Linux-related job postings - Hopkinton NH School District
Ed Lawson
elawson at laconialaw.com
Tue Jan 11 10:14:00 EST 2005
On Tue, 11 Jan 2005 09:49:59 -0500
Dan Jenkins <dan at rastech.com> wrote:
>
> Biggest problem: Their testing service requires Internet Explorer. In
> fact, it requires ActiveX. It also requires changes to disable any
> prompting for ActiveX components. It requires changes at the web proxy
>
> filter to allow its compiled HTML pages (.HTA) to pass through. And,
> no, they (the testing service) has no plans to make any changes in
> their application. They do not acknowledge any of these are security
> issues. And testing is mandated for all students (except kindergarten
> and preschool). Even viewing the test results requires these changes.
Has anyone contacted the state DOE and explained the security issues
involved here and why this is a very bad thing so that perhaps they
might pressure the testing contractor to use a more secure system.
I am not a technical person, but based on my limited knowledge I believe
you are saying the contractor supplying the state mandated testing is
requiring every school in the state to make at least part of their
network and likely the part containing the most sensitive data about
students and staff vulnerable to known security flaws. It would be one
thing for a corp to do so with an internal network in order to use
certain applications, but to require it of systems open to the Internet
seems incredibly bad. Do I have this right?
Ed Lawson
More information about the gnhlug-discuss
mailing list