cmm1@cunixa.cc.columbia.edu (Christopher M Mauritz) (11/21/90)
Is anyone getting this? Our mailer is acting weird.
It was bound to happen....
The Systems area of my bank finally "discovered" some of the goodies on
my computer that I'd pulled off the net. Since they had no concept of
what the net is and they couldn't understand the concept behind it, they
were afraid. The end result was that last night (after I had gone home)
the little sh*ts sneaked over to my office and deleted every piece of
software they didn't recognize. Fortunately, I had made a backup
several days ago so their efforts were wasted. HOWEVER, I don't want
this to happen again. Is there some way I can make all my "naughty"
files invisible to the rest of the world and still make them
somewhat accessible to me? For a few inits, a method to make them
invisible and perhaps supress the icon at bootup would do it. Perhaps,
I could bury the rest in an invisible folder? Frankly, I'm not sure
what to do. Any suggestions would be very welcome.
On another subject, what are the legal ramifications of this action?
I was really pissed off when I noticed. Isn't this the same as them
going through my locked desk and searching around? I DID have a password
scheme on my computer, but apparently they circumvented that by booting
from a floppy.
In exasperation,
Chris
------------------------------+---------------------------
Chris Mauritz |D{r det finns en |l, finns
cmm1@cunixa.cc.columbia.edu |det en plan!
(c)All rights reserved. |
Send flames to /dev/null |
------------------------------+---------------------------fleming@cup.portal.com (Stephen R Fleming) (11/21/90)
First off... if the bank paid for your computer, they have the right to tell you what you may and may not keep on it. Enough said. Given that... if you still want to keep your goodies away from the prying eyes and fingers of Systems -- don't fiddle with setting invisible bits and so forth. Eventually, they'll get through. I'd suggest a MacGuardian lock (about $100 mail order). Physically locks out the keyboard and mouse so you can't do -anything-. If they're willing to break the lock to get to your machine, that's a pretty strong message that management MEANS IT when they say "keep those systems clean." +------------------------+---------------------------------------+ | Stephen Fleming | In ten years, computers will just be | | fleming@cup.portal.com | bumps in cables. --Gordon Bell | | CI$: 76354,3176 +---------------------------------------| | BIX: srfleming | My employers may disagree vehemently. | +------------------------+---------------------------------------+
russotto@eng.umd.edu (Matthew T. Russotto) (11/22/90)
In article <1990Nov20.221333.4619@cunixf.cc.columbia.edu> cmm1@cunixa.cc.columbia.edu (Christopher M Mauritz) writes: >Is anyone getting this? Our mailer is acting weird. > >It was bound to happen.... > >The Systems area of my bank finally "discovered" some of the goodies on >my computer that I'd pulled off the net. Since they had no concept of >what the net is and they couldn't understand the concept behind it, they >were afraid. The end result was that last night (after I had gone home) >the little sh*ts sneaked over to my office and deleted every piece of >software they didn't recognize. Fortunately, I had made a backup >several days ago so their efforts were wasted. HOWEVER, I don't want >this to happen again. Is there some way I can make all my "naughty" >files invisible to the rest of the world and still make them >somewhat accessible to me? For a few inits, a method to make them >invisible and perhaps supress the icon at bootup would do it. Perhaps, >I could bury the rest in an invisible folder? Frankly, I'm not sure >what to do. Any suggestions would be very welcome. If you are handy with ResEdit, nuking the icons shouldn't be too hard-- just make them the same pattern as the screen, or, better, use a dissassembler, find the JSR to the showicon routine, and NOP it out. Problem is, INIT-31 won't execute invisible files. The best you could do to hide the rest of your files would be to create a partition (with SUM-II or SilverLining or something) that requires a password, and doesn't show up on boot-- then they won't even KNOW you have those naughty files. You could try naming all your INITS "Microsoft Word Bug Fix #n" -- Matthew T. Russotto russotto@eng.umd.edu russotto@wam.umd.edu .sig under construction, like the rest of this campus.
aslakson@cs.umn.edu (Brian Aslakson) (11/22/90)
In comp.sys.mac.misc russotto@eng.umd.edu (Matthew T. Russotto) writes: >... >SUM-II or SilverLining or something) that requires a password, and doesn't >show up on boot-- then they won't even KNOW you have those naughty files. >You could try naming all your INITS "Microsoft Word Bug Fix #n" This is my favorite post of the week. Brian -- .signature: No such file or directory
dlugose@uncecs.edu (Dan Dlugose) (11/22/90)
In article <36124@cup.portal.com> fleming@cup.portal.com (Stephen R Fleming) writes: >First off... if the bank paid for your computer, they have the right >to tell you what you may and may not keep on it. Enough said. > If your employer pays for your filing cabinet, they do not have the right to search through it at night and throw out anything they do not think belongs there, e.g. personal papers! At best, perhaps they could remove your papers and give them to you to dispose of as you saw fit. Almost every employee at every desk in the world has some personal items in his/her desk. Why not on a hard disk that has sufficient space? Dan Dlugose UNC Educational Computing Service -- Dan Dlugose Internet: dlugose@uncecs.edu UNC Educational Computing Service Box 12035, Research Triangle Park, NC 27709-2035
david_islander_hughes@cup.portal.com (11/22/90)
I agree . . . This IS the best post of the MONTH! Ahem, but as a supervisor and purchaser of several hundred thousand bucks worth of equipment over the past few years I must wave the management flag. . . . Computers and their hard drives ARE the property of the company. . . If I feel that certain files have no business on our equipment . . off they come. Period. Being a regular reader of Newsbyte (a VERY good service and worth every penny!) I see that down in Aussie land the computer "police" swept through a big office and found lots and lots of illegal software copies. Now, it is not for me to judge WHO put the copies on the HD's but I do know who will be FINED! Finally, the analalogy about the file cabinet and not throwing out "personal papers . . ." is defective. What if you decided to put something smelly or dangerous in there. But . . . I did like the "secret" partition idea . . .
wilkins@jarthur.Claremont.EDU (Mark Wilkins) (11/23/90)
In article <36149@cup.portal.com> david_islander_hughes@cup.portal.com writes: >Finally, the analalogy about the file cabinet and not throwing out >"personal papers . . ." is defective. What if you decided to put >something smelly or dangerous in there. But the original poster indicated that the stuff which had been thrown away was public domain software. He didn't do anything illegal and chances are that the stuff was making his work easier. I don't care who bought the system. If the company does not know whether the software is illegal the only reasonable action is to confront him BEFORE deleting the stuff. Otherwise, they may be hindering his work, or worse, setting themselves up for a potentially expensive lawsuit depending on what was lost. -- Mark Wilkins -- ******* "Freedom is a road seldom traveled by the multitude!" ********** *-----------------------------------------------------------------------------* * Mark R. Wilkins wilkins@jarthur.claremont.edu {uunet}!jarthur!wilkins * ****** MARK.WILKINS on AppleLink ****** MWilkins on America Online ******
francis@magrathea.uchicago.edu (Francis Stracke) (11/23/90)
Look, everybody seems to be assuming that the worst that could happen as a result of keeping the software would be legal problems. This is simply not so! If it's all public domain stuff, taken off the Net, then there is little or no guarantee that the programs themselves are not dangerous! Does Sumex scan posted software for viruses before making it available? Okay, probably--but what about a brand-new virus? The posted application could be a Trojan Horse. Or the program could have something seriously wrong with it. Or the author may have had some sort of a grudge against somebody, and written a check to do damage to that person in particular, so that Sumex wouldn't find anything wrong, but the victim (& those who resembled the victim--possibly an *enormous* group) would be hurt, and badly. On private machines, we take our own chances with this sort of thing; but it's unreasonable to ask the employer to accept that risk. | Francis Stracke | My opinions are my own. I don't steal them.| | Department of Mathematics |=============================================| | University of Chicago | Non sequiturs make me eat lampshades | | francis@zaphod.uchicago.edu | |
boris@world.std.com (Boris Levitin) (11/25/90)
david_islander_hughes@cup.portal.com writes: >Ahem, but as a supervisor and purchaser of several hundred thousand >bucks worth of equipment over the past few years I must wave the >management flag. . . . Computers and their hard drives ARE the >property of the company. . . If I feel that certain files have no business >on our equipment . . off they come. Period. Being a regular reader of Newsbyte >(a VERY good service and worth every penny!) I see that down in Aussie >land the computer "police" swept through a big office and found lots and >lots of illegal software copies. Now, it is not for me to judge WHO >put the copies on the HD's but I do know who will be FINED! Copying of software in violation of the license remains, in the majority of cases, unenforceable, both because of constitutional protection against illegal searches and because enforcement on a wide scale would take a tremendous effort. Secondly, the original poster did not say that what his company purged from his disk was software copied in violation of its license. As far as the poster's problem goes, a simple password-protection scheme (such as LockOut or NightWatch) might be enough of a deterrent. If he is not allowed to lock the Systems people out entirely, he might be able to run an access-managed environment (using FileGuard, for example) which would password- protect file deletion only, or access to specific folders.
boris@world.std.com (Boris Levitin) (11/25/90)
francis@magrathea.uchicago.edu (Francis Stracke) writes: >Look, everybody seems to be assuming that the worst that >could happen as a result of keeping the software would be >legal problems. This is simply not so! If it's all public >domain stuff, taken off the Net, then there is little or >no guarantee that the programs themselves are not dangerous! >Does Sumex scan posted software for viruses before making it >available? Okay, probably--but what about a brand-new virus? >The posted application could be a Trojan Horse. Or the program >could have something seriously wrong with it. Or the author >may have had some sort of a grudge against somebody, and >written a check to do damage to that person in particular, so >that Sumex wouldn't find anything wrong, but the victim (& >those who resembled the victim--possibly an *enormous* >group) would be hurt, and badly. On private machines, we >take our own chances with this sort of thing; but it's >unreasonable to ask the employer to accept that risk. If you are going to be that paranoid, have you considered the possibility of a massively-destructive Trojan horse masquerading as a popular software package, complete with icon, file size and perhaps even a rudimentary interface similar to the original? What about a virus propagated by a perfectly legitimate, legally-purchased and corporate-approved application (a real possibility)? Come on. Viruses and Trojan horses are an unfortunate reality, and users - both corporate and individual - have a variety of means at their disposal to combat these phenomena: antivirus software, INITs that guard against new viruses by demanding user verification of attempts to modify resources (Vaccine, GateKeeper), password-protection of file deletion, file resurrection software (Complete Undelete, Norton UnErase, SUM II Shield), and finally the most foolproof method -- regular backups. It would be understandable and justifiable if a corporate Systems department forced its users to practice safe computing. Arbitrarily deleting from people's systems anything not on the "approved" list, however, just embitters them needlessly and stifles any attempt to make more use of the computer, as well as creative, exploratory and self-reliant tendencies (which, as you might recall, are what has made this country great). Boris Levitin ---------------------------------------------------------------------------- WGBH Public Broadcasting, Boston boris@world.std.com Audience & Marketing Research wgbx!boris_levitin@athena.mit.edu ---------------------------------------------------------------------------- (The opinions expressed herein are my own and do not necessarily coincide with those of my employer or anyone else. The WGBH tag is for ID only.)
francis@magrathea.uchicago.edu (Francis Stracke) (11/26/90)
In article <1990Nov25.102627.17830@world.std.com> boris@world.std.com (Boris Levitin) writes: [inclusion of my entire post] >If you are going to be that paranoid, have you considered the possibility of First of all, it's not *my* paranoia--I take my chances--it's the paranoia of people whose job it is to take care of their company's machines. >perfectly legitimate, legally-purchased and corporate-approved application >(a real possibility)? Yes, I have. In the case of a purchased app, it's either something that was illegitimately infected or a Trojan horse; in the one case, Disinfectant can probably spot it; in the latter, the seller can be held liable. The key point here is that the managers can check the software they install. They don't want to let their employees be responsible, since it's their own jobs on the line. Come on. Viruses and Trojan horses are an unfortunate >reality, Yes, they are; and an extremely serious one. They would be an ideal tool if a corporate rivalry turned dirty: deadly and untraceable. and users - both corporate and individual - have a variety of means >at their disposal to combat these phenomena[... long list of stuff we all know ] NONE of these things is perfect! An INIT installed before all the protection schemes could patch SetTrapAddress to prevent them from being able to install the patches they depend on to detect viruses. In fact, it could then go on to seek out and corrupt all virus-fighting software on the disk! Moreover, I can think of at least one extremely simple way to infect a file while the vaccines are in effect (NO, I'm not going to advertise it :-), so I'm sure somebody who really wanted to write a virus could come up with some good way. > It would be >understandable and justifiable if a corporate Systems department forced its >users to practice safe computing. Safe computing includes being careful about what you install! Arbitrarily deleting from people's systems >anything not on the "approved" list, however, just embitters them needlessly >and stifles any attempt to make more use of the computer, as well as >creative, exploratory and self-reliant tendencies (which, as you might recall, >are what has made this country great). This much I agree with. (Except that I think you should be careful about your tenses in that last clause. Most people these days have the self-reliance of tapeworms.) It's a tradeoff, which means a priority decision has to be made. For individuals, it's fine for us to make the decision on our own; nobody but us is affected. HOWEVER, the managers that killed this software definitely had the right, even the duty, to make that decision. Their job was to supervise the computers of their company, which included assuring security. Security always involves a measure of paranoia. Remember: there are two types of paranoia: total and insufficient! | Francis Stracke | My opinions are my own. I don't steal them.| | Department of Mathematics |=============================================| | University of Chicago | Until you stalk and overrun, | | francis@zaphod.uchicago.edu | you can't devour anyone. -- Hobbes |
aslakson@cs.umn.edu (Brian Aslakson) (11/26/90)
francis@magrathea.uchicago.edu (Francis Stracke) writes: >the software they install. They don't want to let their employees >be responsible, since it's their own jobs on the line. Not necessarily, in fact, doubtful. I'm not going to lose my job because someone downloads a trojan horse. It is my job to keep up on what is going on with viruses et al, to install anti-viruses and system protection, and to educate the users. >NONE of these things is perfect! An INIT installed before all the protection >schemes could patch SetTrapAddress to prevent them from being able to That is why some protection packages come with leading spaces...To be the first loaded. And I'll bet you Disinfectant's init is smart enough to know if it has been modified. And if you know a good way to mess with anti-viral software, fine, don't tell us, but do tell John Norstad and Chris Johnson (Disinfectant and Gatekeeper, respectively). >HOWEVER, the managers that killed this software definitely had the >right, even the duty, to make that decision. If they have a problem with something someone has on their computer, they should take it up with that person first and not sneak in after hours. I try to work with my users. Recently some other people in the CSci dept. here tried to impose changes without asking any users. You should have heard the screaming, especially from the faculty! Of course now there is going to be a committee and user input but now people are adversarial. >security. Security always involves a measure of paranoia. ^^^^^^^--> Yes, a MEASURE. >Remember: there are two types of paranoia: total and insufficient! Wrong wrong wrong wrong!!! Being too paranoid is just as bad as not worrying at all, maybe worse! Look under every stone alone the way and you'll never get to where you're going. Remember: paranoia is: "a tendency on the part of an individual or group toward excessive or irrational suspiciousness and distrustfulness of others". N.B. excessive or irrational. -- Brian Aslakson aslakson@cs.umn.edu mac-admin@cs.umn.edu <-= Macintosh related
cmm1@cunixa.cc.columbia.edu (Christopher M Mauritz) (11/26/90)
As the originator of this thread, I must say that I'm very grateful for all
the responses, though I wish they were under more happy circumstances. After,
reading many of the responses, I have drawn a few conclusions:
The computer jockeys should NOT have DELETED any files without asking me
first. How are they to know what is important and what is not? For all
they know, they could have deleted a Loan Agreement file by mistake!
Perhaps, they did have a right to be suspicious. I WAS using some PD
and shareware programs (which I happily paid for!) that made my computing
life easier. However, I think that some of these programs, Disinfectant
to be sure, are FAR more useful than their commercial counterparts. Am
I not free to PURCHASE extra software to help my computer serve me better?
After all, that is why they gave it to me in the first place!
Also, I hadn't given any of these programs to anyone else on the network.
They were being used by myself and my secretary and they were NOT stored
on the file server, but on my personal HD. I cannot say the same for
my systems counterparts. I know that they bought one or two copies of
AfterDark and now the program seems to be on every mac (about 40 of them)
in the office. This is after they chastized me about not wanting to
breach licensing agreements. Ptuuuey...
I've recently learned that they've been visiting my computer every night
to check for any new "offenses." That just goes to show you how clueless
they are since I just put all the files in one folder and made the lot
invisible using ResEdit and they haven't detected a thing. As a matter
of fact, these people who earn $35-40K/year to support our Mac network
don't even know what ResEdit is!
I think I'll end up buying something like DiskLock or SilverLining to
keep their little noses out of my affairs, as there are many files
on my computer that a highly confidential anyway.
Best regards,
Chris Mauritz
------------------------------+---------------------------
Chris Mauritz |D{r det finns en |l, finns
cmm1@cunixa.cc.columbia.edu |det en plan!
(c)All rights reserved. |
Send flames to /dev/null |
------------------------------+---------------------------francis@wolfman.cis.ohio-state.edu (RD Francis) (11/26/90)
Re: the discussion on the removal of software from company-owned equipment used by an individual. I used to work at a ~15 person consulting firm. They had a stated policy; there is a standard system folder, and everyone is to have that system folder. Theoretically, they could remove anything from someone's system that wasn't in the standard system folder (most likely, by copying over it with an updated system folder, as tehy weren't exactly heavily policing this). There was a reason, however: consistency. Despite the fact that each of us had a Mac on our desk (most of the time at least), there would come occasions where we would need to use someone else's Mac. Also, there were a few Macs set up for demonstration purposes, that were frequently used by various staff members, and tended to accumulate every init/cdev/driver/whatever in the known universe. There was a desire to keep these machines clean. Finally, viruses were a major concern. Risking a virus on your own machine is bad enough, but when you consider that you could spread that virus to a client's machine trivially, or to other machine in the company (and then on to clients), it was a risk to the company itself. Even with the precautions we took, it likely that on one occasion, a virus was picked up from a customer, and spread to two others before it was noticed, and that we gave our new customers WDEF for a month or so before it was discovered. If any significant damage had been done in either of those cases, we could have lost the client, at best, and faced a law suit at worst (I believe that the law suit would have been futile, since it was an accident, but bad word-of-mouth on something like this could cost you your business). This policy was not inflexible. Another programmer and I were given permission to bring things up for evaluation purposes (i.e., is this something that everyone should have?). The biggest concern is that, while we would probably think to use Disinfectant (OK, they used Virex, truth in advertising and all) to check for viruses, not everyone would do so. All it would take is one person screwing up to cause significant problems. Another note on personal software stored on work computers. My fellow programmer was canned (about a month before I left, and if I hadn't already decided to leave, that would have pretty much clinched it) and wasn't around to clean out his desk. I helped someone in a more management oriented position clean it out, primarily to ensure that none of his stuff got tossed/lost. I think he got back all of his physical personal possessions; however, I don't know if he ever got back his personal computer files. They backed up his computer and then wiped it out for their new networking guy to use. They would have been real reluctant to let him at his files. Why? Two former employees had started up their own consulting firm, leaving managementpossibly overly concerned when an employee left. They would have had to worry about him taking company-owned information/software in addition to personal stuff. Do I think this was fair? No. Do I think they didn't have the right to do this? No. -- R David Francis francis@cis.ohio-state.edu
patel@eniac.seas.upenn.edu (Amit Patel ) (11/27/90)
>Perhaps, they did have a right to be suspicious. I WAS using some PD >and shareware programs (which I happily paid for!) that made my computing >life easier. However, I think that some of these programs, Disinfectant This might be pushing it, but it seems to me that if they erased software that you paid for, you have a good case for destruction of property. >my systems counterparts. I know that they bought one or two copies of >AfterDark and now the program seems to be on every mac (about 40 of them) >in the office. This is after they chastized me about not wanting to >breach licensing agreements. Ptuuuey... I'm sure that Berkeley Systems would LOVE to hear about this from an anonymous source within the company.... >I've recently learned that they've been visiting my computer every night >to check for any new "offenses." That just goes to show you how clueless >they are since I just put all the files in one folder and made the lot >invisible using ResEdit and they haven't detected a thing. As a matter If you want to have a little fun, you could use SuperPaint to make a few startup screens to give personal greetings to the snoops. Something like, "Hi, Frank. Enjoying playing spy?" or "Why are you wasting your time and mine on something THIS trivial?" >I think I'll end up buying something like DiskLock or SilverLining to >keep their little noses out of my affairs, as there are many files >on my computer that a highly confidential anyway. Why tempt fate? This will only get them mad. Just stick them into that invisible folder, and maybe throw on a folder password protection program to be sure. Backup once in a while, and you'll be fine. Seems like a load of bullshit all around. Have to tried making your productivity argument to the highest-ups? -- Jeff Porten, Annenberg School for Communication, UPenn (sjporte@asc.upenn.edu)
vaps0de@prism.gatech.EDU (Dustin Emhart) (11/27/90)
In article <FRANCIS.90Nov26105225@wolfman.cis.ohio-state.edu> francis@wolfman.cis.ohio-state.edu (RD Francis) writes: > >There was a reason, however: consistency. Despite the fact that >each of us had a Mac on our desk (most of the time at least), there >would come occasions where we would need to use someone else's Mac. >Also, there were a few Macs set up for demonstration purposes, that >were frequently used by various staff members, and tended to >accumulate every init/cdev/driver/whatever in the known universe. >There was a desire to keep these machines clean. Finally, viruses >were a major concern. Risking a virus on your own machine is bad >enough, but when you consider that you could spread that virus to a >client's machine trivially, or to other machine in the company (and >then on to clients), it was a risk to the company itself. Even with >the precautions we took, it likely that on one occasion, a virus was >picked up from a customer, and spread to two others before it was >noticed, and that we gave our new customers WDEF for a month or so >before it was discovered. If any significant damage had been done in Where I worked this summer, most of the people had Macs on their desks; there were 2 Macs for public use (for us temps who didn't even have desks). The public Macs stayed free of inits; however, most people had loads of inits on their personal machines. We also picked up the WDEF virus (from a client, we think) and didn't catch it until somebody started passing around a new anti-virus program! (Talk about computer security: one of the Macs for public use had a 80 M hard disk. I say had, because one afternoon between 3:30 and 4:30--DURING THE MIDDLE OF THE DAY--somebody walked off with the hard disk. We called a repairman in to say, "Here's why your hard disk won't work--there's no hard disk!" But when the new disk drive was put in, its System Folder included Kolor and Soundmeister and Color Arrow and . . . . . . . . . . ) -- Dustin Emhart Georgia Institute of Technology, Atlanta Georgia, 30332 uucp: ...!{decvax,hplabs,ncar,purdue,rutgers}!gatech!prism!vaps0de Internet: vaps0de@prism.gatech.edu
ewm@mdavcr.UUCP (Eric W. Mitchell) (11/28/90)
In article <1990Nov21.190134.19749@uncecs.edu> dlugose@uncecs.edu (Dan Dlugose) writes: >In article <36124@cup.portal.com> fleming@cup.portal.com (Stephen R Fleming) writes: >>First off... if the bank paid for your computer, they have the right >>to tell you what you may and may not keep on it. Enough said. >> > If your employer pays for your filing cabinet, they do not have >the right to search through it at night and throw out anything they >do not think belongs there, e.g. personal papers! At best, perhaps >they could remove your papers and give them to you to dispose of as you >saw fit. > Almost every employee at every desk in the world has some personal >items in his/her desk. Why not on a hard disk that has sufficient >space? They certainly have the right to search through it at night if they wish. If they find something illegal (ie: stolen goods), I don't think it would be unreasonable to confiscate it, or call the police. If they find something dangerous to the legitimate equipment (ie: public domain software may have a virus and infect other applications), they also have the right to dispose of it (although they might be nice and ask you to do it). My company does not approve of virtually any external disks or software being used on its machines, due to the virus risk. Whether there is space or not for them is irrelevant. Eric disclaimer: The opinions expressed above are my own only.