Network and Classroom Management Thread, Teaching programming in schools in Technical; Possibly overkill, but have yo thought of dual booting the PC into a vanilla xp image?
Alternatively, maybe booting XP ...
27th January 2010, 12:40 PM #16
Possibly overkill, but have yo thought of dual booting the PC into a vanilla xp image?
Alternatively, maybe booting XP from an external hard drive / having drives that can be removed (in caddys) at all other times?
Just a thought,
27th January 2010, 12:41 PM #17
Just remember, whatever they program can only do what they would normally be able to do (unless they program it to run as another user).
PHP/MySQL doesn't need to be run from C:, for example there is a portableapps version of XMPP, and I know both the XMPP/WAMP packages can be run from other drives, you just need to make sure you fix up all the references in the config files.
During learning PHP and MySQL in class I never really had a issue except for creating the Installers in VB.Net but that might be because my teacher wrote the textbooks for both (he also sells them online, if anyone wants a link).
Also we used the normal user login environments for this as well (but got given C: access because the wamp packages were last minute rollouts).
Last edited by p858snake; 27th January 2010 at 12:44 PM.
27th January 2010, 12:46 PM #18
Correct in theory, but not in practice. When code is written to utilize vunerabilities, it is often done in a way that negates the issue of permissions. (hence why it's a vunerability).
Originally Posted by p858snake
Sorry if it appears a bit picky - you're right in general, but with respect, thought it was worth pointing out.
1st February 2010, 09:27 AM #19
Teaching web programming may be a good route. They can still learn the fundamentals (recursion, selection etc) but they'll also see immediate results. It's easy enough then to create subfolders within the web directory the server uses, and set up folder permissions so that they can only access their own folder via the filesystem.
1st February 2010, 09:53 AM #20
But that vulnerability is there whether or not you allow them access to programming tools.
Originally Posted by Chunky
Many of the Internet Explorer vulnerabilities give elevated rights when you visit a "bad" website - your pupil hacker doesn't need programming facilities in school, they just need to set up a web page elsewhere (even on their home PC) which they then visit from school.
Stopping kids doing programming will rarely protect you against vulnerabilities.
1st February 2010, 10:11 AM #21
I never said it would. Giving them programming tools massively increases their arsenal of ways to access these, and in different ways. You can limit the number though, by not doing this, or doing it on a non-live system. (such as an external rebuildable drive, or a Virtual image)
Originally Posted by srochford
What was originally said was that "Just remember, whatever they program can only do what they would normally be able to do (unless they program it to run as another user)."
Where this is invorrect by the virtue that without the programming facilities, the number of ways to access vunerabilities is massively reduced, and that the dependance of users permissions can largely be negated) - It's far easier to target vunerabilities via programs than simple web-page hacks.
1st February 2010, 10:16 AM #22
For those who are interested in coding at school there is a group:
Computing At School
Which looks at this sort of thing. It's run by Simon Peyton Jones of Microsoft. There is a Google group which houses a lot of programming links suitable for kids etc.
1st February 2010, 10:36 AM #23
1st February 2010, 10:59 AM #24
Small Basic works as limited users and AFAIK shouldn't open up any vulnerabilities. It also offers a transition to VB when required.
1st February 2010, 11:11 AM #25
I think you're completely mis-understanding the kind of vulnerability which is most common. If I want to hack into "your" computer, I don't sit down at your computer and write code. I sit down at my computer and write code which I put on a web site. I then persuade "you" to visit my web site and that then exploits the vulnerability on your computer and gives me control.
Originally Posted by Chunky
Stopping kids programming at school simply has no effect on that attack vector and I really don't like the "we can't allow programming at school because kids might do something bad" attitude!
By somabc in forum Windows
Last Post: 11th February 2009, 01:13 PM
By Michael in forum Coding
Last Post: 2nd February 2009, 03:08 PM
By mattx in forum Jokes/Interweb Things
Last Post: 25th November 2008, 06:16 PM
Last Post: 10th October 2008, 05:10 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Tags for this Thread