The problem? First, the whole thing is a ridiculous waste of money. From top to bottom, none of it really makes sense – it’s incredibly invasive: it tracks your eye motion through your webcam, it scans your knuckles as some weird form of identification, it uses facial recognition to make sure that you’re not someone else – and above all, it can be bypassed rather easily. I’m not saying I have a better solution to make sure that students don’t cheat on online exams – but this solution is intrusive, and the “Big Brother”-ness of it is so crazy it sounds like it must be a joke (like knuckle scanning, for instance).

The second issue is that despite the obvious flaws in this system (in fact, in any system at all that says it can do something like this, like Examity), the company that makes this software will undoubtedly rake in the millions for their “solution”. From student fees to huge bills for colleges (and, if they’re state schools, for the taxpayers), these companies that guarantee no one using their software is cheating on exams seem like easy solutions to the fears of academics, who say that moving exams to the internet will cause rampant cheating. In some ways, they’re correct – but the issue is their definition of cheating, not the internet itself.

In real life, you’ll run into plenty of issues on a tight deadline, where you’ll be looked to for answers. There is absolutely no shame in reaching out to a trusted expert for advice in these situations, or even just Googling an answer and seeing if it works. It’s like in middle school when your teacher made you write out math by hand, claiming that you won’t have a calculator with you at all times in the real world – I do, it’s my phone. Now, that being said, there are certainly cases where students need to be tested in such a way as to ensure that they actually have the knowledge in their brains – and in those cases, test in person, or come up with a solution better than this awful software. But for all other cases, searching online should not only be allowed, it should be encouraged. Teachers should be giving students problems that mimic those they would find in real life, and whose solutions are complex and have multiple viewpoints. Memorization is worthless in the 21st century unless you’re preparing for a situation so dire that you need the answer faster than you’d be able to type the question.

The third and most pressing issue is the unrealistic claims of these companies. The idea that they can prevent someone from cheating by using only their webcam (or in the case of Proctortrack, even an executable file that has some kind of computer scanner) is absolutely ridiculous. It’s like saying that a human proctor can prevent a room full of students from cheating because they’re looking at them. Even in the case of computers, where there is “individualized attention” on the part of the software, there are plenty of workarounds. What’s to stop a student (either in person or behind a webcam) from tapping out an answer on their desk in Morse code? The software might be analyzing the audio specifically for Morse code, but covering up the computer’s microphone solves that pretty quickly. Similarly, the teacher would have to pick up on the pattern (and actually know Morse code) to have enough evidence to accuse a student of cheating.

I’m posting a list of workarounds here for multiple reasons:

To prove beyond a shadow of a doubt that if a student wants to cheat, they will, and expensive technological solutions only put hurdles in their paths, but will not stop them. Actual trust of students, or providing them with problems that are worth their time to solve, are real solutions.

Because I fully promote the idea that students should learn things that will actually help them in life – for instance, a hacker mentality that will allow them to bypass ridiculous systems, which they will undoubtedly run into in their careers. This, as opposed to the highly unlikely scenario of running into an exam-like situation in real life, where they have to recall information immediately without the use of the internet. Even in the case of teaching, where teachers are expected to have a mastery of their subject, a standard exam does not do them justice. A truly great teacher’s skills and abilities can hardly be put on paper, or, for that matter, into exam software that watches you.

Finally, if a school decides that literal spyware is the best way to promote academic integrity, they should realize that my list below is an extremely limited catalog of the many ways to bypass the systems on which they’ve spent quite a bit of money. If any professors think students won’t go to these lengths in order to skip studying – they’re fools. And that’s why I think people should be up-in-arms about something like this – if you found out that your state school was spending millions on cars that don’t drive, wouldn’t you be upset at a waste of taxpayer money? This situation is quite similar – anti-cheating software that just does not prevent cheating is a waste of money.

So, below are a number of ways of getting around the system – in truth, it’s difficult to enumerate all of the distinct methods of bypassing the systems, and in fact, many of them can (and should) be used simultaneously. All of the technological methods to get around the system are based on the idea that you have total control of the hardware and software of your computer, allowing you to make changes that benefit you when taking exams, even when using this kind of anti-cheating system.

As a disclaimer, I don’t have any connection to the ProctorTrack company, nor to any other similar company. My purpose is not to insult a particular piece of software, or the company itself – the reason I chose ProctorTrack is, as previously stated, a friend of mine had to use it, so I began investigating. Also, I don’t have a lab environment in which to test all of the possibilities listed below – they’re here in a theoretical nature, so that you can see the various pitfalls of this kind of software. YMMV – Your Mileage May Vary.

I won’t provide actual tutorials on getting these systems set up – I leave that up to the “cheaters”. In addition, I would like to thank my friend Samaikya for help coming up with this list.

This group of methods involves basically putting some software between your webcam and the anti-cheating system so that when the system attempts to get the feed from your webcam, it’s actually pulling the feed from a “virtual” webcam. The benefit of this is that the virtual webcam can be controlled through software in order to modify or even replace the actual video from your webcam.

There are a number of software solutions available – I use ManyCam, which has a free version and a paid version (one of the issues with the free version is that it has a watermark – though technically that’s not an issue, since you could be using ManyCam while legitimately taking the exam). I’d recommend it only because it has a very convenient interface, which allows you to switch between video streams quickly. It served its purpose for me – if you know of different or better software, feel free to leave your recommendation in the comments.

ManyCam.com – Different Video Sources

Easily pull from different media files, as opposed to only from your webcam’s feed

The software clearly watches you through your webcam – their demonstration video shows their software running facial recognition through your video feed.

So, here’s what you do – using your webcam, recording a video of yourself using your computer, just surfing the internet or something. Be sure that you don’t do anything that you wouldn’t do on your exam – like move your eyes or head so that it looks like you’re looking off-screen, and don’t have someone else come into the frame. The purpose is to have a video file (whose length is slightly longer than the maximum time that you can take an exam), which contains only “legal” footage of you.

Then, simply set your webcam software to play the video file and send that as your video feed, instead of having it send the output of your webcam. The benefit? Now they can’t actually see out of your webcam. You can be doing anything you want behind the webcam – they’ll only see the feed you send them. They can run facial recognition and whatever other video tools they have at their disposal, but the only data you’ll be sending them is a “legal” feed of you typing, clicking, and looking at the screen.

Their software claims to tell if there are multiple people in the webcam feed – but what if they were seeing an older webcam video? (Also note the “Online Aid” infraction – I’ll discuss that later)

Now, there are two worries when it comes to this method. The first is that they may notice software like ManyCam installed, or they may notice that you have multiple webcams (the real one and the virtual one) available. For this, we use the Virtual Machine method, detailed below.

The second worry is one I came up with while watching their introductory video – they require a “knuckle scan” as a form of identification. This alone is cause for thought – why are they scanning your knuckles? Who thought that would be a good idea? If it was a legitimate form of identification, why isn’t it more widespread?

Though I’m not actually sure because I haven’t had my knuckles scanned personally, the only way I can think of that they’d use this insane identifier is if they require you to raise your knuckles every once in a while to prove that you’re still really there. Easy enough to get around – make another video with your webcam of you surfing the internet for a few seconds, then raise your knuckles to the screen like they do in the introductory video, then put your hand back down to the keyboard or mouse. When you get some kind of pop up asking you to raise your knuckle, switch the video feed from the long file of you surfing the internet to this new file of you raising your knuckles. Because of the low quality of webcams, the slight jumps when going back and forth between video files probably won’t seem any worse than normal webcam footage.

Knuckle Scan

Knuckle scans – totally fool proof! We should use this form of identification everywhere!

Here’s an extremely simple idea – you’re sitting there, in front of your laptop, with your keyboard and mouse, with a webcam trained on you as you take the exam. There’s another person in the room, but if the webcam sees them, you’ll be in trouble – so, sit them behind your laptop. But then they can’t see anything, so hook up an external monitor that mirrors your screen, and put it behind your laptop. Now they can see exactly what you see.

But the real goal of the situation is to let them help you with the exam – so plug in a USB keyboard and mouse, and now they can type for you, completely out of the view of the webcam.

The system does appear to say that it does some kind of “system check”, which appears to check for a keyboard and mouse. Theoretically, it would flag you for having more than one. But that seems like a pretty questionable check – I personally use a Bluetooth mouse (and not my laptop’s built-in mouse) because I prefer it. How would they know if I handed that mouse to a friend? Furthermore, using the Virtual Machine solution, they could be completely unaware that a second mouse and keyboard were hooked up to the same computer.

You have to run an executable file at some point (the “Download” step above), so why do they need to know that you have Adobe Flash? What are they using it for? Flash is extremely insecure (Apple famously refused to let it run on their iOS devices), so that opens a whole new attack vector that I won’t even get into.

This idea builds off of the previous idea – instead of using an external monitor, use an external projector, and project your screen onto a wall out of site of the webcam. Then gather everyone in the class in that room, and discuss the questions. You’ll still be sitting in front of your laptop – and you probably shouldn’t participate in the discussion, since your mouth moving might trigger something. As for the microphone, just cover it with something – it will still send audio, but the audio will be ambient white noise. Once the group comes to a conclusion about the answer, they can tell you, and you’ll click the correct answer. When you’re done, you move over and let the next classmate take the exam (just watch for digital leftovers, like the fact that you’re using the same IP address or already have a browser cookie for the previous user).

This is the icing on the cake and the option that should probably be used in conjunction with all the other options. Without going into too much technical detail, a Virtual Machine (VM) is effectively a computer inside your computer. For instance, if you’re running Windows 8, you could make a virtual machine for Windows XP, and you effectively run it like a program, with the ability to minimize it. You give it a certain amount of hard drive space, CPU limitations, and an amount of RAM, and you’re off to the races.

In this case, the big benefit of working with a VM is the fact that you can pass it to specific hardware. So, say your computer has two keyboards and two mice plugged in – you can pass only one to the virtual machine. From its point of view, it has one keyboard and one mouse plugged in. It doesn’t know that it’s not a laptop’s built-in keyboard and mouse. You can also then pass it to your webcam feed. The goal here is that you can be sitting in front of your computer, where your webcam can see, but the person behind the computer can be typing away, viewing your screen on an external monitor, which shows the output of the VM. The VM also would not know that there are two monitors plugged into the host computer.

A further benefit is that if you’ve intercepted the webcam feed in some way, you just pass that to the VM. In other words, from the VM’s point of view, it has a single keyboard, a single mouse, and a single monitor, and is presenting a single webcam, and there is no software installed besides Proctortrack.

In one of the images earlier in the article, we can see that a proctor can get a notification when you get “Online Aid”. How do they know that? Because you minimized the window in some way – either opening a different browser tab, opening a different browser entirely, etc. Your operating system has various methods of reporting which Windows has focused on, as well as some javascript methods from within webpages. So, by using a Virtual Machine, you never actually minimize the exam itself – you minimize the VM. The VM’s operating system continues to report that its window has focus because you’ve never minimized its window, you’ve simply opened a browser on your host computer.

In this screenshot, a Windows 8 host machine is running two programs – one, Google Chrome, which has focus. Two, VMWare Workstation, inside of which is a Windows XP VM. The Windows XP machine also has Chrome open, and it’s in focus as well. The Windows XP machine (which could be running the exam software) has no idea that it’s actually sitting inside a Windows 8 machine (which might be Googling answers).

Virtual Machines are extremely powerful, and if this is the first you’ve heard of them, you’re probably fairly confused. There’s a lot of reading to be done on your part, and experimenting, in order to discover the intricacies of running two operating systems on a computer simultaneously. But, suffice it to say, that Proctortrack (and any other proctoring software) can be tricked, one way or another.

This group of approaches is so simple, that they’re hardly worth mentioning – and yet, it’s the very fact that they’re both so simple and so efficient at breaking a system like Proctortrack that proves that the system itself is hilariously bad. A webcam has pretty huge blind spots – they’re not actually designed to have the total spatial awareness you’d need to make sure there’s nothing fishy going on anywhere near an exam taker.

Ok, so none of the other options are working for you – you just want a simple, non-technical way to get through your exam. You must be sitting at your computer, with your regular webcam on, using your only keyboard and mouse – and, because they track your eyes, you must be looking directly at your screen.

Or do you?

On a regular laptop, the webcam and the screen are on the same plane, meaning that the webcam is tracking your eye movement, and your eyes have to be looking in the direction of your screen. But it’s not really tracking what your eyes are looking at – in other words, there could be something between your eyes and the screen, and it would have no idea. So, put your textbook or notes between your eyes and the screen, but not in a way that the webcam can see.

The points of view of both of these webcams (at the top-center of the laptop) are the same.

Just make sure that the book doesn’t appear in the webcam feed, and that you don’t accidentally hit any keys on your keyboard with your book. When you’re done, maintain “eye contact” with your laptop screen, and slide your book left or right off of your laptop.

A more digital idea based on the one above – put a second, smaller laptop on top of your existing laptop. This also works with a phone or tablet. If it’s out of the view of the webcam, they won’t be able to tell. Just make sure that neither overheats!

THE “MESS WITH THEM” APPROACH

And now for the really fun ones. Here are some ways you can take the exam “legally” (it may break their Terms of Service or something, you’ll have to read it to find out – then again, any form of cheating is against your college’s academic integrity policy or whatever they call it).

They track your eyes to make sure you don’t look away from your monitor. So, the easy solution – wear sunglasses. Maybe their Terms of Service require you to have your eyes visible – but your “doctor” says you’re sensitive to light and need to wear them. In many states (you’ll have to check the laws for your own), once you have a doctor’s note for something (and it’d be pretty easy to get a note for wearing sunglasses because they’re non-prescription items), they can’t ask further questions about the state of your health.

You could also potentially claim that it’s a religious garment, but YMMV (your mileage may vary). Just a fun thought.

And there’s always a solution like this:

Note that this is actually the exact opposite of what you want, because t