How does Brown University know where you are?

After reading the article, I didn&#x27;t feel like any of these were particularly nefarious intrusions as they largely involved the student knowingly using Brown&#x27;s services (buildings, wifi, access management system IPs, physical presence on campus). The article was pretty well-written and informative in general on how a number of services we take for granted can be used to locate you.<p>I do take issue with Brown&#x27;s extremely harsh language in one of the linked articles where they threatened students with suspension...all for being in the local Providence area?!

I’ve seen my school’s firewall logs and the experience scared me. Something really clicked when I saw a log with my name on it. It showed everything I’d been doing and it was right in front of me <i>and also someone else</i>: the IT tech with whom I was working.<p>I was getting help debugging something (package manager barfing on the org’s wildcard MITM SSL cert) and the inanity of the tech scrolling through everything I’d done that day in such detail was spine chilling.<p>Deep packet inspection put everything from command line args to Google search terms at their fingertips. It felt grubby.<p>My org requires that I install their SSL cert which made the logs more detailed than Brown’s. That’s certainly a pretty high level of creepiness. But even without SSL DPI when the org has control over the network and at least one website using your identity then it’s trivial to correlate the application layer <i>userid</i> all the way down to your network access, including AP location.<p>If they outsource to Gmail or Outlook there’s usually still an org controlled single sign on that captures your identity.<p>I love the accessible way in which this report is written. While it’s specific to Brown it summarizes the generic surveillance patterns of many employers and education orgs. We all know these programs exist but it’s not until one experiences them first hand that one realizes how desperately creepy they are.

I felt this post took on a semi-conspiratorial tone, when all the things I felt were just &quot;duh&quot;. It&#x27;s not that Brown &quot;knows where you are&quot; at all times, they just know when you use on-campus resources.<p>I&#x27;d be willing to bet a bundle Brown is just looking at building card access, or also possibly connection to an on-campus wifi network. In both cases I think any reasonable person would expect that Brown knew they were using these resources.

Brown also has their students cellular telephone numbers. It&#x27;s feasible that the University acquired&#x2F;purchased their students geolocation history via their mobile providers.

When I was a student at Brown, Facebook would report <i>which dorm</i> you were logged in from, right there on your profile (for all to see!). If Facebook knew where you were on campus, campus IT certainly has a view into your physical location. Nothing about this surprises me.

&gt; <i>Brown University has a longstanding policy governing the appropriate uses of its surveillance cameras. Unfortunately, this policy is secret.</i><p>That&#x27;s concerning.

If the future elite is growing up under surveillance and this is normal for them - won&#x27;t it then just be a matter of time before this becomes the new normal for all of us?<p>As much as I would like it to happen, I doubt some switch will flip after they exit university, which makes them no longer accept measures like this.

As a recent Brown grad this makes me feel sick. I should have known but at the same time I did not expect this level of surveillance.<p>New account because I don’t typically leak this much personal information. Maybe that speaks towards my concern about this. All I can say is that I’m glad I graduated before facial recognition and other massive surveillance tools became mainstream.

A bit off topic,but I&#x27;m sure some positivity is needed, especially under such articles.Back in 2004, I finished the school and shortly after I was a freshly baked student at my little country&#x27;s tech university. I was young little shit,so naturally, paying for the internet in the student dorm was beyond me. The entire campus is scattered all over the city, and more or less everyone was using this internal chat on the LAN( great to meet fellow students, especially women,as it was in my case). So it took me a few days to figure out that all I had to do to reach the Internet is to use any user&#x27;s, that was on the chat, MAC address. There was at least 100 people connected at any given time,so plenty to choose from. As soon as I would give myself someone&#x27;s MAC, they&#x27;d be kicked off the internet. It was glorious.I was little shit on wings! Anyway, one day, two,very very very pissed off people walk into our room( there were 3 of us living there). One looks like sys admin(he was),the other,who had a baseball bat, was the muscles.They ask to check everyone&#x27;s PC.. he goes to my roommate first... It took me seconds to realise what&#x27;s going on,so while the admin is checking my roommate&#x27;s PC,I quickly try to change my PC name... And I run out of time before he goes on my PC...He goes mental... It&#x27;s you!!! I&#x27;ve been trying to find you for nearly 6 months, checked so many rooms and buildings!!! I thought his head would pop.. The muscle man thinks it&#x27;s an opportunity to hit me. Well, here I come..I put on idiot&#x27;s play. I explain them that I&#x27;m clueless about computers, the room is more or less 24&#x2F;7 party place with 20 people visiting just last night(not true,my roommates were calm). This goes on for 5 min or so,and they kind of believe and leave us, even though not quite satisfied with the outcome. Loved every single second of it..Still Karma exists,so fast forward 15 years later and I have to have very difficult conversations with people at work, who try to cheat the system...I became the sys admin.. of sorts..

I already knew how extrajudicial university kangaroo courts are, and this is a private university, so they literally can do what they want. Their burdens of proof and right to due process are already non-existent, and what would be Fourth Amendment rights in a real court are weaker than what you&#x27;d find in a FISA court.<p>But I do agree that this case isn&#x27;t &quot;outrageous,&quot; per se. It&#x27;s just a reminder of what data they have on students and the power they have over them.

I&#x27;d guess they simply sent this to anyone showing to have connected to on-campus wifi using their school credentials that wasn&#x27;t supposed to be there.<p>The lax attitude surrounding privacy overreach like this is paving the way for a future surveillance state as described by this author. The &quot;they&#x27;re a private entity and they can do whatever they want&quot; argument is getting old quickly. Needs to be nipped in the bud.

Universities seem like they&#x27;re begging to disrupted with this sort of overreach to those who are putatively <i>their paying customers</i>.

Can someone explain to begin with why the university cares that you&#x27;re still in town, if you declared yourself &quot;remote&quot;?

I don’t understand why they were worried about students lingering on campus?

How should&#x2F;could you &quot;configure&quot; yourself to make this not true?

as a recent Brown alumn, I really had no idea Brown could track us with such granularity. I wonder if they&#x27;ve used this data for anything else

Didn&#x27;t realize IT logs are subject to FERPA.

Can any current students comment on why you didn’t take the year off? It just seems like such a waste &#x2F; not worth it.

Why does Brown University care?

Unless I were at Brown on a fully paid scholarship, I&#x27;d transfer out. Plenty other fine schools that won&#x27;t be a nanny.

Amazingly written!