Forgot your password?
typodupeerror
Privacy Education IT Your Rights Online

MIT Tracking Campus Net Connections Since 1999 125

Posted by timothy
from the why-assume-otherwise? dept.
An anonymous reader writes "MIT has been monitoring student internet connections for the past decade without telling them. There is no official policy and no student input." The Tech article says, though, that the record keeping is fairly limited in its scope (connection information is collected, but not the data transferred) and duration (three days, for on-campus connections).
This discussion has been archived. No new comments can be posted.

MIT Tracking Campus Net Connections Since 1999

Comments Filter:
  • by Anonymous Coward on Saturday April 18, 2009 @06:55PM (#27631033)

    At our university, the lawyers would have a fit if we weren't.

  • by fluffy99 (870997) on Saturday April 18, 2009 @06:58PM (#27631063)

    I'd be very surprised to find a college or ISP that didn't monitor their network in this fashion. Looks like maybe they are keeping DHCP, transparent proxy, and network statistics. Plus they are doing intrusion detection and looking for malicious activity. The good news is that they are not keeping these records long term, but only for a reasonable amount of time. If they are having a problem or suspicious activity then they probably keep it longer. Face it, your internet activities are NOT anonymous no matter how much you'd like it pretend that it is.

    I can see the argument that you could in theory back out the web surfing history of a particular mac address.

    These are things any self-respecting network should be doing. The issue here is students not realizing that some monitoring and logging is done. I'm willing to bet that consent to monitoring is referenced in an agreement that the students signed, but that the details of the monitoring are not spelled out.

    At my work, users sign agreements on acceptable use and consent to monitoring. I only dig into the logs if there is a problem, the IDS flagged something, or an accusation is made. Sometimes the logs prove innocence, btw.

  • by KibibyteBrain (1455987) on Saturday April 18, 2009 @07:02PM (#27631095)
    Part of the problem with this sort of thing is, with no policy, where do reasonable expectations of privacy for using someone's pipe they've offered you access to begin and end? In general, with no privacy policy, there is no expectation of privacy, unfortunately.
  • or the feds snooping, i am really frankly surprised

    you actually want to depend upon the federal government for your security?

    you want to depend upon some school, some cable company, some phone company not to snoop on you?

    whenever i'm encountered by this strange slashdot groupthink, i really have only one thing to offer: if you put it on a wire, if its outside your control, then the security or privacy of whatever you are doing is nothing you should count on

    the outrage seems artifical, contrived, illogical, exasperating

    if you want security, if you want privacy DON'T PUT IT ON A WIRE OUTSIDE YOUR CONTROL

    beginning and ending of discussion

    as if you actually want ot TRUST some other entity to do your security work for you?

    hey, how about this: YOU are responsible for your security

    you, and you alone

    is my pov really that strange?

    it seems odd anyone should consider it any other way

  • by sunami (751539) on Saturday April 18, 2009 @07:22PM (#27631263)

    The University provides Network access to the students. You do not provide him access to his car. Pick a better metaphor.

  • by Man On Pink Corner (1089867) on Saturday April 18, 2009 @07:30PM (#27631345)

    hey, how about this: YOU are responsible for your security
    you, and you alone

    Except where private ownership of firearms is concerned, though, right?

    At least that's the impression I've gotten from your last 5 years' worth of posts on K5.

  • by Decado (207907) on Saturday April 18, 2009 @07:47PM (#27631481)

    Seriously, they keep the records for 3 days for most traffic and 30 days for anomolous traffic which might indicate a threat to the network. Most networks I have seen keep data for far longer just because nobody ever bothers to clean out the logs.

    The fact that they have a policy for cleaning the logs puts them streets ahead of the most network admins and yet they are being portrayed as the bad guys here.

    Storm in a teacup if I have ever seen one.

  • by Anonymous Coward on Saturday April 18, 2009 @07:49PM (#27631497)

    ...when you are going to finsh that fucking movie.

  • by phantomfive (622387) on Saturday April 18, 2009 @08:52PM (#27631927) Journal
    In other words you are afraid of people with guns. I once got punched in the face, standing at a bus stop. It was terrifying. And yet I don't go around asking that all fists be taken off the streets.

    The world we live in is a dangerous place. I could have just as easily been stabbed, or pushed in front of a train. The sooner you learn to deal with the inherent dangerousness of life, the happier you will be.
  • by fluffy99 (870997) on Saturday April 18, 2009 @09:22PM (#27632127)
    Except we have governments actively trying to thwart the notion of privacy with calls like "think of the children" and the "war on terror". We've had data retention laws, illict wiretapping, internet traffic monitoring, etc. Do you honestly think that if someone comes up with a magic solution that the govt won't label it a security threat and somehow ban its use? Or automatically assume it's use involves illegal activities? We already see that with bittorrent.
  • What? Stop with the stupid card analogies. They don't apply here. Let's come up with a better analogy.

    It's like... a service provider. Who provides a service. And that service provider monitors the health and usage of their service. And if you don't use their service, it doesn't affect you; while if you do use it, it does.

    There. Was that so hard?

  • by rtb61 (674572) on Saturday April 18, 2009 @09:31PM (#27632193) Homepage

    What is much more interesting about this article, is not so much what MIT are doing with regard to typical network function monitoring, rather than data recording and individually targeted analysis, it is the way people are reacting. There has been a major shift in the general public view of digital privacy and the wild wild west days of invading the privacy of people, psychologically analysing them and personally targeting them with adds to manipulate their choices, is no longer considered acceptable.

    So a real push to regaining the privacy of your digital connections, even minor perceived invasions of privacy are now being publicly exposed, derided and demands are being made to eliminate them. Emails as postcards really distasteful and way over the top, privacy invasive social networking sites only use them to create a publicly acceptable facade not for your private life, search recoding and analysis pretty sick and reaching end of acceptable life, complete network monitoring and interpretive analysis over the long term without full legal oversight via the courts will only create a very very angry populace.

    It has been really interesting to watch the various changes in a developing industry, things that were once accepted are now considered unacceptable and, some peripheral lessons learned about necessary legislation to control the excesses of avaricious egomaniacal corporate executives will be taken from the financial sector and forcefully applied to the digital sector, expecting some sort of moral limits from corporations is really naive and demonstrably foolish.

  • hile it's wrong that they store the data without telling the users, and while users should have better expectations of privacy, you have to look at this in context

    No, back up. Why is it wrong? THey own the network. They are responsible for the health and maintenance of that network; and further they are responsible for the things people /do/ on that network to some extent.

    I agree with looking at this in context/with perspective, but I don't see how what they're doing is in any way wrong.

  • by Bobby Mahoney (1005759) on Saturday April 18, 2009 @10:16PM (#27632505)
    Please, enough with your right to live, and your childish fear of guns. Cars kill more people than guns adjusted any way you like. One percent of one percent of deaths are gun related. How is this a credible threat to your "right to live"? The only answer is "It is not", contrary to what movies, television, and govt.'dependency-mongers' would have you believe.

    And fascists don't come out of the 'right-wing-small-government-yokel-in-the-woods' fray. It requires a Socialist leader (Hitler, Mussolini) to create a fascist state: You have to tie industry and finance to the government under the guise of rescuing or improving the plight of the working class. Hey, wait a minute!-

  • Three days... (Score:5, Insightful)

    by Chris Snook (872473) on Saturday April 18, 2009 @11:36PM (#27633053)

    ...is just enough time to figure out:

    a) where the bomb threat came from.
    b) which building the suicidal student needs to get talked down from.
    c) who impersonated the professor to cancel an assignment.
    d) how a lab router ended up sniffing for passwords.

    All of these things happened while I was in campus IT, but I never heard about an RIAA/MPAA complaint about something that happened less than two weeks prior, so this really doesn't look like undue outside influence to invade student privacy. It's just responsible network management.

  • by Anonymous Coward on Sunday April 19, 2009 @12:57AM (#27633599)

    More to the point, if I were in a position to obtain a stash of plutonium, I don't think I'd be very concerned with whatever plutonium-control laws the rest of society might see fit to pass.

    I would be no more interested in plutonium-control laws, than criminals are interested in gun-control laws.

  • by Grym (725290) * on Sunday April 19, 2009 @03:31AM (#27634277)

    The more guns there are in a society the more intentional homicides, be it Somalia, USA, or Switzerland (three of the countries with the highest rates of gun violence and homicide anywhere in the world).

    So, what's your solution then? A gun prohibition [wfu.edu]? I suspect that will work about as well as Alcohol Prohibition or the "War on Drugs", which is to say not at all.

    The current arrangement in no way perfect. But there's no way to prove that a divisive campaign to rid the public of its arms wouldn't be worse. And even IF there are less bodies in the end, at some point one needs to consider how the people live rather than how many die. Being servants of the state or victims of the largest, meanest group aren't exactly desirable outcomes. And what about the will of the people? If the majority of voters see a place for firearms in private hands, why should they be denied that in a Democratic country? Because you know better? For their own good? Such is the mindset of an oligarch [wikipedia.org], an authoritarian [wikipedia.org].

    -Grym

Save the whales. Collect the whole set.

Working...