avatar tianjara.net | blog icon Andrew Harvey's Blog

A Response to the DET Student Laptop Plan after reading the Tender
20th February 2009

I recently wrote an article about the Government’s Draft Consultation Paper on “Digital Economy Future Directions”. The paper brought up the concept of "media literacy". Well as I said this comes with experience and interacting with media. Today (actually a week ago because I took so long to write this post) I have myself learnt something about media literacy. You see there had been a lot of talk about the Government's plan for laptops in schools in the media. I even commented on this in a post here. What I failed to do was investigate and make judgements properly. I read the news web sites and that was it. But now once I've read the governments media release and the actual tender (zip) I get a totally different view of the situation that makes a lot of my previous arguments invalid.

The tender document goes into a lot of detail and explains things a lot better that the other media outlets that I originally got my information from. The document states,

"Typically, DET takes responsibility for the lifecycle of the standard access computers in its system, rather than assigning the machines to individual users. Inevitably, this leads to higher costs, as users feel no particular responsibility for any specific machine. This cannot work for the learning device – the machine will be the responsibility of the student or teacher to whom it is provided, and therefore attractiveness and a sense of ownership are important. In turn, this will only work if the machine provides a compelling ICT experience."

I find it hard to see how the machine can provide a compelling ICT experience when it is a) locked down in its functionality and ability to install other software (as noted in the tender), and b) DET's internet access is severely over-regulated. The tender also says,

"For example, it is likely that the machines will need to be turned on and off many times during the school day – so “near instant on” will be a requirement. A student cannot afford to wait several minutes for the device to prepare itself for use – that is to say, DET will require a device that returns itself to a “ready state” within five seconds."

And then it talks about user security,

"It is very important that possession of the device does not put children or other users at hazard of being a target of theft. To mitigate this risk, the device needs to be locked to the DET network, only allowing access to internet services via DET's network infrastructure (either from within the school or from any other location). The machine will not work unless the user has a DET username and password. Vendors are invited to propose additional features that would improve the security of the device, either in hardware or software. These might include, but not be restricted to:
  • reporting the device's identity and use to the DET network when it connects to any network
  • the device may be programmed to be unusable after a certain number of off-network sessions (that is, the device needs to authenticate to a DET directory once in every, say, five sessions, with the ability to adjust the grace period for holidays or special cases)"

In my original argument this was one of my main criticisms. But I should understand that there is nothing they can do to prevent theft entirely, and even then some things do fall outside their scope. The above extract from the tender details that low risk can be possible if these measures are built into the hardware, because if not then wiping the hard drive would remove any software protection measures. However it only just occured to me that they may use solid state drives (in fact latter on in the tender it says "The device must have no removable parts, other than the battery", and then "...DET wishes to move to a fully solid state design...") which I'm guessing would be difficult to "flash" with new data. This will not eliminate the value of these items to criminals but it would probably decrease enough not to be a big issue.

At the end of the day they will need to provide some backdoor to flash the device. If you secure the machine so much that other operating systems cannot be installed, what if there is a virus or whatnot that renders them useless. They would be foolish to provide no means to flash the machines.

All extracts and quotes have been used in accordance with the Copyright Act 1968 (Cth) for the purposes of criticism, review and the reporting of news.

Tags: det.