http://www.yaledailynews.com/articlefunctions/Printerfriendly.asp?AID=22111
yaledailynews.com - Changes may follow hoax e-mail Published Wednesday, March 5, 2003 Changes may follow hoax e-mail BY JESSAMYN BLAU Staff Reporter The Feb. 17 hoax e-mail that caused some students to miss classes and angered the administration could now lead to changes in Information Technology Services policy. The e-mail -- allegedly sent by Yale Provost Susan Hockfield -- informed undergraduates that classes had been cancelled because of inclement weather. Approximately one and a half hours later, University Secretary Linda Lorimer sent out an e-mail informing students that the first e-mail was a hoax. In order to prevent a similar situation in the future, ITS Director Philip Long said ITS is considering adding a link in all official e-mails to a protected Yale Web site that would display copies of the original message, creating a back-up security measure. Long said the hoax situation has been investigated, but that he could not comment on any recent developments that could lead to disciplinary action. While ITS is currently contemplating ways to reduce the impact of potential hoaxes, Long said there is no real way to prevent someone from sending such an e-mail. "Anyone can dump an e-mail into a system," Long said. "That doesn't make it an honest e-mail." But Long said because University officials send out so many e-mails, it is not clear whether all of them would have to be logged in a protected Yale Web site. Alexander Clark '04, founder of YaleStation.org, said using a Web site might not be entirely convenient. "That certainly is one option, except that students might not go to the trouble of clicking on the URL," Clark said. Clark also said posting e-mails on the Internet could potentially make the e-mail accessible to unintended recipients. Instead of using a Web site, Clark said the use of digital certificates could be a more useful way of "making official e-mails look more official." "When you receive a certificate -- which is very difficult to forge -- an e-mail client is going to tell you whether it is a valid certificate," Clark said. In the hoax e-mail, the address in the "Reply-to" field was [EMAIL PROTECTED] Long said he has spoken with Zihal, a draper in the School of Drama's costume shop, and determined that she is an innocent victim. Long said the e-mail was a violation of a number of ITS policies because it impersonated Hockfield, victimized Zihal and caused annoyance and inconvenience to members of the Yale community. "I think that most people are not looking for cheap thrills at the expense of the community," Long said. "Bottom line, this is a question of trust. It might have more consequences than the person who casually initiated it had intended." Long said there is a law in Connecticut about the use of electronic communication for deceptive purposes, but said he is not sure whether this particular abuse could be prosecuted. -- ----------------- R. A. Hettinga <mailto: [EMAIL PROTECTED]> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
