College Students Question the “Safety” of SafeConnect
SafeConnect, owned by Impulse Point, LLC is a university network system utilized across the nation and in Minnesota. In order for students to connect to the internet while on campus, students log on to the SafeConnect system. So what’s the problem?
In working with SafeConnect, students are reporting that the system gives full administrative control over a student’s personal computer to software developed by a company called Impulse Point. This means that Impulse Point, if prompted by government, could covertly and remotely turn on a student’s webcam, access all documents and files on a student’s computer, and modify or delete any piece of information on the student’s computer. Although Impulse Point claims not to be used for these purposes, the fact that it has the capability to take these actions should be concerning, particularly in light of published Snowden documents.
Impulse Point runs additional programs like Identity Connect. http://www.impulse.com/identityconnect/ Impulse Point appears as a “TierOne Partner” with VistaOne. https://www.vistaone.com/amx/impulse-point-safeconnect/ VistaOne has a number of partner companies including Riverbed, Palo Alto, Procera, and Synergy. https://www.vistaone.com/amx/tierone-partners/
Students and professors across the US are beginning to look into programs, such as Cisco Clean Access, SafeConnect and others. These companies are employed by universities to satisfy the legislative mandates of securing a private network for their college.
In 2004, all universities in the United States were required to maintain a private Internet network under the Communications Assistance for Law Enforcement Act. Additionally, the Higher Education Opportunity Act of 2008 set forth guidelines making it necessary for all schools to “combat unauthorized distribution of copyrighted materials via illegal downloading or peer-to-peer distribution of intellectual property,” as a condition of obtaining Federal Pell Grants for students and participating in other federal financial aid programs. http://www2.ed.gov/policy/highered/leg/hea08/index.html
To understand the scope of colleges and universities using SafeConnect within the last three years, the following schools came up on a simple search within that time frame: Inver Grove Heights Community College, MN; Augsburg College, Minneapolis; Coastal California University, Yeshiva University, NYC; Sacramento State; University of New Haven; University of Nebraska-Lincoln, La Salle University, University of California – San Diego and Santa Cruz; University of Missouri – Kansas City; Presbyterian College, SC; University of North Florida, American University, Georgetown University, University of North Dakota, and Boston University are using SafeConnect to secure private network and fulfill legislative mandates. No doubt there are many other colleges who employ SafeConnect.
According to the SafeConnect site, “SafeConnect acts as a gatekeeper to the university’s Internet network. Any user who tries to access the New School network must first pass a security check — a log-in page asking for the user’s New School ID. Network access controls allow large networks that serve many users and devices to set rules about who can and cannot log on. Before SafeConnect green-lights a user onto the information super-highway, the program runs a check to see if his or her device has installed current anti-virus software or up-to-date security patches.”
The New School Network, New York City. http://www.newschool.edu/information-technology/wireless-network/
Recently, students at Augsburg College in Minneapolis authored a petition against SafeConnect, a university internet network system utilized in universities across the nation and in Minnesota.
Students of Augsburg Against SafeConnect state that SafeConnect is a program that runs at full administrative privileges, under the SYSTEM account, meaning it can do anything the operating system can do. Students and faculty have signed the petition.
In In In “Safe”Connect Part II: We’ll take a look a closer look at how the program actually works and remotely takes over one’s computer.