back to article Supplier promises to nudge UK schools towards secure webmail

The HTTPS Everywhere campaign received a small boost this week with a commitment by a UK schools technology provider to roll out secure logins for a service used by many educational establishments. Reg reader and former school governor Paul F tipped us off about security shortcomings of the RM Easymail which he claimed were so …

  1. Dan Wilkie

    I remember back when I was at school, we were on RMNet - CC3 possibly. It was Windows 98 frontends and NT4 backend anyway.

    Lets see.

    All the shutdown screens on all the machines were changed to advertise our Unreal Tournament clan

    On occasion various people would change put c:\con\con in the startup folder

    Email attachments came out of your 5MB or whatever we had of file space. But when your space was full, it wouldn't let you log on until you'd freed up space. Which you couldn't do till you logged on.

    Hence the deluge of emails with massive attachments called things like "Say goodbye to your login"

    There were plenty of other shenanigans too, but I only have so many hours in the day...

    TL;DR - I'm not surprised that the mail system was insecure.

    1. Lee D Silver badge

      I work in education IT. I spent ten years going into RM schools, wiping their kit, putting it on plain Windows and Office that they were already licensed for, popping in once a week to keep it all running, charging less than RM did for a more rubbish service, and got nothing but more schools wanting the same after hearing about me.

      CC3 was actually an improvement on the Connect 2 (as it was called) networks. CC4 wasn't much better either.

      I could list stories for weeks on end. In the end, however, I got bored of taking all these schools under my wing and showing them sense and giving them less IT maintenance hassle (because they literally didn't need anywhere near as much support after I'd done this for them) and still receiving nothing but vitriol and lies from RM-sponsored Borough support outfits.

      I went into the private education sector and pretty much every job since, when I mention RM and what I did for a living (and they phone up for references, obviously), they are just overjoyed to have someone who doesn't foist that junk upon them for the sake of "tradition" over just a plain AD setup with decent group policies.

      Every job I've had in those years has been word-of-mouth from existing clients, in one form or another.

      RM Easymail? Let's not even start. Anyone using it is an idiot to have tolerated it thus far, lack of SSL is probably the most minor issue I've ever seen with it.

      About the only RM product that was any good was RM Maths for teaching kids maths, but technically it's still the same old RM shite in a wrapper, it just so happens they got a guy who understands how to teach maths to help write it (I'm a mathematician, so I can see that it's actually valuable as opposed to their talking-parrot-macro-stuffed-into-word that they actually SELL). I believe it's now a web service, as a lot of their software is heading that way.

      If you don't know the horrors of everything from Sassoon fonts to CC3 "MSI's" to RM Guard passwords (full access to any RM-controlled client, by a simple formula dependent on the day and hour, and advertised freely on a webpage online that you can save the Javascript to that generates the code and use offline for ever more, on any RM network, ever), then you can't even begin to talk about RM disparagingly enough.

  2. Mr Anonymous

    Thanks for nothin rm...

    So security was not worth the effort when the cert was ten quid, now it's free and you have been shown wanting, you may act.

    RM, shite from start to finish, when will you provide a welcome service to us all by going bust?

  3. Peter Foulkes

    We had RM Nimbus machines at school (late 80's). Finding user ID's and passwords in plain text, left in the memory, including the administator ones, was trivially simple to do.

  4. Oneman2Many

    RM are a heap of donkey poo

    Got rid of RM at my kids school years ago when they wanted 2 years worth of ICT budget to 'upgrade' to CC4. Used the money instead to buy 60 chromebooks and move everything to the google apps for education. Haven't look back since, virtually zero support calls, far more flexibility and much easier to use. Last year the ICT support person retired, didn't even need to replace them.

  5. EnviableOne Silver badge
    Stop

    RM the Borg of Schools IT

    Why schools are still using RM's outdated, underpowered and overpriced service i will never know. There are plenty of other firms with education expertise that will provide better quality at a cheaper price.

  6. Dr.Flay

    Has nobody suggested using a real email client and SMTP ?

    It removes the potential for accidents and use of a compromised browser or plugin.

    1. rmacd

      Real email client?

      SMTP?

      No, x.400.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021