The University Housing documents listing draw times, which include student names, student PUID numbers, and class years, are not protected by the University’s Central Authentication System (CAS) and can be accessed by anyone who has the links to the documents.
The students whose information can be accessed in this way include those who have opted to be removed from the University’s public directory.
Yang Song ’20 and Adam Chang ’20, who recently released an analysis of room draw, brought this fact to the attention of The Daily Princetonian.
While Song noted that Housing likely didn’t intend for this information to be publicly available, he acknowledged that anyone being able to see a student’s PUID and friend group, as indicated by draw group, could potentially have negative consequences.
Song said that he used computer science skills he’d learned while at the University, including lessons about forms and URLs, to find past years’ housing data and identify this security issue.
The ‘Prince’ has decided not to publish the links publicly in the interest of student privacy. However, as of the time of publication, the link to upperclass draw time lists currently available in the “My Housing” portal for current University undergraduates allows access to all link users without being logged in through CAS.
Replacing the word “Upperclass” in the upperclass draw times link with “Butler,” “Forbes,” “Mathey,” “Rocky,” “Spelman,” “Whitman,” and “Wilson” all result in links to PDFs that can be accessed without CAS login. In addition, 2018 draw time data can be accessed by changing the “19” to “18” in all links.
According to the University’s deputy spokesperson Mike Hotchkiss, the list was not meant to be publicly shared.
“The list is provided to facilitate students’ decision making about the draw process,“ Hotchkiss wrote in an email to the ‘Prince.’ “Students should not, of course, share that information publicly. We are working to ensure that this information is appropriately secure.”
According to Stephen Cornwell ’20, it’s hard to say that these documents present information that isn’t otherwise accessible given the availability of social media.
Cornwell believes that the greatest danger posed by public room draw documents is that they clearly show the potential roommates of all students living on campus.
“The [room draw] file specifically identifies who they draw with, which would help someone find out who they lived with, which would help them find out where they live,” Cornwell said.
Robert Liu ’20 sees these documents as posing a de-anonymization risk, as “they might allow outside groups to link previously anonymous information to student names, which are what you want to be protecting in the first place,” he said.
“If you take this data with PUIDs, which are a unique identifier, and link to other data, possibly Tigerbook, you could do something nefarious with it,” Liu explained. “It’s not ideal to expose students’ real names because students have their own reasons for not wanting to be publicly identified.”