Thanks very much indeed for your message, and I have every
sympathy with you and your colleagues responsible for security. I fully
appreciate the problems that sysadmins have with security and that they
cannot and should not be rushed into things. After all, early versions of
many programs haven't always paid very much attention to security.
I am NOT an expert on security, so what I write is anecdotal and
does not represent the views of my company or my colleagues. From casual
conversations I believe that in many companies there is a desire to solve
the problem and give access to a wide range of activities on the
internet, but that each tool has to be considered seperately. Therefore
I hear of companies where the staff can get access to ftp but not WWW, for
example. One problem is that the creation of the Web has been so rapid
that it has taken many decision-making processes by surprise and people
are genuinely having to take time to think out implications.
So here are some thoughts which may be useful, and then some
suggestions.
There are many different approaches to firewalls, which I
genuinely do not know and have no desire to know. Some of these are kept
close to people's chest for obvious reasons.
There are several different aspects to security, and invasion
("hacking") is only one of them. It's possible for staff to reveal their
employer's intellectual property either deliberately or inadvertently
over the net, where it is somewhat public! It's also possible for
people's movements and activities on the net to be logged which is
thought by some to be revealing.
What you and I say here represents our companies, however many
disclaimers we might add! I have (elsewhere) written a page for the
course (Alan, where is it?) on how people working for companies should
approach the course (e.g. no advertising, no reliance on confidentiality,
etc). I accept that there could be course members whose contributions to
the course hhave to be limited. For example, on the C++ course we had an
active member who was not allowed to take part in any software generation
project by their employer (a software company).
Every piece of software has to be considered individually for use
through a firewall. Some sysadmins or other management may take the view
that ftp is OK, but MOO clients are not. Both are capable of importing
and exporting good and bad material!
Finally, there does not seem any need for you not to take a full part in
the course. We accept that there will be people who cannot do
everything, but there are many other factors - some people can't see
stereo, some cannot type fast, some may have a very slow line, etc.
However we will also try to find alternative solutions for people - we
have prepared the course so that it is potentially downloadable, for
example.
P.
Finally, it may be possible for you to find a friendly institution to
give you an alternative place to follow the course from. I would be
interested to know who is using their own connexion from home (I do this
in the evenings, for example, at 2400 baud, though I hope to upgrade.)
Peter Murray-Rust (pmr1716@ggr.co.uk) Glaxo Research & Development, Greenford,UK
mbglx@seqnet.dl.ac.uk, http://www.dl.ac.uk/CBMT/pmr.html (Thanks to AlanBleasby)
On Wed, 18 Jan 1995, Bill Chestnut wrote:
> Hello all,
> Just (finally) subscribed to this list and of course I have a burning
> question. I am using a Macintosh IIvx running MacX to access a Unix box
> over our company network, and from there run Mosaic v2.4 (I believe).
> Forms work just fine, but my concern is whether I will be able to
I'm not quite sure what you problem is - no need to answer if
there is a security issue. It sounds as if a firewall is being built
which will cause problems.
I would see the following as being a minimum for the course.
- bidirectional e-mail, including subscription to listproc
- a graphics-oriented WWW browser with forms.
In addition it is highly desirable for people to have telnet so they can
connect to BioMOO. telnet and ftp SHOULD be part of your browser since
the http protocol honours those. However not all browsers fork off nice
telnet sessions!
If you do not have forms there are problems for our admin, but
you can follow the course.
If you do not have graphics there is a serious problem since
proteins are highly graphical. We cannot guarantee for a downloadable
set of graphics, since much is outside BBK (e.g. swiss 3-d image)
If you do not have a MOO client, telnet will work, but garbles
your input with the MOO output. However it is what I use.
If you have a very slow line, get lynx. I like it and use it. But you
would have to get the graphics separately.
> participate fully in this course with a firewall in place. My system
> administrator has informed me it will be a minimum of 6 months before a
> new system is in place, but I didn't press him for details on it.
> Any advice will be greatly appreciated.
> Thanks in advance.
This is a very important area to discuss. My view and that of
many scientists in industry is that network access is critical for many
staff. Whether this should be some or all in an organisation depends on
their culture and goals. It is also a culture change and needs careful
management and training.
Although this is a personal view, and this course is run as a
personal activity, I should acknowledge the interest and support that I
have received from many of my colleagues including 'management'! A
number of my collegues will be 'sitting in' on the course.
>
> Bill Chestnut * e-mail--> och69@bwco.com * voice mail--> 1-919-315-4393
> snail mail--> 3030 Cornwallis Road, RTP, NC 27709
>