1. Seth Finkelstein on May 20, 2004 5:39 PM writes...

Thanks - actually, the Copyright Office has been very good about being open to public participation (they did praise me!)

It's the DMCA drafters and the courts which have been so exclusionary. Note the 1201(g)(3)(B) part of the "Encryption Research" exemption:

"whether the person is engaged in a legitimate course of study, is employed, or is appropriately trained or experienced, in the field of encryption technology;"

Are you "experienced"?

2. Donna Wentworth on May 20, 2004 5:50 PM writes...

Yes--I would say the Copyright Office has been almost (but not quite) *singularly* kind to you.

I meant to draw attention to the narrow exemptions the Copyright Office allows. But of course the real flaw is the language of the DMCA and the court interpretations thereof, chilling "unauthorized" research of the censorware species & others.

3. Ernest Miller on May 20, 2004 5:53 PM writes...

I am reminded, however, why the Copyright Office shut down my incredibly logical exemption to the DMCA:

"Encouraging circumvention of CSS even for laudable goals threatens to undermine [the] confidence [that CSS will protect DVDs against massive infringement]."

Penn appears to be following that logic. By encouraging the setting up of servers even for laudable goals threatens to undermine the confidence that people won't engage in copyright infringement.

4. Brad Hutchings on May 20, 2004 9:49 PM writes...

What is wrong with requiring permission for a use of the school's network that might make the school liable for something, might decrease performance of the rest of the network (or increase costs of running it), or might be a security issue on the network? A student can just ask. There is a problem if the answer is always no, but I don't see a problem with the university wanting to manage its network since everyone there depends on it.

5. Seth Finkelstein on May 20, 2004 11:59 PM writes...

Brad: Asking permission means there is someone who gets hung out to dry if anything goes wrong ("You mean you authorized this ... Papster?"). It's actually better for liability if everyone else involved can say they had nothing to do with it (rogue operation, wasn't authorized, etc.)

6. Brad Hutchings on May 21, 2004 2:41 AM writes...

Seth,

OK, you addressed "liability". Do you suppose any of the other things I listed or perhaps other considerations might come into play in a university not allowing anyone to just attach a server to some spot on the network?

7. Seth Finkelstein on May 21, 2004 3:29 AM writes...

Brad: Frankly, no, not here. The policy is obviously not an engineering policy. It's a political policy. They don't want a code review. There is no "estimate the bandwidth used by your server". There is no "explain how you intend to address security concerns". It's not about proving competence, but more along the lines of a need-to-know procedure.

8. cypherpunk on May 21, 2004 2:47 PM writes...

I'm sympathetic to Brad's perspective, but in this case the language of the policy is very strong in opposition to servers.

"Penn State’s AD-20 policy on Computer and Network Security prohibits the use of servers within on-campus residence hall networks.  Exceptions to allow servers in the Residence Hall network will only be granted in the rarest of circumstances.  The need to operate a server must be in connection with academic coursework and endorsed in writing by a faculty member.  The Vice Provost for Information Technology (or designee) must approve any request to operate a Residence Hall server.

"In general, alternatives for most requirements are available using departmental, college or university assets and these avenues should be thoroughly explored before requesting an exception to operate a server."

It is clear that except in "the rarest of circumstances" the answer is going to be no. This is the biggest problem I see with the policy. It would be different if most reasonable requests were approved.

9. Brad Hutchings on May 21, 2004 3:10 PM writes...

OK, so the policy is strongly leaning to "no". Perhaps the tech guys are sick of viruses, traffic bottlenecks, etc. that pop up when some kid wants to run a server in his dorm room. I bet if you investigated, you'd find a typical "tragedy of the commons" problem rather than some provost pledging alegiance to the RIAA.

You know, if I want to run a server in my home (which I do), I have to shell out $200-ish a month for a fast line with terms of service that allow me to do it. If I were back in school in a dorm and some guy in the hall set up an amateur porn site which had the effect of making my access to real, college-sanctioned online educational materials slower, I would be pretty pissed off. But hey, we have to protect the academic freedom of those who would inconvenience us when they could do the same thing with a more appropriate resource on campus. That's what the copyfight is all about, right?

10. Ravi Nanavati on May 23, 2004 11:43 PM writes...

I don't know what sort of ISPs you've been looking at, but there are plenty that will tacitly (or explicitly) permit servers for *far* less than $200/month (I've seen as low as $50/month depending on the line speed you want). They'll reserve the right to charge you more or cut you off if your usage disrupts things for other customers, but most (quite reasonable) don't care as long as you don't cause problems.

11. Brad Hutchings on May 24, 2004 3:50 AM writes...

Ravi,

I was stating what I shell out for my business's needs. Reliability and customer service (when needed) are important parts of that buy decision, so $50 budget service with "stay below the radar" terms don't cut it. But you make my point... For the cost of a few pizzas and 12 packs, the kid could get DSL to the dorm and start the next google if he doesn't want to work with the system to find an appropriate campus resource to use.