Re: [logs] Logging standards?

From: Rebecca Kastl (rkastlat_private)
Date: Mon Oct 29 2001 - 15:42:55 PST

  • Next message: Tina Bird: "[logs] Common Intrusion Detection Framework site"

    On Mon, 29 Oct 2001, Sweth Chandramouli wrote:
    
    > > In businesses where such systems are implemented, you cannot have any
    > > expectation of privacy (except in the restrooms -- maybe).  The same goes for
    > > a system implemented in the course of business (or some other capacity).  You
    > > are granted use with the implicit understanding that you may be monitored.
    > > Don't think so?  Walk into a record store at the mall -- you're being
    > > surveilled.
    >
    > While I agree with most of what you are saying, things are a little more
    > complicated than you make them out to be.
    
    Not quite.
    
    In the end, keep in mind that we are discussing system events and information
    written to log files as part of system operation.  The issue of
    system/network/Internet privacy is an entirely different animal than the one
    we're wrestling with here.
    
    
    > The record store analogy, for example, is flawed, because a record store
    > is a public place;
    
    What is the difference between accessing a public website and walking into the
    record store?  None.  Your access may be monitored through the use of
    surveillance cameras, and you are subject to many anti-theft devices which
    scan your person and personal effects for their merchandise -- although this
    is far less intrusive than a physical search.  When you hit a website your
    browser coughs up plenty of information, including browser type, platform/OS,
    and other information.  This is the stuff web logging systems live on.
    
    And your access to said website is through a public medium -- the Internet --
    where there can be no reasonable expectation of privacy unless you encrypt
    your communications, and that leads into an entirely different area.
    
    
    > Actual case law (in particular the Ortega and Showengerdt cases) has
    > mostly gutted electronic RTP for employees, however.  The Privacy for
    > Consumers and Workers Act, on the other hand, has at least required that
    > employees be notified when they are being monitored or recorded.
    
    And employers get around this by having employees sign an employment agreement
    that states the company may monitor phone conversations, e-mail, or other
    company resources to ensure the proper usage of corporate assets.
    
    
    --Rebecca Kastl
    
    
    ---------------------------------------------------------------------
    To unsubscribe, e-mail: loganalysis-unsubscribeat_private
    For additional commands, e-mail: loganalysis-helpat_private
    



    This archive was generated by hypermail 2b30 : Mon Oct 29 2001 - 15:51:19 PST