Slashdot Mirror

← Back to Stories (view on slashdot.org)

CMU Cuts off Net Access for 71 Students Over MP3s

Posted by Roblimo on from the nosing-around-in-student-files dept.

PresOdent writes "Carnegie Mellon University cut off network access to 71 students who allegedly put some copyrighted mp3s on their sites on the university's computer network. The university said it discovered the copyright violations last month, when it conducted surprise inspections of student computer files at the order of the Recording Industry Association of America. Read the article from the Chronicle of Higher Education for more info."

3 of 523 comments (clear)

  1. What's funny is... by isaac · · Score: 4

    They were LESS liable for the behaviour of their students BEFORE they started snooping. Now that they've set a precedent of editorial control over content on their network, they will have to keep monitoring for and removing copyright violations (or potential violations, or libel, or obscenity, or any other forbidden-speech-du-jour) from now on.

    Which is exactly what the RIAA wants, methinks.

    --
    I am not a lawyer, and this is not legal advice. For Entertainment Purposes Only.
  2. What *REALLY* happened at CMU--article lied by Anonymous Coward · · Score: 5

    There seems to be a few misconceptions about why people are upset about privacy violations. I'm a CMU student (not one of those involved), and I really think that the journalistic slant is ridiculous. People, you simply have no idea what is going on from that article.

    The article said that people were putting up MP3s on Web sites. Uh, no. The university network administrations conducted a sweep of *Windows shared drives* looking for MP3s. Plenty of people have shared drives. Sharing a partition of your drive so that you can use it around campus (like listening to your MP3s in a computer cluster) is not equivalent to posting them to a Web site. Furthermore, the university deliberately broke into some of the computers they examined. Some of the shares were unpassworded. I supposed I can at least understand the university being upset about this, if the shares were obviously intended for public access. However, if CMU found what they deemed to be "dubious" computers, containing *passworded* shares with a name like "MP3", "MUSIC", they started running a password guesser on the computer until they got in.

    Now, I can at least see accessing public shares. If they weren't designated as "for public use", that's one thing. But guessing passwords is unforgivable. Quite frankly, if I started trying to "guess" root passwords to the network administrators' computers, I'd be kicked off the network. Evidently, the fact that our computers happened to be connected to the network gives the network admins an idea that they have a right to break into our computers. They broke into some of our *privately owned* computers, into *passworded* segments of our computer that were obviously *not* public. This is blatently illegal, and the fact that CMU would do something like this at the urging of the RIAA disgusts me.

    The news article was flat out wrong, and heavily biased toward the RIAA. I'm not impressed.

    This sets a chilling prescedent. If I can say that some sort of content on a computer connected to my network is "dubious", then I would evidently have some sort of legal right to break in to private computers. This is, in my mind, not acceptable. If I have a share named "warez", can the university then legally break into my computer? What about one called "software"? What about one called "private project for MIT" (i.e. research not being done for CMU)?

    Quite frankly, I hope the CMU network admins get sued under every computer trespassing law available. If CMU can do it (a traditionally level-headed place), *anyone* can legally examine your private computer.

  3. Yes, it's their network...BUT... by Stradivarius · · Score: 5

    What the Chronicle article fails to mention, or made factual mistakes with:


    1) These files were NOT on student websites. They were on students' own machines shared via Microsoft Networking.

    2) Many of the computers found "in violation" had their shares passworded. However, CMU tried to guess passwords when it ran into them. So if they could guess it, they considered it public access.

    3) The uproar is not so much about the school trying to reduce mp3 sharing over their network, but the manner in which they did it. The CMU Computing Code of Ethics clearly states, "Every member of Carnegie Mellon has two basic rights: privacy and a fair share of resources. It is unethical for any other person to violate these rights...On shared computing systems, all user files and directories are considered to be private and confidential. Only files which a user has explicitly made public (e.g., by placing in a "public" directory) should be considered open for general access. Accessing and using files in another person's directory when not expressly permitted to do so by the owner is a violation of that person's privacy" The Code further states "Loopholes in computer systems or knowledge of a special password should not be used to alter computer systems, obtain extra resources or take resources from another person". Clearly what CMU has done, by going into folders not marked as public and guessing passwords has violated their own Code of Ethics. That has gotten a lot of people pretty upset. They followed the rules but lost access anyway.

    4. The students affected could reduce the time they lost network access by a few weeks by going to a stupid "education" seminar to hear why copyright infringement is bad, and then write some paper along those lines. I think those that did that get their access back on Nov 14, or something like that.

    5. Computing Services sent out an email to the student body giving their side of the event. You can find the text here.