Jan 19, 2018 My blogpost was read by ProctorU CTO Matt Jaeh after it popped up in his Google Alerts, and he reached out to me via email. I met with him and his team over video conference and discussed my concerns about having not been caught while using a virtual machine to take my test. From my conversations with them, it is clear that PrcotorU is dedicated to stopping cheaters, and is open to feedback for improvement, even though it did take some time to get the attention of the right people. They offered to hire me as a consultant to help their team improve the virtual machine detection scripts and overall testing security. They are aware of the threat posed by virtual machines being used by cheaters and have also corrected the confusing statement about the use of virtual machines on their technical requirements page. I will be keeping the details of those scripts and cheating prevention methods secret, and hopefully, we will be stopping cheaters who use virtual machines on ProctorU exams soon.

No response from Examity so far.

It is not my intention to help students cheat by sharing this information. The opposite is actually true, I am advocating for these companies and those that provide a similar service to tighten up test-taking security by preventing the use of virtual machines. Schools need to put pressure on these companies also because the value of their college degrees is in question when cheating is this easy.

ProctorU and Examity do not take any steps to prevent cheating by using a virtual machine. Cheating is as easy as loading up a virtual machine, and taking the test inside of it, while you do anything you want on the host machine.

Using a virtual machine while taking an exam gives the test taker the ability to:

Connect a screen-sharing app like join.me to the Host machine. This means someone can remotely control the mouse and take the test while it appears from the Proctor’s perspective via the webcam that the student is the one taking the test.

Use Google, textbook, or notes on the Host machine.

I have reported it to both companies. In the last two months, neither has added any kind of basic checking for virtual machines.

It seems to me that neither company even has anyone working there who has a clue what a virtual machine is. Just look at what ProctorU’s website has to say about virtual machines, and count how many things are wrong just in this brief statement:

Note: We do not proctor computers running virtual machines. If you are running a virtual machine when you come in, you will be asked to close your virtual machine and boot into your actual operating system to take your test.

...boot into your actual operating system to take your test?

Whoever wrote this clearly doesn’t understand what a virtual machine is. It’s not a dual-boot, you don’t have to reboot to get out of it.

And a quick Google search of ‘site:examity.com “virtual machine”’ yields zero results, so they might not even be aware of the problem.

Examity might even care less about cheaters, just look what their CEO had to say in his response to this blog post

Michael London, CEO of Examity on July 8th, 2015, 11:11 am Entertaining, but absurd. Not one of them would work with our solution.

His statement is wrong of course, virtual machines are not detected by Examity. No cheating methods should be written off as being absurd without thorough investigation and testing.

Addenda

The demand for online college courses has risen significantly in the past decade, and now just about every major college is offering at least some entirely online courses. In addition, there are now many respectable, fully accredited online-only colleges. Both cases have created the need for students to take tests remotely in a secure manner. To meet the demand, companies like ProctorU and Examity have stepped forward to solve the problem.

ProctorU and Examity work nearly identically from the test taker’s perspective. You basically schedule your college exam at any time you want, and at that time you log in and get connected to your proctor. The proctor is someone in a third-world country, who you’ve never met before. You will be trusting this person with installing programs and gaining remote access to every file and program on your computer while you take your exam. They will watch you through your webcam to make sure you do not look at notes, or talk to anyone during the test.

I am not against the concept of ProctorU or Examity’s services. I enjoy the convenience of remote testing. I have no problem sharing my screen or being watched by a stranger while I take my test, that doesn’t bother me or creep me out at all. After all, that part is no different from a test at a school. The problem is giving away complete control of my personal computer.

After they connect, I noticed that the proctor runs several scripts and executables. I haven’t analyzed them yet, and I’m sure they are well-intentioned, but those could do anything – install malware, and steal banking info. Not to mention if one of those scripts does some accidental damage it prevents me from being able to work the next day because I have to restore from backup.

So for those reasons, I decided to use an old laptop with a fresh install of Windows 10. And that worked fine. I had no problem with giving the proctor complete control of my old laptop which didn’t have any personal files on it.

But then one day I wanted to take an exam while traveling for work. There was no way I was going to give full access to my personal laptop, so I considered my options. I could dual-boot into another install of Windows 10, or I could try using a Windows 10 virtual machine and risk getting caught. I decided it was going to be too much work to set up the dual boot just for the occasion, so instead I tried using the virtual machine. I figured that I would get caught and then just play dumb and reschedule the exam for another day.

But what I found out is that ProctorU didn’t have a script that checked if the exam was being run in a virtual machine, nor did it properly train employees to do basic checks. Even when I connected my webcam with the name “Virtualbox Webcam”, the proctor saw it and didn’t ask any questions. It’s not the proctor’s fault, they were just not trained properly. Right after that, the proctor opened up Task Manager to check if I had Virtualbox running inside my virtual machine. It wasn’t, so I was cleared to start the exam.

Later in the semester I also tried taking a test through Examity in a virtual machine, with the same result. No checks were in place whatsoever.