[liberationtech] Concerns with new Stanford University security mandate
Jonathan Wilkes
jancsika at yahoo.com
Wed Jan 29 10:57:02 PST 2014
On 01/26/2014 08:12 AM, Guido Witmond wrote:
> On 01/26/14 10:20, Tomer Altman wrote:
>> To Liberation Tech:
>>
>> Stanford is implementing a new security policy detailed here:
>>
>> http://ucomm.stanford.edu/computersecurity/
>>
>> I am personally very concerned about steps #2 and #3. BigFix is
>> basically a back door managed by IBM that gives them and Stanford
>> control over your device. The IDF tool effectively means that the
>> Stanford administration can continuously search your personal laptop
>> for any objectionable material.
>>
>> While there are some technical cases where one may be exempt from
>> these new requirements, the way that it is being pushed out at
>> Stanford is making people believe that they cannot use their cell
>> phones or laptops on campus (i.e., connecting to the Internet,
>> checking Stanford email, calendars, etc.) without agreeing to all of
>> these requirements.
>>
>> I fully support Stanford improving security on their own computers
>> and networks, but installing a backdoor and surveillance systems on
>> personal laptops seems to cross a line for me. Especially in an
>> institution devoted to open inquiry. Especially in light of the mass
>> surveillance revelations this past year.
>>
>> I tried reaching out to the EFF, but did not receive any reply.
>>
>> I expressed by concern to the Stanford administration. They replied
>> to a few of my emails, but it left me with more questions than
>> answers.
>>
>> I am asking for advice from the community on whether this kind of
>> encroachment has any precedents.
>>
>> I'm also curious to hear people's thoughts on this matter.
>>
>> Thank you in advance,
>>
>> ~Tomer Altman
>
> Dear mr Altman,
>
> From the link:
>
> No more Windows XP: Good riddance.
>
> BigFix: the missing package manager for Windows. What every self
> respecting unix/linux/bsd/etc system already has. Good.
How is a centralized service that requires the user to download and
install a binary from the web anything like apt?
Don't get me wrong, nearly anything is better than just bare Windows.
But an honest, courageous approach would actually encourage the oddball
student who runs Debian Wheezy or whatever else that is lightyears ahead
of Windows in terms of security. Does this security mandate do that, or
does it merely hope that the ideal of academic freedom will just get fed
up and go find some other domain to bother?
-Jonathan
More information about the liberationtech
mailing list