From owner-freebsd-security Tue Jun 5 7:23:16 2001 Delivered-To: freebsd-security@freebsd.org Received: from d170h113.resnet.uconn.edu (d170h113.resnet.uconn.edu [137.99.170.113]) by hub.freebsd.org (Postfix) with SMTP id 2DB0B37B401 for ; Tue, 5 Jun 2001 07:23:09 -0700 (PDT) (envelope-from sirmoo@cowbert.2y.net) Received: (qmail 25963 invoked by alias); 5 Jun 2001 14:23:32 -0000 Received: from unknown (HELO moobert) (137.99.170.140) by d170h113.resnet.uconn.edu with SMTP; 5 Jun 2001 14:23:32 -0000 Message-ID: <003d01c0edcb$702fd1e0$8caa6389@resnet.uconn.edu> From: "Peter C. Lai" To: References: <20010604194220.93548.qmail@web11807.mail.yahoo.com> <20010604151245.A15758@NOC.maKintosh.com> Subject: Re: (Originially): Apache Software Foundation Server compromised, resecured. Date: Tue, 5 Jun 2001 10:25:57 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The truth is, that many companies and private organizations actually do filter all mail not just for viruses but many do it for "non-work-related" activities, because they feel that one shouldn't use company bandwidth to send "personal" email. Recently I knew someone who received a company reprimand about using email for personal use even though such a "restriction" was not even in the company policy, and he was sending his mails off company time. Furthermore, we know that e-mail is probably less secure than even a phone call or snail-mail (at least in the non-underground "normal" world). The chance that a piece of suggestive email may fall "into the wrong hands" is high. If you remember some incriminating cell phone call made by Newt Gingrich that was intercepted by some layperson ended up as one of the scandals of 1997 or something. At the same time, because e-mail is a very effective asynchronous mode of communication, it is easier to send private or confidential messages as opposed to phone messages or fax. (e.g. You probably wouldn't want confidential faxes floating around the office, and most offices have one or two fax machines per department.) The disclaimer at least offers a warning, if not actual defense against unauthorized (mostly unintentional) activities. This is kind of like the EULA on closed-source software, which most people blatantly ignore, but it's still there and gives the SPA at least some authority in the matter. Peter C. Lai | University of Connecticut peter.lai@uconn.edu Dept. of Residential Life | Programmer College of Liberal Arts & Sciences | Dept. of Molecular & Cell Biology | Undergraduate Research Assistant ----- Original Message ----- From: "co0kie bawx" To: Sent: Monday, June 04, 2001 4:12 PM Subject: Re: (Originially): Apache Software Foundation Server compromised, resecured. > Speaking of messy.. Maybe change thread Subjects once the actual(originating) subject changes. I wonder where people get the time to worry about silly little things, like others signatures and disclaimers. > <: > /co0kie > > On Mon, Jun 04, 2001 at 04:00:00PM -0400, Rob Simmons wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: RIPEMD160 > > > > Maybe add an X-Copyright: line to your header. Less messy with the same > > effect? IANAL > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message