Re: [logs] Logging standards?

From: Rebecca Kastl (rkastlat_private)
Date: Mon Oct 29 2001 - 15:42:55 PST

Next message: Tina Bird: "[logs] Common Intrusion Detection Framework site"

Previous message: todd glassey: "Re: [logs] Logging standards?"
In reply to: Sweth Chandramouli: "Re: [logs] Logging standards?"
Next in thread: Carl Husa: "Re: [logs] Logging standards?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 29 Oct 2001, Sweth Chandramouli wrote:

> > In businesses where such systems are implemented, you cannot have any
> > expectation of privacy (except in the restrooms -- maybe).  The same goes for
> > a system implemented in the course of business (or some other capacity).  You
> > are granted use with the implicit understanding that you may be monitored.
> > Don't think so?  Walk into a record store at the mall -- you're being
> > surveilled.
>
> While I agree with most of what you are saying, things are a little more
> complicated than you make them out to be.

Not quite.

In the end, keep in mind that we are discussing system events and information
written to log files as part of system operation.  The issue of
system/network/Internet privacy is an entirely different animal than the one
we're wrestling with here.

> The record store analogy, for example, is flawed, because a record store
> is a public place;

What is the difference between accessing a public website and walking into the
record store?  None.  Your access may be monitored through the use of
surveillance cameras, and you are subject to many anti-theft devices which
scan your person and personal effects for their merchandise -- although this
is far less intrusive than a physical search.  When you hit a website your
browser coughs up plenty of information, including browser type, platform/OS,
and other information.  This is the stuff web logging systems live on.

And your access to said website is through a public medium -- the Internet --
where there can be no reasonable expectation of privacy unless you encrypt
your communications, and that leads into an entirely different area.

> Actual case law (in particular the Ortega and Showengerdt cases) has
> mostly gutted electronic RTP for employees, however.  The Privacy for
> Consumers and Workers Act, on the other hand, has at least required that
> employees be notified when they are being monitored or recorded.

And employers get around this by having employees sign an employment agreement
that states the company may monitor phone conversations, e-mail, or other
company resources to ensure the proper usage of corporate assets.

--Rebecca Kastl

---------------------------------------------------------------------
To unsubscribe, e-mail: loganalysis-unsubscribeat_private
For additional commands, e-mail: loganalysis-helpat_private

Next message: Tina Bird: "[logs] Common Intrusion Detection Framework site"
Previous message: todd glassey: "Re: [logs] Logging standards?"
In reply to: Sweth Chandramouli: "Re: [logs] Logging standards?"
Next in thread: Carl Husa: "Re: [logs] Logging standards?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Oct 29 2001 - 15:51:19 PST