Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stopping ChatZilla Installs on FireFox Systems?

Posted by Cliff on from the limiting-user-abuse dept.

TonalSpeller asks: "I'm in charge of a language learning computer lab in an Asian university. We have Windows XP on all machines, but I convinced my superior that I needed to hide Internet Explorer on all student machines (can't remove it entirely because some proprietary software might need access to it). I'm counting on security through obscurity -- I know that a minority of savvy people can still access IE via the command line. I am running the latest version of Opera and Firefox 1.0 PR on all machines, but now I am faced with a dilemma -- extending Firefox is so easy that sooner or later, someone will try to install Chatzilla. Is there any easy way to block Javascript while keeping Firefox's superb usability? I will be running TrustNoExe, but that won't catch Mozilla extensions. Any ideas or suggestions?" "I have also removed all chat clients, games and Outlook Express so that people can concentrate on language learning (I don't want people using all this expensive hardware to goof off). I work hard to create interesting lessons, but I won't get a chance to teach anything if students are immersed in irrelevant conversations."

8 of 81 comments (clear)

  1. Firewall the chat services? by Jepler · · Score: 2, Insightful

    Why not firewall the chat services, if that is seen as a problem?

    Second option, make whatever directories firefox installs extensions into non-writable.

    Third option, refresh that directory from a fresh copy each time firefox is installed (don't all extensions require a restart?)

  2. Ask Slashdot? by vasqzr · · Score: 3, Insightful


    Why not ask here, or here??

  3. why give them firefox.. by gl4ss · · Score: 1, Insightful

    ...if you don't want them to use it?

    why not just firewall the classroom to hell and back, do they _need_ to get on the internet?

    and why not set it up so that they can only run the apps they need and nothing else?

    --
    world was created 5 seconds before this post as it is.
  4. Really Necessary? by GeckoX · · Score: 2, Insightful

    Do you really need to stop ChatZilla physically?

    Think of it this way, how do you handle passing of notes in class? By disallowing paper and pens to enter the room? Didn't think so.

    I would think that your life might be easier if you weren't so worried about unnecessarily micromanaging every little detail about these workstations.

    Another reason to consider this option: If you've got hackers in there, they are more likely to try to hack something that's been locked down, than something that is installed as expected.

    --
    No Comment.
  5. Re:Software Firewall by Spoing · · Score: 3, Insightful
    1. How about a software firewall like zonealarm that would block chatzilla from accessing the Internet.

    If he has control over the local systems, it's better to lock them down instead of tweaking firewall settings. One reason (of many): By allowing the program to be installed, the users may be motivated to 'get it to work', possibly breaking other security settings in the process.

    --
    A firewall can not protect you from yourself. Turn off what you do not need. Do not use the firewall to do your work.
  6. I think that's useless by wsapplegate · · Score: 2, Insightful

    Why is it useless ? Well, because regardless of whether people can install ChatZilla or not (BTW, I don't think there are that much people that know about Mozilla XPIs), they'll most probably settle for an easier solution : use a Web gateway to IRC or some other messaging system. Faster and easier. Of course, you can block that, too. IIRC, most of those gateways will use Java so you can just remove the Java plug-in (if you don't use it for something else), firewall everything, and just to be sure, use a transparent proxy with some filter like SquidGuard on it...

    As for my opinion, since we're talking about an university setting (hence adult people), I suggest that those guys are mature enough to know not to chat during important lessons. And if they do, well, they'll fail their exams, and that's their problem. They're adults, remember ? No need to go out of your way "protecting" them from themselves. IMHO, of course.

    --
    Xenu brings order!
  7. Don't waste your time by kagaku · · Score: 3, Insightful

    Don't waste your time by going out of your way to block access to IRC. The people who want to chat on IRC during class will find a way, either by Chatzilla, a java client, or a php/perl html client somewhere. These people aren't children, they're adults. If they want to sit on IRC during class, that's their loss. They're paying for the classes.

    This is basically the stance my college takes on computer usage. You can do almost anything you want on the college computers (providing you don't screw 'em up), because if you don't pay attention during class it's your loss.

    --
    everyday is another shooter.
  8. confused by joe094287523459087 · · Score: 2, Insightful

    i don't mean to troll but your post left me confused.

    you want to hide IE to only the few people too dumb to type iexplore in the start > run dialog...

    but you are worried about blocking a potential install of a specific obscure chat program?

    so you have 2 unexplained goals, with totally different solutions (easy vs. so hard you need /. advice). i am confused