Being a senior at UCAS, I have experienced both times with and without iBoss enabled on our school network. In my sophomore year, internet throughout UCAS was filtered indiscriminately, and students were often complaining about how they couldn’t access youtube or other sites they frequently visited. Then, throughout my junior year, the firewall seemed to have dissipated entirely. Now, I have witnessed the disturbing resurgence of iBoss’s reign over the UCAS school network.
I can understand the purpose of an internet filter at schools. The filter is a fantastic safety net to protect students from shadier parts of the web and can sometimes steer them away from legal trouble. The firewall also is a wonderful tool to help students stay focused on school work by blocking games and other such content. These two purposes I agree with entirely, as I have witnessed the beneficial effects of both. On my PC at home, I’ve installed software to achieve a similar purpose, and I can set hours for the software to block certain websites so that I can finish school work.
IBoss’s second major flaw lies in a type of protocol it uses to manage encrypted ssl sites. This is a little bit more difficult to see right off the bat (and maybe a little difficult to care about if you’re not into servers), but hear me out. If you notice, when you go to any page blocked by iboss (http://miniclip.com) you’ll see the iboss blocked image. However, any encrypted website (https://www.humblebundle.com) that is blocked by iboss, you’ll see the “This site can’t be reached” error from chrome. The sign for the encryption is the http versus the https in the url. Why does this matter? iBoss runs what we call ssl decryption or “man in the middle” attacks. Essentially, when you’re generally browsing the internet, your computer connects directly to a remote server, which sends back data that is, on https sites, encrypted. A man in the middle attack with place something in between those two points and decrypt the data from the website before it reaches your computer. I verified this by double checking the SSL (encrypted) handshake running from my website to my computer on the school network, given that I already know all the data and certificates that should be encrypted on my website since I put them there. I was first suspicious of this when I noticed this error when trying to send data to github, a collaborative development platform (fatal: unable to access ‘https://github.com/ danger dangerxx/ danger dangerxx.git/’: server certificate verification failed). Essentially what this implies is that at some point along the line, your secure data becomes insecure and is a great point of entry for any hacker to intercept that insecure data. Just within the last few months, the senior career explorations class has been filling out information for federal student aid – entering information such as their social security number and tax information. Imagine if that data was intercepted because of the security leak iBoss provides.
Iboss’s final flaw lies in simply that it, like all technology, is not a bullet proof filter. I’ve witnessed many of my friends continue to spend many unproductive hours playing games that just don’t happen to be blocked on the school network. If a student wants to waste his time, he is going to waste his time whether there is a filter or not.
Rather than pushing a flawed system onto students at their great detriment, UCAS should consider simply educating students about internet dangers and helpful study habits. Students, especially at 16-18, have the conscious to decide for themselves about internet choices. Teachers and lab monitors can keep a careful eye over students to help steer them towards more productive tasks, as they have always been doing. Iboss can never replace this careful guidance and care when it comes to internet usage.