Skip to Content.
Sympa Menu

cat-users - Re: [cat-users] Eduroam Windows 8.1

cat-users AT lists.geant.org

Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

List archive

Re: [cat-users] Eduroam Windows 8.1


Chronological Thread 
    < Chronological >      < Thread >
  • From: Stefan Winter <stefan.winter AT restena.lu>
  • To: Carlos Ancochea <carlos_ancochea AT visavet.ucm.es>
  • Cc: cat-users AT geant.net
  • Subject: Re: [cat-users] Eduroam Windows 8.1
  • Date: Thu, 11 Jun 2015 19:21:05 +0200
  • List-archive: <http://mail.geant.net/pipermail/cat-users/>
  • List-id: "The mailing list for users of the eduroam Configuration Assistant Tool \(CAT\)" <cat-users.geant.net>
Hello,


My Steps:
  • I started the new computer Dell XPS13 2015  with windows 8.1 and made the user.
  • I connect it to the internet using LAN.
  • I update Windows 
  • I install Office 2013, Acrobat, WinRAR, videocodecs.
  • I update Windows MS Office 2013.
  • I uninstall the windows updates KB3023607 KB3046049 KB3044132 KB3040335 https://www.ucm.es/faq/conexion-wifi/problemas-en-la-conexion-a-eduroam-con-windows-81
  • I download from https://cat.eduroam.org/ the installer for the Universidad Complutense Madrid and Windows 8.1
  • I install eduroam-W8-UCdM.exe using Administrator privileges like this manual https://www.ucm.es/data/cont/media/www/pag-6767/EduroamCATW8.pdf
Nothing unusual :(


Nothing unusual?

This is the first time I see an institution recommending to uninstall a whole batch of patches. This is not recommended by us, it's a local addition by your IT support. CAT installers are usually working without any such drastic changes.

Those patches are security patches. From shallow reading, they improve the TLS handshakes to stop your computer from being vulnerable to attacks. They are *useful*; manually deinstalling them is *dangerous*. The only reasonable explanation I have (but I may of course be wrong) is that maybe your identity provider is running a really ancient version of TLS in its RADIUS setup, and that fixing those security issues client-side makes the client incompatible with the server. If that were the case, the solution is of course to upgrade the server, not to downgrade the client!

Also, the CAT installer for Windows 8.1 does not usually require Administrator privileges (wired ethernet support in the new installers of CAT version 1.1 might). FWIW, the link you posted also does not speak of Administrator privileges; it just recommends double-clicking the download - which will launch it with normal user privileges.

I can only suggest to check back with your IT department. They must have had their own reasons to send you down a patch-hunting route.

Greetings,

Stefan Winter

Attachment: signature.asc
Description: OpenPGP digital signature


Archive powered by MHonArc 2.6.19.

Top of Page