Re: (Q) wireless networking classroom cheating examples

[Tracy Mitrano <tbm3 () CORNELL EDU>]

Interesting thread you guys have going here and I thought I would throw in
a couple of stray thoughts.

ECPA combines both telephonic and electronic communications; with
electronic communications added to it, it is a revision of the "wiretapping
act" of late 1960's pursuant to the Katz decision in which the Supreme
Court determined that law enforcement required a warrant before they could
tap a phone line for content.

Case law so far suggests that ECPA applies only on networks that provide
service "to the public;" i.e. it did not apply to a "private" network such
as is owned and operated by a private corporation (in this case Anderson
consulting.)

While this case leaves open the question of whether ECPA applies to
colleges and universities (probably does, in particular for residential
students and many other communications, but it is possible that a court
could distinguish that population from employees...hard to tell, would need
circumstances of case and know something about particular court or judges
before one could speculate more...), it would seem quite a stretch to
suggest that it applies to the circumstances of an academic institution
attempting to control a particular classroom in pursuit of its mission,
although in case law stranger things have happened.

Be that ambiguity as it may, academic codes of integrity might indeed go a
long in addressing this issue if for no other reason than to remind people
that while technology may make it easier to break law or policy, ease does
not necessarily mean law or policy -- or for that matter integrity -- go
away.

Thanks,

Tracy



.





At 04:37 PM 7/22/2003 -0500, you wrote:
> Darn ham radio operators!  :-)
>
> Yes, I agree that my statements do NOT apply for communications not
> provided and managed by the institution.
> M.
>
> --
> Mark S. Bruhn, CISSP
>
> Chief IT Security and Policy Officer
> Interim Director, Research and Educational Networking Information
> Sharing and Analysis Center (ren-isac () iu edu)
>
> Office of the Vice President for Information Technology and CIO
> Indiana University
> 812-855-0326
>
> Incidents involving IU IT resources: it-incident () iu edu
> Complaints/kudos about OVPIT/UITS services: itombuds () iu edu
>
>
>
>
> -----Original Message-----
> From: stanislav shalunov [mailto:shalunov () INTERNET2 EDU]
> Sent: Tuesday, July 22, 2003 4:27 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] (Q) wireless networking classroom cheating
> examples
>
>
> "Bruhn, Mark S." <mbruhn () INDIANA EDU> writes:
>
> > Frankly, I doubt that ECPA disallows jamming of the sort being
> suggested
> > for this context.
>
> I did not think I mentioned ECPA.  Nothing in part 15 of FCC rules
> (that is the part that authorizes the use of low-energy type-approved
> radiocommunications devices) authorizes the use of such jammers.
> Intentional harmful interference is generally not allowed.
>
> > It would be analogous to just unplugging the network so it isn't
> > available to users within the scope of that room.
>
> The jamming of 2.4GHz can affect wifi networks nearby and operation of
> cordless phones nearby.  To operate, the jammer would need to be
> FCC-approved.  On the other hand, one can unplug networks with no
> regard of FCC regulations since this generates no radio emissions.
>
> > ECPA would also allow monitoring of the traffic in that room as
> > well, in my opinion, if 1) there wasn't supposed to be any network
> > traffic emanating from that room anyway, and, more importantly 2) if
> > the people were told it was being done in advance.
>
> That may very well be true, if you talk about wifi traffic.
>
> I don't see how ECPA would be applicable to the case of monitoring
> traffic of CDMA web-enabled phones.  Monitoring of traffic on cell
> phone frequencies is generally not allowed by FCC rules as well (to be
> compliant with this rule, radio receivers sold in the US often have
> these frequencies blocked out).  Given typical cell phone output of
> 200-500mW, you'd be monitoring quite a bit larger area than a
> room---an area comparable to a network cell size.
>
> > A classroom where an exam was being administered would not be a
> > public forum by any stretch, and I think the institution could
> > exercise complete control over the facility.
>
> One can't run a jammer of 2.4GHz or listen to traffic on cell phone
> frequencies even in the privacy of one's own home.
>
> If one is to look for technological measures to counter exam cheating
> that involves radio communications, jammers are not the answer.
> Faraday cages might be (it might even be practical to outfit a special
> room into one).  But the problem is not technological...
>
> 73, KC8VYT
>
> --
> Stanislav Shalunov              http://www.internet2.edu/~shalunov/
>
> Clothes make the man.  Naked people have little or no influence on
> society.                                             -- Mark Twain
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion
> Group discussion list can be found at
> http://www.educause.edu/memdir/cg/.
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion
> Group discussion list can be found at http://www.educause.edu/memdir/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/.