Mason SNAP exists to “ensure that your computer is prepared to safely connect to the Mason Network”.1 It is the opinion of the university’s IT department that the network is fraught with malware of all kinds, that students have much difficulty with malware, that the department should relieve students of the burden of protecting themselves from malware, and that the solution is to install monitoring software on student computers. I am much concerned on the latter, especially with its implications for privacy and effectiveness as a whole.
Invasive, dysfunctional, CPU stealing, bandwidth stealing, identity stealing programs exist in the thousands. Yet “a small minority of them account for the majority of incidents”.2 For Internet users, they are a fact of life. In 2005, 81% of users surveyed reported using antivirus software, and 67% used antispyware in addition to antivirus software.3 Clearly, users are proactively defending themselves against cyber threats.
Malware finds ever more clever techniques of slipping past antivirus and firewall, yet it tends to find itself not on unguarded computers, but unregarded computers. Video games, illicit media, and bootleg software are major vectors for malware. Those who carefully evaluate emails before opening and programs before executing may find antivirus and firewall unnecessary. Even the strongest antimalware system fails to protect users who blindly install software, clicking Accept, Accept, Accept.
ITU believes that the Mason Network is a veritable battlefield of malware. The sheer number of phone calls and emails to ResTech over computer viruses must drain its resources. Is, however, Mason Network more infectious than any other network? Malware is not always so clever as to skirt firewalls. Malware is invited by the user. Users want the program that, incidentally, is infected. Antivirus may not be the solution. Knowledge, however, always supplements a solution.
Many students learn to take precautions from malware. They install a secure web browser. They use ad blockers. They don’t click things too eagerly. And most of all, they use multiple and distinct antimalware tools. ITU has only a handful of security tools which they force students to install. Historically, viruses have gotten through all of them; they continue to clog the network. Single-layer security is not a good idea. Security consultant Bruce Schneier recommends, “Don’t rely on single solutions. Use multiple complementary security products, so that a failure in one does not mean total insecurity.”4 Putting aside the ethical implications of forcing students to install software, the security perspective seems to be that a diverse range of security tools independently selected by students would be better protection.
ITU believes that software updates are crucial for computer security. Updates are certainly the best defense against malware. But forcing every student to install the Update Tool makes it a prime candidate for abuse. Administrators can gain high level access to student computers, and if any virus should infect the Update Tool, it would infect the whole of Mason Network. A less dangerous method is to simply recommend students update their software regularly, and let students online as much as possible in order to obtain updates. Because signing in to Mason Network is a hassle, student computers are often offline. Updates pile up, and few are security-conscious enough to install a dozen updates at once. Users tend to ignore the lot, and the network suffers from viruses as a result.
ITU asserts that malware decreases the efficiency of the Mason Network. True, worms need bandwidth to propagate. But does malware significantly decrease the efficiency of the Mason Network more than any other network? Mason Snap forces students to install the Juniper Host Checker, a monitoring tool that reports the programs students are running to ITU. Malware is just as prevalent in residential networks, yet ISPs do not force subscribers to install antivirus software. ISPs treat the real bandwidth hog: BitTorrent.
Download the Host Checker JAR file, extract the contents, decompile the class files, and you get something quite different from the official privacy disclaimer.5,6 The Host Checker apparently requests permission from the user (students are in no position to decline; they just want Internet access), executes root system commands, and sends the output back to ITU. The system commands take information about open network ports and running programs. Is this how ITU identifies copyright violators. 95% of all music downloads are illegal.7 Should RIAA bring a claim of copyright infringement to George Mason University, ITU would identify the violators and issue a warning.
Why does ITU use the most invasive method available–short of putting surveillance cameras in every dorm–to protect users from themselves? Why not use a less invasive, more standard authentication tool to track Internet use, such as a Blue Coat?8 How can the George Mason Economic department be so libertarian and the Information Technology department so authoritarian?