Computer Privacy on Campus
Why is it a problem? How to guard yourself.
By John Andringa
4/22/11
Due to the way Bemidji State University has its computer labs set up, Microsoft’s Windows and Apple’s Mac operating systems work, as well as the way software companies like Adobe and Autodesk write their programs, Bemidji State University’s students privacy is at risk every time they log in.
When logging into a computer in the Student Technology Center or any other computer lab on campus students must log in with their myBSU credentials. Once logged in, to the Mac partition or Windows partition, the computer loads the user’s profile. Each user has their own profile on every computer that they log into. This is why when you log into a computer for the first time it takes longer to log in, due to the computer creating a new profile for you.
It is safe to say that most students feel that this profile can only be seen by themselves and BSU Information Technology Services staff. Although it is true that no other user can log into your profile, but anyone with a valid myBSU account can access everything you do on that computer, if you do not take precautionary steps.
Every user profile is created as an administrator which allows them access to browse the entire hard drive. On the drive there is a users folder for both Mac and Windows. The computers in the Student Technology Center contain around 200 user’s folders each. These folders contain the profile of every user who has a logged into that computer, the folders share the same name as the students myBSU log in, the first four letters of the last name, a number, and the first three letters of their first name. Contained in this folder is that user’s My Documents folder, Desktop folder, and every other folder that is set up by default by Windows and Mac.
When you click on another user’s profile folder it does pop up a warning window that says you are not allowed to view these folders. On Windows after clicking close on the warning pop up it loads the folder anyway, but on Mac it does not allow you view the folder. This does not mean you are any more safe logging into the Mac partition versus the Windows partition. It just means you can not view other user’s folders while logged into the Mac partition. All of the Mac user’s folders are still viewable from users logged into the Windows partition.
What can you do from within a user’s profile?
Well if they have any files saved you can view, copy, and save them. To make it easier you can search the Windows users folder or Mac users folder for “*.doc” to come up with a list of every user’s saved Microsoft Word documents or “*.jpg” to come up with a list of every user’s saved pictures. This does not seem that bad as most users do not save anything locally on the hard drive. What users do a lot of is web browsing. A user’s web history can not be view simply by opening a file, but if the logged in user replaces their Internet Explorer, Mozilla Firefox, or Google Chrome user folder with that of another user they can load the program and then view the history of said user. Although untested they may be able to log into any accounts that have saved user name and passwords.
BSU’s Computer Lab Policy clearly lays this out and states that “Data on public lab computers may be accessible to other users. For personal privacy, please delete browsing history and cookies after use. Also, save private data to personal flash drives or other external data rather than to computer hard drives.” Yet even with this warning users are not taking the steps to protect themselves.
After talking with BSU’s Network Manager, Mike Smith, solving the problem is as easy as switching users over from administrators to power users. Sadly more problems arise from this. Software companies like Adobe, Auto Desk, and others wrote their programs to be run with administrator privileges. So switching users from administrators to power users would stop them from being able to run programs like Adobe’s Photoshop, Illustrator, and Premier as well as Auto Desk’s Auto CAD, and 3ds Max. BSU’s Chief Information Officer stated in an email that “We will be continuing research and testing during summer 2011.”
So what should students do to protect themselves?
When using a BSU computer you should follow the BSU Computer Lab Policy and only save files to your flash drive, external hard drive, or cloud storage such as Dropbox. As for web browsing use features like Internet Explorer’s InPrivate Browsing, Mozilla Firefox’s Private Browsing, or Google Chome’s Incognito mode.
Due to the way Bemidji State University has its computer labs set up, Microsoft’s Windows and Apple’s Mac operating systems work, as well as the way software companies like Adobe and Autodesk write their programs, Bemidji State University’s students privacy is at risk every time they log in.
When logging into a computer in the Student Technology Center or any other computer lab on campus students must log in with their myBSU credentials. Once logged in, to the Mac partition or Windows partition, the computer loads the user’s profile. Each user has their own profile on every computer that they log into. This is why when you log into a computer for the first time it takes longer to log in, due to the computer creating a new profile for you.
It is safe to say that most students feel that this profile can only be seen by themselves and BSU Information Technology Services staff. Although it is true that no other user can log into your profile, but anyone with a valid myBSU account can access everything you do on that computer, if you do not take precautionary steps.
Every user profile is created as an administrator which allows them access to browse the entire hard drive. On the drive there is a users folder for both Mac and Windows. The computers in the Student Technology Center contain around 200 user’s folders each. These folders contain the profile of every user who has a logged into that computer, the folders share the same name as the students myBSU log in, the first four letters of the last name, a number, and the first three letters of their first name. Contained in this folder is that user’s My Documents folder, Desktop folder, and every other folder that is set up by default by Windows and Mac.
When you click on another user’s profile folder it does pop up a warning window that says you are not allowed to view these folders. On Windows after clicking close on the warning pop up it loads the folder anyway, but on Mac it does not allow you view the folder. This does not mean you are any more safe logging into the Mac partition versus the Windows partition. It just means you can not view other user’s folders while logged into the Mac partition. All of the Mac user’s folders are still viewable from users logged into the Windows partition.
What can you do from within a user’s profile?
Well if they have any files saved you can view, copy, and save them. To make it easier you can search the Windows users folder or Mac users folder for “*.doc” to come up with a list of every user’s saved Microsoft Word documents or “*.jpg” to come up with a list of every user’s saved pictures. This does not seem that bad as most users do not save anything locally on the hard drive. What users do a lot of is web browsing. A user’s web history can not be view simply by opening a file, but if the logged in user replaces their Internet Explorer, Mozilla Firefox, or Google Chrome user folder with that of another user they can load the program and then view the history of said user. Although untested they may be able to log into any accounts that have saved user name and passwords.
BSU’s Computer Lab Policy clearly lays this out and states that “Data on public lab computers may be accessible to other users. For personal privacy, please delete browsing history and cookies after use. Also, save private data to personal flash drives or other external data rather than to computer hard drives.” Yet even with this warning users are not taking the steps to protect themselves.
After talking with BSU’s Network Manager, Mike Smith, solving the problem is as easy as switching users over from administrators to power users. Sadly more problems arise from this. Software companies like Adobe, Auto Desk, and others wrote their programs to be run with administrator privileges. So switching users from administrators to power users would stop them from being able to run programs like Adobe’s Photoshop, Illustrator, and Premier as well as Auto Desk’s Auto CAD, and 3ds Max. BSU’s Chief Information Officer stated in an email that “We will be continuing research and testing during summer 2011.”
So what should students do to protect themselves?
When using a BSU computer you should follow the BSU Computer Lab Policy and only save files to your flash drive, external hard drive, or cloud storage such as Dropbox. As for web browsing use features like Internet Explorer’s InPrivate Browsing, Mozilla Firefox’s Private Browsing, or Google Chome’s Incognito mode.
 |
| iMac computers in the Library Photo by John Andringa |
 |
| Students using computers Photo by Jae Seifert |
No comments:
Post a Comment