UNIVERSITY DAILY KANSAN
Friday, November 15, 1996
5A
Account sharing is the biggest problem at the University, Paul said.
Those in charge of e-mail at KU say it is a secure way to communicate.
The header — four lines, including the sender, recipient and the subject — of every e-mail message sent from the University is checked by Paul. Part of his job is to catch student who are sharing accounts, and find accounts that have been hacked into. If he sees evidence of students sharing accounts, he sends an e-mail message to the student warning that someone may have access to the account and telling the student to change passwords If account sharing continues, despite Paul's warning to stop, he terminates the account.
Continued from Page 1A
E-mail pitfalls to avoid
taking some precautions is still a wise step.
"If you wouldn't write it down, don't put it through e-mail. If it is something you want to say privately, don't put it in e-mail. The internet is not a private medium," Hoefcliff says. "A systems operator has got to have access to everything. Somebody has got to have access."
1. Don't put credit card numbers in an e-mail letter. Also, do not put confidential information in e-mail.
At KU, that somebody is Craig Paul, software support analyst III. Because of his high level of computer proefficiency, Paul is one of a handful of people who is postmaster and systems operator at the computer center.
2. Remember, some computers regularly make automatic back up copies. Even if a message is deleted, copies can be stored in back up files.
3. To avoid someone read private mail, delete it as soon as possible.
4. Never use passwords that are easy to guess such as your name, a family members name, a pet name or your street name. Also, don't construct a password with words you commonly use.
William Pesek Jr., manager of production services at the computer center, defends monitoring of student and faculty accounts by saying misuse of accounts is equivalent to stealing, and systems operators prevent that misuse from taking place.
"I sure as heck am not going to put credit card information in e-mail. When I want to order something, I pick up the phone and call it in," Hoelfich says.
"We have the ability to appropriately monitor incorrect activity. I can't guarantee that the person who has ultimate access to the account won't do something wrong. We do our best to make sure it is limited, protected, and access is kept to a very few," Pesek says.
Richard Kershenbaum, manager of technical services at the computer center, created the code of ethics which he says all systems operators on campus are supposed to follow. But nowhere is the code of ethics written.
That kind of access means Hoeflich never gives out confidential information in an e-mail message.
"We just don't do it. We don't look into other people's e-mail," Kershenbaum says. "We respect the privacy of the users on the systems and strive to maintain the highest level of security."
But access goes beyond the monitors at the computer center. There are at least 11 computer labs on campus and there are five in-house e-mail systems, which are systems run by a University department but monitored by the computer center's systems operator. In each case, at least one systems operator can look into any file at information transmitted through e-mail.
Only a few systems operators at the University are given total access to every account. "Complete access is essential. Someone has to have access if the system goes and accounts are lost. It is necessary to have access to everything," he said.
But besides those who protect accounts others can sometimes gain unauthorized
the burgeoning growth of e-mail and the lack of clearly defined rules opens the door for invasion of privacy
access. According to experts at the computer center, the largest threat to e-mail comes from hacking, although "cracking" may be a more accurate term for gaining unauthorized access into e-mail accounts.
"If you really want to crack into a student account, you need to get the password cracking device on the Internet. Then you need a copy of the encrypted password file." Kershenaum says.
The password cracking device and encrypted password file are public information and can be assessed through most accounts at the computer center. The password file which contains the names of all accounts and a list of all users, as well as the cracking device, can be found by doing a net search.
Like other accounts at the University, email messages on the FALCON, EAGLE and KUHUB accounts are transferred in a nonencrypted format.
"The information is available to anyone who has access to an e-mail account," Paul says.
But the computer center does try to protect the users who have accounts at the University from hackers.
But intercepting e-mail doesn't necessarily take that much high tech software.
"Anyone can read it. It is not protected," says Travis Berkley, Local Area Network Support Supervisor at the computer center.
If there are five unsuccessful attempts to access a University account, the default function locks the account for 20 minutes and only the systems operator can unlock the account. Berkley said.
As a LAN Support Supervisor, Berkley provides contract service for people who have accounts at the University. He also sets up local area networks and consults University account members with any issue about computers and the Internet.
Some steps students and faculty can take to protect their e-mail are changing their passwords on their e-mail accounts and using encryption.
Passwords are changed through the set password function on most accounts at the University.
Most of the systems operators at the computer center say they change their passwords twice a month to protect their e-mail accounts.
However, most are difficult to use and, in many cases, cannot be decoded by the recipient. Berkley said.
Encryption devices also protect privacy by mixing simple text into a list of numbers and letters. Many forms of e-mail encryption programs can be found on the Internet.
In the end, e-mail simply is not the way to communicate private or embarrassing information. But this has not stopped the 25 million people who use e-mail. E-mail rapidly is becoming the backbone of communication at work and school creating a ten percent growth in users every month.
But the burgeoning growth of e-mail and the lack of clearly defined rules, opens the door for invasion of privacy.
The problem with monitoring criminals is the boundaries between criminals and those who might break the law can blur to include everyone. Staples says.
"Interaction through e-mail has blurred the lines," he says. "The more people use e-mail, the more the ability to check up on them is going to increase."
Law 897
Starting this semester, law school students are exploring major copyright issues and individual rights and privacy on the Internet. Some issues addressed in the video conference Copyright and Digital Works Course include e-mail privacy, eavesdropping, the right to eavesdrop and when e-mail monitoring is justified.
Internet censorship is also addressed.
It is thought that when e-mail is used for illegal communication, the right for a service provider to eavesdrobs is limitless.
Obscenity laws are complicated by the fact that e-mail is a global form of communication. The extent to which the service provider can be held responsible for information is dictated by the 1996 Telecommunications Act. The act states that the service provider is responsible for any and all material if they edit or attempt to control the content of messages or images.
However, the regulation of obscenity under the Telecommunications Act is not uniform. In fact, obscenity is measured by local community standards. Information or images considered lawful in California may not be legal in a small town in Kansas. The sender is subject to the rules of the state or location in which they are sending, provided the service provider is not attempting to edit or control the content that passes through the system. If the service provider edits or controls content, then they are deemed a publisher and responsible for the information that passes from one location to another.
KU organizations cash in on Student Senate money
By Spencer Duncan Kansan staff writer
Student Senate is on track to spend all of the money it hands out to campus organizations.
Halfway through the year, Senate has given $24,567.20 to campus organizations. The money given out by Senate comes from student fees.
At that rate, the group will run out of money just in time for the end of the year, said Jade Shopp, Student Senate treasurer.
"It's been pretty normal for the most part," Shopp said. "We have funded more groups than usual, but there is money there, and spending
is going well. It is just fine right now."
Senate began the year with $63,606.16 in its unallocated account. That money is given out to registered campus organizations that come before Senate and request money.
So far Senate has passed out 39 percent of its available funds.
Student Senate never has run out of money, but if it does, Senate will not have money to help organizations.
Finance Committee chairman Kelly Huffman this week told his committee that he was not worried about Senate's spending habits.
"We have seen and passed a larger volume of legislation than in the past," Huffman said. "But we haven't spent as much money. In my opinion, we are in no danger of going over."
That seems to be the general consensus. However, just because Senate has money to spend doesn't mean that it should just pass out money, said Girish Ballolla, graduate senator.
"I am not opposed to giving money to groups that deserve it," Ballolla said. "Groups deserve this money, but we have to watch out. We have a responsibility to spend students' money the right way."
Senate has given money to 35 different organizations. The largest single amount dished out was $2,352, which went for organizational telephone expenses.
Senate helps pay phone expenses for students organizations with offices in the Kansas Union.
The organization that received the most money was the Bangladesh Club. It received $1,854 for a culture night at the Lied Center. The organization to receive the second highest amount was the Center for Community Outreach, which received $1,753. That amount does not include money received to pay the group's phone bill.
Ten groups who have received the most money from Student Senate
most money from Student Senate
Organizational Telephone Expenditures $2,352
Bangladesh Club $1,854
Center for Community Outreach $1,753
Chinese New Year $1,702.55
KU Environs $1,380
Student Legislative Awareness Board $1,353
American Red Cross Blood Drive $1,076.50
Association for Women In Science $1,067
Chinese Student Association $1,005
NKWA Dance Group $ 799
Shopp said he didn't think the unallocated account would run out, but he hoped that senators thought before they spent.
"Groups should be scrutinized," Shopp said. "It legitimizes the process. There doesn't need to be money spent just for the sake of spending it."
YOU CAN'T BEAT THIS WRAP.
Taco Bell has taken the taste of the outdoor market, and the bold spirit of the southwest, and wrapped it in fresh pine with introducing new Fajita Wraps." Loaded with thick cuts of grilled marinated Steak or Chicken, big
chunks of roasted fresh vegetables, three cheeses, seasoned rice, and a spicy fajita sauce. You've never seen or tasted anything like this before. Taste for yourself and discover why, when you're looking for a great taste, you can't beat new Fajitas."
10*295 Taco Bell Corp