Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

University Professor Chastised For Using Tor

kdawson posted more than 7 years ago | from the control-freaks-ascendent dept.

Security 623

Irongeek_ADC writes with a first-person account from the The Chronicle of Higher Education by a university professor who was asked to stop using Tor. University IT and campus security staffers came knocking on Paul Cesarini's door asking why he was using the anonymizing network. They requested that he stop and also that he not teach his students about it. The visitors said it was likely against university policy (a policy they probably were not aware that Cesarini had helped to draft). The professor seems genuinely to appreciate the problems that a campus IT department faces; but in the end he took a stand for academic freedom.

cancel ×

623 comments

Sorry! There are no comments related to the filter you selected.

Bravo (5, Insightful)

QuantumG (50515) | more than 7 years ago | (#17940142)

Good to see some university professors still have integrity.

Re:Bravo (5, Insightful)

Maxo-Texas (864189) | more than 7 years ago | (#17940166)

I wish I had "tenure" at my day to day job.

Re:Bravo (5, Informative)

Anonymous Coward | more than 7 years ago | (#17940276)

He is an assistant professor. He is unlikely to have tenure.

Re:Bravo (4, Insightful)

Maxo-Texas (864189) | more than 7 years ago | (#17940344)

Even executing my "academic freedom" would result in instant unemployment in the private sector. That severely constrains my interest in executing it since my health care bills would be $300 a month easily for blood pressure and cholesterol medicine alone.

I applaud his efforts. And I chose not to work in academia so it's my responsibility that he has privileges that I do not.

Re:Bravo (4, Insightful)

Anonymous Coward | more than 7 years ago | (#17940426)

Even executing my "academic freedom" would result in instant unemployment in the private sector. That severely constrains my interest in executing it since my health care bills would be $300 a month easily for blood pressure and cholesterol medicine alone.

That's why the Government should be providing health insurance, and limiting the price of medication, like in every other first-world country.

Re:Bravo (-1, Troll)

TheGavster (774657) | more than 7 years ago | (#17940680)

So, what you're saying is that rather than work and have a portion of my pay go to supporting everyone else at my company's medical problems, I should have to work and give a portion of my pay to supporting the medical problems of every jobless waif in the damned country? No thanks.

Re:Bravo (5, Insightful)

miskatonic alumnus (668722) | more than 7 years ago | (#17940806)

Right on. Why should I have to pay for a police force, judges, politicians, schools, military, highways, or anything else the public uses? I can educate my own kids, do some gardening, walk to town, and take care of myself.

Re:Bravo (4, Insightful)

Maxo-Texas (864189) | more than 7 years ago | (#17940836)

Not sure how you got that out of what I said.

What I was saying is that I face large bills if I lose my insurance so I do not feel free to "fight the man".

Answering your question however:

1) Every american should be able to pay the negotiated rate for items. If all blue cross pays the hospital is $1,375 for a gall bladder operation- why should an uninsured person have to pay $18,325 for the same exact operation? If you can show that the hospital is charging anyone a certain price, you should be able to pay that same price for the same service.

2) Every american should have basic (and I do mean *BASIC*) health care covered socially. This includes random things like broken legs and car wreck injuries and not things like chemo therapy (and I say that as a cancer survivor). The larger the pool, the lower the costs. Right now, cherry picking is getting so extreme that you can't get insurance unless you are well. If I were grand high poohbah, I would set this at $1,000 * the minimum wage with a 20% co-pay but 0% on annual physicals. Everything over $1,000 would be your cost. If you used no benefits except the free physicals, I'd give you back 5% ($350) as a tax credit.

Why I say this is that we are competing against countries where this is true and it puts our companies at a competative disadvantage.

Re:Bravo (2, Insightful)

MightyYar (622222) | more than 7 years ago | (#17940784)

Yes, because two things that government is known for are low costs and high quality.

Re:Bravo (4, Insightful)

ceoyoyo (59147) | more than 7 years ago | (#17940810)

Your job is to go to work and perform some task for the company that hired you. HIS job is to know about things like Tor, think about what they mean, and educate his students. See the difference? Knowing about Tor is part of his job.

Re:Bravo (2, Insightful)

Synic (14430) | more than 7 years ago | (#17940278)

You aren't preparing the youth of the country for their future lives either, though, are you? ;)

Re:Bravo (-1, Troll)

stratjakt (596332) | more than 7 years ago | (#17940316)

The guy says he infrequently uses tor. I wonder what he would use it for - if it was anonymity paranoia, he'd use it all the time.

It's useless for anything but light web browsing, so it's not like he's downloading MPAA movies on torrents with it.

I guess he uses it for child porn like everybody else.

I too wish I had 'tenure' and could get all indignant and talk about some goofball "right" to do whatever I want when I'm a guest on someone elses (my employers) network.

Re:Bravo (5, Informative)

javelinco (652113) | more than 7 years ago | (#17940372)

FYI (from TFA): My reason for downloading and installing the Tor plug-in was actually simple: I'd read about it for some time, was planning to discuss it in two courses I teach, and figured I should have some experience using it before I described it to my students. The courses in question both deal with controlling technology, diffusing it throughout society, and freedom and censorship online. When I cover online censorship in countries with no free press, I focus on how those countries rely on hardware, software, and phalanxes of people to make sure citizens can reach only government-approved media. Crackdowns on independent journalists, bloggers, and related dissidents all too often result in their being beaten, incarcerated, or worse. Technologies like Tor represent a beacon of freedom to people in those countries, and I would be doing my students a disservice if I didn't mention it.

Just to expand on that (3, Insightful)

benhocking (724439) | more than 7 years ago | (#17940672)

He likely has several students in his class from countries, such as China, that have such censorship. If he can reach out to a few of these and give them the tools to combat that censorship, then he will have helped them make a difference when they return to China, if they are so inclined.

Re:Just to expand on that (1)

cp.tar (871488) | more than 7 years ago | (#17940848)

<paranoia>But what if they learn how to detect Tor users and CRUSH them like BUGS!!1one</paranoia>

Seriously, why should he not teach about it?

Re:Bravo (-1, Troll)

megaditto (982598) | more than 7 years ago | (#17940858)

Technologies like Tor represent a beacon of freedom to people in those countries
Translation:

The "professor" probably wants a good excuse for when he gets caught looking at kiddie porn or selling technology to Iran:

"But it's not me, it's someone using my connection over Tor"

Re:Bravo (4, Insightful)

QuantumG (50515) | more than 7 years ago | (#17940452)

I think maybe there's something you're overlooking: a university is not a business. I know that folks in the US might be shocked to hear me say this.. after all, universities are run as if they are businesses, and typically in a more cutthroat fashion than regular businesses, but how many businesses do you know, outside the aviation industry, that receive regular funding from the government? The university network belongs to the people and, although that doesn't give people the right to do whatever they want on the network, it does mean that university IT has a responsibility to ensure civil liberties are not trampled. If they don't like that, then they shouldn't have taken government funding.

Re:Bravo (1, Informative)

Anonymous Coward | more than 7 years ago | (#17940668)

but how many businesses do you know ... that receive regular funding from the government?

You're... kidding, right?

Have you even HEARD the term "Pork"? Bridges to nowhere? Hell, I'd consider the defense industry to be subsidized by the government.

Besides, with the government lately, it seems like the university by taking federal money would DISALLOW any sort of anonymizing things under the guise of "protecting the children" or some such.

Government funding (5, Insightful)

sjbe (173966) | more than 7 years ago | (#17940828)

how many businesses do you know, outside the aviation industry, that receive regular funding from the government?


Oil, farming, auto (roads), space (NASA), rail (AMTRAK), the defense industry, telecom, utilities, ... Do I need to go on? The government subsidizes most industries to some extent and some (defense and farming among others) to a very large extent. Sometimes it's grants, sometimes it's in the form of tax relief, sometimes its as a customer but the government funds a huge variety of industries.

Re:Bravo (5, Insightful)

neomunk (913773) | more than 7 years ago | (#17940638)

Child porn like everybody else?

Fuck you.

I have had tor installed for many moons now, and have a severe reaction to child porn (or any type of sexual abuse, especially of children) due to the fact that an overwhelming majority of women I've gotten close enough to to talk about such things have been molested at some point in their life.

How about people who use it just because the country they are in has an abusive civil rights regime, or because they don't trust their ISP to keep their browsing habits secret? (Maybe they REALLY like the old cartoon Gem and are embarrassed about it) Maybe, just maybe, the person thinks that they are under surveillance for legal activities (like planning anti-war demonstrations).

Forget all that, the only thing you need know about it is that it's none of your fucking business what these people are doing. The old "they wouldn't care if they aren't doing anything wrong" bit is so played out, so proven stupid, and so indicative of 'fucktardation' that if you hadn't sent a damn shiver down my spine by calling me a supporter of child porn I'd have completely ignored you.

I couldn't though. Idiots are only dangerous when allowed to say such misinformed and ignorant things and are not called on it.

P.S.

Fuck you once more for implying that I'm some type of child molester (even a passive one) you freedom hating punk.

Re:Bravo (-1, Troll)

Anonymous Coward | more than 7 years ago | (#17940776)

All you freenet and tor, and other 'share each others ip for anonymity' dudes, chew on this for a bit:

You may not be browsing child porn. BUT I GUARANTEE THAT SOMEONE IS BROWSING CHILD PORN USING YOUR IP IF YOU ARE SET UP AS A ROUTER ON TOR OR ARE USING FREENET. In that situation, you are enabling, and promoting child abuse.

Or, a cop could see a request for child porn spew out of tor, followed by your order for viagra that you were so ashamed about. Have fun talking your way out of that.

Re:Bravo (0, Troll)

evil_Tak (964978) | more than 7 years ago | (#17940856)

All you United States Postal Service dudes, chew on this for a bit.

You may not be sending or receiving child porn. BUT i GUARANTEE THAT SOMEONE IS SENDING OR RECEIVING CHILD PORN USING YOUR MAILBOX IF YOU ARE SET UP TO USE THE UNITED STATES POSTAL SERVICE. In this situation, you are enabling and promoting child abuse.

Or, a cop could see a request for child porn spew out of your mailbox, followed by your order for viagra that you were so ashamed about. Have fun talking your way out of that.

Re:Bravo (1)

daeg (828071) | more than 7 years ago | (#17940654)

Please cite where Tor is only used for child porn.

Re:Bravo (0)

Anonymous Coward | more than 7 years ago | (#17940802)

I'm using Tor right now. I'm reading your post. If Tor is just used for child porn, then your post must be child porn!

I hope you're happy, you sick pervert.

Re:Bravo (5, Insightful)

KerberosKing (801657) | more than 7 years ago | (#17940384)

The thing is, tenure is earned by outstanding scholarship over years of teaching and research. It is a long-standing tradition of university life. Further, it is crucial that we as a society have high-profile people that can question and critique the status-quo of governments, companies and other powerful groups without great fear of reprisals. Such protections are needed, else the relatively low pay and long hours of professors would hardly seem worth it when contrasted with executives and their exorbitant pay.

Re:Bravo (1)

QuantumG (50515) | more than 7 years ago | (#17940524)

Places like Sun Labs have something similar to tenure. In fact, Sun Labs runs a heck of a lot like a postgraduate university.

Re:Bravo (4, Insightful)

nomadic (141991) | more than 7 years ago | (#17940494)

I wish I had "tenure" at my day to day job.

This incident illustrates the precise reason tenure exists.

Act like you do. (1)

Some guy named Chris (9720) | more than 7 years ago | (#17940540)

At most places, if you act like you've got tenure, it's almost as good.

Re:Bravo (2, Informative)

Anonymous Coward | more than 7 years ago | (#17940628)

Nowhere in the article did it say he had tenure. Most professors do not have tenure. Many are adjuncts, which means if they cause problems, they are simply not hired again next semester. Most universities have policies about academic freedom (and tenure) because they don't want to turn into a place with group think. The private sector loves group think and towing the party line is the best way to climb the corporate ladder (until the whole ladder falls).

Re:Bravo (1)

Chikenistheman (992447) | more than 7 years ago | (#17940188)

Looks like we as IT professionals will have to tighten security in order to keep these "Free Thinkers" from spreading the word. **crack the overloards whip**

Re:Bravo (2, Insightful)

calice (570989) | more than 7 years ago | (#17940652)

I've never understood why people consider this kind of action by a university or other group to be so terrible. He is using the school's computer, in the school's building, with the school's internet connection. If the school sends someone to ask him not to do something specific with those things, then his reaction should be, "Oh, I'm sorry. I didn't realize. I'll stop now." The school has every right to do so. They also have the right to ask him not to cover the topic in the class. These are the people paying his salary, and if they don't want this going on, they can tell him to stop.

This isn't a major issue. It's not like the government is passing laws banning the use of the software for use in the US. That would be absolutely wrong. All he is standing up for is his right to be insubordinate to his superiors.

I believe we should be allowed to use the TOR software. But using it in my home, with my connection, on my computer (all of which _I_ paid for) is a completely different story than using it at work.

Re:Bravo (1)

QuantumG (50515) | more than 7 years ago | (#17940794)

He's a professor. Without professors, there is no university. With the possible exception of flooding the network so that it is unusable, he should be free to do anything he wants with the network.

All he is standing up for is his right to be insubordinate to his superiors.
No. He is the superior.. they are just punk kids, hired by the IT department, who think they have an open mandate.

eep (0)

Anonymous Coward | more than 7 years ago | (#17940230)

Maybe i ought to uninstall tor now
gods damn BGSU
always runing on office porn searching

ill prepared? (5, Insightful)

mhokie (988228) | more than 7 years ago | (#17940250)

"The visitors said it was likely against university policy"

Could they not be bothered with actually checking the policy since they were there to enforce it?

Re:ill prepared? (3, Insightful)

Anonymous Coward | more than 7 years ago | (#17940292)

big brother gets pissed off when they cant see everything your doing

Re:ill prepared? (2, Interesting)

crush (19364) | more than 7 years ago | (#17940792)

I guess the thing to do is to stop Tor spewing out the plaintext: "TOR 1.0 Proxy Connection Attempt" which any half-assed network admin could detect. Run wireshark [wireshark.org] and watch how Tor gives itself away. I suppose that they could then block people trying to get to known Tor entry nodes, but with enough of them then that becomes foolish.

Re:ill prepared? (0)

Anonymous Coward | more than 7 years ago | (#17940390)

"The visitors said it was likely against university policy"

Could they not be bothered with actually checking the policy since they were there to enforce it?


Because the policy is a little vague. Until the lawyers & judges have a go at it, some of the grey areas are not well-defined.

Re:ill prepared? (4, Insightful)

Selanit (192811) | more than 7 years ago | (#17940432)

"The visitors said it was likely against university policy" Could they not be bothered with actually checking the policy since they were there to enforce it?

In fact, they brought a printout of the policy to the meeting with the professor. The reason they weren't sure is that when the policy was written, Tor didn't exist yet. It might violate the policy, but they hadn't faced this kind of thing before, so they weren't certain.

Re:ill prepared? (5, Insightful)

Kadin2048 (468275) | more than 7 years ago | (#17940692)

Well, we can't say for sure now, because it's not like TFA included a copy of the relevant policy (although, if someone wanted to, they could probably figure out where the guy in the article works, and find the policy from there), but he admits that it's vaguely written, and was written back before Tor existed. So there are two immediate issues:

1) The policy may be so vague, as written, so as to make it unclear whether Tor is legitimate or not. For instance, it could simply have a blanket prohibition of doing things that are detrimental to the network, but not specify exactly what's prohibited and allowed. This is fairly common in most AUPs that I've read, particularly academic ones; rather than attempting to specifically outline what you can't do, they basically say "anything that's bad, don't do it." (Usually in a more verbose fashion, but that's the general idea.) Sometimes they're clear about who decides what is 'bad,' other times less so. It all depends on how bright a person wrote the policy.

2) The policy, as written, may actually prohibit Tor, but the faculty member, who said he was part of the committee that wrote the policy, believes that owing to the age of the policy and his knowledge of the writers intentions, that it was never intended to prohibit something like Tor. Thus, his usage, while technically in violation, he believes is OK because -- to put it bluntly -- he knows what behaviors the policy was supposed to prohibit better than the sysadmin does. (This seems like it could be a dangerous position for him to take, but I guess if you've got tenure, you might as well use it.)

Re:ill prepared? (0)

Anonymous Coward | more than 7 years ago | (#17940840)

As an IT professional working in private enterprise, as apposed to university or government, I can say that for the most part the average person in charge computer security has little understanding of their rules, and are for the most part no better than automatons.

In fact they are little more than glorified auditors, and change their rules on a whim. If even 1/10 their rules were followed there would be no way that businesses would work.

the ivory tower (-1)

stratjakt (596332) | more than 7 years ago | (#17940254)

He says himself

Widespread use of Tor could be a huge headache for network-security administrators, particularly in higher education. My university alone has more than 21,000 students. Imagine what would happen if even a tenth of them and a similar percentage of faculty and staff members started using Tor regularly. With all the spam scams, phishing scams, identity theft, and related criminal enterprises going on around the world -- many of which involve remotely hijacking university-owned computers -- we could approach technological anarchy on the campus.

So he knows that tor could effectivly ruin his universities network if everyone used it, but he's better and special. He has the RIGHT to use it, of course, nobody else should. It's a tool only for the gifted.

I'm not sure what the story is here, the right to use tor on someone elses network? Does he have that right? It's not his network. I've used tor at home, but completely understand I cant use it at work, and if during my university days, had it existed (maybe it did but whatever), and was told I couldnt use it, I'd just deal with that.

You don't need tor to browse the web anonymously - I dont see how anybody came to him because he was doing so - but they came because they saw it as a malicious app, giving and recieving connections from all sorts of shady IP's worldwide.

Re:the ivory tower (4, Insightful)

Anonymous Coward | more than 7 years ago | (#17940322)

I think the issue was not with his use of it but being told that he couldn't talk about it in his classes.

Re:the ivory tower (1)

calice (570989) | more than 7 years ago | (#17940722)

The school still has every right to direct what he teaches at thier institution. If they don't want him teaching that, he should stop. After all, he works for them. The fact that he is a professor does not eliminate the fact that he has a superior he is supposed to listen to. This isn't government censorship, this is simply a case of a man wanting to disobey his boss.

Re:the ivory tower (1)

Captain Splendid (673276) | more than 7 years ago | (#17940330)

Gee, maybe he's using it in order to get a better appreciation for the potential problems he himself talks about as opposed to wanting to leech warez anonymously? Come on, I'd understand giving him shit if he came across as your typical 'free speech' idiot, but he seems to have a fairly good handle on what really is going on.

Re:the ivory tower (3, Insightful)

stratjakt (596332) | more than 7 years ago | (#17940470)

No, it's not his network, and they aren't his rules, even if he did "co-chair the comittee to decide what color to keep the folder that the proposed amendments to the original proposal were in and they kept it grey".

Good for him, he had a reasonable chat with the detectives and they dropped it. I just cant stand the rhetoric about "rights" and "academic freedoms".

If the police visited him at home, because of his use of tor on his own connection that he paid for - then you got a story. But this guys a guest on someone elses network.

If I let you connect to my AP, then I reserve every right to tell you I don't want you using tor, or kazaa, or bittorrent, or playing WoW, or what the hell ever.

As for police telling him what to teach? He just threw that in there for drama and FUD. Since when the fuck do campus police go around telling professors what they can and cant teach? I don't believe that part of the story is even true. I don't believe the police asked him not to teach his students about it.

I hate empty rhetoric, I hate embellishments, I hate academic dishonesty, and I especially hate it from professors. It made my time at university infuriating. I was there to study math and computers, and instead, I'm constantly bombarded with lefty bullshit propoganda (not that I'd prefer righty bullshit - I just wanted to learn calculus, chemistry, comp sci, and other subjects that deal in facts)

So whatever, this guy talked himself out of trouble. Big whoop. He can get off the fucking cross now, all that happened was a cop came to talk to him about some suspicious behaviour he was engaged in.

Once I was hanging around at night, waiting for a buddy, and a cop stopped to talk to me to ask what I was doing. STOP THE PRESSES MY STORY MUST BE TOLD.

Re:the ivory tower (0)

Anonymous Coward | more than 7 years ago | (#17940708)

Now *that* was an awesome troll! Kudos for posting logged in!

Re:the ivory tower (0)

Anonymous Coward | more than 7 years ago | (#17940778)

Did you even read the article, hot head? He never said they told him what to teach. He said they asked him not to tell his students about Tor. Now, get off your friggin' soap box. You hate rhetoric? I hate loud-mouthed know-nothings.

Re:the ivory tower (1)

JesseL (107722) | more than 7 years ago | (#17940394)

The university does have an absolute right to dictate how their network is used. That doesn't mean that nothing they do is ignorant or boneheaded.

I'd say that if widespread use of a particular application could wreak such havoc on your network, there's something you need to rethink about how your network is structured and managed.

Eventually all network traffic is going to be encrypted, and administrators will have to figure out how to deal with that.

Re:the ivory tower (3, Interesting)

Kiaser Wilhelm II (902309) | more than 7 years ago | (#17940674)

No they don't. Its a public university.

Do you think they have the right to say "Whites Only" or "No visiting Republican Websites"?

Now, that is not to say that the University is not allowed to draft up a reasonable set of rules. Perhaps it could even be argued that the right to anonymous communications and encryption fall under the 1st amendment, but thats not really my point here.

Re:the ivory tower (2, Insightful)

xenocide2 (231786) | more than 7 years ago | (#17940818)

"The university does have an absolute right to dictate how their network is used. That doesn't mean that nothing they do is ignorant or boneheaded."

That's not quite true. As a university, their mission is furthering educational development. They can argue over how such and such use does or doesn't advance educational goals, but there should be no dispute that education is the goal. The campus IT department then, as an administrative branch, is in a unique position of trying to accommodate all party's interests, rather than dictate the limited uses of "their" infrastructure. They're supposed to make it happen, not "enforce the AUP".

Re:the ivory tower (3, Informative)

javelinco (652113) | more than 7 years ago | (#17940416)

FYI (from TFA): "My reason for downloading and installing the Tor plug-in was actually simple: I'd read about it for some time, was planning to discuss it in two courses I teach, and figured I should have some experience using it before I described it to my students. The courses in question both deal with controlling technology, diffusing it throughout society, and freedom and censorship online. When I cover online censorship in countries with no free press, I focus on how those countries rely on hardware, software, and phalanxes of people to make sure citizens can reach only government-approved media. Crackdowns on independent journalists, bloggers, and related dissidents all too often result in their being beaten, incarcerated, or worse. Technologies like Tor represent a beacon of freedom to people in those countries, and I would be doing my students a disservice if I didn't mention it."

Re:the ivory tower (5, Informative)

wernst (536414) | more than 7 years ago | (#17940500)

I'm not sure what the story is here, the right to use tor on someone elses network? Does he have that right? It's not his network. I've used tor at home, but completely understand I cant use it at work, and if during my university days, had it existed (maybe it did but whatever), and was told I couldnt use it, I'd just deal with that.

What are you talking about?

The use of tor on "someone else's network" is implicit, because you are connecting to someone on the other side of the network as a whole.

You say you use tor at home, but that's not "your" network either. I think your ISP would say that you are connecting to *their* network. I think the Hosting Provider of the web server you're connecting to would say it is *their* network. I think AT&T, (or whoever owns the backbone your data is traveling across) would say it is *their* network too.

If any of these network owners told you to stop using tor at home, what would you say to that? I'm guessing it would be pretty close to what this professor said to the IT goons trying to intimidate him into stopping.

The only time it's "your" network is when you have two of your own computers on your own LAN, and a tor router between them.

Re:the ivory tower (1)

illegalcortex (1007791) | more than 7 years ago | (#17940650)

It's not his network
So, is it the IT folks network? The campus detectives network? I don't understand your reasoning on this one. In fact, FTA it sounds like he was more involved for setting policy for these situations than any of the people who were doing the questioning.

In truth, most network admins tend to like things as nice an neat as possible. If they can use their power and influence to squash harmless but annoying things like a few people on the whole campus using Tor, they will. Just to make sure they don't have those pesky log entries saying there might be something bad going on.

Re:the ivory tower (2, Interesting)

Alchemar (720449) | more than 7 years ago | (#17940780)

He did not say that he had the right to and no one else did. He said that he could understand that it was a nightmare to administer. I understand that driving a car is very hazardous, I want to continue driving, that does not mean I am telling other people not to drive. Acknowledging that it is difficult to scale does not imply not scaling up, it means that they should find a solution. By saying that he should be allowed to continue using tor, he is making the statement that asking everyone to stop using it is not the best solution.

Why is this someone elses network? It is a network that has been provided for his use. It may not be his exclusive network, but it is his network. Please clarify who you think owns it? The university? As a member of the university staff, wouldn't that make it his? or is it the exclusive network of the IT department of said university. Or maybe it is the sutdents who pay the money for said network. I am getting tired of people using the phrase "not their network" to imply that you have to take whatever is handed you. Can only call who Ma Bell wants because it's not your network, can't do anything about warrentless phone taps because it's not your network. If I have been given use of a network, then the part of the network I have been given use of is mine for the duration of that use. There might be contracts or agreements that stipulate what is or is not allowed, but when they add one sided rules after the agreement has been reached, then "it is not your network" is not an acceptable answer.

Just because you don't need tor to browse the web anonymously, does not make it a valid application for doing just that. I don't need to have firefox installed to access the web, that does not automatically exlude firefox as a legitimate application for doing just that.

Poor Quality Slashdot Editing (-1, Troll)

Anonymous Coward | more than 7 years ago | (#17940266)

Another typical Slashdot "editing" job. Was the university mentioned? Nope.

All these words were wasted to tell us about what happened, but a significant detail such as the name of the university was never mentioned, even though such a mention would help tremendously in putting pressure on the unnamed university to reverse their policy.

I can't believe people get paid to do basically nothing.

Piss poor (0)

Anonymous Coward | more than 7 years ago | (#17940498)

What university?
WTF is Tor? It kind of rings a bell though...

No wonder there is a love affair between slashdot and google. Half the stories require googling to find out what the topic is about.

Re:Poor Quality Slashdot Editing (1)

wbren (682133) | more than 7 years ago | (#17940506)

The article mentioned the name of the university: Bowling Green State University. In this case I don't think the name of the university is as important as the incident itself. If it had been a major, famous university you might have a point. Plus, I think witholding the name of the university creates more of a "it could happen anywhere" type of vibe. Maybe it's just me..

Re:Poor Quality Slashdot Editing (1)

Kiaser Wilhelm II (902309) | more than 7 years ago | (#17940726)

Indeed it did. However this could have been titled "Political Dissident Tortured", described the water boarding techniques used and the injuries he received but it if does not mention WHO did it, then its a really useless summary.

Why post it at all if the university only gets such an inconsequential mention?

Re:Poor Quality Slashdot Editing (0)

Anonymous Coward | more than 7 years ago | (#17940760)

> I can't believe people get paid to do basically nothing.

And I'm sure you're reading Slashdot in your own free time, right?

Good idea (1)

Derek Loev (1050412) | more than 7 years ago | (#17940286)

I think that if they would want to keep something like Tor quiet on the campus this is probably the worst way possible.
If anything, it will do more damage.

Loop-hole. (0)

Anonymous Coward | more than 7 years ago | (#17940296)

"But in 2000, Amazon admitted experimenting with so-called dynamic pricing, charging different people different prices for the same MP3 player; the prices were presumably based on estimates of what each user would be willing to pay, considering prior purchases. Online merchants could all do that, thanks to traffic analysis. They know who I am when I log on -- unless I delete their cookies or use Tor."

And pay only in cash. And ship to an untraceable address.

Re:Loop-hole. (0)

Anonymous Coward | more than 7 years ago | (#17940366)

With Amazon, you can browse their site, find an item *with a price*, add it to your cart and proceed to checkout - all before you ever log in. Once an item is in your cart, they don't magically change the price on you once they see your username.

Campus Intelligence Agency... (3, Interesting)

gd23ka (324741) | more than 7 years ago | (#17940310)

--"The other men were not familiar, but a quick glance at their cards told me they were detectives on our campus police force."

_Detectives_ of the campus police force. What's next? Agents of the Campus Intelligence Agency?
the Department of Campus Security?

This is really ridiculous.

Re:Campus Intelligence Agency... (2, Funny)

LiquidCoooled (634315) | more than 7 years ago | (#17940436)

Just wait until they take you to a small off-campus building and lock you up there for a while.

Those MIT hackers won't get away with it again.

Re:Campus Intelligence Agency... (1)

aarmenaa (712174) | more than 7 years ago | (#17940562)

I work as an RA on my campus, and we speak with the campus police force often. On our small campus of ~4000 students, we have at least one detective and probably 10 officers that I know of. And they're not just rent-a-cops. They're real, badge-carrying officers from the city police force. Salaries are paid from the campus operating budget I believe.

Back on topic, my school is downright draconian on what's allowed on the residential side of their network (the campus network is separate). They block anything bandwidth intensive, from Youtube to videos on Apple's website. FTP is throttled to 0.1 KB/sec. Absolutely NO access to SMTP (can't send mail except through their shitty webmail client), and POP3 is throttled back to dialup speeds. ICMP is dropped - don't ping anything because it'll never come back anyways (it's not even bandwidth intensive, WTF!). In fact they do so much throttling that we almost never run out of bandwidth; the pack shaper gives out long before that. It's a consistent point of contention between the residents and the school, as many residents play games online in their spare time. The latency is consistently measured in seconds. Oh, and if you request a file that ends in ".torrent" over HTTP, the file will never finish downloading.

The solution? I use TOR for anything that won't load. It's slow, but not much slower than my school during peak hours. I just stick it in a tab and let it go.

Re:Campus Intelligence Agency... (3, Insightful)

IthnkImParanoid (410494) | more than 7 years ago | (#17940606)

I know it was a joke, but...
Many campuses have their own PD and FD. Why?
10,000 staff.
25,000 students.
A couple square miles
It's basically a small, densely populated town...only with higher rates of rape, assault, drug use, theft, and copyright infringement.
You know, the big 5 :)

Re:Campus Intelligence Agency... (2, Insightful)

Surt (22457) | more than 7 years ago | (#17940730)

Large universities commonly have their own police force. Try to find a city in this country with a population over 25,000 without one. We have a number of universities with populations higher than that, even twice that.

question (4, Interesting)

Peter La Casse (3992) | more than 7 years ago | (#17940328)

Widespread use of Tor could be a huge headache for network-security administrators, particularly in higher education. My university alone has more than 21,000 students. Imagine what would happen if even a tenth of them and a similar percentage of faculty and staff members started using Tor regularly. With all the spam scams, phishing scams, identity theft, and related criminal enterprises going on around the world many of which involve remotely hijacking university-owned computers we could approach technological anarchy on the campus.

How does Tor enable those things, and how would more people using Tor make those things worse than they already are?

Re:question (1, Interesting)

Anonymous Coward | more than 7 years ago | (#17940570)

Exactly. There is nothing wrong with Tor, and people need to use it for regular use, otherwise there will be instant suspicion put upon anybody who does.

If someone wants to leak some documents that are in the public interest, or post dissenting messages on a Chinese message-board, then they can use Tor to do so. But, unless other people are using Tor for regular use, then it will be pretty easy to identify which users had used it, and to heap the suspicion onto them.

Re:question (4, Insightful)

xenocide2 (231786) | more than 7 years ago | (#17940596)

I think the bigger problem is that they still figured out it was him!

Bowling Green State University (3, Informative)

imaginaryelf (862886) | more than 7 years ago | (#17940336)

According to the article, he's in Bowling Green State University [bgsu.edu] , which is in Ohio. So DHS will be on this case in no time.

Re:Bowling Green State University (5, Insightful)

thesupermikey (220055) | more than 7 years ago | (#17940474)

it might also be noted the BGSU, along with other state universities in ohio force graduate students on assistantships to sign forms saying that they are not members, or have not supported terrorist groups.

Since these are stored in university archives, and not checked, new graduate studies are (more or less) required by the state to sign loyalty oaths.

Re:Bowling Green State University (0)

Anonymous Coward | more than 7 years ago | (#17940744)

I am a former student of BGSU--I know the person in question who went and questioned paul with the detectives--he caused me to lose my job as a network admin because I posessed a copy of knoppix std

Ummm, what? (0)

Anonymous Coward | more than 7 years ago | (#17940522)

The DoD (or Naval Research Laboratory, I suppose) sponsored the creation of TOR:

http://en.wikipedia.org/wiki/Tor_(anonymity_networ k) [wikipedia.org]

It's not exactly counter-government and I'm not sure why you think DHS would get involved.

But... (2, Funny)

Stanistani (808333) | more than 7 years ago | (#17940342)

Nothing really happened to him... no sanctions, penalties, threats of actions... they didn't even say "Halt thy nefarious actions, or I shall chastise thee anon!"

Overblown.

Re:But... (5, Insightful)

baptiste (256004) | more than 7 years ago | (#17940626)

It's not overblown at all. Just like the earlier article about the RIAA sending cease and desist just because you were in a swarm, not actually up or downloading. This professor was doing something completely legal and as asked by law enforcement to stop - it is inferred because they could not monitor his activities. This has a chilling effect. Notice that it wasn't just an IT person requesting he stop - he showed up with two detectives - who probably instigated the entire thing.

Common sense would dictate that the detectives, doing their jobs and trying to investigate an online scam, ask the professor some questions to determine if he was involved. But instead they asked him to stop doing something legal, tried to get him to NOT share something with his students, and used some vague provisions of an IT policy to back it up. This is a direct attack on academic freedom - 'Thou shalt not tell your students about this' and even worse, telling him not to use Tor himself - obviously because they couldn't track what he was doing.

Overblown? Hardly - we are losing our rights bit by bit by bit and people who think something like this is 'overblown' are part of the reason. By the time you all realize you've lost most of your rights it'll be too late.

This is academic freedom? (-1, Troll)

Anonymous Coward | more than 7 years ago | (#17940350)

but in the end he took a stand for academic freedom.

I wasn't aware that "Academic Freedom" meant sucking up as much resources as you can use. I suppose that's what you get when people think that "oil freedom" means driving a car that gets 10MPG and we just have to have wars to support it. Don't be brainwashed Irongeek.

Re:This is academic freedom? (1)

Kiaser Wilhelm II (902309) | more than 7 years ago | (#17940566)

What are you smoking? Tor doesn't suck up lots of resources. Its very bandwidth efficient. Do you even know what Tor is and how it works, or are you just making stupid unfounded statements for dramatic effect?

half reasonable request (5, Insightful)

Anonymous Coward | more than 7 years ago | (#17940356)

Asking the professor not to use Tor on the university-owned network is reasonable.
Attempting to censure what he can say to his students is clearly not reasonable.

Re:half reasonable request (1)

QuantumG (50515) | more than 7 years ago | (#17940704)

I beg to differ. Without the professors there *is* no university network.

But think of the children! (0)

Anonymous Coward | more than 7 years ago | (#17940388)

Oh wait - maybe he is.

It can't be _THAT_ effective... (2, Funny)

mark-t (151149) | more than 7 years ago | (#17940412)

After all, they were able to identify him as one of the users of the application.

Re:It can't be _THAT_ effective... (0)

Anonymous Coward | more than 7 years ago | (#17940480)

Well duh. Tor doesn't hide the fact you are using Tor. It is only designed to encrypt the data stream and keep the remote end of the connection from knowing who you really are.

I can sniff your home network and tell when you visit your bank's website, but that doesn't mean I will know your account balances or password.

Re:It can't be _THAT_ effective... (2, Informative)

Anonymous Coward | more than 7 years ago | (#17940484)

You can never disguise the fact that your computer sends packets accross the intranet. At some level, your node must form a secure connection to another node (which connects to another, and another, etc. Read up on Onion Routing). Network monitoring tools can detect that intranet connection, its source, its destination, and the ports it uses. They can't detect the content sent across that connection.

In addition, once your secure packets reach that first onion-routing node it acts as a proxy, keeping anyone who can't see your last-mile connection from detecting from where your connection really comes.

Re:It can't be _THAT_ effective... (0)

Anonymous Coward | more than 7 years ago | (#17940530)

Yeah, it real hard to identify someone using TOR...any ids / ips system looking for Tor in the packet will discover you...

Re:It can't be _THAT_ effective... (1)

mark-t (151149) | more than 7 years ago | (#17940576)

Which makes it peculiar, don't you think... that they couldn't figure out who the other user of the software was on campus?

Re:It can't be _THAT_ effective... (1)

stratjakt (596332) | more than 7 years ago | (#17940656)

The detectives wanted to know whether the other user was a former student of mine, and why I was using Tor.

I read that as in they know who he was, know his name, and possibly are talking to the professor as a part of THAT investigation (that the other user was participating in some online scam).

Either way, you can tell what node is sending out the traffic. One in this guys private office (so, duh, wonder who's using it), and the other possibly a terminal in the library, or through a wifi hotspot, etc.

Re:It can't be _THAT_ effective... (1)

Kiaser Wilhelm II (902309) | more than 7 years ago | (#17940772)

What the hell are you talking about? The campus IT department can tell equally as well who is using TOR. The article doesn't even say what you are claiming was stated.

Take your pills.

He's lucky... (4, Funny)

BronsCon (927697) | more than 7 years ago | (#17940472)

If using the service was against university policy, they very well could have Tor him a new one.

University IT (3, Insightful)

Schraegstrichpunkt (931443) | more than 7 years ago | (#17940492)

What is it about university IT departments that attracts such incompetent people?

Hint: If you're pouncing on people as often as a small frisky dog does, you're the problem.

Re:University IT (1)

jay2003 (668095) | more than 7 years ago | (#17940814)

Lack of appreciation or even awareness of the mission of the organization they work for is a disease not limited to University IT departments. Corporate IT departments have same affliction. Most IT departments do not do cost analysis on the impact on the organization as a whole of the their decisions. In this case, the IT department wanted to complete undermine the entire mission of the organization, dissemination of knowledge, by telling the professor not to teach something to his students in a misguided attempt to give a negligible boost to security. In addition to disrespecting the mission of the institution, they presumed the students are too dumb to use Google.

In corporate IT departments, this disease takes the form of security measures that cost far more in lost productivity than they save through better security. Sadly, executives don't ask what the productivity and other costs are to IT decisions and thus we left to suffer a waste of the shareholders money while IT departments run amok locking everything down to the point where no one can get any work done. In a well managed organization, security proposal would be rejected on face unless they had cogent analysis of all costs involved.

Responsible IT Staff (1)

skoaldipper (752281) | more than 7 years ago | (#17940496)

In a summary, sounds like police were just questioning a homeowner for selling mustache kits and wigs out of his garage. Homeowner, "Well, some people cannot grow a beard or hair". Officer, "Well, you know some kids will try to buy beer with this." Homeowner, "Possibly, but I run a practice as an Oncologist who treats radiation patients." Officer, "Very well, remember you need a business permit to do that. Good day."

From Someone Who Has Been There (4, Interesting)

nuintari (47926) | more than 7 years ago | (#17940512)

I attended said university, I know Paul very well. I still run into him in town occasionally, and I will be sure to shake his hand for this.

I could say a lot of BAD things about *university* ITS, but I'd probably get me in far more trouble than it is worth to say them out loud. I am not there anymore, they don't effect me. I will just be happy that Paul is still the fine individual I have always looked up to.

Re:From Someone Who Has Been There (1)

QuantumG (50515) | more than 7 years ago | (#17940746)

I could say a lot of BAD things about *university* ITS, but I'd probably get me in far more trouble than it is worth to say them out loud.
Wow, you don't even go there anymore and you're afraid to speak out against these people? WTF? Who you guys got running the network over there? The Mafia?

We Already Have a Problem. (1, Insightful)

twitter (104583) | more than 7 years ago | (#17940636)

Widespread use of Tor could be a huge headache for network-security administrators, particularly in higher education. My university alone has more than 21,000 students. Imagine what would happen if even a tenth of them and a similar percentage of faculty and staff members started using Tor regularly. With all the spam scams, phishing scams, identity theft, and related criminal enterprises going on around the world many of which involve remotely hijacking university-owned computers we could approach technological anarchy on the campus.

With 25% of Windoze PCs already part of a botnet, I imagine more than 1/10 of those computers are already using some form of TOR. What will thwarting my privacy achieve again?

Woops! (1)

twitter (104583) | more than 7 years ago | (#17940690)

While I couldn't dispute most of the details in the logs, they seemed inaccurate. For example, the technician said I had been using Tor earlier that morning. In fact, I had been at Wal-Mart that morning looking for a good deal on an HDTV; I had reached my office only about five minutes earlier.

So, Dr. CESARINI, are you a Windoze user? It may be time to wipe and reload.

question... (-1, Redundant)

Anonymous Coward | more than 7 years ago | (#17940644)

If TOR is so good at anonymising, how did they know he was using it?

Weirdly, I've read the whole article and they just seem to mention 'logs'. I don't understand, can anyone tell me?

This could have been prevented (3, Funny)

brouski (827510) | more than 7 years ago | (#17940664)

If he had only used Log Deleter 5.0, there would have been no record of his router hopping.

When you know so little about TOR... (-1, Troll)

Kozz (7764) | more than 7 years ago | (#17940756)

Well, the fact is that TOR is also used by less-than-savory netizens.

Here's how I first found about TOR: A friend's website used a well-known (and well-exploited) forum app. As expected, it was exploited well. Going through logs for him, I traced the activity to a TOR node. From that moment, knowing nothing else about TOR (except its allegedly legitimate use as described by wikipedia), I'd have loved to simply deny any and all access to any requests originating from TOR nodes. First impression == bad! Just like a network admin narrows down bandwidth-abuse to Bit Torrent clients/ports.

Just as people cry and whine that Bit Torrent is very often used for legitimate purposes and shouldn't be controlled/throttled/discriminated against, there's also a significant portion of that kind of traffic which is dedicated to illegal activities of one kind or another. The creators of TOR couldn't have possibly missed this, and anyone who complains should remember that when you lie with dogs, you may wake with fleas. You're going to have to take the bad with the good.

Go ahead and mod me down. I've got karma to burn.

Double entendre (3, Funny)

Anonymous Coward | more than 7 years ago | (#17940820)

From TFA: "Someone looking up potentially sensitive information might prefer to use [Tor] -- like a person who is worried about potential exposure to a sexually transmitted disease and shares a computer with roommates."

So, sharing a computer with roommates might give you an STD and Tor will protect you from it? Hmmm...
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>