Slashdot Mirror
Ask Slashdot: Dealing With University Firewalls?
An anonymous reader writes "My university only provides access to the web, via a restrictive content filter and proxy service. There is no access to the wider internet. I was wondering if this is common, and if anyone has any suggestions on how to go about protesting the issue. I've spoken to the lecturers and they have the same frustrations I do. I've also spoken to the head of the IT department who spouted lines about 'protecting the network.' This is very frustrating, I've seen a number of students making use of 3G/4G dongles to get access to the net and this just seems crazy. The restrictions applied to the web are draconian, with sites such as hackaday, hypberbole and a half, somethingawful, etc being blocked." What would you do to get better access?
Get over it.
Sigs. We don't need no steenking sigs.
In that case buy a ssh shell minimal hosting account for 2-3$/month.
Create a tunnel.
And browse.
If paid public VPN services are allowed, you can also subscribe to such services. Of course, your browsing will be slower.
My Aurora : http://www.youtube.com/watch?v=o91ZsGwJYyg
FB : https://www.facebook.com/TanveersPhotography
Become friends with a member of the IT department. Alcohol can go a long way in beginning an IT related friendship.
If you want unrestricted web access then pay for your own connection. Don't bitch about IT people doing their job properly, their primary goal is not to be an ISP for you to surf the web. Most corporates and government agencies all apply these so called "draconian" restrictions on thier staff and it isn't because they are all bastards. Basically your average user can be trusted about half the distance you can kick them, they all think they know what they are doing until something goes wrong then it is IT's fault for not protecting them.
Which means you can setup a dns proxy for IP traffic and use it. It's not fast but is very handy to have ready when you're for example on a wifi that wants you to pay for using it via some kind of web page.
My university doesn't restrict internet access - they, however, ask you to not do anything illegal and log your activities. They give me 1GBit internet connection by cable or 450 MBit/s over WLAN (which I don't know how it is possible) so I can download stuff as quick as my slow laptop harddisk can save it.
However, if they'd restrict access, I'd probably use TOR or some proxies to get full access or I'd set up a VPN connection to my server and access the internet in that way.
To choose a school based on it? Not going to a University with these restrictions is one way to vote with your dollar.
If you don't plan on leaving, warn incoming students about these policies. Perhaps encourage them to ask about internet restrictions in their interviews. If it's a deciding factor in student enrollment numbers, they'd think hard about it.
Further, you can petition and urge students to speak out against it. Taking action is an option.
If they're dumb enough to lock down internet access to the point that it becomes unusable for work purposes whilst still allowing their network to be trivially bridged by 3G dongles then you're already fighting a losing battle. Chances are that the people writing the policy don't have the slighest clue what they're doing but have read some stuff about how the internet is bad and so should be blocked; be glad they don't do things like blocking all Javascript from running, which I've seen in some companies, thus breaking just about every site they don't already block (though arguably that's as much the fault of the websites in question as the security policy).
Depending on their application security policies, if you've got a PC somewhere (friends, home, hosted box) with access to the internet proper, run an SSHd listening on a port you can get outbound on from the university network (if there even are any) and proxy all your traffic through that with a copy of Putty and something like Portable Firefox run off a USB key.
Otherwise, you could try organising students and lecturers against the stupid IT policy, but I wouldn't hold out too much hope of getting anywhere.
I have this at work. get your sshd to listen on 443. if they manage to block that, start a petition. DPI is evil.
Why not just setup a VPN real fast with someones DD-WRT router. I did this at a job that had a really obnoxious content filtering thing that actually prevented me from doing my job. I just vpn'd to home, but you probably have at least one friend in town that has something good enough for you to work with. Even a shitty VPN will do, since your not trying to protect anything so much as evade things.
"Computers will never truly be free until the last windows user is strangled with the entrails of the last mac user."
In all Universities there is an "Inner Circle" formed by network admins, who are impervious to proxy filtering.
The incantation to enter that select group is:
"Hey, I'd like to help with the university network maintenance. Can I do it as a practice? I'll do it for free."
This psalm recited to the right university demon will get you access to the University's network system. With luck, in 1 or 2 months you will have the relevant network keys/info. Probably you will have the rights to whitelist the pages you want.
Then move out of there.
Back when I was at university, I bought a cable for my phone and got myself some sweet, sweet 9k6 access over GSM. It was faster and more reliable than the connection in the uni's computer labs ever was, not to mention no BS filtering. Paying by the minute made me focus on getting the job done and hanging up, too...
As far as filtering goes, the conventional way around that was to log in as someone else. After all, their username was their matriculation number and the default password was their date of birth... If you couldn't read a classmate's ID and social-engineer his birthday out of him, no matter - the uni helpfully had an easily-accessible printout of the entire student body's personal information (in fact, you had to sign to get your grant, so they left it on the public side of the window), and those last few pages were awfully loose...
Because Slashdot is a joke now. It used to be a place where IT people hung out.
Put identity in the browser.
....everyone else, or me. However, to me "restrictive access to the web only" and "no access to the wider internet" means to me that he's not going to be running an SSH or VPN proxy to anywhere (except the VPN access that runs over the web ports, and I guess SSH on an alternate port if it's a simple port filter).
OpenVPN on an openVZ virtual server. A 128k server to $2-3/months should be fine.
And OpenVPN is VPN over HTTP/HTTPS.
But organize a protest. It should be easy to get huge support for it. Start it up on facebook.
Seriously, you're not going to win this one. Get your own Internet. And by all means invest in the offshore VPN service too, so you can find out what the real Internet is like behind the Great Firewall of America because that's where we're going now too.
Help stamp out iliturcy.
I'd say the university isn't fulfilling its role, and you should definitely rally to change things. The purpose of the university network (besides supporting research communications) is to allow you to learn.
During my undergrad the university I attended provided full firewall-free internet with a *public* IP from their block for everyone who plugged in (and no-questions asked CNAMEs). The wireless was of course NAT'd but I had no problems.
This all worked because of the genius way they solved problems was genius. If IT detected any funny business, a tech would physically show up at your lab/office and ask you what was going on and make you fix the problem right then and there.
Make friends with someone in your Cultural/Media Studies faculty. Preferably someone doing research into social media, emerging cultural phenomena, self-organising cliques, something like that. Then get them to repeatedly hassle IT to give them access to blocked sites, claiming its for their research. I reckon after the fifth time IT will give up and just open up the whole network (their router access control lists will get unmanageable for their competence level).
My former university used a VPN-service, where every student had to set up a VPN on their computers, and connect to the VPN-server before being able to browse the web. One of the guys even admitted that they're raping the VPN standard in every way possible by using it to connect outwards, rather than inwards, but still they stuck with it.
The downside was that until the VPN service connected, there was absolutely no traffic to the wider web, which includes Google DNS. So every time I wanted to connect, I had to reset my DNS settings to use theirs (I was too lazy to edit the address into my hosts file every time I remembered). That, and the fact they kept a detailed log about all your activities while on their network.
Hyperbole: I use it liberally!
As a /. reader, I can only assume you're rather technical. Isn't this something you discovered before going there?
Frankly, I wouldn't go to a school that did this. And I didn't. Thankfully, my first choice doesn't do anything like this. Traffic is unmonitored, but for legal reasons you have to register your MAC address to your university credentials to get out of the VLAN. This happens automatically with authentication to the wireless network, or manually through a captive portal for Ethernet.
As required by law of all ISPs, they will use this to forward DMCA notices, which happens pretty frequently. I can't exactly fault them for that. They'll also notice if you're really hammering the network with worm traffic or something, in which case they'll kick you off until you get the system cleaned up, which I can't fault them for either.
But other than that, they're pretty much out-of-the-way. They definitely view themselves as more of an ISP than anything academically-relevant, which is good. The university structure also places them at the same level as the individual schools (liberal arts, engineering, business, etc), and each school has its own school-specific IT that runs their own email and webhosting and so on, all of which helps keep them pretty much service-oriented. They pretty much provide internet access and server space to any university department that wants it (and pays for it, in one of those interdepartmental money-shuffling schemes), and otherwise back off from content management. Individual schools are free to filter whatever they want, but only in the school-managed network. In practice, none do. Even if they did, the dorms are separated out from that.
Not to mention the university is almost as liberal as they come in terms of information freedom.
But in any case, the university is your home for the time you're there. I wouldn't live somewhere that did this, and I wouldn't go to a school that did this. Not even because of the inconvenience - think about what that suggests about how they view academic and intellectual freedom.
I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
1, technical. VPN. There are plenty of cheap providers out there who exist to fix this problem, or just find a friend who's willing to let you bounce off their home network.
2, administrative. Go over the head of the technical guy who's blocking the net. You will need to do your homework first: have a good business case for why the current policies are a) inhibiting your (and many others') legitimate needs and b) aren't reasonable, necessary or effective measures to achieve security. If you have a hundred signatures on a petition you'll probably get some attention.
Depending on where you are located, you can use 3G or 4G data on a phone or a dedicated hotspot. Unless you plan on going hog wild on it.. Then you control your access... Hard to imagine that you didn't know this going in though.... you did ask before you signed up right?
Unfortunately, 90% of the headache of running a network is the userbase. Even in a small secondary school it can be difficult to keep people from abusing the connection (hell, I know I abused my uni's connection when I was there, not to mention their storage, FTP, CPU time, etc.) without policies like this.
They are providing you the service for things related to your work. Those sites you mention are not related to your work. Even if they were, the abuse of people using for things NOT related to their work is a burden that the IT department will be able to statistically measure. Otherwise they wouldn't bother with the hassle from students, staff, and technical problems associated with limiting your access.
It's not a question of "experts vs students", it's a question of different priorities. Even if you escalated it to the Dean themselves with the aid of staff, you would all end up sitting in a room with the IT guys who would explain exactly how much traffic that system cuts out, how many lost hours, how fewer abuse complaints they receive, how many more PC's they'd need to cope with the extra demand because of people hogging the computers for personal use, etc. and all for something that - if a site is genuinely vital to your work - they would gladly adjust to make sure it didn't interfere with your studies.
And then either you or the Dean would end up basically agreeing that what's in place isn't actually that draconian after all, and standard practice for most places for SEVERAL, very good, measurable, verifiable reasons. And every year you'd have the students/staff make the same argument and every year since the 90's it's been less of an issue because - as you point out - if you want unfiltered Internet for personal use, you can get it for next to nothing. And hell, in any university town I've ever been in, every cafe has free Internet to draw students in.
You have paid the uni, indirectly, to support your studies. If they are not supporting your studies, you can complain. But you can't complain that they aren't other personal Internet services to all X thousand students on their campus without paying the difference it would cost.
In my experience, working in schools rather than universities, I wouldn't be surprised if traffic (and therefore costs) quadrupled the second they relax their policy, even if they DON'T announce that they've done so. And those sorts of places usually run HUGE dedicated lines that are the backbone of the Internet - X thousand students accessing junk sites is NOT more important than the chemistry lab pushing a few Gigabytes around the world to their research partner. I assure you.
You have a workaround in the form of your own Internet connection, use it. If you want the uni to provide it, they will charge you MORE for the same thing because they are NOT an end-user ISP.
Do not advertise the VPN provider who sold his customer to law enforcement last year. Bustmyass.com it is.
If you were complaining about web sites related to your studies, you'd have some justification. The University network is there for studies and work, not for pissing around on.
[At this point maybe I should confess that I spent all my mainframe time allocation at Uni playing the original MUD... :-P ]
Donte Alistair Anderson Roberts - hi son!
Karma: Chameleon
Universities do not exist to restrict information. Anybody who thinks they do, is not doing their job.
I agree that it is likely and administrator, rather than the IT department, who is responsible, but don't count on it. That's just worthless guesswork. You can find out.
Whoever is responsible, don't listen to all these wimps who just tell you to cave and pay for ANOTHER internet source when you're already paying for this one. Get hold of EFF, EPIC, the ACLU, and anybody else you can, and tell them your academic freedom is being repressed. Because it is true. But get some help. There are organizations out there who can not only help you find who is responsible, but put pressure on them to change the status quo.
Don't cave and just buy an expensive cell phone data connection (especially with prices going up). Fight the BS. Because that's what it is: BS.
The following serve as an overview. You would like to do your further research.
(1) SSH client (inside) ---SSH Tunnel--> SSH server (outside, with webproxy)
This may be the simplest setup, and the client could be linux or putty on Windows; and the server could be linux or CYGWIN on Windows
(2) OpenVPN client (inside) ---OpenVPN handshake--> OpenVPN server (outside, with internet routing)
You need to setup an OpenVPN server outside. For example, I reflash a CISCO router with OpenWRT at home so that I can connect from anywhere with OpenVPN client and use home's internet. This method could drill through most firewall/proxy, because it can be configured on any port, and any protocol (TCP or UDP).
Above methods requires setting up Internet connection outside. You might want to circumvene University's security policies directly, say by malform URL request. However, I do not recommend you to do so, as it would be considered a direct attack on their firewall.
Check out proxy over dns. The dns is usually not as heavily filtered as the rest. It's not as fast (and you would need a computer you can connect to from outside, but it won't be subject to the same limitations).
What if it's simply reflecting the types that are passed off as IT people now?
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
If you can go to your course lecturers and justify why you need access to Hackaday to complete your course, I am sure your lecturers have a process to unblock the sites.
In the meantime there are 1000s of other students trying to use campus PCs without needing to find them screwed over by the previous user. What you *might* be able to persuade the University to do is to provide an unrestricted wi-fi point on campus for personal use.
University isn't normally free.
Also they Uni is wasting additional money on licenses for software and products to block everything, when it would be cheaper for them to provide a wide open internet to paying students.
“Common sense is not so common.” — Voltaire
If you're staying in university accommodation, and they're in a monopoly position as your internet provider, then they have an obligation (moral and possibly legal) to provide an equivalent service to what you'd get from a commercial ISP in private housing.
I am trolling
Unlimited access to internet is much cheaper than university administrative fees for such things as, you know, internet connection.Your concept of "free" is quite distorted.
This happens. And Its sad that university which should be a home for free flow of ideas just block the very channel for it. Even more frustrating is when access to IRC is blocked! I used tor but many IRC servers do not like that and they will now allow you on their network. IMHO blocking traffic where it prevents blocking of network is the one legitimate (e.g. torrent which just sucks up the whole bandwidth). I think when IT guys say that they want to prevent malware it shows they are too lazy to do their job of keeping the networks and computers safe.
I'm working at a university in Sweden. This kind of behaviour would be totally unacceptable here (afaik).
Sure, the wired net with static IP's has a MAC filter but anyone is welcome to use the guest wlan which works ok as long as you don't need to access file shares behind our firewalls.
As a member of an IT systems admin team for a faculty we've often got specific mandates which services we must restrict, and to what end. What you may also be up against, other than 'unprivileged' access - is politics. Students do Naughty Stuff (tm) - that's just a fact that keeps on proving itself true time and time again. Even if you can speak for you, your friends, or your entire course - I can bet dollars to donuts that there's someone out there trying to do something shifty. Case in point: I was seriously asked to relax the restrictions on banning Steam so a student could "download 10 or 15 gig so i didn't have to do it over dial-up". On-campus living - sure, i can see where restrictions like that may diminish any sort of sanity saving software platform ( Valve fan \o/ ), but I'm not going to open up a faculty network just so you can play games. It's an education facility, not your personal high speed connection to the 'net. If you were a postgraduate student researching something that required access - then by all means get your supervisor to approve your request and I'll be more than happy to make it happen.
That being said - outline a clear case of why you need certain things re-classified and you may have a better case to work with. I am not suggesting that this tactic will work - as there's probably more to the story ( see - plug and play filter lists/software/appliances which remove the need to dedicate an entire FTE to putting classifications on traffic going out ) than you really know, but it will certainly stop you from seeming like a whinging student and more like an intellectual who is using sound reasoning. Hell - if you are able to find clear, repeated examples of wrongful clasification of websites, you may be able to enact a reconsideration of what's being used to deny you access or relax the level in which things are blocked.
Of course, they might not care. Who knows?
--- perl -e 'printf("%s\n", pack "H*", "7369670a676f6c677940676f6c67792e6e65740a2f736967")'
That's about the time a large portion of /. became a joke. While I still enjoy many discussions here, there is a definite difference in the /. of today and the /. of ten years ago. As a rule, any industry (including IT) has always had its share of pretenders, but they certainly seem to be much more numerous in IT these days. I blame it on the ever increasing trend of people going to college to get a piece of paper that allegedly qualifies them to do technical work, regardless of their actual ability to do the work.
Signed,
A /. user of about 12 years who recently created a new user account.
Write failed: Broken pipe
Rutgers University bans ssh public keys. Ergo, all the students employ expect scripts that contain their passwords. These expect scripts aren't from students writing em' themselves, but just copied from friends. In particular, there are students who barley know what ls and rm do, but certainly won't know to change their password if their laptop gets stolen. And students commonly hack one another's accounts by copying said script.
The Christian religion has been and still is the principal enemy of moral progress in the world. -- Bertrand Russell
See if there's an on campus computer club, that will almost certainly lead you to people, servers and networks that will help with outside access.
A few things I've seen used on campus:
-SSH proxy tunneling
-VPNs
-IPV6 related workarounds
-'partner' universities and organisation that can be accessed/tunelled through without going through the firewall
-wifi router/repeater with long distance wifi link (eg with a 'cantenna') to an off-campus house/building
-friends that work for campus IT, local ISPs and the university's ISP
If you're talking about torrents, then I have one word: BitcoinTorrentz. Cheaper than a VPN, you get your torrented files over a standard port 80 HTTP connection (though it is NOT encrypted, if that makes a difference), and hey this is Slashdot so LOL ANONYMOUS MONEY for whatever that's worth.
For all other normal web traffic, yes your school is being very Draconian if they're blocking the likes of Hackaday. I mean hell, that's pretty much "Great Firewall Of China" levels of censorship there. I frankly don't know what you can do as a single person to try and change that, but know that most colleges in the US don't filter Internet traffic at all, so your IT admin is almost certainly on a power trip if he's implementing these sorts of policies.
Unlimited access to internet is much cheaper than university administrative fees for such things as, you know, internet connection.Your concept of "free" is quite distorted.
The fees won't just be paying for the connection. There's a whole bunch of services too, including not just email but also things like having people around to help when things go wrong. That really costs and the value is invisible until you really need it.
"Little does he know, but there is no 'I' in 'Idiot'!"
If so ...
This is the basic test to see if you are worth letting back for the second semester. /. I suggest your consider a different career path.
As you have posted this question on
As you obviously want other technical people to get you out of trouble and solve all of your problems for you, I suggest you look at Sales and or Marketing.
Something tells me you have a natural aptitude for either of these.
I've read the comments from stories from 2002. I don't see how are they much better. Are you sure you haven't forgot to take off the rose-colored glasses?
Dilbert RSS feed
Most (all?) universities have a union to represent the needs of the students. Get them to raise the issue and it's likely to be a lot more effective than one man's personal protest.
Comment removed based on user account deletion
He's asking what options are available for getting around a problem he has. When someone's IT policy is threatened here, dozens of people instantly rush to its defense. The topic wasn't started to debate whether it was a good or bad policy; whether the IT department here was doing their job well; whether they were just crazy with power. Nor was it a pity plea; they don't want your derision.
/. how to deal with the situation. If someone asks you for help fixing their car, you don't launch into a rant about the engineer's design and material choices and how they know better. Hopefully, you go about helping them fix the problem.
They wanted a solution to their problem. That's why they're asking
There's no point in having Ask Slashdot if the replies are all posts telling the asker they're meddling, they're stupid, they're lazy, they don't understand. You aren't obligated to respond to the questions. If you don't have a solution, don't say anything and avoid being an unhelpful dick.
If it is a private university, then yes, they can do whatever they like, no matter how stupid it is. If they are a public university, then no it isn't "their bandwidth" it is "the public's bandwidth" and they have certain responsibilities.
So that's the first question to answer: Public or private? If it is private, well then suck it up. Private schools can, and often are, stupid with some of their rules. My recommendation is don't go to them, go to a public university.
If it is public then the thing to find out is where this is coming from. If it is from on high, the board of regents, there may be little you can do, though you can investigate state law, maybe talk to FIRE. However if it is coming from an overzealous IT department, then maybe it is time for them to get smacked around and learn that they are there to provide a service, not to act like despots.
In that case maybe talk to the faculty senate. The faculty and administration can ultimately tell the IT department to sit down and shut up, they perhaps just need to be made aware of that fact. Get information from other universities, see how they do it. You'll have no trouble finding places that provide essentially unrestricted Internet access (the university I work at does). Present the faculty with ammunition that it can and should be done a different way and they may choose to affect a change.
As something of an example of the second scenario in the private sector, my dad worked as a VP for a company;s American branch for many years. They decided to bring him over to the British branch for a bit to clean shit up. So he is over there, meets the guy who is the director in everything but title of that place (that was forthcoming). Guy says "Hi, welcome, I've got to go to this meeting, here's my office make yourself comfortable, I'll be back in an hour." My dad decides he'll check his e-mail and such things on the guys computer. No luck, can't get on the Internet.
He has someone call IT for him. IT comes down and says "Oh ya he doesn't have Internet access, he doesn't need it." Umm what? The guy in charge doesn't have Internet access? And who the fuck decided he didn't need it? There was no company policy to this effect. Dad snarls at them, 5 minutes later computer has Internet access. The IT department there was very tyrannical. They made rules all of their own and it just never really occurred anyone to yank on their chain.
Remember, and I say this as someone who works in IT: IT is a service industry. You are there to help people get their jobs done. That means not putting up artificial blocks to shit. That doesn't mean no blocks at all, you have to do things for security, compliance, and so on. However it does mean not being asshats and doing things like offering nothing but extremely locked down web access.
Also any time you say no to something, you need to have an alternative. So you say "No, you can't have an FTP server. The passwords are clear text and that is insecure. However we will happily help you setup an SFTP (SSH) server instead which is fully secure."
At any rate step one is to find out from where this policy comes, then you can see if anything can be done about it.
HARDEN THE FUCK UP!
Fortunately most universities I know (at least in the UK) respect this. They might hate having to deal with student residences (the wild west), but they prefer to generally treat students as adults and respect that the internet is far too useful as a tool to have some guy lock it down in the misguided name of security.
Now there's one hoopy frood who really knows where his towel is!
Asking a stupid question will get you stupid answers.
"How can I bypass my University's IT policy against their wishes" isn't a question that requires an answer. It's like asking "How do I deploy an open telnetd running as root on the Internet?" or "How do I bypass the fact that my ISP allow me to put my unauthenticated Windows fileshares online?"
When you're doing something stupid, don't expect people to help directly. You think that telling someone they're doing it wrong isn't helping. It is. It helps them learn that they shouldn't NEED the answer to their question.
If someone phones up a garage and asks how they can wire the metal door-handles directly to the battery, or how they can illuminate the petrol tank with an uncovered candle, you'd expect them to be similarly unhelpful. Because it's a stupid thing to do, and if you want to do that, you're on your own. Our "help" is to tell you not to try.
No more than they can opt of out paying for a lecturer they don't get on with, or a worksheet they didn't want, or a projector they didn't want to use in the lecture hall, or a piece of grass on the university grounds, or the rubbish collectors hired by the uni or any one of a million and one costs.
You bought into the uni, they had clear policies on what was and was not provided. Your problem. Sure, a uni that had an "open" policy might be more popular, but probably more expensive - but that's the choice you made when you signed up to that university.
Get friends to start buying old linksys routers and create your own rouge wireless internet campus wide. Get people to donate to pay for hardware and a few cable modems at the perimiter so your mesh network can have multiple internet gateways to balance the load.
Old routers and openWRT will do this, then start putting them up.
you are in college, it's time to be subversive and community building. a non uni owned student run wireless internet setup is the best way to do this.
Do not look at laser with remaining good eye.
Unless they have a default-deny that only authorizes certain websites, you can set up an HTTP tunnel.
http://en.wikipedia.org/wiki/HTTP_tunnel
There's software available for it, you don't need to be a fancy hacker to use this.
In extreme cases, you might be able to work around default-deny HTTP filters by using DNS tunneling. It's horribly, horribly slow, but it works on some of those hotel connections where you would normally be able to access only one webpage, where you have to pay a fee to get X hours of connectivity.
Here's an illustrated tutorial: http://analogbit.com/tcp-over-dns_howto
Have fun!
It's the principal of the matter. If your service is based on the premise of anonymity you shouldn't fold to the cops unless required by law. Even then you shouldn't record any data of substance that can be used to prosecute customers.
You might want to check your University's Network AUP and make sure you won't get expelled for wanton evasion of their security policies.
Best bet is probably to get your own cellular modem, or move off campus where you can get your own DSL/Cable/Fiber. It's their network, and you should abide by their rules even if you don't like them.
When I was at University the way to get things changed was to get a group of people who were interested enough, and then go and occupy something inconvenient to the administration to get the message heard.
Korma: Good
I run into this with clients occasionally. I don't do onsite development work unless I am able to bring my own dev laptop and screens and other equipment including a hardware firewall between their network and my machine. And I don't use their email servers. I've been fortunate that it hasn't been rejected so far. Some clients only allow http/https access going out. I set up my dedicated server with multiple IP addresses for ports 80 and 443 that reroutes for pop/smtp, terminal services, etc... I ask the client first and show them my routing setup. Usually their policies are in place for non IT people and they just don't have different network policies for various departments.
Well... i'd say the solution is not a technology one (though many of those are available and many have been mentioned).
The best solution would be to transfer to a real school, because if they have as restrictive of a policy as OP suggests they're probably a crappy school anyway.
An easier one would be to just use a phone or get DSL or cable or something to get to the blocked sites.
Pay for it.
Those students with the 3G and 4G dongles that you're laughing at have the right idea.
Internet access is not a "right", bub. It's a service you PAY for.
I do not fail; I succeed at finding out what does not work.
I've been the internet cop is several organizations during my employment history and have seen administrators (not IT people) declare everything from "ALL shall be free!" to "Don't let them do anything more than their job" as a standard to use for filtering. Most likely what is happening is that someone, not in IT, has the list of "categories" from the filter service provider, be it Dan's Guardian or a big company like Websense, and have picked the usual suspects of Adult, Security, Malware, and Offensive, along with Hate Speech, Violence, and IT related" and flipped the filter on. The University Administration will ask you one question and one question only, "What part of your EDUCATION" is being effected by this? AND remember these people have fairly well tuned BS detectors. This isn't your parents' basement, they have the right to do what they will to reduce costs (your tuition) by protecting their network and reducing bandwidth use. If you don't like the on campus connection then move off campus and PAY for your own net connection where you can surf to your heart's content and waste your parents' money on reading hackaday instead of getting the Business Degree your parents are paying for by working overtime. And if you want REALLY draconian, they know eveery website you attempt to go to, whether it's blocked or not, and with the newest tech, they are doing a man in the middle on all SSL traffic so they know what you are doing there as well.
~corporate tool, but employed~
I'm assuming you live in on campus housing with the internet connection being provided by the university and pretty much mandatory. I think the old 'vote with your wallet' applies here... don't pay the huge fees for living on campus and find an apartment near by (check the bus routes if you don't have a car, and see if the buses give student discounts). Then you can have whatever internet connection you want. Do it soon, as this time of year, in my experience, is when spots start filling up. Doesn't mean you will have to move immediately, as many landlords near college campuses know students have to complete one housing assignment first, then move. They are usually just happy to have a guarantee of a rent check coming in. If you don't want to stay over the summer, then you may have to work out a deal where you pay half-rent during the summer to reserve the spot or something. Check your options. Find some roommates. See what they are willing to do.
In the meantime, do as others have suggested and see if SSH tunneling and such is blocked. If it is, see about getting it unblocked. You could use the excuse of having to log into a server you own for non-school related projects. Employers like to see personal projects during interviews, and not stuff you were forced to do for class, so blocking that is hurting your chances for future employment. Doesn't matter if you are or are not as that point stands quite well.
Vol~
I'd question "anonymous reader's" facts. It's difficult to believe such a restrictive setup would ever exist as a general, university-wide policy. It's much more likely that the "anonymous poster" failed to set up an IT required _proxy_ service, which is a quite common practice. It's also possible that the firewall is for a smaller, restricted part of the network, such as those handling confidential data. Well managed proxies in these environments can help manage network abuse, help prevent or control malware, and restrict potentially network expensive access to porn, P2P services, or to track use of university funded resources, and help manage unregistered clients plugged into the university's networks, especially those using poorly secured wi-fi access points.
I've also regularly seen people refuse to use the proxies who see them as limitations of their rights, and especially as interfering with their use of "their" computers, whether the university or company paid for them or not. This can usually be resolved with a short discussion with the person, explaining why the proxies have proven necessary. It cannot be resolved by giving Slashdot advice about how to work around the firewalls or proxies, because that creates a whole new set of potential problems.
When I was at Uni over a decade ago now, the firewall rankled with me (I'm a grown up...let me choose! ;) so being somewhat childish I attached a hardware keylogger and reported a computer fault (I think i cleared the isntalled printers and said the "PC won't print"). Anyhoo, next time I cam back to the lab I had me an admin login. This didn't allow me to access the net through my user, but interstingly the admin account seemed to have pretty much unfettered access to the web. I was too scared to use it, but had I needed soemthing in an emergency...it was there ;)
You get the usual self-important IT heads here defending their own little network. It's a freaking geeks circle-jerk. The purpose of the IT department is not to run a nice little network, it's to provide service to the users. You don't get to decide what that service is, you just provide it. The number of little napoleons of network admin around here are amazing - "It's my bandwidth, not yours!" "That's not for your degree". Sorry IT gimps, you don't get to decide what's legitimate for me to look up on my university network. You're the plumbers and janitors of the network, you don't get to decide what goes down the lines, you just get to make them work. So stop imposing your own rules on everyone else and just make the system work.
...But couldn't you technically get through the firewalls and proxies via a VPN tunnel?
And if the university blocks the standard VPN ports, use non-standard port.
Admit nothing. Deny Everything. Make Counter-accusations.
Move off campus.
"The Devil does not know a lot because He's the Devil, He knows a lot because he's old." -- unknown
ports and a reason why. Other than that there's no real way of doing it except a few ways.
The world is full of graduates who passed their courses. I want to see something else if I'm hiring, like working on open source projects, writing original papers, etc. This is the sort of attitude I expect from school up to the age of 18, not a university. (And yes, I used to decide filtering policy at a university, though not a US one. Is it better to block Internet banking sites and lose an hour of someone's time to get into town and back, or take the hit and have them only unavailable for 10 minutes?)
That's all fun and games to think that way. Until other people who are paying for that access bitch. Before we filtered content, we would get almost daily complaints from students about people watching porn in the library, or at a kiosk, or the guy who sat in our public area running a business (not a student, but he did pay for a gym membership so he is a paying customer....).
We would never have enough information to find and catch these people, so we would have to run around with our little "acceptable use policy" trying to find them and get them to sign it. Then hope that if they did it again, we would get enough notice to find them again and get them to sign it... again(you know the administration isn't going to expel a student over it...).
Then one day a big shot had his kid with him and she saw a student watching some really bad porn. Now we have content filters. (At least that's the story I'm told when I was told to implement the filters). The best part was that big shot thought we always had the filters. They were really mad that IT didn't take it on ourselves to filter content.
Go complain that the school library doesn't let you access everything that has ever been printed (books, mags, etc) ... in every country, in every language. After all it is your money and your academic freedom.
Let us know how that works out for you.
Keep the Classic Slashdot.
"If you can go to your course lecturers and justify why you need access to Hackaday to complete your course, I am sure your lecturers have a process to unblock the sites."
I'll bet that you're wrong. In my experience, college IT departments are run separately from teaching staff, and usually from the stance of "we'll tell you how things work" rather than vice-versa. Moreover, this policy is so wildly nonstandard that it smacks of a tyrannical banana-republic college IT department.
Remember: Schools have an administrator side and a teaching side; the two sides are usually in direct conflict; and for the last 20+ years the teachers have always been losing.
We know where leadership by an anti-intellectual "strongman" who scapegoats minorities and likes boisterous rallies goes
Universities exist to educate students, and I would say that the idea of a university censoring anything, including what websites its students can access, is antithetical to that -- and it should be unthinkable. If malware is a concern, just disconnect infected systems from the network and refuse to assign them IP addresses until the issue is resolved.
Palm trees and 8
The restrictions applied to the web are draconian, with sites such as hackaday, hypberbole and a half, somethingawful, etc being blocked."
Did you read and understand the TOS/AUP before you signed on the dotted line, proverbially or literally? If you NEED access to sites with such questionable material that they are blocked, why not request access and specify why you need it? That's what's going to happen in the real world after you get a real job. Everything or at least most everything will need to go through multiple layers of bureaucracy to get access to products, tools, or sites. At each level there is always some sort of needs/benefits test done. As I see it the majority of students, the ones fresh out of High School at least, expect everything to be given to them with no limits or stipulations. It doesn't work that way in the corporate working world, so why should it be that way in the corporately ran education world either. I think higher ed should not be just book knowledge, but also to prepare the students for it's going to be like fro the rest of their working lives.
Don't blame me for redundant posts. I can't type very fast. Hence the user ID.
"I was wondering if this is common..."
In my experience, this is not at all common in universities. (It's the first time I've heard of anything so draconian; contrast this with the corporatists who are accustomed to it being the case in private businesses). Consider calling it an issue of "academic freedom" -- usually that's supposed to be a third-rail issue wherever I've taught.
We know where leadership by an anti-intellectual "strongman" who scapegoats minorities and likes boisterous rallies goes
The academic side of the university should put in a request for their own network, internet connection, and whatever else is needed. This should be done in a professional manner, covering all the necessary costs and justifications. If done properly it should bring the issue to the attention of those that can do something about it.
If the the request gets shut down and the access on the current network remains blocked then you are free to exercise your own options. Mine would be to switch schools.
Keep the Classic Slashdot.
I work in IT at a Canadian University. In our case, there is no requirement to go through a proxy server. It isn't necessary, although it is a strong solution to prevent running of web sites and bots on student, staff and faculty desktops.
In University, faculty have clout. Talk to them. Get an informed opinion together and make a dialogue happen between faculty and IT services. This will likely help, and if it doesn't right away, faculty can push their issue with the senior administration to get things changed, whether that is change of policy or change of the person serving as IT Director/CIO.
Of course the other option, if you are discovering this in your first year, is to switch to a campus with better IT management.
The relationship between the student and the University is much like customer/client combined with hotel guest if they live on campus. The student should be treated like a customer, and pleased whenever possible. However they cannot expect to go beyond being a guest. A guest does not have the privileges of ownership. This is what rock stars have gotten confused when they trash their rooms. Just because you pay for something doesn't make you king of it. A guest remains at the pleasure of the host. If you break the rules of the host, you are not welcome to remain. Thus most IT departments have rules that if repeatedly broken, lead to loss of network access.
http://en.wikipedia.org/wiki/OpenVPN
Looks like normal SSL traffic to your IT department. Looks like the free and open internet to you. There are plenty of providers out there who will hook you up with a connection for $5-10/month, if you don't feel like setting up your own.
BRENT ROCKWOOD, EST'd 1975
In two ways:
1) JFGI is the go to strategy for most things IT related. It is one of the first things I teach our students. Have a problem you don't know the solution to? See if someone else already solved it. Don't waste time reinventing the wheel, the solution may be out there. Even if not, someone may have done something related that will set you down the right path.
2) Youtube is where we are now posting instructional videos. When there's something that students need to see over and over that doesn't change, like an introduction to lab equipment, I shoot video of it, edit it, and upload it to Youtube. Students can then watch it at the leisure, at home or on campus, rewatch it when needed, and other universities can make use of it, should they find the content useful. It is a valuable tool for reducing the time faculty spends on things as well as enhancing the education students receive.
The Internet isn't just for LOLcats anymore. It is used for real work and education.
Also, when you are talking the dorms, I feel (and we've been told here this is legally the case) that the university has an obligation to provide unfiltered access. It is your home, you do what you like. If they are unwilling or unable to do that, they ten need to open it up to competition: Let the phone and cable companies sell DSL and Cable Modem service. You can't go and declare yourself a monopoly and then also offer restricted service.
In all Universities there is an "Inner Circle" formed by network admins, who are impervious to proxy filtering.
The incantation to enter that select group is:
"Hey, I'd like to help with the university network maintenance. Can I do it as a practice? I'll do it for free."
This psalm recited to the right university demon will get you access to the University's network system. With luck, in 1 or 2 months you will have the relevant network keys/info. Probably you will have the rights to whitelist the pages you want.
Then move out of there.
This is a position of power and trust. It isn't given to volunteers. That would be like volunteering to look after the SWAT teams guns, or volunteering to clean the bank vaults. You must have watched a lot of Commando Cody or something as a kid.
However people are often loathe to switch universities.
Parent is right though, lots of universities don't do this. We have no web filter, at all, where I work. Not only are they expensive, but they are ineffective. It would surely block shit that was legitimately needed for research, and fail to block things it should. Better to just do without.
You can find universities, plenty of them, that will not fuck with your net access. Now they'll all have AUPs and the like. You get caught doing illegal shit you can get in trouble, and if you try and suck up more than your fair share of bandwidth you'll get snarled at (or they'll be rate limits to just keep it form happening). However they won't restrict where you can go, or what protocols you can use.
Look at state schools, and particularly research schools (where I work, both are true). State schools, being a public entity, have a duty to provide the public access, including students. Research universities understand that arbitrarily banning shit interferes with research and thus is stupid.
I'm not sure how prevalent this is, but I'm Australian and my University's internet access is really not bad, most of the time. Things that I've run into that don't seem to work:
Apart from these, most things seems to work fine (inlcuding VPNs, so the list is largely irrelevant). ITS only seem to take notice if you transfer multiple gigabytes (>~2GB) within a day without a good reason, and send a warning before taking any further action.
I had a sig once. It was lost in the great storm of '09.
At my college we started with no controlled Internet for the most part. During my third year in college they implemented a filter that did similar to what the poster's college is doing. Our solution was to spread the word. Our college was primarily funded by donors and one of our strategies was to contact the donors and past alumni to get them to cancel their funds until the issue is resolved. That took care of the problem awfully quickly. The strategy is go for their wallets. We also had that crappy CleanAccess program by Cisco and bandwidth limiting; those two didn't get fixed until the guy in charge was fired.
> port 25/tcp
first thing i would filter as a network admin building a restrictive firewall. just think about all the spambots on student's pcs
> He's asking what options are available for getting around a problem he has.
There have been a couple of legitimate suggestions, if you've been reading...
1) Get their own internet
2) Present a reasonable sane argument to the university administration which probably gives the IT department their marching orders.
> The topic wasn't started to debate whether it was a good or bad policy; whether
> the IT department here was doing their job well; whether they were just crazy
> with power. Nor was it a pity plea; they don't want your derision.
If you're going with option #2 above, then you damn well have to take the real world into consideration
* know what real-world problems IT is facing
* be capable of marshalling facts on your side
That was why all the explanations of what's happening.
I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
I do find that the idea that giving unlimited internet access to a bunch of hormonally challenged students to be a one-way ticket to malware hell. It would be remiss of the IT department not to operate a white listing approach to their internet with a process in place for having a site added to the list.
This is the 21st century. Internet access, not web access, is as much a life requirement as a telephone.
Errors in a university's behavior tend to be reflected in the reputation of its degree. An error as outrageous as what you describe is very unlikely to be the only one. Flawed decisions will have been made in every other aspect of university administration. The breadth of those errors is likely to impact the value of any piece of paper you leave there with. If you don't want to waste your time, find a better university and transfer
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
* we chose a file name that matches some regular expression deemed dangerous by their IT staff ... (Yes sir, gamesexpert.com is not a sex site!)
Yep! I remember when the firewall used to block the old JPL Mars exploration website, marsexploration.jpl.nasa.gov. Notice those three letters in the middle of the word "marsexploration." --JPL eventually renamed the site.
And don't even try to access the old physics preprint site, xxxlanl, any site beginning with those letters just has to be pr0n. (that one got renamed, too)
http://www.geoffreylandis.com
transferring is so bad states have law forcing them to take community colleges credits.
But over all that is a sing that the collage system needs change / reworking.
I say brake it up in to smaller chunks / badges
http://news.slashdot.org/story/12/01/08/221257/do-online-educational-badges-threaten-conventional-education-models
http://chronicle.com/article/Badges-Earned-Online-Pose/130241/
Pay for your own access.
There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
was wondering if this is common, and if anyone has any suggestions on how to go about protesting the issue. I've spoken to the lecturers and they have the same frustrations I do.
No, I'm PRETTY sure he's asking about ways of protesting and getting this fixed, not about circumventing blocks in place...
Find a better university.
The core idea of academia is the free flow of information. A university that cannot solve problems without discarding its principles has nothing useful to teach you.
Make sure you tell 'em why you're leaving.
It is definitely the tail wagging the dog here, but if I go directly to the CIO, with the support of the dean and president, thinsg do get done, and graciously so... so the dog still can be the wagger if it so chooses to.
Seriously. OpenVPN can even breach HTTP proxies. You can also make the server to listen on any port that they allow direct communication. It operates on both TCP and UDP.
It would be pretty much the death of higher education in America if what you say was implemented.
We know where leadership by an anti-intellectual "strongman" who scapegoats minorities and likes boisterous rallies goes
Most IT people are to lazy to filter port 443(https) You might be able to use a proxy there. Some also don't block ports. You can use putty to generate a ssh proxy. If all else fails, put a ssh server on port 80 or 443 and use the putty method. I do this all the time, in schools, and public buildings.
If States thought it was bad to transfer, they would pass laws to discourage transfering college credits. If they are passing laws that require college credits to transfer, they must believe it is a good thing to transfer. The lawmakers seem to want to encourage it. Or did you mean 'BAD' as 'GOOD' like: 'That is one BAD A** M***** F***** transfering all those college credits from their community college'?
Does this statement have to do with art school? I'm not sure what singing and collages have to do with the topic.
Just call quizes 'chunks'. Then call tests 'badges'. Finally call semesters or quarters or trimesters 'patches' and you have implemented the new educational model. Baden Powell would be proud.
You might think you are invisible, but in all reality, they're probably logging your every move. Trust me, much more than you can imagine can be logged/captured. I manage web filtersingfor a large corporate environment. In the bigger shops, it's not the IT guy that makes the decision on this stuff. It's the legal counsil, HR, and CSO (cheif security officer). Even though I have all the knowledge to bypass it, I surf with caution while on the job. Changes are logged, multiple systems log traffic, so anything questionable will used against you if a legitimate reason is found. By the way, setting up an SSH listener on 443 might not work. The really good filters have caught up on this practice and will still stop it if properly configured (for example, Palo Alto boxes!).
Be aware you that are most probably bound by a usage agreement you signed when you entered university. If you violate this agreement, the University in question may a) suspend/expel you b) refuse to graduate you c) other retribution. Your choices are a) get another provider (3G/4G dongle) b) convince the university to change it's policy c) Live with it d) Leave the university (and presumably attend another with less draconian policies) e) start up your own company / provider to allow yourself and your fellow students access to unfiltered internet.
Note that his applies to work networks as well as more and more companies are locking things down tightly.
"Computer Scientists can count to 1024 on their fingers" (non-mutant, non-mutilatated, human computer scientists)
I can't speak for the whole community of universities, nor have I worked at one in a few years. That said, I think there are cultural issues here. WHen I worked at a University, we even debated whether someone would have a legitimate reason to receive email viruses.
At the place I worked, there was NO firewall. Well..there was, but, it was opt in, only specific critical hosts were behind it. Users were not, the main service machines were not.
It was seen as a matter of intellectual freedom and not wanting to restrict anything that might be legitimate research. However, as I started with...its cultural. We had people in IT who were long time academics and who were used to this and even championed it.
"I opened my eyes, and everything went dark again"
Someone needs to take your IT Director by the ear and explain to him the differences between a corporation and a university.
1) University folks generally get paid less than their corporate counterparts
2) Basic research occurs on all levels, not just in the lab. Innovation in the network, software development, etc. happens and is expected to happen with the staff as well as faculty. It's a learning environment. It's a try-this environment.
3) A university's most basic tenet is access to information and that goes both ways. By inhibiting what is likely the largest fountain of information and means of transferring that information, it's a little insane. Tell your IT guy to work on better security techniques: locking your kid in the closet may keep him safe but it's not a good idea.
Do what they did at the place I went to (at least in the computer labs) and give students a quota.
So data transfer to things on the local network (such as the sites containing lecture recordings/notes) is unmetered as is traffic to those sites the university deems important for legit academic work but if you want to access other sites, you have to pay for it after you use up your monthly allotment.
Need more quota? Log into the top-up page and buy more.
To prevent people tying up machines in the labs that might be needed for important work, you can have different restrictions on what can be accessed by students in the labs vs what can be accessed by students with a personal PC in the dorm room or connected to the campus WiFi.
Of course the quota idea doesn't help for things that are blocked for reasons other than bandwidth such as things that are blocked because they contain things that could get the university in trouble or things that are blocked because they contain things that go against the teachings or belief systems of the university (religious universities are probably likely to do this in the name of blocking "heretical" content)
Besides, why should the tutors care? - If people waste the lessons updating Facebook instead of getting smart, they'll simply fail and thus have wasted their tuition. I hope Facebook was worth it, but the tutors shouldn't care less if the students are that stupid.
Because most teachers go into teaching to get students to learn? Because a lot of institutions tie student performance into their evaluations? Because students that aren't paying attention are more likely to distract their neighbors? etc etc...
Because teachers with no classroom management skills can't handle potential distractions? Because intro classes are too big for anyone to manage? Because a lot of institutions incorrectly apply industrial metrics to human dynamics?
There are other concerns about unfettered Internet access in the classroom that go beyond the ideals you mention. My wife has had unfettered internet access in her classrooms for seven years now, in three different schools, and has had very few problems and none recurring. Granted, she's at the middle-school / high-school level instead of university, but plenty of her students have had laptops and smartphones in class. The keys are 1) having small enough class sizes that you can manage them effectively, and 2) having the classroom management skills to get in front of any potential issues and making sure the kids are paying attention to you instead of Lady Gaga. She's found that classes upwards of about 28 students really start to spiral downwards.
As such, the many intro uni courses with 100+ students can't possibly work, unless the students themselves are invested in their own learning. That said, cutting off internet access is no guarantee that otherwise distracted students will suddenly find themselves raptly attending the teacher's words.
"What in the name of Fats Waller is that?"
"A four-foot prune."
The university network is there for a specific purpose - to provide the university with access to the sites and communications necessary to the function of the university, and to maintain the integrity and reliability of those connections. If you want to access things outside what the university defines as necessary to this function, you are welcome to do so, apparently, through the use of external connections. If you want free access to any pron site that strikes your fancy, you're asking for something that doesn't apply to the university's needs, and if it is not available to you through their network, it is a simple decision. buy it yourself, or whine much harder. As for the people telling you that the IT staff needs to be educated as to how to serve the student's needs, they need a lesson in exactly how much work is involved in cleaning up after the students that go blindly into the web trusting that they won't face any consequences, and the costs of providing an infrastructure that can support the campus without assuming the responsibility for every student's irresponsibility. If you have email, access to your university coursework, resources and search tools in a secure and dependable environment, the IT staff is doing their job admirably. If you want unrestricted access to anything on the net, regardless of its provenance, to download any movie or streaming video, pron or game site, tell mommy and daddy that you need the money to buy a 4G data device and pay for the bandwith/content you want.
Or, possibly, treat the students like students. You know, intelligent inquisitive drunks that want to explore new things, test boundaries, flirt with the law and read somethingawful.com
I really struggle to see why any university student network should be censored. Sure, firewall and lock down the staff network, where student data is held. Provide strong security on shared servers. But locking down all 'net access to filtered HTTP? That's a surefire way to damage innovation and discourage learning.
I went to a university that had no firewalls - you could telnet to the main servers from external servers, and we used that capability to build and maintain internet services. Many people at my uni went on to build companies in the dotcom boom, take on programming jobs, otherwise put their acquired skills and knowledge to use. I would heavily discourage anybody from attending a university that didn't want the same for its students.
Comment removed based on user account deletion
A lot of post have dealt with the technical aspects of overcoming the firewall. While this may help in the short term, it doesn't help your friends or future students. If you're willing, you may want to consider taking this up with provost/president/ombudsman/et al.
The easiest place to start is a local editorial. Your campus newspaper, local newspaper, local TV news. Tying your campus as against net neutrality should get enough people to pay attention.
Next, consider famous alumni. There was a policy that was in the process of becoming a rule at the university when I was a student. When I graduated, I told them that I wouldn't pay alumni dues until this policy was scrapped. Of course, one alumni not paying dues is not really an issue. But when I started posting on the alumni message boards about the issue and more alumni got involved (some far more famous than me), the school quickly reversed the policy. Money, unfortunately, speaks louder than words.
Another avenue is to speak at school board meetings. These meetings are often public but not well advertised. You may have to do some hunting to get this information.
Finally, form a campus group. Get students involved. Raise awareness, have a fun run, etc.
You want to make the cost to maintain the firewall unacceptably high. This might be a hard hurdle since they are probably weighing the cost to maintain the firewall and the cost of a free-for-all internet connection.
We don't live in Shouldland.
If they have a laptop, there are games, etc.. The internet is likely no more or less a distraction in this case.
When I went to college the residency halls had separate Internet access that they were not allowed to filter. This left the university free to protect the libraries and the labs while letting people do whatever they liked in the privacy of their own rooms. It worked surprisingly well!
An option to present to the administration.
I will not mourn that which I never had to lose. - Unknown
We don't filter the dorms at this time, just all wireless on campus, labs, and kiosks.
Also you can use HTTPTunnel on any PHP enabled server (with almost no other requirements) and connect to it with the multiplatform Perl client to open a local SOCKS server (there are other projects named like this one, but this is the only one that really works). The client supports HTTP proxies and the request are normal HTTP GETs/PUTs (not CONNECTs). The project is not being updated since 2010, but it just works (even tho the SSL part has problems, but you can just configure the PHP folder on an HTTPS web server and use stunnel in front of the client).
Then under Windows many programs do not support the SOCKS protocol to connect to the client (I'm looking at you, Remote Desktop), but you can just run ProxyCap to transparently redirect single programs (or all of them) through any proxy. There are free (as in beer, mostly) alternatives to ProxyCap, but they are either not updated (i.e., they don't work on 64-bit systems) or they are likely to deeply mess up the windows network driver configuration when you remove them (or both).
1. Change.org 2. Put pressure on the administration to change the censor policy: Get your fellow students and the faculty to sign a petition, then present the petition to the university of the president. Use social media to get the word out. Try to get an article in the local or national press. 3. Transfer to another university that does not block basic access to information, and write a letter to the president explaining why you are transferring and how you are going to encourage all of your fellow students to do the same.
The fact that this seems to be an issue with professors as well as students (and one can assume you live on campus) means that something should be done about this, including but not limited to, resolutions from student and faculty government (assumg you do have an open and somewhat transparent student government) and petitions of appeal to trustees or even to other members of school administration. There is honestly no reason why so many of these services should be limited and blocked at the University level, especially when the blocked content borders on censorship.
As for slashdotters, don't be surprised that they're not answering your question, because it's a common theme to either ridicule the asked from question misunderstanding, or tell them they're asking for something wrong. Anybody telling you to "suck it up because it's free" probably hasn't lived on-campus for a long time, (and did before the internet was standard) and doesn't see the social and general importance of unrestricted internet (except to malware, and occasionally pornography) on college Campuses, especially those who claim that YouTube never has educational value.
But it's the assumption he lives on campus, and therefore, does not have the ability to distinguish between the two (especially since it specified "university" not "community college" or "local college")
Seems like you need a little more education on how to do basic math and how to recognize things at face value.
You mean I should be like you and make statistics up to suit my own agenda?
Here's a fun fact: I played games instead of doing homework in high school. To this day I use the observations I made playing those games to do my work.
You're confusing the terms 'education' and 'course work'.
"I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)
You could always use something like fireBwall to write a module that avoids using the proxy. I use it often if a hotel WiFi uses ARP Poisoning to force you to register on their network. fireBwall lets you write modules that control your network flow. I know this is a shameless plug, but it really could help. http://firebwall.com/
Proxy your traffic. If there is any connection thru the firewall to a system you control, you can proxy thru it. The tighter the firewall the more annoying and performance impact it will be, but it will work.
Do they blacklist or whitelist? Blacklist means you have a good chance. With a whitelist, aka they lock it down so you can only connect to a few specific internet sites, you may be SOL.
Some places firewall to protect from legal liability, "we have a firewall and we block that site/content but the offender bypassed our firewall." If you bypass the firewall, you take the blame and responsiblity squarely on yourself.
Some places firewall to protect from problems caused by the clueless, so if you bypass the firewall, do try not to cause problems for other network users.
Some places firewall because they themselves are clueless and/or frightened. Not much help for that, I'm afraid.
Remember the correct pattern of thought... Think of the firewall as your ultimate university exam. Pass it. Quietly. This means you first need to learn about the subject -- networking, protocols, tunneling and firewalls in general, and your university firewall specifically. It will be very educational, and isn't that why you are in school?
Enjoy learning.
You have paid the uni, indirectly, to support your studies. If they are not supporting your studies, you can complain. But you can't complain that they aren't other personal Internet services to all X thousand students on their campus without paying the difference it would cost.
As another poster brought up, you are not just there for education. You are a customer to their entire "student lifestyle experience", and this is typically supported by the uni's marketing materials. This is especially applicable to on-campus students, but all students are expected to have non-educational down time spent on-campus, too, with their tuition paying for access to the non-educational recreational and other entertainment facilities available. Universities spend millions of dollars on non-educational modifications (landscaping, common areas, fitness centers, etc) all the time; providing full internet access is not an illegitimate request.