Process to restrict games on a computer

Talks have been going on in my school among the heads about some sort of application which will be installed via the standard network update system onto every student's computer - and depending on which year they are in denotes how much time they can spend playing games (or if they can play them at all). Note that these are just talks and there are currently no plans to implement this, but it's an idea which is lingering with hostility around the place.

So, I have a few questions. I know that you may not be able to answer them as I cannot give you any more details (because I don't know them), but I'll give it a shot anyway.

Firstly, how would this application know when a game has been started? Possibly an increase in CPU usage, but then running an application like Photoshop would have the same effects so this probably isn't the method the app would use..

Also, let's say I don't have my network cable plugged in, and I start up a game (like Battlefield 2). Presumably, the application would log my access to a game in a log file, which would be somewhere remoteon my filesystem and with an unsuspicious name if the developers know what they're doing. But, if I found this log file then I could just delete the entry - so no information would be sent to their servers. This must be a functionality lapse in the application? Unless there is another way to get around this (like storing the data within the program itself - although I have not had experience with storing data in a Windows app to survive a restart).

My third question is - would HJThis detect this? The process would either be hidden or be 'non-closable' (as I have experienced in the past with Symantec Anti-virus), so my assumption is that it would be seen as malware and be dealt with accordingly? If I had an application like RegistryProt then I could stop any entries being added to the registry, which could corrupt or expose the program. Correct?
And if an entry was created in Add or Remove Programs and I tried uninstalling it, but a password was required (this happened to me with Symantec as well), how would that be resolved?

There are so many things about this proposed application that I do not understand, but I would like to have an inkling of what may happen in the future - I am not one who enjoys being kept in the dark ;)

I am not looking for a way to get around it in the future if it does come into place (I already know of one and I won't be using it), but I'd like to know more about the topic. It sounds too much like malware to me..

And I've heard that the laptops would then be rendered useless for gaming even at home :eek: If I could uninstall it at least when I got home, then it wouldn't be so much of a problem - although I do not like my privacy being invaded, not matter where I am.

Again, there are currently no plans to make this active - but I want to discuss the (possible) facts about it to become more aware of the situation.

Thanks,

-jk

There is one thing that I don't understand about what you are asking there. Are these computers your own or are they on lease from the school? From their idea to force the restrictive software onto you they sound like the school's but from the ability to install pretty much what you like they sound like yours. If they are yours then I would suggest reading everything that they ask you to sign carefully until well after they have implemented it. But if you are realy curious, then why don't you go and talk to the school IT Support people. They will probably be able to tell you what it is and how it works.

The computers are all ours - but according to the AUP we had to agree to, IIRC it involved not stopping the updates coming in. And I doubt the IT support specialists would help me at all - if they were unwilling to give reasons why they refuse to support Linux on the network, then I doubt they will release information on this..

Plus - I think I can learn more from what the people here have to say than from them ;)
At least here I have a chance of delving deeper into the topic - with one of their superficial responses, I have about as much of a chance as a catfish killing a shark :rolleyes:

Cheers,

-jk

Sorry : but if it's MY laptop, then they do not install anything unless I agree......

if they want to restrict laptops, then they should provide them......
that way you get a school laptop to do the study bit, and a personal laptop to play the good stuff on

Wow, I'm not sure how they would expect to be able to monitor all game usage. I know through Windows WMI service they can monitor processes remotely. But they would need to have some sort of login with rights to view those processes that are running and they'd also have to know what processes to target. Seems like it would be pretty tough to do it from that angle, but I only know a little about WMI. :confused:

Gel

School's and teachers should be concerned about ' grades ' not gaming...as long as a kid has good grades who cares how often he plays games...if the kid has bad grades then restrict his use of the computer in question and supervise his activities until he improves his grade.

To penalize an entire school because a percentage of them are goofing-off is ridiculous...goofing-off is not new...failing grades is not new...we had that before there even was computers...gaming is not responsible for either...restricting gaming will not solve the problem...the problem existed long before the invention of computers or gaming.

Eg ;)

I'll bet some student started this rumor just to stir up trouble.
It sounds technically difficult, and probably prone to bugs,
and students with any know-how would defeat it anyway.
It will never happen. Everyone would riot.
:cool:

foxy - Precisely. This would be a BIG pain in the backside, but according to the terms we had to agree to they have the rights to do so (at least on our domain account - not sure about system-wide). But it's not like I could not have accepted their policy - how else would I go on the internet to research?

waytallgel - Thanks. We had to setup alternative accounts for the domain, and we are (according to the guidelines) meant to give it admin rights - so that could be how they would have access to whatever they needed. (They wouldn't have access to my other 'System Debugger' account though :D)

Eg - Correct, but I think this is part of their ploy to make people work more (like we don't work enough?). By doing this they would be punishing the majority for the faults of the minority which, as you said, is not right.. and I will definitely argue against it if it is confirmed.

rcgreen - Nope, no rumour - I heard it from the heads of house. It seemed quite difficult to do to me, and no doubt there would be ways to get around it. Heck, even if they did decide to do it, you're only a few clicks away from stopping it being installed. There would be a riot though - there was one about fox hunting, so this would cause quite a stir too.

Just wondering if it was possible (they seemed quite confident it could be done, so I was curoius). Thanks for the tips.

Cheers,

-jk

It was actaully proved recently that games can increase intellegence.

http://news.bbc.co.uk/1/hi/education/1879019.stm
http://news.bbc.co.uk/1/hi/education/730440.stm
http://news.bbc.co.uk/1/hi/sci/tech/894673.stm

Given the correct game then I think people can learn something from it. Also our world has evolved from when the teachers were at school, they might of gone and messed about in a stream when they were supposed to be work, now kids spend time online and on games, I think both provide vital skills, but one had to consider the way the world is going.

i2c

Hmmm,

I would be fascinated to know what the software is called/who the developers are.

I have seen parental control software that manages the times that a PC and the internet are used, and security software that only allows users on between set times, but nothing that would specifically block games, unless they were online, or on the network.

:confused:

Would this game blocker be an add on to an existing program they have installed on your laptop, or is it a new pprogram altogether? If it is a new program and not an update to an existing one then surley you could refuse to allow them to install it, while still not breaching the AUP by stopping updates to the existing programs. Or do they word it so that they can install things like this?

Howdy..

If you want to defeat this app that they are planning on using then just format your hard drive and install a linux distro, and just use wine to install/play the game. Guaranteed that this app will only be compatible with a windows system.. ;)

Seeing as it is Your Laptop then they carn't tell you what operating system that you have to use, and if you need to use a windows program for school work then just dual boot the drive with the windows and the other partition with your linux distro.

cheers
front2back

Nihil - I've never heard anything like this either. I don't know how they propose to do it - but I'll try and find out if I can.

qwertyman66 - No, they have worded it so that they can install new software on my computer (like Symantec Anti-virus). Therefore by stopping the installation of this program, I would be breaking the AUP..

f2b - I've already got a dual boot on my laptop - there's no way they're going to stop me using Linux, whether on the network or not! ;) I already have more than one way of defeating it, but I am merely wondering how the heck they would program something like that.. :D

Cheers,

-jk

Hi J_K9

This is about the closest I have managed to find:

http://www.timelyweb.com/free/Lock-P...er_35403s.html

http://www.imperosoftware.com/impero.asp

http://news.thomasnet.com/mobile/m-f...ml?prid=475905

http://www.brothersoft.com/security/...torx_6807.html

http://www.iwaypatrol.com/iway_index.html

Now, they mostly seem to be aimed at networks/internet although I did find this (free) one that appears to work locally.

http://www.webjillion.com/archives/2...tation-blocker

I also wonder if bandwidth might be more of the issue than workrates?

:)

Hi nihil,

For the last (free) one, I think you have to add the programs manually to the block list. So, with all the games out there that would need to be blocked - I think the technicians here might have a little trouble stopping them all.. ;) And that one possibly just stops the executable from running - so if it is moved elsewhere, then the blocker will no longer work?

Bandwidth may be an issue, but I highly doubt it - the network was recently upgraded to 100 Mbps, and not that many people play games over the LAN (although I do play against friends from time to time). I think it's because a few people spend too much time playing games and it interferes with their study time. But should everyone be punished for the fact that a few people cannot manage their time?

;)

Cheers,

-jk

Yes, implementation is certainly a big issue, which could well be why nothing has happened yet?

I would have thought that the network and internet logs would make it fairly easy to block online sites, even if they used a proxy.................which would be a dead giveaway :eek:

Blocking locally stored games is a different issue. Sure you could block the top 100, but you would still have to find the executables. Mind you, once that was done, you would simply apply the restrictions globally.

I wonder if this might not be a case of "being seen to be doing something.............anything" :D

That could quite possibly be why they have not done anything yet.

Online sites are blocked quite often - I'm sure you would not find it surprising that this site was blocked for over a year (which may have become apparent due to my infrequent visits here - when I was not at school) :)

I've thought of something else - maybe they could get the process names of the top __ games and monitor how long they have been alive? I know that would be a horrible way to do it (because if we take steam.exe as an example, I don't have to be playing the game to have it open) - unfair to minimised games as well.

Well, if they do decide to do it - I'll let you all know what happens.. ;)

Thanks,

-jk :D

Hmmm Its highlt impossible to stop game play. The only way that they can view is using VNC software to see what you are doing however other than that I dont know...

Quote:

---

Hmmm Its highlt impossible to stop game play

---

Actually that is not quite correct. It is fairly easy to put a stop to it altogether . The requirement here is to allow, it but restrict it either by total time per user, or to certain hours of the day. Now that is the difficult bit as I see it.

Particularly as the students appear to have local admin rights, and can install operating systems and other software.

I certainly haven't seen software that meets this requirement fully. I would suggest that at the end of the day it is a total lockdown, or a case of responsibility and trust.

:)

I'm baffled how this would work - how would an automated system be able to tell a game from a legitimate app? The teachers could log onto each student's account in turn, i guess - but with any reasonably-sized student body that would be a full time job. I'd have thought teachers would rather spend their working day teaching than spying on the students.

deadpunk

Basically by using a "whitelist" of approved applications and looking for files and executables related to common games.

The teachers would not be responsible anyway, that would be the IT/network admins.

Blocking unauthorised network/internet traffic is relatively trivial by comparison.

The major issue here is that the system is required to be "controlled" not locked down. I am sure that it can be done, but I am not aware of an "off the shelf" product, and feel that it would involve rather more design and development than the school have anticipated. They may well not be prepared to invest in this, and resort to just locking the system down.

This would obviously be unfortunate for the majority as they would be suffering for the stupidity of the minority.

:(

Simplest method I can think of is to monitor key stroke frequency. For instance in action shooters we know that the main keys that are used are (w,a,s,d) and the arrow keys. For given that you could watch the frequency see if the key W or Up arrow is being held down for a long time, i.e. 1 second, and then bring up a nag screen.

Or you could see when the OpenGL or DirectX libaries are being used, there must be a method of doing that?

I'd imagine this will take a lot of research to achieve and cost some to, as the games are either gonna need to be found and purchased to see what processes run on game time, or massive search of the internet.

Is there a way to "hook" the gamespy thing as well, as that gets installed with nearly every game I can think of? prehaps bounce it to 127.0.0.1 and there might be data contained in there?

i2c

i2c

Quote:

---

I'd imagine this will take a lot of research to achieve and cost some to, as the games are either gonna need to be found and purchased to see what processes run on game time, or massive search of the internet.

---

That was my thinking, it is not going to be as simple as it might first seem? The controlling of usage between certain hours AND by user is an added complication.

Glad this project isn't in my inbox :D

EDIT: I guess that these days you would have to monitor for mice, joysticks and game controllers as well?

Im glad I don't have an inbox :)

This project is effectivly like saying, "I don't want a virus on the laptop". Your trying to guard agaisnt a constantly changing market with new games released every few weeks.

Why not do that then? make your own virus definitions to prevent them installing in the first place??

Yes exactly, flight sims you hardly touch the keyboard with a decent joystick.

I personnaly don' t think this is the correct approach to schooling. Other that getting some stupid letter associated to a subject in terms of a grade, its about teaching other skills such as responsibility and time management. If the kid wants to **** about and not do there work there so be it, set a hard penalty in school for when they don't hand there work in. I think its sad that these "teacher" want a system like this, becuase its purely political and aimed at boast the school up some stupid league table.

What lesson does this teach the kid? Prehaps in there working life they will think its alrite to muck about at work and not do something becuase someone will tell them to do it when they should be? or prehaps going to other extremes where they are unable to make there own choices.

Ultimatly you are nannying these kids, and after all responsibility is with the individual.

i2c

Yes, I would agree...........

J_K9 raised this one as an intellectual exercise and I will be fascinated to learn the results......

I guess that we must be talking a fee-paying boarding school (residential) here?...............that is an added facet?

I strongly suspect that a bit of "sabre rattling" is going on? as I cannot see an affordable solution ;)

Hmm, I was the IT guy at a fee paying school for 3 years.

We did let the boarders use their own laptops if they wanted BUT If they wanted to connect the laptop to the school network then it was MY laptop until they left and they signed a disclaimer to that effect. They used to get really upset when it clicked all their warez had gone bye bye :D
Highlight of my day.

They brought their laptop in and I reformatted it and put on the school desktop with the associated restrictions. If they didn't like it, it didn't go on the network.

There were a few kids who were a bit more savvy who wanted to keep their games etc. I would let them dual boot to have an unrestricted Os as well but they were under pain of death not to fck around on the network.

This seems like a bit of strange setup. You get to use your laptop but they want to restrict how long you can play games?? That isn't a technical issue but a teaching issue, teachers should be controlling what happens in the classroom and shouldn't be expecting technology to do the job for them.

The IT guys are probably pulling their hair out over 'yet another' stupid idea thought up by the teachers. Happened to me often.

It could well be some sort of application whitelist software. It's pointless them installing it on a pupil controlled laptop.

I accept all your points - but if I'm not mistaken, it was the IT department who actually came up with the plan. If they were the ones who invented it, then I assume they must know a way of making it work; but, as we've discussed here, the method of doing so isn't at all clear..

This has little to do with the teachers - it's the IT department trying to restrict us even more. They already implemented a certification system which I have not yet discovered how to set up on Linux, and now they have come up with this. I agree that this is not the correct method to make us work more - if that is possible! We already get far too much work as it is, and especially when you're in top sets you usually have to wake up very early in the morning to finish the set work.

Quote:

---

Basically by using a "whitelist" of approved applications and looking for files and executables related to common games.

---

Come to think of it - you may have hit the nail on the head, nihil. What if they allowed only the standard services and the MS Office suite to run? That would be a real pain in the ass (and I've got OO.org, not MS Office).

I am at a fee-paying boarding school - one of the top in the country, so I doubt this attempt is to get higher up the tables. Anyway, if this program was installed on everyone's laptop, there's no doubt the students would react like a red rag to a bull. :)

I'll let you know if I get any updates. As I said, I should be having a word with the head of IT soon..

Cheers,

-jk ;)

Give the head of IT a slap from me.

He's allowing unsecured equipment to be connected to a network which contains sensitive confidential information i.e. pupils work, reports, DoB, names addresses etc etc.
At the very least he is in breach of principle 7 of the data protection act.

Quote:

---

Appropriate technical and organisational
measures shall be taken against unauthorised or
unlawful processing of personal data and against
accidental loss or destruction of, or damage to,
personal data

---

Tell him to buy a copy of BS7799 and smack himself/herself round the head with it until he understands what information security is.

£10 there are unsecured wireless access points in the bulding too, no proper password policy for staff, staff leave their machines logged in and wander about. Plus a thousand other stupid things that get done in schools.

Mind you, don't get too cocky when you speak to them or they'll just set up something nasty for you, I would have . :lildevil:

I went to public school for high school and my friends and I had a like of emulators for old game systems.

One day in a computer class we found that whenever we would go to run one of our emulators we'd get this message box on screen that said something to the effect of, "This program is restricted. If you need to use it please ask a teacher."

We found that all we needed to do was re-name the exe :D All of a sudden our student accounts started having exe's named "notsega.exe", "thisisntsupernintendo.exe".

Good luck with finding a work-around! (hehe)

I think they would be able to filter this traffic with a device like packeteer.

If they are wanting to restrict access, the things they have most control over is the network.

Application layer inline network filtering... let someone else define which is which, all you need to do is click that allow or deny button.

Could snort do this as well?

alleyCat

edit: just reread and saw that you say the rumour is that they would install an application... So if this is true, ignore this post. Interesting requirements thou...

Hey alleyCat

You are spot on with the "interesting requirements" bit..................

The killer to me is to select by user, by elapsed time and by absolute time.

I am sure that many of us have come across stuff that will do bits of it..............so you might think that it is simple?...............not so!..............you would have to integrate applications from totally unrelated suppliers?

I think that I know why it is "being talked about" but has not actually happened :D