Site Polls Thread, Would you like https login/browsing? in EduGeek Stuff; @ apearce: yes they've been on about this for a while, common sense really this is why i've been upset ...
28th August 2008, 11:58 AM #16
@ apearce: yes they've been on about this for a while, common sense really this is why i've been upset when Capita ask us to put our Db on a CD and post it. I don't think edugeek will come under that guidance as we don't put pupil or personal information on the forums.
28th August 2008, 02:05 PM #17
It's not that Edugeek's forums are slower than other forums it's just that the whole idea of web sites like this is horribly slow when you're used to dealing with mailing lists or newsgroups.
Originally Posted by ZeroHour
I *hate* all the extra stuff that has to be loaded on to a page just so I can read a few lines of text.
I appreciate that the advertising helps to pay for the site but I just want to get to the content as quickly as possible and could live without all the smiley choices, avatars and the rest of it.
I'd guess I'm just too old :-)
28th August 2008, 02:08 PM #18
Yeh its hard to walk the fine line of functionality over speed
Originally Posted by srochford
28th August 2008, 02:22 PM #19
As well as guidance for schools there will also be guidance for companies who have a data partnership with schools. If nothing else, companies like Capita will have free access to the guidance for schools ... and be told "If you operate in such a way that you force schools to be in breach of this guidance then you too are culpable when things go wrong ... change your practices!"
Originally Posted by cookie_monster
The key thing in this is not so much which sites you access, but what data is shared across the connection. All data held has an impact level and it is level 3 and above that you need to keep an eye on. The guidance should provide clear indication of what levels the different data is at. Level 3 has to have one level of encryption before transfer via public means ... level 4 has to have 2 (eg the files are encrypted and so is the method of transport) ...
EG will have little to worry about on this side of things, but registration (which contains personal information about you) and subsequently access to changing your details on your control panel should be encrypted for your protection and ours. Discussion about specific incidents which may include some information about others (especially students) may be regarded as sensitive ...
To be honest, we may just have to wait and see. I hope to meet with them again on Wednesday and the info I have had so far is enlightening. The aims is that this is not just a letter mandating that you will follow a set of rules, but examples about how you can get there aimed at both the use of technology and policies / procedures.
28th August 2008, 03:16 PM #20
Originally Posted by srochford
Perhaps make a premium subscription that has no ads?
Or a sub.domain that is designed for mobile users etc. Then maybe a script that would redirect you the correct one.
- broadband.edugeek.com (full bloat)
- mobile.edugeek.com (iphones and such)
- narrowband.edugeek.com (left images)
- text.edugeek.com (text only)
28th August 2008, 03:25 PM #21
Speed and functionality - two variables that are very subjective.
Personally, when on a laptop, I hate having to scroll down the page in order to read the actual post. But I really don't mind that very much if the information I am seeking is forthcoming, which it generally is.
As for HTTP/HTTPS - if it gives some people a sense of security that can't be a bad thing surely?
28th August 2008, 11:21 PM #22
User choice I'd go for, but yes encrypted logon / registration is good.
28th August 2008, 11:39 PM #23
I prefer to see https when inputting login details, as for rest of site not to concerned.
28th August 2008, 11:55 PM #24
I also voted https just for login, but then again for a forum it isn't overly important. I don't see the point making the whole site secure. It will use up a lot more server resources and will gain nothing. Thinking about it, I don't know any website which uses SSL for everything.
vBulletin do a good job in regularly publishing updates to keep websites (such as Edugeek) secure; and the point where an intruder could obtain any useful information is at logon only. A better alternative would be privatising areas of the forum just to registered members only (if you wanted to go down that route).
28th August 2008, 11:56 PM #25
HTTPS for registration/login. Probably private messaging too if possible.
29th August 2008, 12:35 AM #26
personally i dont think there is a need for just a forum, but if you did think of doing other things like an edugeek shop to buy edugeek stuff then yh obv you would use https.
its not an essential but i would use it if it was there.
3rd September 2008, 04:22 PM #27
3rd September 2008, 04:28 PM #28
~*Walks off with his password*~
Originally Posted by wagnerk
9th September 2008, 12:26 PM #29
As I understand it, on modern hardware the extra load of processing SSL is minimal. I've never had any speed issues, and anything that stops the sniffing of usernames and passwords has got to be a good thing. By allowing complete https access to the site you'd give users confidence that their password cannot 'escape'.
9th September 2008, 12:52 PM #30
As Tony says, for those aspects of the site where information is sensitive (control panel, login etc...) HTTPS should be considered.
But then again, I thought openfire was running on port 443?
By Scotmk in forum Windows
Last Post: 20th October 2008, 06:43 PM
By FN-GM in forum EduGeek.net Site Problems
Last Post: 28th July 2008, 03:45 PM
By timbo343 in forum Virtual Learning Platforms
Last Post: 24th January 2008, 05:07 PM
By maniac in forum Web Development
Last Post: 6th January 2008, 08:17 PM
By anthrax69 in forum How do you do....it?
Last Post: 16th March 2007, 11:26 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)