Library computers flawed

“What are the factors of 336?” I pondered, star­ing at the KENKEN puzzle on the screen of the com­puter in the SciTech lib­rary I was seated at.

Cursed com­puter! No calculator!

I’ve been annoyed by how locked down the com­puters at Sydney Uni’s lib­rar­ies are for a while, so I set out to find out whether I can, in fact, bring up the humble cal­cu­lator.¹

There’s noth­ing more power­ful than a fully-​​functioning pro­gram­ming envir­on­ment, and to the extent that Visual Basic for Applic­a­tions is a fully-​​functioning pro­gram­ming envir­on­ment, all recent ver­sions of Office have this. So the first step was to fire up Word 2007, open up the Options dia­log box and turn on the Developer tab.

Cursed! The sys­tem admin­is­trator has dis­abled the Visual Basic Editor via group policy.

But what if I do this?

Tada! I get the editor. It defies belief that the group policy set­ting would merely dis­able the but­ton that accesses a pro­hib­ited fea­ture as opposed to dis­abling the fea­ture itself. Now, typ­ing in some code…

Hit­ting F5 should run Com­mand Prompt.

Cursed group policy again. Remem­ber­ing the good-​​old days of MS-​​DOS…

Suc­cess!

Con­clu­sions

Well, now you know how to open up your favour­ite Win­dows apps on these retarded com­puters, say, if you wanted to save a screen­shot into PNG using Paint.² But the point I want to high­light is that some of the policies in force on these com­puters ulti­mately serve no use­ful pur­pose. They remove use­ful func­tion­al­ity, while those who know how can still access them, albeit it rather clum­sily. Lock­ing down a com­puter for the sake of mak­ing it locked down serves no use­ful pur­pose. (Ray­mond Chen says, Shell policy is not the same as secur­ity. Indeed.)

The real problem

That was just a dis­trac­tion really. The real prob­lem is that the lib­rary com­puters use this login sys­tem based on your lib­rary card num­ber that doesn’t actu­ally log the Win­dows account on or off. That means that if someone logged into, say, Gmail, and selec­ted the option to stay logged in, if he for­got to log out, the next user on that com­puter could view his email, as I found out the other day. Also, because the tem­por­ary drive where you can dump your oh-​​so-​​secret files isn’t cleared between users, you have to won­der what kind of pot these sys­tem admin­is­trat­ors are smoking.³

Foot­notes

¹ The more intel­li­gent option is to use the short­cut to SSH into the under­grad IT serv­ers and use Python, if you have an account there.
² There’s no need to bring up the Com­mand Prompt first. Using “calc” or “mspaint” as the argu­ment to Shell() would have suf­ficed.
³ The Access Lab com­puters are thank­fully more fully-​​functioned and require you to log in and out of your own Win­dows account. Why the uni­ver­sity both­ers to deploy large quant­it­ies of these retarded machines defies belief given that the num­ber of lib­rary card hold­ers without Unikey accounts must be rather small.

Related posts:

1. I won!