Process to restrict games on a computer

[nihil]

deadpunk

Basically by using a "whitelist" of approved applications and looking for files and executables related to common games.

The teachers would not be responsible anyway, that would be the IT/network admins.

Blocking unauthorised network/internet traffic is relatively trivial by comparison.

The major issue here is that the system is required to be "controlled" not locked down. I am sure that it can be done, but I am not aware of an "off the shelf" product, and feel that it would involve rather more design and development than the school have anticipated. They may well not be prepared to invest in this, and resort to just locking the system down.

This would obviously be unfortunate for the majority as they would be suffering for the stupidity of the minority.

[i2c]

Simplest method I can think of is to monitor key stroke frequency. For instance in action shooters we know that the main keys that are used are (w,a,s,d) and the arrow keys. For given that you could watch the frequency see if the key W or Up arrow is being held down for a long time, i.e. 1 second, and then bring up a nag screen.

Or you could see when the OpenGL or DirectX libaries are being used, there must be a method of doing that?

I'd imagine this will take a lot of research to achieve and cost some to, as the games are either gonna need to be found and purchased to see what processes run on game time, or massive search of the internet.

Is there a way to "hook" the gamespy thing as well, as that gets installed with nearly every game I can think of? prehaps bounce it to 127.0.0.1 and there might be data contained in there?

i2c

[nihil]

i2c

I'd imagine this will take a lot of research to achieve and cost some to, as the games are either gonna need to be found and purchased to see what processes run on game time, or massive search of the internet.

That was my thinking, it is not going to be as simple as it might first seem? The controlling of usage between certain hours AND by user is an added complication.

Glad this project isn't in my inbox

EDIT: I guess that these days you would have to monitor for mice, joysticks and game controllers as well?

[i2c]

Im glad I don't have an inbox

This project is effectivly like saying, "I don't want a virus on the laptop". Your trying to guard agaisnt a constantly changing market with new games released every few weeks.

Why not do that then? make your own virus definitions to prevent them installing in the first place??

Yes exactly, flight sims you hardly touch the keyboard with a decent joystick.

I personnaly don' t think this is the correct approach to schooling. Other that getting some stupid letter associated to a subject in terms of a grade, its about teaching other skills such as responsibility and time management. If the kid wants to **** about and not do there work there so be it, set a hard penalty in school for when they don't hand there work in. I think its sad that these "teacher" want a system like this, becuase its purely political and aimed at boast the school up some stupid league table.

What lesson does this teach the kid? Prehaps in there working life they will think its alrite to muck about at work and not do something becuase someone will tell them to do it when they should be? or prehaps going to other extremes where they are unable to make there own choices.

Ultimatly you are nannying these kids, and after all responsibility is with the individual.

i2c

[nihil]

Yes, I would agree...........

J_K9 raised this one as an intellectual exercise and I will be fascinated to learn the results......

I guess that we must be talking a fee-paying boarding school (residential) here?...............that is an added facet?

I strongly suspect that a bit of "sabre rattling" is going on? as I cannot see an affordable solution

[Aspman]

Hmm, I was the IT guy at a fee paying school for 3 years.

We did let the boarders use their own laptops if they wanted BUT If they wanted to connect the laptop to the school network then it was MY laptop until they left and they signed a disclaimer to that effect. They used to get really upset when it clicked all their warez had gone bye bye
Highlight of my day.

They brought their laptop in and I reformatted it and put on the school desktop with the associated restrictions. If they didn't like it, it didn't go on the network.

There were a few kids who were a bit more savvy who wanted to keep their games etc. I would let them dual boot to have an unrestricted Os as well but they were under pain of death not to fck around on the network.

This seems like a bit of strange setup. You get to use your laptop but they want to restrict how long you can play games?? That isn't a technical issue but a teaching issue, teachers should be controlling what happens in the classroom and shouldn't be expecting technology to do the job for them.

The IT guys are probably pulling their hair out over 'yet another' stupid idea thought up by the teachers. Happened to me often.

It could well be some sort of application whitelist software. It's pointless them installing it on a pupil controlled laptop.

[J_K9]

I accept all your points - but if I'm not mistaken, it was the IT department who actually came up with the plan. If they were the ones who invented it, then I assume they must know a way of making it work; but, as we've discussed here, the method of doing so isn't at all clear..

This has little to do with the teachers - it's the IT department trying to restrict us even more. They already implemented a certification system which I have not yet discovered how to set up on Linux, and now they have come up with this. I agree that this is not the correct method to make us work more - if that is possible! We already get far too much work as it is, and especially when you're in top sets you usually have to wake up very early in the morning to finish the set work.

Basically by using a "whitelist" of approved applications and looking for files and executables related to common games.

Come to think of it - you may have hit the nail on the head, nihil. What if they allowed only the standard services and the MS Office suite to run? That would be a real pain in the ass (and I've got OO.org, not MS Office).

I am at a fee-paying boarding school - one of the top in the country, so I doubt this attempt is to get higher up the tables. Anyway, if this program was installed on everyone's laptop, there's no doubt the students would react like a red rag to a bull.

I'll let you know if I get any updates. As I said, I should be having a word with the head of IT soon..

Cheers,

-jk

[Aspman]

Give the head of IT a slap from me.

He's allowing unsecured equipment to be connected to a network which contains sensitive confidential information i.e. pupils work, reports, DoB, names addresses etc etc.
At the very least he is in breach of principle 7 of the data protection act.

Appropriate technical and organisational
measures shall be taken against unauthorised or
unlawful processing of personal data and against
accidental loss or destruction of, or damage to,
personal data

Tell him to buy a copy of BS7799 and smack himself/herself round the head with it until he understands what information security is.

£10 there are unsecured wireless access points in the bulding too, no proper password policy for staff, staff leave their machines logged in and wander about. Plus a thousand other stupid things that get done in schools.

Mind you, don't get too cocky when you speak to them or they'll just set up something nasty for you, I would have .

[nonades]

I went to public school for high school and my friends and I had a like of emulators for old game systems.

One day in a computer class we found that whenever we would go to run one of our emulators we'd get this message box on screen that said something to the effect of, "This program is restricted. If you need to use it please ask a teacher."

We found that all we needed to do was re-name the exe All of a sudden our student accounts started having exe's named "notsega.exe", "thisisntsupernintendo.exe".

Good luck with finding a work-around! (hehe)

[alleyCat]

I think they would be able to filter this traffic with a device like packeteer.

If they are wanting to restrict access, the things they have most control over is the network.

Application layer inline network filtering... let someone else define which is which, all you need to do is click that allow or deny button.

Could snort do this as well?

alleyCat

edit: just reread and saw that you say the rumour is that they would install an application... So if this is true, ignore this post. Interesting requirements thou...