I found out about Scratch a few weeks ago. It seemed to be a promising program so I asked members of our Queensland Australia ICT discussion list if anyone had used it.
One school had installed it but had to delete it because it gave students access to school network directories they shouldn't have had access to.
I asked our technician to install it on our network and then log in with a student account and see if he could replicate this. Unfortunately he could.
So, while Scratch appears to be a fantastic program, it also appears to have a fatal flaw, at least in Queensland - it allows students access on our school network to folders they shouldn't even be able to see.
So, a few questions.
Is this a problem confined to Queensland? If so, why?
Is there a way of restricting the network access of students so we can safely install it on our school network?
Thanks in advance for any assistance.
Cheers
Rex
Offline
Hi Rex,
From what I've read the new Scratch version 1.2 that's coming out in a few days will have resolved these security issues you are experiencing: Check the last line of the release notes: http://scratch.mit.edu/pages/beta-release-notes. I'm not a network specialist, but merely hiding directories from user groups doesn't sound like state-of-the-art security for me...
Offline
Yes, the problem is that your school has terrible security, and blame scratch for exposing the problem.
If you are going to be foolish enough to put school records on a Windows server, you have to separate the server completely from the student-accessible machines, as Windows is too easily hacked.
Offline
rex5, it's great to hear that you're interested in using Scratch in Queensland!
Indeed, hiding directories might doesn't seem like a good way to protect directories, but given that we have gotten a couple of people asking about it, the new version of Scratch will probably solve those issues.
We hope you find that useful but we would encourage your network administrator to look into better ways of protecting directories. I remember Windows NT had good security settings that allow you to protect some directories to be readable to only some users.
Offline