kadie@eff.org (Carl Kadie) (06/04/91)
(I understand that these polices will revised soon.) The policies are better than most. The privacy policy is especially good. In my opinion, the weakest policy covers email and netnews. It says that undergrads are prohibited from posting or emailing off campus. This rule is enforced very selectively. To quote an OSU sys admin: "it's just something that's usable as a weapon against the occasional real jerk." (I think such selective enforcement is despicable.) The policy justifies email and netnews censorship by referring to "a specific obligation to the organizations that operate our computer networks". It does not identify an organization or reference an actual contract or policy that requires censorship. (I understand the general policy of OSU prohibits censorship.) It is vague, prohibiting "other unsociable [email] acts". The fatal flaw in the policies is the lack of any notion of due process. It looks like a student or a faculty member could be suspending or expelled from the computer system at the whim of sys admin without recourse to a formal hearing. - Carl -- Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu -- But I speak for myself.
morgan@ms.uky.edu (Wes Morgan) (06/04/91)
In article <1991Jun3.173550.13928@eff.org> kadie@eff.org (Carl Kadie) writes: > >It says that undergrads are prohibited from posting or emailing off >campus. This rule is enforced very selectively. To quote an OSU sys >admin: "it's just something that's usable as a weapon against the >occasional real jerk." (I think such selective enforcement is >despicable.) > >The fatal flaw in the policies is the lack of any notion of due >process. It looks like a student or a faculty member could be >suspending or expelled from the computer system at the whim of sys >admin without recourse to a formal hearing. > Why, oh why, is *everything* turning into a "formal" or "due process" situation? We've never had any problem with a student that wasn't solved with a face-to-face conversation. I've stopped chain letters, obscene files, and email flood wars with a simple "please drop by to see me" message. Sure, users have been locked out here; this only occurred when the student ignored several requests to come in for a meeting. I haven't had to lock anyone out yet; those few occurances were several years ago. I realize that "due process" is a student right; however, aren't we getting just a bit too stringent in its application? Heck, I guess I'll have to schedule a hearing to kill user processes that are using > 75% of the available system, since it's their final project and I'm infringing their rights. Let's step back, take a deep breath, and look at this from a new perspective, shall we? Wes -- morgan@ms.uky.edu |Wes Morgan, not speaking for| ....!ukma!ukecc!morgan morgan@engr.uky.edu |the University of Kentucky's| morgan%engr.uky.edu@UKCC morgan@ie.pa.uky.edu |Engineering Computing Center| morgan@wuarchive.wustl.edu Curator of the benchmark archives at wuarchive.wustl.edu <128.252.135.4>
kadie@eff.org (Carl Kadie) (06/04/91)
morgan@ms.uky.edu (Wes Morgan) writes: >Why, oh why, is *everything* turning into a "formal" or "due >process" situation? We've never had any problem with a student >that wasn't solved with a face-to-face conversation. I've >stopped chain letters, obscene files, and email flood wars with >a simple "please drop by to see me" message. At most places and in most cases no formal hearing is necessary. As you point out, an informal face-to-face conversation is usually sufficent. The *right* to a formal hearing, however, is a necessary check on the sys admin's power. Consider the situation at Ohio State. According to a sys admin there, at least three students are being/were punished because a sys admin thinks they are "real jerk[s]". The students apparently have no way to appeal this judgement. >Sure, users have >been locked out here; this only occurred when the student ignored >several requests to come in for a meeting. I haven't had to lock >anyone out yet; those few occurances were several years ago. A student at Ohio State student tells me that users there are also locked out (denied access to their computer account) when they are wanted for a meeting. The difference is they are given no notice before the lock out. - Carl -- Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu -- But I speak for myself.
rmz@ifi.uio.no (Bj|rn Remseth) (06/04/91)
> Why, oh why, is *everything* turning into a "formal" or "due > process" situation? We've never had any problem with a student > that wasn't solved with a face-to-face conversation. Well, in some cases the system administrators are not as sensible as you. We have just had a case where two students had behaved badly on the IRC (Internet Relay Chat). After failing to get in contact with the offenders, the system administrator decided that the right thing was to close down the entire IRC service. In this case due process instead of total dictatorical powers may have prevented that. The offenders probably got what they deserved, they where excluded, the problem was that everyone else was to. -- (Rmz) Bj\o rn Remseth Institutt for Informatikk Net: rmz@ifi.uio.no Phone: +472 453466 Universitetet i Oslo, Norway NeXTmail: rmz@neste.ifi.uio.no
aej@manyjars.WPI.EDU (Allan E Johannesen) (06/04/91)
>>>>> On 4 Jun 91 00:40:16 GMT, kadie@eff.org (Carl Kadie) said:
kadie> A student at Ohio State student tells me that users there are
kadie> also locked out (denied access to their computer account) when
kadie> they are wanted for a meeting. The difference is they are given
kadie> no notice before the lock out.
Golly. There could be _no_ genuine reason for this, could there?
Ever heard of hacking? Do you think the campus computer systems
should be down in deference to the "rights" of your hacker?
In your world, we'd have to leave the campus systems inoperative while
we wandered around looking for a judge...
russotto@eng.umd.edu (Matthew T. Russotto) (06/04/91)
In article <1991Jun3.232500.24850@ms.uky.edu> morgan@ms.uky.edu (Wes Morgan) writes: >In article <1991Jun3.173550.13928@eff.org> kadie@eff.org (Carl Kadie) writes: >> >>The fatal flaw in the policies is the lack of any notion of due >>process. It looks like a student or a faculty member could be >>suspending or expelled from the computer system at the whim of sys >>admin without recourse to a formal hearing. >> > >Why, oh why, is *everything* turning into a "formal" or "due >process" situation? We've never had any problem with a student >that wasn't solved with a face-to-face conversation. I've >stopped chain letters, obscene files, and email flood wars with >a simple "please drop by to see me" message. Sure, users have >been locked out here; this only occurred when the student ignored >several requests to come in for a meeting. I haven't had to lock >anyone out yet; those few occurances were several years ago. > >I realize that "due process" is a student right; however, aren't >we getting just a bit too stringent in its application? Heck, >I guess I'll have to schedule a hearing to kill user processes >that are using > 75% of the available system, since it's their >final project and I'm infringing their rights. > >Let's step back, take a deep breath, and look at this from a >new perspective, shall we? I was barred from use of the computer systems at the UMCP computer science center without warning. The message put up when I attempted to log on told me to talk to "the System Administrator", whoever the heck that might be. So I called the guy I knew logged on as 'root'--- he told me that I had been locked out by a different guy, the "accounts administrator". I talked to this 'accounts administrator', who told me that he had heard reports that I had been 'bothering people' (by messing with X-windows), but that to get my account back, I would have to talk to the 'system administrator'. I talked to him again, and was sent back to the 'accounts administrator', who sent me back to the 'system administrator'. I got sick of the obvious runaround, and went and applied for a number of new accounts under phony names. Eventually, they brought me to the judicial programs office or having all those accounts, and I was found responsible for 'theft of services'. If there had been some sort of due process in the first place, perhaps I wouldn't have had such trouble. Informal stuff only works when both sides are trying for a real solution-- not when the side with more power only wants to avoid what they percieve as a problem by getting rid of the student involved. -- Matthew T. Russotto russotto@eng.umd.edu russotto@wam.umd.edu .sig under construction, like the rest of this campus.
sbrack@bluemoon.uucp (Steven S. Brack) (06/05/91)
russotto@eng.umd.edu (Matthew T. Russotto) writes: > In article <1991Jun3.232500.24850@ms.uky.edu> morgan@ms.uky.edu (Wes Morgan) > >In article <1991Jun3.173550.13928@eff.org> kadie@eff.org (Carl Kadie) writes > >> > >>The fatal flaw in the policies is the lack of any notion of due > >>process. It looks like a student or a faculty member could be > >>suspending or expelled from the computer system at the whim of sys > >>admin without recourse to a formal hearing. > >> > > > >Why, oh why, is *everything* turning into a "formal" or "due > >process" situation? We've never had any problem with a student > >that wasn't solved with a face-to-face conversation. I've > >stopped chain letters, obscene files, and email flood wars with > >a simple "please drop by to see me" message. Sure, users have > >been locked out here; this only occurred when the student ignored > >several requests to come in for a meeting. I haven't had to lock > >anyone out yet; those few occurances were several years ago. > > > >I realize that "due process" is a student right; however, aren't > >we getting just a bit too stringent in its application? Heck, > >I guess I'll have to schedule a hearing to kill user processes > >that are using > 75% of the available system, since it's their > >final project and I'm infringing their rights. > > > >Let's step back, take a deep breath, and look at this from a > >new perspective, shall we? > When I was locked out of my class account early this quarter, I made 15 phone calls to 10 different people, not counting being transferred all over campus. Apparently the policy of our system administration is to keep students from solving problems on the local admin level. My account priveleges were restored after I met with the chair of the department that owned, but did not manage, the system in question. My telephony took me all the way from my professor to the local system manager to the director of Academic Computing Services, then to the Dean of the Engineering College. I finally called our University Ombudsperson, who helped me determine who I should have been talking to, as none of the people I talked to directed me to the right place. =========================================================================== Steven S. Brack sbrack@bluemoon.uucp The Ohio State University sbrack%bluemoon@nstar.rn.com sbrack@isis.cs.du.edu ===========================================================================
gl8f@astsun7.astro.Virginia.EDU (Greg Lindahl) (06/05/91)
In article <1991Jun4.160947.7193@eng.umd.edu> russotto@eng.umd.edu (Matthew T. Russotto) writes: >If there had been some sort of due process in the first place, perhaps I >wouldn't have had such trouble. Informal stuff only works when both sides are >trying for a real solution-- not when the side with more power only wants to >avoid what they percieve as a problem by getting rid of the student involved. Exactly! And due process only works when it isn't grossly painful. I once had a problem with an undergraduate IRC user at a large US university. Despite many recorded instances of antisocial behavior (he'd get drunk and start sending everyone /usr/dict/words...), his system administrator's attitude was "The process of pulling his account is so long and nasty that I'm not even going to try. Good luck." One would wonder if they would have taken any action if the medium had been netnews or mail. In any case, a few technical fixes to IRC sufficed to solve the problem. When due process fails, not much is left. A fancy document can't guarantee that the process works, either. It merely helps.
ef1c+@andrew.cmu.edu (Esther Filderman) (06/05/91)
Excerpts from netnews.comp.admin.policy: 4-Jun-91 Re: Ohio State University C.. Matthew T. Russotto@eng. (2734) > I got sick of the obvious runaround, and went and applied for a number > of new accounts under phony names. Eventually, they brought me to the > judicial programs office or having all those accounts, and I was found > responsible for 'theft of services'. > If there had been some sort of due process in the first place, perhaps I > wouldn't have had such trouble. You're kidding, right? You wouldn't have broken the rules if they hadn't given you so much trouble, is that what you're saying? > Informal stuff only works when both sides are > trying for a real solution-- not when the side with more power only wants to > avoid what they percieve as a problem by getting rid of the student involved. Did you ever consider finding someone else to help you? The system administrator and the accounts administrator each have a boss. The words, "I want to speak to your supervisor" can get you places if you feel that you're being unjustly treated. Part of gaining maturity is learning that when you seem to be stuck in a bad position you should look for alternate solutions, not break the rules. Yes, you were unjustly treated by having your account turned off without warning and then given the run around, but you played right into their hands by then breaking the rules. ---------------------------- Esther C. Filderman ef1c+@andrew.cmu.edu System Manager Library Automation Mercury Project Carnegie Mellon University They are gardeners and carpenters. They are not tomato men.
chip@pender.ee.upenn.edu (Charles H. Buchholtz) (06/05/91)
In article aej@manyjars.WPI.EDU (Allan E Johannesen) writes: >>>>>> On 4 Jun 91 00:40:16 GMT, kadie@eff.org (Carl Kadie) said: > >kadie> A student at Ohio State student tells me that users there are >kadie> also locked out (denied access to their computer account) when >kadie> they are wanted for a meeting. The difference is they are given >kadie> no notice before the lock out. > >Golly. There could be _no_ genuine reason for this, could there? We do this when we have reason to believe that someone has broken into an account and is using it without the owner's permission. We change the shell on the account so that it simply displays a message asking the person to come to our office. When they arrive, we ask them if the activities were authorized by them or not. If they say, "yes I did that", then we unlock the account and deal with whatever they did. If the action was not in violation of any other restrictions, we simply apologize for the inconvenience. If they say, that they authorized someone to use their account, then we give them the lecture on "account sharing" and unlock the account. If they say that they don't know what we're talking about, then we unlock the account, make sure that they change the password, scan the account for back doors or other security holes, and try to determine how the account was cracked. We couldn't think of any other reasonable response to take when we have good reason to believe that an account has been cracked. Certainly, leaving it open and sending mail is not appropriate under those circumstances. Charles H. Buchholtz chip@ee.upenn.edu Systems Programmer Engineering & Applied Science University of Pennsylvania.
marchany@vtserf.cc.vt.edu (Randy Marchany) (06/05/91)
In article <Z9c2316w164w@bluemoon.uucp> sbrack@bluemoon.uucp (Steven S. Brack) writes: > I made 15 phone calls to 10 different people, not counting > being transferred all over campus. > Apparently the policy of our system administration is to keep > students from solving problems on the local admin level. My > account priveleges were restored after I met with the chair > of the department that owned, but did not manage, the system in > question. My telephony took me all the way from my professor > to the local system manager to the director of Academic Computing > Services, then to the Dean of the Engineering College. I finally > called our University Ombudsperson, who helped me determine who > I should have been talking to, as none of the people I talked to > directed me to the right place. > Geez, this run-around is really inexcusable. What we have here is a failure to communicate not with the user but with the administrators. I think we need to split the issue into separate parts. One purpose of a "policy" statement is to clearly spell out the points of contact for various issues. A single page containing phone numbers or "account mgrs", "user consulants", "technical support", "sysadmins", "the owner" handed out when a user gets an account on a machine or an online version of this list available to the entire computing community of that system(s) or network would reduce the frustration level of the users tremendously. Look at it from the user's point of view, who do you contact if you think someone is messing with your account/data? Having such a simple document would avoid tension between the users and the sysadmins. The second purpose of a policy statement is to CLEARLY delineate the responsibilities of the various personnel mentioned in such a "hit list". Again, this document should be available to the user community (preferably an online version). I stress that individual names are not important, the "job title" is what should be defined. The third purpose of a policy statement is do DEFINE the computing environment for a particular site. Whether you set up a wide open environment or a restrictive one must be defined in this section. The users agree to abide by the "site rules" by implicit means ("by logging on this system, you agree to operate in this environment") or explicitly, i.e., the user signs a form which states he agrees to "play by the rules". A lot of these issues used to be "taken for granted". Of course, the problem is that what one person "takes for granted", another might not. The problem of NOT defining a site's particular policy has been around for years and has caused the usual amount of friction between users and system managers. Clearly, one document that discusses the three points above may not pass through the local political process. However, a series of documents, each covering a separate aspect of the OVERALL scheme has a better chance. Once the statement(s) are put together, they need to be made available to the users. By not doing this, sysadmins and their bosses fail in their responsibility to the user community. Quite frankly, sysadmins are like cruise ship captains, You run passengers thru the lifeboat drills, give them the "house rules" and let them go to have fun or act like jerks. The key issue is that you (sysadmins/owner etc.) spell out what you expect, what to do in emergencies and who to contact. -Randy Marchany VA Tech Computing Center Blacksburg, VA "my opinions are my own."
wlsmith@valve.heart.rri.uwo.ca (Wayne L. Smith) (06/05/91)
Why don't we rename this group to comp.sys.Ohio.cis.policies ?
russotto@eng.umd.edu (Matthew T. Russotto) (06/05/91)
In article <ccGyKxm00WCGQ_g5k7@andrew.cmu.edu> ef1c+@andrew.cmu.edu (Esther Filderman) writes: >Excerpts from netnews.comp.admin.policy: 4-Jun-91 Re: Ohio State >University C.. Matthew T. Russotto@eng. (2734) > >> I got sick of the obvious runaround, and went and applied for a number >> of new accounts under phony names. Eventually, they brought me to the >> judicial programs office or having all those accounts, and I was found >> responsible for 'theft of services'. > >> If there had been some sort of due process in the first place, perhaps I >> wouldn't have had such trouble. > >You're kidding, right? You wouldn't have broken the rules if they >hadn't given you so much trouble, is that what you're saying? Had there been a way I could have gotten my own account back, the one I am entitled to as an undergraduate at this school, I would not have applied for any phony accounts. That is what I am saying. >> Informal stuff only works when both sides are >> trying for a real solution-- not when the side with more power only wants to >> avoid what they percieve as a problem by getting rid of the student involved. >Did you ever consider finding someone else to help you? The system >administrator and the accounts administrator each have a boss. The >words, "I want to speak to your supervisor" can get you places if you >feel that you're being unjustly treated. Maybe. Probably not. I tried that sort of tack in a similiar situation at a different office which was giving me trouble, and found myself in a nice little loop-- a bigger runaround. Only thing that worked was writing a letter to the director of the office-- with copies to everyone from the governor of the state on down. It also took quite a bit of time, something that I didn't have in the other situation (try doing CS classwork without an account). >Part of gaining maturity is learning that when you seem to be stuck in a >bad position you should look for alternate solutions, not break the >rules. Yes, you were unjustly treated by having your account turned off >without warning and then given the run around, but you played right into >their hands by then breaking the rules. I see no need to be constrained by any rules when the other side is not. From a practical point of view, attempting to play their game their way may have saved me some trouble with the judicial programs office-- but it also would have caused me to fail my class. It's all fine and good for you, when you make the rules but don't necessarily have to write them down or follow them yourself, to claim that informal procedures are enough, or that students when wronged by you should follow the rules you set up. It's a different matter for a student with his account cut off, projects due, confronted with sysadmins working against him, who are apparently responsible to no one and need to follow no rules. -- Matthew T. Russotto russotto@eng.umd.edu russotto@wam.umd.edu .sig under construction, like the rest of this campus.
russotto@eng.umd.edu (Matthew T. Russotto) (06/05/91)
In article <Z9c2316w164w@bluemoon.uucp> sbrack@bluemoon.uucp (Steven S. Brack) writes: >> > When I was locked out of my class account early this quarter, > I made 15 phone calls to 10 different people, not counting > being transferred all over campus. > > Apparently the policy of our system administration is to keep > students from solving problems on the local admin level. My > account priveleges were restored after I met with the chair > of the department that owned, but did not manage, the system in > question. My telephony took me all the way from my professor > to the local system manager to the director of Academic Computing > Services, then to the Dean of the Engineering College. I finally > called our University Ombudsperson, who helped me determine who > I should have been talking to, as none of the people I talked to > directed me to the right place. Absolutely. This is apparentely quite common-- every problem I've had with this University, in various departments, has resulted in this sort of runaround. Seems to be standard operating procedure-- which is why a formal, known, due process is needed. The university has a process that staff and faculty can use against students-- why shouldn't students have a process to use against staff and faculty? -- Matthew T. Russotto russotto@eng.umd.edu russotto@wam.umd.edu .sig under construction, like the rest of this campus.
jgreely@morganucodon.cis.ohio-state.edu (J Greely) (06/06/91)
In article <1991Jun4.004016.20415@eff.org> kadie@eff.org (Carl Kadie) writes: >At most places and in most cases no formal hearing is necessary. As >you point out, an informal face-to-face conversation is usually >sufficent. The *right* to a formal hearing, however, is a necessary >check on the sys admin's power. Nothing in those policies overrides university rules. The student's rights are spelled out quite clearly elsewhere, and there's no reason to double the size of every policy document by repeating them. If the policies were in the form of a contract that each user had to sign before getting an account, *then* I'd agree that everything needs to be spelled out. Our posted policies are no different, really, than a "shoes required" sign outside the volleyball court. >Consider the situation at Ohio State. According to a sys admin >there, at least three students are being/were punished because a sys >admin thinks they are "real jerk[s]". I don't know who you're referring to, but for most of us, a user becomes categorized as a "real jerk" when he (or she, but almost always he...) manages to do stupid or abusive things often enough or serious enough to catch our attention. There are about 1200 undergraduate students on our system; you've *really* got to work at it to stand out. I recently found several megabytes of publicly- readable X-rated gifs in an account with a one meg quota. Do I think he's a jerk? You betcha. His punishment? I changed the perms on them and forwarded his name to the operator who takes care of over-quota users. Next time he comes to my attention, will I assume he's guilty of deliberate abuse? Probably not. This was pretty mild, and I wouldn't even have been annoyed if they hadn't been world-readable. >The students apparently have no way to appeal this judgement. This judgement is usually a one-time thing. If they don't make a habit of doing stupid or abusive things on the system, we'll never notice them again (2000 other users make excellent camouflage). >A student at Ohio State student tells me that users there are also >locked out (denied access to their computer account) when they are >wanted for a meeting. The difference is they are given no notice >before the lock out. Our department (I don't know about the many other groups who create student accounts) doesn't usually lock users out without notice unless we suspect someone's using an account to break into our system. Of course, a student who only logs in once every two weeks may miss an e-mail warning. -- J Greely (jgreely@cis.ohio-state.edu; osu-cis!jgreely)
weide@elephant.cis.ohio-state.edu (Bruce Weide) (06/06/91)
Today someone pointed me to this newsgroup because I was chair of the Ohio State University CIS Department Computer Committee in 1984, when the usage policies that were recently posted to this newsgroup were adopted. After having read the follow-ups to the original posting, I thought I should make a few remarks. To summarize: (1) Only one person affiliated with OSU (one of our system staff in message #61) seems to have contributed to the discussion. Apparently no one else -- including the poster of the original message -- is in any way associated with OSU, has any first-hand knowledge of how the policies are administered, or knows whether they have been workable. (2) Most of the discussion actually has had little to do with OSU policies. There has been considerable dialogue about a problem a student had at Maryland -- all under the heading "Ohio State University CIS Policies." ---- (1) In article <1991Jun4.004016.20415@eff.org> kadie@eff.org (Carl Kadie) writes: > >At most places and in most cases no formal hearing is necessary. As >you point out, an informal face-to-face conversation is usually >sufficent. The *right* to a formal hearing, however, is a necessary >check on the sys admin's power. Consider the situation at Ohio State. >According to a sys admin there, at least three students are being/were >punished because a sys admin thinks they are "real jerk[s]". The >students apparently have no way to appeal this judgement. >... >A student at Ohio State student tells me that users there are also >locked out (denied access to their computer account) when they are >wanted for a meeting. The difference is they are given no notice >before the lock out. As J. Greely pointed out in #61, OSU has an elaborate policy on academic misconduct that is used as the basis for pursuing serious alleged violations of the computer usage policies. The procedures are spelled out elsewhere, not in the posted policies. Indeed the policies HAVE BEEN used as the basis for academic misconduct actions. In urgent situations (e.g., break-in in progress), the staff takes immediate action to control damage, but "due process" is not therefore inherently violated, as several people have been quick to point out. As for the business of being locked out of an account "when they were wanted for a meeting," this statement is a mystery to me. First, I have no idea what it means. Furthermore, if a student felt cheated by the policy, the obvious recourse would be to talk to the current chair of the Computer Committee or the OSU CIS Department chair, not to someone at Illinois. While I was chair of the committee no one raised such a question, and I doubt the current chair has heard it either. ---- (2) Much of the discussion has centered on the experiences of a student at the University of Maryland, but the articles were still under the heading of "Ohio State University CIS Policies." A casual reader may have missed this, thinking that the problems arose at OSU from (or at least under) the posted policies. ---- A final remark: The policies are about 7 years old now, and some of them need to be changed to reflect different accounting methods, etc. For example, in 1984, CIS paid for OSU's access to national and international networks. Undergraduates were discouraged at the time from sending mail outside OSU because each message cost us real money (of which we had none to spare, and still don't). Now the situation is entirely different, with the University picking up the essentially fixed cost of Internet connection. The written policies are currently under revision to reflect these kinds of changes; the de facto policy for some time has been that anyone is free to send mail, etc. There was never any intention of "censoring" mail, just making the network connection affordable on a limited budget. Overall, I think people here would agree that having written policies to cover computer usage has served us well. I would advise institutions that have no such policies in place to consider adopting ones that make sense for the particular computing environment in question. Cheers, -Bruce ------ Prof. Bruce W. Weide Dept. of Computer and Information Science The Ohio State University 2036 Neil Ave. Mall Columbus, Ohio 43210-1277 USA Phone: 614-292-1517 E-mail: weide@cis.ohio-state.edu
ted@nmsu.edu (Ted Dunning) (06/06/91)
In article <1991Jun5.143833.21547@eng.umd.edu> russotto@eng.umd.edu (Matthew T. Russotto) writes:
...
The university has a process that staff and faculty can use against
students-- why shouldn't students have a process to use against
staff and faculty?
the use of the word `against' is symptomatic of very deep structural
problems in the organization. once it gets to the point where system
administrators consider users to be trouble to be avoided, and users
consider system administrators to be obstacles to be bypassed, then
there is essentially no hope for constructive action.
i know of no way to get out of this sort of situation.
i do know from personal experience, both on the user and the
administration side that it isn't that hard to avoid getting into this
sort of situation in the first place.
my own checklist of things to do includes the following axioms for
administration include:
1) the systems are there for users to use
2) i am here to make the systems work as well as possible
3) the only purpose for user restrictions is to enhance the user
environment
strict application of these rules from the beginning tends to make the
environment much less confrontational.
--
When in doubt, take the trick.
Hoyle & Hoyle (quoting Hoyle)
fetrow@bones.stat.washington.edu (David Fetrow) (06/06/91)
In article <1991Jun4.160947.7193@eng.umd.edu> russotto@eng.umd.edu (Matthew T. Russotto) writes: > >I was barred from use of the computer systems at the UMCP computer science >center without warning. The message put up when I attempted to log on told >me to talk to "the System Administrator", whoever the heck that might be. So >I called the guy I knew logged on as 'root'--- he told me that I had been >locked out by a different guy, the "accounts administrator". I talked to this >'accounts administrator', who told me that he had heard reports that I had >been 'bothering people' (by messing with X-windows), but that to get my account >back, I would have to talk to the 'system administrator'. I talked to him >again, and was sent back to the 'accounts administrator', who sent me >back to the 'system administrator'. I got sick of the obvious runaround, and >went and applied for a number of new accounts under phony names. Eventually, >they brought me to the judicial programs office or having all those accounts, >and I was found responsible for 'theft of services'. > >If there had been some sort of due process in the first place, perhaps I >wouldn't have had such trouble. Informal stuff only works when both sides are >trying for a real solution-- not when the side with more power only wants to >avoid what they percieve as a problem by getting rid of the student involved. >-- >Matthew T. Russotto russotto@eng.umd.edu russotto@wam.umd.edu > .sig under construction, like the rest of this campus. I have a slightly different perspective on this. "Due Process" should always be around, at least as a backup to informal procedures (e.g. a student ombudsman) but it doesn't (in my experience) speed things up to invoke them. It doesn't fix a place with bad communication and bad attitudes (at least not by itself). Of course I'm writing from the luxurious vantage point of someone who knows virtually all the users of our system with an office right off the main terminal room. It gives the place more of a "team" feel than the "us and them" often (but not always) seen in larger installations and helps keep the communications channels flowing (it helps a lot to be able to see how customers interact with the machines). -dave fetrow- fetrow@biostat.washington.edu (internet) Actually, unix is a very user-friendly system. Its just that it is particular about which users it chooses to be friendly with. -The Oracle
abraham@iesd.auc.dk (Per Abrahamsen) (06/07/91)
>>>>> On 5 Jun 91 18:12:37 GMT, >>>>> jgreely@morganucodon.cis.ohio-state.edu (J Greely) said: jgreely> This was pretty mild, and I wouldn't even have been jgreely> annoyed if they hadn't been world-readable. Would you please explain why making them world *readable* would annoy you? My reaction would be the exact opposite. If other people can't read them, they might get their own private copies, thereby wasting more disc space. At this site, people are encouraged to place pictures they want to keep (regardless of the "rating", this is not an arts department) at a central place. Currently about 35 MB is used for such pictures, about 0.1% of the total amount of disc space. Games (also keept central) use a similar amount of disc space. I think more disc space would be wasted, if the users had their own private copies instead.
jgreely@morganucodon.cis.ohio-state.edu (J Greely) (06/08/91)
In article <ABRAHAM.91Jun6210025@thiele.iesd.auc.dk> abraham@iesd.auc.dk (Per Abrahamsen) writes: >jgreely> This was pretty mild, and I wouldn't even have been >jgreely> annoyed if they hadn't been world-readable. >Would you please explain why making them world *readable* would annoy >you? A combination of university rules and state law. I don't care if a user has a picture showing why a dog is a girl's best friend (although that collie did *not* look happy), but if it's world-readable in a directory named "look", it can cause legal problems for the department. >My reaction would be the exact opposite. If other people can't >read them, they might get their own private copies, thereby wasting >more disc space. They do. Of the 60+ meg of images I found on student file servers, I'd say at least half of them were duplicates, and many of them were already installed in our public "tame" raster directory. If we could set up a group-readable area for images of questionable taste (group "quest", perhaps? :-)), we could perhaps cut down on the amount of duplication. I have a feeling that the department chairman's response to this idea would not be favorable (he's already come very close to ordering us to forcibly remove all questionable images from the system). This material has been reviewed by independent experts who found, based on their professional experience and training, that the material: * has scientific value * does not appeal to the prurient interests of the average adult American. Material is intended for viewing/reading by adults only, for use in the privacy of the customer's home. Not for public use. -- J Greely (jgreely@cis.ohio-state.edu; osu-cis!jgreely)
kadie@eff.org (Carl M. Kadie) (06/08/91)
>In article <ABRAHAM.91Jun6210025@thiele.iesd.auc.dk> abraham@iesd.auc.dk > (Per Abrahamsen) writes: >>Would you please explain why making them world *readable* would annoy >>you? In <JGREELY.91Jun7130139@morganucodon.cis.ohio-state.edu> jgreely@morganucodon.cis.ohio-state.edu (J Greely) writes: >A combination of university rules and state law. Can you be more specific? What rules? What law? It sounds like you selectively enforce your disk quotas based on how much the content might embarrass the department chairman. - Carl -- Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu -- But I speak for myself.
otto@fsu1.cc.fsu.edu (John Otto) (06/08/91)
In article <AEJ.91Jun4090410@manyjars.WPI.EDU>, aej@manyjars.WPI.EDU (Allan E Johannesen) writes... >>>>>> On 4 Jun 91 00:40:16 GMT, kadie@eff.org (Carl Kadie) said: >kadie> A student at Ohio State student tells me that users there are >kadie> also locked out (denied access to their computer account) when >kadie> they are wanted for a meeting. The difference is they are given >kadie> no notice before the lock out. >Golly. There could be _no_ genuine reason for this, could there? I agree. There could be no genuine reason for this.
otto@fsu1.cc.fsu.edu (John Otto) (06/08/91)
In article <1991Jun4.160947.7193@eng.umd.edu>, russotto@eng.umd.edu (Matthew T. Russotto) writes... >In article <1991Jun3.232500.24850@ms.uky.edu> morgan@ms.uky.edu (Wes Morgan) writes: >>In article <1991Jun3.173550.13928@eff.org> kadie@eff.org (Carl Kadie) writes: >>>The fatal flaw in the policies is the lack of any notion of due >>>process. It looks like a student or a faculty member could be >>>suspending or expelled from the computer system at the whim of sys >>>admin without recourse to a formal hearing. >>Why, oh why, is *everything* turning into a "formal" or "due >>process" situation? We've never had any problem with a student... >I was barred from use of the computer systems at the UMCP computer science >center without warning. The message put up when I attempted to log on told .. >back to the 'system administrator'. I got sick of the obvious runaround, and >went and applied for a number of new accounts under phony names. Eventually, >they brought me to the judicial programs office or having all those accounts, >and I was found responsible for 'theft of services'. >If there had been some sort of due process in the first place, perhaps I >wouldn't have had such trouble. Informal stuff only works when both sides are >trying for a real solution-- not when the side with more power only wants to >avoid what they percieve as a problem by getting rid of the student involved. My favorites are when it's the administration that's violating one's rights (both when recognized by law and not). If you or your daddy's not a lawyer or politico, you can petition for redress of grievance all you want and the bozos get away with it. Current policies requiring abuse of socialist insecurity numbers come to mind.
otto@fsu1.cc.fsu.edu (John Otto) (06/08/91)
In article <ccGyKxm00WCGQ_g5k7@andrew.cmu.edu>, ef1c+@andrew.cmu.edu (Esther Filderman) writes... >Excerpts from netnews.comp.admin.policy: 4-Jun-91 Re: Ohio State >University C.. Matthew T. Russotto@eng. (2734) >> Informal stuff only works when both sides are >> trying for a real solution-- not when the side with more power only wants to >> avoid what they percieve as a problem by getting rid of the student involved. > >Did you ever consider finding someone else to help you? The system >administrator and the accounts administrator each have a boss. The >words, "I want to speak to your supervisor" can get you places if you >feel that you're being unjustly treated. Yes. I've gone that route, too. (Miss Manners [tm] suggests it in one of her books.B-) The trouble is that they usually just route you back down so now you've got a 2-D bounce pattern. Thomas Jefferson twice said that a little rebellion now and then is a good thing.
otto@fsu1.cc.fsu.edu (John Otto) (06/08/91)
In article <1991Jun5.143833.21547@eng.umd.edu>, russotto@eng.umd.edu (Matthew T. Russotto) writes... >In article <Z9c2316w164w@bluemoon.uucp> sbrack@bluemoon.uucp (Steven S. Brack) writes: >> When I was locked out of my class account early this quarter, >> I made 15 phone calls to 10 different people, not counting >> being transferred all over campus. >> Apparently the policy of our system administration is to keep >> students from solving problems on the local admin level. My >> account priveleges were restored after I met with the chair >> of the department that owned, but did not manage, the system in >> question. My telephony took me all the way from my professor >> to the local system manager to the director of Academic Computing >> Services, then to the Dean of the Engineering College. I finally >> called our University Ombudsperson, who helped me determine who >> I should have been talking to, as none of the people I talked to >> directed me to the right place. >Absolutely. This is apparentely quite common-- every problem I've had with >this University, in various departments, has resulted in this sort of >runaround. Seems to be standard operating procedure-- which is why a formal, >known, due process is needed. The university has a process that staff and >faculty can use against students-- why shouldn't students have a process >to use against staff and faculty? As lead hot-line person I usually try to short out the run-around by taking the person's statement, name and means of contact and running down the appropriate person to set things right. It hasn't outright failed, yet, but it occasionally gets co-workers ticked off at me.