AA20599@eff.org>
Perhaps one would want to compare the signal-to-noise ratios of IRC
and, say, Usenet.
But who would judge what's noise and what's not, eh? And that's where
we get in trouble, by trying to presume what is useful to an
individual.
Using chat systems has substantially enhanced the quality of my life
and academic pursuits. I wonder, however, if I would be able to
convince certain administrators of that, no matter how compelling the
evidence.
Sean
--
Sean Casey |``Wind, waves, etc. are breakdowns in the face of the
sean@s.ms.uky.edu | commitment to getting from here to there. But they are the
U of KY, Lexington| conditions for sailing -- not something to be gotten rid
606-258-6000 x280 | of, but something to be danced with.''
-------------------
From
From: brack@uoftcse.cse.utoledo.edu (Steven S. Brack)
Subject: Canada: Police Seize BBS, Software Piracy Charges Expected 11/25/91
Message-ID: <9111281655.AA25409@uoftcse.cse.utoledo.edu>
Sender: brack@uoftcse.cse.utoledo.edu
Date: 28 Nov 91 16:55:40 GMT
[Reposted from alt.bbs]
: From: scottp@skyfox.usask.ca ()
: From: newsbytes@clarinet.com
: Date: 26-NOV-1991 02:12:56
: Canada: Police Seize BBS, Software Piracy Charges Expected 11/25/91
:
:
: MONTREAL, QUEBEC, CANADA, 1991 NOV 25 (NB) -- The Federal
: Investigations Section of the Royal Canadian Mounted Police has
: seized components of a bulletin board system (BBS), known as 90
: North, from a home in the West Island area of Montreal. Charges of
: commercial distribution of pirated software may be laid this week.
:
: The RCMP seized 10 personal computers, seven modems, and
: software, worth about C$25,000 altogether. A statement released
: through the Canadian Alliance Against Software Theft (CAAST), a
: group of major software vendors, said a four-month investigation
: had found that the BBS was charging its subscribers C$49 per year
: for access to an assortment of software that included copies of
: commercial programs and beta-test versions of unreleased
: packages.
:
: The software available on the BBS included WordPerfect 5.0, DOS
: 5.0, Windows 3.0, Lotus 1-2-3 for Windows, Borland C++ 2.0,
: Borland's Quattro Pro 3.0 spreadsheet package, dBase IV 1.1, the
: Santa Cruz Operation's SCO Xenix for DOS, Novell Netware 3.11,
: and Clipper 5.0, the CAAST statement said.
:
: Alan Reynolds, a spokesman for CAAST, said the name of the BBS
: system operator has not been released and formal charges had not
: been laid at Newsbytes' deadline. However, he said, charges are
: expected to be laid within days.
:
: Under the Canadian Copyright Act, anyone convicted of distributing
: pirated commercial software can face imprisonment for up to five
: years, a fine of as much as C$1 million, or both.
:
: The Canadian Alliance Against Software Theft is an alliance of the
: Canadian arms of major software vendors Ashton-Tate (now owned
: by Borland International), Lotus Development, Microsoft, Novell, and
: Quarterdeck Office Systems.
:
: (Grant Buckler/19911125/Press Contact: Allan Reynolds, CAAST, 416-
: 598-8988)
My question/comment about this concerns the legality of confiscating
the computer along with the software.
Namely, if the charge is distributing copyrighted materials, then why
was the entire system taken? The computer itself, once unplugged, is
not terribly capable of providing evidence.
An idea occured to me that the perpetrator of this act, the sysop, could
more easily communicate his plight to others if he had a computer, and,
by taking it away, the RCMP has made it more difficult for him to clear
himself of the charges against him.
ALthough I don't agree with many of the antipornography laws, I do feel
that the general principle of taking the incriminating material, rather
than taking _everything_ is the more legal way to proceed.
-- Steve Brack
--
Steven S. Brack | brack@uoftcse.cse.utoledo.edu
2021 Roanwood Drive | STU0061@uoft01.utoledo.edu
Toledo, Ohio 43613-1605 _________/^\_______ sbrack@bluemoon.rn.com
+1 419 474 1010 | MY OWN OPINIONS | sbrack@nyx.cs.du.edu
-------------------
From
From: NEELY_MP@DARWIN.NTU.EDU.AU (Mark P. Neely, Northern Territory University)
Subject: BBS siezure
Message-ID: <911129101144.20200d69@DARWIN.NTU.EDU.AU>
Sender: NEELY_MP@DARWIN.NTU.EDU.AU
Date: 29 Nov 91 10:11:44 GMT
>My question/comment about this concerns the legality of confiscating
>the computer along with the software.
I'd tend to agree with Mr Bracks' statement. The only reason I can think
of for needing the computer is to get the details of its hardware etc. so
the prosecutors can accurately describe its set-up...but it need not
be taken away for this!
I was thinking about the need to confiscate the computer equiptment when reading
about the Steve Jackson Games episode.
If a newspaper is sued for defamation, do the plaintiff's have the right to
take away the printing presses? Nope.
>An idea occured to me that the perpetrator of this act, the sysop, could
>more easily communicate his plight to others if he had a computer, and,
>by taking it away, the RCMP has made it more difficult for him to clear
>himself of the charges against him.
It may be that the computer was withdrawn so as to prevent the commital
of further offenses! But this is hardly a justification. If a drink driver
is charged, do the police lock up his car until _after_ the trial?
It would be interesting to see how long it takes the department to give
the equiptment back! I wonder if they make use of the equiptment (i.e. modem
etc) whilst it is confiscated in order to aid in their investigations of
computer abuse?
It might be better if the computer (if it must be compounded at all) to be
done so at the local court or some other neutral place!!
> Steve Brack
Mark Neely
-------------------
From
From: fsars@acad3.alaska.edu (Allen R Sparks)
Subject: Re: BBS siezure
Message-ID: <1991Nov29.104637.1@acad3.alaska.edu>
Date: 29 Nov 91 14:46:37 GMT
References: <911129101144.20200d69@DARWIN.NTU.EDU.AU>
Sender: news@raven.alaska.edu (USENET News System)
Nntp-Posting-Host: acad3.alaska.edu
Regarding the confiscation of property.
Of course we're not talking about the United States for one thing.
We're talking about Canada which is going to have a different slant on
things when it comes to civil rights and property.
But in the United States there is precedence in other areas of law
enforcement for the confiscation of property BEFORE being found
guilty. (I'm not, by the way, defending the practice. I'm against
that kind of civil rights abuse.)
If you are arrested (or even just detained) for drug smuggling, your
possesions can be confiscated. If, in Alaska at least, you are
arrested for poaching or illegal fishing, your fishing pole is
seized, and they may also take your boat.
This is routine for the U.S. Coast Guard. They seize Japanese fishing
boats all the time (remember foreigners have the same rights as U.S.
citizens before a court of law) as well as U.S. fishing boats.
Soooo... This case is not unusual as far as how the U.S. does things.
=== Al Sparks
-------------------
From
From: kadie@cs.uiuc.edu (Carl M. Kadie)
Subject: [comp.admin.policy] Gaming
Message-ID: <9111300551.AA24055@m.cs.uiuc.edu>
Sender: kadie@cs.uiuc.edu
Date: 29 Nov 91 17:51:04 GMT
From
From: declan@ux1.cso.uiuc.edu (Declan J. Fleming)
Subject: Gaming
Message-ID: <1991Nov27.215410.18938@ux1.cso.uiuc.edu>
Date: Wed, 27 Nov 1991 21:54:10 GMT
Hi. I manage 8 student computing sites with about 500 machines (PC, MAC, NeXT)
and I'm having more and more trouble with gamers, especially IRCers and MUDers.
Our policy states that the sites are primarily for academic work. If all the
machines are full when a person comes in to do a paper, all the gamers are
booted for a period of time. This is getting to be a major headache for my
staff. How do you all handle it?
Declan J. Fleming
U of Ill
-------------------
From
From: mike@kaplaah.UUCP (Mike Batchelor)
Subject: Re: Watch What You Post!!! (1984 Revisited)
Message-ID: <9wm7BB1w164w@kaplaah.UUCP>
Date: 29 Nov 91 16:42:19 GMT
References: <1991Nov18.025221.9676@ux1.cso.uiuc.edu>
hucke@ux1.cso.uiuc.edu (Matt Hucke) writes:
> In article <1991Nov13.214812.2699@ux1.cso.uiuc.edu> lemson@ux1.cso.uiuc.edu (
> >
> >Bob indicated to me the other day that he had been misquoted in the
> >DI several times. You should wait to hear his side on this.
> >
>
> This isn't surprising at all, considering the Daily Illini's past record...
> remember the "colorless fluid" found in the boneyard last year? the DI called
> it "condensed water." and assured the public that it wasn't dangerous...
So what did it turn out to be? And what is 'the boneyard?'
+---------------------------[] Mike Batchelor []-----------------------------+
| I have no need for a [] ism!wilbur!kaplaah!mike [] ...'cause this system |
| disclaimer... [] stanton!qed!kaplaah!mike [] belongs to ME! |
+-------------[] mike@kaplaah.UUCP Long Beach, California []--------------+
Heisenberg had principles, didn't he? Hmmm...
--------------------
--
| William W. Arnold | warnold@eff.org | has8wwa@cabell.vcu.edu |
| Co-moderator: Computers and Academic Freedom Mailing list |
| I speak for myself, not {him, her, it, eff}. |
