[And another note from the NYC teacher who started this thread, below. --DBM] ********** From: mjinksat_private Date: Mon, 25 Jun 2001 13:56:03 -0500 To: Declan McCullagh <declanat_private> Subject: Re: FC: More on web rules and schools -- from a Swiss perspective In-Reply-To: <5.0.2.1.0.20010625105500.00abacb0at_private>; from declanat_private on Mon, Jun 25, 2001 at 11:21:08AM -0400 Hi, Declan. As a former sysadmin at a major private US university, I feel the need to comment on some of the statements made thus far. Faculty often clash with network administration personnel over these exact issues, and the complaint on each side of the fence is always the same: "You do not adequately understand our work, and until you do, you should refrain from interfering with it." The point is well made from both perspectives, but since most of the discussion thus far has been from the academic side, let me just say a few words from the perspective of a systems administration team. .edu has been, and continues to be, a well-known fertile field for network exploits, as the recent wave of DDoS attacks has illustrated. It is common practice at some institutions to allow faculty, staff and students to plug hosts into the Internet by way of the institutional backbone, with little or no requirement that the host be administered by qualified personnel. Inevitably a number of these hosts are poorly looked after, and end up as nuisances to their neighbors near and far. It is not my purpose to endorse the New York Board of Education's reported policy; on the contrary, it appears that the policy as described here is overbroad and ill-considered with respect to the sorts of uses with which NY schools are approaching the Internet. I am also not familiar with Swiss law or common practice in Swiss educational systems. But it is worth noting that FrontPage, for example, does have a wretched security record; security may also be a concern with various instant messaging protocols; and it is a watchword of computer security that any networked application which is not well understood by the institution's networking department should be regarded with suspicion at best, and probably disallowed if there is a probability that the application could act as a conduit for malicous activity. It is clearly not in the best interests of any educational institution to restrict the flow of information except in the face of overwhelming concerns, but recent events could give network administrators cause to argue that Internet security is such an overwhelming concern. A a few thousand poorly- supervised hosts can bring down services which millions of people use every day. Nor is the threat strictly limited to extra-institutional targets such as Yahoo! and Amazon; many university computers house information, e.g. documentation of human rights abuses, which could be used to compromise the safety of individuals if it were to somehow fall into the wrong hands amid the noise of a series of "prank" traffic such as that seen during DDoS exploits. So I submit that improving security in .edu and related domains is in everybody's best interest. So, what do we do? Obviously, authors of networked applications must pay closer attention to security bugs in their software. The advent of ubiquitous, user-transparent encryption would be a huge boon in this regard as well. But neither of these appear to be on the way any time soon, so in the meantime we have to make do with what we have. The answer is in the problem: "Until you understand our work." Educators do not want to be bothered with the intricacies of TCP/IP, but they also don't trust their appointed proxies when we say that such-and-such an operation is dangerous. Nor can they call our bluff when we say "no" too quickly, unless they happen to know our jobs better than we do, and it is clear that at least some administrative bodies are throwing the baby out with the bath water, restricting network traffic to the point that they practically compel network users to circumvent security measures in order to get their work done. This situation has been seen in the private sector for years, and in those cases where it has been resolved well the process has involved an ongoing dialog between the users of the network and those charged with keeping it going. Members of both camps must be required to justify their actions to at least some standard, and to compromise when their justifications are found wanting. Network administrators are usually willing to work out ways of dealing with questionable protocols when a reasonable case can be made for their utility vs. their dangers, and users of the network must be willing to accept reasonable limits on their activities in those cases where an application cannot (yet) be run securely. ********** From: "John Elfrank-Dana" <johnat_private> To: "'Trei, Peter'" <ptreiat_private>, <declanat_private> Subject: RE: NYC schools reportedly adopt restrictive web linking, use rules Date: Mon, 25 Jun 2001 14:01:04 -0400 Hi, Don't know if you got the links, but here's the two posts below I have made thus far. BTW, the Board of Education is blocking my web sites now. They claim it's because my domain name is resolving to an IP address and not a name. I wonder. The timing of this is pretty coincidental. John John Elfrank-Dana Web Master/ Social Studies Teacher Murry Bergtraum High School http://www.bergtraum.org/ushistory johnat_private Link information. Here's a snip from the policy that is at: http://www.nycenet.edu/internet/web_dev.asp <snip> - - - - - Steps to publish a school Website: School related Websites will be created according to District policy. A directory will be created on BOE servers by the OIS. The District DIT will then assign a location (URL) for the school Website. FTP accounts will be assigned according to District policy. If a school has an FTP account, the School Website Publisher will notify the DIT that the site is ready for review/approval and uploading. Once the Website has been reviewed and approved by the DIT, he/she will insert the school URL into the URL system in order to make it available to the public. <snip> - - - - - There's even a signoff. It appears the IT folks assume the web content is delivered in a package with the principal guaranteeing compliance with the AUP. You can find it in the array of signoffs on that page. Basically, the school signs off to the district office and the district office signs off to the Board. It's quite a bureaucratic process. The IAUP is at: http://www.nycenet.edu/internet/iaup21501.htm (finally, an html version). Click here: http://www.nycenet.edu/internet/iaup21501.htm#web-pages to jump to the web pages section. John Elfrank-Dana Web Master/ Social Studies Teacher Murry Bergtraum High School http://www.bergtraum.org/ushistory johnat_private THE ORIGINAL I hope everyone is having a good time at NECC. The new BOE policy for publishing web pages here in NYC is the following. 1. All schools (1100 of them) are supposed to submit their web sites (even those of us who have been hosting independently for years), and their teachers' sites to the Board of Ed. server. 2. A district censor is supposed to review all the material of each site and have it moved to the public viewing area, assuming it's in compliance with the new acceptable use policy, which includes no links to sites that have a commercial advertisement. The censors will move the content along at "their earliest possible convenience." 3. No chats or asynchronous bulletin boards allowed! Anyone who has ever web mastered an active school or class web site that functions as a real communications hub for timely information and class dialogue should be equally dismayed as me. The policy will go in force Sept. 1. They won't even tell us how much disk space we will have. They also refuse to support FrontPage extensions (many of us use them to create active pages and discussions forums for our classes). One practical outcome of this policy: The Board's AUP is in Adobe Acrobat, but I can't link for our visitors to download the Acrobat Reader because Adobe has ads on its site!! 2. Our e-books collection, which VATEA funded for thousands of dollars, won't work because it requires a web server on location. 3. No discussion boards for class discussions (protected or not). This policy was conceived by Board of Ed. lawyers and techs who are not now nor have been educators. It's another slap in the face to teachers as professionals. It's like the doctors under managed care who have lost control of their practice. For teachers who use the Internet as an instructional tool, this is very heavy-handed policy. Are other districts implementing similar policies? If so, how has it been going? What organizations, if any, have an interest in this kind of policy? What rights, if any, do teachers have to control the content of their instruction? Is this an intrusion into teacher practice? Regards, John Elfrank-Dana Web Master/ Social Studies Teacher Murry Bergtraum High School http://www.bergtraum.org/ushistory johnat_private ********** Date: Tue, 26 Jun 2001 01:14:02 -0400 From: Seth Johnson <seth.johnsonat_private> To: C-FIT_Communityat_private, johnat_private, declanat_private Subject: Re: [Fwd: New NYC Board of Ed. Web Publishing Policy - REALITYCHECK, please.] Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit (Forwarded from ECHALK list) Seth Johnson -------- Original Message -------- Date: Tue, 26 Jun 2001 09:22:06 +0800 (WST) From: Ross Manson <mansonrat_private> There's not a lot to add to this entirely depressing account, but one or two thoughts come to mind. 1. What happened to the idea that the Internet would liberate our classrooms? We could not only bring the world into our classrooms, but we could take our classrooms into the world... Instead we have an imposed acceptance of the notion that our children shall merely consume, and the "tool for communication" gets lost along the way. This isn't about protecting children from commercial interests - it's about protecting the right of commercial interests to dominate the medium. 2. The recently announced connectivity initiatives under the moniker "E2C" have the potential to cut in both directions. I'm sure there are plenty of schools who would welcome the chance to have a generic web page hosted at a central server. Good luck to them. There are also plenty of schools who see their web site(s) (and the servers that host it/them) as central to the whole "tool for learning" paradigm. Our web sites have become a publishing and resource medium, and we (well, me, anyway) are very keen to keep them integrated with the learning process. We don't want to "teach" consumption, we want to "teach" creation and participation. I'm hoping the agenda will accomodate us. Ross Manson Learning Technologies Coordinator Greenwood SHS ********** ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. To subscribe, visit http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ -------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Mon Jun 25 2001 - 23:27:56 PDT