Difference between revisions of "DyKnow"
imported>Cov (Created page with ''''DyKnow Vision''' is proprietary classroom software used by the College of Engineering at Virginia Tech. It is mostly written in C# but has many native components and canno…') |
(No difference)
|
Revision as of 16:59, 25 November 2009
DyKnow Vision is proprietary classroom software used by the College of Engineering at Virginia Tech. It is mostly written in C# but has many native components and cannot be run with Mono. Attempts to run it under Wine have been unsuccessful. DyKnow Monitor, which comes bundled with DyKnow Vision, includes malware-style features such as application and URL blocking, remote opening and closing of programs and displays of student screens.
Contents
Malware Features
Occasionally, professors have enabled the malware features of DyKnow products in class, forcing full-screen mode and spying on students. More specific information regarding this would be informative. In earlier versions of DyKnow, certain key combinations could easily break the forced full-screen mode. Unless students give consent to have their privacy invaded by merely showing up to class and running required software, the malware functionality breaks the Virginia Tech Acceptable Use Policy.
Running the Proprietary Software
Virtual Machines
DyKnow runs fine in virtualized environments such as VirtualBox. Using a virtual machine is a nice way to soften the effects of its malware capabilities.
Making the Installer Skip Dependencies
The web installer is broken, but if you trick it into skipping dependencies, you can at least get DyKnow installed under Wine. To do so you'll need to run the DyKnow installer with Wine then delete the dependency entries from a temporary folder in c:\windows
.
Security
In the spring of 2009, the IT Security Office and DyKnow were alerted that the login process was unsafe. Passwords were being sent over the wire as an MD5 hash with a static salt, allowing replay attacks and password cracking (but not precomputation attacks). Within a month, users were instructed to enable SSL for transactions and unencrypted access was shut off.