Slashdot Mirror
Schools to Avoid: University of Florida
Iphtashu Fitz writes "The University of Florida has apparently come up with a technological approach to deal with P2P file sharing on their campus networks. According to this article on wired.com they have developed a program that scans the PCs of students in the UF dorm rooms. The program, dubbed 'Icarus' not only detects P2P applications but viruses, worms, and other trojans. If a P2P application is found then an e-mail is sent to the user, a message is popped up on their screen, and their internet connection is disconnected. First time offenders lose their connection for 30 minutes. The second offense results in a 5 day loss. The third strike results in an indefinite loss of connectivity. An editorial in The Independent Florida Alligator, the student newspaper, called the use of Icarus 'an invasive and annoying system that further deters students from living in dorms (see also another story).'"
From the article: If students are mistakenly identified as violating the school's policy, the burden is on them to justify what they are researching, invading their privacy in the process, [EFF attorney Jason] Schultz said.
In other words, innocent until proven guilty. What kind of intellectual environment is there at a university that intimidates students from conducting research? Now, you could argue that there are not many research projects that would be helped by P2P applications, but the school's definition of violations is so ethereal that the cautious, not-so-tech-savvy will be left afraid of his/her computer. Will downloading that PDF violate the bandwidth rules? Is this FTP server a file-sharing network? Your average students won't know for sure, and they won't test the limits for fear of losing their Internet privileges. These scare tactics will inevitably hinder valid academic pursuits.
Last spring, the university received about 40 notices of copyright violations per month. At peak file-trading periods, 90 percent of the traffic on the housing network was peer-to-peer. In an average 24-hour period, 3,500 of the 7,500 students in the residence halls would use P2P services like Kazaa.
Unfortunately you are on their network, thus your computer becomes part of their network (on campus). If you don't like the policy (and you are warned when you sign up for the DHCP access) don't connect to the network. If you don't think that ISPs are scanning computers for viruses, trojans, etc, you're wrong. I worked for ATTBI and there were quite a few people (calling in to me alone) that were infected with some sort of trojan/virus and they had been automatically disabled.
P2P applications should be blocked at colleges. Colleges are not houses of endless bandwith... 40 copyright violations a month is a pain in the ass to deal w/ (especially in this day and age). 90% of the traffic was P2P? What about Quake pings (when I was in college that's what I was concerned with) what about downloads of legitimate software? Hah, nope, just get your P2P porn movies and the latest DiVX of The Matrix Trilogy...
School to Avoid??? I would have avoided it when 90% of the bandwith was being sucked up by people sharing MP3s and porn, now maybe the bandwith is reliable and useful for stuff other than loading Google.
As far as it is detering students from living in the dorms... I have heard nothing but problems with overcrowding in dorms (3 to a room instead of 2, people living in converted lounges, being housed in hotels/motels until space becomes available, etc). You think that Universities really care about not having people in the dorms?
This is not an invasion. This is reality. College editorials are always biased bullshit. Please move along.
Sounds like they might be a little scared of lawsuits. I'd think that colleges don't have that much budget for a legal team.
Don't ping my cheese with your bandwidth!
Wow, what a wonderous world we live in where students can recieve e-mail when their internet connection is hosed *goes wide eyed*
Banaaaana!
place hasn't been the same since Steve Spurrier left.
From the Wired article:
"We needed something to stem the flow. We were spending too much time tracking people down," said Robert Bird, supervisor of network services for the UF department of housing.
So a guy named Bird creates (read: has some overworked grad student create) a program called Icarus to "bring down" file sharers. I guess he imagined his program being like the sun melting the wax on the mythical Icarus' wings and sending him crashing back to earth. And Bird himself, of course, would be the sun-wary Daedelus, who after trying out flight himself, hung up his wings as an offering to Apollo.
I guess he's now a flightless Bird. The old story about the ostrich sticking his head in the sand comes to mind.
Stressed? Me? Of course not. Stress is what a rubber band feels before it breaks, silly.
How long before Unis demand that all computers on one of their networks join one of their administered domains, with Domain Admins in the local Admins group, or with one of their public SSH key in /root/.ssh/authorized_keys2 for *nix boxes?
Logins tested every day at random times. Should a login fail, box comes off network.
Get your own free personal location tracker
The program, dubbed 'Icarus'
What are the odds that this program is running on a Sun machine?
So, what happens if a kid brings their netgear MR814 router with them and every time he gets cut off, he simply changes the Internet-side MAC address of the router through the handy-dandy html-based admin tool?
So the university has taken a pro-active to insure that they're hardware isn't used in the commission of a crime - and people don't like it.
Now I KNOW that not all P2P users are copying music - but MOST are.
Further, you probably sign a usage agreemnt when you connect up to the school's network saying that you won't due anything illegal. All the university is doing is holding you to that agreement.
I don't see a problem here
Have you compiled your kernel today??
Show your hate for SCO. Get a cool t-shirt and donate to the Open Source Now Fund.
Set up a firewall on some old P166, build your own subnet, and lock them out. It's not hard. Mandrake MNF or Astaro are great for this sort of thing. Run a VPN between you and your friends in the dorm. Heck there's lots of fun to be had there.
Hell is being intelligent in a world full of idiots.
Sooo... find out what host/ip 'Icarus' is on, and make an ipchains policy to ignore that address.
Problem solved!
Rogers (here in Ontario, Canada) did similar portscans, but I haven't been found out for over a year.
From what I have been able to gather, detection with ICARUS is done by regularly port scanning machines on the campus network. There doesn't seem to be any component of this sytem to allow users to share legitimate content (for example, I regularly use Bit Torrent to share live concerts performed by bands who allow and encourage concert taping and distrubution) --- This really bothers me!
The virus & worm scanner portion of this software is a really good idea, and something that a lot of campuses have implemented with students returning this fall and all the Blaster hoopla.
The Wired article lists this software as open source -- has anyone been able to find a pointer to the source? I searched around Google a bit, but didn't find anything.
I imagine like a lot of other big schools, there is a huge market for off campus housing. And by off campus, I mean on campus or just off campus, not far away, usually just houses rented out by the room to students. Does UF have this? If so, students can just give the school the finger and live somewhere else.
Th
I know the party line says that File sharing is good, but if they have signed a user agreement which in exchange for "free" internet access, they can't use p2p.
I'm guessing that there are ways around it, but P2P is an inherently flawed way of opening your computer to someone else. Especially since in other news today, we find that the "pirate-friendly" P2P service(Earthstation allows deletion of any file on your computer.
Food not Bombs is a nice platitude but it breaks down when you notice that the Bombees are usually well fed
Bring on the inter-dorm wireless networks, then.
-- Even if a god did exist, why the fsck should I worship it?
Back when I was in college, a friend of mine had roommate problems. So the usual things were done against the offending person: clothes out the window, salt water in the monitor, calls at all hours of the morning. You know, kid stuff.
But installing P2P on his computer would be even better. He would lose his Internet connection, and if he was really lucky, get sued by the RIAA!
Why try to detect it, just block the ports.
Leave it to a university to come up with such an ass backward policy.
Icarus then scans their computer, detects any worms, viruses or programs that act as a server, such as Kazaa
Apparently, you could get busted for running ANY kind of server. Couldn't you just install a firewall and block local connections?
i'm not sure what they expect to do with this thing, but it wouldn't be that hard to fire up tcpdump and get a range of "management" ips. you then block those ips from connecting to your computer with iptables/ipchains/ipfwadm/windows firewall/your favorite bagel. that and it surely won't stop hardcore downloader from logging on IRC and downloading from there (surely everyone know only newbies use kazaa, the rest are still on irc)
they can try to block losers, but they won't get the truly geek. and i sure wouldn't accept any violation of MY privacy and limiting legitimate uses (private servers,game servers, research projects, name it)
and before i get blasted into oblivion, no i don't use kazaa et al, my music is all legitimately got from www.emusic.com, go check it out
So does this system differentiate between copyrighted files and public domain, or does it kick you off for sharing ANY files? Or does it just kick you off for running a certain list of p2p programs? What about Windows file and printer sharing? Do they control only what goes between the school and the outside world, or are they also concerned with traffic local to the university?
I wonder if it only scans for the application or actually watches network traffic for p2p connecitons. I wonder how long it will take a CS student to just write a daemon to listen on the connection port and respond back with a "everything is fine here" type response so that they are free to use the computer as they should be.
"It's better to be a pirate then join the Navy"
So I guess the first question that comes to my mind is, will a products such as ZoneAlarm stop this? And if so
--- have you healed your church website?
Avoid going to a school because it doesn't allow you to illegally get mp3s and DivX movies? If I haven't heard anything sillier, than this is it.
UF is a good school with many established majors and sciences. UF is smart to protect their university and risk getting lawsuits due to the arrogance of people.
Bring on the P2P banning in all schools! Naturally, this is Slashdot where its readers tend to bitch about everything, but we must remember that "geeks" aren't really people anyways. Just a bunch of ugly males who cannot fulfil basic human needs as showering, female interaction, and fresh air.
Can't they set up a WiFi net of their own? Seems like that would permit gaming at least.
As I understand it, if you search for the names of political figures from a chinese internet connection, you'll be cut off for a short period.
Sparcstation, that is.
Ita erat quando hic adveni.
They left out the part about "...to use the dorm network connection for illegal and improper uses."
Maybe this will actually ENCOURAGE responsible people to live in the dorms, now that they know network performance will actually be improved without P2P traffic wasting bandwidth
Using the campus network from dorms is a privledge, not a right. UofF has not only the right but the responsibility to ensure that their network resources are protected, not only from without but from within as well.
If students want to file share (legit or otherwise), or game, or whatever, without restrictions, they can drop the cash for DSL or cable.
All the regulations they put in place and their little program just seem like good news for geeks. Sure, the average student's rights are being grossly violated but the not-so-average geek can find so many ways around this plus i'm sure his/her bandwidth is increased drastically. I'm not saying the administration isn't stupid, just that their stupidity should be used appropriately.
Either that or make sure at least one of your friends is still connected and have hook up a wireless access point to his connection :)
"It's better to be a pirate then join the Navy"
It is news like this which causes me to drink more Dew. More and more ISPs (whether they are colleges or corportations) are acting as Big Brother to their subscribers. There was a story a while ago which talked about ISPs acting as a firewall for the stupid. Well, now we have them looking out for our interests by tracking down virii, trojans, P2P. I guess one could see as vaguely similar to how cable companies control what is fed to their viewers. Great. Can't wait till Roadrunner picks up this feature.
I am currently a sophomore at the University of FL who works part time as part of the campus network ops group. This provides me an intimate knowledge of how Icarus works.
Icarus is a VB application which attempts to connect to the standard ports used by the various P2P apps. If it is able to connect to one of these ports, the IP is marked as suspect in the central DB.
Addresses marked as suspect are then sniffed, and all packets going to and from that IP are logged to a central server. The RIAA has already subponeaed most of this data for further analysis (and more lawsuits, I would expect).
Hope this helps
-sk
From the article:
Icarus then scans their computer, detects any worms, viruses or programs that act as a server, such as Kazaa.
Looks like it's a machine somewhere on campus and all it does is check for known open ports, nothing a simple firewall rule can't solve.
Yeesh, this is one school that is ACTUALLY DOING SOMETHING about the problem.
My Niece went to college this fall and her "100mb/s" connection in her dorm room was running slower than the 56k elcheapo modem we installed so she'd have fax/voiceline answering machine capability.
I checked her system (worked fine) then put my packet sniffer in the wall socket and it just about fried! The university support puppy tracked it down to some students shairing movie files.
I'm emailing this story to them.
It doesn't matter what you wrap your emotions around, Reality is a brick wall specifically designed to scramble eggs
Wouldn't a good firewall prevent this sort of program?
Maybe I'm missing something here but it seems to me it would be easy to defeat.
So rise up, all ye lost ones, as one, we'll claw the clouds.
When students first register on the network, they are required to read about peer-to-peer networks and certify that they will not share copyright files.
Yup. That's the only thing P2P is good for: downloading copyrighted files. Certainly no one like me would use it to share GPLed software.
Somehow I'm sure Icarus cares not about that distinction.
"When we turned the program on, our bandwidth usage dropped by 85 percent," said Norbert Dunkel, director of housing and residence education for the university.
Good job. You wouldn't want anyone to use all that bandwidth now would you. Better just have people checking their email, after all, if you are using more than average, you must be up to something bad.
"One-hundred billion goes to the War Department this year out of three-hundred billion budget (1974). Police agencies have become so vast- National Security Agency alone is the largest police bureaucracy in America yet it's activities are almost unknown to all of us - that there is no turning back from computerized police state control of America." -Allen Ginsberg. 1974.
I could be wrong, but if the University of Florida decides to keep this policy, it will be devoid of anyone tech saavy (who cares about being abused).
I personally do not trade MP3's, but I would find it highly ignorant of a University to assume that file trading programs can only be used for trading copyrighted material.
I equate this type of action with a Christian university banning students from using the network if they had web browsers, since they could be viewing pr0n!
Pretty ridiculous if you ask me.
If it's not one thing, it's Steve's Mother
Baylor university blocks kazaa (we tried changeing ports, most open proxies are banned)
Winmx pulls 1k (we suspect some sort of capping)
bittorrent is irrelgular
gnutella is flat out blocked
gnutella2 works sorta
edonkey still works (but we firewalled)
and my 2nd nic card is blocked for 4 months running NAT to hook up my xbox (despite the policies never mentioning NAT)
I've been threatend with "I will personaly come up and rip your arm off if you do that again" allready on the issue of NAT
Colleges everwhere are getting draconian
we are running a W.A.S.T.E cluster at the moment in my dorm (even the RA's are on it) and have about 1/2 a terabyte, and various people are finding ways to connect (dialup, so they can VPN home and such)
still with filters and invisible rulesets that get you banned for 2 weeks for trying to do something as silly as update a webpage with front page, IT contractors like RESNET have way too much power.
come comment on the madness at http://slashdot.org/~phreak03/journal/
Well, the RIAA knows it's hopeless to go after individuals, so I'm sure this policy had something to do with a few phone calls to those in charge of computing services at heavily wired schools. If you are the RIAA, why not threaten to sue the ISPs/colleges? Much more cost effective than going after users. It has worked/is working elsewhere: Tobacco companies are wrong for manufacturing cigarettes, McDonald's is responsible for making people fat, gun companies will very soon be responsible for the manner in which their product is used, it's only logical (in that wacky American way!) that ISPs and colleges will be responsible for user actions... The implication here is that people are too stupid to know any better I guess.
My school - Kansas State University - blocks all p2p networks I've tried (except one), so they don't need to scan for students running the programs, no one will.
We also have some program that scans for viruses (actually, it scans to see if your computer is vulnerable). If it finds your computer is vulnerable, your port is automatically blocked without warning. I really don't understand what they have to complain about.
In my opinion, it's the school's network and they should be allowed to do whatever they want ith it. It's my responsibility to fool them at any chance I get. You can always use a VPN to circumvent this stuff, and being in linux most of the time, I don't have (much) trouble when it comes to windows viri. You could also determine which computers they use to scan with and then just block them with a firewall.
Are they scanning (hax0ring into) your machine, or just intelligently monitoring network traffic?
Your machine is your machine, the network is theirs. If they don't want you running kazoom then dont run it.
Your there to learn, not steal music from the hardworking folks who produce and distribute it.
Friggin hippies.
I don't need no instructions to know how to rock!!!!
I hope they make sure the email and pop-up arrive before the connection is severed. What happens if they've killed messenger to avoid pop-up spams? What if they aren't checking email at the time? Reality is they could get termed for 30min and not even know it if they were at class or something with LimeWire running. And what if they're not running Windows? What if they have LimeWire on OSX or Linux? It sounds like their idea isn't too thought through. Certainly the guys at Berkeley could've done better.
Atleast concerned with Universities. They have every right to see what you are sharing on your computer or what viruses are coming out of your computer.
It's not like they are scanning the hard drive. They are scanning the ports and seeing if certain applications are using them.
This would be like saying you have a drive thru window on your house and you're selling crack out of it. If a cop goes around your neighborhood and see's you selling crack out of the window, you can't claim invasion of privacy.
Can you explain how in any decently designed network simply connecting a router can blow out the entire building's connection?
Mac OS X and Windows XP working side by side to fight back the night.
Speaking as someone living in a university apartment, whatever the IT guys can do to restrict P2P or even block it altogether is fine by me. There was a lot of moaning from a small subset of users after Packeteer (bandwidth limiter) was installed on the network a couple years ago, but the effect for 90% of the users has been a dramatic increase in general responsiveness. You can still use Kazaa and so on here, but they're throttled down to 20K/sec.
According to this article on dmusic.com, they say that '"The program's authors are trying to keep its exact workings secret to protect against hackers, who may find a way to bypass it."'
Thus, how can the program be open source if the authors are working to protect the inner workings from being hacked?
Here at the University of Wisconsin Platteville, where I work as a Lead Network Consultant, we recently ran into an intra-LAN file sharing app called UWGO (you can find it on SourceForge). We shut it down almost immediately, but an app like ICARUS would help us immensely. I wonder if the University of Florida would be willing to let other schools try this out....
"This food is problematic."
Shouldn't take too long to add a rule to drop all packets coming from the admin machines. Now if they start scanning from machines outside the UF network, they'll probably catch a lot more people.
I guess the windows majority will be prevented from using P2P, but the CS majors with linux boxes will not be stopped.
Oh, the horrible world we live in! These students suffer the slings and arrows of an EDUCATIONAL network. I think they should feel privileged in that they have internet access.
It is 100% up to the university how their network is used. Reguardless of if you view p2p music 'sharing' as theft or not, you can't be so stupid as to be outraged over what this university has done.
I bet they have saved themselves several gigabytes of transfer every day through this.
Oh, the poor suffering college students! What WILL they do, to get their fix? Oh, thats right, beer!
And to that stupid newspaper that says this will make the dorms less attractive - you guys are so naive. I suppose by not allowing posession of marijuana, they make the dorms less attractive. You know, a beer machine in the lobby would help. If it was free beer, of course.
I don't mean to sound like flamebait, but this is just one of those examples of how spoiled our society is, and I'm part of society, so I get to bitch, right? :p
Ahhh, gotta love the cool, refreshing taste of irony... :>
There's no wrong way, to eat a Rhesus...
Guess what? We're not talking about killing babies. We're talking about securing network and school resources from those who choose to use them for non-academic purposes.
Big difference there! Hopefully you'll move out of mom's basement someday and discover that.
Mac OS X and Windows XP working side by side to fight back the night.
"People are not file sharing to do their homework."
Um...granted,
"Linux doesn't exist. Everyone knows Linux is an unlicensed version of Unix"- Kieren O'Shaughnessy
Senior Jennifer Puckett, president of the Inter-Residence Hall Association, called Icarus "a good thing" as it enforces rules that were already in place.
Slashdot poster Colin Palmer was surprised to hear himself say aloud the words "What a Tool" as he read this in the wired article.
What kind of nerd would live in the dorms anyway? Uh, sorry forgot what site I was on...
Onward to the Aether Sphere!
So I guess the first question that comes to my mind is, will a products such as ZoneAlarm stop this?
I wouldn't think so. ZoneAlarm blocks all ports except those you are using. If Icarus scans your machine and finds an open/active port 1214 (Kazaa) then it disconnects you. The only way you might be able to do something would be to use a non-standard port, because if Icarus only scans to see which ports are open rather than actually checking what kind of traffic is running through each port then it might not catch you.
"Housing officials say the application educates students as it restricts them from peer-to-peer services." Remember this program's purpose is to 'educate' the sudents on the evils of music piracy. I really think more time should be spend discussing the evils of 'bad' music like Nickelback and Creed. Look for a class called 'Respecting IP' in a college near you.
~UltraSkuz
This comment is liscensed by SCO.
~UltraSkuzzi
This comment is liscensed by SCO.
Look at the "another story"... Man, I pity the poor soul that isn't a Linux guru but wants to try Linux out. I figure 75% of my Linux questions are answered via IRC. It is still a much better and quicker way to get the answers than mailing lists or Usenet. (FWIW, the other 25% is mainly Gentoo Forums).
Fortran programmer...oh yeah. Array math for life!
This is by far the dumbest method of controlling P2P traffic I've ever heard. At Kansas State, you can have any P2P program you want on your harddrive, it's just not gonna give you any performance at all. I know the guy who does the "bandwidth shaping" as they call it, and he's real, real good. Honestly, I have no idea how it works, but he's given several talks on the topic of eliminating p2p traffic on college networks. All he'll tell me is it doesn't work by port numbers, it doesn't work by IPs and it's not protocol specific. Yet within 2 or 3 days of a new p2p program being released transfer rates for it are crushed down to the 0.1 k/sec range.
That's the best solution. Let the students have whatever programs they want on THEIR computers, but control YOUR resources appropriately.
--Stupid Sig Here--
If you don't think that ISPs are scanning computers for viruses, trojans, etc, you're wrong.
I *know* my ISP is scanning:
http://security.rr.com/probing.htm
Life is short: void the warranty.
Why not just invest in a CD-Burner, have 20-30 students chip in for a CD and make copies for everybody? Cost you ~$1 per CD (or less with more participants)... what's your time worth?
"Freedom means freedom for everybody" -- Dick Cheney
Get it? All of this is just COMPUTERS. Not civil rights. Not human rights. Not even animal rights, but COMPUTERS!
It is no great injustice that someone's net access has been temporarily shut off because they were using a troublesome program.
Mac OS X and Windows XP working side by side to fight back the night.
yes, but firewalls dont matter... its the traffic packets that can screw up your system code. i had a guy on mIRC do it to me when i was in his channel. He was an @. He threatened to take me offline. I have a firewall. He took me offline with special created packets not destined for any port. I wish firewalls were better at block such things.
... where you can be disconnected indefinitely no matter what you do. It's a Windows network, first of all, and secondly, it's not properly partitioned or firewalled away from the rest of the campus network. Some joker thinks it's cool to break into police files (which are sitting out there on the same subnet as the res network), the network admin simply pulls the plug.
N4st0r, trixx0r h0bb1tz0rz! Th3y st0l3 0ur pr3c10uzz!
Blansett said even if users are sharing legally, they can be shut down simply for using up too much bandwidth, which can slow down Internet access for more casual users.
Before Napster, P2P, RIAA, and the lawsuits, this was the most reasonable excuse for curbing legitamate on-line access. Universities can claim their network was a limited resource.
Mod Karma -1: I sed bad wurds. If I cep my mouf shut, I wud be at riyses.
invasion of privacy much? Can they force a student to install their filter?
Virtually, of course...
Under capitalism man exploits man. Under communism it's the other way around.
...after all, it's in Florida.
[Running, ducking]
"A great democracy must be progressive or it will soon cease to be a great democracy." --Theodore Roosevelt
the University of Florida does not require students to live in the dorms. They've got crowding problems to this day.
Next argument?
Beauty is truth, truth beauty. That is all ye need to know on Earth, besides TCP/IP.
In addition to using p2p to try out new music before I buy (since Napster I buy a LOT more music beacuse I'm exposed to a LOT more music), I also use it for downloading game demos and patches that I can find elsewhere.
Would the university have banned the VCR before the Supreme Court upheld the legality of the device in Universal v Sony?
Heck, it's even worse than that. A Federal court HAS ALREADY determined that p2p programs have legitmate non-infringing uses and are not illegal. What right does the university have to ban a legal device?!
If someone says he and his monkey have nothing to hide, they almost certainly do.
Unless they are sniffing traffic, then I would guess your only options would be to use an offsite proxy or an encrypted P2P app like Freenet.
"Powers. I have them."
From the article:"People are not file sharing to do their homework."
Um...granted, I never attended college in Florida, let alone this particular school, but back in my day, CS majors had some pretty serious file-sharing going on for various collaborative projects, grabbing example programs and other random crap that the profs would want us to take a look at, etc. I guess that geeks aren't "people" by the school's logic, since people aren't file-sharing to do their homework, but that shouldn't be news to anyone here I guess.
I can understand schools wanting their bandwidth protected from those evil people who want to do more than e-mail their friends "hey, U want to go 4 beers tonite?" with campus network access, but call a spade a spade, please. If your main argument is that people can share files over a network, and some of those shared files might be copyright-infringing evil things, people can just as easily respond with the argument that people can share files over the network, and some of those files might be academic in nature and important to their primary function as students. "If you don't like it, go somewhere else because we're dirty bureaucratic bandwidth whores" is a perfectly valid argument, but say that. None of this "it's for the children!" or "it's for cuz we can't get sued this way, Vern!" That's just...wrong.
Not entirely sure that I believe this point of view completely myself, but there seem to be a deluge of "good for the school, yay for the new University overlords!" posts, and that makes me feel sad and lonely.
"Linux doesn't exist. Everyone knows Linux is an unlicensed version of Unix"- Kieren O'Shaughnessy
If usage has risen to the level that the school's internet connection can no longer cope, the solution is simple: get a faster Internet connection. $1 per student per quarter would easily pay for a few dozen additional megabits. As an ISP, the university has a duty to provide fast, uncrippled access to students, who ARE paying for this service. The fundamental problem here is that people are forgetting that P2P filesharing applications are a legitimate, important use of the resnet. It is no more acceptable to disable P2P access, much less suspend accounts, than it is to turn off HTTP or E-mail to save bandwidth.
Maybe I'm not reading the article right, but it looks to me like it just blocks you if you try to share files. Use Kazaa Lite, disable sharing. Problem solved. That is what my ITS department recommends. We don't actually block them if they insist on sharing, but the RIAA lodges a complaint fast enough. Then their connection goes away. If they do it twice, we just hand the RIAA their name to persue legal action.
We also scan computers for vulnerabilities. If a computer is vulnerable to $worm_of_the_week, we disable their connection by MAC Address until they get it fixed. Sorry, but we DON'T want to be a part of spreading the next RPC DCOM virus. We certainly don't want to see our SMTP servers (yes, multiple) backed up over 10 hours because of a Swen like virus, so we insist that everyone install our virus scanner, too (advanced users are excepted from this, but they get a stern talking to and a disconnection if they are owned). Why is this a bad thing? Our network, our rules. Don't like it? Get other Internet access. Fixed-point wireless is available here....
Because Daedalus was the worrywort engineer who kept trying to prevent Icarus from flying to close to the sun and getting himself in trouble?
It'd be a much better analogy from that angle - as it would equate the file sharers to Icarus, the wings to Kazaa and the Sun to the RIAA.
Calling the watchdog app Icarus... well it's just begging to fall into the Ocean and drown.
or maybe that was their actual intent...
// "Can't clowns and pirates just -try- to get along?"
Any Dawg can tell you that the University of Florida is a school to avoid. Who wants to wear jean shorts?
Run some cable down the hall or use ad-hoc wireless networking, and continue as usual on your own private network. Either physically switch cables, or find some way to separate the two networks in software.
-insert a witty something-
Yahoo.
That's a grand idea. WWDN knows tech, he and Georgy can get together, fix this up, so it won't happen with the California schools.
Now I don't know if I should vote for Georgy or write Wil in.
"If a P2P application is found then an e-mail is sent to the user, a message is popped up on their screen, and their internet connection is disconnected."
=-------------=
Meanwhile, somewhere in Florida:
Student - "Hey, why did you guys disconnect my network connection?"
Administrator - "Didn't you read the e-mail we sent that explains all of this?"
Down the road o' here from from me,
Where ya put down a dollar or two.
Come back again and when ya come round the bend
There's a jug full o' good ol' Mountain Dew!
chorus
They call it that old mountain dew,
And them don't use it are few.
Well, I'll hush up my mug if you gimme a jug
Of that good old Mountain Dew!
Well my old Uncle Nort,
He was sawed off & short,
Measured 'bout five-foot-two.
But he felt like giant when he got him a pint
Of that good old Mountain Dew!
... that p2p has other valid purposes other than piracy.
What is slashdot?
If this isn't a perfect application for WASTE, I don't know what is.
"A microprocessor... is a terrible thing to waste." --
GeneralEmergency
for someone to compromise the system and turn it into a DDOS box :). After all, it's only written in VB
Call me an insane fucktard, but I think the penalty as listed is too lame. My plan:
First offense: lose net for one week.
Second Offense: lose net for one month.
Third Offense: suspension for one month, automatic 1-GPA point deduction on all current classes taken.
Forth Offense: explusion with prejudice (no readdmittance.)
These "kids" today think that the University is their private network and that bandwidth is infinite and there's no penalty for abuse...time for a surprise. Can't wait for them to tell mom and dad that they got busted for downloading pr0n and illegal MP3s and now get kicked out of college. As far as I am concerned, it's their problem and the University has to mitigate the possibility of lawsuits as well as catering to the genuine student that is not violating the laws. All I can say to those foolish students that do get hammered is "It sucks to be you!"
All of use who lived in dorms with high speed connections probably at some point signed an Acceptable use policy. However, part of that policy usually says you cannot hack other machines or run services on unverisity machines that is against their purpose. For them to run a program on MY machine, wouldn't that require some form of hacking? Even if I leave the computer completely unsecured that does not give them the right to install something on it. Thats like saying you took someone's car out for a joy ride because they left it running. Sure, there's no permanent damage (if you decide to return it), but it is still illegal.
" Using the campus network from dorms is a privledge, not a right. "
Breathing air from dorms is a privledge, not a right.
Playing music on your guitar is a privledge, not a right.
Staying up past 11 PM on a weeknight is a privledge, not a right.
What, in your twisted little world, exactly is a right?
"It's the universities network, they can do anything they want. You have to agree to their policies or don't use the network." If there are alternative ways to get on the Internet, then I agree. However, a lot of universities require incoming freshman to stay in dorms. The university is the only provider of cable television, phone and Internet access for those particular students. So dictating what programs they can and cannot use is definitely infringing on some freedoms.
Its in school owned facilities, and you sign away privacy rights when you move in anyway..
its THEIR place.. not yours.. and they have the right to prevent illegal acts on their property.
Should they do this, no. its in bad taste, but legally they can..
---- Booth was a patriot ----
Being a dorm rat, I can say that I have a large group of friends, including myself, who stay in the dorm becuase of the network. It's a lot easier to play games // connect to servers from the dorms. With this restriction on P2P applications, they'll push out the students stay in the dorms there for the high speed connection.
And, really, the showers aren't that bad.
bwah-ha-ha-ha
We're talking about college kids here, not research scientists. Don't be so kneejerk.
I'm intrigued about what s "special[ly] created packets not destined for any port" looks like?
Certainly there are broadcast and host destined packets that address the stack, but what you're implying is that they send non-TCP packets (feasable when you own the local segment) that "magically" take down a server.
That's not possible with TCP/IP. Or if it is, it represents a brokenness that should be addressed immediately.
Perhaps they send an ARP packet on the local net that tells the host that the router's IP is a different MAC address (that would hold for a 30 second ARP cache timeout).
So U.Fl folks, if you're running an application capable of doing peer to peer file sharing (one might describe most of the TCP application suite as that), run it on some art students' port with a sniffer.
Let them get "taken down" and pass the magic packet to those who write ipf and ipfw and pf.
Me? I'd assume that the admin just logs into their Switch and turns off your port.
"Any sufficiently advanced technology is indistinguishable from magic."
A.C.Clarke
perhaps this is just over the heads of student level knowledge of how networking works. Schools have certainly used that to advantage before.
Like its name says, the florida alligator is NOT run by students, or affiliated with the university in any way. It's an independent company that makes a living by selling its paper to students. That is the only respect in which it is a "student" paper, and the views found in the Alligator bear little or no resemblance to reality. They want people to read their paper, so they can sell your eyeballs to their advertisers, and that's it.
40 copyright violations a month is a pain in the ass to deal w/
BZZZZT!
There were not 40 copyright violations a month. In fact, you do not know whether there were any copyright violations at all.
There were 40 accusations of copyright violations.
That assumption that any and all P2P is systematically used to share non-free goods thta are meant to be purchased is preposterous. It's same the sort of assumption that associates Telnet/SSH with crackers and associates encryption with criminals. All of it is bull.
Software is not supposed to be about how to work around a useability issue. - Ken Barber
Considering that universities are heavily subsidised by federal and state dollars, and that most students pay heavily for the "privelege" of living in the dorms, this constitutes an invasion of privacy.
UofF has not only the right but the responsibility to ensure that their network resources are protected, not only from without but from within as well.
As the saying goes, your right to swing your fists ends at the tip of my nose. The rights of U of F do *not* supercede the rights of the students.
These are complicated times, but as citizens of a "Free" nation, we should not readily give up our rights for a little bit of perceived "safety." As a rule of thumb, no policy or action should interfere with the right of an individual in favor of the rights of a group.
But of course, that's probably just my continental libertarianism peeking through.
Microsoft is to software what Budweiser is to beer.
Yes, all my P2P traffic appears to originate from an open SOCKS proxy server in China.
I may have an abnormal amount of traffic on port 1080, but it's really some research for my thesis, I swear...
... recently needed to take in all the computers of students in the dorms.
This was a brute force governmental-style tactic. We didn't bother with network scanners or anything like that. But the purpose was expressly not to check for kazaa or morpheus or any kind of file sharing software. This wasn't a RIAA-sponsored move, or anything like that. WOU is far too small a university for the RIAA to really pay us that kind of attention.
No, we were just replacing the virus software with Norton corporate, making sure everyone had up to date versions so their computers couldn't be easily compromised. And upgrading windows. This was so the network wouldn't die. I like to think it kind of sent a message to the students. Sure, we used brute force, but we did it to help them, not to hinder them or enforce the regulations of some stupid private company.
I think that's the way government should work, it's just unfortunate that far too often, everything gets fubar, and people get out of control. Like the U of F. Too much power, they should learn how to control it properly within themselves.
One could argue that the school is only operating within the boundries of protecting ITS network from virii and lawsuits, it doesn't hurt that the students get protected from these as well. A little tough love never hurt anyone. We live in a technological rich world, some people have no idea what their machine is doing, maybe this will enlighten a few of them.
-EB
Do you ever walk alone like a drifter in the dark?
...is exactly what legitimate uses are being blocked by a rule like this?
C'mon, college students - tell us. I'm really, truly curious. What are the most compelling, legitimate uses of P2P software for you?
Use a non-WIndows operating system.
What's so bad about being lazy? What if there was a war and nobody showed up?
As an ISP, the university has a duty to provide fast, uncrippled access to students, who ARE paying for this service.
Universities aren't ISPs nor do they try to be. They are... Educational Institutions. Internet access is provided for educational purposes. I'm sure if you check the ToS they say that is why they are giving you the ethernet drop.
The fundamental problem here is that people are forgetting that P2P filesharing applications are a legitimate, important use of the resnet
How is a P2P filesharing app legitimate? It's copyright infringement 99% of the time. It's so they can grab music, porn, and movies off the internet.
It is no more acceptable to disable P2P access, much less suspend accounts, than it is to turn off HTTP or E-mail to save bandwidth.
The difference is HTTP and EMail aren't used to exploit others copyrights with huge files. You don't have a "right" to internet access, anyway. You have a right to whatever the University says you have. Nothing more than that. You connect to their network, you are their bitch.
Dacels Jewelers can't be trusted.
I haven't been able to find anything yet. I'd like to be able to see who is running kazaa/gnutella/etc on our local network so we can contact them before a higher up does. Is there any software that can do this easily?
"This is what happens when you try to fight the peer-to-peer revolution," said Jason Schultz, an attorney with the Electronic Frontier Foundation. "You either ban the technology completely or censor people's access to content."
When universities start to make decisions about what students can read, watch and listen to, they are changing the nature of student research and thought, Schultz said.
"It's essentially turning interactive computing into television. This has huge implications for academic freedom," he said.
Give me a break. Since when is P2P = student research and thought? That's sophistry.
Their stance on p2p makes me regret giving them money. Good thing they do other good deeds that compensate.
"...they are changing the nature of student research and thought, Schultz said."
'research and thought' at UoF...
Ahahahahahahahahahah!
Planet10, RealSoOn
Since P2P use is not a crime (whereas copyright violation is), it seems you should have to prove that a user was trading a copyrighted file before the P2P use becomes unacceptable.
Drugs like oxycontin and vicodin are massively abused, but we don't treat anyone who happens to hold a bottle of vicodin as a criminal. Lock picking equipment can certainly be used for all kinds of evil, but we don't ban that either. Drunk people cause many deaths every year yet we do not ban alcohol. I can walk into a BSDM shop and legally buy equipment to tie up another individual and torture them. None of these things are illegal, because in this country we have this concept of innocent until proven guilty. Just because a tool can be used to commit a crime does not mean that those who have that tool are criminals. This surely is idealism, yes, and it is very important idealism.
Perhaps a "realist" such as yourself would be happier in a more "realistic" country, such as Iran, where they don't have these pesky ideals.
I think you are avoiding the question because you actually don't believe in the idea that you should have to prove someone's guilt before treating them as guilty. All you have to do is answer the question...
But I'm tired of arguing with an AC.
You do it right, and this won't be a problem. You have to connect the router wrong, since most won't answer DHCP queries on the uplink port.
You won't actually be able to use the internet in this case, either, since the router will be unable to get an IP address for itself from the DHCP server.
Why would someone leave a router connected like that if it wasn't working when they turned it on? They'd fiddle with it until it worked, at which point no one would have any problems.
Mod me down and I will become more powerful than you can possibly imagine!
Wow, what a wonderous world we live in where students can recieve e-mail when their internet connection is hosed *goes wide eyed*
Doesn't seem that wonderous to me, but maybe I'm just getting old.
I can remember being on the Oregon State University campus, and being within 5 minutes walk from no less than 4 student computer labs, one of which was open 24-hours!
On top of that, when I worked in IT and we used to kill someone's dialup account (remember dialup?) if they were connecting with a terminal they would get a message to call us so the situation could be resolved. When the dorms were outfitted with network jacks, there were technical people living in each dorm to help coordinate this sort of situation, you could just walk upstairs/downstairs.
And if you weren't a total recluse, you could probably get onto one of your neighbor's computers to check your email...
"There are people who do not love their fellow human being, and I _hate_ people like that!" - Tom Lehrer
That's right, 40 accusations of copyright violations. In terms of actual violations, it was probably closer to 40,000 per month!
Stop by my site where I write about ERP systems & more
Well In my collage, some nut in a dorm crashed Sheridan entire network somehow by being a huge P2P hog. Find, but others in the school using the network trying to do work get screwed. So yes if you are RUNNING any P2P software, then sure kick them off the network.
Now say I do have p2p software on my laptop that I own, and take home. If the software is never run on the schools networks, just on home net, then there is no issue. The way this reads to me, I would be hit because I still have the software. So there are cases this is a little bit much. Personally in collage, I ran into this case, Only used schools networks for schoolwork (and some games, hey stress relief) and home ran a little p2p. So change it to RUNNING p2p then kicked off network.
almost every school does some form of this. Either they don't allow P2P at all, or they throttle bandwidth. The only difference is that UF has a nifty automated tool to do it. So if you pick another school based on this, you probably are going to be in the same boat.
As an employee of a college's tech support department, I have mixed feelings about the P2P blocking, but the virus blocking is great - especially with fun worms like Welchia and Blaster that spread superfast with no user action.
I have blog like everyone else
...richie - It is a good day to code.
I kind of think vpn tunnels are going to be the only solution to problems like this. Sure it's slower, but better than not at all.
The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
I seem to remember this being a big issue in law somewhere. It is a public institution receiving public funds, and therefore must abide by no internal rule that comes into conflict with federal law. (or something like that) - And crossing the line into the users machine, well, that certainly doesn't sound right. Don't you need a warrant for that?
I guess the question is, is this school public or private? If public, they could get paddled. Electronic Communications Privacy Act (ECPA1986) may actually have some value here. - Because they sure as hell can't squeeze this under the Patriot Act.
(all opinions of this humble correspondent should be presumed wrong until proven otherwise.) kulakovich
Where can I get this program? I want to run it at work! That will really piss off the users! hahahaha! (Evil BOFH laugh)
Obviously you didn't learn how to spell in collEge.
Choosing UF for its proximity to beaches is one of the silliest things I've ever heard.
Florida's public state university system is comprised of 10 universities and a college and the MAJORITY of them are closer to any beach than UF. FSU, FAMU, UWF, UNF, USF, NCF, FAU, FIU are all within a relatively close proximity to FL's beaches.
UF happens to be one of the most established and respected universities around. Except for FSU.
ObNole: I go to FSU.
"Use of Kazaa to transmit certain material *may* be a crime."
;-) They would have the strength of claiming rampant theft as the excuse for abortions like the DMCA!
Look - if a person is using Kazaa to transmit to others who haven't paid for it - that IS a crime. Whether you like the fact that it is illegal or not is irrelevant - it's still a crime.
Others have argued that the school needs to prove that you're committing a crime.
THAT is nonsense.
The school has the right to control how their network is used. PERIOD! Resnets are NOT the same thing as the DSL connection I have to my house. There is a completely different set of requirements and legalities that apply.
If I use Kazaa to commit a crime from my DSL line then the carrier isn't liable - I am. The student can't say the same thing - the Resnet provider is likely going to be held equally liable.
Let's draw some lines here. I hate the DMCA just as much as the next slashdotoid. However, I also tend to act responsibly and within the law. I think it should be legal for me to copy music onto another format for my own use. The same is true for movies or any other "entertainment."
That doesn't mean it is right for me to give that material to others who haven't paid for it.
Another way of looking at it - The P2P world and their tendancy to share music, etc. is why I have my rights being infringed by RIAA and MPAA! What you say? (Yeah I know Valenti thinks he won the betamax case...excluding that detail
So - if the resnet decides to crack down and they use a broad brush to fix the problem - the bad apples are the ones that caused the problem!
Have you compiled your kernel today??
I know there are a lot of naysayers who say that this action is rather Draconian, but I am inclined to disagree. It would be one thing if an ISP did this, but this is UF's private network we're talking about here. They should be permitted to operate it however they please.
I am sure that being a university, that high speed access to the 'Net was meant to be used as an academic tool, not for hosting warez and game servers. Universities also have big problems with security. The network admins have virtually no control over the systems that get put in the dorms, and all it takes is one Joe to download an email and infect the whole network with the latest baddie of the week.
Let me put it this way, if YOU were in charge of UF's network, would you be down with the kiddies sucking up 90% of your netfeed downloading warez, setting up servers, and exposing you to legal liability? I sure wouldn't, and Icarus sounds like a great tool to automatically track down open these people, whether their ports were opened intentionally or not.
-R
No offense meant, but I believe your tuition puts the college or university under contractual obligation to provide a service - until of course you pooch that service by being a jerk and get your access revoked for violation/abuse of your end of a user agreement.
But you can't call it a privledge, I don't think.
kulakovich
So I assume you wouldn't mind if an ISP which had a 100% monopoly on the local market regularly climbed into its customers computers and looked through their files, shutting down their connections if they found anything amiss?
That's what I thought.
What operating systems/machines does Icarus run? Will it work on my Sun Sparc machine running NetBSD?
now we need to go OSS in diesel cars
I'm curious - all articles on Icarus seem to mention that it's an open-source piece of software, and yet they're quoted as saying that they hope to keep the internal workings of the thing a secret so "hackers" don't figure out how it works. How do these two corrolate with each other? If it's really OS, then show us the source (under whatever license they so choose) and rely on the stregth of Icarus' logic to preserve the integrity of the system . If it's not OS, then stop marketing it as if it is.
Cue The Sun...
If a student changes the MAC they'd be completely off the network.
MACs at Arizona State are registered to students. So changing it requires contacting IT to get your connection running again. Unless you manage to steal someone else's mac that's already registered with the school.
I'd imagine Florida has a similar system. You can't just slap a computer on the network and be on-line.
Uni's aren't run by hacks. They know how to trace connections and simplistic "hacks" like yours have obviously been considered.
Ben
Work Safe Porn
When the less technically-inclined students unfamiliar with geek lingo start getting e-mails informing them they have trojans, I can only imagine what kind of responses the IT department will get.
Ergonomica Auctorita Illico!
So as far as I understand, if it detects that you have a trojan or virus, you get disconnected.
Moral issues aside of whether they should be running P2P software or not, doesn't this cause a problem for the person who now has a disconnected computer with a virus or trojan and can't go do his "auto-update" to get the latest virus defs?
Actually, they are looking inside the computers themselves, identifying files, viruses and apps.
Florida's current solution is much too invasive, and not very effective. Does the app run in Linux? Wine? Mac? Limiting operating system choices is a very bad thing for a university, especially for the computer science students who are trying to widen their experience.
It's also not effective. What's to stop someone from running the spyware in an emulator? Renaming their P2P programs?
The problem is that a university network has untrusted (in the security usage) clients. But it's not a problem: It's easy to tell who's running P2P programs, and who's infected, centrally. This is more effective and less limiting.
Litigious bastards
As I'm typing this in Linux, I can assure you that it works with alternative OS's. Just a simple firewall rule adjustment, and there's no problem. They even have instructions on setting up duplex and firewall settings on the DHNet webpage
And, like Icarus, the rocket foolishly soared too high, and lost control of its servo guidance mechanism, leaving us with some... six hours to live.
So, let's go live now to the charred remains of the only bridge out of town with Arnie Pie and Arnie in the Sky!
So why did they name this project Icarus again? Some clever IT worker is "fighting the power" perhaps with a subtly fiendish stab at the administration?
Or other, relatively low-bandwidth server applications - like a MUD, or a small 8user, private game server? These are relatively low bandwidth, especially the MUD example, and do not interfere with legit research access to the internet.
;)
You say they can't possibly be legit if they're running a server that would be caught by Icarus. Think of this:
-You're a student running a cvs tree off your box for an open source project. You get shut down because of the ports being used.
-You're a student writing some kind of server application for a computer science degree. You decide that it works well enough to run it on your own box so you can more easily monitor it. You get bumped off the 'net for doing research.
-You set up a private Natural Selection server and only give the password to people on campus. While this isn't "legit" like the other two examples, it does not use the external bandwidth of the university - only the internal LAN bandwidth. They pay for the hardware to accomplish this, not the bandwidth used like an external connection. While it's not "legit" per se, it really isn't that harmful either.
-You decide to run SSH on your box in your dorm room, so you can access files and applications on your personal computer from anywhere on the university, with your ssh client diskette. Even though I commute to college, I use this method to truck files back and forth to class without the headache of an ftp server or using an external storage space, like a web server. Not to mention, it's faster than uploading it to a web server.
All of these are actions which would result in your network rights revoked at this university. While it fixes one problem, it creates many, many more. It's not viable, and I'm just glad I didn't decide to transfer to Florida
nice story. What you neglect to mention is that in the case of the U of F, they are actually looking INSIDE the computers on their network to identify apps and files.
So while network shaping sounds good, privacy invasion does not.
It's pretty easy to tell the sniffer is being blocked. In which case your connection is killed.
Ben
Work Safe Porn
UF has a grassroots wireless network that I am told will be awesome in another year. The Icarus progam isn't supposed to run on it, so that's awesome. I hope people don't abuse it though, I'll be going to UF in another 2 years..
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14
Our offices are about a mile away from UF. We chose this area because of the University, among other reasons.
When SoBig hit, we saw a lot of bounces in our mail queue, all originating from one UF IP. I called their tech support, and they took care of the problem. That was over a month ago, and since then they changed some of their policies regarding P2P. It was school funds (taxpayer money) that had to pay for the cleanup, not only of that one box but the entire system. UF isn't just in Gainesville, it has branches across northern Florida, and all of that had to be cleaned up.
UF has a private network, and I would imagine that they have provisions for legitimate research projects that would include file sharing applications. I'm just glad they cleaned up their systems when SoBig hit. At its peak I saw over 400 emails an hour bounced, with the majority coming from the UF systems.
Pete Carr Owner Chatmag.com
What a bunch of asshats. These people are blocking IRC and kicking people off of it. I'm sorry, but if I got punted from my school's network for chatting on IRC -- something that uses like 1k of bandwidth every 10 minutes or so -- I'd be telling them some creative uses for Cat5 and their spinchter.
LRP makes a resurgent comeback, with a particular thrust from University and College students, aiming to block intrusions from Port Scanners.....
We're like rats, in some experiment! -- George Costanza
What about computer science students who have legitimate assignments writing TCP or UDP servers. That is a very reasonable (and common) assignment for an intro to networking class?
Can you go after the University when they cut out you internet access for doing your assignments? Or can you refuse to do your homework because your professor has assigned something that breaks school rules?
Alternative to completly restricting all server trafic, wouldn't it be possible to fingerprint the protocols that you don't want and only scan for those?
This whole thing just seems way to far reaching...
AUP Policy
On page 3...
Don't most modern operating systems include at least basic firewalling functionality?
Last time I checked... my network, my terms. No excuses, no exceptions. I don't allow people who visit my building to join their typhoid-mary laptops to my network, ever. I don't allow our employees who bring their typhoid-mary laptops to join my network, ever. If the box is out of my control, its hostile. Period. (Welcome to Windows, btw...)
A college LAN is different, why... exactly... the school is accountable for the network, and therefore must have authority over it. OTOH, with a student who has no accountability for its use, HOW can they have any authority over how it's used? Would YOU accept being on the wrong end of that relationship? With someone else using your stuff? And you're responsible for the results?
Problem is... students have full authority, and it's pretty much unchecked. So, FL is implementing a measure of accountability. Yep, real far-fetched.
And sure, a few knee-jerks will say that the students pay for the school, and that money allows the network to exist, so it's theirs.
And god bless 'em. Here, we've got a couple hundred thousand people per year who cause our income, so the next time you walk into a business... just sit down at a keyboard, and start typing. See how far your "I paid for this" argument gets you in court. No, really... see if they buy it.
help me i've cloned myself and can't remember which one I am
I disagree with scanning people's PCs.
However, P2P sharing is the *worst* thing your network can be beset with. The leeches hog incredible amounts of bandwidth. Kazaa et al. are also very network hostile with measures to get around a sysadmin's attempt to shape traffic.
It takes more and more admin time just blocking malware and P2P music sharing. The university network is there primarily for academic purposes, not wholesale music piracy.
It's a frigging nightmare. If I were a University admin, my goal would be to not block ports or traffic because I want proper end-to-end connectivity. But then you get the cancer that is Kazaa which actively tries to evade your attempts at sharing traffic. The only route left for the admin is a strict anti-music sharing policy. If only the leeches could control themselves instead of getting not only their mouths in the trough, but their front trotters too, it wouldn't be such a big deal. But of course, they show no restraint.
If I were a university admin, I'd make it very plain what the policy is when students get their connection. The policy would be no music sharing, no spam, no malware (if you want to share legitimate music, then you either put it on the music department's website or rent your own server). Anyone caught sharing music otherwise would have their account locked and would have to come to me for a bollocking. Three offences and it'd be disciplinary action.
Oolite: Elite-like game. For Mac, Linux and Windows
A better solution is to use something like Bandwidth Arbitrator to throttle back the network bandwidth that is available to users that are abusing resources.
What I find absolutely amazing though, is that after reading slashdot posters calling time and time again for net admins to cut off virally / worm infected computers from the net, I haven't seen a single post saying "You go U of FL! Thanks for trying to curb the propagation of malicious programs!"
The main thing is the number of people who do it. If you have cable or DSL, the odds are really good that not everyone else in your neighboorhood is doing P2P. But at a college campus, nearly every kid is doing P2P. That's the rate of incidence that creates a problem. Those who really dislike it can move off campus. Plus, notice how it's really bad at the beginning of a year - all the freshmen are used to doing P2P at home with no problem.
Schnapple
monitor network scan patterns, forge some IP packets, shouldn't be too difficult..
Maybe just spoof key router's IPs to have it shut down whole networks... If they were dumb enough not to include whitelist functionality, then one might even manage to have it cut off its own router... sort of like those looney tunes with the character cutting the branch right out from under itself.If they (UoF) want to engineer a technical solution to a social problem I would point them to the nazis and warn them that their popularity may falter somewhat.
Historically the college campus has been the bastion of liberal mindsets. A mindset which is stereotypically supportive of relinquishing personal rights in favor of collective support.
(Translation: collective support = big brother).
Consider this learning venture to be "socio-economic repercussions 101" - when personal control is relinquished, culpability reassigned and/or positions of responsibility abdicated in favor of the security offered by those in authority we may find that those decisions created for the control and oversight of all are not as digestible as those which prompted us to adopt the mindset in the first place.
For those requiring a simpler explanation: The fox makes a great guardian for the henhouse - it just sucks when he starts eating the chickens you asked him to protect...
Hey, theres some really good points there. Well, in my neighborhood, odds are I'm the only one on DSL... I was very blessed to get it here. Yeah, dorms are mostly freshmen too. I appreciate your comments, but at the same time, I'm thinking more about the zinger I put at the end of my post. If p2p is banned on the dorm network, it might really shoot up in the wireless lan. I don't actually know if the wireless lan has a internet backbone or not though.
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14
Or, do they force you to run win on your computers you connect to the dorm's network..and have you install icarus software on your system?
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
Other than changing schools, a savy user should set up a linux router and keep their P2P machine behind it. This should be the rule for anyone, at any university, that wants a little privacy and a whole lot of security.
I for one applaud U Florida's decision to move
ahead with this. After all, it is their
network which is being used to commit these crimes.
However I must admit to being disappointed at
the limited scope of their action. U Florida
still allows students to use its phone
system to plan criminal activities. Students can
freely board the campus shuttle, using it to
transport contraband. And the privacy provided
by the University's bathroom stalls is an open
invitation for illegal drug use.
Until UF begins monitoring all phone conversations,
strip searches anyone boarding a bus, and mounts
surveillence cameras in all of the toilets, their
facilities will continue to be used for criminal
activities and the university, by association,
will be responsible for all that occurs.
-deane
The program, dubbed 'Icarus' not only detects P2P applications but viruses, worms, and other trojans. If a P2P application is found then an e-mail is sent to the user, a message is popped up on their screen, and their internet connection is disconnected. So they are going to turn off my firewall, turn on ssh, then echo "BUSTED!" > /dev/pts/2 just for running bittorent? Sounds like they have too much time on their hands.
(is there a -1 mod for gross-generalizations? )
It's never going to fly anyway.
OK, that was bad, I admit.
It's their network. They get to make the rules. They get to enforce the rules.
If some kid doesn't like that, seems to me he can use another network (like, just maybe, a local ISP) or hire a lawyer and sue the school.
Or, just move out of the dorm.
Condos and apartments also have rules. Why should students be expected to be treated differently.
And please don't whine at me about all those poor, poor students who can't afford to move out of a dorm or even pay a local ISP. Shoulda read those rules before moving in.
Ditto for the "but they need the Internet to further their education" whine. These guys aren't using p2p to download Plato.
-- Slashdot: When Public Access TV Says "No"
The Alligator is free. They don't make their living selling it to students--they make it through advertising.
Working for an IT dept at a University, I can see why this is a necessary step. --maybe not this particular implementation, but there needs to be some management of network resources.
1. The University owns the bandwidth--it's their decision on what constitutes authorized use. Period. You can complain, but there's an appropriate use policy.
2. The academic mission does not include providing portals for illegal downloading--they're accountable to the law--like or not, it's not free to download MP3s, or other copyrighted materials. It's not legal. Bitch. Moan. Whatever, it's the law and "due dilligence" is required by the University to keep it from liability by the rabid dog lawyers of the RIAA, etc.
3. All of our efforts to stop worms and viruses from getting through our border were comprimised when "promiscuous" machines were moved in and plugged into the network effectively spreading their disease to the yet unpatched and causing massive network saturation.
Call me a Nazi, but I think it's a GOOD idea to run a tight ship on PUBLICLY owned network. It's still not as stringent as the large corporations.
Don't give me that free speech BS. If this were an ISP, this would be an infringement, but this is a public university which reserves the right to set policies. When these things go unchecked and Lusers keep spraying the network with worms, portscans, hacks/cracks, and copyrighted materials being shared, you've got to blow the whistle before the lawyers come down on you and what little money you have for IT begins to get sucked away.
We IT folks at universities are underpaid and over-worked. It's a good thing to draw a line.
All this sounds a bit draconian, but you have NO idea what a mess it is with zillions of users saturating the bandwidth with Kazaa and worm packets. It affects everyone.
If you don't get it, well...you don't. Your idealism is blinding you from reality.
1)UF has instituted a ban on any and all file sharing, regardless of intent or content.
2)UF is scanning students' private computers to look for violations.
Slashdot reaction: No problem; these damn kids are just downloading music and pr0n anyway. (And, they'll be competing with us for tech jobs once they graduate, so three cheers for them getting hosed!)
[rant] Excuse me? Is this the same place that collectively does the wave when the RIAA comes up against any sort of opposition? The same place that actively discussed hacking Sen. Orrin Hatch's website when he advocated developing spyware, and remotely destroying the computer of anyone caught with copyrighted files? Did my DSL open up a wormhole, and somehow I've managed to log onto the Bizarro World's .\ ?? [/rant]
*regains composure* Yes, I'm certain that college dorms are hotbeds for distributing copyrighted MP3s. So is off-campus housing. The fact is, there are many legitimate uses for P2P. The person trying to obtain public domain photographs for a history research project is tarred with the same brush as those trying to download the collected works of Britney Spears. Someone sending a friend a shareware MP3 (provided by the band for the purpose of downloading) suffers the same penalty as someone looking for warez. Since FU has gone after IRC, I suppose that the next target will be ICQ, since both allow for file sharing; if you prefer using an IM service besides AIM, tough luck, kid. But we can't take the risk of you doing anything illegal.
True, bandwidth is not free. Handing the worst offenders a bill for their usage would provide an immensely powerful real-world lesson. Big Brother tactics, however, are not the solution. And to see /. endorsing such things leaves a sour taste in my mouth. Believe it or not, this is not an attempt to flame or troll. I just find it incredibly baffling that this policy is drawing large numbers of cheers from the same crowd that roundly condemns other attempts to infringe upon personal privacy.
Doing my level best to piss off the religious right wing...
Schools have a right to control their networks, not my computer. Why not control bandwith usage rather than the applications; if the applications are sucking down bandwith like a diner at an all-you-can-eat spaghetti dinner, pull the plug. It should be easy to do and require no intrusion into my computer. People with specialized needs for bandwidth can get specific dispensation. The fact that there is a less intrusive alternative (and probably more effective) measure to control bandwidth hogs and that the school has chosen instead a highly intrusive one implies that the intrusion is part of the purpose. So, in addition to paying through the nose for school (tuition increases in OH are double digit % of tuition) I also agree to give away my rights for search and seizure. Wow. What a deal. I get to give away rights to unelected unaccountable administrators so that I can live in cramped dorms. Sounds like Microsoft's EULA.
The RIAA didn't need the pretense of "file sharing" to enforce Draconian DRM - they wanted the ability to rewrite copyright law without the pretense of buying politicians. Again, choosing the most controlling method to do something rather than the least means that the control is part of the desired outcome. Going after people infringing copyright might help, but the people doing much of the copying (and profiting from it) are in places that couldn't care less what the RIAA or their labels think. Killing the housecats to scare the tigers doesn't do a whole lot. If it can be heard, it can be ripped - that is the lesson the RIAA hasn't learned. The methods you claim are motivated by file sharing to prevent copyright infringement won't prevent this. Even if the ends did justify the means, the means won't achieve the desired ends, and so I am giving away my freedom for no one's profit except the school. The school now has the ability to take away even more of my rights later for whatever else they see fit, and probably with methods no more effective than this.
Finally, your cause and effect reasoning is more than a little flawed. If winter robberies are occuring where the robbers wear ski jackets, by your logic, the police could arrest and shoot people in ski jackets and say, "It's the robbers' fault." Actually, it's not. If you choose an onerous and intrusive method to pursue a goal in the presence of less intrusive methods, either you intend to intrude (in which case you deserve the bile you are going to get) or you didn't care (in which case, you deserve the bile you are going to get).
By choosing this route, UF is teaching its students a very important lesson : in life, the Golden Rule is "he who has the gold makes the rules". I'm sure the students will remember this when their time comes around. Hope you don't expect much privacy in your retirement village/assisted living facility.
If they block P2P sharing, how else am I going to be able to download hot young co-eds in shower.mpg? Someone is out there with a web cam living the life us guys wish for, it's his right, no DUTY to share with those less fortunate than himself.
---
Lousy rotten karmic retribution.
There's a gator on my hard drive. He's scannin' my files.
Wansu, th' chinese sailor
At my school (Stetson University...also in FL) they monitor you internet usage and send you an email of you visit to many porn sites. I never thought I would be glad to have not made the grades to get into UF...
It didn't mention it in the story, but I think that it would be logical to assume that linux clients would get cut off from the network because ICARUS probably doesn't come in a flavor that scans linux file systems. So besides robbing users of using p2p for legitmate purposes the system also prevents them from using a free operating system? Am I missing something here?
In linux libertas
School must protect it's systems from viruses and trojans. Also, must protect itself from lawsuits from the RIAA. I'm sure the contract these students signed when they enrolled spelled this all out.
Blar.
There are, as you know, still, many ways to do P2P, such as using a VPN to an outside server or ssh tunneling. The fact that you've just blown the real method of discovering the P2P and that is by way of bandwidth, means that those who want to do P2P simply have to reduce the amount of P2P they are doing to amounts that equate to "normal" net use, whatever that may be. A good way to find what that may be, would be to experiment by raising the bandwidth until it hits your app's limit and gets a first warning, upon which you could reduce the bandwidth again.
to all the tards who claim its the schools bandwith. the students are footing the bill directly for a connection. the schools in turn should be acting as an ISP does..
... or some other application that takes up a lot of bandwith but it perfectly legit...
people who say go find another provider should shut their pie holes. Most college people i know are pretty damn poor, and i cant see them being able to justify spending even 15 a month for a SECOND internet connection.
if they gave the ports those utilities use a very low QOS, that in my eyes would be acceptable.
there is a ton that can be done with traffic shaping to alleviate the problem of a certain app or virus whoring all of the bandwith...RED, givign packets a certain QOS, etc. Those admins are tards if they figure out how to implement RED and QOS on problem ports.
they outlaw one program.... then who's to stop them from outlawing another one that they just dont like people using
Troll, Troll, go away and flame again some other day
> Just wait until you have your first First Amendment case. I assume UofF is a part of the State of Florida. They are bound by free speech rights.
And, presumably, the university is more than willing to allow students to exercise those rights on their own dime. That you're permitted to speak your mind does NOT mean you're permitted to make someone else pay for it.
Besides, no judge in the world will believe "but I wanna download the new Britney video!!!!" is a matter of free speech.
" If a P2P application is found then an e-mail is sent to the user, a message is popped up on their screen, and their internet connection is disconnected."
So, send and email and then disconnect them to make sure that they can't read it?
-Tim Louden
I worked at Stanford over the summer in an IS dept, where their centralized "ITSS" NOC dept. disconnected every machine via scans every two hours and switch rules that did not apply the MS03-039 patch before an arbitrary date, which created an unnecessary and artifical emergency in our dept. Stanford is definitely run like a non-profit, the people there dont really know what they're doing. There's no firewalls anywhere and everyone's machine is a public IP, so anyone can host an FTP warez site. Most every machine at Stanford is a Mac OS 9.x or Windows 2000 Pro, and a few OS X's and XP machines. Additionally, many other universities do not have firewalls, including UC Davis. I believe that MIT has most of their student's machines firewalled.
But, in support of UF's position, schools have cover-their-asses when it comes to I.P. and P2P issues since their big corporate donors can threaten to withhold funding. Also, it is almost ethically justifiable to block P2P, since the only few legitimate uses are (but not limited to) finding patches and sharing public-domain works. But, if colleges start blocking certain sites, then the line between protectionism and censorship begins to blurr. If these schools would firewall
The biggest trick the devil pulled was letting lawyers become politicians so they can write the laws.
...you happen to be running one of them intrusion detection systems that keep all those "interesting" ports open to see who might try to connect there. I guess u can forget about that in that dorm...
If a train station is a place where a train stops, what's a workstation?
That's not always possible, depending on the level of traffic. We tried it here at [an Ivy League University], and our Packeteers couldn't handle the load.
Also, UF's policy doesn't seem too unreasonable to me. I just spent the afternoon tracking down a trojan that is letting spammers use three student machines in our residential network to offer penis enlargement, and in the process, returning so many bounces that our postmaster server (that's right, we have a server just sorting mail to postmaster) has been killed a few times this week. On the order of 10,000 bounces per hour...lots of fun.
In any case, Windows vulnerabilities are causing more and more troubles for everyone on our network. We're already moving to port-scanning, but aren't knocking users offline--yet. People pay for network service, and when they sign up, they agree to an AUP/TOS, so there's nothing illegal or privacy-invading about it. Users can get RoadRunner if they don't like our TOS.
Technically, couldn't someone check what services are running on my PC right now without violating my rights legally.
Can I not say that checking for P2P is just like entering my IP into a web browser to see if there is an HHTP daemon on my machine? Finally, couldn't you install a software firewall to make sure the machine can't be "scanned?"
Someone, please fill me in here.
Wh47 d1d j00 541, 31337 15n't t3h r0xor5 ne m0r3???
Want to hear a legitimate use for P2P?
;)
An assignment a music appreciation professor (yes a professor) gave his students.
He asked each and every one of us to find at least 3 indie bands, name the song we liked, why we liked it, and how the band came to your attention.
Not one single person in that class completed the assignment without using a p2p app...the prof even suggested it at more than one point.
The sad part about it was several locals didn't get mentioned at all...and the even sader was the girl who went on and on and on about this band until someone pointed out it was Metallica
UofF IT: Let's build a killer VB app that automagically disconnects connections based on bandwidth usage and port scans! It will be new and exciting and make us look leet.
Competent IT: We already have several options available to curb p2p abuse and prevent viral infection, used widely throughout the industry with great effectiveness while keeping end users happy.
I realize I don't know the whole story, so I can't say this wasn't their only option with any certainty, EXCEPT for this..
Disconnecting the user is ridiculous. The punishment doesn't come close to fitting the crime, actual copyright infringement not withstanding. In the real world, where companies don't have the luxury of giving a big "FUCK YOU BITCH!" to our customers, bandwidth abusers are capped, not severed from the network. Keep the policy but change the rules to
1. The first time a notice will come up to cease
and desist.
2. Second time bandwidth is capped at 28800bps. Let them live with old modem speeds for a few days, and see what life will be like.
3. Third and final infraction: Bandiwdth permanently capped at 28.8. If they want a greater level of service they can either pay for it, or find another service provider.
This seriously smells like a case of too much self importance of the IT staff. This can (and quite possible should) be maintained and managed away from the application layer.
Or maybe Icarus is just some super duper app that we'll all be switching over to windows to run on our corporate networks, because it is just that badass.
Everyone is entitled to their own opinion. It's just that yours is stupid.
All I know about the subject is that I couldn't get Slackware 9.1 isos until some of the mirrors got them up, about a week after the torrent because available.
Bittorrent appears to be the savior of the slashdotted oss project...
at my school they have this thing called a packet shaper and it has killed most every form of file sharing on the network, except irc :)
lose != loose
I was a CS major in college. Many of my projects involved socket programming, some of which were Client-Server, others were P2P. This would really suck if the CS guys suddenly started getting their connectivity shut off because their class project was mistakenly identified as something else.
I don't agree with their method, but I do think that the school network admins have the right to try and erradicate their network of worms. When I returned this year for school, the network was completely unusable because of so many worms circulating. Now they've started revoking peoples' internet priveleges just for having worms. I say, good for them, why should I suffer because somebody has a Windoze box that they didn't patch, or were too lazy to install a virus scanner, especially when the school has a coorporate license for Norton Anti Virus?
--
Adobe's anti-counterfeiting softw
Where I went to college there were about 10-15 people running so much bandwidth that they began regulating times that all students could use the comps. Privacy violation sounds extreme and probably unconstitutional since UF is a government-owned institution that mandates certain people live on campus. I propose the following as alternate solutions:
1) check total size of all files transfered in a given period on a port-by-port basis. Anyone breaching a limit (say, 1GB/week as an example) pays for additional bandwidth at a specified rate (say, $5/extra GB/week). Anyone doing legitimate reserach could appeal to a committee/get special permission or designate a lab to run these programs from.
2) If research and campus business is being disturbed, restrict student internet access between 9am and 5pm in all dorms, allowing them to access only University websites. Most research I ever needed was done on-campus, and if people need to they can wait until businesss hours are closed to go off campus. This would be a temporary fix but it gives the professors and bureaucrats an out and prevents them from complaining more than they do now.
3) Notify incoming freshmen that the university reserves the right to observe what files are being uploaded/downloaded from their computers. Anyone caught trading music, porn, etc. will be asked to verify that they own a copy of the files being traded with an initially stern in-house warning then reference to the local police authorities as punishment. This is extreme, but most of the bandwidth hogs are trading illegal copies of movies/porn/music anyway.
4) Note the top 50 people using bandwidth and publish their picture in the school newspaper. Enterprising students can deal with the individuals in legal means as they feel appropriate.
Finger-pointing is easy, but does anyone else have potential solutions/thoughts on how to solve this problem?
As long as there is a Second Amendment, there will always be a First Amendment.
Wow, you don't understand anything about Open Source at all, do you.
- In Capitalist America, law violates YOU!
I am the architect of ICARUS, and I felt a need to address some of the overall comments in this thread as I have watched them develop.
;).
0. Downloading large files, etc. will never trigger ICARUS. This is not a simple matching system, by any means.
1. ICARUS is not some magic bullet super scanner. We use, and promote all open source tools, open source operating systems and free speech. We do not install a client package, we do not "hack" systems and we do not look at files, process tables, etc. on the client systems.
2. ICARUS is a system for integrating a vast array of tools together, making complex policy decisions based on data collection, and then taking complex actions. Yes, it can stop P2P apps in a wide variety of ways. It can do a lot of things regarding management. In that regard, it's not focused at all, it's something you use to manage everything around you. For example, you say you want to determine who has patched themselves against some certain vulnerability? Then select the appropriate methods for collecting the data you need, and decide what actions you want to take. Actions are limited by...perl.
3. "You are responsible for considering the moral implications of what you create, and how it is used"
I simply can't believe this statement. We DID consider the implications of it. Extensively. In fact, my co developer and I wrestle with it all the time. Vastly more good comes from what we are creating than bad. ICARUS is a policy enforcement tool...that can encompass a number of things. It is the policy of the University to prohibit illegal activity on their network. We are simply able to enforce it.
4. Florida Sunshine Law: Actually, this is explicitly covered as a mechanism of security policy enforcement. There is no legal access under this law to source code or anything else.
5. We will likely be making this a public open-source project in the spring. We intend to offer it free of charge, although the licensing itself has not been determined (likely GPL).
6. The individual claiming to know how it was written (re: VB, subpoened database, etc.), fabricated every part of that post. Only a tiny handful of people have seen the source code or been involved in a discussion about its internals.
Calm down, folks. Some day, you'll probably want to use it for something, I promise
Take care,
Rob
The more technically savvy students could probably bypass these measures. For example suppose that the tech savvy student (he is an engineering major ;) runs PuTTY to SSH to a host outside of the campus network which has a cable/DSL connection available. Then he runs Kaaza or whatever file sharing application he likes via the remote desktop or x-windows session and transfers the files to his dorm machine using ftp and everything is tunneled through the SSH session. Finally, the student runs a firewall on his PC in the dorm so that his drive cannot be remotely 'scanned' and the only thing visible to the outside world is an SSH session running on port 22. There are even P2P apps out right now (Earth Station Five) which have integrated SSH support so as to maintain the privacy of their users (excellent). The point is that file sharing is a social problem and social problems cannot be solved exclusively through the use of technological measures. The only purpose this serves is to instigate a technological arms race between the students/P2P providers and the copyright holders/universities.
Just set up a script to run lynx and dump the results to /dev/null. Have it sleep for a minute or two. Rinse. Repeat.
The system sees port 80 traffic and you can bump the hit counter on something like the schools own home page.
How is a P2P filesharing app legitimate? It's copyright infringement 99% of the time. It's so they can grab music, porn, and movies off the internet.
So what? Until that figure is 100% rather than 99%, it is still wrong to assume all P2P users are copyright violators and treat them accordingly.
Don't label something "offtopic" unless you know the topic well enough to tell what's on topic.
I am the architect of ICARUS, and I felt a need to address some of the overall comments in this thread as I have watched them develop.
;).
0. Downloading large files, etc. will never trigger ICARUS. This is not a simple matching system, by any means.
1. ICARUS is not some magic bullet super scanner. We use, and promote all open source tools, open source operating systems and free speech. We do not install a client package, we do not "hack" systems and we do not look at files, process tables, etc. on the client systems.
2. ICARUS is a system for integrating a vast array of tools together, making complex policy decisions based on data collection, and then taking complex actions. Yes, it can stop P2P apps in a wide variety of ways. It can do a lot of things regarding management. In that regard, it's not focused at all, it's something you use to manage everything around you. For example, you say you want to determine who has patched themselves against some certain vulnerability? Then select the appropriate methods for collecting the data you need, and decide what actions you want to take. Actions are limited by...perl.
3. "You are responsible for considering the moral implications of what you create, and how it is used"
I simply can't believe this statement. We DID consider the implications of it. Extensively. In fact, my co developer and I wrestle with it all the time. Vastly more good comes from what we are creating than bad. ICARUS is a policy enforcement tool...that can encompass a number of things. It is the policy of the University to prohibit illegal activity on their network. We are simply able to enforce it.
4. Florida Sunshine Law: Actually, this is explicitly covered as a mechanism of security policy enforcement. There is no legal access under this law to source code or anything else.
5. We will likely be making this a public open-source project in the spring. We intend to offer it free of charge, although the licensing itself has not been determined (likely GPL).
6. The individual claiming to know how it was written (re: VB, subpoened database, etc.), fabricated every part of that post. Only a tiny handful of people have seen the source code or been involved in a discussion about its internals.
7. We don't terminate user access, we restrict them to campus-only access. Termination is an temporary action in last resort cases with multiple violations.
Calm down, folks. Some day, you'll probably want to use it for something, I promise
Take care,
Rob
prove it. That's a student's word (a student possibly violating every copyright / DMCA law at that) against university staff's word. I work at a college. Even if the student is 100% telling the truth, it will likely be regarded as a lie (at least at any college I've been to).
Geek used to be a four letter word. Now it's a six-figure one.
Universities aren't ISPs nor do they try to be.
A university offering resnet access is legally an ISP, which is the way they want it. Furthermore, students are paying for their Internet access when they pay for their dorms.
How is a P2P filesharing app legitimate? It's copyright infringement 99% of the time. It's so they can grab music, porn, and movies off the internet.
P2P filesharing programs are tools, just like HTTP and E-mail. The fact that they CAN be used to commit illegal activities does not make it okay to block them. Usenet, anyone?
The difference is HTTP and EMail aren't used to exploit others copyrights with huge files. You don't have a "right" to internet access, anyway. You have a right to whatever the University says you have. Nothing more than that. You connect to their network, you are their bitch.
Bullshit. HTTP and E-mail can generate huge traffic loads, just like P2P. And yes, I DO have a right to Internet access. As a tenant of university housing, I have a contract guaranteeing me certain utilities in exchange for the large amount of money I'm plunking down. If the university wants to break this contract, they will begin refunding an appropriate portion of my payment. Landlord/tenant law applies here (to a varying degree depending on your state).
So what? Until that figure is 100% rather than 99%, it is still wrong to assume all P2P users are copyright violators and treat them accordingly.
So you are saying that because 99% of the people on P2P are fucking over the bandwidth of the university, we should let them do that because 1% of the people on P2P have a valid reason to use it?
Instead of using other systems of distribution?
Right.
Dacels Jewelers can't be trusted.
A university offering resnet access is legally an ISP, which is the way they want it. Furthermore, students are paying for their Internet access when they pay for their dorms.
When did anybody promise or guarantee that an ISP allows unrestricted access against the terms of service?
HTTP and E-mail can generate huge traffic loads, just like P2P. And yes, I DO have a right to Internet access.
A right is something you can get on your own, assuming another person doesn't stop you. You can't get internet access on your own. It is granted to you. As a privledge. And no, HTTP and EMail doesn't generate a tenth of what P2P traffic generates.
If the university wants to break this contract, they will begin refunding an appropriate portion of my payment. Landlord/tenant law applies here (to a varying degree depending on your state).
Why don't you read the terms of service for your internet connection? Is your contract guaranteeing you unfiltered internet access? Have you actually read the contracts?
It's painfully clear that you are still a student and don't understand how the real world business works of running an ISP, datacenter, or bandwidth arbitration.
You aren't entitled to shit. You are given what they decide to give you. Until you own it, that's what you deal with. I doubt you will ever own an internet providor anyway, so just get used to taking what other people give you.
Dacels Jewelers can't be trusted.
This article has only served to remind me what an old fart I am. How many people out there are posting that this is invasive and looking at the contents of students drives? How many of those posting such messages actually understand how this works?
I re-read the article thinking that I missed something, and then I re-read the editorial. Nope didn't miss a thing.
Folks, viruses and P2P apps open ports on your computer. Those ports do things. Well known things. Any network admin worth their salary can tell you what your box is doing just by watching the traffic coming from and going to your computer, and don't get me started on active port scanning.
The University can do all of this without ever acessing the contents of the students hard drive. You want complete privacy? Unplug your network connection.
So Students can't play games any more. Cry me a river. For $100 bucks they can buy a switch, some patch cables and throw a lan party (which would be more fun anyway). So you feel that you're stuck in an ISP monopoly that is so unfair? Cry me a river. Get a dial up ISP if you have to get your fix. In the real world we don't always have a high speed ISP option either. Got a CS project? Then justify your use. OSS project? Host it off campus.
There are rules. You learn to play by the ones you have to, and to work around the ones you have to. Stop complaining and get to work damnit.
"The avalanch has already started, it is too late for the pebbles to vote." -Kosh
I'm a user of DHnet and I use Gentoo Linux with a vanilla 2.4.22-ac4 kernel. They under no circumstances exploit a users computer to examine the file system or processes. If you have a server or a worm that inappropriately uses the network then they will isolate and restrict you.
Wow, you sure are hostile for someone defending the rights of an entity with substandard infrastructure to defraud its paying customers.
A right is something you can get on your own, assuming another person doesn't stop you. You can't get internet access on your own. It is granted to you. As a privledge. And no, HTTP and EMail doesn't generate a tenth of what P2P traffic generates.
Priviledge my ass. It is something I've paid for, thus something owed to me by the terms of the contract. And why don't you ask the sites linked to by Slashdot about how much bandwidth HTTP uses? Anyway, P2P services are legitimate uses of bandwidth, thus it is unacceptable to block them no matter how much bandwidth they're using. Let me remind you, if the STUDENTS, the people PAYING FOR THE INTERNET ACCESS are consuming all the available bandwidth, then the university in question must BUY MORE. Period. You'll note that I'm not making unrealistic demands that a university magically create more bandwidth for free, I am simply requiring that they fullfil their obligation and provide the service that they are being paid for, charging more if necessary.
Why don't you read the terms of service for your internet connection? Is your contract guaranteeing you unfiltered internet access? Have you actually read the contracts?
Of course I have. As long as I do not commit illegal activities or suck down an extraordinarily huge amount of bandwidth, I'm in the clear. Furthermore, it says INTERNET access. Not WWW. Not E-mail. INTERNET. If an Internet application doesn't work because of their network misconfiguration, then I am not recieving the service that I am guaranteed.
It's painfully clear that you are still a student and don't understand how the real world business works of running an ISP, datacenter, or bandwidth arbitration.
Coming from someone who is obviously incapable of comprehending the simple concepts of providing adequate bandwidth and service to users, this comment is very amusing.
You aren't entitled to shit. You are given what they decide to give you. Until you own it, that's what you deal with. I doubt you will ever own an internet providor anyway, so just get used to taking what other people give you.
I am entitled to what the contract guarantees me. As the contract guarantees me working Internet access, I WILL recieve this, or I will be paid off. Failing this, the university will pay far more for legal fees in a contract dispute that I will inevitably win.
Once again only the stupid get caught. It took a real Republican to think up that bright idea.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
Maybe I'm just not easily frightened, but "stop p2p leeches from sucking up all the bandwidth and making the network unusable for everyone" fails to terrify me. Sorry.
Ok, but why not just cap bandwidth and be done with it?
Scanning PCs (which from the article appears to mean scanning for content, not just port scaning) goes furthr than needed, and opens the door to arbitrary and unchecked abuses.
Opinions on the Twiddler2 hand-held keyboard?
Your list of abuses is pretty good, but you missed a major hole in this setup. If the Icarus software is scanning the PCs, then by default it is scanning all the files in the PCs.
Let's say that John down the hall decides to "get even" with you for something? He sends you an MP3 file to your e-mail. Even a short one. After your machine is taken down and comes back online, he does it again. The third time, you are diconnected permenantly. Yet, you never did anything.
By storing the MP3 on a CD and only putting it online long enough to mail it, John is pretty immune from getting scanned himself. Send the file after you go to sleep, and he has 8 hours for it to be scanned before you wake up and find it.
Seems kinda like a poor choice for the name.. Icarus? Seems to me like it's going to crash and burn! heh...
in girum imus nocte et consumimur igni
In my experience, running a P2P program is neither equivalent to running a file server on your computer (unless it's configured in a particularly odd way) nor necessitates sharing illegal content for which the user does not hold the copyright. Furthermore, on high-visibility, high-bandwidth networks such as a major university's LAN, isn't it possible that machines may get infected by some novel virus/worm before there's a widely available countermeasure? And what about students who desire to legally distribute large files to which they DO own the copyright, such as design projects or self-made media, and do so over direct IM, via FTP/DAV, or with e-mail attachments?
They have at least 160+30 megabits/second to the regular net, and a pipe of what looks like 450megabit/sec to Internet2,
here at Cornell University, instead of blocking P2P or port scanning, they came up with a nice little schema to defeat ALL internet traffic - charge dorm access by the MEGABYTE !!!! You're only allowed 2GB of non-intranet traffic per month, which is like NOTHING. Just keeping AIM in the background while browsing a few sites already can take up 2 GB. Solution? Do all large downloading at computer lab, and use a USB flash drive to bring it home. Not only this kills p2p, but it kills Internet access as a whole. So great, CIT!
Why not buy a NAT box with a built-in firewall? That way they can't scan your PC. Of course, they could still monitor the traffic thru your RJ-45 port, so you can't share (and I'm one of those people who think you shouldn't anyway). But at least you'll have *some* privacy.
Chip H.
Wow, you sure are hostile for someone defending the rights of an entity with substandard infrastructure to defraud its paying customers.
No, I am just hostile. If anybody ever told you I was anything other than an asshole they were just playing a practical joke on you.
Coming from someone who is obviously incapable of comprehending the simple concepts of providing adequate bandwidth and service to users, this comment is very amusing.
Here's a little side project for you: Find how out much it costs Slashdot in bandwidth. Find out how much bandwidth your school consumes in an average month. Do some math and statistics.
As the contract guarantees me working Internet access, I WILL recieve this, or I will be paid off. Failing this, the university will pay far more for legal fees in a contract dispute that I will inevitably win.
Even if they block and forbid the use of P2P clients, you still have internet access. You have complete and unfettered internet access depending upon what they decide you can run. I'm curious what school you go to because I bet I can find a few terms of service that prevent you from getting what you think you are entitled to.
Dacels Jewelers can't be trusted.
Don't they know that Icarus is an AI developed by Majestic 12? I hope nobody tries to send Daedalus up against it, because everyone knows they'll merge into a super-AI that will join itself with JC Denton and rule the world!
Nathan
No, it seems like I'm the only one that does! What good is an open source application going to do you, if you need a microjunk compiler?!? Besides, VB is definatly not designed for network operations, and a few other languages would do a much better job. C++, and perl come to mind.
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14
I guess that means I'm a whiney, clueless little liberal huh? Are you gonna tell Rush on me?
I'm sure the Icarus will be blocked as a potential hostile port scanner, I know my firewall does.
I know that my Uni (ok I graduated last summer) is keeping a rather tight eye on external bandwidth, in order to keep it blazing fast, as it is. But as far as I know, they're looking at total and sustained bandwidth usage, nothing else. Mysteriously, the internal DC++ hubs (IP limited to internal only, difference is only GB limit) are doing great and contain so many terrabytes, there's little reason to go anywhere else. I'm sure it stands out as a red herring on the internal LAN stats, but the networks admin don't want to look. And word-of-mouth spreads pretty quickly to those who haven't caught on.
Personally, I think that if the goal is to provide a network that is the most useful for all the students, that is the way to go. While I'm sure they "know" that illegal stuff is going on over their lines, they're acting as a good ISP and common carrier and don't nose around. I'm sure you wouldn't appriciate your cable company or telco to do so either, I'm sure they "know" too.
Kjella
Live today, because you never know what tomorrow brings
you know, most dhcp clients can configured not to touch /etc/resolv.conf (or whatever)
Need a Catering Connection
wasn't that the name of an evil AI in the game deus ex?
i am the self-proclaimed king of free stuff
So here's the low down on this program. As a RA (Resident Assistant) on UF's campus and also being somewhat of a knowledgable Linux user (read: former Gentoo dev).
Basically they port scan you. If you've accidently left WinXP's default Shared Doc's folder shared or anything shared then they say in the Housing Agreement you sign that they can log in and look at anything you have openly shared.
Now just cause they know people will run their own firewalls to block them out and then still run whatever apps they want.. they require you to leave certain ports and accept certain packets (i.e. ping, netbios stuff, etc).
The message that they pop up on your screen is actually a net send message.
In actually application, it has slowed down the max speeds of the network and latency is about the same. It does kick you offline for very short periods (long enough for IRC to reset sometimes and GAIM to definitely have to reconnect)
How about directing all the mail and voice messages to the sociology department as a start in teaching basic morality?
Sorry, you may be correct in general, but not specifically about UF. I live in the residence halls. Last year I lived in on of the better halls as far as internet connections go. I was able to get sustained 7MB/sec transfers (yes megabyte) if the person on the other end had great enough bandwidth (and no, it wasn't through P2P). UF sits atop a tremendous connection, so in effect it's a resource like water.
On a side note, ICARUS sucks. What last year was a 5Mbit effective connection to the 'net (on a 10Mbit network) currently tests at half a megabit (just tested for this post at bandwidthplace.com). It has tested as low as 57Kbit earlier this year. Outages are frequent.
I'm not happy.
Seriously, who cares about P2P - this is a great application to take care of those damn windos machines that get infected with a virus and are never patched, cleaned up or taken down, but just continue spreading the malware happily.
I work for an ISP. We would love to have an easy way to identify and shut down those customers who are this negliegent.
(and before you yell we as ISP shouldn't bla bla - if you can't drive without endangering everyone else, then get off the road, no matter if it's the highway or the information superhighway)
Assorted stuff I do sometimes: Lemuria.org
I thought this article would be about the abysmal CS department at UF.
word.
and in both, it is not yours, it is theirs! a solution? form your own non university wireless networks and servers and do what the f____ you want. hint; when you graduate, you will be doing that anyhow so why not get some experience in hands on building, system setup, and problem solving and creatively make the world a better (insert your definition here)place where you want to live. peace!
While the computer is the user's private property, the way that computer works can affect everyone else on the network. Similarly, your house is private property, but if your septic tank is busted and dumping raw sewage into the ground water you are affecting others. The state reserves the right to check things like this when you buy/sell the house because of the potential impact on others. Of course, they don't do daily/random poop checks but that's because it's not feasible. If the technology was there I wouldn't mind having automated checks of my scumbag neighbors' sub-standard houses and systems....I don't want their feces in my well water!
Not perfect but you get the point.
And this isn't even the government!
Blar.
Errr...If they decide one cannot run anything that uses a certain port, then it's not complete and unfettered access, is it.
If a job's not worth doing, it's not worth doing right.
Errr...If they decide one cannot run anything that uses a certain port, then it's not complete and unfettered access, is it.
It was tongue and cheek, really. My point is that internet access just means you have a connection to the internet. People say they have a right to drive, but they all get punished by the speed limits.
To me, this is just the same thing.
Dacels Jewelers can't be trusted.
Here's an article showing that ICARUS was actually originally deployed waaaay back in the Summer semester. This isn't brand-new.
Official DHNet webpage with policy on filesharing and such. Use that to get your facts straight.
Some Students react in the DHNet forums.
More student ractions
In the darkness of future past, The magician longs to see. One chants between two worlds, "Fire, walk with me!"
Does this mean they'll only allow Windows machines on their network? Or will Linux and *BSD users be ignored?
I'm guessing that in order for a download over I2 to work, both ends of the connection have to be on I2. Not all schools are on I2. Do sourceforge.net and savannah.nongnu.org have a mirror on I2?
Will I retire or break 10K?
I don't know about U of Florida, but Rose-Hulman Institute of Technology had a gun club during the four years I went there.
Will I retire or break 10K?
At my school, they put up a firewall that blocks all p2p software from connecting to outside networks. That is why we had to resort to using a local Direct Connect hub that allowed easy file trading among the students. The good part was it was very fast at 800 kbytes/sec. The bad part was the limited selection of songs.
That's an unrealistic approach to the problem. UF is not exactly made of (or Endowed with) endless streams of cash, and Gainesville, Florida is not exactly a Mecca of high-speed bandwidth providers. It costs UF ENORMOUS sums of money, that have to be justified to the administration every fiscal year, to provide external connectivity. The University can't just keep adding OC-3cs just to keep up the flow of bootlegged music and movies. It's kind of hard to sell the Provost on an OC-12 to Qwest just so Johnny Dormroom can snag the latest System of a Down CD without having to actually go to Bleeding Wallet Records and buy it.
Network geek with a strong affinity for Telecasters
No, you're a clueless idiot! the problem is that it's VB, not that it's open source (duh!).
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14
Oh, please. Do you really believe that more than 10% of these are likely to be false accusations?
I don't "believe" anything about the % of false accusations, because there's no evidence beyond some specific cases which demonstrate that some accusations are false.
And it doesn't change the point any way you look at it. 40 false accusations are just as big a pain as 40 true accusations.
The point isn't that it's a pain, the point is who to blame - who should suffer the consequences of a proposed solution. It makes all the difference whether the accusations are true or false.
If you're on a college campus, simple Windows network shares will get you loads and loads of whatever you might be searching for on Kazaa equivalents.