Are universities locking down their PCs?
March 24th, 2009 | by jz | Published in Generativity, university | 5 Comments
I’ve agreed to be a guest blogger for a little while at the Chronicle of Higher Education. I’ll plan to cross-post here and there. My opening question:
I’ve recently written a book about the Future of the Internet (the
paperback version comes out this week). The argument it makes has a lot
of moving pieces. One of the first is that the global network we use
offers a fabulous (and by no means necessary) sort of openness, a
“generative” quality that has allowed innovation from many corners and
from people with nicely varying motivations. So too what has
traditionally been the most common device attached to it: the personal
computer. Give a PC code and it will run the code. This basic fact –
so easy to take for granted — is part of what allowed the Internet
revolution. It meant, for example, that academics could write the first
Web browsers without having to persuade some skeptical gatekeeper of
their virtues. (Compare with thinking of a new feature you think would
work well on, say, an Amazon Kindle. Send in a comment card?)
But this openness also creates a special kind of vulnerability,
especially as a generative system goes mainstream. Lots of people have
PCs without knowing the first thing about the code running on them. Run
the wrong code and your machine is hijacked — a zombie that can attack
others, disgorge its owner’s personal data, or self-destruct. And
running code is as simple as a few clicks on or near an icon somewhere
on a Web page.
Without a good defense strategy — one that tries to preserve the core
openness of the Net while still meeting the threat — we’ll see bad
defense strategies. This is especially so if a worm like the
currently-circulating “Conficker” decides to wreak havoc on the millions
of machines it has compromised (and which silently await further
instructions), and people panic. One of those bad (but still
rational) strategies is to lock down the PC or abandon it entirely in
favor of locked-down information appliances like Kindle, or hybrid
devices like the iPhone — which allow outside code but only with the
approval of the platform vendor. We see this in many corporate
environments, K-12 computer labs, libraries, and cyber cafes: PCs that
can only run the software pre-installed by the IT department. If Skype
isn’t already there, you can’t get it up and running. Many places even
have Internet or Web filters: certain sites are placed off-limits.
So I’m curious: how much have university environments, normally more
freewheeling, either thanks to ideological commitment or because a lack
of funding makes it hard to hire an obsessive-compulsive IT staff,
started to lock themselves down? From where you stand (well, type), are
you able to install whatever you want and answer to no one for it?
March 24th, 2009 at 5:47 pm (#)
Here’s the nascent World University and School Wiki – http://worlduniversity.wikia.com/wiki/World_University – a global, virtual/digital, open, free, {potentially degree- and credit-granting}, multilingual university & school
where anyone can teach or take a class or course. It’s designed in an open way: add a course or take a course. It’s like Wikipedia with MIT Open Course Ware, potentially in all languages and subjects, and for the developing world (OLPC countries, first) and everyone.
March 24th, 2009 at 7:19 pm (#)
Here at Oxford, the level of freedom seems to depend on who and where you are. You’re responsible for your own computer, but are expected to have up-to-date anti-virus (expected = the IT staff threaten to eat you, toes first, if you unleash anything onto their network).
Computers that are owned by the Colleges/Departments, though, are usually pretty tightly locked down, in my experience. Installing anything new is a no-go without permission, and there are more or less strict web filters to block out, *ahem*, certain types of content. In some Colleges, these web filters extend to personal computers on the College network. There have also been blanket bans on things like Skype and iPlayer in many places. I think p2p is pretty comprehensively disallowed.
You can kinda see the point, though. The average student/academic is very unlikely to know what they’re doing. I can just see some old Classics don thinking that a “Trojan Horse” would be a simply marvellous thing to have on his PC…
March 25th, 2009 at 6:35 am (#)
At MIT, so I am told, you’ll be thrown off the net should your Windows system not have the latest security patches — very reasonable. No issues with Linux systems that I know of. Plus, completely non-discriminatory wireless access for all visitors at CSAIL (save those unpatched Windows boxes).
What is an PC, open or not, good for if you cannot access the internet without cumbersome registration? This is not so much a philosophical but a purely practical question. E.g., an outsider attending a talk at Berkman will by default not have free wireless access for his laptop whereas museums, etc. do. (Heck, even the MBTA commuter rail has free wireless.)
March 25th, 2009 at 5:52 pm (#)
Yes, I don’t see many locked-down PCs around Oxford. But it is very evident that the network is profoundly locked down in places. I have argued on the IT support list that if, say, Larry Page and Sergey Brin had been Oxford students, Google would have been strangled at birth. There’s no way you could shift through an Oxford college the sort of data they were putting through their dorm – without a summons to visit the Dean.
I think this is much more problematic than any rise of tethered or locked-down devices.
On the other hand, universities are in microcosm a picture of the challenge of engineering a right kind of Internet. Campus networks often embody net neutrality, despite carrying everything from IPTV to the student’s bedroom, super-valuable intellectual property from some science labs, finance and personnel data, voice, massive (multi-terabyte or larger) data sets for analysis, and so on. Doing that with good performance and adequate security is a significant engineering challenge. My strong expectation is that campus managers will start to segment networks sometime pretty soon.
March 26th, 2009 at 5:54 am (#)
The answer is going to be “it depends”. Places with an experienced and skilled staff (e.g. MIT, Stanford) are likely to be much more open than others.
This whole debate was gone around in great detail more than a decade ago when the Internet and computers first became common in universities. Go talk to Carl Kadie, who ran the “Computers and Academic Freedom” mailing list back then, if you’re really interested. He collected policies, reports, recommendations, etc.