Slashdot Mirror
Aussie Uni Dumps Dual-Boot In Favor of Linux
kNIGits writes "News.com.au is reporting that the University of Wollongong have dumped their previously dual-boot installations in favour of booting Linux only. Among other reasons, staff enjoy the ease with which they can 'lock down' first year students, stopping them messing with the systems prior to learning anything about them."
I've met a tech who was working for a high-school, and 90% of his time was used in fixing Windoze computers after students messed-up with them. That changed when they installed some cards (don't remember the name of the cards) with RAM on them that effectively made the hard disks read-only, and stored in RAM whatever was written on the hard-disks.
So, whenever a PC was screwed-up, all you did was power-cycle it once!
The Uni of New South Wales Computer Science and Engineering department has been running unix/linux for years, no duel boot.
8 years ago it was Sun Solaris.
5 Years ago they moved to Intel Solaris
Now they have (or are) moving to Intel Linux.
anyway, good stuff at Uni of Wollongong.
Linux taking over at uni
Chris Jenkins
17Dec02
LINUX is making inroads into the nation's universities, pushing Windows, Unix and Apple operating systems off the desktops of first-year IT students.
It is making ground in IT courses because Linux is both easy to lock-down, easy to pull apart and offers simple licensing for distribution to students.
At the University of Wollongong, which has about 1700 computer science students, machines in first-year labs that used to boot from either Windows or Linux have been changed to Linux only.
"We get large number of inexperienced people in first-year and we are really trying to keep down our overheads and concentrate our professional support more in the later years," said Les Ohlbach, operations manager for the university's Department of Informatics."
"The best way to control the first-years was to put them in a Linux-only environment where you can lock it down pretty well."
Students moved to Unix and Windows in second- and third- year, he said, with Macs used for multimedia training.
At the University of Western Australia, which has around 1650 students in its computer science courses, Linux has totally supplanted more traditional Unix distributions, such as Sun's Solaris in the school of computer science and software engineering.
UWA's senior lecturer in computer science and software engineering Chris McDonald said Unix was dropped from teaching around 1995, and was no longer specifically required for any research projects.
UWA recently dropped Apple from its IT education programs in the school, for the same reason that Unix was abandoned -- expensive proprietary hardware.
"It wasn't so much the [Unix] operating system costs, because it usually came with the machine or we could get pretty good prices as an educational institution," he said.
Linux was easier to give to students for home use, Dr McDonald said.
"If we were using Solaris or HP-UX or something like that, I'm sure there would be very different and costly licensing issues involved," he said.
"We are trying to move to an environment where what we provide in the laboratories can be mirrored in the students' home."
Mr Ohlbach said the University of Wollongong favours Linux for first-years for a similar reason.
"We are teaching programming, so they [students] need to run all sorts of IDEs and development environments. On Linux they can quite easily do most of their code at home at fairly low cost," he said.
Dr McDonald said in teaching open-source platforms to students it is important not to "just ram open-source issues down their throats. It's important to explain why there is a difference in philosophy, why it's reasonable to not to totally tread the path of one particular vendor, one particular monopoly."
However, Dr McDonald said UWA's school of computer science and software engineering was part of Microsoft's academic alliance program, which allowed the free distribution of Microsoft operating systems to enrolled students.
The school used Linux and Windows to teach operating systems.
"It's good to show not just the similarities, but more importantly the differences."
Linux allowed better teaching of the principles behind software development, he said.
"We'd rather explain how things work. We do that by taking things apart and putting them back together again, rather than just showing people how to use particular GUIs that other people have designed. It's our belief that open-source software better explains those concepts," he said.
"Personally, I think that just showing students how to use operating systems tools and networking tools, is more training than education.
"From 2003 UWA's school of computer science and software engineering will be using Linux, in preference to Windows, for our first-year Foundations of IT unit."
Mr Ohlbach said it was important for students to have exposure to multiple operating systems and development environments.
"Anybody wanting to be a professional computer science person, or an IT person, generally doesn't want to be seen as just a Mac or a PC party, " he said.
This report appears on news.com.au.
I'm not fully versed in all its wonders, but the Windows Policy Editor (or whatever its called now) can completely lock down a machine. It's a vastly underutilized tool for environments where you don't want users messing with the machines. I remember getting annoyed the first time I sat down at a box which wouldn't let me even look at the start menu. Any and all Windows admins should look in to its proper use in their environment.
"Moderate drinking can help prevent amputated limbs" -- Abigail Zuger, NYTimes, 12/31/02
And 1.1.81 is officially BugFree(tm), so if you receive any bug-reports
on it, you know they are just evil lies."
(By Linus Torvalds, Linus.Torvalds@cs.helsinki.fi)
You can't judge a book by the way it wears its hair.
By locking down, I think they mean students can go in and randomly format the drive like they could in a stock Win9x setup.
They also mention that they like linux because it's easy to give to students. They don't have to worry about costs or licensing, they just hand the students a CD and they're on their way.
"We'd rather explain how things work. We do that by taking things apart and putting them back together again, rather than just showing people how to use particular GUIs that other people have designed. It's our belief that open-source software better explains those concepts," he said.
That seems pretty logical to me. The article really wasn't about taking away freedom at all.
The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
Speaking of switching, and maybe OT, I've been contemplating more and more about switching back to a *nix based system as all the games that I want to play will not run on my system and I am not too keen on building another one that will just be outdated in a year...(Am I growing out of my geekness, or just tiring of spending so much money?)...Its almost as big of waste of money as my car is...No, I think I will just optimize the one that I have and probably load OpenBSD on it.
Amigori
"The quality of life is determined by its activites."--Aristotle
Yes, you *could* use windows policy editor, but there are some major issues with it (having just locked down a standalone windows box for kiosk use I'm well versed in the pain of poledit for Win 2000..)
Note that policy editor is now primarily designed for a computer in a Active directory tree - without active directory you have to edit a "local" policy, ie edit the registry directly.
A disclaimer: maybe an active directory policy is nicer to play with, I don't know - local policies were enought of a pain for me as it was..
here's the fun with local policies..
firstly - the policies affect ALL users, INCLUDING the administrator. (WTF?!?!? you say?) so.. lock out all registry tools, disable "command prompt" and run on the start menu - and you're screwed - no more windows administration. time to reformat the box. (or at least attempt to "rescue disk" it..
second - policies quite often are applied in REAL TIME. hmm.. disable registry editing.. (screen flashes) - oh bugger, policy editor has stopped working..
The way to get around this is to remove access to the %winnt%/system32/GroupPolicy dir for the administrator (that's right, you remove access to the root user to prevent the policy applying to that user.) of course, this dir has to be accessible to make any changes. And the changes apply immediately. Forget to reapply the restictions to the admin user and it's reformat time, again.
if you want to use policy editor I suggest having a recovery cd lying around, as I guarantee you *will* be locked out of your system, unless you're extremely careful.
I love windows security, it rocks.
That's the difference between a secured Unix system and a 'Windows policy editor lockdowned' system.
In windows you just have to close down all ways to do nasty things. End result : undestroyable but also completely useless pc. Nobody can do anything on it.
With a Unix system, students can't mess around anything BUT they can do whatever they want in their personal enviroment and a Unix box is still a usefull tool without root access.
If all you want is to be an MCSE, then why waste you time with college? You can take a weekend course for a few hundred bucks (instead of 4+ years for several thousand dollars). This quote from the article by Dr. Chris McDonald of UWA pretty much sums it up:
Exactly. Showing someone how to point and click isn't teaching them anything. It's only training them how to use someone else's tools (and there are books that can teach you that in 24 hours). Real computer science education, where you gain a fundamental understanding of both high and low level concepts of the computer requires more than just clicking a start button.People have been saying for years that Slashdotters don't read the article, so I thought that I'd test the theory. I'd submitted the story and highlighted something insignificant about the article in the submission. Browsing through this page, I see lots of people discussing merely what I wrote at the top - 'locking down' students. If people actually read the article, they'd see that it was more about teaching software development in an open source environment, and also the fact that they can give free Linux cds to the students to replicate their training systems at home.
What I'd like to know is - how can the Slashdot Effect exist when no-one clicks through to read the article?
This karma-reducing social experiment was proudly brought to you by kNIGits in Australia.
Just because you don't know how to use a tool, doesn't make that tool bad.
A properly configured local policy can lock down exactly what you want to lock down, and affect only the users you want it to affect.
Also, in Active Directory, you use things called "Group Policy Objects" to apply policies to workstations, and it's WAY more powerful than local policies.
Go here for an overview of GPOs.
Carpe Cerevisi - Seize the Beer
It is making ground in IT courses because Linux is both easy to lock-down, easy to pull apart and offers simple licensing for distribution to students.
Please stop fixating on the whole locking down bit!
Timothy craftily negelected to list anything but the potentially inflammatory and sensational 'lock down' phrase. It's EASIER for them to use Linux (and makes more sense and it's CHEAPER), not "they can't lock down Windows". These are newbies who DO know how to fuck up a Window machine pronto. They'll have to do some learning before they can pull a good cock up of their Linux box. And since this is a Uni, students learning is kind of high on their list of 'things we want to happen'.
And please take note this is not the whole Uni. My girlfriend works there and she (and her whole department) uses Macs. But it is a step, IMHO, in the right direction for UOW.
- I am made of meat.
Answer: They only click through to look at pictures of Lego, Linux handhelds and case mods. ;)
- I am made of meat.
1. Control. Whilst I would normally shudder at the thought of restricting IT access, I do appreciate UOW's desire to better manage their machines. We recently had some new machines running Win2k installed in my area, and within a day, one was in poor shape thanks to a particular idiot installing the latest Windows Media Player version on it and somehow stuffing up the OSA installation. He was able to so do thanks to the IT stroke of genius of giving everyone admin access. Whilst this may be an human issue rather than an OS one, every bit helps :)
2. Cost. We are all aware of the studies that compare the cost of Linux to other OSes. In any case, regardless of the outcome, I do know that my insitution will be spending multiple millions per year (as of next year) for desktop software licences for MS products because of the new licence arrangements. In a country that has mounting financial challenges in university funding, alternatives to MS software need to be found.
3. Ethics. Maybe this is too strong, but IMO it is not. Why should tapayer money be spent on making a single corporation (even) richer? A centre of teaching and research ought to have academic independence of multinational corporations.
These are just a few, IMO, valid thoughts about the issue. Regardless, UOW deserves to be applauded for the initiative.
I heard that your library burnt down and destroyed your only two books - and one was not even coloured in yet.
My University's PC lab ran linux (dual boot with Win 2k), but it also ran telnetd which anyone with a computer science login could telnet to. This led to some interesting fork bomb wars between 'friends', and didn't really help us get on with our (probably late) work. Ironically, although Linux is chosen (amongst other things) its security, it was Windows that was the most secure in this case, simply due to poor administration.
They've actually removed Linux at the moment, as they attempt to change their linux policies.
Being at UoW and knowing the people who did this I can't say it's a surprise. The only things that windows were really used for in those labs were software engineering type programs and Word/Excel for the first years and non-compsci people who used the lab.
There are other compsci labs around that haven't been dual boot for longer than this. The article also doesn't mention anything about the proportion of CompSci(linux) machines compared the number of mac/wintel machines around the uni which I'd estimate at around 85-90%
At least the compsci department support staff are always trying new things, actually being taking initiative about things. kudos guys. see you for a drink soon.
either result in mundane Linux users, or HARDCORE linux hackers :D Both of which, I guess, are better than mundane Windoze clickers.
Unfortunately,unless we have an industry standard office suit to compete with Microsoft Office, lots of companies are going to hold back. Comments,merging and other aspects of Word which make professional and academic documents exchanging and analyzing easier are still missing in Open/Staroffice. The publishing industry: they would love to shift to linux, but the fonts/word processor aren't up to the mark. But Linux will get there -> soon.
|/________
|\A|ALYS|
>The Uni of New South Wales Computer Science and
/J
>Engineering department has been running
>unix/linux for years, no duel boot.
Well, duel boot, that is something I would like to run. Just install windows and a few linux/BSD dists, turn on the machine and leave it over night. Then we finally could settle this thing.
Ps My bet is on that spiky fish eventhough that little red bastard with the fork might be nasty. I mean, how hard can it be to beat a geek from redmond or a penguin? Hmm, could be a whole army of penguins of course, well that might get tricky.
(You all know what comes next:) BUT, I don't think that Windows should be completely eliminated. Windows is still the de-facto standard in industry and universities owe it to their students to give them skills they can use. It is also essential that universities maintain neutrality in the sense that they do not give the impression that they are promoting one system over another - a university's role is to eductate and do research, not dictate what the world will do or follow current fads.
Before everyone gets the wrong idea; I use the same argument to motivate the use of Linux at the university where I work (it is a very good way to teach students UNIX rather than only teaching them Windows). So what is needed is a balance.
>machines in first-year labs that used to boot from either Windows or Linux have been changed to Linux only.
That sounds like a LOT of hassle for the admins in the first place... University of Toronto has separate Linux Redhat, Win2000 with Netware, and (still a few) Solaris labs. Separate rooms, separate operating systems, just go where you need based on what you need to do. The Windows machines are even more "locked down" than the Linux ones - you can't even change the wallpaper, for example. Can't move/remove icons, can't change the start menu, can't (really) install programs. I've never seen a trashed Windows machine, whereas I've seen Linux machines that have gone belly-up with a rather pissed off admin trying to fix it. Then again, I spend more time in the Linux labs.
The dual-boot idea for a public lab makes very little sense to me in the first place - if the university's THAT desperate to save money, maybe it's not the best place to go. More likely though, the admins realized the way they were doing things wasn't really the best way, and changed to something more logical and easier to manage (and not all that new or innovative at that) - how does that constitute news??
ClutterMe.com - easiest site creation on the Net. Just click and type.
The University of Sydney's got a huge unix tradition - not as much as UNSW but i think Aust has always been unix-inclined, out of the 'pressure spotlight' I suppose, or something. The admins love the linux computers here, they never have do anything to them. Especially the Tektronix dumb terminals, they just sit there and accept input. Slow as hell though, I use them only when I need to get an assignment done and there's no computers left. I think they're retiring them over the Christmas break, that whole lab area is being rebuilt.
The whole backend runs on linux clusters (went to a little after-lecture talk about it). File servers, CPU servers, connection servers. They have a few sun servers but one of them explode every year and they haven't bothered replacing them. Clusters are so much cheaper!
The last batch of new systems we got at the beginning of last year for 5 labs, P4s with TFTs, bucks this trend though, as 4 of these labs got Win98 and the other Linux. They don't even bother locking these Windows down either, they just wipe and upload drive images from the server every night.
Though that kind of sucks, means we have to reinstall Warcraft 3 every day.
they made me do it
At my school the math section has linux-only PCs for the students. The CS section has Solaris (SUN) and Windows-only machines, and they justified the no-linux by saying that the companies use Windows so no point in teaching Linux to the students. I think they got it all wrong: more and more companies are migrating to Linux, and in a couple of years there will be a need for Linux experts.
GNUWin: open your Windows!
I had just made a journal entry about this issue: :)
how can i set a quota on solitaire's use on my box?
dad will now have to find a second hobby or some other box. thanks, slashdot!
"Wireless : LAN
The important thing, is to not provide Free (as in beer) training to one OS vendor, radically unbalancing the competition in the OS market.
The danish goverment spend millions of dollars each year on "teaching the people to use IT", which basically boils down to giving users a training course on all M$-OS and Office products.
I suggest having a mix of OS'es, so that the students have different experiences and learn from comparing those.
I myself is a student at DAIMI where machines with SunOS, HPUX (well not that many anymore) IRIX, GNU/Linux and Windows (Using vmware), and yes it's a pain with the differences between computers but:
1. You can just select to use the same OS every time
2. You learn a lot by seeing different solutions to the same problem
SLOGEN [ http://ungdomshus.nu : Sebastian cover music]
Tell your CS people they're living in a dream world. Linux has made great leaps and bounds inside corporate IT. If they only want their graduates working for small-time ISPs then carry on. It's nice to see they have Solaris, but that's probably only because of their mis-guided (and out-dated) view that Solaris==The Web.
8 4&p =10
I just left Intel where my department (an IT group) supported _thousands upon thousands_ of Linux boxes both in the server room and on the desktop.
Take a look at the length of this server room:
http://www.anandtech.com/showdoc.html?i=15
A good 3/4 is filled with machines running Linux.
It's sad when consumer mentality leaks into the professional level. But that's what happens with America's backwards management ideas (if something makes sense and works, it probably needs more managers and those managers don't necessarily need to understand the 'product'...). Anyway... good luck to your school's CS curriculum. They need it.
- I am made of meat.
Sure it does. By default, regular Linux users can perform no system management functions. You give them access to system management functions through setuid and setgid programs. You can control access to those on a per-user or per-group basis using standard UNIX protection mechanisms.
If you like something more general, you can use the "sudo" program, which allows detailed policies to be specified of who can do what as who and when, and it also logs the actions.
The FACT is no one has a better way to administrate and trouble-shoot end-user desktops than Microsoft right now.
As usual, Microsoft has an in-your-face solution that screams at you "I let you edit policies; here is a point-and-click interface--isn't it easy?". Trouble is, in real life, the options it gives you are rarely the options that are needed, and extending and managing those policies is a chore.
The UNIX/Linux solution is simple, elegant, powerful, and has proven itself for more than 20 years in large, multi-user environments.
So, the "FACT" is, "Windows Policy Editor" is indeed like a lot of Windows: flashy but not all that useful in practice.
On the administration issue, that "group policy" you mention and most other resources you find for managing windows machines depend on the GUI. You must sit at the machine in question and click the right boxes in the right windows. Try to do this on a few dozens, a few hundreds, a few thousands of machines without a mistake, without forgetting any step.
Keep in mind that Linux, out of the box, is configured for single-user desktop use. You do have to do a little bit of configuration for a multi-user environment.
Auckland Uni is expressin the dis-satisfcatin with Microsoft licenscing policy by moving to Sun Microsystems' Star Office.D =3047439&thesection=technology&thesubsection=gener al
Read here: http://www.nzherald.co.nz/storydisplay.cfm?storyI
If the prestigious and world famous Department of Informatics at Wollongong University have taken this decision then I'm pretty sure the rest of the world will follow suit in short order.
This story is typical Slashdot. Small university department moves to Linux (= big story); Multinational Company switches from Sun to Microsoft (=no news).
Small earthquake in Chile, not many dead.
Yawn.
...but I know from experience that a windows box can be equally hard, and that was an all-software solution. I couldn't get *any* non-approved program running at all, even those that need no dlls or registry settings. I've always been able to get around it somehow before (find a temp dir where I have write permission or something) but no. Not at all. Even when I got my own laptop I had to struggle bad with the universitys firewall most ports both in and out, but I did manage to get past that at least. But noone tell me a windows box *has* to be easy.
Kjella
Live today, because you never know what tomorrow brings
Fuck UQ and their sellout for the almighty buck. If that is not what is was, I apologise, but it sure looked just like that from where I was at the time. I feel for the academics caught in the middle of it all.
What were the skies like when you were young?
You have to have an admin who really knows what they're doing (unlike those at my school, who made it so that Explorer wouldn't run on login (!?) on the demonstration machines). And even then you still have lots of software that won't run properly except when run as Admin.
On Red Hat you already have permissions set up for you, and you don't really have to change much. Yes, users can choose their own wallpaper etc. - but what's wrong with that? They should be allowed to do that if it doesn't affect anyone else or cause system instability.
Female Prison Rape in NY
So this is what passes for Windows security then?
A secure UNIX system will allow the user to run ANY binary. Period. They may not have permission to write to some file in /etc, or they may not be able to install shared libraries in the system path... but I can't think of a bigger waste of time than having a default-deny policy on executables and then punching holes in it so that only "safe" programs are allowed to run. What happens after an upgrade? Do you have to do it all over again? What happens when users need a security patch? You have to re-mirror the box? Operating systems have built-in security mechanisms so that these things shouldn't need to be done. That the tools to do them exist under Windows, that they even ship with them and that they are the reccomended manner to secure them is just... laughable.
The wheel is turning, but the hamster is dead.
firstly - the policies affect ALL users, INCLUDING the administrator.
I have some experience adminstrating a win2k active directory domain so I can offer some advice in that area: policies only affect all users by default -- you can change this behavior. When you create the new policy, click the "edit" button (I think its this one. If not, it's the other button with a similarly suggestive name.) and you can edit the policy ACLs by hand. See that little check box marked apply in the "Authenticated Users" entry? Uncheck it. If you do this _before_ hitting apply you'll be fine every time.
Yes, you can now use the Solitaire Administrata MMC Plugin from any other properly-licenced member of the 2000 SUPER Advanced Server domain (as long as it's using the latest version of Windows, anyway) to manage your company's ability to waste time all day. We plan to rollout future versions of this IT management tool for other titles such as Freecell and Pinball. Look for updates on MSDN.
Microsoft. We not only make computing EASY, but we make it BLODDY STUPID to boot, by fixing the symptoms of problems INSTEAD of the root cause.
The wheel is turning, but the hamster is dead.
Nowadays, they have a bigger room that is shared with students from other parts of the campus, so the number of windows machines have gone up. But the physics students stick to Linux.
Employee of Inrupt, Project Release Manager and Community Manager for Solid
You make my point. A "locked-down" UNIX box wouldn't care if you managed to get a statically linked copy of vi on your system. You could get it over the network, too, so I suppose a "locked down" Windows machine disables the network device?
Please don't be an idiot. Thank you.Eh, yes... good advice in heaps, I see.
The wheel is turning, but the hamster is dead.
The university that I work at(CS dept.) has every now and then talked about going to dual boot machines in the lab. I just can't think of anything worse. We actually had some dual-boot machines in TA offices, did not work well for the most part, because any support we had to do on them(patches and such) all had to be done right there.
Plus, if they're machines that someone in the dept. can just reboot like that, you really can't enjoy the idea of allowing remote access at all to them.
Every now and then someone thinks this is a brilliant idea for the lab, and I have to come back and explain that there is *no reasonable way* to keep a beast like that up to date.
Okay, done ranting
If I was that drunk, I would have remembered it -- H. Simpson
Policy editor in NT4/9x and Policies in a Win2k environment lock down systems about as tight as you want. But no one at slashdot has ever read the Windows documentation,
Probably because getting decent documentation out of Redmond is difficult and expensive.
What, were these guys dual-booting into windows98? Or were they just idiots who didn't know Windows NT (and 2000/XP) has a multi-user system that will allow 'locking down' just as much as anything in Linux.
In practice it is considerably more difficult to "lock down" Windows if you actually want to run applications on it. Because the vast majority of Windows applications are written with a single user, who can do anything they like, approach.
I worked as a tech at a local high school for a year.
I can tell you that the lab tech who obsesses over Quake is going to lose. You've got 0 budget and the products to secure the network are chosen by unqualified people who got the job of head of IT in the district because in 1985 they were teaching second grade and happened to tinker with an Apple II at home...
The smart ones just secure against the stupid people and look for the smarter ones and bargain with them that you'll let them play quake if they keep out of the pr0n and viruses, and they kind of keep their eye out for stupid people trying to ruin it all for them.
BTW, Rarely are the colleges any better. They have better heads of departments, but their main workers are CS students without the motivation to find a higher paying job in industry. (I generalize, of course, but I haven't seen many exceptions.)
_____
(OBTopic: nice win for Linux. I always thought that Linux might make a superior corporate solution for precisely these reasons. In a non-development environment, only a system administrator should be able to install an applicaition, for example.
However, I know that Apple tried to play both sides of the fence as well, and they never had much success breaking into the desktop side of Multinationalica.)
Warning: disparaging the dual-boot is a bootable offense.
The University of Warwick here in England runs mainly Windows NT, with some Unix workareas dotted about, but the Computer Science building runs only Linux (Redhat) and Solaris. There's quite a lot of work done in the Computer Science course here that needs a fairly good working knowledge of Linux. Which is a pretty good thing, IMHO :)
Back when I was in HS, the school bought some (disgustingly pricy) IBM boxes running Surepath that didn't have a hardware password reset (or at least IBM claimed that you couldn't).
May we never see th
It's amazing how difficult something can be when you do it wrong. Try loading the MMC, then add local policies, no regedit needed. After it's locked to the Nth degree, load the same tool from a remote box and connect to your secured machine.