Project Ignite

Project Ignite is a new Device Manager Application (DMA) for schools developed after Mobile Guardian was hacked.
Project Ignite focuses on ensuring the Security and Privacy of students as well as being as Fail-Proof as possible. The chrome extension for students is designed to work even if the server goes offline after it has been properly set up. Moreover, the chrome extension does not collect any data from students' devices (as of current stable version). Project Ignite aims to protect the Privacy and anonymity of students as much as possible.
The foundation of this application was made in less than 3 days.

I believe that Singapore needs our own solution for a DMA to accommodate for the various needs of students and teachers. In the future, Project Ignite be more than just a DMA. It will be an all in one software to help teachers facilitate learning through various tools and features that will keep students intrigued to conducted lessons. These features will be synced to the complex timetable schools in Singapore have. It will also come with software to help schools create these complex timetables.
Thus, I plan to further develop this project after my GCE O'Level examinations.

The server is originally based off a past project which is based off a tutorial found here.
This project is made possible thanks to Free DNS.

---

License

This project is licensed under the Non-Profit Open Software License version 3.0 (NPOSL-3.0). This software is intended for non-profit use only. Commercial use is strictly prohibited. For more details, see the LICENSE.md file.

Security

This full stack application does not collect any personal data from students nor does it have any major control over the users' devices. Thus even if compromised, there is nothing much to steal or control. To report a vulnerability, go to the Security tab, press Report a Vulnerability and fill in the necessary fields.

Important Notes

1. THERE IS A LIMIT OF 5,000 BLOCKED SITES PER STUDENT due to the usage of declarativeNetRequest.
   When this limit is reached, the extension goes into legacyWebBlocking mode which still works but doesn't display the blocked.html page. When in legacyWebBlocking, the extension has a limit of 30,000 sites. These limitations are set by Google and IgniteDMA has no control over them.
   As stated in Chrome's documentation:

An extension can have at least 5000 dynamic rules. This is exposed as the MAX_NUMBER_OF_UNSAFE_DYNAMIC_RULES.

2. The extension checks for updates from the profile every 30 seconds. You can force a refresh by pressing Refresh Profile in the options page.

3. FOR ADMINISTRATORS: When force installing the extension on students' devices, extension needs access to file URLs and Site Access must be set to On all sites in order for the extensions to work properly. Please ensure you enforce this rule.
   Even if you cannot enforce this setting, it will by default have access to all sites. A full screen popup will annoy students if they attempt to try to change the setting. The extension will also switch to legacyWebBlocking to stop students from visiting the blocked webpage should this popup fail to launch.

4. FOR DEVELOPERS: Do not try to make a pull request to this repository unless I explicitly give you permission to do so. The purpose of IgniteDMA being open source is to be transparent about what data we collect and process. This is to limit the number of people working on the project so as to keep IgniteDMA secure. If you would like to suggest any new feature vulnerability, feel free to open a discussion in the Dicussions tab. To report a vulnerability, go to the Security tab, press Report a Vulnerability and fill in the necessary fields. Thank you for your understanding.

---

Feature Timeline

• End of October 2024
  • Multiple profile Support (Completed on 24th September 2024)
• End of November 2024
  • Ability to handle more than 5,000 blocked sites (Somewhat fixed on 26 October 2024 [NOT TESTED])
  • "Tags" for list of categorized websites for administrators to add to their block list.
  • "Live class" feature, which includes the following features:
    • "Look Up" mode. Temporarily locks students' devices to force them to pay attention to the teacher. Triggered by the teacher.
    • "Live Screen" mode. Streams teachers' computer screens to students, allowing them to take screenshots and rewind if needed.
      This is especially useful when teachers are going through answers for a test. Students can take screenshot or rewind so that they can copy their corrections later and spend more time understanding what they did wrongly.
      (Ability to rewind can be disabled)
    • "Live Management". Allows teachers, during a live class session, to see the sites students are visiting, push sites for students to visit, and, enforce a custom set of rules for which sites students are allowed to visit.
    • "Q&A". Allows students to post questions to the teacher without disrupting the entire lesson.
    • "Live Polls". Allows teachers to create multiple choice or open ended polls. This is useful when teachers show questions in their slides and ask students to answer.
• By 3rd quarter of December 2024
  • Documentation for Ignite DMA
• End of June 2025
  • Ability to manage the installation, enabling, disabling and removal of extensions from the chrome web store on students' devices.
• Future Goals
  • Timetable generation and ability to sync with "Live class" system
  • iPad and Windows Client for students using these devices
  • Point system linked to "Live Polls". Points can be used to claim...

---

TODO

• Extension: Implement declarativeNetRequest API
• Server: Configure DDNS update script
• Extension (options.html): Add last refreshed field. (i.e. last time the extension successfully to contact the server)
• Extension (options.html): Implement manual profile refresh button.
• Server (profile.html) & Extension (options.html): Restyle blockedSites field.
• Extension (options.html): Dynamically update page.
• Extension: Use tabs API. (If student opens website after sch hours and leaves it there, extension does not block yet)
• Extension (background.js): Inject script to check tab and call updateDynamicRules() only when extension/profile started and when blockedSites is updated.
• Server (profile.html): Restyle notifi
• Server (profile.html): Add Nav Bar (Relink to base.html)
• Server: Create delete profile option
• Extension: Implement Verify Magic Packet to prevent server impersonation. (Students might fork server and bypass through DNS hijack)
• Extension (popup.html): Only allow one options.html page to be visible at all times.
• Extension: Support for multiple profiles
• Server (profile.html): Highlight repeated URLs
• Extension (background.js): Implement logs modal
• Server & Extension: Use a Backup Removal Pin instead of the Master Pin to remove deleted enrollments.
• Server & Extension: Return HTTP 304 when resource not modified
• Extension (background.js): Use async and await instead of .then() so that can use chrome.storage.session for logs
• Extension (background.js): Use chrome.storage.managed so that admin can predefine Enrollment Code and skip set up.
• Server (profile.html): Better CSS animations.
• [PRIORITY] Extension (background.js): Make fileAccessScheme mandatory only when user want's to view local files. (See this discussion)
• [PRIORITY] Add policy configuration examples in README.md
• [PRIORITY] Extension (options.html): Show a red banner when extension cannot contact server.
• Extension (background.js): Show popup to warn user of unsaved work before blocking website.
• GitHub Pages for this project (docs).
• Server: Create "Print Profile Code" feature to make it easier to share profile code with students
• Server: Create delete enrollment option
• Extension: Publish to Chrome Web Store (Maybe?)
• Server: Code cleanup
• App Icon
• Server: Create reset profile password feature
• Extension: Detect use of pillow
• Extension: Find a way around declarativeNetRequest 5000 rule limit