Slashdot Mirror

← Back to Stories (view on slashdot.org)

University Professor Chastised For Using Tor

Posted by kdawson on from the control-freaks-ascendent dept.

Irongeek_ADC writes with a first-person account from the The Chronicle of Higher Education by a university professor who was asked to stop using Tor. University IT and campus security staffers came knocking on Paul Cesarini's door asking why he was using the anonymizing network. They requested that he stop and also that he not teach his students about it. The visitors said it was likely against university policy (a policy they probably were not aware that Cesarini had helped to draft). The professor seems genuinely to appreciate the problems that a campus IT department faces; but in the end he took a stand for academic freedom.

44 of 623 comments (clear)

  1. Bravo by QuantumG · · Score: 5, Insightful

    Good to see some university professors still have integrity.

    --
    How we know is more important than what we know.
    1. Re:Bravo by Maxo-Texas · · Score: 5, Insightful

      I wish I had "tenure" at my day to day job.

      --
      She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
    2. Re:Bravo by Anonymous Coward · · Score: 5, Informative

      He is an assistant professor. He is unlikely to have tenure.

    3. Re:Bravo by Maxo-Texas · · Score: 4, Insightful

      Even executing my "academic freedom" would result in instant unemployment in the private sector. That severely constrains my interest in executing it since my health care bills would be $300 a month easily for blood pressure and cholesterol medicine alone.

      I applaud his efforts. And I chose not to work in academia so it's my responsibility that he has privileges that I do not.

      --
      She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
    4. Re:Bravo by __aagmrb7289 · · Score: 5, Informative

      FYI (from TFA): My reason for downloading and installing the Tor plug-in was actually simple: I'd read about it for some time, was planning to discuss it in two courses I teach, and figured I should have some experience using it before I described it to my students. The courses in question both deal with controlling technology, diffusing it throughout society, and freedom and censorship online. When I cover online censorship in countries with no free press, I focus on how those countries rely on hardware, software, and phalanxes of people to make sure citizens can reach only government-approved media. Crackdowns on independent journalists, bloggers, and related dissidents all too often result in their being beaten, incarcerated, or worse. Technologies like Tor represent a beacon of freedom to people in those countries, and I would be doing my students a disservice if I didn't mention it.

    5. Re:Bravo by KerberosKing · · Score: 5, Insightful

      The thing is, tenure is earned by outstanding scholarship over years of teaching and research. It is a long-standing tradition of university life. Further, it is crucial that we as a society have high-profile people that can question and critique the status-quo of governments, companies and other powerful groups without great fear of reprisals. Such protections are needed, else the relatively low pay and long hours of professors would hardly seem worth it when contrasted with executives and their exorbitant pay.

    6. Re:Bravo by Anonymous Coward · · Score: 4, Insightful

      Even executing my "academic freedom" would result in instant unemployment in the private sector. That severely constrains my interest in executing it since my health care bills would be $300 a month easily for blood pressure and cholesterol medicine alone.

      That's why the Government should be providing health insurance, and limiting the price of medication, like in every other first-world country.

    7. Re:Bravo by QuantumG · · Score: 4, Insightful

      I think maybe there's something you're overlooking: a university is not a business. I know that folks in the US might be shocked to hear me say this.. after all, universities are run as if they are businesses, and typically in a more cutthroat fashion than regular businesses, but how many businesses do you know, outside the aviation industry, that receive regular funding from the government? The university network belongs to the people and, although that doesn't give people the right to do whatever they want on the network, it does mean that university IT has a responsibility to ensure civil liberties are not trampled. If they don't like that, then they shouldn't have taken government funding.

      --
      How we know is more important than what we know.
    8. Re:Bravo by nomadic · · Score: 4, Insightful

      I wish I had "tenure" at my day to day job.

      This incident illustrates the precise reason tenure exists.

    9. Re:Bravo by neomunk · · Score: 5, Insightful

      Child porn like everybody else?

      Fuck you.

      I have had tor installed for many moons now, and have a severe reaction to child porn (or any type of sexual abuse, especially of children) due to the fact that an overwhelming majority of women I've gotten close enough to to talk about such things have been molested at some point in their life.

      How about people who use it just because the country they are in has an abusive civil rights regime, or because they don't trust their ISP to keep their browsing habits secret? (Maybe they REALLY like the old cartoon Gem and are embarrassed about it) Maybe, just maybe, the person thinks that they are under surveillance for legal activities (like planning anti-war demonstrations).

      Forget all that, the only thing you need know about it is that it's none of your fucking business what these people are doing. The old "they wouldn't care if they aren't doing anything wrong" bit is so played out, so proven stupid, and so indicative of 'fucktardation' that if you hadn't sent a damn shiver down my spine by calling me a supporter of child porn I'd have completely ignored you.

      I couldn't though. Idiots are only dangerous when allowed to say such misinformed and ignorant things and are not called on it.

      P.S.

      Fuck you once more for implying that I'm some type of child molester (even a passive one) you freedom hating punk.

    10. Re:Bravo by miskatonic+alumnus · · Score: 5, Insightful

      Right on. Why should I have to pay for a police force, judges, politicians, schools, military, highways, or anything else the public uses? I can educate my own kids, do some gardening, walk to town, and take care of myself.

    11. Re:Bravo by ceoyoyo · · Score: 4, Insightful

      Your job is to go to work and perform some task for the company that hired you. HIS job is to know about things like Tor, think about what they mean, and educate his students. See the difference? Knowing about Tor is part of his job.

    12. Re:Bravo by Maxo-Texas · · Score: 4, Insightful

      Not sure how you got that out of what I said.

      What I was saying is that I face large bills if I lose my insurance so I do not feel free to "fight the man".

      Answering your question however:

      1) Every american should be able to pay the negotiated rate for items. If all blue cross pays the hospital is $1,375 for a gall bladder operation- why should an uninsured person have to pay $18,325 for the same exact operation? If you can show that the hospital is charging anyone a certain price, you should be able to pay that same price for the same service.

      2) Every american should have basic (and I do mean *BASIC*) health care covered socially. This includes random things like broken legs and car wreck injuries and not things like chemo therapy (and I say that as a cancer survivor). The larger the pool, the lower the costs. Right now, cherry picking is getting so extreme that you can't get insurance unless you are well. If I were grand high poohbah, I would set this at $1,000 * the minimum wage with a 20% co-pay but 0% on annual physicals. Everything over $1,000 would be your cost. If you used no benefits except the free physicals, I'd give you back 5% ($350) as a tax credit.

      Why I say this is that we are competing against countries where this is true and it puts our companies at a competative disadvantage.

      --
      She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
    13. Re:Bravo by flithm · · Score: 5, Insightful

      Even executing my "academic freedom" would result in instant unemployment in the private sector.

      This is not necessarily true. I've actually put myself into a position where I was SURE I'd be fired for refusing to go along with a company policy that I felt to be morally (and ethically) wrong. When you have righteousness on your side you'd be amazed at what can actually happen. (I wasn't fired, and I didn't follow policy).

      I'm not saying you're lying or anything, because I don't know your situation. But I do know how scary it is to put yourself out there like that, and I know that it's a lot easier to say "Ohh pfft, he's in academia so he can get away with that... I could never do that." But really that's nothing more than an excuse.

      There's plenty of situations where someone in the private sector could get away with a lot more than someone in academia, and vice versa. Making an insinuation that somehow life is easier in academia is not only wrong, but it's also a little insulting to what he decided to put himself through.

      I'm not suggesting that you start using Tor even if it's against company policy (that would be something entirely different than what he did), but executing your basic rights as an individual will not result in instant unemployment.

      Stand up for what you believe in! If it gets your fired, you're working in the wrong place. If you worked somewhere that wasn't going to immediately fire you for doing something you feel to be just, then maybe your blood pressure wouldn't be so high!

    14. Re:Bravo by neomunk · · Score: 5, Insightful

      Are you shitting me? So by that logic everyone in Florida who's paid any taxes, or even anyone who's bought anything IN Florida and paid state sales tax on it was funding ole' cyber-fondle Foley's (attempted?, completed?) trysts with underage boys?

      Or even better, everyone in the U.S. who has in any way paid for any road construction, well they've supported every criminal who tried to get away by car.

      C'mon now, who's next in line for trying to tell me that the desire of privacy is indicative of criminal behavior.

    15. Re:Bravo by san · · Score: 5, Insightful

      In the case of health care, governments are known for low costs and high quality. Total medical expenditure per capita in western countries with universal healthcare tends to be around a quarter of what it is in the US, and people live longer and healthier lives.

      These are fairly well established facts (I'm not going to dig up references now, but for example, there was a Nature article last year on how Brits live longer than Americans -- even if you account for any conceivable cultural/economical/whatever difference, and Brits have a lower life expectancy than other European countries. That should get you started). You can also easily look up medical expenditure per capita.

      Whether you want universal healthcare should mainly be a political question: it does, undeniably, take away freedom (you're going to be taxed and you don't have a very direct say on how that money gets spent --- you're still free to go to any doctor you want if you're willing to pay more for it).

      In many countries, people think it's worth the trade-off.

    16. Re:Bravo by TheCarp · · Score: 5, Interesting

      Civil liberties and government funding have little to do with it.

      Its about academic freedom, and freedom of inquery.

      Realise I worked in IT at a major university. I was there when we decided to impliment virus scanning, not even spam filtering (I was there for that too) but just virus scanning.

      It was debated because well... what if someone had a legitimate acedemic need to recieve viruses in email?

      Seriously! We gave unfettered internet access. Porn? Well... guess what... someone may be doing acedemic research into porn and needs to access porn sites. These are legitimate debates that come up in that environment because... they take the persuit of intellectual inquery as serious buisness... because it IS their buisness.

      No firewalls, no filtering... unfettered access, because if someone needs it, they need it.

      -Steve

      --
      "I opened my eyes, and everything went dark again"
    17. Re:Bravo by HUADPE · · Score: 4, Interesting
      There were 2 requests made to him. The first is not objectionable, the second is highly objectionable.

      First: please stop using Tor on our network. Not very objectionable, they do own it and can request that sort of thing. Kind of like saying "please don't seed torrents of 20 Linux CD images on our network."

      Second: please do not tell your class about Tor even though you believe it is relevant to what they are learning about. This is highly objectionable, and undermines the purpose of the university as a place for free exchange of ideas. Even assuming the university is private and can tell him to do this, they shouldn't tell him to do this. It makes them a worse university. Can do and should do are different questions.

      --
      This sig has not been evaluated by the FDA. It is not designed to diagnose, treat, prevent, or cure any disease.
    18. Re:Bravo by ceoyoyo · · Score: 4, Interesting

      I guess you missed the sarcasm. I'm from Canada, and I think universal health care is one of the most important things that differentiates us from our... famous neighbor.

      However, the original poster lives (I assume) in a place where capitalism is revered, including in health care. It's not how I'd want to live, and what you said in your post is an excellent summary of why.

    19. Re:Bravo by PopeRatzo · · Score: 5, Interesting

      Even gold-plated health coverage shouldn't cost 6k for everybody if it was done right.

      I mean, most people are not usually sick. And I'm sick of people pointing to Canada or Britain and saying: "see, universal coverage doesn't work". We're the USA, goddammit, and we can spit farther, screw longer and piss farther than any other country on the planet, so you'd think we could figure this thing out so we don't have to have kids going without being able to see a doctor when they get sick. The fact that we have such a high infant mortality rate should cause every one of us to be ashamed. Once and for all, can we just build a good health-care system for every American and maybe put gay marriage, protecting the children from video games, and flag-burning amendments on the back burner for just a little while?

      --
      You are welcome on my lawn.
    20. Re:Bravo by I_Love_Pocky! · · Score: 4, Insightful

      Well we certainly wouldn't want to encourage innovation in heath care with a competitive market would we? Heavens, we might accidentally develop something helpful for the species. Money is such a terrible motivator.

    21. Re:Bravo by Maxo-Texas · · Score: 4, Interesting

      I missed the sarcasm too. I guess too dry for me.

      Here's the deal-- you cannot have unlimited medical coverage.

      Period.

      1) there are too many diseases that can be cured IF you have unlimited resources... well really about $2,000,000 to $10,000,000 or so. The point is- we can't afford to cure everyone's $350,000 bypass surgery so we let people pay for it themselves or die. You do it in canada too- you just do it via rationing and delays instead of via money. "Sure you can get your surgery-- in 17 months" vs "Sure you can get your surgery- for $350,000".

      2) If we could get the legal $ystem out of it, the costs would be much lower but there would be more malpractice. We currently say "no mistakes and no malpractice" but that decision probably doubles or triples every thing we do medically. Which in some cases means that the procedure that could be done cheaply- is now too expensive.

      3) Even in socialist countries- you are paying. Sure- you may rip off the doctors (with a resulting shortage of doctors and hence long wait periods) but the drug company executives are still flying around in jets and vacationing in maui.

      So the point is not curing every illness known regardless of price- but setting a reasonable amount of tax dollars aside to cover a reasonable amount of medical expenses for the most people possible. No open heart surgery for 98 year olds on the tax dollar but if they want to pay for it themselves- okay. Yes to vaccinations for everyone and broken limbs (tho perhaps a limit on the number of times to reign in the reckless types).

      --
      She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
    22. Re:Bravo by PopeRatzo · · Score: 4, Interesting

      But I'm sure you're too busy being a Right-Wing Christian to concern yourself with the actual teachings of Christ.

      I'm truly sorry if my comment offended anybody. But when I hear some bright boy who's probably still dodging his college loans say that he hates having to "pay for all the uninsured waifs" it makes me so angry that my usually calm demeanor abandons me. Knowing that smug pricks like that actually think that because their uncle got them a job doing tech support at an insurance company that they're suddenly better than some laid-off factory worker with three kids really puts a snag in my merkin. This country is so frigging wealthy that a one-bedroom condo on Manhattan now averages about a million bucks, and it's still a seller's market. You'd think the least we could do is work out something so that everybody here can have their kids' tonsils taken out (do they still do that?) or get decent care for their elderly parents without having it destroy them economically.

      I let it get to me sometimes, and it makes me lose my cool. I start making typos and going through keyboards every other week. Then when I lay my head down at night I get headaches from grinding my teeth. It's why my wife doesn't let me listen to talk radio any more. And hearing about a half-dozen helicopters in two weeks, full of 20 year-olds who should be listening to bad rock music and getting laid, going down half a world away in a war that every single military expert now says was a loser from the beginning (see today's National Intelligence Estimate), can make me downright unpleasant.

      So I'm sorry. Next time some arrogant c-sucker wants to complain about all those icky poor people who are getting in the way of his new 3-series, I'll go walk the dog instead of telling him what I think. There are other people around here who do it better anyway.
      --
      You are welcome on my lawn.
  2. ill prepared? by mhokie · · Score: 5, Insightful
    "The visitors said it was likely against university policy"

    Could they not be bothered with actually checking the policy since they were there to enforce it?

    1. Re:ill prepared? by Selanit · · Score: 4, Insightful

      "The visitors said it was likely against university policy" Could they not be bothered with actually checking the policy since they were there to enforce it?

      In fact, they brought a printout of the policy to the meeting with the professor. The reason they weren't sure is that when the policy was written, Tor didn't exist yet. It might violate the policy, but they hadn't faced this kind of thing before, so they weren't certain.

    2. Re:ill prepared? by Kadin2048 · · Score: 5, Insightful

      Well, we can't say for sure now, because it's not like TFA included a copy of the relevant policy (although, if someone wanted to, they could probably figure out where the guy in the article works, and find the policy from there), but he admits that it's vaguely written, and was written back before Tor existed. So there are two immediate issues:

      1) The policy may be so vague, as written, so as to make it unclear whether Tor is legitimate or not. For instance, it could simply have a blanket prohibition of doing things that are detrimental to the network, but not specify exactly what's prohibited and allowed. This is fairly common in most AUPs that I've read, particularly academic ones; rather than attempting to specifically outline what you can't do, they basically say "anything that's bad, don't do it." (Usually in a more verbose fashion, but that's the general idea.) Sometimes they're clear about who decides what is 'bad,' other times less so. It all depends on how bright a person wrote the policy.

      2) The policy, as written, may actually prohibit Tor, but the faculty member, who said he was part of the committee that wrote the policy, believes that owing to the age of the policy and his knowledge of the writers intentions, that it was never intended to prohibit something like Tor. Thus, his usage, while technically in violation, he believes is OK because -- to put it bluntly -- he knows what behaviors the policy was supposed to prohibit better than the sysadmin does. (This seems like it could be a dangerous position for him to take, but I guess if you've got tenure, you might as well use it.)

      --
      "Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
  3. Re:the ivory tower by Anonymous Coward · · Score: 4, Insightful

    I think the issue was not with his use of it but being told that he couldn't talk about it in his classes.

  4. question by Peter+La+Casse · · Score: 4, Interesting

    Widespread use of Tor could be a huge headache for network-security administrators, particularly in higher education. My university alone has more than 21,000 students. Imagine what would happen if even a tenth of them and a similar percentage of faculty and staff members started using Tor regularly. With all the spam scams, phishing scams, identity theft, and related criminal enterprises going on around the world many of which involve remotely hijacking university-owned computers we could approach technological anarchy on the campus.

    How does Tor enable those things, and how would more people using Tor make those things worse than they already are?

    1. Re:question by xenocide2 · · Score: 4, Insightful

      I think the bigger problem is that they still figured out it was him!

      --
      I Browse at +4 Flamebait

      Open Source Sysadmin

  5. half reasonable request by Anonymous Coward · · Score: 5, Insightful

    Asking the professor not to use Tor on the university-owned network is reasonable.
    Attempting to censure what he can say to his students is clearly not reasonable.

  6. Re:Bowling Green State University by thesupermikey · · Score: 5, Insightful

    it might also be noted the BGSU, along with other state universities in ohio force graduate students on assistantships to sign forms saying that they are not members, or have not supported terrorist groups.

    Since these are stored in university archives, and not checked, new graduate studies are (more or less) required by the state to sign loyalty oaths.

    --
    Mikey
    I've always been the kinda guy to fall for the girl dressed like an eskimo.
  7. Re:the ivory tower by wernst · · Score: 5, Informative
    I'm not sure what the story is here, the right to use tor on someone elses network? Does he have that right? It's not his network. I've used tor at home, but completely understand I cant use it at work, and if during my university days, had it existed (maybe it did but whatever), and was told I couldnt use it, I'd just deal with that.

    What are you talking about?

    The use of tor on "someone else's network" is implicit, because you are connecting to someone on the other side of the network as a whole.

    You say you use tor at home, but that's not "your" network either. I think your ISP would say that you are connecting to *their* network. I think the Hosting Provider of the web server you're connecting to would say it is *their* network. I think AT&T, (or whoever owns the backbone your data is traveling across) would say it is *their* network too.

    If any of these network owners told you to stop using tor at home, what would you say to that? I'm guessing it would be pretty close to what this professor said to the IT goons trying to intimidate him into stopping.

    The only time it's "your" network is when you have two of your own computers on your own LAN, and a tor router between them.

  8. From Someone Who Has Been There by nuintari · · Score: 4, Interesting

    I attended said university, I know Paul very well. I still run into him in town occasionally, and I will be sure to shake his hand for this.

    I could say a lot of BAD things about *university* ITS, but I'd probably get me in far more trouble than it is worth to say them out loud. I am not there anymore, they don't effect me. I will just be happy that Paul is still the fine individual I have always looked up to.

    --

    --Nuintari

    slashdot : where an opinion can be wrong.

  9. Re:But... by baptiste · · Score: 5, Insightful
    It's not overblown at all. Just like the earlier article about the RIAA sending cease and desist just because you were in a swarm, not actually up or downloading. This professor was doing something completely legal and as asked by law enforcement to stop - it is inferred because they could not monitor his activities. This has a chilling effect. Notice that it wasn't just an IT person requesting he stop - he showed up with two detectives - who probably instigated the entire thing.

    Common sense would dictate that the detectives, doing their jobs and trying to investigate an online scam, ask the professor some questions to determine if he was involved. But instead they asked him to stop doing something legal, tried to get him to NOT share something with his students, and used some vague provisions of an IT policy to back it up. This is a direct attack on academic freedom - 'Thou shalt not tell your students about this' and even worse, telling him not to use Tor himself - obviously because they couldn't track what he was doing.

    Overblown? Hardly - we are losing our rights bit by bit by bit and people who think something like this is 'overblown' are part of the reason. By the time you all realize you've lost most of your rights it'll be too late.

    --
    Top Most Bizarre/Disturbing Error Messages
  10. Government funding by sjbe · · Score: 5, Insightful

    how many businesses do you know, outside the aviation industry, that receive regular funding from the government?


    Oil, farming, auto (roads), space (NASA), rail (AMTRAK), the defense industry, telecom, utilities, ... Do I need to go on? The government subsidizes most industries to some extent and some (defense and farming among others) to a very large extent. Sometimes it's grants, sometimes it's in the form of tax relief, sometimes its as a customer but the government funds a huge variety of industries.
  11. Re:When you know so little about TOR... by Kiaser+Wilhelm+II · · Score: 4, Insightful

    What if I replace the word TOR with the word "internet". Do you see why your post doesn't make sense?

    Bit torrent gets throttled because it is a bandwidth hog, not because its often used for copyright infringement. If that was the issue, it would be blocked totally in the places where it is throttled instead.

    What exactly is your point? Shit gets abused all the time.

    --
    Lord High Crapflooder The Right Honourable Vlad Craig Esther McDavenpherson III
    Destroyer of Mercatur.Net
  12. University ID depts pay peanuts by TheMCP · · Score: 4, Informative

    I was a university IT director a few years ago. The university told me outright when they hired me that they expected to pay me 25% less than an identical job would pay in industry, because they're a not-for-profit organization, and that I should desire to accept this because of the benefits of working in an academic environment (which they listed as long term job security and minimum of four weeks of vacation per year). Okay, fine. They weren't happy when I came back with documentation showing that my industry value was about twice what they thought, but they coughed up the 75% of my industry value that they said they would.

    Then when I wanted to hire anyone, however, they dictated to me what I could offer, and refused to accept any input regarding what industry norms were. So, when I needed a DBA (and frankly needed a really good one), they told me I should get someone Oracle certified, and that I should pay no more than $50k. Skilled, experienced, product certified DBAs, as you may know, tended to go for over twice that (usually more like three times that) a few years back in Boston, and our database wasn't Oracle anyway. I ended up hiring a junior-level person (when I really needed a senior level person) because that was the best I could get for the money they were offering (in fact the only applicant we had received who had any experience with the database products we actually used), and told HR they could forget about certification. Their response was to complain a lot that I hadn't hired a good enough person, despite that they hadn't actually asked me (his manager) about his performance, and he was actually doing unusually well for someone of his level. They also nagged me extensively to replace him with a woman who had applied who was oracle certified (which was still useless because we still didn't have oracle), but didn't actually speak English. (Presumably that's why she was willing to take the lousy pay rate.)

    10 months after I was hired the university outsourced my job, proving that their claim of long term job security was a lie in the first place. (I hear they had to hire three consultants to replace me, each one at a cost of two to three times my salary.)

    I've seen this pattern repeatedly in university IT groups; they won't pay what it really costs to get someone who can really do the job, but they insist on unreasonable qualifications given the pay level they're offering, so instead of either shelling out what it costs to get what they want or accepting the best qualified person who would normally be in the pay range they're offering, they instead hire the loser who is willing to both take the low pay rate AND inflate their qualifications (either by exaggeration or outright lies) to meet the university's unreasonable demands. So, when they most need a skilled, experienced person, they're most likely to get a lying fraud who can't get the job done and will give everyone else a hard time to try to make it look like nothing is their fault.

  13. Re:the ivory tower by GameMaster · · Score: 4, Insightful

    Actually, he says "could be a huge headache for network-security administrators" and "could approach technological anarchy". Notice the use of the work "could" as opposed to the more definite "will".

    Furthermore, just because something "could be a huge headache" for IT doesn't, necessarily, mean it isn't, still, part of their job responsibilities. Giving students/faculty at a university access to the Internet in the first place will, inevitably, produce headaches for IT. That said, it's also the only reason they have a job. It would be just as absurd for the IT department to attempt to strong-arm all the students/faculty into not using the Internet at all as a method of decreasing the IT workload.

    The fact is, there are ways to deal with it in the event it ever, actually, became a problem such as announcing a ban on the software for student PCs and banning systems from the network as soon as Tor use is detected. It's not difficult to do and means that Tor would only cause the network to dissolve into "technological anarchy" if the IT people sat around and did nothing. If they were even more reasonable and even handed about it, they could ban or traffic shape Tor users that were found to be using an obscene amount of bandwidth (most likely to have had their system injected). This, probably, wouldn't even require a re-write of their network use policies.

    "He has the RIGHT to use it, of course, nobody else should. It's a tool only for the gifted."

    While I'm assuming you meant this to be sarcastic, YES HE DOES HAVE THAT RIGHT! Its called academic freedom and was, clearly, mentioned in the article. It allows him and other professors to do their job. There are plenty of times that professors research/teach about controversial topics or topics that could cause problems if they were abused. He was teaching a class directly related to Tor and was using it as a way to become more familiar with the software. He never suggests that the general student body, or even the rest of the university employees should, necessarily, be allowed to use the software. You and I may not have the right to use Tor on out employer's networks but, then again, we aren't college professors (unless you happen to be). They represent a, very specific, special case when it comes to thing like this.

    As an example, I went to school for computer science. In one of my classes, on how operating systems work, our professor explained how a programmer could, very easily, take down almost any flavor of Unix system no matter how well secured the system was (thus causing headaches for anyone else using that system at the same time as was common in our CS computer labs). This was a fundamental flaw in the design of operating systems that, for Unix systems at least, was pretty universal. He also informed us, very clearly, that we were, in no uncertain terms, banned from using this technique on any of the lab systems (which ran Sun Unix). Furthermore, he informed us that, should we decide to try, they would, very easily, find out who did it and deal with them accordingly. This was an issue directly related to the subject of the class. Knowing it meant that we, as students, could avoid it in our own future software. There is a good chance that, at least one time, my professor had to write a program like this himself (or one of his colleagues did) and test it on one of the lab systems just to prove that it did, in fact, work that way.

    The story is that an IT guy and two Campus Security goons came to his door and tried to strong-arm him into not using the software or teaching about it. It's like a bad scene from a melodramatic police drama. They tried to feed him some nebulous garbage about it being against "policy" (a policy he actually helped edit and probably knows better than they do) and use it to threaten his job. The story is about a professor having his job threatened for researching a topic they don't like which flys against the very essence of acade

    --

    Rules of Conduct:
    #1 - The DM is always right.
    #2 - If the DM is wrong, see rule #1
  14. Bigger breach by lord_sarpedon · · Score: 4, Interesting

    Admins should be more concerned about Tor's Hidden Service feature. It's handy to avoid censorship and all, but it allows you to connect to hosts behind a NAT or firewall (the node keeps a circuit open). Not only that, the person using the service remotely is unrelated to the host that shows up in the logs... It's a drop-in backdoor tool. Instant access to the internal network.

    --
    "Strangers have the best candy" -Me
  15. Re:Nice Straw Man by I_Love_Pocky! · · Score: 4, Insightful

    While the government's response to Katrina was slow and poorly executed, it was not contingent upon ability to pay. If there was a pandemic illness sweeping the nation, a national emergency would be declared, and people would get the immediate attention they required. If I can count on my government for anything, I can count on it to blow through money in a panic.

  16. Bat#*($# Insane by The+Second+Horseman · · Score: 4, Interesting
    I'm a systems and network administrator at a University. Frankly, we'd never dream of doing this to anyone on campus (faculty, staff or student). Unless there was compelling evidence of illegal activity, or activity that had a serious impact on the network, we leave them alone. Even staff - supervising staff is their manager's job, not the responsibility of the IT group. If he was sharing his password and outside folks were crowding up the terminal server, or he was running a warez site, sure. But this?


    Here's a legit situation I can see coming up - if a faculty person was somehow using 90% of our internet bandwidth, we'd have to have a chat. Sure, it might be for their research, but that doesn't matter in that case. It's a shared resource, there's a limited (by the University) budget, and it's not an academic freedom issue. It might be convenient for one of the physics faculty to have a supercollider as well, but it's not in the University's budget. You have to partner with someone outside, or get grants, etc. Every instituation has limits and priorities.


    But this? This is bizarre. The only awkward situation I can think of in some states is that state schools can fall under open records laws that require that the public can check on certain information (in some states, browser histories have come up in the past). In that case, as a state employee, they might be violating the open records law by going out of their way to hide their activity. Hell, even under a Patriot Act search, we'd have to give them whatever information we had about a user, but we're not obligated to keep information to track back every outbound internet connection - even under CALEA. We probably can't link a PAT assignment on the outside of our firewall to an inside machine for more than a couple of days, at best We just don't have the space to keep the logs.

  17. peeve: "vast" majority by David+Gould · · Score: 5, Insightful

    I can't stand how the word "majority" has in recent years disappeared from our language and been replaced by the phrase " vast majority" (at least in any context that's even remotely political).

    This may sound like mere linguistic pedantry, but it really isn't -- this usage both feeds, and is part of, the trend toward polarization and "extremification" (yes, afaik, I just made up that word) of political discourse. When you claim not just a majority but a vast majority, you're doing more than just adding emphasis: you're actively marginalizing the other side (by implying that they're not just a minority but a tiny, insignificant minority).

    And it's self-escalating: it creates a sort of "linguistic arms race", where "everyone else does it", so people feel compelled to tack on the "vast", lest it sound like their side is only a mere "majority". But that just leads to linguistic inflation: when (almost) everyone says "vast", it loses its meaning, sending everyone scrambling to find ever-more-emphatic (and more insulting) modifiers, like "overwhelming".

    It may seem to make your argument sound a bit stronger, but the constant minor insults don't help us get anywhere closer to building true consenus. After all, wouldn't the overwhelming majority prefer to see a political arena with more true communication and less poo-flinging?

    --
    David Gould
    main(i){putchar(340056100>>(i-1)*5&31|!!(i<6)<< 6)&&main(++i);}
  18. Re:Nice Straw Man by shaitand · · Score: 4, Insightful

    'If there was a pandemic illness sweeping the nation, a national emergency would be declared, and people would get the immediate attention they required.'

    Most illnesses of this sort, including the black plague; could have been stopped if appropriate care were provided BEFORE the pandemic was a pandemic. Bum A slips off a ship carrying the new plague. He feels sick but can't afford healthcare and doubts he'll receive the treatment he needs if he shows up at the ER claiming a heart attack again. So he hangs out with other bums on the street. They in turn ask you for change outside the subway. 48hrs later thousands of people are infected and starting to feel sick. But they don't go to the doctor either. After all, you only go to the doctor if you are really sick in this country because it is expensive. So they wait and thousands more contract the illness. Some of the first were on their way to the airport so they spread it from city to city. And so on and so forth it goes from there. With free healthcare you go to the doctor when you feel sick and everytime you feel sick. The doctor doesn't prescribe anti-biotics if you have a cold because he no longer feels like he has to do something to justify your $75. Anti-biotics remain effective and plagues have a much higher probability of being caught in the first place.

    Oh yeah. Plus nobody dies sick, alone, and unable to chew their food because you are rich, cheap, and have principles. Healthcare (including the sub-aspects like Dental, Vision, etc) is a basic fundemental human need. This is the wealthiest nation in the world; this nation is so wealthy that our definition of lower income bracket has a lifestyle that exceeds the wealthy of other nations in many respects. It is just fucking pathetic that a wealthy nation like this can't afford to provide the essentials to its citizens.

    It might hurt your work ethic but the secret is that working hard does NOT bring success or a guarantee of making your way in life. The only ones who claim that are the ones that worked hard and succeeded.

  19. BGSU's IT usage policies by harpune · · Score: 4, Informative
    A little digging on BGSU's website comes up with what is likely the actual policies:

    http://www.bgsu.edu/downloads/cio/file9602.pdf

    12. Attempting to circumvent computer system or computer network security systems. Attempting to circumvent University computer system or computer network security systems, or using University computer systems or computer networks in attempting to circumvent security systems elsewhere.
    and

    22. Anonymous use, or use of pseudonyms on a computer system or computer network to escape responsibility. No person shall use a computer system or computer network anonymously or use pseudonyms to attempt to escape from prosecution of laws or regulations, or otherwise to escape responsibility for their actions.

    Now, the first one seems like it is worded vaguely and may or may not apply in this situation, but the second one is pretty clear: as long as you are using anonymity services "to escape responsibility". Clearly, the professor was not trying to skirt the law or detection for any shady behaviour. of course, in the eyes of admins, allowing any use of such anonymizers could be dangerous to their network, and make their jobs harder.

    I take most issue to the detectives' request that the professor refrain from discussing Tor in his classes. It would be academically unethical for the prof to bend to this pressure because a little pressure was put on him by the rent-a-cops. The detectives can ask the professor to do whatever they want, but dictating what he can and cannot teach in his classroom is inappropriate.
    --
    Shriver

    And a thousand thousand slimy things
    Lived on; and so did I.