Slashdot Mirror
MIT Tracking Campus Net Connections Since 1999
An anonymous reader writes "MIT has been monitoring student internet connections for the past decade without telling them. There is no official policy and no student input." The Tech article says, though, that the record keeping is fairly limited in its scope (connection information is collected, but not the data transferred) and duration (three days, for on-campus connections).
At our university, the lawyers would have a fit if we weren't.
I'd be very surprised to find a college or ISP that didn't monitor their network in this fashion. Looks like maybe they are keeping DHCP, transparent proxy, and network statistics. Plus they are doing intrusion detection and looking for malicious activity. The good news is that they are not keeping these records long term, but only for a reasonable amount of time. If they are having a problem or suspicious activity then they probably keep it longer. Face it, your internet activities are NOT anonymous no matter how much you'd like it pretend that it is.
I can see the argument that you could in theory back out the web surfing history of a particular mac address.
These are things any self-respecting network should be doing. The issue here is students not realizing that some monitoring and logging is done. I'm willing to bet that consent to monitoring is referenced in an agreement that the students signed, but that the details of the monitoring are not spelled out.
At my work, users sign agreements on acceptable use and consent to monitoring. I only dig into the logs if there is a problem, the IDS flagged something, or an accusation is made. Sometimes the logs prove innocence, btw.
Part of the problem with this sort of thing is, with no policy, where do reasonable expectations of privacy for using someone's pipe they've offered you access to begin and end? In general, with no privacy policy, there is no expectation of privacy, unfortunately.
or the feds snooping, i am really frankly surprised
you actually want to depend upon the federal government for your security?
you want to depend upon some school, some cable company, some phone company not to snoop on you?
whenever i'm encountered by this strange slashdot groupthink, i really have only one thing to offer: if you put it on a wire, if its outside your control, then the security or privacy of whatever you are doing is nothing you should count on
the outrage seems artifical, contrived, illogical, exasperating
if you want security, if you want privacy DON'T PUT IT ON A WIRE OUTSIDE YOUR CONTROL
beginning and ending of discussion
as if you actually want ot TRUST some other entity to do your security work for you?
hey, how about this: YOU are responsible for your security
you, and you alone
is my pov really that strange?
it seems odd anyone should consider it any other way
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
The University provides Network access to the students. You do not provide him access to his car. Pick a better metaphor.
IT Professionals, working for major Universities, monitor network traffic?
No. Fucking. Way.
I mean, really, while it's wrong that they store the data without telling the users, and while users should have better expectations of privacy, you have to look at this in context. They are only storing the data for 3 days, and it's only the connection details rather than the content. And the context that this is in, on Slashdot, is that a few articles down the FBI and the state of california are going to take and warehouse DNA from people that have not been convicted of a crime. I'm not saying this is inconsequential, but considering what's going on in the world in general, from state bodies, what MIT is doing should probably rank fairly far down the list of things to worry about.
Seriously, they keep the records for 3 days for most traffic and 30 days for anomolous traffic which might indicate a threat to the network. Most networks I have seen keep data for far longer just because nobody ever bothers to clean out the logs.
The fact that they have a policy for cleaning the logs puts them streets ahead of the most network admins and yet they are being portrayed as the bad guys here.
Storm in a teacup if I have ever seen one.
Slashdot: Proof that a million monkeys at a million typewriters can create a masterpiece
This is Quentin Smith reporting live from the Massachusetts Institute of Technology. News agencies are reporting that MIT has been keeping records of network activity. It's a practice called "logging" by hackers, crackers, and other computer deviants. Using nefarious software techniques, "loggers" can identify and disrupt innocent users' botnets.
Individuals with limited knowledge of computers like MIT students are particularly susceptible to these types of attacks. To combat these "loggers," experts suggest disabling firewalls and updating account information if you receive an email from your bank.
In other words you are afraid of people with guns. I once got punched in the face, standing at a bus stop. It was terrifying. And yet I don't go around asking that all fists be taken off the streets.
The world we live in is a dangerous place. I could have just as easily been stabbed, or pushed in front of a train. The sooner you learn to deal with the inherent dangerousness of life, the happier you will be.
Qxe4
This is what happens when someone makes a stupid car analogy on slashdot. Instead of trying ignoring it or steering the subject back to what's actually being discussed... people /extend/ the damned things, making them /worse/! Little hover cameras? Gah!
And fascists don't come out of the 'right-wing-small-government-yokel-in-the-woods' fray. It requires a Socialist leader (Hitler, Mussolini) to create a fascist state: You have to tie industry and finance to the government under the guise of rescuing or improving the plight of the working class. Hey, wait a minute!-
!#&*
Instead of trying ignoring it or steering the subject back to what's actually being discussed
Ach! I know, I know, they put the pedal to the metal and just keep rolling and won't put the brakes on and finally literally drive the thread into the ground!
Shop as usual. And avoid panic buying.
...is just enough time to figure out:
a) where the bomb threat came from.
b) which building the suicidal student needs to get talked down from.
c) who impersonated the professor to cancel an assignment.
d) how a lab router ended up sniffing for passwords.
All of these things happened while I was in campus IT, but I never heard about an RIAA/MPAA complaint about something that happened less than two weeks prior, so this really doesn't look like undue outside influence to invade student privacy. It's just responsible network management.
There's no failure quite as dissatisfying as a complete and total solution to the wrong problem.
But any student with an ounce of common sense OR technical knowledge would have assumed they were. I'm surprised their data retention is as limited as it is. Not every single action needs to be spelled out in a contract with the student. The simple fact that the campus OWNS the networks gives them automatically all sorts of rights.
More to the point, if I were in a position to obtain a stash of plutonium, I don't think I'd be very concerned with whatever plutonium-control laws the rest of society might see fit to pass.
I would be no more interested in plutonium-control laws, than criminals are interested in gun-control laws.
First, I'd like to thank the GP for pointing out your hypocrisy. Second, I'd like to point out that "assault weapon" is either redundant or nonexistent. Stop using that made-up scare term.
"Yokels" like me who live in the western USA and "cling to guns and religion" are a very, very poor target for anyone hoping to "rise to power". Farmers are independent people. No Marxists, Muslims or any other -its or -isms come here make speeches. They'd be wasting their time. There's a reason people like Lenin stump in the cities.
As for your statement that guns do not protect democracy (I think you meant a republic), I think you ought to take a look at our very own Revolutionary War. Do you think the Continental Army would ever have been able to defeat a world-class army if nearly every able-bodied male didn't have a gun and know how to use it? You say I'm confusing the arena of a civil setting with outright war. In order to protect freedom, one must be able to stage an outright war (see American Revolution again).
I appreciate most of your posts and often mod you up, but you most definitely have a logical disconnect regarding self defense.
The government can't save you.
So, what's your solution then? A gun prohibition? I suspect that will work about as well as Alcohol Prohibition or the "War on Drugs", which is to say not at all.
The current arrangement in no way perfect. But there's no way to prove that a divisive campaign to rid the public of its arms wouldn't be worse. And even IF there are less bodies in the end, at some point one needs to consider how the people live rather than how many die. Being servants of the state or victims of the largest, meanest group aren't exactly desirable outcomes. And what about the will of the people? If the majority of voters see a place for firearms in private hands, why should they be denied that in a Democratic country? Because you know better? For their own good? Such is the mindset of an oligarch, an authoritarian.
-Grym
Um, no, they can't. They kindof have to use that one. Especially if they live in the dorms.
How comfortable are you with your ISP and landlord tracking you?
Liberte, Egalite, Fraternite (TM)