[Dshield] "Academic Freedom" vs Computer Security

Mark Tombaugh mtombaugh at alliedcc.com
Fri Feb 13 14:48:06 GMT 2004

Basic network security does not infringe on academic freedom. The big issue 
that the management of edus has with network security, is intellectual 
infringement, basically privacy issues, that come about when you run 
monitoring software on their network, such as an IDS. Open relays can be 
studied without an Internet connection, and if the University deems that 
practice worthy, they should setup a test lab for students to abuse. Are most 
of the Universities that hit you state schools or private institutions? Are 
they in the USA? From my experience, private institutions have greater 
flexibility when it comes to protecting/monitoring their networks. IIRC, 
Metallica and the RIAA both went after state schools in 2001, and the schools 
kept saying "Academic Freedom" until the hollywood lawyers showed up. If 
their transactions with you violate the Federal Can Spam Act, perhaps the 
civil thing to do, is to follow their (RIAAs) lead. When they say "Academic 
Freedom" maybe you should respond with "Law Suit". The proper thing to do, 
avoid the lawyers and automate the reporting of the open relays to RBLs.


Mark Tombaugh <mtombaugh at alliedcc.com>
Allied Computer Corporation <http://www.alliedcc.com>
USiHOST, iNC <http://www.usihost.com>

More information about the list mailing list