|
Grex > Coop13 > #49: The cross item, spawned from the jp2 campaign item | |
|
| Author |
Message |
| 25 new of 53 responses total. |
sholmes
|
|
response 10 of 53:
| 
Dec 6 16:20 UTC 2003 |
Okay , that brings back to my original question ..
what will you do ... if I decide to send 500 KB ( this or whatever
renders the system unusable ) now .. would I get my account locked for
two days ? Just that or more .. I don't see any reason why I should be
treated differently that the earlier two cases.
What if all of the thousands of grex users decide to try it and do the
same ?
My point being in the absence of pre determined set of actions to such
incidents .. it ended up bringing up conflicts amongs the staff . on
both the earlier incidents.
[quote]It is possible for justice to be
blind in the absence of highly specific rules,[/quote]
In the presence of rules, however, it would have been a lot easier to
decide whether cross or anyone for that matter misused their staff power
and the matter would have been just a minor thing.
|
gelinas
|
|
response 11 of 53:
|
Dec 6 18:33 UTC 2003 |
Yes, your account would be locked. I don't know for how long. Possibly for
ever.
|
sholmes
|
|
response 12 of 53:
|
Dec 6 18:55 UTC 2003 |
If it's forever , would that go against equal treatment for everyone ?
|
gelinas
|
|
response 13 of 53:
|
Dec 6 19:45 UTC 2003 |
Nope; just like aggravated assault brings a more serious penalty than simple
assault. You know better, but you are weighing the penalty against the
advantage. Thus, the penalty MUST be more severe for you.
|
gelinas
|
|
response 14 of 53:
|
Dec 6 20:05 UTC 2003 |
I didn't read Mary's response #4 closely enough, so it took me a while to
find her comments. (She refers to different item numbers; the correct one
is #29.)
She took Dan's comments in his response #17 to that item out of context and
then criticised him for it. He was trying to explain why he considered
several different accounts to belong to just one person. Blocking one of that
person's accounts is worse than pointless: it's just plain stupid. Blocking
the accounts of that person, but leaving them access to create new ones is
also stupid. The only recourse in that instance is blocking the IP address
(or addresses) that the vandal (for lack of a better term) is using. As was
pointed out at the time, such blocking is standard practice here on grex.
Mary's response #66 was directly preceded by a response from John. I'm going
to include both here, in their entirety:
} Item #29: Hackers (More tricks)
} Response 65 (125) John H. Remmers (remmers) Sun, Nov 9, 2003 (11:59) 2
lines: } } I think that #61 contains a reasonable question, regardless of
what } one may think of the person asking it. } }
--------------------------------------------------------------------------- }
Item #29: Hackers (More tricks) } Response 66 (125) Mary Remmers (mary) Sun,
Nov 9, 2003 (12:14) 3 lines: } } I'm afraid the answer might be, "because I
can". } } I hope we're learning here. } }
---------------------------------------------------------------------------
Madam, that sure sounds like a personal attack, don't you think?
Oh, the question in #61 was:
] Why do you continue to block them, when it remains fairly obvious I
] can connect to Grex anyway?
Unfortunately, that particular question never did get addressed. In the face
of continued criticism, AND ABSOLUTELY NO SUPPORT, Dan gave up.
I echo that last sentence of Response 66 of Item 29. I hope you spend
some time in front of a mirror, Mary.
|
gelinas
|
|
response 15 of 53:
|
Dec 6 20:41 UTC 2003 |
By the way, I, too, bear cupability for leaving Dan twisting in the wind.
My only excuse is inadequate: I was too new on staff to feel competent
to speak for staff as a whole. That does not relieve me of my obligation
to speak for myself.
Dan, I'm sorry. As a person, as a staff member, and as a Director. You
deserved better.
|
cross
|
|
response 16 of 53:
|
Dec 6 20:49 UTC 2003 |
Regarding #4; I wish you would go back and reread all of item 29, Mary.
Mary writes:
"Now, here is where I think Dan went a little wrong. He went past
reacting to the facts of an incident of system abuse into building
theories about who all was involved and their motivations and
connections. He then used his staff power to lock accounts and
tried to block the suspects access to Grex."
So, according to you, I went wrong by locking the pseudo's of the
naftee account thinking it was polytarp. But, you neglect to mention
my statement that naftee himself complained his main account (login:
naftee) had been locked previously. Who did that? Not me; it was before
my time on staff. Let's have a look at the logs:
Wed Feb 6 12:01:20 2002 woot [naftee] another polytarp account
Woot is STeve Andre, and at the time, polytarp was being banned for
sending mass tel's. So it seems I wasn't that far out of line thinking
that naftee was polytarp, and I had legitimate reasons for thinking so
(hey, STeve Andre thought the same thing!). It should be noted that
STeve never unlocked the naftee account, even though he incorrectly
assumed naftee was polytarp, just as I did; naftee was recreated in June,
by the original person, after being reaped. You can't get much more
experienced at grex staff, or as oldgrex, as STeve.
I suppose quoting the above line from the log will be considered an
abuse of staff power. At least I'm not quoting the line two above that
in the log file!
Mary goes on to say:
"And when it was shown his theories were incorrect he responded by
stating:
"I locked asddsa's account because I had reason to suspect
he was the same person as dah. Both their comments in the bbs
(I infrequently see both them in party) struck me as juvenille
and immature. Their harassment of staff was annoying.
Their continuing complaint about polytarp's account being
locked was just stupid. Forgive me if I couldn't tell
Tweedle-Dee from Tweedle-Dum." Coop, item 29, response #17"
I made the same mistake other staffers did. Sorry.
But, this is quoted out of context. Here the entire post Mary quoted
parts of. I wrote:
"Nonsense. I told him I'd give him his account back if he said he
wouldn't damage the system. The response was something on the
lines of, ``CAN YOU TELL ME HOW TO FIX MY TV!'' I concluded
after a couple more exchanges he wasn't serious about getting
anything unlocked, but just wanted to be irritating.
This is a hard issue; Freedom of speech is a rough thing.
It means, in exchange for the right to express one's own ideas,
periodically one has to put up with idiots who want to abuse
the system for kicks, who in effect take advantage of the right
to say whatever they want to say things just meant to annoy,
who push the limits just because they can. Sometimes the
latter is good; sometimes shocking people out of a complacent
existence can be beneficia, if that complacency is itself bad.
But sometimes, it's just irritating, and while it's an irritation
we have to put up with, but that doesn't oblige me, or anyone
else, to facilitate it.
I locked asddsa's account because I had reason to suspect he
was the same person as dah. Both their comments in the bbs
(I infrequently see both them in party) struck me as juvenille
and immature. Their harassment of staff was annoying. Their
continuing complaint about polytarp's account being locked
was just stupid. Forgive me if I couldn't tell Tweedle-Dee
from Tweedle-Dum.
A few people I trust have since said that
asddsa/naftee/soup/salad isn't polytarp/dah/scholar. Okay,
fine. However, I'm not going to play a series of games with
naftee over getting his account back; freedom of speech doesn't
entitle you to a specific login name. It's clear naftee, or
whatever his name is, knows how to run newuser, and it's clear
he's both figured out a way to access the BBS via the web, and
login interactively. As far as I'm concerned, he hasn't been
censored, and he can get his other accounts back after they've
been expired in the normal reap cycle. I have better things
to do than (a) fix naftee's TV, and (b) engage in juvenille
debate over this or that."
I still don't think there's anything particularly bad in there. I said
in words what STeve said in actions. Maybe I'm a bit gruff. Too bad,
I live in New York. Deal with it.
I tried talking to naftee (using his pseudo at the time) to determine
whether he really wasn't polytarp, and whether he was planning on
abusing the system in the future. I said, if I recall correctly, ``if
you tell me you won't abuse the system, I'll unlock your account.''
His response asked me whether I would fix his TV. Not knowing how to
fix TV's, I declined. But I also went away thinking he wasn't too
serious about getting his account back. Given that, I wasn't going
to waste a lot of time playing games with him over it. Eventually, I
unlocked his account and sent him the new password. That's more than
the old school grex staff did in the *exact same situation.* Yet,
Mary chooses to criticize me for mishandling the situation. Mary,
why didn't you criticize other grex staffers the first time this happened?
Mary makes vague statements that I should have asked before locking
dah et al. Actually, I did. In an email to the staff mailing list on
October 28, 2003, I wrote:
"Sure, I'll agree with that, too. I chmod'ed everything in his
home directory to be unwritable by group and other. Still,
I think, if we can ferrit out who's doing this (I'm reasonably
confident it's not Jamie), we should boot that person. Dah has
been paying a lot of attention to Jamie's account. I find that
a little weird."
The ``Sure, I'll agree with that, too'' is in reference to Valerie's
suggestion that we lock jp2's account if it gets vandalized again because
he had permissions on some files and other's could write into them.
By the way, Sapna, that was what dah did: he wrote about 400 megabytes
into a few of his files that were world writable, and filled up the
/d partition. He then posted somewhere, maybe in coop, that Jamie's
account should be locked because he had filled up the grex. Hence my
comments about abusing the system and trying to pin it on someone else:
he abused grex, and tried to pin it on Jamie. Evidently, to Mary, this
isn't a good reason to lock an account; doing so would be un-grexlike.
The funny thing is, it's common practice with grex staff to lock accounts
that are over quota.
Anyway, my email received no objections, no one said, ``hold up before
you do that.'' So, it would appear that I *did* ask (in the form of
stating my intentions, to which no one disagreed) before doing what I did.
As for naftee getting caught in the sweep of polytarps access, well,
I've already explained that enough times. It's interesting to note
that the policy written up in jp2's campaign item is that, in cases of
mistaken identity, particularly when someone's actively attacking the
system, it's better to lock first and ask questions later. I thought
dah represented a serious threat to the system, as he had filled up a
user partition (making the system unusable for a significant number of
users, the offense jp2's account was locked for, which Mary seemed to
agree with); there was no reason to believe he wouldn't do it again.
I did what I thought was prudent. So if I was doing what Mary suggested
I do when she wrote:
"Oh for heaven's sake. Cross, you are brand spanking new to
staff. There is a learning curve. You have some rough edges.
None of this means you won't fit in nicely but you'll need
to ask some questions and listen to the answers to make that
process easier."
...
"And I'll compliment you on this - you are eager and willing to
help out. That's a huge plus right now. But, at least in the
beginning, think it through and maybe ask those who have been
doing this a very long time if your plan is sound."
Well, it seems I did ask some questions and listen for the answers (which
never came). What's more, I followed the *exact* *same* *path* ``those
who have been doing this for a very long time'' did (cf. steve locking the
naftee account back in February, not to mention all the account locking
that happens on a nearly continuous basis). I boggles the mind why Mary
criticized me for this, but not STeve. Maybe she wasn't aware of what
STeve did, but if she was, would her reaction have been any different?
At the end of the day, I think the only thing Mary can *really* take
exception to was that I didn't immediately reinstate the naftee account.
Okay, point taken, but that's not how she presented herself in item
29. For instance, dah, aka polytarp, the person who had filled up
the /d drive, asked the following:
"Why do you continue to block them, when it remains fairly
obvious I can connect to Grex anyway?"
This was in reference to blocking the IP addresses of his ISP. Remmers
went on to say:
"I think that #61 contains a reasonable question, regardless
of what one may think of the person asking it."
To which Mary responds:
"I'm afraid the answer might be, "because I can".
I hope we're learning here."
Never mind that I'd already explained why I had banned him. I'm not
sure what we're supposed to be learning; Mary never explained that
comment.
Scott did have this to say about one of Mary's comments:
"Actually we do on occasion site-block. We feel shitty about
having to do so, but at times it has been necessary."
She never responded to that comment. But then again, it didn't support
her thesis.
Later, I wrote:
"Regarding #70; Okay. I've unblocked all the Canadian ISP's
I blocked. Someone else can clean up these problems on grex;
I've got other things to do."
Then:
"I've unlocked the polytarp and dah accounts, and emailed
the new passwords for both to willcome."
Which polytarp followed up to by writing:
"And that's what I get for chasing away staff members, and
DoSing the system and blaming it on potentuak staff members.
(more than I started with)."
...
"I meant potential (impotent, importent) Board MEmbers."
So, the person who abused the system admits it, and proves my point
for me. Here are the lessons I learned:
1) While new to staff (I'm not new to Unix system administration,
or dealing with unruly users), don't do things other staffers have
done before you, because you're wrong while they were right.
2) The president of the board plays favorites and doesn't
listen to explanations of actions that go against her preconceptions.
3) It's okay to vandalize grex as long as you complain about
being punished later in BBS.
4) Users will not be held accountable for their actions if they staffer
who tries to do so isn't on the favorite person list of the president
of the board.
5) The grex old guard will defend itself. Note that no one has taken
Mary to task for her uneven reaction to different staffers doing the
*exact* *same* *thing*.
6) Attempting to public explain yourself will bring you nothing but
misery here.
|
cross
|
|
response 17 of 53:
|
Dec 6 20:57 UTC 2003 |
(Joe slipped. Thanks for the support, Joe; I really do appreciate it.
btw- my note shouldn't be construed as critical of STeve Andre; I just
wanted to point out Mary's uneven dealing with different staffers.)
|
mary
|
|
response 18 of 53:
|
Dec 6 22:05 UTC 2003 |
Had STeve's actions come to my attention I would have voiced my
opinion, just as I did with you. Don't believe me, ask STeve.
We've had animated discussions. We are also friends.
|
scott
|
|
response 19 of 53:
|
Dec 6 22:06 UTC 2003 |
I do like Mary a lot, but I don't think she is aware of everything staff has
to do on occasion. Yes, we site-block, ard in this case supported Dan's use
of that method.
|
mary
|
|
response 20 of 53:
|
Dec 6 22:25 UTC 2003 |
Maybe I've do have it wrong. I realize you have to lock account and site
block. But when you assume someone deserves such treatment, take the
action, then find out you spanked the wrong person, what is staff's
response? Accepted response?
|
mary
|
|
response 21 of 53:
|
Dec 6 22:34 UTC 2003 |
And thanks for the honest response, Joe. I respect your opinion
a lot. I'll take another look at that entire item, tomorrow
morning, and see if I come to another conclusion.
|
willcome
|
|
response 22 of 53:
|
Dec 6 22:35 UTC 2003 |
There's a pope in Paris.
|
naftee
|
|
response 23 of 53:
|
Dec 7 02:54 UTC 2003 |
re 14
>In the face of continued criticism,
actually, it was needling by willcome. Something cross should've ignored.
AND ABSOLUTELY NO SUPPORT, Dan gave up.
This is absolutely not true. Here's proof from item 29
#2 of 125: by Scott Helmke (scott) on Fri, Oct 31, 2003 (22:59):
I'd side with cross on this one.
#7 of 125: by Sindi Keesan (keesan) on Sat, Nov 1, 2003 (04:41):
Thanks, cross.
#20 of 125: by El Capitan se habla espanol (jaklumen) on Mon, Nov 3, 2003
(01:44):
of course you do, tweedle-dum.
#24 of 125: by S M (mynxcat) on Mon, Nov 3, 2003 (11:45):
I agree with cross on this.
#31 of 125: by Eric R Bassey (other) on Mon, Nov 3, 2003 (18:15):
And you are a stupid ignorant fuck. What of it?
#57 of 125: by Scott Helmke (scott) on Fri, Nov 7, 2003 (23:20):
Staff *has* explained its actions. You've yet to explain *yours*, however.
#72 of 125: by Bruce Howard (bhoward) on Sun, Nov 9, 2003 (22:31):
Goodness gracious, this item does goes on and on and round and round.
#77 of 125: by Bruce Howard (bhoward) on Mon, Nov 10, 2003 (05:22):
Perhaps an unfortunate lesson for all concerned?
#80 of 125: by S M (mynxcat) on Mon, Nov 10, 2003 (16:55):
I hear ya, Dan. You did your best.
#81 of 125: by Abhijit Ray (sholmes) on Mon, Nov 10, 2003 (20:19):
I would agree with mynxcat.
#85 of 125: by Sindi Keesan (keesan) on Mon, Nov 10, 2003 (21:38):
Please don't resign.
#90 of 125: by John Ellis Perry Jr. (jep) on Mon, Nov 10, 2003 (23:34):
Dan, I'd appreciate it if you'd stay on the staff, too. I think you
contribute a lot. Specifically, NextGrex needs you very much.
#91 of 125: by Glenda F. Andre (glenda) on Mon, Nov 10, 2003 (23:49):
Don't listen to twirps, and don't let them drive you away.
gelinas, quit writing about how cross had no support. Unlike my identity, you
have no excuse to pretend to believe cross had no support.
resp 16
>Woot is STeve Andre, and at the time, polytarp
>was being banned for sending mass tel's.
>So it seems I wasn't that far out of line thinking
>that naftee was polytarp, and I had legitimate reasons for thinking so
>(hey, STeve Andre thought the same thing!).
Yes, I ran polytarp's mass-tel program at the same time and location as him.
>But I also went away thinking he wasn't too serious about getting his account
back.
I explained in item 29 why I responded like that. Here it is again:
#16 of 125: by saladman (salad) on Sun, Nov 2, 2003 (18:48):
re 9 You should read the series of writes cross and myself exchanged. It
started with cross saying something like, "I'll give you a cookie if you
promise to be nice".
#17 of 125: by Dan Cross (cross) on Sun, Nov 2, 2003 (21:20):
Nonsense. I told him I'd give him his account back if he said he
wouldn't damage the system. The response was something on the lines of,
``CAN YOU TELL ME HOW TO FIX MY TV!'' I concluded after a couple more
exchanges he wasn't serious about getting anything unlocked, but just
wanted to be irritating.
...
#18 of 125: by saladman (salad) on Sun, Nov 2, 2003 (22:59):
You're arguments are so silly. Response #16 is an excellent paraphrase of
what you wrote. An occaisional user of GreX suddenly finds his account
locked
and most of the IPs he comes from banned, and a staff member writes to him
that he's abused the system and'll only give the account (and access) back
if he promises to do this or that. And then this staff member wonders why
this user is so mad at him. Well, gee golly, don't think to hard.
>As for naftee getting caught in the sweep of polytarps
>access, well, I've already explained that enough times.
And you eventually fixed it. I thank you for that.
> 3) It's okay to vandalize grex as long as you complain about
> being punished later in BBS.
In willcome's case, no; but after jp2, yes.
|
willcome
|
|
response 24 of 53:
|
Dec 7 03:37 UTC 2003 |
That was the most confused post ever.
|
sholmes
|
|
response 25 of 53:
|
Dec 7 04:17 UTC 2003 |
re: 13 ..No Joe , you would know I am weighing the penalty against the
advantages because I am putting it here on BBS. Okay forget me, .. does
that imply only those who make it known beforehand their intentions will
be treated severly while anyone who does it quietly can get away with
it. Why I can even create new ids and spam from there and you would not
even knwo it was me and then later complain that I am being victimized
in co-op.
My point is exactly what cross mentions in #16
3) It's okay to vandalize grex as long as you complain about
being punished later in BBS.
somehow the above needs to be addressed I feel .. if willcome can get
away with it .. anyone else can and maybe with further damage in the
form of another staff resigning because staff themselves are unclear on
what is the correct course of action ...
|
mary
|
|
response 26 of 53:
|
Dec 7 20:06 UTC 2003 |
Well, I reread the entire discussion, and I end up in the
same place, having concerns about how this was managed.
Three of my four responses I'd make again.
I agree that my comment "Because he can" was personal and
unnecessary, and I apologize to Dan for making it.
I'm still interested in an answer to my question, above,
which I'll state again.
I realize that sometimes staff has to lock user accounts and block
access. But when you assume someone deserves such treatment, take the
action, then find out you spanked the wrong person, what is the
acceptable response?
|
gelinas
|
|
response 27 of 53:
|
Dec 7 22:33 UTC 2003 |
To apologise to the person wronged.
|
cmcgee
|
|
response 28 of 53:
|
Dec 8 01:39 UTC 2003 |
I disagree with Mary on this one. Dan did the most rational thing he could
with the information he had at the time. he did ask how to handle it; he did
do what other staff members had done in the same situation.
To hold him publically to a different standard even after you know other staff
members advised him differently than you would have done it, is not rational.
Rational is to say, ok, I didn't know staff was doing it this way, let's talk
about how _staff_ handles these kinds of situations, not how _cross_ handled
this one.
And I still dont think he was _wrong_. He did it differently than you would
have liked. That does not make it wrong. That does not make it "admit you
were wrong and apologize".
I think he did the _right_ thing. with what he knew at the time. To say,
you should have known that I would disagree with staff behavior does not make
what he did wrong.
For jumping to conclusions about an account, he owes that account an apology.
But not a global 'mea culpa'.
|
naftee
|
|
response 29 of 53:
|
Dec 8 01:40 UTC 2003 |
Uhm yea, apologise to the account all ya want.
|
willcome
|
|
response 30 of 53:
|
Dec 8 04:46 UTC 2003 |
I'm pretty sure the only way to live properly is to classify everything you
dislike as wrong. YEah, pretty sure.
|
gull
|
|
response 31 of 53:
|
Dec 8 16:06 UTC 2003 |
I agree with resp:28. It seems to me that mary was holding cross to a
different standard than she would other staff members, and trying to
micromanage him to a much greater extent. It doesn't surprise me he
felt she was forcing him out. It's impossible from here to know whether
this was just because he was new and hence untrusted, or for more
personal reasons.
|
other
|
|
response 32 of 53:
|
Dec 8 16:17 UTC 2003 |
Dan, I think it's fair to say that most of the people who responded,
myself included, to your actions on this matter did so without
having the full picture available. We could see effects, but we
couldn't see the process of decision-making.
I'd like to apologize for anything I've said which was reflectve of
ignorance of the full story at the time. I think you were caught in
a complex situation which you handled the best way you could, and
there were a number of remarks from several people which appear to
have been mistaken or misinterpreted.
The best thing we can do with this is try to figure out how to make
sure this kind of thing doesn't happen again. Perhaps we need a
more clearly defined structure of rules and appropriate responses to
their breakage. Perhaps simply a better system of communication.
Whichever the case, I'd like to see us move past the recriminations
and focus on fixing the problem. It's important for staff to be a
part of this discussion because it is staff who will really
implement the fixes. Board should be aware and supportive of the
effort, but it isn't the board that will be handling these things.
|
gull
|
|
response 33 of 53:
|
Dec 8 17:22 UTC 2003 |
I agree that this needs to be fixed. If I were a potential staff member
and I saw this go on, I'd think twice about agreeing to join staff.
|
flem
|
|
response 34 of 53:
|
Dec 8 19:38 UTC 2003 |
It's true that board members don't have access to all the information
staff has. We don't get staff email, and most of us don't read the
staff conference (though I think we can). I wasn't aware of all the
details that cross explained above, and some of his actions make more
sense in light of them.
I, too, find myself with some concerns about the practice of locking
an account because it is suspected to be used by a known vandal. I
think it deserves further discussion, as does the idea of what to do
when a user account is locked mistakenly -- but those things have
nothing to do with cross individually.
I really think it's important to be supportive of staff, especially
right now. We have a couple of people on grex that have discovered a
way to attack them personally, by doing borderline-abusive behavior,
then coming to coop and complaining loudly about anything staff does to
them as a result. And because it *is* pretty borderline stuff, they are
finding some support among the normal denizens of coop. Instead of
running malicious software, these vandals are trying to infect the
community of Grex with malicious memes.
What we can do about it is be supportive of our staff volunteers, and
-- this is important -- cut them some slack. If we disagree with the
way staff handles something, we still need to talk about it, that's what
we do on Grex, but let's be particularly careful to use tact. Let's
discuss what we should do the next time something similar happens rather
than pick apart an individual staff member's actions. Let's talk about
what the proper solution to the problem is rather than questioning a
staff member's qualifications.
Mary, I think you could do a little better at this.
Dan... *let* us be supportive of you. Do you know what being the
high'n'mighty "President of Grex" means? It means you get to hold the
gavel at board meetings. Well, and call Zingerman's to reserve a room,
too. But that's pretty much it. Mary doesn't speak for the rest of us,
any more than jp2 speaks for the rest of us. Would you get this upset
because jp2 disagreed with your decisions?
|