• caglararli@hotmail.com
  • 05386281520

How can this unelevated tool intercept VM traffic and cause a "blue screen of death" on a personal Windows 10 computer?

Çağlar Arlı      -    49 Views

How can this unelevated tool intercept VM traffic and cause a "blue screen of death" on a personal Windows 10 computer?

Because my child wanted to access certain blocked websites (such as ChatGPT), on his school computer, which runs personal Windows 10, I decided to setup a Ubuntu VM for him.

Websites are blocked by a tool called Blue-Coat Unified agent, which is basically a MITM and WiFi-authentication service the school insisted on installing, even though I was skeptical. This tool is completely unelevated in all areas except for in-and-out bound network traffic, because this is all it is designed to monitor.

This is his personal computer and therefore has no other restrictions or tools (that I know of.)

But whenever blocked website on the VM is attempted to be accessed, it demands a restart and often freezes with the infamous "blue screen of death" for long periods of time. This is by no means a coincidence; unblocked websites work fine.

The two issues that I see from this is that BCUA

  1. Can Intercept traffic forwarded from a bridged network card (I set it up this way to try to bypass the thing.)

  2. Even more alarmingly, cause an unstoppable restart and "blue screen of death."

Unless it installs more tools itself or self-elevates (both unlikely), I don't see how this works.

Also note that when blocked websites are accessed from out of the VM, nothing like this happens.