Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!csd4.milw.wisc.edu!cs.utexas.edu!uunet!yale!Horne-Scott From: Horne-Scott@cs.yale.edu (Scott Horne) Newsgroups: comp.misc Subject: Re: Ten Commandments of Personal Computing Message-ID: <68409@yale-celray.yale.UUCP> Date: 2 Aug 89 15:19:41 GMT References: <66667@yale-celray.yale.UUCP> <1393@helios.mmsac.UUCP> <1005@unify.UUCP> <68274@yale-celray.yale.UUCP> <43611@bbn.COM> Sender: root@yale.UUCP Reply-To: Horne-Scott@cs.yale.edu (Scott Horne) Organization: Yale University Computer Science Dept, New Haven, CT 06520-2158 Lines: 80 In-reply-to: cosell@bbn.com (Bernie Cosell) In article <43611@bbn.COM>, cosell@bbn (Bernie Cosell) writes: > In article <68274@yale-celray.yale.UUCP> Horne-Scott@cs.yale.edu (Scott Horne) writes: > }In article <1005@unify.UUCP>, jde@unify (Jeff Evarts) writes: > }> In article <1393@helios.mmsac.UUCP> eben@mmsac.UUCP (Eben R.S. Visher) writes: > }> >[...] if you don't want it seen, then RSA or > }> >DES it (of course, if you simply crypt(1) it, you're inviting someone > }> >to spend 7 minutes with Crypt Breaker's Workbench). > }> > }> Okay, there are no smileys here, so I'm assuming you meant what you said. > }> ABSOLUTELY NOT! This is frankly rediculous. This kind of "If I CAN do it, > }> it must be OK with you" attitude is a real problem in today's computer > }> industry. > } > }I see what you mean, but I don't think that Eben Visher meant that. It seems > }that that remark about `crypt' was made as a warning about security, not as a > }suggestion that people should be allowed to browse ~/personal/top_secret.crypt > }just because the decryption method is well-known. > > That's not what he said: what he *said* was that.... See above: ``I don't think that Eben Visher meant that.'' He may have, in which case I misconstrued his intent and agree with you (Bernie). > }> The > }> idea that I would have to encrypt a file to keep a coworker out of it > }> really scares me. This is not the way things should be run. > } > }Does the idea that you should have to use a password scare you? How about the > }idea that you should have to lock your door? Take your keys out of the car? > }Seal your envelopes? Hide your valuables? > > Yeah, it does... I don't think I could work at a place that requires > the kind of aggressive paranoia that Eben apparently engenders and > encourages in his shop. I don't lock my office door much, I don't > tamper-proof-seal interoffice memos, I don't have the hifi in my office > bolted down to its table. Neither do I. Do you lock the front door of your house, or do you leave it open? Do you take your car keys with you, or do you leave them in the ignition with the door unlocked? Do you seal envelopes or leave them open? Do you use a password, or can I `telnet' to `bbn.com' and log in as cosell with no password? > That EVERY time I take my eyes off of my > attache case I can be assured taht some will be seeing if they can pick > the lock; that every time I step out of my office I can expect that > unless I lock my desk someone will rifle through it to see if there is > anything interesting (and heaven forfend I should leave my attache > case, or desk, or office door unlocked -- that means 'open season', > right?). No, it doesn't mean open season. You're just confusing the issue. No one has said anything about ``EVERY [capitalisation yours] time I take my eyes off of my attache case I can be assured taht [_sic_] some will be seeing if they can pick the lock''. Anyway, why is your attache' case locked? I thought you were Mr Anti-security. > What is so special about a person's computer files that > doesn't entitle them to the same respect and privacy that you would > give to anything else of theirs? The assumption that everyone can browse everyone else's files (if they're not protected; I certainly oppose the idea that one may try to decrypt files or `su' to root to override denied permissions) makes for a more pleasant and useful working environment. I tell people ``Just take file xxx out of my yyy directory'' all the time, as do others here. I don't leave everything readable, of course; no one does around here. I'd certainly respect a policy of staying out of others' files, even though I oppose such a policy. --Scott Scott Horne Undergraduate programmer, Yale CS Dept Facility horne@cs.Yale.edu ...!{harvard,cmcl2,decvax}!yale!horne Home: 203 789-0877 SnailMail: Box 7196 Yale Station, New Haven, CT 06520 Work: 203 432-1260 Summer residence: 175 Dwight St, New Haven, CT Dare I speak for the amorphous gallimaufry of intellectual thought called Yale?