Profile picture
, 12 tweets, 3 min read
My Authors
Read all threads
The Australian National University is insisting that students install "invigilation" software that monitors their computer use to prevent cheating during tests.

This is incredibly worrisome.

woroni.com.au/news/analysis-…

1/
These exam proctoring are typically rootkits that sink incredibly deep hooks into the OS, and it's not really feasible for students to determine whether these tools have been fully removed, or even whether they're currently operating.

2/
That's by design: proctoring tools have to run with more privilege
than even root users have, so they can detect cheating tools.

This has broad implications, especially for nonacademic uses of the
laptops that have these tools installed.

3/
Think of what it means to have university-supplied, unremovable, omnipotent rootkits installed on the laptop that you ALSO use for finance, dating, telemedicine, and psychiatric counselling.

Or what it means to have this installed on a laptop that you share with a household.

4/
This is an increasingly common situation, because laptops are how you participate in society during lockdown, and the economy is imploding, leaving parents, siblings, and co-habitants to share a laptop or be excluded from the world because they can't afford to buy their own.

5/
That means that your parents' employers' trade secrets are being monitored by university-supplied spyware.

Worse still, uni IT departments - which have always struggled with security and ops - are stretched thinner than ever, facing layoffs/furloughs/hiring freezes.

6/
Key personnel on sick leave (or have died in the pandemic) and they are being asked to support orders of magnitude more activity than ever before. It's a bonanza for cybercriminals as their traditional adversaries are overtaxed and understaffed.

7/
This is generally worrisome, but it's particularly a problem with ANU, which has a history of ghastly cybersecurity failures and massive breaches.

smh.com.au/politics/feder…

8/
Compromising online proctoring software is a really scary prospect: if someone can seize control of the university's back-end, then, by design, they can undetectably and unstoppably take over the computers of the entire student body.

9/
From there, they can spy on the students and anyone they share the laptop with, as well as probing the students' home network and other devices.

Proctoring tools are being installed at a scale never seen before, exposing new vulnerabilities.

10/
A massive explosion in Zoom use revealed unforeseen failure modes and new defects. We should expect this to happen again with invigilation tools. The different is that invigilation tools are designed to operate against computer owners' consent, and to hide those operations.

11/
That makes their defects far more consequential.

This is a ticking timebomb.

Image:
Rawpixel Ltd
flickr.com/photos/byrawpi…

Cryteria
commons.wikimedia.org/wiki/File:HAL9…

CC BY
creativecommons.org/licenses/by/2.…

eof/
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Covered Dish People

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @doctorow see all

Profile picture
Covered Dish People
@doctorow
Companies that have admitted fraud and must pay fines to the DoJ have been granted a reprieve by the Trump administration, so that they may avert a liquidity crisis:

thehill.com/homenews/admin…

1/ Image
At the same time, the Trump administration is billing the $1200 granted working Americans $1200 as a "liquidity bridge" that is supposed to tide them over for ten weeks.

themarysue.com/steve-mnuchin-…

2/
The DoJ will not force admitted corporate crooks to pay their fines until at least Jun 1. This comes even as the DoJ is setting records for entering into settlements with companies that defraud consumers and the government, rather than prosecuting them.

3/
Read 6 tweets
Profile picture
Covered Dish People
@doctorow
Last September, @tomcritchlow proposed a federated, decentralized "web of books" as an alternative to Goodreads, the monopoly platform of booklists owned by the monopoly platform of bookselling.



1/
Now, he's elaborated on the idea in a post with a lot more technical detail about how to build an extensible system for allowing friends, fans, and strangers to exchange booklists, reviews, and recommendations.

tomcritchlow.com/2020/04/15/lib…

2/
Critchlow wants an "RSS-like" mechanism to tie it all together. But @genmon makes a convincing case that RSS can do it all:

interconnected.org/home/2020/04/1…

I love this stuff.

3/
Read 7 tweets
Profile picture
Covered Dish People
@doctorow
Anthropology prof Clare Sammells (@csammells) teaches a class on the social subtext of zombie movies; in a beautifully wrought and extremely timely thread, she explains how zombie movies teach the wrong lessons for the pandemic crisis.



1/
It's not merely that zombie plagues would be very easy to contain: "you would immediately know who was infected. There would be no moral ambiguity about how to handle the situation...There is no asymptomatic incubation period."

2/
It's "the assumption that if institutions such as the police, prison system, federal government, and military fall away, that people would turn into the worst versions of themselves. E.g., the Walking Dead motto: 'Kill the Dead, Fear the Living.'"

3/
Read 8 tweets

Embed code for your website

×
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!