Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!rutgers!uwvax!tank!ncar!noao!asuvax!mcdphx!mcdchg!ddsw1!corpane!sparks
From: sparks@corpane.UUCP (John Sparks)
Newsgroups: comp.misc
Subject: Re: Computer Virus Hearings
Keywords: virus, goddard, congress, leahy
Message-ID: <675@corpane.UUCP>
Date: 24 May 89 21:28:31 GMT
References: <154@oldcolo.UUCP> <4246@ficc.uu.net>
Reply-To: sparks@corpane.UUCP (John Sparks)
Distribution: usa
Organization: Corpane Industries, Inc.
Lines: 51

In article <4246@ficc.uu.net> peter@ficc.uu.net (Peter da Silva) writes:
>In article <154@oldcolo.UUCP>, dave@oldcolo.UUCP (Dave Hughes) writes:
>> A  system 
>> which permits uncontrolled access to its ports,  or self-assigned 
>                                                      ^^^^^^^^^^^^^
>> passwords  is not even covered under the Electronic Privacy  Act. 
>  ^^^^^^^^^
>> Nor  need  it be.  Such computer systems are 'public' as  far  as 
>> privacy is concerned. Even if the system is privately owned.
>
>What possible relationship does this have to do with coverage under the
>Electronic Privacy Act? Every UNIX system on the net permits users
>to assign their own passwords. It is ludicrous to presume that the
>existence of a "Password" command should have anything to do with the
>public nature of a system.
>
>Either you're confusing passwords with accounts, or the EPA is grossly
>misdesigned, or you're misinterpreting it.
>-- 
>Peter da Silva, Xenix Support, Ferranti International Controls Corporation.
>
>Business: uunet.uu.net!ficc!peter, peter@ficc.uu.net, +1 713 274 5180.
>Personal: ...!texbell!sugar!peter, peter@sugar.hackercorp.com.


Peter,

By self-Assigned Passwords I think he is refering to those BBS's that when you
first log into them they tell you to 

"enter your name or type New"
 
And when you type New, they give you a password for future logins and then give
you full access to their system, without doing a security check on you. In
other words: The BBS creates the account for you without checking you out.

These systems can be considered completly public because the passwords are only
to provide a means of separating users and not as a means of keeping people off
of the system in general. Anyone can get on just by typing 'New' and get a
password. 

Many BBS's will not do this anymore. They will allow you to log into a
temporary account and read about the BBS and leave your name and phone number.
The Sysop then decides whether to let you on or not. Most times he will call
you up and verify your phone number and then give you your password.


-- 
John Sparks   |  {rutgers|uunet}!ukma!corpane!sparks | D.I.S.K. 24hrs 1200bps
[not for RHF] |          sparks@corpane.UUCP         | 502/968-5401 thru -5406 
I fear explanations explanatory of things explained.