My god, it's Full of Macs!

Gregory Donovan has posted a great critique of Rupert Murdoch’s World Media Summit speech.  Here’s Murdoch, as quoted in Donovan’s post, on “stealing” content:

“The Philistine phase of the digital age is almost over. The aggregators and the plagiarists will soon have to pay a price for the co-opting of our content. But if we do not take advantage of the current movement toward paid-for content, it will be the content creators, the people in this hall, who will pay the ultimate price and the content kleptomaniacs will triumph.”

And part of Donovan’s critique:

“Like Gates’ before him, Murdoch willfully ignores the unwaged labor that he so handsomely profits from. Murdoch sees News Corp, AP, BBC, Xinhua, and the like, as the only rightful (and thus recognized) producers of content – just as Gates sees Microsoft’s hired programmers as the only rightful producers of his software. But what about the millions of MySpace users who freely produce untold volumes of content that News Corp then monetizes for a hefty profit?  What about all the blogs that News Corps’ journalists read and take information from without so much as a citation, never mind compensation. What about all the people that freely participate in beta-testing Microsoft’s software and the millions of software “users” who report problems and freely contribute their time and energy to improving Microsoft’s content? If it’s obvious that “there should be a price paid for quality content” — which I’m willing to support — then how much will News Corp be paying for all the free quality content it uses, and how will it compensate all the unwaged labor it uses?”

Continue reading…

Snow Leopard

We’ve begun upgrading the Macs at the Graduate Center to OS X 10.6.

Along with this upgrade, we’re implementing some other changes.  We are no longer asking users to authenticate with Active Directory credentials in order to use the Macs in public areas.  Users will not have to log in with their name and password in order to use all the applications on Macs in the Library, student computing areas and departmental lounges.

We’re implementing this change because our Mac users have had chronic problems saving files to their network drives and using applications that rely on saving to network drives.  My first concern is making certain that users can actually use the technology, without anything standing in the way, and this change is the best way to make that happen.

Password Liberation

There is an additional benefit that comes with this change.  All students, faculty and staff can now use our Macs without worrying about passwords.  And once the user is done and they log out, all trace of their presence and activity is deleted from that computer.  This is a dramatic increase in privacy for our users and frees them from having to worry about their password or account being up to date.  As it is, most students I talk to use a non-CUNY email account as their primary email, so they often have problems when they are asked to use the CUNY account because the password has expired.

But what about printing and other network services that require an account?  If the user wants to access any network services that require authenticating against Active Directory, they can do so à la carte  -  they choose to connect to the service (printing, network drives, etc.) and authenticate for each service.

This à la carte model flies in the face of current trends.  Everyone says they want ’single sign on’ – which means, you log in once and everything else uses that authentication to give you services.  But, I wonder, what if you want to use a computer without telling the computer who you are?  And why should you have to confirm your identity at the door of the building and then again when you sit down at a computer?  After all if security let them in the building they’re entitled to use other public services of the building.  Just as they have access to the public restrooms, shouldn’t they have access to the public computers?  Now they do.  And more relevant to most users, what if their password expired, they don’t have time to deal with the bureaucracy of having it reset, and they just need to look at an email quickly or email a document from a flash drive?  Now they can.  And there are other benefits to privacy:

Unfortunately, Apple’s “Parental Controls” are a mess.  They are turned on when you are managing users with MCX, and they interfere with web access.  Why, how?  When “Parental Controls” are on, even if no restrictions are set, your Mac is routing all web traffic through its own internal server.  This slows things down and even makes some sites unusable (Gmail, Pandora, etc).

To restore access to the real internet, you can make the proxy server unexecutable by running the following command in Terminal.  You may need to run it again after software updates but it works great and it’s worth it if you’ve run into this issue.  We applied it in the Mac Media lab after some users reported issues with accessing certain web sites.

sudo chmod a-x /System/Library/PrivateFrameworks/FamilyControls.framework/Versions/A/Resources/httpsproxyd

Have a look at this brilliant film about collaboration, trust and safety in the online world.  They make the radical proposition that by trusting and being more open we actually build more trust and openness.

“With contributions from Clay Shirky, Alan Cox, Paul Miller, Don Tapscott and many others, Us Now explores the ways in which new technologies and a closely related culture of collaboration present radical new models of social organization.

The principles of trust, transparency, self-selection and open participation are coming closer and closer to the mainstream of our social and political lives. Us Now describes this transition, telling the stories of the online networks whose radical self-organizing structures may change the fabric of government forever.

The film is streaming online for free and the filmmakers intend to license all of the footage with a Creative Commons license.”

via RealitySandwich

“Security” is a buzzword we hear every day in IT.  For some it has become the foundation of IT policy and a litmus test for every decision.  But it’s not a closed case.  What “security” actually means is still up for debate.  There are researchers doing incredible work on these questions of “security” uncovering the ways it’s used to disempower people, spy on them and prevent them from regaining power.  Big Brother in the Black Box and the boardroom.

”Electronic media…have become the privileged space of politics…without it there is no chance of winning or exercising power.” (Castells, M. The Power of Identity. 1997)

During my 15 years in academic technology I’ve frequently witnessed the idea of “security” used as justification for closing down previously open services and limiting user choice.  Not as a response to problems that have arisen, but as a “Best Practice.”  Whenever I encounter this, it always clashes with my experiences of technology opening up previously closed systems and empowering users to remake the world.  When I.T. uses “security” in this way they’re really saying:  ”There is some kind of threat, some potential danger, and we have to protect you from it even though nothing has happened so far – to do so, we’re going to to take away civil liberties and restrict your civil rights.”  Sounds eerily familiar doesn’t it.

The application of this notion of “security” does not make us more secure, it does not increase our security.  It limits our freedoms.  If an IT department considers “security” above all else, pay careful attention because they’re likely limiting your freedoms in significant ways.  By prohibiting certain protocols, software and behavior and not allowing you to choose what is installed or have control over your computer or software they’re policing your behavior, hoping to stop you from doing something either “illegal” or “harmful.”  But it seems pretty clear from both historical and modern attempts that policing and criminalization don’t achieve the desired result; the behavior inevitably continues in a different form and through different means.  The most troubling part about this implementation of “security” is that it’s not just happening in the corporate sphere, but in higher education, in research universities, in places where these kinds of restrictions not only limit users rights, but actually hinder the goals of the institution.

“A powerful counterhegemonic use of the Internet is the ability to communicate intersubjective knowledge – as much an attribute of hypertext as innate in the Internet. People from different places, with radically variant experiences, are able to convey a notion of what it is like to be them, to live their lives, via the Net. For example, the production side of the commodity chain no longer is shielded when one reads an essay, written by a shoe-factory worker, that describes conditions where Nike shoes are made. In an ideal situation these texts are written by the individuals who are involved, not by experts or elites, and are unfiltered.”   (Warf, B. and J. Grimes, Counterhegemonic Discourses and the Internet. Geographical Review, 1997.)

Why would higher education choose a model of “security” that threatens open inquiry?  Some of it is coming from corporations.  If you work for MegaCorporation X and your job is filling in a spreadsheet with numbers, they might squeeze more profit out of your labor (in the short term) by only giving you access to a spreadsheet application, restricting your access to anything else and spying on you while you work.  Of course, they’re missing out on innovations you could discover if you were free to use the full potential of your digital device on the open network – but they don’t want innovation, they want a factory worker who sits at a computer instead of an assembly line.  OK, so the corporations always do this – but they’re also informing much of what is done behind the scenes in the broader world of IT.  Higher education is always in danger of inheriting the corporate discourse from hardware and software vendors, through hiring policies and because of traditions of institutional organization that regard IT as a building service and not a department with a responsibility to education and research.  You can see how insidious this danger is if you listen carefully to the language used in academic IT departments.  They talk about “enterprise” services, “clients,” “customer satisfaction,” “customer service” and “training.”  Again, buzzwords that sound great to MBAs, but not policy, practice or discourse that encourage participation, learning and democracy in education.

If you haven’t worked in IT, you might even think that IT staff are well suited to making decisions about issues like “security.”  That’s not usually the case.  It’s not malicious, they’ve just learned to respond to technology in certain ways.  For example, they have a gut reaction that “peer-to-peer file sharing is bad” without considering that organizations like the Democratic Voice of Burma use P2P technology to collect digital reportage of human rights violations from citizen journalists.  And the IT staff have been constructed by a corporate IT discourse with little regard for pedagogy because corporate IT doesn’t care about pedagogy.  But IT policy doesn’t have to be a monolithic dogma accepted only because the people who repair hardware, write code and build networks “know more about technology” than the users.  To allow that is no different than trusting government officials who won’t show the evidence, but say “We don’t want the smoking gun to be a mushroom cloud.”

So, when someone in IT says “we can’t do that because it’s a security issue” I encourage users to borrow from a classic film and respond:

“You keep using that word. I do not think it means what you think it means….”

With that in mind, here are some closing thoughts on specific Users Rights, a working draft on a Users Bill of Rights if you will.

Because digital device hardware, software and network systems exist only to meet the needs of the user AND because the user is not a powerless subject of arbitrary policy AND because liberty and the exercise of freedom are always under threat, users have the right, including but not limited to:

1. Free and open access to computers, software and network services
2. Freedom to choose Free Software over proprietary software
3. Equal Representation and participation in the creation of IT policies and procedures
4. Control of the software and operating systems installed on the devices they use
5. Freedom from all forms of surveillance
6. Equal access to administrative control for the devices they use
7. Equal access to all network services from the platform of their choice
8. Equal, unhindered access to an open and free network
9. Freedom from traffic-type discrimination
10. Freedom from platform-type discrimination
11. Total protection of  privacy in all matters regarding data they have engaged with
12. Total protection of privacy in all matters regarding their activity on the digital devices and the network

Mozilla’s Thunderbird email client is a great alternative to M$ Entourage and Apple Mail.  Thunderbird is Free Software and it offers user friendly support for OpenPGP, so you can easily send and receive encrypted emails with it.  It doesn’t support “Exchange” as such but it does support IMAP, so you can set up your GC email account very easily.

Until today, I hadn’t tried setting up directory services.  It took a little playing around – but it worked:

1. In Thunderbird, go to the “Tools” menu and choose “Account Settings”
2. On the left hand side, choose “Composition and Addressing”
3. Under “Addressing”, select the radio button next to “Use a different LDAP server”
4. Click the “Edit Directories” button.
5. Click “Add” and create a new entry with the following information:

• Name: GC LDAP
• Hostname: r1.gc.cuny.edu
• Base DN: dc=gc, dc=cuny, dc=edu
• Port number: 389
• Bind DN: gc\YourUserName

To finish, click “OK” and then click “OK” again and then select the entry you created “GC LDAP” from the drop down menu and click “OK” to close the “Account Settings” window.

Now when you create a new message, Thunderbird will autocomplete the names (GC addresses) as you type.  You can also look up users in the “Contacts” tab of your new message window.