Hacker strikes through student's router

Wed Nov 9 10:40:58 UTC 2005

they don't shut down the internet just cos hackers use it. use-neutral 
infrastructure permits malicious use, but the ease of use of tor brings 
anonymity to ordinary, non-technical users. we can't let the baby be thrown 
out with the bathwater.

>From: Thomas Hardly <hardmac at gmail.com>
>Reply-To: or-talk at freehaven.net
>To: or-talk at freehaven.net
>Subject: Hacker strikes through student's router
>Date: Tue, 8 Nov 2005 13:13:03 -0800
>
>http://www.rose-hulman.edu/Users/groups/Thorn/HTML/
>http://www.rose-hulman.edu/Users/groups/Thorn/HTML/current/frontpage/1.html
>
>
>Hacker strikes through student's router
>Alex Clerc
>
>Earlier this week, a hacker infiltrated the website of a company in
>France, defacing the site and using it to send vulgar emails. The
>hacker was not a Rose-Hulman student. But through a router maintained
>by a Rose-Hulman student, the hacker was able to do this anonymously.
>
>The student, senior computer science major David Yip, was maintaining
>a router on his computer called a Tor onion router. What Tor basically
>does is enable anonymous communications over the internet. Yip
>downloaded and installed Tor on his computer about two months ago. His
>machine became a Tor exit node on September 4, 2005.
>
>Early Thursday morning, the French company traced the hacker back to
>Yip's computer and contacted IAIT. IAIT took action by freezing Yip's
>Kerberos account; he is unable to access the Internet, email, Angel,
>or Banner. His case will be considered by the Computer Use Committee
>and a recommendation will be made to Pete Gustafson, the Dean of
>Students if disciplinary action is deemed appropriate. Staff members
>at IAIT were unwilling to comment on the circumstances, as was
>Gustafson.
>
>In an interview, Yip made it clear that he read the policy for
>responsible use of Rose-Hulman computing facilities and took the "due
>diligence" it demands for students setting up networks. As a
>precaution against people using his machine for malicious activity,
>Yip disabled the ability to send mail, use peer-to-peer programs, and
>use internet relay chat (IRC). He also limited the transfer quota to
>800 megabytes per day.
>
>"The services I left open are generally considered to be benign," he
>said. Yip stated that he saw nothing specifically banning Tor nodes in
>the Rose-Hulman internet policy.
>
>Yip does not know who has been using his Tor node or what it has been
>used for. "That's the point," he said. "Being able to communicate
>anonymously is very important. I feel there are certain ideas in
>certain contexts that cannot be expressed unless they are expressed
>anonymously."
>
>"I also find [Tor] interesting from a research standpoint. It's a neat
>research project," Yip added.
>
>Tor was originally developed by the U.S. Naval Research Laboratory and
>has been facilitated by the Electronic Frontier Foundation (EFF) for
>the last year and a half. According to Fred von Lohmann, a staff
>attorney at the EFF, Yip's case is the first case ever involving
>potential disciplinary action for the use of Tor. "If this is
>something that was done by a third party, the student shouldn't be
>held responsible," he said.
>
>Assistant Professor of Computer Science Larry Merkle disagreed: "I can
>definitely see there being a case against [Yip] because he used
>bandwidth for non-academic purposes." Merkle added, "ï¿½ but I know
>[Yip] fairly well and I don't think he had any malicious intentions."
>
>What Tor enables ï¿½ anonymous online communications ï¿½ raises ethical
>questions that are yet to be settled. By allowing anonymous
>communications to anyone, it offers equal protection to both good and
>bad users.
>
>Van Lohmann said, "Before we start questioning the right to anonymous
>speech, we need to ask if the [French] website's security had a flaw."
>
>Professor of Computer Science David Mutchler added, "I think anonymous
>communication over the Internet is critical. There are many places in
>the world where free speech is not protected. Anonymous communication
>allows that free speech to exist."
>
>On its website, the EFF lists many beneficial applications of Tor,
>including socially sensitive communications (such as chat rooms for
>victims of rape, abuse, or illnesses) and journalistic communications
>with whistleblowers and dissidents. Law enforcement groups can use Tor
>for data sting operations and the U.S. Navy uses it for open source
>intelligence gathering.
>
>Merkle warned, "The [EFF] makes a good case for the reasons to use it,
>but completely ignores the reasons why providing it might be bad for
>society."
>
>Situations involving improper Internet use are usually first detected
>by IAIT and then passed to Student Affairs. If an expert opinion is
>needed, the case is presented to the Computer Use Committee. Pete
>Gustafson makes the final decision.
>
>The last incident in which the Computer Use Committee was consulted
>was a case in the '03-'04 school year. The case involved a student
>hacking in to the computer of an employee of the admissions office.
>The student then attempted to send an all campus email claiming that
>one of the Olsen twins decided to attend Rose-Hulman. The Computer Use
>Committee recommended that the student be suspended; Pete Gustafson
>followed through on this recommendation.
>
>"The single best thing that can come of this," concluded Mutchler,
>"would be if students read the policy at
>www.rose-hulman.edu/TSC/policies/computer_use and discuss with faculty
>and administration any parts of the policy that they think are not
>right."
>
>
>
>
>
>
>
>
>
>
>
>
>--
>      ..o:   It's 12 o'clock - do you know where your data is?   :o...
>-------------------------------------------------------------------------------------------
>Hardening Your Macintosh - http://members.lycos.co.uk/hardapple/
>
>pgp key fingerprint: 0F02 99D5 1D23 E445 22C9 9C90 8F24 FDBA B618 33C4

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/