[briguy]

He is walking a tightrope. And protecting the privacy of those that are not deemed culpable in some way is understandable. However to be consistent with his previous acceptance of MIT holding some responsibility, he probably should: (1) release the redacted documents now. (2) perhaps not refer to this as the "Aaron Swartz situation" or state that "In the time since Aaron Swartz's suicide, we have seen........ ", as this wording is less accepting of some responsibility and really is putting the full burden of the backlash on Aaron. (he could perhaps say "our handling of the Aaron Swartz situation".)

It would appear that regardless of what MIT does, it would be up to the court when and how to release the un-redacted version.

....and MIT, for Fks sake, get your Network security together, that is really not a great reflection on your reputation as world class engineering org.

[ynniv]

get your Network security together

No. In an educational setting, lax security is a feature.

[jrochkind1]

The aspects of their lax security that are an intentional 'feature' presumably aren't the "vulnerabilities" they want to redact, because there's nothing secret or unknown about that intentional lax security.

Which makes me very curious about what the vulnerabilities they want to redact ARE.

Unless they are just being totally ridiculous and insisting on redacting things everyone already knows and were never secrets in the first place, like that any device can get on their network.

[roc]

If Aaron's crime revolved around breaking a use agreement by downloading in bulk, and trespassing by stashing a laptop making those bulk downloads in a known-unlocked-utility shed, what "network vulnerabilities" would even have been be germane to the case and thus included in MIT's filings?

Not only am I curious about what the vulnerabilities are (in general), I'm more curious as to why they were ever sent.

Is it just email where network engineers mused about known-vulnerabilities while discussing 'how Swartz got on the network'? Or was MIT making additional accusations against Aaron, that they would prefer to let plunge down the memory hole to avoid being seen as having been party to the prosecution trying to 'throw the book' at Swartz?

[rst]

A document saying that any device can get on their network, and that it is deliberate policy to allow that, already is in the public record --- aaronsw's father read from it at the recent media lab memorial.

That said, it's possible that a general document sweep, answering a subpoena, also swept up documents describing, say, internal routing policies, or technical measures protecting access to student records, or something like that, which would be tangentially relevant to the case, and which they would have some legitimate interest in keeping to themselves.

[billsix]

Wouldn't it be ironic if MIT closed their network to non-affiliated people as a result of this whole affair?

[codygman]

LOL, not at my friends campus. He's the network administrator and it is very secured, probably better than most banks or big businesses.