News

Garber Announces Advisory Committee for Harvard Law School Dean Search

News

First Harvard Prize Book in Kosovo Established by Harvard Alumni

News

Ryan Murdock ’25 Remembered as Dedicated Advocate and Caring Friend

News

Harvard Faculty Appeal Temporary Suspensions From Widener Library

News

Man Who Managed Clients for High-End Cambridge Brothel Network Pleads Guilty

'Net No Place for Privacy

ON TECHNOLOGY

By Eugene Koh

Last week, The Crimson published an editorial, using that big ol' font that editorial folks love to use, pointing fingers at HASCS and particularly at its director Franklin M. Steen for allowing a public log file of ftp transfers to sit idly while hordes of unsuspecting, lascivious students down-loaded megabyte-fuls of pornography.

Privacy (and the violation thereof) is the issue, and to educate students about it, the editorial suggests "the College should send e-mail messages to all network users to make them aware of the system's capabilities and failures, and of their own responsibilities..."

Okay, okay, enough already! No, the College should not send over 10,000 pieces of e-junk mail to the student body, nor should it need to warn users that their cavorting in the electronic realms of alt.sex.fetish.machete may be visible to everybody logged into fas at the time.

What everybody should understand here is a vital point that is often glossed over--namely, that has, husc7 and the like are shared machines. Logging into fas and opening up PINE is vastly different from turning on your computer and running Microsoft Word. The latter is (assuming a non-networked version of Word) a private affair, while the former is a public event.

Don't believe me? Try typing "w-s" at the fas% or husc7% prompt when you're bored one day. (Just be sure to hit Control-C a few times after the list starts scrolling out of control.) You'll get juicy information about who else is logged on, how long they've been idle (that is, not typing anything) and even what program they're using.

For example, as I write this article, I am logged into husc7 and, by invoking "w-s," can see that "cmhornby" is online using PINE. Now, I happen to know that "cmhornby" is a friend in Kirkland House named Catharine, but suppose I did not know this.

Because husc7 is a shared computer (more precisely, a UNIX machine), all I would need to do to determine cmhornby's identity is type "finger cmhornby." This is not a violation of Catharine's privacy, since by registering to have a user account she agreed to be added to the public database of users. Moreover, since address and phone information for students is part of the public record at Harvard, I could use the program "ph" (described in detail last semester in this column) to find out exactly where Catharine lives.

On the other hand, suppose Catharine were writing a paper instead of checking e-mail as I write this column. Assuming that she were using a local (that is, non-networked) word processor, there would be virtually no way for me to know what she was doing. Period.

And whoa be it for anyone to think that e-mail itself is a private medium. The popular metaphor is to think of communication by e-mail as akin to communication by postcard. That is, as an e-mail message is sent across the country, and anybody with enough technical prowess can pick it up, read it and copy it. (Interestingly enough, however, the nature of the Internet protocol makes it virtually impossible for someone along the way to prevent the message from reaching its destination).

So the point to be made here is clear. While a "policy on privacy" may be instructive, in practice one should assume that when using a shared computer, all bets for true privacy are off, as unintentional violations like the ftp log incident are always possible.

Eugene Koh '96-'97 is Remote Staff Manager, Media Services, at America Online, Inc. He also composes soundtracks for CDROMs and may be reached online as "ekoh@fas.harvard.edu."

Want to keep up with breaking news? Subscribe to our email newsletter.

Tags