Slashdot Mirror
Schools to Avoid: University of Florida
Iphtashu Fitz writes "The University of Florida has apparently come up with a technological approach to deal with P2P file sharing on their campus networks. According to this article on wired.com they have developed a program that scans the PCs of students in the UF dorm rooms. The program, dubbed 'Icarus' not only detects P2P applications but viruses, worms, and other trojans. If a P2P application is found then an e-mail is sent to the user, a message is popped up on their screen, and their internet connection is disconnected. First time offenders lose their connection for 30 minutes. The second offense results in a 5 day loss. The third strike results in an indefinite loss of connectivity. An editorial in The Independent Florida Alligator, the student newspaper, called the use of Icarus 'an invasive and annoying system that further deters students from living in dorms (see also another story).'"
So, what happens if a kid brings their netgear MR814 router with them and every time he gets cut off, he simply changes the Internet-side MAC address of the router through the handy-dandy html-based admin tool?
As I understand it, if you search for the names of political figures from a chinese internet connection, you'll be cut off for a short period.
I think the reason to avoid UofF was because of its invasive approach to controlling the network. Their app takes advantage of loose shares. The university I attend has used packetshapers quite successfully to control P2P bandwidth and their new 'Vernier Login' system keeps infected systems from chewing up the remaining sliver of bandwidth.
While I personally got so sick of the new system that I switched over to cable, I understand their need. The way the Vernier system works is your machine is assigned an IP but the DNS server forwards every one of your requests to a login web page where the student had to log in with their NT accound. This way, if they knew of a system that was infected, they would know whose machine it was(and could lock them out if necessary). I got sick of it becase it timed out every 5 minutes if no traffic took place over port 80, that means that streaming audio, FTP, even IRC/IM would drop out if you didn't keep browsing. Heck, even reading long pages would time you out, forcing you to go back and log in again.
But anwyays, this IS an invasion, their concern is what their machines are putting ON the network, not what's stored on their personal machines.
This really is a matter of people being given an inch, then taking a mile, and wondering why they're being pushed back now.
If you play by the rules, campus Internet access is a beautiful thing. However, it's the P2P bandwidth hogs that ruin the party for everyone.
There's no need for P2P to download anything when you've got such a fast connection to Internet2 at your fingertips. Either your school or one nearby will have all the Linux ISOs and other free-to-download programs you'll ever need.
So you want to complain about it? How about offering a valid solution? P2P apps soak up bandwidth. Viruses soak up bandwidth. Johnny Student is sharing 500 gigs of dvd's from his PC, and Jane Student has every virus known to man on her PC. Those two students alone are soaking up the available bandwidth and denying other students the ability to conduct legitimate research.
What kind of intellectual environment does not monitor their network to ensure that it remains available for legitimate use? If you want unhindered P2P, get a private connection. If you can't be bothered to protect your computer from viruses, get a private connection. Why shouldn't people face the consequences for their actions? Why should the truely innocent users pay for the abuse of those who can't be bothered to think of anyone but themselves?
There is only one body that can ensure that the campus network remains viable for all students. That's the campus body that runs the networks.
It's no surprise that any research requiring an inordinate amount of resources has to be justified. If the student is really researching something and they require more bandwidth, they should either justify it to the university or get their own private connection.
They may be paying for use of the network, but so are the hundres (or thousands) of other students. Bandwidth is not unlimited and the campus agency responsible for it has to make sure it's available for legitimate purposes.
"The avalanch has already started, it is too late for the pebbles to vote." -Kosh
I will completely agree with you in turn. I'm lucky enough to be good friends with a few of the more intelligent denizens of the computing center at my college, so I get to hear all of the story-behind-the-story as well.
My freshman year was the Year of the Napster, though in the last few months of its existence I felt the pain of my college's pipe when trying to do the simplest things, like typing over ssh. It was simply unusable. They throttled by ports, and the person in charge of it was (and still is) incompetent. Back then, everything that wasn't on port 80 was throttled in one single category, while port 80 was prioritized. An http transfer would fetch 400k/s, while a ftp transfer from the same site would crawl at 3k/s. But using a tunnel for the same ftp connection was nice and speedy through port 80.
They have since instituted packet shaping policies, even though they denied them in the first issue of the school paper (which has yet to be digitized). They blame the slow speeds on Blaster and other incarnations, which is laughable at best. Though this is ironically, indirectly true, because they throttled 443 (https) because some filesharing service (the name of which I forget) uses it. On the upside, I have more time to work on my rubik's cube when I'm trying to look at my credit card balance.
Furthermore, the same incompetent individual in charge of the packet shaping has throttled each specified port in its own individual category. Which means that, say, Kazaa traffic gets 56kbps (the number that I was told), while Gnutella gets its own 56kbps. This is nice and all, but I'm still able to log on to good ol' IRC and download or even upload at 200-300k/s to my heart's content. Since they have the packet table filled, God help them if someone decides to be cute and set up an XDCC server or twelve.
We (my fellow CS majors and I) have ranted about this among ourselves and with our friends from the IT department for years now. The problem is that the college is primarily liberal arts (which was my first mistake, though I had enough coworkers in my future field recommend it to me) so most of the students don't know any better. They just want their porn and mp3s as fast as possible, and legitimate uses be damned.
"So you want to complain about it? How about offering a valid solution?"
OK, here's one: it's called QoS on a switched network. Instead of saying "everyone gets 100Mb connectivity, more than enough to saturate our single T3, each", set the network to only allow 500kb per LAN drop. Simple solution, and solves the problem nicely without having to poke around inside students' computers.
At the same time, monitor bandwidth usage on a per port basis (gee, too bad there isn't a free multi-router traffic grapher out there somewhere). Any user that consistently pegs their bandwidth cap gets a stern talking to from the local network honchos.
God invented whiskey so the Irish would not rule the world.
Or, do they force you to run win on your computers you connect to the dorm's network..and have you install icarus software on your system?
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
It didn't mention it in the story, but I think that it would be logical to assume that linux clients would get cut off from the network because ICARUS probably doesn't come in a flavor that scans linux file systems. So besides robbing users of using p2p for legitmate purposes the system also prevents them from using a free operating system? Am I missing something here?
In linux libertas