so the university used a packet sniffer to intercept a clear-text malware password for a compromised IoT device.
Doesn’t that violate the anti-hacking laws? 
(And before someone says that they own the hardware, do they really under current licenses?)
