Home Big Brother is watching you

Big Brother is watching you

by admin November 16, 2010

No matter how many times Ben Campbell (not his real name) tried, he could no log onto the Concordia University wireless network. The computer-engineering student had grown quite frustrated by the time he received an email from IITS department with the subject: “Auto Reply: Wireless access blocked.”

As a frequent user of torrent websites, the most popular form of peer-to-peer file sharing, Campbell immediately realized that he had forgotten to shut off the software before heading to school the day before. So as he sat in his classes one Wednesday in September, he was actively sharing television shows with other Internet users.

It was at the end of the following day when he received what he describes as a generic-looking email that said he was found to be engaging in some questionable activity online.

The email read: “Dear Concordia Wireless user: Due to illegal file-sharing activities originating from your Wireless device, we have blocked access to our wireless network for the Wireless device containing the network interface which was seen on the network at the time corresponding to the file-sharing alert we received.”

The file-sharing alert had come from a company that monitors networks on behalf of the CBS Corporation for illegal file sharing. The copyrighted series being distributed without authorization on Campbell’s computer? The television teen soap 90210.

Understanding Internet activity

Being in a computer-orientated program, Campbell was not shocked to find out his actions were tracked, which is why he usually turns off the program before coming to school.

“I knew they were able to do that, so leaving it on was a mistake on my part,” he said. “I have heard of other people who have had it done, but not very many, so I was a little bit more pissed than I was surprised.”

Not everyone is as informed as Campbell when it comes to IITS’s level of access.

However, this is something that all students should be aware of, says Mike Babin, the assistant director of communications at IITS.

“You have to realize that to gain access to our wireless network you have to put your net name in,” said Babin. “That is how we track.”

Knowing one’s activity is being tracked can feel invasive, but according to Babin, the activity they are looking for is not targeted at an individual’s personal use.

“We do monitor traffic but not in the sense of capturing it and taking a look at it,” he explained. “We monitor the behaviour of our traffic.”

Besides being a means of monitoring suspicious behaviour, requiring a sign in helps increase the network’s performance.

“[The login] is to make sure that the resources are there for the people who are entitled to use it,” said Babin. “People on the street just walking by shouldn’t be using our network and swallowing up bandwidth that should only be used by Concordia students, faculty and staff.”

Around the same time that Campbell’s laptop access was restricted, there were nine other wireless devices and four wired Concordia computers blocked.

Considering there are around 15,000 wireless devices in use on campus, blocking 14 may seem insignificant. However, according to Babin, the reason is that the network has security measures in place that block certain unacceptable behaviours from ever happening in the first place.

In a test earlier this year, IITS removed the security systems, and over the period of a month, they received 25 complaints from external sources. When the systems were in place, there were only two complaints in that same time span.

Similarly to the login, Babin explained that these measures also help to ensure that there is enough network connection to satisfy the needs of all students, faculty and staff.

Drawing unwanted attention

There are two main ways that IITS is notified about suspicious behaviour on the university’s network.

The first is an alarm triggered from huge amounts of data transfer outside the university over a long period of time. This typically indicates a peer-to-peer file-sharing program that is often associated with copyright infringement on things such as music and movies.

Not all file sharing is bad, explained Babin, who said that there can be legitimate uses as well. This is why they do not automatically block the activity. Rather, they observe and investigate it in order to be able to tell what kind of programs are in use. Based on this investigation, Babin said, “We can usually make a pretty good determination whether it is legitimate file transfer or not.”

Another way they are typically notified is when they are alerted by an external source. Babin explained that there are companies who monitor the Internet and are looking for people who infringe copyrights. When these companies observe this type of behaviour, they complain to the originating network.

Campbell’s wireless was shut down because of an external complaint. In the email he received was the original letter on behalf of CBS, as well as an explanation from IITS about the action they were taking.

Knowing how complaints of this kind work prevented Campbell from worrying too much about the email’s reference to copyright infringement and law violation.

“They only know it came from Concordia,” he explained. “They do not know what is going on inside of [Concordia]. It is Concordia who can check who was doing that activity.”

According to Babin, when faced with an external complaint, they always examine the claim before assuming an individual is guilty.

“We check first to see if it actually happened and confirm it,” said Babin.

The other types of activities that cause external complaints are people attempting to hack into secure systems and people sending harassing emails.

In both scenarios, there are several types of actions typically taken by IITS. The first is to block the computer that the activity occurred on. When they are unable to do that, they will block the student’s net name, something they do not like to do because it can block their portal access.

Regaining network privileges

In order to get his wireless access back, Campbell was instructed to bring his laptop to the IITS department at Loyola where it can be checked to make sure it is free of any of any file-sharing software.

Babin explained that this process is fairly easy as by no means are they out there to make life harder for the student.

“We are not asking for the moon,” laughed Babin. “It is not the third degree.”

He admits that they are pretty liberal about what comes in and out of the university, but this does not mean students should abuse the network.

“We do keep a record of all the machines that have been found to be doing it and we will notice repeat offenders,” said Babin.

Campbell has not regained access on his computer since he has yet to hear back from IITS about when he can bring his laptop in for inspection. Luckily, he manages to get by using another laptop and knowing “ways to get around it.” But with the end of semester coming up, not having access on his main computer is getting annoying.

Avoiding suspicious behaviour

According to Babin, most students are unaware of the permanence of what they do online.

“It is like when you put things on Facebook,” explained Babin. “It is there forever. You can delete it all you want but once it is out on the Internet and it will stay there.”

This lack of knowledge can sometimes lead students to download programs and software that are doing illegal things in the background.

“The way software is made available these days, it is so easy to put software on your computer and sometimes you don’t even know you are putting it on,” he explained.

In order to avoid becoming victim to suspicious activity online, Babin’s biggest suggestion is to just be aware.

“Be more careful about what you install, just the way you act with email attachments: unless you know exactly where that email came from it is not a good idea to open it up,” stressed Babin. “Also, never respond to any email asking you for account names or passwords. Nobody official operates that way, only people trying to steal your accounts.”