Can any of you computer gurus answer the following or point me in the
right direction to get the answer?:
I'm starting a new job at a small school. They have pretty good
computer resources and networking (e.g., multiple ethernet connections
in all classrooms), but the admin. I've met seems rather suspicious,
and I bet that he looks at everyone's online activities
Is there a way I can keep my online activities private? I'm no porn
surfer, but I don't like the idea that they might be trying to read my
e-mail, or that they'd know it if I looked at the wreck during a
boring moment.
FYI, I use a Mac.
Thanks,
H
In article <[email protected]>,
Hylourgos <[email protected]> wrote:
>Dave Hinz <[email protected]> wrote in message
>news:<[email protected]>...
>> On 31 Jul 2004 17:43:01 -0700, Hylourgos <[email protected]> wrote:
>> >
>> > For surfing, what about using an anonymizer service? Will those thwart
>> > an admin?
>>
>> Quite the opposite, it's a red-flag to say "This guy is trying to
>> pull something, keep an eye on him".
>
>I'm not concerned about raising his suspicions, I care only if he can
> do something about them.
An anonymizer prevents your personal information from going to a remote
web-server. It does -nothing- as far as concealing what you are doing
from someone with the ability to watch the local network traffic.
>> > For e-mail, can I use some kind of encryption?
>>
>> I could swear I answered that, maybe you missed it.
>
>Not in this thread...[I just checked, you did mention PGP in the other
>thread, but I don't think I'd read it before responding in this
>thread]
>
><snip info on wireless, thanks>
>>
>> > I will be using my own laptop in the classroom, so I have some
>> > leverage on the privacy issue. I'm mostly concerned that any
>> > negotiations or job offers I get from others remain private.
>>
>> You want to use your _work_ account, not only to conduct personal
>> business, but to look for another job? Sounds like a good way to
>> _need_ another job. 10 bucks a month gets you a dialup account.
>
>I'm not looking for another job, but I receive offers on a regular
>basis, and prefer to keep those conversations private. Do I hesitate
>to use a _work_ account for private business?
Well, maybe you _better_ hesitate. <grin>
All email to a work account is the property of the *employer*. They
can read it, filter it, store it (permanently!), etc. *without* so
much as a 'by your leave'. This has been litigated, more than once,
And the law _is_ clear.
If the school in question is a public school, _any_ of your emails are
subject to a FOIA demand.
If it's a private institution, they can still be compelled to produce
any/all such mail, as part of 'discovery' in a legal action.
The "generally accepted standard" for email is:
'don't put in email anything you wouldn't put on a postcard.'
Encryption for email works. Unfortunately, it works *only* between those
parties -- *both*ends* -- who have made advance arrangements to use it.
It's *USELESS* if one party doesn't have the appropriate tools/facilities.
> Not usually, as long as
>it doesn't interefere with my work. Remember, teaching is not a 9-5
>job. Most of my evenings are taken up with school work of one kind or
>another. And at private schools you must often give up evenings and
>weekends. We're entitled to some leeway. Standard business practices
>differ for obvious reasons.
>
>> > Incidentally, Mark L, who wrote "I agree that if you're using your
>> > employees pc on their dime you shouldn't bitch about the lack of
>> > privacy re email or net surfing."
>>
>> It's their network, their bandwidth, and if you're in the US, it has
>> long been found to be within their rights. They can listen in on
>> your personal phone calls too, by the way. Don't like it? Don't
>> do it, or get the law changed.
>
>Phone calls are still normally protected by law, unless the employee
>gives consent.
NOT TRUE! I've been in discussions on that *very* point in an actual legal
discussion group -- where I held the opinion that the employee _did_ have
to give consent, and had the contrary facts (complete with case cites)
rammed down my throat.
In the U.S., phone calls _at_work_, on work phones, are *NOT* protected to
any significant extent against listening in _by_the_employer_, or a 'agent'
of the employer. A pay phone, that happens to be located at the place of
employment, is a different matter.
> And the fact that they own property you use does not
>give them absolute rights beyond that property. My intellectual
>property is also involved,
You are spouting bullsh*t.
The network, the equipment used to connect to the outside world, etc.
are *their* property. THEY pay for it.
They have the absolute right to dictate how, and for what purposes
their employees may use _their_ resources.
Your 'intellectual property' gives you *NOTHING* with regard to the use
of _their_ facilities.
>between those shared property rights. But I understand your pragmatic
>approach, and appreciate the advice.
You have *no* "rights" to their equipment/property. In fact, there are
*no* "rights" on the Internet, _none_whatsoever_. The only thing that
exists is 'privileges'. Either extended as a courtesy, or as part of
a contractual agreement.
>
>I feel for the worker who has to give in to a Big Brother type corp.
>and give up so many privileges. I am not in that position. I am
>coveted, as far as school administrators go, and can make reasonable
>demands, but network admins are another ballgame altogether, I'm just
>trying to protect my privacy from *them*.
Doing that is *really* simple. *DON'T*DO*ANYTHING* you don't want them
to see, _from_their_network_. End of story.
>I have yet to feel hindered by the law in this regard, but if I have
>to work to see a law changed it won't be the first time.
The law says "their property, their rules." Trust me, you _don't_ want
to see that changed.
[[.. munch ..]]
> Privacy is a good thing: if you expect it, you'd better give
>it. School administrators understand that when I tell them, but
>network admins are given extraordinary power in having access to
>normally private information. I want to ensure that they don't misuse
>it on me.
Then *don't* use the network. That _will_ ENSURE* that there is no
potential for mis-use.
>
>> Their network, their rules. Don't like it? Don't use it.
>
>Your caveat is well taken. But it is no more *their* network than it
>is mine.
Ignoramus.
Who owns the in-building network wiring?
Who owns the in-building networking equipment?
Who pays for the connection to the outside world?
Yes, it *IS* 'their' network. They being the company/school/etc.
And the admins are the 'delegated agent' of the owners..
If the owners trust those admins to do the job the way the owners want
it done, then _your_ opinion simply doesn't count/matter.
If you don't like it. don't use _their_ network.
> And who guards the guardians?
'Who guards the guardians?' is not *your* concern. It matters only to
those who are the employers of the guardians, and the owners of that
which they are employed to guard.
Don't like it? Tough. Welcome to the 'real world'.
On 31 Jul 2004 08:46:30 -0700, Hylourgos <[email protected]> wrote:
>
> I'm starting a new job at a small school. They have pretty good
> computer resources and networking (e.g., multiple ethernet connections
> in all classrooms), but the admin. I've met seems rather suspicious,
> and I bet that he looks at everyone's online activities
Well, it _is_ their bandwidth and network you're using, and he is
responsible for not having those resources wasted...
> Is there a way I can keep my online activities private? I'm no porn
> surfer, but I don't like the idea that they might be trying to read my
> e-mail, or that they'd know it if I looked at the wreck during a
> boring moment.
For email, find a webmail that connects with https:// connections
rather than just http:// - they'll see you're at a site, but can't
read the trafic.
> FYI, I use a Mac.
>
Then you also have the option of opening an ssh session off to an
external machine (maybe a mac at home) and connecting through thre.
Again, there'll see the session bu t not what you are doing. Keep
in mind that this may be seen as going around security put in place
(which it's not, but it could be presented as such) and could
get you in trouble.
Dave Hinz
On 31 Jul 2004 17:43:01 -0700, Hylourgos <[email protected]> wrote:
>
> For surfing, what about using an anonymizer service? Will those thwart
> an admin?
Quite the opposite, it's a red-flag to say "This guy is trying to
pull something, keep an eye on him".
> For e-mail, can I use some kind of encryption?
I could swear I answered that, maybe you missed it.
> Do wireless connections differ in this respect as far as privacy goes?
Yes, they are orders of magnatude less secure. And it still goes
through your employer's network.
> I will be using my own laptop in the classroom, so I have some
> leverage on the privacy issue. I'm mostly concerned that any
> negotiations or job offers I get from others remain private.
You want to use your _work_ account, not only to conduct personal
business, but to look for another job? Sounds like a good way to
_need_ another job. 10 bucks a month gets you a dialup account.
> Incidentally, Mark L, who wrote "I agree that if you're using your
> employees pc on their dime you shouldn't bitch about the lack of
> privacy re email or net surfing."
It's their network, their bandwidth, and if you're in the US, it has
long been found to be within their rights. They can listen in on
your personal phone calls too, by the way. Don't like it? Don't
do it, or get the law changed.
> I don't know with whom you are
> agreeing, but I cannot disagree more. It's dishonest employer practice
> in most circumstances I've seen, that's my opinion anyway.
>
"dishonest" implies that they hide it, which they clearly do not, or
your question wouldn't have been asked in the first place.
Their network, their rules. Don't like it? Don't use it.
On 31 Jul 2004 23:14:07 -0700, PC Gameplayer <[email protected]> wrote:
>>
> This allows you to encrypt stuff that you send to someone
> else--of course, if he "hacks" into your machine, he can look at your
> outbox with no problem.
He said he has a mac, so there's not much concern of the admin "hacking
in", nor of him ushing NT-domain-specific stuff onto it. But, unless
the traffic through _all_ of his gear is encrypted, it can be
intercepted and read. And, if it _is_ all encrypted, that might get
noticed.
On 1 Aug 2004 21:36:58 -0700, Hylourgos <[email protected]> wrote:
> Dave Hinz <[email protected]> wrote in message news:<[email protected]>...
>> Quite the opposite, it's a red-flag to say "This guy is trying to
>> pull something, keep an eye on him".
>
> I'm not concerned about raising his suspicions, I care only if he can
> do something about them.
Sure. Depending on which SSL encryption is used, he could grab the
encrypted response, brute-force it, and have a decryption of enough
of the traffic to be a problem in minutes, hours, or days. Also,
this could be seen as "intentionally bypassing IT security", which
is probably fireable anywhere. Certainly wouldn't look good on your
review to be caught at something like this. Also, some of the anonymizers
pass the URL info in the clear in the URL line, there it's simply a matter
of them re-asking for the same thing to see where you were going. Further,
if there is a proxy server at your school (as there most likely is),
content of the proxy server can be cached for everyone, or for just people
they chose to watch. All these things _can_ be done, but obviously I
have no idea of _if_ they're being done where you are.
>> > For e-mail, can I use some kind of encryption?
>>
>> I could swear I answered that, maybe you missed it.
>
> Not in this thread...[I just checked, you did mention PGP in the other
> thread, but I don't think I'd read it before responding in this
> thread]
Nope, I didn't mention PGP. I said that if you're using a webmail
that's https:// they will see you're going to a webmail server, but not
be able to read the traffic without getting creative. If you're using
a webmail that connects with https://, you might as well print everything
and leave it laying on your desk, because it's that trivial to read.
>> You want to use your _work_ account, not only to conduct personal
>> business, but to look for another job? Sounds like a good way to
>> _need_ another job. 10 bucks a month gets you a dialup account.
>
> I'm not looking for another job, but I receive offers on a regular
> basis, and prefer to keep those conversations private. Do I hesitate
> to use a _work_ account for private business? Not usually, as long as
> it doesn't interefere with my work. Remember, teaching is not a 9-5
> job.
Both of my parents being teachers, I'm aware of that.
> Most of my evenings are taken up with school work of one kind or
> another. And at private schools you must often give up evenings and
> weekends. We're entitled to some leeway. Standard business practices
> differ for obvious reasons.
You should find out what your school's acceptable internet usage policy
is. Then, you can decide if and how you choose to violate it. Maybe
they really don't care as long as you don't, as another admin put it,
make more work for them. Over the years, I've run into a few "problem
users", the ones who noise up my network, or are continually trying to
find ways around the security I have built. For most of 'em, a "Hey,
stop doing (thing) please, because it makes my monitoring stuff go
nuts, OK?" was sufficient. But, I've also had the boss's boss call me
into his office for the "We need to know what (person) is doing, web,
email, everything" chat, and (person) was soon no longer working there.
For 10 bucks, you can bypass the whole thing by getting a home internet
account. Heck, you may be able to use it _from_ work by dialing out
on an outside line right from your classroom.
>> It's their network, their bandwidth, and if you're in the US, it has
>> long been found to be within their rights. They can listen in on
>> your personal phone calls too, by the way. Don't like it? Don't
>> do it, or get the law changed.
>
> Phone calls are still normally protected by law, unless the employee
> gives consent.
Check your employment agreeemnt, you may have done so.
> And the fact that they own property you use does not
> give them absolute rights beyond that property. My intellectual
> property is also involved, and court decisions constantly undulate
> between those shared property rights. But I understand your pragmatic
> approach, and appreciate the advice.
Maybe dialup from the classroom is the answer.
> I feel for the worker who has to give in to a Big Brother type corp.
> and give up so many privileges.
From my perspective, it's not about "Big Brother", it's about keeping
crap from getting into the network. Obviously a Mac presents exactly
zero threat of virus, trojan, or other infestation, so that's not a
problem. However, I'm also responsible when the "network is slow"
so I have to keep an eye on it to make sure people aren't watching
streaming video from whatever sports site on bandwidth that isn't
cheap, and so on.
> I am not in that position. I am
> coveted, as far as school administrators go, and can make reasonable
> demands, but network admins are another ballgame altogether, I'm just
> trying to protect my privacy from *them*.
Ethically, if they're snooping and don't have a damn good, work-related
reason for it, they can and should be fired. You don't read a user's
email just because you can, you don't snoop their traffic just because
you want to get dirt on 'em. But, if it's "Wow, that port is taking
a whole shitload of traffic, what kind of traffic is it", then it's
certainly reasonable to expect that if it attracts attention, it
might get investigated.
>> "dishonest" implies that they hide it, which they clearly do not, or
>> your question wouldn't have been asked in the first place.
>>
> Dishonesty does not, by necessity, imply hiding in the sense you use
> it here--at least in any of the standard philosophical tracts on
> ethics I've read. Although I suppose you could argue that an
> institution of the liberal arts that does not extend minimal privilege
> and trust to its teachers is "hiding" a pusillanimous suspicion, if
> they do not openly admit it. (I don't think that's what you meant.).
This is where I'm going to excuse myself from the conversation,
because (a) I really don't care, and (b) can't be bothered. The
situation is what it is, and that's what you need to either
decide to live with, or circumvent, the conditions that exist.
>> Their network, their rules. Don't like it? Don't use it.
>
> Your caveat is well taken. But it is no more *their* network than it
> is mine. And who guards the guardians?
Well, any admin who abuses their access should, and will, get fired.
Employers, right now, have the right to order them to do so, and
I don't see that changing any time soon.
In article <[email protected]>, Hylourgos wrote:
> For surfing, what about using an anonymizer service? Will those thwart
> an admin?
No.
> For e-mail, can I use some kind of encryption?
Yes.
> Do wireless connections differ in this respect as far as privacy goes?
No.
> I will be using my own laptop in the classroom, so I have some
> leverage on the privacy issue. I'm mostly concerned that any
> negotiations or job offers I get from others remain private.
Put them elsewhere on a server that supports IMAPS (the S is important)
or POP3S (likewise).
> Incidentally, Mark L, who wrote "I agree that if you're using your
> employees pc on their dime you shouldn't bitch about the lack of
> privacy re email or net surfing." I don't know with whom you are
> agreeing, but I cannot disagree more. It's dishonest employer practice
> in most circumstances I've seen, that's my opinion anyway.
No, it is not. Suppose you start up a website on their machine that
specializes in necrophilia? Can you see the headlines? Will it be
"Wierdo puts up awful website", or "Texas A&M Dead People Sex Site!!!"
(I hate T-A&M for creating that crime against nature, the TAM Jalapeno).
Or suppose you start posting to alt.sex.pre-teens from a work machine?
Or pass around drug/sex/terrorist email on a work machine?
The courts have determined that you have no right of privacy on a work
supplied machine OR INTERNET CONNECTION. You can use PGP/GPG to
encrypt email, but the fact that you do can be detected. They can
ask you to stop, or fire you if you don't. I would suggest that you
do a google on "BOFH" before you try to get clever with the system
admins...
On 3 Aug 2004 17:12:04 -0700, Hylourgos <[email protected]> wrote:
> Old Nick <[email protected]> wrote in message news:<[email protected]>...
>>
>> On their network, and email connection, they have the right to _do_
>> anything they want regarding your usage.
>
> A legal right? No, that is not correct.
Er, yes it is. Someone else here offered to cite chapter and verse,
why don't you take them up on that offer and educate yourself, rather
than pissing in the wind on something you are decidedly and demonstrably
wrong about.
>> You talk of honesty, and yet you are hungrily asking for ways to
>> secretly circumvent their finding out about what you do as their
>> representative, on their equipt, and probably in their time on their
>> pay to you. You begin to sound like exactly the sort of trouble they
>> are hunting for.
>
> Sorry, you are mistaking me for Kunta Kinte. I, on the other hand, am
> a freeborn American.
Always helps to make your point by bringing up the race card, is that it?
Where the hell do peole come up with these ideas?
> What have I indicated I would do that seems
> dishonest to you? You write as if you are quite sure on this, so I'm
> curious what you have in mind....
You are apparently the only one who doesn't see "How do I get around
what the school has set up to keep me from doing something" as dishonest.
>> In an organisation, if you are using their gear, you _are_ their rep,
>> both internally and externally. If you surf around and are IDd in any
>> way, it will probably be under their banner. They care about that. If
>> you bring stuff back with you that compromises their system in any
>> way, they have a right to do something about that.
> Yes, this is a good point (although I would not say that using their
> gear--which is not entirely my case, as already explained--is a
> prerequisite to the concerns you mention).
The fact that it's your laptop doesn't mean a thing. Your traffic is
still going through their switchgear, and being presented to the world
as coming from them. I thought you said you were going to not do any of
this, by the way, how come we're back on it again?
>> While you can swear black is blue you will not be "dishonest", the
>> same cannot be said for everybody (believe me!) and there is always
>> the chance that you will make a mistake. There is no way they know
>> what is what without putting out blanket policies.
>>
> Again, good points to consider.
We've heard that from you before.
>> If you are concerned that your applications for other jobs will be
>> used against you unfairly, then face up to the people concerned about
>> it. If you are simply trying to hide your activities, then it's your
>> problem. Leave the applications at home.
>
> You did not read carefully: I have no applications out.
Then why did you bring it up? The point he's making, and you're
intentionally missing, is that if it's not school business, and you
wouldn't be comfortable leaving printed out copies of it on your desk
(or bulletin board), don't do it from school. Full stop. Nothing
complex here.
Oh, and please trim out the hundreds of lines of history to the post
if you're not gonna address any of it, 'K?
On 3 Aug 2004 17:57:41 -0700, Hylourgos <[email protected]> wrote:
> Dave, I have especially enjoyed your comments, which are obviously the
> product not merely of relevant experience, but a good analyticaly mind
> (and good sense of humor).
Thanks. Now get clear on the concept of who owns the network and how
they could fire you for misusing it, and you'll be fine.
>> Nope, I didn't mention PGP. I said that if you're using a webmail
>> that's https:// they will see you're going to a webmail server, but not
>> be able to read the traffic without getting creative. If you're using
>> a webmail that connects with https://, you might as well print everything
>> and leave it laying on your desk, because it's that trivial to read.
> Should one of those (the latter?) read http:// ?
Yes.
>> You should find out what your school's acceptable internet usage policy
>> is. Then, you can decide if and how you choose to violate it. Maybe
>> they really don't care as long as you don't, as another admin put it,
>> make more work for them. Over the years, I've run into a few "problem
>> users", the ones who noise up my network, or are continually trying to
>> find ways around the security I have built. For most of 'em, a "Hey,
>> stop doing (thing) please, because it makes my monitoring stuff go
>> nuts, OK?" was sufficient. But, I've also had the boss's boss call me
>> into his office for the "We need to know what (person) is doing, web,
>> email, everything" chat, and (person) was soon no longer working there.
> I don't really want to subvert any well-intended security that our
> network has built for the purpose of protecting the network. I don't
> think I've ever done anything that remotely threatened the security of
> a network I've used. I just want to protect my own privacy.
But if they see you using an anonymizer, or ssh tunneling, or
whatever, they may _feel_ it is being used to bypass what they have
put in place, and that would be accurate. IF they wanted to, they
could present it any way they chose. These aren't the sort of things
that by themselves are likely to be a problem, but if someone gets
an attitude and wants to "find something" on you, it gives 'em an easy
target.
> Since I'm new at this school, I'm not really sure what the network
> admin is like, but I'll be sure to try to get to know him--that won't
> hurt regardless his snooping habits.
Buy him food and/or drink. Never hurts.
> In the meantime, I'd like to know
> just what and how well I can protect myself. You have answered that to
> my satisfaction, even though the answer was not optimistic.
Yup.
>> For 10 bucks, you can bypass the whole thing by getting a home internet
>> account. Heck, you may be able to use it _from_ work by dialing out
>> on an outside line right from your classroom.
> I could do that, but I hate modem connections. I'll just wait until I
> get home to do anything that even hints of unapproved activity. Even
> Caesar's computer must be above suspicion nowadays, it seems.
Your respones here are not consistant with your responses to Nick.
>> Ethically, if they're snooping and don't have a damn good, work-related
>> reason for it, they can and should be fired. You don't read a user's
>> email just because you can, you don't snoop their traffic just because
>> you want to get dirt on 'em.
>
> You enjoin me to accept things as they are below, and I must return
> the favor at this point. You're right, of course, in the first
> sentence above. The problem is that very few administrators have the
> ability or inclination to discover a networker's transgression.
> Regarding the second sentence, you must have a bright outlook on human
> nature if you believe that.
There are plenty enough examples of people in my position being fired
and/or sued for violating the trust that our job entitles that even
those who aren't all that honest, are still very likely not to "go there".
> Me, I'm a Federalist 10/Duc de LaRochefoucault kind of guy.
OK, I'm sure that would mean alot to someone who knows who that is.
Me, I'm the "jaded and cynical" type.
>> But, if it's "Wow, that port is taking
>> a whole shitload of traffic, what kind of traffic is it", then it's
>> certainly reasonable to expect that if it attracts attention, it
>> might get investigated.
> Right, and it get tricky here, ethically and legally.
Not at all. Once it starts impacting the hardware my boss pays me
to keep from falling over and catching fire, it becomes my business.
No fuzzy line, no gray areas, it's "What the hell is happening at IP
address xxx.xxx.xxx.xxx that's saturating my switch". At that point,
troubleshooting continues until the cause is identified. Like I said,
in the past I've done the "Er, hi, please stop doing (thing) because
it's making my monitoring stuff get all excited and paging me". Almost
always that's been a self-correcting problem, I tell the person it's
been noticed and that I know what he's doing (streaming media seems to
be a favorite), and that I'd like it to stop. If it did continue, I'd
get his streaming media player removed from his system or block the
traffic at the switchgear, if he went around that, _then_ we start
escalating it to managers. As per policy. No BigBrother about it,
it's a clear case of Joe User going around what has been put in
place to keep the network healthy.
> A networker has
> such wide-ranging power and the to abuse that power in virtual
> privacy. Compare him to a police officer and search warrants, and
> you'll get what I mean.
If a cop breaks into your house without a warrant, they are also
doing something not only illegal, but possibly fatal. Not sure how
that relates to you putting traffic on my network that isn't supposed
to be there.
> But as you observe, that's how it is.
><snip digression on ethical philosophy>
Oh, damn.
>> This is where I'm going to excuse myself from the conversation,
>> because (a) I really don't care, and (b) can't be bothered. The
>> situation is what it is, and that's what you need to either
>> decide to live with, or circumvent, the conditions that exist.
>
> Ah, but you do care, you have been bothered, and thank you for the
> insights.
No, what I'm saying is I don't care to get into the whole philosophical
side of this, other than "tough, that's the situation, live with it or
work to get it changed, but don't go around it or my counterpart is
very likely to stop you".
>> Well, any admin who abuses their access should, and will, get fired.
>
> Should? Yes. Will? Rarely. Fewer than 1 in 1000 abusers get nailed on
> this one, I would venture to bet.
I'm in the field, and you clearly are not. I have direct personal
knowledge of two admins who were found doing this, and both of them were
fired. Yes, limited sample size and all that, but it's _just_ _not_ _done_.
When it's done, it's not tolerated.
>> Employers, right now, have the right to order them to do so,
>
> "so" being "to get fired"? (sorry, I'm not sure what you meant here)
"to do so" being "to monitor everything you do online". Again, caselaw
has established this.
On 3 Aug 2004 19:45:09 -0700, Hylourgos <[email protected]> wrote:
> Robert,
>
> You have delivered quite the indignant tirade, which I hope indicates
> that this topic has touched some nerve in you originating outside this
> thread. Otherwise, all the puffery seems out of place....
Actually, Robert is speaking the truth and you don't like the answers.
Your tone is amazingly inconsistant from one message to another, and
makes me wonder why I'm bothering.
On 4 Aug 2004 13:47:24 GMT, Ed Clarke <[email protected]> wrote:
> I would suggest that you
> do a google on "BOFH" before you try to get clever with the system
> admins...
Ouch, I'm not sure pointing him to that is a good idea. He seems
the type that will take it as gospel rather than recognizing it as
a parody of what we'd be like if (a) we could get away with it,
and (b) our actions doing such didn't have real world implications.
Fun to read, don't get me wrong, but he seems the type to take it
for real.
On 4 Aug 2004 19:13:43 -0700, Hylourgos <[email protected]> wrote:
> Dave Hinz <[email protected]> wrote in message news:<[email protected]>...
>>
>> Ouch, I'm not sure pointing him to that is a good idea. He seems
>> the type that will take it as gospel rather than recognizing it as
>> a parody of what we'd be like if (a) we could get away with it,
>> and (b) our actions doing such didn't have real world implications.
>> Fun to read, don't get me wrong, but he seems the type to take it
>> for real.
>
> Oh, I get it, the ability to snoop around in your network at people's
> private stuff is not enough for you,
Are you accusing me? On what basis do you make such a statement?
> so now you're going to scold
> someone for suggesting reading material?
Scold? Bah. Wasn't intended as such, and I doubt that he took it
as such. Your response validates my concerns, however, that you're
the type to take every possible thing the wrong way. You go out of
your way to act put out upon, it seems. I've seen your type before.
> You were right not to want to get into the philosophical angles, you
> have some bad (mis-)reading habits. Consider exercising the same
> aversion to pop-psych, would you?
pop-psych? WTF are you coming from? I cautioned someone that pointing
someone like you to the BOFH library would give you the wrong ideas.
Clearly, that's an accurate estimation.
On 4 Aug 2004 19:47:55 -0700, Hylourgos <[email protected]> wrote:
> Dave Hinz <[email protected]> wrote in message news:<[email protected]>...
>>
>> Actually, Robert is speaking the truth and you don't like the answers.
>
> For one who doesn't care to engage in philosophy, you're free and easy
> with talking about things like the truth.
I'm not shy about telling people when they're full of crap.
> And Robert is simply wrong, legally.
...like that.
>
>> Your tone is amazingly inconsistant from one message to another,
> If you should take all my posts in this thread out of the context of
> each sub-thread, as you have apparently done, and evaluate them, you
> would indeed find a wide range of tones or even personae, which you
> label inconsistency.
You went from "Thanks for all the input, I'll play it safe until I
can figure out how to do it in a way I can't be detected", right back
to "you are wrong that it's their network and they set the rules".
That's known as "inconsistent". Perhaps "waffling" might be more
along your lines?
> Would you have me believe that you talk to different people in
> different situations with the same tone and persona? I've never met
> such a person.
Rarely do you find one who contradicts themself from one post to the
next. Apparently you don't see yourself doing this. Maybe you just
aren't getting your points down well, but going from "Thanks, I'll not
do it" to "yabut, I can" aren't two ideas that are particularly similar.
> What I didn't like about Robert's message, which has nothing to do
> with you, were things like: name calling ("Ignoramus"), aggrandizement
> (pretending to be some big legal expert on the basis, apparently, of
> participation in a discussion group), and general insults ("you're
> spouting bullshit!).
Pardon, but you _are_ spouting bullshit. Just because you don't like
how he's telling you doesn't make it any less true. You obviously
don't know much about IT, several people here do and tried to explain
to you where you were wrong. Robert's extremely well written
responses (which, in my opinion, are more time consuming than someone
like you deserves) may not make you happy, but fact remains that he
_does_ know what he's talking about and is eloquent enough to
communicate effectively to anyone not intentionally misunderstanding
what he writes (that would, apparently, be you).
> I had been civil, I had not deserved the first
> and third, so I dished some back. But again, that has nothing to do
> with you.
So take it to email if you don't want others discussing it in a
_discussion group_.
>> and
>> makes me wonder why I'm bothering.
>
> Me too. Why bother getting involved in this sub-thread?
Because I'm not content to let your blatantly incorrect statements
go unchallenged.
On 4 Aug 2004 20:56:34 -0700, Hylourgos <[email protected]> wrote:
> He may at some point take me
> up and cite those cases, at which point I may cite opposing cases.
> That's how it's done in a real court. Your (and several participants
> in this thread) idea of how the law works astounds me.
You're the one saying they are both recent and invalid, the onus is on
you to back that up. It's quite possible that you've made it this
far while being completely oblivious to your surroundings, surprising
as that is. Are you also going to ask us to research for you why
the sky is blue, why water is wet, and why other truths are true?
> You are the one who has demonstrated exactly zilch on the legal
> arguments.
I'm not the one claiming that my employer's network is free for my
own personal exploitation, you are.
> No one has yet commented on my objection that contracts are cabable of
> protecting one's privacy even in the scenarios you present as very
> 1984-ish for the end computer user. What, cat got your tongue?
I asked several times what your employment agreement says in the
way of an acceptable use policy, and you never responded to that
aspect of my posts.
> And contract law is just one way for the private user to address the
> legal problem. There are other avenues.
There is no legal problem, there is reality and there is you, at odds
with it.
>> > Sorry, you are mistaking me for Kunta Kinte. I, on the other hand, am
>> > a freeborn American.
>>
>> Always helps to make your point by bringing up the race card, is that it?
>> Where the hell do peole come up with these ideas?
>????
Oh, FFS, you know _exactly_ what I'm saying, but you're pretending not
to again. You are equating your employer with a slave owner, and yourself
with a slave. Not even close to reality, and you know it. Bringing it up
as you have chosen to do, serves to add nothing but a reactionary
emotionalism to your posts, race-based even.
> ...Rather, what the hell is the idea you're trying to make here?
See above.
>> You are apparently the only one who doesn't see "How do I get around
>> what the school has set up to keep me from doing something" as dishonest.
>
> And you sound like a network missionary: "Hey, y'all can trust us,
> every single one of us. And the fact that we can snoop in your private
> stuff shouldn't bother any one of you, 'cause we just don't _do_ that
> kind of stuff 'round here :-)"
I don't give a rat's ass if you trust me or not. I've said several
times that if you start calling attention to yourself on my network
by doing things that are going to affect the systems I'm responsible
for, I'm very likely to investigate it and stop you in whatever way
is effective to get you to knock it off.
By the way, it's not unusual for potential employers to google for
an applicant's history.
> Sell it somewhere else.
I don't care if you're buying it, I'm telling it how it is. If you
choose not to listen to it, it's _your problem_. But don't tell people
who know more about a topic they're wrong, when you haven't got a clue
about how things work.
>> > Yes, this is a good point (although I would not say that using their
>> > gear--which is not entirely my case, as already explained--is a
>> > prerequisite to the concerns you mention).
>>
>> The fact that it's your laptop doesn't mean a thing.
>
> We disagree about that.
Yes, we do. It's still their network, their IP address, their bandwidth.
Do you not understand what those things are, or how they are not yours
to do with what you like? Do you also make long-distance phone calls
on their phone lines, but justify it by saying "Well, the handset is
my own personal one that I brought in from home, so it's perfectly OK"?
>> Your traffic is
>> still going through their switchgear, and being presented to the world
>> as coming from them.
>> I thought you said you were going to not do any of
>> this, by the way, how come we're back on it again?
> I'm having a hard time understanding your point, or even why you're
> intruding in this sub-thread to make it.
Intruding in? You're posting this in a _discussion group_, and balking
that people are _discussing it_ with you? Perhaps legal and technical
areas aren't the only places where you are clueless.
> The OP stated, paraphrasing, that an organization must care how it is
> represented by its representatives. I agreed, and even extended that
> notion further (it need not involve "gear" for the organization to
> have the exact same concern).
OK, and here comes your "but, that's now how it is". Let's read on
together and see the weaseling, shall we?
> So what are you barking about?
Because you seem not to see how it applies directly to your situation.
> If you can't follow someone else's sub-thread, maybe you should stick
> to your own.
See above.
>> > Again, good points to consider.
>>
>> We've heard that from you before.
>
> Ah, now it's the royal "we", eh? Telling....
There is more than one person reading this "subthread" as you've reminded
me twice just now. You're addressing a group, are you not? If not, again,
why aren't you writing emails? Again, you are intentionally twisting
others' words so you can take them the worst possible way, so you can
feel put out upon. Get over it, you're not that important.
>> > You did not read carefully: I have no applications out.
>>
>> Then why did you bring it up?
>
> Your misreadings are becoming embarrassing. I'll repeat what I've
> already written. Please read slowly so you'll get it this time.
Resorting to personal attack in absence of valid point noted.
> I am offered jobs regularly. Some of those inquiries come via e-mail.
You get unsolicited job offers by email. (they must be unsolicited,
because you just said, a few lines up, "I have no applications out."
A job offer. Job offers. "Hi, we want to pay you $xx,xxx.00 per year
for a job, please sign here and when can you start" job offer.
I doubt it.
> Even though I am not looking, and I am not applying anywhere, I
> consider that correspondence private. Follow so far?
So it's not a job offer, it's an email from a headhunter or prospective
employer to see if you're interested in an interview process which would
lead to a _job offer_. There is no headhunter or employer in the world
(who would be worth working for or worth representing you) that can't
wait until you get home to check your email.
> I was scolded for making job applications on my company's time and
> equipment. I corrected the scolder (this came up in more than one
> sub-thread). I do not send out applications, I receive inquiries and
> offers, and I want them to remain private, as they should.
So read them at home, or read them at work and take your chances.
Very simple.
> If you can't understand why I brought it up--if in fact I can be
> accused of that at all--then your problem exceeds misreading.
See above regarding personal attacks revealing your argument's
inherent flaws.
>> The point he's making, and you're
>> intentionally missing, is that if it's not school business, and you
>> wouldn't be comfortable leaving printed out copies of it on your desk
>> (or bulletin board), don't do it from school. Full stop. Nothing
>> complex here.
> No, that's not exactly his point, nor my objection. The point you are
> missing (I won't pretend to have your omniscience and declare whether
> it's intentional or not) is that I do not have much choice whether
> these offers are sent to me, but I still expect them to remain
> private, as they should be.
SO DON'T READ IT AT WORK!
> Clear it up any?
It's clear, alright.
>> Oh, and please trim out the hundreds of lines of history to the post
>> if you're not gonna address any of it, 'K?
>
> Tell you what, sport, you go find what points I didn't address, and
> I'll address them.
It was in the entire message you left after your semi-top-posted reply.
Right below where I wrote that, before I trimmed it. Down-arrow. Use
it.
On 4 Aug 2004 21:57:40 -0700, Hylourgos <[email protected]> wrote:
> Dave Hinz <[email protected]> wrote in message news:<[email protected]>...
>>
>> Thanks. Now get clear on the concept of who owns the network and how
>> they could fire you for misusing it, and you'll be fine.
>
> I'll try, but you have not yourself addressed who owns the network of
> a school or public organization, so your response is a bit
> disingenuous.
Riiiiiiiight, so now you're going to go into "it's the taxpayer's network
and I'm a taxpayer, so blah blah" rant I bet. Nice try.
> If someone accuses me of misuse and fires me, but is dishonest in
> establishing standards of use, then there's a good chance he will be
> the one who ends up getting fired. That's how public law works.
> Private companies have more leeway to be Orwellian.
You're exactly the sort of person who is going to piss off the wrong
person at some point, and call attention to yourself so they _will_
find an excuse to tell the network admins to snoop on you. I
bet you're a feaking _blast_ to work with (note heavy sarcsm).
>> But if they see you using an anonymizer, or ssh tunneling, or
>> whatever, they may _feel_ it is being used to bypass what they have
>> put in place, and that would be accurate. IF they wanted to, they
>> could present it any way they chose. These aren't the sort of things
>> that by themselves are likely to be a problem, but if someone gets
>> an attitude and wants to "find something" on you, it gives 'em an easy
>> target.
> See, here I feel like you are "telling it like it is." Elsewhere you
> paint a distinctly rosier scene about networkers.
I have not contradicted myself in any way. If I'm ordered to snoop your
port by my boss, I'll do it, and I'll do it well. I'm not gonna do it
on my own, because my job is more important than your petty little
headhunter-sent email exchanges.
> It's the "like it
> is" part that has me concerned. I appreciate your candor, when it
> comes to the fore.
My message is consistant throughout, it's your perception that is tainted.
>> >> For 10 bucks, you can bypass the whole thing by getting a home internet
>> >> account. Heck, you may be able to use it _from_ work by dialing out
>> >> on an outside line right from your classroom.
>>
>> > I could do that, but I hate modem connections. I'll just wait until I
>> > get home to do anything that even hints of unapproved activity. Even
>> > Caesar's computer must be above suspicion nowadays, it seems.
>>
>> Your respones here are not consistant with your responses to Nick.
>
> Nor are your responses consisten with Nick's. So why should my
> differing responses be a surprise?
Because I am not Nick, but you are you, and you change from time to time.
>> There are plenty enough examples of people in my position being fired
>> and/or sued for violating the trust that our job entitles that even
>> those who aren't all that honest, are still very likely not to "go there".
Absence of response, and significance of same, noted.
>> > Me, I'm a Federalist 10/Duc de LaRochefoucault kind of guy.
>>
>> OK, I'm sure that would mean alot to someone who knows who that is.
>> Me, I'm the "jaded and cynical" type.
>
> Read your last two responses. They don't add up.
They most certainly do.
> If you're cynical
> (BTW, that is Fed 10 and Duc de LR to a "T"),
I don't care.
> then you must find it
> hard to believe, as I do, that most networkers can resist checking
> out so-and-so's activities.
You overestimate how interesting you are. Really, you do. I've got
1000 users on my network at any given time. Not only don't I care, but
I _aggressively_ don't care what the hell they're using email for, as long
as it doesn't make my pager go off. But, if they're spewing out virus-
infested email, _then_ I'm gonna find out why. Likewise, I don't care
what they're using their browser to go see, _until_ they do something
that causes my pager to go off or a manager to ask my manager to find out
why they aren't getting any work done or whatever.
You users just aren't that interesting, and you need to get over yourself.
Nobody cares about your job offers, unless they want to for some other
reason.
> It's just human curiosity. I don't fault networkers for trying it
> either, I doubt I could resist.
That's why you're not a network admin. People like you are better
teaching poli-sci or whatever the hell you teach, because you're not the
right kind of person for IT (to put it mildly). It's clear you can't
be trusted, as your entire rant here points out.
> It's like giving a teenage boy some
> mythical sunglasses that will allow him to see under the girls'
> clothing, then telling him not to look. It's just happenstance that at
> this point in history our technology has exceeded our ability to
> enforce our ideals (of privacy).
You are projecting your own personal failings and weaknesses onto others.
I find that quite telling.
> Networkers have a tremendous amount
> of ability to snoop. Sure, some have been caught, but how easy is that
> (to catch a networker snooping)?
News flash: exactly the same way I'd catch you bypassing my filters by using
a rogue proxy server.
> No doubt you can do it with enough
> money to hire the expert (and who's going to watch *him*?), but is it
> reasonable to expect of a school?
Trivial, second year of experience network or sysadmin stuff.
>> > Right, and it get tricky here, ethically and legally.
>>
>> Not at all. Once it starts impacting the hardware my boss pays me
>> to keep from falling over and catching fire, it becomes my business.
>> No fuzzy line, no gray areas, it's "What the hell is happening at IP
>> address xxx.xxx.xxx.xxx that's saturating my switch". At that point,
>> troubleshooting continues until the cause is identified. Like I said,
>> in the past I've done the "Er, hi, please stop doing (thing) because
>> it's making my monitoring stuff get all excited and paging me". Almost
>> always that's been a self-correcting problem, I tell the person it's
>> been noticed and that I know what he's doing (streaming media seems to
>> be a favorite), and that I'd like it to stop. If it did continue, I'd
>> get his streaming media player removed from his system or block the
>> traffic at the switchgear, if he went around that, _then_ we start
>> escalating it to managers. As per policy. No BigBrother about it,
>> it's a clear case of Joe User going around what has been put in
>> place to keep the network healthy.
> The scenario you describe is perfectly reasonable, and I sympathize
> with the difficulties a networker faces such as these. But you
> yourself admit the potentiality of BigBrother networker abusing his
> position: "[not] the sort of things that by themselves are likely to
> be a problem, but if someone [networker] gets an attitude and wants to
> "find something" on you, it gives 'em an easy target."
That would be a network admin doing it because he's ordered to do it,
you keep missing that point.
> I applaud you if you are everything you say a networker does and
> doesn't do. I'm apparently more cynical than you about your peers.
You don't know my peers. We don't care about your traffic, you're just more
load on our network.
>> If a cop breaks into your house without a warrant, they are also
>> doing something not only illegal, but possibly fatal. Not sure how
>> that relates to you putting traffic on my network that isn't supposed
>> to be there.
>
> It relates not to me as user but to you as networker--you are the cop.
> Yet it seems that you can invade what I consider private
Ah, there's that "I don't care that it's their stuff, I'm calling it
mine anyway" attitude.
>> I'm in the field, and you clearly are not. I have direct personal
>> knowledge of two admins who were found doing this, and both of them were
>> fired. Yes, limited sample size and all that, but it's _just_ _not_ _done_.
>> When it's done, it's not tolerated.
>
> My only response is quite simple: I just don't believe this.
That's your choice. Your email isn't worth me getting fired for reading
it, altruism aside, how can that not be blisteringly obviously true?
>> "to do so" being "to monitor everything you do online". Again, caselaw
>> has established this.
> My understanding of the law is that I have some defenses against what
> you envision as a right of employers.
Why don't you go make yourself a test case then, sparky, and tell us
how it goes (from your next employer's internet connection...)
> But, to cut to the chase, this whole thread has convinced me of your
> essential point ("the way things are"), that it's really not in my
> best interests to try to outsneak my networker.
Ya think?
> I'm pretty good at
> what I do. I'm not really interested in trying to become better at
> what he does.
Good. Because that's clearly not gonna happen.
> H,
> banished to his home cable connection.
Gosh, poor you, having to do your non-work network stuff on your own
network.
In article <[email protected]>,
Hylourgos <[email protected]> wrote:
>[email protected] (Robert Bonomi) wrote in message
>news:<[email protected]>...
>> In article <[email protected]>,
>> Hylourgos <[email protected]> wrote:
>> >Old Nick <[email protected]> wrote in message
>> >news:<[email protected]>...
>> >> On 1 Aug 2004 21:36:58 -0700, [email protected] (Hylourgos) vaguely
>> >> proposed a theory
>> >> ......and in reply I say!:
>> >>
>> >> remove ns from my header address to reply via email
>> >>
>> >> On their network, and email connection, they have the right to _do_
>> >> anything they want regarding your usage.
>> >
>> >A legal right? No, that is not correct.
>>
>> To put it politely, _you_ are incorrect.
>>
>> They have the legal right to the complete and utter control of *their*
>> network -- equipment, facilities, _who_ can use it, and *what* they
>> can use it for.
>>
>Really?
Yes, *really*.
> So if in my contract it stipulates that the copyright to all
>my intellectual property remains mine and that it is to remain private
>from all company representatives, are you arguing that this grand
>"legal right" you speak of will trump my contract in a court if I sue
>the networker for snooping in my e-mail and blabbing to an
>administrator about its content, or for passing along a copyrighted
>document on my machine to a friend for fun reading?
Are you _deliberately_ playing the idiot, or does it just come naturally?
Just for starters, _you_ do *NOT* own the copyright on any incoming email
sent to you. *ALL* the 'intellectual property' rights in that message
belong to the author of the message, not to the recipient. So, "No, _you_
=cannot= sue, under the language of your contract as quoted above, for
the 'networker' snooping in your incoming mail, and blabbing to an
administrator about it's content". You don't have the 'standing' to sue
because it is not _your_ intellectual property involved.
Similarly, "No, _you_ cannot sue if the guy passes along a copyrighted
document copied from your machine, that was authored by _someone_else_."
Next, I recommend that you *LEARN*TO*READ*PLAIN*ENGLISH*.
You keep dragging up examples of _other_people_ doing things. Not _your_
use of 'the company/school' resources.
Your IP rights do not give *YOU* any 'rights' to the _use_ of =their= network
resources.
Read the above statement again. Note carefully that it does *NOT* say
*anything* about what 'somebody else' can or cannot do.
The network owner can _choose_ to allow, or prohibit, any activities by
any person as it sees fit. The network operator is *NOT* liable if the
activity that person engages in runs afoul of _some_other_ prohibition.
You have -nothing- for 'rights' that will trump (in your words) their
decision to prohibit _you_ from doing something that they don't want
you to do.
You have *NO*RECOURSE* against the network owner/operator if some other
party engages in an activity that the network owner/operator allows them
to do.
Depending on what that activity was, you _may_ have a cause for action
against that 'some other party'.
>> >> In an organisation, if you are using their gear, you _are_ their rep,
>> >> both internally and externally. If you surf around and are IDd in any
>> >> way, it will probably be under their banner. They care about that. If
>> >> you bring stuff back with you that compromises their system in any
>> >> way, they have a right to do something about that.
>> >
>> >Yes, this is a good point (although I would not say that using their
>> >gear--which is not entirely my case, as already explained--is a
>> >prerequisite to the concerns you mention).
>>
>> 'their gear' includes the wiring, the hubs, the routers, the external
>> connection.
>>
>> If you aren't using _any_ of their gear, then there's no problem.
>>
>> Of course, you won't be accessing the Internet through their facilities,
>> either. <grin>
>
>Yea, it may come to that.
>
>Your caveats are taken, however,
>Regards,
>H
What about using something like PGP for email? I assume a user has to
have admin privileges to install a program, but would PGP stop a sys
engineer from being able to read email??? Just curious.
Mark L.
BTW, for what it's worth, I agree that if you're using your employees pc
on their dime you shouldn't bitch about the lack of privacy re email or
net surfing.
Todd Fatheree wrote:
> "Hylourgos" <[email protected]> wrote in message
> news:[email protected]...
>
>>Can any of you computer gurus answer the following or point me in the
>>right direction to get the answer?:
>>
>>I'm starting a new job at a small school. They have pretty good
>>computer resources and networking (e.g., multiple ethernet connections
>>in all classrooms), but the admin. I've met seems rather suspicious,
>>and I bet that he looks at everyone's online activities
>>
>>Is there a way I can keep my online activities private? I'm no porn
>>surfer, but I don't like the idea that they might be trying to read my
>>e-mail, or that they'd know it if I looked at the wreck during a
>>boring moment.
>>
>>FYI, I use a Mac.
>>
>>Thanks,
>>H
>
>
> I'm a network systems engineer. Basically, if your internet traffic goes
> through my firewall/router, I can look at it if I'm so inclined and there's
> not much you can do about it. Trouble is, generally speaking, I'm really
> not that interested unless you're getting a nice virus/trojan emailed to
> you, which I'll be taking out on its way in. Personally, I don't give a rip
> what people look at during breaks/lunch, as long as it doesn't create work
> for me (see viruses, trojans, spyware). I don't even do any filtering or
> logging of people's web browsing habits. However, IMHO, the computer is
> provided by the school for school business, and you should expect that you
> will not have privacy. By the nature of the way most email systems are set
> up, someone is going to have administrative access to your email, if only to
> be able to back it up. I've also, as part of a legal matter, set up so that
> all email in or out of someone's mailbox was copied to another mailbox. The
> moral of the story is, dont have anything emailed to you at your school
> address that you wouldn't want someone else to see.
>
> todd
>
>
Thanks Todd. I've a couple of follow-up questions.
For surfing, what about using an anonymizer service? Will those thwart
an admin?
For e-mail, can I use some kind of encryption?
Do wireless connections differ in this respect as far as privacy goes?
I will be using my own laptop in the classroom, so I have some
leverage on the privacy issue. I'm mostly concerned that any
negotiations or job offers I get from others remain private.
Incidentally, Mark L, who wrote "I agree that if you're using your
employees pc on their dime you shouldn't bitch about the lack of
privacy re email or net surfing." I don't know with whom you are
agreeing, but I cannot disagree more. It's dishonest employer practice
in most circumstances I've seen, that's my opinion anyway.
Thanks,
H
"Todd Fatheree" <[email protected]> wrote in message news:<[email protected]>...
> "Hylourgos" <[email protected]> wrote in message
> news:[email protected]...
> > Can any of you computer gurus answer the following or point me in the
> > right direction to get the answer?:
> >
> > I'm starting a new job at a small school. They have pretty good
> > computer resources and networking (e.g., multiple ethernet connections
> > in all classrooms), but the admin. I've met seems rather suspicious,
> > and I bet that he looks at everyone's online activities
> >
> > Is there a way I can keep my online activities private? I'm no porn
> > surfer, but I don't like the idea that they might be trying to read my
> > e-mail, or that they'd know it if I looked at the wreck during a
> > boring moment.
> >
> > FYI, I use a Mac.
> >
> > Thanks,
> > H
>
> I'm a network systems engineer. Basically, if your internet traffic goes
> through my firewall/router, I can look at it if I'm so inclined and there's
> not much you can do about it. Trouble is, generally speaking, I'm really
> not that interested unless you're getting a nice virus/trojan emailed to
> you, which I'll be taking out on its way in. Personally, I don't give a rip
> what people look at during breaks/lunch, as long as it doesn't create work
> for me (see viruses, trojans, spyware). I don't even do any filtering or
> logging of people's web browsing habits. However, IMHO, the computer is
> provided by the school for school business, and you should expect that you
> will not have privacy. By the nature of the way most email systems are set
> up, someone is going to have administrative access to your email, if only to
> be able to back it up. I've also, as part of a legal matter, set up so that
> all email in or out of someone's mailbox was copied to another mailbox. The
> moral of the story is, dont have anything emailed to you at your school
> address that you wouldn't want someone else to see.
>
> todd
Dave Hinz <[email protected]> wrote in message news:<[email protected]>...
> On 31 Jul 2004 17:43:01 -0700, Hylourgos <[email protected]> wrote:
> >
> > For surfing, what about using an anonymizer service? Will those thwart
> > an admin?
>
> Quite the opposite, it's a red-flag to say "This guy is trying to
> pull something, keep an eye on him".
I'm not concerned about raising his suspicions, I care only if he can
do something about them.
> > For e-mail, can I use some kind of encryption?
>
> I could swear I answered that, maybe you missed it.
Not in this thread...[I just checked, you did mention PGP in the other
thread, but I don't think I'd read it before responding in this
thread]
<snip info on wireless, thanks>
>
> > I will be using my own laptop in the classroom, so I have some
> > leverage on the privacy issue. I'm mostly concerned that any
> > negotiations or job offers I get from others remain private.
>
> You want to use your _work_ account, not only to conduct personal
> business, but to look for another job? Sounds like a good way to
> _need_ another job. 10 bucks a month gets you a dialup account.
I'm not looking for another job, but I receive offers on a regular
basis, and prefer to keep those conversations private. Do I hesitate
to use a _work_ account for private business? Not usually, as long as
it doesn't interefere with my work. Remember, teaching is not a 9-5
job. Most of my evenings are taken up with school work of one kind or
another. And at private schools you must often give up evenings and
weekends. We're entitled to some leeway. Standard business practices
differ for obvious reasons.
> > Incidentally, Mark L, who wrote "I agree that if you're using your
> > employees pc on their dime you shouldn't bitch about the lack of
> > privacy re email or net surfing."
>
> It's their network, their bandwidth, and if you're in the US, it has
> long been found to be within their rights. They can listen in on
> your personal phone calls too, by the way. Don't like it? Don't
> do it, or get the law changed.
Phone calls are still normally protected by law, unless the employee
gives consent. And the fact that they own property you use does not
give them absolute rights beyond that property. My intellectual
property is also involved, and court decisions constantly undulate
between those shared property rights. But I understand your pragmatic
approach, and appreciate the advice.
I feel for the worker who has to give in to a Big Brother type corp.
and give up so many privileges. I am not in that position. I am
coveted, as far as school administrators go, and can make reasonable
demands, but network admins are another ballgame altogether, I'm just
trying to protect my privacy from *them*.
I have yet to feel hindered by the law in this regard, but if I have
to work to see a law changed it won't be the first time.
> > I don't know with whom you are
> > agreeing, but I cannot disagree more. It's dishonest employer practice
> > in most circumstances I've seen, that's my opinion anyway.
> >
> "dishonest" implies that they hide it, which they clearly do not, or
> your question wouldn't have been asked in the first place.
>
Dishonesty does not, by necessity, imply hiding in the sense you use
it here--at least in any of the standard philosophical tracts on
ethics I've read. Although I suppose you could argue that an
institution of the liberal arts that does not extend minimal privilege
and trust to its teachers is "hiding" a pusillanimous suspicion, if
they do not openly admit it. (I don't think that's what you meant.).
Clearly, hiding is not a necessity for dishonesty: think how many
immoral and illegals acts you are capable of--in fact many have
done--being perfectly straightforward and open.
Dishonesty here is simply duplicity, pretending to be a humane
institution while neglecting something like a "do unto others"
standard. Privacy is a good thing: if you expect it, you'd better give
it. School administrators understand that when I tell them, but
network admins are given extraordinary power in having access to
normally private information. I want to ensure that they don't misuse
it on me.
> Their network, their rules. Don't like it? Don't use it.
Your caveat is well taken. But it is no more *their* network than it
is mine. And who guards the guardians?
H.
Old Nick <[email protected]> wrote in message news:<[email protected]>...
> On 1 Aug 2004 21:36:58 -0700, [email protected] (Hylourgos) vaguely
> proposed a theory
> ......and in reply I say!:
>
> remove ns from my header address to reply via email
>
> On their network, and email connection, they have the right to _do_
> anything they want regarding your usage.
A legal right? No, that is not correct.
<snip>
>
> You talk of honesty, and yet you are hungrily asking for ways to
> secretly circumvent their finding out about what you do as their
> representative, on their equipt, and probably in their time on their
> pay to you. You begin to sound like exactly the sort of trouble they
> are hunting for.
Sorry, you are mistaking me for Kunta Kinte. I, on the other hand, am
a freeborn American. What have I indicated I would do that seems
dishonest to you? You write as if you are quite sure on this, so I'm
curious what you have in mind....
>
> In an organisation, if you are using their gear, you _are_ their rep,
> both internally and externally. If you surf around and are IDd in any
> way, it will probably be under their banner. They care about that. If
> you bring stuff back with you that compromises their system in any
> way, they have a right to do something about that.
Yes, this is a good point (although I would not say that using their
gear--which is not entirely my case, as already explained--is a
prerequisite to the concerns you mention).
>
> In many organisations with serious, large networks and big reps or
> sensitive data, they simply will not allow anything except approved
> address, non-encrypted attachments and messages etc.
>
> While you can swear black is blue you will not be "dishonest", the
> same cannot be said for everybody (believe me!) and there is always
> the chance that you will make a mistake. There is no way they know
> what is what without putting out blanket policies.
>
Again, good points to consider.
> If you are concerned that your applications for other jobs will be
> used against you unfairly, then face up to the people concerned about
> it. If you are simply trying to hide your activities, then it's your
> problem. Leave the applications at home.
You did not read carefully: I have no applications out.
Thanks for the thoughts,
H
>
> >Dave Hinz <[email protected]> wrote in message news:<[email protected]>...
> >> On 31 Jul 2004 17:43:01 -0700, Hylourgos <[email protected]> wrote:
> >> >
> >> > For surfing, what about using an anonymizer service? Will those thwart
> >> > an admin?
> >>
> >> Quite the opposite, it's a red-flag to say "This guy is trying to
> >> pull something, keep an eye on him".
> >
> >I'm not concerned about raising his suspicions, I care only if he can
> >do something about them.
> >
> >> > For e-mail, can I use some kind of encryption?
> >>
> >> I could swear I answered that, maybe you missed it.
> >
> >Not in this thread...[I just checked, you did mention PGP in the other
> >thread, but I don't think I'd read it before responding in this
> >thread]
> >
> ><snip info on wireless, thanks>
> >>
> >> > I will be using my own laptop in the classroom, so I have some
> >> > leverage on the privacy issue. I'm mostly concerned that any
> >> > negotiations or job offers I get from others remain private.
> >>
> >> You want to use your _work_ account, not only to conduct personal
> >> business, but to look for another job? Sounds like a good way to
> >> _need_ another job. 10 bucks a month gets you a dialup account.
> >
> >I'm not looking for another job, but I receive offers on a regular
> >basis, and prefer to keep those conversations private. Do I hesitate
> >to use a _work_ account for private business? Not usually, as long as
> >it doesn't interefere with my work. Remember, teaching is not a 9-5
> >job. Most of my evenings are taken up with school work of one kind or
> >another. And at private schools you must often give up evenings and
> >weekends. We're entitled to some leeway. Standard business practices
> >differ for obvious reasons.
> >
> >> > Incidentally, Mark L, who wrote "I agree that if you're using your
> >> > employees pc on their dime you shouldn't bitch about the lack of
> >> > privacy re email or net surfing."
> >>
> >> It's their network, their bandwidth, and if you're in the US, it has
> >> long been found to be within their rights. They can listen in on
> >> your personal phone calls too, by the way. Don't like it? Don't
> >> do it, or get the law changed.
> >
> >Phone calls are still normally protected by law, unless the employee
> >gives consent. And the fact that they own property you use does not
> >give them absolute rights beyond that property. My intellectual
> >property is also involved, and court decisions constantly undulate
> >between those shared property rights. But I understand your pragmatic
> >approach, and appreciate the advice.
> >
> >I feel for the worker who has to give in to a Big Brother type corp.
> >and give up so many privileges. I am not in that position. I am
> >coveted, as far as school administrators go, and can make reasonable
> >demands, but network admins are another ballgame altogether, I'm just
> >trying to protect my privacy from *them*.
> >
> >I have yet to feel hindered by the law in this regard, but if I have
> >to work to see a law changed it won't be the first time.
> >
> >> > I don't know with whom you are
> >> > agreeing, but I cannot disagree more. It's dishonest employer practice
> >> > in most circumstances I've seen, that's my opinion anyway.
> >> >
> >> "dishonest" implies that they hide it, which they clearly do not, or
> >> your question wouldn't have been asked in the first place.
> >>
> >Dishonesty does not, by necessity, imply hiding in the sense you use
> >it here--at least in any of the standard philosophical tracts on
> >ethics I've read. Although I suppose you could argue that an
> >institution of the liberal arts that does not extend minimal privilege
> >and trust to its teachers is "hiding" a pusillanimous suspicion, if
> >they do not openly admit it. (I don't think that's what you meant.).
> >Clearly, hiding is not a necessity for dishonesty: think how many
> >immoral and illegals acts you are capable of--in fact many have
> >done--being perfectly straightforward and open.
> >
> >Dishonesty here is simply duplicity, pretending to be a humane
> >institution while neglecting something like a "do unto others"
> >standard. Privacy is a good thing: if you expect it, you'd better give
> >it. School administrators understand that when I tell them, but
> >network admins are given extraordinary power in having access to
> >normally private information. I want to ensure that they don't misuse
> >it on me.
> >
> >> Their network, their rules. Don't like it? Don't use it.
> >
> >Your caveat is well taken. But it is no more *their* network than it
> >is mine. And who guards the guardians?
> >
> >H.
>
> *****************************************************
> It's not the milk and honey we hate. It's having it
> rammed down our throats.
"J. Clarke" <[email protected]> wrote in message news:<[email protected]>...
<snip>
> Then don't give out your work email address to prospective employers.
>
I don't. But it's not hard to find, and I'm listed in several
professional indices. They contact me based on reputation, they know
where I work, it's not exactly rocket science to get my e-mail addy.
> And it's my experience that nobody sends out unsolicited job offers without
> at least a phone interview first.
That is clearly not my experience.
>
<snip>
> Are you or are you not the school administrator? If you are then you should
> outrank the network administrators.
>
I think I made this clear already. Re-read the post if you need to.
Would I outrank a network admin? Who knows. Generally, my impression
is that most school administrators value a decent network admin. more
than a decent teacher. But a great teacher vs a mediocre network
admin? Then it's more dicey, the latter ought to watch his step around
the former.
Thanks for your comments,
H.
Dave, I have especially enjoyed your comments, which are obviously the
product not merely of relevant experience, but a good analyticaly mind
(and good sense of humor).
Dave Hinz <[email protected]> wrote in message news:<[email protected]>...
> On 1 Aug 2004 21:36:58 -0700, Hylourgos <[email protected]> wrote:
> > Dave Hinz <[email protected]> wrote in message news:<[email protected]>...
>
<snip>
> Nope, I didn't mention PGP. I said that if you're using a webmail
> that's https:// they will see you're going to a webmail server, but not
> be able to read the traffic without getting creative. If you're using
> a webmail that connects with https://, you might as well print everything
> and leave it laying on your desk, because it's that trivial to read.
>
Should one of those (the latter?) read http:// ?
<snip>
> You should find out what your school's acceptable internet usage policy
> is. Then, you can decide if and how you choose to violate it. Maybe
> they really don't care as long as you don't, as another admin put it,
> make more work for them. Over the years, I've run into a few "problem
> users", the ones who noise up my network, or are continually trying to
> find ways around the security I have built. For most of 'em, a "Hey,
> stop doing (thing) please, because it makes my monitoring stuff go
> nuts, OK?" was sufficient. But, I've also had the boss's boss call me
> into his office for the "We need to know what (person) is doing, web,
> email, everything" chat, and (person) was soon no longer working there.
>
I don't really want to subvert any well-intended security that our
network has built for the purpose of protecting the network. I don't
think I've ever done anything that remotely threatened the security of
a network I've used. I just want to protect my own privacy.
Since I'm new at this school, I'm not really sure what the network
admin is like, but I'll be sure to try to get to know him--that won't
hurt regardless his snooping habits. In the meantime, I'd like to know
just what and how well I can protect myself. You have answered that to
my satisfaction, even though the answer was not optimistic.
> For 10 bucks, you can bypass the whole thing by getting a home internet
> account. Heck, you may be able to use it _from_ work by dialing out
> on an outside line right from your classroom.
I could do that, but I hate modem connections. I'll just wait until I
get home to do anything that even hints of unapproved activity. Even
Caesar's computer must be above suspicion nowadays, it seems.
>
<snip>
> > Phone calls are still normally protected by law, unless the employee
> > gives consent.
>
> Check your employment agreeemnt, you may have done so.
>
I have not. I have in the past excised that clause from the terms of
my contract.
<snip>
> > I feel for the worker who has to give in to a Big Brother type corp.
> > and give up so many privileges.
>
> From my perspective, it's not about "Big Brother", it's about keeping
> crap from getting into the network. Obviously a Mac presents exactly
> zero threat of virus, trojan, or other infestation, so that's not a
> problem. However, I'm also responsible when the "network is slow"
> so I have to keep an eye on it to make sure people aren't watching
> streaming video from whatever sports site on bandwidth that isn't
> cheap, and so on.
>
Yes, there's always the other perspective, which has concerns just as
valid as mine. I want my school's network admin to be vigilant, just
as you must be. But I don't know how to protect myself should he be
just as vigilant about snooping into my private affairs. Seems there's
little I can do about it at this point in time.
> > I am not in that position. I am
> > coveted, as far as school administrators go, and can make reasonable
> > demands, but network admins are another ballgame altogether, I'm just
> > trying to protect my privacy from *them*.
>
> Ethically, if they're snooping and don't have a damn good, work-related
> reason for it, they can and should be fired. You don't read a user's
> email just because you can, you don't snoop their traffic just because
> you want to get dirt on 'em.
You enjoin me to accept things as they are below, and I must return
the favor at this point. You're right, of course, in the first
sentence above. The problem is that very few administrators have the
ability or inclination to discover a networker's transgression.
Regarding the second sentence, you must have a bright outlook on human
nature if you believe that. Me, I'm a Federalist 10/Duc de
LaRochefoucault kind of guy.
> But, if it's "Wow, that port is taking
> a whole shitload of traffic, what kind of traffic is it", then it's
> certainly reasonable to expect that if it attracts attention, it
> might get investigated.
Right, and it get tricky here, ethically and legally. A networker has
such wide-ranging power and the to abuse that power in virtual
privacy. Compare him to a police officer and search warrants, and
you'll get what I mean.
But as you observe, that's how it is.
<snip digression on ethical philosophy>
> This is where I'm going to excuse myself from the conversation,
> because (a) I really don't care, and (b) can't be bothered. The
> situation is what it is, and that's what you need to either
> decide to live with, or circumvent, the conditions that exist.
Ah, but you do care, you have been bothered, and thank you for the
insights.
>
> >> Their network, their rules. Don't like it? Don't use it.
> >
> > Your caveat is well taken. But it is no more *their* network than it
> > is mine. And who guards the guardians?
>
> Well, any admin who abuses their access should, and will, get fired.
Should? Yes. Will? Rarely. Fewer than 1 in 1000 abusers get nailed on
this one, I would venture to bet.
> Employers, right now, have the right to order them to do so,
"so" being "to get fired"? (sorry, I'm not sure what you meant here)
<snip>
Thanks again, I shall take your advice.
H
Robert,
You have delivered quite the indignant tirade, which I hope indicates
that this topic has touched some nerve in you originating outside this
thread. Otherwise, all the puffery seems out of place....
[email protected] (Robert Bonomi) wrote in message news:<[email protected]>...
<snip>
> All email to a work account is the property of the *employer*. They
> can read it, filter it, store it (permanently!), etc. *without* so
> much as a 'by your leave'. This has been litigated, more than once,
> And the law _is_ clear.
The fact that such litigation continues at an increasing pace should
be evidence to you that the law has not settled on this score. Your
blanket statements here amount to little, and they ignore contract
law. My contract, about which you know nothing, does not allow my
employers to circumvent my privacy or the integrity of my intellectual
property, including phone and digital communications.
>
> If the school in question is a public school, _any_ of your emails are
> subject to a FOIA demand.
A good point.
> If it's a private institution, they can still be compelled to produce
> any/all such mail, as part of 'discovery' in a legal action.
>
They can be ordered to do so, they cannot be compelled, not really, or
at least not easily.
<snip>
> >Phone calls are still normally protected by law, unless the employee
> >gives consent.
>
> NOT TRUE! I've been in discussions on that *very* point in an actual legal
> discussion group -- where I held the opinion that the employee _did_ have
> to give consent, and had the contrary facts (complete with case cites)
> rammed down my throat.
>
Wow, a legal discussion group, eh?--and an actual one at that. Not
sure I'd brag about that as an authority, but you go girl.
And despite my inner rational person warning me not to, I'll bite:
cite the cases, we'll see if I can trump them (BTW, that's how it's
done in the real [legal] world).
> In the U.S., phone calls _at_work_, on work phones, are *NOT* protected to
> any significant extent against listening in _by_the_employer_, or a 'agent'
> of the employer. A pay phone, that happens to be located at the place of
> employment, is a different matter.
That phrase "significant extent" is rather leading. Just what is the
"extent" as you and your group understand it? And I hate to intrude on
the authority of a legal discussion group, but do you think contract
law might affect such rights?
>
> > And the fact that they own property you use does not
> >give them absolute rights beyond that property. My intellectual
> >property is also involved,
>
> You are spouting bullsh*t.
>
Ah, yes. Please tell me that you have a law degree, and that your
practice specializes in communications or privacy law. Otherwise,
well, I guess we'll know who's spouting what....
I will disclose that I am not a lawyer. My legal experience, however,
is probably enough in a few areas to know if someone else knows what
he's talking about.
The alarms are ringing.
> The network, the equipment used to connect to the outside world, etc.
> are *their* property. THEY pay for it.
>
You noted above a distinction between public and private, I'll return
the favor: who exactly owns a public school?
A) School administrators
B) Networkers
C) Some NGer spouting BS on the web
D) Taxpayers/citizens
If you gave the correct answer, D, then you are now free to understand
that public school policy on such matters is susceptible to the
pressures of the owners. That's me. And you. And many others. Not
THEY. WE. Welcome.
> They have the absolute right to dictate how, and for what purposes
> their employees may use _their_ resources.
>
For someone with the experience of a legal discussion group, you bandy
the term "absolute" cavalierly. I would say, on the contrary, that you
are absolutely wrong about their absolute rights. Ownership in very
few things grants absolute rights over usufruct or other competing
property rights.
> Your 'intellectual property' gives you *NOTHING* with regard to the use
> of _their_ facilities.
Ah, back to the spouting.... And your source for this belief about
intellectual property rights? (No doubt you, or better yet your
discussion group, specialize in intellectual property rights, and this
area of the law is to you also "clear".)
OK, I have a short quiz for you: I have a copyrighted document--or
even, say, a copyrighted song--that is, illegally I say, disseminated
on their network. Do they have the right to ignore my complaint? Do I
have NO legal recourse with regard to the use of their facilities?
Think twice....
<snip>
> You have *no* "rights" to their equipment/property.
Assuming, as I know you must be, that said property is not public and
I am not a citizen. Right?
> In fact, there are
> *no* "rights" on the Internet, _none_whatsoever_. The only thing that
> exists is 'privileges'. Either extended as a courtesy, or as part of
> a contractual agreement.
>
??????? Is this a riddle?
<snip>
> The law says "their property, their rules." Trust me, you _don't_ want
> to see that changed.
>
Hmm...perhaps not, but I'd have to know more about who the "they" is
(of "their").
<snip>
> >Your caveat is well taken. But it is no more *their* network than it
> >is mine.
>
> Ignoramus.
>
> Who owns the in-building network wiring?
> Who owns the in-building networking equipment?
> Who pays for the connection to the outside world?
>
> Yes, it *IS* 'their' network. They being the company/school/etc.
> And the admins are the 'delegated agent' of the owners..
>
> If the owners trust those admins to do the job the way the owners want
> it done, then _your_ opinion simply doesn't count/matter.
>
> If you don't like it. don't use _their_ network.
>
Sort of makes for a more interesting connundrum when you realize that
we, not they, own all that stuff in a public school, doesn't it?
...also makes for an interesting reconsideration of the word
"ignoramus".
> > And who guards the guardians?
>
> 'Who guards the guardians?' is not *your* concern.
Let's just say I'm glad you don't get to decide this.
<snip>
>
> Don't like it? Tough. Welcome to the 'real world'.
Then let's also say I'm glad that you are not representative of the
"real world", only one small insignificant legal discussion group.
BTW, what was that, 1L, Parumph community college, what?
Public ownershiply yours,
H
"NoOne N Particular" <[email protected]> wrote in message news:<[email protected]>...
> > >
> > >Phone calls are still normally protected by law, unless the employee
> > >gives consent.
> >
> > NOT TRUE! I've been in discussions on that *very* point in an actual
> legal
> > discussion group <snip blah blah>
> I agree with the response above. If you think about it, there isn't any
> significant difference between a data network and a voice network.
<snip>
> ...I am
> just pointing out that it doesn't really matter if the data originates in
> your pc or in your mouth.
That's the way I see it.
>
<snip example of employer snooping>
> It was all legal and the network and telephone policy statements said
> so.
Change that first "and" to a "because", and make the statement
inclusive of an agreement and you're right, of course.
...which is why I exised that part out of a recent employee contract
during negotiations.
<snip>
> If you are using company (school?) resources, they can do practically
> anything.
No, they can't not without your permission.
H,
...beginning to wonder if anyone here doesn't talk groupspeak.
Dave Hinz <[email protected]> wrote in message news:<[email protected]>...
> On 4 Aug 2004 13:47:24 GMT, Ed Clarke <[email protected]> wrote:
>
> > I would suggest that you
> > do a google on "BOFH" before you try to get clever with the system
> > admins...
>
> Ouch, I'm not sure pointing him to that is a good idea. He seems
> the type that will take it as gospel rather than recognizing it as
> a parody of what we'd be like if (a) we could get away with it,
> and (b) our actions doing such didn't have real world implications.
>
> Fun to read, don't get me wrong, but he seems the type to take it
> for real.
Oh, I get it, the ability to snoop around in your network at people's
private stuff is not enough for you, so now you're going to scold
someone for suggesting reading material?
You were right not to want to get into the philosophical angles, you
have some bad (mis-)reading habits. Consider exercising the same
aversion to pop-psych, would you?
Amused,
H
Hi Ed, thanks for the response.
Ed Clarke <[email protected]> wrote in message news:<[email protected]>...
> In article <[email protected]>, Hylourgos wrote:
>
> > For surfing, what about using an anonymizer service? Will those thwart
> > an admin?
> No.
>
> > For e-mail, can I use some kind of encryption?
> Yes.
>
> > Do wireless connections differ in this respect as far as privacy goes?
> No.
>
> > I will be using my own laptop in the classroom, so I have some
> > leverage on the privacy issue. I'm mostly concerned that any
> > negotiations or job offers I get from others remain private.
>
> Put them elsewhere on a server that supports IMAPS (the S is important)
> or POP3S (likewise).
>
> > Incidentally, Mark L, who wrote "I agree that if you're using your
> > employees pc on their dime you shouldn't bitch about the lack of
> > privacy re email or net surfing." I don't know with whom you are
> > agreeing, but I cannot disagree more. It's dishonest employer practice
> > in most circumstances I've seen, that's my opinion anyway.
>
> No, it is not. Suppose you start up a website on their machine that
> specializes in necrophilia? Can you see the headlines? Will it be
> "Wierdo puts up awful website", or "Texas A&M Dead People Sex Site!!!"
> (I hate T-A&M for creating that crime against nature, the TAM Jalapeno).
>
> Or suppose you start posting to alt.sex.pre-teens from a work machine?
>
> Or pass around drug/sex/terrorist email on a work machine?
>
Yeah, I've already recanted on that one. The other perspective (the
organization who sponsors the network) has its own concerns, legally.
However, network abuse is still something I hear about commonly, so in
those cases there is some dishonesty involved.
And regardless the legal status (which changes almost daily on
communications issues), I still think it's generally dishonest for
employers to spy or even be able to spy on their employees. The moral
and the legal are not alway the same.
> The courts have determined that you have no right of privacy on a work
> supplied machine OR INTERNET CONNECTION.
That is not entirely true, as I have pointed out. Contract law is not
superseded by the principle you speak of (and on the internet so far,
lack of privacy is simply a matter of fact rather than a court
determination, no?). Moreover, I am convinced that some of these early
decisions will be overturned.
You can use PGP/GPG to
> encrypt email, but the fact that you do can be detected. They can
> ask you to stop, or fire you if you don't. I would suggest that you
> do a google on "BOFH" before you try to get clever with the system
> admins...
Thanks, that was good for a laugh.
Later,
H
Wow JC, that's awfully clever. You sure did get me. But since you
don't know the answers, why do you bother pretending you do?
H, happy to have this comic interlude
"J. Clarke" <[email protected]> wrote in message news:<[email protected]>...
> Since you already know all the answers, why did you ask the question?
>
> <H. trying to show everyone how smart he is snipped>
Dave Hinz <[email protected]> wrote in message news:<[email protected]>...
> On 3 Aug 2004 19:45:09 -0700, Hylourgos <[email protected]> wrote:
> > Robert,
> >
> > You have delivered quite the indignant tirade, which I hope indicates
> > that this topic has touched some nerve in you originating outside this
> > thread. Otherwise, all the puffery seems out of place....
>
> Actually, Robert is speaking the truth and you don't like the answers.
For one who doesn't care to engage in philosophy, you're free and easy
with talking about things like the truth.
And Robert is simply wrong, legally.
> Your tone is amazingly inconsistant from one message to another,
If you should take all my posts in this thread out of the context of
each sub-thread, as you have apparently done, and evaluate them, you
would indeed find a wide range of tones or even personae, which you
label inconsistency.
Would you have me believe that you talk to different people in
different situations with the same tone and persona? I've never met
such a person.
What I didn't like about Robert's message, which has nothing to do
with you, were things like: name calling ("Ignoramus"), aggrandizement
(pretending to be some big legal expert on the basis, apparently, of
participation in a discussion group), and general insults ("you're
spouting bullshit!). I had been civil, I had not deserved the first
and third, so I dished some back. But again, that has nothing to do
with you.
> and
> makes me wonder why I'm bothering.
Me too. Why bother getting involved in this sub-thread?
Curiouser,
H
Old Nick <[email protected]> wrote in message news:<[email protected]>...
> On 3 Aug 2004 17:12:04 -0700, [email protected] (Hylourgos) vaguely
> proposed a theory
> ......and in reply I say!:
>
> remove ns from my header address to reply via email
>
> >Old Nick <[email protected]> wrote in message news:<[email protected]>...
> >> On 1 Aug 2004 21:36:58 -0700, [email protected] (Hylourgos) vaguely
> >> proposed a theory
> >> ......and in reply I say!:
> >>
> >> remove ns from my header address to reply via email
> >>
> >> On their network, and email connection, they have the right to _do_
> >> anything they want regarding your usage.
> >
> >A legal right? No, that is not correct.
>
> OK. So try it and challenge them!
Try what, exactly?
> >
> ><snip>
> >>
> >> You talk of honesty, and yet you are hungrily asking for ways to
> >> secretly circumvent their finding out about what you do as their
> >> representative, on their equipt, and probably in their time on their
> >> pay to you. You begin to sound like exactly the sort of trouble they
> >> are hunting for.
> >
> >Sorry, you are mistaking me for Kunta Kinte.
>
> Sounds a bit rude. Who?
>
A slave from the TV series "Roots". The way you describe how you
imagine my (or Joe Worker in America) legal status vis a vis an
employer rings like slavery to me. I just don't subscribe to that
vision of American citizenship. The reference was not meant to be
rude.
> >I, on the other hand, am
> >a freeborn American.
>
> and what?....
>
> >What have I indicated I would do that seems
> >dishonest to you? You write as if you are quite sure on this, so I'm
> >curious what you have in mind....
>
> You are trying to ways to secretly circumvent their finding out about
> what you do as their representative, on their equipt, and probably in
> their time on their pay to you.
I'm not sure how secret I can be on a public NG, but even granting
that...you again take it out of context. I am assuming the possibility
of a dishonest networker who feels free to snoop my stuff. In my
personal moral code, if someone does me wrong male fide, then I am
under no obligation to deal with them bona fide.
>
> >> If you are concerned that your applications for other jobs will be
> >> used against you unfairly, then face up to the people concerned about
> >> it. If you are simply trying to hide your activities, then it's your
> >> problem. Leave the applications at home.
> >
> >You did not read carefully: I have no applications out.
>
> YOU read carefully. Where did I say you had any applications?
Well, it still sitting right there above. I'll cut/paste to make it
easier: "If you are concerned that your applications for other
jobs...". That wasn't you?
>
> Bye. You have heard a lot. As I said in another post, I am glad to see
> you extracted the right attitude from it all.
I am indeed grateful for the information I've gotten in this exchange.
Thanks again,
H
> *****************************************************
> It's not the milk and honey we hate. It's having it
> rammed down our throats.
Dave Hinz <[email protected]> wrote in message news:<[email protected]>...
> On 3 Aug 2004 17:12:04 -0700, Hylourgos <[email protected]> wrote:
> > Old Nick <[email protected]> wrote in message news:<[email protected]>...
> >>
> >> On their network, and email connection, they have the right to _do_
> >> anything they want regarding your usage.
> >
> > A legal right? No, that is not correct.
>
> Er, yes it is. Someone else here offered to cite chapter and verse,
> why don't you take them up on that offer and educate yourself, rather
> than pissing in the wind on something you are decidedly and demonstrably
> wrong about.
Er, no it is not. That "someone" (Robert) claimed to have been in a
(gasp!) discussion group wherein others bombarded him with case
citations. He never offered "to cite chapter and verse", although I
invited him to cite the cases they threw at him. You have the
"offerer" and the "taker upper" reversed. He may at some point take me
up and cite those cases, at which point I may cite opposing cases.
That's how it's done in a real court. Your (and several participants
in this thread) idea of how the law works astounds me.
You are the one who has demonstrated exactly zilch on the legal
arguments.
No one has yet commented on my objection that contracts are cabable of
protecting one's privacy even in the scenarios you present as very
1984-ish for the end computer user. What, cat got your tongue?
And contract law is just one way for the private user to address the
legal problem. There are other avenues.
>
> >> You talk of honesty, and yet you are hungrily asking for ways to
> >> secretly circumvent their finding out about what you do as their
> >> representative, on their equipt, and probably in their time on their
> >> pay to you. You begin to sound like exactly the sort of trouble they
> >> are hunting for.
> >
> > Sorry, you are mistaking me for Kunta Kinte. I, on the other hand, am
> > a freeborn American.
>
> Always helps to make your point by bringing up the race card, is that it?
> Where the hell do peole come up with these ideas?
????
...Rather, what the hell is the idea you're trying to make here?
>
> > What have I indicated I would do that seems
> > dishonest to you? You write as if you are quite sure on this, so I'm
> > curious what you have in mind....
>
> You are apparently the only one who doesn't see "How do I get around
> what the school has set up to keep me from doing something" as dishonest.
And you sound like a network missionary: "Hey, y'all can trust us,
every single one of us. And the fact that we can snoop in your private
stuff shouldn't bother any one of you, 'cause we just don't _do_ that
kind of stuff 'round here :-)"
Sell it somewhere else.
>
> >> In an organisation, if you are using their gear, you _are_ their rep,
> >> both internally and externally. If you surf around and are IDd in any
> >> way, it will probably be under their banner. They care about that. If
> >> you bring stuff back with you that compromises their system in any
> >> way, they have a right to do something about that.
>
> > Yes, this is a good point (although I would not say that using their
> > gear--which is not entirely my case, as already explained--is a
> > prerequisite to the concerns you mention).
>
> The fact that it's your laptop doesn't mean a thing.
We disagree about that.
> Your traffic is
> still going through their switchgear, and being presented to the world
> as coming from them.
> I thought you said you were going to not do any of
> this, by the way, how come we're back on it again?
I'm having a hard time understanding your point, or even why you're
intruding in this sub-thread to make it.
The OP stated, paraphrasing, that an organization must care how it is
represented by its representatives. I agreed, and even extended that
notion further (it need not involve "gear" for the organization to
have the exact same concern).
So what are you barking about?
If you can't follow someone else's sub-thread, maybe you should stick
to your own.
>
> >> While you can swear black is blue you will not be "dishonest", the
> >> same cannot be said for everybody (believe me!) and there is always
> >> the chance that you will make a mistake. There is no way they know
> >> what is what without putting out blanket policies.
> >>
> > Again, good points to consider.
>
> We've heard that from you before.
Ah, now it's the royal "we", eh? Telling....
>
> >> If you are concerned that your applications for other jobs will be
> >> used against you unfairly, then face up to the people concerned about
> >> it. If you are simply trying to hide your activities, then it's your
> >> problem. Leave the applications at home.
> >
> > You did not read carefully: I have no applications out.
>
> Then why did you bring it up?
Your misreadings are becoming embarrassing. I'll repeat what I've
already written. Please read slowly so you'll get it this time.
I am offered jobs regularly. Some of those inquiries come via e-mail.
Even though I am not looking, and I am not applying anywhere, I
consider that correspondence private. Follow so far?
I was scolded for making job applications on my company's time and
equipment. I corrected the scolder (this came up in more than one
sub-thread). I do not send out applications, I receive inquiries and
offers, and I want them to remain private, as they should.
If you can't understand why I brought it up--if in fact I can be
accused of that at all--then your problem exceeds misreading.
> The point he's making, and you're
> intentionally missing, is that if it's not school business, and you
> wouldn't be comfortable leaving printed out copies of it on your desk
> (or bulletin board), don't do it from school. Full stop. Nothing
> complex here.
No, that's not exactly his point, nor my objection. The point you are
missing (I won't pretend to have your omniscience and declare whether
it's intentional or not) is that I do not have much choice whether
these offers are sent to me, but I still expect them to remain
private, as they should be.
Clear it up any?
>
> Oh, and please trim out the hundreds of lines of history to the post
> if you're not gonna address any of it, 'K?
Tell you what, sport, you go find what points I didn't address, and
I'll address them.
H.
[email protected] (Robert Bonomi) wrote in message news:<[email protected]>...
> In article <[email protected]>,
> Hylourgos <[email protected]> wrote:
> >Old Nick <[email protected]> wrote in message
> >news:<[email protected]>...
> >> On 1 Aug 2004 21:36:58 -0700, [email protected] (Hylourgos) vaguely
> >> proposed a theory
> >> ......and in reply I say!:
> >>
> >> remove ns from my header address to reply via email
> >>
> >> On their network, and email connection, they have the right to _do_
> >> anything they want regarding your usage.
> >
> >A legal right? No, that is not correct.
>
> To put it politely, _you_ are incorrect.
>
> They have the legal right to the complete and utter control of *their*
> network -- equipment, facilities, _who_ can use it, and *what* they
> can use it for.
>
Really? So if in my contract it stipulates that the copyright to all
my intellectual property remains mine and that it is to remain private
from all company representatives, are you arguing that this grand
"legal right" you speak of will trump my contract in a court if I sue
the networker for snooping in my e-mail and blabbing to an
administrator about its content, or for passing along a copyrighted
document on my machine to a friend for fun reading?
> >> In an organisation, if you are using their gear, you _are_ their rep,
> >> both internally and externally. If you surf around and are IDd in any
> >> way, it will probably be under their banner. They care about that. If
> >> you bring stuff back with you that compromises their system in any
> >> way, they have a right to do something about that.
> >
> >Yes, this is a good point (although I would not say that using their
> >gear--which is not entirely my case, as already explained--is a
> >prerequisite to the concerns you mention).
>
> 'their gear' includes the wiring, the hubs, the routers, the external
> connection.
>
> If you aren't using _any_ of their gear, then there's no problem.
>
> Of course, you won't be accessing the Internet through their facilities,
> either. <grin>
Yea, it may come to that.
Your caveats are taken, however,
Regards,
H
"J. Clarke" <[email protected]> wrote in message news:<[email protected]>...
> Hylourgos wrote:
>
> > "J. Clarke" <[email protected]> wrote in message
> > news:<[email protected]>... <snip>
> >
> >> Then don't give out your work email address to prospective employers.
> >>
> > I don't. But it's not hard to find, and I'm listed in several
> > professional indices. They contact me based on reputation, they know
> > where I work, it's not exactly rocket science to get my e-mail addy.
> >
> >> And it's my experience that nobody sends out unsolicited job offers
> >> without at least a phone interview first.
> >
> > That is clearly not my experience.
> >
> >>
> > <snip>
> >
> >> Are you or are you not the school administrator? If you are then you
> >> should outrank the network administrators.
> >>
> > I think I made this clear already. Re-read the post if you need to.
> >
> > Would I outrank a network admin? Who knows.
>
> If you're the school administrator you damned well _better_ know who your
> subordinates are.
>
You didn't make clear if you understood whether *I* am an
administrator or not, so I'm not clear now whether you're using the
general or the specific "you're", and my response might differ for
each.
I'm also unsure about your ideas about hierarchies. I'm getting the
impression that you subscribe only to a vertically linear hierarchy in
your comments. This is not the military we're talking about here (nor
is that vertically linear anyway). A school principle, say, may look
at a networker in one scenario as subordinate in value (I note your
comment below) to a certain teacher, and the opposite in another
scenario.
In no school where I've worked have I seen a teacher as the superior
of a networker, nor have I seen a networker the superior of a teacher.
Entirely different and unrelated tasks make them poor candidates for
governing one another I suppose.
But this all seems obvious. Perhaps I'm missing your point. Could you
elucidate?
> > Generally, my impression
> > is that most school administrators value a decent network admin. more
> > than a decent teacher.
>
> What does "value" have to do with chain of command?
>
What does "chain of command" have to do with teachers compared to
networkers?
Value, as I imagnie it, is simply the determining factor in an
administrator's mind that decides who stays and who goes. Clear?
> > But a great teacher vs a mediocre network
> > admin? Then it's more dicey, the latter ought to watch his step around
> > the former.
>
> Why? Are network administrators subordinate to teachers but not to school
> administrators or something?
No, both are subordinate to administrators, but seldom are they
equals. Their value depends on many factors: the administrator's
needs, prejudices, the abilities of the networker/teacher, etc.
>
> > Thanks for your comments,
> > H.
Dave Hinz <[email protected]> wrote in message news:<[email protected]>...
> On 3 Aug 2004 17:57:41 -0700, Hylourgos <[email protected]> wrote:
> > Dave, I have especially enjoyed your comments, which are obviously the
> > product not merely of relevant experience, but a good analyticaly mind
> > (and good sense of humor).
>
> Thanks. Now get clear on the concept of who owns the network and how
> they could fire you for misusing it, and you'll be fine.
I'll try, but you have not yourself addressed who owns the network of
a school or public organization, so your response is a bit
disingenuous.
If someone accuses me of misuse and fires me, but is dishonest in
establishing standards of use, then there's a good chance he will be
the one who ends up getting fired. That's how public law works.
Private companies have more leeway to be Orwellian.
>
> >> Nope, I didn't mention PGP. I said that if you're using a webmail
> >> that's https:// they will see you're going to a webmail server, but not
> >> be able to read the traffic without getting creative. If you're using
> >> a webmail that connects with https://, you might as well print everything
> >> and leave it laying on your desk, because it's that trivial to read.
>
> > Should one of those (the latter?) read http:// ?
>
> Yes.
>
> >> You should find out what your school's acceptable internet usage policy
> >> is. Then, you can decide if and how you choose to violate it. Maybe
> >> they really don't care as long as you don't, as another admin put it,
> >> make more work for them. Over the years, I've run into a few "problem
> >> users", the ones who noise up my network, or are continually trying to
> >> find ways around the security I have built. For most of 'em, a "Hey,
> >> stop doing (thing) please, because it makes my monitoring stuff go
> >> nuts, OK?" was sufficient. But, I've also had the boss's boss call me
> >> into his office for the "We need to know what (person) is doing, web,
> >> email, everything" chat, and (person) was soon no longer working there.
>
> > I don't really want to subvert any well-intended security that our
> > network has built for the purpose of protecting the network. I don't
> > think I've ever done anything that remotely threatened the security of
> > a network I've used. I just want to protect my own privacy.
>
> But if they see you using an anonymizer, or ssh tunneling, or
> whatever, they may _feel_ it is being used to bypass what they have
> put in place, and that would be accurate. IF they wanted to, they
> could present it any way they chose. These aren't the sort of things
> that by themselves are likely to be a problem, but if someone gets
> an attitude and wants to "find something" on you, it gives 'em an easy
> target.
>
See, here I feel like you are "telling it like it is." Elsewhere you
paint a distinctly rosier scene about networkers. It's the "like it
is" part that has me concerned. I appreciate your candor, when it
comes to the fore.
> > Since I'm new at this school, I'm not really sure what the network
> > admin is like, but I'll be sure to try to get to know him--that won't
> > hurt regardless his snooping habits.
>
> Buy him food and/or drink. Never hurts.
>
> > In the meantime, I'd like to know
> > just what and how well I can protect myself. You have answered that to
> > my satisfaction, even though the answer was not optimistic.
>
> Yup.
>
> >> For 10 bucks, you can bypass the whole thing by getting a home internet
> >> account. Heck, you may be able to use it _from_ work by dialing out
> >> on an outside line right from your classroom.
>
> > I could do that, but I hate modem connections. I'll just wait until I
> > get home to do anything that even hints of unapproved activity. Even
> > Caesar's computer must be above suspicion nowadays, it seems.
>
> Your respones here are not consistant with your responses to Nick.
Nor are your responses consisten with Nick's. So why should my
differing responses be a surprise?
>
> >> Ethically, if they're snooping and don't have a damn good, work-related
> >> reason for it, they can and should be fired. You don't read a user's
> >> email just because you can, you don't snoop their traffic just because
> >> you want to get dirt on 'em.
> >
> > You enjoin me to accept things as they are below, and I must return
> > the favor at this point. You're right, of course, in the first
> > sentence above. The problem is that very few administrators have the
> > ability or inclination to discover a networker's transgression.
> > Regarding the second sentence, you must have a bright outlook on human
> > nature if you believe that.
>
> There are plenty enough examples of people in my position being fired
> and/or sued for violating the trust that our job entitles that even
> those who aren't all that honest, are still very likely not to "go there".
>
> > Me, I'm a Federalist 10/Duc de LaRochefoucault kind of guy.
>
> OK, I'm sure that would mean alot to someone who knows who that is.
> Me, I'm the "jaded and cynical" type.
Read your last two responses. They don't add up. If you're cynical
(BTW, that is Fed 10 and Duc de LR to a "T"), then you must find it
hard to believe, as I do, that most networkers can resist checking
out so-and-so's activities.
It's just human curiosity. I don't fault networkers for trying it
either, I doubt I could resist. It's like giving a teenage boy some
mythical sunglasses that will allow him to see under the girls'
clothing, then telling him not to look. It's just happenstance that at
this point in history our technology has exceeded our ability to
enforce our ideals (of privacy). Networkers have a tremendous amount
of ability to snoop. Sure, some have been caught, but how easy is that
(to catch a networker snooping)? No doubt you can do it with enough
money to hire the expert (and who's going to watch *him*?), but is it
reasonable to expect of a school?
>
> >> But, if it's "Wow, that port is taking
> >> a whole shitload of traffic, what kind of traffic is it", then it's
> >> certainly reasonable to expect that if it attracts attention, it
> >> might get investigated.
>
> > Right, and it get tricky here, ethically and legally.
>
> Not at all. Once it starts impacting the hardware my boss pays me
> to keep from falling over and catching fire, it becomes my business.
> No fuzzy line, no gray areas, it's "What the hell is happening at IP
> address xxx.xxx.xxx.xxx that's saturating my switch". At that point,
> troubleshooting continues until the cause is identified. Like I said,
> in the past I've done the "Er, hi, please stop doing (thing) because
> it's making my monitoring stuff get all excited and paging me". Almost
> always that's been a self-correcting problem, I tell the person it's
> been noticed and that I know what he's doing (streaming media seems to
> be a favorite), and that I'd like it to stop. If it did continue, I'd
> get his streaming media player removed from his system or block the
> traffic at the switchgear, if he went around that, _then_ we start
> escalating it to managers. As per policy. No BigBrother about it,
> it's a clear case of Joe User going around what has been put in
> place to keep the network healthy.
The scenario you describe is perfectly reasonable, and I sympathize
with the difficulties a networker faces such as these. But you
yourself admit the potentiality of BigBrother networker abusing his
position: "[not] the sort of things that by themselves are likely to
be a problem, but if someone [networker] gets an attitude and wants to
"find something" on you, it gives 'em an easy target."
I applaud you if you are everything you say a networker does and
doesn't do. I'm apparently more cynical than you about your peers.
>
> > A networker has
> > such wide-ranging power and the to abuse that power in virtual
> > privacy. Compare him to a police officer and search warrants, and
> > you'll get what I mean.
>
> If a cop breaks into your house without a warrant, they are also
> doing something not only illegal, but possibly fatal. Not sure how
> that relates to you putting traffic on my network that isn't supposed
> to be there.
It relates not to me as user but to you as networker--you are the cop.
Yet it seems that you can invade what I consider private without a
warrant, usually without anyone even being able to detect what you've
done: twice the entry power of the cop and none of the constraint.
It concerns me. And this thread leads me to admire Orwell and
Jefferson more and more.
>
> > But as you observe, that's how it is.
> ><snip digression on ethical philosophy>
>
> Oh, damn.
>
> >> This is where I'm going to excuse myself from the conversation,
> >> because (a) I really don't care, and (b) can't be bothered. The
> >> situation is what it is, and that's what you need to either
> >> decide to live with, or circumvent, the conditions that exist.
> >
> > Ah, but you do care, you have been bothered, and thank you for the
> > insights.
>
> No, what I'm saying is I don't care to get into the whole philosophical
> side of this, other than "tough, that's the situation, live with it or
> work to get it changed, but don't go around it or my counterpart is
> very likely to stop you".
Your point is taken. The counterpoint is that you can't really avoid
the philosophical side, try though you may.
>
> >> Well, any admin who abuses their access should, and will, get fired.
> >
> > Should? Yes. Will? Rarely. Fewer than 1 in 1000 abusers get nailed on
> > this one, I would venture to bet.
>
> I'm in the field, and you clearly are not. I have direct personal
> knowledge of two admins who were found doing this, and both of them were
> fired. Yes, limited sample size and all that, but it's _just_ _not_ _done_.
> When it's done, it's not tolerated.
My only response is quite simple: I just don't believe this.
>
> >> Employers, right now, have the right to order them to do so,
> >
> > "so" being "to get fired"? (sorry, I'm not sure what you meant here)
>
> "to do so" being "to monitor everything you do online". Again, caselaw
> has established this.
My understanding of the law is that I have some defenses against what
you envision as a right of employers.
But, to cut to the chase, this whole thread has convinced me of your
essential point ("the way things are"), that it's really not in my
best interests to try to outsneak my networker. I'm pretty good at
what I do. I'm not really interested in trying to become better at
what he does.
H,
banished to his home cable connection.
"Dave Hinz" <[email protected]> wrote in message
news:[email protected]...
> Then you also have the option of opening an ssh session off to an
> external machine (maybe a mac at home) and connecting through thre.
> Again, there'll see the session bu t not what you are doing. Keep
> in mind that this may be seen as going around security put in place
> (which it's not, but it could be presented as such) and could
> get you in trouble.
>
> Dave Hinz
This assumes that ssh isn't blocked outbound. It's not something I'd bother
with, but would be easy to do, at least with the default port.
todd
In article <[email protected]>,
Hylourgos <[email protected]> wrote:
>Hi Ed, thanks for the response.
>
> Ed Clarke <[email protected]> wrote in message
>news:<[email protected]>...
>>
>>
>Yeah, I've already recanted on that one. The other perspective (the
>organization who sponsors the network) has its own concerns, legally.
>However, network abuse is still something I hear about commonly, so in
>those cases there is some dishonesty involved.
>
>And regardless the legal status (which changes almost daily on
>communications issues), I still think it's generally dishonest for
>employers to spy or even be able to spy on their employees.
Employers have been doing it, in one form or another, since there -were-
employers and employees. It's a de facto part of every job description
from 'supervisor' up.
> The moral
>and the legal are not alway the same.
No argument, on -that-.
>
>> The courts have determined that you have no right of privacy on a work
>> supplied machine OR INTERNET CONNECTION.
>
>That is not entirely true, as I have pointed out. Contract law is not
>superseded by the principle you speak of (and on the internet so far,
>lack of privacy is simply a matter of fact rather than a court
>determination, no?).
You've been told before, "No."
Repeating what was said above: There _have_ been court determinations.
Expanding:
Courts have ruled that employees have no right to privacy with regard to
a work-supplied machine.
Courts have rules that employees have no right to privacy with regard to
a work-supplied Internet connection. It is a business resource, just
like any other resource the business provides. "Their property, Their
rules."
This is -not- 'new law', by any means. The first cases went to court
simply to establish that the _existing_rules_ *did* apply to the 'new
places'.
In a business environment, the company owns *everything*.
In an ISP environment, things _are_ a little different in practice,
because there is an explicit contract, whereby the ISP grants certain
privileges to the customer, and agrees *not* to exercise certain legal
rights that they (the ISP), as the equipment owner, have. A funny thing
happens, though, if the customer breaches _their_ contractual commitments.
then the ISP -will- exercise some of the legal rights that they had
contractually agreed not to employ.
Contracts are not about 'rights'. If there was a 'right' to a thing,
you wouldn't need a contract to provide for your getting it.
If a thing is 'conditional' on "good behavior" (whatever that may be),
then the thing is a 'privilege', not a 'right'.
Things granted by contract are 'privileges'; which you 'pay for', in one
form or another. Fail to hold up your end of the bargain, and the 'privileges'
go away.
As stated in another article, there are *no* 'rights' on the Internet.
The entire Internet is "somebody else's" private property. You use any
part of it _only_ at their sufferance. Which can be withdrawn at *any*
time.
There is a consensus as to what courtesies are commonly extended, "out of
the goodness of their heart", by local network operators to users originating
outside the local network, but that is _all_ it is. There is -nothing-
that legally requires any network operator to provide _any_ of those
courtesies.
> Moreover, I am convinced that some of these early
>decisions will be overturned.
Several have been to appellate level, and *affirmed*, so they are now
_binding_ on all lower courts in those circuits.
There's nothing new, different, or earth-shattering in the decisions.
They have just affirmed that traditional property-rights of the owner
of the property *do* apply in cyberspace.
But, go ahead, feel free to believe whatever you want.
"Who knows? Maybe the horse will learn to sing hymns."
In article <[email protected]>,
Hylourgos <[email protected]> wrote:
>Old Nick <[email protected]> wrote in message
>news:<[email protected]>...
>> On 1 Aug 2004 21:36:58 -0700, [email protected] (Hylourgos) vaguely
>> proposed a theory
>> ......and in reply I say!:
>>
>> remove ns from my header address to reply via email
>>
>> On their network, and email connection, they have the right to _do_
>> anything they want regarding your usage.
>
>A legal right? No, that is not correct.
To put it politely, _you_ are incorrect.
They have the legal right to the complete and utter control of *their*
network -- equipment, facilities, _who_ can use it, and *what* they
can use it for.
>> In an organisation, if you are using their gear, you _are_ their rep,
>> both internally and externally. If you surf around and are IDd in any
>> way, it will probably be under their banner. They care about that. If
>> you bring stuff back with you that compromises their system in any
>> way, they have a right to do something about that.
>
>Yes, this is a good point (although I would not say that using their
>gear--which is not entirely my case, as already explained--is a
>prerequisite to the concerns you mention).
'their gear' includes the wiring, the hubs, the routers, the external
connection.
If you aren't using _any_ of their gear, then there's no problem.
Of course, you won't be accessing the Internet through their facilities,
either. <grin>
In article <[email protected]>,
Hylourgos <[email protected]> wrote:
>Robert,
>
>You have delivered quite the indignant tirade,
_That_ wasn't a tirade. You've never seen one of my tirades. <grin>
It is, however, an exposition of the _facts_ of the law, as they apply
to network administration, and network usage.
>[email protected] (Robert Bonomi) wrote in message
>news:<[email protected]>...
>
><snip>
>
>> All email to a work account is the property of the *employer*. They
>> can read it, filter it, store it (permanently!), etc. *without* so
>> much as a 'by your leave'. This has been litigated, more than once,
>> And the law _is_ clear.
>
>The fact that such litigation continues at an increasing pace should
>be evidence to you that the law has not settled on this score.
I haven't seen _any_ litigation in years on the 'basic' issue. It's all
been about 'what is allowed / not allowed *BY*THE*AGREEMENT* in place
between the parties', with regard to monitoring/tracking/etc of activities.
The 'ownership' of such materials _is_ well-established.
Case-law includes a municipality where the mayor had _every_ incoming e-mail
to every city employee copied to his mailbox. Without any notification to
the employees. When the matter came to light, the city got sued over the
practice. The city won. It _was_ their property.
> Your
>blanket statements here amount to little, and they ignore contract
>law.
Bzzzt. My statements are about what an employer _can_ do. which is
separate and distinct from 'what they have agreed not to do'.
> My contract, about which you know nothing, does not allow my
>employers to circumvent my privacy or the integrity of my intellectual
>property, including phone and digital communications.
You sir, "don't know what you don't know".
"Your" contract terms not withstanding.
Proof: Echelon and Carnivore
The law is such that they _can't_ tell you "if" there is an Echelon or
Carnivore tap on their systems, or upstream, let alone whether or not it
is tracking _your_ actions. You can't even get that information with a
court order.
'Telephone and digital communications' do _not_ fall under the legal
description of 'intellectual property', by the way. If the contract
you drew up links them as you have indicated, it is materially defective.
As for 'blanket statements', YOU started off making blanket statements
about what _could_not_ be done. Those statements, even if applicable
to the -contract- environment *you* are in, were invalid on two grounds.
First the things _are_ technically possible. Second, employers *not*
bound by a contractual agreement proscribing such actions *are* legally
free to engage in them.
>> If the school in question is a public school, _any_ of your emails are
>> subject to a FOIA demand.
>
>A good point.
>
>> If it's a private institution, they can still be compelled to produce
>> any/all such mail, as part of 'discovery' in a legal action.
>>
>They can be ordered to do so, they cannot be compelled, not really, or
>at least not easily.
You *do* live in the 'ivory tower' world, don't you?
There is *nothing* that is more 'enforceable' than a judge's order.
'Compulsion' is -easy-. When the court says 'jump', you *jump*, or the
court sends the Marshalls over to confiscate *everything* that _might_
contain any records related to what was demanded.
You think your emails aren't _already_ being copied? How much do you want
to bet that routine system backups on the mail-server cover the mailbox
directory? Do you think they would refuse to produce those backups, if
subpoenaed? Oh, that's right 'ivory tower', nevermind.
There is _nothing_, at a technical level, that prevents the recording of
_every_byte_ of data that passes over the network. There is nothing in
the law that prevents it, either. On large, or heavily used, networks
it is often *impractical* because of the volume of information involved.
But monitoring everything to/from a specific machine, or a specific user,
is relatively trivial.
And is -routinely- done, when users report certain kinds of problems.
>> >Phone calls are still normally protected by law, unless the employee
>> >gives consent.
>>
>> NOT TRUE! I've been in discussions on that *very* point in an actual legal
>> discussion group -- where I held the opinion that the employee _did_ have
>> to give consent, and had the contrary facts (complete with case cites)
>> rammed down my throat.
>>
>Wow, a legal discussion group, eh?--and an actual one at that. Not
>sure I'd brag about that as an authority, but you go girl.
On average, a much higher quality of -legal- expertise than one finds in
a woodworking group. When _practicing_lawyers_ tell me I'm wrong on the
matter, _I_ listen to what they say. You can choose to 'learn from the
experience of others' -- or not. I really don't care.
>> In the U.S., phone calls _at_work_, on work phones, are *NOT* protected to
>> any significant extent against listening in _by_the_employer_, or a 'agent'
>> of the employer. A pay phone, that happens to be located at the place of
>> employment, is a different matter.
>
>That phrase "significant extent" is rather leading. Just what is the
>"extent" as you and your group understand it?
With regard to a company-supplied 'work' phone (this is neither a complete
nor comprehensive list) --
They can take away your phone completely, without notice.
They can change your phone number, without warning.
They can prevent you from calling any number(s) they choose.
They can record what numbers you call, without telling you.
They can track how long you spend on each call, without telling you.
They can record incoming calls without telling you.
They can record outgoing calls without telling you.
They can listen to your voice-mail messages, without telling you.
They can delete (selectively, or en masse) your voice-mail messages, without
telling you.
They can 'listen in', in real-time, to any of your calls, incoming or
outgoing, without telling you.
They can _use_ anything gained from 'listening in' or recording AGAINST YOU,
in an internal administrative proceeding.
They can release any recordings to a government or judicial agency on demand
(including a subpoena from the opposite party in a civil lawsuit), or
voluntarily to support a law-enforcement investigation.
With those disclaimers out of the way, for someone who records/monitors the
call, disclosing the content of the call to anyone other than 'in the normal
course of business operations', *is* forbidden. In other words, if you're
monitoring/recording a call, and you have a reason, _related_to_the_work_
_you're_doing_, for telling someone else in the company about the content of
the call, that is allowed; OTOH, if you gossip about it, to friends, in the
cafeteria, THAT is a crime. If you're engaged in the normal duties of your
job (say you're a telecom person, checking the line for proper functioning)
and you happen to pick up on a conversation where something illegal is being
plotted, it _is_ legal to notify management and/or appropriate law-
enforcement)
On a phone 'designated for personal use', such as a lunchroom pay phone,
The first three items still apply, as does the part of last paragraph in
regard to someone who's work causes them to happen to listen in on a call.
> And I hate to intrude on
>the authority of a legal discussion group, but do you think contract
>law might affect such rights?
If you had any real understanding of how the law works and what the fundamental
terms mean, you wouldn't ask such a question. The answer to the question,
AS ASKED, is 'No, contract law does *not* affect the employer's _rights_ in
such matters. Not in any way, nor under any circumstances."
'Contract law' is concerned solely with the enforceability of private
agreements between the contracting parties. And has absolutely nothing
to do with property ownership rights.
A 'right' describes "what you _could_ do, if you wanted to, given that you
have not agreed _not_ to do so."
A given contract _may_ inhibit the EXERCISE of certain rights under specified
circumstances, but the 'rights' exist nonetheless. Proof: anyone not bound
by that contract, -or- anyone so bound, but engaged in actions outside of
the scope of said contract, remains free to exercise those rights.
At law, possession of a right does not necessarily mean that one has the
freedom to exercise it in an unrestricted way.
In general, it takes an action of law (congress, the legislature, the courts,
etc.) to modify a 'right'.
Contracts can include _agreement_ NOT TO EXERCISE a right one already
possesses. but they remain a private agreement, and do not affect
anybody other than the contracting parties.
>> > And the fact that they own property you use does not
>> >give them absolute rights beyond that property. My intellectual
>> >property is also involved,
>>
>> You are spouting bullsh*t.
>>
>Ah, yes. Please tell me that you have a law degree, and that your
>practice specializes in communications or privacy law.
Nope. Merely a number of years experience as _publisher_, and before
that, as an editor. Who dealt with IP and copyright issues literally on
a _daily_ basis. I expect that, over the years, there was at least
half-a-million dollars of legal services involved, beyond the services
of in-house counsel,
More recently, I've been doing network administration/management. With an
emphasis on the security/privacy issues in 'sensitive' corporate environments.
You worry about your mail being snooped -- consider what the financial
value of being able to see messages in the trading room of a large brokerage
firm is. Where _one_ desktop machine may be involved in $100 *million*
dollars worth of transactions in a single day. Want to guess the value
of -that- kind of intelligence to a competitor? That is an business where
the question is not 'am I being paranoid?' but "am I being paranoid *ENOUGH*?"
And when the answer comes up 'no', it costs *BIG* bucks.
In that environment, everybody _is_ told, *regularly*, that 'you have *NO*
privacy here'. Of course, it's the norm for the entire industry, and nobody
expects any different. They all understand that the continued existence of
the company they work for rests on that lack of privacy. :)
> Otherwise,
>well, I guess we'll know who's spouting what....
>
>I will disclose that I am not a lawyer. My legal experience, however,
>is probably enough in a few areas to know if someone else knows what
>he's talking about.
Available evidence is to the contrary.
>> The network, the equipment used to connect to the outside world, etc.
>> are *their* property. THEY pay for it.
>
>You noted above a distinction between public and private, I'll return
>the favor: who exactly owns a public school?
>
> A) School administrators
> B) Networkers
> C) Some NGer spouting BS on the web
> D) Taxpayers/citizens
>
>If you gave the correct answer, D,
BZZZZZT! Game over. Thank you for playing.
The _legally_accurate_ answer to the question you asked, _as_asked_ is "none of
the above".
Title, and thus ownership, rests with the government agency that operates
the schools. It is a legal 'person' in and of itself.
That 'person' owns the property. and the assets in it.
That 'agency' is (indirectly) 'owned' by the taxpayers, true. But, legally,
it is a separate and distinct 'legal person'.
The situation is no different than owning shares in a corporation. You, the
shareholder (and part-owner) of the corporation do *not* have an ownership
interest in any assets owned by the corporation "in it's own name."
You (individually), nor you (collectively) do -not- own the property owned
by the school district.
> then you are now free to understand
>that public school policy on such matters is susceptible to the
>pressures of the owners. That's me. And you. And many others. Not
>THEY. WE. Welcome.
In the computers trade, this is called GIGO -- "garbage in, garbage out".
You started from a faulty premise, so it's no surprise you've arrived at
a faulty conclusion.
Second, If you don't grasp the difference between what someone has the 'legal
right' to do, and what they *choose* to do or not do, there's no point in
bothering to discuss 'what the law allows'.
Tell me, while you're at it, why it is illegal for an owner of the public
school to enter the school at night, and remove some of 'their' property
from the piece of real-estate that they 'own'.
Why are the charges in such a case *exactly* the same as the ones that
are filed if the person broke into _your_ dwelling, and took _your_
property?
Do you suppose, maybe, _just_maybe_, that it just might be that they DON'T
really 'own' the property, etc. in the school?
>> They have the absolute right to dictate how, and for what purposes
>> their employees may use _their_ resources.
>>
>For someone with the experience of a legal discussion group, you bandy
>the term "absolute" cavalierly.
Not cavalierly. I meant _exactly_ what I said.
An employer is under no legal requirement to provide _any_ resources for
it's employees to use. Any resources that are provided are provided
subject to any 'terms of use' that the employer may deem fit. The employee
has two choices: (1) 'live with it', (2) seek employment elsewhere.
An employer may _choose_ to commit, in a binding manner (e.g. contract),
to certain practices, with regard to the use of certain resources, but they
do *not* have to do so. (There _are_, in many cases, advantages =to=the=
=employer= TO doing so, as well as advantages to the employee.)
The employer, from a legal standpoint, _has_ absolute control. They
can 'shut down' the resources. they can eliminate the resources.
"Those who have the power to destroy a thing, control it absolutely."
If they've entered into contracts to the contrary they may have to
wait for those contracts to expire, or re-negotiate them. Note well
that by simply waiting for the currently-in-effect contracts to expire
they *can* implement the 'shut-down'/'elimination' unilaterally, and
without any further discussion.
> I would say, on the contrary, that you
>are absolutely wrong about their absolute rights. Ownership in very
>few things grants absolute rights over usufruct or other competing
>property rights.
*snicker*. "Usufruct" exists _only_ if one has been granted that right,
in one way or another, by the property owner in the first place.
If you lease a piece of land, usufruct entitles you to the 'fruits' of
what you grow on it. If you trespass onto somebody else's property to
plant things, there is no 'usufruct' right to the fruits of your labor.
If you do attempt to 'harvest' your crops, you can be arrested for theft
as well as trespassing. This *HAS* happened, in the case of certain
'contraband' crops.
Concrete example: 'usufruct'ing an automobile, absent the permission of the
owner thereof, _is_ a criminal offense in every jurisdiction in the United
States. In a number of locales it is the crime of 'joyriding'; in others, it
is not distinguished from 'grand theft auto'.
'Competing' property rights, in the case of absolute ownership (i.e., in 'fee
simple') exist due to grants, or 'division', of the rights held, in _undivided_
_form_, by prior owners.
>> Your 'intellectual property' gives you *NOTHING* with regard to the use
>> of _their_ facilities.
>
>Ah, back to the spouting.... And your source for this belief about
>intellectual property rights? (No doubt you, or better yet your
>discussion group, specialize in intellectual property rights, and this
>area of the law is to you also "clear".)
I do have some small knowledge of 'intellectual property rights', primarily
copyright, having worked professionally as a reporter, editor, and magazine
publisher; having been involved in three copyright infringement actions that
went all the way to trial. (With, incidentally, a 100% record for being on the
prevailing side)
Note: this gives me more experience with actual _litigation_ than a *lot* of
practicing IP attorneys. All things considered, it's experience I'd prefer
*not* to be able to claim. <wry grin>
My knowledge of trademark law is that of a 'well informed' layman. I used
to to regular Internet sweeps for trademarks of my then employer, and would
make initial calls to find out if they were 'aware' they were using a name
trademarked by somebody else. The ones who got argumentative were forwarded
to the external legal counsel for 'action'. In several years, there were
a grand total of two disagreements between myself and the 'professionals'
as to whether a use was infringing or not. both ones I'd classified as
'definitely borderline, but probably worth pursuing', and they classified
as 'winnable, but not worth the cost/effort'. the 'business' aspect
prevailed in both cases.
Patent law -- I've gone through the prelims of an actual patent filing
personally. Twice. Both died rather quickly when 'prior art', that had
never been commercialized, turned up.
Intellectual property rights give you the right to control the use of
_your_ intellectual property. Period. See Title 17 USC, and Title 35 USC.
They do not give you _any_ rights to the USE of anyone else's property.
intellectual or otherwise.
One would think that that is 'obvious', but apparently not.
IF your intellectual property is on, or transits over "somebody else's"
resources, then the 'lowest common denominator' of "what they allow"
and "what you allow" determines what can be done. If 'they' "don't allow"
something that _you_ "want" to allow, well, that's just too bad. it doesn't
happen.
>OK, I have a short quiz for you: I have a copyrighted document--or
>even, say, a copyrighted song--that is, illegally I say, disseminated
>on their network. Do they have the right to ignore my complaint? Do I
>have NO legal recourse with regard to the use of their facilities?
>
>Think twice....
What's to think about?
Quiz for _you_:
What does your hypothetical scenario have to to with your intellectual
property rights giving =you= some right to _USE_ someone else's facilities?
You hypotheticate 'some 3rd party' using the providers facilities to
infringe your intellectual property rights -- a totally different issue
from your original assertation.
Now, on to the answer to your 'strawman' argument --
Depending on the circumstances, *YES* they have right to ignore your
complaint, and *NO* you do not have any legal recourse against them for
how their facilities were used.
In detail:
The DMCA statutes state that they must promptly _investigate_ a complaint
received.
Upon such investigation, which starts with attempting to contact the party
who produced the item that is on their network, and , If that party, for
what you claim is the infringing materials, provides credible evidence (not
necessarily 'proof') that they do have the legal right to do what they are
doing, then the answer to the question, as asked, is:
"Yes, the network operator *is* free to ignore your complaint."
WITH impunity. And any further complaints about the same material from the
same source can be treated the same way, without further investigation.
And, no, you do not have legal recourse against the network *operator* for what
'somebody else' does through their network. see 47 USC 230 (c) 1
*IF* they _fail_to_investigate_ a DMCA takedown notice, they have 'secondary
liability', _after_ you prove in a court of law that the originator did, in
fact, violate your copyright.
On the other hand, if they do investigate, and decide that the matter
'is open to question', you, in fact, have _no_recourse_ against them
in the matter. (*AFTER* the court upholds your lawsuit against the
'author' of the infringing copies, =then= they will take the 'proven
to be infringing' material down, promptly.)
An -uncontested- 'takedown' notice is 'sufficient grounds' for removing
the allegedly infringing materials. A *contested* one is not.
FAILING TO ACT on an uncontested takedown notice leaves one open to
liability with respect to the putative copyright owner.
ACTING on a contested complaint leaves one open to liability from the other
party.
The fact that your 'intellectual property rights' are involved does not
give you any 'rights' (or even privileges) to *USE* any part of their
network -- whether for tracking the perpetrator, or for any other purpose.
>
><snip>
>
>> You have *no* "rights" to their equipment/property.
>
>Assuming, as I know you must be, that said property is not public and
>I am not a citizen. Right?
Wrong, again. Not unsurprisingly. What you 'know' is totally contrary to
reality. Such 'assumptions', which I do -not- make, are immaterial, in-
consequential, and irrelevant to the matter. 'Why' that is so has already
been covered, I shouldn't need to repeat it here.
Your ignorance of the real world continues to show.
Government-agency owned property is not necessarily 'public', and
_even_if_it_is_classified_"public"_, your rights are *extremely*
limited.
Whether or not you are a citizen is similarly irrelevant. Just because
you are a citizen (taxpayer) does _not_ give you a legal 'ownership interest'
in property owned by the government.
If you don't agree, prove me wrong by usufructing "Air Force One" for
your next vacation trip. Be sure to bring it back in 'undamaged' condition.
Try and stay in a City Hall office, past closing time.
So much for your 'rights' in property you 'own' as taxpayer.
>> In fact, there are
>> *no* "rights" on the Internet, _none_whatsoever_. The only thing that
>> exists is 'privileges'. Either extended as a courtesy, or as part of
>> a contractual agreement.
>>
>??????? Is this a riddle?
Nope. just a statement of fact.
You have no 'rights' with regard to _anything_ on the Internet.
Not even 'Freedom of Speech'.
Example: If your ISP doesn't like what you say on your web-site, they _can_
force you to 'take it down'; by the simple expedient of "If you don't, we'll
terminate your account". And there's not a *damn*thing* you can do about it.
If you don't do as they 'request', and they do terminate you, and you try to
sue for damages on 1st Amend. grounds, you'll get laughed out of court, *if*
you manage to make it that far.
The Bill of Rights, etc. constrain what the _government_ can do. Things that
are forbidden to the government are *not* forbidden to private property
owners in regard to their own private property.
All you have on the Internet:
The services you contracted for, from anyone that you have _paid_ to provide
such services. In general this extends no further than services your
pro vier offers internally, and transit across your provider's network.
The _privilege_ of having your packets (web requests, email, etc.) carried
by intermediaries to whom you have *not* paid anything, 'as a courtesy'.
The _privilege_ of of having 'remote' networks accept, process, and
respond to your packets, 'as a courtesy'.
If the school blocks, limits, or in any other way 'restricts' your access to
the external Internet, they are *not* impinging/infringing on your "rights".
You don't have any. At most, they might be in violation of a contractual
commitment.
If _anybody_else_ does it, well, "too bad". You aren't party to a contract
with -those- people, it's only 'out of the goodness of their hearts' that
they handle _any_ traffic for you at all. They do have the right to
change their mind about doing so, at any time. For any reason. Or for
_no_ reason.
><snip>
>
>> The law says "their property, their rules." Trust me, you _don't_ want
>> to see that changed.
>>
>Hmm...perhaps not, but I'd have to know more about who the "they" is
>(of "their").
'They' is 'whomever-it-is that owns the property.'
'Their' refers to the same entity.
This is one of the _fundamental_ precepts of *all* private property ownership.
Change that and the entire concept of private property -- be it house, car,
o Internet connection, get affected.
>
><snip>
>
>> >Your caveat is well taken. But it is no more *their* network than it
>> >is mine.
>>
>> Ignoramus.
>>
>> Who owns the in-building network wiring?
>> Who owns the in-building networking equipment?
>> Who pays for the connection to the outside world?
>>
>> Yes, it *IS* 'their' network. They being the company/school/etc.
>> And the admins are the 'delegated agent' of the owners..
>>
>
>Sort of makes for a more interesting connundrum when you realize that
>we, not they, own all that stuff in a public school, doesn't it?
Since that 'realization' is contrary to legal *fact*, as debunked above,
there is no connundrum(sic).
>...also makes for an interesting reconsideration of the word
>"ignoramus".
Yup. You just reinforced the applicability of the word.
You know, being ignorant isn't so bad. An ignorant person _can_ be educated.
Stupidity, on the other hand, is incurable.
>> > And who guards the guardians?
>>
>> 'Who guards the guardians?' is not *your* concern.
>>
>> If the owners trust those admins to do the job the way the owners want
>> it done, then _your_ opinion simply doesn't count/matter.
>>
>> If you don't like it. don't use _their_ network.
>>
>
>Let's just say I'm glad you don't get to decide this.
>
><snip>
>>
>> Don't like it? Tough. Welcome to the 'real world'.
>
>Then let's also say I'm glad that you are not representative of the
>"real world", only one small insignificant legal discussion group.
Bad news -- that 'attitude', in toto, is common to almost all of the
network owners/operators in North America.
>
>BTW, what was that, 1L, Parumph community college, what?
>
>Public ownershiply yours,
>H
I would have to agree with a previous responder when he mentioned usage
policy. If you are using your own pc, or the schools shouldn't really
matter a whole lot, but you may not have the leverage of your own pc that
you think you might. For example, if the school network requires your
computer to be a member of the schools NT domain, the schools domain
controller can push security policies down to your machine and pretty much
lock it down so that you can't really do much with your own machine (while
logged into the school domain).
The school should have a published network usage policy that outlines what
users responsibilities are, what they are authorized to do, and what the
responsibilities of the administration are, and other things. In the policy
statements that I have been involved in, it is usually stated that the
company (or school, or whatever) has the right to monitor, examine, and SAVE
your email (to and from the company owned servers) and traffic at the
request of appropriate legal entities such as police, FBI, etc., and to
insure compliance with published use guidelines. In some cases, it is
possible that by using the network you agree to certain software
requirements as well. For example, you could be agreeing to maintain
personal anti-virus software, and personal firewall software (and keeping it
current). It COULD also exclude you from using certain types of software
such as personal encryption (eg: PGP) and peer-to-peer (eg: Kazaaa)
software, or instant messaging software (eg: Yahoo Instant Messenger), but I
have not seen this.
There can be a lot of information in the usage policy, so the bottom line of
all this is to ask to see the published network usage policy. If they have
one, it can be anything from an extremely restrictive and very detailed to
practically nothing at all. But even the companies that I have worked for
that have these policies rarely care what people are doing with their
company owned pc. The policies are in place to protect the organization,
not you.
Wayne
"Hylourgos" <[email protected]> wrote in message
news:[email protected]...
> Thanks Todd. I've a couple of follow-up questions.
>
> For surfing, what about using an anonymizer service? Will those thwart
> an admin?
>
> For e-mail, can I use some kind of encryption?
>
> Do wireless connections differ in this respect as far as privacy goes?
>
> I will be using my own laptop in the classroom, so I have some
> leverage on the privacy issue. I'm mostly concerned that any
> negotiations or job offers I get from others remain private.
>
> Incidentally, Mark L, who wrote "I agree that if you're using your
> employees pc on their dime you shouldn't bitch about the lack of
> privacy re email or net surfing." I don't know with whom you are
> agreeing, but I cannot disagree more. It's dishonest employer practice
> in most circumstances I've seen, that's my opinion anyway.
>
> Thanks,
> H
>
> "Todd Fatheree" <[email protected]> wrote in message
news:<[email protected]>...
> > "Hylourgos" <[email protected]> wrote in message
> > news:[email protected]...
> > > Can any of you computer gurus answer the following or point me in the
> > > right direction to get the answer?:
> > >
> > > I'm starting a new job at a small school. They have pretty good
> > > computer resources and networking (e.g., multiple ethernet connections
> > > in all classrooms), but the admin. I've met seems rather suspicious,
> > > and I bet that he looks at everyone's online activities
> > >
> > > Is there a way I can keep my online activities private? I'm no porn
> > > surfer, but I don't like the idea that they might be trying to read my
> > > e-mail, or that they'd know it if I looked at the wreck during a
> > > boring moment.
> > >
> > > FYI, I use a Mac.
> > >
> > > Thanks,
> > > H
> >
> > I'm a network systems engineer. Basically, if your internet traffic
goes
> > through my firewall/router, I can look at it if I'm so inclined and
there's
> > not much you can do about it. Trouble is, generally speaking, I'm
really
> > not that interested unless you're getting a nice virus/trojan emailed to
> > you, which I'll be taking out on its way in. Personally, I don't give a
rip
> > what people look at during breaks/lunch, as long as it doesn't create
work
> > for me (see viruses, trojans, spyware). I don't even do any filtering
or
> > logging of people's web browsing habits. However, IMHO, the computer is
> > provided by the school for school business, and you should expect that
you
> > will not have privacy. By the nature of the way most email systems are
set
> > up, someone is going to have administrative access to your email, if
only to
> > be able to back it up. I've also, as part of a legal matter, set up so
that
> > all email in or out of someone's mailbox was copied to another mailbox.
The
> > moral of the story is, dont have anything emailed to you at your school
> > address that you wouldn't want someone else to see.
> >
> > todd
"Hylourgos" <[email protected]> wrote in message
news:[email protected]...
> Can any of you computer gurus answer the following or point me in the
> right direction to get the answer?:
>
> I'm starting a new job at a small school. They have pretty good
> computer resources and networking (e.g., multiple ethernet connections
> in all classrooms), but the admin. I've met seems rather suspicious,
> and I bet that he looks at everyone's online activities
>
> Is there a way I can keep my online activities private? I'm no porn
> surfer, but I don't like the idea that they might be trying to read my
> e-mail, or that they'd know it if I looked at the wreck during a
> boring moment.
>
> FYI, I use a Mac.
>
> Thanks,
> H
I'm a network systems engineer. Basically, if your internet traffic goes
through my firewall/router, I can look at it if I'm so inclined and there's
not much you can do about it. Trouble is, generally speaking, I'm really
not that interested unless you're getting a nice virus/trojan emailed to
you, which I'll be taking out on its way in. Personally, I don't give a rip
what people look at during breaks/lunch, as long as it doesn't create work
for me (see viruses, trojans, spyware). I don't even do any filtering or
logging of people's web browsing habits. However, IMHO, the computer is
provided by the school for school business, and you should expect that you
will not have privacy. By the nature of the way most email systems are set
up, someone is going to have administrative access to your email, if only to
be able to back it up. I've also, as part of a legal matter, set up so that
all email in or out of someone's mailbox was copied to another mailbox. The
moral of the story is, dont have anything emailed to you at your school
address that you wouldn't want someone else to see.
todd
Hylourgos" <[email protected]> wrote in message
news:[email protected]...
> Thanks Todd. I've a couple of follow-up questions.
>
> For surfing, what about using an anonymizer service? Will those thwart
> an admin?
If I *really* (and I mean I'd have to really be inclined on a slow day), I
could sniff the traffic from your machine and still get whatever I wanted.
The anonymizer might not leave a trace on your system, but the traffic has
to go out one way or another.
> For e-mail, can I use some kind of encryption?
As someone else pointed out, you could look into PGP. It's not something
I've worked with.
> Do wireless connections differ in this respect as far as privacy goes?
No.
> I will be using my own laptop in the classroom, so I have some
> leverage on the privacy issue. I'm mostly concerned that any
> negotiations or job offers I get from others remain private.
If I were you, I'd work on negotiations and job offers at home.
> Incidentally, Mark L, who wrote "I agree that if you're using your
> employees pc on their dime you shouldn't bitch about the lack of
> privacy re email or net surfing." I don't know with whom you are
> agreeing, but I cannot disagree more. It's dishonest employer practice
> in most circumstances I've seen, that's my opinion anyway.
My opinion is that while you're at work on the company's time, don't do
anything you wouldn't want the company to know about. Now, on your own time
on your own computer is a different story. Basically, I wouldn't give a
rat's ass what you did, again as long as you don't go creating work for me.
Actually, if I were in a position to create such a policy and enforce it, I
wouldn't even let people bring in their own machines for the following
reasons. 1) They're likely to fuss when I need to update or install
something on their machine that is necessary to protect other network
resources, 2) You never know what they have on their machines when they
bring them in and plug them into their network. At that point, you can
forget about your firewall because someone just went around it.
> Thanks,
> H
todd
"Hylourgos" <[email protected]> wrote in message
> It relates not to me as user but to you as networker--you are the cop.
This would be a more accurate analogy if you were storing your personal
information down at the police station.
> Yet it seems that you can invade what I consider private without a
> warrant, usually without anyone even being able to detect what you've
> done: twice the entry power of the cop and none of the constraint.
You considering it private doesn't make it private. An exhaustive search of
all cases that I could find in the 30 seconds I looked brought up the
following from eff.org, which is a summary of US v. Councilman, released on
June 29, 2004.
'The First Circuit Court of Appeals dealt a grave blow to the privacy of
Internet communications with its decision today in the case of U.S. v.
Councilman. The court held that it was not a violation of criminal wiretap
laws for the provider of an email service to monitor the content of users'
incoming messages without their consent. The defendant in the case is a
seller of rare and used books who offered email service to customers. The
defendant had configured the mail processing software so that all incoming
email sent from Amazon.com, the defendant's competitor, was copied and sent
to the defendant's mailbox as well as to the intended recipient's. As the
court itself admitted, "it may well be that the protections of the Wiretap
Act have been eviscerated as technology advances." '
todd
> >
> >Phone calls are still normally protected by law, unless the employee
> >gives consent.
>
> NOT TRUE! I've been in discussions on that *very* point in an actual
legal
> discussion group -- where I held the opinion that the employee _did_ have
> to give consent, and had the contrary facts (complete with case cites)
> rammed down my throat.
>
> In the U.S., phone calls _at_work_, on work phones, are *NOT* protected to
> any significant extent against listening in _by_the_employer_, or a
'agent'
> of the employer. A pay phone, that happens to be located at the place of
> employment, is a different matter.
>
> > And the fact that they own property you use does not
> >give them absolute rights beyond that property. My intellectual
> >property is also involved,
>
I agree with the response above. If you think about it, there isn't any
significant difference between a data network and a voice network. They are
both just pipes for information. It's just that one is usually digital data
and the other is analog data. OK, before any flaming responses I am just
trying to make a point. I am aware of digital PBX's and VOIP, etc. I am
just pointing out that it doesn't really matter if the data originates in
your pc or in your mouth.
I was involved in one such case where my employer wanted to record all of an
employees telephone calls and wanted to capture all data traffic to/from his
pc. It was all legal and the network and telephone policy statements said
so. We did not have the facility to record all voice conversations, but we
did monitor his pc traffic and had all of his email and other files going
back for a number of years.
If you are using company (school?) resources, they can do practically
anything.
Wayne
>
> Is there a way I can keep my online activities private? I'm no porn
> surfer, but I don't like the idea that they might be trying to read my
> e-mail, or that they'd know it if I looked at the wreck during a
> boring moment.
Ayup, a couple of ideas come to mind...
http://www.anonymizer.com
also, you may want to check into getting a private key for your email
system. I worked at a company before where we used Netscape for email
(shudder), but the public/private key capabilities with it were pretty
cool. This allows you to encrypt stuff that you send to someone
else--of course, if he "hacks" into your machine, he can look at your
outbox with no problem.
Here's a thought--assuming you have an ISP for home access (like
Comcast, whatever), they should have a web-based email function you
can use...
Jim
In article <[email protected]>,
J. Clarke <[email protected]> wrote:
>Hylourgos wrote:
>
>> "J. Clarke" <[email protected]> wrote in message
>> news:<[email protected]>... <snip>
>>
>>> Then don't give out your work email address to prospective employers.
>>>
>> I don't. But it's not hard to find, and I'm listed in several
>> professional indices. They contact me based on reputation, they know
>> where I work, it's not exactly rocket science to get my e-mail addy.
>>
>>> And it's my experience that nobody sends out unsolicited job offers
>>> without at least a phone interview first.
>>
>> That is clearly not my experience.
>>>
>> <snip>
>>
>>> Are you or are you not the school administrator? If you are then you
>>> should outrank the network administrators.
>>>
>> I think I made this clear already. Re-read the post if you need to.
>>
>> Would I outrank a network admin? Who knows.
>
>If you're the school administrator you damned well _better_ know who your
>subordinates are.
Mr Sweany is a "visiting assistant professor", at University of the South,
in Tennessee. One of a total of 4 faculty positions in the 'classical
languages' department.
'Assistant professor' ranks above 'instructor', but below 'professor',
or 'senior professor'.
'visiting' positions are usually of fixed duration, frequently 'non-renewable',
and _not_ eligible for consideration for tenure.
>> Generally, my impression
>> is that most school administrators value a decent network admin. more
>> than a decent teacher.
>
>What does "value" have to do with chain of command?
>
>> But a great teacher vs a mediocre network
>> admin? Then it's more dicey, the latter ought to watch his step around
>> the former.
>
>Why? Are network administrators subordinate to teachers but not to school
>administrators or something?
He's in an educational institution
'administrative staff' and 'faculty' are two _entirely_ separate lines of
authority. with totally different structures.
The interactions between them are 'unclear', at best.
A faculty member in a department is responsible to the department 'chair'.
the department chair is responsible to the 'dean' of the school. the deans
'nominally' report to the president, chancellor, or some similar title.
'Staff' _in_a_department_ ("academic" staff) are responsible to the department
chair, and _at_the_chairperson's_direction_, will take direction from other
faculty. in that department. Get 'wrong' with the department chair, and it
is _amazing_ how 'unhelpful' the department staff can be. On rare occasions,
an individual faculty member may have academic staff assigned directly to them.
The typical situation is when said faculty member has landed a grant with
enough funding in it to pay for that staff person, full-time.
There are _other_ staff areas ("administrative" staff) that are not directly
responsible to an academic department. e.g., admissions, the burser's office,
'physical plant'/maintenance, 'computer services', etc.
These people report up an entirely _separate_ 'chain of command', to
people like the 'vice president of operations', 'vice of development',
'vice president of university relations', etc.
The vice-presidents also report to the president/chancellor/whatever.
And, of course, the ultimate authority is the 'board of directors'.
Now to complicate the 'chain of command' concept -- and done expressly
for promoting 'academic freedom' from the dictates of 'management',
there is this concept of 'tenure'. Once you 'get' tenure, you have a
job at that institution 'for life'. You _cannot_ be fired.
This results in the 'business' side of the institution regarding
"managing" the 'academic' side as not too far astray from 'herding cats'.
The overall arrangement is *NOT* a bad set-up, but it _does_
make for significant (and occasionally *more* than just 'significant',
_much_ more!) friction between the two groups.
More than you really wanted to know on the subject, I'm sure. <grin>
"Dave Hinz" <[email protected]> wrote in message
news:[email protected]...
> On 31 Jul 2004 23:14:07 -0700, PC Gameplayer <[email protected]> wrote:
> >>
> > This allows you to encrypt stuff that you send to someone
> > else--of course, if he "hacks" into your machine, he can look at your
> > outbox with no problem.
>
> He said he has a mac, so there's not much concern of the admin "hacking
> in", nor of him ushing NT-domain-specific stuff onto it. But, unless
> the traffic through _all_ of his gear is encrypted, it can be
> intercepted and read. And, if it _is_ all encrypted, that might get
> noticed.
I'll readily admit I am NOT into IT, and have a dim understanding of a lot
of what has been said. However - - I volunteer in the public school system
here, and the teacher I work with depends on me as his computer "guru"(LOL).
The school system is ALL MAC, and each teacher has their own Mac laptop, to
be used in school, @ home, whatever. They can be "wired" in school, or
"wireless" through the school "airport". The whole school district is under
master control, and they thoroughly pi**ed me off last year when they
blocked "Google Images", which I had been using for images for PPS
presentations for the kids. This was done because students were gaining
access to "prurient" content.
They also have blocked access to USENET, EBAY, etc. There are many places I
have tried to go for research that were NOT inappropriate, but ended up
"Access Denied". We have even tried to get around this by going through the
local ISP where both the teacher & I have our home email accounts, but it
still monitors & blocks if we try to go that route.
Maybe encryption or "PGP" whatever that is, would work, but it seems like
the general opinion is, and mine as well, their house, their rules, if you
don't like it, find another job or do the things you don't want looked @
when you're home.
Just my $.02
--
Nahmie
The law of intelligent tinkering: save all the parts.
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.713 / Virus Database: 469 - Release Date: 6/30/2004
Hylourgos wrote:
> Dave Hinz <[email protected]> wrote in message
> news:<[email protected]>...
>> On 31 Jul 2004 17:43:01 -0700, Hylourgos <[email protected]> wrote:
>> >
>> > For surfing, what about using an anonymizer service? Will those thwart
>> > an admin?
>>
>> Quite the opposite, it's a red-flag to say "This guy is trying to
>> pull something, keep an eye on him".
>
> I'm not concerned about raising his suspicions, I care only if he can
> do something about them.
Depending on the policies in place he can block the anonymizer, pull your
account, or tell the Powers That Be to fire your ass.
>> > For e-mail, can I use some kind of encryption?
>>
>> I could swear I answered that, maybe you missed it.
>
> Not in this thread...[I just checked, you did mention PGP in the other
> thread, but I don't think I'd read it before responding in this
> thread]
Encryption is usable, but only if you're emailing to others who use
encryption and have given you their public keys.
> <snip info on wireless, thanks>
>>
>> > I will be using my own laptop in the classroom, so I have some
>> > leverage on the privacy issue. I'm mostly concerned that any
>> > negotiations or job offers I get from others remain private.
>>
>> You want to use your _work_ account, not only to conduct personal
>> business, but to look for another job? Sounds like a good way to
>> _need_ another job. 10 bucks a month gets you a dialup account.
>
> I'm not looking for another job, but I receive offers on a regular
> basis, and prefer to keep those conversations private.
Then don't give out your work email address to prospective employers.
And it's my experience that nobody sends out unsolicited job offers without
at least a phone interview first.
> Do I hesitate
> to use a _work_ account for private business? Not usually, as long as
> it doesn't interefere with my work. Remember, teaching is not a 9-5
> job. Most of my evenings are taken up with school work of one kind or
> another. And at private schools you must often give up evenings and
> weekends. We're entitled to some leeway. Standard business practices
> differ for obvious reasons.
>
>> > Incidentally, Mark L, who wrote "I agree that if you're using your
>> > employees pc on their dime you shouldn't bitch about the lack of
>> > privacy re email or net surfing."
>>
>> It's their network, their bandwidth, and if you're in the US, it has
>> long been found to be within their rights. They can listen in on
>> your personal phone calls too, by the way. Don't like it? Don't
>> do it, or get the law changed.
>
> Phone calls are still normally protected by law, unless the employee
> gives consent. And the fact that they own property you use does not
> give them absolute rights beyond that property. My intellectual
> property is also involved, and court decisions constantly undulate
> between those shared property rights. But I understand your pragmatic
> approach, and appreciate the advice.
>
> I feel for the worker who has to give in to a Big Brother type corp.
> and give up so many privileges. I am not in that position. I am
> coveted, as far as school administrators go, and can make reasonable
> demands, but network admins are another ballgame altogether, I'm just
> trying to protect my privacy from *them*.
Are you or are you not the school administrator? If you are then you should
outrank the network administrators.
> I have yet to feel hindered by the law in this regard, but if I have
> to work to see a law changed it won't be the first time.
>
>> > I don't know with whom you are
>> > agreeing, but I cannot disagree more. It's dishonest employer practice
>> > in most circumstances I've seen, that's my opinion anyway.
>> >
>> "dishonest" implies that they hide it, which they clearly do not, or
>> your question wouldn't have been asked in the first place.
>>
> Dishonesty does not, by necessity, imply hiding in the sense you use
> it here--at least in any of the standard philosophical tracts on
> ethics I've read. Although I suppose you could argue that an
> institution of the liberal arts that does not extend minimal privilege
> and trust to its teachers is "hiding" a pusillanimous suspicion, if
> they do not openly admit it. (I don't think that's what you meant.).
> Clearly, hiding is not a necessity for dishonesty: think how many
> immoral and illegals acts you are capable of--in fact many have
> done--being perfectly straightforward and open.
>
> Dishonesty here is simply duplicity, pretending to be a humane
> institution while neglecting something like a "do unto others"
> standard. Privacy is a good thing: if you expect it, you'd better give
> it. School administrators understand that when I tell them, but
> network admins are given extraordinary power in having access to
> normally private information. I want to ensure that they don't misuse
> it on me.
>
>> Their network, their rules. Don't like it? Don't use it.
>
> Your caveat is well taken. But it is no more *their* network than it
> is mine. And who guards the guardians?
If you care who is guarding the guardians then don't use the network for
anything that you don't want the guardians to see. That's the bottom line.
Given that you can get a computer perfectly adequate for checking your
email for 20 bucks and if you have the right long distance provider get a
free dial-up account from which to access it there's no reason to be using
the company mail for sensitive correspondence.
>
> H.
--
--John
Reply to jclarke at ae tee tee global dot net
(was jclarke at eye bee em dot net)
Hylourgos wrote:
> "J. Clarke" <[email protected]> wrote in message
> news:<[email protected]>... <snip>
>
>> Then don't give out your work email address to prospective employers.
>>
> I don't. But it's not hard to find, and I'm listed in several
> professional indices. They contact me based on reputation, they know
> where I work, it's not exactly rocket science to get my e-mail addy.
>
>> And it's my experience that nobody sends out unsolicited job offers
>> without at least a phone interview first.
>
> That is clearly not my experience.
>
>>
> <snip>
>
>> Are you or are you not the school administrator? If you are then you
>> should outrank the network administrators.
>>
> I think I made this clear already. Re-read the post if you need to.
>
> Would I outrank a network admin? Who knows.
If you're the school administrator you damned well _better_ know who your
subordinates are.
> Generally, my impression
> is that most school administrators value a decent network admin. more
> than a decent teacher.
What does "value" have to do with chain of command?
> But a great teacher vs a mediocre network
> admin? Then it's more dicey, the latter ought to watch his step around
> the former.
Why? Are network administrators subordinate to teachers but not to school
administrators or something?
> Thanks for your comments,
> H.
--
--John
Reply to jclarke at ae tee tee global dot net
(was jclarke at eye bee em dot net)
Robert Bonomi wrote:
> In article <[email protected]>,
> J. Clarke <[email protected]> wrote:
>>Hylourgos wrote:
>>
>>> "J. Clarke" <[email protected]> wrote in message
>>> news:<[email protected]>... <snip>
>>>
>>>> Then don't give out your work email address to prospective employers.
>>>>
>>> I don't. But it's not hard to find, and I'm listed in several
>>> professional indices. They contact me based on reputation, they know
>>> where I work, it's not exactly rocket science to get my e-mail addy.
>>>
>>>> And it's my experience that nobody sends out unsolicited job offers
>>>> without at least a phone interview first.
>>>
>>> That is clearly not my experience.
>>>>
>>> <snip>
>>>
>>>> Are you or are you not the school administrator? If you are then you
>>>> should outrank the network administrators.
>>>>
>>> I think I made this clear already. Re-read the post if you need to.
>>>
>>> Would I outrank a network admin? Who knows.
>>
>>If you're the school administrator you damned well _better_ know who your
>>subordinates are.
>
> Mr Sweany is a "visiting assistant professor", at University of the South,
> in Tennessee. One of a total of 4 faculty positions in the 'classical
> languages' department.
>
> 'Assistant professor' ranks above 'instructor', but below 'professor',
> or 'senior professor'.
>
> 'visiting' positions are usually of fixed duration, frequently
> 'non-renewable', and _not_ eligible for consideration for tenure.
>
>>> Generally, my impression
>>> is that most school administrators value a decent network admin. more
>>> than a decent teacher.
>>
>>What does "value" have to do with chain of command?
>>
>>> But a great teacher vs a mediocre network
>>> admin? Then it's more dicey, the latter ought to watch his step around
>>> the former.
>>
>>Why? Are network administrators subordinate to teachers but not to school
>>administrators or something?
>
> He's in an educational institution
>
> 'administrative staff' and 'faculty' are two _entirely_ separate lines of
> authority. with totally different structures.
>
> The interactions between them are 'unclear', at best.
>
> A faculty member in a department is responsible to the department 'chair'.
> the department chair is responsible to the 'dean' of the school. the deans
> 'nominally' report to the president, chancellor, or some similar title.
>
> 'Staff' _in_a_department_ ("academic" staff) are responsible to the
> department chair, and _at_the_chairperson's_direction_, will take
> direction from other
> faculty. in that department. Get 'wrong' with the department chair, and
> it
> is _amazing_ how 'unhelpful' the department staff can be. On rare
> occasions, an individual faculty member may have academic staff assigned
> directly to them. The typical situation is when said faculty member has
> landed a grant with enough funding in it to pay for that staff person,
> full-time.
>
> There are _other_ staff areas ("administrative" staff) that are not
> directly
> responsible to an academic department. e.g., admissions, the burser's
> office, 'physical plant'/maintenance, 'computer services', etc.
>
> These people report up an entirely _separate_ 'chain of command', to
> people like the 'vice president of operations', 'vice of development',
> 'vice president of university relations', etc.
>
> The vice-presidents also report to the president/chancellor/whatever.
>
> And, of course, the ultimate authority is the 'board of directors'.
>
> Now to complicate the 'chain of command' concept -- and done expressly
> for promoting 'academic freedom' from the dictates of 'management',
> there is this concept of 'tenure'. Once you 'get' tenure, you have a
> job at that institution 'for life'. You _cannot_ be fired.
>
> This results in the 'business' side of the institution regarding
> "managing" the 'academic' side as not too far astray from 'herding cats'.
>
> The overall arrangement is *NOT* a bad set-up, but it _does_
> make for significant (and occasionally *more* than just 'significant',
> _much_ more!) friction between the two groups.
>
>
> More than you really wanted to know on the subject, I'm sure. <grin>
Actually, I wanted to know what "Hylourgos" thought about the matter.
Wasn't expecting somebody to "help" him.
--
--John
Reply to jclarke at ae tee tee global dot net
(was jclarke at eye bee em dot net)
In article <[email protected]>,
Robert Bonomi <[email protected]> wrote:
>In article <[email protected]>,
>J. Clarke <[email protected]> wrote:
>>Hylourgos wrote:
>>
>>> "J. Clarke" <[email protected]> wrote in message
>>> news:<[email protected]>... <snip>
>>>
>>>> Then don't give out your work email address to prospective employers.
>>>>
>>> I don't. But it's not hard to find, and I'm listed in several
>>> professional indices. They contact me based on reputation, they know
>>> where I work, it's not exactly rocket science to get my e-mail addy.
>>>
>>>> And it's my experience that nobody sends out unsolicited job offers
>>>> without at least a phone interview first.
>>>
>>> That is clearly not my experience.
>>>>
>>> <snip>
>>>
>>>> Are you or are you not the school administrator? If you are then you
>>>> should outrank the network administrators.
>>>>
>>> I think I made this clear already. Re-read the post if you need to.
>>>
>>> Would I outrank a network admin? Who knows.
>>
>>If you're the school administrator you damned well _better_ know who your
>>subordinates are.
>
>Mr Sweany is a "visiting assistant professor", at University of the South,
ARGHHH! d*mn spell checker. that should read "Mr. Seavey"
>in Tennessee. One of a total of 4 faculty positions in the 'classical
>languages' department.
>
>'Assistant professor' ranks above 'instructor', but below 'professor',
>or 'senior professor'.
>
>'visiting' positions are usually of fixed duration, frequently 'non-renewable',
>and _not_ eligible for consideration for tenure.
>
>>> Generally, my impression
>>> is that most school administrators value a decent network admin. more
>>> than a decent teacher.
>>
>>What does "value" have to do with chain of command?
>>
>>> But a great teacher vs a mediocre network
>>> admin? Then it's more dicey, the latter ought to watch his step around
>>> the former.
>>
>>Why? Are network administrators subordinate to teachers but not to school
>>administrators or something?
>
>He's in an educational institution
>
>'administrative staff' and 'faculty' are two _entirely_ separate lines of
>authority. with totally different structures.
>
>The interactions between them are 'unclear', at best.
>
>A faculty member in a department is responsible to the department 'chair'.
>the department chair is responsible to the 'dean' of the school. the deans
>'nominally' report to the president, chancellor, or some similar title.
>
>'Staff' _in_a_department_ ("academic" staff) are responsible to the department
>chair, and _at_the_chairperson's_direction_, will take direction from other
>faculty. in that department. Get 'wrong' with the department chair, and it
>is _amazing_ how 'unhelpful' the department staff can be. On rare occasions,
>an individual faculty member may have academic staff assigned directly to them.
>The typical situation is when said faculty member has landed a grant with
>enough funding in it to pay for that staff person, full-time.
>
>There are _other_ staff areas ("administrative" staff) that are not directly
>responsible to an academic department. e.g., admissions, the burser's office,
>'physical plant'/maintenance, 'computer services', etc.
>
>These people report up an entirely _separate_ 'chain of command', to
>people like the 'vice president of operations', 'vice of development',
>'vice president of university relations', etc.
>
>The vice-presidents also report to the president/chancellor/whatever.
>
>And, of course, the ultimate authority is the 'board of directors'.
>
>Now to complicate the 'chain of command' concept -- and done expressly
>for promoting 'academic freedom' from the dictates of 'management',
>there is this concept of 'tenure'. Once you 'get' tenure, you have a
>job at that institution 'for life'. You _cannot_ be fired.
>
>This results in the 'business' side of the institution regarding
>"managing" the 'academic' side as not too far astray from 'herding cats'.
>
>The overall arrangement is *NOT* a bad set-up, but it _does_
>make for significant (and occasionally *more* than just 'significant',
>_much_ more!) friction between the two groups.
>
>
>More than you really wanted to know on the subject, I'm sure. <grin>
>
Basically, you CANNOT prevent the SysAdmin from doing anything he
wants, including reading your eMail, and monitoring your websurfing -
assuming he wants to do this
If that bothers you, then avoid any eMail or Websurfing that you don't
want to be general knowledge. You have NO right to privacy in a
corporate/business environment and either live with the situation OR
find another job
John
On 31 Jul 2004 08:46:30 -0700, [email protected] (Hylourgos) wrote:
>Can any of you computer gurus answer the following or point me in the
>right direction to get the answer?:
>
>I'm starting a new job at a small school. They have pretty good
>computer resources and networking (e.g., multiple ethernet connections
>in all classrooms), but the admin. I've met seems rather suspicious,
>and I bet that he looks at everyone's online activities
>
>Is there a way I can keep my online activities private? I'm no porn
>surfer, but I don't like the idea that they might be trying to read my
>e-mail, or that they'd know it if I looked at the wreck during a
>boring moment.
>
>FYI, I use a Mac.
>
>Thanks,
>H
On 1 Aug 2004 21:36:58 -0700, [email protected] (Hylourgos) vaguely
proposed a theory
......and in reply I say!:
remove ns from my header address to reply via email
On their network, and email connection, they have the right to _do_
anything they want regarding your usage. You then have the right to
fight that in arbitration, court or whatever.
"Honest, yer Honour! I only drive on the wrong side of the road when
there's no other traffic!"
You talk of honesty, and yet you are hungrily asking for ways to
secretly circumvent their finding out about what you do as their
representative, on their equipt, and probably in their time on their
pay to you. You begin to sound like exactly the sort of trouble they
are hunting for.
In an organisation, if you are using their gear, you _are_ their rep,
both internally and externally. If you surf around and are IDd in any
way, it will probably be under their banner. They care about that. If
you bring stuff back with you that compromises their system in any
way, they have a right to do something about that.
In many organisations with serious, large networks and big reps or
sensitive data, they simply will not allow anything except approved
address, non-encrypted attachments and messages etc.
While you can swear black is blue you will not be "dishonest", the
same cannot be said for everybody (believe me!) and there is always
the chance that you will make a mistake. There is no way they know
what is what without putting out blanket policies.
If you are concerned that your applications for other jobs will be
used against you unfairly, then face up to the people concerned about
it. If you are simply trying to hide your activities, then it's your
problem. Leave the applications at home.
>Dave Hinz <[email protected]> wrote in message news:<[email protected]>...
>> On 31 Jul 2004 17:43:01 -0700, Hylourgos <[email protected]> wrote:
>> >
>> > For surfing, what about using an anonymizer service? Will those thwart
>> > an admin?
>>
>> Quite the opposite, it's a red-flag to say "This guy is trying to
>> pull something, keep an eye on him".
>
>I'm not concerned about raising his suspicions, I care only if he can
>do something about them.
>
>> > For e-mail, can I use some kind of encryption?
>>
>> I could swear I answered that, maybe you missed it.
>
>Not in this thread...[I just checked, you did mention PGP in the other
>thread, but I don't think I'd read it before responding in this
>thread]
>
><snip info on wireless, thanks>
>>
>> > I will be using my own laptop in the classroom, so I have some
>> > leverage on the privacy issue. I'm mostly concerned that any
>> > negotiations or job offers I get from others remain private.
>>
>> You want to use your _work_ account, not only to conduct personal
>> business, but to look for another job? Sounds like a good way to
>> _need_ another job. 10 bucks a month gets you a dialup account.
>
>I'm not looking for another job, but I receive offers on a regular
>basis, and prefer to keep those conversations private. Do I hesitate
>to use a _work_ account for private business? Not usually, as long as
>it doesn't interefere with my work. Remember, teaching is not a 9-5
>job. Most of my evenings are taken up with school work of one kind or
>another. And at private schools you must often give up evenings and
>weekends. We're entitled to some leeway. Standard business practices
>differ for obvious reasons.
>
>> > Incidentally, Mark L, who wrote "I agree that if you're using your
>> > employees pc on their dime you shouldn't bitch about the lack of
>> > privacy re email or net surfing."
>>
>> It's their network, their bandwidth, and if you're in the US, it has
>> long been found to be within their rights. They can listen in on
>> your personal phone calls too, by the way. Don't like it? Don't
>> do it, or get the law changed.
>
>Phone calls are still normally protected by law, unless the employee
>gives consent. And the fact that they own property you use does not
>give them absolute rights beyond that property. My intellectual
>property is also involved, and court decisions constantly undulate
>between those shared property rights. But I understand your pragmatic
>approach, and appreciate the advice.
>
>I feel for the worker who has to give in to a Big Brother type corp.
>and give up so many privileges. I am not in that position. I am
>coveted, as far as school administrators go, and can make reasonable
>demands, but network admins are another ballgame altogether, I'm just
>trying to protect my privacy from *them*.
>
>I have yet to feel hindered by the law in this regard, but if I have
>to work to see a law changed it won't be the first time.
>
>> > I don't know with whom you are
>> > agreeing, but I cannot disagree more. It's dishonest employer practice
>> > in most circumstances I've seen, that's my opinion anyway.
>> >
>> "dishonest" implies that they hide it, which they clearly do not, or
>> your question wouldn't have been asked in the first place.
>>
>Dishonesty does not, by necessity, imply hiding in the sense you use
>it here--at least in any of the standard philosophical tracts on
>ethics I've read. Although I suppose you could argue that an
>institution of the liberal arts that does not extend minimal privilege
>and trust to its teachers is "hiding" a pusillanimous suspicion, if
>they do not openly admit it. (I don't think that's what you meant.).
>Clearly, hiding is not a necessity for dishonesty: think how many
>immoral and illegals acts you are capable of--in fact many have
>done--being perfectly straightforward and open.
>
>Dishonesty here is simply duplicity, pretending to be a humane
>institution while neglecting something like a "do unto others"
>standard. Privacy is a good thing: if you expect it, you'd better give
>it. School administrators understand that when I tell them, but
>network admins are given extraordinary power in having access to
>normally private information. I want to ensure that they don't misuse
>it on me.
>
>> Their network, their rules. Don't like it? Don't use it.
>
>Your caveat is well taken. But it is no more *their* network than it
>is mine. And who guards the guardians?
>
>H.
*****************************************************
It's not the milk and honey we hate. It's having it
rammed down our throats.
Answers contained within -
"Hylourgos" <[email protected]> wrote in message
news:[email protected]...
> Thanks Todd. I've a couple of follow-up questions.
>
> For surfing, what about using an anonymizer service? Will those thwart
> an admin?
No, an anonymizer probably will not thwart the admin.
>
> For e-mail, can I use some kind of encryption?
Probably.
>
> Do wireless connections differ in this respect as far as privacy goes?
Maybe. Wireless privacy/security is still not as good as other forms of
networking. There are several forms of encryption that help from the laptop
to the wireless access point. One of these is DES3, but it takes quite a
bit of overhead since each packet has to be encrypted/decrypted three times.
A packet will be encryped by the drivers on your laptop and then the packet
will be sent to the wireless access point. The access point will then
decrypt the packet and send it on the network normally. One more thing, it
will be the access point that determines what encryption is available. The
network engineers will set the configuration in the access point to provide
(or not) encryption, and what type of encryption. It could also define the
encryption keys that would be required, etc. If you would be using a school
wireless network, I would assume that you would have to be given very
specific instructions on just how to configure the drivers on your laptop.
You would not be able to just set any parameters that you wanted.
>
> I will be using my own laptop in the classroom, so I have some
> leverage on the privacy issue. I'm mostly concerned that any
> negotiations or job offers I get from others remain private.
Does the school require your laptop to join the schools NT domain? If so,
you may not have the leverage on your own laptop that you think you do. The
schools domain controller could push security policies to your machine and
pretty much lock it down as long as it is connected to the domain.
What email system will you be using in the classroom? I would assume that
these job offers and negotiations will not be via the schools email servers
because if they are, you have no privacy from the admins. Period. An email
administrator could login to the server and look at anything. A network
engineer could connect a network analyzer to the network and see any data
packets that were going into, and out of your computer. Encryption would
help in this case, but if I were really concerned about privacy I would not
be looking at them from the school net.
>
> Incidentally, Mark L, who wrote "I agree that if you're using your
> employees pc on their dime you shouldn't bitch about the lack of
> privacy re email or net surfing." I don't know with whom you are
> agreeing, but I cannot disagree more. It's dishonest employer practice
> in most circumstances I've seen, that's my opinion anyway.
I posted another response talking about network usage policy. To make a
long story short, if the school does have a policy it could state that by
using the school network you agree to let the admins monitor your computer
(among other things). Ask for a copy.
>
> Thanks,
> H
>
Wayne
"Hylourgos" <[email protected]> wrote in message
>
> Is there a way I can keep my online activities private?
If one human can make a code, another can break it. There is no perfect
solution aside from getting your own computer and not hooking it in to the
network. .
"Hylourgos" <[email protected]> wrote in message
news:[email protected]...
> I'm starting a new job at a small school.
> Is there a way I can keep my online activities private? I'm no porn
> surfer, but I don't like the idea that they might be trying to read my
> e-mail, or that they'd know it if I looked at the wreck during a
> boring moment.
I retired from that life after 35 years. At least in this locality, lockers
may be searched for any(or no) reason... court said so. Seems you really
have no privacy rights when it comes to the use of school property and
equipment. Businesses and schools, for sure, have the right to snoop at
your e-mail when you are using their equipment and under their employ. Now
if you had your own laptop and used it with the WiFi network in your school
that might be another matter.
On 3 Aug 2004 17:12:04 -0700, [email protected] (Hylourgos) vaguely
proposed a theory
......and in reply I say!:
remove ns from my header address to reply via email
>Old Nick <[email protected]> wrote in message news:<[email protected]>...
>> On 1 Aug 2004 21:36:58 -0700, [email protected] (Hylourgos) vaguely
>> proposed a theory
>> ......and in reply I say!:
>>
>> remove ns from my header address to reply via email
>>
>> On their network, and email connection, they have the right to _do_
>> anything they want regarding your usage.
>
>A legal right? No, that is not correct.
OK. So try it and challenge them!
>
><snip>
>>
>> You talk of honesty, and yet you are hungrily asking for ways to
>> secretly circumvent their finding out about what you do as their
>> representative, on their equipt, and probably in their time on their
>> pay to you. You begin to sound like exactly the sort of trouble they
>> are hunting for.
>
>Sorry, you are mistaking me for Kunta Kinte.
Sounds a bit rude. Who?
>I, on the other hand, am
>a freeborn American.
and what?....
>What have I indicated I would do that seems
>dishonest to you? You write as if you are quite sure on this, so I'm
>curious what you have in mind....
You are trying to ways to secretly circumvent their finding out about
what you do as their representative, on their equipt, and probably in
their time on their pay to you.
>> If you are concerned that your applications for other jobs will be
>> used against you unfairly, then face up to the people concerned about
>> it. If you are simply trying to hide your activities, then it's your
>> problem. Leave the applications at home.
>
>You did not read carefully: I have no applications out.
YOU read carefully. Where did I say you had any applications?
Bye. You have heard a lot. As I said in another post, I am glad to see
you extracted the right attitude from it all.
*****************************************************
It's not the milk and honey we hate. It's having it
rammed down our throats.
[email protected] (Hylourgos) writes:
>Can any of you computer gurus answer the following or point me in the
>right direction to get the answer?:
>
>I'm starting a new job at a small school. They have pretty good
>computer resources and networking (e.g., multiple ethernet connections
>in all classrooms), but the admin. I've met seems rather suspicious,
>and I bet that he looks at everyone's online activities
>
>Is there a way I can keep my online activities private?
Yeah, do it at home.
You're using their resources; they have the right to monitor your
usage.
scott
I've never used PGP, so I kinda forget about it, but I suppose that's an
option. My understanding is that the person on the other end will have to
have the public key, so it's not like you can just send mail to anyone prior
to getting them set up with PGP and your public key. I'm still of the
opinion that if you're using the company's computer (which may not be the
case in this instance), if you need to be worrying about PGP, maybe you
should be doing it at home instead.
I don't have a problem with the company knowing about your email or surfing
activities as long as there's a written internet acceptable use policy that
spells out what the company can do with its resources.
todd
"Mark L." <[email protected]> wrote in message
news:[email protected]...
> What about using something like PGP for email? I assume a user has to
> have admin privileges to install a program, but would PGP stop a sys
> engineer from being able to read email??? Just curious.
> Mark L.
> BTW, for what it's worth, I agree that if you're using your employees pc
> on their dime you shouldn't bitch about the lack of privacy re email or
> net surfing.
>
> Todd Fatheree wrote:
>
> > "Hylourgos" <[email protected]> wrote in message
> > news:[email protected]...
> >
> >>Can any of you computer gurus answer the following or point me in the
> >>right direction to get the answer?:
> >>
> >>I'm starting a new job at a small school. They have pretty good
> >>computer resources and networking (e.g., multiple ethernet connections
> >>in all classrooms), but the admin. I've met seems rather suspicious,
> >>and I bet that he looks at everyone's online activities
> >>
> >>Is there a way I can keep my online activities private? I'm no porn
> >>surfer, but I don't like the idea that they might be trying to read my
> >>e-mail, or that they'd know it if I looked at the wreck during a
> >>boring moment.
> >>
> >>FYI, I use a Mac.
> >>
> >>Thanks,
> >>H
> >
> >
> > I'm a network systems engineer. Basically, if your internet traffic
goes
> > through my firewall/router, I can look at it if I'm so inclined and
there's
> > not much you can do about it. Trouble is, generally speaking, I'm
really
> > not that interested unless you're getting a nice virus/trojan emailed to
> > you, which I'll be taking out on its way in. Personally, I don't give a
rip
> > what people look at during breaks/lunch, as long as it doesn't create
work
> > for me (see viruses, trojans, spyware). I don't even do any filtering
or
> > logging of people's web browsing habits. However, IMHO, the computer is
> > provided by the school for school business, and you should expect that
you
> > will not have privacy. By the nature of the way most email systems are
set
> > up, someone is going to have administrative access to your email, if
only to
> > be able to back it up. I've also, as part of a legal matter, set up so
that
> > all email in or out of someone's mailbox was copied to another mailbox.
The
> > moral of the story is, dont have anything emailed to you at your school
> > address that you wouldn't want someone else to see.
> >
> > todd
> >
> >
>