Mailinglist Archive: opensuse-edu (146 mails)

< Previous Next >
Re: [suse-linux-uk-schools] Re: Fw:
  • From: "Frank Shute" <shute@xxxxxxxxxxxxxxxxxxxxx>
  • Date: Thu, 27 Jul 2000 23:29:54 +0000 (UTC)
  • Message-id: <20000727230549.A21161@xxxxxxxxxxxxxxxxx>
On Thu, Jul 27, 2000 at 05:01:55PM +0100, Simon Rainey wrote:
>
> >Since you want to clear up speculation, perhaps you could explain why
> >your company felt it was necessary to lean on Becta to stop them
> >`promoting' the use of OSS in schools.
>
> I can't comment on corporate policy and was not aware that anyone had
> influenced Becta against OSS.

This was posted to this list the other day:

<-------------------------------->

On Fri, Jul 07, 2000 at 12:58:05PM +0100, Malcolm (ngfl) wrote:

Originally the proposal was to hold a largish conference in Birmingham in July,
but it was felt by senior management that this might be inappropriate given
Becta's independent role. Also concerns were expressed by leading education IT
companies (you can guess) that it was not within Becta's remit to promote an
Operating System over any other (sic).

<-------------------------------->

I don't suppose you can assure us that it wasn't RM that was
applying the pressure?

> Personally I think OSS is a good thing, as witnessed by the fact that
> practically all the software IFL uses is OSS. However for the average
> school, and primary schools in particular, I would question whether the
> skill set is available to install and manage a network based on Linux /
> OSS.

But there generally isn't the skill set within these schools to
install and manage a NT network either.

> Please don't take this the wrong way - there is a small and growing
> group of schools who are using Linux very successfully. However I can see
> that it might be irresponsible for an organisation such as Becta to endorse
> the use of OSS at this stage.

Yet it isn't irresponsible for them to endorse the use of software
that costs a lot of money and falls over all the time?

I don't expect them to endorse the use of OSS but what I do expect
is Becta to investigate the /possibilities/ and potential for it's
use without being intimidated by commercially interested parties.

> >> - All the core services run under Linux with the exception of RM EasyMail
> >> and virtual web servers where users wish to use FrontPage extensions, which
> >> for commercial reasons run under NT.
> >>
> >> SMTP: Sendmail and Exim
> >> POP3: Qpopper
> >...
> >< useful cracking info snipped >
>
> Any half-decent hacker would have no problem whatsover in discovering what
> O/S and software is used on any given system. Giving out such information
> is not considered a significant risk.

Help them as little as possible is my motto.

> >I guess you haven't heard of ssh. Now where's that clue-stick.....
>
> The users in question do not wish to use SSH. We could insist on it, but
> there has to be a balance between security and useability. We are happy
> that the server is sufficiently secure. There is an obvious risk in sending
> plain text passwords across the Internet, but this applies just as much to
> FTP as to telnet.

You should insist on it. It doesn't apply `just as much' to FTP -
cracking a box with telnet is a walk in the park in comparison and
if you install ssh you can dump FTP aswell.

I don't understand the `useability' issue with ssh that you talk
about. To an end user they simply login as they would using telnet,
it's a bit slower than telnet because of the encryption overhead but
it means that your passwords can't be sniffed.

> On the security issue, we recently commissioned an extensive independent
> audit and were assessed to be "significantly more secure than the majority
> of ISPs".

Go back to the people who carried out your security audit and ask
for your money back!

--

Frank

*-------*-----*-----*-----*-----*-----*-----*-----*-----*-------*
| Boroughbridge | Tel: 01423 323019 | PGP keyID: 0xC0B341A3 |
*-------*-----*-----*-----*-----*-----*-----*-----*-----*-------*
http://www.esperance.demon.co.uk/



< Previous Next >
Follow Ups