|
Grex > Coop7 > #26: User Verification -- Is It Feasible? | |
|
| Author |
Message |
| 25 new of 147 responses total. |
srw
|
|
response 25 of 147:
|
Apr 2 01:48 UTC 1995 |
That's a good accurate summary as I understand it.
The FBI was very stupid, but especially ignorant and fearful back then.
They are far less ignorant about computers nowadays, although
I would doubt they should be classified as experts.
|
ajax
|
|
response 26 of 147:
|
Apr 2 03:10 UTC 1995 |
This is getting a little drifty, but it's interesting, so what the heck....
That account is very nearly accurate. However, two common errors are
included in Steve Jackson's own "Top Ten False Facts About the Secret Service
Raid:"
5. This was part of Operation Sun Devil.
No it wasn't. Sun Devil was a totally separate project, aimed at credit
card fraud. Because it had a neat name, it got a lot of headlines. Since
computers were involved, some reporters got the two confused. The Secret
Service helped the confusion along by refusing to comment on what was, or
wasn't part of Sun Devil. Sun Devil was not a "hacker" investigation. So
says Gail Thackeray, who was its spearhead.
7. We were raided by the FBI.
No we weren't. We were raided by the US Secret Service. The FBI had
nothing to do with it. (In fact, when Bill Cook, the assistant US
attorney named in our suit, was doing his "research," he talked to the
FBI. They told him he didn't have a case. We have this from FBI sources!)
SJG did have to reconstruct their book from memory, and while most of their
original material and notes concerning the book were returned after its late
publication, they never did receive everything back. Here's an excerpt from
the complaints in their lawsuit against the SS:
58. On June 21, 1990, the Secret Service returned most, but not all,
of the computer equipment that had been seized from SJG over three
months earlier.
59. The Secret Service did not return some of SJG's hardware and data.
60. The Secret Service did not return any of the printed drafts of
GURPS Cyberpunk.
In looking at the original search warrant, I stand corrected that they used
copyright law to justify the seizure. They considered a text file in
question a proprietary document which had been electronically stolen. That
was a false classification, but that's what they put in the warrant:
18 USC 2314 provides federal criminal sanctions against individuals who
knowingly and intentionally transport stolen property or property obtained
by fraud, valued at $5,000 or more in interstate commerce. My investigation
has revealed that on or about February 24, 1989, Craig Neidorf transported
a stolen or fraudulently obtained computerized text file worth
approximately $79,000.000 from Columbia, Missouri, through Lockport,
Illinois to Austin, Texas to Loyd Blankenship and Chris Goggans.
As Steve Jackson said, "the one bright spot in this whole affair was the
creation of the Electronic Frontier Foundation to address this and similar
outrages." Amen to that!
While I think the SS and perhaps the FBI may have gotten a good refresher
course in some basic points of law from this, they aren't the only danger.
The Church of Scientology S&S was primarily conducted by local police
officers, many of whom were on the payroll of the CoS. On-duty police
officers served the search warrant, and let off-duty (CoS-paid) officers in
to erase disks and backup tapes. (Allegedly, anyway...this happened in Feb.
'95, and the case is still pending...from the sounds of it, it makes the
SS look competent!).
|
lilmo
|
|
response 27 of 147:
|
Apr 2 21:05 UTC 1995 |
Re #26: If they don't sue the pants off the "Chruch of Scientology", we'll
all be the worse off for it.
|
tsty
|
|
response 28 of 147:
|
Apr 3 04:34 UTC 1995 |
I think i'm getting ill.
|
janc
|
|
response 29 of 147:
|
Apr 3 04:54 UTC 1995 |
"Crutch of Scientology?"
|
davel
|
|
response 30 of 147:
|
Apr 4 00:31 UTC 1995 |
... or is that "crunch"?
|
nephi
|
|
response 31 of 147:
|
Apr 4 01:23 UTC 1995 |
Have we decided on an official verifier yet?
|
popcorn
|
|
response 32 of 147:
|
Apr 4 03:35 UTC 1995 |
Nope. I think the idea was to get a specific policy in place first,
then find a verifier to implement it. At the last board meeting
someone pointed out that it made sense to set the policy first, because
if the verifier is chosen first, we might end up having a verifier
who can't live with the policy that is chosen.
|
lilmo
|
|
response 33 of 147:
|
Apr 4 11:58 UTC 1995 |
CHURCH !!! AAAAAUUUUUUGGGGHHH!!!!!!!!!!!! *sigh*
|
selena
|
|
response 34 of 147:
|
Apr 4 17:38 UTC 1995 |
Will this verifyer be allowed some leeway, and common sense room,
or will they be tied to the policy as stone?
|
steve
|
|
response 35 of 147:
|
Apr 5 15:34 UTC 1995 |
I'm hoping that we do something like this: the verifier has a
list of documents deemed acceptable, we've come up with quite a
few that are reasonable. If the verifier can't match the ID against
that list, then the board is automatically notified and we see if
this new ID is something we can deal with, and if so, use it for that
person and automatically add it to the ID list.
This does two things: 1) It eliminates potential crabbing about
the verifier being biased or too friendly with some yet 'difficult'
with others. 2) It sets up a system where the default is to try
to accomodate people, not refuse them.
|
sidhe
|
|
response 36 of 147:
|
Apr 5 19:59 UTC 1995 |
I thought the idea of the verifier was to let it go to one person.
Is this not the case?
|
ajax
|
|
response 37 of 147:
|
Apr 5 20:22 UTC 1995 |
Nope...for the most part, sure, but not without exception. I think the
policy should (and will) allow one person to verify 95% or more of people.
But allowing one person to have final say-so without any recourse for
appeal doesn't sound right for a system like Grex.
|
lilmo
|
|
response 38 of 147:
|
Apr 5 20:53 UTC 1995 |
Re #35: I think you have the best idea, there. Is this "official" policy??
|
rcurl
|
|
response 39 of 147:
|
Apr 5 21:20 UTC 1995 |
Not yet. Maybe at the next board meeting.
|
lilmo
|
|
response 40 of 147:
|
Apr 5 21:47 UTC 1995 |
If I were a member, I would consider formally proposing it.
|
rcurl
|
|
response 41 of 147:
|
Apr 6 06:27 UTC 1995 |
At the last board meeting remmers summarized the coop item on
verification, and steve offered to draft a policy for board
consideration. I suspect what steve said in #35 will get included!
|
sidhe
|
|
response 42 of 147:
|
Apr 6 19:55 UTC 1995 |
Ajax, I was not referring to a No-appeal system, but one in which
the FIRST say-so would be through just one person, and only IF the
party wished to appeal, would others be involved.
|
sidhe
|
|
response 43 of 147:
|
Apr 11 22:21 UTC 1995 |
And there was absolute silence..
|
lilmo
|
|
response 44 of 147:
|
Apr 12 05:46 UTC 1995 |
..for five days and five nights (and
about two and a halv hours).
|
nephi
|
|
response 45 of 147:
|
Apr 12 10:50 UTC 1995 |
I, for one, am not sure what you are saying, lilmo. You may get
more responses if you rephrase.
|
popcorn
|
|
response 46 of 147:
|
Apr 12 12:14 UTC 1995 |
Um... I looked back to response #35 and didn't see anything that
looked like an unanswered question. Is there one?
|
sidhe
|
|
response 47 of 147:
|
Apr 13 01:46 UTC 1995 |
No, not a QUESTION, per se, but a statement I thought might recieve
some response, in #42..
|
ajax
|
|
response 48 of 147:
|
Apr 13 15:20 UTC 1995 |
It's reiterative of stuff already said, but I'll respond to #42: sounds
exactly like what's planned. The person with the first say-so has a list
of acceptable ids; if the id given is in that list, they say "ok," end of
story. If it's not, they ask for id from the list. If the person cannot
or will not provide id from the list, but still want to be verified, they
can then appeal to the board to add a new form of id to the list.
|
lilmo
|
|
response 49 of 147:
|
Apr 14 03:58 UTC 1995 |
Re #45: I was merely continuing sidhe's statement... it seemed like
a good idea at the time... *whistles innocently*
|