The Collegian

September 2, 2005     California State University, Fresno

Home  News  Sports  Features  Opinion  Classifieds  Gallery  Advertise  Archive  About Us

Page not found – The Collegian
Skip to Main Content
Fresno State's student-run newspaper

The Collegian

ADVERTISEMENT
Fresno State's student-run newspaper

The Collegian

Fresno State's student-run newspaper

The Collegian

Not Found, Error 404

The page you are looking for no longer exists.

Donate to The Collegian
$115
$500
Contributed
Our Goal

News

Hurricane affects campus

Two students struggle to get families out of New Orleans

Campus IT: PeopleSoft not to blame for security

Campus IT: PeopleSoft not to blame for security breach

By Inga Lukaviciute
The Collegian

Cookies were most likely to blame for the online security problem discovered by The Collegian staff in late August, campus Information Security Manager Rafael Villegas said.


As reported on Aug. 24, one staff member logged onto her “My Fresno State” account to check her weekly schedule, and brought up the schedule of the previous user.


Concerned about online security, The Collegian staffers conducted an experiment. They logged onto the “My Fresno State” portal from different computers in The Collegian office and the Peters Building computer lab and found the same security problem occurred on other Macintosh computers.


“We do testing on our system (PeopleSoft) all the time and this shouldn’t have happened,” said John Briar, interim director for Campus Information Systems.


If the first user did not log off and close all the browser windows, it was possible that some information from the user was still stored on the computer and got accessed, Briar said.


“I don’t believe this is a PeopleSoft issue,” Villegas said. “It has to do with cookies.”


Cookies are the files where some Web sites store information on a computer.


There are different kinds of cookies, and they may or may not be a privacy concern, Villegas said.

The Collegian reporters used the same browser window to log on to their campus accounts. Even though the first user logged out of the application after using it, it was not enough to guarantee online security, Villegas said.


“If the browser window is still open you can pick up on any information left behind,” he said. Temporary cookies store information for a current browsing session and get deleted from the computer only after the browser window is closed.


The problem occurred only on Macintosh computers and not on the personal computers in the Peters lab. However, the problem on Macintosh computers was eliminated after the browser window was closed in between the users.


“It is not a Macintosh versus a PC problem,” Villegas said. “The same could happen on a PC computer as well if the user forgot to log out and close the browser window. It depends on which Internet browser is used and the cookie settings on the computer.”


People using public or shared computers usually cannot change cookie settings to make online activity safer.


“It is important,” Villegas said, “to follow the browser directions to sign out, and make sure to always close all the browser windows to prevent being tracked down.”


“When I log in and log out I worry if other people can get in and change stuff,” sophomore chemistry major Foua Vang said. She uses the computer lab frequently, and has encountered instances when she goes online to check one of her accounts and someone else’s account opens up. To be safe, Vang said, she always closes everything and then goes back to double-check that she is logged out.


Many browsers come with security systems asking users to log out, but it is equally important to close all the browser windows after using a shared or public computer, Villegas said.


Technicians in campus computer labs update the security systems on the computers periodically. In case of big security vulnerability, the Information Technology Systems office sends out notices explaining what the problem is and how to fix it, Villegas said.