deg (02/05/83)
One could probably track the news back to the correct machine, and even to the login involved, (although forged pathnames have been known to occur) but tracking the "offensive action" back to a \physical entity/ would probably be impossible. One could show that the action came from "user foo" on machine "bar" but proving that Mr. F. Foo was actually logged in, and wrote the article would not be easy. D. Good
egb (02/06/83)
#R:iwsl1:-11300:whuxlb:5200019:000:260 whuxlb!egb Feb 5 23:40:00 1983 Regarding the tracking down of unix "thugs", I don't recall anyone ever tracking down the erewhon (sp?) machine. What with the forging and all, I am not convinced anything can be tracked down on usenet. Do others have facts to disolve these prejudices? egb
avsdS:avsdT:roberts (02/08/83)
Barring forgery, if determined enough to set an example, (and THAT HAS happend), the F.C.C. could haul "Mr. F. Foo" of machine "Bar" on to the preverbial carpet, as he would/should be responsible for who has access to his/her password or what ever. If the source machine is installed on campus, and the possiblility of never knowing if some REAL innocent had a prank pulled on him/her, the computer sciences dept. would have the boom lowered on them by the feds for the violation, causing a security enforcment by clamping down on the permissions. It's a trivial thing really, but we are all sort of on the honor system not to use foul language on the public use mediums, and if you need to swear use all those characters above the numerals on the keyboard.
russ (02/14/83)
#R:avsdT:-27700:kirk:19600001:000:1039 kirk!russ Feb 10 09:20:00 1983 I was involved in a similar case while an IC designer at HP. \Someone/ aborted a DRC (magic - don't worry about it) job which cost me a day of time. A single day is important in the IC business. We have a MICOM (tm) port selector, which allows one to connect to any of our computers from any terminal. The port selector keeps a log of what connections it makes. \Someone/ signed onto a person's account, signed onto my account, aborted my job, and signed back onto the other person's account. From the port selector log, we saw that \someone/ signed onto the person's account from a terminal near the person's desk. Also, the person stood to gain from my job's aborting -- his job would start running. After all was said and done, the computer manager talked to the person's manager, but nothing ever came of it. There was no way to prove that the person who signed onto the computer was really the owner of the account. (We don't use passwords here -- they're considered unfriendly). Russ Nelson ...hp-pcd!hp-cvd!kirk
ignatz (02/15/83)
Interesting. Unix(Tm) systems don't remember 'everything', compared to some mainframe systems. But aside from that...try convincing a judge/jury that Unix data is secure enough, especially over uucp pathways, that it could prove guilt beyond a reasonable doubt. I know *I* couldn't, as a responsible professional, swear to the accuracy of system logs and records. Unix is too malleable, and too prone to local changes... Dave Ihnat ihuxx!ignatz
leichter (02/15/83)
Interesting...at DEC, we had a similar incident in which person X aborted person Y's job. In our case, X got fired. If you know anything about DEC, you know that getting yourself fired takes some doing... -- Jerry decvax!yale-comix!leichter