Grex Coop10 Conference

Item 76: General Discussion of Member Benefits

Entered by janc on Thu Jan 29 20:05:32 1998:

Picking up a thread from item 72.
===========================================================================
#44 of 53: by Mary Remmers (mary) on Wed, Jan 28, 1998 (00:31):
 The following is the text of the membership vote which restricted
 specific services to members only.  A number of reasons for limiting
 access are mentioned but I don't see any reference to using these
 restrictions as an incentive for folks to send in membership dues.
 
                 ***************************************
 
  PROPOSAL:
  
  The following internet services enrich the Grex community, do not use
  much bandwidth, and do not provide much potential for internet
  mischief; therefore they should be made available to all:
  
   Finger
   Whois
   Ping 
   Mail (incoming and outgoing)
   Incoming Usenet News
   Incoming Telnet
   Incoming FTP
   Incoming Lynx
   Talk (and it's various permutations)
   Archie
   Veronica
   WAIS
   Gopher (with all Telnet capabilities disabled)
  

  The following services will be restricted to VERIFIED GREX MEMBERS and
  VERIFIED GREX USERS (however the board shall define that term) because of
  the potential for world-wide mischief:

   Outgoing Usenet News


  The following services will be restricted to VERIFIED GREX MEMBERS in good
  standing, because these services utilize a lot of bandwidth, offer
  less of a benefit to the Grex community as a whole, and/or hold the
  potential for system cracking and other undesirable activities:

   Outgoing FTP
   Outgoing Telnet
   Outgoing Lynx
   Gopher (with telnet capability enabled.)
   IRC


  Being that the major objection to open access for the above
  services is the lack of available bandwidth on Grex's internet
  link,  It is understood that any of these services may be made
  available to all VERIFIED USERS as well as VERIFIED MEMBERS as soon as Grex
  acquires a link of suitable power and robustness.

  In order to maintain the integrity of both Grex, and of the Internet as a
  whole, the Grex board shall have the power to restrict or deny internet
  access to groups or individuals who pose a security risk, or who engage in
  inappropriate behavior (as defined by the Grex board).

  The board may also make modifications to this proposal without resorting
  to a member vote in the case of an emergency situation, or if some
  provision of this proposal proves to be technically impossible to implement.


 VOTE RESULTS:

 Results were posted on Wednesday, August 17, 1994.
 49 out of 80 eligible voters cast ballots.  The Tally:  Yes 36  No 13
 The proposal passed.
                                                                  
       *********************************************

#45 of 53: by Jan Wolter (janc) on Wed, Jan 28, 1998 (11:47):
 Wow.  Mail is a service that doesn't use much bandwidth?  Well, not on a
 per-user basis, normally, I guess.
 
 Also, I note that we do allow "outgoing lynx" to all users.
 
 [...deleted...]

 The above text raises some other issues that probably ought to be treated
 in another item.

#51 of 53: by Steve Gibbard (scg) on Wed, Jan 28, 1998 (18:15):
 I'm also ammused by the statement in the voted on policy that ping doesn't
 have much potential for abuse.  We in fact aren't allowing anybody to run
 it, because it can be abused so easily.

#52 of 53: by Gerund Word (gerund) on Wed, Jan 28, 1998 (20:29):
 So then pardon me for asking, since I really have no clue, but isn't that
 a violation of the result of the vote?

#53 of 53: by Rane Curl (rcurl) on Thu, Jan 29, 1998 (03:33):
 Not really - the policy says those things *should* be made available, not
 that they will be. Consequently, access to those services are subject
 freedly to staff choice, unless overruled by the board (or by a vote).
8 responses total.

#1 of 8 by janc on Thu Jan 29 20:17:48 1998:

I think we have to recognize that what is may not have consider a security
problem in 1994 could turn out to be one later.  I think restricting "ping"
compiles with the intent of the policy, if not the letter.

Allowing lynx does comply with the letter of the policy.

I suppose if we really wanted to be formally correct, we should either
re-enable ping or hold a user referendum on the subject.  I consider both
options a bit silly, so long as there aren't lots of people crying in the
street for ping access.

I think Grex's principle of government is to a significant degree consensual.
If we are bending the policy in a non-controversial way, I'd say fixing the
policy is a low priority - something to keep in mind to do if we are ever
making other changes to the policy.


#2 of 8 by rcurl on Thu Jan 29 20:34:31 1998:

You may have missed my point. Any policy that uses the word "should" is not
a policy - it is a guideline and can be violated freely subject only to
whatever subjective judgements others may have.


#3 of 8 by srw on Fri Jan 30 02:45:23 1998:

"lynx" is an application. A browser in fact. Because it is what people use,
it is what is named in the policy. However, that is all technically incorrect.
We limit access not by the application used, but rather by the protocol used.

In 1994 we voted not to open outgoing lynx, but that should really read
outgoing http. At the time we allowed gopher protocol. Since then, nearly all
of the gopher sites have gone, replaced by http sites. At some point we
decided (without a membership vote) that http was really meeting the same 
needs as gopher (only better), and should have been permitted. 

So, today, lynx can access http and gopher sites, but not ftp sites.

Similarly, when it became a problem, staff decided to restrict access to ping.
No membership vote was taken. Both of these changes were announced somewhere
publicly, I'm sure.

If either of these decisions were questioned by the membership, I believe that
they are fair game to be reviewed. They were not attempts to circumvent
the wishes of the members so much as a reaction to changes in usage patterns
on the net or on Grex.


#4 of 8 by gibson on Fri Jan 30 05:32:40 1998:

        What is ping?


#5 of 8 by scg on Fri Jan 30 06:22:36 1998:

Ping is a program used to test whether another system can be reached across
a network.  Ping sends out an ICMP (Internet Control Message Protocol) echo
request packet, so that if the other computer is up it will receive that and
echo it back, shoing the system doing the ping that the other system is up.
Normally the packets ping sends out are quite small, and it is a useful tool
for network testing and troubleshooting.  The problem is that ping allows the
user to specify the size of the packets it sends out, so by sending a very
large ping a user could make Grex's Internet connection unusable, and could
also cause problems for whatever other system they were "flood pinging."

If we were going to reenable ping, it would make sense to modify it to take
away its ability to send large ping packets.  That wouldn't be too hard to
do, but since nobody other than the staff really needs to be able to run ping
on Grex there wouldn't be much of a reason to put the work into it.


#6 of 8 by jared on Sun Feb 1 00:42:37 1998:

Ping should not be globally enabled.  On nether.net I don't bother to 
deperm it, I just block it at the router level.  This way I can see
who is trying to attack who.  It makes it nicer because people don't
break into the routers :)



#7 of 8 by steve on Mon Feb 2 04:52:04 1998:

   Color me stupid, but I'm not sure I understand the idea behind
this item.
   I think Grex is as open as it can be right now, given the
current level of network connection and CPU it has.  The extra
speed of the ISDN link is needed to make Backtalk at all usable,
and the 670 is going to be barely able to provide "real" service.

   Given the ever rising expectations that people have in computer
services, we're going to have to be better at offering conferencing
if we're going to stay viable for random people.


#8 of 8 by lilmo on Tue Feb 3 23:06:55 1998:

Internet access should be the bare minimum needed to keep ppl interested and
involved in *Grex*.

Re #6:  "who is attacking" whom.  -)


There are no more items selected.

You have several choices: