

Indiscriminate surveillance at MIT – Logging of card access data at CSAIL - Tsiolkovsky
http://tech.mit.edu/V134/N37/stallman.html

======
seanieb
I didn't read the by line and assumed it was written by an optimistic
undergrad. Then at the end I saw "By Richard Stallman". I must say I'm in awe
of Mr Stallmans optimism and never give up attitude.

------
superuser2
It is absolutely the right of a private property owner to control and monitor
access to its property.

Further, this data is actually useful: if something happens, you know who the
last people to open the door were. Further, as a grantee of privileged access,
you know that. You know you can't just say it must have been one of the 200
others with the common key. So it's more invisible prevention than measurable
solving.

This lets administrators be more permissive about delegating access while
simultaneously increasing security. For example, I work in a couple of the
concert halls on campus. Students have always held keys to interior doors, but
University policy was that students could not have unsupervised access to
exterior doors, probably for insurance reasons.

This meant that if the boss wanted to leave the hall operational while not
present, student staff would have to prop doors open. If the hall was locked,
he'd have to drive all the way out to campus even if he didn't need to be
there for the event. Now that we have an audit-trail-producing card reader
system, administration is fine with granting students card access to exterior
doors. We are both more efficient (because we don't waste supervisor time) and
more secure (because students can lock doors and reopen them when necessary.)

In the past, when students have gone missing, their last contact was not with
humans but with the access control system. It provided better "last known
location" data that improved investigations. It can validate alibis
(demonstrating that you were at a building across campus) and provide evidence
in discipline proceedings (the alleged rapist says he wasn't there that night,
but his ID swiped into the dorm a few seconds behind the alleged victim, etc.)

Access control logs introduce truth into otherwise ambiguous situations. It
matters less what you think, who you like more, or what you _want_ to be true
because there is a record you can check. Whether it's "should we keep the
library open later?" or "when exactly did this kid go missing?"

You also almost never _have_ to interact with the access control system unless
you hold privileged access as part of a job, research assignment, etc.
Students who live off campus and don't study at the libraries can go months
without pulling out their IDs. It's not like you need to swipe your card to
walk down a public street. But when you are accessing university services, it
seems only reasonable that the university gets to know that you're doing so.

~~~
tedks
>Further, this data is actually useful: if something happens, you know who the
last people to open the door were. Further, as a grantee of privileged access,
you know that. You know you can't just say it must have been one of the 200
others with the common key. So it's more invisible prevention than measurable
solving.

That's a big "if", though, and in the article, Stallman points out that MIT
isn't able to actually show that it's a realistic reason to encourage this
sort of surveillance.

I feel like there's a middle ground here -- for example, card readers could
store a hash of an on-card identifier, one that the security staff do _not_
have access to in normal student records. In exceptional circumstances, you
could de-blind the logs and see if a single person was in the building at a
given time or not, but there wouldn't be surveillance and the logs would be
useless in the typical case.

A card swipe doesn't show that you're there, though. As a student I'd lend
people my card all the time, as would most people I knew.

~~~
superuser2
That defeats the purpose of "The place got trashed last night, who was it?"

However, a lot does depend on how the data is being used. My access pattern is
very questionable. I swipe into my workplaces at weird times, sometimes to use
the bathroom while coming back to the dorms from a party or something. I try
my card on all kinds of doors just to see if they'll open. I've _never_ been
questioned about it.

I'm 99% certain that nobody is pulling the logs except in response to
incidents.

~~~
tedks
It depends on the school. A university near me has people watching this data
or some sort of anomaly detector running over it in real-time to try to catch
parties in dorms. I think that's more than a little Orwellian.

Also yes, it eliminates the possibility of dragnet searching. This is by
design. Dragnet searches go against the principles on which the United States
was founded. If I am not personally suspected of a crime, my data must be
sacrosanct or I have been demeaned as an individual. Innocent until proven
guilty and unspied-upon until suspected personally.

~~~
superuser2
Swiping into a building is the electronic equivalent of signing in on a
clipboard held by a security guard. That is hardly spying, and it's
_definitely_ not "your data."

If a municipality were to do this with all the private residences under their
jurisdiction, sure, that'd be Orwellian, because then it really _is_ your
data. In this case it's MIT's data about MIT's facility that happens to have
been triggered by you.

------
oldbuzzard
Sounds like an opportunity for some students to do some cool RFID hacking and
pool their IDs to obfuscate the logs...

What a great EE/CS project ;)

~~~
cschmidt
Richard Stallman himself did that:

[http://www.bostonmagazine.com/2008/04/the-shaggy-
god/](http://www.bostonmagazine.com/2008/04/the-shaggy-god/)

(the story about the access cards is right at the top)

~~~
davexunit
That article is really cool, but...

>The most momentous product of Stallman’s genius, Linux, was the first
operating system to feature software that was entirely free

Ugh!

------
joezydeco
_" When the Computer Science and Artificial Intelligence Lab (CSAIL) moved
into Stata in 2004, the MIT administration decided, without consulting the
personnel of CSAIL, to make the system log which cards are used to open which
doors and when."_

Who owns the building? MIT or the personnel of CSAIL? If the building's owner
wants a log of who came in and out of the building is that really something Mr
Stallman has the power to object to?

~~~
NotAtWork
Let's take an extreme:

What if MIT were logging who went to the bathroom?

There's clearly no fundamental difference in securing a different part of the
building. Does Mr Stallman (or perhaps an employee of the building if he's
just a third party) not have a basis to criticize MITs tracking of bathroom
habits because he (or they) don't own the building?

In what way is door access different?

~~~
joezydeco
I don't think we're talking about bathroom hygenic habits here, so let's skip
that derail.

Stallman's thesis is "logs have no use". I'm sure the building's owners
disagree. Let's think of a possible use-case:

    
    
      "Someone stole a laptop from Room 214 over the weekend"
    

So are the logs useful _now_?

~~~
ShaneOG
Most likely, not very.

Do you honestly think someone who wants to steal a computer will use _their
own_ access card?

~~~
freiheit
If the area/door is busy, they just might. Or they might tailgate through a
door.

Tailgating through doors is a lot harder when everybody knows that the doors
log everything.

------
noobface
Richard Stallman is the man.

~~~
angersock
He's a hardliner on the fringe and a lunatic in many ways, but he serves as an
excellent reference point when evaluating policy decisions.

He's pedantic and often unlikable, but we're very lucky to have him.

------
Buge
The card logs at the University of Michigan helped catch a thief stealing from
a snack kiosk I work at.

[http://www.annarbor.com/news/u-m-graduate-student-whose-
plan...](http://www.annarbor.com/news/u-m-graduate-student-whose-plan-helped-
catch-a-thief-to-be-honored-for-his-effort/)

It's kind of a weird story. A chemistry PhD student repeatedly climbing over
walls to steal candy bars...

