A Three Hour Tour

If you’re reading this blog from within the UCLA residence halls, you probably have installed that mysterious little program called TrustedInstaller.exe, SafeConnect, or PolicyKey, all of which are names for the same program, which I will call PolicyKey.  You get this warning, and then download this file.  It doesn’t seem to do anything, and yet magically you suddenly have internet access!  What happens?  How does it work?  And most importantly, what does it do?

If you’re like me, you hesitate to install programs unless you know what they do.  Well search the internet all you want, and there’s very little information about PolicyKey out there, other than it is the Product of Impulse and is a Network Access Control (NAC) product.  What does that mean?

We are blessed with a blazingly-fast on-campus network.  We are better than DSL, Cable, or even Verizon’s FiOs offering.  We are very fortunate in that regard.  Unfortunately, with great speed comes great responsibility, and that means we are also an attractive target for viruses, botnets, and other forms of malicious software.  And because we’re all connected to each other, if one person on your floor has a virus, that virus will quickly spread to everyone unless you are protected.  A virus that has taken over the network is not only dangerous to you, since it could facilitate identity theft (and take out loans in your name, or worse), but it also slows down, attacks, and damages the university’s network.  Therefore it is in everyone’s interest to stop the spread of viruses.

Therefore to use the residential network, you are required to have virus protection software installed.  PolicyKey is the method the university has chosen to enforce this.

Here’s how it works.  When you access a website, your request to view that document goes through a UCLA server, which checks to see if you are a permitted user of that system.  If you are, it lets it through.

If you are not, you will be asked to identify yourself first by logging in with your UCLA username and password.  What happens next depends on your operating system:

• If you are running Windows, you will be asked to download PolicyKey.  Once this software is downloaded and is allowed to communicate with the Impulse servers, you will be unlocked and have full network access.
• If you are running Mac OS X, you have to download PolicyKey as well, however at the time this post is written it does not enforce anything on this platform.
• If you are running a flavor of Linux (Ubuntu, Debian, Kubuntu, Gentoo, or Red Hat just to name a few) then you do not have to install anything; instead you have to periodically log in every couple of hours.

So if you’re running Mac OS X or Linux, you are up and running!  If you’re running Windows, a few more things happen:

1. PolicyKey downloads a list of authorized antivirus programs and rules for how to detect them.  At the time of this writing the list includes at least Sophos, including the free UCLA-provided edition, McAfee, TrendMicro, EZAntivirus, Symantec (Norton), Panda, AVG, AntiVir, Authentium, Avast, Microsoft OneCare, BitDefender, Kaspersky, SpySweeper, Nod32, and ZoneAlarm.
2. PolicyKey also gets a list of required Windows Updates – these include the Windows Firewall and all the latest service packs for the version of Windows you are using.
3. PolicyKey checks to ensure that all virus definitions are up to date.

If all of the following are true, it sends a message to Impulse, identifying your computer and the specific antivirus software you have running.  Impulse then unlocks your computer and you have unrestricted network access for a while.  PolicyKey checks frequently (every second) to ensure that these conditions are still valid, and notifies Impulse if any of these conditions ever fails.  Your computer must check in periodically to maintain this access, which is why the software must be running in the background.

So what’s the take-away from all this?

• At no time does the current version of Impulse PolicyKey access or send any of your private files to anyone – not Impulse, not UCLA, not anyone.
• The only things it enforces are antivirus programs and updates.  It does NOT scan for peer-to-peer filesharing applications, illegally downloaded software, or non-genuine versions of Windows.  HOWEVER, and this is a big disclaimer, this does NOT in any way mean it’s okay to do any of this!  It just means you do so at your own risk.
• The rules it is enforcing are common sense.  Keep your computer up to date and that helps you.  And what’s good for your computer is good for everyone’s computer.

Hopefully this was able to answer some of your questions, or put any suspicions or nagging doubts to rest.  Happy safe computing everyone!

It is no surprise to any college student that final exams suck.  They don’t just suck, they suck like a heavy-duty industrial vacuum cleaner rewired by Tim “the Toolman” Taylor.  Well, not really.  Further proof I shouldn’t ever think of being an English major.

The first of my three finals this quarter was for CS 33, the introduction to (MIPS) computer architecture and assembly language.  The final had very time-consuming questions on it – not hard ones, just time consuming ones.  For instance, I had to find the five errors in an eight-page program.  Pure evil, especially when four of the five were near the end!

The next final was the exact opposite – Math 33A, Linear Algebra.  I finished in an hour, checked my work, and turned it in.  Easy stuff.  Which was good considering the final started at 6:30pm and could have gone until 9:30.

Now I have a day off until I get to enjoy the thrill of waking up at the ungodly hour of 6 am to get ready for my final at 8.  Differential equations.  Good stuff.

So it seems there’s yet another scene in Gilligan’s Island filmed here at UCLA… the Third Season episode, The Pigeon, includes a brief scene filmed from the roof of a building somewhere on campus.  Royce Hall and Powell Library are visible in the background (from the Janss Steps side).  It’s too close to be, say, from the roof of Sproul hall; it looks more like the roof of the John Wooden center.

Yet another scene?  Does that mean there’s another one somewhere?  Yep… In the Rescue movie, there’s a scene where the two Russian spies are chasing after the Skipper and Gilligan on the IM (Intramural) field on campus.  Sproul hall, Reiber, and Dykstra are visible in the background.  A very old Wilson Plaza, with the Janss Steps area covered in shrubs, is also visible for a moment.

So is there supposed to be some meaning to this?  Why is this useful?  Short answer: it isn’t.