I am a student at UWA. I am also a computer programmer and have worked on various open source projects in various roles.

Since hearing about UWA's implementation, I have taken a preliminary look at Examplify and Examsoft:

- The software is closed source. I have sent a request to ExamSoft to provide a url to their source code repo and software license but am yet to hear back,

- Examplify and Examsoft have poor operating system support; ExamSoft will not support anything below Windows 10 and only the newest versions of MacOS. It seems to be Apple-centric with no support for Android or Linux or other *nix-based systems. However, there are a number of reports of problems with Apple devices,

- It has very high level permissions on your device and takes over a number of functions and features of your computer including WIFI, video and audio. It functions much like existing malware in its level of control over a computer system,

- There are no published prices; I have trawled their site but cannot find any pricing. The only thing I can find is something about a custom pricing model,

- ExamSoft and Examplify rely on "AI" to verify the actions of the exam taker. This is probably achieved using facial recognition software. A recent study by the University of Essex found that facial recognition by the MET police incorrect 80% of the time. It is unlikely Examplify's "AI" is particularly sophisticated; I would assume it, too, would suffer from a similar false positive rate. This means that certain students could be misidentified as conducting in cheating whilst others would not be caught.

Because of ExamSoft and Examplify's closed nature, it is difficult to determine how the software exactly functions, but from experience in the software industry, I would assume the software would send back a lot of data to a centralized system (ExamSoft describes their software as "Cloud-based"). ExamSoft captures a lot of information about a user, from video footage to voice recognition. However, there is no way to determine where this information is stored or what it is used for (further training of software which could be sold to military or other, US-based organizations), or whether it is passed to 3rd parties; I would imagine it would be very attractive to governments and other organizations to capture information and train "AI" systems to search out well-educated "trouble-makers".

Closed source software has a poor track record of quality; most closed source systems are badly developed and, because of this, are often targeted by hackers. Additionally, private companies who develop proprietary software are usually slow to publish exploits and often obfuscate the severity. Users are also reliant on a single organization to provide bug fixes and are often delayed due to resource shortages.

Because of Examplify's elevated system access, users are opened up to a possibly severe exploitation of their computer systems. If a cracker gains control of a system via ExamSoft or Examplify, they would have almost unlimited control over the victim's system, possibly without the victim having any idea their system has been compromised. Additionally, because Examplify communicates with a cloud-based backend, there are multiple intrusion points. If ExamSoft's servers are compromised, victims could be exploited remotely.

ExamSoft is a US-based corporation who collect vast amounts of personal data for further analysis and interrogation. That means that this software is collecting private information from university students, without their knowledge and from another jurisdiction.

I don't think the implications of implementing a foreign, private corporation's software, which effectively takes over control of a computer system and captures large amounts of private information about a user has been fully thought through.

Why would an academic institution which prides itself of quality research and innovation that benefits humanity choose a poorly developed, off-the-shelf solution to address such an important use-case. The university has a large population of highly motivated, intelligent mathematical, computer and data science students yet it hasn't tapped this unused resource and designed and developed an open source alternative (UWA could even partner with Curtin and TAFE to recruit more programmers). Such a project would lend itself to the current environment of lock down and limited movement. Using online tools, all of the development could be carried out remotely by a large team of university educated developers.

Why is UWA not utilizing open source alternatives which could be deployed, developed and maintained by staff and students, providing real world experience in running enterprise level systems? Instead we use closed source software built by private companies (and in most cases US-based) which are profit motivated and sell the data they collect to 3rd parties (E.g. Facebook/Cambridge Analytica).