Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



School Tricks Pupils Into Installing a Root CA

paddysteed Re:certpatrol (417 comments)

This works really well, thanks. Why isn't this sort of thing default in browsers?

about 7 months ago

School Tricks Pupils Into Installing a Root CA

paddysteed Re:In their defence. (417 comments)

I am that one student, and I always share what I have done with the rest of the school, resulting in everybody being able to beat the filters.

about 8 months ago

School Tricks Pupils Into Installing a Root CA

paddysteed Re:In their defence. (417 comments)

But installing a root CA on people own hardware, don't you think that is a step too far. It is not as if it is really easy to circumvent anyway. I have ssh running on port 80 and just tunnel everything through that to beat the schools surveillance.

about 8 months ago

UK Passes "Instagram Act"

paddysteed Re:hint.... (230 comments)

Perfect destruction is assured by snapchat, they have done what the NSA couldn't.

about a year and a half ago

Ask Slashdot: What Were You Taught About Computers In High School?

paddysteed 16 Y/O UK (632 comments)

Nothing of note. I did a GCSE in IT and it was rubbish, basically Facebook ethics and how to use Word. I did not chose IT at A level even though I want to do CS at uni. This is because it is more Facebook ethics. I remember one question on my GCSE paper was a table listing three phones and the question asked me which one had the most memory (not even specific as to whether it was RAM or Flash storage although i could infer it), what a stupid question. it was basically, which is bigger 100 or 200, also aparently examiners do not understand that usually flash memory chips come in base two divisions

about 2 years ago



My School Has Tricked Pupils Into Installing a Root CA on Their Laptops

paddysteed paddysteed writes  |  about 8 months ago

paddysteed (2380072) writes "I go to secondary school in the UK. I went digging around the computers there and found that on the schools machines, there was a root CA from the school. I then suspected that the software they instruct windows users to install on their own hardware to gain access to the BYOD network installed the same certificate. I created a windows virtual machine and connected to the network the way that was recommended. Immediately afterwards I checked the list of root CA's, and found my school's.

I thought the story posted a few days ago was bad but what my school has done is install their certificate on people's own machines which I think is far worse. This basically allows them to intercept and modify any HTTPS traffic on their network. Considering this is a boarding school, and our only method of communicating to the outside world is over their network, I feel this is particularly bad.

We were not told about this policy and we have not signed anything which would excuse it. I confronted the IT department and they initially denied everything. I left and within 5 mins, the WiFi network was down then as quickly as it had gone down, it was back up. I went back and they confirmed that there was a mistake and they had "fixed" it. They also told me that the risk was very low and the head of networks told me he was willing to bet his job on it. I asked them to instruct people to remove the bad certificate from their own machines, but they claimed this was unnecessary due to the very low risk.

I want to take this further but to get the school's management interested I will need to explain what has happened and why it is bad to non technical people and provide evidence that what has been done is potentially illegal."

Link to Original Source


paddysteed has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?