|
Grex > Coop8 > #100: Do Grexers have the right to know - vedagiri | |
|
| Author |
Message |
| 25 new of 88 responses total. |
n8nxf
|
|
response 50 of 88:
| 
Aug 5 19:22 UTC 1996 |
I don't know when someone looks up my phone No. and address in the
phone book. Enough said.
|
vedagiri
|
|
response 51 of 88:
|
Aug 5 19:51 UTC 1996 |
<vedagiri and not vedagirl.... I think this is grexyndrome :)>
|
mdw
|
|
response 52 of 88:
|
Aug 5 22:22 UTC 1996 |
No, SunOS does not have multics style ACL's. AFS does, and AIX also
does on its native filesystem. But most Unix's, including SunOS,
provide only these levels of file protection:
read, write, execute x user, group, others
execute = search on directory. users belong to one (or more) groups, as
specified in the password file (and in /etc/groups). There is a
per-user group max of 16, so the group mechanism is not real powerful.
Modifying "finger" to provide the kind of information vedagiri asks
would certainly create a log space problem, creates a system security
risk, & judging from people's reactions here, would be an undo invasion
of privacy to many. I believe many people would also find the
question/answer rigmarole that vedagiri proposes, to be a noxious
modification to the user interface that finger provides.
Here's the technical gist: in order to do what vedagiri asks, the finger
program itself would have to be modified to log "who" and "what", to one
or more log files. (Currently, we only log "who", but logging "what"
is obviously a fairly trivial modification... Indeed, the current
fingerd program does provide a "-l" option which will log
additional "what" type information, although we don't currently
do this, and it's not quite right for the kind of user query
that vedagiri appears to be asking for.) The resulting log files could
be stored either on a system-wide basis, or they could be stored per-user.
In either case, the finger program would need to be SUID "something", so
that it can write those log files, but so that individual users cannot. SUID
programs are trickier to write than ordinary programs, in order to
ensure they operate securely. If logging to individual user files, then
no special query facility need be provided, but finger would need to run
SUID root, and would have to have all sorts of additional security
checks to avoid compromising system integrity. If logging on a
system-wide basis, the program could run suid (or even sgid) something
else, but an additional query program would need to be provided as well.
The additional security risk is involved in doing the programming, and
paranoid checking, to ensure there aren't any holes in the resulting
logic.
The log space problem comes from this: if logging in system space, we
now have an extra file that grows and must be trimmed on a regular
basis. If we log to individual user spaces, things become more nasty.
Many of our users barely understand the web, and only a small percentage
can be expected to understand the concept of personal log files that
grow and must be pruned regularly.
The invasion of privacy issue has already been covered quite adequately.
The "noxious modification to the user interface" issue raises some
interesting additional problems. Currently, we permit ".plan"s
rw-r--r-- (read-write user, read group, read others) if the user says
"y" in newuser to the "Are you paranoid" query, otherwise, the file is
permitted (rw-------). Because the finger program isn't SUID, it
doesn't need any extra logic checks - if it can open the file, fine, if
not, oh well. If we implement some sort of logging & question/answer
mode in finger, then it is highly likely that enterprising users, used
to the old model of things, will port over their own versions of finger,
that will just look at the file straight, no logging, and no noxious
query. Such programs will be a severe load to the system when they run,
because they won't include several performance hacks that the
system-wide version includes, such as being liked with the shadow
password file library. We might be able to ameliorate that risk, by
storing .plan's mode 600 or 700, and introducing another kind of
permission check in finger. That would require lots of user education
to implement, & would be yet another "surprise" to people coming from
other Unix environments.
It also doesn't answer yet another "write-around" that we might then
expect people to start doing. And that's using
finger-forwarding
to hide who/where they are coming from. Ie, if I say:
finger vedagiri@grex.cyberspace.org@freenet.hut.fi
I can look at vedagiri's .plan, but the actual finger query will appear
to come from a system in finland. Many sites are starting to restrict
finger forwarding, but it only takes one heavily used site dedicated to
providing anonymous network access, to be useful. This form of finger
won't burder the system much, doesn't require any programming (even a
shell script wrapper may be good enough), but does of course pose a
small additional burden to our already oversaturated network link, as
well as being slower.
|
scg
|
|
response 53 of 88:
|
Aug 6 00:33 UTC 1996 |
Since we don't seem to have any other Indians in this discussion it's hard
to tell if there's anything to this theory, but I'm wondering if we've got
a bit of a cultural clash going on here. We've got vedagiri, from India,
arguing for this proposal seemingly shocked that the rest of the people here
don't consider it reasonable, and we've got a bunch of Americans upset that
this sort of thing would be considered appropriate by anybody. Since I've
been in a lot of situations over the years where there have been big
misunderstandings between groups of people from different cultures who didn't
realize that there were assumptions they and most of the people they knew took
for granted but that the foreigners didn't even think of, I can't help
thinking that's what's going on here.
In American culture, the right to privacy and to be left alone are generally
considered to be really important. People can, at least on the surface,
publish as much or as little about themselves as possible. Most people choose
to at least be listed in the phone book, but a lot of people don't even do
that (although at the same time there is a lot about people that is a matter
of public record, so the public record isn't quite in step with the cultural
expectations). Once people have chosen to publish somethign about themselves,
Americans generally consider the right to privacy to extend to the person
looking up the information. If anybody were to suggest that people should
be notified when somebody looks them up in the phone book, or even when
somebdoy calls directory information asking for their phone number, I think
most Americans would probably be outraged that they couldn't look up
somebody's phone number in privacy. Fingering somebody is the same sort of
thing as looking them up in the phone book.
Actually, this funny American view of privacy extends a bit even beyond that.
The the phone companies came out with a new feature a few years ago that lets
people know the phone numbers of people who are calling them, it got bogged
down for a very long time due to protests. The phone companies were finally
allowed to go ahead with caller-id, but only after setting it up such that
there's a number people can dial to block their number from showing up on the
caller-id display.
So, what has been proposed here flies in the face of a lot of American
cultural expectations. Whether these are reasonable hangups for people to
have is probably an open question, but should be discussed with a full
understanding of the cultural things going on behind the discussion.
Likewise, I'm sure there are a lot of things about Indian culture that most
of the American users here (me included) really don't have a clue about. I'm
hoping somebody (vedagiri?) can jump in here and explain how Indians generally
treat issues such as this, since it would probably help this discussion a lot.
|
brighn
|
|
response 54 of 88:
|
Aug 6 04:30 UTC 1996 |
Steve, the problem with all that is that several of us have said we have no
problem with the CONCEPT that vedagiri suggests, but rather don't see a point
to it.
|
janc
|
|
response 55 of 88:
|
Aug 6 04:34 UTC 1996 |
If this modification were made, I would rarely finger anyone. I sure don't
want to send an "I'm interested in you" message to anyone, at least not until
after I've read their .plans and seen enough to decide if I'm interested in
them. Instead of using finger, I'd write a little script that looked like
this:
more /u/$1/.plan
and look at their .plan files without using the finger program and without
sending any random message to random strangers. Probably I'd gradually
improve that script until it does everything the old finger program does.
I don't think I'd be alone in this response to finger-logging. I think a very
large fraction of the users who understood what was going on would do the same
thing. So the effect of this change would be (1) you still don't get informed
when people finger you, (2) dozens of people implement slow and kludgy finger
programs of their own instead of using the fast, efficient one installed in
Grex.
|
jenna
|
|
response 56 of 88:
|
Aug 6 05:05 UTC 1996 |
well i just ead this whole item...
(scuse the typos, this keyboard is wakko)
personally... i don't care if you can find out
i've figured you... but if you bother me about having done it
or take it to mean i want to talk to you, i reserve the righjt
to be rude antisocial and put you off my .yesdwrite list
or on my .nowrite list, when they exi9st.
as for the rest -- i think it would be a waste of spce to write a program for
this.
fingering doesn't hurt the person it's being done to in
any w wy shape or lag. (oops form..., though the
fingeree doesn't get6 lag either)... so why waste space?
people finger each other to find out things about each
other and in many cases decide if they wnt to talk to the
person based on the info in their plan. I DO NOT think
iit's fair or polite to assume that someone who fingered you and never saisd
a word
to you really WANTS to talk to you. the opposite is more likely.
Because IO think this is a waste of space, I won;t respond to
this item any further unlesss soething drastic happejs.
|
robh
|
|
response 57 of 88:
|
Aug 6 05:47 UTC 1996 |
Re 55 - Not only would I write a script that simulated the
finger program without logging anything, I'd go one step
further and make it available to anyone else who wanted it.
|
pfv
|
|
response 58 of 88:
|
Aug 6 06:48 UTC 1996 |
Ditto on the last few - 'more' would become even more valuable ;-)
The problem with the "viewpoints" is that - at all levels - grex is, like
M-Nut, a CONUS, Michigan, Ann Arbor system..
As such, the vast majority of users should be (and I hope) are, Americans
nd perhaps local.
Therefore, the expectations, rights and viewpoints of the vast majority of
users would be American - Representative Democracy and Bill Of Rights and
all the other..
Now, perhaps our "Indian Friends" run things a bit differently.. Perhaps,
they would be so kind as to post any and all equivalents to grex and mnut
for our examination in their own countries..
Frankly, I doubt there are any equivalents and I would suggest that they
probably would not run this 'altFinger' anymore than grex would.. It's a
waste of resources and redundant - marcus has pointed this out more
eloquently above somewhere..
In any event, there is clearly no desire to alter 'finger' as veda is
proposing, and I don't believe that anyone has jumped forward to take on
the task.. No big suprise - it's an american board ;-)
'Nuf said..
|
ajax
|
|
response 59 of 88:
|
Aug 6 08:43 UTC 1996 |
I'm not a finger-logging advocate, but to play "devil's advocate"
on a couple points here....
The finger program could be modified so that you couldn't just
do a "more /u/whoever/.plan" to see the .plan file. The fingeree
could set up their account by making their .plan private, but
having a .finger file that tells finger to display it if the user
agrees to have their name logged. If the finger program is suid
root, it can display the .plan even though it's not publicly
permitted. And if logging were done only in user's directories
which specifically request logging, I don't think it would take
up a big chunk of disk space or processing power.
|
n8nxf
|
|
response 60 of 88:
|
Aug 6 13:05 UTC 1996 |
Here in he States, if you have a phone No. your name, address, and
phone No. automatically go into the phone directory / CD ROM / etc.
It costs extra NOT to be listed. Not so here on Grex ;-)
|
vedagiri
|
|
response 61 of 88:
|
Aug 6 14:01 UTC 1996 |
Thanks ...! Danke ...! Dhanyawaad ...! Nanri ...!
... for pointing out that this is an American exercise.
I will only be too glad to see such a frank statement in the
motd.
I begin to see why there is so much resentment to
the concept. Yes ! American and Indian cultures are radically
different. There are historical reasons for that. Not many
Indians will be able to identify the name Amerigo Vespucci. But
the name Christopher Columbus will surely ring a bell. History
tells us, he wanted to do business with India of those times !
India is a country with people who speak different languages
and follow different traditions. All along being inquisitive has
been the survival tip in India. Even at the times of Columbus, India
was not a single country. It was a concept, a group of smaller
states that did good commerce and were frequently at war. But when
it came to business, as the rule always is, they needed to know
more about the other party. There comes the inquisitiveness. Probably
what Americans have observed in Indian grexers is a manifestation
of this.
But that's not all of it. Today's university educated Indians
(You meet only these people on the net) dont think in these lines.
With the economic liberalization that started in the 90's, they
are in too deep in material pursuits (just as everyone else in
the world) and care less for issues like *invasive curiosity*.
There are exceptions though (as always the case).
The section of the Indian society that the world is
used to seeing is just a fraction of the massive Indian population.
So if there is a bad image that Americans on grex have formed about
Indian people, all I can say is that it comes nowhere close to
reality that prevails out here (in India) with the vast majority.
Here are some of my observations on the American and Indian
grexers (including some on myself).
a) I have never 'talk'ed to an American. No American has 'talk'ed
to me either. If this is a *grex phenomenon*, it is really
disheartening. Otherwise I need to improve my public relations.
b) Most Indians don't get pissed off at receiving talk requests
from strangers.
c) A lot of American people have their .plan saying
"**** you if you fire a talk request". (Some Indians might
have it too. I don't remember having seen one.)
I assumed that the ideals of grex are towards
o Achieving a community atmosphere thats congenial to
everyone
o Dissemination of information through the technology
it has
o Betterment of individual personality through all the
wonderful
programs it has online
*This item was posted with that in mind*.
I agree that it will cause a disk log problem if the new proposals
are <ever> implemented.
I accept each person has his/her right to privacy.
I resign from this conf. with just one big question.....
WHAT WILL THE MOTD SAY ?
Before there are any complaints that I am wasting grex's disk space
by posting such lengthy responses.....
<vedagiri vanishes into thin air>
<vedagiri returns to say that he is
posting a new item in agora related to discussions here>
|
janc
|
|
response 62 of 88:
|
Aug 6 15:35 UTC 1996 |
I don't understand much of that.
|
pfv
|
|
response 63 of 88:
|
Aug 6 16:39 UTC 1996 |
I think Veda is implying that the EI's see this 'finger' business as a
communications-exchange shortcut..
I think Veda is also implying we are supposed to be feeling guilty and
should post all of our attitudes in the MOTD.
Frankly, I think that mentioning the USA/CONUS/Michigan/Ann Arbor "flavor"
and perhaps the espousment of the privacy and freedoms might be mentioned
in the MOTD so that other EI's get the hint - and some Americans as well.
(Can the Motd mention !<something> linkages to other messages? That would
be great for pointing out the way to read bylaws and such).
Other than the above, I can only guess that Veda is rather disappointed
that Grex is American or Privacy-Driven.. This is of little concern to me
since, quite frankly, I would seriously expect foreign boards to be
radically different in speech and manner - just look at the local boards
for "Alien Contact"..
|
kerouac
|
|
response 64 of 88:
|
Aug 6 17:05 UTC 1996 |
What could be done is to encrypt all .plan files and put the de-encryption key
into vedagiri's script. That way the only way to read .plans would be through
that program. Might be the only way to make it practical.
I think its silly to be concerned over who is !fingering you anyway. It seems
like this argument is similar to the one over caller ID for telephones. This
argument was only resolved legallly by giving people the right to block caller
ID at the same time.
Something similar could be set up here.
|
pfv
|
|
response 65 of 88:
|
Aug 6 18:14 UTC 1996 |
I already said that - and others have as well..
Further, since no one is interested in writing the abomination, nor are
the staffers sanguine about the resource-drain, I'd suggest that (again)
you are merely suggesting another waste of time, energy and resources that
are already pretty limited.
What is this encryption kick of yours? Is it a new word or topic you've
glommed on to?
PGP any files you want and leave the rest of us the hell alone..
|
mdw
|
|
response 66 of 88:
|
Aug 7 00:34 UTC 1996 |
Re resp#'s 59, 64; in the last paragraph of #52, I describe a technique
that could easily get around any scheme to limit access to .plan's.
I do think the "indian" vs. "american" cultural argument is somewhat
misplaced. It smells strongly of "me" vs. "them". Besides, I remember
users from sg using "talk" just as avidly, and my impression of IRC is
that it is, in practice, most often used much like talk. I don't see
any justification, in short, for assuming people from NA or anywhere
else are significantly different for the purposes of this discussion. I
also believe this kind of "ethnocentricism" is dangerous because it
*will* scare users from other countries away from participating in this
conference, and I hope that's precisely the reverse of what we really
want.
The real issue, I think, is this: with programs such as finger, talk,
mail, bbs, lynx/http, etc., we are providing a *variety* of different
ways for people to share information. Each way has distinctly different
properties, uses, and value. What vedagiri is asking us to do, is
basically to *shift* the functionality of finger, in a direction
somewhat towards mail or talk. Now, socially, that is an interesting
experiment. It means, when looking at people, you could no longer
assume you were invisible, but instead, that the other person could see
that you were looking at them. That would, in a sense, heighten the
risk for looking at other persons. Unfortunately for vedagiri, it seems
this is not functionality that is universally desired. Indeed, most
people seem quite comfortable with the current functionality & social
model. So there seems to be little reason here to change how we do
things.
However, there *is* a solution for people who *really* want that kind of
"logging" functionality. Locate or start another server, that *does*
run a fingerd that logs the relevant information. This server can
acquire user identification information, by using RFC 1413. In .plan
here, say "for more information, !finger my-id@the-other-server".
Voila. Complete solution.
|
ajax
|
|
response 67 of 88:
|
Aug 7 01:23 UTC 1996 |
Off-site fingering could be treated differently, not allowing .plan access.
But there's no "security" for always knowing who fingered you anyway,
since anyone could create a new account with which to finger people.
I agree with Marcus' overall assessment of the issue, though...it sounds
like more people are against this than for it, at least within this item.
|
scg
|
|
response 68 of 88:
|
Aug 7 04:27 UTC 1996 |
I agree with Marcus that ethnocentrism tends to cause a lot of problems. I
certainly wasn't trying to be ethnocentric when I brought up cultural
differences. Rather, I think it's very important to realize that people may
be coming at various issues from different cultural perspectives, and
understanding that can go a very long way towards improving communication.
What I do think we should avoid is replacing "my culture is different than
yours" with "my culture is better than yours." Far from improving
communication, that attitude tends to lead to wars.
|
mdw
|
|
response 69 of 88:
|
Aug 7 20:07 UTC 1996 |
Egads. So we decide to disallow .plan access from off-site. Ok, Mr.
X., who does not like our policy, decides to invite a workaround. He
writes a clever AI program that runs on a cluster of workstations at
some university. Even so ofte, from a random workstation, it telnet's
in, and logs in with a fictitious user it "owns". All we see is a user
who seems to really like doing "finger"s. Just to confuse matters, the
AI program also runs newuser even so often, abandons old accounts, and
maybe even runs "mail" if it sees mail, and sends back responses like "I
no speak englishia" or "Katte na netsu wo fukun ja nai." Meanwhile,
it's also listening for finger requests. When it gets one, it uses its
telnet connection to "finger" the person, and ships the information
back. It also keeps an offline stash of recent .plan's, which it
periodically refreshes or invalidates, and checks first before issuing a
fresh finger request.
Basically, it's a technological game of cat & mouse. The problem with
information is, it's very hard to impose conditions of use on it. I
hope the above example serves as an adequate sample of what will almost
certainly become a trivial hack in the near future, if it isn't already.
|
scott
|
|
response 70 of 88:
|
Aug 7 21:11 UTC 1996 |
I'd likely try to start an "alternate finger" movement. I'd encourage people
to create a ".plan-real", and write a version of finger that looks for that
instead of the reglar .plan.
|
mta
|
|
response 71 of 88:
|
Aug 11 21:26 UTC 1996 |
Steve, I for one didn't take your "Lets remember that we may be coming at
this from two different angles" reminder to be ethnocentric. The opposite,
actually. I consider myself primarily as citizen of the "global village"
(it's a newage [pronounced like sewage] concept -- but it works for me.) One
of the prime responsibilities I have as a citizen of the global village is
to consider that my way is my way -- but someone else with a different culture
and history has another equally importtant and valid outlook that deserves
to be considered. That's not ethnocentrism, that's universal tolerance. True
tolerance and acceptance isn't believing "We're all alike under the skin"
--true tolerance is believing "We have different ways of approaching the
world, I may or may not like yours, but I accept you right to have a different
approach than I have."
I would hope that this system *isn't* about promoting the North American
culture to the exclusion of finding out what other people think and why --
and to the extent practical, making this a comfortable place for all the
world's people. The day I see GREx as rejecting cultural values as "wrong"
because they originated elsewhere is the day I leave.
|
selena
|
|
response 72 of 88:
|
Aug 12 05:05 UTC 1996 |
Yeah, but it is based in Ann Arbor. The country with the dialins
should have the greatest sway.
|
jenna
|
|
response 73 of 88:
|
Aug 12 05:14 UTC 1996 |
why? who's bbs is this? the people who created it or the people
who cureently use it? I just don't believe in biases based on
physical location
|
scg
|
|
response 74 of 88:
|
Aug 12 05:31 UTC 1996 |
Selena, why discriminate based on country. If we're going to do that, why
not just declare ourselves to be a Washtenaw County system and tell the
various metro Detroit people to start their own system?
|