This is exactly the type of situation Kerberos was designed to handle.. and it's no coincidence that Micros~1 has based W2K security on a (suitably 'enhanced' version of) Kerberos.
An additional benefit to Kerberos is that many open packages include Kerberos support. Lprng and postgres SQL are two well-known examples. Work in a Kerberized environment for awhile and going back to a system where every application maintains its own authentication information is painful.
There are commercial packages available, or if you're in the US or Canada you can grab free source from MIT. If you're overseas, you can grab the Kth distribution. I know the latter is packaged in Debian 2.1.
Finally, many people complain that Kerberos is hard to set up and use. I've never had a problem with it and I think it might be the dreaded CLI factor - the pure MIT version focuses on security, not pretty wizards. For a large installation you'll probably want to set up a primary and secondary KDC in a secure area, but even if you use dedicated hardware you should find a 386 running Linux is more than adequate.
Before everyone gets into a "personal freedoms" frenzy, please remember that anyone can file suit against anyone for anything, for nothing more than the cost of filing the court papers (at least in the US). The alternative, requiring that an aggrieved party play "mother may I?" with lawyers and/or judges before they can file suit, is far more corrosive of personal freedoms.
The best remedy to this type of harassment suit has been debated for years, and (IIRC) the current suggestions are:
affirmative defense. We're getting close to that, as some courts finally realize that a hyperlink has no essential difference from the bibliography section of a book and is entitled to the same legal protection.
With an affirmative defense, the suit is dismissed immediately once the defendent objects and claims this defense. You don't like the fact that my personal car is red instead of blue? You even filed a suit against me, claiming it's against the neighborhood covenents? Tough, that's not something the courts will enforce. (They might enforce restrictions on *where* I park the car, especially if it's a business vehicle, but not the details of any personal vehicle.)
mandatory assignment of court costs to the plantiff if he doesn't win his claims. (The idea is to cover those cases where the plaintiff wins the verdict, but his compensation are cut to a fraction of this claim. E.g, a million dollar lawsuit has a compensation of $100 - an amount that many people would have quickly settled to avoid the hassles of the trial.)
This idea isn't without controvery. What happens to a homeowner who files suit over a legitimate grievance, but who simply can't afford to push the case against a multi-million dollar company?
punitive fines for "frivolous" suits. The problem, as always, is who gets to decide what's "frivolous?"
In this case, I am 100% certain that the suit will be quietly dropped within a short time because there is no fscking way they could win. (Their worst nightmare is actually *winning* the case and facing the backlash of their affluent, young market.) However they will consider it a victory since it will put a bit of doubt into the back of the minds of other people who may want to put up links or content.
Something just occured to me. Regardless of whether MS uses hardware or software encryption, it's possible to use the threshold problem to break a secret into multiple N pieces where any M are sufficient to reconstruct the key, but M-1 are not. (Not all hardware signers have this ability, but IIRC some do and it's a prudent precaution.)
That means that MS could take their primary key, apply a (7,4) algorithm on it, then put the pieces in a safe deposit box in Seattle, New York, LA, Boston, Atlanta, Denver, and Calgary. Any four pieces are enough to reconstruct their private key.
If four of those keys are unavailable at the same time, then Microsoft losing its private key will be among the least of our problems. No pair of cities, except Boston & NY, are within 1000 miles of the others so only an "extinction level event" would take them all out at the same time.
Conclusion: MS is blowing smoke. Either they're totally incompetent, they're lying, or they have a profound breakdown in internal communications. (The same options apply to the "advanced web programming" (HTML forms) comment regarding the hotmail fiasco.)
I disagree. As one famous Supreme Court ruling said, the best antidote to bad speech is good speech, not no speech, and sometimes a bad original post prompts an excellent response that teaches the rest of us something valuable. (If nothing else, how to respond to messages like the first!)
If you propogate moderation, many of us would miss the excellent responses. Worse in some ways, it would encourage people to start new threads instead of responding to existing ones lest their comments get lost in a downward moderation.
I also get an automatic 2, even though about half of my comments are off-the-cuff comments that really should be 1.
Here's one solution: give us a choice! The posting form could have a box that gives us the option of posting at 0, 1 (if registered), 2 (if karmic), or 3 (if a demigod; we might as well give Bruce Perens this status!). That way we can knock down casual comments to 1, and responses to assholes all the way down to 0.
As for "demigod", that could be someone with a substantial history of posting well-received material. Demigods should be much easier to identify if users with karma have the ability to self-moderate.
Finally, I don't buy the DoS argument with trolls. Let them post, but give them an exponentially lower default moderation code. E.g., the current trolls would be -2, if they still cause problems they're dropped again -4, and so forth. Or maybe not; some people might find pleasure in seeing how low they can go.:-)
*IF* Microsoft has half a clue, they're using a *hardware* encryption key to sign their most critical information. These are devices that require physical keys to operate, and they are designed so that they won't reveal their private keys. (Some allow "cloning" another hardware device, others do not.) In practice, these are items that are kept in your deepest vault and used to sign the software keys that you use for routine signing.
Assuming MS uses one of the latter, having a "hot spare" might make sense...
... except, as the BUGTRAQ article notes, Microsoft's explanation still makes absolutely no sense. There's no apparent key hierarchy (isn't the crypto key signed by a master MS key?), there's no apparent rollover mechanism, and there's the insane assumption that there can only be one major physical disaster befall Microsoft. That's crazy; during the World Trade Center bombing at least one company had lost both primary and backup sites!
Ironically, I find this makes MS's story seem *more* likely. The corporate culture is notorious for its "performance is not my problem; computers will be faster next month" mentality, and this ill-informed, brute force way of dealing with the subtle issues of key management matchs that culture!
Nope, Canada is still considered a "domestic" site for the purposes of ITAR. US law allows export to Canada, but *Canadian* law bans reexport.
What you're describing is crypto developed in Canada alone, which is a grey area. I think the treaties ban it also, but last I heard the current Canadian government didn't have it's head as severely dislocated into its digestive track as the US government.
BTW, before someone else marks this "offtopic" or "flamebait" I believe these treaties date back to the creation of NORAD and the associated consolidated US/Canadian military commands. It made sense in that context, but nothing about treating unclassified software as a "military munition" makes any sense.
The problem with this reasoning is that you can't re-export cryptographic software, so you can't have US mirrors of these packages. Ditto US-based distributions, for the same reason.
Also, Linus *is* involved since this policy prohibits the introduction of strong encryption routines into the kernel itself. That means we all lose:
- strong filesystem encryption (at the kernel level)
- strong filesystem authentication (e.g., having a file system which checks the checksums of files before allowing 'execute' access)
plus numerous other applications which are currently in userland since the kernel lacks encryption. (SecureRPC, VPN, etc.)
The results of this policy are very much like the driver who slams on the brakes to avoid harming the cute little squirrel running across the street... but causes several injuries to her passengers and the people in the following cars, to say nothing of $50,000 in damage. It's a damn good trade-off, as long as you never take your eyes off the furry little drug-running child pornography terrorists which only you can see.
Those comments are completely uninformed. It is completely legal to publish the complete source code to PGP, DES, Kerberos, etc. (either in bound book form, or even source listings), and transport them out of the country.
Not only "can" this be done, O'Reilly has published several books using special fonts designed to reduce OCR records. "Cracking DES" is one well-known example, and AFAIK it has been exported without problems.
The *only* thing that's illegal is to export the exact same material in electronic format. So you can ship a palette full of boxes containing source code, but not a CD-ROM containing the identical material. You can even carry the OCR software out on a disk, since it's not export restricted.
This is why many of us are so frustrated with current US policy. It doesn't stop anyone from exporting cryptographic software, it just makes it such a pain that few people bother. (BTW, when Phil Zimmermann was being investigated for exporting PGP the focus was always on a specific FTP transfer that occured almost immediately after he released his code.)
Under the current US interpretation, it's illegal to do a logical no-op like downloading a file and immediately reuploading the identical file.
Editing a file remotely, instead of downloading it, editing locally, then uploading the changed file might not be considered a legally significant difference since the end results are identical - software exists outside of the US and Canada which didn't exist there prior to your acts.
It's irrelevant anyway since the US and Canada have treaties which make Canada "domestic" for US export laws, and which prohibit Canadians from re-exporting software they picked up from the US.
This is a management issue, not a technical one. You are a technician, not a manager.
I'm confused, this seriously undermines the rest of your argument. Technicians follow orders, they don't debate them and they certainly don't refuse to do them.
As an example, consider a technician at a Grease Monkey. What do you think would happen if he quietly refused to change the oil in a customer's car? Do you think his boss would simply ask the next one, or would they immediately fire his sorry ass? Do you think any future employer would care why he refused to change the oil?
I think sysadmins fall into a grey area between management and technicians. They aren't management, but management should listen to them when developing policies. If this objectionable policy already existed and was published, and the sysadmin didn't bother to complain about it before, then they'll get little sympathy if they object when it is time to actually enforce it. If this policy is new (or ad hoc) and management refuses to listen to their concerns, then quiting is much more defensible.
Why do you assume the problem was an isolated incident?
Some people spend a *lot* of time looking at non-work related sites. Glancing at CNN every couple hours is one thing (e.g., I'm sure many parents with children trapped within Columbine first learned of the situation from the web), spending hours poring over the Sports Illustrated or E-Trade sites is another. When productivity suffers, management has to pay attention.
Focusing on porn alone, it's one thing for an accidental porn redirection (e.g., "whitehouse" expanded to "www.whitehouse.com", a porn site) or deliberate viewing after hours and/or in a office with a closed door. It's another thing to leave the material up in plain sight during working hours.
We simply don't know enough about the original situation to evaluate whether it's a reasonable request. Was this a knee-jerk reaction from an HR employee who saw a bit of shock-TV on the _700 Club_? Was it a reaction to a substantial article in an HR journal? Was it a reaction to a formal complaint about sexual harassment due to a "hostile workplace environment?"
Common carrier status has nothing to do with it. CC status primarily protects the phone company, e.g., you can't name Ma Bell as a co-conspirator even if the murder is discussed over the phone. It only affects the public in that CC status requires service be offered to the public at a fixed, published tariff.
The right to monitor (record) the phone goes with whoever pays the bill. At home, you pay so you decide whether to tap yourself. At work, your employer pays and *they* decide whether to tap their own lines. If you want to make a private call, go use the public phone on the corner. (N.B., *you* pay for that pay phone call.) The presence of a PBX system is totally irrelevant.
Finally, the recordings several other people have mentioned is a courtesy (in most states and all interstate calls) to the *caller*, not to the employee.
Duh, in the US an employer can't scan through an employee's PERSONAL snail- or e-mail at will.
However the law presumes that the employee receives his personal mail (of all kinds) at home. Anything that the employee receives at work is presumed to be work related unless the company has formally stated otherwise.
This sounds like a minor point, but it's not. Less than a hundred years ago employers routinely monitored employee's activities (e.g., Ford Motor Company in the early part of this century was especially notorious), and they wouldn't have thought twice about firing an employee for receiving mail *at home* from an "undesirable" party. Today an employee has an extremely high expectation of privacy *at home*.
Let's keep this problem in perspective, okay?! How many people really, really need to send and receive personal e-mail from work instead of waiting until they go home (or go to a cybercafe at lunch)? How many people really, really need to download pornography at work?
Before you get on your high moral hobby horse, remember that some industries *require* logging and reviewing all email and all other communications. Any stock broker, for instance, since it's required *by the industry itself* to ensure brokers aren't making statements they can't back up. (E.g., buy Microsoft, it's *guaranteed* to double again by April 2000 when W2K knocks Unix off of all servers!)
Even if the industry doesn't require monitoring, a company may be required to perform such monitoring by legal action which you're not aware of. E.g., the original poster's company may have been hit with a million dollar sexual harassment suit and the lawyers asked for information about what's in mailboxes as part of a discovery motion. If you, and all other sysadmins "with a backbone" refuse, your company can't comply with the court order and could face dire consequences.
Does this mean that a sysadmim should roll over and do whatever his boss asks, without question? Of course not. But part of knowing what it means to say "no" is understanding what it means to say "yes" -- and I've just listed two situations where no reasonable person can refuse to comply with the order.
Finally, don't assume you can always quit. If you refuse a reasonable order and "quit," your employer can still say you were "fired, for cause (insubordination and dereliction of duty)." If the objectionable order came from a single panicked HR person, the latter characterization couldn't stand much heat. If the objectionable order came from a court order, you better pray that your future employers never check with your previous employers.
While I agree that US companies have the right to perform such scans, unless privacy has been explicitly granted to employees, I would ask my boss for clarification of a pertinent question first.
What do they hope to achieve with this action?
As others have pointed out, individuals can *not* control what others send to them. Finding porn in an inbound mail box legally says absolutely nothing about the character or behavior of that person, and taking adverse action on the basis of it would almost certainly expose the company to legal action. (Consider an analogy to firing any employee who has a flyer under his windshield wiper while parked in a public lot!)
Depending upon how tightly your system is managed, even scanning user directories for pornography and taking subsequent actions can be legally risky. Did the individual download the file himself, or was he set up by an enemy within the company? If it's the latter, if the company takes adverse action it would appear they could be sued for wrongful termination, deflamation, slander and libel!
My advice is to either forget about scanning incoming mail, or simply filter all out such images. You can scan home directories for image files, but mail the user first with a reminder of your company policy regarding indecent material. Only take official notice if someone ignores the notice.
I know the HR department needs to be sensitive to sexual harassment issues in the workplace, but they also need to balance that with the very real penalties that are attached to overreacting. The classic cautionary tale is the individual fired for sexual harassment after repeating a storyline from Seinfeld ("Dolores!"). As I recall, he won a multi-million dollar judgement for wrongful termination.
No TOS can strip rights granted by state law. If it tries, the judge will simply declare that part (or all!) of the TOS unenforceable. That's why all disclaimers and TOS are careful to note that the customer "might" have rights under state law. (I use quotes because I think all states grant some rights.)
However, the baseline established by state law tends to be pretty low. Were you killed by the product, or seriously injured? You can probably sue, unless the industy is explicitly protected by state law. (E.g., Colorado ski resorts generally can't be sued by the family of skiers who die or are injured.) Were you inconvenienced? Tough luck.
*IF* Microsoft, as owner and operator of Hotmail, had denied that any problem existed and continued to insist that its email service was "secure" despite strong evidence to the contrary, it *might* be such gross negligence that state laws would be triggered. But I doubt lawyers could do much with the facts known today.
This guy was not a stranger who mwalker squealed on, he was a *dormmate* who was apparently using mwalker's server to access the campus network. (It sounds like the campus was cheap and had installed a single 10baseT jack for the entire dorm suite. The seized computer was apparently used as a masquerading firewall to allow all of the dormmates to run their own system.)
In the US, a private citizen is *not* required to report criminal acts which they are not party to. If you think the current drug laws are insane, don't call the cops to complain about the smell of pot coming from your neighbor's yard.
But if the criminal act involves your own property, then failing to report a crime may make you an accessory to that crime. If the dorms had a 10baseT jack for each person and this server was directly attached to that jack (and the guy was in a different bedroom), then mwalker could walk away from the situation.
That's not what happened. Since that material only reached the web because of mwalker's actions and equipment, once he became aware of the likely criminal action he had to decide what to do. Report the guy, or risk arrest as an accessory? Simply asking him to stop was not an option because he could still be convicted of being an accessory after the fact.
Finally, I will not defend the "kiddie porn" cases involving a 17-year-old actress providing fake ID to the producers (e.g., Traci Lords). But the original article made it clear that this was a case that really did involve children. "very young children." There's no doubt that "very young children" are traumatized by sexual activity, and in a situation like this it's reasonable and prudent to check whether the adults in the picture are related to the owner of the system hosting them. After all, 6 GIGABYTES of pornography is a huge amount that wasn't acquired by downloading a mislabeled file or two.
Even if we accept your premise that a properly configured stock NT system, "without odd third party addons", is as stable as any other system, you still miss a key point. In the real world we have to deal with "3rd party software or odd hardware," and if they cause the system to crash then NT IS FLAWED.
To give you a somewhat silly analogy, let me introduce to NewT. NewT has has his driver's license revoked because he's in an accident on a weekly basis.
NewT claims that it isn't his fault, that he has never been in an accident when driving on closed roads where he's the only driver. He's never had an accident even when a handful of carefully selected drivers shared the roads with him.
"BUT IT'S NOT HIS FAULT THAT OTHER DRIVERS KEEP CAUSING HIM TO HAVE ACCIDENTS."
None of us would hesitate to yank NewT's license, because NewT's *must* be able to share the road with others.
Likewise claims that NT is as stable as other OSes "provided it is properly configured and is not running third-party software or contains additional hardware" leaves us underwhelmed. Even if we accept the implicit argument that Microsoft should be the only software vendor in the world, even MS applications have been known to cause NT to crash. And the idea that we should all be happy with a limited selection of video cards and network cards *only* is too silly to even bother responding to.
Yeah, but how do we know that *you're* really a cop? That address could be a Mailboxes etc, and you're counting on nobody actually visiting.
(Likewise the other person who claimed to have called the published non-emergency number could be lying.)
Or maybe the building really holds a "police station", but it's a front set up by the rabid penguin horde. Ditto the web page set up by the department.
Hell, the entire town of St George could be a potemkin village set up by the linuxheads!
:-)
Rampant paranoia is fun, unless they're really out to get you (re: the seized computers thread). But somehow I get the feeling that the original poster who expressed fears about the "new media" is also someone who believes everything he reads in the paper or sees on the evening news.
You've made a common mistake. There is a huge difference between "innocence" (which only God knows) and "presumed innocence" (which the courts use when determining whether the police are acting in a reasonable manner).
If you're innocent, the police shouldn't hold any of your property against your will. Unfortunately God hasn't been answering His pages, and history shows that people who claim to speak for God are not to be trusted.
If you're "presumed innocent," the police can't dispose of your property against your will, but they still have the right to prevent *you* from disposing of property they believe is evidence in a criminal act.
Once you're found "legally guilty," the state can do whatever it wants with your former property that was seized in connection with a criminal act. You have absolutely no rights to it. I think they'll generally try to avoid actually doing so until appeals are exhausted, but it's no longer unreasonable for them to sell some items and, if you win your appeal, simply give you the current cash equivalence. The fact you lost all of your files, well tough luck.
As to the general "we don't return tools to bad guys" sentiment, that's just ignorance speaking. As others have pointed out, the state has an obligation to keep evidence in a pristine state. For all anyone knows, that disk is one use away from sudden catastrophic failure and your "convenience" copy will prevent the evidence from being used at trial.
That said, the government has become *extremely* abusive of forfeiture laws, and once someone is acquited *or the state declines to prosecute within a reasonable period* ( the statue of limitations period, since the latter was never intended to be used as an extra-legal bludgeon to punish people without the trouble of actually going to trial), cash, computers, cars, and the like should be returned. The current crap about "the seizure order is against the property, which doesn't have constitutional rights, not the person, who does" is just that - crap. Last time I checked the BOR mentioned both unreasonable searches *and seizures*.
I suspect that these heavy-handed enforcement practices will continue until they begin seizing the equipment of individuals with "highly-placed" contacts.
That's why Colorado has sane credit bureau laws. Critics had been complaining for years about the problems with credit bureau reports, but the industry would send a lobbyist or two to "prove" that the only people complaining where people trying to hide legitimate, if unpleasant, information in their credit report.
Until a state legislator was denied credit due to false information in her report, and she discovered first-hand just how difficult it can be to correct errors.
She introduced rather interesting legislation when the legislature reconvened. Even I thought it went too far, although I understood that sometimes it takes a 2x4 to get the mule's attention. (IIRC, the original bill involved daily fines for carrying false information!) The industry lobbied hard against any legislation, but there's absolutely no lobbyist more effective than a respected legislator with a legitimate gripe. The bill was toned down, but I believe it was still the most pro-consumer credit bureau law in the nation at the time it was passed.
Unfortunately, when you're talking about the FBI you need to nail someone close to a member of Congress... and the FBI is so political it's a near certainty that they treat members of Congress differently than the rest of the population. (This isn't *entirely* unjustified, since the damage caused by a congressman claiming that the president is misusing the FBI to harrass enemies might outweigh the benefits of stopping a relatively minor crime.) And it's far harder for a politician to stand up for someone under investigation for drug trafficking or child pornography than for someone falsely accused of being a deadbeat.
One of us has misread the articles. From what I've read, Compaq will still happily sell you a fully support Alpha system.
You just have to run Linux on it. Compaq simply performed a cost-benefit analysis on continued support for NT/Alpha under the current terms from Micros~1, and decided it wasn't worth it. (E.g., to cover their costs they would have to raise their prices to the point where people would buy Intel systems, and since that reduced the user base they would have to raise the prices even higher, in a viscious death spiral.)
Had Micros~1 agreed to pick up more of the development and support costs, to develop the market, Compaq might have reversed itself. But Micros~1 has apparently decided to tie its fortune to the Pentium chip. (Not Intel, until they have a working 64-bit system. Pentium.)
Slashdot Mirror
This is exactly the type of situation Kerberos was designed to handle.. and it's no coincidence that Micros~1 has based W2K security on a (suitably 'enhanced' version of) Kerberos.
An additional benefit to Kerberos is that many open packages include Kerberos support. Lprng and postgres SQL are two well-known examples. Work in a Kerberized environment for awhile and going back to a system where every application maintains its own authentication information is painful.
There are commercial packages available, or if you're in the US or Canada you can grab free source from MIT. If you're overseas, you can grab the Kth distribution. I know the latter is packaged in Debian 2.1.
Finally, many people complain that Kerberos is hard to set up and use. I've never had a problem with it and I think it might be the dreaded CLI factor - the pure MIT version focuses on security, not pretty wizards. For a large installation you'll probably want to set up a primary and secondary KDC in a secure area, but even if you use dedicated hardware you should find a 386 running Linux is more than adequate.
The best remedy to this type of harassment suit has been debated for years, and (IIRC) the current suggestions are:
With an affirmative defense, the suit is dismissed immediately once the defendent objects and claims this defense. You don't like the fact that my personal car is red instead of blue? You even filed a suit against me, claiming it's against the neighborhood covenents? Tough, that's not something the courts will enforce. (They might enforce restrictions on *where* I park the car, especially if it's a business vehicle, but not the details of any personal vehicle.)
This idea isn't without controvery. What happens to a homeowner who files suit over a legitimate grievance, but who simply can't afford to push the case against a multi-million dollar company?
In this case, I am 100% certain that the suit will be quietly dropped within a short time because there is no fscking way they could win. (Their worst nightmare is actually *winning* the case and facing the backlash of their affluent, young market.) However they will consider it a victory since it will put a bit of doubt into the back of the minds of other people who may want to put up links or content.
Something just occured to me. Regardless of whether MS uses hardware or software encryption, it's possible to use the threshold problem to break a secret into multiple N pieces where any M are sufficient to reconstruct the key, but M-1 are not. (Not all hardware signers have this ability, but IIRC some do and it's a prudent precaution.)
That means that MS could take their primary key, apply a (7,4) algorithm on it, then put the pieces in a safe deposit box in Seattle, New York, LA, Boston, Atlanta, Denver, and Calgary. Any four pieces are enough to reconstruct their private key.
If four of those keys are unavailable at the same time, then Microsoft losing its private key will be among the least of our problems. No pair of cities, except Boston & NY, are within 1000 miles of the others so only an "extinction level event" would take them all out at the same time.
Conclusion: MS is blowing smoke. Either they're totally incompetent, they're lying, or they have a profound breakdown in internal communications. (The same options apply to the "advanced web programming" (HTML forms) comment regarding the hotmail fiasco.)
Moderation points should propogate to the replies
I disagree. As one famous Supreme Court ruling said, the best antidote to bad speech is good speech, not no speech, and sometimes a bad original post prompts an excellent response that teaches the rest of us something valuable. (If nothing else, how to respond to messages like the first!)
If you propogate moderation, many of us would miss the excellent responses. Worse in some ways, it would encourage people to start new threads instead of responding to existing ones lest their comments get lost in a downward moderation.
I also get an automatic 2, even though about half of my comments are off-the-cuff comments that really should be 1.
:-)
Here's one solution: give us a choice! The posting form could have a box that gives us the option of posting at 0, 1 (if registered), 2 (if karmic), or 3 (if a demigod; we might as well give Bruce Perens this status!). That way we can knock down casual comments to 1, and responses to assholes all the way down to 0.
As for "demigod", that could be someone with a substantial history of posting well-received material. Demigods should be much easier to identify if users with karma have the ability to self-moderate.
Finally, I don't buy the DoS argument with trolls. Let them post, but give them an exponentially lower default moderation code. E.g., the current trolls would be -2, if they still cause problems they're dropped again -4, and so forth. Or maybe not; some people might find pleasure in seeing how low they can go.
*IF* Microsoft has half a clue, they're using a *hardware* encryption key to sign their most critical information. These are devices that require physical keys to operate, and they are designed so that they won't reveal their private keys. (Some allow "cloning" another hardware device, others do not.) In practice, these are items that are kept in your deepest vault and used to sign the software keys that you use for routine signing.
Assuming MS uses one of the latter, having a "hot spare" might make sense...
... except, as the BUGTRAQ article notes, Microsoft's explanation still makes absolutely no sense. There's no apparent key hierarchy (isn't the crypto key signed by a master MS key?), there's no apparent rollover mechanism, and there's the insane assumption that there can only be one major physical disaster befall Microsoft. That's crazy; during the World Trade Center bombing at least one company had lost both primary and backup sites!
Ironically, I find this makes MS's story seem *more* likely. The corporate culture is notorious for its "performance is not my problem; computers will be faster next month" mentality, and this ill-informed, brute force way of dealing with the subtle issues of key management matchs that culture!
Nope, Canada is still considered a "domestic" site for the purposes of ITAR. US law allows export to Canada, but *Canadian* law bans reexport.
What you're describing is crypto developed in Canada alone, which is a grey area. I think the treaties ban it also, but last I heard the current Canadian government didn't have it's head as severely dislocated into its digestive track as the US government.
BTW, before someone else marks this "offtopic" or "flamebait" I believe these treaties date back to the creation of NORAD and the associated consolidated US/Canadian military commands. It made sense in that context, but nothing about treating unclassified software as a "military munition" makes any sense.
The problem with this reasoning is that you can't re-export cryptographic software, so you can't have US mirrors of these packages. Ditto US-based distributions, for the same reason.
Also, Linus *is* involved since this policy prohibits the introduction of strong encryption routines into the kernel itself. That means we all lose:
- strong filesystem encryption (at the kernel level)
- strong filesystem authentication (e.g., having a file system which checks the checksums of files before allowing 'execute' access)
plus numerous other applications which are currently in userland since the kernel lacks encryption. (SecureRPC, VPN, etc.)
The results of this policy are very much like the driver who slams on the brakes to avoid harming the cute little squirrel running across the street... but causes several injuries to her passengers and the people in the following cars, to say nothing of $50,000 in damage. It's a damn good trade-off, as long as you never take your eyes off the furry little drug-running child pornography terrorists which only you can see.
Those comments are completely uninformed. It is completely legal to publish the complete source code to PGP, DES, Kerberos, etc. (either in bound book form, or even source listings), and transport them out of the country.
Not only "can" this be done, O'Reilly has published several books using special fonts designed to reduce OCR records. "Cracking DES" is one well-known example, and AFAIK it has been exported without problems.
The *only* thing that's illegal is to export the exact same material in electronic format. So you can ship a palette full of boxes containing source code, but not a CD-ROM containing the identical material. You can even carry the OCR software out on a disk, since it's not export restricted.
This is why many of us are so frustrated with current US policy. It doesn't stop anyone from exporting cryptographic software, it just makes it such a pain that few people bother. (BTW, when Phil Zimmermann was being investigated for exporting PGP the focus was always on a specific FTP transfer that occured almost immediately after he released his code.)
Under the current US interpretation, it's illegal to do a logical no-op like downloading a file and immediately reuploading the identical file.
Editing a file remotely, instead of downloading it, editing locally, then uploading the changed file might not be considered a legally significant difference since the end results are identical - software exists outside of the US and Canada which didn't exist there prior to your acts.
It's irrelevant anyway since the US and Canada have treaties which make Canada "domestic" for US export laws, and which prohibit Canadians from re-exporting software they picked up from the US.
This is a management issue, not a technical one. You are a technician, not a manager.
I'm confused, this seriously undermines the rest of your argument. Technicians follow orders, they don't debate them and they certainly don't refuse to do them.
As an example, consider a technician at a Grease Monkey. What do you think would happen if he quietly refused to change the oil in a customer's car? Do you think his boss would simply ask the next one, or would they immediately fire his sorry ass? Do you think any future employer would care why he refused to change the oil?
I think sysadmins fall into a grey area between management and technicians. They aren't management, but management should listen to them when developing policies. If this objectionable policy already existed and was published, and the sysadmin didn't bother to complain about it before, then they'll get little sympathy if they object when it is time to actually enforce it. If this policy is new (or ad hoc) and management refuses to listen to their concerns, then quiting is much more defensible.
Why do you assume the problem was an isolated incident?
Some people spend a *lot* of time looking at non-work related sites. Glancing at CNN every couple hours is one thing (e.g., I'm sure many parents with children trapped within Columbine first learned of the situation from the web), spending hours poring over the Sports Illustrated or E-Trade sites is another. When productivity suffers, management has to pay attention.
Focusing on porn alone, it's one thing for an accidental porn redirection (e.g., "whitehouse" expanded to "www.whitehouse.com", a porn site) or deliberate viewing after hours and/or in a office with a closed door. It's another thing to leave the material up in plain sight during working hours.
We simply don't know enough about the original situation to evaluate whether it's a reasonable request. Was this a knee-jerk reaction from an HR employee who saw a bit of shock-TV on the _700 Club_? Was it a reaction to a substantial article in an HR journal? Was it a reaction to a formal complaint about sexual harassment due to a "hostile workplace environment?"
Common carrier status has nothing to do with it. CC status primarily protects the phone company, e.g., you can't name Ma Bell as a co-conspirator even if the murder is discussed over the phone. It only affects the public in that CC status requires service be offered to the public at a fixed, published tariff.
The right to monitor (record) the phone goes with whoever pays the bill. At home, you pay so you decide whether to tap yourself. At work, your employer pays and *they* decide whether to tap their own lines. If you want to make a private call, go use the public phone on the corner. (N.B., *you* pay for that pay phone call.) The presence of a PBX system is totally irrelevant.
Finally, the recordings several other people have mentioned is a courtesy (in most states and all interstate calls) to the *caller*, not to the employee.
Duh, in the US an employer can't scan through an employee's PERSONAL snail- or e-mail at will.
However the law presumes that the employee receives his personal mail (of all kinds) at home. Anything that the employee receives at work is presumed to be work related unless the company has formally stated otherwise.
This sounds like a minor point, but it's not. Less than a hundred years ago employers routinely monitored employee's activities (e.g., Ford Motor Company in the early part of this century was especially notorious), and they wouldn't have thought twice about firing an employee for receiving mail *at home* from an "undesirable" party. Today an employee has an extremely high expectation of privacy *at home*.
Let's keep this problem in perspective, okay?! How many people really, really need to send and receive personal e-mail from work instead of waiting until they go home (or go to a cybercafe at lunch)? How many people really, really need to download pornography at work?
Before you get on your high moral hobby horse, remember that some industries *require* logging and reviewing all email and all other communications. Any stock broker, for instance, since it's required *by the industry itself* to ensure brokers aren't making statements they can't back up. (E.g., buy Microsoft, it's *guaranteed* to double again by April 2000 when W2K knocks Unix off of all servers!)
Even if the industry doesn't require monitoring, a company may be required to perform such monitoring by legal action which you're not aware of. E.g., the original poster's company may have been hit with a million dollar sexual harassment suit and the lawyers asked for information about what's in mailboxes as part of a discovery motion. If you, and all other sysadmins "with a backbone" refuse, your company can't comply with the court order and could face dire consequences.
Does this mean that a sysadmim should roll over and do whatever his boss asks, without question? Of course not. But part of knowing what it means to say "no" is understanding what it means to say "yes" -- and I've just listed two situations where no reasonable person can refuse to comply with the order.
Finally, don't assume you can always quit. If you refuse a reasonable order and "quit," your employer can still say you were "fired, for cause (insubordination and dereliction of duty)." If the objectionable order came from a single panicked HR person, the latter characterization couldn't stand much heat. If the objectionable order came from a court order, you better pray that your future employers never check with your previous employers.
While I agree that US companies have the right to perform such scans, unless privacy has been explicitly granted to employees, I would ask my boss for clarification of a pertinent question first.
What do they hope to achieve with this action?
As others have pointed out, individuals can *not* control what others send to them. Finding porn in an inbound mail box legally says absolutely nothing about the character or behavior of that person, and taking adverse action on the basis of it would almost certainly expose the company to legal action. (Consider an analogy to firing any employee who has a flyer under his windshield wiper while parked in a public lot!)
Depending upon how tightly your system is managed, even scanning user directories for pornography and taking subsequent actions can be legally risky. Did the individual download the file himself, or was he set up by an enemy within the company? If it's the latter, if the company takes adverse action it would appear they could be sued for wrongful termination, deflamation, slander and libel!
My advice is to either forget about scanning incoming mail, or simply filter all out such images. You can scan home directories for image files, but mail the user first with a reminder of your company policy regarding indecent material. Only take official notice if someone ignores the notice.
I know the HR department needs to be sensitive to sexual harassment issues in the workplace, but they also need to balance that with the very real penalties that are attached to overreacting. The classic cautionary tale is the individual fired for sexual harassment after repeating a storyline from Seinfeld ("Dolores!"). As I recall, he won a multi-million dollar judgement for wrongful termination.
No TOS can strip rights granted by state law. If it tries, the judge will simply declare that part (or all!) of the TOS unenforceable. That's why all disclaimers and TOS are careful to note that the customer "might" have rights under state law. (I use quotes because I think all states grant some rights.)
However, the baseline established by state law tends to be pretty low. Were you killed by the product, or seriously injured? You can probably sue, unless the industy is explicitly protected by state law. (E.g., Colorado ski resorts generally can't be sued by the family of skiers who die or are injured.) Were you inconvenienced? Tough luck.
*IF* Microsoft, as owner and operator of Hotmail, had denied that any problem existed and continued to insist that its email service was "secure" despite strong evidence to the contrary, it *might* be such gross negligence that state laws would be triggered. But I doubt lawyers could do much with the facts known today.
Postgres is totally free and supports transactions. It might not have the performance of Oracle, but it doesn't have the cost of Oracle either. :-)
Reread the article, asshole2.
This guy was not a stranger who mwalker squealed on, he was a *dormmate* who was apparently using mwalker's server to access the campus network. (It sounds like the campus was cheap and had installed a single 10baseT jack for the entire dorm suite. The seized computer was apparently used as a masquerading firewall to allow all of the dormmates to run their own system.)
In the US, a private citizen is *not* required to report criminal acts which they are not party to. If you think the current drug laws are insane, don't call the cops to complain about the smell of pot coming from your neighbor's yard.
But if the criminal act involves your own property, then failing to report a crime may make you an accessory to that crime. If the dorms had a 10baseT jack for each person and this server was directly attached to that jack (and the guy was in a different bedroom), then mwalker could walk away from the situation.
That's not what happened. Since that material only reached the web because of mwalker's actions and equipment, once he became aware of the likely criminal action he had to decide what to do. Report the guy, or risk arrest as an accessory? Simply asking him to stop was not an option because he could still be convicted of being an accessory after the fact.
Finally, I will not defend the "kiddie porn" cases involving a 17-year-old actress providing fake ID to the producers (e.g., Traci Lords). But the original article made it clear that this was a case that really did involve children. "very young children." There's no doubt that "very young children" are traumatized by sexual activity, and in a situation like this it's reasonable and prudent to check whether the adults in the picture are related to the owner of the system hosting them. After all, 6 GIGABYTES of pornography is a huge amount that wasn't acquired by downloading a mislabeled file or two.
Even if we accept your premise that a properly configured stock NT system, "without odd third party addons", is as stable as any other system, you still miss a key point. In the real world we have to deal with "3rd party software or odd hardware," and if they cause the system to crash then NT IS FLAWED.
To give you a somewhat silly analogy, let me introduce to NewT. NewT has has his driver's license revoked because he's in an accident on a weekly basis.
NewT claims that it isn't his fault, that he has never been in an accident when driving on closed roads where he's the only driver. He's never had an accident even when a handful of carefully selected drivers shared the roads with him.
"BUT IT'S NOT HIS FAULT THAT OTHER DRIVERS KEEP CAUSING HIM TO HAVE ACCIDENTS."
None of us would hesitate to yank NewT's license, because NewT's *must* be able to share the road with others.
Likewise claims that NT is as stable as other OSes "provided it is properly configured and is not running third-party software or contains additional hardware" leaves us underwhelmed. Even if we accept the implicit argument that Microsoft should be the only software vendor in the world, even MS applications have been known to cause NT to crash. And the idea that we should all be happy with a limited selection of video cards and network cards *only* is too silly to even bother responding to.
Yeah, but how do we know that *you're* really a cop? That address could be a Mailboxes etc, and you're counting on nobody actually visiting.
(Likewise the other person who claimed to have called the published non-emergency number could be lying.)
Or maybe the building really holds a "police station", but it's a front set up by the rabid penguin horde. Ditto the web page set up by the department.
Hell, the entire town of St George could be a potemkin village set up by the linuxheads!
:-)
Rampant paranoia is fun, unless they're really out to get you (re: the seized computers thread). But somehow I get the feeling that the original poster who expressed fears about the "new media" is also someone who believes everything he reads in the paper or sees on the evening news.
You've made a common mistake. There is a huge difference between "innocence" (which only God knows) and "presumed innocence" (which the courts use when determining whether the police are acting in a reasonable manner).
If you're innocent, the police shouldn't hold any of your property against your will. Unfortunately God hasn't been answering His pages, and history shows that people who claim to speak for God are not to be trusted.
If you're "presumed innocent," the police can't dispose of your property against your will, but they still have the right to prevent *you* from disposing of property they believe is evidence in a criminal act.
Once you're found "legally guilty," the state can do whatever it wants with your former property that was seized in connection with a criminal act. You have absolutely no rights to it. I think they'll generally try to avoid actually doing so until appeals are exhausted, but it's no longer unreasonable for them to sell some items and, if you win your appeal, simply give you the current cash equivalence. The fact you lost all of your files, well tough luck.
As to the general "we don't return tools to bad guys" sentiment, that's just ignorance speaking. As others have pointed out, the state has an obligation to keep evidence in a pristine state. For all anyone knows, that disk is one use away from sudden catastrophic failure and your "convenience" copy will prevent the evidence from being used at trial.
That said, the government has become *extremely* abusive of forfeiture laws, and once someone is acquited *or the state declines to prosecute within a reasonable period* ( the statue of limitations period, since the latter was never intended to be used as an extra-legal bludgeon to punish people without the trouble of actually going to trial), cash, computers, cars, and the like should be returned. The current crap about "the seizure order is against the property, which doesn't have constitutional rights, not the person, who does" is just that - crap. Last time I checked the BOR mentioned both unreasonable searches *and seizures*.
I suspect that these heavy-handed enforcement practices will continue until they begin seizing the equipment of individuals with "highly-placed" contacts.
That's why Colorado has sane credit bureau laws. Critics had been complaining for years about the problems with credit bureau reports, but the industry would send a lobbyist or two to "prove" that the only people complaining where people trying to hide legitimate, if unpleasant, information in their credit report.
Until a state legislator was denied credit due to false information in her report, and she discovered first-hand just how difficult it can be to correct errors.
She introduced rather interesting legislation when the legislature reconvened. Even I thought it went too far, although I understood that sometimes it takes a 2x4 to get the mule's attention. (IIRC, the original bill involved daily fines for carrying false information!) The industry lobbied hard against any legislation, but there's absolutely no lobbyist more effective than a respected legislator with a legitimate gripe. The bill was toned down, but I believe it was still the most pro-consumer credit bureau law in the nation at the time it was passed.
Unfortunately, when you're talking about the FBI you need to nail someone close to a member of Congress... and the FBI is so political it's a near certainty that they treat members of Congress differently than the rest of the population. (This isn't *entirely* unjustified, since the damage caused by a congressman claiming that the president is misusing the FBI to harrass enemies might outweigh the benefits of stopping a relatively minor crime.) And it's far harder for a politician to stand up for someone under investigation for drug trafficking or child pornography than for someone falsely accused of being a deadbeat.
One of us has misread the articles. From what I've read, Compaq will still happily sell you a fully support Alpha system.
You just have to run Linux on it. Compaq simply performed a cost-benefit analysis on continued support for NT/Alpha under the current terms from Micros~1, and decided it wasn't worth it. (E.g., to cover their costs they would have to raise their prices to the point where people would buy Intel systems, and since that reduced the user base they would have to raise the prices even higher, in a viscious death spiral.)
Had Micros~1 agreed to pick up more of the development and support costs, to develop the market, Compaq might have reversed itself. But Micros~1 has apparently decided to tie its fortune to the Pentium chip. (Not Intel, until they have a working 64-bit system. Pentium.)