Home » Questions » Computers [ Ask a new question ]

What kind of information can my University gather regarding my internet use on the University’s network?

What kind of information can my University gather regarding my internet use on the University’s network?

I attend a large University and use their network for just about everything. Although I realize security measures probably differ from campus to campus, on a typical University-wide network, how secure is the information I send and receive on the University's network? Is it safe to shop on-line using the wireless? (Note: I do need a username and password to login to the network.)

Asked by: Guest | Views: 347
Total answers/comments: 2
Guest [Entry]

"They can track when you're on the network, and every place you connect to from that network. They can also track what sort of connections you are making - like is it web browsing, internet radio streaming, games, bittorrent, etc.

For unencrypted traffic - for example normal web browsing, where address begins with ""http"" - they can also track the contents of that traffic. That means they can read everything you send or get from the net. They may not be allowed to do this sort of deep tracking, though, but it certainly is possible. As a sidenote, on a wireless network pretty much anyone else on the same network can do this too, without being detected... there's something to think about. :)

For encrypted traffic - for example web banking, or shopping where address begins with ""https"" - they can still track where you are connecting to, for how long, and what sort of traffic it is. But they can't ever read the contents, even if they would be allowed to. There's just no way to do it.

As for their rights to track, that's a mess I don't want to step into.(*) However from a technical standpoint, it is quite reasonable to limit heavy traffic uses, such as file-sharing, high-quality TV streaming, and such, so the network that is meant for everyone doesn't get overburdened because of few users hoarding the bandwidth.

(*) Sorry, in fact I do want to step into it. If you ask me, the university has no right whatsoever to sniff what people are doing, other than for maintenance purposes. The one exception is when they have a reason to suspect someone of serious crime. Alas, not everyone agrees with me, though, most notably the law and practices in many countries..."
Guest [Entry]

"John T's answer is correct; if the University wants, they can read & catalog any unencrypted packet you transmit or receive across their network, regardless of whether you're using wired or wireless. (And even encrypted packets can be read and stored; they just won't be legible without the key.) Your plaintext communications are also vulnerable to snooping from someone unscrupulous who has access to the Uni's network equipment.

The main security issue with unencrypted wireless is that, unlike wired connections, your packets can be read by another user within physical range of your wireless card -- not just the Uni or someone with access to their equipment. Here again, encrypted transactions are better protected -- where HTTP requests can be read immediately, HTTPS is much safer. If you're going to shop, make sure you're shopping on sites that use SSL."