Educause Security Discussion mailing list archives
Re: Coursesniper.com
From: "Carson, Larry" <larry.carson () UBC CA>
Date: Tue, 29 Mar 2011 08:44:20 -0700
We have a similar thing, student created, at our university: it scrapes public web pages, does not exploit any vulnerabilities and makes no use of any credentials. When the service finds the open course and section it sends the student an SMS/email/tweet to let them know that the section they want has a spot; it's then up to the student to sign-in with their credentials and get the spot before someone else. Our Registrar's office and legal counsel all reviewed the site with the owner and found this particular setup to be legal and within acceptable bounds. Please keep in mind that this was specific to our university and a specific service - not the one being discussed. Larry _______________________ Larry Carson Associate Director, Information Security Management University of British Columbia Room 446 | LS Klinck 6356 Agricultural Road, V6T 1Z2 TEL: (604) 822-0773 FAX: (604) 822-6057 WEB: <http://www.it.ubc.ca/> http://www.it.ubc.ca/ MAIL: 420-6356 Agricultural Road Vancouver, British Columbia, Canada V6T 1Z2 CONFIDENTIALITY NOTICE This electronic message is intended only for the use of the addressee and may contain information that is privileged and confidential. Any dissemination, distribution or copying of this communication by unauthorised individuals is strictly prohibited. If you have received this communication in error, please notify the sender immediately by reply e-mail and delete the original and all copies from your system. ________________________________ From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> To: SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU> Sent: Tue Mar 29 08:21:31 2011 Subject: Re: [SECURITY] Coursesniper.com I’m sorry but I’m still unclear on the issue with Course Sniper. I’m not a lawyer but if someone could explain the issue in a bit more detail I would be thankful so I can try to determine the action I should take to stop this once our institution is made available on this site. If Course Sniper is scraping public facing web pages and using them to harvest data I see no wrongdoing. If they are using credentials supplied by a student I could possibly see some wrong being done but the bigger issue would likely be a policy violation by the student. Would this be an issue if a student wrote his/her own application to do this same thing? I know of two students on our campus who actually did this (probably kicking themselves for missing a business opportunity) but I didn’t think of the problem with using their skills in this manner. Should there be something else that I should consider? Thanks, Ben Pratt Saint Cloud State University From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Koerber, Jeff Sent: Tuesday, March 29, 2011 10:02 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Coursesniper.com Have you tried contacting the company and asking them to stop? Their e-mail is contact () coursesniper com<mailto:contact () coursesniper com>. If they don’t stop, talk to your legal department. Maybe you can claim copyright infringement. Jeff Koerber Supervisor, Student Computing Services Lab and Service Desk Office of Technology Services Towson University From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Schwab, Charles A. Sent: Monday, March 28, 2011 4:06 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Coursesniper.com Recently our Registration folks asked us if there was something that could be done to block access for coursesniper, here is the web site: http://www.coursesniper.com<http://www.coursesniper.com/>. Essentially it is a pay service that will check if a course has an open spot. I was curious if anyone had been requested to block coursesniper or looked into blocking coursesniper. Charlie.
Current thread:
- Coursesniper.com Schwab, Charles A. (Mar 28)
- Re: Coursesniper.com Steve Lewis (Mar 28)
- Re: Coursesniper.com Foerst, Daniel P. (Mar 28)
- Re: Coursesniper.com Shamblin, Quinn (Mar 28)
- Re: Coursesniper.com Foerst, Daniel P. (Mar 28)
- Re: Coursesniper.com Koerber, Jeff (Mar 29)
- Re: Coursesniper.com Bob Bayn (Mar 29)
- Re: Coursesniper.com Pratt, Benjamin E. (Mar 29)
- <Possible follow-ups>
- Re: Coursesniper.com Carson, Larry (Mar 29)
- Re: Coursesniper.com Steve Lewis (Mar 28)