[comp.org.eff.talk] Stoll and privacy issues

zippy@chaos.cs.brandeis.edu (Patrick Tufts) (10/05/90)

In the his original ACM article, Stoll says he let all the users know
about the problem.  Presumably, they knew about his efforts to catch
the cracker as well.

The Epson case is a better example of privacy invasion.  Remember,
tho, that many computer centers get you to sign a 'no privacy on this
system' waver.  I wonder if Epson spelled that out to employees?
		 
Pat

-- 

			This .sig space for rent.			     

gl8f@astsun.astro.Virginia.EDU (Greg Lindahl) (10/05/90)

In article <1990Oct04.211114.9489@chaos.cs.brandeis.edu> zippy@chaos.cs.brandeis.edu (Patrick Tufts) writes:

>The Epson case is a better example of privacy invasion.  Remember,
>tho, that many computer centers get you to sign a 'no privacy on this
>system' waver.  I wonder if Epson spelled that out to employees?

I was recently talking to a random undergraduate from an Ivy League
institution who said that not only did they have to sign such a
waiver, but that the systems people read their mail frequently. That
is, their mail wasn't read if they were suspected, but mail was
randomly sampled.

Is this common? If my institution had such a policy I wouldn't like it
one bit.

--
"Restraint, hell. I'm just too fucking busy." -- Bill Wisner

karl_kleinpaste@cis.ohio-state.edu (10/05/90)

gl8f@astsun.astro.Virginia.EDU writes:
   the systems people read their mail frequently. That
   is, their mail wasn't read if they were suspected, but mail was
   randomly sampled.
   Is this common? If my institution had such a policy I wouldn't like it
   one bit.

Around here, mail is private, period.  Anything I see inadvertently by
way of mailer-daemon bounces etc ad nauseum is still private.  I don't
poke at anyone's mailbox without their permission, modulo genuine
evidence that someone is abusing the systems and that traces of the
behavior would be found there.  That's happened twice, maybe.

cosell@bbn.com (Bernie Cosell) (10/05/90)

gl8f@astsun.astro.Virginia.EDU (Greg Lindahl) writes:

}In article <1990Oct04.211114.9489@chaos.cs.brandeis.edu> zippy@chaos.cs.brandeis.edu (Patrick Tufts) writes:

}>The Epson case is a better example of privacy invasion.  Remember,
}>tho, that many computer centers get you to sign a 'no privacy on this
}>system' waver.  I wonder if Epson spelled that out to employees?

}I was recently talking to a random undergraduate from an Ivy League
}institution who said that not only did they have to sign such a
}waiver, but that the systems people read their mail frequently. That
}is, their mail wasn't read if they were suspected, but mail was
}randomly sampled.

I wonder what they would do if you and your correspondents just
encrypted your mail?  I know that years back, in England, the BPO
*forbade* encrypted communications on their leased circuits precisely
because they reserved the right to observe anything sent over them.

  /Bernie\

lear@turbo.bio.net (Eliot) (10/06/90)

gl8f@astsun.astro.Virginia.EDU (Greg Lindahl) writes:
>Is this common? If my institution had such a policy I wouldn't like it
>one bit.

At my alma mater, you had better have a warrant for access.  The
system programmers respect your privacy unless you've demonstrated
that you are not abiding by the rules associated with the account, or
if there is an operational reason for them to access your files (a
rarity at best).
-- 
Eliot Lear
[lear@turbo.bio.net]

alien@hpdmd48.boi.hp.com (Tom von Alten) (10/14/90)

Paul W Placeway (pplacewa@bbn.com) writes, in Re^n hacker = comp. criminal

> Finally, someone who has trespassed into my system should definitely
> have the right to due process.

Isn't it an individual who is accused of a crime that has the right to
due process?  Trespass in a computer system is, well, criminal, so
if you can monitor the criminal, you do not risk getting the wrong guy,
or gal.

Don't get me wrong, I'm for the Bill of Rights, but it seems like this
may be a different issue.
-------------
Tom von Alten		email: alien@hpdmlad.boi.hp.com
                        Hewlett-Packard Disk Mechanisms Division