Schools to Avoid: University of Florida

Iphtashu Fitz writes "The University of Florida has apparently come up with a technological approach to deal with P2P file sharing on their campus networks. According to this article on wired.com they have developed a program that scans the PCs of students in the UF dorm rooms. The program, dubbed 'Icarus' not only detects P2P applications but viruses, worms, and other trojans. If a P2P application is found then an e-mail is sent to the user, a message is popped up on their screen, and their internet connection is disconnected. First time offenders lose their connection for 30 minutes. The second offense results in a 5 day loss. The third strike results in an indefinite loss of connectivity. An editorial in The Independent Florida Alligator, the student newspaper, called the use of Icarus 'an invasive and annoying system that further deters students from living in dorms (see also another story).'"

Anti-Intellectual Environment

[TPIRman]

From the article: If students are mistakenly identified as violating the school's policy, the burden is on them to justify what they are researching, invading their privacy in the process, [EFF attorney Jason] Schultz said.

In other words, innocent until proven guilty. What kind of intellectual environment is there at a university that intimidates students from conducting research? Now, you could argue that there are not many research projects that would be helped by P2P applications, but the school's definition of violations is so ethereal that the cautious, not-so-tech-savvy will be left afraid of his/her computer. Will downloading that PDF violate the bandwidth rules? Is this FTP server a file-sharing network? Your average students won't know for sure, and they won't test the limits for fear of losing their Internet privileges. These scare tactics will inevitably hinder valid academic pursuits.

Re:Anti-Intellectual Environment

[johnmearns]

Being unable to access the internet at all would hinder them more though. Bandwidth is expensive, and in a dorm it can easily be sucked down into nothing by p2p apps. Which is better, forbid p2p in what might prevent one or two students from doing something academic with it, allow it under the guise of academic freedom but causing a slowdown to the extent that no one else can do homework, or increase housing costs to cover the bandwidth used? Practicality is the point, not trying to be mean.

Re:Anti-Intellectual Environment

[andrew_0812]

Fine. Prohibit P2P. The university owns the bandwith, they can block it, scan it, whatever. But invading the student's PC's is an invasion of privacy. This isn't even like watching employees. In a company, the PC belongs to the company, not the employee. These are the student's personal computers. The school has absolutely no right to scan the systems. The student is therefore totally liable for anything illegal found on that PC. The university should limit its power to scanning internet traffic.

Re:Anti-Intellectual Environment

[E-Rock]

If you think admins are bad about patching computers, most students don't even know that it is possible. Scanning the machines has become a requirement. Trust me, there's no budget or staff allocated for something like this, but they HAVE TO DO IT or else the campus network is flooded with crap from these machines. It's also part of the TOS to connect your PC to the campus network.

Re:Anti-Intellectual Environment

[ePhil_One]

The school has absolutely no right to scan the systems.

They are conducting port scans, not installing agents like AdAware or AntiVirus. And I'm sure there was an appropriate clause in the TOS the students agreed to that says the students consent to it. If they don't like it the can call up their own ISP and not connect to the school network.

Basically, its the schools network, they can use it as they please.

Re:Anti-Intellectual Environment

[Badmovies]

I doubt that they are actually hacking into the computer. More likely, Icarus checks to see what ports are open on a computer and then makes a determination which services (where services might be a worm, P2P, etc) are associated with those ports.

Colleges do not have the money to support servers (which is what P2P makes a computer, really) on their network. The college network is there for students to do research. If 90% of the resources are sucked up by P2P, I can see their point. Want to be a P2P junkie? Fine, get your own personal setup on dial-up, cable modem, or DSL.

Re:Anti-Intellectual Environment

[bongoras]

that's nonsense. Most schools ( and I'm a unix admin @ one ) have Internet connectivity that was purchased with grant money in the mid to late 90s. Dual T1s, maybe for a large school like Florida a T3. There are a few places with big I2 connections, true, but Internet 2 is only for connecting to other places with I2, so it's still necessary to maintain a conventional internet connection.

please be a little bit more well informed before shooting off your mouth. Bandwidth is expensive and not plentiful.

Re:Anti-Intellectual Environment

[pz]

Try again. The taxpayers of Florida own that bandwidth.

There is a large difference between paying for something and owning it. While I do not have the UF charter at my fingertips (does anyone? could you look this up, please?) universities typically recieve grants from various levels of government and governmental agencies (in addition to private funds, proceeds from endowment, tuition fees, licensing fees, etc.) which is money given to the schools, mostly to do with what they will. The Florida tax payers may, ultimately, foot much of the bill for operating UF, but the University embodied in its board of regents, trustees, or overseers (depending on the charter) is the owner of things like infrastructure, physical plant, real and intellectual property, and so forth. Therefore the University does own the bandwidth.

But then, I'm just an academician who's spent his adult life in various university settings, not a lawyer. (And I agree with the rest of the parent posting.)

Re:Anti-Intellectual Environment

[secolactico]

Bandwidth is expensive and not plentiful

Somebody mod parent up.

A lot of people have the idea that bandwith is "air" not taking into account the costs associated with maintaining a high speed connection. Oversubscription is the only thing that makes it profitable and if too much of the bandwith is constatly bogged by P2P applications then everybody loses.

Same goes for people who pays $50 bucks for a 256K ADSL and the complain about not getting sustained 256K 24x7.

Re:Anti-Intellectual Environment

[Marc2k]

The campus owns the network, it is your prerogative to leave or find your own ISP if you don't like their bandwidth or their rules. They're not holding a gun to your head, you can just as easily plug in your phone line and use dialup. Sharing 100 gigs of anything on P2P is generally *NOT* an acceptable use for "average internet computing use", and is against some college TOS'es I've seen from the get-go. Also, think about it, if I use a couple gigabyte's worth of transfer a week, multiply me by 13 or 14 thousand. Pretty big, huh?

The point is hey, you may like sharing both illegal and legal media over P2P, but not everyone wants to pay for the upgrade so you can download your favorite WHAM! ditties. My freshman year of college, a kid across the hall from me had a family hand-me-down running Windows 3.11 (this was 2000, mind you), he could barely play *an* mp3 while having IE open. Me? I was running an httpd, ftpd, hotline server, downloading things from P2Ps, and hogging bandwidth like you wouldn't believe.

That kid paid the same amount of money for network utilities as I did. Would it be fair to ask him to kick in another $200 a semester so that I can run DirectConnect faster?

Re:Anti-Intellectual Environment

[C10H14N2]

Students are already paying considerably more than the market rates for their rooms. If the universities can't cough up decent network services equivalent to what is commercially available, they simply need to outsource and stop crying. This "we just can't afford it" is bullshit.

If students can get ostensibly unlimited use of DSL for $50/month from the local telco, there is no reason the university cannot approximate that service even if that means having the local telco wire the buildings and offload the res.net from their domain and stop bitching about it entirely. Of course, outsourced services fall prey to the constant and overt mark-up rackets and micro-kingdom vanity that universities so irrationally cherish.

If you have 7,500 students signed-up for residential service and $50/month is extracted from each, thats $375,000 per month, far and beyond well enough for a 10G connection that would allow every single student a sustained 1Mb/s link with LOTS of breathing room. Say they only pay for eight months a year, that's still $3,000,000 or $250,000 per month. If they can't get enough bandwidth for less than a quarter million a month, whoever is in charge needs to be fired immediately. Ok, so in Florida's case, they pay for DHNet out of the rents. Fine. A single occupancy room costs $2675 per semester, or, about $643 per month in a city where studio apartments run more like $400/month. I would gander they could find fifty bucks a month in there somewhere or they could just explicitly charge for network services.
http://www.housing.ufl.edu/housing/GenInfo_Stats.h tm

They simply have no excuse to brow beat students to protect their pathetic service levels when cheap commercial alternatives are available that could easily be integrated into university housing and when minimal access fees would pay for obscene amounts of bandwidth. So they dropped their usage by 85% by being draconian. Great, I could cut traffic on Los Angeles freeways by jack-knifing a tractor-trailer on at the I-405/10 interchange. Doesn't mean it solved the problem. It's a racket. Screw 'em.

Schools to no longer avoid!

[garcia]

Last spring, the university received about 40 notices of copyright violations per month. At peak file-trading periods, 90 percent of the traffic on the housing network was peer-to-peer. In an average 24-hour period, 3,500 of the 7,500 students in the residence halls would use P2P services like Kazaa.

Unfortunately you are on their network, thus your computer becomes part of their network (on campus). If you don't like the policy (and you are warned when you sign up for the DHCP access) don't connect to the network. If you don't think that ISPs are scanning computers for viruses, trojans, etc, you're wrong. I worked for ATTBI and there were quite a few people (calling in to me alone) that were infected with some sort of trojan/virus and they had been automatically disabled.

P2P applications should be blocked at colleges. Colleges are not houses of endless bandwith... 40 copyright violations a month is a pain in the ass to deal w/ (especially in this day and age). 90% of the traffic was P2P? What about Quake pings (when I was in college that's what I was concerned with) what about downloads of legitimate software? Hah, nope, just get your P2P porn movies and the latest DiVX of The Matrix Trilogy...

School to Avoid??? I would have avoided it when 90% of the bandwith was being sucked up by people sharing MP3s and porn, now maybe the bandwith is reliable and useful for stuff other than loading Google.

As far as it is detering students from living in the dorms... I have heard nothing but problems with overcrowding in dorms (3 to a room instead of 2, people living in converted lounges, being housed in hotels/motels until space becomes available, etc). You think that Universities really care about not having people in the dorms?

This is not an invasion. This is reality. College editorials are always biased bullshit. Please move along.

Re:Schools to no longer avoid!

[Xerithane]

Respect to you garcia. Great post. It is their network, and this is great software. I hope they release this open source so more people can implement it.

If P2P had more valid uses, and wasn't used 99.9% of the time for copyright violations than I would disagree with you. Until a P2P network that only allows "free" material, you have no business using a schools bandwidth for it.

Re:Schools to no longer avoid!

[garcia]

IT does give a shit about the students. They are allowing everyone to use the bandwith for legitimate purposes.

You are receiving what you are paying for... AN EDUCATION. I didn't realize that paying for college necessitated a fast P2P pipe for getting porn, movies, and music.

I guess things have changed since I graduated way back in 2001.

Re:Schools to no longer avoid!

[cybermace5]

I 100 percent agree with you on this. UoF's killing P2P and trojans/worms on the campus network should be a reason to consider going there more, if anyone's looking.

Let me tell a little story. Napster arrived during my second year of college (a small highly-acclaimed private engineering school). Bandwidth didn't suffer too badly, we had 1500 students on the network with mandatory laptops, and though we maxed out our dual T1's we were still able surf the web and get halfway decent ping rates.

The next year, Kazaa and friends arrived, along with the new freshman laptops with large, empty hard drives. Within weeks, the campus network was unusable. You literally could not surf the web, research online journals, download drivers and development software and other legit uses of the network. No one even tried gaming. Yet, the bandwidth leeches could open a hundred connections and download music at useful rates...it was only the legit applications suffering here. I actually dialed my laptop out to a local ISP in order to get better access.

The situation was so bad, the computing center had to call a "town meeting" to try to work out what the problem was, and allay the obvious anger that many students felt at being able to download at rates less than 2K/s. Hundreds of students showed up, standing room only, it went overtime. The upshot was that a couple months later, our bandwidth was doubled to four T1 lines.

The fun lasted for about two days. After that, the situtation was just as bad. Then our computing department took action: they ran traffic analysis and determined what the percentages were. Over 70% of our bandwidth was going to Kazaa. The top 10 bandwidth users were accounting for over 50% of of the bandwidth. We were notified that traffic shaping was immediately going into effect; during daytime hours the traffic determined to be "non-essential" would be throttled to something like 10%, and it would rise to something like 30% max during the night and weekends. A couple people got their ports disabled, and all "non-essential" traffic was disabled in the classrooms. Apparently, since we had ethernet ports at every desk, a lot of filesharing was going on during classtime!

The effect was instant: pure heaven. Fast page loads, excellent ping times, no more dropped connections. P2P was the worst thing to happen to the college network scene. I happen to know that some of my work was affected by being unable to do research as quickly, since many of the electronic journals we had access to were hosted online. I think the best thing a college can do is block or reduce P2P programs, and let students do what they ostensibly are at college for.

Re:Schools to no longer avoid!

[orthogonal]

I work at UF and know the one of the designers who worked on this. It's actually a really good system that has other purposes besides blocking P2P.

As a piece of technology, Icarus may or may not be a good tool.

But if you're not frightened by its intended use, you're missing the point. Nothing is technically -- or otherwise -- excellent enough to justify turning off your moral sense. You have an ethical duty, regardless of your technical acumen, to think of the moral implications. Indeed, the argument can be made that greater technical acumen demands a greater ethical care on your part that technology not be used to decrease human freedoms.

"Dude, I just built a mind-control ray that makes anyone it touches ecstatic to be a slave of Mine Leader!" is NOT OK, even if you go on to explain "But dude, it's like totally cool and neat-o how the mind-control ray works."

In a less comic-book vein, building "really neat-o" mass surveillance technology is not, generally, something to be proud of.

If you must be a cheerleader for this technology, I beg you to pause at least a little while to consider how it could be misused:

• would you want the Chinese government to have it, so that they might hunt down and suppress samizdat calling for human rights?
  
• Would Stalin have found it useful to maintain his police state?
  
• Could it be used to search computers not for viruses but for memes that the State or interest groups find objectionable?
  

What if the US Government decides that Federally supported schools (and given the realities of student loans, all colleges are "Federally supported" under the law) should not use their networks to disseminate information about how to get abortions? (Not so far-fetched: that's already a requirement for any family planning organizations that gets US foerign aid.)

If by connecting my computer to the school's network constitutes being "a part" of that network, can Icarus search and destroy a list of abortion providers on my hard drive? Or if I'm anti-abortion, can it search and destroy a list of abortion providers if I include beside each provider's name his home address and a tick mark if he hasn't been murdered/driven out of business yet? (Also not so far-fetched: Planned Parenthood has abused the RICO statutes to supress anti-abortionists.)

The 4th Amendment limits the government's ability to search my computer, but if a college insists that
all freshmen live in the dorms,
and that all computers in dorms be connected to the campus network,
and that all computers on the campus network be searched by Icarus,
can they turn over to the government what they find on my computer?

What if they find an essay advocating the decriminalization of marijuana, would that be of interest to the local sheriff? What if they find a diary note where I mention I bought a nickel bag or marijuana? What if they find my plan to murder a rival drug dealer?

Were this strictly government action, a warrant would be required for this search. But if my computer is "part of" the campus network, have I given up all my rights?

Id it OK for a Christian School to search my computer for porn? For an electronic copy of the Quoran? For a heretical version of the Christian Bible? Or are you sure that Icarus will draw the line at viruses and P2P applications?

What are we more concerned about, a virus that might disable a few computers, some violation of copyright, or the right of free men and women to be secure in their privacy and the privacy of their thoughts as expressed on their magnetic media?

Are you really ready for the implications of this technology, or are you just blinded by its "gee-whiz, neat-o" aspects?

Scared?

[giantsfan89]

Sounds like they might be a little scared of lawsuits. I'd think that colleges don't have that much budget for a legal team.

Firewall them!

[EvilNight]

Set up a firewall on some old P166, build your own subnet, and lock them out. It's not hard. Mandrake MNF or Astaro are great for this sort of thing. Run a VPN between you and your friends in the dorm. Heck there's lots of fun to be had there.

Good for them

[jayhawk88]

Using the campus network from dorms is a privledge, not a right. UofF has not only the right but the responsibility to ensure that their network resources are protected, not only from without but from within as well.

If students want to file share (legit or otherwise), or game, or whatever, without restrictions, they can drop the cash for DSL or cable.

Re:Good for them

[argmanah]

If students want to file share (legit or otherwise), or game, or whatever, without restrictions, they can drop the cash for DSL or cable.

Your argument would be sound if the student had a choice of providers. If I as a student had the right to refuse the terms of service provided by my University, and get an alternative provider instead, I would agree, the University should be able to create whatever policies it wants. But since the University is basically shoving this down the throats of the students, forcing them to pay for it without offering them a choice, I have a problem with them getting a blank check on how they set their policies.

Plus, back when I was in school, our land lines ran through a proprietary on-campus system (you could dial 5 digits for on-campus calls), so no DSL was available. Our cable ran through the campus cable system, so no CM was available.

Given that I could not get DSL or cable as alternative access, and I was forced to pay the "Technology Fee" whether I used the ethernet access or not, you can be sure I would have raised hell if they tried to pull this kind of nonsense back in the day.

Provided you have the grades and the motivation, I consider a college education to be a right (one which the government agrees with, if you look at all the grants and scholarships given based on need). A public school should not have the right to invade a student's privacy with scans of their machines in a situation where a student is forced to pay for the service, under a threat of "If you don't like it, go somewhere else for college."

Re:Where's the beaf?

[blibbleblobble]

"So the university has taken a pro-active to insure that they're hardware isn't used in the commission of a crime - and people don't like it."

You could equally protect the students against slander charges by cutting out their tongues. P2P systems are no more criminal than is your webserver, your email client, your word processor, or your conversations at the pub.

There are a certain class of people who dislike Peer-to-peer networking, and are trying to compare it with everything from copyright infringement to illegal pornography to terrorism to try and get rid of it. These are the people who would like an internet where they speak and you listen. Luckily the internet doesn't work this way, and nearly every device attached to it is peer-to-peer in some way.

Shouldn't it have been called Daedalus?

[*weasel]

Because Daedalus was the worrywort engineer who kept trying to prevent Icarus from flying to close to the sun and getting himself in trouble?

It'd be a much better analogy from that angle - as it would equate the file sharers to Icarus, the wings to Kazaa and the Sun to the RIAA.

Calling the watchdog app Icarus... well it's just begging to fall into the Ocean and drown.

or maybe that was their actual intent...

And what about legit uses?

[bishiraver]

Or other, relatively low-bandwidth server applications - like a MUD, or a small 8user, private game server? These are relatively low bandwidth, especially the MUD example, and do not interfere with legit research access to the internet.

You say they can't possibly be legit if they're running a server that would be caught by Icarus. Think of this:

-You're a student running a cvs tree off your box for an open source project. You get shut down because of the ports being used.

-You're a student writing some kind of server application for a computer science degree. You decide that it works well enough to run it on your own box so you can more easily monitor it. You get bumped off the 'net for doing research.

-You set up a private Natural Selection server and only give the password to people on campus. While this isn't "legit" like the other two examples, it does not use the external bandwidth of the university - only the internal LAN bandwidth. They pay for the hardware to accomplish this, not the bandwidth used like an external connection. While it's not "legit" per se, it really isn't that harmful either.

-You decide to run SSH on your box in your dorm room, so you can access files and applications on your personal computer from anywhere on the university, with your ssh client diskette. Even though I commute to college, I use this method to truck files back and forth to class without the headache of an ftp server or using an external storage space, like a web server. Not to mention, it's faster than uploading it to a web server.

All of these are actions which would result in your network rights revoked at this university. While it fixes one problem, it creates many, many more. It's not viable, and I'm just glad I didn't decide to transfer to Florida ;)

Re:An Inside Perspective

[techno-vampire]

The system is more than just a port scanner. If you think you can evade it simply by blocking probes, you're dead wrong. The system is more than that, it also incorporates passive monitoring. Here's a hint. There ain't no way to disguise high bandwidth. No encryption, no port changes, nothing that will hide that. If you're downloading massive amounts of data, you will be found. Period.

This makes me feel much better about the program. The original article made it look like it was actually examining the computers for the programmers. This is more like keeping a log of what phone numbers call in and which get called without recording the conversations. Still something of an invasion of privacy, but not as obtrusive as it appeared.

I agree that you have to search out and stop those that waste bandwith on such things, but wouldn't it be easier just to block those ports at your own routers? I know some ISPs block outgoing connections to port 25 to prevent spammers from relaying through open SMTP servers. Couldn't you just block the appropriate ports and be done with it?

Re:Slashdot: mostly missing the point...

[Ionized]

That's a whole lotta whining, but let's look at the facts.

1) Uploading of copyrighted material is illegal
2) The University, as an ISP, is legally responsible for what its users do, thanks to the DMCA
3) ~90% of file transfers over P2P are copyrighted material and illegal
4) There's no realistic way to tell if any given file being transferred over the network is legal or not

Based on the above, why exactly do you feel that the University should expose itself to lawsuits from the RIAA just so a small percentage of the student body can use P2P for legitimate use?

What use can you come up with that is not available elsewhere, such as using an FTP site or website?

I dislike the RIAA as much as anybody, but there is not a lot of leeway without the potentialof being sued.