Terms of (Mis)Use

Yes, I have obscured identifying info — to protect the guilty. Copyright 2022, All rights reserved

I teach as an adjunct faculty member at a well-known state university. At the moment, I’m only offering one course per term, so as you can imagine, I have some unstructured time to write ruminations such as this one.

Today, I received an email from the university leadership that it was time to renew my commitment to the “Terms of Use” for the institution’s administrative information system. This is a system where I can look up my payroll information (paltry as an adjunct faculty member), my course roster(s), and other links of no particular interest to me (again, as an adjunct). So, the email included helpful information on how to access and note acceptance to the Terms of Use. It did not — wisely — list all the steps involved to gain access to that online resource.

Just for fun, let’s examine all the major and minor steps:

VPN

  1. Launch a VPN client on my computer (that’s a virtual private network program that encrypts all communications between me and the campus network [nowhere else, just to campus and back]) with an encryption level that when first introduced was actually classified as a munition and therefore could not be taken outside the borders of the US. (Amazing the stuff you learn as an IT director.)
  2. Enter my university user name and password plus an extra “password” that sends a push notification to a separate app on my phone.
  3. Wait for the VPN to authenticate me and then wait for my phone to buzz with the request to approve the authentication that I just made.
  4. Open the app and press the OK button, thus proving that I am who I am and I am the person trying to get the VPN started. I can now connect to the campus administrative information system.

Connecting

  1. Go to the connection website where I can look at all the information, including the Terms of Use.
  2. Again, enter my university user name and password. (The same ones as before.)
  3. I immediately get a popup requiring me to have another push authentication sent to the same app I just used. I press the PUSH button that sends another push notification to the same app on my phone.
  4. Again, wait for my phone to buzz with the request to approve the authentication that I just made.
  5. Open the app and press the OK button, thus proving that I am who I am and I am the person trying to gain access to the website.

We then get to watch my browser to do many, many links to conduct what the IT folks call a “single sign-on.” It seems to be providing information to several servers and subservers within the university domain at a pace that’s actually faster than I can count. It’s at least a dozen such links that fly by in the address window before it stops and brings me to the main administrative information system page. I can now accept the Terms of Use. But wait, only after a few more steps.

Terms of Use

  1. I click on the little compass icon in the upper right hand corner of the administrative webpage. (Why a compass? I don’t know. “Ours not to reason why…”) Luckily, the email gave detailed instructions of how to do this starting at the 12th paragraph. I did appreciate the screen grabs showing what to look for.
  2. In the dropdown menu, I click on the Terms of Use icon. That’s the last one on the list. That opens a page with a link to the Terms of Use and a check box that I have read (past tense) and agree to them.

Now, being a good academic citizen, I actually click on the link to the Terms of Use document. (Actually, I’m not that good a boy, but suspect that the page will require me to open it before it allows me to click on the checkbox that I accept all the Terms of Use. Like when you have to scroll down all the text you never read to get the “I Accept” button to light up.)

The page opens as a new tab in my browser and I take a look. There are several full screens of single-spaced text, perhaps 7 standard pages if you printed them out. (Compared to EULA [that’s End User License Agreements], it’s relatively short. Relatively.) It includes about 35 links to other documents to help you understand all the Terms of Use. Some are links to relevant laws at the federal and state levels, including legal mandates for identity theft, public records, medical privacy, and so on. Twelve of the links are just to university policies, standards, and procedures. Finally, there’s a link to “Sign in to leave feedback that takes you to another authentication page to use that same app to prove that you are who you are and will allow you to provide feedback. The page notes that four (four!?!) other people have done so before.

But I digress. What were we trying to do? Ahh, agree to the Terms of Use. I return to the page with the checkbox and check the box, then press the “Accept” button.

All done. Until next year when I do all the above again.

--

--

--

Historian, informatician, novelist, and grandfather. Part-time curmugdeon.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

AWS ECR Security Best Practices

Important Announcement!

Phishing Stats: An Estimate of What’s to Come (April 2020)

AMA RECAP :BOSS × DIVS.io

New Token: iLearnResearch

Cyberdefenders EMOTET malware write up

This Technique Was Supposed to Replace Passwords. Turns Out It’s Surprisingly Easy to Hack

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
David Potenziani

David Potenziani

Historian, informatician, novelist, and grandfather. Part-time curmugdeon.

More from Medium

Creating Enemy Explosions!

Mr Robot (I) — software lifecycle

Java/Set Editing Restrictions in Word

Browser Compatibility Test with Lambdatest and Selenium