gnu@hoptoad.uucp (John Gilmore) (10/16/90)
brnstnd@kramden.acf.nyu.edu (Dan Bernstein) writes: > What's wrong with recording what goes on under your own roof? gl8f@astsun7.astro.Virginia.EDU (Greg Lindahl) wrote: > I believe Epson America is going to find out in court, real soon now. > They had a manager who read all of his employee's email, including > mail with rude comments about the manager that the employees thought > was confidential. Sun Microsystems has a policy against anyone reading anyone else's email. It is a firing offense. Many years ago, I was involved in such a situation there, in which some employee read the saved mail of a high level manager. Some managers were 'setting up' employees to be fired. The emp who read his mail notified the employees being set up (of which I was one). You wouldn't believe the stink that this raised! So, to protect EVERYONE's privacy and make it possible to conduct all kinds of discussions, private as well as public, by email, they instituted this policy. If email is not secure, by technology or by strictly enforced edict, you can't handle personnel matters by email. "Recording what goes on under your own roof" sometimes reveals matters that the participants would not have done electronically had they known that monitoring was allowed. -- John Gilmore {sun,pacbell,uunet,pyramid}!hoptoad!gnu gnu@toad.com Just say no to thugs. The ones who lock up innocent drug users come to mind.
kidd@halley.UUCP (Dave Kidd) (10/16/90)
In article <12853@hoptoad.uucp> gnu@hoptoad.uucp (John Gilmore) writes: >brnstnd@kramden.acf.nyu.edu (Dan Bernstein) writes: >> What's wrong with recording what goes on under your own roof? > >gl8f@astsun7.astro.Virginia.EDU (Greg Lindahl) wrote: >> I believe Epson America is going to find out in court, real soon now. >> They had a manager who read all of his employee's email, including >> mail with rude comments about the manager that the employees thought >> was confidential. > >Sun Microsystems has a policy against anyone reading anyone else's >email. It is a firing offense. Many years ago, I was involved in such >a situation there, in which some employee read the saved mail of a high >level manager. Some managers were 'setting up' employees to be fired. About a year ago, Data Communications (I believe) published a comment that said, if effect: if a company doesn't tell its employees their e-mail is insecure, they're entitled to view it as secure. Since then, I've noticed more companies telling people the mail is insecure. Which, in fact, it is -- like it or not. Unless you're encrypting with controlled-key decrypt, there's always SOME way to see another person's mail; given the expertise of the crew around any major computer site they method of viewing will be found. Given the normal range of human variation, SOMEONE might be reading your mail. So the real response is: don't assume your e-mail is secure. If you want to keep it private, take prudent precautions -- which includes not using a networked file or e-mail, and not leaving files on a publicly accessible machine (even a password-protected one). If it must be machine readable, keep the file on a disk and the disk in your pocket (or safe deposit box). -- David N. Kidd, Tandem Computers, Austin TX halley!kidd@cs.utexas.edu (512) 244-8820
peter@ficc.ferranti.com (Peter da Silva) (10/17/90)
In article <12853@hoptoad.uucp> gnu@hoptoad.uucp (John Gilmore) writes: > So, to protect EVERYONE's privacy and make it possible to conduct all > kinds of discussions, private as well as public, by email, they > instituted this policy. Sounds like a good policy, but the rest of the posting indicates that there is no way of really enforcing it: > If email is not secure, by technology or by > strictly enforced edict, ... i.e., in this case email is not secure by technology. So... > you can't handle personnel matters by email. ...this remains, as it does in the case of cordless or cellular phones, a true statement. Of course, I don't think anyone in *this* list needs this pointed out. I do agree that company policy should be that email is private. BUT, I think that unless you have a more secure environment than most UNIX installations you are only prudent in assuming it isn't. -- Peter da Silva. `-_-' +1 713 274 5180. 'U` peter@ferranti.com