A student came to my office today. His browser showed our
fronter.com instance protected by a peculiar SSL certificate issued by
royalvulkan.com. The norm for
fronter.com instances are SSL certificates issued by COMODO CA Limited. The intrusive SSL certificate has a validity period spanning from 1996 to 2056, which is very odd. The certificate probably has a wildcard Common Name, causing it to cover all conceiveable hostnames. I have no idea how this certificate got introduced into our student’s computer. Luckily, Google Chrome spotted the faulty certificate and the student was wise enough to come and see me. Shortly after, I had to leave the student and go to class. I’ll try and update this post if he shows up again with the same problem.
I pondered this issue during the weekend. Maybe the student has somehow activated the proxy setting, sending all his (sensitive) internet traffic to an unknown third party.