In the hustle and bustle of this year’s orientation, about 750 new Obies plugged into the campus network, host to already thousands of other students and faculty members, receiving user names, passwords and accounts.
With so much information at stake, one can’t help but wonder how secure their personal computer and the information it contains really is.
“Well, they’re very safe, extremely safe,” Director of Oberlin’s Center for Information Technology John Bucher said.
Completely safe? Well, more or less.
“If we implemented the tightest cyber security that is possible, then no one could do anything,” Bucher said. “You have to find that balance between using the system and protecting it from unwanted guests.”
“There’s a lot of activity,” he added. “On an average day our mail system delivers about 130,000 messages … That doesn’t count accessing student lockers, Presto and the other stuff. There’s a lot to watch.”
Yet hacking does not appear to be a large problem for Oberlin’s network. “Very few times do we actually encounter someone hacking into our systems and then we catch them,” said Bucher. “We more often catch people who attempt hacking — that happens a few times a year.” He added, “I can’t say for sure [how often hacking occurs] because there are undoubtedly times when unauthorized access to a computer goes unnoticed.”
Interpreting the data that relays this information, though, is not always straightforward, according to Jonathan Kay, a systems administrator in the computer science department.
“It’s one of those things that’s hard to tell,” he said. “You always see some kind of suspicious activity going on … It’s hard to tell without someone getting in if there’s some benign machine scanning the network or if it’s someone trying to get in.”
“Passwords are the number one thing — to have good quality passwords that you change often,” Bucher said.
“It’s a good idea not to use the same password for everything,” Salter added.
“Users should encrypt passwords when they access e-mail, telnet, FTP, and other internet services,” Kay said.
By default, according to Kay, the software that handles these protocols send unencrypted, or “clear text,” passwords over the network. This is a potential security hazard. Kay has created a web site — http://cs.oberlin.edu/ssh—explaining how to deal with this.
All of the experts interviewed for this article agreed that users need to take responsibility for their own security.
“It’s just like locking your car,” said Salter. “It doesn’t mean that you’re not going to get your car stolen — but if your car is locked it’s more likely that someone else’s car is going to get stolen.”
“I think the most important thing is that students should be aware that there’s something to be concerned about and take appropriate steps,” Salter said. “[They should] make sure they’re thinking about whether or not the precautions are in place. If you’re typing a password into a web browser, make sure it’s being encrypted, and so forth.”
Yet extreme cyber security measures can be more inhibiting than helpful. Bucher said that Oberlin, for its part, has to find a compromise between convenience and absolute security.

“We’re challenged in this budget crunch,” Bucher continued. “We’re going to have to be judicious I suppose. You could go out, buy the biggest, baddest, meanest locks, put them on every door and say we’re safe. You have to balance. How much are you paying for security?”

Despite such limitations, Bucher said he would give Oberlin “an above average grade” for network security. “I think we’re doing a good job, as good or better than most everyone else,” he said.