MIT Tracking Campus Net Connections Since 1999 125
An anonymous reader writes "MIT has been monitoring student internet connections for the past decade without telling them. There is no official policy and no student input." The Tech article says, though, that the record keeping is fairly limited in its scope (connection information is collected, but not the data transferred) and duration (three days, for on-campus connections).
What school doesn't? (Score:2, Insightful)
At our university, the lawyers would have a fit if we weren't.
Routine monitoring nothing to worry about (Score:5, Insightful)
I'd be very surprised to find a college or ISP that didn't monitor their network in this fashion. Looks like maybe they are keeping DHCP, transparent proxy, and network statistics. Plus they are doing intrusion detection and looking for malicious activity. The good news is that they are not keeping these records long term, but only for a reasonable amount of time. If they are having a problem or suspicious activity then they probably keep it longer. Face it, your internet activities are NOT anonymous no matter how much you'd like it pretend that it is.
I can see the argument that you could in theory back out the web surfing history of a particular mac address.
These are things any self-respecting network should be doing. The issue here is students not realizing that some monitoring and logging is done. I'm willing to bet that consent to monitoring is referenced in an agreement that the students signed, but that the details of the monitoring are not spelled out.
At my work, users sign agreements on acceptable use and consent to monitoring. I only dig into the logs if there is a problem, the IDS flagged something, or an accusation is made. Sometimes the logs prove innocence, btw.
The problems of not having a policy... (Score:3, Insightful)
whenever we have a story about data retention (Score:5, Insightful)
or the feds snooping, i am really frankly surprised
you actually want to depend upon the federal government for your security?
you want to depend upon some school, some cable company, some phone company not to snoop on you?
whenever i'm encountered by this strange slashdot groupthink, i really have only one thing to offer: if you put it on a wire, if its outside your control, then the security or privacy of whatever you are doing is nothing you should count on
the outrage seems artifical, contrived, illogical, exasperating
if you want security, if you want privacy DON'T PUT IT ON A WIRE OUTSIDE YOUR CONTROL
beginning and ending of discussion
as if you actually want ot TRUST some other entity to do your security work for you?
hey, how about this: YOU are responsible for your security
you, and you alone
is my pov really that strange?
it seems odd anyone should consider it any other way
Re:so its ok i put a camera in your car? (Score:5, Insightful)
The University provides Network access to the students. You do not provide him access to his car. Pick a better metaphor.
Re:whenever we have a story about data retention (Score:3, Insightful)
hey, how about this: YOU are responsible for your security
you, and you alone
Except where private ownership of firearms is concerned, though, right?
At least that's the impression I've gotten from your last 5 years' worth of posts on K5.
Misleading Headline (Score:5, Insightful)
Seriously, they keep the records for 3 days for most traffic and 30 days for anomolous traffic which might indicate a threat to the network. Most networks I have seen keep data for far longer just because nobody ever bothers to clean out the logs.
The fact that they have a policy for cleaning the logs puts them streets ahead of the most network admins and yet they are being portrayed as the bad guys here.
Storm in a teacup if I have ever seen one.
I think we need to start tracking... (Score:1, Insightful)
...when you are going to finsh that fucking movie.
Re:private ownership of firearms (Score:5, Insightful)
The world we live in is a dangerous place. I could have just as easily been stabbed, or pushed in front of a train. The sooner you learn to deal with the inherent dangerousness of life, the happier you will be.
Re:Routine monitoring nothing to worry about (Score:3, Insightful)
Re:so its ok i put a camera in your car? (Score:2, Insightful)
What? Stop with the stupid card analogies. They don't apply here. Let's come up with a better analogy.
It's like... a service provider. Who provides a service. And that service provider monitors the health and usage of their service. And if you don't use their service, it doesn't affect you; while if you do use it, it does.
There. Was that so hard?
Re:3 articles down, California takes DNA on arrest (Score:3, Insightful)
What is much more interesting about this article, is not so much what MIT are doing with regard to typical network function monitoring, rather than data recording and individually targeted analysis, it is the way people are reacting. There has been a major shift in the general public view of digital privacy and the wild wild west days of invading the privacy of people, psychologically analysing them and personally targeting them with adds to manipulate their choices, is no longer considered acceptable.
So a real push to regaining the privacy of your digital connections, even minor perceived invasions of privacy are now being publicly exposed, derided and demands are being made to eliminate them. Emails as postcards really distasteful and way over the top, privacy invasive social networking sites only use them to create a publicly acceptable facade not for your private life, search recoding and analysis pretty sick and reaching end of acceptable life, complete network monitoring and interpretive analysis over the long term without full legal oversight via the courts will only create a very very angry populace.
It has been really interesting to watch the various changes in a developing industry, things that were once accepted are now considered unacceptable and, some peripheral lessons learned about necessary legislation to control the excesses of avaricious egomaniacal corporate executives will be taken from the financial sector and forcefully applied to the digital sector, expecting some sort of moral limits from corporations is really naive and demonstrably foolish.
Re:3 articles down, California takes DNA on arrest (Score:3, Insightful)
hile it's wrong that they store the data without telling the users, and while users should have better expectations of privacy, you have to look at this in context
No, back up. Why is it wrong? THey own the network. They are responsible for the health and maintenance of that network; and further they are responsible for the things people /do/ on that network to some extent.
I agree with looking at this in context/with perspective, but I don't see how what they're doing is in any way wrong.
Re:private ownership of firearms (Score:2, Insightful)
And fascists don't come out of the 'right-wing-small-government-yokel-in-the-woods' fray. It requires a Socialist leader (Hitler, Mussolini) to create a fascist state: You have to tie industry and finance to the government under the guise of rescuing or improving the plight of the working class. Hey, wait a minute!-
Three days... (Score:5, Insightful)
...is just enough time to figure out:
a) where the bomb threat came from.
b) which building the suicidal student needs to get talked down from.
c) who impersonated the professor to cancel an assignment.
d) how a lab router ended up sniffing for passwords.
All of these things happened while I was in campus IT, but I never heard about an RIAA/MPAA complaint about something that happened less than two weeks prior, so this really doesn't look like undue outside influence to invade student privacy. It's just responsible network management.
Re:hey lets give everyone plutonium (Score:2, Insightful)
More to the point, if I were in a position to obtain a stash of plutonium, I don't think I'd be very concerned with whatever plutonium-control laws the rest of society might see fit to pass.
I would be no more interested in plutonium-control laws, than criminals are interested in gun-control laws.
Re:private ownership of firearms (Score:3, Insightful)
So, what's your solution then? A gun prohibition [wfu.edu]? I suspect that will work about as well as Alcohol Prohibition or the "War on Drugs", which is to say not at all.
The current arrangement in no way perfect. But there's no way to prove that a divisive campaign to rid the public of its arms wouldn't be worse. And even IF there are less bodies in the end, at some point one needs to consider how the people live rather than how many die. Being servants of the state or victims of the largest, meanest group aren't exactly desirable outcomes. And what about the will of the people? If the majority of voters see a place for firearms in private hands, why should they be denied that in a Democratic country? Because you know better? For their own good? Such is the mindset of an oligarch [wikipedia.org], an authoritarian [wikipedia.org].
-Grym