Path: utzoo!attcan!uunet!snorkelwacker.mit.edu!ai-lab!mole.ai.mit.edu!rkan From: rkan@mole.ai.mit.edu (R. Kan) Newsgroups: comp.org.eff.talk Subject: Re: e-mail privacy Message-ID: <13640@life.ai.mit.edu> Date: 2 Mar 91 21:17:23 GMT References: <13628@life.ai.mit.edu> Sender: news@ai.mit.edu Organization: The Internet Lines: 49 In article lear@turbo.bio.net (Eliot) writes: >[2] They told you that they were going to do so. Therefore you do They (my university computing center system administrators) did NOT tell me or anyone else they were going to monitor e-mail. They do not even have an explicit policy regarding e-mail. They told me after I suspected my mail was monitored that they reserved the right to read e-mail if they deemed it necessary to protect the system against illegal use of the system. This I can understand and agree with except that I was not made aware of beforehand that they could do this. They have no guidelines as to what constitutes probable cause to initiate a search, and they do not state in any written policy that they have this right. The users of the system do not know they are giving up certain rights of privacy to the system administrators when they use the system. Because of this lack of official policy, it is up to the whims of the individual sys admins to do as they see fit without being held accountable for their actions. This is what I am concerned about. >There is, I understand it, one thing going for you in this case: > >[1] Didn't MIT have some big internal stink about what thou shalt > and shalt not do with mail files? It's possible that your I have to clarify this better. I am NOT refering to MIT, I am refering another university system which I am on. This specific case has nothing to do with MIT. In case anyone is interested in how I suspected my e-mail was read, I logged on to the system one day with a "You have mail." message. When I tried to read my mail though, I got a "No mail." message. I thought this was rather strange so I did an "ls -l /usr/spool/mail/mylogin" where "mylogin" is my login name, therefore the name of my mail file. This is what I saw: -rw------- 1 root 20055 Feb 21 18:35 /usr/spool/mail/mylogin -rw------- 1 mylogin 19873 Feb 21 16:07 /usr/spool/mail/mylogin~ Apparently some bozo forgot to restore ownership of my mail file to me. I could access the backup file they made but all mail to me bounced until the ownership of my real mail file was restored to me a day later. They actually deleted the root owned file and just renamed the backup file, so I lost whatever new mail was in the original mail file since the original file is larger than the backup file. So far, they have not given me a decent answer about this. Again, let me reiterate, this has nothing to do with MIT. R. Kan