Nothing like watching a developer handed a box and told to get out to turn my frown upside down!
Then you woke up and realized you worked in the real world, where the admin monkeys don't really rule the world. Cite a documented case where you got a dev fired for violating eye-tee security or shut up.
They're SSHd into their boxes at home because the power tripping network nazis at work are blocking things that are useful. Stop with the ridiculous lockdowns for technical people and it won't happen. If your technical people aren't technical enough to be trusted, get new ones. Problem solved.
No, he didn't get fired, because, unlike in your dystopian fantasy world, the eye-tee "security" shop doesn't control the organization and common sense prevails.
Interestingly, credit card companies disallow a surcharge for use of a credit card, but allow a "discount for cash." Apparently, they fail to understand the simple truth that surcharge(X) == discount(not(X)).
Not a chance. That would make the grocery store data brokers consumer reporting agencies under the Fair Credit Reporting Act. Insurance companies would be required to notify policyholders of adverse action taken against them based on these extracts, which would then entitle him or her to the contents of their files. That, and the fact that I bought a raw chicken, a box of condoms, half dozen cans of whipped cream, and a jar of crunchy peanut butter in the same shopping trip proves nothing.
True, it's about the bandwidth -- but who are the ISPs more likely to feel safe screwing with? A bunch of people transferring movies with bittorrent, or the thousand lawyers of the Microsoft empire?
Now, though, every little mickey mouse major tacks on fees. There's a fee for business, for conservatory, for art. It's a way for schools to raise tuition more than their per credit hour price shows, which helps keep them off the radar of higher education price watchdogs on the hill. So if you're wondering why your tuition bill looks more complicated than a bill from AT&T, there's one answer.
I do have a problem with Blizzard being DMCA-wielding jackbooted thugs and having sued the bnetd maintainers, but could give two shakes about their use of bittorrent.
Yeah, it's against the law. No one gives a shit about piddly-assed laws like that. Does it erode respect for all law that copyrights are too long? Yeah, probably.
The court's been packed with more fascists since then. I wouldn't rely on the Supreme Court "Justices" that gutted the Fourth Amendment (your papers, please) to uphold the First.
I suspect the movie industry isn't going to find it necessary to spoof SSL if they try to use residential connections to provide bandwidth. Whether customers will accept the use of their bandwidth by the industry and pay for the content is another open question.
The "safe harbor" with the Department of Education, should this actually make it through and become part of the reauthorization of the Higher Education Act, will be to install an IPS that blocks all P2P. IT administrators are lazy and protective of their sinecures--they don't care if there are legal files to be had via P2P when it's easier to block it all, or to at least be able to say they've made the effort.
Then they'll turn off connections for "excessive" bandwidth usage, or for using a high number of SSL connections to IPs listed as residential in a DNSbl. Encryption is not a panacea.
IT departments acting like KU's contain at least one control freak (who probably was the force behind selling the policy described in the article to the administration). You know, the "I know what's running over MY network" types that don't like being denied the ability to snoop and would ban encryption if they could.
There is a DNS blacklist which lists all TOR nodes, entry and exit. The nodes are also published here. This means TOR can be blocked for all but those who can hop their traffic over an outside connection no matter whether it's running on a non-standard port.
Students at another university could set up alternate entry points, but I don't expect this to happen for two reasons. First, the students at the other university's resnet aren't likely to be able to accept incoming connections, as those networks are typically heavily firewalled. Second, even if they could accept traffic, they aren't likely to want to answer to the "network police" on their campus about their use of TOR. The universities who would not tolerate this kind of network fascism (e.g. MIT) don't have the resources to offer proxying service to other whole universities and even if they did would find those entry points blocked as well.
Because the TOR nodes are all published, it is easy to block TOR even when it running over port 443. Even if the nodes weren't published, the idea that a network administrator would have to block all encrypted traffic including https to block it is not true--an outbound filter can verify an SSL handshake is actually taking place and block the connection otherwise.
Regrettably, the ability to block TOR for all but the technically savvy with off-campus resources (e.g. proxy through a home broadband connection) is well in their hands. With the ability to punish anyone whom they find working around the blocks (even if just by making them aware they're being closely watched), I don't expect KU to see a sudden spike in TOR usage. It would be nice, though, if the students resisted.
Thanks, LOL. I don't actually reside at KU, but sympathize with the students. Of course all res nets are like this -- most have more of a velvet glove around the iron fist, though.
Slashdot Mirror
Then you woke up and realized you worked in the real world, where the admin monkeys don't really rule the world. Cite a documented case where you got a dev fired for violating eye-tee security or shut up.
They're SSHd into their boxes at home because the power tripping network nazis at work are blocking things that are useful. Stop with the ridiculous lockdowns for technical people and it won't happen. If your technical people aren't technical enough to be trusted, get new ones. Problem solved.
No, he didn't get fired, because, unlike in your dystopian fantasy world, the eye-tee "security" shop doesn't control the organization and common sense prevails.
Interestingly, credit card companies disallow a surcharge for use of a credit card, but allow a "discount for cash." Apparently, they fail to understand the simple truth that surcharge(X) == discount(not(X)).
Ding, ding, ding, correct. If I weren't $rbtl'd on this ID, I'd mod you up.
Yes, "Neca eos omnes. Deus suos agnoset"
Not a chance. That would make the grocery store data brokers consumer reporting agencies under the Fair Credit Reporting Act. Insurance companies would be required to notify policyholders of adverse action taken against them based on these extracts, which would then entitle him or her to the contents of their files. That, and the fact that I bought a raw chicken, a box of condoms, half dozen cans of whipped cream, and a jar of crunchy peanut butter in the same shopping trip proves nothing.
Ted Kennedy would blow out the sensors. It'd be like trying to measure the current coming out of a nuclear reactor with a Simpson 260 multimeter.
True, it's about the bandwidth -- but who are the ISPs more likely to feel safe screwing with? A bunch of people transferring movies with bittorrent, or the thousand lawyers of the Microsoft empire?
So Canada doesn't have national credit bureaus reporting parking tickets yet? Just wait.
Well-written and interesting. Thanks for the perspective!
Fair enough. Touché!
Shame it's in Latin so the engineering majors won't be able to read it :).
Now, though, every little mickey mouse major tacks on fees. There's a fee for business, for conservatory, for art. It's a way for schools to raise tuition more than their per credit hour price shows, which helps keep them off the radar of higher education price watchdogs on the hill. So if you're wondering why your tuition bill looks more complicated than a bill from AT&T, there's one answer.
I do have a problem with Blizzard being DMCA-wielding jackbooted thugs and having sued the bnetd maintainers, but could give two shakes about their use of bittorrent.
Good, then P2P networks using that protocol can spring up and not be blocked by ISPs.
I'm proud to be modded down by neocon sympathizers. Did I mention I have more karma than Shiva? I can't be censored.
Yeah, it's against the law. No one gives a shit about piddly-assed laws like that. Does it erode respect for all law that copyrights are too long? Yeah, probably.
The court's been packed with more fascists since then. I wouldn't rely on the Supreme Court "Justices" that gutted the Fourth Amendment (your papers, please) to uphold the First.
Censor that, fuckwits.
I suspect the movie industry isn't going to find it necessary to spoof SSL if they try to use residential connections to provide bandwidth. Whether customers will accept the use of their bandwidth by the industry and pay for the content is another open question.
The "safe harbor" with the Department of Education, should this actually make it through and become part of the reauthorization of the Higher Education Act, will be to install an IPS that blocks all P2P. IT administrators are lazy and protective of their sinecures--they don't care if there are legal files to be had via P2P when it's easier to block it all, or to at least be able to say they've made the effort.
Then they'll turn off connections for "excessive" bandwidth usage, or for using a high number of SSL connections to IPs listed as residential in a DNSbl. Encryption is not a panacea.
There is a DNS blacklist which lists all TOR nodes, entry and exit. The nodes are also published here. This means TOR can be blocked for all but those who can hop their traffic over an outside connection no matter whether it's running on a non-standard port.
Students at another university could set up alternate entry points, but I don't expect this to happen for two reasons. First, the students at the other university's resnet aren't likely to be able to accept incoming connections, as those networks are typically heavily firewalled. Second, even if they could accept traffic, they aren't likely to want to answer to the "network police" on their campus about their use of TOR. The universities who would not tolerate this kind of network fascism (e.g. MIT) don't have the resources to offer proxying service to other whole universities and even if they did would find those entry points blocked as well.
Because the TOR nodes are all published, it is easy to block TOR even when it running over port 443. Even if the nodes weren't published, the idea that a network administrator would have to block all encrypted traffic including https to block it is not true--an outbound filter can verify an SSL handshake is actually taking place and block the connection otherwise.
Regrettably, the ability to block TOR for all but the technically savvy with off-campus resources (e.g. proxy through a home broadband connection) is well in their hands. With the ability to punish anyone whom they find working around the blocks (even if just by making them aware they're being closely watched), I don't expect KU to see a sudden spike in TOR usage. It would be nice, though, if the students resisted.
Thanks, LOL. I don't actually reside at KU, but sympathize with the students. Of course all res nets are like this -- most have more of a velvet glove around the iron fist, though.