10.7.4 has now been released to the general public and this issue has been fixed - Mac OS X 10.7.4 Update is Available [Direct Download Links]
I've been using the developer build of 10.7.4 for the last 2 previews so knew that work is being done on this ... but it does raise about good practice of preventing booting into target mode, booting from external disks, etc ... I'll try and follow up with that shortly.
Thanks for the article, good read. It might be also worth looking at this thread, it highlights a flaw in firevault. - http://www.edugeek.net/forums/securi...log-files.html
Some interesting comments! I could write on this subject for - well my age plus VAT ;-) Whilst I am not an educationalist, I fear that many of the views expressed here don't look beyond the technical and / or ease of management PoV.
- Identifying gender and location is a real safeguarding risk. Grooming is potentially made so much easier and especially behind the 'closed' door of an Inbox.
- Treat your password like you would your toothbrush - okay it's a cliché by now... But it is probably ridiculous to suggest that learning and safely maintaining a set of login credentials is not important for today's children (digital natives don't forget). It's an excuse to suggest that even the early key stagers can't remember. I have too many examples of out of school scenarios where they are very capable!
- Still concerned about the above? Reduce the amount of personal data / information about an individual that a web or cloud based service needs to complete authentication. Opt for an open standard like Shibboleth to increase security and reduce memory loss. Err... Single Sign-on
Overall..? There is a strong balance still to be sought between the implementation of safeguarding tools and processes and the old fashioned e-Safety equivalent of the Green Cross Code, or Stranger Danger campaigns from my day!
Interesting item this. My previous place used first initial, last name, and the last 2 digits of the year they would leave if they were to stay through to the end of 6th form, so Graham Reed and I leave in 2012 would be: greed12. Emails were the same alias. Not amazingly obvious what these details referred to, but not hard to remember either.
at the college the kids login with there user ID which is first initial, last name and then D.O.B so like jbloggs12399 but then as the email goes through our network the name is stripped and we used to have it go out as just email@example.com but now it goes out as a random string as we can see through mimesweeper for example firstname.lastname@example.org seems to work well.
everytime an E-mail is sent internally though we can see what number generated to the account that sent it so the email would come through to us as email@example.com but only us on the inside can see that.
so to anyone outside the campuses through out the whole network, wont see any real identity as to who sent the e-mail.
Alot of the older students however like 16+ dont use the interal system and use Yahoo or Hotmail but thats another story....
I would be interested to hear some constructive ideas from Spannerman2 regarding his "new model" of curriculum network. Personally I think virtual machines / virtual images of some kind would be one of the better ways to provide pupils with an unrestricted desktop / unrestricted network for them to experiment with without endangering the curriculum network.
There is simply no way that kind of "abuse" could be allowed on a curriculum network because within 6 months the entire network would either be at best dead or very dysfunctional, and it worst totally compromised and the school would be straight in the newspapers when private pupil/staff data was uploaded all over the internet. I would be willing to wager Spannerman2 would probably be the first to complain to his network manager when he was unable to teach due to not even being able to log on.
Another question – assuming Spannerman2 teaches in a school, has he been to his SMT/Head to put forward his radical new ideas on how to teach ICT? How did that go?
Spannerman2 and I agree to disagree on a number of things, but his points are aimed constructively and he has been part of some very healthy discussions since this original post.
I will do a follow-up post in a few weeks time to summarise his contributions and others too.
Wow. The constructiveness of that blog astounds me. He clearly belongs in the 80s with his BBC Master.
Unfortunately for the rest of us things have moved on somewhat since then.
Well I like new learning skills, so I retrained my asp.net/c# skills and learned php to help support and develop using Moodle at our school. Some may have even said that this was re training LOL.
I do agree that retraining is a big part of implementing change.
Our school uses a mixture of open source and proprietary software, this creates no issues for staff or learners. I personally find implementing back end systems with OSS, but implementing any back end solution is easier . Many pupils in our area do use open office at home, as why pay for commercial software when doing your homework
Why do many so people(non school staff) want to make this a black and white issue. And start chucking FUD in. Shame more schools don’t make up their own mind instead of relying on LA advisors and third party IT consultants
Great stuff..as a long standing apologist for FOSS I have got to agree with much you are saying.
The NHS CIO is adamant that they would not contemplate a desktop migration to FOSS due to the overhead of training and compatibility. Sirius PLC (no less) advised Bristol Council likewise, and my experience of the teaching profession concurs with them both.
my feverent wish is for this debate to stop, i have no desire to replace windows 7 with ubuntu or MS office with Oracle Office with all the pain and no real gain practically or ethically.
I dont like re training, i like acquiring new skills and taking advantage of new opportunities the FOSS Windows debate seems to be middle aged blokes squbbling over yesterdays broken models. Betamax v VHS, duh what's either?
no headteacher i met payed much attention to them
It's more a case that I am looking for a solution where I can post a blog entry on my existing grumbledook.com site and then it will automagically become and entry in my EG blog ... rather than it being a manual job. I now have my blog posts announced on twitter via friendfeed ...
Glad you like the post. Any comments for improvements?
Maybe a little bit more of a teaser next time
Copy the first few sentences etc to give a feel for the article (and keyword boost for SEO linkback)
Nice post though
Were a US school and currently use both methods. Our student email is first_last@school district and all of our students use 8 digit (random) numbers to login. I have to say from middle school on most kids know their ID # ... passwords of course are always forgotten. I am a believer that K12 students email should not easily identify them. I think we're heading towards some letters from their name and some numbers as their email name. Keep in mind this is the US where guns, kooks, and disgruntled ex-husbands flow freely. Kids under 18 need to be protected.
Yep, evidence is from CEOP Trainer training where there are some terrible examples. I would recommend as many IT managers and technicians become Think You Know trainers to help support their school as well as finding out the nastier side of the world.
Saying that those items of information are used by those grooming children is one thing, but have you got any evidence that someone got their details from their school email account, and then used this for their nefarious activities?
It just strikes me as a step too far, and as yet no-one has managed to provide me with evidence as to the need for using obscure usernames.
Oops ... really should check this and respond.
Name and age are two key pieces used by those grooming children so any chance you can of protecting them is a good thing.
And yes, kids forget things ... they forget their home phone number (but learn it), they forget their home address (but learn it) and yep there are good examples of KS1 and KS2 having no problems with individual accounts. I know it is different for each school but it can work.
As for walled gardens ... yes, it is recommended that kids are introduced to email via walled garden systems but they can quickly outgrow that. If you keep them enclosed for too long they will either get bored and do stupid things or push the limits and break through things to use external email solutions. I get to see year 4 students doing this ... and whilst it is more the exception than the norm it is there.
@CAM, yep, I like your system and have seen similar elsewhere.
We use a sort of code. The year they started then a unique ID followed bytheir first and last names mangled up and swapped. It all goes through the borough's EMail system to hide the fact they are a school pupil.
As an example, your name of Grumble Dook would be 095433doogru on our EMail system. No-one has any idea what the string means or if they are talking to a male or female, adult or pupil. Or even if they go to a school.