In order to use my Universities wireless network (UK), I have to make an appointment to see them, where they will inspect my computer, make sure automatic updates are on and apply any updates they think my computer needs, and install their own "approved" anti-virus software.

I will also have to leave my computer with them for "several hours" for them to do all this.

So basically I have to agree to have my computer raped by them, and my privacy violated.

They can shove that right up their....

For my laptop running XP that would mean having to install WGA and OGA that I have deliberately not "updated to" so far due to me protecting my rights. In addition to having my paid for, awesome BitDefender AntiVirus 2008 removed in favour of whatever crappy antivirus company gave them the best deal. McAffe or Norton probably.

I wonder what they'd say to my Ubuntu laptop? Would they try and rape that too?

Since when did it become acceptable for us to have no digital freedoms at all? ](*,)

what university do you go to again?

Sounds like my school, except they use cisco's cleanaccess. Before you can get to the internet, you have to download clean access. Then it checks your computer, makes sure its updated, makes sure it has the correct antivirus and all that. Then it will let you log on. You have to log on every time you restart. I installed it on the windows partition on my laptop once, then windows wouldn't boot right. Once I finally got it to boot I got rid of it right away.

But, for linux users, all we have to do is just log on. No checks.

Invasion of privacy if you ask me, and why does that need to take several hours?
Whatever happened to personal computers being personal? :evil:

Odd, I often, with full consent, unplugged the computers at my college from the ethernet jack and plugged my laptop in running Linux.

I wouldn't say anything to the : "inspect my computer, make sure automatic updates are on and apply any updates they think my computer needs" part. Quite reasonable so far, especially as a virus can propagate quite quickly.

However..my eyebrows started rising a little at "their own "approved" anti-virus software."

And as for this : "I will also have to leave my computer with them for "several hours" for them to do all this.", it leaves me speechless. Several hours? Surely only half an hour is needed to do all the above..including time taken to download and install upgrades. And I'd rather be with my laptop, thanks.

Hmm, in our college, I asked the teacher if I could install Linux in our lab, even though she had never used it as far as I could tell, she didn't say no, just as long as I left it bootable by a Windows user. That culminated in several PCs showing the grub menu as I was using Ubuntu and Zenwalk in there :D Probably the techie wiped them all now, but those were fun times.

Get your Ubuntu workstation configured to only boot to a command prompt, no GUI, and let them have at it. You'll probably get your workstation handed back to you within 2 minutes...

I can understand their reasoning, but they're taking it a bit too far. Nevertheless, it is their network, and they can dictate the terms.

Get your Ubuntu workstation configured to only boot to a command prompt, no GUI, and let them have at it. You'll probably get your workstation handed back to you within 2 minutes...


/etc/init.d/gdm


Move the above file to your home directory, start GUI with "startx" or by running that script.

Put it back to have GUI start automatically.

But, for linux users, all we have to do is just log on. No checks.

Sounds like they are better educated than the University. At least they have a better understanding of the situation than people who think that MS rules the world.

Think of this: The French Parliament has changed to Linux for its OS on its official computers (around 1600 of them), French MP's will then see the advantage and gradually it will filter down to the schools and homes. This will not happen to the British Parliament as it is in hock to the Microsoft Dollar. Bringing the old song up to date "Britons, ever, ever, ever shall be slaves".

The leaving it for an afternoon I can actually understand. They are dealing with everyone not just people that understand computers.
The vast majority of people never update anything. I have got pc's in from people to work on that it tokk my 6 hours just to get them updated on a pc barely 2 years old.

Let's face it. A single incompetent user carrying a virus can bring down an entire network and cause quite a lot of damage and harassment. I don't blame the university for being strict on these things. Linux users are less likely to do so because most of us have an above average knowledge of security practices.

my university uses cisco VPN so it works fine without invading my privacy.

sounds like they have a terrible security model. Under a sensible network, users are protected from eachother and servers check for malicous actions both internally and externally, so saying that its justifiable because anybody can bring a virus in is no excuse!

where are you btw?

I think they'd have an easier time making sure people have separate administrator accounts in XP (which they'd use for only special tasks--otherwise, they'd use a limited user) than run as administrator all the time and have updates and anti-virus installed.

I know plenty of Windows users who have anti-virus and anti-spyware and Windows updates, and they still get compromised, because they run as administrator and click on just about anything.

Wow, that sounds really draconian! Perhaps contact http://www.eff.org/ or some similar organization about it.

I'd buy a new hard disk and install whatever they require for the time of the inspection. That of course wouldn't work if they install some active software snooping around.

Let's face it. A single incompetent user carrying a virus can bring down an entire network and cause quite a lot of damage and harassment. I don't blame the university for being strict on these things. Linux users are less likely to do so because most of us have an above average knowledge of security practices.

I admit it, I brought down the entire school network. However, the admin blames the Windows server they use (he's a *nix guy :)) rather than my actions.

I ran a portable server on my flash drive so I could test/write pages and scripts. It over powered the Windows server and gave my server control over the network.

How about that, a small application running on a limited account taking control of a network.

Draconian yes, but from the Uni's point of view, most users are incompetant and don't take any proper security measures. I can see their justification - doesn't mean it's not heavy handed though.

Please don't get the EFF involved - that's just being overly dramatic.

It's good that there's control but it really should be innocent until proven guilty. Dropping infected computers off the net is the easiest thing to do. That's what kind of policy my university has.

if it were me I would give them the laptop with a boot password set in the bios a password on grub and with no power cord and battery and tell them they can have 24 hours with and at the end of the time I was coming to pick it up and it must be done.

Digital freedoms... yes folks they come in 1 and 0. Guess which one that isn't.

Like Paul said, that's not a personal computer if they're inspecting it and running what they chose on it.


I can understand their reasoning, but they're taking it a bit too far. Nevertheless, it is their network, and they can dictate the terms.

That's true, or is it? The University and all its staff and all its equipment and all its services including internet and network access (as is true of most non-public school institutions) is paid for by the students. Our system is established in a way that the students are paying "for privilege" of using the institutions' system, and from that point of view it does seem right that they dictate term. I gather one shouldn't question the establishment, but the fact remains that system only functions on mutual acceptance. Luckily (for the institution) the students don't think to dictate term. Still things like this, if taken too far, could potentially force upset, with its inevitable attendant misfortunes. That's never a good thing. Or in other words, it seems to me that this University should be more careful of how much they impose on their customer.

Bottom line it's their network.

Bottom line it's their network.

I beg to differ - bottom line is it's *John*'s computer...

Draconian yes, but from the Uni's point of view, most users are incompetant and don't take any proper security measures. I can see their justification - doesn't mean it's not heavy handed though.

Please don't get the EFF involved - that's just being overly dramatic.
its not really justified:
it offers zero protection from zero day attacks
it offers limited protection from malicious users
it offers zero cross platform access.

if you consider your users incompetent then protect yourself from them. Personal computers on a network should not have access to other personal computers on the network, not only does this prevent viruses from spreading but also prevents attacks!
Servers should be setup to detect malicious activity, e.g excessive workload from a single PC and warn/kick the user.

assuming that a computer connected to a network is secure if its not maintained by you is the 1st step to failure!

Bottom line it's their network.

Yeah and it's John's laptop. He has his right to privacy and decide what is installed on his computer. His university is not allowed to just make up some rules about what way his system has to be configured so he's allowed to connect.

I know the privacy rights in the UK have been taken away somewhat these last few years so I'm prolly not 100% up to date but I'm sure that the privacy rights I mentioned still apply.

Bottom line it's their network.

Well as I suggested earlier, the network, the internet access, all the equipment, all the personel, and the whole non-public institution in fact, is paid for by the student. Point being the arguement could work both ways, and exists in present form by mutual / social acceptance. Certain liberty is prudent for everyone; taking these things too far can sow seeds of misfortune. Methinks they should tread more lightly.

And it is true that it's John's property, not theirs. He should certainly have final say concerning his property, without threat of consequence. Perhaps they may withold network access, but only if they also withold billing him for it. At least that's how I see it.

Sounds like my school, except they use cisco's cleanaccess. Before you can get to the internet, you have to download clean access. Then it checks your computer, makes sure its updated, makes sure it has the correct antivirus and all that. Then it will let you log on. You have to log on every time you restart. I installed it on the windows partition on my laptop once, then windows wouldn't boot right. Once I finally got it to boot I got rid of it right away.

But, for linux users, all we have to do is just log on. No checks.

That's what my school does too.

They once took away my internet access, claiming I was on a botnet. It turned out that they had logs showing that a certain bit of malware had been downloaded through my yahoo webmail, so they waited 2 whole weeks, then took away my internet access (quick action plan there, eh?). I took my laptop in and powered it on, and while the Ubuntu startup screen was loading in plain sight said "so I'm told I can't have internet access because I'm on a botnet. What makes you think that computer could be on a botnet?" Which turned into "oh...you're running Linux. Huh. Uh, it says you were flagged because win*blah*blah*32.exe was downloaded through Yahoo webmail, and that adds computers to botnets when it auto-installs. Given your computer, though, I'm guessing that didn't happen..." "Right, so when I said on the phone yesterday that I use Linux, and was told 'but there are some viruses for Linux' and told the person that it's completely up-to-date and besides the few known Linux viruses aren't botnets, why didn't anyone believe me?" "Uh...we'll get your internet access back up some time today." I later found out from a friend who works there that their monitoring software shows what OS you're using! It should have been obvious from the software the moment it was flagged that win*32.exe wasn't going to be doing anything to my Linux computer!

There's also the fun my old roommate went through a few times. CCA would tell her she couldn't go online until her anti-virus was updated. Now, I think it's supposed to still allow access to Norton's updates so you can, you know, get the updates to get back online; however, Norton then kept saying it couldn't find any updates (because it couldn't reach the internet). So, that's "you can't get online until you download your AV updates" "but I need to get online to download AV updates" "well that's too bad. you can't get online until you download AV updates" "but i can't download AV updates!" back and forth over and over

Yeah CCA is pretty weird sometimes. I'm off campus, so I don't have to deal with it as much.

Bottom line is that its their network and they can require you to submit to their checks if you want access. No checks, no access.

Yeah and it's John's laptop. He has his right to privacy and decide what is installed on his computer. His university is not allowed to just make up some rules about what way his system has to be configured so he's allowed to connect.

I know the privacy rights in the UK have been taken away somewhat these last few years so I'm prolly not 100% up to date but I'm sure that the privacy rights I mentioned still apply.

This thread is getting all philosophical about the rights of the individual and community.

Hey - you can buy a car. Its YOUR car. But if it is not fitted with approved safety devices like seatbelts and if it does not come with a compliance plate showing it complies to all the safety design regulations for your country... despite the roads being public roads you will not be permitted to drive YOUR car on the public roads.

/etc/init.d/gdm


Move the above file to your home directory, start GUI with "startx" or by running that script.

Put it back to have GUI start automatically.

And after you do that, lock GRUB with a password (I use startup manager to do GRUB settings like password and framebuffer background image) so they can't boot into single-mode (in case any of them know Linux). Then go into your BIOS and make sure your hard drive is the first boot device (so they can't put in a boot CD and "fix"it when the command line scares them by reinstalling Windows), then set a BIOS password as well (so that they can't switch the CD to the first boot device and "fix" it with Windows). Unless they are really stubborn, they won't pull the CMOS battery to reset the BIOS password. More likely, they'll tell you it's broken and that they don't understand what's wrong with it.

This thread is getting all philosophical about the rights of the individual and community.

Hey - you can buy a car. Its YOUR car. But if it is not fitted with approved safety devices like seatbelts and if it does not come with a compliance plate showing it complies to all the safety design regulations for your country... despite the roads being public roads you will not be permitted to drive YOUR car on the public roads.

Your example is completely different compared to the point I made.
If you carefully read my previous post you'll notice I was discussing the privacy aspects of John having follow the rules his university made up in what way is computer has to be configured: leaving his laptop with them, installing the updates (and WGA) and them maybe installing some kind of monitoring software for all we know.

Your example would apply to the installation of their "approved" anti-virus.
I don't agree with that either but it isn't what I stated in my post and it doesn't really violate his privacy rights because it is a sound security measure. There's a big difference here between privacy rights and demanding reasonable security precautions.

why not just put a boot password from the bios then they cant do any thing to it. unless they crack the password or flash the bios which is destructive and you could sue them for thousands of dollars.

And after you do that, lock GRUB with a password (I use startup manager to do GRUB settings like password and framebuffer background image) so they can't boot into single-mode (in case any of them know Linux). Then go into your BIOS and make sure your hard drive is the first boot device (so they can't put in a boot CD and "fix"it when the command line scares them by reinstalling Windows), then set a BIOS password as well (so that they can't switch the CD to the first boot device and "fix" it with Windows). Unless they are really stubborn, they won't pull the CMOS battery to reset the BIOS password. More likely, they'll tell you it's broken and that they don't understand what's wrong with it.

I don't think a BIOS password is much use here. I've had a few cases where I had to change something in the BIOS and it was protected by a password. I found out that nearly every BIOS manufacturer has a default "emergency" password to disable the user's password or to simply bypass the password. IIRC you can Google for the password for the specific BIOS brand and version.

I have to add that maybe this has changed over the last few years though, I dunno, at least I've done it several times.

I don't think a BIOS password is much use here. I've had a few cases where I had to change something in the BIOS and it was protected by a password. I found out that nearly every BIOS manufacturer has a default "emergency" password to disable the user's password or to simply bypass the password. IIRC you can Google for the password for the specific BIOS brand and version.

I have to add that maybe this has changed over the last few years though, I dunno, at least I've done it several times.

Or one could remove the battery or set the jumper.

Or one could remove the battery or set the jumper.

Yeah that's what I did with PC's but opening a laptop is a lot more work. :)

Yeah that's what I did with PC's but opening a laptop is a lot more work. :)

Forgot about that....

Would you really think any of this would matter though? They'd just say they couldn't do the job and not let you on the wireless network.

TeaSwigger, I agree with you. However, the institution always has one advantage, they know that the people will never combine together unless they push you to far. And they know the best way to do it, is to do it slowly.

It's the same in University of Toronto - except no Linux and Mac users are allowed to connect because there is no "security" software that they trust.

Thankfully York University, which is in the same city, allows everybody to connect, no hassle.

Wow, really makes you wonder how much Micro$oft has sponsored that uni.

Unfortunately, just saying that won't help. Writing emails and making appointments will though =)

I don't think a BIOS password is much use here. I've had a few cases where I had to change something in the BIOS and it was protected by a password. I found out that nearly every BIOS manufacturer has a default "emergency" password to disable the user's password or to simply bypass the password. IIRC you can Google for the password for the specific BIOS brand and version.

I have to add that maybe this has changed over the last few years though, I dunno, at least I've done it several times.
that is a bios administrator password not a boot password bott password affects everything not just the bios there should be to options for it but it might be called power on password.

It is the school's network and they can set any terms and conditions they like, they have an inherent right and duty to other users to protect their network. Of course if all students were linux users there would be no problem, but being as click happy windows users are rampaging across the network anything could happen.


Sorry if that sounds a little snarky, but after reading the follwing comments earlier in the thread I was a little ruffled.


"Let's face it. A single incompetent user carrying a virus can bring down an entire network and cause quite a lot of damage and harassment. I don't blame the university for being strict on these things. Linux users are less likely to do so because most of us have an above average knowledge of security practices. "

orly?


"I know plenty of Windows users who have anti-virus and anti-spyware and Windows updates, and they still get compromised, because they run as administrator and click on just about anything."

even windows users that are capable of managing their updates can't be trusted to break the habit of clicking?

and I thought ubuntu was for everyone, sounds like its only for the l33t that can control their clicking habits.

This is not intended to insult either of the posters, but seems a little condescending to me the average user.

"Let's face it. A single incompetent user carrying a virus can bring down an entire network and cause quite a lot of damage and harassment. I don't blame the university for being strict on these things."

This is true.

"Linux users are less likely to do so because most of us have an above average knowledge of security practices."

This is false. Although we do use better security practices (because they're already set for us)

"I know plenty of Windows users who have anti-virus and anti-spyware and Windows updates, and they still get compromised, because they run as administrator and click on just about anything."

I don't see what's wrong with this. It's true, and doesn't sound bad.

Yeah, I myself don't like some of the elitist attitutes expressed even here, but the examples you found aren half-bad.

What's with all the characterizing of fellow forum members? It's a discussion, not a forum for character evaluation. Take it easy folks.

TeaSwigger, I agree with you. However, the institution always has one advantage, they know that the people will never combine together unless they push you to far. And they know the best way to do it, is to do it slowly.

Thank you, and yes that's a good point. One certainty however, is that everything has changed, is changing now, and will change again. And that no matter how many personal computers are institutionalized, there's still gonna be a load of crapola on "their" student-paid network. :lol:

Sounds like my school, except they use cisco's cleanaccess. Before you can get to the internet, you have to download clean access. Then it checks your computer, makes sure its updated, makes sure it has the correct antivirus and all that. Then it will let you log on. You have to log on every time you restart. I installed it on the windows partition on my laptop once, then windows wouldn't boot right. Once I finally got it to boot I got rid of it right away.

But, for linux users, all we have to do is just log on. No checks.

Yeah, we have CCA too... It's awful. I kinda liked having Vista on my laptop, but having to use CCA was such a pain that I never boot it anymore.

IT Managers are heartless evil godless demons

Hang on ... I am one of those


IT MAnagers are angels sent to protect you . Thats why we make those kinds of rules:)

IT Managers are heartless evil godless demons

Hang on ... I am one of those


IT MAnagers are angels sent to protect you . Thats why we make those kinds of rules

:lolflag:

Kiwi: At least you are a nice shade green on the inside. That counters any evil you have inside you. ;)

Yeah, we have CCA too... It's awful. I kinda liked having Vista on my laptop, but having to use CCA was such a pain that I never boot it anymore.

I made a little guide a few years ago on how to bypass CCA: http://web.missouri.edu/~datcnc/browser_spoof.html

Alternatively, they now have the 'User Agent Switcher' firefox extension.

I don't know if CCA is still sooooo easy to get around...it's been a few years since I was bangin'

-teet

My uni tried something called impulse or policy key a while back, but I think it caused more problems than it solved so they got rid of it.

It was pretty dumb. To get around it on windows you just had to authenticate through a virtual machine and you'd be left alone.

And not only could you get the unresolvable loop of "not allowed on net" and "can't update antivirus to let you on net" it also would give people popups about not having anti-spyware. People would leave their computer for an hour, come back, and find like 20 popups warning them that though anti-spyware isn't required, they did not have it installed. When my uni started experimenting with it was about when I switched to linux fully, actually.

Of course, it was only for windows users, not mac or linux.

I beg to differ - bottom line is it's *John*'s computer...

Yes it is. And John doesn't have to use their network if he doesn't want to, so no one is forcing him to install anything. However, if John decides he does want to use their network, then he needs to abide by the policies that they set forth for secure use.

It's not as if they came in and searched his computer in the middle of the night... if he wanted to hide anything from them he could move it to external storage before turning it over for a checkup. And honestly, if he's running without updates, he's probably a security threat to the network, so I don't blame them at all. It's not like this is any surprise, the terms are laid out and he knows the policies. If this is disagreeable, he should have factored that in to his choice of uni, or planned on arranging an alternate internet provider.


I made a little guide a few years ago on how to bypass CCA: http://web.missouri.edu/~datcnc/browser_spoof.html

Alternatively, they now have the 'User Agent Switcher' firefox extension.

I don't know if CCA is still sooooo easy to get around...it's been a few years since I was bangin'

-teet

Thanks, next time I'm on campus I'll check this out.

That's what my school does too.

They once took away my internet access, claiming I was on a botnet. It turned out that they had logs showing that a certain bit of malware had been downloaded through my yahoo webmail, so they waited 2 whole weeks, then took away my internet access (quick action plan there, eh?). I took my laptop in and powered it on, and while the Ubuntu startup screen was loading in plain sight said "so I'm told I can't have internet access because I'm on a botnet. What makes you think that computer could be on a botnet?" Which turned into "oh...you're running Linux. Huh. Uh, it says you were flagged because win*blah*blah*32.exe was downloaded through Yahoo webmail, and that adds computers to botnets when it auto-installs. Given your computer, though, I'm guessing that didn't happen..." "Right, so when I said on the phone yesterday that I use Linux, and was told 'but there are some viruses for Linux' and told the person that it's completely up-to-date and besides the few known Linux viruses aren't botnets, why didn't anyone believe me?" "Uh...we'll get your internet access back up some time today." I later found out from a friend who works there that their monitoring software shows what OS you're using! It should have been obvious from the software the moment it was flagged that win*32.exe wasn't going to be doing anything to my Linux computer!

There's also the fun my old roommate went through a few times. CCA would tell her she couldn't go online until her anti-virus was updated. Now, I think it's supposed to still allow access to Norton's updates so you can, you know, get the updates to get back online; however, Norton then kept saying it couldn't find any updates (because it couldn't reach the internet). So, that's "you can't get online until you download your AV updates" "but I need to get online to download AV updates" "well that's too bad. you can't get online until you download AV updates" "but i can't download AV updates!" back and forth over and over

Hmm. Guess you should have been checking your email via encrypted connection.


also:
Oh, and overall, I think the biggest issue here isn't that there are standards, it's that these suspect admins want private admin access to this guys computer. One bad hire and the school is a bot net. I agree that just maybe there need to be SOME security minimums for a network, it's inapropriate for admin access to be given to these admins who do not own the computer and are doing stuff to property they do not own which can not be verified. At the minimum, these admins and the university should now be financially liable for issues with the private computers they've messed with. IMO, inherently you should not run a public network while trying to use corporate style IT.

delete this post.

I made a little guide a few years ago on how to bypass CCA: http://web.missouri.edu/~datcnc/browser_spoof.html

Alternatively, they now have the 'User Agent Switcher' firefox extension.

I don't know if CCA is still sooooo easy to get around...it's been a few years since I was bangin'

-teet


Nope, doesn't work. They've gotten more complex than that now. I don't know of any way to get around it if you're on wireless, but i know of a way if you're wired.

That is ridiculous. I wouldn't trust them. Do they really need it for several hours?

The highschool I was going to up untill recently (I got expelled, ask about it and I'll explain, not that intresting) did that aswell. Took my laptop for several days, added their own monitering software, added their own antivirus, and all that jazz. I removed both antivirus and moniter within a week, they were screwing my system. I actually converted my laptop over to ubuntu today, so I'm just now off their system, after being expelled for two weeks. Absolutly nuts for something I could do in less then a hour.

They did set it up for their network, but again, I could of done all this in less then an hour. They have also decided not to setup any system but XP and Vista (possibly because they have no clue how to? just maybe), so they tell us we cant bring macs and such. But there is a hungarian teacher who is brillent at computers (uses macs and linux) who will set it up for you.

Ummm im rambling arent I? Sorry yall.

did you ask others aboout this it just doesnt sound right to be honest with ya.
good luck mate!

DE--L--TA

"Let's face it. A single incompetent user carrying a virus can bring down an entire network and cause quite a lot of damage and harassment. I don't blame the university for being strict on these things."

This is true.

"Linux users are less likely to do so because most of us have an above average knowledge of security practices."

This is false. Although we do use better security practices (because they're already set for us)

"I know plenty of Windows users who have anti-virus and anti-spyware and Windows updates, and they still get compromised, because they run as administrator and click on just about anything."

I don't see what's wrong with this. It's true, and doesn't sound bad.

Yeah, I myself don't like some of the elitist attitutes expressed even here, but the examples you found aren half-bad.

I'd say the "linux users are less likely to do so..." statement is true. It says "less likely," not immune, and if you total up all of the Linux users out there and average it....well, they're mostly geeks and hackers. And geeks and hackers *do* know more about computer security than your average joe. The level of knowledge tha hackers have could probably very easily balance against the lack of security knowledge most people have. Remember, until a couple years ago, "normal people" couldn't really handle Linux. You *had* to be a computer guru.

The highschool I was going to up untill recently (I got expelled, ask about it and I'll explain, not that intresting) did that aswell. Took my laptop for several days, added their own monitering software, added their own antivirus, and all that jazz. I removed both antivirus and moniter within a week, they were screwing my system. I actually converted my laptop over to ubuntu today, so I'm just now off their system, after being expelled for two weeks. Absolutly nuts for something I could do in less then a hour.

They did set it up for their network, but again, I could of done all this in less then an hour. They have also decided not to setup any system but XP and Vista (possibly because they have no clue how to? just maybe), so they tell us we cant bring macs and such. But there is a hungarian teacher who is brillent at computers (uses macs and linux) who will set it up for you.

Ummm im rambling arent I? Sorry yall.

My school supports Mac OSX, but not Linux or BSD, so I wrote up a HowTo for the school's wireless on open source OSes, and gave it to the Student Technology Services people. The guys in charge didn't even know it was possible (doh!), so the howto (which they now give out if someone comes asking) has my email address for if you need help since they still won't support it (and some of them use Linux!).

Coincidentally, my computer (which has Linux so it's "impossible" to get wireless) handles the school's wireless very well. The Mac users in my classes are always struggling to get connected, and OSX is supported. One of my friends said that since she installed Ubuntu, her wireless connection at school works really well, though it didn't (on that same computer) with XP or Vista.

I once took my laptop with ubuntu to highschool to give an oral presantation, and at lunc time I wanted to surf the net, so I unplugged one of the school computers, and plugged in mine. I had full accese to everyones files, and such, and I couldn't touch the server, but I could drag the backup server into the trash, it was all good fun, but I stopped before I brought down the system.

another time, there was a LAN gaming shor course at the end of the year, so I brought my computer, and plugged it in. someone started a tremulous game, and all the people around me that had figured out that I was not on windows looked at me, to see if it would run on my system, but i was already picking a server, has nothing to do with what the op said tho, oh well:)

All you need is another disk drive with Windows ME on it for inspection purposes.

Invasion of privacy if you ask me, and why does that need to take several hours?
Whatever happened to personal computers being personal? :evil:

Nothing happened. But if you want to use their network, then you have to play by their rules. It's not out of the ordinary for network operators to want some assurance that the computer they are allowing to access the network (and by extension, all other nodes on the network) is not riddled wit viruses and has the tools in place to prevent that from happening.

I work for a U.S. govt agency and when I want to take my work-issued, work-maintained laptop to another U.S. govt agency's network, I have to have a "compliance" scan done and provide that report to the Admins of the network before they allow access.

At first thought it seems ridiculous, but these measures prevent one computer from taking down an entire network with viruses/malware.

have you asked them about linux?

the IT support people at my uni (manchester) don't mind people using linux. They wont provide tech support, but they will give information you need.

if you ask it will at least make them aware that people are using linux.

also about the anti virus software. they probably have a site-wide license for whatever they use. they would rather you were using their fully registered stuff, than you have some 30 day trial that came with you computer.

Nothing happened. But if you want to use their network, then you have to play by their rules.

Is it really "their network", though? We're talking about a school network, and the criticized action is taken by the people who are employed to maintain that network. Those people don't "own" it.

Sure, they're there to enforce certain practices, but if those are extreme, and violate basic rights such as privacy, students (who are actually funding the school, and are the closest to an owner, if there is one) as recipients of the public service can surely appeal to the school management and demand that the procedure be changed. And if their demand is found reasonable (the chances of which would be correlated with the strength of their voice), the management would have to order the IT department to comply with the demand.

It is the school's network and they can set any terms and conditions they like, they have an inherent right and duty to other users to protect their network. Of course if all students were linux users there would be no problem, but being as click happy windows users are rampaging across the network anything could happen.


Sorry if that sounds a little snarky, but after reading the follwing comments earlier in the thread I was a little ruffled.


"Let's face it. A single incompetent user carrying a virus can bring down an entire network and cause quite a lot of damage and harassment. I don't blame the university for being strict on these things. Linux users are less likely to do so because most of us have an above average knowledge of security practices. "

orly?


"I know plenty of Windows users who have anti-virus and anti-spyware and Windows updates, and they still get compromised, because they run as administrator and click on just about anything."

even windows users that are capable of managing their updates can't be trusted to break the habit of clicking?

and I thought ubuntu was for everyone, sounds like its only for the l33t that can control their clicking habits.

This is not intended to insult either of the posters, but seems a little condescending to me the average user.

I know there are plenty of Windows users who are security-conscious. But there are also many more who are not. Thus, the average is skewed. On the other hand, you'll find that most people who switch to Linux are already quite good in computers, and are conscientious about security practices, hence my deduction that the average Linux user is more knowledgeable than the average Windows user. I am not intending to make an elitist statement here, just an observation.

well, they might say several hours so they have some padding to get it done. of course it probably takes a half hour or less, but other things come up and i'm sure they don't need you at their desk tapping your finger. i do have to lol @ the approved anti-virus.

Just break into their network and be done with it.

Just break into their network and be done with it.

yeah, what a great idea.

Is it really "their network", though? We're talking about a school network, and the criticized action is taken by the people who are employed to maintain that network. Those people don't "own" it.

Sure, they're there to enforce certain practices, but if those are extreme, and violate basic rights such as privacy, students (who are actually funding the school, and are the closest to an owner, if there is one) as recipients of the public service can surely appeal to the school management and demand that the procedure be changed. And if their demand is found reasonable (the chances of which would be correlated with the strength of their voice), the management would have to order the IT department to comply with the demand.

Yes, it is their network. The department was obviously given the responsibility of maintaining the network. In all intents and purposes, that department "owns" the network. The Provost certainly can't be bothered to know or do the job of the network admin.

I'm also not so sure that requiring the computer to be scanned/updated with patches and A/V software are considered "extreme" measures, nor are they inherently a violation of privacy. If one is concerned about privacy, I'm sure they could arrange to be present with the computer.

Paying tuition doesn't make you an owner, or anything close to being an owner of a school - it's not stock, it's payment for a service. The owner of the school (or the closest thing to it) would be the board of trustees. As with the Provost example, I doubt these folks want to be doing network admin duties, so they delegate it to the appropriate department.

Finally, I somewhat agree with your last statement. The student body could appeal to the management to have the policy changed. Based on their decision on the student's appeal, they could order the IT department to comply. However, they do not have to do so, even if the appeal is reasonable.

At my school, you need the encryption key to get on their wireless... Makes me glad for aircrack-ng :D But seriously, I don't abuse that too much...

As for their LAN, though, you can just plug your computer in and have the same restrictions as a Windows user. You can't see naughty sites and whatever else they deem blockable.

And I really don't mind it. Am I paying for the bandwidth? Maybe college is a different story, but for right now (high school) no. Am I part of the staff? No, I'm a student that falls under their Terms of Service, which they very nicely pointed out to me as I signed the papers agreeing to them. Should I be complaining? No, using the Internet at school is a privilege, not a right, and if I REALLY wanted to I could just come home and use MY Internet.

I think that it *should* be a right though, for all students, especially in government-controlled universities. Just like books or any other kind of tool that is used for the purpose of learning within the confines of an educational institution. Of course, the internet can (and most of the times, is) misused, but I really don't know if restricted access helps much.

I think that it *should* be a right though, for all students, especially in government-controlled universities. Just like books or any other kind of tool that is used for the purpose of learning within the confines of an educational institution. Of course, the internet can (and most of the times, is) misused, but I really don't know if restricted access helps much.

but it's much like driving a car. that's a privilege and not a right. sure it makes getting from point A to point B a lot easier, but driving also incurs costs and you are subject to laws and rules of the road. not much different.

I disagree. I see University-provided internet just like any other service provided by the government (I'm mostly talking about government-controlled universities), it should be there when you need it, as you need it. Of course you have to comply to certain rules, but these rules refer to the actual usage of the service, not access to it. Meaning, everyone has access to the services, but can only use them under certain rules (which is understandable). The internet is nowadays a very basic tool for information retrieval and education in general, and everyone should be given access to its facilities.

The internet is nowadays a very basic tool for information retrieval and education in general, and everyone should be given access to its facilities.

I'm sure they have computer labs, so access is available. But, if you want to use the network on a machine that they can't directly control (like they do in the labs), then you have to meet their requirements.

The internet is nowadays a very basic tool for information retrieval and education in general, and everyone should be given access to its facilities.
why?
there are milions out there who live with less than $1 per day, so in my opinion the internet is nowadays (still) a privilege, not an a priori right

Hah, it might not be a basic human right, but it's as much of a right as free books in universities. Or maybe 1$ per day should be the standard in which we measure everything. I'm sure people like getting 1$ per day.

Although Mozetti might be right, I think it's the University's job to make the student's life easier, not the other way around. As such, and assuming people use the internet for educational purposes, internet access should be made easier, and thus, not confined to a certain area. Of course, the same regulations concerning the use of the internet should apply to everyone.

But, if you want to use the network on a machine that they can't directly control (like they do in the labs), then you have to meet their requirements.
+1
Any decent network administrator is going to want to know what hosts connect to his network, what software they're running, and how secure they are. You don't want viruses, spam bots and zombies on a corporate network. You also don't want some rogue dhcp server (eg from sloppily configured VMware networking, Windows Internet connection sharing, or a Linux enthousiast who thought it would be cool to run dhcpd3 on his laptop) messing with your network configuration - I've seen half a school loose network connectivity once because of something like that. You also don't want some 'clever' linux user poke holes in your firewall with ssh tunnels or a creative proxy setup, or sniffing data, or whatever.

So, as a network admin, you want to know what and who is on your network; I'd say that uni has every right to set the conditions under which you can connect to their network.

+1
Any decent network administrator is going to want to know what hosts connect to his network, what software they're running, and how secure they are. You don't want viruses, spam bots and zombies on a corporate network. You also don't want some rogue dhcp server (eg from sloppily configured VMware networking, Windows Internet connection sharing, or a Linux enthousiast who thought it would be cool to run dhcpd3 on his laptop) messing with your network configuration - I've seen half a school loose network connectivity once because of something like that. You also don't want some 'clever' linux user poke holes in your firewall with ssh tunnels or a creative proxy setup, or sniffing data, or whatever.

So, as a network admin, you want to know what and who is on your network; I'd say that uni has every right to set the conditions under which you can connect to their network.

Gotta agree with you. Now, if his Uni refuses to allow him to use linux, that is a problem. My University doesn't disallow it but they aren't exactly keen on. However, I'm the only linux user I know on campus, so it's not much of a problem for them. Disallowing an operating system is too far, but imposing restrictions on the private computers using their network is not.

Oh come on, even ISP's don't regulate that much, how the hell is it any different for Universities?

ISP's mainly provide internet access. They don't provide access to network resources such as applications, data (possibly confidential), and peripheral hardware. It's a whole different ball park.

Nonetheless, most ISP's actually do have terms and conditions, and you've agreed to them (whether you actually read them or not)

And from a different angle : universities e.a. are customers of ISP's and have to comply with the terms and conditions of their ISP. If that ISP dosn't allow port scanning by it's customers, you don't want anyone on that network running port scanners. If someone, knowingly or not, is sending out spam from your network, your network (and all of it's users) risk being cut off by the ISP. And so on. Not to mention any legal consequences.

Gotta agree with you. Now, if his Uni refuses to allow him to use linux, that is a problem. My University doesn't disallow it but they aren't exactly keen on. However, I'm the only linux user I know on campus, so it's not much of a problem for them. Disallowing an operating system is too far, but imposing restrictions on the private computers using their network is not.

I'd agree with you if..you decided not to comply thus they didn't charge you the telecommunications fee.

I was mainly talking about providing internet access by the means wireless connectivity, or maybe even stations that provide wired access. I understand that providing access to the internal workings of such a system to everyone is a major security fault. I'd say that providing such access to *anyone* outside the administration is a risk.

I was mainly talking about providing internet access by the means wireless connectivity, or maybe even stations that provide wired access. I understand that providing access to the internal workings of such a system to everyone is a major security fault. I'd say that providing such access to *anyone* outside the administration is a risk.

yes, but even then, you'll want to avoid eg spam being send out from "your" network, avoid introducing backdoors to your (other) network(s) via compromised laptops, and so on. And since it is impossible to check and take into account all unknowns, you impose a limited number of known configurations. (but it would be rather unfair to limit the 'know and allowed configurations' to windows only)

It's all cool and fair to have linux servers and disallow linux users ;)

Makes me happy to be at Edinburgh Uni. They will only give phone support for fedora though.

it's as much of a right as free books in universities
That's a right? I spent well over $400 on books this semesters. My math book alone is $230 new (I got a used one for $130 then had to pay another $30 for a license key for the online portion).


It's all cool and fair to have linux servers and disallow linux users ;)
My school uses Solaris on their servers, but "I know Linux" will get you hired as one of the sysadmins.

Wow, those are some harsh demands! I'm happy that all I have to do at my university is to log on with my username and password, and then I'm ready to go. Also I don't think they restrict any pages, so we're quite free to surf what we want. It has worked out good so far, and as long as it continues that way I'm happy.

:P run dual boot with ubuntu they don't like it then tough they can't take your computer away. and also there should be some way to get an outside internet source into the school :P read the terms carefully maybe there is a loop hole :P

and if you cant find one post it here and we will find it for you.

All you need is another disk drive with Windows ME on it for inspection purposes.

Windows ME?? What century are you living in? :lolflag:


Sorry if that sounds a little snarky, but after reading the follwing comments earlier in the thread I was a little ruffled.

"Let's face it. A single incompetent user carrying a virus can bring down an entire network and cause quite a lot of damage and harassment. I don't blame the university for being strict on these things. Linux users are less likely to do so because most of us have an above average knowledge of security practices. "

orly?

"I know plenty of Windows users who have anti-virus and anti-spyware and Windows updates, and they still get compromised, because they run as administrator and click on just about anything."

even windows users that are capable of managing their updates can't be trusted to break the habit of clicking?

Well, to be honest, Joe Six-Pack and his buddy Bob Average probably don't know much about computer security. Sure, they might throw Norton on because they got a free year with their new computer, and sure, Windows Firewall might be enabled, but they really don't understand how malware and hackers work. I can guarantee that any university is filled with potential weak spots, ranging from total n00bs who think computers consist of the Blue E and Microsoft Word, to the intermediate users who are only 50% secure. I can't blame the university for wanting to inspect for updates and malware infection, although installing RAT software isn't cool.


and I thought ubuntu was for everyone, sounds like its only for the l33t that can control their clicking habits.

Let's be honest here, Linux isn't for n00bs or Joe Six-Pack. Linux is for the "l33t" and the geeks. I know many people who will help the n00bs evolve into qualified Linux users (such as the many great people on this forum), but let's face it, the click-tarded Windows user who isn't willing to learn advanced computer skills should not be catered to. There's nothing I hate more than when someone tries Linux, and I have to help him or her out every step of the way because the territory they want to tread cannot be walked in GUI.

Someone: "I want to set up an FTP server in Linux. I've got Ubuntu installed but I can't get it set up."

Me, 30 minutes later: "Okay, it's installed. You'll need to type sudo /etc/init.d/proftpd whenever you want to start, stop, or restart the server."

Someone: "What, why can't I just use the program like on Windows so I can click settings and stuff?"

Me: "Hmm, you know what, maybe you should go back to Windows."

If you don't want to learn, don't waste my time. If you want to learn, I will be more than happy to hold your hand. I don't get why everyone thinks Linux is for Grandma (unless, of course, Grandma is open-minded and willing to learn). If we go around spreading Linux in such a way, we will get nothing in return except unhappy users.

Someone: "I want to set up an FTP server in Linux. I've got Ubuntu installed but I can't get it set up."

Me, 30 minutes later: "Okay, it's installed. You'll need to type sudo /etc/init.d/proftpd whenever you want to start, stop, or restart the server."

Someone: "What, why can't I just use the program like on Windows so I can click settings and stuff?"

Me: "Hmm, you know what, maybe you should go back to Windows."

If you don't want to learn, don't waste my time. If you want to learn, I will be more than happy to hold your hand. I don't get why everyone thinks Linux is for Grandma (unless, of course, Grandma is open-minded and willing to learn). If we go around spreading Linux in such a way, we will get nothing in return except unhappy users.
Why the heck would you use a GUI on a server? That's such a terrible waste of resources!

Why the heck would you use a GUI on a server? That's such a terrible waste of resources!

Yup. I agree. But they can't stand to leave the GUI behind.

Yes, it is their network. The department was obviously given the responsibility of maintaining the network. In all intents and purposes, that department "owns" the network. The Provost certainly can't be bothered to know or do the job of the network admin.


I wouldn't say that a department whose job is to take care of a certain asset of an institution "owns" that asset. Apparently you do, and it's a difference in semantics.


I'm also not so sure that requiring the computer to be scanned/updated with patches and A/V software are considered "extreme" measures, nor are they inherently a violation of privacy. If one is concerned about privacy, I'm sure they could arrange to be present with the computer.

"You have to leave your computer with us for n hours, and we'll install our own choice of A/V software on it" is a violation of both privacy and the right to choose. "You should either demonstrate that your computer is secure with up to date OS patches and A/V software if necessary, or arrange with us to have us make sure it is, at your monitoring if you so desire" would be acceptable.


Paying tuition doesn't make you an owner, or anything close to being an owner of a school - it's not stock, it's payment for a service. The owner of the school (or the closest thing to it) would be the board of trustees. As with the Provost example, I doubt these folks want to be doing network admin duties, so they delegate it to the appropriate department.

I didn't say that the students are the owner of the school at the end of the day (that can depend on the system, though; I don't know much about this specific example), or that the higher authorities should do the jobs of the technical departments. What I mean is that as recipients of the service, the students should have and exercise the right to act up against policies that violate their basic rights.

That's what my school does too.

What school do you go to?

I understand the university. Keeping your computer clean saves the network that you are paying for with your tuition. If it goes down from malware, you pay to fix it with tuition money.

I would never leave anything I paid for alone with people for "service" that I could do my self. I don't know if they are going to search my computer for just viruses. They may also look for pirated software, porn, ect. I have heard of colleges searching people's computers for pirated media.

My advice would be to keep a small drive with an OS on it. If the school comes searching you just swap drives.

At my school, you need the encryption key to get on their wireless... Makes me glad for aircrack-ng :D But seriously, I don't abuse that too much...




I can't get aircrack-ng to work. hehe, umm, actually it is because I want to see how long it takes me to crack my own network, so I can decide how often to change enryption. sure, call me paranoid, but getting internet where I live is just about impossible, and people with 56k can do CRAZY things.

I have it downloaded and installed, but when I go alt f2 and type it int, then tab complete, nothing happens, I have also tried open in terminal.

Not to mention an unnecessary security risk. A server should always be run with the absolute minimal set of packages and services required to get the desired functionality.

Paying tuition doesn't make you an owner, or anything close to being an owner of a school - it's not stock, it's payment for a service. The owner of the school (or the closest thing to it) would be the board of trustees. As with the Provost example, I doubt these folks want to be doing network admin duties, so they delegate it to the appropriate department.

Finally, I somewhat agree with your last statement. The student body could appeal to the management to have the policy changed. Based on their decision on the student's appeal, they could order the IT department to comply. However, they do not have to do so, even if the appeal is reasonable.

Are you sure? People who offer service to others for payment are also quite commonly considered employees, sometimes including contributing various facilities and other items relating to the trade, and their employment and method of service is ultimately at discretion of the payee. The recourse for the employee is generally to fold. Or at least that's how reality suddenly works for every peson I've ever known who's ever been asked to modify their service or were terminated. I'm sure schools prefer the existing relationships, and indeed I see the numerous, perfectly valid reasons. All the more reason for maintaining reasonable policy for both the institution and student. Severe policies, however intended, can be disharmonious, and that just doesn't do anyone any good at the end...

All that said, we could admittedly be arguing semantics here and I'd best leave it be at that.