visualpython-users

Re: [Visualpython-users] UPDATE: High School Network Security

[Bruce S. <Bru...@nc...>]

Frank Noschese wrote:
> Hello again,
> 
> Thanks to everyone that gave input to my Vpython installation roadblock. Like
> Arthur said, this is not a situation which will be fixed by a little
> "education." I asked the tech coordinator to outline the reasons why installing
> open source is not in the school's best interest. Here is the reply:
> 
> =======
> "In Reference to our ticket #313, there are a number of reasons why we (the
> technical team) decided that it would not be in keeping with the "best
> practices" of the district to install open source software on the districts
> computers and network. Four key reasons are as follows:
> 
> 1) Lack of technical support from the 'vendor'. Since most open source software
> is provided 'free' and is not maintained by a central vendor, technical support
> is limited if not non existent. With this lack of technical support of the
> software products in question, we have no way of getting help when the software
> has a problem or is the cause of problems with the network.

Technical support of commercial products is often rather poor. Given the 
large community of collaborators on large open source projects such as 
Python, it is possible that effective technical support may be better, 
not poorer. Minor case in point: Yesterday I asked for volunteers to 
step forward and help with getting VPython to run on the new Mac OSX 
10.4. Almost immediately Aaron Titus stepped forward with advice, which 
is now on vpython.org, and it looks like others are actively pursuing 
ways to simplify installation.

> 2) Product testing was another reason. Since there are so many contributors to
> open source software, in many cases, the software is not tested for
> compatibility and stability. As such, there is no level of expectation that the
> product will function as stated. Further more, with the limited testing of the
> software, we have no idea of what problems or ill effects the software may have
> on the computers and network.

There's no generally valid rule here, but in many cases there is more, 
and more open, testing of open source software, due to the open nature 
of the user community. What do you really know about the problems with 
Microsoft Word, beyond the random inputs from your colleagues about the 
many problems with it? Can you inspect the bug reporting and tracking 
presumably maintained by Microsoft?

> 3) Legal issues. According to the American Bar Association, Contributors do not
> vouch for the cleanliness of the code they contribute to the project; in fact,
> the opposite is true -- the standard open source license is designed to be very
> protective of the contributor. The typical license form does not include any
> intellectual property representations, warranties or indemnities in favor of
> the licensee; it contains a broad disclaimer of all warranties that benefits
> the licensor/contributors. Seeing in that there is no way for us to verify that
> the code that contributors are adding is there own, we may be opening up the
> district to legal actions should the software or portions there of are
> copyrighted and being used illegally or improperly. See attachment for more
> detail...

I guess I can see that this could be a problem. The scenario is that I 
steal some graphics code from some proprietary or patented environment, 
submit it to enhance some open source project, the gatekeeper accepts 
it, and now that software is contaminated. But is it the end users who 
would be subject to prosecution, or me?

However, having read the ABA document, it expresses concerns about a 
company building software on an open-source base, only to find that they 
have inadvertently infringed a copyright or patent. This is a very 
different set of issues than those for a school system USING open-source 
software.

> 4) Security of the "system." Since in most cases, anyone can obtain a copy of
> the source code of the software (OPEN SOURCE), we are running the risk of a
> user being able to modify the software on the network and manipulated it in
> such a manor to produce undesired effects. Since we have to look out for the
> stability and security of the network, this was viewed as a possible security
> issue. Another security concern is the ability of virus introduction. Since the
> source code is open, anyone so inclined, could create a virus to exploit the
> software without much difficulty. This ability to introduce a virus or other
> malicious code to the system can have the effect of bringing the system "down"
> and possible data loss or corruption."

This is just plain confused. In secure Windows environments Python and 
VPython live in a protected space that users can't modify. So after 
administrative installation of Python/VPython, no one without 
administrative permissions can change the software. Users write programs 
and store them in "My documents".

It is true that I could submit a virus or security threat to be included 
in an open source project, and the gatekeeper could fail to realize the 
danger and include it. But the community would fairly quickly identify 
the problem.

Bruce Sherwood

> ===========
> 
> Also included in the email was information from the American Bar Association
> at: <http://www.abanet.org/intelprop/opensource.html>
> 
> Any thoughts from you folks? Do they have any truly valid points? Perhaps a
> "Live CD" is my best (only?) option.  How is this created?
> 
> Many thanks again,
> Frank Noschese
> John Jay High School
> Cross River, NY

[Visualpython-users] Re: [Edu-sig] UPDATE: High School Network Security

[Jordan J. <jor...@cs...>]

On Monday, May 16, 2005, at 11:00  AM, Frank Noschese wrote:
> 4) Security of the "system." Since in most cases, anyone can obtain a 
> copy of
> the source code of the software (OPEN SOURCE), we are running the risk 
> of a
> user being able to modify the software on the network and manipulated 
> it in
> such a manor to produce undesired effects.
         ^^^^^

Aha, so that's what this is really about--a threat to the manor!

jmj

--
"In this era of big brains, anything that can be done will be done - so 
hunker down." -- Kurt Vonnegut

[Visualpython-users] UPDATE: High School Network Security

[Frank N. <fra...@sb...>]

Hello again,

Thanks to everyone that gave input to my Vpython installation roadblock. Like
Arthur said, this is not a situation which will be fixed by a little
"education." I asked the tech coordinator to outline the reasons why installing
open source is not in the school's best interest. Here is the reply:

=======
"In Reference to our ticket #313, there are a number of reasons why we (the
technical team) decided that it would not be in keeping with the "best
practices" of the district to install open source software on the districts
computers and network. Four key reasons are as follows:

1) Lack of technical support from the 'vendor'. Since most open source software
is provided 'free' and is not maintained by a central vendor, technical support
is limited if not non existent. With this lack of technical support of the
software products in question, we have no way of getting help when the software
has a problem or is the cause of problems with the network.

2) Product testing was another reason. Since there are so many contributors to
open source software, in many cases, the software is not tested for
compatibility and stability. As such, there is no level of expectation that the
product will function as stated. Further more, with the limited testing of the
software, we have no idea of what problems or ill effects the software may have
on the computers and network.

3) Legal issues. According to the American Bar Association, Contributors do not
vouch for the cleanliness of the code they contribute to the project; in fact,
the opposite is true -- the standard open source license is designed to be very
protective of the contributor. The typical license form does not include any
intellectual property representations, warranties or indemnities in favor of
the licensee; it contains a broad disclaimer of all warranties that benefits
the licensor/contributors. Seeing in that there is no way for us to verify that
the code that contributors are adding is there own, we may be opening up the
district to legal actions should the software or portions there of are
copyrighted and being used illegally or improperly. See attachment for more
detail...

4) Security of the "system." Since in most cases, anyone can obtain a copy of
the source code of the software (OPEN SOURCE), we are running the risk of a
user being able to modify the software on the network and manipulated it in
such a manor to produce undesired effects. Since we have to look out for the
stability and security of the network, this was viewed as a possible security
issue. Another security concern is the ability of virus introduction. Since the
source code is open, anyone so inclined, could create a virus to exploit the
software without much difficulty. This ability to introduce a virus or other
malicious code to the system can have the effect of bringing the system "down"
and possible data loss or corruption."
===========

Also included in the email was information from the American Bar Association
at: <http://www.abanet.org/intelprop/opensource.html>

Any thoughts from you folks? Do they have any truly valid points? Perhaps a
"Live CD" is my best (only?) option.  How is this created?

Many thanks again,
Frank Noschese
John Jay High School
Cross River, NY

RE: [Visualpython-users] High School Network Security

[Ives, T. W. <tho...@hp...>]

Francesco,

I've been quiet on this list for a while enjoying reading the
advancements of Vpython over time and continuing to enjoy its power and
simplicity, but I have enjoyed and appreciated it most of all when
teaching and so have my students.

I occasionally teach an upper level undergraduate engineering course at
the local university here in Boise - Control Systems Design. It is a
tough course, which is further complicated by the high priced software
we use (Matlab and Simulink). Due to being an adjunct, I was late
getting a license to use it - no problem. I introduced the students to
SciLab (http://scilabsoft.inria.fr/) - free scientific software. They
were thrilled. But then, we got to things that were just a little more
complicated - how about a non-linear transfer function? Ouch! Even
Matlab struggles with that. I introduced them to Python - WOW! And
nothing was hidden from them or spoon fed to them. They could see how to
easily program it for themselves without compiling and without the
hyper-complication of compiled languages.

Then, we got into our inverted pendulum project. "Wouldn't you guys like
to see how this looks in action?" I ask. "Are you going to have us build
it Dr. Ives?" they ask. "No, let's just animate it" I reply, and their
eyes look like the eyes of dears in headlights :)  "No, really, it is
easy with Vpython." Suffice it to say, they have crossed over. They took
what I showed them and took it much further. And, those transfer
functions? They plotted the Bode plots with Vpython also. We still ended
up using Matlab, but when Matlab couldn't handle something easily, we
just slid comfortably over to Python and Vpython.=20

I hope this story helps. The university IT guys gladly loaded Python and
Vpython on their systems for me, and the students could download it to
their personal PC's easily and freely. There is a lot of policy being
invented that stands in the way of wisdom nowadays. Today, the student
that comes into my modeling and controls classes knowing Python/Vpython
is a step ahead. I suspect in the near future that the one coming into
my class not knowing the seemingly most popular object oriented
scripting language and its powerful modules is going to be behind! Also,
the day that my IT guys tell me they cannot make available a software
package I deem useful to my students is the day I ask the school to get
some new IT guys, or I find a new school.

Hope that helps,
thom

  _____ =20

Thom Ives, Ph.D.
Hewlett-Packard

R&D Engineering Scientist=09
11413 Chinden Blvd MS 303
Boise, ID.  83714
208.396.6880 Phone
208.396.7560 Fax
tho...@hp...=20

Home:
5556 N Columbine Pl
Boise, ID 83713
208.938.3365 Phone
208.412.3971 Cell
407.210.5514 Fax
tw...@ms...
  _____ =20

=20


> -----Original Message-----
> From: vis...@li...=20
> [mailto:vis...@li...] On=20
> Behalf Of FRANCESCO NOSCHESE
> Sent: Friday, May 13, 2005 7:11 PM
> To: vis...@li...
> Subject: [Visualpython-users] High School Network Security
>=20
> Hello everyone,
>=20
> I am a high school physics teacher who is planning post-AP=20
> exam student projects using VPython.  However, my school=20
> refuses to allow Python and VPython to be installed on the=20
> school's network because it is open source.
>=20
> Here's the reply from the technology coodinator at my school:
>=20
> "Our technology team discussed your request to install=20
> VPython on the network/lab at our May 4th meeting and all=20
> agreed that it is not good practice to install open source=20
> software on the school computer systems. =20
> We have conferred with LHRIC and a random sampling of other=20
> districts and all agree it is not in the district's best=20
> interest to do so, even thought there is no doubt your=20
> intended goal is worthy."
>=20
> [LHRIC is a technology-oriented consortium of local school=20
> districts <http://www.lhric.org>]
>=20
> Is this really a problem?  What are the risks?  Is there any=20
> way to prevent student misuse of Python?  How can I make a=20
> case to allow Python in school?
>=20
> FYI, we have a Novell Zenworks network for XP and Win98=20
> machines.  We also have Citrix in XP.
>=20
> Many thanks in advance for all your help.
>=20
> Frank Noschese
> Physics Teacher
> John Jay High School
> Cross River, NY
>=20
> fno...@kl...
> *****************************
> Frank Noschese
> Physics Teacher
>=20
> John Jay High School
> Cross River, NY
>=20
> fno...@kl...
> voicemail: (914) 763-7384
> *****************************
>=20
>=20
>=20
>=20
>=20
> -------------------------------------------------------
> This SF.Net email is sponsored by Oracle Space Sweepstakes=20
> Want to be the first software developer in space?
> Enter now for the Oracle Space Sweepstakes!
> http://ads.osdn.com/?ad_ids93&alloc_id=16281&op=3Dick
> _______________________________________________
> Visualpython-users mailing list
> Vis...@li...
> https://lists.sourceforge.net/lists/listinfo/visualpython-users
>=20

[Visualpython-users] Re: [Edu-sig] UPDATE: High School Network Security

[Arthur <ajs...@op...>]

Chuck Allison wrote:

>Hello Frank,
>
>Some of the reasons cited below from your tech coordinator certainly
>make sense, but not for the classroom. Businesses rightly are
>concerned about vendor support, adequate testing, standards
>conformance, etc. - it can make a big difference in costly projects.
>  
>
Part of the problem is structural, in a duely perverse way.  In many
institutional settings the approval process in linked to the procurement
process.  If there is no need to undertake a procurement process (it's
free) there is nothing to which to attach an approval process. Approval
is therefore an impossiblity.

But - again - simply pointing this out and expecting someone to put palm
to forehead, and exclaim "of course -  our system does not make sense in
this regard, thanks for pointing that out. we will endeavor to change 
it" - is not what we are going to get.  Promise.

>But in small, informal classroom use, a teacher who knows Python can
>give all the "support" that's needed. Fortunately at my college, I can
>just tell the students to download whatever software and use it (they
>all have their own computers - and I have it placed on our lab
>computers as well - we have no bureaucracy to stop it - the IT people
>are there to support the faculty, not impede them). Over-cautious
>IT policies should not stand in the way of educating. Educating
>bureaucrats in such separation of concerns is certainly in order.
>  
>
We have what we called in my day the AV (for audio-visual) department
setting policy for physics teachers.

Absurd as that it, it is a new reality of our new age.

With the additional development that Headquarters has taken a new 
interest in the policies of the AV department.

Art

[Visualpython-users] Re: [Edu-sig] UPDATE: High School Network Security

[Laura C. <la...@st...>]

They just hate Open Source.  And they are unwilling to examine projects
on a case-by-case basis.

In a message of Mon, 16 May 2005 11:00:27 PDT, Frank Noschese writes:
>Hello again,
>
>Thanks to everyone that gave input to my Vpython installation roadblock. 
>Like
>Arthur said, this is not a situation which will be fixed by a little
>"education." I asked the tech coordinator to outline the reasons why inst
>alling
>open source is not in the school's best interest. Here is the reply:
>
>=======
>"In Reference to our ticket #313, there are a number of reasons why we (t
>he
>technical team) decided that it would not be in keeping with the "best
>practices" of the district to install open source software on the distric
>ts
>computers and network. Four key reasons are as follows:
>
>1) Lack of technical support from the 'vendor'. Since most open source so
>ftware
>is provided 'free' and is not maintained by a central vendor, technical s
>upport
>is limited if not non existent. With this lack of technical support of th
>e
>software products in question, we have no way of getting help when the so
>ftware
>has a problem or is the cause of problems with the network.

This is, of course, not true for Python.  If you want a support license,
you can talk to, among others, ActiveState.  Actually, my experience with
open and closed source products is that the Open Source developers are
more responsive to bug reports.  Closed source places have to justify 
the time spent on a bug fix with the revenue it generates. Unless you are
an _important_ customer, you can wait a long time.

>
>2) Product testing was another reason. Since there are so many contributo
>rs to
>open source software, in many cases, the software is not tested for
>compatibility and stability. As such, there is no level of expectation th
>at the
>product will function as stated. Further more, with the limited testing o
>f the
>software, we have no idea of what problems or ill effects the software ma
>y have
>on the computers and network.

Python is well tested.

>
>3) Legal issues. According to the American Bar Association, Contributors 
>do not
>vouch for the cleanliness of the code they contribute to the project; in 
>fact,
>the opposite is true -- the standard open source license is designed to b
>e very
>protective of the contributor. The typical license form does not include 
>any
>intellectual property representations, warranties or indemnities in favor
> of
>the licensee; it contains a broad disclaimer of all warranties that benef
>its
>the licensor/contributors. Seeing in that there is no way for us to verif
>y that
>the code that contributors are adding is there own, we may be opening up 
>the
>district to legal actions should the software or portions there of are
>copyrighted and being used illegally or improperly. See attachment for mo
>re
>detail...

This is misleading. Python contributers state that they have the right
to contribute this code (ie it is their's or their company's and they
have the right to represent their company). According to our lawyers,
no amount of ABA sanctioned yapping about indemnification will do
anybody a piece of good if some third party wakes up one day and says
that the python langauge is in violation of their patent.  In this
case, the contributor, the Python Software Foundation, and all the
Python users will all be sitting on one side of the fence, as some
jerk -- usually a corporation -- tries to extort money out of us.
This could happen.  However, this is merely a reflection of why patents
are bad for software, and this could happen should you use a piece of
closed source software that somebody claims violates their patent as well.

>
>4) Security of the "system." Since in most cases, anyone can obtain a cop
>y of
>the source code of the software (OPEN SOURCE), we are running the risk of
> a
>user being able to modify the software on the network and manipulated it 
>in
>such a manor to produce undesired effects. Since we have to look out for 
>the
>stability and security of the network, this was viewed as a possible secu
>rity
>issue. Another security concern is the ability of virus introduction. Sin
>ce the
>source code is open, anyone so inclined, could create a virus to exploit 
>the
>software without much difficulty. This ability to introduce a virus or ot
>her
>malicious code to the system can have the effect of bringing the system "
>down"
>and possible data loss or corruption."
>===========

Here they are confusing 'the software is open source' with 'we have
to install it on our system in a way that anybody can modify it'.  This
is simply not true.  So, if some cracker find a way to replace parts
of your python with his or her own files -- yes, that is a problem.
But it is a worse problem for Microsoft, because most of the people
who do this are brainless fools who download a 'cracking kit' and 
do whatever it says, and most cracking kits are for Windows.  Once
you have an operating system that will install whatever the cracker wants
wherever he or she likes, you have a severe problem.  But this is not
a Python problem, either.

The university here, where this is a severe problem, just reinstalls
all the system software every week, or 3 days on systems that have
proven to be regularly cracked.


>Also included in the email was information from the American Bar Associat
>ion
>at: <http://www.abanet.org/intelprop/opensource.html>
>
>Any thoughts from you folks? Do they have any truly valid points? Perhaps
> a
>"Live CD" is my best (only?) option.

This is the standard 'why open source is evil' misinformed rant.  Most
people who say this do not actually believe it.  It is just a club to
beat people like you with so they can continue to have things the way
they like it.  You are supposed to believe them and go away.

Good luck,
Laura Creighton

>
>Many thanks again,
>Frank Noschese
>John Jay High School
>Cross River, NY
>_______________________________________________
>Edu-sig mailing list
>Ed...@py...
>http://mail.python.org/mailman/listinfo/edu-sig

[Visualpython-users] Re: [Edu-sig] UPDATE: High School Network Security

[bill p. <pa...@ex...>]

The other day I came across a discussion of the Brazil government efforts to
mandate open source.

Here is one news brief
http://msnbc.msn.com/id/7220913/
covering MIT's recommendation to the Brazil government endorsing open source.
This is probably something to follow in the educational field as there will
certainly be a lot of concrete experience with open source from this process.
You can Google for more examples.

regards,

bill p



Laura Creighton wrote:

> They just hate Open Source.  And they are unwilling to examine projects
> on a case-by-case basis.
>
> In a message of Mon, 16 May 2005 11:00:27 PDT, Frank Noschese writes:
> >Hello again,
> >
> >Thanks to everyone that gave input to my Vpython installation roadblock.
> >Like
> >Arthur said, this is not a situation which will be fixed by a little
> >"education." I asked the tech coordinator to outline the reasons why inst
> >alling
> >open source is not in the school's best interest. Here is the reply:
> >
> >=======
> >"In Reference to our ticket #313, there are a number of reasons why we (t
> >he
> >technical team) decided that it would not be in keeping with the "best
> >practices" of the district to install open source software on the distric
> >ts
> >computers and network. Four key reasons are as follows:
> >
> >1) Lack of technical support from the 'vendor'. Since most open source so
> >ftware
> >is provided 'free' and is not maintained by a central vendor, technical s
> >upport
> >is limited if not non existent. With this lack of technical support of th
> >e
> >software products in question, we have no way of getting help when the so
> >ftware
> >has a problem or is the cause of problems with the network.
>
> This is, of course, not true for Python.  If you want a support license,
> you can talk to, among others, ActiveState.  Actually, my experience with
> open and closed source products is that the Open Source developers are
> more responsive to bug reports.  Closed source places have to justify
> the time spent on a bug fix with the revenue it generates. Unless you are
> an _important_ customer, you can wait a long time.
>
> >
> >2) Product testing was another reason. Since there are so many contributo
> >rs to
> >open source software, in many cases, the software is not tested for
> >compatibility and stability. As such, there is no level of expectation th
> >at the
> >product will function as stated. Further more, with the limited testing o
> >f the
> >software, we have no idea of what problems or ill effects the software ma
> >y have
> >on the computers and network.
>
> Python is well tested.
>
> >
> >3) Legal issues. According to the American Bar Association, Contributors
> >do not
> >vouch for the cleanliness of the code they contribute to the project; in
> >fact,
> >the opposite is true -- the standard open source license is designed to b
> >e very
> >protective of the contributor. The typical license form does not include
> >any
> >intellectual property representations, warranties or indemnities in favor
> > of
> >the licensee; it contains a broad disclaimer of all warranties that benef
> >its
> >the licensor/contributors. Seeing in that there is no way for us to verif
> >y that
> >the code that contributors are adding is there own, we may be opening up
> >the
> >district to legal actions should the software or portions there of are
> >copyrighted and being used illegally or improperly. See attachment for mo
> >re
> >detail...
>
> This is misleading. Python contributers state that they have the right
> to contribute this code (ie it is their's or their company's and they
> have the right to represent their company). According to our lawyers,
> no amount of ABA sanctioned yapping about indemnification will do
> anybody a piece of good if some third party wakes up one day and says
> that the python langauge is in violation of their patent.  In this
> case, the contributor, the Python Software Foundation, and all the
> Python users will all be sitting on one side of the fence, as some
> jerk -- usually a corporation -- tries to extort money out of us.
> This could happen.  However, this is merely a reflection of why patents
> are bad for software, and this could happen should you use a piece of
> closed source software that somebody claims violates their patent as well.
>
> >
> >4) Security of the "system." Since in most cases, anyone can obtain a cop
> >y of
> >the source code of the software (OPEN SOURCE), we are running the risk of
> > a
> >user being able to modify the software on the network and manipulated it
> >in
> >such a manor to produce undesired effects. Since we have to look out for
> >the
> >stability and security of the network, this was viewed as a possible secu
> >rity
> >issue. Another security concern is the ability of virus introduction. Sin
> >ce the
> >source code is open, anyone so inclined, could create a virus to exploit
> >the
> >software without much difficulty. This ability to introduce a virus or ot
> >her
> >malicious code to the system can have the effect of bringing the system "
> >down"
> >and possible data loss or corruption."
> >===========
>
> Here they are confusing 'the software is open source' with 'we have
> to install it on our system in a way that anybody can modify it'.  This
> is simply not true.  So, if some cracker find a way to replace parts
> of your python with his or her own files -- yes, that is a problem.
> But it is a worse problem for Microsoft, because most of the people
> who do this are brainless fools who download a 'cracking kit' and
> do whatever it says, and most cracking kits are for Windows.  Once
> you have an operating system that will install whatever the cracker wants
> wherever he or she likes, you have a severe problem.  But this is not
> a Python problem, either.
>
> The university here, where this is a severe problem, just reinstalls
> all the system software every week, or 3 days on systems that have
> proven to be regularly cracked.
>
> >Also included in the email was information from the American Bar Associat
> >ion
> >at: <http://www.abanet.org/intelprop/opensource.html>
> >
> >Any thoughts from you folks? Do they have any truly valid points? Perhaps
> > a
> >"Live CD" is my best (only?) option.
>
> This is the standard 'why open source is evil' misinformed rant.  Most
> people who say this do not actually believe it.  It is just a club to
> beat people like you with so they can continue to have things the way
> they like it.  You are supposed to believe them and go away.
>
> Good luck,
> Laura Creighton
>
> >
> >Many thanks again,
> >Frank Noschese
> >John Jay High School
> >Cross River, NY
> >_______________________________________________
> >Edu-sig mailing list
> >Ed...@py...
> >http://mail.python.org/mailman/listinfo/edu-sig
> _______________________________________________
> Edu-sig mailing list
> Ed...@py...
> http://mail.python.org/mailman/listinfo/edu-sig

[Visualpython-users] instructions for installing vpython on Mac OS 10.4 (Tiger)

[Aaron T. <ti...@ma...>]

I assume that a binary installation of Fink will be made available  
for Mac OS 10.4 soon. However, for those who would like to install  
VPython right away, here are instructions for doing so:



Note:  the following instructions are for installing VPython on Mac  
OS 10.4 (Tiger) using Fink 0.7.1. You will compile Fink and visual- 
py23, with its dependencies, from source. Installing the visual-py23  
package, which depends on gcc3.1 and python23, took approximately 3  
hours on my Titanium PowerBook G4.

1. Follow the instructions for "users of the unstable tree" at http:// 
fink.sourceforge.net/ under the heading "News 2005-04-29: Fink and  
Tiger". Use a Terminal shell for typing your commands.

Note that I followed the instructions for "users of the unstable  
tree" and did not "bootstrap" an installation of Fink; though you may  
be able to bootstrap Fink as well.

Note that when running "Fink selfupdate," it will ask:

"This fink version introduces new settings stored in the fink  
configuration file '/sw/etc/fink.conf'. You should rerun the  
configuration process. Do you want to configure now?"

The default is "N"; however, you should answer "y". Answering "N"  
will give the following error:

"Please remember to call 'fink configure' later!

done.

Re-executing fink to use the new version...
Failed: no matching version found for gettext"

Use default responses for all other questions.

2. Using Fink Commander, install the visual-py23 package from source.  
If you do not use Fink Commander, type the command "fink install  
visual-py23" in a Terminal shell.

3. To run vpython scripts from a Terminal shell, you will have to  
link /usr/bin/python to /sw/bin/python23 using the following commands:

     sudo rm /usr/bin/python
     sudo ln -s /sw/bin/python23 /usr/bin/python



Thanks again, Martin, for your help :-)

Aaron

[Visualpython-users] NY High School python ban - workarounds

[Donald_Gaffney <ga...@ph...>]

Hi all,

The high school nonsense regarding open source software has been well covered.

If you're interested in considering work-arounds, you might try running vpython
off of CDROM; I'm not positive this works, but it seems like such a thing was
reported here recently complete with an autorun.ini.

If you can boot off of CDROM you're in even better shape since you can run any
number of "Live CD" linux distros. If you *can* actually run a bootable cd in
your labs, your admins should either be replaced, vigorously retrained, or
graciously thanked.

While there are a number of technical remedies for locking down Windows 2000/XP
workstations, I think the most effective tool is the school's "acceptable use"
policy. If a user damages a system with malicious intent they should, without
exception, face the full brunt of your disciplinary code and possible criminal
prosecution. To that "stick", you add the "carrot" of educating, stimulating and
rewarding the most clever hackers/gamers/etc. With a clear policy and early
identification of talented/problem students there ought to be little trouble
with even a fully open lab. Of course, I've only applied these principles to
college students, maybe high school students are more difficult. 

Don

[Visualpython-users] Mac OSX 10.4

[Bruce S. <Bru...@nc...>]

Aaron Titus has written up detailed instructions on how to compile and 
install VPython on Mac OSX 10.4, and these are now posted on the Mac 
download page at vpython.org. Thanks, Aaron! Here is what he says:

     The following instructions are for installing VPython on Mac OS 
10.4 (Tiger) using Fink 0.7.1. You will compile Fink and visual-py23, 
with its dependencies, from source. Installing the visual-py23 package, 
which depends on gcc3.1 and python23, took approximately 3 hours on my 
Titanium PowerBook G4.

     1. Follow the instructions for "users of the unstable tree" at 
http:// fink.sourceforge.net/ under the heading "News 2005-04-29: Fink 
and Tiger". Use a Terminal shell for typing your commands.

     Note that I followed the instructions for "users of the unstable 
tree" and did not "bootstrap" an installation of Fink, though you may be 
able to bootstrap Fink as well. When running "Fink selfupdate," it will ask:

     "This fink version introduces new settings stored in the fink 
configuration file '/sw/etc/fink.conf'. You should rerun the 
configuration process. Do you want to configure now?" The default is 
"N"; however, you should answer "y". Answering "N" will give the 
following error:

         "Please remember to call 'fink configure' later!

         done.

         Re-executing fink to use the new version...
         Failed: no matching version found for gettext"

     Use default responses for all other questions.

     2. Using Fink Commander, install the visual-py23 package from 
source. If you do not use Fink Commander, type the command "fink install 
visual-py23" in a Terminal shell.

     3. To run vpython scripts from a Terminal shell, you will have to 
link /usr/bin/python to /sw/bin/python23 using the following commands:

         sudo rm /usr/bin/python
         sudo ln -s /sw/bin/python23 /usr/bin/python

     Now you can run a vpython program using "python myvpythonprogram".

Re: [Visualpython-users] High School Network Security [OT]

[Gary <pa...@in...>]

Anton Sherwood wrote:

> Bruce Sherwood wrote:
>
>> The comment that they might confuse "open source" with "freeware"
>> seems a highly likely explanation. In principle, open source software
>> could be MORE secure than commercial software, because it is
>> inspectable.
>
>
> More precisely or at least more explicitly, with a well publicized 
> open-source tool you can have more confidence that the algorithm is 
> sound and that there are no backdoors.
>
> Bruce Schneier's security newsletter frequently pillories products 
> that use secret encryption techniques, on the grounds that to do 
> cryptography well is a lot harder than amateurs think, and you can't 
> know a defense's strength until the professionals have attacked it.  
> (see also http://en.wikipedia.org/wiki/Kerckhoffs%27_law)  When one of 
> the standard techniques is cracked, it's big news; when someone's 
> secret proprietary technique is cracked, you won't know it until a 
> company that relied on it goes under. ;)  The principle applies more 
> generally than to encryption, of course.
>
In Steven Strogatz'  book "Sync" he relates a story about how he (or was 
it a colleague) discovered a way to use chaos to encrypt data during 
transmission.  He couldn't imagine breaking the code. He got very 
excited and began to dream about fame and fortune.   Encryption experts 
were not as excited.   Of course, the experts cracked it fairly easily.

RE: [Visualpython-users] High School Network Security

[Arthur <ajs...@op...>]

> -----Original Message-----
> From: vis...@li... [mailto:visualpython-
> use...@li...] On Behalf Of Bruce Sherwood
> Sent: Sunday, May 15, 2005 9:50 AM
> To: vis...@li...
> Subject: Re: [Visualpython-users] High School Network Security
> 
> The comment that they might confuse "open source" with "freeware" seems
> a highly likely explanation. 

I wouldn't let them off the hook that easy.  Linux, BSD, Python, VPython
could all be considered "freeware", by the simple fact that they are in fact
free. 

It is nonetheless confused (because it is outside of their experience) that
ten of thousands of man-hours of effort by folks of unique abilities are
available without the need to pay for it.  I think that at least some of the
people who directed their intellectual energies into these kinds of efforts
were motivated at least in part by the hope of creating this kind of
confusion. It is a worthy bit of confusion.

But comes along the phenomena of unintended consequences:

Within the bureaucracy the approval process is attached to the procurement
process, so where there is need for procurement there is no possibility for
approval.

Catch 43.

Art 

Re: [Visualpython-users] High School Network Security

[Anton S. <br...@po...>]

Bruce Sherwood wrote:
> The comment that they might confuse "open source" with "freeware"
> seems a highly likely explanation. In principle, open source software
> could be MORE secure than commercial software, because it is
> inspectable.

More precisely or at least more explicitly, with a well publicized 
open-source tool you can have more confidence that the algorithm is 
sound and that there are no backdoors.

Bruce Schneier's security newsletter frequently pillories products that 
use secret encryption techniques, on the grounds that to do cryptography 
well is a lot harder than amateurs think, and you can't know a defense's 
strength until the professionals have attacked it.  (see also 
http://en.wikipedia.org/wiki/Kerckhoffs%27_law)  When one of the 
standard techniques is cracked, it's big news; when someone's secret 
proprietary technique is cracked, you won't know it until a company that 
relied on it goes under. ;)  The principle applies more generally than 
to encryption, of course.

-- 
Anton Sherwood, http://www.ogre.nu/

[Visualpython-users] Released: VPython 3.2.1

[Jonathan B. <jbr...@ea...>]

This is a bugfix-only release that fixes an undefined reference error
present in 3.2.0.  Only the source packages are affected.

-Jonathan

Re: [Visualpython-users] High School Network Security

[Gary <pa...@in...>]

Bruce Sherwood wrote:

> The comment that they might confuse "open source" with "freeware" 
> seems a highly likely explanation. In principle, open source software 
> could be MORE secure than commercial software, because it is inspectable.
>
> On the other hand, it is all too common for IT people to get in the 
> way of education. It is easier for them to say "no" to everything than 
> to support valid educational innovation. Sometimes this is due to 
> valid concerns about security, but often it is just a knee-jerk 
> reaction to anything new. 

Having spent nearly twenty years as an industrial physicist before 
switching to academe, I can testify that the situation is just as bad, 
I'd say worse, in industry. 

Re: [Visualpython-users] more info on installing vpython on Mac OS 10.4

[Martin C. <cos...@wa...>]

Aaron Titus wrote:
> Martin,
> 
> I have gcc version 4.0.0. Since I get the error "Failed: Can't  resolve 
> dependency "gcc3.1" for package "visual-py23-2.1.9-6" (no  matching 
> packages/versions found)" when installing from the source, I  assume 
> that the problem is that I don't have gcc3.1.
> 
> Is there a way to tell Fink to use gcc 4.0.0 instead of 3.1?

No. While I haven't made special tests about this right now, I am 
convinced that the old problem that some parts of vpython (of that 
version at least) needed to be compiled with gcc-3.1 still exists.

On OSX <= 10.3 you had a gcc3.1.pkg from the developer tools disk which 
was recognized by Fink as a virtual Fink package. On 10.4, there is a 
real Fink package for gcc-3.1. The fact that you don't see this is one 
of the reasons why I said that your Fink installation is not the one 
needed for 10.4.

-- 
Martin

Re: [Visualpython-users] High School Network Security

[Bruce S. <Bru...@nc...>]

The comment that they might confuse "open source" with "freeware" seems 
a highly likely explanation. In principle, open source software could be 
MORE secure than commercial software, because it is inspectable.

On the other hand, it is all too common for IT people to get in the way 
of education. It is easier for them to say "no" to everything than to 
support valid educational innovation. Sometimes this is due to valid 
concerns about security, but often it is just a knee-jerk reaction to 
anything new.

Last year I heard a very interesting talk by Paul Dubois, who led the 
development of the Numeric module for Python, in which he argued that 
all computational science (e.g. computational physics) should be carried 
out using open source software because it is inspectable. Only in that 
environment can other scientists fully critique algorithms, look for 
flaws, etc.

Bruce Sherwood

FRANCESCO NOSCHESE wrote:
> Hello everyone,
> 
> I am a high school physics teacher who is planning post-AP exam student 
> projects using VPython.  However, my school refuses to allow Python and 
> VPython to be installed on the school's network because it is open 
> source.
> 
> Here's the reply from the technology coodinator at my school:
> 
> "Our technology team discussed your request to install VPython on the 
> network/lab at our May 4th meeting and all agreed that it is not good 
> practice to install open source software on the school computer systems.  
> We have conferred with LHRIC and a random sampling of other districts and 
> all agree it is not in the district's best interest to do so, even thought 
> there is no doubt your intended goal is worthy."
> 
> [LHRIC is a technology-oriented consortium of local school districts 
> <http://www.lhric.org>]
> 
> Is this really a problem?  What are the risks?  Is there any way to 
> prevent student misuse of Python?  How can I make a case to allow Python 
> in school?
> 
> FYI, we have a Novell Zenworks network for XP and Win98 machines.  We also 
> have Citrix in XP.
> 
> Many thanks in advance for all your help.
> 
> Frank Noschese
> Physics Teacher
> John Jay High School
> Cross River, NY
> 
> fno...@kl...
> *****************************
> Frank Noschese
> Physics Teacher
> 
> John Jay High School
> Cross River, NY
> 
> fno...@kl...
> voicemail: (914) 763-7384
> *****************************
> 
> 
> 
> 
> 
> -------------------------------------------------------
> This SF.Net email is sponsored by Oracle Space Sweepstakes
> Want to be the first software developer in space?
> Enter now for the Oracle Space Sweepstakes!
> http://ads.osdn.com/?ad_ids93&alloc_id281&op=click
> _______________________________________________
> Visualpython-users mailing list
> Vis...@li...
> https://lists.sourceforge.net/lists/listinfo/visualpython-users

Re: [Visualpython-users] vpython fink package for Mac OSX 10.4

[Martin C. <cos...@wa...>]

Aaron Titus wrote:
> When I install from source, I get the error:
> 
> "Failed: Can't resolve dependency "gcc3.1" for package "visual- 
> py23-2.1.9-6" (no matching packages/versions found)"
> 
> When I install the binary, I get the error:
> 
> Reading Package Lists...
> Building Dependency Tree...
> You might want to run `apt-get -f install' to correct these:
> Sorry, but the following packages have unmet dependencies:
>   storable-pm: Depends: storable-pm560 but it is not installable.  For 

Did you follow the instructions on the Fink home page for upgrading to 
Mac OSX 10.4? The package versions you are showing are those for 10.3. 
Your best bet at the moment for upgrading (or installing a fresh Fink) 
is to follow the instructions for the "stable" tree (keyword 
"bootstrap"). Once this is running, you can activate the unstable tree 
and install packages from there, but this is not necessary for the 
version of vpython in Fink. It is the same in stable and unstable.

If you are more adventurous, you can try to get from the mixture of old 
and new that you have now to a working 10.4 installation by running 
"fink selfupdate" at least twice. Then "fink install visual-py23".

Note that for all of this you need the XTools developer tools installed. 
Precompiled binaries for 10.4 do not yet exist. They are being prepared 
right now, but this will still take a while.

I am planning to upgrade the vpython Fink package for 10.4 to a more 
recent version, but I am not yet quite there.

-- 
Martin


-- 
Martin

[Visualpython-users] more info on installing vpython on Mac OS 10.4

[Aaron T. <ti...@ma...>]

Martin,

I have gcc version 4.0.0. Since I get the error "Failed: Can't  
resolve dependency "gcc3.1" for package "visual-py23-2.1.9-6" (no  
matching packages/versions found)" when installing from the source, I  
assume that the problem is that I don't have gcc3.1.

Is there a way to tell Fink to use gcc 4.0.0 instead of 3.1?

I'm pretty sure this is the problem.

Thank you for everything you do to support vpython on the Mac!

Aaron

Re: [Visualpython-users] vpython fink package for Mac OSX 10.4

[Aaron T. <ti...@ma...>]

When I install from source, I get the error:

"Failed: Can't resolve dependency "gcc3.1" for package "visual- 
py23-2.1.9-6" (no matching packages/versions found)"

When I install the binary, I get the error:

Reading Package Lists...
Building Dependency Tree...
You might want to run `apt-get -f install' to correct these:
Sorry, but the following packages have unmet dependencies:
   storable-pm: Depends: storable-pm560 but it is not installable.  
For Fink users, this often means that you have attempted to install a  
package from the binary distribution which depends on a "Restrictive"  
package. See <http://fink.sourceforge.net/faq/usage- 
fink.php#bindist>, <http://fink.sourceforge.net/doc/users-guide/ 
packages.php#bin-exceptions> or
                         storable-pm561 but it is not installable.  
For Fink users, this often means that you have attempted to install a  
package from the binary distribution which depends on a "Restrictive"  
package. See <http://fink.sourceforge.net/faq/usage- 
fink.php#bindist>, <http://fink.sourceforge.net/doc/users-guide/ 
packages.php#bin-exceptions> or
                         perl580-core but it is not installable. For  
Fink users, this often means that you have attempted to install a  
package from the binary distribution which depends on a "Restrictive"  
package. See <http://fink.sourceforge.net/faq/usage- 
fink.php#bindist>, <http://fink.sourceforge.net/doc/users-guide/ 
packages.php#bin-exceptions> or
                         perl581-core but it is not installable. For  
Fink users, this often means that you have attempted to install a  
package from the binary distribution which depends on a "Restrictive"  
package. See <http://fink.sourceforge.net/faq/usage- 
fink.php#bindist>, <http://fink.sourceforge.net/doc/users-guide/ 
packages.php#bin-exceptions> or
                         perl584-core but it is not installable. For  
Fink users, this often means that you have attempted to install a  
package from the binary distribution which depends on a "Restrictive"  
package. See <http://fink.sourceforge.net/faq/usage- 
fink.php#bindist>, <http://fink.sourceforge.net/doc/users-guide/ 
packages.php#bin-exceptions>
   visual-py23: Depends: gtk+-shlibs but it is not going to be installed
                Depends: python23 but it is not going to be installed
                Depends: numeric-py23 but it is not going to be  
installed
E: Unmet dependencies. Try 'apt-get -f install' with no packages (or  
specify a solution).


I installed x11 and xcode (developer tools) when I installed the OS.  
I'm using Fink Commander.

Aaron


On May 15, 2005, at 3:17 AM, Martin Costabel wrote:

> Aaron Titus wrote:
>
>> Martin,
>> I upgraded to Tiger (OS 10.4). I just installed Fink and Fink   
>> Commander. However, I couldn't install the visual-py23 package. I  
>> got  an error regarding dependencies.
>> Have you tried to install VPython using Tiger?
>>
>
> Yes, it builds here without problem. What error do you get?
>
> -- 
> Martin
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by Oracle Space Sweepstakes
> Want to be the first software developer in space?
> Enter now for the Oracle Space Sweepstakes!
> http://ads.osdn.com/?ad_id=7393&alloc_id=16281&op=click
> _______________________________________________
> Visualpython-users mailing list
> Vis...@li...
> https://lists.sourceforge.net/lists/listinfo/visualpython-users
>

Re: [Visualpython-users] vpython fink package for Mac OSX 10.4

[Martin C. <cos...@wa...>]

Aaron Titus wrote:
> Martin,
> 
> I upgraded to Tiger (OS 10.4). I just installed Fink and Fink  
> Commander. However, I couldn't install the visual-py23 package. I got  
> an error regarding dependencies.
> 
> Have you tried to install VPython using Tiger?

Yes, it builds here without problem. What error do you get?

-- 
Martin

[Visualpython-users] vpython fink package for Mac OSX 10.4

[Aaron T. <ti...@ma...>]

Martin,

I upgraded to Tiger (OS 10.4). I just installed Fink and Fink  
Commander. However, I couldn't install the visual-py23 package. I got  
an error regarding dependencies.

Have you tried to install VPython using Tiger?

Aaron

On Jan 25, 2004, at 7:35 PM, Martin Costabel wrote:
>
> OK guys, I have put the visual-py23 package into the Fink 10.3/ 
> unstable and 10.2-gcc3.3/unstable trees (Yes, 10.2-gcc3.3, although  
> the package requires to be built with gcc-3.1, but the old 10.2  
> tree is not supported any more). They should show up on the next  
> selfupdate soon. I let you in the later timezones give them a hard  
> time while I sleep (1:30 am here now).
>
> -- 
> Martin
>

Re: [Visualpython-users] High School Network Security

[Anton S. <br...@po...>]

Arthur wrote:
> Would they be interested in knowing [...]
> that many of the most locked down systems in
> the world are running Open Source operating systems?

Indeed .. A friend of mine used to be phone support for a company that 
sold a high-security version of Apache, and said its customers included 
a number of military bases.  (The company was bought by Red Hat.  I 
don't know whether it still operates; my friend has moved on.)

-- 
Anton Sherwood, http://www.ogre.nu/

Re: [Visualpython-users] High School Network Security

[Jacob S. <ke...@ja...>]

> FRANCESCO NOSCHESE wrote:
>
>>Hello everyone,
>>
>>I am a high school physics teacher who is planning post-AP exam student 
>>projects using VPython.  However, my school refuses to allow Python and 
>>VPython to be installed on the school's network because it is open source.
>>
>>Here's the reply from the technology coodinator at my school:
>>
>>"Our technology team discussed your request to install VPython on the 
>>network/lab at our May 4th meeting and all agreed that it is not good 
>>practice to install open source software on the school computer systems. 
>>We have conferred with LHRIC and a random sampling of other districts and 
>>all agree it is not in the district's best interest to do so, even thought 
>>there is no doubt your intended goal is worthy."
>>
> I wonder if there is a commuincation gap.  You said "open source". 
> Perhaps what they *heard* was "freeware".
>
> Or an understanding gap:  open source = freeware.
>
> If so, one would hope that a delicately worded education would solve the 
> problem.  But we've all run into IT people who enjoy a rather feudal 
> approach to management.  Keep us posted with details.  Perhaps we can help 
> make your argument.
>

Yeah, it would be just like schools to refuse anything free if they can 
spend their tax dollar budget on expense programs that don't work half as 
well as the free things.

OT  rant

My school just recently signed up for a thing on the internet called 
teenbiz3000.  It's supposed to be an internet thing that is perfectly 
controlled by the teachers and can be tracked completely.  All it is is just 
an online email program and some games, all geared towards making us better 
readers.  In high school!!   This was supposed to be taken care of in first 
and second grade.  I also learned from the teacher that the school paid 
through the nose to get access to this thing.  I have seen it first hand and 
I don't like it.  I don't believe it works.  What are they paying the first 
and second grade teachers for if not to teach kids to read?  What happened? 
When did they start throwing money needlessly and foolishly around?

end rant

Jacob 

Re: [Visualpython-users] High School Network Security

[Jon S. <js...@di...>]

Show them this article: 
http://news.zdnet.com/2100-3513_22-5704750.html?tag=nl.e589
Firefox may be one open-source app they actually recognize....

IBM backs Firefox in-house
By Martin LaMonica, CNET News.com
Published on ZDNet News: May 12, 2005, 9:00 PM PT
IBM is encouraging its employees to use Firefox, aiding the open-source 
Web browser's quest to chip away at Microsoft's Internet Explorer...



> FRANCESCO NOSCHESE wrote:
>
>> Hello everyone,
>>
>> I am a high school physics teacher who is planning post-AP exam 
>> student projects using VPython.  However, my school refuses to allow 
>> Python and VPython to be installed on the school's network because it 
>> is open source.
>>
>> Here's the reply from the technology coodinator at my school:
>>
>> "Our technology team discussed your request to install VPython on the 
>> network/lab at our May 4th meeting and all agreed that it is not good 
>> practice to install open source software on the school computer 
>> systems.  We have conferred with LHRIC and a random sampling of other 
>> districts and all agree it is not in the district's best interest to 
>> do so, even thought there is no doubt your intended goal is worthy."
>>
> I wonder if there is a commuincation gap.  You said "open source".  
> Perhaps what they *heard* was "freeware".
>
> Or an understanding gap:  open source = freeware.
>
> If so, one would hope that a delicately worded education would solve 
> the problem.  But we've all run into IT people who enjoy a rather 
> feudal approach to management.  Keep us posted with details.  Perhaps 
> we can help make your argument.
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by Oracle Space Sweepstakes
> Want to be the first software developer in space?
> Enter now for the Oracle Space Sweepstakes!
> http://ads.osdn.com/?ad_id=7393&alloc_id=16281&op=click
> _______________________________________________
> Visualpython-users mailing list
> Vis...@li...
> https://lists.sourceforge.net/lists/listinfo/visualpython-users
>
>
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Jon Schull, Ph.D.
Associate Professor
Information Technology
Rochester Institute of Technology
102 Lomb Memorial Drive
Rochester, New York 14623
sc...@di... 585-738-6696