14 by convexpolygon | 10 comments on Hacker News.
My school has a bring-your-own-device wifi which obviously necessitates blocking of certain categories of websites. Previously I used to be able to bypass their DNS blocking using DoH, but now this does not work anymore. Instead, trying to access a blocked website gets me a wrong/unsafe certificate warning followed by a Fortinet/Fortiguard blockpage when I click continue. Upon inspection I can see that the certificate is issued by Fortinet, which explains the warning. On non-blocked websites I do not get a warning and the certificate appears correct. How does this work? Is this some kind of MITM-Attack on me (I do not remember having had to install any special certificates, but I do not know how to check this)? Is there a convenient way to bypass this (i. e. not Tor et al.)? I respect the IT companys efforts to secure the schools network (The IT company is universally hated by the entire school - They block the sites the teachers want to use, the youtube videos sometimes used for lessons, make the schools computers slow through McAfee and other bloat and prevent us learning about computer networks in class by blocking school-pc-to-school-pc connections in the firewall. Oh, and they also recently took in all the school issued I-Pads for an update only to delete all personal files on them; fortunately I do not use these out of principle, although I believe everyone managed to recover from cloud backups), but I would like to understand what they are doing to the network. Furthermore I am concerned about the legality of what they are doing (German law) and if they are able to read my private data that flows through the network (the network is personal login only, which would make that even worse). Also I find it disconcerting that my school blocks hrw.org (i. e. human rights watch) which I believe sends a wrong message. If there is any testing I can/need to do for further analysis I would appreciate you telling me. Thank you! This is actually my first post here on HN as a long time lurker.
0 comments:
Post a Comment