College Students Question the “Safety” of SafeConnect

SafeConnect 0

College Students Question the “Safety” of SafeConnect

SafeConnect, owned by Impulse Point, LLC is a university network system utilized across the nation and in Minnesota.  In order for students to connect to the internet while on campus, students log on to the SafeConnect system.   So what’s the problem?

In working with SafeConnect, students are reporting that the system gives full administrative control over a student’s personal computer to software developed by a company called Impulse Point.  This means that Impulse Point, if prompted by government, could covertly and remotely turn on a student’s webcam, access all documents and files on a student’s computer, and modify or delete any piece of information on the student’s computer.  Although Impulse Point claims not to be used for these purposes, the fact that it has the capability to take these actions should be concerning, particularly in light of published Snowden documents.

Impulse Point runs additional programs like Identity Connect.  http://www.impulse.com/identityconnect/  Impulse Point appears as a “TierOne Partner” with VistaOne.  https://www.vistaone.com/amx/impulse-point-safeconnect/  VistaOne has a number of partner companies including Riverbed, Palo Alto, Procera,  and Synergy.  https://www.vistaone.com/amx/tierone-partners/

Students and professors across the US are beginning to look into programs, such as Cisco Clean Access, SafeConnect and others.   These companies are employed by universities to satisfy the legislative mandates of securing a private network for their college.

In 2004, all universities in the United States were required to maintain a private Internet network under the Communications Assistance for Law Enforcement Act.   Additionally, the Higher Education Opportunity Act of 2008 set forth guidelines making it necessary for all schools to “combat unauthorized distribution of copyrighted materials via illegal downloading or peer-to-peer distribution of intellectual property,” as a condition of obtaining Federal Pell Grants for students and participating in other federal financial aid programs.  http://www2.ed.gov/policy/highered/leg/hea08/index.html

To understand the scope of colleges and universities using SafeConnect within the last three years, the following schools came up on a simple search within that time frame:  Inver Grove Heights Community College, MN; Augsburg College, Minneapolis; Coastal California University, Yeshiva University, NYC; Sacramento State; University of New Haven; University of Nebraska-Lincoln, La Salle University, University of California – San Diego and Santa Cruz; University of Missouri – Kansas City; Presbyterian College, SC; University of North Florida, American University, Georgetown University, University of North Dakota, and Boston University are using SafeConnect to secure private network and fulfill legislative mandates.  No doubt there are many other colleges who employ SafeConnect.

According to the SafeConnect site, “SafeConnect acts as a gatekeeper to the university’s Internet network.  Any user who tries to access the New School network must first pass a security check — a log-in page asking for the user’s New School ID.   Network access controls allow large networks that serve many users and devices to set rules about who can and cannot log on. Before SafeConnect green-lights a user onto the information super-highway, the program runs a check to see if his or her device has installed current anti-virus software or up-to-date security patches.”

The New School Network, New York City.  http://www.newschool.edu/information-technology/wireless-network/

Recently, students at Augsburg College in Minneapolis authored a petition against SafeConnect, a university internet network system utilized in universities across the nation and in Minnesota.

SafeConnect Petition

Students of Augsburg Against SafeConnect  state that SafeConnect is a program that runs at full administrative privileges, under the SYSTEM account, meaning it can do anything the operating system can do.  Students and faculty have signed the petition.

SafeConnect 1

SafeConnect 2

SafeConnect 3

SafeConnect 4In In In       “Safe”Connect Part II:  We’ll take a look a closer look at how the program actually works and remotely takes over one’s computer.

SafeConnect appears to be a program designed for covert remote access to a student’s personal computer.  Should universities and colleges be able to install spyware/remote access tools on a student’s personal computer?   Students have a right to privacy regarding their own personal property and particularly in a university setting where many students live on campus.  
Students, Take Note!

 

Advertisements

3 thoughts on “College Students Question the “Safety” of SafeConnect”

  1. While I appreciate there is a valid concern with what software you install on your own device, I think there is some confusion as to the purpose of SafeConnect and similar products as well as the legislative mandates.

    It’s worth noting that most campus networks are exempt from the Communications Assistance for Law Enforcement Act (CALEA) of 2004. More information is at http://www.educause.edu/library/calea .

    The HEOA of 2008 does not mandate using such a product. Schools must make a “good-faith effort at compliance” and compliance focuses on specific areas with regards to unauthorized file sharing. Very clear information about the HEOA can be found here http://www.educause.edu/library/higher-education-opportunity-act-heoa

    SafeConnect (and other network access control (NAC) systems) are usually deployed to protect student computers from other student computers. Years ago students would bring their infected computers to campus and plug in (yes, this is before WiFi was everywhere). Within minutes of plugging into the residence hall network if your PC wasn’t infected it was now. That created a lot of IT support calls and much time lost by students getting their computers cleaned up. To prevent that NACs were deployed to ensure everyone had antivirus and a certain level of windows updates.

    Also keep in mind that SafeConnect (mentioned in this example) is often a product run locally on campus (not in the cloud) and is controlled by University IT staff. The product does get updates from the company so it can detect new versions of antivirus or new windows patches.

    1. This is still no excuse for such a blatant violation of student privacy rights. How are students to know what the updates are doing? Why aren’t students presented with a license agreement for the software or privacy notice? The fact that the software is capable of controlling a student’s computer at an administrative level, even if university IT staff claim not to use that functionality is significant. After all; the NSA claimed not to be spying on US citizens — however, it too was regarded as a conspiracy hypothesis until Snowden leaked what was happening. History has shown that those in power who gain this kind of power, tend to use it for malicious purposes. IT staff on universities should be mindful of what is theirs (the campus network), and what is the student’s (student computers). IT staff should not try to control or invade the privacy of a student in such a way; on their own personal device, which is not the university’s property.
      Additionally; is your university IT staff able to inspect each update that Impulse Point sends? Can students and/or faculty members audit the software to make sure it really does only what it is claimed to? Additionally; why are students never presented with an end-user license agreement (EULA), or privacy policy? Additionally; I would like to see this mystical virus that magically infects any device plugged into the campus network? Does the virus that infected the campus have a name? Could you send us a sample?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s