From comp.admin.policy Fri Jun 18 14:10:03 1993 Xref: utcsri alt.comp.acad-freedom.talk:8284 comp.admin.policy:3655 Path: utcsri!rpi!gatech!swrinde!menudo.uh.edu!Rosie.UH.EDU!ST10T From: st10t@Rosie.UH.EDU Newsgroups: alt.comp.acad-freedom.talk,comp.admin.policy Subject: Student suspended :: Case 1 w/ comments Date: 15 Jun 1993 03:39:43 GMT Organization: University of Houston Lines: 730 Message-ID: <1vjg9v$dfn@menudo.uh.edu> Reply-To: st10t@Rosie.UH.EDU NNTP-Posting-Host: rosie.uh.edu Hey all, This is it the first case. Support services is quite good at alleging and using innuendo. I have taken the opportunity to add my own comments as before w/ the usual [avi begin] [avi end]. I'd also like to relate a small story from my freshman or sophomore year, just to show certain discrepancies in the way different situations are handled and perhaps to show things weren't *always* so paranoid. [BIG DISCLAIMER] These may or may not be true the point being to illustrate a point rather than an admission of performing any act. [END BIG DISCLAINER] As you know Unix accounts aren't very easy to come by around our campus and so being a typical college student I decided to get myself one. I wanted it more or less legit. as it would be nice to be able to post and send mail etc.. Well needless to say security on our campus used to be *really* weak (Yes kids even more so than now :) ), and so it was pretty trivial to get ourselves accounts. Since I however wanted a real account, I went to a graduate student and told him I would trade security info., for a real unix account which he readily agreed. (The SE trick being, never talk to a bureaucrat) And so I got myself a legit. account (note however I never signed for the account, which may explain why they were as nice to me as they were (ie my name was still not attached to the account). Well one night I was playing around on the account getting some passwd cracker.. (btw menudo was *not* shadowed at this point). I believe a copy of the passwd file *may* have been in my account (i had the notion it was public domain too so I wasnt to concerned w/ hiding it) No cracked passwds were in my account ie nothing but pd crack programs and some k00l g-files :). Well some a *girlfriend* of a central site person warned me that they were watching my account, but that public domain files are not illegal just the *act* of cracking :: which seems pretty reasonable to me. Politically the trick is never to talk or deal w/ anyone who has authority but rather people who actually use and control the system as they generally have more (but not much unfortunately for uh) of a clue as to what goes on on their systems. I'd like to also point out that pushing can go both ways, there are many of you who are hardnosed about security ie lets bust people who volenteer information. (Goggans case, being an example) The problem w/ this really is that you push people so underground that they end up thinking fine you dont want to know about how fucked up your system is, we'll show you what it looks like trashed. This is obviously not in the best interest of any sysadmin and so since there will always be security people and there will always be those who enjoy seeing how to break security it would be best to keep an open dialogue between the two groups and not one of animosity and fear /contempt and disgust. I honestly believe that it is in the best interest to *encourage* people to play around w/ systems w/ the intention of keeping that playing out in the open where people can see it. The situation here at uh is completely the opposite here now (again as goggans case points out) where admins are next to paranoid but their lack of knowledge of some of the most trivial hacking methods have allowed our domain to be turned into swiss cheese while they are are busily trying to bust someone for printing a passwd file. This really had little to w/ the case, but just my philosophy. And now back to the story.... =============================================================================== CASE 1 =============================================================================== The following are memos and letters regarding James Henderson's FIRST charge and sanction by the University of Houston. They appear in chronological order, each separated by the double-line, "==========". All of James' personal comments are shown in brackets (e.g., [This is bogus]). =============================================================================== UNIVERSITY OF HOUSTON Academic Computing User Services Mail Code: CC-1961 Memorandum______________________________________________________________________ TO: Kathy Anzivino Dean of Students Office FROM: Howard Jares Manager DATE: March 11, 1992 SUBJ: Request for assistance regarding misuse of university computing services. ------------------------------------------------------------------------------- This memo is to request your office's assistance in the disciplinary action related to the misuse of Academic Computing services. There have recently been several instances where academic computing resources were abused and/or misused by owners of General Student Accounts (ST accounts) and an instructional account (for class-related use only). This memo is to address the actions taken by James Henderson, a Junior COSC major. He has repeatedly demonstrated his inability to comply with policies regarding the use/misuse of the facilities. Mr. Henderson was issued the following accounts as describe below: Userid System Name Type of Account Section code ---------- ------------ ----------------- ------------- cosc1547 menudo General Student cosc15g1 menudo Undergraduate Instructional 92S07214 ST1JF Jetson General Student jeh NeXT General Student Mr. Henderson is under investigation for using these accounts for business purposes, harassing other users through electronic mail, using resources without proper approval and/or breaking into other users' accounts. All of these actions are in direct violation of the "Computing Facilities User Guidelines" that are attached. This memo is to request your disciplinary review in acoordance with the Academic Honesty policies developed and enforced by your department. ------------------------------------------------------------------------------ Journal of Events Regarding James Henderson: February 20, 1992: cosc1547 on Menudo Alleged Activity: After being requested by Alan Pffiefer-Traum (the operating systems specialist responsible for Menudo) to not install and run game servers on Menudo, Mr. Henderson renamed and invoked a game server. This action provided access to anyone connected to the worldwide Internet to play this game on Menudo. [It's not like I was trying to set up a permanent game on the system and was going to tell the whole world to login. I was simply interested in how MUD servers work! I reran it in order to close shop. The game was originally TinyHORNS at UT, but the guy running it ("Striker") sent it to me when it went down...he had to transfer from UT.] [Avi adds] Since this is a game I think Support Services was in their right to do what they have done thought it could have been handled better. [Avi end] Action Taken: The account was disabled by Keith Crabb (another operating systems specialist responsible for Menudo). Documentation: Computing Facilities User Guidelines Memo from Mr. Henderson to Mr. McCormick Electronic mail from Alan to Mr. Henderson requesting that he not run game servers on Menudo Electronic main from Alan to Jerry to notify him that cosc1547 on menudo has been disabled Electronic mail from Mr. Henderson to Keith about being "KNOCKED OUT!" February 21, 1992: I contacted Mr. Henderson on February 21 and explained the security violation to him. I also explained that the appeal process was to write a letter to Interim Associate Vice President Gary McCormick to explain his actions and request that the account be turned back on. Mr. Henderson composed a letter and provided me with a copy. Mr. McCormick delegated the investigation responsibility to William Rowley (Director of Academic Computing) who in turn authorized me to investigate this incident. February 26, 1992: Mr. Henderson had recently requested an ST account on the JETSON system. After investigating the event, Mr. Rowley and I determined it would be best to reinstated his service on the requested ST account on the Jetson system, since this computing environment provided much better control and accountability. I instructed Scott Shreck (Supervisor of Support Services group) and Jerry to require Mr. Henderson to come to the Computing Center and get a copy of the Computing Facilities User Guidelines to insure that he would understand these policies. The account cosc1547 on Menudo has been left disabled and will remain that way pending direction from the Dean of Students office. ------------------------------------------------------------------------------- March 2, 1992: Jerry Raschke (Resource Administrator for Academic Comp.) moved all non-executable files to Mr. Henderson's new account ST1JF. Scott gave Mr. Henderson his new userid (ST1JF on Jetson) with a copy of the Computing Facilities User Guidelines and instructed him to read them carefully. Mr. Henderson later said that he needed the executable also so Jerry allowed him one week to access the files in the account over the network. ------------------------------------------------------------------------------- March 5, 1992: COSC15G1 on Menudo Alleged Activity: Mr. Henderson used his class account to queued more than 100 electronic mail message to a user in California full of obscenities and ^G (bell) characters. This was discovered during a routine check on the mail delivery system. [Routine check, eh? Yeah right. And how do they know what was in the mail without having to violated privacy laws by reading the mail? They read my e-mail without probable cause...as they say it was "routine check!" Do they read everybody's mail on "routine checks?"] Action Taken: No action was taken. Alan expected a call from the operating systems person at the site. [Avi begins] I didn't know about this. If someone did this to me I would have been pissed because its obviously a mailbomb. This wasn't brought up again however ie the admin or the cal. account user never responded to the bomb. If this is true, perhaps he wanted to be bombed? Perhaps he felt he deserved to be bomb? Maybe it was an admin who wanted to see how his system faired against mailbombings. Again I'm not saying this is true but it is SS's responsibility to make sure policy was violated (trivial by contacting user of account). As this really isn't brought up again [this is a serious allegation, in my opinion much more serious than running a mud] we can only conclude that KC did not do anything illegal (SS apparantly agreeiing ie no action taken) [Avi ends] ------------------------------------------------------------------------------- March 5, 1992: COSC15G1 on Menudo Alleged Activity: Alan received a complaint regarding cosc15g1 from Mike Kelly at Notre Dame regarding the offensive News postings by Mr. Henderson. During the investigation of this complaint it became apparent that Mr. Henderson was using the university computing facilities to sell comic books commercially. [No, I'm not in the comic book business. It just appeared that way. My posts for selling comic books were completely legitimate.] [Avi adds] KC was selling his own comic book collection, but being a nerd he has gazillions of them :). I have seen support service people buy and sell stuff for a profit via contacts over then net w/ no repercussions. Note also Anzivino dropped these charges. [Avi ends] Action Taken: Alan disabled the account based upon the Computing Facilities User Guidelines. Documentation: Electronic mail message from Mike Kelly to Alan (root) Electronic mail from Scott to me regarding Mr. Henderson's demands to reinstate his account ------------------------------------------------------------------------------- March 9, 1992: I requested Jerry to look into Mr. Henderson's files to see if there was any indication of commercial information regarding his alleged comic book sales. Jerry found a file dated 1/15/92 advertising the issues Mr. Henderson had for sale and stating "All transaction usually done through e-mail. If you have questions, wish to order, or send a WANT LIST -- just E-MAIL!". The message goes on to state that "future bargain lists to be consistently posted". [Yes, it takes QUITE A WHILE to sell the hundreds of comics I've been trying to get rid of... it's a personal "garage sale" type post! The way Anzivino found it NOT in violation was because she asked me if I've made a significant profit...and I said no.] Jerry also found a bunch of games and configuration file which was used to authorize other users to play this game on menudo. The list included authorization for 16 different computer systems non of which are afiliated with the University of Houston. [Another display of their computer inabilities and ignorance. The file they found was a script for a telnet client. It had "/addworld TinyMUSH
" for each MUD game I liked to telnet OUT TO...it wasn't an config file which let people telnet INTO my account! The script file is like an alias file... it set up easy-to-type commands, like "/connect tinymush" would connect me to that
of the MUD. Sysadmins ALWAYS ASSUME THE WORST!] [Avi adds] Haha.. again I think this illustrates that people dont seem to know what to look for. Of course maybe they do and they are just being malicious. (The infamous incompetence vs. malicious debate :) ) [Avi ends] I asked Alan if he had any complaints regarding Mr. Henderson. He sent an inquiry to James Cowling at the Creative Writing Department at the University of Victoria regarding the mail Mr. Henderson sent him previously. James sent back a rather lengthy response which is attached. Documentation: Electronic mail from Jerry to me containing the advertisement. Electronic mail from Jerry to me with a copy of the game authorization file. A explanation of the contents of the configuration file. Electronic mail from Alan to Jim Cowling Electronic mail from Jim Cowling to Alan (2 messages) ------------------------------------------------------------------------------- March 10, 1992: jeh on NeXT cluster at the Central Site Computing Facility Alleged Activity: No action by user Action Taken: Since NeXT account were issued based upon the user having a menudo account, Jim McGee at Central Site disabled jeh. Jim also stated that the account would be disabled until the Computing Center had fully investigated and resolved any issues it had with Mr. Henderson. ------------------------------------------------------------------------------- March 10, 1992: COSC15G1 on Menudo Alleged Activity: No action by user Action Taken: Howard Jares spoke to Dr. Paris who is the Unit Authority over the instructional COSC15G1 account. He gave his 100% support for the action taken to disable the account. He stated that he did not condone such action and appreciate Academic Computing's acton on the matter. ------------------------------------------------------------------------------- March 10, 1992: jeh on Menudo Alleged Activity: Mr. Henderson was seen logged on a NeXT machine at Central Site even though his account was disabled earlier in the day. See the next entry below as to why this is of particular interest. Action Taken: No action taken [Whatever. Maybe I was trying to log in... I don't remember. They're stupid to think I would hack into an account, especially right under their noses. This whole thing was like bad timing. My playing around with security programs and all (which happen to be public domain and supported by CERT). There are other people that do use hacked accounts. As a matter of fact, their still being used...but if I were to tell the sysadmins, they'd probably think I had some affiliation and assistance in the cracking and using of the accounts. But why do the the sysadmins think I am trying to compromise accounts when I already had my own and/or could simply apply for others?] [Avi adds] WTF? If they saw him log on to a next why didn't they walk 5 feet (distance from desk to next machines) and see what account he was logged on to? Was it a fred? Was he having fun at their expense by having a friend pop up screens on the machine he was sitting on, to make it look like he was logged on. I would do this if my account got shut down that day, but I would also expect them to walk over to check it out not jot notes down in hopes of a later bust. [Avi ends] ------------------------------------------------------------------------------- March 10, 1992: In the evening, the NeXT password file was compromised. The user who did this copied the password file to menudo. On menudo, a password cracking program was run and 56 out of 132 passwords were obtained. Some of the userids and passwords on menudo were the same as those on the NeXT. Keith found that a dormant staff account, ACSM0, was cracking NeXT passwords from Central Site. It was verified that some of the accounts which had been compromised on menudo were not being used by the actual account holders. The ACSM0 account contained a password cracking program and finger information on every user on menudo; account ST1IJ did also. This account was also TALKing to two of the accounts which had appeared to be compromised. ST1IJ told Keith that he would delete the file. Action Taken: The above mentioned contact. [Yeah? So? No mention of me...what the hell does this have to do with me?] [Avi adds] The allegation is that KC must have run crack on the machine. Again no proof, just innuendo. If they dont want finger disable it. This st1ij apparantly got talked into deleting finger information file. 56 cracks out of 132! Its not students who need to be running cracks its admins. [Avi end] ------------------------------------------------------------------------------- March 10, 1992: cosc1547 Alleged Activity: Suspect files found in disabled account. One of these files seems to be a file that allows access to users on certain specified systems. One file is a "To-do" list that reminds the user to post an advertisement for his comics business. Another file seems to be an advertisement. ["Seems to be.." Everything SEEMS bad to them. It was a MUD file! Stupids! And my personal to-do list. Ya? Is it a crime to have a text file? I called it an "advertisement" but the fact is, I am not a commercial business!!! Funny how one word can be misinterpreted. These guys are pathetic.] [Avi adds] The other file sounds like an .rlogin file to me. [End avi] Action Taken: No action taken ------------------------------------------------------------------------------- March 11, 1992: jeh on NeXT systems Alleged Activity: Mr. Henderson set up a hidden directory containing a subdirectory named to look like a word processing subdir- ectory ("wordproc"). This subdirectory contained a password cracking program and a text file consisting of the Central Site NeXT password file. Action Taken: The user was denied access to his NeXT files. [Oh, and if I named it "fuck" they would have gotten me on offensive charges. A bullet and a gun...but no accounts were cracked or compromised. There is no indication that I ever actually cracked the passwords...no record.] [Avi adds] He only had the passwd file and a crack program, no cracked passwords. [Avi end] ------------------------------------------------------------------------------- March 12, 1992: ST1JF on Jetson Alleged Activity: Account contained password cracking program Action Taken: Disabled the account [They shut me off because I had a public domain program which isn't even executable on VMS.] =============================================================================== [UH Dean of Students Office letterhead goes here] Dean of Students Office University Center Houston, Texas 77204-3652 3/23/92 Mr. James E. Henderson Dear Mr. Henderson: The Dean of Students Office has received a referral from Academic Computing Services stating that: you have allegedly used your student and instructional accounts for business purposes, harassing others through electronic mail, using resources without proper approval and/or breaking into other users' accounts. All of these actions are in violation of the "Computing Facilities User Guidelines" that were issued to you when your accounts were set up for you. [This quote is taken DIRECTLY from the ACS referral. Here, Ms. Anzivino takes everything that the dept. states or says word for word. She seems to never really look into the details of the case. Here, she fails to refer to which University Handbook policy I allegedly violated. I doubt she ever even referred to the Computing Facilities User Guidelines when writting this letter. She just quotes Howard Jares directly, and fails to show that she has really been investigating the matter... ...as we will also see in the sanction letter below.] This is to request that you contact my office within three days after receiving this letter to discuss possible violations of the University's disciplinary code. [quote from Handbook about obligations to meet with Dean of Students]. My office is located in the Dean of Students office, Room 252 of the University Center. Please arrange for an appointment to see me by calling 749-2915 [now 743-5470] or coming personally into the office. Your cooperation is appreciated. Sincerely, [signed] Kathy Anzivino Interim Assistant Dean of Students cc: file =============================================================================== [On 3/31/92 I agreed to a disciplinary conference with Ms. Anzivino] =============================================================================== [Dean of Students Office letterhead goes here] 4/8/92 Mr. James E. Henderson Dear Mr. Henderson: This letter confirms that you met with me to discuss a referral made by the Academic Computing User Services Department. The referral states that: you have allegedly used your student and instructional accounts for business purposes, harassing others through electronic mail, using resources without proper approval and/or breaking into other users' accounts. All of these actions are in violation of the "Computing Facilities User Guidelines" that were issued to you when your accounts were set up for you. After considering the presentation of your case, the referral, the investigation, and the University of Houston's Student Disciplinary Policies and Procedures, the following conclusion has been reached: You did use your student and instructional accounts in ways which they were not to be used. Thus, you were in in violation of the University of Houston's Disciplinary Code A, 5.16 which defines as unacceptable: "Unauthorized use or misuse of any computer, computer system, service, program, data, network, cable television network, or communication network." [The gem here is "You did use your student and instructional accounts in ways which they were not to be used." She fails to point out the exact CFUG policy that was violated! She's summing up her conclusion in a very vague claim, being Code A 5.16. Federal courts have called kind of policy "too vague." Which specific violation for which account? Is she saying I'm guilty of ALL of those charges on BOTH computer accounts? This gem of a sentence is very much like the one in my current case (1993): "You did use the computer account for purposes other than what it is to be used for." Quite bogus, I must say.] Therefore, the sanctions for you are: 1. Disciplinary Probation: Effective March 31, 1992 and ending May 16, 1993. Any student life policy violation during the period of this disciplinary probation could result in the consideration of more severe disciplinary actions by the University of Houston. A notation of "Disciplinary Probation" will be entered on your University of Houston academic record. It is your responsibility to notify the Dean of Students Office at the end of your probation period to have the notation removed from your record. Also, an enrollment stop is being placed on your academic record for the duration of the disciplinary probation period. Prior to re-enrolling at the University of Houston -- at fee payment time -- and/or requesting an official copy of your academic record, you must receive clearance from the Dean of Students' Office. 2. Loss of Computer account Privileges: Effective March 31, 1992 and ending July 8, 1992 you will not be eligible for a General Student Account or an Instructional Account with Academic Computing User Services. At the end of this period and before a new account will be issued to you, you must meet with Mr. Howard Jares to discuss one more time the appropriate uses for these accounts. 3. Written Warning: Your action was unacceptable at the University of Houston, and you must refraing doing it again. It is incumbent upon you, just like it is upon all persons in the university community, to abid by local laws and the rules of the university. [I hate the way the word "it" is used! "Your action," not "actions?" Then did I do ONE action? And which is "it?" Again very vague in pointing out what they want me to NOT do. And don't tell me "You know what you did." For records purposes (and legal suit purposes), the entire wording in these letters from the Dean of Students Office will not hold up!] [Avi adds] Hopefully! [Avi end] You do have the right to appeal this decision _for_valid_reasons_. If you decide to appeal you must notify Dr. William Munson, Dean of Students, _in_writing_, within five class days from the date of the receipt of this letter. Sincerely, [signed] Kathy Anzivinio Interim Assistant Dean of Students [God! I should have known all along! She was an INTERIM at the time!] =============================================================================== [After this sanction, I was furious! After a few upset phone calls (rash, but irrelevant to due process) trying to get a more detailed explanation of which exact computing guideline(s) she found me in violation of, I turned in this hand-written appeal:] April 10, 1992 Dr. William Munson Dean of Students Dear Sir: This is a letter of appeal to the decisions and sanctions given to me in a letter from Asst. Dean Anzivino on April 8. I am appealing the first two sanctions: (1) I wish to be able to go regular registration for Summer II semester. I am on probation (disciplinary) until May 16. Regular registration is May 11. Please consider removing the last five days of my probation period. (2) I plan on registering with a computer class in my degree program this summer, such as Dr. Paris' Fundamentals of OS class which I was forced to drop in the Spring. This class will be 4-6 MTTh in the Summer II semester. I have been considered ineligible for Instructional Computer Accounts until July 8. Computer classes are _not_ offered in Summer IV, so I would need priviledge to an instructional account for a Summer II class. Please reconsider. Sincerely, [signed] James Henderson =============================================================================== [While waiting for my appeal decision, I decided to write another letter:] February 20, 1992 To: Gary McCormick Vice President of Information Technology [Now permanent Director of M.I.S.] Dear Sir, This is concerning my UNIX account on the menudo server, account COSC1547, being shut off. I received this account in the Fall '91 semester and have renewed it for this semester for general use with my current computer class, for use of e-mail, and for use of the internet. I did not realize that server-games were not allowed by UH. Other campuses such as UT, Berkeley, and MIT allow these, and I was trying to enter UH into the internet (game) community. These games are multi- user, much like the internet-relay-channel here at karazm.math.uh.edu, where students "socialize" with each other and talk about each other's part of the world. I was running one of the servers, called CougarMUSH (Multi User Shell) on menudo, and students from around the country telnet to it by use of a port. This is a great way to chat with other computer science students. Anyway, my concern is that of turning my account back ON. I was chatting with a friend at UT when I was shut down. I had been warned that I should not run game servers on menudo, and I had known of the risks towards me & my account, but I did run it again for the purpose of retrieving programs within the game; a MUSH has its own programming language for creating object in the game and having them do certain function -- much like the holodeck on Star Trek:The Next Generation. I renamed the file temporarily in order not to get shut down; but, within 5 minutes, they found it and terminated me. Now they refuse to believe that I will delete the game and will not continue to do such activities, thus I am writing to you. Please, I ask you, to re- instate my account, for I have personal e-mail messages, and word-processing text I need to access, and I promise to _not_ run _game-servers_ any longer. Unless, you guys decide to allow them, which I strongly do and would support. These games have no harmful effects and take up almost NO CPU time over any short or long period of time. For now, I will delete it and cause no more trouble, and later we shall discuss authorization of these type of activities. (Consider running the game at night-time hours?) Please activate my account: COSC1547 Thank you, James Henderson [Neither Mr. McCormick nor anybody ever responded with a YES or NO. This just goes to show that UH administration is UNWILLING to discuss matters with students and computer users. Wonder how he's doing over at M.I.S.] =============================================================================== [UH Dean of Students Office letterhead goes here] April 24, 1992 Mr. James Henderson Dear Mr. Henderson: Please be informed that I have carefully reviewed your appeal dated April 10, 1992. I have discussed your academic status with the Department of Computer Sciences and have been told that you are lacking only computer science courses to complete a degree at the University of Houston. The sanction of "Loss of Computer Account Privileges" was an applicable sanction but suspension was not the intent. Since the sanction would prevent your enrollment in summer courses I will amend it. [Avi adds] Up to this point I think the university was pretty reasonable. IE they more or less gave him 6 months probation for his mud/comic book thing and they probably wanted to show KC that they have power before some of the allegations are become substantive. [Avi ends] I have also been forwarded information regarding the dialog that took place between you and the clerical staff in the Dean of Student's Office on Wednesday, April 22, 1992. This behavior was unacceptable and will not be tolerated. With this in mind your amended sanctions are as follows: 1. Disciplinary Probation: Effective Tuesday, March 31, 1992 and ending on your graduation date from the University of Houston. Any student life policy violation during the period...[everything else is as the above sanction letter] [In other words, the Dean EXTENDED punishment (in response to my appeal) due to an alleged phone call! Extending my punishment without ANY due process is an EXTREME violation of MY student rights. Dean Munson basically states that I am guilty of "unacceptable behavior" toward his secretary when he has no proof that a phone call was ever made, or if so, that it was even me! See my "appeal to this appeal" below.] [Avi begin] Obviously the extended probation (same as probation from july 92 until graduation) had the phone call in mind. Whether or not KC actually bitched someone out, one would think that he'd at least have a charge brought up against him and a hearing and be given a chance to defend himself. Munson basically charged him and sentenced him in a brilliant stroke of penmanship. This is surprising when considering that the fineline between "offensive" and "harassment" is not all together clear. Note also that, now Anzivino claims that Munson was not doing this but rather trading punishments. IE since he got his account back he was given extended probation... and you guys thought we were stretching it. Munson explicitly states he had the phone conversation in mind not the fact that KC got computer access. [Avi ends] 2. Written Warning: Your action was unacceptable at the University of Houston, and you must refrain from doing it again. It is incumbent upon you, just like it is upon all persons in the university to community, to abide by local laws and the rules of the university and report any acts that are in violation of the same. I remind you that any further violations of Student Life Policies will not be tolerated and will be grounds for suspension from the University of Houston. Sincerely, [signed] William F. Munson, Ph.D. Dean of Students =============================================================================== [Three months later, I appealed to this appeal decision:] 7/23/92 William F. Munson, Ph.D. Dean of Students Dear Dr. Munson: This letter is regarding my appeal (April 10, 1992) of the sanctions given me on April 4, 1992. The amended sanction given me on April 24, 1992, by you is unfair and violates my student right to a procedural hearing or conference. When appealing sanctions, a student expects the sanctions to be changed to benefit him or her; the student does not expect to be given any additional penalties, which has been done in the case of my appeal. I appreciate that the sanction "loss of computer account privileges" has been removed, but you have changed the ending period for my Disciplinary Probation from May 16, 1993 to the date of my graduation, which will be far after May 16, 1993. Basing your judgement to extend my probation period on actions I have allegedly done _after_ my disciplinary conference is a violation of my student rights. According to proper disciplinary procedures, a student shall be found neither innocent nor guilty of anything other than the alleged actions ("charges") stated in the preliminary letter. A student has the right to a hearing or conference on every accusation of misconduct; I was not given this right for your accusation of me having unacceptable and intolerable behavior with your clerical staff over the telephone. You have no right in adding more penalties to an appeal due to the alleged action or actions of a student, until the student is given a proper hearing and is found guilty of violating the related student policy or policies. I wish to be compensated for your violations of my student rights. I am requesting that the length of my Disciplinary Probation be reasonably shortened or that it be terminated. Furthermore, the sanctions given me initially were based on my violation of Code A, 5.16. The final report (letter) does not explicity state the exact actions for which I was found guilty of. This is very vague, and shows that Kathy Anzivino has given poor attention to the detail of my case; what is the exact abusive conduct I am guilty of which considers me in violation of Code A, 5.16? Please elaborate on these points in the concluding reports of disciplinary procedures. Violating my student rights shows possible prejudice, and is also grounds for a law suit against the University of Houston system. According to the Fifth Amendment, I have the right of due process of law, and I believe this also should pertain to disciplinary procedures of a university (this has been ruled in federal courts before). The computer account, which is a student facility at a public university, is required in my course work, and depriving me of this paid-for facility before I have been given a fair hearing is violation of my Fifth Amendment rights. Please take prompt action on restoring my rights. [What I meant here is that they have no right to turn off computer accounts for alleged actions. They should simply keep an eye on it until the Dean makes the decision if anything was violated. Better yet, Information Tech- nology should have a COMPUTING POLICY REVIEW BOARD.] Attached are excerpts from several text files currently in the archive of the EFF (Electronic Frontier Foundation). These excerpts pertain to student rights both in and out of the electronic community, also called "cyberspace." Laws in the area of "cyberspace" are not specifically outlined and are currently being developed by our legislators every day. Please do circulate these excerpts in order to educate your staff on life and living in the electronic community. I hope to receive a response from you in the near future. Respectfully yours, [signed] James E. Henderson III [Avi adds] This appeal to an appeal wasn't successful :(. [Avi ends] Attachments [Refer to my EFF excerpts file for the Attachments] [Avi adds] Gotta luv 'em! [Avi ends] =============================================================================== END CASE 1 =============================================================================== EOF EOF EOF EOF EOF EOF EOF EOF EOF EOF EOF EOF EOF EOF EOF EOF EOF EOF EOF EOF