Inside the Current Issue:

Comments or questions about the site?:
advocate webmaster

The current issue will be available online within 7 days of printed publication.

The Case for Restructuring
Information Resources

Annelies Kamran

A show of hands, please. Who here is fed up with the lousy computer service at the Graduate Center? In the past two months, we have suffered through a catastrophic collapse of our email and the failure of the network drives on which our data is stored. The reputation of any university depends on the research conducted by its student programs and research institutes. Ours has suffered damage from these crashes, the result of missed deadlines for outside funding, unanswered email, and lost data. It is from this vantage point that the Graduate Center approaches the hiring of a new Assistant Vice President for Information Resources.

According to Associate Provost Stephen Brier’s message regarding the recent e-mail outage, we are using a seven-year-old mail server, Microsoft Exchange 5.5. Not only is this antiquated, but it has been forced to handle approximately six times the database activity it was designed for. That database has been growing exponentially for at least the past three years, yet steps were never taken to upgrade the server, provide a backup server in case of failure, or to curb the increase in the database. There is still no policy on what to do with old messages. While Information Resources scrambles in great haste to implement a new system, the worries are that a short-term fix will be chosen, locking us more permanently into a sub-optimal system.

Much attention has been paid to the secondary departments of The Graduate Center—registrar, bursar, and so on. The Banner system now allows students to register and pay for class online, and will soon allow applicants to apply online. These bells and whistles are all very nice; but the fact remains that no one, student or faculty, will come to this institution if they cannot communicate with colleagues on the outside, and cannot be sure that they will have access to their research data. Even Web File Services/Xythos and Citrix, both projects that will hopefully enhance the graduate student experience, are not as important as basic communications and file storage.

Before the GC gets locked into a system that we will be stuck with for years, students need to take a long hard look at the way the Graduate Center uses and will be using data, and how (and by whom) the system will be managed. Emulating the best practices of other universities and companies would be a good place to start. To do this, Information Resources needs new management.

Bryan Renne, a student in the Computer Science program, helped start a petition to this end. Located at http://petition.notspecial.org, the petition demands that “the candidate selected for the position of Assistant Vice President for Information Resources meet the following requirements: he or she must be hired from outside The Graduate Center,” and “he or she must have first-hand, in-depth technical knowledge of computer system administration.” It goes on to state that, “If the conditions in the previous item cannot be met by anyone in the current pool of candidates, a new search committee will be formed and the search process begun anew.”

Renne asserts, “In my view, the problems at the GC are the result of poor management. This is not merely the overall response to the various problems that users have experienced but also with respect to planning, organization, and allocation of skilled workers (which are either effectively lacking or are not adequately utilized).”

Furthermore, he notes, there are consequences to this lack of experienced staff: first, it costs the Graduate Center money to frequently resort to outside consultants and technical support. Second, it takes time—far too much time. “It is not enough for the Assistant Vice President of IR to be a skilled manager with people skills,” he notes. “The individual must also have in-depth, first-hand knowledge of the technology deployed, its consequences, and also other options that we may want to put on the table in the future… It isn't the users’ responsibility to change their usage patterns so that nothing breaks. It’s IR’s job to observe usage and adapt to serve the community that employs it.”

Network Possibilities
In addition to its staffing problems, the Graduate Center’s computer systems are overly centralized. There are different types of networks, and each has benefits and drawbacks. However, the attributes we should look for in a network are simple: robustness, meaning the ability to withstand failure, especially of individual components; and reliability, meaning the ability to work around obstacles. A random network, one in which computers are randomly connected to each other (no one computer is more likely to have more links to other computers than any other computer) is subject to cascading failures because it can’t work around obstacles. Take out a few key nodes, and the entire network comes crashing down. (Picture the electricity grid in the United States—a failure in Ohio is blamed for causing the big Northeast Blackout of 2003.) The GC configuration is a star network in which many computers are connected to a central hub. (Picture the axle of a wagon wheel.) This is more robust, but it is subject to complete failure when the hub fails or is attacked. There is no ability to work around obstacles, because all are reliant on the central hub.

What we need here at the GC is a scale-free network, in which computers are connected to a few large hubs, like the internet. This would be a robust and reliable network, because even if one of the hubs that connect the computers fails, the others can take up the slack. Shutting down a scale-free network requires deliberately attacking the hubs simultaneously, something that is less likely to happen if the GC has a more secure and robust network.

Why Open-Source Software is Right for CUNY
How can the transition to a scale-free system be accomplished? By switching to non-Microsoft-dependent products and services, the system can be made more secure.

The best source of non-Microsoft products is open-source software. Open-source software is “free” in the sense of liberty, not “free” as in costing nothing. The open-source movement of computer users and programmers is a global phenomenon. The movement shares a belief that software should be free to users and its code (its internal workings) available to anyone who wants to study or improve on them. A general policy is that improvements are also shared. (Open-source software is available at no cost, however, the cost of the software itself is usually not the most expensive part. Users also need to keep in mind the costs of technical support and specialized programming necessary to configure the software to user needs.) Open-source software could be used to address budgetary, intellectual monopoly, and academic freedom issues at the Graduate Center.

For example, the Linux operating system started as Linus Torvalds’ college research project in 1991. An operating system is the software that tells the hardware what to do: how to run the applications that we use everyday by telling the computer how much memory is needed, how tasks should be scheduled, and how the user can interact with the computer. (For more information about Linux, see http://www.linux.org/info/index.html.) Torvalds developed Linux as a variant of UNIX, a proprietary operating system that has been in use since 1969. Developers all over the world have worked on Linux, and many others have developed open-source software that runs on Linux systems, including graphic user interfaces (GUIs) that look like the “desktop” screens familiar to everyone from Apple and Microsoft. There is even a bundle of commonly used applications called OpenOffice, which is similar to Microsoft Office programs like Word and Excel. Again, the software can be configured the way the user wants it: those of us who miss WordPerfect’s ability to format a document properly through the “reveal codes” command would appreciate OpenOffice.

Let’s look at the issue of security through the criminal justice lens: motive, means, and opportunity. Microsoft is a global monopoly. If the GC were to move to Linux or other open-source software, we would be moving from a system controlled by a monopoly to a system controlled by CUNY. Several hundred million people have been burned by Microsoft products and business practices—a vast pool of people with a motive for writing viruses and other malicious software. At most, CUNY has only exasperated several thousand people to the point of such activity.

Next, let’s consider means. The majority of computer users approach computers the same way they approach cars. The specifics of the internal combustion engine are of little or no interest; what is important is that when you turn it on, it runs. Out of the pool of people with a motive for mucking with the GC’s systems, we can eliminate those who lack the technical expertise.

Finally, we have opportunity. Those with the best opportunities for destroying the Graduate Center’s systems are those who have control over its components. The most likely source, as we have seen in the past two months, of system failure is therefore the employees of Information Resources. Lack of planning and failure to build robust networks has led to exactly the same effect as if someone had deliberately attacked us—the same loss of time and data.

Open-source programs have better security because they are not monolithic targets and because developers all over the world can work to improve them. With these advantages, they are gaining in popularity. While Windows still has a lock on desktop operating systems and application servers, open-source software runs the majority of Web and email servers, and is poised to take over databases.

Tired of security flaws, pop-up ads, spyware, and viruses? Meet the flashiest entry in open-source software: Firefox, an alternative web browser. Launched in November 2004, it had captured 4% of the US browser market by December, according to Wired magazine. At the beginning of February, it had been downloaded 11 million times. By the middle of February it had been downloaded over 25 million times. You can download it yourself at http://www.mozilla.org. (In one of my alternate identities, I am a content editor for the nation’s largest publisher of social studies software, and we use Firefox.)

The list of institutions using open-source software is long and growing. Deutsche Bahn in Germany, the Gendarmerie Nationale of France, the cities of Munich, Germany and Bergen, Norway, the Ministry of Defense in Singapore, and the national government of Brazil are either moving or have moved to open-source software. They will be supported by companies such as IBM and Novell, who have invested a great deal of money in developing and supporting end-user applications for Linux operating systems. Only one month after Firefox was launched, The Christian Science Monitor reported that Penn State University “advised its 80,000 students to abandon Internet Explorer for Firefox.”

Some Examples from Other Institutions
How would a more decentralized, more robust network using partitioned administration and data, and redundant features stack up to industry standards? And how does the Graduate Center stack up against other area institutions?

A quick tour of the Web brings to light many interesting details. Brookhaven National Laboratory (BNL), for instance, is located on Long Island. BNL is one of ten national labs, conducting research in physical, biomedical, and environmental sciences, as well as in energy technologies and national security. Like us, BNL requires reliable email—and they have two servers for Microsoft Outlook Web Access (which allows users to access their email from the web, instead of directly from the server), instead of only one Outlook Web Access server for all email.

New York University has a department for Academic Computing Services, which provides instruction- and research-focused resources and services for NYU faculty and students; and another department for Administrative Computing Services, which provides application development, database administration, and security services for NYU's administrative systems (such as human resources and financial administration). Yet another department of Communications & Computing Services handles infrastructure for telephony and computing. All report to NYU’s Information Technology Services division, but they are separate departments.

Columbia University’s Academic Information Systems (AcIS) uses UNIX to support their email and Web services, instead of Microsoft Exchange and Internet Information Services (IIS). They experienced an email outage on February 28, it’s true – but theirs lasted 30 minutes, not five days. In addition, AcIS’s responsibilities covers computing systems, academic technologies such as online course delivery, research computing support, computing support services such as the help desk, and information services research and development. AcIS is led by the Deputy Vice President for Academic Information Systems. AcIS is not responsible for the design, management, or security of Columbia’s administrative technology needs. That function is handled separately by Administrative Information Services (AIS), part of the Office of the Senior Executive Vice President for Administration. AIS handles the systems for accounting, purchasing, inventory, and so on.

Keeping these systems administratively separate ensures not only that the primary functions of the university do not take a back seat to the support functions. Keeping these systems physically separated is how we can ensure that when one system fails; it doesn’t take all the others with it.

Annelies Kamran is a student in the PhD program in Political Science, and a Research Associate at the Ralph Bunche Institute.