Published by Robert Pogson October 16th, 2012
in Linux in Education and technology.
“The B.C. government is offering free online textbooks for post-secondary students who are taking the 40 most popular courses.
Advanced Education Minister John Yap says up to 200,000 students could save money next year”.
see B.C. to offer free textbooks online – British Columbia – CBC News.
That’s a lot like the FLOSS (Free/Libre Open Source Software) ecosystem for software. Invest ~$1million per annum in generating on-line textbooks and save students ~$200 million per annum in expense. It lowers the cost of education. So does FLOSS. Invest a little in installing FLOSS and get all the benefits for very little. Organizations as large as governments could invest in generating FLOSS as well as free textbooks.
- Robert Pogson
Published by Robert Pogson October 16th, 2012
in technology.
“I got tipped-off that the parts of the MSD network were completely exposed to the public. You could go into any WINZ office and use their self-service kiosks to access their corporate network.
These locked-down kiosks are provided so you could look for jobs online, send off CVs etc. They’ve had some basic features disabled, which supposedly meant that you couldn’t just open up File Manager and poke around the machine. However, by just using the Open File dialogue in Microsoft Office, you could map any unsecured computer on the network, and then open up any accessible file.”
via MSD's Leaky Servers • OnPoint • Public Address.
Well, it’s not exactly M$’s fault that they made their brand of networking so easy to set up but they also made it easy to neglect to lock it down and similarly easy to exploit. TFA is a rather boring thing except that I have seen similar situations several times. In one place where I worked the client machines were locked down pretty tightly so that I could not do stuff I needed to do for my job. Since technical help was weeks away, I hooked another client machine to the LAN and fired away. No one had bothered to lock down the DHCP server nor to define unknown machines as unprivileged on the network. I could do what I wanted… Of course, I did no harm, just setting up some GNU/Linux clients in my classroom but the methods, screens and simplicity of my “intrusion” were eerily similar to TFA. I was able to download FireFox onto the new client and then send it over to my “locked-down” XP machine totally bypassing restrictions which prevented browsing to any site not on a white list.
That event was in ~2003 and here we are in 2012 with the same sorts of issues.
I prefer GNU/Linux. A distro usually ships with NFS not sharing anything and privileges are a high priority. With that other OS, one can just “share” and be done with it. I’ve even been places where the system administrator shared “C:” to all and sundry from every machine to every machine. It was no wonder malware thrived quite unopposed for several years. Imagine just sprinkling malware hither and yon and waiting for someone to click on an icon to unleash the hounds.
I have no idea how the situation in New Zealand evolved. Probably someone added the kiosks without realizing they could access files all over (sad that was not checked…) or someone relaxed security not realizing the kiosks were around. Bad things happen when systems become more complex than one person knows. The right combination leads to disaster major or minor. One cannot regulate stupidity or ignorance but one can choose to use an OS like GNU/Linux where security is a higher priority than convenience.
- Robert Pogson
17507
12795
206
3
2
23959 
11878 
11730 
4657 
4280 
1643 
198 
14 
2 
0 
0 
0 
Recent Comments