Slashdot Mirror
University Professor Chastised For Using Tor
Irongeek_ADC writes with a first-person account from the The Chronicle of Higher Education by a university professor who was asked to stop using Tor. University IT and campus security staffers came knocking on Paul Cesarini's door asking why he was using the anonymizing network. They requested that he stop and also that he not teach his students about it. The visitors said it was likely against university policy (a policy they probably were not aware that Cesarini had helped to draft). The professor seems genuinely to appreciate the problems that a campus IT department faces; but in the end he took a stand for academic freedom.
--"The other men were not familiar, but a quick glance at their cards told me they were detectives on our campus police force."
_Detectives_ of the campus police force. What's next? Agents of the Campus Intelligence Agency?
the Department of Campus Security?
This is really ridiculous.
How does Tor enable those things, and how would more people using Tor make those things worse than they already are?
I attended said university, I know Paul very well. I still run into him in town occasionally, and I will be sure to shake his hand for this.
I could say a lot of BAD things about *university* ITS, but I'd probably get me in far more trouble than it is worth to say them out loud. I am not there anymore, they don't effect me. I will just be happy that Paul is still the fine individual I have always looked up to.
--Nuintari
slashdot : where an opinion can be wrong.
No they don't. Its a public university.
Do you think they have the right to say "Whites Only" or "No visiting Republican Websites"?
Now, that is not to say that the University is not allowed to draft up a reasonable set of rules. Perhaps it could even be argued that the right to anonymous communications and encryption fall under the 1st amendment, but thats not really my point here.
Lord High Crapflooder The Right Honourable Vlad Craig Esther McDavenpherson III
Destroyer of Mercatur.Net
Its possible that I'm simply missing the point, but if Tor is so effective then how exactly did a university IT guy and two campus cops find out it was in use and trace it so easily to the professor in question? Isn't anonymity the whole point?
Civil liberties and government funding have little to do with it.
Its about academic freedom, and freedom of inquery.
Realise I worked in IT at a major university. I was there when we decided to impliment virus scanning, not even spam filtering (I was there for that too) but just virus scanning.
It was debated because well... what if someone had a legitimate acedemic need to recieve viruses in email?
Seriously! We gave unfettered internet access. Porn? Well... guess what... someone may be doing acedemic research into porn and needs to access porn sites. These are legitimate debates that come up in that environment because... they take the persuit of intellectual inquery as serious buisness... because it IS their buisness.
No firewalls, no filtering... unfettered access, because if someone needs it, they need it.
-Steve
"I opened my eyes, and everything went dark again"
First: please stop using Tor on our network. Not very objectionable, they do own it and can request that sort of thing. Kind of like saying "please don't seed torrents of 20 Linux CD images on our network."
Second: please do not tell your class about Tor even though you believe it is relevant to what they are learning about. This is highly objectionable, and undermines the purpose of the university as a place for free exchange of ideas. Even assuming the university is private and can tell him to do this, they shouldn't tell him to do this. It makes them a worse university. Can do and should do are different questions.
This sig has not been evaluated by the FDA. It is not designed to diagnose, treat, prevent, or cure any disease.
I used to work for a large Midwestern University, and we blocked outgoing connections to some services, such as VPNs and some proxies. The reason we did this was during the outbreak of the virus (can't remember the name), that hammered Windows on Port 135, we blocked incoming Port 135 connections at the University border. It was hypothesized that if users VPNed to other networks, they would circumvent the port block and become a vector.
I know everyone worth their weight in IT realizes that a secure border isn't enough. We had virus protection available for free for every seat on campus, however, in a huge distributed environment (where departments and colleges were "islands" in a network ocean, with their own IT staff) we couldn't gaurantee the integrity of these machines. But we were sure going to be the ones to take the hit when their "nice kid that they liked to much to see them move on after graduation system admin" didn't bother to CHECK to see if the definitions his AD-out-the-box for dummies was pushing those defs.
We also disallowed some of these services because it became harder to effectively monitor our network. When some s5r1pt k1dd13 in CIS 201 decides that he is now a UNIX god is and is going to put "Bush Sucks - $college_name is #1, fark $rival" on whitehouse.gov to impress his pink haired, pot smoking, PETA member across the hall in the dorms who only talks to him when he removes the spyware she got trying to download off KaZaa, we look like complete dickheads when the Feds show up (or the **AA) and the best we can do is say "I don't know... what goes on in them there tubes" the suits tend to get pretty agrivated.
On the other hand, even if they are SSHing into an intermediary (which we strongly encouraged over telnet), we can at least say "Well, we had an outgoing SSH connection from 4 machines on campus at that time going to these 4 addresses, do any of those ring a bell? We happened to have authenticated WPA, so we can tell you who these folks are even if the machine name is PoPPySeeD420 and done from the student union.
Privacy is wonderful, but when the shit hits the proverbal fan, IT would like to know who is pulling shenanagins on the network. The rest of the time, 99.9999% of the time, we'd rather NOT know what you're up to, and every one of us in the office (except for that one windows fanboi MS office specialist who we used to throw beanbags at) had our open source/linux/free as in beer and freedom/crypto-privacy street cred.
Forgive my spelling from time to time. I'm often posting during short breaks.
I guess you missed the sarcasm. I'm from Canada, and I think universal health care is one of the most important things that differentiates us from our... famous neighbor.
However, the original poster lives (I assume) in a place where capitalism is revered, including in health care. It's not how I'd want to live, and what you said in your post is an excellent summary of why.
Even gold-plated health coverage shouldn't cost 6k for everybody if it was done right.
I mean, most people are not usually sick. And I'm sick of people pointing to Canada or Britain and saying: "see, universal coverage doesn't work". We're the USA, goddammit, and we can spit farther, screw longer and piss farther than any other country on the planet, so you'd think we could figure this thing out so we don't have to have kids going without being able to see a doctor when they get sick. The fact that we have such a high infant mortality rate should cause every one of us to be ashamed. Once and for all, can we just build a good health-care system for every American and maybe put gay marriage, protecting the children from video games, and flag-burning amendments on the back burner for just a little while?
You are welcome on my lawn.
Admins should be more concerned about Tor's Hidden Service feature. It's handy to avoid censorship and all, but it allows you to connect to hosts behind a NAT or firewall (the node keeps a circuit open). Not only that, the person using the service remotely is unrelated to the host that shows up in the logs... It's a drop-in backdoor tool. Instant access to the internal network.
"Strangers have the best candy" -Me
I missed the sarcasm too. I guess too dry for me.
Here's the deal-- you cannot have unlimited medical coverage.
Period.
1) there are too many diseases that can be cured IF you have unlimited resources... well really about $2,000,000 to $10,000,000 or so. The point is- we can't afford to cure everyone's $350,000 bypass surgery so we let people pay for it themselves or die. You do it in canada too- you just do it via rationing and delays instead of via money. "Sure you can get your surgery-- in 17 months" vs "Sure you can get your surgery- for $350,000".
2) If we could get the legal $ystem out of it, the costs would be much lower but there would be more malpractice. We currently say "no mistakes and no malpractice" but that decision probably doubles or triples every thing we do medically. Which in some cases means that the procedure that could be done cheaply- is now too expensive.
3) Even in socialist countries- you are paying. Sure- you may rip off the doctors (with a resulting shortage of doctors and hence long wait periods) but the drug company executives are still flying around in jets and vacationing in maui.
So the point is not curing every illness known regardless of price- but setting a reasonable amount of tax dollars aside to cover a reasonable amount of medical expenses for the most people possible. No open heart surgery for 98 year olds on the tax dollar but if they want to pay for it themselves- okay. Yes to vaccinations for everyone and broken limbs (tho perhaps a limit on the number of times to reign in the reckless types).
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
I'm truly sorry if my comment offended anybody. But when I hear some bright boy who's probably still dodging his college loans say that he hates having to "pay for all the uninsured waifs" it makes me so angry that my usually calm demeanor abandons me. Knowing that smug pricks like that actually think that because their uncle got them a job doing tech support at an insurance company that they're suddenly better than some laid-off factory worker with three kids really puts a snag in my merkin. This country is so frigging wealthy that a one-bedroom condo on Manhattan now averages about a million bucks, and it's still a seller's market. You'd think the least we could do is work out something so that everybody here can have their kids' tonsils taken out (do they still do that?) or get decent care for their elderly parents without having it destroy them economically.
I let it get to me sometimes, and it makes me lose my cool. I start making typos and going through keyboards every other week. Then when I lay my head down at night I get headaches from grinding my teeth. It's why my wife doesn't let me listen to talk radio any more. And hearing about a half-dozen helicopters in two weeks, full of 20 year-olds who should be listening to bad rock music and getting laid, going down half a world away in a war that every single military expert now says was a loser from the beginning (see today's National Intelligence Estimate), can make me downright unpleasant.
So I'm sorry. Next time some arrogant c-sucker wants to complain about all those icky poor people who are getting in the way of his new 3-series, I'll go walk the dog instead of telling him what I think. There are other people around here who do it better anyway.
You are welcome on my lawn.
Sure, in the US there are some people actually making minimum wage who barely get by.
Then there are the other people who drive cars when they could be bicycling everywhere. Have a McMansion instead of renting a room. Buy frozen food or worse, fast food, instead of learning to cook. Have cable, internet and go to the movies on the weekend because those are minimum 'necessities'.
Take a look at Ben Franklin, stranded in England, penniless. He got a job and saw all his co-workers spending their daily pay on beer and a hot supper. What did he do? Ate practically nothing more than bread and water for almost two years so he could invest his money.
Sure, there are some people, people who have backed themselves into corners by having kids they can't afford or financing everything they own to the hilt. And there are people I actually feel bad for who need a break who had a kid they thought they could afford but then ended up requiring huge medical bills, or they themselves have huge medical bills. That can't be helped.
But that's a small minority of the financially oppressed. The rest just don't know how to hold onto a buck.
Work two jobs. Don't buy shit. Get rid of the internet at home, use the library. Don't buy what you can borrow. Get rid of the cell phone. Reconsider what you call a necessity. Stop eating meat and fresh milk. Downgrade your life, trade in the SUV for a sub-compact or the sub-compact for a bicycle or the bicyle for your legs. Get an apartment instead of a house. A studio instead of a one-bedroom. A room instead of a studio. Invest in your own job-training. Then instead of biting your tongue and living against your moral principles tell your boss to fuck off next time you really think you should since you're no longer banking on the next paycheck just to make rent.
Or consider an unused bedroom, a car, 5MB/s internet access and ready-made frozen food a necessity and continue to slave away. Let's just be clear though; it's your choice.
_
"Well, it's no trick to make a lot of money if what you want to do is make a lot of money." - Berstein in Citizen Kane
Here's a legit situation I can see coming up - if a faculty person was somehow using 90% of our internet bandwidth, we'd have to have a chat. Sure, it might be for their research, but that doesn't matter in that case. It's a shared resource, there's a limited (by the University) budget, and it's not an academic freedom issue. It might be convenient for one of the physics faculty to have a supercollider as well, but it's not in the University's budget. You have to partner with someone outside, or get grants, etc. Every instituation has limits and priorities.
But this? This is bizarre. The only awkward situation I can think of in some states is that state schools can fall under open records laws that require that the public can check on certain information (in some states, browser histories have come up in the past). In that case, as a state employee, they might be violating the open records law by going out of their way to hide their activity. Hell, even under a Patriot Act search, we'd have to give them whatever information we had about a user, but we're not obligated to keep information to track back every outbound internet connection - even under CALEA. We probably can't link a PAT assignment on the outside of our firewall to an inside machine for more than a couple of days, at best We just don't have the space to keep the logs.
I think he needs to add another country to his list. And find a better technology.