Concerns about Respondus Lockdown Browser

A potentially dangerous solution being implemented

Posted by Zain Ahmed on September 04, 2020
Recently, At my school, students are being asked to install the "Respondus Lockdown Browser", made by Respondus Inc. The idea behind such a browser is to prevent student cheating on exams, by locking down their computers to the point where they are restricted from doing anything but the exam. At first thought this may sound like a good idea. It has good intentions, but a poor execution. After analyzing the effects of Lockdown browser on windows, I have come to the conclusion that Lockdown browser may be unwanted software on personal computers. Some effects include, but are not limited to:
  • Preventing user from turning off their computer after the browser has been closed in a proper manner

  • Respondus blocks the user from starting the task manager after the browser has closed

  • Video camera feed is sent to third parties for analysis, without any transparency as to what happens to those recordings

  • Keylogger software being run

  • Responus saving of a list of all running processes on the computer, and sends it to a Respondus owned server.

The main concern here is that it messes up a student's computer, most of whom have little to no technical experience and thus would be unable to reverse the effects of lockdown browser.
Another aspect to this problem is that the browser is also very easy to bypass. There have been numerous successful attempts to run Respondus in a virtual machine, while avoiding the built in VM detection, or patching the software to prevent the lockdown features from working.
The conclusion here is that lockdown browser is a potential risk to security. In the event of a data breach at Respondus Inc, this would result in countless amount of data of students being released, including names, which in some cases are linked with video recordings (if Respondus Monitor is used), keylogs taken from students computers, lists of running processes on the computer, and potentially alot more that we have no knowledge of.
In the end, I encourage schools and districts and administrators involved to rethink the use of Respondus's Lockdown Browser.