jim@melpar.UUCP (Jim Hopkins) (07/13/90)
I need some X help. I want to "monitor" a window on another machine from my machine. I have source for all software running but would rather not modify any of it. I have full control of unix permissions etc. Ideally I'd like to tell the server on the other machine to duplicate the window on my display. I need no control over the "copied" window but I would watch what someone else was doing and see all updates to this window. It would be teacher/student type situation where the teacher can spy on the students progress/work habits. Perhaps I'll need an application that can decode names into window IDs on the other machine--that would be fine. Any hints or solutions would are appreciated. Thanks Jim Hopkins uunet!melpar!jim
almquist@hpavla.AVO.HP.COM (Mike Almquist) (07/16/90)
> I need some X help. > > I want to "monitor" a window on another machine from my machine. > I have source for all software running but would rather not modify any of it. > I have full control of unix permissions etc. > > Ideally I'd like to tell the server on the other machine to duplicate the > window on my display. I need no control over the "copied" window but I would > watch what someone else was doing and see all updates to this window. It would > be teacher/student type situation where the teacher can spy on the students > progress/work habits. > > Perhaps I'll need an application that can decode names into window IDs on > the other machine--that would be fine. > > Any hints or solutions would are appreciated. > Thanks > > Jim Hopkins uunet!melpar!jim > ---------- Is this ethical? Is there a good reason for doing this? I'd be majorly pissed off if someone was watching me - even more so if I didn't even know I was being watched. What is the reason for the Big Brother attitude? Did you see the articles about the situation at PSU between some users and their system administrators? If not, you should take a look at it. How is this tool going to be useful to you? Why don't you ASK the students about their progress and work habits? X is a good program, don't make people paranoid so that next versions of X will be more restrictive but secure. Use tools, don't abuse them. - Mike Almquist, Sys. Admin HP, Avondale, PA
mouse@LARRY.MCRCIM.MCGILL.EDU (der Mouse) (07/16/90)
>> I need some X help. >> I want to "monitor" a window on another machine from my machine. I >> have source for all software running but would rather not modify any >> of it. I have full control of unix permissions etc. > Is this ethical? Is there a good reason for doing this? I'd be > majorly pissed off if someone was watching me - even more so if I > didn't even know I was being watched. What is the reason for the Big > Brother attitude? There is not necessarily a Big Brother attitude involved. If I'm at my desk and someone three buildings away has a problem and wants help, quite likely both of us would appreciate having a way for me to watch exactly what goes on when whatever it is fails. > How is this tool going to be useful to you? I wrote a terminal emulator for X that is capable of displaying on more than one display, thus providing effectively what this person was asking for (in the admittedly limited realm of things that run in a tty emulator window[%]). The multi-display capability has proven useful on several occasions, usually for showing someone something, which is what I had in mind when I added it. (Imagine a classroom full of workstations. Now run one copy displaying everywhere but with input from only the teacher's workstation, plus one copy per student displaying on student's station and teacher's station both, with input from either. To my mind this is not significantly different from a situation like a language lab I was in once, where we were normally practicing alone but the teacher could hook into any student's set at will and monitor and/or comment; nobody questions whether this is ethical....) [%] And with certain other restrictions, notably that the multi-display arrangement must be set up when the emulator is started. der Mouse old: mcgill-vision!mouse new: mouse@larry.mcrcim.mcgill.edu
stripes@eng.umd.edu (Joshua Osborne) (07/16/90)
In article <9070003@hpavla.AVO.HP.COM> almquist@hpavla.AVO.HP.COM (Mike Almquist) writes: >> I need some X help. >> >> I want to "monitor" a window on another machine from my machine. >> I have source for all software running but would rather not modify any of it. >> I have full control of unix permissions etc. [...] >Is this ethical? If the watcher wants to be watched, yes. Otherwise it gets complicated. >Is there a good reason for doing this? If you are teaching a class you may want the students to be able to see what you are doing. If you are a support-person you may want to watch a user show you how "the system looses it's cookies". >I'd be majorly pissed >off if someone was watching me - even more so if I didn't even know I was being >watched. Learn how to use xauth, and netstat, and ps... >What is the reason for the Big Brother attitude? Did you see the >articles about the situation at PSU between some users and their system >administrators? If not, you should take a look at it. How is this tool going >to be useful to you? Why don't you ASK the students about their progress and >work habits? X is a good program, don't make people paranoid so that next >versions of X will be more restrictive but secure. Use tools, don't abuse them Take a valium! I have hacked up a R3 window spying program to place a warning box on the watchee's screen. ("Warning You are being watched! By user@display (site)") It won't take any work to remove the call to the warning function, so I am a bit leery of giving it out, lest it fall into the hands of crackers that are too stupid to write their own :-) -- stripes@eng.umd.edu "Security for Unix is like Josh_Osborne@Real_World,The Mutitasking for MS-DOS" "The dyslexic porgramer" - Kevin Lockwood "Don't try to change C into some nice, safe, portable programming language with all sharp edges removed, pick another language." - John Limpert
randy@uokmax.uucp (Longshot) (07/17/90)
almquist@hpavla.AVO.HP.COM (Mike Almquist) writes: >> I want to "monitor" a window on another machine from my machine. >> I have source for all software running but would rather not modify any of it. >> I have full control of unix permissions etc. >> >> Jim Hopkins uunet!melpar!jim >> ---------- >Is this ethical? Is there a good reason for doing this? I'd be majorly pissed >off if someone was watching me - even more so if I didn't even know I was being >watched. What is the reason for the Big Brother attitude? Did you see the >articles about the situation at PSU between some users and their system >administrators? If not, you should take a look at it. How is this tool going >to be useful to you? Why don't you ASK the students about their progress and >work habits? X is a good program, don't make people paranoid so that next >versions of X will be more restrictive but secure. Use tools, don't abuse them. Well, here at my site, we have had to monitor users in the past, because their actions were causing trouble, or we suspected them of trying to break system security. When we have had to do this in the past, we were able to tap the Annex port. As it happens, we usually catch someone doing something they shouldn't. We have some policy here that students are required to adhere to (they sign a form upon receipt of their account, agreeing to our terms), which includes not using other peoples' accounts, and other things. Sometimes, when we suspect someone is breaking the policy, we have to have proof. In X, there are no annex ports to tap. If the person needs to be able to monitor someone, it may be for a good reason. The professor may think that the student in question is guilty of academic misconduct (cheating). This may be the only way to find out. -- Randy J. Ray University of Oklahoma, Norman Campus (405)/325-5370 !chinet!uokmax!randy randy@uokmax.uucp randy@uokmax.ecn.uoknor.edu "Quick to judge, Quick to anger, slow to understand; Ignorance, prejudice, and fear go hand in hand..." - Neil Peart
dob@tws1.Berkeley.EDU (David L. Brooks) (07/17/90)
In article <9070003@hpavla.AVO.HP.COM>, almquist@hpavla.AVO.HP.COM (Mike Almquist) writes: |>> I need some X help. |>> |>> I want to "monitor" a window on another machine from my machine. |>> I have source for all software running but would rather not modify any of it. |>> I have full control of unix permissions etc. |>> |>> Ideally I'd like to tell the server on the other machine to duplicate the |>> window on my display. I need no control over the "copied" window but I would |>> watch what someone else was doing and see all updates to this window. It would |>> be teacher/student type situation where the teacher can spy on the students |>> progress/work habits. |>> |>> Perhaps I'll need an application that can decode names into window IDs on |>> the other machine--that would be fine. |>> |>> Any hints or solutions would are appreciated. |>> Thanks |>> |>> Jim Hopkins uunet!melpar!jim |>> ---------- |> |>Is this ethical? Is there a good reason for doing this? I'd be majorly pissed |>off if someone was watching me - even more so if I didn't even know I was being |>watched. What is the reason for the Big Brother attitude? Did you see the |>articles about the situation at PSU between some users and their system |>administrators? If not, you should take a look at it. How is this tool going |>to be useful to you? Why don't you ASK the students about their progress and |>work habits? X is a good program, don't make people paranoid so that next |>versions of X will be more restrictive but secure. Use tools, don't abuse them. |> |>- Mike Almquist, Sys. Admin |> HP, Avondale, PA Over a year ago, i had a serious request from my customer for exactly this type of functionality. they had planned to use it as a sort of "expert assistance" tool, and they were quite serious about their perceived need. I can't comment on the circumstances the users would typically find themselves in, but suffice to say that if your "expert" was not already very close by, there was no chance that they could be in the forseeable future [think "defense"]. So, on the one hand, i have some sympathy for the original poster. btw, my answer to the customer at the time was that it would take some time to investigate, and they backed off. However, Mr. Almquist raises some very good points: i don't want anyone peering over my windows, either! I'm not familiar with the reference he sites, but i've read of management tools that measure keystrokes vs. time, and i'm dead set against supporting anything like that. my question: is it possible that we can reach an agreeable compromise, where the student a) requests help, b) selects the window or windows they wish to be "transmitted" to their instructor, and c) generally exercises a high degree of control over the process? meanwhile, the instructor/helper is mostly an observer, whose main interaction would be to type text into a window that would then be echoed in real time on the student's screen (assuming a telephone was not more convenient). can we see some possibilities for long range customer support? for system administrators assisting users without running/driving/flying around? my disclaimer: fellow netters, the disclaimer following my address was added by lawyers. at least they let us post now... ------------------------------------------------------------------------------ David L. Brooks Idaho National Engineering Lab. INTERNET: dob@INEL.GOV POB 1625 M.S. 1206 Phone: (208) 526-0826 Idaho Falls, Id. 83415 FAX: (208) 526-1419 ------------------------------------------------------------------------------ Neither the United States Government nor the Idaho National Engineering Laboratory nor any of their employees, makes any warranty, expressed or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process, or service by trade name, trademark manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government or the Idaho National Engineering Laboratory. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government nor the Idaho National Engineering Laboratory, and shall not be used for advertising or product endorsement purposes.
keane@ultima.cs.uts.oz (Chris Keane) (07/19/90)
stripes@eng.umd.edu (Joshua Osborne) writes: >In article <9070003@hpavla.AVO.HP.COM> almquist@hpavla.AVO.HP.COM (Mike Almquist) writes: >>> I need some X help. >>> >>> I want to "monitor" a window on another machine from my machine. >>> I have source for all software running but would rather not modify any of it. >>> I have full control of unix permissions etc. >[...] There was a program in comp.sources.x about 1.5 years ago (when R2 was all the rage) called xwatchwin which would do what you're after. I don't know whether it would work [very well|at all] under R4. It may be useful to you though. I no longer have the sources in machine readable form, but I'm sure you could scavenge them from somewhere that keeps comp.sources.x archives :-) regards... Chris. +-------------------------------------------------+ | The ultimate profit-making juke-box: It plays | keane@ultima.cs.uts.oz.au | Kylie Minogue songs until you put money in it...| +-------------------------------------------------+ Disclaimer: These are my own opinions, but I'm insane. What's your excuse?
epstein@trwacs.UUCP (Jeremy Epstein) (07/21/90)
In article <1990Jul17.140940.10553@inel.gov>, dob@tws1.Berkeley.EDU (David L. Brooks) writes: [much stuff deleted] > > my question: is it possible that we can reach an agreeable compromise, > where the student a) requests help, b) selects the window or windows > they wish to be "transmitted" to their instructor, and c) generally > exercises a high degree of control over the process? meanwhile, the > instructor/helper is mostly an observer, whose main interaction would be > to type text into a window that would then be echoed in real time on the > student's screen (assuming a telephone was not more convenient). > > can we see some possibilities for long range customer support? for > system administrators assisting users without running/driving/flying around? Way back in the dark ages (late 70s-early 80s) was an operating system named TOPS-20 (aka TWENEX) which ran on the DECsystem-20. One of the more useful features was an "advise" command which allowed you to see what someone else was doing and help them out. To get advice, you would say something like "advise fred" and fred would get a message saying "sally wants to advise you, is that OK?". If you answered no, the system would not permit the advise. As an aside, there was also some sort of a "spy" command which could be used (I think) only by appropriately privileged users. I assume other people have implemented similar things for other operating systems, as well as for various windowing systems. These are very useful, and provided that they are implemented properly do not provide for snooping/eavesdropping/spying. The rub: the X architecture doesn't lend itself extremely well to asking the user of an X server whether it's OK for another user to connect...other than using the authentication mechanisms, which isn't as useful as an interactive approver. Of course, you could implement various clients which would play go-between. If anyone out there has something similar to "advise", I would be most interested in getting a copy. -- Jeremy Epstein TRW Systems Division UUCP: uunet!trwacs!epstein Internet: epstein@trwacs.fp.trw.com +1 703/876-8776
meo@rsiatl.UUCP (Miles ONeal) (07/21/90)
Hmmm. Sounds to me like we need some sort of request/answer service (ie, ask for help, or ask if you may monitor, and response stuff). Big headaches. (Re: lawyers & disclaimers - you have my sympathy - I worked for a lawyer bound company, too)
hopper@ntmtv.UUCP (Ian Hopper) (07/22/90)
From article <194@melpar.UUCP>, by jim@melpar.UUCP (Jim Hopkins): > > I need some X help. > > I want to "monitor" a window on another machine from my machine. > I have source for all software running but would rather not modify any of it. > I have full control of unix permissions etc. > > Ideally I'd like to tell the server on the other machine to duplicate the > window on my display. I need no control over the "copied" window but I would > watch what someone else was doing and see all updates to this window. It would > be teacher/student type situation where the teacher can spy on the students > progress/work habits. > > Perhaps I'll need an application that can decode names into window IDs on > the other machine--that would be fine. > > Any hints or solutions would are appreciated. > Thanks > > Jim Hopkins uunet!melpar!jim If you happen to be on SUN's, I have used a simple approach that is not dependent upon X: "rsh <student-machine> screendump | screenload". The effect is to transfer a snapshot of the student's screen, and display it on the teacher's machine. We have a homogenous SUN 3/60 environment, so it works very well. The concept may be applicable to your needs. If you need a real X solution, there is a special X-Server called SharedX which does what you want plus gives the teacher shared control over the application. I have not heard much about SharedX for more than a year. Perhaps the kind soul that is maintaining it could speak up and offer an anonymous FTP? Last I heard some folks at HP Labs were working on it. If you have the energy you might consider hacking the X10/X11 emulator package to give yourself a Virtual-X-Server that creates the extra windows that you need. Most solutions (including SharedX) to your problem are of the form of a "Virtual X Server" that looks enough like an X-Server to fool the application, but is an application itself with respect to the real X Server(s ) that are actually running the displays. The virtual server you want is one that intercepts window updates and performs the identical updates on both the student's X server and the teachers X server. The difficult problem that SharedX tries to solve is the problem of gathering input from multiple real X servers and presenting that input to the X application in a consistient fashion. Good luck, post the results of your investigations... -- Ian Hopper {amdahl.com,ames.arpa,hplabs}!ntmtv!hopper Northern Telecom Inc. [Clever comment under construction.]
mouse@SHAMASH.MCRCIM.MCGILL.EDU (der Mouse) (07/23/90)
>> I want to "monitor" a window on another machine from my machine. > If you happen to be on SUN's[sic], I have used a simple approach that > is not dependent upon X: "rsh <student-machine> screendump | screenload". If this sort of wholesale screen transfer is enough for your needs, you could use "xwd -root -display machine:0 | xwud" as an X solution. If your machine has not been xhosted in, you could "rsh machine xwd -root -display :0 | xwud" instead. If the beeps bother you, well, you have source to xwd, and it generates them explicitly.... der Mouse old: mcgill-vision!mouse new: mouse@larry.mcrcim.mcgill.edu
dob@tws1.Berkeley.EDU (David L. Brooks) (07/27/90)
In article <212@trwacs.UUCP>, epstein@trwacs.UUCP (Jeremy Epstein) writes: |>In article <1990Jul17.140940.10553@inel.gov>, dob@tws1.Berkeley.EDU (David L. Brooks) writes: |>[much stuff deleted] |>> |> |>Way back in the dark ages (late 70s-early 80s) was an operating |>system named TOPS-20 (aka TWENEX) which ran on the DECsystem-20. |>One of the more useful features was an "advise" command which |>allowed you to see what someone else was doing and help them out. |>To get advice, you would say something like "advise fred" and fred |>would get a message saying "sally wants to advise you, is that OK?". |>If you answered no, the system would not permit the advise. |> |>As an aside, there was also some sort of a "spy" command which could |>be used (I think) only by appropriately privileged users. |> |>I assume other people have implemented similar things for other operating |>systems, as well as for various windowing systems. These are very useful, |>and provided that they are implemented properly do not provide for |>snooping/eavesdropping/spying. |> |>The rub: the X architecture doesn't lend itself extremely well to |>asking the user of an X server whether it's OK for another user to |>connect...other than using the authentication mechanisms, which |>isn't as useful as an interactive approver. Of course, you could |>implement various clients which would play go-between. |> |>If anyone out there has something similar to "advise", I would be |>most interested in getting a copy. |>-- |>Jeremy Epstein TRW Systems Division |>UUCP: uunet!trwacs!epstein Internet: epstein@trwacs.fp.trw.com |>+1 703/876-8776 Mr. Epstein has a good example with "advise". X provides mechanism, not policy. I think an "xadvise" (that's not a commitment on my part!) would have to implement the desired policy. In the example given above, perhaps "sally" would have a program listening on some public port for requests from "fred" and his cronies. when "fred" asked for help, "sally" would respond, and "fred" would get the opportunity to accept or refuse the offer (this would be handy if there were more than one offer of help). "fred" could then mark off some region of his screen, which periodically "sally" would then see. advise could go on in some set of text dialog windows... ------------------------------------------------------------------------------ David L. Brooks Idaho National Engineering Lab. INTERNET: dob@INEL.GOV POB 1625 M.S. 1206 Phone: (208) 526-0826 Idaho Falls, Id. 83415 FAX: (208) 526-1419 ------------------------------------------------------------------------------ Neither the United States Government nor the Idaho National Engineering Laboratory nor any of their employees, makes any warranty, expressed or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process, or service by trade name, trademark manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government or the Idaho National Engineering Laboratory. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government nor the Idaho National Engineering Laboratory, and shall not be used for advertising or product endorsement purposes.
almquist@hpavla.AVO.HP.COM (Mike Almquist) (07/27/90)
From article <194@melpar.UUCP>, by jim@melpar.UUCP (Jim Hopkins): Date: Sun, 22 Jul 1990 05:30:42 GMT Organization: Northern Telecom, Mtn. View, CA >If you happen to be on SUN's, I have used a simple approach that is not >dependent upon X: "rsh <student-machine> screendump | screenload". >The effect is to transfer a snapshot of the student's screen, and display >it on the teacher's machine. We have a homogenous SUN 3/60 environment, so >it works very well. The concept may be applicable to your needs. [deleted . . .] >-- >Ian Hopper {amdahl.com,ames.arpa,hplabs}!ntmtv!hopper >Northern Telecom Inc. [Clever comment under construction.] >From: mouse@SHAMASH.MCRCIM.MCGILL.EDU (der Mouse) >Date: Mon, 23 Jul 1990 06:14:14 GMT >Organization: The Internet > >>> I want to "monitor" a window on another machine from my machine. >> If you happen to be on SUN's[sic], I have used a simple approach that >> is not dependent upon X: "rsh <student-machine> screendump | screenload". > >If this sort of wholesale screen transfer is enough for your needs, you >could use "xwd -root -display machine:0 | xwud" as an X solution. If >your machine has not been xhosted in, you could "rsh machine xwd -root >-display :0 | xwud" instead. > >If the beeps bother you, well, you have source to xwd, and it generates >them explicitly.... > > der Mouse > > old: mcgill-vision!mouse > new: mouse@larry.mcrcim.mcgill.edu Hi, its me again - the guy that started this discussion, etal. From a real world situation, being able to see what is going on another terminal is GREAT. From an academic situation it gets tricky. Both Jim Hopkins and der Mouse talked about the one thing that caused me to scream about terminal monitoring, SCREENDUMPING. In the past I have known of students that have gotten copies of exams from teacher's screens. All they have to do is to do a periodic screendump. Simple as that. I've even known of some teachers that have left their exams readable (they deserved to get screwed - prof. are suppose to w better). Yes, there are ways around screendumping, etc. Modify the source (at school we did this initially), touch this touch that, restrict this restrict that, etc. Thats what I hate. We shouldn't be spending our time with issue such as security. We should be pushing back the edges of our field not babysitting. Its unfortunate but that's human nature I guess. - Mike Almquist HP, Avondale, PA almquist@hpavla.avo.hp.com
stripes@eng.umd.edu (Joshua Osborne) (07/31/90)
In article <9070004@hpavla.AVO.HP.COM> almquist@hpavla.AVO.HP.COM (Mike Almquist) writes: >Hi, its me again - the guy that started this discussion, etal. From a real >world situation, being able to see what is going on another terminal is GREAT. >From an academic situation it gets tricky. Both Jim Hopkins and der Mouse >talked about the one thing that caused me to scream about terminal monitoring, >SCREENDUMPING. In the past I have known of students that have gotten copies >of exams from teacher's screens. All they have to do is to do a periodic >screendump. Simple as that. I've even known of some teachers that have left >their exams readable (they deserved to get screwed - prof. are suppose to >w better). Yes, there are ways around screendumping, etc. Modify the source >(at school we did this initially), touch this touch that, restrict this >restrict that, etc. Thats what I hate. We shouldn't be spending our time >with issue such as security. We should be pushing back the edges of our field >not babysitting. Its unfortunate but that's human nature I guess. There are 2 simple soultions. The first appys to anyone who runs X, esp on a 'puter that can be loged into remotly. First, use MIT-COOKIE-1, setting xdm up to do it for you is the easyest way to go, adding cookies by hand or with a program you'll need to write is also Ok. Second, if you use a sun install SunOS4.1, use the sample file they have to "secure" all the /dev stuff that needs to be secured (/dev/fb, /dev/cg*, /dev/audio...). There is also a non-simple answer: change human nature. That's not in my job description 'tho... -- stripes@eng.umd.edu "Security for Unix is like Josh_Osborne@Real_World,The Mutitasking for MS-DOS" "The dyslexic porgramer" - Kevin Lockwood "Don't try to change C into some nice, safe, portable programming language with all sharp edges removed, pick another language." - John Limpert