Antarctica Starts Here. - Memories of things that haven't happened yet, predictions of things that have come to pass.

« 24 takes on the Aqua … | Home | Cruxshadows tickets h… »

College professor asked to stop using and teaching Tor.

Friday 09 February 2007 at 12:28 pm
Paul Cesarini of Bowling Green State University is an assistant professor of visual communication and has been using Tor (The Onion Router - an anonymisation system for net.traffic) to familiarise himself with it so that he could then discuss it with students in two of the courses he teaches. He was visited by campus police and a network admin and told to stop using it. It seems that someone else on campus was using Tor, and more's the point he was under investigation for fraud of some kind, and they wanted to know if the student under investigation had been under Dr. Cesarini in the past, and exactly why he himself was using the transparent anonymisation system.

The investigation team produced a quantity of network logs showing Tor traffic on the campus network... some of which was from times when Dr. Cesarini wasn't even in his office, let alone using Tor to do anything on the Net. These logs also do not prove wrongdoing of any sort, because possessing and using encryption or anonymisation technologies do not immediately mean that the user is up to anything, save wanting some privacy.

They then demanded that he stop using and teaching about Tor in his classes. Dr. Cesarini gave them the rundown on Tor and what it's used for, and further stated that academic freedom would not permit him to do as they asked with a clear conscience. Used tags: academic_freedom, anonymity, big_brother, cesarini, privacy, tor

Fight Spam! Click Here!

Trackback link:

Please enable javascript to generate a trackback url

eleven comments recorded.

I’d say,t hey’re within their rights to ask him to stop using TOR. As always, the “policy” should be refined – but they can in fact say what their network will and will not be used for, and how it is used.

Asking him to not teach it, however, is a very different matter and I’m glad he took the stance he did.

Hasufin - 12 02 07 - 12:31 - Reply to comment?

They can’t prove that he’s doing anything wrong with it, though. The presence of privacy-enabling software does not necessarily mean that one is doing anything illegal. I agree that the policy in question should be refined, though – it is, if memory serves, over a decade out of date, and thus out of step with technology. I sincerely hope that the professor in question continues to make it possible for users of that campus’ network to maintain a sense of security and confidentiality.

The Doctor (URL) - 12 02 07 - 13:36 - Reply to comment?

Point being, they’re in no wise obligated to allow privacy. Wrongdoing or no, it’s not his network; they can disallow whatever they damn well please*. It’s a common misapprehension that the limitations placed ont he government are the limitatinos placed on all institutions; this is not the case.

*within various strictures of law, etc.

Hasufin - 12 02 07 - 14:16 - Reply to comment?

If it’s in the ToS for the school’s network, then no, they aren’t. If there isn’t, then I’m not so sure. I think there’s a legal expectation of privacy inherent there, modulo signs of wrongdoing (which there appears to be on someone’s part).

The Doctor (URL) - 12 02 07 - 22:50 - Reply to comment?

I’d have to argue against that. De facto assumption of privacy or not, there’s an explicit ownership involved. This isn’t even a service being offered tot he paying public: this is a campus LAN. THey could decide to block port 80 on prime-numbered days… at most they’d simply have to employ the “can change without notice” clause in the TOS.

That said, trying to intimidate a tenured professor is really dumb – in an academic environment that’s like getting into a water-gun fight with a dragon. They should have simply disallowed at the router. Being unable to read it doesn’t mean unable to block it. But they’re obviously not router-types, or they’d have been able to trace back to the exact port of the alleged violator.

Hasufin - 12 02 07 - 23:09 - Reply to comment?

You have a point there. It’s also pretty standard in the ToS agreements of school networks that they can and will monitor traffic and there’s nothing that you can really do to change that. When I was in undergrad, they kept a close watch on the LAN of my particular floor, and they were known to make good use of the remote management functions of the 10baseT switches they had in the wiring closet.

They could also test out some IPS (intrusion prevention system) functionality, if they’ve been toying with such a thing.

They knew that there was encrypted traffic coming from two points, but they didn’t know which was related to the fraud case they were investigating. On the other hand, they had the real-world IP addresses, so if it’s not the prof up to something, logically one would go to the student… I can understand not cutting a professor a break just because he’s a professor, but what of the other Tor user?

The Doctor (URL) - 13 02 07 - 11:45 - Reply to comment?

Actually, in general I’ve been given to believe that what a professor wants, a professor gets. Some of them can be total prima donnas. At least,t hat’s how my uni was.

I’d imagine they were trying to find the other TOR user. It might have been someone takign a laptop to the library or the like.

Hasufin - 13 02 07 - 11:52 - Reply to comment?

I’ve not seen that first-hand before (mostly because I rarely saw my actual professors) but I’ve heard enough about it that I don’t doubt that it happens.

It might not even have been a student. It’s trivially easy (though difficult to do stealthily) to walk onto campus, crack an access point, and do your thing. It’s also reasonably easy to unplug a public terminal and connect your own laptop to the campus network. Not many campuses have MAC/port locking implemented on their networks at this time.

The Doctor (URL) - 13 02 07 - 13:59 - Reply to comment?

How can i make TOR use a new exit-node for each web-page i visit? http://toatechestiile.ro

Popescu (URL) - 29 07 07 - 08:22 - Reply to comment?

The easiest way is to use a control application like Vidalia (http://www.vidalia-project.net/). There is a command on the control panel called “Use a new identity” that lets you change your current exit node. Or, you can do nothing for ten minutes and the Tor paths will be torn down and replaced automatically.

In case you’re curious, what gets sent over the command channel (port 9051/TCP) is the string “SIGNAL NEWNYM”, but you have to authenticate yourself to the Tor daemon first.

The Doctor (URL) - 06 08 07 - 23:19 - Reply to comment?

You can find plenty imformation about tor but i would suggest you won’t use it for traffic or facking adsense.
curs valutar, curs bnr In addition try generating real traffic to your website here schimb valutar, curs valutar or catch a nice movie at trailer

coculescu (URL) - 10 03 08 - 16:56 - Reply to comment?

Name:

Remember personal info?
Yes
No

Email:

URL:

Comment:

/ Textile

(Register your username / Log in)

Notify:		Yes, send me email when someone replies.
Hide email:		Yes, hide my email address.

Small print: All html tags except <b> and <i> will be removed from your comment. You can make links by just typing the url or mail-address.