The University of Georgia is now mandating that we change our UGA MyID passwords every 6 months and that we must use strong passwords (e.g. 8 characters long, must have a special character, ect). For more information, check your email inboxes.
Sidenote: but did our wonderful student government have any say in this decision?
The email indicates that there is a worry about information security here (and rightly so), but while discussing the security of UGAmail and webct, the email did not mention OASIS. I would rather UGA and EITS worry about securing OASIS, since you have to sign on with your Social Security number! Can we change that? There are a lot of personal records on OASIS (probably more than my UGAmail or my webct), and yet UGA is not mandating that we change those passwords.
All it takes is a keylogger installed on your computer (which is commonly installed by spyware) and some intruder can see your social security number as you type it in to access OASIS.
I really appreciate UGA and EITS worrying about my privacy, but why not start where it really matters and where the most damage could be done, financially, to a student?
OASIS is probably the oldest software deployed anywhere on campus. It seems to be a remnant from the MS-DOS days. Would it be possible to switch to a new system, that isn’t a Java pop-up and doesn’t require you to download a special applet, that also uses something besides my Social Security number to log in, and that can be accessed 24/7 (right now Oasis is not accessible from midnight to 7am)?
{ 6 } Comments
are you sure the myid isn’t for checking ugamail and myuga and not OASIS? Maybe i read the e-mail wrong, but thats what I had gotten out of it.
whoops, read your post wrong too, my bad
I do not understand why this is on the Hatin SGA website.
The problem with updating OASIS is that the cost is prohibitive to doing anything radical. Because there is almost always something better to do with $10M+ than totally overhauling a computer system, it will most certainly never be done (in all likelihood). Looking into the possibility of replacing OASIS last year, the true nature of switching from the current system isn’t as simple as unplugging a couple of computers here and there. I know you know that Chris, but I think that updating here and there is a better solution than completely replacing now and then updating for similar money later on. I’ll say it here but I don’t really think that OASIS is all that horrible. Sure its slow sometimes when there are all 33,000 people registering for classes at the same time, and surely there are better ways to login than your social security number, but overall its a good system that could use incremental updates here and there. I can think of about 10 better and different ways to spend the money that would be spent on overhauling OASIS. Chief among them is to hire more professors for various departments (especially SPIA, not to sound like a broken record). OASIS, despite having some prominent warts, is good for what it does, which is really all it needs to be.
Wade,
I remember during last year’s SGA president debate that one candidate stated that upgrading OASIS would cost $1 million, and then changed that to ‘millions of dollars.’ Now it will cost over $10 million? The problem with OASIS is not hardware, it is software. Software does not cost $10 million, I promise you.
Chris,
You’re right that software doesn’t cost $10M but the problem with OASIS isn’t in fact software. The reason that OASIS can’t be logged onto 24/7 is because the servers need to cool in order for them not to melt. You could argue that this is a problem, but in the grand scheme of things its not really a big deal. I imagine that by extending the hours to 1AM or something would significantly lower the complaints about the hours. As for the current OASIS software, it could be updated to make things faster, and that would costs significantly less money than replacing everything. The problem with replacing everything is that the second you get done installing everything and get it up and running without a bunch of kinks in the system, there is already something newer and better out in the world, to which at some point you’ll have to upgrade your way to. There are more cost effective ways of going about restructuring student access points than simply overhauling OASIS… i.e. putting more emphasis on MyUGA or making everything web-based. Until that time OASIS will serve its duty and do it admirably, despite some people assailing it.
PS - You’re right about the social security numbers, there does need to be a change… from OASIS to giving your id’s to teachers and everything in between. Its a wonder that more people don’t get their identities stolen every year.
{ 1 } Trackback
[...] Ha! What nonsense. And all this so later some spyware can steal my Social Security number. [...]
Post a Comment