From: Arthur Chandler <arthurc@crl.com>
To: cypherpunks@toad.com
Message Hash: ee790eb4ca52c95454a46c626fa9e333157afb0340f1058d2dc44cca47b66104
Message ID: <Pine.3.87.9311171553.A1230-0100000@crl.crl.com>
Reply To: <Mgueoiy00awJMEBnVh@andrew.cmu.edu>
UTC Datetime: 1993-11-18 00:24:29 UTC
Raw Date: Wed, 17 Nov 93 16:24:29 PST
From: Arthur Chandler <arthurc@crl.com>
Date: Wed, 17 Nov 93 16:24:29 PST
To: cypherpunks@toad.com
Subject: Encryption: A Testimonial
In-Reply-To: <Mgueoiy00awJMEBnVh@andrew.cmu.edu>
Message-ID: <Pine.3.87.9311171553.A1230-0100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain
For a while, I thought that encryption was just for folks who had
something REALLY important in their files -- formulas for the Neutron
bomb, sales reports to crack dealers, illicit love letters, etc. :<) --
so I never bothered. Then, before I left on a sabbatical from my
university, I reviewed the personal files in my computer there.
"Hmmm.... only class syllabi, notes, committee reports. Nothing here
to... Wait a minute!"
It then occurred to me that some sections of those reports hold very
sensitive information dealing with retention, tenure, and promotion of
colleagues. There were also letters of recommendation for students in there.
"Well, no one's going to look in here. Most of my colleagues are still
using manual typewriters anyway. But, just in case, I'll just lock these
files up with Norton Encrypt." -- Not exactly a heavyweight program, but
adequate to my purposes.
Then, a couple of months later, I get a call from the Dean. The
University has decided to give my computer an Ethernet connection; and
one of the techies has asked her (the Dean) for the password to my files
so he can install the appropriate software.
Wants the password to my personal files?
So I went out to the university and confronted the man. Why did he feel
he needed the password to my personal files in order to install ethernet
protocol software?
I got a song and dance about how some of the software "wasn't working
right" and so he thought that I might have something in there that
conflicted with the ethernet software.
"But why didn't you just have the Dean contact me to come out and look
in those files? And don't you think that you should ask before going
into someone's computer, even to install ethernet software?"
His answer was this: "These machines belong to the State of California.
You don't own them. The State does. And any employee of the state -- like
myself -- can go in any time and do whatever we feel is necessary to
maintain the machines."
What a case of chutzpah used to cover up moxie!
Needless to say, I objected strongly to this line of "reasoning" and
suggested -- politely, of course -- that neither he nor anyone else was
to get into the computer in my office without my express sayso. He walked
out the door affirming his right to poke around in my computer in the
name of the state.
So my files stay encrypted. And if anyone on this list works for an
organization that holds similar views on the nature of personal files
within an organization-owned machine, I strongly recommend locking all
sensitive files -- or putting a password on the whole machine.
I realize that such tales may have been told in *Cypherpunks* before.
But there's mine, just for the record.
Return to November 1993
Return to “wisej <wisej@acf4.NYU.EDU>”