Anti-Malware and Blackboard Vista

Tier1 support was contacted by a student to report a problem with a quiz. Some sort of anti-malware software complained about code in the quiz. Tier1 support replicated the issue. Their software identified it as belonging to MyWebSearch. Very bad news.

Tier2 support suggested the student remove the MyWebSearch toolbar. Tier1 escalated to Tier3 who claimed that because Tier1 and the student both saw the issue, the malicious code must have been inserted into Vista by the instructor. Tier3 also escalated it to me… Tier4.

From the email conversation, no one looked at the quiz in question despite Tier2 and Tier3 both having the access (and Tier2 being involved in instructional design).

*headdesk*

Instead of providing my own equally valueless speculation, I got a copy of the quiz and looked at the HTML. Eventually, I used WinMerge to compare the problematic quiz and a previous quiz side-by-side.

Turns out the difference between the two is the use of WebEQ Java applets. (The problem-free quiz used GIF images instead of applets.) I think the anti-malware software of the student and Tier1 both reacted to the Java applet. Here is one of the items used.

<applet code=”webeq.Main” archive=”/path/to/jar/WebEQ2Applet.jar” width=1899 height=40 align=middle><param name=eq value=”<math> <mrow> <semantics> <mrow> <mi>f</mi> <mo stretchy=’false’>(</mo> <mi>x</mi> <mo stretchy=’false’>)</mo> <mo>=</mo> <mn>2</mn> <msup> <mi>x</mi> <mn>2</mn> </msup> <mo>+</mo> <mn>3</mn> <mi>x</mi> <mo>+</mo> <mn>1</mn> </mrow> <annotation type=’MathType’/> </semantics> </mrow></math>”><param name=color value=”#ffffff”><param name=parser value=”mathml”></applet>

The way WebEQ passes the parameters as XML inside a parameter tag strikes me as very odd. Maybe causes anti-malware to trigger a false positive?

These applets have been a problem in the past, as many were hard coded into the HTML prior to Vista incorporating this into the equation editor. Vista instead, uses a parameter block to pass the values to the applet.

I think our instructional designers are moving away from use of WebEQ as it has been consumed so much of their time, they hate it now.