A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » Windows XP Help and Support
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Log access or prevent access to private/confidential information.



 
 
Thread Tools Display Modes
  #1  
Old August 30th 05, 11:07 AM
Robin Tucker
external usenet poster
 
Posts: n/a
Default Log access or prevent access to private/confidential information.

Hi,

I would like to be able to log access to my folders from the network. That
is, I want to know when an administrator has accessed my drive. I have
private/confidential information on my PC and do not want administrators to
be able to access it, unless I give explicit permission. How can I achieve
this?

Thanks,


Robin.


Ads
  #2  
Old August 30th 05, 11:37 AM
David Candy
external usenet poster
 
Posts: n/a
Default

Ask your administrators.

--=20
-------------------------------------------------------------------------=
-------------------------
http://webdiary.smh.com.au/archives/...nt/001075.html
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D
"Robin Tucker" wrote in message =
...
Hi,
=20
I would like to be able to log access to my folders from the network. =

That=20
is, I want to know when an administrator has accessed my drive. I =

have=20
private/confidential information on my PC and do not want =

administrators to=20
be able to access it, unless I give explicit permission. How can I =

achieve=20
this?
=20
Thanks,
=20
=20
Robin.=20
=20

  #3  
Old August 30th 05, 01:23 PM
Galen
external usenet poster
 
Posts: n/a
Default

In ,
Robin Tucker had this to say:

My reply is at the bottom of your sent message:

Hi,

I would like to be able to log access to my folders from the network.
That is, I want to know when an administrator has accessed my drive. I
have private/confidential information on my PC and do not want
administrators to be able to access it, unless I give explicit
permission. How can I achieve this?

Thanks,


Robin.


As has been mentioned by David Candy, ask them. If you have, as it seems,
administrators then the implication is that the PC doesn't belong to you.
Private/confidential information should not really be kept on property not
belonging to you and the company has a right (and perhaps and obligation) to
monitor the contents of their property. Given that they're the admins and
likely able to access your account at any time (and probably have rules
regarding third party software installations) your best bet would be to
accept that anything you put on the work computer belongs, by default, to
the company or at least gives them rights to access it with or without your
consent.

Your personal computing should probably be done at home -- if you want to
keep your job. More and more companies, for various reasons, are starting to
not only monitor internet access but files on their PCs. With the increase
in various regulations (Sarbox, HIPPA, etc) it's in your best interest to
really keep your personal, private, and confidential data on a system that
you are the only administrator of. Note that this is mostly a U.S. thing
though the EU and surely other countries have similar policies.

Galen
--

"You know that a conjurer gets no credit when once he has explained his
trick; and if I show you too much of my method of working, you will
come to the conclusion that I am a very ordinary individual after all."

Sherlock Holmes


  #4  
Old August 30th 05, 02:33 PM
Robin Tucker
external usenet poster
 
Posts: n/a
Default

Yes, it is company property. No, I am not asking that MY PERSONAL
INFORMATION be locked down. The administrators should not have the right to
view any/all information, some of which is potentially confidential such as,
for example, Personel Records. No I am not a n00b sitting in a cubicle
passing wind every 30 seconds. I am genuiunely asking this question, for
the purposes of security of personal information. How can we allow
administration of a network/domain, but protect information from prying
eyes, be they administrators or not.

Thankyou.



"Galen" wrote in message
...
In ,
Robin Tucker had this to say:

My reply is at the bottom of your sent message:

Hi,

I would like to be able to log access to my folders from the network.
That is, I want to know when an administrator has accessed my drive. I
have private/confidential information on my PC and do not want
administrators to be able to access it, unless I give explicit
permission. How can I achieve this?

Thanks,


Robin.


As has been mentioned by David Candy, ask them. If you have, as it seems,
administrators then the implication is that the PC doesn't belong to you.
Private/confidential information should not really be kept on property not
belonging to you and the company has a right (and perhaps and obligation)
to monitor the contents of their property. Given that they're the admins
and likely able to access your account at any time (and probably have
rules regarding third party software installations) your best bet would be
to accept that anything you put on the work computer belongs, by default,
to the company or at least gives them rights to access it with or without
your consent.

Your personal computing should probably be done at home -- if you want to
keep your job. More and more companies, for various reasons, are starting
to not only monitor internet access but files on their PCs. With the
increase in various regulations (Sarbox, HIPPA, etc) it's in your best
interest to really keep your personal, private, and confidential data on a
system that you are the only administrator of. Note that this is mostly a
U.S. thing though the EU and surely other countries have similar policies.

Galen
--

"You know that a conjurer gets no credit when once he has explained his
trick; and if I show you too much of my method of working, you will
come to the conclusion that I am a very ordinary individual after all."

Sherlock Holmes



  #5  
Old August 30th 05, 02:46 PM
David Candy
external usenet poster
 
Posts: n/a
Default

You need to ask your administrators how to do this. Admins can't =
secretly peek at your documents. They are in charge and may prefer you =
to do it their way. They are the experts in your company on this =
subject. But basically you can't stop them but nor can they do it =
secretly.

Admins are used to concerns like this. To take action without their =
approval could be a criminal offense.
--=20
-------------------------------------------------------------------------=
-------------------------
http://webdiary.smh.com.au/archives/...nt/001075.html
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D
"Robin Tucker" wrote in message =
...
Yes, it is company property. No, I am not asking that MY PERSONAL=20
INFORMATION be locked down. The administrators should not have the =

right to=20
view any/all information, some of which is potentially confidential =

such as,=20
for example, Personel Records. No I am not a n00b sitting in a =

cubicle=20
passing wind every 30 seconds. I am genuiunely asking this question, =

for=20
the purposes of security of personal information. How can we allow=20
administration of a network/domain, but protect information from =

prying=20
eyes, be they administrators or not.
=20
Thankyou.
=20
=20
=20
"Galen" wrote in message=20
...
In ,
Robin Tucker had this to say:

My reply is at the bottom of your sent message:

Hi,

I would like to be able to log access to my folders from the =

network.
That is, I want to know when an administrator has accessed my drive. =

I=20
have private/confidential information on my PC and do not want
administrators to be able to access it, unless I give explicit
permission. How can I achieve this?

Thanks,


Robin.


As has been mentioned by David Candy, ask them. If you have, as it =

seems,=20
administrators then the implication is that the PC doesn't belong to =

you.=20
Private/confidential information should not really be kept on =

property not=20
belonging to you and the company has a right (and perhaps and =

obligation)=20
to monitor the contents of their property. Given that they're the =

admins=20
and likely able to access your account at any time (and probably have =


rules regarding third party software installations) your best bet =

would be=20
to accept that anything you put on the work computer belongs, by =

default,=20
to the company or at least gives them rights to access it with or =

without=20
your consent.

Your personal computing should probably be done at home -- if you =

want to=20
keep your job. More and more companies, for various reasons, are =

starting=20
to not only monitor internet access but files on their PCs. With the=20
increase in various regulations (Sarbox, HIPPA, etc) it's in your =

best=20
interest to really keep your personal, private, and confidential data =

on a=20
system that you are the only administrator of. Note that this is =

mostly a=20
U.S. thing though the EU and surely other countries have similar =

policies.

Galen
--=20

"You know that a conjurer gets no credit when once he has explained =

his
trick; and if I show you too much of my method of working, you will
come to the conclusion that I am a very ordinary individual after =

all."

Sherlock Holmes
=20

=20

  #6  
Old August 30th 05, 03:09 PM
Brian Cryer
external usenet poster
 
Posts: n/a
Default

"Robin Tucker" wrote in message
...
Hi,

I would like to be able to log access to my folders from the network.
That is, I want to know when an administrator has accessed my drive. I
have private/confidential information on my PC and do not want
administrators to be able to access it, unless I give explicit permission.
How can I achieve this?

Thanks,


Robin.


Robin,

I don't think you can log access to folders. I've certainly not come across
a way to do it.

In terms of preventing administrators or any others from accessing your
folders, there are a few options:

1. Use file permissions. Using windows explorer, right click the folder you
want to protect, select properties. Then on the "Security" tab you have
control over who has permissions to view, edit, etc on the folder. To stop
system administrators I think you will need to revoke access to
"Administrators". But review each of the permissions because I think the
logic is to grant access to someone if they have access via any of the
accounts/groups listed. You will also need to consider permissions on the
files themselves. If you can't view or change the security permissions then
its likely that the system administrators have locked this out - after all,
fiddling with the file permissions in say the windows folder and you could
break your system.

2. Encrypt your files. If you have your disk formatted NTFS then you can
encrypt files (file properties general Advanced), but if you encrypt a
file then I think that only you can read it - which isn't any good if you
need to share the file with anyone else.

Hope this helps,

Brian.

www.cryer.co.uk/brian


  #7  
Old August 30th 05, 03:35 PM
David Candy
external usenet poster
 
Posts: n/a
Default

Admins can take ownership of any file. File permissions won't help. =
Admins can reset the user's password and login and access encrypted =
files.

--=20
-------------------------------------------------------------------------=
-------------------------
http://webdiary.smh.com.au/archives/...nt/001075.html
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D
"Brian Cryer" wrote in message =
...
"Robin Tucker" wrote in message=20
...
Hi,

I would like to be able to log access to my folders from the network. =


That is, I want to know when an administrator has accessed my drive. =

I=20
have private/confidential information on my PC and do not want=20
administrators to be able to access it, unless I give explicit =

permission.=20
How can I achieve this?

Thanks,


Robin.

=20
Robin,
=20
I don't think you can log access to folders. I've certainly not come =

across=20
a way to do it.
=20
In terms of preventing administrators or any others from accessing =

your=20
folders, there are a few options:
=20
1. Use file permissions. Using windows explorer, right click the =

folder you=20
want to protect, select properties. Then on the "Security" tab you =

have=20
control over who has permissions to view, edit, etc on the folder. To =

stop=20
system administrators I think you will need to revoke access to=20
"Administrators". But review each of the permissions because I think =

the=20
logic is to grant access to someone if they have access via any of the =


accounts/groups listed. You will also need to consider permissions on =

the=20
files themselves. If you can't view or change the security =

permissions then=20
its likely that the system administrators have locked this out - after =

all,=20
fiddling with the file permissions in say the windows folder and you =

could=20
break your system.
=20
2. Encrypt your files. If you have your disk formatted NTFS then you =

can=20
encrypt files (file properties general Advanced), but if you =

encrypt a=20
file then I think that only you can read it - which isn't any good if =

you=20
need to share the file with anyone else.
=20
Hope this helps,
=20
Brian.
=20
www.cryer.co.uk/brian
=20

  #8  
Old August 30th 05, 03:38 PM
Robin Tucker
external usenet poster
 
Posts: n/a
Default

This is exactly the information I needed. Thankyou very much.

"Brian Cryer" wrote in message
...
"Robin Tucker" wrote in message
...
Hi,

I would like to be able to log access to my folders from the network.
That is, I want to know when an administrator has accessed my drive. I
have private/confidential information on my PC and do not want
administrators to be able to access it, unless I give explicit
permission. How can I achieve this?

Thanks,


Robin.


Robin,

I don't think you can log access to folders. I've certainly not come
across a way to do it.

In terms of preventing administrators or any others from accessing your
folders, there are a few options:

1. Use file permissions. Using windows explorer, right click the folder
you want to protect, select properties. Then on the "Security" tab you
have control over who has permissions to view, edit, etc on the folder. To
stop system administrators I think you will need to revoke access to
"Administrators". But review each of the permissions because I think the
logic is to grant access to someone if they have access via any of the
accounts/groups listed. You will also need to consider permissions on the
files themselves. If you can't view or change the security permissions
then its likely that the system administrators have locked this out -
after all, fiddling with the file permissions in say the windows folder
and you could break your system.

2. Encrypt your files. If you have your disk formatted NTFS then you can
encrypt files (file properties general Advanced), but if you encrypt a
file then I think that only you can read it - which isn't any good if you
need to share the file with anyone else.

Hope this helps,

Brian.

www.cryer.co.uk/brian




  #9  
Old August 30th 05, 04:13 PM
David Candy
external usenet poster
 
Posts: n/a
Default

It would be where I live (one cannot change a single byte on a computer =
without permission or 5 years goal). Why do you want to ask people who =
don't know rather than the experts in your company? You can't stop an =
admin. That's the whole purpose of admins. But nor can the admin do it =
secretly. One suggestion you have been given I would sack you on the =
spot as it threatens the survival of the company.

Sure you aren't trying to hack into these files.

--=20
-------------------------------------------------------------------------=
-------------------------
http://webdiary.smh.com.au/archives/...nt/001075.html
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D
"Robin Tucker" wrote in message =
...
=20
"To take action without their approval could be a criminal offense."
=20
=20
Please, this is completely incorrect. It may be against company =

policy (in=20
some companies), but it is certainly not illegal. Are you a member of =

the=20
administrators trades union or something?
=20
=20
=20
=20
=

-------------------------------------------------------------------------=
-------------------------
http://webdiary.smh.com.au/archives/...nt/001075.html
=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D
"Robin Tucker" wrote in message=20
...
Yes, it is company property. No, I am not asking that MY PERSONAL
INFORMATION be locked down. The administrators should not have the =

right=20
to
view any/all information, some of which is potentially confidential =

such=20
as,
for example, Personel Records. No I am not a n00b sitting in a =

cubicle
passing wind every 30 seconds. I am genuiunely asking this question, =

for
the purposes of security of personal information. How can we allow
administration of a network/domain, but protect information from =

prying
eyes, be they administrators or not.

Thankyou.



"Galen" wrote in message =20
...
In ,
Robin Tucker had this to say:

My reply is at the bottom of your sent message:

Hi,

I would like to be able to log access to my folders from the =

network.
That is, I want to know when an administrator has accessed my =

drive. I
have private/confidential information on my PC and do not want
administrators to be able to access it, unless I give explicit
permission. How can I achieve this?

Thanks,


Robin.

As has been mentioned by David Candy, ask them. If you have, as it =

seems,
administrators then the implication is that the PC doesn't belong to =

you.
Private/confidential information should not really be kept on =

property=20
not
belonging to you and the company has a right (and perhaps and =

obligation)
to monitor the contents of their property. Given that they're the =

admins
and likely able to access your account at any time (and probably =

have
rules regarding third party software installations) your best bet =

would=20
be
to accept that anything you put on the work computer belongs, by =

default,
to the company or at least gives them rights to access it with or =

without
your consent.

Your personal computing should probably be done at home -- if you =

want to
keep your job. More and more companies, for various reasons, are =

starting
to not only monitor internet access but files on their PCs. With the
increase in various regulations (Sarbox, HIPPA, etc) it's in your =

best
interest to really keep your personal, private, and confidential =

data on=20
a
system that you are the only administrator of. Note that this is =

mostly a
U.S. thing though the EU and surely other countries have similar=20
policies.

Galen
--=20

"You know that a conjurer gets no credit when once he has explained =

his
trick; and if I show you too much of my method of working, you will
come to the conclusion that I am a very ordinary individual after =

all."

Sherlock Holmes


=20

=20

  #10  
Old August 30th 05, 04:16 PM
Robin Tucker
external usenet poster
 
Posts: n/a
Default


Yes indeed they can. But a reset password will give me some indication that
this has been done.

Note: I am not seeking to make sure this information *cannot ever be access
by any administrator at any time*, I am merely wanting such information to
be accessed with my or my managers permission in such circumstances as this
may be neccessary. With this method, my manager can, if required gain
access to the data by asking the administrator to reset the password.



"David Candy" . wrote in message
...
Admins can take ownership of any file. File permissions won't help. Admins
can reset the user's password and login and access encrypted files.

--
--------------------------------------------------------------------------------------------------
http://webdiary.smh.com.au/archives/...nt/001075.html
=================================================
"Brian Cryer" wrote in message
...
"Robin Tucker" wrote in message
...
Hi,

I would like to be able to log access to my folders from the network.
That is, I want to know when an administrator has accessed my drive. I
have private/confidential information on my PC and do not want
administrators to be able to access it, unless I give explicit
permission.
How can I achieve this?

Thanks,


Robin.


Robin,

I don't think you can log access to folders. I've certainly not come
across
a way to do it.

In terms of preventing administrators or any others from accessing your
folders, there are a few options:

1. Use file permissions. Using windows explorer, right click the folder
you
want to protect, select properties. Then on the "Security" tab you have
control over who has permissions to view, edit, etc on the folder. To stop
system administrators I think you will need to revoke access to
"Administrators". But review each of the permissions because I think the
logic is to grant access to someone if they have access via any of the
accounts/groups listed. You will also need to consider permissions on the
files themselves. If you can't view or change the security permissions
then
its likely that the system administrators have locked this out - after
all,
fiddling with the file permissions in say the windows folder and you could
break your system.

2. Encrypt your files. If you have your disk formatted NTFS then you can
encrypt files (file properties general Advanced), but if you encrypt a
file then I think that only you can read it - which isn't any good if you
need to share the file with anyone else.

Hope this helps,

Brian.

www.cryer.co.uk/brian




  #11  
Old August 30th 05, 04:27 PM
David Candy
external usenet poster
 
Posts: n/a
Default

Sorry, it would be 2 years for you. They were the old law

You are breaking 308i
Page 8

308I Unauthorised impairment of data held in computer disk, credit 21

card or other device (summary offence) 22

(1) A person: 23

(a) who causes any unauthorised impairment of the 24

reliability, security or operation of any data held on a 25

computer disk, credit card or other device used to store 26

data by electronic means, and 27

(b) who knows that the impairment is unauthorised, and 28

(c) who intends to cause that impairment, 29

is guilty of an offence. 30

Maximum penalty: Imprisonment for 2 years. 31

(2) An offence against this section is a summary offence. 32

Crimes Amendment (Computer Offences) Bill 2001

Amendment of Crimes Act 1900 Schedule 1

(3) For the purposes of this section, impairment of the reliability, 1

security or operation of data is unauthorised if the person is 2

not entitled to cause that impairment.

310Damaging data in computer10 years and/or1,000 penalty units309 =
(1)Unlawful access to data in computer6 months and/or 50penalty units309 =
(2)Unlawful access to data in computer=97intent todefraud/dishonestly =
obtain benefit or causeloss/injury2 years and/or 500penalty units309 =
(3)Unlawful access to data in computer=97knowledgedata is confidential2 =
years and/or 500penalty units309 (4)Continue to examine data in =
computer=97oughtreasonably to know data confidential2 years and/or =
500penalty units
-------------------------------------------------------------------------=
-------
Page 3=20
Crimes Amendment (Computer Offences) Bill 2001Explanatory =
noteExplanatory note page 3Those computer offences are to be replaced by =
the following computer offences:SectionOffenceMax penalty308CCause =
unauthorised computer function withintention to commit serious offence =
(comprisingunauthorised access to data, unauthorisedmodification of data =
or unauthorised impairment ofelectronic communication)The maximumpenalty =
applicablefor commission ofserious indictableoffence308DUnauthorised =
modification of data with intent tocause impairment10 =
years308EUnauthorised impairment of electroniccommunication to or from =
computer10 years308FPossession of data with intent to commit =
computeroffence3 years308GProducing, supplying or obtaining data with =
intentto commit computer offence3 years308HUnauthorised access to or =
modification ofrestricted data in computer (summary offence)2 =
years308IUnauthorised impairment of data held in computerdisk, credit =
card or other device (summary offence)2 yearsUnder sections 15 and 16 of =
the Crimes (Sentencing Procedure) Act 1999, thecourt mayimpose a fine =
for anysuch offence instead of or in addition to a sentenceof =
imprisonment, namely 1,000 penalty units (currently $110,000) or, in the =
caseof a corporation, 2,000 penalty units (currently $220,000).An =
explanation of the new offences and the policy considerations concerned =
iscontained in thereport on Chapter4 (Damageand =
computeroffences)oftheModelCriminal Code Officers Committee. Schedule 2 =
contains an amendment to the Criminal Procedure Act 1986 that =
isconsequential on the amendments contained in Schedule 1. The =
amendmentprovides that all of the new computer offences that are =
indictable and carry amaximum penalty of 10 years imprisonment or less =
are to be disposed ofsummarily (with a maximum penalty of 2 years =
imprisonment) unless theprosecuting authority or the accused otherwise =
elects.
-------------------------------------------------------------------------=
-------
Page 4=20
b01-024-p02.801First printNew South Wales Crimes Amendment =
(ComputerOffences) Bill 2001ContentsPage1 Name of Act22 Commencement23 =
Amendment of Crimes Act 1900 No 4024 Amendment of Criminal Procedure Act =
1986 No 2092Schedules1 Amendment of Crimes Act 1900 32 Amendment of =
Criminal Procedure Act 198610
-------------------------------------------------------------------------=
-------
Page 5=20
New South Wales Crimes Amendment (ComputerOffences) Bill 2001No , 2001A =
Bill forAn Act to amend the Crimes Act 1900 and the Criminal Procedure =
Act 1986 withrespect to computer offences.
-------------------------------------------------------------------------=
-------
Page 6=20
Clause 1Crimes Amendment (Computer Offences) Bill 2001Page 2The =
Legislature of New South Wales enacts:11 Name of Act2This Act is the =
Crimes Amendment (Computer Offences) Act 2001.32 Commencement4This Act =
commences on a day to be appointed by proclamation.53 Amendment of =
Crimes Act 1900 No 406The Crimes Act 1900 is amended as set out in =
Schedule 1.74 Amendment of Criminal Procedure Act 1986 No 2098The =
Criminal ProcedureAct 1986is amended asset out in Schedule2.9
-------------------------------------------------------------------------=
-------
Page 7=20
Crimes Amendment (Computer Offences) Bill 2001Amendment of Crimes Act =
1900 Schedule 1Page 3Schedule 1 Amendment of Crimes Act 1900 1(Section =
3)2[1] Part 63Omit the Part. Insert instead:4Part 6 Computer =
offences5308 General definitions6In this Part:7computer offence =
means:8(a)an offence against this Part, or9(b)conduct in another =
jurisdiction that is an offence in that10jurisdiction and that would =
constitute an offence against11this Part if the conduct occurred in this =
jurisdiction.12data includes:13(a)information in any form, or14(b)any =
program (or part of a program).15data held in a computer =
includes:16(a)data entered or copied into the computer, or17(b)data held =
in any removable data storage device for the18time being in the =
computer, or19(c)data held in a data storage device on a =
computer20network of which the computer forms part.21data storage device =
means anything(for example a disk or file22server) containing or =
designed to contain data for use by a23computer.24electronic =
communication means a communication of25information in any form by means =
of guided or unguided26electromagnetic energy.27
-------------------------------------------------------------------------=
-------
Page 8=20
Crimes Amendment (Computer Offences) Bill 2001Schedule 1Amendment of =
Crimes Act 1900 Page 4308A Meaning of access to data, modification of =
data and impairment1of electronic communication2(1) In this Part, access =
to data held in a computer means:3(a)the display of the data by the =
computer or any other4output of the data from the computer, or5(b)the =
copying or moving of the data to any other place in6the computer or to a =
data storage device, or7(c)inthe case ofa program=97the execution ofthe =
program.8(2) In this Part, modification of data held in a computer =
means:9(a)the alteration or removal of the data, or10(b)an addition to =
the data.11(3) In this Part, impairment of electronic communication to =
or12from a computer includes:13(a)the prevention of any such =
communication, or14(b)the impairment of any such communication on =
an15electronic link or network used by the computer,16but does not =
include a mere interception of any such17communication.18(4) A reference =
in this Part to any such access, modification or19impairment is limited =
to access, modification or impairment20caused (whether directly or =
indirectly) by the execution of a21function of a computer.22308B Meaning =
of unauthorised access, modification or impairment23(1) For the purposes =
of this Part, access to or modification of data,24or impairment of =
electronic communication, by a person is25unauthorised if the person is =
not entitled to cause that access,26modification or impairment.27(2) Any =
such access, modification or impairment is =
not28unauthorisedmerelybecause the personhas anulteriorpurpose29for that =
action.30(3) For the purposes of an offence under this Part, a person =
causes31any such unauthorised access, modification or impairment if32the =
person=92s conduct substantially contributes to the33unauthorised =
access, modification or impairment.34
-------------------------------------------------------------------------=
-------
Page 9=20
Crimes Amendment (Computer Offences) Bill 2001Amendment of Crimes Act =
1900 Schedule 1Page 5308C Unauthorised access, modification or =
impairment with intent to1commit serious indictable offence2(1) A person =
who causes any unauthorised computer function:3(a)knowing it is =
unauthorised, and4(b)with the intention of committing a serious =
indictable5offence, or facilitating the commission of a =
serious6indictable offence (whether bythe person or =
byanother7person),8is guilty of an offence.9Maximum penalty: The maximum =
penalty applicable if the10person had committed, or facilitated the =
commission of, the11serious indictable offence in this =
jurisdiction.12(2) For the purposes of this section, an unauthorised =
computer13function is:14(a)any unauthorised access to data held in any =
computer,15or16(b)any unauthorised modification of data held in =
any17computer, or18(c)any unauthorised impairment of =
electronic19communication to or from any computer.20(3) For the purposes =
of this section, a serious indictable offence21includes an offence in =
any other jurisdiction that would be a22serious indictable offence if =
committed in this jurisdiction.23(4) A person may be found guilty of an =
offence against this24section:25(a)even if committing the serious =
indictable offence26concerned is impossible, or27(b)whether the serious =
indictable offence is to be28committed at the time of the unauthorised =
conduct or at29a later time.30(5) It is not an offence to attempt to =
commit an offence against this31section.32
-------------------------------------------------------------------------=
-------
Page 10=20
Crimes Amendment (Computer Offences) Bill 2001Schedule 1Amendment of =
Crimes Act 1900 Page 6308D Unauthorised modification of data with intent =
to cause1impairment2(1) A person who:3(a)causes any unauthorised =
modification of data held in a4computer, and5(b)knows that the =
modification is unauthorised, and6(c)intends by the modification to =
impair access to, or to7impair the reliability, security or operation =
of, any data8held in a computer, or who is reckless as to any =
such9impairment,10is guilty of an offence.11Maximum penalty: =
Imprisonment for 10 years.12(2) Aconviction foranoffenceagainst this =
section is analternative13verdict to a charge for:14(a)an offence =
against section 195 (Maliciously destroying15or damaging property), =
or16(b)an offence against section 308E (Unauthorised17impairment of =
electronic communication).18308E Unauthorised impairment of electronic =
communication19(1) A person who:20(a)causes any unauthorised impairment =
of electronic21communication to or from a computer, and 22(b)knows that =
the impairment is unauthorised, and23(c)intends to impair electronic =
communication to or from24the computer, or who is reckless as to any =
such25impairment,26is guilty of an offence.27Maximum penalty: =
Imprisonment for 10 years.28(2) Aconviction foranoffenceagainst this =
section is analternative29verdict to a charge for:30(a)an offence =
against section 195 (Maliciously destroying31or damaging property), =
or32(b)an offence against section 308D (Unauthorised33modification of =
data with intent to cause impairment).34
-------------------------------------------------------------------------=
-------
Page 11=20
Crimes Amendment (Computer Offences) Bill 2001Amendment of Crimes Act =
1900 Schedule 1Page 7308F Possession of data with intent to commit =
computer offence1(1) A person who is in possession or control of =
data:2(a)with the intention of committinga computer offence, or3(b)with =
the intention of facilitating the commission of a4computer offence =
(whether by the person or by another5person),6is guilty of an =
offence.7Maximum penalty: Imprisonment for 3 years.8(2) For the purposes =
of this section, possession or control of data9includes:10(a)possession =
of a computer ordatastoragedeviceholding11or containing the data or of a =
document in which the12data is recorded, and13(b)control of data held in =
a computer that is in the14possession of another person (whether the =
computer is15in this jurisdiction or outside this jurisdiction).16(3) A =
person maybe found guiltyof an offence against this section17even if =
committing the computer offence concerned is18impossible.19(4) It is not =
an offence to attempt to commit an offence against this20section.21308G =
Producing, supplying or obtaining data with intent to commit22computer =
offence23(1) A person who produces, supplies or obtains data:24(a)with =
the intention of committinga computer offence, or25(b)with the intention =
of facilitating the commission of a26computer offence (whether by the =
person or by another27person),28is guilty of an offence.29Maximum =
penalty: Imprisonment for 3 years.30(2) For the purposes of this =
section, produce, supply or obtain31data includes:32(a)produce, supply =
or obtain data held or contained in a33computer or data storage device, =
or34
-------------------------------------------------------------------------=
-------
Page 12=20
Crimes Amendment (Computer Offences) Bill 2001Schedule 1Amendment of =
Crimes Act 1900 Page 8(b)produce, supplyor obtain a document in which =
the data1is recorded.2(3) A person maybe found guiltyof an offence =
against this section3even if committing the computer offence concerned =
is4impossible.5308H Unauthorised access to or modification of restricted =
data held6in computer (summary offence)7(1) A person:8(a)who causes any =
unauthorised access to or modification9of restricted data held in a =
computer, and10(b)who knows that the access or modification =
is11unauthorised, and12(c)who intends to cause that access or =
modification,13is guilty of an offence.14Maximum penalty: Imprisonment =
for 2 years.15(2) An offence against this section is a summary =
offence.16(3) In this section:17restricted data means data held in a =
computer to which access18is restricted by an access control system =
associated with a19function of the computer.20308I Unauthorised =
impairment of data held in computer disk, credit21card or other device =
(summary offence)22(1) A person:23(a)who causes any unauthorised =
impairment of the24reliability, security or operation of any data held =
on a25computer disk, credit card or other device used to store26data by =
electronic means, and27(b)who knows that the impairment is unauthorised, =
and28(c)who intends to cause that impairment,29is guilty of an =
offence.30Maximum penalty: Imprisonment for 2 years.31(2) An offence =
against this section is a summary offence.32
-------------------------------------------------------------------------=
-------
Page 13=20
Crimes Amendment (Computer Offences) Bill 2001Amendment of Crimes Act =
1900 Schedule 1Page 9(3) For the purposes of this section, impairment of =
the reliability,1security or operation of data is unauthorised if the =
person is2not entitled to cause that impairment.3[2] Section 428B =
Offences of specific intent to which Part applies4Omit from the Table to =
the section the matter relating to section 309 (2).5
-------------------------------------------------------------------------=
-------
Page 14=20
Crimes Amendment (Computer Offences) Bill 2001Schedule 2Amendment of =
Criminal Procedure Act 1986Page 10Schedule 2 Amendment of Criminal =
Procedure1Act 19862(Section 4)3Schedule 1 Indictable offences triable =
summarily4Omit =93section 309 (2),(3)or(4)or310=94fromitem14 ofTable1 =
(Indictable5offences to be dealt with summarily unless prosecuting =
authority or person6charged elects otherwise).7Insert instead =93section =
308C (where the serious indictable offence to be8committed is punishable =
byimprisonment for10 years orless),308D,308E,9308F or =
308G=94.10310Damaging data in computer10 years and/or1,000 penalty =
units309 (1)Unlawful access to data in computer6 months and/or 50penalty =
units309 (2)Unlawful access to data in computer=97intent =
todefraud/dishonestly obtain benefit or causeloss/injury2 years and/or =
500penalty units309 (3)Unlawful access to data in =
computer=97knowledgedata is confidential2 years and/or 500penalty =
units309 (4)Continue to examine data in computer=97oughtreasonably to =
know data confidential2 years and/or 500penalty units
-------------------------------------------------------------------------=
-------
Page 3=20
Crimes Amendment (Computer Offences) Bill 2001Explanatory =
noteExplanatory note page 3Those computer offences are to be replaced by =
the following computer offences:SectionOffenceMax penalty308CCause =
unauthorised computer function withintention to commit serious offence =
(comprisingunauthorised access to data, unauthorisedmodification of data =
or unauthorised impairment ofelectronic communication)The maximumpenalty =
applicablefor commission ofserious indictableoffence308DUnauthorised =
modification of data with intent tocause impairment10 =
years308EUnauthorised impairment of electroniccommunication to or from =
computer10 years308FPossession of data with intent to commit =
computeroffence3 years308GProducing, supplying or obtaining data with =
intentto commit computer offence3 years308HUnauthorised access to or =
modification ofrestricted data in computer (summary offence)2 =
years308IUnauthorised impairment of data held in computerdisk, credit =
card or other device (summary offence)2 yearsUnder sections 15 and 16 of =
the Crimes (Sentencing Procedure) Act 1999, thecourt mayimpose a fine =
for anysuch offence instead of or in addition to a sentenceof =
imprisonment, namely 1,000 penalty units (currently $110,000) or, in the =
caseof a corporation, 2,000 penalty units (currently $220,000).An =
explanation of the new offences and the policy considerations concerned =
iscontained in thereport on Chapter4 (Damageand =
computeroffences)oftheModelCriminal Code Officers Committee. Schedule 2 =
contains an amendment to the Criminal Procedure Act 1986 that =
isconsequential on the amendments contained in Schedule 1. The =
amendmentprovides that all of the new computer offences that are =
indictable and carry amaximum penalty of 10 years imprisonment or less =
are to be disposed ofsummarily (with a maximum penalty of 2 years =
imprisonment) unless theprosecuting authority or the accused otherwise =
elects.
-------------------------------------------------------------------------=
-------
Page 4=20
b01-024-p02.801First printNew South Wales Crimes Amendment =
(ComputerOffences) Bill 2001ContentsPage1 Name of Act22 Commencement23 =
Amendment of Crimes Act 1900 No 4024 Amendment of Criminal Procedure Act =
1986 No 2092Schedules1 Amendment of Crimes Act 1900 32 Amendment of =
Criminal Procedure Act 198610
-------------------------------------------------------------------------=
-------
Page 5=20
New South Wales Crimes Amendment (ComputerOffences) Bill 2001No , 2001A =
Bill forAn Act to amend the Crimes Act 1900 and the Criminal Procedure =
Act 1986 withrespect to computer offences.
-------------------------------------------------------------------------=
-------
Page 6=20
Clause 1Crimes Amendment (Computer Offences) Bill 2001Page 2The =
Legislature of New South Wales enacts:11 Name of Act2This Act is the =
Crimes Amendment (Computer Offences) Act 2001.32 Commencement4This Act =
commences on a day to be appointed by proclamation.53 Amendment of =
Crimes Act 1900 No 406The Crimes Act 1900 is amended as set out in =
Schedule 1.74 Amendment of Criminal Procedure Act 1986 No 2098The =
Criminal ProcedureAct 1986is amended asset out in Schedule2.9
-------------------------------------------------------------------------=
-------
Page 7=20
Crimes Amendment (Computer Offences) Bill 2001Amendment of Crimes Act =
1900 Schedule 1Page 3Schedule 1 Amendment of Crimes Act 1900 1(Section =
3)2[1] Part 63Omit the Part. Insert instead:4Part 6 Computer =
offences5308 General definitions6In this Part:7computer offence =
means:8(a)an offence against this Part, or9(b)conduct in another =
jurisdiction that is an offence in that10jurisdiction and that would =
constitute an offence against11this Part if the conduct occurred in this =
jurisdiction.12data includes:13(a)information in any form, or14(b)any =
program (or part of a program).15data held in a computer =
includes:16(a)data entered or copied into the computer, or17(b)data held =
in any removable data storage device for the18time being in the =
computer, or19(c)data held in a data storage device on a =
computer20network of which the computer forms part.21data storage device =
means anything(for example a disk or file22server) containing or =
designed to contain data for use by a23computer.24electronic =
communication means a communication of25information in any form by means =
of guided or unguided26electromagnetic energy.27
-------------------------------------------------------------------------=
-------
Page 8=20
Crimes Amendment (Computer Offences) Bill 2001Schedule 1Amendment of =
Crimes Act 1900 Page 4308A Meaning of access to data, modification of =
data and impairment1of electronic communication2(1) In this Part, access =
to data held in a computer means:3(a)the display of the data by the =
computer or any other4output of the data from the computer, or5(b)the =
copying or moving of the data to any other place in6the computer or to a =
data storage device, or7(c)inthe case ofa program=97the execution ofthe =
program.8(2) In this Part, modification of data held in a computer =
means:9(a)the alteration or removal of the data, or10(b)an addition to =
the data.11(3) In this Part, impairment of electronic communication to =
or12from a computer includes:13(a)the prevention of any such =
communication, or14(b)the impairment of any such communication on =
an15electronic link or network used by the computer,16but does not =
include a mere interception of any such17communication.18(4) A reference =
in this Part to any such access, modification or19impairment is limited =
to access, modification or impairment20caused (whether directly or =
indirectly) by the execution of a21function of a computer.22308B Meaning =
of unauthorised access, modification or impairment23(1) For the purposes =
of this Part, access to or modification of data,24or impairment of =
electronic communication, by a person is25unauthorised if the person is =
not entitled to cause that access,26modification or impairment.27(2) Any =
such access, modification or impairment is =
not28unauthorisedmerelybecause the personhas anulteriorpurpose29for that =
action.30(3) For the purposes of an offence under this Part, a person =
causes31any such unauthorised access, modification or impairment if32the =
person=92s conduct substantially contributes to the33unauthorised =
access, modification or impairment.34
-------------------------------------------------------------------------=
-------
Page 9=20
Crimes Amendment (Computer Offences) Bill 2001Amendment of Crimes Act =
1900 Schedule 1Page 5308C Unauthorised access, modification or =
impairment with intent to1commit serious indictable offence2(1) A person =
who causes any unauthorised computer function:3(a)knowing it is =
unauthorised, and4(b)with the intention of committing a serious =
indictable5offence, or facilitating the commission of a =
serious6indictable offence (whether bythe person or =
byanother7person),8is guilty of an offence.9Maximum penalty: The maximum =
penalty applicable if the10person had committed, or facilitated the =
commission of, the11serious indictable offence in this =
jurisdiction.12(2) For the purposes of this section, an unauthorised =
computer13function is:14(a)any unauthorised access to data held in any =
computer,15or16(b)any unauthorised modification of data held in =
any17computer, or18(c)any unauthorised impairment of =
electronic19communication to or from any computer.20(3) For the purposes =
of this section, a serious indictable offence21includes an offence in =
any other jurisdiction that would be a22serious indictable offence if =
committed in this jurisdiction.23(4) A person may be found guilty of an =
offence against this24section:25(a)even if committing the serious =
indictable offence26concerned is impossible, or27(b)whether the serious =
indictable offence is to be28committed at the time of the unauthorised =
conduct or at29a later time.30(5) It is not an offence to attempt to =
commit an offence against this31section.32
-------------------------------------------------------------------------=
-------
Page 10=20
Crimes Amendment (Computer Offences) Bill 2001Schedule 1Amendment of =
Crimes Act 1900 Page 6308D Unauthorised modification of data with intent =
to cause1impairment2(1) A person who:3(a)causes any unauthorised =
modification of data held in a4computer, and5(b)knows that the =
modification is unauthorised, and6(c)intends by the modification to =
impair access to, or to7impair the reliability, security or operation =
of, any data8held in a computer, or who is reckless as to any =
such9impairment,10is guilty of an offence.11Maximum penalty: =
Imprisonment for 10 years.12(2) Aconviction foranoffenceagainst this =
section is analternative13verdict to a charge for:14(a)an offence =
against section 195 (Maliciously destroying15or damaging property), =
or16(b)an offence against section 308E (Unauthorised17impairment of =
electronic communication).18308E Unauthorised impairment of electronic =
communication19(1) A person who:20(a)causes any unauthorised impairment =
of electronic21communication to or from a computer, and 22(b)knows that =
the impairment is unauthorised, and23(c)intends to impair electronic =
communication to or from24the computer, or who is reckless as to any =
such25impairment,26is guilty of an offence.27Maximum penalty: =
Imprisonment for 10 years.28(2) Aconviction foranoffenceagainst this =
section is analternative29verdict to a charge for:30(a)an offence =
against section 195 (Maliciously destroying31or damaging property), =
or32(b)an offence against section 308D (Unauthorised33modification of =
data with intent to cause impairment).34
-------------------------------------------------------------------------=
-------
Page 11=20
Crimes Amendment (Computer Offences) Bill 2001Amendment of Crimes Act =
1900 Schedule 1Page 7308F Possession of data with intent to commit =
computer offence1(1) A person who is in possession or control of =
data:2(a)with the intention of committinga computer offence, or3(b)with =
the intention of facilitating the commission of a4computer offence =
(whether by the person or by another5person),6is guilty of an =
offence.7Maximum penalty: Imprisonment for 3 years.8(2) For the purposes =
of this section, possession or control of data9includes:10(a)possession =
of a computer ordatastoragedeviceholding11or containing the data or of a =
document in which the12data is recorded, and13(b)control of data held in =
a computer that is in the14possession of another person (whether the =
computer is15in this jurisdiction or outside this jurisdiction).16(3) A =
person maybe found guiltyof an offence against this section17even if =
committing the computer offence concerned is18impossible.19(4) It is not =
an offence to attempt to commit an offence against this20section.21308G =
Producing, supplying or obtaining data with intent to commit22computer =
offence23(1) A person who produces, supplies or obtains data:24(a)with =
the intention of committinga computer offence, or25(b)with the intention =
of facilitating the commission of a26computer offence (whether by the =
person or by another27person),28is guilty of an offence.29Maximum =
penalty: Imprisonment for 3 years.30(2) For the purposes of this =
section, produce, supply or obtain31data includes:32(a)produce, supply =
or obtain data held or contained in a33computer or data storage device, =
or34
-------------------------------------------------------------------------=
-------
Page 12=20
Crimes Amendment (Computer Offences) Bill 2001Schedule 1Amendment of =
Crimes Act 1900 Page 8(b)produce, supplyor obtain a document in which =
the data1is recorded.2(3) A person maybe found guiltyof an offence =
against this section3even if committing the computer offence concerned =
is4impossible.5308H Unauthorised access to or modification of restricted =
data held6in computer (summary offence)7(1) A person:8(a)who causes any =
unauthorised access to or modification9of restricted data held in a =
computer, and10(b)who knows that the access or modification =
is11unauthorised, and12(c)who intends to cause that access or =
modification,13is guilty of an offence.14Maximum penalty: Imprisonment =
for 2 years.15(2) An offence against this section is a summary =
offence.16(3) In this section:17restricted data means data held in a =
computer to which access18is restricted by an access control system =
associated with a19function of the computer.20308I Unauthorised =
impairment of data held in computer disk, credit21card or other device =
(summary offence)22(1) A person:23(a)who causes any unauthorised =
impairment of the24reliability, security or operation of any data held =
on a25computer disk, credit card or other device used to store26data by =
electronic means, and27(b)who knows that the impairment is unauthorised, =
and28(c)who intends to cause that impairment,29is guilty of an =
offence.30Maximum penalty: Imprisonment for 2 years.31(2) An offence =
against this section is a summary offence.32
-------------------------------------------------------------------------=
-------
Page 13=20
Crimes Amendment (Computer Offences) Bill 2001Amendment of Crimes Act =
1900 Schedule 1Page 9(3) For the purposes of this section, impairment of =
the reliability,1security or operation of data is unauthorised if the =
person is2not entitled to cause that impairment.3[2] Section 428B =
Offences of specific intent to which Part applies4Omit from the Table to =
the section the matter relating to section 309 (2).5
-------------------------------------------------------------------------=
-------
Page 14=20
Crimes Amendment (Computer Offences) Bill 2001Schedule 2Amendment of =
Criminal Procedure Act 1986Page 10Schedule 2 Amendment of Criminal =
Procedure1Act 19862(Section 4)3Schedule 1 Indictable offences triable =
summarily4Omit =93section 309 (2),(3)or(4)or310=94fromitem14 ofTable1 =
(Indictable5offences to be dealt with summarily unless prosecuting =
authority or person6charged elects otherwise).7Insert instead =93section =
308C (where the serious indictable offence to be8committed is punishable =
byimprisonment for10 years orless),308D,308E,9308F or =
308G=94.10310Damaging data in computer10 years and/or1,000 penalty =
units309 (1)Unlawful access to data in computer6 months and/or 50penalty =
units309 (2)Unlawful access to data in computer=97intent =
todefraud/dishonestly obtain benefit or causeloss/injury2 years and/or =
500penalty units309 (3)Unlawful access to data in =
computer=97knowledgedata is confidential2 years and/or 500penalty =
units309 (4)Continue to examine data in computer=97oughtreasonably to =
know data confidential2 years and/or 500penalty units
-------------------------------------------------------------------------=
-------
Page 3=20
Crimes Amendment (Computer Offences) Bill 2001Explanatory =
noteExplanatory note page 3Those computer offences are to be replaced by =
the following computer offences:SectionOffenceMax penalty308CCause =
unauthorised computer function withintention to commit serious offence =
(comprisingunauthorised access to data, unauthorisedmodification of data =
or unauthorised impairment ofelectronic communication)The maximumpenalty =
applicablefor commission ofserious indictableoffence308DUnauthorised =
modification of data with intent tocause impairment10 =
years308EUnauthorised impairment of electroniccommunication to or from =
computer10 years308FPossession of data with intent to commit =
computeroffence3 years308GProducing, supplying or obtaining data with =
intentto commit computer offence3 years308HUnauthorised access to or =
modification ofrestricted data in computer (summary offence)2 =
years308IUnauthorised impairment of data held in computerdisk, credit =
card or other device (summary offence)2 yearsUnder sections 15 and 16 of =
the Crimes (Sentencing Procedure) Act 1999, thecourt mayimpose a fine =
for anysuch offence instead of or in addition to a sentenceof =
imprisonment, namely 1,000 penalty units (currently $110,000) or, in the =
caseof a corporation, 2,000 penalty units (currently $220,000).An =
explanation of the new offences and the policy considerations concerned =
iscontained in thereport on Chapter4 (Damageand =
computeroffences)oftheModelCriminal Code Officers Committee. Schedule 2 =
contains an amendment to the Criminal Procedure Act 1986 that =
isconsequential on the amendments contained in Schedule 1. The =
amendmentprovides that all of the new computer offences that are =
indictable and carry amaximum penalty of 10 years imprisonment or less =
are to be disposed ofsummarily (with a maximum penalty of 2 years =
imprisonment) unless theprosecuting authority or the accused otherwise =
elects.
-------------------------------------------------------------------------=
-------
Page 4=20
b01-024-p02.801First printNew South Wales Crimes Amendment =
(ComputerOffences) Bill 2001ContentsPage1 Name of Act22 Commencement23 =
Amendment of Crimes Act 1900 No 4024 Amendment of Criminal Procedure Act =
1986 No 2092Schedules1 Amendment of Crimes Act 1900 32 Amendment of =
Criminal Procedure Act 198610
-------------------------------------------------------------------------=
-------
Page 5=20
New South Wales Crimes Amendment (ComputerOffences) Bill 2001No , 2001A =
Bill forAn Act to amend the Crimes Act 1900 and the Criminal Procedure =
Act 1986 withrespect to computer offences.
-------------------------------------------------------------------------=
-------
Page 6=20
Clause 1Crimes Amendment (Computer Offences) Bill 2001Page 2The =
Legislature of New South Wales enacts:11 Name of Act2This Act is the =
Crimes Amendment (Computer Offences) Act 2001.32 Commencement4This Act =
commences on a day to be appointed by proclamation.53 Amendment of =
Crimes Act 1900 No 406The Crimes Act 1900 is amended as set out in =
Schedule 1.74 Amendment of Criminal Procedure Act 1986 No 2098The =
Criminal ProcedureAct 1986is amended asset out in Schedule2.9
-------------------------------------------------------------------------=
-------
Page 7=20
Crimes Amendment (Computer Offences) Bill 2001Amendment of Crimes Act =
1900 Schedule 1Page 3Schedule 1 Amendment of Crimes Act 1900 1(Section =
3)2[1] Part 63Omit the Part. Insert instead:4Part 6 Computer =
offences5308 General definitions6In this Part:7computer offence =
means:8(a)an offence against this Part, or9(b)conduct in another =
jurisdiction that is an offence in that10jurisdiction and that would =
constitute an offence against11this Part if the conduct occurred in this =
jurisdiction.12data includes:13(a)information in any form, or14(b)any =
program (or part of a program).15data held in a computer =
includes:16(a)data entered or copied into the computer, or17(b)data held =
in any removable data storage device for the18time being in the =
computer, or19(c)data held in a data storage device on a =
computer20network of which the computer forms part.21data storage device =
means anything(for example a disk or file22server) containing or =
designed to contain data for use by a23computer.24electronic =
communication means a communication of25information in any form by means =
of guided or unguided26electromagnetic energy.27
-------------------------------------------------------------------------=
-------
Page 8=20
Crimes Amendment (Computer Offences) Bill 2001Schedule 1Amendment of =
Crimes Act 1900 Page 4308A Meaning of access to data, modification of =
data and impairment1of electronic communication2(1) In this Part, access =
to data held in a computer means:3(a)the display of the data by the =
computer or any other4output of the data from the computer, or5(b)the =
copying or moving of the data to any other place in6the computer or to a =
data storage device, or7(c)inthe case ofa program=97the execution ofthe =
program.8(2) In this Part, modification of data held in a computer =
means:9(a)the alteration or removal of the data, or10(b)an addition to =
the data.11(3) In this Part, impairment of electronic communication to =
or12from a computer includes:13(a)the prevention of any such =
communication, or14(b)the impairment of any such communication on =
an15electronic link or network used by the computer,16but does not =
include a mere interception of any such17communication.18(4) A reference =
in this Part to any such access, modification or19impairment is limited =
to access, modification or impairment20caused (whether directly or =
indirectly) by the execution of a21function of a computer.22308B Meaning =
of unauthorised access, modification or impairment23(1) For the purposes =
of this Part, access to or modification of data,24or impairment of =
electronic communication, by a person is25unauthorised if the person is =
not entitled to cause that access,26modification or impairment.27(2) Any =
such access, modification or impairment is =
not28unauthorisedmerelybecause the personhas anulteriorpurpose29for that =
action.30(3) For the purposes of an offence under this Part, a person =
causes31any such unauthorised access, modification or impairment if32the =
person=92s conduct substantially contributes to the33unauthorised =
access, modification or impairment.34
-------------------------------------------------------------------------=
-------
Page 9=20
Crimes Amendment (Computer Offences) Bill 2001Amendment of Crimes Act =
1900 Schedule 1Page 5308C Unauthorised access, modification or =
impairment with intent to1commit serious indictable offence2(1) A person =
who causes any unauthorised computer function:3(a)knowing it is =
unauthorised, and4(b)with the intention of committing a serious =
indictable5offence, or facilitating the commission of a =
serious6indictable offence (whether bythe person or =
byanother7person),8is guilty of an offence.9Maximum penalty: The maximum =
penalty applicable if the10person had committed, or facilitated the =
commission of, the11serious indictable offence in this =
jurisdiction.12(2) For the purposes of this section, an unauthorised =
computer13function is:14(a)any unauthorised access to data held in any =
computer,15or16(b)any unauthorised modification of data held in =
any17computer, or18(c)any unauthorised impairment of =
electronic19communication to or from any computer.20(3) For the purposes =
of this section, a serious indictable offence21includes an offence in =
any other jurisdiction that would be a22serious indictable offence if =
committed in this jurisdiction.23(4) A person may be found guilty of an =
offence against this24section:25(a)even if committing the serious =
indictable offence26concerned is impossible, or27(b)whether the serious =
indictable offence is to be28committed at the time of the unauthorised =
conduct or at29a later time.30(5) It is not an offence to attempt to =
commit an offence against this31section.32
-------------------------------------------------------------------------=
-------
Page 10=20
Crimes Amendment (Computer Offences) Bill 2001Schedule 1Amendment of =
Crimes Act 1900 Page 6308D Unauthorised modification of data with intent =
to cause1impairment2(1) A person who:3(a)causes any unauthorised =
modification of data held in a4computer, and5(b)knows that the =
modification is unauthorised, and6(c)intends by the modification to =
impair access to, or to7impair the reliability, security or operation =
of, any data8held in a computer, or who is reckless as to any =
such9impairment,10is guilty of an offence.11Maximum penalty: =
Imprisonment for 10 years.12(2) Aconviction foranoffenceagainst this =
section is analternative13verdict to a charge for:14(a)an offence =
against section 195 (Maliciously destroying15or damaging property), =
or16(b)an offence against section 308E (Unauthorised17impairment of =
electronic communication).18308E Unauthorised impairment of electronic =
communication19(1) A person who:20(a)causes any unauthorised impairment =
of electronic21communication to or from a computer, and 22(b)knows that =
the impairment is unauthorised, and23(c)intends to impair electronic =
communication to or from24the computer, or who is reckless as to any =
such25impairment,26is guilty of an offence.27Maximum penalty: =
Imprisonment for 10 years.28(2) Aconviction foranoffenceagainst this =
section is analternative29verdict to a charge for:30(a)an offence =
against section 195 (Maliciously destroying31or damaging property), =
or32(b)an offence against section 308D (Unauthorised33modification of =
data with intent to cause impairment).34
-------------------------------------------------------------------------=
-------
Page 11=20
Crimes Amendment (Computer Offences) Bill 2001Amendment of Crimes Act =
1900 Schedule 1Page 7308F Possession of data with intent to commit =
computer offence1(1) A person who is in possession or control of =
data:2(a)with the intention of committinga computer offence, or3(b)with =
the intention of facilitating the commission of a4computer offence =
(whether by the person or by another5person),6is guilty of an =
offence.7Maximum penalty: Imprisonment for 3 years.8(2) For the purposes =
of this section, possession or control of data9includes:10(a)possession =
of a computer ordatastoragedeviceholding11or containing the data or of a =
document in which the12data is recorded, and13(b)control of data held in =
a computer that is in the14possession of another person (whether the =
computer is15in this jurisdiction or outside this jurisdiction).16(3) A =
person maybe found guiltyof an offence against this section17even if =
committing the computer offence concerned is18impossible.19(4) It is not =
an offence to attempt to commit an offence against this20section.21308G =
Producing, supplying or obtaining data with intent to commit22computer =
offence23(1) A person who produces, supplies or obtains data:24(a)with =
the intention of committinga computer offence, or25(b)with the intention =
of facilitating the commission of a26computer offence (whether by the =
person or by another27person),28is guilty of an offence.29Maximum =
penalty: Imprisonment for 3 years.30(2) For the purposes of this =
section, produce, supply or obtain31data includes:32(a)produce, supply =
or obtain data held or contained in a33computer or data storage device, =
or34
-------------------------------------------------------------------------=
-------
Page 12=20
Crimes Amendment (Computer Offences) Bill 2001Schedule 1Amendment of =
Crimes Act 1900 Page 8(b)produce, supplyor obtain a document in which =
the data1is recorded.2(3) A person maybe found guiltyof an offence =
against this section3even if committing the computer offence concerned =
is4impossible.5308H Unauthorised access to or modification of restricted =
data held6in computer (summary offence)7(1) A person:8(a)who causes any =
unauthorised access to or modification9of restricted data held in a =
computer, and10(b)who knows that the access or modification =
is11unauthorised, and12(c)who intends to cause that access or =
modification,13is guilty of an offence.14Maximum penalty: Imprisonment =
for 2 years.15(2) An offence against this section is a summary =
offence.16(3) In this section:17restricted data means data held in a =
computer to which access18is restricted by an access control system =
associated with a19function of the computer.20308I Unauthorised =
impairment of data held in computer disk, credit21card or other device =
(summary offence)22(1) A person:23(a)who causes any unauthorised =
impairment of the24reliability, security or operation of any data held =
on a25computer disk, credit card or other device used to store26data by =
electronic means, and27(b)who knows that the impairment is unauthorised, =
and28(c)who intends to cause that impairment,29is guilty of an =
offence.30Maximum penalty: Imprisonment for 2 years.31(2) An offence =
against this section is a summary offence.32
-------------------------------------------------------------------------=
-------
Page 13=20
Crimes Amendment (Computer Offences) Bill 2001Amendment of Crimes Act =
1900 Schedule 1Page 9(3) For the purposes of this section, impairment of =
the reliability,1security or operation of data is unauthorised if the =
person is2not entitled to cause that impairment.3[2] Section 428B =
Offences of specific intent to which Part applies4Omit from the Table to =
the section the matter relating to section 309 (2).5
-------------------------------------------------------------------------=
-------
Page 14=20
Crimes Amendment (Computer Offences) Bill 2001Schedule 2Amendment of =
Criminal Procedure Act 1986Page 10Schedule 2 Amendment of Criminal =
Procedure1Act 19862(Section 4)3Schedule 1 Indictable offences triable =
summarily4Omit =93section 309 (2),(3)or(4)or310=94fromitem14 ofTable1 =
(Indictable5offences to be dealt with summarily unless prosecuting =
authority or person6charged elects otherwise).7Insert instead =93section =
308C (where the serious indictable offence to be8committed is punishable =
byimprisonment for10 years orless),308D,308E,9308F or 308G=94.10
--=20
-------------------------------------------------------------------------=
-------------------------
http://webdiary.smh.com.au/archives/...nt/001075.html
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D
"Robin Tucker" wrote in message =
...
=20
"To take action without their approval could be a criminal offense."
=20
=20
Please, this is completely incorrect. It may be against company =

policy (in=20
some companies), but it is certainly not illegal. Are you a member of =

the=20
administrators trades union or something?
=20
=20
=20
=20
=

-------------------------------------------------------------------------=
-------------------------
http://webdiary.smh.com.au/archives/...nt/001075.html
=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D
"Robin Tucker" wrote in message=20
...
Yes, it is company property. No, I am not asking that MY PERSONAL
INFORMATION be locked down. The administrators should not have the =

right=20
to
view any/all information, some of which is potentially confidential =

such=20
as,
for example, Personel Records. No I am not a n00b sitting in a =

cubicle
passing wind every 30 seconds. I am genuiunely asking this question, =

for
the purposes of security of personal information. How can we allow
administration of a network/domain, but protect information from =

prying
eyes, be they administrators or not.

Thankyou.



"Galen" wrote in message =20
...
In ,
Robin Tucker had this to say:

My reply is at the bottom of your sent message:

Hi,

I would like to be able to log access to my folders from the =

network.
That is, I want to know when an administrator has accessed my =

drive. I
have private/confidential information on my PC and do not want
administrators to be able to access it, unless I give explicit
permission. How can I achieve this?

Thanks,


Robin.

As has been mentioned by David Candy, ask them. If you have, as it =

seems,
administrators then the implication is that the PC doesn't belong to =

you.
Private/confidential information should not really be kept on =

property=20
not
belonging to you and the company has a right (and perhaps and =

obligation)
to monitor the contents of their property. Given that they're the =

admins
and likely able to access your account at any time (and probably =

have
rules regarding third party software installations) your best bet =

would=20
be
to accept that anything you put on the work computer belongs, by =

default,
to the company or at least gives them rights to access it with or =

without
your consent.

Your personal computing should probably be done at home -- if you =

want to
keep your job. More and more companies, for various reasons, are =

starting
to not only monitor internet access but files on their PCs. With the
increase in various regulations (Sarbox, HIPPA, etc) it's in your =

best
interest to really keep your personal, private, and confidential =

data on=20
a
system that you are the only administrator of. Note that this is =

mostly a
U.S. thing though the EU and surely other countries have similar=20
policies.

Galen
--=20

"You know that a conjurer gets no credit when once he has explained =

his
trick; and if I show you too much of my method of working, you will
come to the conclusion that I am a very ordinary individual after =

all."

Sherlock Holmes


=20

=20

  #12  
Old August 30th 05, 04:36 PM
David Candy
external usenet poster
 
Posts: n/a
Default

What's the point of this. It's exactly the same as if you don't do =
anything (you'll kmow if they access it). Talk to your admins, this is =
admins area of professional expertise. And unlike silly girls out of =
their depths they'll consider lots of other factors incl data recovery.





--=20
-------------------------------------------------------------------------=
-------------------------
http://webdiary.smh.com.au/archives/...nt/001075.html
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D
"Robin Tucker" wrote in message =
...
=20
Yes indeed they can. But a reset password will give me some =

indication that=20
this has been done.
=20
Note: I am not seeking to make sure this information *cannot ever be =

access=20
by any administrator at any time*, I am merely wanting such =

information to=20
be accessed with my or my managers permission in such circumstances as =

this=20
may be neccessary. With this method, my manager can, if required gain =


access to the data by asking the administrator to reset the password.
=20
=20
=20
"David Candy" . wrote in message=20
...
Admins can take ownership of any file. File permissions won't help. =

Admins=20
can reset the user's password and login and access encrypted files.
=20
--=20
=

-------------------------------------------------------------------------=
-------------------------
http://webdiary.smh.com.au/archives/...nt/001075.html
=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D
"Brian Cryer" wrote in message=20
...
"Robin Tucker" wrote in message
...
Hi,

I would like to be able to log access to my folders from the =

network.
That is, I want to know when an administrator has accessed my drive. =

I
have private/confidential information on my PC and do not want
administrators to be able to access it, unless I give explicit=20
permission.
How can I achieve this?

Thanks,


Robin.


Robin,

I don't think you can log access to folders. I've certainly not come=20
across
a way to do it.

In terms of preventing administrators or any others from accessing =

your
folders, there are a few options:

1. Use file permissions. Using windows explorer, right click the =

folder=20
you
want to protect, select properties. Then on the "Security" tab you =

have
control over who has permissions to view, edit, etc on the folder. To =

stop
system administrators I think you will need to revoke access to
"Administrators". But review each of the permissions because I think =

the
logic is to grant access to someone if they have access via any of =

the
accounts/groups listed. You will also need to consider permissions on =

the
files themselves. If you can't view or change the security =

permissions=20
then
its likely that the system administrators have locked this out - =

after=20
all,
fiddling with the file permissions in say the windows folder and you =

could
break your system.

2. Encrypt your files. If you have your disk formatted NTFS then you =

can
encrypt files (file properties general Advanced), but if you =

encrypt a
file then I think that only you can read it - which isn't any good if =

you
need to share the file with anyone else.

Hope this helps,

Brian.

www.cryer.co.uk/brian

=20

=20

  #13  
Old August 30th 05, 04:41 PM
Galen
external usenet poster
 
Posts: n/a
Default

In ,
Robin Tucker had this to say:

My reply is at the bottom of your sent message:

Yes, it is company property. No, I am not asking that MY PERSONAL
INFORMATION be locked down. The administrators should not have the
right to view any/all information, some of which is potentially
confidential such as, for example, Personel Records. No I am not a
n00b sitting in a cubicle passing wind every 30 seconds. I am
genuiunely asking this question, for the purposes of security of
personal information. How can we allow administration of a
network/domain, but protect information from prying eyes, be they
administrators or not.
Thankyou.



"Galen" wrote in message
...
In ,
Robin Tucker had this to say:

My reply is at the bottom of your sent message:

Hi,

I would like to be able to log access to my folders from the
network. That is, I want to know when an administrator has accessed
my drive. I have private/confidential information on my PC and do
not want administrators to be able to access it, unless I give
explicit permission. How can I achieve this?

Thanks,


Robin.


As has been mentioned by David Candy, ask them. If you have, as it
seems, administrators then the implication is that the PC doesn't
belong to you. Private/confidential information should not really be
kept on property not belonging to you and the company has a right
(and perhaps and obligation) to monitor the contents of their
property. Given that they're the admins and likely able to access
your account at any time (and probably have rules regarding third
party software installations) your best bet would be to accept that
anything you put on the work computer belongs, by default, to the
company or at least gives them rights to access it with or without
your consent. Your personal computing should probably be done at home --
if you
want to keep your job. More and more companies, for various reasons,
are starting to not only monitor internet access but files on their
PCs. With the increase in various regulations (Sarbox, HIPPA, etc)
it's in your best interest to really keep your personal, private,
and confidential data on a system that you are the only
administrator of. Note that this is mostly a U.S. thing though the
EU and surely other countries have similar policies. Galen
--

"You know that a conjurer gets no credit when once he has explained
his trick; and if I show you too much of my method of working, you
will come to the conclusion that I am a very ordinary individual after
all." Sherlock Holmes


As has been pointed out already you really can't. The admin can simply take
your account, kill your password, use your encrypted files, and take
ownership of any file they want. Depending on whom you work for or where you
live I'd contend that they CAN do so without prior notice legally. There's
the moral issue but, well, the PC doesn't belong to you. In my country, the
USA, they don't need your permission to look at the computer's files - they
need the permission of the owner of the computer.

One of the main concerns here is that you'd want to be able to allow these
same admins, whom you're trying to keep out, to be able to recover your PC
and it's information in the event of failure. If the problem is trust then
perhaps you need better admins or an established corporate policy dealing
with this. A third party encryption tool (properly used with a strong
password and at least 128 bit encryption) would do you well and if allowed
to be configured/installed would suit your needs. Again, this likely
violates any policy you may have in place or certainly makes the admin's job
more difficult when things go corrupted/kabloey and you need recovery. Who
then, for instance, would you trust to be the person to hold the second copy
of the key for opening these files? The admin or a sticky pad stuck to the
underside of your desk?

Following the directions below, using encryption and file permissions, is
just false security. Any admin worth their salt still has complete access.
It might take an extra two or three minutes to figure out what you've done
but, well, fortunately encrypted files come pre-colored so you know which
ones they are. Grabbing ownership of a file is all of thirty seconds work at
best. Installing a third party encryption tool without sanction from your
boss is a "sackable" offense. Failure to provide a fail-safe should that
encrypted file become corrupt is also a fireable offense too.

The best options are to ask the admin and your supervisor. Write up an email
and CC it to both your boss and the head of your IT Department describing
what you want to do, why, and your goals. Your goals being pretty simple
(and honorable from my perspective) in that you're trying to keep
personal/HR-type data private for the sake of the employees? Explaining that
and finding a compromise is the goal - not complete usurpation of ability
(nor false sense of security) which is sure to result in disciplinary
actions in any reputable business. Please don't think for a minute that I
don't think you're justified in your ideals but rather your methods are
subject to some very basic flaws which I believe I've covered above.

Galen
--

"You know that a conjurer gets no credit when once he has explained his
trick; and if I show you too much of my method of working, you will
come to the conclusion that I am a very ordinary individual after all."

Sherlock Holmes


  #14  
Old August 30th 05, 04:45 PM
Robin Tucker
external usenet poster
 
Posts: n/a
Default

Listen, no I'm not trying to hack anything! If I were, my question would
be, "how can I gain access to xyz", not "how can I prevent access to xyz".

Also consider that on our system, we do not have such "anal" control. Our 2
System administrators are there to secure our firewall, audit software
installed and ensure all users have up to date anti-virus. Their main task
is providing network and application support. However, one of these people
used to run a "packet sniffer" on the network (before we moved over to
switches) in order to snoop on other peoples email. This, I might add, was
before he was an administrator (he admitted it in the pub one evening so I
have been told).

Now, I do not feel comfortable with any information on my system, some of
which YES may be personal, being accessible by this "snoop". Company policy
does not dictate he audit my machine for anything other than software
installed that should not be. So, I want to secure my "Documents and
Settings", which may contain among other things, email correspondance
between myself and my managers or other collegues and some confidential
documents.

I am mainly interested in preventing casual snooping on my system. I have
no interest in locking the administrators out completely.


"David Candy" . wrote in message
...
It would be where I live (one cannot change a single byte on a computer
without permission or 5 years goal). Why do you want to ask people who don't
know rather than the experts in your company? You can't stop an admin.
That's the whole purpose of admins. But nor can the admin do it secretly.
One suggestion you have been given I would sack you on the spot as it
threatens the survival of the company.

Sure you aren't trying to hack into these files.

--
--------------------------------------------------------------------------------------------------
http://webdiary.smh.com.au/archives/...nt/001075.html
=================================================
"Robin Tucker" wrote in message
...

"To take action without their approval could be a criminal offense."


Please, this is completely incorrect. It may be against company policy
(in
some companies), but it is certainly not illegal. Are you a member of the
administrators trades union or something?




--------------------------------------------------------------------------------------------------
http://webdiary.smh.com.au/archives/...nt/001075.html
=================================================
"Robin Tucker" wrote in message
...
Yes, it is company property. No, I am not asking that MY PERSONAL
INFORMATION be locked down. The administrators should not have the right
to
view any/all information, some of which is potentially confidential such
as,
for example, Personel Records. No I am not a n00b sitting in a cubicle
passing wind every 30 seconds. I am genuiunely asking this question, for
the purposes of security of personal information. How can we allow
administration of a network/domain, but protect information from prying
eyes, be they administrators or not.

Thankyou.



"Galen" wrote in message
...
In ,
Robin Tucker had this to say:

My reply is at the bottom of your sent message:

Hi,

I would like to be able to log access to my folders from the network.
That is, I want to know when an administrator has accessed my drive. I
have private/confidential information on my PC and do not want
administrators to be able to access it, unless I give explicit
permission. How can I achieve this?

Thanks,


Robin.

As has been mentioned by David Candy, ask them. If you have, as it
seems,
administrators then the implication is that the PC doesn't belong to
you.
Private/confidential information should not really be kept on property
not
belonging to you and the company has a right (and perhaps and
obligation)
to monitor the contents of their property. Given that they're the admins
and likely able to access your account at any time (and probably have
rules regarding third party software installations) your best bet would
be
to accept that anything you put on the work computer belongs, by
default,
to the company or at least gives them rights to access it with or
without
your consent.

Your personal computing should probably be done at home -- if you want
to
keep your job. More and more companies, for various reasons, are
starting
to not only monitor internet access but files on their PCs. With the
increase in various regulations (Sarbox, HIPPA, etc) it's in your best
interest to really keep your personal, private, and confidential data on
a
system that you are the only administrator of. Note that this is mostly
a
U.S. thing though the EU and surely other countries have similar
policies.

Galen
--

"You know that a conjurer gets no credit when once he has explained his
trick; and if I show you too much of my method of working, you will
come to the conclusion that I am a very ordinary individual after all."

Sherlock Holmes







  #15  
Old August 30th 05, 05:32 PM
David Candy
external usenet poster
 
Posts: n/a
Default

Well it's like that now. He can't access the files secretly. On domains =
admins don't get permissions to users accounts. Therefore he has to use =
special admin powers, but he has to take ownership away from you to do =
so. You cannot give ownership only take it (so s/he can't set it back). =
Likewise with passwords, admins can reset but not know what it was so =
they can't set it the same.

Admins are accountable.=20

But windows security only works when it is running. Therefore physical =
security is essential. Encryption is for computers where physical =
security cannot be assured (like with laptops). I lock servers in =
cupboards as the most likely threat is theft of the computer (if you =
really want some data it is best to steal the computer). But encryption =
requires plenty of thought from your admins. There are lots of posts =
here of people forever losing data by encryption.

If he ran a physical network sniffer nothing can stop him. However only =
admins can install a computer program sniffer (but there are things one =
can do).

I'm uncertain if your admin is the biggest or smallest security flaw. =
While he should be sacked least you know who the enemy is, and he CAN'T =
betray your trust (as you have none in him). More dangerous is someone =
you trust.

The traditional way to steal secrets is to turn someone if you don't =
have physical access by some nice man offering compliements, then large =
cash gifts, untill you are compromised. With physical access they will =
go through your rubbish (at home and work) to look for password/username =
hints.

I'd bring these issues out into the open as you should not be setting =
security policy and if you can't trust the admins too ...
--=20
-------------------------------------------------------------------------=
-------------------------
http://webdiary.smh.com.au/archives/...nt/001075.html
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D
"Robin Tucker" wrote in message =
...
Listen, no I'm not trying to hack anything! If I were, my question =

would=20
be, "how can I gain access to xyz", not "how can I prevent access to =

xyz".
=20
Also consider that on our system, we do not have such "anal" control. =

Our 2=20
System administrators are there to secure our firewall, audit software =


installed and ensure all users have up to date anti-virus. Their main =

task=20
is providing network and application support. However, one of these =

people=20
used to run a "packet sniffer" on the network (before we moved over to =


switches) in order to snoop on other peoples email. This, I might =

add, was=20
before he was an administrator (he admitted it in the pub one evening =

so I=20
have been told).
=20
Now, I do not feel comfortable with any information on my system, some =

of=20
which YES may be personal, being accessible by this "snoop". Company =

policy=20
does not dictate he audit my machine for anything other than software=20
installed that should not be. So, I want to secure my "Documents and=20
Settings", which may contain among other things, email correspondance=20
between myself and my managers or other collegues and some =

confidential=20
documents.
=20
I am mainly interested in preventing casual snooping on my system. I =

have=20
no interest in locking the administrators out completely.
=20
=20
"David Candy" . wrote in message=20
...
It would be where I live (one cannot change a single byte on a =

computer=20
without permission or 5 years goal). Why do you want to ask people who =

don't=20
know rather than the experts in your company? You can't stop an admin. =


That's the whole purpose of admins. But nor can the admin do it =

secretly.=20
One suggestion you have been given I would sack you on the spot as it=20
threatens the survival of the company.
=20
Sure you aren't trying to hack into these files.
=20
--=20
=

-------------------------------------------------------------------------=
-------------------------
http://webdiary.smh.com.au/archives/...nt/001075.html
=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D
"Robin Tucker" wrote in message=20
...

"To take action without their approval could be a criminal offense."


Please, this is completely incorrect. It may be against company =

policy=20
(in
some companies), but it is certainly not illegal. Are you a member =

of the
administrators trades union or something?




=

-------------------------------------------------------------------------=
-------------------------
http://webdiary.smh.com.au/archives/...nt/001075.html
=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D
"Robin Tucker" wrote in message
...
Yes, it is company property. No, I am not asking that MY PERSONAL
INFORMATION be locked down. The administrators should not have the =

right
to
view any/all information, some of which is potentially confidential =

such
as,
for example, Personel Records. No I am not a n00b sitting in a =

cubicle
passing wind every 30 seconds. I am genuiunely asking this =

question, for
the purposes of security of personal information. How can we allow
administration of a network/domain, but protect information from =

prying
eyes, be they administrators or not.

Thankyou.



"Galen" wrote in message
...
In ,
Robin Tucker had this to say:

My reply is at the bottom of your sent message:

Hi,

I would like to be able to log access to my folders from the =

network.
That is, I want to know when an administrator has accessed my =

drive. I
have private/confidential information on my PC and do not want
administrators to be able to access it, unless I give explicit
permission. How can I achieve this?

Thanks,


Robin.

As has been mentioned by David Candy, ask them. If you have, as it=20
seems,
administrators then the implication is that the PC doesn't belong =

to=20
you.
Private/confidential information should not really be kept on =

property
not
belonging to you and the company has a right (and perhaps and=20
obligation)
to monitor the contents of their property. Given that they're the =

admins
and likely able to access your account at any time (and probably =

have
rules regarding third party software installations) your best bet =

would
be
to accept that anything you put on the work computer belongs, by=20
default,
to the company or at least gives them rights to access it with or=20
without
your consent.

Your personal computing should probably be done at home -- if you =

want=20
to
keep your job. More and more companies, for various reasons, are=20
starting
to not only monitor internet access but files on their PCs. With =

the
increase in various regulations (Sarbox, HIPPA, etc) it's in your =

best
interest to really keep your personal, private, and confidential =

data on
a
system that you are the only administrator of. Note that this is =

mostly=20
a
U.S. thing though the EU and surely other countries have similar
policies.

Galen
--=20

"You know that a conjurer gets no credit when once he has explained =

his
trick; and if I show you too much of my method of working, you will
come to the conclusion that I am a very ordinary individual after =

all."

Sherlock Holmes




=20

=20

 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
can't access networked computers - with authorisation ashecorven Windows XP Help and Support 7 August 25th 05 04:02 PM
Set XP User Accounts to prevent access to certain programs maluchic86 General XP issues or comments 1 March 18th 05 09:12 PM
Unidentifiable Programs Attempting Internet Access cwadss Networking and the Internet with Windows XP 1 March 10th 05 06:16 PM
Host Computer with ICS cannot be accessed Kass Networking and the Internet with Windows XP 21 October 29th 04 08:52 PM
Unable to access internet with MSIE L Yearwood Windows XP Help and Support 1 October 6th 04 06:01 PM






All times are GMT +1. The time now is 06:09 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.