Difference between revisions of "DyKnow"

From the Linux and Unix Users Group at Virginia Teck Wiki
Jump to: navigation, search
imported>Cov
(Created page with ''''DyKnow Vision''' is proprietary classroom software used by the College of Engineering at Virginia Tech. It is mostly written in C# but has many native components and canno…')
(No difference)

Revision as of 16:59, 25 November 2009

DyKnow Vision is proprietary classroom software used by the College of Engineering at Virginia Tech. It is mostly written in C# but has many native components and cannot be run with Mono. Attempts to run it under Wine have been unsuccessful. DyKnow Monitor, which comes bundled with DyKnow Vision, includes malware-style features such as application and URL blocking, remote opening and closing of programs and displays of student screens.

Malware Features

Occasionally, professors have enabled the malware features of DyKnow products in class, forcing full-screen mode and spying on students. More specific information regarding this would be informative. In earlier versions of DyKnow, certain key combinations could easily break the forced full-screen mode. Unless students give consent to have their privacy invaded by merely showing up to class and running required software, the malware functionality breaks the Virginia Tech Acceptable Use Policy.

Running the Proprietary Software

Virtual Machines

DyKnow runs fine in virtualized environments such as VirtualBox. Using a virtual machine is a nice way to soften the effects of its malware capabilities.

Making the Installer Skip Dependencies

The web installer is broken, but if you trick it into skipping dependencies, you can at least get DyKnow installed under Wine. To do so you'll need to run the DyKnow installer with Wine then delete the dependency entries from a temporary folder in c:\windows.

Security

In the spring of 2009, the IT Security Office and DyKnow were alerted that the login process was unsafe. Passwords were being sent over the wire as an MD5 hash with a static salt, allowing replay attacks and password cracking (but not precomputation attacks). Within a month, users were instructed to enable SSL for transactions and unencrypted access was shut off.