Question Found "network can be monitored" on my chromebook. Who knows what it is

[travistee]

This is what I found when I searched for "network may be monitored" after I saw it in my chromebook when it started up.


Network may be monitored" shown after installing a private CA certificate on device
Environment

• Knox Platform for Enterprise (KPE)
• Samsung devices running Android 4.4 or higher

Why do I see "Network may be monitored" after installing a private CA certificate on a device?
Google added this network monitoring warning as part of the Android KitKat (4.4) security enhancements. This warning indicates that a device has at least one user-installed certificate, which could be used by malware to monitor encrypted network traffic.

I posted about this in the google chromebook support forum.

They are looking at it but so far they say they haven't seen it before.

I also sent this to NordVpn support.

Does anyone know what this is and how it could have been uploaded to my computer and if it could be used by malware to monitor encrypted network traffic.
I also want to know how it sends what it finds to the hacker.

 

[rgd1101]

sound like something you installed.

factory reset it

 

[travistee]

sound like something you installed.

factory reset it

Thats the problem I didn't install it. Thats why I'm trying to find out what it is.
Chromebook support is trying to help with it. Did you read the link to the post on their forum.
It can be used by malware to monitor network traffic, as it says in what I found online.
I want to find out more of what it is and possibly how it got there.

If I have to I can do a powerwash, but I want to know more about it first. The chromebook support is looking into it. If I can find out which certificate is causing it I may be able to find out how it got there.

 

[rgd1101]

I said something. not that you install the CA cert
where is this NordVpn?

 

[travistee]

If you read the chromwebook forum post it explains how the certificate is installed.
NordVPN is running on that chromebook. What do you mean by where is it.
I also posted that I asked Nord for comment on it.
We may know more when they respond. They know alot about security.
google support is also looking at it.

 

[rgd1101]

so you are installing and running other thing on the chromebook. so it could be anything that you install

don't have a chromebook. but does it have some where that show all the CA cert?

 

[travistee]

If you read my post on the chromebook forum you will see it.
I forgot to post the link here. here it is

https://support.google.com/chromebook/thread/158852104?hl=en&msgid=158871840

 

[rgd1101]

https://support.google.com/chrome/a/answer/6342302?hl=en
try the step 2 to look at all cert

 

[travistee]

I posted in that forum that I don't see the choices that are needed to do that. I think they are different on different chromebooks.
They talk about creating a google administrator account and the google admin console. I don't have those. Thats why I don't have the choices I would need for step 2.

That link is for seeting up an administrator account to manage a network and network traffic. They talk about creating CA's. So who created the CA ? Does someone else have access to my settings in chromebook to set up an administrator account?

 

[rgd1101]

did you go thru all the security settings? sometime google move thing around

 

[travistee]

I'm not creating an administrator account and I'm not adding CA's. So who had administrator privileges and added the CA?

 

[rgd1101]

there an admin account somewhere if you can installed thing on it. You might just not know it if you don't read all the EULA

just did a google search nordvpn use ca cert for private browsing
https://support.nordvpn.com/Connect...ct-to-NordVPN-with-IKEv2-IPSec-on-Android.htm

 

[travistee]

I have NordVPN and I sent them the log files and I'll see what they say.
The link in the Chromebook Help section is for setting up an administrator account and creating CA's. The problem is there is a CA on my computer and I didn't create it or know how it was done.
Thats why I can't sign into it to to see the CA's. I'm trying all this first and will wait for Nord to get back to me and see what they think. If there is no way to change anything then I'll do the powerwash and that will put it back to its original state.

 

[Lillith86533678]

They are doing the same thing to me, I've factory reset it so many times I've disabled guest mode but yet I don't even have control over my device and they also rooted it

 

[travistee]

The problem I had was specifically for how it works on a Chromebook. In the Chromebook forum they looked at the CA's and said they are not harmful. On a chromebook you can do a Powerwash that is similar to a factory reset but it restores everything to as it was when new.

If you are not on a Chromebook then you have a different problem.
If you are on a Chromebook post your question in the Chromebook support forum.
Google looks at those questions.

NordVPN also did not think it was their problem.