Ehsan Nourbakhsh’s Blog

Reading a news article on Motion Picture Association of America (MPAA) being forced to take down University Toolkit for violation of GPL license, I started to think how deep our privacy is being violated. As Brian Kerb of Washington post describes in his article, the University Toolkit is essentially a monitoring software, just identifying people with highest amount of network traffic with the file name, port address and traffic volume.

Beyond the irony of a copyright enforcing institution having to take down a software because of copyright violation, the software itself really annoys me. Imagine such observation shows some illegal activity going on the university network. Can this observation be used in a court of law? If not, why should such observation be done then. If yes, is it not a violation of “reasonable expectation of privacy”? If tapping someone’s internet activity is considered legal without a court order, same would hold for phone wire tapping. I am sure there is a problem in here, a huge problem!

• Washingtonpost: Brian Krebs: MPAA University ‘Toolkit’ Raises Privacy Concerns
• Wikipedia: The Internet, computers, and privacy in relation to the Fourth Amendment
• Electronic Frontier Foundation on Privacy

I just figured out that our web portal Galaxy, a uPortal in fact, and also our courseware WebCT both only use first eight characters of our passwords! This is interesting, since when choosing a password we are “forced” to use a password between 8 and 20, containing special characters and numbers.

Is it only me who thinks so, or is it kind of silly?