Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!elroy.jpl.nasa.gov!swrinde!zaphod.mps.ohio-state.edu!caen!uflorida!mailer.cc.fsu.edu!fsu1.cc.fsu.edu!otto
From: otto@fsu1.cc.fsu.edu (John Otto)
Newsgroups: comp.admin.policy
Subject: Re: SUSPEND SYSOPS, NOT STUDENTS
Message-ID: <1991Jun19.210441.18462@mailer.cc.fsu.edu>
Date: 19 Jun 91 21:02:42 GMT
References: <20740@slice.ooc.uva.nl> <1991Jun13.114433.22530@rulway.LeidenUniv.nl>
Sender: news@mailer.cc.fsu.edu (Usenet News File Owner)
Reply-To: otto@fsu1.cc.fsu.edu
Organization: Florida State University
Lines: 36
News-Software: VAX/VMS VNEWS 1.3-4
Nntp-Posting-Host: fsu1.cc.fsu.edu

In article <1991Jun13.114433.22530@rulway.LeidenUniv.nl>, crissl@rulcvx.LeidenUniv.nl (Stefan Linnemann) writes...
>In article <20740@slice.ooc.uva.nl> ropg@ooc.uva.nl (Rop Gonggrijp) writes:

>>crissl@rulcvx.LeidenUniv.nl (Stefan Linnemann) writes:

>>>> What if a student runs cops on /etc/passwd... would this
>>>> be considered intent to break into a system and could he thus
>>>> be suspended?

>>>It could be, yes, because cops could be used to find passwords.
>>>However, you could write your own program that would do this.  If
>>>anyone would do this and uses or distributes the passwords, and it
>>>would come out (as it usually does) all bets are off: the person in
>>>question will be suspended and/or denied all access to computers.  YOU
>>>CAN GO TO JAIL even, nowadays, for such a stunt.

>I'm no lawyer, so this is the last I'm going to say about this: using
>or distributing passwords you've cracked can be prosecuted in a court
>of law, nowadays, and you can be punished for it (if the case holds,
>of course).  Whether actual jail term can be the result, I don't know,
>so I guess I shouldn't have specified that.

It's interesting that, in the Privacy Act of 1974 (not the Family Educ...)
the penalties for violation of a citizen's privacy by a govt agency 
(member) are merely very minor civil payments, and they can only be attained 
after all administrative remedies have been exhausted.  When the violating 
agency is the one setting its own administrative hearing processes (guided 
by the GSA), it's pretty plain to see that no one is going to have much of 
a chance to have his privacy respected by anyone in any government agency.

In my own experience, when I tried to go up the ladder within the U, I was 
greeted with more and more abusive examples of the same sorts of 
violations of my privacy which I had originally sought to bring to an end.
The attitude was that I was just a trouble-making cretin to bring up the 
matter and I should go back to good old (next person down in the 
hierarchy), lick his boots and ask for forgiveness.