Good day! I'm Thomas Jollans, a student, programmer, Linux user, blogger,
European. On this website, you will find some software I've written and
published, most notably:
Vinyl Scrobbler, an Android app that lets you scrobble vinyl records and other offline media to Last.fm.
To the administrators of the Oxford Student Self Registration website,
When accessing https://www.studentsystem.ox.ac.uk/ for the first time, I was surprised to see Firefox claim that it uses an invalid security certificate. As somebody who does understand the risks involved, I was unwilling to simply blindly accept the certificate, and had a closer look.
It turns out that the signing authority of your certificate, known as "Cybertrust Educational CA", is not included in Mozilla browsers by default, and thus Firefox rightly rejects your certificate. I was able to locate this CA certificate; it is, in turn, signed by a CA known as "GTE Global Root", which is included in Firefox.
Please configure your server to supply the intermediate certificate, "Cybertrust Educational CA", to browsers. This is the correct procedure and the only way in which the site will be accepted by Mozilla browsers, and any other browsers with security policies that are, as they should be, similarly strict.
Allow me to explain why I feel this is important: by using an apparently invalid security certificate, especially on a website students must use, you are requiring students to simply trust an unknown certificate in good faith, in effect training them not to take these security warnings seriously. While it is true that in this case, it was possible to verify the certificate manually, most students will probably never possess the necessary expertise - why should they? - and instead "learn" to treat computer security with an attitude that leaves the door wide open for fraudulent sites and man-in-the-middle attacks.
Coming from an education institution, this is particularly worrying.
Yours faithfully,
Thomas Jollans
PS: The contact form I'm using uses an unencrypted connection to send the email, even when this website is being accessed over a secure connection. This might also be worth changing.
Addendum: I just sent this letter to Oxford University Computing Services (OUCS) using their so-called suggestions form. Perhaps not the best place, but of those potential addressees I could find this was the one where I felt most confident that my message would end up in the right place. This whole episode reminded me of, and indeed my writing this letter was perhaps inspired by, a blog post by my cousin Leon about a month ago, concerning a similarly problematic attitude at the University of Greenwich.
I am pleased to announce the first released version of Emperor: version
0.1 "Aurelian"
You can download Emperor from its website
or get the most recent version of the code from GitHub
Emperor is a new Commander-style (“orthodox”) file manager for the GNOME desktop. It
is writte in Vala and, unlike similar programs such as GNOME Commander
or mc, it uses GIO in order to integrate with the GNOME desktop and to
take advantage of GVfs-FUSE.
While it is not yet full-featured, it is complete enough to be useful
and has good support for network file systems and automatic mounting of
archive files.
Emperor strives to provide a user interface familiar to users of Total
Commander, Krusader, or GNOME Commander.
Dependencies:
GTK+ 3
Libxml2
Libgee 0.7
Additional dependencies when building the source from Git:
Who to link to in a blogroll? How to refer to their blogs? The list of links that is my blogroll is now slightly longer than it was, perhaps it will grow in the future, and I've changed the names a bit: Instead of linking the author's civilian name, I use the blog's title — I'm still not sure which is the better practice, but at least one of these blogger doesn't use their civilian name on their blog, so I probably shouldn't disclose it here either. My most important criteria for inclusion here are probably that the blog appears to be active, and that I (appear to) read it. Looking through the list, I also find that I've met all the authors but one in person, a fact that one could assume played a role in the selection.
@freezombie