DyKnow Vision is proprietary classroom software made by Dynamic Knowledge Transfer, LLC and used by the College of Engineering at Virginia Tech. DyKnow Monitor, an optional module, includes malware-style features such as application and URL blocking, remote opening and closing of programs and screen captures of students' computers.

Malware Features

The Monitor module was enabled in fall of 2007 but by fall of 2010 its cost and non-compliance with the Acceptable Use Policy had been noticed by the COE Director of Information Technology and the module was removed.

Security

In the spring of 2009, the IT Security Office and Dynamic Knowledge Transfer were alerted that the login process was unsafe. Passwords are sent by DyKnow over the wire as an MD5 hash with a static salt and symmetrically encrypted with AES. While the salted MD5 hash is invulnerable to standard precomputation attacks, the symmetric encryption was performed with key information shared between all clients, allowing for simple decryption if the traffic can be intercepted. Within a month of notification, the issue was worked around at Virginia Tech. Users were instructed to enable SSL for transactions and unencrypted access to the server was shut off. No response from DyKnow on this issue is known of.

Patents

Dynamic Knowledge Transfer has been granted three software patents related to DyKnow.

• US 7003728
• US 7213211
• US 7508354

External Links

• DyKnow entry on the School Computing wiki
• Online Course Systems DyKnow support page