Re: network (intranet?) privacy help Q...

Page 1 of 2  


If one human can make a code, another can break it. There is no perfect solution aside from getting your own computer and not hooking it in to the network. .
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

If I *really* (and I mean I'd have to really be inclined on a slow day), I could sniff the traffic from your machine and still get whatever I wanted. The anonymizer might not leave a trace on your system, but the traffic has to go out one way or another.

As someone else pointed out, you could look into PGP. It's not something I've worked with.

No.
If I were you, I'd work on negotiations and job offers at home.

My opinion is that while you're at work on the company's time, don't do anything you wouldn't want the company to know about. Now, on your own time on your own computer is a different story. Basically, I wouldn't give a rat's ass what you did, again as long as you don't go creating work for me. Actually, if I were in a position to create such a policy and enforce it, I wouldn't even let people bring in their own machines for the following reasons. 1) They're likely to fuss when I need to update or install something on their machine that is necessary to protect other network resources, 2) You never know what they have on their machines when they bring them in and plug them into their network. At that point, you can forget about your firewall because someone just went around it.

todd
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Answers contained within -

No, an anonymizer probably will not thwart the admin.

Probably.
Maybe. Wireless privacy/security is still not as good as other forms of networking. There are several forms of encryption that help from the laptop to the wireless access point. One of these is DES3, but it takes quite a bit of overhead since each packet has to be encrypted/decrypted three times. A packet will be encryped by the drivers on your laptop and then the packet will be sent to the wireless access point. The access point will then decrypt the packet and send it on the network normally. One more thing, it will be the access point that determines what encryption is available. The network engineers will set the configuration in the access point to provide (or not) encryption, and what type of encryption. It could also define the encryption keys that would be required, etc. If you would be using a school wireless network, I would assume that you would have to be given very specific instructions on just how to configure the drivers on your laptop. You would not be able to just set any parameters that you wanted.

you may not have the leverage on your own laptop that you think you do. The schools domain controller could push security policies to your machine and pretty much lock it down as long as it is connected to the domain. What email system will you be using in the classroom? I would assume that these job offers and negotiations will not be via the schools email servers because if they are, you have no privacy from the admins. Period. An email administrator could login to the server and look at anything. A network engineer could connect a network analyzer to the network and see any data packets that were going into, and out of your computer. Encryption would help in this case, but if I were really concerned about privacy I would not be looking at them from the school net.

I posted another response talking about network usage policy. To make a long story short, if the school does have a policy it could state that by using the school network you agree to let the admins monitor your computer (among other things). Ask for a copy.

Wayne
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Quite the opposite, it's a red-flag to say "This guy is trying to pull something, keep an eye on him".

I could swear I answered that, maybe you missed it.

Yes, they are orders of magnatude less secure. And it still goes through your employer's network.

You want to use your _work_ account, not only to conduct personal business, but to look for another job? Sounds like a good way to _need_ another job. 10 bucks a month gets you a dialup account.

It's their network, their bandwidth, and if you're in the US, it has long been found to be within their rights. They can listen in on your personal phone calls too, by the way. Don't like it? Don't do it, or get the law changed.

"dishonest" implies that they hide it, which they clearly do not, or your question wouldn't have been asked in the first place.
Their network, their rules. Don't like it? Don't use it.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

I'm not concerned about raising his suspicions, I care only if he can do something about them.

Not in this thread...[I just checked, you did mention PGP in the other thread, but I don't think I'd read it before responding in this thread]
<snip info on wireless, thanks>

I'm not looking for another job, but I receive offers on a regular basis, and prefer to keep those conversations private. Do I hesitate to use a _work_ account for private business? Not usually, as long as it doesn't interefere with my work. Remember, teaching is not a 9-5 job. Most of my evenings are taken up with school work of one kind or another. And at private schools you must often give up evenings and weekends. We're entitled to some leeway. Standard business practices differ for obvious reasons.

Phone calls are still normally protected by law, unless the employee gives consent. And the fact that they own property you use does not give them absolute rights beyond that property. My intellectual property is also involved, and court decisions constantly undulate between those shared property rights. But I understand your pragmatic approach, and appreciate the advice.
I feel for the worker who has to give in to a Big Brother type corp. and give up so many privileges. I am not in that position. I am coveted, as far as school administrators go, and can make reasonable demands, but network admins are another ballgame altogether, I'm just trying to protect my privacy from *them*.
I have yet to feel hindered by the law in this regard, but if I have to work to see a law changed it won't be the first time.

it here--at least in any of the standard philosophical tracts on ethics I've read. Although I suppose you could argue that an institution of the liberal arts that does not extend minimal privilege and trust to its teachers is "hiding" a pusillanimous suspicion, if they do not openly admit it. (I don't think that's what you meant.). Clearly, hiding is not a necessity for dishonesty: think how many immoral and illegals acts you are capable of--in fact many have done--being perfectly straightforward and open.
Dishonesty here is simply duplicity, pretending to be a humane institution while neglecting something like a "do unto others" standard. Privacy is a good thing: if you expect it, you'd better give it. School administrators understand that when I tell them, but network admins are given extraordinary power in having access to normally private information. I want to ensure that they don't misuse it on me.

Your caveat is well taken. But it is no more *their* network than it is mine. And who guards the guardians?
H.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 1 Aug 2004 21:36:58 -0700, snipped-for-privacy@sewanee.edu (Hylourgos) vaguely proposed a theory ......and in reply I say!:
remove ns from my header address to reply via email
On their network, and email connection, they have the right to _do_ anything they want regarding your usage. You then have the right to fight that in arbitration, court or whatever.
"Honest, yer Honour! I only drive on the wrong side of the road when there's no other traffic!"
You talk of honesty, and yet you are hungrily asking for ways to secretly circumvent their finding out about what you do as their representative, on their equipt, and probably in their time on their pay to you. You begin to sound like exactly the sort of trouble they are hunting for.
In an organisation, if you are using their gear, you _are_ their rep, both internally and externally. If you surf around and are IDd in any way, it will probably be under their banner. They care about that. If you bring stuff back with you that compromises their system in any way, they have a right to do something about that.
In many organisations with serious, large networks and big reps or sensitive data, they simply will not allow anything except approved address, non-encrypted attachments and messages etc.
While you can swear black is blue you will not be "dishonest", the same cannot be said for everybody (believe me!) and there is always the chance that you will make a mistake. There is no way they know what is what without putting out blanket policies.
If you are concerned that your applications for other jobs will be used against you unfairly, then face up to the people concerned about it. If you are simply trying to hide your activities, then it's your problem. Leave the applications at home.

***************************************************** It's not the milk and honey we hate. It's having it rammed down our throats.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 3 Aug 2004 17:12:04 -0700, snipped-for-privacy@sewanee.edu (Hylourgos) vaguely proposed a theory ......and in reply I say!:
remove ns from my header address to reply via email

OK. So try it and challenge them!

Sounds a bit rude. Who?

and what?....

You are trying to ways to secretly circumvent their finding out about what you do as their representative, on their equipt, and probably in their time on their pay to you.

YOU read carefully. Where did I say you had any applications?
Bye. You have heard a lot. As I said in another post, I am glad to see you extracted the right attitude from it all. ***************************************************** It's not the milk and honey we hate. It's having it rammed down our throats.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
(Hylourgos) vaguely

Try what, exactly?

imagine my (or Joe Worker in America) legal status vis a vis an employer rings like slavery to me. I just don't subscribe to that vision of American citizenship. The reference was not meant to be rude.

I'm not sure how secret I can be on a public NG, but even granting that...you again take it out of context. I am assuming the possibility of a dishonest networker who feels free to snoop my stuff. In my personal moral code, if someone does me wrong male fide, then I am under no obligation to deal with them bona fide.

Well, it still sitting right there above. I'll cut/paste to make it easier: "If you are concerned that your applications for other jobs...". That wasn't you?

I am indeed grateful for the information I've gotten in this exchange. Thanks again, H

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

To put it politely, _you_ are incorrect.
They have the legal right to the complete and utter control of *their* network -- equipment, facilities, _who_ can use it, and *what* they can use it for.

'their gear' includes the wiring, the hubs, the routers, the external connection.
If you aren't using _any_ of their gear, then there's no problem.
Of course, you won't be accessing the Internet through their facilities, either. <grin>
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
snipped-for-privacy@host122.r-bonomi.com (Robert Bonomi) wrote in message (Hylourgos) vaguely

my intellectual property remains mine and that it is to remain private from all company representatives, are you arguing that this grand "legal right" you speak of will trump my contract in a court if I sue the networker for snooping in my e-mail and blabbing to an administrator about its content, or for passing along a copyrighted document on my machine to a friend for fun reading?

Yea, it may come to that.
Your caveats are taken, however, Regards, H
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Yes, *really*.

Are you _deliberately_ playing the idiot, or does it just come naturally?
Just for starters, _you_ do *NOT* own the copyright on any incoming email sent to you. *ALL* the 'intellectual property' rights in that message belong to the author of the message, not to the recipient. So, "No, _you_ nnot= sue, under the language of your contract as quoted above, for the 'networker' snooping in your incoming mail, and blabbing to an administrator about it's content". You don't have the 'standing' to sue because it is not _your_ intellectual property involved.
Similarly, "No, _you_ cannot sue if the guy passes along a copyrighted document copied from your machine, that was authored by _someone_else_."
Next, I recommend that you *LEARN*TO*READ*PLAIN*ENGLISH*.
You keep dragging up examples of _other_people_ doing things. Not _your_ use of 'the company/school' resources.
Your IP rights do not give *YOU* any 'rights' to the _use_ of =their= network resources.
Read the above statement again. Note carefully that it does *NOT* say *anything* about what 'somebody else' can or cannot do.
The network owner can _choose_ to allow, or prohibit, any activities by any person as it sees fit. The network operator is *NOT* liable if the activity that person engages in runs afoul of _some_other_ prohibition.
You have -nothing- for 'rights' that will trump (in your words) their decision to prohibit _you_ from doing something that they don't want you to do.
You have *NO*RECOURSE* against the network owner/operator if some other party engages in an activity that the network owner/operator allows them to do.
Depending on what that activity was, you _may_ have a cause for action against that 'some other party'.

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

You're the one saying they are both recent and invalid, the onus is on you to back that up. It's quite possible that you've made it this far while being completely oblivious to your surroundings, surprising as that is. Are you also going to ask us to research for you why the sky is blue, why water is wet, and why other truths are true?

I'm not the one claiming that my employer's network is free for my own personal exploitation, you are.

I asked several times what your employment agreement says in the way of an acceptable use policy, and you never responded to that aspect of my posts.

There is no legal problem, there is reality and there is you, at odds with it.

Oh, FFS, you know _exactly_ what I'm saying, but you're pretending not to again. You are equating your employer with a slave owner, and yourself with a slave. Not even close to reality, and you know it. Bringing it up as you have chosen to do, serves to add nothing but a reactionary emotionalism to your posts, race-based even.

See above.

I don't give a rat's ass if you trust me or not. I've said several times that if you start calling attention to yourself on my network by doing things that are going to affect the systems I'm responsible for, I'm very likely to investigate it and stop you in whatever way is effective to get you to knock it off.
By the way, it's not unusual for potential employers to google for an applicant's history.

I don't care if you're buying it, I'm telling it how it is. If you choose not to listen to it, it's _your problem_. But don't tell people who know more about a topic they're wrong, when you haven't got a clue about how things work.

Yes, we do. It's still their network, their IP address, their bandwidth. Do you not understand what those things are, or how they are not yours to do with what you like? Do you also make long-distance phone calls on their phone lines, but justify it by saying "Well, the handset is my own personal one that I brought in from home, so it's perfectly OK"?

Intruding in? You're posting this in a _discussion group_, and balking that people are _discussing it_ with you? Perhaps legal and technical areas aren't the only places where you are clueless.

OK, and here comes your "but, that's now how it is". Let's read on together and see the weaseling, shall we?

Because you seem not to see how it applies directly to your situation.

See above.

There is more than one person reading this "subthread" as you've reminded me twice just now. You're addressing a group, are you not? If not, again, why aren't you writing emails? Again, you are intentionally twisting others' words so you can take them the worst possible way, so you can feel put out upon. Get over it, you're not that important.

Resorting to personal attack in absence of valid point noted.

You get unsolicited job offers by email. (they must be unsolicited, because you just said, a few lines up, "I have no applications out." A job offer. Job offers. "Hi, we want to pay you $xx,xxx.00 per year for a job, please sign here and when can you start" job offer.
I doubt it.

So it's not a job offer, it's an email from a headhunter or prospective employer to see if you're interested in an interview process which would lead to a _job offer_. There is no headhunter or employer in the world (who would be worth working for or worth representing you) that can't wait until you get home to check your email.

So read them at home, or read them at work and take your chances. Very simple.

See above regarding personal attacks revealing your argument's inherent flaws.

SO DON'T READ IT AT WORK!

It's clear, alright.

It was in the entire message you left after your semi-top-posted reply. Right below where I wrote that, before I trimmed it. Down-arrow. Use it.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Hylourgos wrote:

Depending on the policies in place he can block the anonymizer, pull your account, or tell the Powers That Be to fire your ass.

Encryption is usable, but only if you're emailing to others who use encryption and have given you their public keys.

Then don't give out your work email address to prospective employers.
And it's my experience that nobody sends out unsolicited job offers without at least a phone interview first.

Are you or are you not the school administrator? If you are then you should outrank the network administrators.

If you care who is guarding the guardians then don't use the network for anything that you don't want the guardians to see. That's the bottom line. Given that you can get a computer perfectly adequate for checking your email for 20 bucks and if you have the right long distance provider get a free dial-up account from which to access it there's no reason to be using the company mail for sensitive correspondence.

--
--John
Reply to jclarke at ae tee tee global dot net
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
<snip>

professional indices. They contact me based on reputation, they know where I work, it's not exactly rocket science to get my e-mail addy.

That is clearly not my experience.

Would I outrank a network admin? Who knows. Generally, my impression is that most school administrators value a decent network admin. more than a decent teacher. But a great teacher vs a mediocre network admin? Then it's more dicey, the latter ought to watch his step around the former.
Thanks for your comments, H.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Hylourgos wrote:

If you're the school administrator you damned well _better_ know who your subordinates are.

What does "value" have to do with chain of command?

Why? Are network administrators subordinate to teachers but not to school administrators or something?

--
--John
Reply to jclarke at ae tee tee global dot net
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
<snip>

administrator or not, so I'm not clear now whether you're using the general or the specific "you're", and my response might differ for each.
I'm also unsure about your ideas about hierarchies. I'm getting the impression that you subscribe only to a vertically linear hierarchy in your comments. This is not the military we're talking about here (nor is that vertically linear anyway). A school principle, say, may look at a networker in one scenario as subordinate in value (I note your comment below) to a certain teacher, and the opposite in another scenario.
In no school where I've worked have I seen a teacher as the superior of a networker, nor have I seen a networker the superior of a teacher. Entirely different and unrelated tasks make them poor candidates for governing one another I suppose.
But this all seems obvious. Perhaps I'm missing your point. Could you elucidate?

networkers?
Value, as I imagnie it, is simply the determining factor in an administrator's mind that decides who stays and who goes. Clear?

No, both are subordinate to administrators, but seldom are they equals. Their value depends on many factors: the administrator's needs, prejudices, the abilities of the networker/teacher, etc.

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Mr Sweany is a "visiting assistant professor", at University of the South, in Tennessee. One of a total of 4 faculty positions in the 'classical languages' department.
'Assistant professor' ranks above 'instructor', but below 'professor', or 'senior professor'.
'visiting' positions are usually of fixed duration, frequently 'non-renewable', and _not_ eligible for consideration for tenure.

He's in an educational institution
'administrative staff' and 'faculty' are two _entirely_ separate lines of authority. with totally different structures.
The interactions between them are 'unclear', at best.
A faculty member in a department is responsible to the department 'chair'. the department chair is responsible to the 'dean' of the school. the deans 'nominally' report to the president, chancellor, or some similar title.
'Staff' _in_a_department_ ("academic" staff) are responsible to the department chair, and _at_the_chairperson's_direction_, will take direction from other faculty. in that department. Get 'wrong' with the department chair, and it is _amazing_ how 'unhelpful' the department staff can be. On rare occasions, an individual faculty member may have academic staff assigned directly to them. The typical situation is when said faculty member has landed a grant with enough funding in it to pay for that staff person, full-time.
There are _other_ staff areas ("administrative" staff) that are not directly responsible to an academic department. e.g., admissions, the burser's office, 'physical plant'/maintenance, 'computer services', etc.
These people report up an entirely _separate_ 'chain of command', to people like the 'vice president of operations', 'vice of development', 'vice president of university relations', etc.
The vice-presidents also report to the president/chancellor/whatever.
And, of course, the ultimate authority is the 'board of directors'.
Now to complicate the 'chain of command' concept -- and done expressly for promoting 'academic freedom' from the dictates of 'management', there is this concept of 'tenure'. Once you 'get' tenure, you have a job at that institution 'for life'. You _cannot_ be fired.
This results in the 'business' side of the institution regarding "managing" the 'academic' side as not too far astray from 'herding cats'.
The overall arrangement is *NOT* a bad set-up, but it _does_ make for significant (and occasionally *more* than just 'significant', _much_ more!) friction between the two groups.
More than you really wanted to know on the subject, I'm sure. <grin>
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

ARGHHH! d*mn spell checker. that should read "Mr. Seavey"

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Robert Bonomi wrote:

Actually, I wanted to know what "Hylourgos" thought about the matter. Wasn't expecting somebody to "help" him.
--
--John
Reply to jclarke at ae tee tee global dot net
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Related Threads

    HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.