In my spare time, I'm an IT Security analyst for one of Australia's most prestigious Universities.
We don't block or filter anything based on filetype, and I recently provided the following input to another university based in our city, regarding blocking MP3 files:
At -name-, as necessitated by the AARNet charging model, we operate chargeback for Internet access, and thus after a small allowance, the user pays for what they download. We find this degrades the attractiveness of using the Internet at -name- to download music or movies. Further, we recognise that the mere format of the data file need not indicate the legality or illegality of it.
I would also believe it prudent to consider that most copyright violations take place using services on the Internet other than web access (such as Gnutella, eMule, BitTorrent and others), for which Websense will not be able to help. -name-, like many other institutions, has many MP3 files legally available for download, from our -name- online lecture service and other areas of academia. I would hope such issues would be considered before any institution makes a decision to blanketly ban downloading files of a specific type. You may find that these days, due to active enforcement by the RIAA and Australian equivalent agencies, most MP3s on web sites are actually legally licensed.
As I understand it, this led to the other university deciding that yes, it would be quite stupid to just block *.mp3. Your CIO sounds like a bit of a tool, so as an academic member of staff, I suggest you go over his head and complain through academic channels. IT exists to serve its users, not the other way around. Your university should have IT steering committees which can decide on academic matters to over-ride decisions like this.
(disclaimer: the above is my opinion, and does not represent the official views of my employer, especially the bit about your CIO being a tool. Except the bit about MP3s, in italics, which is an official position.)
See, I don't feel I should have to pay a monthly fee to keep my friends. I think my friends should have diversity in their conversations, other than a pay-to-play game. They were my friends before WoW, and I don't want those friendships slipping away because of some computer game I don't play.
Yes it creates community, but are they real friendships? Do they share anything in common other than WoW? I have a lot of friends who play WoW (I do not). It's unspeakably annoying to be at a party with a critical mass of these people, because all they talk about is WoW.
I've had to institute a no-WoW rule for some gatherings, since it's simply too annoying for the small number of us who don't play WoW to be excluded from having conversations with these people who are theorhetically our friends because they don't talk about anything else for hours on end.
WoW seems cool, but seriously, try talking to your WoW friends about something other than WoW and see if you would still be their friend without it.
IBM's Sydney Olympics site was a LONG time ago in terms of technology - It was launched almost 7 years ago.
We've all moved on and learned since then. It is no longer acceptable to quote $50M for a website. People have worked out that it's not actually/that/ complex.
I think you're also oversimplifying and projecting western values onto the Japanese.
The concept of racial equality is a western one, and a western one alone. It is entirely acceptable in Japanese (and most of asia/africa/south america) culture to discriminate based on race. Emmigrating to Japan is hard at the best of times, but if you're brown of any description or russian (for example), you can essentially forget about it. It is not uncommon for establishments (pubs/bath houses/shops) outside of Tokyo to proudly proclaim "Japanese Only". http://www.debito.org/ has some interesting information about this sort of descrimination.
Divirging, but deciding not to offer something because "westerners aren't smart enough " is, in my opinion, entirely in keeping with cultural norms in Japan.
I used to do IT support for a University, and we'd get the occasional home machine. Generally only once per person. Ever system to be serviced had to have a form filled out. This needed to be signed by a person other than the requestor in order to go into the queue. Once in the queue, systems were serviced based on how the systems were used. Lab machines got fixed first, then administration machines, then researchers machines, then home machines.
Average turn-around for a home system was 5 weeks. We once stretched one out to 3 months because they'd brought it in in a box and none of us could be bothered unpacking it. We could have gone longer, but as the original poster said, they found it was easier to buy a new machine.
What I did love was the people who were tenacious enough to do all the basic troubleshooting themselves and then ask us for our opinion, without ever suggesting we touch the machine. Like one lecturer with a PhD.. Windows kept locking up on her home computer. She took it back to the place she got it, they reinstalled, said it was software and charged her $60. Still crashed. She reinstalled, updated, and it still happened. She told me what she'd done, asked me for my opinion, I handed her a disk with DocMem on it and she came back the next day and was very thankful for the disk, as it said her RAM was screwy. It's great - happy user and all I had to do was give her a floppy disk.
I've avoiding the PC troubleshooting problem for my entire extended family by them all having Macs, it's awesome:)
Myanmar is the name used by the ruling military junta. Burma is the name used for the country by countries that do not recognise the junta as legitimate government. Most people from that country who now live outside it refer to it as Burma. There's a wikipedia article on the subject.
you still can't stop the piracy without making your network useless.
And this is absolutely my point. The type of restrictions the RIAA seem to want universities to put in place *would* make the network useless. There's more evil things you could do to make the sort of tunnelling all the responders have talked about very difficult.. NAT without PAT, PPPoE, using Packeteers or other devices to limit the speed of any in or outbound connections to stop remote relays, etc.
In the end however, your average university will do whatever will keep the RIAA happy, and no more. I suspect what the RIAA have issues with are things like DC++ hubs run by Resnet admins, or semi-official on-campus-only SMB file share indexes. But it's a slippery slope.
PS: I like my dark-green pieces of trash thank you very much:)
- The proxy server can have content inspection, SSL session proxying have byte limits
- SMTP tunnelling is.. inconveniant at best (mmm ftp by mail)
- DNS tunnelling can be significantly confused, hosts can be rate-limited, etc. Heck, if you're feeling nasty, you could disable off-campus DNS alltogether and just trust that people's browsers will not request DNS details before sending it to the proxy server.
And of course, as you identified, putting a computer on a network and not expecting it to be able to do things on a network is perhaps a suggestion that any sort of internet connectivity is inadvisable. This sort of setup would be crazy for a University, but I've heard of high schools running networks like this.
It's a Cisco config option that says client stations can't speak to each other except via a router. Firewall rules in the router to only allow access to a proxy server, mail server and dns server, problem solved.
Then you'd need to leech via wireless, or physically co-located systems plugged into a seperate hub/switch, but at which point it isn't the University's problem, which is what the RIAA is looking at.
Disclaimer: I'm an IT Security Manager for a University. Not one of the ones the RIAA has talked to (we're not in the US). The only way I'd consider those sort of restrictions on residentials networking is due to force-majeure in the form of a competant legal body or management direction. Residential networks are what contributes today to the collegiate atmosphere in on-campus living. These sort of restrictions impact that far too much for my liking.
I know exactly what you mean. I have a Powerbook G4/15 I use on a daily basis, working in IT at a large University. Some re-organisations have meant there are people grumbling about our lack of standards within the IT section. Fortunately I ended up close to the top of the food chain, so no-one is complaining about me. In return, I keep a PC around to do things I can't do with a Mac and don't complain when I can't do things with it (Run some custom, though Java, software, view shared calendars in exchange, etc)
*hey! before you harass me, consider my relatively low Slashdot user ID. I will accept the taunting and mockings from only 87991 other users.
I sold Neil his first Mac, an iBook G4/800, back in June 2004. Within 2 weeks he'd found critical bugs in OSX. Yes, he does work for a code-auditing company now, but this started when he started going over OSX with a fine tooth comb.
It's not reasonable to discount his findings because he happens to work for a company that does code auditing. The flaws are there and he (and other people) have found them.
No, people doing that is why retailers get more and more restrictive return policies and why lots of stuff comes in impossible to reseal packaging. If the box doesn't say it works with Linux, I have no idea why people assume that it will.
I'm not actually sure wtf submitter was thinking.. hopefully next time they will research purchases for their Linux boxes a bit more carefully before plonking down their cash. Wishful thinking won't make drivers magically appeal. If the traditionally less spendthrift Mac community can't get manufacturers to write drivers (and they can't, just try buying a USB 802.11 device that works with OSX properly), Linux has no hope.
The newest rev of iBook G4's (and everything else) don't have airport extreme cards that are user removable anymore. There's a card that plugs into the PCI bus that has a broadcom wireless chip on it that does pci bus bridging, and then connected to that chip on the same card is a USB controller and a bluetooth chipset.
The whole product here is a bad idea.. the RAM access is just one of the reasons not to get one:)
Some stalking suggested you were from Sweden. A perl script doing host on everything between 1. and 254. showed 213. as the only one with a.se address;) My mistake
Slashdot Mirror
We don't block or filter anything based on filetype, and I recently provided the following input to another university based in our city, regarding blocking MP3 files:
As I understand it, this led to the other university deciding that yes, it would be quite stupid to just block *.mp3. Your CIO sounds like a bit of a tool, so as an academic member of staff, I suggest you go over his head and complain through academic channels. IT exists to serve its users, not the other way around. Your university should have IT steering committees which can decide on academic matters to over-ride decisions like this.
(disclaimer: the above is my opinion, and does not represent the official views of my employer, especially the bit about your CIO being a tool. Except the bit about MP3s, in italics, which is an official position.)
Yeah well, it was fun while it lasted.
See, I don't feel I should have to pay a monthly fee to keep my friends. I think my friends should have diversity in their conversations, other than a pay-to-play game. They were my friends before WoW, and I don't want those friendships slipping away because of some computer game I don't play.
Of course this is somewhat flogging a dead horse, BUT.. no, he isn't.
I'm down with those sort of jokes, and make them myself.
It's just the 30 minute to 2 hour conversations about WoW that are annoying.
Yes it creates community, but are they real friendships? Do they share anything in common other than WoW? I have a lot of friends who play WoW (I do not). It's unspeakably annoying to be at a party with a critical mass of these people, because all they talk about is WoW.
I've had to institute a no-WoW rule for some gatherings, since it's simply too annoying for the small number of us who don't play WoW to be excluded from having conversations with these people who are theorhetically our friends because they don't talk about anything else for hours on end.
WoW seems cool, but seriously, try talking to your WoW friends about something other than WoW and see if you would still be their friend without it.
That must be why my printer is the size of a small car and has a golden record attached to it..
IBM's Sydney Olympics site was a LONG time ago in terms of technology - It was launched almost 7 years ago.
/that/ complex.
We've all moved on and learned since then. It is no longer acceptable to quote $50M for a website. People have worked out that it's not actually
Western society is now "enlightened" (for the most part) about mistakes of the past ;)
I think you're also oversimplifying and projecting western values onto the Japanese.
The concept of racial equality is a western one, and a western one alone. It is entirely acceptable in Japanese (and most of asia/africa/south america) culture to discriminate based on race. Emmigrating to Japan is hard at the best of times, but if you're brown of any description or russian (for example), you can essentially forget about it. It is not uncommon for establishments (pubs/bath houses/shops) outside of Tokyo to proudly proclaim "Japanese Only". http://www.debito.org/ has some interesting information about this sort of descrimination.
Divirging, but deciding not to offer something because "westerners aren't smart enough " is, in my opinion, entirely in keeping with cultural norms in Japan.
I agree. I saw the article title and was drafting an email to some of our managers to show why our Mediawiki setup was good and how it would help us.
Then I read the article and decided it would be not a good idea to do that.
Absolutely useless article, imo.
I used to do IT support for a University, and we'd get the occasional home machine. Generally only once per person. Ever system to be serviced had to have a form filled out. This needed to be signed by a person other than the requestor in order to go into the queue. Once in the queue, systems were serviced based on how the systems were used. Lab machines got fixed first, then administration machines, then researchers machines, then home machines.
:)
Average turn-around for a home system was 5 weeks. We once stretched one out to 3 months because they'd brought it in in a box and none of us could be bothered unpacking it. We could have gone longer, but as the original poster said, they found it was easier to buy a new machine.
What I did love was the people who were tenacious enough to do all the basic troubleshooting themselves and then ask us for our opinion, without ever suggesting we touch the machine. Like one lecturer with a PhD.. Windows kept locking up on her home computer. She took it back to the place she got it, they reinstalled, said it was software and charged her $60. Still crashed. She reinstalled, updated, and it still happened. She told me what she'd done, asked me for my opinion, I handed her a disk with DocMem on it and she came back the next day and was very thankful for the disk, as it said her RAM was screwy. It's great - happy user and all I had to do was give her a floppy disk.
I've avoiding the PC troubleshooting problem for my entire extended family by them all having Macs, it's awesome
Myanmar is the name used by the ruling military junta. Burma is the name used for the country by countries that do not recognise the junta as legitimate government. Most people from that country who now live outside it refer to it as Burma. There's a wikipedia article on the subject.
you still can't stop the piracy without making your network useless.
:)
And this is absolutely my point. The type of restrictions the RIAA seem to want universities to put in place *would* make the network useless. There's more evil things you could do to make the sort of tunnelling all the responders have talked about very difficult.. NAT without PAT, PPPoE, using Packeteers or other devices to limit the speed of any in or outbound connections to stop remote relays, etc.
In the end however, your average university will do whatever will keep the RIAA happy, and no more. I suspect what the RIAA have issues with are things like DC++ hubs run by Resnet admins, or semi-official on-campus-only SMB file share indexes. But it's a slippery slope.
PS: I like my dark-green pieces of trash thank you very much
But they can all be guarded against :)
- The proxy server can have content inspection, SSL session proxying have byte limits
- SMTP tunnelling is.. inconveniant at best (mmm ftp by mail)
- DNS tunnelling can be significantly confused, hosts can be rate-limited, etc. Heck, if you're feeling nasty, you could disable off-campus DNS alltogether and just trust that people's browsers will not request DNS details before sending it to the proxy server.
And of course, as you identified, putting a computer on a network and not expecting it to be able to do things on a network is perhaps a suggestion that any sort of internet connectivity is inadvisable. This sort of setup would be crazy for a University, but I've heard of high schools running networks like this.
Three words: private vlan edge.
It's a Cisco config option that says client stations can't speak to each other except via a router. Firewall rules in the router to only allow access to a proxy server, mail server and dns server, problem solved.
Then you'd need to leech via wireless, or physically co-located systems plugged into a seperate hub/switch, but at which point it isn't the University's problem, which is what the RIAA is looking at.
Disclaimer: I'm an IT Security Manager for a University. Not one of the ones the RIAA has talked to (we're not in the US). The only way I'd consider those sort of restrictions on residentials networking is due to force-majeure in the form of a competant legal body or management direction. Residential networks are what contributes today to the collegiate atmosphere in on-campus living. These sort of restrictions impact that far too much for my liking.
I think it's funny that you're against DRM, yet you bought a Sony :) They're the worst offenders in terms of both promoting and implementing it.
:)
If you'll excuse me, my K750i is ringing
It should also be noted he worked at the on-site photocopier shop, not as a software engineer/dev.
I know exactly what you mean. I have a Powerbook G4/15 I use on a daily basis, working in IT at a large University. Some re-organisations have meant there are people grumbling about our lack of standards within the IT section. Fortunately I ended up close to the top of the food chain, so no-one is complaining about me. In return, I keep a PC around to do things I can't do with a Mac and don't complain when I can't do things with it (Run some custom, though Java, software, view shared calendars in exchange, etc)
;)
*hey! before you harass me, consider my relatively low Slashdot user ID. I will accept the taunting and mockings from only 87991 other users.
Haw haw!
He is.
I sold Neil his first Mac, an iBook G4/800, back in June 2004. Within 2 weeks he'd found critical bugs in OSX. Yes, he does work for a code-auditing company now, but this started when he started going over OSX with a fine tooth comb.
It's not reasonable to discount his findings because he happens to work for a company that does code auditing. The flaws are there and he (and other people) have found them.
No, people doing that is why retailers get more and more restrictive return policies and why lots of stuff comes in impossible to reseal packaging. If the box doesn't say it works with Linux, I have no idea why people assume that it will.
I'm not actually sure wtf submitter was thinking.. hopefully next time they will research purchases for their Linux boxes a bit more carefully before plonking down their cash. Wishful thinking won't make drivers magically appeal. If the traditionally less spendthrift Mac community can't get manufacturers to write drivers (and they can't, just try buying a USB 802.11 device that works with OSX properly), Linux has no hope.
In "Holy Grail"..
LAUNCELOT: Look, my liege!
ARTHUR: Camelot!
GALAHAD: Camelot!
LAUNCELOT: Camelot!
PATSY: It's only a model.
ARTHUR: Shhh!
The newest rev of iBook G4's (and everything else) don't have airport extreme cards that are user removable anymore. There's a card that plugs into the PCI bus that has a broadcom wireless chip on it that does pci bus bridging, and then connected to that chip on the same card is a USB controller and a bluetooth chipset.
:)
The whole product here is a bad idea.. the RAM access is just one of the reasons not to get one
193, Denmark? :)
Some stalking suggested you were from Sweden. A perl script doing host on everything between 1. and 254. showed 213. as the only one with a .se address ;) My mistake
And yet.. you've still blanked out the first 8 bits of the IP address ;)
:)
(PS: Is it 213?