Security and Privacy
Unix offers relatively good security for your data, as long as you can trust the people managing the system and as long as you are sure that no unauthorized people can get physical access to the devices storing and transporting your data.
Unfortunately you can not generally assume that the conditions stated above are met. eMail, for example, is usually being transported over various computer systems until it reaches the final recipient and can thus be eavesdropped at on these intermediate systems or even directly on the network connections in between.
You should therefore consider using additional protective measures depending on your security and privacy needs. The following section describes a few tools that can be used in this area.
Please be aware of the rules governing the use of our computer systems. We consider hacking in or through our systems or the abuse of other people or their privacy and integrity with our systems as serious breach of trust.
Security Tools
A very efficient methode to get to other peoples data is to guess their password. This is especially simple is the password is sent 'as plaintext' over the network. Most classic internet protocols do just this (telnet, rsh, ftp, rlogin, http, ...). This is OK as long as you live in a friendly environment. For real world applications outside your flat, it is sensible to use some sort of encryption for password protected internet connections. Especially when you use an ISP to connect to your ETH account this is very important. There is one product which is used quite often for this problem. It is called Secure Shell (ssh) and works essentially similar to rsh from the users point of view, but all the data sent over the net gets encrypted. On Tardis, you'll find that ssh is already installed. Read man ssh to learn how to use it. (try ssh login.ee.ethz.ch)
On most unix boxes you will find ssh preinstalled. If not, you can get your own copy from http://www.openssh.org/. For Windows you should have a look at the excellent SSH client PuTTY which is freely available.
GPG allows you to transfer eMail in a secure manner.
Further information
The following websites give additional information about these topics.
EFF - Electronic Frontier Foundation
Mission: Protecting Rights and Promoting Freedom in the Electronic Frontier
The Swiss Internet User Group (SIUG)
SIUG further the responsible and constructive use of the Internet (in German).
Forum On Risks To The Public In Computers And Related Systems (ACM Committee on Computers and Public Policy).
RFC 2196: Site Security Handbook
This handbook is a guide to developing computer security policies and procedures for sites that have systems on the Internet. The purpose of this handbook is to provide practical guidance to administrators trying to secure their information and services. The subjects covered include policy content and formation, a broad range of technical system and network security topics, and security incident response.
