clippy blog

Hey, I actually bothered to start using my Bloglines blog space:

clippy blog

Clippings from my blogroll if you’re curious to see what I find interesting off of my regular feeds.

Somebody’s child

As I get ready to turn twenty-five this week, I am reminded once again of how my friends and myself, as we pass this turning point in our lives, as we move into our thirties, into mid-life and beyond, more and more of our parents, our aunts and uncles, our friends, and others around us are starting to get sick, to pass away. It’s not exactly surprising, but it’s unfortunate that a more frequent piece of news over the past few years is that somebody’s mother is sick or somebody’s father just passed away. That an aunt has just been diagnosed with breast cancer or an uncle suddenly had a stroke.

I’m no stranger to sickness, to disease. Throughout my life, I’ve seen close relatives struggle with cancer, diabetes, and general ill health, and certainly, I’m aware of my own mortality as I face the truth of genetics and heredity and must always be on guard for signs of diabetes, high blood pressure, heart disease, and breast cancer. So, it’s not really my own mortality that frightens me when I hear news of my friend’s stepfather passing away or another friend’s stepmother being diagnosed with lukemia or, today, my aunt passing away. It’s more the realization that the people that have been such a fixture in our lives may suddenly not be here anymore. Suddenly, it’s the realization that while we are young and energetic, afraid of nothing and living with the idea that it’s too early to get married, it’s too early to have kids, it’s too early to be tied down, that our parents and other older figures in our life, many of them are entering the winter of their lives and may not be around to see us do all the things we think we are too young to do yet. And while we may not always like them or enjoy their company or welcome their involvement in our lives, we suddenly realize that their heretofore constant presence may not be present someday anymore.

When we begin to see our contemporaries pass away, we are struck by the reality of our own mortality, but when we begin to see our elders pass away, we are struck with the reality of our own adulthood, of responsibility. That even if we don’t always like the role our elders play in our lives, they are a part of our lives, our history, and that when they are suddenly, or not so suddenly, taken away from us, we wonder if we said all the things we had to say, heard all the things we needed to hear, took care of all the things we needed to take care of. We come to the realization that we do not have an infinite amount of time to say all those things, hear all those things, and take care of all those things. We do not have forever to make peace with adversarial parents or give back to them in some meaningful way while they are still alive to appreciate it, for us to see them appreciate it, rather than when it is too late. And we are reminded that someday, perhaps sooner than we might like, we will be somebody’s parent or aunt or uncle and that we will not be somebody’s child forever.

The price we pay…

I had to turn off commenting for a few days to combat the unbelievable blog spam. That’s what I get for finally listing my blog on Technorati. But, I’ve got everything reconfigured and have installed MT-Blacklist (the emergency release!), so hopefully, this will make things better. *sigh* this is the price we pay! Spammers and hackers that send out malicious code are the cock-blockers and haters of the digital world.

More digital divide confusion

Techdirt comments on a Reuters article about African leaders launching a global fund to buy mobile phones for people in poorer countries, thinking that it will help them get out of poverty and into economic growth:

Let them eat mobile phones

See, I’m not the only one who’s cynical about this stuff.

Temptation, thy name is BigFix

In an effort to deal with the rise in widespread security vulnerabilities and exploits over the past few years, Stanford has decided to use BigFix Enterprise Suite for patch management. Of course, patch management is certainly not the only thing this software can do (and will be used for) and as we at ResComp began to learn what BigFix is usually really used for and could really do, privacy alarm bells went off in our heads and for the past year, we’ve been fighting a battle to strike a balance between keeping student computers and the Stanford network secure and protecting student privacy rights. And despite how much time and effort has gone into this fight, I haven’t really written about this here because we were still in the middle of negotations. But the lid, at least for now, has been closed and I can sound off on some key privacy and security issues.

The deal is this: the decision to use BigFix was first made by the folks at ITSS (and given the go ahead, of course, by higher ups). At Stanford, the IT structure is a little strange. It’s divided into two main groups: ITSS, who focuses on administrative systems, infrastructure, etc., and the Libraries, who focus on academic computing needs (including residential needs since Stanford has a strong committment to residential education and most students live on-campus). But of course, real management of computing resources and services is even more decentralized than this strange arrangement, so as one can guess, managing the network and deploying technology throughout campus usually involves getting a lot of people from different groups to work together. You can imagine how folks in charge of administrative systems and infrastructure can often disagree with folks in charge of promoting the academic mission and student life. On one hand, allowing students to connect whatever computer they want to the network and experiment with their computers is, I believe, a key part of educational freedom and promotes self-learning. On the other hand, it’s a nightmare for network security and management, not to mention desktop support. Another part of this balancing act is the fact that a university computing environment isn’t necessarily a corporate computing environment and in addition to regular university employees , you have faculty who often have experimentation with computing technology at the heart of their research and you have students who live on-campus and make it their home, their community. Certainly, there are significant differences between what kind of programs a faculty member can run on computers paid for with research funds and what a residential student can do with his personally-owned computer and what a university employee can do with his university-owned computer.

In the end, the compromise was to provide supplementary documentation for residential students, hoping to educate students about the privacy concerns and let them make the right choice for their own computing needs. Our main goal was to make sure that students were educated (what a novel idea at a university) and had all the information necessary to make the right decision for themselves. The one thing we wanted to avoid was to have the University hand down BigFix as a requirement for getting onto the network. While I certainly agree that the University should be able to require students to patch and secure their machines, I do not believe they should be asked to install a potentially invasive piece of software on their computer and in the name of security, give up their privacy rights. Some may say that the list of retrieved properties is nothing to get so worked up over, that collecting this information automatically will help local network administrators and departments have better inventory information, and that most people won’t care if the University collects this information about their computers. Well, I hardly think that poor record keeping and inventory management on the part of local network administrators or the fact that most people just won’t mind are reasons to ask 10,000 students to install, in one sense, monitoring software on their personal computers.

Personally, BigFix for University-owned machines, especially those that store confidential information (including email), is a no-brainer– I believe that in those situations, computers should be imaged and employees should have locked-down configurations (no administrator access) anyway. And because we are talking about workplace resources, I understand that there is no reasonable expectation of privacy (although, I believe that a more relaxed approach fosters higher employee morale). But when it comes to my personal computer, I will not choose BigFix. In some ways, my situation is similar to those of the residential students my department supports– as part of my employment, Stanford provides me with “Stanford DSL,” paying for my service and giving me Stanford IP addresses for my home network. And realistically, when I come home from work, my employer can still monitor my network usage. In my home, my situation is very similar to students living on campus (although, unlike them, I have the option of a different broadband provider) and given that situation, I won’t be using BigFix at home. For me, I am more than capable of following good security practices to keep my computer, and in turn, my little part of the Stanford network secure. I don’t believe that there is an urgent and pressing need for the University to know how much total drive space I have or the serial number to my personal computer. Some of the retrieved properties might seem trivial– what my CPU speed is or what my computer name (something that’s already available via Windows networking)– but I should still be able to choose whether or not people know. It might seem trivial for people to know what color my couch is or what shape my dining table is, but it’s still my right to decide who knows these things. The most important thing, at least right now, is that we hold onto the right to choose because while it may seem trivial today, who knows what our “trivial” personal information could be used for tomorrow.

Which brings me to my final point: one of the big reasons why we must protect our personal privacy is that unfortunately, there are many out there who might use it against us. When we were in the thick of the privacy argument over BigFix, we realized there was a fundamental misunderstanding– some thought our reluctance to use and promote BigFix was because we feared that the information collected would not be secure, because we feared that the central databases would be broken into somehow or that console operators would abuse their access to this confidential information. These are concerns, of course, but our greater fear is that tomorrow, the next day, or sometime after that, suddenly the information would be used by the proper officials through the proper channels in a way that we do not agree with. Today, some collected information might be used only for inventory purposes, tomorrow, it could be used to unfairly profile network users. Today, total disk space might just be for statistical purposes, tomorrow, it might be used make unfair accusations about what that disk space might be used for. It’s a propos that I just finished reading Dan Brown’s “Digital Fortress.” A recurring theme is “Who will guard the guards?”

Last week, I finally got my console operator account access and logged in to take a look at the console software. I had sworn to myself, to my fellow console operator, and to the folks at ITSS that I would not be looking at the retrieved properties. We collect our own statistics during network registration and our yearly survey (with over 50% participation each year) and keep organized network node records– we don’t need to look at records for inventory purposes and we don’t want to look. And for us, we believe and have proven that spreading the word, using our RCCs and the dorm community network to educate and encourage students to follow good security practices, actively managing and policing our network, knowing our users, is the best way to maintain good security. We don’t necessarily need a 100% solution– we need one that keeps our networks manageable and usable. But when I pulled up the console software, I couldn’t help but look. Retrieved properties for hundreds of computers just come up automatically as soon as you login. Ah temptation, thy name is BigFix. I only looked around for a few minutes, but by the time I had logged off, I felt like I had violated so many with a few easy clicks. If I could do it so easily, believing so strongly against looking at the data, imagine how easy it would be for those who want to look, are dying to look and analyze and use this data for their own purposes. Who will guard the guards?

In the end, that question was never really answered– or rather, few believed somebody needed to guard the guards. But there was the final piece of our compromise: we asked that a notification list be created for all BigFix users, that the option to subscribe to the list was presented during installation, and that whenever the list of retrieved properties changed, everyone on the notification list would be notified. It’s not a perfect solution– we would have preferred mandatory and automatic subscription for all users who install the program and a heads up before the list was changed– but it’s something because it, once again, lets us hold onto choice. Today, I might be willing to give up this much privacy in the name of security and convenience; if you ask me tomorrow to give up a little more, I might decide that the price has become too high and I can exercise my choice to opt out. And isn’t that the basis for freedom, educational or otherwise– choice?

Fan fiction hits the stands?

I was at the Palo Alto Borders yesterday and saw that it had a “Gay Book Club.” Well, being the fag hag that I am, I took a look at the book list and a particular title caught my attention: Never Tear Us Apart. From what I can tell, this book along with the others in the series contain original storylines based on the characters from the television show, Queer as Folk. Um, isn’t that fan fiction? And if it weren’t for the fact that the show is already about gay men, it would certainly be slash fan fiction.

From my experience, fan fiction writers (along with their other fan culture counterparts) have always existed in this underground realm, exchanging stories via homemade zines and now, thanks to the Internet, via chat rooms and the Web. And thankfully, most of the time, The Powers That Be in the entertainment industry usually just look the other way. While most of these works are considered “derivative” and ride the fine lines between fair use, parody, satire, and flat out copyright infringement, they are usually expressions of deep love for the originating works (not to mention the original producers responsible for those works) and drive the growth of a deeply committed fan base that, in the end, only strengthen the success of the original television series, movie, etc. The first recognized fan fiction grew out of fan love for “Star Trek” and despite what some may consider prurient use of Star Trek characters and storylines as slash fan fiction embraced the homoerotic subtext between Kirk and Spock, I would certainly argue that the Star Trek franchise has only had greater success and sustained the test of time better than any other franchise thanks to the “derivative” work of its dedicated fans.

But how strange to see a formally, officially published version of what could only be called fan fiction! Of course, this isn’t the first time this has happened– lots of entertainment franchises publish “supplementary” books, like reader guides for the Harry Potter series or the young adult novels for “Smallville.” But these, along with Quinn Brockton’s Queer as Folk books, are somehow christened and blessed by The Powers That Be and allowing them to, get this, make money off of the derivate work that thousands, millions of devoted fans have been doing underground and for free for decades! Now that’s capitalism. Too bad we can’t lift the stigma, not to mention occasional litigation, placed on the other “rogue” fiction writers who were not so lucky to have made a quick buck on their love and dedication to the actors, artists, and characters that visit our homes and grace our television screens every week.

Does Microsoft mirror?

Another thought on the problems with SP2 on college campuses: does Microsoft have mirrors for Windows Update? Granted, I’m sure they have a sophisticated setup for handling load, etc. for customers trying to download patches as well as for pushing out patches over Automatic Update (although it’s not clear how they are choosing who gets SP2 over AU when), but taking a page from P2P, they should consider distributing patching resources throughout their network either by location and/or market type. If Microsoft could loosen their grip on patch distribution just a little (their reluctance evidenced by shutting down sp2torrent.com and their restrictive rules on what universities can do with their free SP2 CDs), they could set up some great mirrors to help lessen the load and get patches out faster and easier.

For example, if you set up some Windows Update servers on some big Internet 2 hubs, you could cover a huge part of the higher education market– millions of college students patched and thousands of IT workers who are a little less disgruntled at Microsoft (because trust me, most of us have some beef with the folks at Redmond). Certainly, it’s within MegaCorp’s capabilities to create a server image that’s locked down and can be pushed out to “Windows Update Affiliates” around the country.