I would respect your school system much more if there was no filtering,
Sadly, filtering is required by US federal and Ohio state laws. Our wise rulers clearly saw that if students encountered the sort of things they discuss in the boys' locker room online, all hell would break loose.
How do you know that the email in question is not a "coming out" email? Or do homosexual students no longer have privacy rights (despite being a group of students that has a higher need for privacy than others)?
So your filter has the best natural language processing software ever devised? How do you protect the privacy of a student who is coming out to a close friend?
Eventually, students will figure out that you are monitoring their email, and they will find another way to communicate when they want to talk about verboten topics. What are you going to do then? What are you going to do when your students figure out how to encrypt their messages, or set up their own email systems or message boards? It will only take a handful of bright students to figure out it, and they have plenty of incentive to share their knowledge with others (imagine how popular the guy who knows how to break the rules without getting caught will become).
In the end, your students will learn that authority figures exist to enforce censorship and violate privacy rights, and that it is good to game the system and run circles around the bureaucracy. That is the lesson people living in the USSR learned, after all.
Again, this list is a work in progress. We have and will continue to edit it.
The only point at which the list would not interfere with academic discourse is when it is empty, so I hope your "edits" consist of "delete everything."
As for censorship, please understand that filtering is something Ohio schools are required to do
Yet you are also defending the censorship apparatus. You would still be complicit if you sat around saying, "Well, it is my job to set this up, but I do not think it is the right thing to do," but by actively defending the filtering and pretending that the only issue is figuring out which words should be banned, you are taking things to an entirely different level. Your school district is engaging in a program which teaches teenagers that censorship is part of the structure of the world, and that they should petition an authority figure when they have a "legitimate" need to discuss a verboten topic; that is the problem with a banned words list.
I know you are just an IT guy doing what you are told, but you are still responsible for your actions, and in this case your actions have a negative impact on the children in your school district. If nobody were willing to set up this sort of censorship apparatus, the law would have to change, or it would have the effect of depriving schools and libraries of Internet access.
you would be amazed at what was on the original lists
I am amazed at what remained on your list. What were you thinking? Not only did you block large numbers of works used in a typical biology textbook, you even managed to block words that would be relevant to bible discussions.
However as a school providing email to children, the consensus of our community to to provide some level of filtering.
So you are training your children to accept censorship and to run to authority figures whenever they need to discuss certain topics? If your school district were in a country like China or Myanmar, this policy might make sense.
Any high school student who uses these words in a piece of schoolwork is either committed a mistake
Oh yeah? How about an essay that contains something like this:
Although it is less relevant in the modern world, the Bible does contain a prohibition on beastiality (sic, the list doesn't spell this word correctly), which indicates that such practices were known among ancient near-east cultures...
Yeah, it is really a stretch to think that a student would use one of the words on the list in their schoolwork. Many of the words on that list could easily be used in an academic context even at the high school level. A student might be talking about dog breeding and use the word "bitch" appropriately, or might write a report about the history of the gay rights movement which contains various slang words.
The actions the school takes matter. But the list itself, as a trigger for action, seems pretty sensible.
It is sensible if your goal is to condition students to believe that censorship is normal and that if you are going to discuss certain topics it must be under the supervision of an authority figure. What do you think reaches students at a deeper level: a class about the US government which happens to cover the bill of rights, or a censorship system that the students must submit to every day? How much respect for freedom of speech do you think these students will have, after spending years dealing with this sort of censorship?
On the one hand, we criticize the Chinese for doing these sorts of things, we criticize Cisco for providing the necessary equipment, and we encourage people to run proxies and Tor exits. On the other hand, we engage in exactly the same behavior when it comes to our schools and students, we use the same equipment, the same sort of policies, and we discourage students from circumventing the censorship apparatus. What are teachers supposed to say when they teach about current events?
Someone noted that "beastiality" (sic) is on the list of forbidden words. The irony is that the bible itself mentions bestiality, and I really wish I could see the expression on some "Christian Conservative" parent's face when their child says, "It wouldn't let me write my report about the bible!"
Indeed, but the panic over what children might be exposed to on the Internet has led to censorship being implemented in schools -- and if it were not for that pesky "first amendment," we would have seen a censored Internet nationwide in this country long ago.
Frankly, I could see an academic use for any of the words that you quoted. "Ballsack" could literally mean a sack with balls in it, "bastard" could be used in the context of "bastard child," a student might be writing a paper about the bible's treatment of bestiality, "bitch" means female dog and could be appropriately used when talking about dog breeding, and "biatch" is commonly used in rap music, so any student writing a report about rap could potentially use that word.
I think this list was designed under the assumption that schoolchildren will never be writing a paper that includes any of the above, or perhaps that our education system has gotten so bad that children do not write papers at all.
Engineering classes? Before college? Not likely in this country.
As for scrotum and gonads, I do not recall hearing those words mentioned in any biology and "health education" classes, so I guess that will not be a problem either. If you are reading this and thinking, "What the hell is going on with education over there," you must have not been paying attention -- American education is second rate. Schools in America are really meant to condition people to accept a particular social order and hierarchy (unless you are wealthy enough to send your children to private school).
$10 says that schools using this censorship system will have special computers that students can use for research that contains words like "breast" or "penis," and that students will have to be supervised while using those computers. I mean, why not train our kids to think that censorship is the norm and that the only way you can get around it is while an authority figure is supervising your work?
No, I am advocating that Tor exits be treated as what they are: communication services. You don't see the cops seizing routers and servers from ISPs, and you should not see them seizing an exit node operator's equipment either.
His computer was used in the transmission of kiddie porn
So were dozens of computers operated by ISPs (we call these computers "routers").
His IP was in the logs
Which could just as easily have been:
A neighbor using his Internet connection
A guest
Malware running on his computer (in which case Mr. King was not the one committing a crime)
Mr. King's proxy server or Tor exit node
The problem is that the IP address was the only evidence ICE had, and on that basis alone they busted into his home and took his property.
It's completely reasonable to want to investigate whoever had that IP at that time
A competent investigation would have quickly determine that he was running a Tor exit:
My, there is a lot of apparently unrelated traffic on this connection
We checked, this IP address is listed as a Tor exit
No equipment seizure needed, and Mr. King may have even been willing to cooperate with ICE to try to catch whoever it is that they were looking for (if ICE had any clue who exactly they were looking for).
They should have gotten a warrant, investigated the machines he had, and when no evidence came up, returned the equipment, and sent him on his way.
Meanwhile, he does not have a computer -- for some people, that means losing the ability to work. Will the government compensate him for the lost computer time, lost work hours, expired stock options, etc.? Will the government give him another computer to use, while they are examining the equipment they took from his home?
Not when "investigated" means "take anything that might store any digital information," and not when the "investigation" does not include a check to see whether or not Mr. King is running an exit node, proxy server, remailer, etc. The police busted in, took his computers, storage media, etc., and then returned it all with a "we'll be back if you keep this up" message.
If the investigators spent time on the child porn forums or hacking sites or whatever they were investigating, they could infiltrate the community and try to get an actual identity, but that's a ridiculous long shot, and utterly unreliable.
Not such an unreliable longshot, as it turns out. I cannot remember the exact name, but there was a case where IP address logs would not have been terribly useful because an organized and very dangerous child pornography ring -- not just people downloading it, but people who were actually producing it -- was using a combination of the remailers network and Usenet (it would have required a global surveillance program to actually catch them without infiltrating the group). The FBI did wind up infiltrating the group when one of the members became an informant (he may have been caught by other means), and eventually members of the group were indicted.
If packets were all encrypted, or otherwise cryptographically authenticated, a person's identity could be changed whenever the keys changed. Yet again, it's an unreliable identification.
Not really -- the members of the group still need to be able to identify each other, and so you will be able to reestablish someone's identity as a member of the group (and charge them as part of a criminal conspiracy). Changing master keys is a fairly expensive thing to do, since all your contacts need to reauthenticate your new master key, so it is unlikely that a master signing key will change frequently. I would say that a cryptographic key is more reliable as a way to identify a person than an IP address, given that keys are generally passphrase protected and rarely shared (at least signing keys are rarely shared).
Then there's the IP address... for bidirectional communication, it usually cannot be spoofed, and it's usually assigned by someone other than the end user. No, it's not perfect, but it's better than any alternative.
In the real world, however, IP addresses are frequently shared among several people -- think NAT, wardriving, etc. Computers may also be shared among several people, making IP addresses even less reliable as a form of identification. People may have guests in their home, neighbors who use their Internet connection, they may grant SSH access to friends (like I did in high school), or they may be a victim of malware. A computer is not an extension of a person's body, and an IP address is not an extension of a person's computer.
If there's something I'm missing here, please feel free to point it out
There is something missing from this entire conversation: what sort of crimes are we prosecuting where IP addresses are the only method the police can use to identify someone? Are the police really unable to use things like the thermal noise in an image (e.g. in a child pornography case), physical evidence from a package (e.g. for drug cases), serial numbers on money, or any of the other forms of evidence collection? If we are talking about "crimes" in which there is no physical evidence, no money trail, and in which no evidence except an IP address and data on a hard drive are used to incriminate someone, we have a problem (and since that is exactly the situation we are currently facing, I would say that we certainly do have a problem).
No, it would have to be far enough along that the police have more to go on than an IP address before they harass and embarrass someone by seizing his equipment and accusing him of downloading child pornography.
Then you arrest him and seize his equipment. If you detect evidence that he tried to destroy illegal files, then he is guilty of destruction of evidence. If you cannot find anything, I guess he gets to go free -- what a tragedy, that someone who might have downloaded some child pornography will not be arrested.
You've created a scenario where the standard of evidence is so high
Have we really gotten to the point where it is unreasonable to think that evidence should actually identify a person? Do you actually think that such a standard is too high? The only evidence the police had that Mr. King was downloading the material was his IP address. There was no other evidence to go on, at all, and on top of that he was running a Tor exit node -- a fact that could have been determined by simply asking the Tor project for the list of exits, and Mr. King would never have known.
I sincerely hope you're never on a jury.
I hope you never have to face a jury that never bothers to ask themselves whether or not there is evidence that you committed a crime, or who are willing to believe that something as nonspecific as an IP address or telephone number is all the evidence that is necessary to convict someone.
There's nothing stopping an individual getting their access mechanisms and machine audited,
The police never asked for Mr. King's logs, they just busted in and seized his equipment. They simply assumed that because his home address was listed on the account that the IP address was assigned to, he was the person they were looking for. The most optimistic view is that this was bad police work.
But surely you don't expect them to be cleared with absolutely no investigation, do you?
Yes, I do, because IP addresses do not identify people and the only thing that links a Tor exit node to the illegal activity is the IP address. An IP address is an unacceptably low standard of evidence for granting a search warrant. IP addresses are frequently shared, computers may be taken over by malware, your neighbors might guess your WPA passphrase, etc. The police should gather more evidence before they are granted a search warrant; this would avoid the problem of harassing innocent exit node operators.
It is better that a couple of pedophiles are not arrested for downloading child pornography than that innocent people are embarrassed and harassed by law enforcement.
disallowing their use as probable cause for a search warrant would seem to set an unreasonably high legal bar.
No, it would set the legal bar exactly where it should be: requiring the police to actually identify a person as a suspect. If the police are unable to do so, then they should not be granted a warrant -- this is not a country where we grant the police general search warrants, and it is better to let some criminals walk free than to harass innocent people.
Slashdot Mirror
I would respect your school system much more if there was no filtering,
Sadly, filtering is required by US federal and Ohio state laws. Our wise rulers clearly saw that if students encountered the sort of things they discuss in the boys' locker room online, all hell would break loose.
That is why I said "sic"
How do you know that the email in question is not a "coming out" email? Or do homosexual students no longer have privacy rights (despite being a group of students that has a higher need for privacy than others)?
So your filter has the best natural language processing software ever devised? How do you protect the privacy of a student who is coming out to a close friend?
Eventually, students will figure out that you are monitoring their email, and they will find another way to communicate when they want to talk about verboten topics. What are you going to do then? What are you going to do when your students figure out how to encrypt their messages, or set up their own email systems or message boards? It will only take a handful of bright students to figure out it, and they have plenty of incentive to share their knowledge with others (imagine how popular the guy who knows how to break the rules without getting caught will become).
In the end, your students will learn that authority figures exist to enforce censorship and violate privacy rights, and that it is good to game the system and run circles around the bureaucracy. That is the lesson people living in the USSR learned, after all.
Again, this list is a work in progress. We have and will continue to edit it.
The only point at which the list would not interfere with academic discourse is when it is empty, so I hope your "edits" consist of "delete everything."
As for censorship, please understand that filtering is something Ohio schools are required to do
Yet you are also defending the censorship apparatus. You would still be complicit if you sat around saying, "Well, it is my job to set this up, but I do not think it is the right thing to do," but by actively defending the filtering and pretending that the only issue is figuring out which words should be banned, you are taking things to an entirely different level. Your school district is engaging in a program which teaches teenagers that censorship is part of the structure of the world, and that they should petition an authority figure when they have a "legitimate" need to discuss a verboten topic; that is the problem with a banned words list.
I know you are just an IT guy doing what you are told, but you are still responsible for your actions, and in this case your actions have a negative impact on the children in your school district. If nobody were willing to set up this sort of censorship apparatus, the law would have to change, or it would have the effect of depriving schools and libraries of Internet access.
you would be amazed at what was on the original lists
I am amazed at what remained on your list. What were you thinking? Not only did you block large numbers of works used in a typical biology textbook, you even managed to block words that would be relevant to bible discussions.
However as a school providing email to children, the consensus of our community to to provide some level of filtering.
So you are training your children to accept censorship and to run to authority figures whenever they need to discuss certain topics? If your school district were in a country like China or Myanmar, this policy might make sense.
Any high school student who uses these words in a piece of schoolwork is either committed a mistake
Oh yeah? How about an essay that contains something like this:
Although it is less relevant in the modern world, the Bible does contain a prohibition on beastiality (sic, the list doesn't spell this word correctly), which indicates that such practices were known among ancient near-east cultures...
Yeah, it is really a stretch to think that a student would use one of the words on the list in their schoolwork. Many of the words on that list could easily be used in an academic context even at the high school level. A student might be talking about dog breeding and use the word "bitch" appropriately, or might write a report about the history of the gay rights movement which contains various slang words.
The actions the school takes matter. But the list itself, as a trigger for action, seems pretty sensible.
It is sensible if your goal is to condition students to believe that censorship is normal and that if you are going to discuss certain topics it must be under the supervision of an authority figure. What do you think reaches students at a deeper level: a class about the US government which happens to cover the bill of rights, or a censorship system that the students must submit to every day? How much respect for freedom of speech do you think these students will have, after spending years dealing with this sort of censorship?
On the one hand, we criticize the Chinese for doing these sorts of things, we criticize Cisco for providing the necessary equipment, and we encourage people to run proxies and Tor exits. On the other hand, we engage in exactly the same behavior when it comes to our schools and students, we use the same equipment, the same sort of policies, and we discourage students from circumventing the censorship apparatus. What are teachers supposed to say when they teach about current events?
I like how "grass" is on that list -- I guess a lot of the school's athletes are suddenly going to have their emails forwarded to the district.
Someone noted that "beastiality" (sic) is on the list of forbidden words. The irony is that the bible itself mentions bestiality, and I really wish I could see the expression on some "Christian Conservative" parent's face when their child says, "It wouldn't let me write my report about the bible!"
Indeed, but the panic over what children might be exposed to on the Internet has led to censorship being implemented in schools -- and if it were not for that pesky "first amendment," we would have seen a censored Internet nationwide in this country long ago.
Frankly, I could see an academic use for any of the words that you quoted. "Ballsack" could literally mean a sack with balls in it, "bastard" could be used in the context of "bastard child," a student might be writing a paper about the bible's treatment of bestiality, "bitch" means female dog and could be appropriately used when talking about dog breeding, and "biatch" is commonly used in rap music, so any student writing a report about rap could potentially use that word.
I think this list was designed under the assumption that schoolchildren will never be writing a paper that includes any of the above, or perhaps that our education system has gotten so bad that children do not write papers at all.
Engineering classes? Before college? Not likely in this country.
As for scrotum and gonads, I do not recall hearing those words mentioned in any biology and "health education" classes, so I guess that will not be a problem either. If you are reading this and thinking, "What the hell is going on with education over there," you must have not been paying attention -- American education is second rate. Schools in America are really meant to condition people to accept a particular social order and hierarchy (unless you are wealthy enough to send your children to private school).
$10 says that schools using this censorship system will have special computers that students can use for research that contains words like "breast" or "penis," and that students will have to be supervised while using those computers. I mean, why not train our kids to think that censorship is the norm and that the only way you can get around it is while an authority figure is supervising your work?
If you click the last link and log in to your Google account
No more reason than that someone who works at an ISP, coffee shop, or library should not be suspected.
No, I am advocating that Tor exits be treated as what they are: communication services. You don't see the cops seizing routers and servers from ISPs, and you should not see them seizing an exit node operator's equipment either.
His computer was used in the transmission of kiddie porn
So were dozens of computers operated by ISPs (we call these computers "routers").
His IP was in the logs
Which could just as easily have been:
The problem is that the IP address was the only evidence ICE had, and on that basis alone they busted into his home and took his property.
It's completely reasonable to want to investigate whoever had that IP at that time
A competent investigation would have quickly determine that he was running a Tor exit:
No equipment seizure needed, and Mr. King may have even been willing to cooperate with ICE to try to catch whoever it is that they were looking for (if ICE had any clue who exactly they were looking for).
They should have gotten a warrant, investigated the machines he had, and when no evidence came up, returned the equipment, and sent him on his way.
Meanwhile, he does not have a computer -- for some people, that means losing the ability to work. Will the government compensate him for the lost computer time, lost work hours, expired stock options, etc.? Will the government give him another computer to use, while they are examining the equipment they took from his home?
I suspect the answer to those questions is "no."
Not when "investigated" means "take anything that might store any digital information," and not when the "investigation" does not include a check to see whether or not Mr. King is running an exit node, proxy server, remailer, etc. The police busted in, took his computers, storage media, etc., and then returned it all with a "we'll be back if you keep this up" message.
If the investigators spent time on the child porn forums or hacking sites or whatever they were investigating, they could infiltrate the community and try to get an actual identity, but that's a ridiculous long shot, and utterly unreliable.
Not such an unreliable longshot, as it turns out. I cannot remember the exact name, but there was a case where IP address logs would not have been terribly useful because an organized and very dangerous child pornography ring -- not just people downloading it, but people who were actually producing it -- was using a combination of the remailers network and Usenet (it would have required a global surveillance program to actually catch them without infiltrating the group). The FBI did wind up infiltrating the group when one of the members became an informant (he may have been caught by other means), and eventually members of the group were indicted.
If packets were all encrypted, or otherwise cryptographically authenticated, a person's identity could be changed whenever the keys changed. Yet again, it's an unreliable identification.
Not really -- the members of the group still need to be able to identify each other, and so you will be able to reestablish someone's identity as a member of the group (and charge them as part of a criminal conspiracy). Changing master keys is a fairly expensive thing to do, since all your contacts need to reauthenticate your new master key, so it is unlikely that a master signing key will change frequently. I would say that a cryptographic key is more reliable as a way to identify a person than an IP address, given that keys are generally passphrase protected and rarely shared (at least signing keys are rarely shared).
Then there's the IP address... for bidirectional communication, it usually cannot be spoofed, and it's usually assigned by someone other than the end user. No, it's not perfect, but it's better than any alternative.
In the real world, however, IP addresses are frequently shared among several people -- think NAT, wardriving, etc. Computers may also be shared among several people, making IP addresses even less reliable as a form of identification. People may have guests in their home, neighbors who use their Internet connection, they may grant SSH access to friends (like I did in high school), or they may be a victim of malware. A computer is not an extension of a person's body, and an IP address is not an extension of a person's computer.
If there's something I'm missing here, please feel free to point it out
There is something missing from this entire conversation: what sort of crimes are we prosecuting where IP addresses are the only method the police can use to identify someone? Are the police really unable to use things like the thermal noise in an image (e.g. in a child pornography case), physical evidence from a package (e.g. for drug cases), serial numbers on money, or any of the other forms of evidence collection? If we are talking about "crimes" in which there is no physical evidence, no money trail, and in which no evidence except an IP address and data on a hard drive are used to incriminate someone, we have a problem (and since that is exactly the situation we are currently facing, I would say that we certainly do have a problem).
No, it would have to be far enough along that the police have more to go on than an IP address before they harass and embarrass someone by seizing his equipment and accusing him of downloading child pornography.
What happens if his logs don't check out?
Then you arrest him and seize his equipment. If you detect evidence that he tried to destroy illegal files, then he is guilty of destruction of evidence. If you cannot find anything, I guess he gets to go free -- what a tragedy, that someone who might have downloaded some child pornography will not be arrested.
You've created a scenario where the standard of evidence is so high
Have we really gotten to the point where it is unreasonable to think that evidence should actually identify a person? Do you actually think that such a standard is too high? The only evidence the police had that Mr. King was downloading the material was his IP address. There was no other evidence to go on, at all, and on top of that he was running a Tor exit node -- a fact that could have been determined by simply asking the Tor project for the list of exits, and Mr. King would never have known.
I sincerely hope you're never on a jury.
I hope you never have to face a jury that never bothers to ask themselves whether or not there is evidence that you committed a crime, or who are willing to believe that something as nonspecific as an IP address or telephone number is all the evidence that is necessary to convict someone.
How do you think the investigation should have been conducted
Oh no, you mean that while we are busy respecting the rights of our citizens, some criminals might go free?! Yes, that is what I mean.
There's nothing stopping an individual getting their access mechanisms and machine audited,
The police never asked for Mr. King's logs, they just busted in and seized his equipment. They simply assumed that because his home address was listed on the account that the IP address was assigned to, he was the person they were looking for. The most optimistic view is that this was bad police work.
But surely you don't expect them to be cleared with absolutely no investigation, do you?
Yes, I do, because IP addresses do not identify people and the only thing that links a Tor exit node to the illegal activity is the IP address. An IP address is an unacceptably low standard of evidence for granting a search warrant. IP addresses are frequently shared, computers may be taken over by malware, your neighbors might guess your WPA passphrase, etc. The police should gather more evidence before they are granted a search warrant; this would avoid the problem of harassing innocent exit node operators.
It is better that a couple of pedophiles are not arrested for downloading child pornography than that innocent people are embarrassed and harassed by law enforcement.
disallowing their use as probable cause for a search warrant would seem to set an unreasonably high legal bar.
No, it would set the legal bar exactly where it should be: requiring the police to actually identify a person as a suspect. If the police are unable to do so, then they should not be granted a warrant -- this is not a country where we grant the police general search warrants, and it is better to let some criminals walk free than to harass innocent people.