[luau] Re: Linux Project for HNLC...?

Benjamin Kinsey bk at bksy.com
Mon Apr 7 15:36:01 PDT 2003 

> Date: Sun, 06 Apr 2003 17:14:59 -1000 (HST)
> From: Nakashima <pnakashi at k12.hi.us>

Hi Peter, 
> Hi Ben,
> Saw your post on luau.
> Can you explain what HNLC is?

HNLC is a five year grant awarded by the NSF to UH and HDOE with the 
main goal of improving Math and Science education for rural schools.  
HDOE schools can apply to be part of our grant and this comes with both 
benefits and responsibilities.  The benefits include professional 
development training for teachers, etc, and the responsibilities 
include helping us collect the information we need to assess the 
success of the grant.  So far we have signed up the first "cohort" of 
ten schools, and we are in the process of finalizing the selection of 
the next cohort of about ten schools.  By the end of our grant we will 
likely have 50-60 schools participating in the HNLC program.  For more 
information on HNLC, check out hnlc.org

Ultimately, I think it would be wonderful for any school that wants 
their own Linux cluster lab to have it.  But, at this point we feel 
this is a little premature for HNLC to push for this, and we at HNLC 
are hesitant to set something like that up in a school without us first 
developing some expertise in setting up our own lab.  So before we go 
around evangelizing the benefits of Linux to sometimes very skeptical 
schools, we need to do our homework and make sure we can get everything 
working the way it should right here and begin a training program.  By 
setting up our own lab, it may be a seed that will germinate into many 
linux labs in the schools down the road.

> We have a few schools in our complex-area leaning towards installing 
Linux
> labs like the one at Mid-Pac.
> Maybe we can help you realize your vision.

Great!  Which complex area?  As it is a RSI (rural systemic 
initiatives) grant, HNLC has not so far emphasized the island of oahu.

Outside of HNLC, there is HDOE/ATRB, which would be the "spaceholder" 
for the Linux lab I am envisioning.  Hopefully ATR can provide some 
support for the endeavors of the schools in the your complex area 
regardless of their HNLC status.

> --
> Peter

> Date: Sun, 06 Apr 2003 17:29:07 -1000 (HST)
> From: Nakashima <pnakashi at k12.hi.us>

> This is very exciting and positive news!
> ATRB and its head Vicky Kajioka would be instrumental in getting a
> Linux/open source "toe" in the DOE door. I believe Vicky reports 
directly
> to State Superintendent Hamamoto.
> This is the BIGGEST fish (DOE department) that has so far expressed
> interest in Linux/open source.
> In my opinion, a large portion of HOSEF's resources should go to 
support
> this effort.

I am very appreciative of your support.  What I am talking about is 
really in the most embryonic stages.  Please bear in mind that the 
decision making process of the government takes time and can be 
sometimes frustrating.

> Date: Sun, 6 Apr 2003 19:49:16 -1000
> From: Vince Hoang <luau at ml.altern8.net>

Hi Vince,
> Whenever the topic of the DOE and Linux comes up, the story about
> how a single Linux was "hacked" in the past gets mentioned.
> 
> Does anyone know the story behind this urban legend? I am
> concerned this piece of FUD (fear, uncertainy, and doubt) is
> hurting the cause.

This particular event occurred before I came on board.  About five 
years ago high-school students created a small (three or four computer) 
linux cluster for our branch.  It was used for testing compatibility 
between Macs and PCs and for general education.  It was remotely 
administered by them until it was given to a Kaiser CS e-school class 
and remotely administered by that teacher.  But then that class ended 
and it seems the cluster was neglected until it was discovered to have 
been hacked and used to collect password information.  At that point, 
the computers were unceremoniously unplugged and Linux forgotten.

So, you are right that this is a case of FUD, but it is not merely an 
urban legend.  I discussed this with the guy who pulled the plug.  I 
want to give this group some perspective of the very real FUD that 
already exists, not to spread it, but so we can strategize around it.

> Any unmaintained operation system is a security risk. Even
> OpenBSD is susceptible to compromises. ("Only one remote hole in
> the default install, in more than 7 years!")

Yes, and therefore we need to develop basic security expertise as an 
absolute minimum.  We need to train people how to upgrade software to 
the latest version, use good passwords, etc.  I don't think many 
schools are so tech savvy and it will be necessary to convey the danger 
of an unprotected operating system.  We need a system where somebody 
will be responsible for a computer and if they can't/won't maintain it, 
it should be unplugged.

> My first question when I heard this was "Where is the firewall?"
> I am not promoting M&M security (hard on the outside, soft on the
> inside), but a simple firewall should have mitigated the risks of
> a newbie installing Linux on the LAN and forgetting about it.

> -Vince

I suspect our firewall has been dramatically improved since then.  
We've been bruised by hackers and are more wary now.


> From: Nakashima <pnakashi at k12.hi.us>
> Subject: Re: [luau] DOE and the compromised Linux box
 
> The best way to combat FUD is a shining example of success within the 
DOE.
> There are currently some schools interested, HOSEF needs to ensure 
that
> these schools become those shining examples of success. Nothing will 
cures
> the DOE's FUD better than a fast, secure, functioning, productive 
Linux
> lab in a DOE public school.

Very true.  

Thanks for your perspectives,
--Benjamin

More information about the LUAU mailing list