UNC Requiring Any Student Who Wants To Use File Sharing Software To Apply For A 'Hall Pass'
from the say-what-now? dept
Apparently UNC’s method of dealing with constant complaints from the entertainment industry about students file-sharing is to throw the baby out with the bathwater. It’s blocking network access to any computer which they discover has file sharing software on it. It’s unclear from the article just how UNC is detecting file sharing software, though that would seem to raise some serious privacy questions. Also not explained in the article is what qualifies as “file sharing software.” After all, an FTP app, email, instant messaging and a browser could all be considered “file sharing” apps. Either way, if UNC discovers you have file sharing software that’s on its “evil” list, you get a message that pops up in your browser saying:
?UNC-CHAPEL HILL IS BLOCKING FILE-SHARING THROUGHOUT STUDENT HOUSING.?
Students then are told to remove such offending software or they won’t be able to access the internet.
Of course, since there do remain legitimate reasons for using file sharing software, students can apply for a “Hall Pass,” that will let them use the software after they “learn what does and does not violate copyright law.” One hopes that the lesson plan required is reasonable, though such programs rarely are all that accurate.
I understand why UNC is doing this, but I still find it worrisome. These are technologies that rapidly evolve. What may seem “evil” today may not be in the near future. Blocking your students from using them, except after they jump through a bunch of hoops — each with a giant warning on them — chills the willingness of students to actually look at certain new and important innovations that can be built on top of the older things. Requiring people to go ask permission to go use one of the fundamental features of the internet is likely to be quite frustrating for students who have perfectly legitimate reasons to use such networks.
Separately, I will note with a bit of pride that the same article quotes someone from my alma mater saying that Cornell would never implement such a system:
Ms. Mitrano said. Engineering and science-heavy institutions would have a hard time, for instance, because those fields often require a lot of file-sharing. Cornell, she says, wouldn?t do it because it would violate a student code that emphasizes ?freedom with responsibility.?
Nice to see them going against this kind of snooping/cutoff setup.
Filed Under: file sharing, hall pass, unc
Comments on “UNC Requiring Any Student Who Wants To Use File Sharing Software To Apply For A 'Hall Pass'”
Really, Really stupid
All I can see this does is involve them in the process just enough to make them liable when a student does download something protected by copyright. Like if they just stayed hands off, they’d be fine. I work for a school, we get a million entertainment industry letters a year, we just forward them to the students and wash our hands of it.
Since we don’t claim to do anything to stop infringement, we don’t have to bend over backwards trying, and then we aren’t on the hook when something that is clearly impossible, fails.
If I was a student there, I’d be looking at mobile broadband plans, because I’m pretty damn sure there’s no way of finding out what software is installed on their computers without using spyware.
Re: Re:
you can tell that its installed on their computer because they plug into a managed switch, that gives you the MAC, and then you see P2P traffic from that IP. Its not hard, the only hard part is proving that you removed it as opposed to just stopped using it.
Re: Re: Re:
So… do the students get in trouble for using a VPN or TOR or SSH tunneling or any of the myriad other techniques for subverting such monitoring??
Re: Re: Re: Re:
No one gets in trouble at my campus. If our security team notices someone downloading something copyrighted on bit torrent, unencrypted, they will kill the connection, but thats for Bandwidth reasons, not anything else
Re: Re: Re:
you can tell that its installed on their computer because they plug into a managed switch, that gives you the MAC, and then you see P2P traffic from that
IP. Its not hard, the only hard part is proving that you removed it as opposed to just stopped using it.
Even more, it’s possible to run file sharing software on a computer without leaving a fingerprint in the operating system.
Under Windows you could run a portable instance of utorrent from a thumb drive having all outbound trafick going through a SSH tunnel.
Even if the institution has a policy of blocking all but web trafic, file sharing will always be possible as long as you can tunnel over port 80 or port 443.
Re: Re:
Hmmm…packet analysis(aka deep packet inspection) can confirm show what program is sending what with 99.9% certainty if not encrypted, Bittorrent for example has an unique handshake when it is connecting to others peers, one can see the fingerprint of that even in encrypted channels, people may not be able to see what it is but they know it is a bittorrent client because there is no other signatures that make that exact same pattern of requests.
Re: Re: Re:
All they’ll see is me connecting to a socks proxy.
Re: Re: Re: Re:
If it is just encrypted they still get the fingerprints because those are based on timing of the packets not what is inside them, so unless you also mask the traffic and timings of packets they will see what you are using and it is incredible accurate, that is why every anonymous network today deploys countermeasures for that, even the US Army do the same thing.
Re: NO! It is called management software
I work for a major university. Sorry, but it isn’t called spyware, but management software (Microsoft makes such a product). One of the features of this management software is to easily report what is installed on a persons computer. This type software and use has been used for more than a decade.
Why does a company or university use it? To make sure nothing is installed on the computer that will compromise the very network your computer is using. That isn’t the only use, but one of the many uses of this type of software. Why does a university or company want to limit the use of file sharing programs? It can be an attack vector and many consider it a security issue running on a network. Students seems to forget that the network they share with the rest of the community is used for many important things beside downloading software. It is important to make sure the network bandwidth isn’t clogged with hundreds of PC’s downloading movies or TV shows.
Re: Re: NO! It is called management software
“Why does a company or university use it? To make sure nothing is installed on the computer that will compromise the very network your computer is using.“
That’s a particularly ironic statement, given the preceding:
“Microsoft makes such a product“.
Even if we generously — VERY generously — overlook the fact that Microsoft Windows CANNOT be secured in production environments even by its maker — then I am certain that the users of such software are making fundamental errors. For example: do they permit IE? That’s most certainly a highly dangerous piece of software that has a long and sordid history involving network compromise. How about Outlook, another exceedingly-dangerous, extremely-buggy program that nobody should ever use? And what about Acrobat, which is another hideously awful piece of software?
My point being: the incompetent fools using this kind of “management software” haven’t got the slightest idea what is and isn’t a threat to their network environment. They lack fundamental clues about the basics of contemporary security practice. (Heck, they probably still use anti-virus software and expect it to work.) So let’s not pretend that this has anything to do with sound network operations practice…because sound network operations practice in the kind of environments we’re discussing here would presume that all end-user-controlled systems are already compromised and defend accordingly.
Re: Re: Re: NO! It is called management software
If you don’t think Windows can be secured then you aren’t very smart.
Re: Re: Re:2 NO! It is called management software
If you think any operating system can be absolutely secured then you really don’t have a clue.
Re: Re: Re:3 NO! It is called management software
Define absolute security, if you mean ‘cant be hacked without user intervention’ which is usually the litmus test for security, then windows without an active browser is pretty damn secure. If you think otherwise then bring me evidence of windows being hacked without deliberate security holes being introduced.
Re: Re: NO! It is called management software
Disclosure: I am an IT professional and use various types of management software. If I were a student at UNC I would be appalled. Management software is used primarily to keep corporate workstations and laptops in line with licensing and to have a trail if/when an audit occurs. Forcing students to put it on their personal machines in order to access the network is quite disturbing.
YOU may not call it spyware, but isn’t it mimicking the behavior of actual spyware just a bit? How is it any different if a student clicks through a bogus “anti-virus” EULA than if they do the same thing to install this “legitimate” software because they’re told they need it in order to access the world? Internet access (especially in college) is no longer a luxury and the administrators for this campus have crossed the line with this.
Whether you want to admit it or not, management software can also be a vector for remote intrusion. With the right password and/or private key it essentially throws open a user’s entire system to the bad guys.
I will admit that file sharing can lead to virus and malware infestation. However, so do Flash banner ads and insufficiently secured ad networks. The last two virus outbreaks we had here were caused simply by navigating to msn.com.
Finally…bandwidth. If a major university cannot afford the equipment and training for traffic shaping during peak hours of use, they have no business offering the service. Without question the best internet service I’ve had has been at the major universities that I’ve attended. Most have the infrastructure to handle every student streaming / torrenting at the same time (at least in my experience).
Re: Re: Re: NO! It is called management software
You forgot to add that most management software gives the admin read/write access to every file on the computer.
cornell
Glad to hear this:
2Ms. Mitrano said. Engineering and science-heavy institutions would have a hard time, for instance, because those fields often require a lot of file-sharing. Cornell, she says, wouldn?t do it because it would violate a student code that emphasizes ?freedom with responsibility.?
Re: cornell
Academic staf could make this null by setting a coursework that requires the use of such s/w.
So… an incentive for an enterprising student to create an app that masks P2P software/traffic from whatever snooping they use? Or, hundreds of students having their education impeded by their own university?
Introductions
UNC meet waste http://waste.sourceforge.net/ and btguard.com
fellas, meet UNC … play nicely now you hear
Re: Introductions
http://wasteagain.sourceforge.net/
Is that another fork of the defunct waste?
Re: Re: Introductions
Is waste defunct? I just remember using it on my college campus after IT shut down our dc++ server and we wanted something they couldn’t find. It worked great until I graduated.
I haven’t ever heard of btguard before I typed this post, but they are a bittorrent proxy that also encrypts your traffic for you so that you can’t be throttled or caught (costs money though)
Re: Re: Re: Introductions
Or just use a private, encrypted tracker, but if you have an admin actually looking at traffic on a modern dpi firewall, just because they cant see what it is exactly, they can see 40 odd constant encrypted IP streams going to a single IP. My mom could then tell what that was…
Re: Re: Re: Introductions
I haven’t ever heard of btguard before I typed this post, but they are a bittorrent proxy that also encrypts your traffic for you so that you can’t be
throttled or caught (costs money though)
BTguard is not very reliable and is expensive.
Rather try superchargemytorrent.com and vpntunnel.se.
Re: Introductions
http://www.eepsite.com/ (Create anonymous websites inside i2P)
http://www.i2p2.de/
http://freenetproject.org/
http://anonymous-p2p.org/programs.html
HEOA
To be fair to the school, The Higher Education Opportunity Act of 2008 (I think that’s the one) contains provisions that require campuses to police their networks for piracy or risk losing funding (read: federal scholarship money). The language of the law is a bit vague, so schools are free to go about it in whatever way they deem appropriate enough to be considered a good faith effort. A lot of schools don’t really do much it seems, but UNC may just be trying to comply with a bad law, especially if they have been in hot water with the internet cops before.
Going to be funny the next time Blizzard releases a big patch for WoW. Gonna have a bunch of students suddenly blocked from their network because Blizz used Bittorrent to distribute the patches.
How ironic...
…given UNC’s seminal role in starting Usenet, still the world’s most successful experiment in mass online communication. Usenet is built around the concept that a message (usually encapsulated in a single file) is shared across many news servers via a flood-propagation algorithm. (Thus, were propagation delays all zero, every news server would hold the same content as every one. Of course propagation delays aren’t all zero — not even close — and further, individual site choices in news server configuration result in additional content differences. But as a first-order approximation, it can be thought of as a replication engine.)
Have the TechDirt staff been taking stupid pills lately? I don’t think anybody calls e-mail “file sharing software”. I think we know what sort of applications this university are talking about. Torrent clients and the like.
It’s also not a bad thing to get people to learn about copyright, what is or isn’t infringement. Isn’t that part of what you guys try to do here. Make people aware?
Re: Re:
Apparently you don’t know how to attach files to an email. Almost all (very few exceptions in the last several years) software that enables communication between users can (and for some purposes is) considered file sharing software.
Re: Re:
Okay, you tell us what is and isn’t infringement. I’m guessing that you can’t, since it generally takes a court to do so.
Re: Re:
You’re missing what’s actually being said. The point is that the term “file sharing software” is left undefined in the rules. Since it’s undefined, the term could be applied to anything that is capable of sharing files. This includes email.
This is often one of the ongoing problems. Define something too narrowly (e.g. just specify torrents) and it’s easy to bypass (e.g. people just switch to binary usenet or encrypted P2P, which aren’t covered by the rules). Specify too vaguely – as has happened here – and a lot of otherwise legitimate avenues can be blocked.
“It’s also not a bad thing to get people to learn about copyright, what is or isn’t infringement.”
File sharing is not infringement. Forcing people to apply for a licence to use legitimate software for legitimate uses is not “education”. In fact, if any education takes place when getting the “hall pass”, I’d bet it would be the same misleading, inaccurate and easily disprove misinformation the **AAs trot out on a regular basis, not the truth.
RE: learning?
this is an institute of “higher” Learning, what does this teach exactly?
don’t trust the “feds”
or
“Do as you are told”……
Solution?
So four guys rent an off-campus apartment or house and split the cost of their own connection. From some of the numbers I’ve seen, it’s cheaper to stay in a Holliday Inn than the school dorm. The school policy is probably good training for post graduate employment since most employers would be every bit as unpleasant about internet use as the school seems to be.
Re: Solution?
I’ll disagree with the training part. The post is referring to personal computers in the dorm rooms. Would you let your employer tell you what sort of software to use on your computer while not at work?
University of Alabama in Huntsville
Here at UAH the university uses the Cisco Clean Access Software. Every windows computer must have it installed.
This software scans the computer for AV products to determine if they should be allowed on the internet. Sadly, the only AV software it consistently recognizes is McAfee. So not only does it fail at its intended purpose, but removes whatever protection you might have had.
Whats worse is that allows the university full access to our computers, even though no one there is smart enough to use it for such a task.
Now, back to the topic at hand.
Back when Kazaa and LimeWire where big they would ban your computer from the network if they detected you using them. The only way to get back on was to turn your computer over to them so they could rifle through your hard drive and delete the software.
It is draconian, but I guess they have no choice when they spent all this money on monitoring equipment and not on bandwidth. The fastest download speed I ever saw for a student, either via wireless or from the dorms, was around 256KB.
Re: University of Alabama in Huntsville
Err… 256KB is 2Mbps, so standard low-end cable. Not too shabby, really. You want faster, get an apartment and pay for it.
Re: Re: University of Alabama in Huntsville
Actually…. 256kbps is 0.25mbps… But thanks for playing!
Re: Re: Re: University of Alabama in Huntsville
But 256 KB/s which he actually said is 2mbit/s, so take your ball and go home 😉
University of Alabama in Huntsville
The university requires management software on all student computers that run Windows. If you don’t have it running you can not connect to the network.
As far as training goes, I was talking about how incompetent our IT department is.
I meant 256Kbps. My bad.
It’s so bad that Knology makes good money selling cable internet to people who live in the dorms.
Re: University of Alabama in Huntsville
This is draconian and evil. I’m a senior admin at a university and we provide free WiFi for our students across campus to connect with whatever device they want. We don’t require anything but their central login ID to connect. I guess that’s why were highly rated, because we’re actually in the business of preparing our students for the future.
“Also not explained in the article is what qualifies as “file sharing software.” After all, an FTP app, email, instant messaging and a browser could all be considered “file sharing” apps.”
Applications share files, that’s how computers work.
I suppose some people who would like to define “file sharing” as something other than sharing files, but that is rather silly.
A hall pass for WoW?
‘Cause Blizzard updates it’s games via torrents, this is gonna cut into World of Warcraft…
It will only push them further underground.
“Cornell, she says, wouldn?t do it because it would violate a student code that emphasizes ?freedom with responsibility.?
Call me crazy, but isnt Cornell completely wrong on this? Instead of blocking the software, they allow students to run it after they agreed to use it appropriately. Last I checked, that means they have freedom (to run the software) and were responsible for it being run properly.
If they were like a lot of other institutions, students wouldnt be allowed to run it at all.
Is it wrong to make someone get a license to drive? Is it wrong to require a student to know the consequences of their file sharing before they can share?
Cornell is the one looking foolish on this one.
Re: Re:
Please turn off your computer immediately. You have not gone through your mandatory “Computer Usage” seminar, received your computer license, or learned the consequences of your computer use before you used one.
Yeah yeah yeah. This is awful and all, but it’s called “swapping a CD-R with your friend in the frat house next door to yours”. Keep circulating the tapes, everybody.