You know, there are many routes one can go to ban violent sexual video games/porn like this, and I'm not sure if I agree with the rational involved here. More or less, everything I've heard politicians spew (appropriate verb) about this stuff is basically "It causes people to go out and rape." Much like the dodgy connection between violent video games and real life violence (anecdotal evidence non-withstanding), I don't really buy it. Especially since each individual culture seems to have entirely different responses to various social laws. As a good example, banning guns in the US causes violent crime rates to rise (see: Washington DC), but Japan has far less of an issue, where guns have more or less been illegal for civilians since WWII. (Side note: I have not checked these numbers recently. Don't bother picking them out, it's an illustration that could rapidly be replaced with another to make the same point. Forrest for the trees and all that).
On a different note though, one of my professors had a very good reason to ban violent pornography, without going for the correlation link (which he bought into anyways. Professors are human after all). We had just finished reading J.S. Mills' On LIberty, which more or less states that "The only reason to abridge a person's personal freedom is harm to others. Moral disgust is not an adequate reason to stop someone, unless if they are going to harm someone else directly or indirectly (Say, if by being an alcoholic they are incapable of parental duties, etc)." His point was, if this pornographic material spreads the ideology that women are sexual objects existing only for men's pleasure, which causes women to self-censor themselves and their ideas due to peer pressure, fear, or general brain washing, then it must be banned.
But, politicians aren't arguing this, because they don't actually care about freedom, they care about making it look like they're doing something in order to ensure re-election. Because 90% of "concerned" parents in the suburbs are going to say "Rape is bad, rape games depict rape, so it must enforce rape, and this politician banning rape games must be fighting rape! Vote for him!" And we just helped him too, by the way.
As I've said time and time again. The Linux support for most universities is there, and I've never heard of a persistent agent for it. Run that. Virtualization is ugly and inefficient.
Touche. Again, the answer is to run Linux. Since this is Bradford networks, it'll do single MAC registration. Register as Linux, and it'll never check again, even if it is a dual boot windows/linux. But the tough question is, why would you use windows if it is so trivially compromised?
And this fixes the issue of the CSA how? The outside computer still needs to have the CSA, because if only the inside one has it, the outside will be blocked (silly to have a proxy with no internet access). So the outside one must have the CSA, and if you buy into the "They're watching us" theory, they'll notice. Overall, nothing is gained over a simple "Run Linux" option; which is possible since this is the same CSA my school uses, and I run almost exclusively linux.
We had that here too (We use Bradford also). Workaround? Take the libraries it was compiled for, and distribute them in.deb.rpm and.tar.gz format along with the registering executable. Remove them once registered.
Oh yes, I was laughing out of control as I ran a VM on Ubuntu with windows and the CSA under it. Bloody hilarious. I was rolling by the time the internal VM could get on the internet, but the host OS was directed to registration. By the time I realized that all I'd managed to do was run a slow version of XP, I had literally laughed my ass off. Had to replace my chair.
They won't get arsey about encrypted traffic. They don't really care, there's probably no deep-packet inspection going on (too expensive, no reason). So basically you'll be blowing about 15 pounds (say, $30) a month with no benefit, and a convoluted setup. And you could've had the same benefit with a Linux box, truecrypt, and your current level of paranoia.
Look, I'm a ResCon at ResNet, granted at a different university though. We're nice people, and we'll try to accomodate you as best as possible. Want to register Linux? Sure, you won't need to install a CSA. Same for Macs, phones, consoles, printers, routers, etc. The CSA is mostly just to reduce the number of windows machines getting viruses.
But, if you walk into my office bitching about our "draconian network policices," I'm going to get annoyed with you, but I'll kindly explain why they're in place (and how I'm not the one that made them). If you grab a PS3 and declare that "You can't install your Nazi CSA program on this!" I'm going to ask you to leave, and contact my boss. If you work with the IT people, and are nice to them, it's easy to maintain your decent level of freedom and privacy (except for piracy, sorry) while at your university. If you make every attempt to side step it, abuse the network, and generally come across as a jerk, it's a fast way to get your internet usage permanently rescinded.
They'll white list it like any other console, or like any Mac or Linux computer for that matter. They might smack you for being paranoid and annoying though.
I'd like to point out that sometimes other systems are called "Client Security Agents." At my university, we call it both a "Persistent Agent" and a CSA.
I don't know why Slashdot loves paranoid trolls like you. The idea of sifting through all of the data on a public university (or even my private university) to find all that stuff seems so daunting, I don't even want to consider it. If you're so concerned that this CSA has these magical powers you're concerned about (It doesn't, I work with one everyday), then monitor what it touches. Encrypt all of your private stuff. Or run Linux. Stop being annoying here.
Truly the best response ever. Or join ResNet. It'll give you a taste of why such policies are in place (because 90% of windows users will not update unless if you brow beat them into doing it). You'll also understand how few rogue agents it takes on a network to consume all the bandwidth and bring the entire network to its knees.
Must be a different CSA. I had a laptop in the other day (I'm a tech support at another school), that had OpenDNS servers set as the default. It didn't work.
Poor decision. Once you register as windows, it'll check every 2 weeks for a CSA scan. If you install windows, register, then switch OS's, in two weeks it'll go "Hey! You're a windows box, where is your CSA?" and drop you off the network.
If it's like our system, it doesn't use this at all. The moment any device shows up on the network, it gets put into a VLAN that sends it to the registration page. There the user selects the type of device (Windows, Mac, Linux, other), and goes through a registration process, after which their MAC is tied to information about OS, scan information (for windows. Mostly includes stuff like "Anti-virus version" and whether their stuff is up to date), and their user ID. Items that don't have an operating system, or smart phones, need to be manually registered via MAC address by a tech support (me).
The only identification that's done prior to setup is looking at the MAC, which will identify the maker of the wifi/ethernet card. That's it.
If it's anything like my school, we support Linux, Mac, and Windows. Only Windows has the CSA (for now, Mac is coming in a few years), since they tend to be the most egregious breakers of DMCA law and security common sense. If we don't force them to uninstall limewire, and maintain an up to date version of windows, our network would be a disaster.
All of this "They hate Linux!" crap is FUD. My school has an identical setup, and I run Linux exclusively on campus.
Look, I'm a fan of net freedom just like you. But let's be honest here. It is the university's network, even if you are semi-footing the bill, and they get to decide network policy rules. It's mostly for prevention, if their students are constantly getting DMCA notices, the university might get into trouble. So of course they block limewire, not like it has a legitimate use anyways. If there's a massive outbreak of viruses on their network, their tech supports (people like me) have to clean up, so of course we force students to have up to date antivirus software, and up to date operating systems, its the method of prevention available.
Simply put, their network, their rules. When you're paying, you can decide the rules you follow, and deal with the consequences if you break some other major rules (laws). If you don't like their rules, complain to them, or go elsewhere. Not like you're forced to stay. Attempting to side-step the rules (especially publicly on slashdot, you know someone in the IT department at your university reads this site) is a very bad plan. Unless if you happen to be a random genius at network security (and if you're asking us, you aren't), you will not outsmart your school's IT department. This isn't high school anymore, where renaming forbidden.exe's, or simple.bat scripts would bypass the network policies.
Sandboxie is usually designed to protect your computer against malicious writes. Besides, at my university, if you sandbox the CSA to prevent certain reads or internet access, we'll just drop you off the network. If the CSA can't scan properly, or if the server doesn't hear back from it, it assumes you don't have it installed, and puts you into a small private VLAN, where every webpage except for university stuff, and anti-virus stuff is redirected to the "re-mediation" page.
I'm a tech support (ResNet, CMU has it too) at a different university that has a similar "Client Security Agent." I'm not sure who provides their CSA, but ours only checks for antivirus, antivirus updates, windows updates, and common P2P programs (usually limewire). If anyone fails these, they are instructed to uninstall limewire, update anti-virus, whatever, and rescan. We don't prosecute based off of any data, but it's more of a prevention system to avoid any DMCA notices.
That being said, this is for windows only. Mac and Linux are only single time scans (for what, I do not know), and after that your MAC is white listed with your ID. The beauty is that once registered, it's MAC specific, not OS. I should note that our provider is promising a Client Security Agent for Mac soon, but I doubt a Linux one is coming.
In this case, "Physical analysis" would be running tests, deployment, crash analysis, etc. If we're comparing software engineering to "real" engineering, I feel it would be disingenuous to knock down software engineering because it works with code instead of physical items. The complexity is still there.
For me, what delineates "engineer" is much better defined in my mind by "engineering type." While a software engineers, civil engineers, and mathematicians may vary quite a bit in average disposition, they are more similar than dissimilar compared to the rest of the population. I genuinely believe that there is a major difference between the engineering mind (or in my case, CS), and everyone else. Similar to how painters, composers, and photographers all may vary in general, yet they're more similar to each other than the rest of the population.
I'd imagine these would live thumb drives, specifically to sidestep any security measures like you described. A trained digital forensics expert will usually remove the hard drive, put it in a device that prevents any writes, make an image of the hard drive, and work from that. All of this is specifically to avoid running any code on the machine designed to hide any illegal information, and to prevent any corruption of evidence which would cause issues in court.
Its an unfortunate situation when cops are more afraid of not seizing a machine carrying illicit material, than they are afraid of seizing hundreds or thousands of machines containing nothing illegal, and taking forever to return them.
Slashdot Mirror
You know, there are many routes one can go to ban violent sexual video games/porn like this, and I'm not sure if I agree with the rational involved here. More or less, everything I've heard politicians spew (appropriate verb) about this stuff is basically "It causes people to go out and rape." Much like the dodgy connection between violent video games and real life violence (anecdotal evidence non-withstanding), I don't really buy it. Especially since each individual culture seems to have entirely different responses to various social laws. As a good example, banning guns in the US causes violent crime rates to rise (see: Washington DC), but Japan has far less of an issue, where guns have more or less been illegal for civilians since WWII. (Side note: I have not checked these numbers recently. Don't bother picking them out, it's an illustration that could rapidly be replaced with another to make the same point. Forrest for the trees and all that).
On a different note though, one of my professors had a very good reason to ban violent pornography, without going for the correlation link (which he bought into anyways. Professors are human after all). We had just finished reading J.S. Mills' On LIberty, which more or less states that "The only reason to abridge a person's personal freedom is harm to others. Moral disgust is not an adequate reason to stop someone, unless if they are going to harm someone else directly or indirectly (Say, if by being an alcoholic they are incapable of parental duties, etc)." His point was, if this pornographic material spreads the ideology that women are sexual objects existing only for men's pleasure, which causes women to self-censor themselves and their ideas due to peer pressure, fear, or general brain washing, then it must be banned.
But, politicians aren't arguing this, because they don't actually care about freedom, they care about making it look like they're doing something in order to ensure re-election. Because 90% of "concerned" parents in the suburbs are going to say "Rape is bad, rape games depict rape, so it must enforce rape, and this politician banning rape games must be fighting rape! Vote for him!" And we just helped him too, by the way.
As I've said time and time again. The Linux support for most universities is there, and I've never heard of a persistent agent for it. Run that. Virtualization is ugly and inefficient.
Touche. Again, the answer is to run Linux. Since this is Bradford networks, it'll do single MAC registration. Register as Linux, and it'll never check again, even if it is a dual boot windows/linux. But the tough question is, why would you use windows if it is so trivially compromised?
And this fixes the issue of the CSA how? The outside computer still needs to have the CSA, because if only the inside one has it, the outside will be blocked (silly to have a proxy with no internet access). So the outside one must have the CSA, and if you buy into the "They're watching us" theory, they'll notice. Overall, nothing is gained over a simple "Run Linux" option; which is possible since this is the same CSA my school uses, and I run almost exclusively linux.
Considering how many users don't read the instructions on how to update Windows and rescan, everyone.
We had that here too (We use Bradford also). Workaround? Take the libraries it was compiled for, and distribute them in .deb .rpm and .tar.gz format along with the registering executable. Remove them once registered.
Oh yes, I was laughing out of control as I ran a VM on Ubuntu with windows and the CSA under it. Bloody hilarious. I was rolling by the time the internal VM could get on the internet, but the host OS was directed to registration. By the time I realized that all I'd managed to do was run a slow version of XP, I had literally laughed my ass off. Had to replace my chair.
They won't get arsey about encrypted traffic. They don't really care, there's probably no deep-packet inspection going on (too expensive, no reason). So basically you'll be blowing about 15 pounds (say, $30) a month with no benefit, and a convoluted setup. And you could've had the same benefit with a Linux box, truecrypt, and your current level of paranoia.
Look, I'm a ResCon at ResNet, granted at a different university though. We're nice people, and we'll try to accomodate you as best as possible. Want to register Linux? Sure, you won't need to install a CSA. Same for Macs, phones, consoles, printers, routers, etc. The CSA is mostly just to reduce the number of windows machines getting viruses.
But, if you walk into my office bitching about our "draconian network policices," I'm going to get annoyed with you, but I'll kindly explain why they're in place (and how I'm not the one that made them). If you grab a PS3 and declare that "You can't install your Nazi CSA program on this!" I'm going to ask you to leave, and contact my boss. If you work with the IT people, and are nice to them, it's easy to maintain your decent level of freedom and privacy (except for piracy, sorry) while at your university. If you make every attempt to side step it, abuse the network, and generally come across as a jerk, it's a fast way to get your internet usage permanently rescinded.
They'll white list it like any other console, or like any Mac or Linux computer for that matter. They might smack you for being paranoid and annoying though.
I'd like to point out that sometimes other systems are called "Client Security Agents." At my university, we call it both a "Persistent Agent" and a CSA.
I don't know why Slashdot loves paranoid trolls like you. The idea of sifting through all of the data on a public university (or even my private university) to find all that stuff seems so daunting, I don't even want to consider it. If you're so concerned that this CSA has these magical powers you're concerned about (It doesn't, I work with one everyday), then monitor what it touches. Encrypt all of your private stuff. Or run Linux. Stop being annoying here.
Truly the best response ever. Or join ResNet. It'll give you a taste of why such policies are in place (because 90% of windows users will not update unless if you brow beat them into doing it). You'll also understand how few rogue agents it takes on a network to consume all the bandwidth and bring the entire network to its knees.
Must be a different CSA. I had a laptop in the other day (I'm a tech support at another school), that had OpenDNS servers set as the default. It didn't work.
I wish I had some mod points. I'd either mod you down as stupid, or unfunny. Not sure which you fall under.
Poor decision. Once you register as windows, it'll check every 2 weeks for a CSA scan. If you install windows, register, then switch OS's, in two weeks it'll go "Hey! You're a windows box, where is your CSA?" and drop you off the network.
If it's like our system, it doesn't use this at all. The moment any device shows up on the network, it gets put into a VLAN that sends it to the registration page. There the user selects the type of device (Windows, Mac, Linux, other), and goes through a registration process, after which their MAC is tied to information about OS, scan information (for windows. Mostly includes stuff like "Anti-virus version" and whether their stuff is up to date), and their user ID. Items that don't have an operating system, or smart phones, need to be manually registered via MAC address by a tech support (me).
The only identification that's done prior to setup is looking at the MAC, which will identify the maker of the wifi/ethernet card. That's it.
If it's anything like my school, we support Linux, Mac, and Windows. Only Windows has the CSA (for now, Mac is coming in a few years), since they tend to be the most egregious breakers of DMCA law and security common sense. If we don't force them to uninstall limewire, and maintain an up to date version of windows, our network would be a disaster.
All of this "They hate Linux!" crap is FUD. My school has an identical setup, and I run Linux exclusively on campus.
Look, I'm a fan of net freedom just like you. But let's be honest here. It is the university's network, even if you are semi-footing the bill, and they get to decide network policy rules. It's mostly for prevention, if their students are constantly getting DMCA notices, the university might get into trouble. So of course they block limewire, not like it has a legitimate use anyways. If there's a massive outbreak of viruses on their network, their tech supports (people like me) have to clean up, so of course we force students to have up to date antivirus software, and up to date operating systems, its the method of prevention available.
.exe's, or simple .bat scripts would bypass the network policies.
Simply put, their network, their rules. When you're paying, you can decide the rules you follow, and deal with the consequences if you break some other major rules (laws). If you don't like their rules, complain to them, or go elsewhere. Not like you're forced to stay. Attempting to side-step the rules (especially publicly on slashdot, you know someone in the IT department at your university reads this site) is a very bad plan. Unless if you happen to be a random genius at network security (and if you're asking us, you aren't), you will not outsmart your school's IT department. This isn't high school anymore, where renaming forbidden
Sandboxie is usually designed to protect your computer against malicious writes. Besides, at my university, if you sandbox the CSA to prevent certain reads or internet access, we'll just drop you off the network. If the CSA can't scan properly, or if the server doesn't hear back from it, it assumes you don't have it installed, and puts you into a small private VLAN, where every webpage except for university stuff, and anti-virus stuff is redirected to the "re-mediation" page.
I'm a tech support (ResNet, CMU has it too) at a different university that has a similar "Client Security Agent." I'm not sure who provides their CSA, but ours only checks for antivirus, antivirus updates, windows updates, and common P2P programs (usually limewire). If anyone fails these, they are instructed to uninstall limewire, update anti-virus, whatever, and rescan. We don't prosecute based off of any data, but it's more of a prevention system to avoid any DMCA notices.
That being said, this is for windows only. Mac and Linux are only single time scans (for what, I do not know), and after that your MAC is white listed with your ID. The beauty is that once registered, it's MAC specific, not OS. I should note that our provider is promising a Client Security Agent for Mac soon, but I doubt a Linux one is coming.
As a tech support at another University that requires said "Client Security Agent," I can tell you this will not work. I have tried.
In this case, "Physical analysis" would be running tests, deployment, crash analysis, etc. If we're comparing software engineering to "real" engineering, I feel it would be disingenuous to knock down software engineering because it works with code instead of physical items. The complexity is still there.
For me, what delineates "engineer" is much better defined in my mind by "engineering type." While a software engineers, civil engineers, and mathematicians may vary quite a bit in average disposition, they are more similar than dissimilar compared to the rest of the population. I genuinely believe that there is a major difference between the engineering mind (or in my case, CS), and everyone else. Similar to how painters, composers, and photographers all may vary in general, yet they're more similar to each other than the rest of the population.
I'd imagine these would live thumb drives, specifically to sidestep any security measures like you described. A trained digital forensics expert will usually remove the hard drive, put it in a device that prevents any writes, make an image of the hard drive, and work from that. All of this is specifically to avoid running any code on the machine designed to hide any illegal information, and to prevent any corruption of evidence which would cause issues in court.
Its an unfortunate situation when cops are more afraid of not seizing a machine carrying illicit material, than they are afraid of seizing hundreds or thousands of machines containing nothing illegal, and taking forever to return them.