I was chatting earlier on hangouts with a colleague in Bristol who has some challenges with the Linux Controlled Assessment – particularly concerns from the Network Technicians at his school. They have been very worried about the implications of allowing students to use a Linux computer – or worse a VirtualBox install which could potentially allow some really aggressive hacking vectors on the network.
I’d say there are tonnes of positives about using VirtualBox and a full VM for each student – or even using a LiveUSB approach, but also some issues that at least in our use scenario at my school are overcome with Levinux. You can also see my earlier thoughts on issues with Raspberry Pi‘s as a solution
In a later post coming up I’ll detail some of the issues we’ve had with Levinux and what I’m planning to do about them in future releases. I also intend to review the new CA tasks and give my very general thoughts (no spoilers!) on them; I have them in my queue to look at very soon! If you’ve not seen them, look on OCR Interchange – you’ll need a login
Live USB problems
I would personally (security aside) prefer the live USB route – though with the caveat that obviously some time would be lost each lesson re-booting the computer and an OS takes longer to load from a USB stick than a hard drive. Factor in losing 5+ minutes more than you would logging in to your network.
A full distro installed as a live USB is a really good solution for introducing what it’s like to ‘live’ in Linux full time – something that it proves is fully possible (right now I’m writing this on the Ubuntu PC that has been my main computer in various incarnations for over 10 years). However, the only place to save files is on that USB drive. Good luck getting them off without getting the internet involved (you’ll definitely need the internet so that the students can research) – maybe email to themselves or upload to the VLE? Not ideally secure for Controlled Assessment work? We’ve also had issues with USB drives going missing – ‘forgotten’ in a machine, put in a pocket, they could even be stolen. If that’s the whole CA work then it’s a really big deal.
Many Network Managers will get chills at the though of allowing anyone to boot a machine from USB – it’s a big security hole that could allow students full control over hard drives (wipe all installed software, install viruses with admin permissions…) and as it’s a dead certainty that they’ll need network connections, another issue there.
VirtualBox problems
Virtual box has many of the security issues of a USB drive, plus the potential for performance issues. A colleague who has recently joined another local school has complained of slow performance of VirtualBox machines when trying to run fairly simple software (like IDLE) on powerful brand new machines. And of course that is after logging in to Windows, finding the software and booting the VM.
VirtualBox machines also take a lot of storage – at least a few GB per student. That very quickly adds up when you consider a class or two of 25+, then all the backup space needed… Again, your Network Manager is getting squirmy.
But VirtualBox doesn’t only allow the distro you choose to install – maybe Ubuntu or something common. There are lots of hacking focussed VMs you can download with little more than a google search and Youtube videos on how you can use them to hack. Just as there’s no limit to what can be booted from a USB drive, there are no limits to what a VM in VirtualBox can do on the network, though there will be less ability to damage the local hard drive.
VirtualBox installs a few different drivers on the machine, too – low level access to the Operating System so it can do clever things like bridge the network connection and appear on the network to other computers. This is handy if you’re trying to set up a virtual server as a technician, or if you’re trying to redirect traffic to your VM (because you’re a hacking script-kiddie), but not necessary for the CA tasks.
Levinux works for us
I’m not trying to preach on this one, but if you have Techs that are totally dead-set against the other options, some of these arguments might work.
Levinux is light-weight in footprint – the zip download is just 26MB and expands to 36MB. The beauty of this is that it includes everything it needs to run, including QEMU (the software used by Google to help develop Android apps on the desktop). It can be run as a ‘portable program’ from a USB stick or from a local store on the hard drive or a network share. The implications of ~40MB per student versus say 2GB per student are quite clear.
Levinux is the only thing that Levinux can run – you’d need a lot of skills (well, a lot more than me) to use it to run a different, malicious distro. You’ll also find nothing that will help you hack a Windows network if you search for Levinux on Youtube! I’m not saying you couldn’t do it with 20 hours on your hands and a network connection, but there are a very small number of students who would be both capable enough, determined enough and able to ignore the CA task for long enough to do it!
Levinux, because it runs as a VM in Windows (or on Mac and Linux) allows you to use your normal set of software to research and write up – no new browser to get used to, your version of Office, your network folders, exactly as you do in every other lesson. The only learning curve is in the content of the questions and tasks, not in how to find out and write up. Simple printscreens into Word – everyone is used to that!
Levinux is quick – super responsive and boots from USB in less than 90 seconds – less time than it takes me to register my class! Boot from network is marginally slower, but much quicker than an Ubuntu Live CD or even a Raspberry Pi. QEMU is light-weight and as there’s almost nothing to load, Levinux takes up very little RAM as well as disk space.
If you’re interested in the training I’ve given to staff at my school, send me an email so you can see the suggested solutions using Levinux to all the problems of the 2014-16 Linux problems. Obviously this is not to be shared with students, so I can’t post it here!