r/LaTrobe u/No-Environment7496 7d ago

Talview

https://docs.talview.com/releasenotes/q2-2026/proctoring-may-release-notes

Hi everyone,

So I've been doing some digging around to work out this exam issue and I came across a very recent patch note from Talview in regards to the Proview plugins.

My biggest concern is that the plug in Sentry Telemetry has been turned on by default this whole time so all your browser activities have been monitored since your last exam....

There are other massive issues such as people being able to bypass the password to gain access to exams etc, recording sessions being made available to all reviewers.

This is pretty terrible.

I feel like the comms is pretty lacking considering all our personal information is now at risk.

25 Upvotes

95% Upvoted

18 comments sorted by

View all comments

8

u/ChronicallyillWitch 6d ago

Good work, waiting for La Trobe to come out and say this is what's happened.

I also hope there will be transparency about who's data has been comprimised.

6

u/Brilliant-Lettuce695 6d ago

Don't hold your breath. I can't see LTU being straightforward about how big of a fuckup it was to force students to install vibecoded spyware predictably riddled with bugs and security holes. The management types at LTU calling most of the shots here are AI boosters.

3

u/No-Environment7496 6d ago

So if you go into the actual plugin setting before deleting it, the permission default to be able to read all your browsing history and make changes to all the website you visited. I had this plug in on my computer for months! This is completely unacceptable.

3

u/Brilliant-Lettuce695 6d ago

In general, just because a browser extension has those permissions, even ″on all sites″, it doesn't mean it uses them all the time and/or to their fullest capacity. It also doesn't necessarily imply illicit data harvesting either. Also, the more precise permissions requested or used by an extension are more comprehensively detailed elsewhere in your browser and in the extension′s manifest. That boilerplate text is probably a bit too sensational.

Bringing it back down to Earth though, this particular extension is promoted and sold (if euphemistically) as a form of literal spyware by definition, and is a closed-source black box that I doubt has undergone a recent good-faith, independent and comprehensive privacy and security audit.

I was personally thinking of ideally only ever installing the extension in a freshly-installed web browser running in a throwaway virtual machine. Glad I don't need to set that up anymore.

3

u/No-Environment7496 6d ago

My laptop has been draining battery like crazy over the last couple of months. I used to only have to charge it once a week and now it was everyday. I've been checking the power usage and it was always chrome. I uninstalled it tonight and the drain dropped immediately.

1

u/ChronicallyillWitch 5d ago

Are these throwaway virtual machines that ones that hackers use as a ruse to infiltrate scammer networks?

1

u/Brilliant-Lettuce695 5d ago

I mean, there's a million and one uses for them?