MXB126@psuvm.psu.edu (Michael S Barthelemy) (06/14/90)
We have all heard of computer systems abuse but here may be a new part of the
issue.
The question:
Is what one has on their *own* storage medium public or private? and ...
Does a system administrator have the right to search it if it is protected
against being searched?
I recently (Just a few hours ago) had my NeXT account here at Penn State Univ.
locked. I can put my suspicions on the fact why it was locked because of the
fact that I had a *partially* compiled copy of AberMUD (A game) on my Optical
Disk. If my OD is readable only by myself is it against the law for the systemm
administrator to search through *my* files on a storage medium which *I own*?
Would this be a violation of the Constitution which guarantees me the right to
private property?
I have been told not to have the AberMUD code on my account and do not have it
on my account but do they have the right to be able to tell me what I can and
cannot have on my Optical Disk? And would those iles on my OD be considered a
part of my account?
Any intelligent replys welcome, flames ignored.
Michael S Barthelemy
The Computer Science Major looking for a good Computer Science School.
(If you happen to know of one which you would recommend please e-mail me.)
===============================================================================
To any PSU administrators who may read this:
Fuck you all. {Irrational comment of the day}
BTW: Don't try to console me. I am leaving the University and going
elsewhere in the fall and because of the attitude problem which
most of you have I am **never** going to **ever** recommend that
**anyone** I know **ever** attend Penn State and if ever given
the chance I will speak **very negatively** of the computer
systems resources management here at PSU. You all seem to be too
tied up in making the rules that you have forgotten that this is
a University. (i.e. Someplace where people learn.) All people
don't learn in the same way so why stifle someones learning process?
To Dr. Jordan:
(This is not a flame and would someone see that Dr. Jordan acutually
reads this.)
Your committee on Computer systems security should not be looking at what
regulations that you should put on this universities greatly
*underutilized* computer resources but should be looking into first
what the security problems are and what can be done to fix them. Adding
regulations will not fix the security breaches in the computer systems
on campus. This university could gain a large amount of prestige by
publishing fixes for some of the security gaps in computer operating
systems. Finally, adding regulations is likely to end up chasing more
students away because of the regulations stifiling the learning process
for some individuals. Feel free to call me if you would like to hear any
more. (Phone Number 867-6216)
Side note:
Don't even think of cancling this post because *I* paid for it while
posting it from my B-Account here on PSUVM.jgreely@oz.cis.ohio-state.edu (J Greely) (06/14/90)
In article <90164.185721MXB126@psuvm.psu.edu> MXB126@psuvm.psu.edu (Michael S Barthelemy) writes: >We have all heard of computer systems abuse but here may be a new part of the >issue. I think you meant to send this to alt.conspiracy. Why don't you just *ask* somebody why your account was locked, instead of inhaling volatile chemicals and letting fly at the net? I suspect you're jumping the gun just a tad, but I'll try to treat it seriously (deep sigh, remembering the *last* time I said that here). The sense I can make of this story is: 1) you were locked out of your account on university NeXTs. 2) you had the sources to a game on an optical disk that is your personal property. Somehow, these combine to produce: 3) the fascist sysadmins snooped through your disk and performed #1 for reason #2. Relevant information that's missing: What was your account for? Is there a policy about games? Is the machine in question networked? Was process accounting turned on? Did the semester just end? > Is what one has on their *own* storage medium public or private? and ... Certainly. You might not have the right to use someone else's equipment to make use of that property, but its contents are private, unless you make them in some way public. If the machine is networked, the files on the optical drive are as private as the ones in your home directory, and are protected by the same mechanism. Whether or not an administrator can look at files stored on *their* disks is mostly a matter of policy. >Does a system administrator have the right to search it if it is protected >against being searched? Depends. We could have armchair lawyers argue about it for hours (and since this is Usenet, we probably will). Things like "probable cause", "search warrants", and "university regulations" will probably get tossed around. If the administrators suspect a problem, their first response will probably be locking you out of the system and calling you in for a chat. Most administrators are very sensitive to the legal issues surrounding the privacy of a user's files, and will be reluctant to browse. One problem comes with the fact that the files in question were stored on a removable optical disk that, when mounted, looks just like another subdirectory. If an administrator is looking through your directory to see if her suspicions regarding possible misuse are correct, she may not notice that she's crossed a mount point, unless the disk is named "OPTICALDISKMINEMINEMINE". >If my OD is readable only by myself is it against the law for the systemm >administrator to search through *my* files on a storage medium which *I own*? Ordinarily, sure. First, you haven't demonstrated any proof that this actually occurred. Second, you may have given away some rights in agreeing with the conditions under which your use of the system was authorized. Third, unless you left this disk sitting somewhere, you were using it on their machine when they presumably read it. Unix tools commonly used to search for files wouldn't notice the mount point, and would cheerfully go through your disk looking for contraband (side note: does the version of find supplied by NeXT support the -xdev switch? The wind answers, "there's one three feet from you; check yourself". Yes, it does). >Would this be a violation of the Constitution which guarantees me the right to >private property? No, since the Constitution does no such thing. Article IV of the Bill of Rights ("unreasonable search and seizure") is as close as it gets, and that only guarantees that government stooges have to prove to *other* government stooges that they have a good reason for raiding you (unless taxes, drugs, or computers are involved :-(). >I have been told not to have the AberMUD code on my account and do not have it >on my account but do they have the right to be able to tell me what I can and >cannot have on my Optical Disk? Silly question. If the rule in question is "no games on the system", it doesn't really matter where you keep the object code. You can have five versions of the complete sources to nethack on your disk without anyone caring, but using them will be against the rules. >Any intelligent replys welcome, flames ignored. ... >To any PSU administrators who may read this: > Fuck you all. {Irrational comment of the day} Requesting intelligent replies presupposes an intelligent question. So far, all I see is someone assuming the worst about a situation that is most likely quite simple. It sounds like you're very upset about something, but I haven't the foggiest idea what. Count to ten and call us back, ok? > Don't even think of cancling this post because *I* paid for it while > posting it from my B-Account here on PSUVM. "Since I have only received 4 replies as of today I must assume I did not post to a wide enough variety of groups. Here it is reposted for all." -- J Greely (jgreely@cis.ohio-state.edu; osu-cis!jgreely)
MXB126@psuvm.psu.edu (Michael S Barthelemy) (06/14/90)
In article <JGREELY.90Jun13230622@oz.cis.ohio-state.edu>, jgreely@oz.cis.ohio-state.edu (J Greely) says: > >In article <90164.185721MXB126@psuvm.psu.edu> MXB126@psuvm.psu.edu > (Michael S Barthelemy) writes: >>We have all heard of computer systems abuse but here may be a new part of the >>issue. > >I think you meant to send this to alt.conspiracy. Why don't you just >*ask* somebody why your account was locked, instead of inhaling >volatile chemicals and letting fly at the net? I suspect you're >jumping the gun just a tad, but I'll try to treat it seriously (deep >sigh, remembering the *last* time I said that here). I knew precisely why my account was locked and I am frustrated with the system which is in place here. >The sense I can make of this story is: >1) you were locked out of your account on university NeXTs. >2) you had the sources to a game on an optical disk that is your > personal property. > >Somehow, these combine to produce: > >3) the fascist sysadmins snooped through your disk and performed #1 > for reason #2. Yes. >Relevant information that's missing: What was your account for? Is >there a policy about games? Is the machine in question networked? >Was process accounting turned on? Did the semester just end? The account was a "Training" account. (i.e. for learning the Mach operating system and doing some work with the NeXT's sound capabbilities in my case but many people have a variety of accounts for a variety of reasons.) It was networked with four other NeXT's. No, the summer session just stared. I am not entirely sure if process accounting was turned on but I have not executed the code since I got a warning about AberMUD. >> Is what one has on their *own* storage medium public or private? and ... > >Certainly. You might not have the right to use someone else's >equipment to make use of that property, but its contents are private, >unless you make them in some way public. If the machine is networked, >the files on the optical drive are as private as the ones in your home >directory, and are protected by the same mechanism. Whether or not an >administrator can look at files stored on *their* disks is mostly a >matter of policy. My optical disk was protected with 700 protection. I find something wrong with the fact that sys-admins can look though a persons files though more or less at whim. I would think that would be an Invasion of Privacy. >>Does a system administrator have the right to search it if it is protected >>against being searched? > >Depends. We could have armchair lawyers argue about it for hours (and >since this is Usenet, we probably will). Things like "probable >cause", "search warrants", and "university regulations" will probably >get tossed around. If the administrators suspect a problem, their >first response will probably be locking you out of the system and >calling you in for a chat. Most administrators are very sensitive to >the legal issues surrounding the privacy of a user's files, and will >be reluctant to browse. > > One problem comes with the fact that the files in question were >stored on a removable optical disk that, when mounted, looks just like >another subdirectory. If an administrator is looking through your >directory to see if her suspicions regarding possible misuse are >correct, she may not notice that she's crossed a mount point, unless >the disk is named "OPTICALDISKMINEMINEMINE". I know that it would look just like another subdirectory and the name of it is "Backup" which I don't think I would find in an ordinary home directory. >>If my OD is readable only by myself is it against the law for the systemm >>administrator to search through *my* files on a storage medium which *I own*? > >Ordinarily, sure. First, you haven't demonstrated any proof that this >actually occurred. Second, you may have given away some rights in >agreeing with the conditions under which your use of the system was >authorized. Third, unless you left this disk sitting somewhere, you >were using it on their machine when they presumably read it. Unix >tools commonly used to search for files wouldn't notice the mount >point, and would cheerfully go through your disk looking for >contraband (side note: does the version of find supplied by NeXT >support the -xdev switch? The wind answers, "there's one three feet >from you; check yourself". Yes, it does). I know that I can't prove practically anything but, the Optical Drive was making (What you should understand...) that annoyingly loud noise which means it was in use and I was not accessing it. I can't prove anything because it is my ears against the sys-admins word. >>Would this be a violation of the Constitution which guarantees me the right >to >>private property? > >No, since the Constitution does no such thing. Article IV of the Bill >of Rights ("unreasonable search and seizure") is as close as it gets, >and that only guarantees that government stooges have to prove to >*other* government stooges that they have a good reason for raiding >you (unless taxes, drugs, or computers are involved :-(). I still think that since the storage medium was owned by myself that it would be protected by the right to Privacy. (Sorry for the confusion of using the wrong part of the constitution for my cause.) >>I have been told not to have the AberMUD code on my account and do not have >it >>on my account but do they have the right to be able to tell me what I can and >>cannot have on my Optical Disk? > >Silly question. If the rule in question is "no games on the system", >it doesn't really matter where you keep the object code. You can have >five versions of the complete sources to nethack on your disk without >anyone caring, but using them will be against the rules. I only had the code partially compiled (i.e. All but one of the files is in the .o form. The last file wont compile. I suspect a compiler bug since it has been compiled before.) There is no rule of "No games on the system" I have had Moria in a directory called ^/Games/ for a few months now and it was even setuid to me which is usually a big no-no with sys-admin. The problem with AberMUD was the fact that it is a game which is supported on a host computer and people telnetted into the machine to play the game. I got my warning about having it running on the system and have not executed the code since that warning. I also have no-idea why it compiled then and not now though. (There have been some changes to it but none that should make the compiler crash to the best of my knoledge but that says more about it being a compiler bug.) The thing is that they are assuming that if I have the code on "the system" I am using it. I wish they had process accouting turned on because it would help my case not hurt it. >>Any intelligent replys welcome, flames ignored. >>... >>To any PSU administrators who may read this: >> Fuck you all. {Irrational comment of the day} > >Requesting intelligent replies presupposes an intelligent question. >So far, all I see is someone assuming the worst about a situation that >is most likely quite simple. It sounds like you're very upset about >something, but I haven't the foggiest idea what. Count to ten and >call us back, ok? I can assume the worst because this is not the first run-in that I have had with them. I am upset because they are stifiling the way I learn best: experimentation. I like to explore. My philosophy towards computers and learning is: "Let the users do anything such that it stays within the law and does not interfere with the learning/work of others." but this is not a very popular philosophy. I generally think that the sys-admin here at PSU are too busy being sys-admin and don't care why they really exist in the first place, which is: To serve the students, faculty, and staff with computing resources for education and research. >> Don't even think of cancling this post because *I* paid for it while >> posting it from my B-Account here on PSUVM. This was for the benefit of the Center of Academic Computing here at PSU because I know of too many articles which are "mysteriously cancled" which originate here at PSU. Since I pay for all of my time on this system I hope for my posts to stay alive. > "Since I have only received 4 replies > as of today I must assume I did not > post to a wide enough variety of > groups. Here it is reposted for > all." >-- >J Greely (jgreely@cis.ohio-state.edu; osu-cis!jgreely) Let me take a guess that you have some ties to the administration of Ohio States computer resources. Just a hunch, you definitely sound like it in several parts of your reply. -Michael S Barthelemy Crusader for Computer Users Rights
jnelson@gauche.enet.dec.com (Jeff E. Nelson) (06/14/90)
> Is what one has on their *own* storage medium public or private? and ... > Does a system administrator have the right to search it if it is protected > against being searched? And then he says: > I recently (Just a few hours ago) had my NeXT account here at Penn State Univ. > locked. Here's my opinion; consult a lawyer for real advice. Yes, they can search it, because it is connected to something which the university owns: the NeXT machine and the optical drive (not to mention the facility that surrounds it, the electricity that runs it, etc.). The university has the right to make sure that their machines (which they paid for) are being used appropriately. The fact that it's a private storage medium is, unfortunately for you, not relevant. The fact that you are using their resources is all it takes. I suggest buying your own NeXT machine (or physically locking up your storage medium when you're not using it), so you won't have to worry about this stuff. -Jeff E. Nelson -Digital Equipment Corporation -Internet: jnelson@tle.enet.dec.com -Affiliation given for identification purposes only
callahan@crabcake.cs.jhu.edu (Paul Callahan) (06/15/90)
[As a former denizen of Happy Valley, I thought I'd clear up a few mis- conceptions about Penn State. No offense is intended toward the original poster, who is clearly a hopeless idealist.] In article <90164.185721MXB126@psuvm.psu.edu> MXB126@psuvm.psu.edu (Michael S Barthelemy) writes: >Would this be a violation of the Constitution which guarantees me the right to >private property? This is, of course, irrelevant. Penn State is a separate principality, and is not subject to the United States Constitution. (at least, they consider themselves to be) >To any PSU administrators who may read this: > > Fuck you all. {Irrational comment of the day} This is actually quite rational, and most appropriate. After all, they do it to their students all the time. > BTW: Don't try to console me. I am leaving the University and going > elsewhere in the fall and because of the attitude problem which > most of you have I am **never** going to **ever** recommend that > **anyone** I know **ever** attend Penn State and if ever given > the chance I will speak **very negatively** of the computer > systems resources management here at PSU. Pssst... I have a secret to tell you: they don't care. > You all seem to be too > tied up in making the rules that you have forgotten that this is > a University. (i.e. Someplace where people learn.) This is an incredible misapprehension on your part. In fact, Penn State is a subsidiary of McDonalds that sells degrees instead of hamburgers. I eventually got pissed off and left, myself. They never did get around to giving me the fries I ordered with my B.S. and M.S. > To Dr. Jordan: > > (This is not a flame and would someone see that Dr. Jordan acutually > reads this.) Ole Brycey boy *pays* people just to make sure he does *not* read things like this. > Your committee on Computer systems security should not be looking at what > regulations that you should put on this universities greatly > *underutilized* computer resources but should be looking into first > what the security problems are and what can be done to fix them. The less utilized the better. The last thing the Comp Center wants is to have students getting their grubby little hands all over their beautiful machines. (Oh excuse me. It's now called the Center for Academic Computing--Penn State's idea of a major upgrade is to change names and logos.) I really think you need to adopt a more realistic attitude towards Penn State. Think of it this way, and perhaps you'll understand: without Penn State it would be awfully hard to justify the existence of a quasi-professional football team in central Pennsylvania. -- Paul Callahan callahan@crabcake.cs.jhu.edu callahan@psuvax1.cs.psu.edu