Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Process Detection?

  1. #1
    Junior Member
    Join Date
    Aug 2002
    Posts
    19

    Process Detection?

    Hey, my chemistry teacher this year is giving tests online. He said that we cannot open any IE browser windows, or have any IMs, because the site the test is on will detect it and auto-submit it to the server, giving you whatever grade (even if you didn't finish) and you can't retake it.

    Every instinct in my body told me that this was BS. Possible? Yes. Likely? Not at all. The most sophisticated thing I've seen that's even remotely related to this is a site closing if you close a popup ad or something. But he's suggesting that the site can tell if you've done anything, like had an IM, or opened a new browser. My question is, is this true? Or do you think he's just bluffing?

    If a program had core level control of your box, and can tell what you're doing, possibly. But if you have IE's security level set to high, not even the most malicious Javascript and Active X could tell something like that? Right?

    By the way, don't flame me and give me negs about cheating in chemistry. It's a question about whether a site can do that or not.

    Thanks,
    Ramzi

  2. #2
    Senior Member
    Join Date
    Jun 2002
    Posts
    165
    more than likely it's done through the detection of whether or not the test browser is the active window (which is accomplishable in javascript, no extra perms or controls needed).

    here's an easy work-around...get a second pc, you could also use a kvm to minimize movement between transissions between the two.

    actually, i just came up with ~ 10 more possibilies (mostly programmatic and would require significant setup)...but here's another easy one.

    establish a terminal session and use it to take the test (it's enclosed in the terminal client window) - which can lose focus from the other local windows without effecting the detection in the script.

    i love this site...

    anon neg
    dont destablize the educational system
    response: i didn't realize that the educational system was isolated to this type of security practice.
    -droby10

  3. #3
    Junior Member
    Join Date
    Feb 2002
    Posts
    18
    that is possiable there are programs out there that can detect other programs running on your computer. you see almost all programs use the internet for some resourse but the program will most likely detect it thru your ip address the server will ping your computer to see what ports are open and if it comes up with a chat or IM port then it would give the command to summit the test.
    [glowpurple]Ctrl Alt Delete is the answer to lifes problems.[/glowpurple]

  4. #4
    Senior Member
    Join Date
    Jul 2002
    Posts
    225
    Null, he'd have to be running a netstat server in order to provide that kind of info. A portscan, which is legally dubious, might do it, but a regular ICMP echo just doesn't provide that kind of information. Droby's javascript idea would work, but I'm not sure it could provide enough concrete information to accuse someone of cheating. Seeing as how most ways of doing this are more trouble then they are worth, I'm leaning towards BS myself.

    PS. Cheaters never win!
    \"Now it\'s time to erase the story of our bogus fate. Our history as it\'s portrayed is just a recipe for hate!\"
    -Bad Religion

  5. #5
    Junior Member
    Join Date
    Feb 2002
    Posts
    18
    I just saying that its possiable if you really think about it there are web pages out there that can display my contents of my hard drive so what to say it cant see whats being ran.
    [glowpurple]Ctrl Alt Delete is the answer to lifes problems.[/glowpurple]

  6. #6
    Junior Member
    Join Date
    Aug 2002
    Posts
    19
    The reason why the port scan theory won't work is because I can have processes running in the background, but not necessarily mean I'm using them. For example, I might be a dedicated server for a game, or be downloading something. My port will be open. If the test was auto-submitted for ports being open, no one would get to take the test.

    The other reason is, what if I'm running a firewall? I may be connecting to the site on port 80, but I don't give it permission to try and access other ports, or see if they're open.

    I think some people were hesitent to post because they don't want to aid in cheating. Trust me guys, it wasn't about that. My question was strictly a technical one, not a request for methods to cheat. I already knew several. I mean, logically, if you give a kid a test to take on his own time, anywhere there is a connection to the Internet, there's no way to prevent the simplest form of cheating. Call a friend while taking the test, use your book, use two computers, etc, etc. I just wanted to know if what my teacher told me had any factual and technical basis to it, not necessarilly how I wanted to cheat. Give me some credit. A retarded monkey could figure out how to cheat. You're a fool to think I couldn't.

    That little rant directed to no one in particular.

    That Javascript theory might be it. I accidently clicked a test, and hit back on my browser. I still was able to open it back up again. My browser never left focus as the active window though. If it is Javascript, it should be visible in the source code. Then I should just be able to copy and paste the source, delete the script, and take the test that way.

  7. #7
    Senior Member The Old Man's Avatar
    Join Date
    Aug 2001
    Posts
    364
    Hmmm, methinks "hocus-pocus". if i were administering the test i'd probably tell you the same thing but frankly educational terminals are primarily educational, not overloaded with IM techies, ...unless they're hiring a third-party security outfit to administer the test which is an unlikely possibility. i'm sure they as well as you know at least a dozen ways a confused student could cheat on a remotely-taken test, but doktorf00bar said it best; "Cheaters never win".

  8. #8
    Senior Member
    Join Date
    Jul 2002
    Posts
    225
    Good points Ramzi. Can you imagine an instructor accusing people of cheating on such spurious evidence? Can you say "entirely circumstancial"?


    PS My last PS was kinda in jest, BTW. I believe you.
    \"Now it\'s time to erase the story of our bogus fate. Our history as it\'s portrayed is just a recipe for hate!\"
    -Bad Religion

  9. #9
    Junior Member
    Join Date
    Aug 2002
    Posts
    19
    Thanks for the points, doktorf00bar. I knew you weren't calling me a cheater. My message was directed to the anonymous person who negged droby10. Anyone who throws negs around foolishly at me or anyone who tried helping me is a *****, because they're just trying to balance out or something.

    Null_Session, thanks for the attempt. Your answer seemed thought-out and logical, but it just isn't the case. So you know, those sites that can show you all the contents of your harddrive don't actually show you all the contents of your harddrive. Internet Explorer is a shell of Windows Explorer. You can browse your harddrive, going through folders and opening up files in Internet Explorer. What sites like that do is just display YOUR harddrive to YOU. They can't see any of it.

    Really, thanks for all the help guys. Learned some things today that I wouldn't have otherwise.

    Ramzi

  10. #10
    Senior Member
    Join Date
    Jun 2002
    Posts
    165
    Really, thanks for all the help guys. Learned some things today that I wouldn't have otherwise.
    what...like a large group of people at ao, who are supposedly "security-conscience" are the first to plug their ears, gag their neighbors, and blind-fold their children when anything controversial comes up?
    -droby10

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •