Changes
no edit summary
by <em>engag[ing] in any activity that might be purposefully harmful to systems or to any information stored thereon...</em>, however
its use is not widespread enough for this to gain any note.
There is a further extension to Respondus LockDown, called Respondus Monitor
<ref>http://respondus.com/products/monitor/</ref> that allows the proctor to spy on users through their webcam.
==Running the Software==
===Natively (Windows or OS X)===
To run on Windows, the software requires administrative privileges. Previous versions were shown to have used Internet Explorer with certain modifications
executed on the fly, to add the "Lock Down" features, however it currently appears to be a stand-alone browser with some resemblance to Google's Chrome. On both OS X and Windows, it is based off of the open-source Chromium<ref>http://respondus.com/products/lockdown-browser/requirements.shtml</ref>, although previous OS X versions arebelieved to have piggybacked off of Safari features. On Windows, the running user must have administrative privileges to run the student edition, however administrative privileges are not necessary to run the browser on OS X.
==Other Notes==
* No support for U2F -- requires second (expensive) device for other [[gp:2FA|2 Factor Authentication]] methods
* Easily circumvented
** Most students have second computer (i.e. Smartphone), which can be used for cheating (i.ie. Google searching)
** Circumvention methods disadvantage students of lower income, who do not have second device.
* No Linux version, disadvantaging students promoting the use of <b>free software</b>
* Does not prevent collaboration in out-of-class testing
* Superfluous for in-class testing, where students are visually monitored anywasanyway
** At most just promotes lazy proctoring of exams
* Cannot take multiple tests within a single session
* Requires administrative privileges which may not be available on multi-user machines
* Hostile to users of password managers
=== Open questions on debugging ===
* Is a TLS cert chain bundled, or can it be MITMed?
* What kind of protocol does it use to authenticate that it is respondus
** A Kerberos-like protocol would be optimal, but I'd be surprised if they did it
* Does the binary do any integrity checks?
* Does qemu-only emulated devices adequately obfuscate that it runs in a VM? Doesn't seem to
==References==
<references/>
[[Category:Campus bugs]][[Category:Required softwareSoftware]]