The polytarp account.110 responses total.
This response has been erased.
Yup, if an account has it's mail forwarded to abc@xyz.com, then we'll happily reset the password and mail it to abc@xyz.com. Apparantly those who actually wade through the awesome heap of staff mail we get every day were being annoyed by the extraneous mail, and decided to take a slightly creative approach to fixing the problem. Certainly fits long standing policy.
O? So, basically, you're saying you're allowed to violate the privacy of people who do things you don't like?
No, only to people who foolishly forward their email to staff.
Yes, something staff doesn't like.
No, we're saying that there's a longstanding policy that's been followed. It has nothing to do with liking or not liking anything.
"were being annoyed" indicates they disliked it.
That's an aside.
Try reading with some attention. The policy, as stated by Valerie, is that if the recipient of forwarded mail objects, to reset the password and send the new password to the forwarding recipient. This isn't "violating the privacy of people who do things you don't like", but preventing email abuse. That the recipient of forwarded email didn't like it is the trigger for the policy; that's what abuse of email means.
(#8 slipped in; my response was to #7.)
You hardly have to give people access to all the abuser's files and E-mail to prevent abuse, Lovelace.
A .forward file pointing to e-mail account X is fairly convincing proof that the owner of the grex account trusts the person(s) with access to X to read all of his/her personal e-mail. Access to e-mail is accepted as proof of authority/ownership quite widely on the internet. I think this is a pretty reasonable policy for grex to follow.
This response has been erased.
O please. You said you mail person A's password to person B, just as though a .forward to person B means the two are the same person. But, of course, in doing that you give access to all of person A's private files and archived mail to person B, and you said you did the same thing here with staff. This clearly indicates you've violated both polytarp's and other people's privacy.
If Person A IS Person B, his privacy has NOT been violated. A forwarding ALL mail to B is prima facie evidence that B IS A. Yes, Staff knew that they were not Polytarp. However, the policy still applies: Polytarp forwarding ALL mail to Staff is prima facie evidence that Polytarp considers Staff to be himself. If you don't like that, don't forward your mail to staff.
It took me a few responses to follow the rationale behind what was done. Why was the polytarp account forwarding all of it's mail to staff, dah?
If staff considers itself to be me, give me the root password now or else I can't do my appropriated duties. Huh? Oh, polytarp was doing that because he didn't really have any important mails mixed in with all his spam and he didn't know where else to forward it.
Perhaps the origins of this policy need to be explained, so I'll attempt to do that. Staff gets lots of request from people who have lost their passwords, and needs some way to verify that the person sending the request is in fact the owner of the account. To do that, in general, staff looks at information in the account to find some contact information put there by the account's owner. Most commonly used are phone numbers or e-mail addresses from the .plan file (what shows up in finger output), but if that's not good enough, staff sometimes needs to look elsewhere. One of those "elsewheres" is the user's .forward file, on the assumption that the account holder is by definition the legitimate user of an account, and anywhere mail to that account gets forwarded can be assuemed to be that person. Then came the problem of impersonations, generally a case where somebody creates an account and claims to be somebody else. There wasn't a policy for that, but it fit nicely into the password reset policy, in that if somebody claimed to be somebody else, and that somebody else wanted it stopped, it was quite legitimate to give control of an account to the person whose account it claimed to be. From there, I assumeit to have been a relatively easy jump that if forwarding mail to an address established that that address belonged to the account's owner, giving control over an account to the person whose address the accounts mail was being forwarded to was quite legitimate. Of course, in most of thsoe cases, staff could easily claim that as far as they knew, and had been told by hte owner of the account, the account belonged to the person whose address showed up in the account. In polytarp's case, staff knew the account wasn't staff's. Still, this strikes me as a pretty basic application of policy and past precident as written. Do any of polytar's clones have suggestions for how this might be changed for the better?
Right, it's a very basic application of policy and past precident which obviously violates the purpose of policy and PP.
David, if you don't want any of your mail, you can forward it to /dev/null.
Hey, it's polytarp's fault that he gave his account to staff. Why don't you take it up with him?
For various reasons, I don't find the second paragraph of #17 to be credible. I'm comfortable with how this was handled.
I think staff had a very restrained and reasonable response in this situation.
This response has been erased.
Really. STeve even asks my permission to read my mail or files when I tell him I am having a problem with them. And we share everything (except passwords).
O please, valerie. You know for a FACT that you gave the polytarp account to staff. You said you did. That means, of course, you've also given them permission to read various private files; and, as you said, they don't need the password to do that. This is a chilling and BLATANT violation of privacy.
I can't imagine any grex staffer either thinking that the symbolic "giving" of polytarp's account to staff gave them (staff) any more rights to the account's contents *or* that any grex staffer has nothing more important or interesting to do than look through polytarp's account. Is there anything so important/interesting there (address of Saddam's secret hideout, text of the next Harry Potter book, Fermat's original proof of his "last theorem", etc.) that we should bother going to look?
Re #22: I find the first paragraph of #17 even less credible, somehow.
Regarding #26; Wow, it's like arguing with a brick wall, isn't it?
This soap opera just keeps getting better! Or is it a cartoon, with poly in his various guises as e.g. the coyote?
O please, Walt. You know as well as I do that Grex's staff is stalking me. Now they've allowed themselves to use my mail address, as well as reading my private files and E-mail. It's absurd.
"Absurd" is exactly the correct word, indeed.
It's a blatant privacy violation, and the fact that the Grex users can't see that is a horrible reflection, etc.
I know, it's plot-element trials for "Dumb and Dumber-er-er"!
That was an just an awful sentence, Russ.
Why is it a privacy violation? Staff could have looked at polytarp's `private' files at anytime *if staff had wanted to*. Staff didn't want to, and doesn't now; so far as I'm aware, no one's gone looking at polytarp's files. So what, exactly, is the privacy violation?
Because now staff thinks it owns the files and therefore it's not like they don't equally think there's nothing unethical about looking at them and stalking me.
Polytarp, one day when you're older, you may come to the understanding taht constantly attempting to annoy some group of people will likely cause them to do things to you that you'd rather they not do. In some cases (not going out of their way to do things for you) it will be an entirely reasonable response. In other cases, the responses may well turn out to be things that people shouldn't do no matter what the reason, but which still wouldn't have been done to you had you not provoked them. Frankly, I think the staff has been remarkably restrained in dealing with you.
A paragraphe is like an hamburger. Where's your bun?
Staff has been remarkably restrained in dealing with an obvious troll. I don't see any justification in dah/polytarp's complaints. He's just looking for attention.
And we're playing right into his plans to get more attention.
I didn't want any attention at all. I just didn't want spam and want my account back or the root password or any two.
I guess i don't really have any right to say anything as I am not a member, but I agree with what the staff has done. If polytarp forwards his email to staff@, then he deserves to be locked out of his account. I would not like it too much if someone started forwarding all their email to m.
You don't have any right to say anything because you're a fucking moron.
re #44: That doesn't stop you...
Re #43: Non-members are 100% welcome to comment on anything in this conference. How much attention I pay to a person's opinions has nothing to do with there membership status. You are what you say, not what you pay. The conditions under which the the staff may look at a user's files are described at http://www.grex.org/staffnote/privacy.html. In this instance, we had cause to inspect and change polytarp's .forward file, but not anything else. Personally, I can't say following those guidelines is any particular challenge. I haven't a hint of interest looking at polytarp's files.
This response has been erased.
resp:40 hoo, am I slow on the uptake... new guise, eh? A troll all the same.
Re. 47: I promise to not forward all of my mail to staff again, even though my mail will surely continue to contain spam. Thanks, popcorn!
Did you get your account back, polyTARP?
Just to test out this Grex policy of forwarding e-mails and the like, just yesterday afternoon I created a .forward file in naftee's home directory and placed my e-mail address in there. I then IMMEDIATELY afterwards sent a mail to staff requesting that I stop receiving tons of spam from naftee@grex.org. Staff (Valerie Mates) replied, stating: I've turned it off, and reset the password for the naftee account. It's Grex policy that in this situation, we'll assume that you can have control of the account if you'd like (since people only forward their e-mail to their own other accounts). Please let me know if you'd like the password for naftee sent to you. This above message is very disturbing, and raises some important questions that polytarp/dah hinted at and that I would like answered. Firstly, what if I had purposely tried to harass a certain user by forwarding all my mail to him/her? That person would have immediate access to my old account and my password, not to mention my files, etc. Or, what if I had NOT forwarded all my mail, but merely the spam that I had been recieving? Would staff had checked this (procmail)? I should think not. And finally, why was this all done WITHOUT a warning? For example, it would have been trivial for the staff to have removed the .forward (or .procmailrc , whatever) and sent a mail to that user, asking them to stop, informing them of the consequences of their actions, etc. etc. I believe the staff does something like this for deleting large files owned by a user. Actually, there's precedent above: Valerie Mates did say she would return polytarp's account to him if he stopped sending mail to staff. HMMM, shouldn't this be done BEFORE the account gets reset, the files modified, etc. etc. ? Also, please give me back my naftee account. I apologise if all this has caused any inconveniences, and strongly encourage the staff to look at these problems a little more closely.
(If you forwarded your mail to yourself, just reply to the message and ask that the password be sent to you. You will then have your account back.)
Since can't randomly create .forward files in other people's accounts, I don't see where the problem might be. More specifically, I don't see how you can get your account taken away without doing something of ill intent.
Yeah, sorry, asddsa/naftee, you're not engendering much sympathy in me. I don't see a problem with the policy here. And no, you shouldn't count on staff giving you a warning before deleting big files.
re 52 I forwarded the mail to myself because I didn't feel like losing an account. That has nothing to do with it. re 53 I wasn't expecting it to be taken away, I was testing a hypothetical situation. re 54 Of course they don't give a warning in deleting big files, but what they DON'T do is reset your password and send it to an alternate email address. You all missed the point completey. The fact is that changing an account password on the system and sending it to an offsite person is a very dangerous thing, and should not be taken lightly. If anothe staffer wanted to approach this problem, I think they should have taken a closer look at the creation date of the file and the date of the e-mail, and they would have clearly seen that something fishy had been going on. This should be the MINIMUM required care if a root is going to do something as drastic as changing account passwords. I find it crass that the staff won't even consider deleting the file first and giving a message, but just change the password. And I won't state again that this could be a privacy violation. Read my response above. Another funny thing. When I entered party last night as asddsa, it was automatically assumed by our good friend krj that I haddone something wrong, that I had pissed people off, etc. etc. Maybe that's why certain users are so afraid of posting their opinions in the bbs. I can't say I blame them.
I sure hope you're around 16, naftee.
I'm sure glad you're not my mom.
AHAHA, SHE DOESN"T EVEN THINK KNOW THAT IBUPROFEN AND ASPIRIN COMBINATIONS ARE CONTRAINED.
Regarding #56; Why? Are you sure you want him driving?
Why was naftee's password changed again?
(Is "contrained" actually a word, or are we having trouble spelling "contraindicated"?)
Contrained is good enough, fatty. And it's contrainidicted. Fatty.
-bash-2.05b$ ssh polytarp@cyberspace.org Warning: Server lies about size of server public key: actual size is 767 bits vs . announced 768. Warning: This may be due to an old implementation of ssh. polytarp@cyberspace.org's password: Permission denied, please try again. polytarp@cyberspace.org's password: Permission denied, please try again. polytarp@cyberspace.org's password: ARE YOU GOING TO RECOUP ME MY ACCOUNT OR NOT?!
m-w.com and my fat ass both say "contraindicated", dummy. You lose.
OR MINE?! login as: naftee Sent username "naftee" naftee@grex.org's password: Access denied naftee@grex.org's password: Access denied naftee@grex.org's password: Access denied naftee@grex.org's password: Access denied naftee@grex.org's password: Access denied
Robbi Henderson, How is it I should spell contraindicated?
65: I think this proves Valerie "Popcorn" (?) Mates is a liar.
I'm certain that Valerie has more pressing matters to attend to.
re 67 Her web page proves that fact nicely.
In what way? Re. 68: more pressing than being true to her word?
Make that 14. ;-)
Re #51: "Doctor, it hurts when I do this!" 'Well, don't do that.' If you forward your mail to someone's account with the intent to harass them, you deserve what you get. If you're worried about that person getting access to your account, don't forward mail to them from an account you care about. This is an abuse of the .forward facility anyway.
The main handler of Grex staff email (Steve Weiss) is on vacation. He usually processes the week's email each weekend. Valerie was covering things for him, but she has been hit by a heck of a lot of work this weekend. It'll be a few days before she can reply. Naftee: Staff has a heck of a lot of work to do dealing with real issues. We really don't need to spend time playing games with you so you can "test out the policy". Golly, gee, big surprise, the policy is exactly what we say it is! You have to play games to determine this? I dug through some staff mail and found this mail below. It appears that the new password for naftee has been sent to you. The old password will not be restored by staff, because staff doesn't know your old password. You need to use the new password that was emailed to log in. From the message below, it appears to me that (1) your problem has been resolved, and (2) you have managed to confuse Valerie with your stupid games and (3) you have elicited from her a wholely undeserved apology. She's been way to polite to you throughout. > From: <valerie@unixmama.com> > Date: Sun, 07 Sep 2003 09:59:33 -0400 > To: "Jim Daloonik" <haveaniceday@yourmom.com> > Subject: Re: Help Please! > > OHHH! I see -- I thought you were complaining that someone else had > created an account on Grex, directed lots of spam to it, and then set it up > to forward mail to you to harrass you. In fact you were saying that naftee > is your own account, and that people were sending lots of spam to it. My > apologies!!!!! I'll go reset the password and send it to you in a separate > message in a moment. > > And the correct answer to your original message about receiving spam is > that everybody else on Grex is getting way too much spam too. Grex is > slowly working toward switching to a more modern computer. Once that > happens, we should be able to put more modern anti-spam blocks in > place. In the meantime, you can forward spam messages (they must include > complete message headers -- all the "received from" lines -- in order to do > any good) to uce@cyberspace.org. That address is a repository of > spam. Once in a while grex's mail guru goes through the mail in that box > and looks for patterns that can be used to add new teeth to Grex's > anti-spam filters. When you forward mail to that address, you won't get > any reply; the message is simply accumulated until someone on staff can > take a look at it. > > Again, I apologize for the confusion!! > > -Valerie Mates > Grex staff > > At 09:54 PM 9/6/2003 -0700, Jim Daloonik wrote: > >It would be greatly appreciated if I could have my account back, please. > > > > >Date: Sat, 06 Sep 2003 17:41:40 -0400 > > > "Jim Daloonik" , Valerie Mates Re: Help Please! > > >At 01:50 PM 9/6/2003 -0700, Jim Daloonik wrote: > > > > > >>help me please. i'm getting tons of forwarded spam from naftee@grex.org . > > >>help > > >>please. > > > > > >I've turned it off, and reset the password for the naftee account. It's > > >Grex policy that in this situation, we'll assume that you can have control > > >of the account if you'd like (since people only forward their e-mail to > > >their own other accounts). Please let me know if you'd like the password > > >for naftee sent to you. > > > > > >-Valerie Mates > > >Grex staff > > > > > > > > >------------------------------------------------- > > >Valerie Mates, Web Developer > > >http://www.valeriemates.com > > >valerie@unixmama.com > > >(734) 973-2472, fax (501) 423-8432 > > >------------------------------------------------- > > > > > > > > >At 01:50 PM 9/6/2003 -0700, Jim Daloonik wrote: > > > > > >>help me please. i'm getting tons of forwarded spam from naftee@grex.org . > > >>help > > >>please. > > > > > >I've turned it off, and reset the password for the naftee account. It's > > >Grex policy that in this situation, we'll assume that you can have control > > >of the account if you'd like (since people only forward their e-mail to > > >their own other accounts). Please let me know if you'd like the password > > >for naftee sent to you. > > > > > >-Valerie Mates > > >Grex staff I haven't a clue what is going on with the polytarp account. I don't see a request from dah for the polytarp password to be restored in staff mail. Did Valerie have a way in mind to prove that 'dah' is 'polytarp'? That's usually required before resetting and mailing out a password. I dunno. You needn't bother trying to log in with the old password. We don't know the old password and can't reset it. To reset the password, a new one will be set and mailed to you.
This is an exact demonstration of my worries about privacy violations. You posted naftee's private E-mail without permission.
RE 72 Yeah, you deserve to lose your account, your privacy, your files, your identity... re 73 It's not my problem if she gets confused over something. As for the password, I logged in, reset it to what it was originally, and now it fails to work. AND you still haven't even considered the possible solution of giving a warning. In fact, I believe it was NON staff members who've had a more open view with this than you close-minded people.
This is ridiculous. He's just playing games and wasting staff time for his own amusement.
Waisting.
Yeah, wasting by suggesting a policiy which is MUCH better than the current one, and being ignored because you lazy fucks are busy complaining about how your time is so valuable and how everyone is out to kill grex.
Watching naftee/dah/polytarp/asddsa complain about the utterly predictable results of stupid acts is very entertaining. Though I'd suggest not setting the passwords back. If the recipient of the forwards complains, just splat the account, no saving throw.
Hmm. If you honestly think this is a superior policy to the current one, why not propose it formally?
Re 80: Are you addressing russ, or naftee? 8-{)]
Whomever.
Both the policies presented by russ and myself are more reasonable than the current ones.
Prove it. Subject it to a vote.
I nominate your mom.
I'm going to become a Grex member just to put this policy to vote.
(Re #84: Adoption of a policy by vote does not prove that the policy is reasonable.)
Fascist.
Reasonable, being a highly subjective concept, may in this instance be considered to be effectively determined by a test of adoption and implementation by the membership of Grex.
Congratulations, you've now justified the Holocaust.
Imposter
A dead skunk spread across twenty yards of two-lane blacktop would be all it takes to justify the Holocaust in your addled mind, Jamie. ;)
Staff doesn't in general do a lot of warnings. During that last hours, I deleted files from probably 500 users, and nuked maybe 100 accounts. I didn't warn any of them. In most cases, I took only the briefest look at what they had. If they had a big file named psybnc.tgz, I nuked it without even bothering to check if it a copy of psybnc, rather than something entirely innocent. I did manage to free up a lot of diskspace though. I used to be a lot more careful about these things. I'd check things carefully, send warnings, follow up on stuff. Not any more. Too much crap and too little time. I don't actually want to send 500 emails to various user telling them that psybnc is not permitted on Grex. I don't want to read 500 replies. I don't want to keep track of which users have been warned. Sorry, no deal. If you leave a copy of psybnc on your account, I'll probably just delete it, but I'll lock the account if it looks to me like they know this isn't allowed (eg, if they stick it in a directory named ... or ' ' or something). If they have exploits on the account, I'll nuke it. I don't care if they tried to use them or not. When cleaning up disk space, I give people the fairest assessment that I can give in 30 seconds. I'm probably not wrong often. You want us to send warnings to a user if they start doing stupid stuff? I think you have no concept of the shear numbers of people doing stupid stuff on Grex. The case of setting your mail to forward to some other user is in some way even more dubious than some of the others. I could remove the user's .forward file, and send him email, but I could hardly assume that a person who set up all his Grex mail to forward elsewhere is going to log onto Grex to read his mail. Where should I send the warning? Yeah, we probably could have gotten a warning to polytarp, but you want us to send warnings as a matter of policy. 99.9% of the time, we don't know the users doing this. How do we warn them? Should the rule be different for users we know? Processing staff mail and cleaning up the disks aren't exactly huge amounts of fun. Do you think you'll improve the way these jobs are getting done by passing some policy mandating that they be done in a way that doesn't make sense to the people doing them? Do enough of that, and they'll fire themselves. The staffers are all sensible people. If you have sensible complaints and sensible suggestions we'll handle them. If you want to bring a policy up for vote, go ahead. Just don't expect it to pass or anything.
Jan, do yourself a favor and go back to ignoring this item. ;)
Really not worth explaining so much to someone who is just killing time.
re 93 You are correct about the large files incident. But nuking an account is different from going ENTIRELY our of your way to reset a password, offer to give it to someone and change files in a user's home directory. that's just plain privacy violaiton. And I cannot see how the current policy of sending AT LEAST three e-mails differs from deleting ONE file and sending ONE e-mail. Just out of curiosity, how many spam removal requests do you recieve?
Re #89: Um, no.
Uhm, yes, doctor.
What a three ring circus.
Why was dah's password changed?!
Dah? Do you read anything other than your own responses?
VALERIE, may I please ask when is my password going to be reset?
Actually, can I ask for jp2's to be reset? PLEASE?!?! :)
O, wait, the happy face is the trick? Addendum to 102: :)
That was funny, on a very weird level
Valerie doesn't read this conference that often.
There's actually two things here; our normal response to routine problems, and our response to exceptions. Our normal response to routine matters is highly oriented around what usually seems to resolve the problem 99% of the time. These are generally pretty boring, even to the most anal of staff. They aren't always the things we'd like to do, but well, that's life. For the exceptions, our policy has always been that we don't want any more rules to constrain what we do than necessary. Our goal here, after all, is to keep grex running as a useful service, and it would be irresponsible of us to follow rules that do not serve that purpose. Privacy here is something of a red herring. Pretty much anything people do on grex is at least potentially visible to staff, if only by accident. ECPA makes this an explicit right in the case of problems, with various safeguards and limitations. People who attempt to hack the problem resolution process pretty much at one stroke define themselves to be an exception to both the normal rules process we follow here on grex and to the normal expectation of privacy defined under ECPA. The surprising thing here is that the normal rules were still such a reasonable and useful response to a non-normal situation. I'm sure polytarp already knows this, but I may as well state this for the record: staff people on grex already have the ability to see anything on grex without a user's password. That's just the way root works on Unix. Material stored on grex is also at least potentially vulnerable to inspection by various other bodies, using various legal and illegal methods. Generally you shouldn't store it on grex, if you don't mean to publish it. There are all sorts of other reasons why you shouldn't store such data here anyways. When you use grex for private data, you are trusting grex staff not to abuse your trust and generally to do the best job possible of securing your data, but there is no such thing as absolute security, and a free timesharing service is very far from most computer people's notion of security these days.
You're so anal
YEAH
TROGG IS DAVID BLAINE
You have several choices: