Monday, July 6, 2015

Ubuntu School Computer Lab

Why Ubuntu for a school computer lab?

The computers in the lab have been running on Windows 7 but due to a few issues over the years I decided that during summer school I would move then all to Ubuntu.

I use Ubuntu on my personal and work computers and not alone am I pretty happy with it I also love the idea of it. I use Linux on my web servers and so Ubuntu desktop is perfect for my work, it also serves me pretty well as a general office and home operating system. Though I do dual boot with Windows 8 for some things.

From an educational standpoint I believe that my students should get as broad an experience as possible with different systems. I want them to leave me with no fear of technology, knowing that a computer is a tool regardless of how it looks or functions on a cosmetic level they can still accomplish tasks whether they are using Mac, Microsoft, Linux, Android, etc...

A more practical reason and one that sits well with the school administration is the cost. Ubuntu is free software and many of the apps that run on it are also free. Our school is private and is therefore a business, this means that many cost is almost always an issue. That is not to say that the school makes decisions solely based on cost however it is a factor. My experience when making budget requests has always been that if I put together a strong case for the materials I need to achieve the educational aims then cost isn't really an issue.

So if you're on a budget, looking for a reliable and well-supported system for your computer lab, and also want to broaden your student's experience of computer systems then Ubuntu might be a good match for you. I say might because as always the devil is in the detail.

Outline of the task

The version of Ubuntu I chose was Edubuntu 14.04.

There are 24 PCs and one teacher's computer. There is also a server, but more on that in a moment.

There will be about 200 students using the lab.

My plan was to install Edubuntu on one PC, configure it and add any software and then every other PC off this one. Installing Edubuntu was a breeze, the real fun started next! There are great applications available for Ubuntu and Linux however there are also some great pieces of software on Windows that aren't available in Linux. Happily there is a way to run these in Linux using a piece of software called Wine.

Thanks to Wine I was able to get Photoshop, Sketchup, NWEA TestTaker and Pivot working. But I wasn't able to get Scratch installed locally though it functions just fine in the browser, nor was I able to get Lego Mindstorms NXT working in Ubuntu. The issue with Scratch seems to be down to my decision to install 64 bit Edubuntu, if I had gone with 32 bit then Scratch should have worked.  Lego Mindstorms can't be installed, my workaround is to going to be to get a class to install a version of Windows as a Virtual Machine and try to get Mindstorms working that way. If it fails it will have been an interesting project for a class and I'll come up with another plan for using Mindstorms in the class.

The biggest issue I had was setting up the server. The server I am using is fully licensed Microsoft Windows Server 2012. I was initially going to use Windows Server and Centrify Express on the client side to allow login. This works very well but I wanted more! I wanted the same control as I would have in a Windows environment, I wanted to give users access to network shares based on groups they belonged to and map their home directory to a private server share. So I installed Ubuntu Server and set about trying to achieve this.

The Ubuntu server is awesome, it provides DHCP and DNS to all the client computers in the lab. It caches updates for the clients which dramatically reduces bandwidth demand on the internet connection and now updates are lightning fast.

The really fun bit though was trying to recreate the Active Directory User and Computer experience. It took me the best part of a week to configure OpenLDAP server to allow centralised logins. Time was against me at this stage so I have yet to get network private and group shares working. I also need to check if passwords when changed on the client are also updated on the server. This was easily the most frustrating and time consuming part of the whole job.

On the last day of school I was just about ready to start deploying the client image to the lab computers. I had to make some hard decisions about what to fix and what to leave until another day but ultimately I managed to get the client PC setup pretty well. I installed Clonezilla Server and crossed my fingers. Using PXE boot I was able to grab an image of the original client and deploy that image to 11 of the PCs in the lab. They all worked perfectly and were tested that afternoon by a group of 4th graders playing Minecraft!

This is very much a work in progress and I will still have a lot to do once the new school year starts. Only time will tell if the lab works well and is robust enough to meet the demands of 200 6 to 18 year olds.

Conclusion

Would I recommend this setup? That really depends on a number of factors. 

Do you have much experience in network and server administration? If not then I would advise playing around with Ubuntu Desktop and Server for a few months before taking the plunge into a project like this.

Do you have a lot of time initially and for ongoing maintenance and development? I see myself spending a lot of time over the next few months sorting out niggly issues and tweaking the setup for different needs and changes.

I'm quite happy with the way things went on this project. The server, clients and teacher's PC are all functioning pretty well. If I was doing this again I would definitely have a closer look at Centrify to avoid any issues around setting up OpenLDAP. 

Tuesday, September 16, 2014

Shopify implementation of Paypal Payment Express is broken

The tl;dr version
Just view this video

The whole story
I am helping a friend setup an online store with Shopify.
For the past three/four months we have worked together on the idea for the store, the design and getting content on to the site.
Last week I tested payments on the site as we are getting close to launch. And to my shock - it didn't work!
I had setup Paypal Payments Standard with the shop's Paypal account and enabled this in Shopify but
received this error when trying to process a payment -
Error from gateway:
The merchant country is not supported.
The business is based in Thailand. Paypal supports Paypal Payments Standard for their Thai customers but Shopify does not. Shopify only supports this for their customers in the US, UK and Canada. (At no stage during signup is this mentioned, and I can't find it on the site except in one forum post)
So, as the only option left was to use Paypal Express I set that up and found another problem.
Shopify does not ask a customer for their details at checkout so when they are forwarded to Paypal to enter their payment details they need to enter their address at that stage. This means that shipping is not included on the Paypal payment page. The customer only gets the option to choose a shipping method or enter a discount code when they are sent back to Shopify.
This essentially means that customers are being asked to enter and confirm their details for an amount that they will not ultimately be charged (assuming that shipping is required). Further confusion for customers is caused by the inability to enter a Discount Code until after the payment details have been taken. I'm open to correction but a setup like this goes against web usability and can only result in a large amount of abandoned carts.
I have received a reply and a "workaround"(hack) for this issue. I'll post that in the next article.
I would love to hear people's opinions on this situation. I would especially like to hear from other Shopify users from countries considered "overseas" by Shopify - not US, UK or Canada.
The only other Payment Gateway option available to me in Thailand is 2Checkout. I've set this up and it has helped with finding a resolution to the issue.
Ultimately I am going to continue with Shopify for the short term and will use Paypal Express and the hack Shopify sent to me.
I'll update in my next post.

Wednesday, June 12, 2013

Old but amazing post about encoding email addresses on websites

http://techblog.tilllate.com/2008/07/20/ten-methods-to-obfuscate-e-mail-addresses-compared/

Maybe the techniques in this post have already been compromised by spammers but I love the techniques here and the duration of the study. Great work and beautiful ideas.

Friday, March 8, 2013

Strong passwords





The first, and often the last, line of security for your computer accounts is your password. Your login to your home computer, your work network, your email, social network and other websites is protected by the password you have set. Choosing a strong password is essential. But this simple task is complicated by one small thing - the need to remember that password :)
I will give you a couple of tips and strategies that you can use which should help you.
We'll start with an example of a bad password. Let's say you use a word like dog as a password. This is bad because it is a word that is found in a dictionary. It is also very short, and it may even be easy to guess for people that know you if you're a dog lover!
We can see how weak this password is by going to the How Secure is my Password website - http://howsecureismypassword.net/
Your password can be hacked in a variety of ways - guessed, found written down somewhere, stored in your computer's memory, etc... A common way for a password to be hacked is to use a program that iterates through dictionary words, names, combinations of words/letters/characters/numbers, etc... until it finally discovers the password you are using. This is what the How Secure is my Password website works. It tests your password and tells you how long it would take for a password hacking program on a desktop PC to find your password.
If we try the password dog on this website we see that a desktop PC would hack it within 0.000004394 seconds. Fairly fast!
The great thing about this site is it then tells us why it is so easy to hack that password - too short, possibly a word, and it uses just letters. Let's try changing the password slightly. We'll still use the word 'dog' but we'll capitalise the first letter and replace the 'o' with a '0'(zero). So we now have D0g.
Some improvement but still not great at 0.000059582 seconds. Again we're told that the password is very short and it doesn't contain symbols. Let's mix it up further. Instead of the base word being 'dog' we'll change to labrador and we'll change some letters to numbers and symbols. So our new password could be L@br@d0r.
Cool, it now will take our hacker on his desktop PC three days to hack our password. Not too bad but I'd still like to make it harder for people to get access to my personal information. Let's use the full name of our dog's breed as the base - Labrador Retriever. So our new password is L@br@d0r R3tr!v3r. (Note: I've used a space in this password)
39 quadrillion years!
Happy days, I'd rest pretty well knowing I'd be long gone before any hacker got access to my accounts and started posting spam to my Facebook Timeline :)
This site is a good way to get an idea of how secure a password might be when compared to other passwords but I wouldn't rely on the accuracy as there are many many variables that need to be taken into account.
So, in summary, pick a phrase as a base for your password, then use upper and lower case letters and substitute some letters with numbers or characters.
Another nice way to create a password that is easy to remember is to use a line from a song. For example If I use the line - Today I don't feel like doing anything - I am told by this website that it would take a hacker 176 sexdecillion years to discover it. I have no idea how long sexdicillion is but it sounds pretty long and is probably not worth worrying about.... in this lifetime anyway :)

Friday, March 1, 2013

Be aware of spoof email





Spoof Email is email that appears as though it is from a well-known, trusted, company or a friend when it is actually from a spammer or other person/company with malicious intent.
Most email services have excellent detection of this type of email but it is always wise to be vigilant when reading email you have received.
Be aware that the "From:" field of an email can easily be altered so it appears that the email is coming from a reliable or known source.
If you receive an email that appears to be from a known or trusted source but something seems a little unusual to you then you should take a moment to double check where the mail came from and to ask yourself a few simple questions.
Things to ask yourself are:
  • Is this email looking for my personal information?
    If an email is from a trusted company they will not ask you for information like this. This is a general rule of thumb and companies regularly send out messages and notices reminding customers that they do not email you asking for this type of information. 
  • If it appears to be from a friend, are they behaving as you would expect?
    A good indication is if the email has a general greeting like "Hey, how's it going?" and then goes on to ask you to click on a link "Here is something you have got to see - LINK"
    On the other hand if the email is from a friend they might say "Hey, how's it going? Here's some photos from Mary's wedding last week - LINK" 
  • Another tactic is to email you "warning" you that your account with a website/bank/company needs to be updated/checked/etc.... This can be a hoax that directs you to a fake site with the intent of stealing your username and password. If you get an email like this, say from Skype or Facebook, a good tactic is to go directly to the website yourself, not clicking on the link in the email, and performing whatever task has been requested of you. 
Unfortunately there are countless ways spammers, identity thieves, virus and malware producers, etc.... use to trick people into falling for their schemes. Some are ham-fisted and easy to spot whilst others can be very clever and can catch out even the most careful computer users.

Thursday, October 11, 2012

Lanschool software for monitoring IT lab computers

As a teacher running an IT lab with 24 students logged in at the same time can be a bit challenging. Keeping students on task is a challenge in a regular classroom but with the distractions that the web, games and chat provides on a computer this challenge is magnified.

Tuesday, October 9, 2012

Converting from Wordpress to Blogger

In the past I always recommended that clients go with a self hosted rather than hosted solution for everything from email, applications and especially websites. However I have changed my tune in the past few years about email (nightmare to manage -> go to Google Apps) and applications (ditto on Google Apps!). But it has taken me a long time to admit that sometimes a hosted website is a better option than one that you build and host yourself.