Comment Re:my experience with it... (Score 1) 853
Actually, EVERYTHING is trackable from the OneCard system. They can reconstruct every transaction you've ever done, down to the exact items you purchased. They just don't tell students this little fact.
As far as the door entry systems-- when the doors go offline, they each have a list of who's supposed to get through that door that it refers to (if that particular type of hardware is installed-- they have models that can handle 4,8, and 16,000 cardholders.) Some campuses do use the IP Converters to put the card systems on the campus network, but where I used to work, we had the whole system on its own private network-- our IS department was clueless, and if we'd had to rely on their network for something this mission-critical, nothing ever would have worked. Blackboard was pretty bad as far as security with the HP-9000 -- when I left, the system was still running HP-UX 10.2, and they were FINALLY talking about how to get it to 11. You couldn't do any patching to the 10.2 system, because they had to approve and test every single patch-- and that never happened. So-- if you wanted, it wouldn't be too hard to get control of the machine and have at it.
As far as the door entry systems-- when the doors go offline, they each have a list of who's supposed to get through that door that it refers to (if that particular type of hardware is installed-- they have models that can handle 4,8, and 16,000 cardholders.) Some campuses do use the IP Converters to put the card systems on the campus network, but where I used to work, we had the whole system on its own private network-- our IS department was clueless, and if we'd had to rely on their network for something this mission-critical, nothing ever would have worked. Blackboard was pretty bad as far as security with the HP-9000 -- when I left, the system was still running HP-UX 10.2, and they were FINALLY talking about how to get it to 11. You couldn't do any patching to the 10.2 system, because they had to approve and test every single patch-- and that never happened. So-- if you wanted, it wouldn't be too hard to get control of the machine and have at it.
