Forgot your password?
typodupeerror
Privacy Education IT Your Rights Online

MIT Tracking Campus Net Connections Since 1999 125

Posted by timothy
from the why-assume-otherwise? dept.
An anonymous reader writes "MIT has been monitoring student internet connections for the past decade without telling them. There is no official policy and no student input." The Tech article says, though, that the record keeping is fairly limited in its scope (connection information is collected, but not the data transferred) and duration (three days, for on-campus connections).
This discussion has been archived. No new comments can be posted.

MIT Tracking Campus Net Connections Since 1999

Comments Filter:
  • by VVelox (819695)

    I am curious as to what exactly was setup. It honestly sounds like they setup ntop, which is something I have some what mixed feelings about, but can be amazingly useful for tracking network health and etc.

    • Sounds more like snort. Which frankly, is a good thing for a University to run, maybe they could ignore non-academic/business stuff like dorms.
  • by Anonymous Coward

    At our university, the lawyers would have a fit if we weren't.

  • by fluffy99 (870997) on Saturday April 18, 2009 @05:58PM (#27631063)

    I'd be very surprised to find a college or ISP that didn't monitor their network in this fashion. Looks like maybe they are keeping DHCP, transparent proxy, and network statistics. Plus they are doing intrusion detection and looking for malicious activity. The good news is that they are not keeping these records long term, but only for a reasonable amount of time. If they are having a problem or suspicious activity then they probably keep it longer. Face it, your internet activities are NOT anonymous no matter how much you'd like it pretend that it is.

    I can see the argument that you could in theory back out the web surfing history of a particular mac address.

    These are things any self-respecting network should be doing. The issue here is students not realizing that some monitoring and logging is done. I'm willing to bet that consent to monitoring is referenced in an agreement that the students signed, but that the details of the monitoring are not spelled out.

    At my work, users sign agreements on acceptable use and consent to monitoring. I only dig into the logs if there is a problem, the IDS flagged something, or an accusation is made. Sometimes the logs prove innocence, btw.

    • by Anonymous Coward

      i just wanted to monitor where you are going and what you are doing. dont worry i delete it after three days. i promise .... ive been doin it for ten years, didnt think you would mind, thats why i didnt ask you. im sorry if you feel 'invadded', clearly its some emotional problem on your part, hysteria or perhaps paranoia. id suggest some anti psychotics.

      • by sunami (751539) on Saturday April 18, 2009 @06:22PM (#27631263)

        The University provides Network access to the students. You do not provide him access to his car. Pick a better metaphor.

        • by jgtg32a (1173373)
          and they haven't been given access to the car(computer), they have are monitoring the roads (network) that they provide.
        • Re: (Score:1, Flamebait)

          by im_thatoneguy (819432)

          We're going to put a camera in your dorm room and floor bathroom to watch everything you do. But don't worry we'll delete it after 3 days.

          *I don't actually have a problem with this logging. But you asked for a better metaphor. :D

          • Try it on me. Just try it.

            You'll be blind before you can say "OMGJESUSTURNOFFTHATTHINGHELPWHATISHEDOING???"

      • i just wanted to monitor where you are going and what you are doing. dont worry i delete it after three days

        The car that you're renting me? And that you have the responsibility for maintaining?

        Sure. Go ahead. Sounds reasonable to me.

        • by Gunstick (312804)

          not a camera but those cars actually may already contain GPS home tracking devices. So when you steal instead of rent the car or when you go missing (tourist getting lost in the desert) the car can be tracked down.

      • His car is private property. Now if you have a little hover camera that follows his car everywhere, that's just fine, since he shouldn't expect anything he does in public to not be logged and cross-referenced extensively. If he doesn't want that, he should avoid doing things in public.
      • If you were borrowing my car, you had better believe that I would put a camera in it.

        This situation is similar to when someone at my university realised that the unix team has access to unencrypted emails stored on the school email server, which caused a huge uproar in the student media. It's not like they were indexing the data and selling queries to data miners.

        Anyone who thinks it's a good idea for admins to completely disable logging really does not understand how all this computer stuff works.

      • Re: (Score:2, Insightful)

        What? Stop with the stupid card analogies. They don't apply here. Let's come up with a better analogy.

        It's like... a service provider. Who provides a service. And that service provider monitors the health and usage of their service. And if you don't use their service, it doesn't affect you; while if you do use it, it does.

        There. Was that so hard?

      • The data collected would be more analogous to MIT tracking who parks on campus.

    • I mean, really, while it's wrong that they store the data without telling the users, and while users should have better expectations of privacy, you have to look at this in context. They are only storing the data for 3 days, and it's only the connection details rather than the content. And the context that this is in, on Slashdot, is that a few articles down the FBI and the state of california are going to take and warehouse DNA from people that have not been convicted of a crime. I'm not saying this is
      • Re: (Score:3, Insightful)

        by rtb61 (674572)

        What is much more interesting about this article, is not so much what MIT are doing with regard to typical network function monitoring, rather than data recording and individually targeted analysis, it is the way people are reacting. There has been a major shift in the general public view of digital privacy and the wild wild west days of invading the privacy of people, psychologically analysing them and personally targeting them with adds to manipulate their choices, is no longer considered acceptable.

        So

      • Re: (Score:3, Insightful)

        hile it's wrong that they store the data without telling the users, and while users should have better expectations of privacy, you have to look at this in context

        No, back up. Why is it wrong? THey own the network. They are responsible for the health and maintenance of that network; and further they are responsible for the things people /do/ on that network to some extent.

        I agree with looking at this in context/with perspective, but I don't see how what they're doing is in any way wrong.

    • by Jurily (900488)

      I'd be very surprised to find a college or ISP that didn't monitor their network in this fashion.

      That's like wondering what sysadmin doesn't want the latest porn of their users.

    • I guess the length of time they keep the records is the most important thing. When I saw the headline I too thought that it wasn't just MIT. The market isn't ready for it yet, but privacy is the next big killer app for the Internet. Whoever solves the privacy problem is going to be very rich.
      • Re: (Score:3, Insightful)

        by fluffy99 (870997)
        Except we have governments actively trying to thwart the notion of privacy with calls like "think of the children" and the "war on terror". We've had data retention laws, illict wiretapping, internet traffic monitoring, etc. Do you honestly think that if someone comes up with a magic solution that the govt won't label it a security threat and somehow ban its use? Or automatically assume it's use involves illegal activities? We already see that with bittorrent.
        • The gov't developed the Internet, but I don't think they would have done it if they had understood what its impact would be. It is just possible that the significance of the privacy solution won't be recognized until it is too late. I still think there is a bundle of money to be made in privacy.
    • by QuantumRiff (120817) on Saturday April 18, 2009 @10:27PM (#27632989)

      I used to work at a small college.. We'd have bandwidth problems, I'd check the logs (ntop is very handy for this) and then look up the IP/MAC. Trace it to the nearest access point, walk into the cafeteria, see two students with laptops out. One of them, sitting far back in the corner so nobody could see their screen..

      It would scare the shit out of them when I'd walk up to them and just stay "please stop, or I will have to disable your access until you talk to the director of IT about our acceptable use policy" They could never quite figure out how I knew it was them..

    • These are things any self-respecting network should be doing. The issue here is students not realizing that some monitoring and logging is done. I'm willing to bet that consent to monitoring is referenced in an agreement that the students signed, but that the details of the monitoring are not spelled out.

      Well, well, the problem lies therein. Again, I don't believe that some sort of monitoring clause was not displayed/clicktrough/signed by the students when they first used/signed up for the connection; if it was not, it's not nice. If it was, I don't see absolutely any problem with it.

  • by KibibyteBrain (1455987) on Saturday April 18, 2009 @06:02PM (#27631095)
    Part of the problem with this sort of thing is, with no policy, where do reasonable expectations of privacy for using someone's pipe they've offered you access to begin and end? In general, with no privacy policy, there is no expectation of privacy, unfortunately.
  • This doesn't surprise me at all, I don't exactly like it but under stand it. The positive side of this is they are being reasonable on how long they keep the logs. Though if they collect this information the student should made aware of, not just buried in the contract they signed.
  • or the feds snooping, i am really frankly surprised

    you actually want to depend upon the federal government for your security?

    you want to depend upon some school, some cable company, some phone company not to snoop on you?

    whenever i'm encountered by this strange slashdot groupthink, i really have only one thing to offer: if you put it on a wire, if its outside your control, then the security or privacy of whatever you are doing is nothing you should count on

    the outrage seems artifical, contrived, illogical, exasperating

    if you want security, if you want privacy DON'T PUT IT ON A WIRE OUTSIDE YOUR CONTROL

    beginning and ending of discussion

    as if you actually want ot TRUST some other entity to do your security work for you?

    hey, how about this: YOU are responsible for your security

    you, and you alone

    is my pov really that strange?

    it seems odd anyone should consider it any other way

    • Re: (Score:3, Insightful)

      hey, how about this: YOU are responsible for your security
      you, and you alone

      Except where private ownership of firearms is concerned, though, right?

      At least that's the impression I've gotten from your last 5 years' worth of posts on K5.

    • i

      like

      my

      enter

      key

    • by Anonymous Coward

      ...when you are going to finsh that fucking movie.

    • whenever i'm encountered by this strange slashdot groupthink

      I wouldn't say it's all that strange, but we find snooping practices to be extremely abhorrent because they almost directly imply an assumption of guilt. Furthermore, ISP logs have frequently been used as a tool for the MAFIAA Lawyers to nail people up on the wall for enough "protection money" to satisfy their business model.

      Lastly, years' duration of log-keeping rarely actually benefits the ISP or company in question. It is kinda funny that you posted this in a thread about 3 days worth of logging.

    • I think this might be plagiarized. Consider:

      Whensoever some Broadsheet publisheth some scandalous Story about the practise of "Paper Retention" and "File Mining," or the King's Men are observed in the act of prying into the Affairs of others, I must confess to Incredulousness. Can it be that you expect the Crown to honor his subjects' Security? I make bold to offer this Advice: if ye put some matter to Paper, then quite simply ye should expect it sometime to be read by Others, and not only by Yourself.

      • as if hamilton or madison didn't know what they were inviting?

        as if hamilton or madison expected protection from the crown?

        you say that my attitude is akin to the attitude of kind george the third goons. no, rather my attitude is to say that king george has goons that don't respect you, and never will, and you should know that. when you criticize me for this, you're simply shooting the messenger

        do you think the answer is to hold the goons to some sort of expectation of behavior?

        the american revolution would

        • Ok, I was being a little mean there -- I concede no one really thinks what I was ascribing to you. I was just exaggerating a little to make a point. But you must concede that no one actually thinks what you are now ascribing to me!

          First, I'm making no claims about Madison or Hamilton. My little historical fantasy was an absurd anachronism: as best I gather, Hamilton and Madison had nothing to do with helping incite revolution, and I only mentioned them as political philosophers who were vocal about indi

    • if you want security, if you want privacy DON'T PUT IT ON A WIRE OUTSIDE YOUR CONTROL

      Hmmm, what about tubes outside my control?

    • by turing_m (1030530)

      What is strange is that this is the first post I've read of yours that makes sense. Usually you would poke fun at your post as a "conspiracy theory".

      The only way I can make sense of it is as follows:
      1. GFC hits.
      2. Several rich neocons living in New York are particularly hard hit, and have to cut costs.
      3. Folks in 2. stop funding you for proselytizing the party line, both on slashdot and (as they would figure from your posting history) in your movie.
      4. This post was a warning to them. ...
      5. You go back to fl

  • ZOMG! (Score:4, Funny)

    by Anonymous Coward on Saturday April 18, 2009 @06:30PM (#27631349)

    IT Professionals, working for major Universities, monitor network traffic?

    No. Fucking. Way.

  • Help me out with this?

  • by Decado (207907) on Saturday April 18, 2009 @06:47PM (#27631481)

    Seriously, they keep the records for 3 days for most traffic and 30 days for anomolous traffic which might indicate a threat to the network. Most networks I have seen keep data for far longer just because nobody ever bothers to clean out the logs.

    The fact that they have a policy for cleaning the logs puts them streets ahead of the most network admins and yet they are being portrayed as the bad guys here.

    Storm in a teacup if I have ever seen one.

    • by Matey-O (518004)

      And it's surprisingly easy to do. Monitor the ingress/egress traffic, throw away everything but the first 130-odd bits of the TCP Header and you get surprisingly good compression on the data.

      Several years ago, I took a SANS class on Snort. Evidently Sandia Labs captured every packet on the wire and kept the transaction info, indefinitely. It was roughly a DVD-R a week.

      On th other end of the spectrum, I syslog all of the connection info from our firewalls. I rotate the logs daily, and compress them when they

      • by Karrots (14012)

        No sniffing needed.

        1. Configure the core routers to send netflow data to a central server.
        2. Use a netflow collector to record the netflow data.
        3. Use tools such as NTop, nfsen, and others to monitor traffic.

        No sniffing ingress/egress ports needed unless you want deep packet inspection.

    • Re: (Score:2, Informative)

      by ZerdZerd (1250080)

      The fact that they have a policy for cleaning the logs

      TFA:

      without an official policy governing how it may use or store the data.

      though there is no official policy.

      does not appear to have any policy covering the retention and use of connection or security logs

      • by Decado (207907)

        They keep 3 days of logs and a 30 day log of malicious activity. That the article describes their policy while claiming they don't have one pretty much proves the "storm in a teacup" point.

        The policy they are using is both practical and reasonable from a privacy standpoint. It may not be an "official" policy but it is a policy and it is a good one. It is just a case of arguing over definitions.

  • by Anonymous Coward

    The Tech article says, though, that the reco[...]

    Look, timothy, little tip that'll make your job easier: Effectively zero Slashdotters read past the reminder that somebody can see them sometime, somewhere. They were all too busy alternating between sputtering gibberish, screaming in panic, and folding new layers on their tinfoil hats at that point.

    Next time, you can save yourself a lot of writing trouble by just linking to The Tech with the text "people bigger than you fnord can see you fnord fnord fnord", and the effect will be the same.

  • As a network admin I can't tell you how useful it is to have at least a little data about where something might have come from in the event of a problem arising. Three days worth of data is hardly something to get in a twit about, and honestly the specifics of the data probably isn't even looked at that much.
  • by psergiu (67614)
    I Hope They Favoritize P2p

    Interesting How The Feds Pursue
  • by carlzum (832868) on Saturday April 18, 2009 @07:42PM (#27631847)
    This is Quentin Smith reporting live from the Massachusetts Institute of Technology. News agencies are reporting that MIT has been keeping records of network activity. It's a practice called "logging" by hackers, crackers, and other computer deviants. Using nefarious software techniques, "loggers" can identify and disrupt innocent users' botnets.

    Individuals with limited knowledge of computers like MIT students are particularly susceptible to these types of attacks. To combat these "loggers," experts suggest disabling firewalls and updating account information if you receive an email from your bank.
  • Three days... (Score:5, Insightful)

    by Chris Snook (872473) on Saturday April 18, 2009 @10:36PM (#27633053)

    ...is just enough time to figure out:

    a) where the bomb threat came from.
    b) which building the suicidal student needs to get talked down from.
    c) who impersonated the professor to cancel an assignment.
    d) how a lab router ended up sniffing for passwords.

    All of these things happened while I was in campus IT, but I never heard about an RIAA/MPAA complaint about something that happened less than two weeks prior, so this really doesn't look like undue outside influence to invade student privacy. It's just responsible network management.

  • how the fuck is this news? this is extremely basic monitoring for simple diagnostics and troubleshooting.
  • ... don't they? They can do whatever the hell they want with their network, including monitoring, shaping, filtering, or whatever. If students are that worried about privacy, they can get their own private connections.

    • Re: (Score:3, Interesting)

      by Repossessed (1117929)

      Um, no, they can't. They kindof have to use that one. Especially if they live in the dorms.

      How comfortable are you with your ISP and landlord tracking you?

  • Really, unless the people paid by the university who aren't students monitor the network, nothing happens. My school has our residential network monitored by students. Yes, you heard me right, Students. This is why a major file sharing client was allowed to run on someone's computer for several years. Why? Because why is the student going to say anything and get them riled up? They already deal with enough.

Blessed be those who initiate lively discussions with the hopelessly mute, for they shall be known as Dentists.

Working...