Public Kiosk Software Cracking

I have a project on the table right now. I work at a city and we are working on setting up a computer lab for students to use. This will be mainly for homework but they also want to use the computers for a science lab(So I'm guessing Mathematica at least) and potentially games. I am looking into solutions both for the computer and for security. We are going between using thin/zero clients like NComputing, or setting up desktops. Which would be better.

It will be a lab for homework first but they may request more. Second will be security.

Public Kiosk Software Cracking Mac

We would like to have a login account per computer. We know for a fact that these computers cannot be on the city AD domain. So is there any way to manage them in an internal network?

We are considering both having them use the City network, or getting them their own internet connection. Is the cost worth having them on their own network?

Thanks Spiceheads. Zazathebassist wrote: I have a project on the table right now. I work at a city and we are working on setting up a computer lab for students to use.

This will be mainly for homework but they also want to use the computers for a science lab(So I'm guessing Mathematica at least) and potentially games. I am looking into solutions both for the computer and for security. We are going between using thin/zero clients like NComputing, or setting up desktops.

Which would be better. It will be a lab for homework first but they may request more. Second will be security.

We would like to have a login account per computer. We know for a fact that these computers cannot be on the city AD domain. So is there any way to manage them in an internal network? We are considering both having them use the City network, or getting them their own internet connection. Is the cost worth having them on their own network? Thanks Spiceheads The links from Jimmy T are great.

Your solution will really depend on how much access you want to provide users. If you want them to be restricted in their activities and browsing, you will need more of a kiosk software solution. If you want them to be able to use programs that are not browser-based, you'll find that Deep Freeze or Restore Reboot RX would protect the device without restricting access. KioWare for Windows has an easy set up and works to secure your OS - it supports the Chrome Browser (built on Chromium) and there is an original KioWare (Classic) for Windows built on IE. You can limit your device to accessing only the allowed websites and browser based applications. It clears private data between sessions, and protects from unauthorized access and malicious behavior. I've tagged others who may want to chime in here.

As for networked, as long as you are restricting access using kiosk software, there's no reason to have them on a separate network. 'It Depends.' Would model the setup to how the local library configures general use, patron computers. Number of computers would be good to know (e.g., 10 stations is much different than 1,000 stations). Borrowing from an existing VDI infrastructure would be good, if only to tap into those admins' on-hand expertise. Wrote.looking into a way to either make these kiosks or setup something like Faronics DeepFreeze or Computer Restore Rx. DeepFreeze in particular has been a de facto standard for elementary schools.

Zazathebassist wrote.want to use the computers for a science lab(So I'm guessing Mathematica at least).Not sure how that thought immediately jumped to the professional grade Mathematica. Hey zaza, You've gotten some great advice from people so far already. I'm just here to say if you do decide to check out Reboot Restore Rx or our other software Drive Vaccine, then I'm here to answer any questions you may have about them. As Laura mentioned (thanks Laura!), we're not a restrictive software. We're more about ensuring the drive has a safe state to load into that undoes what the previous user did.

If you need to lockdown, etc., then kiosk might be more your thing! In the end I'd recommend testing 'em all out to see what suits you best. Zazathebassist wrote: We are looking into setting up about 10 computers. I like the Deep Freeze solution.

We don't quite know the scope of the lab, it feels like it's one of those projects where they find out something can be done and immediately want it. As for Mathematica, it's just what I'm familiar with. I wasn't expecting exactly that, it was an example. Feel free to reach out if you have any questions - we a number of products that we can use in this type of situation. Some are completely non-restrictive, others can lock the machine down into a kiosk configuration, and some straddle the middle line.

Personally I would look at running Deep Freeze to keep the configuration 'fresh' and then look at our Anti-Executable to prevent unauthorized applications from running. Obviously you would still need a AV solution (we have one as well), and if you don't have a domain you might want to look at a kiosk application like WINSelect or KioWare to restrict where users can go on the machine. As suggested the best thing we can suggest is for you to give them a try. If you wanted to drop me a PM with your contact information we can get whatever you would like in place for a trial, and as I said earlier - any questions just let us know! Laura from KioWare tagged me on this one, thanks this is right up my alley! I have worked everything from one off labs to prison schools to standard classrooms. The first thing everyone setting up a lab seems to miss is the room layout.

You will solve 95-98% of all issues simply arranging the room so all screens can be seen by the instructor at all times without moving. The picture above shows the error quite clearly, in that arrangement the instructor standing at any point can see less than 50% of the screen activity at any time. Even systems like LanSchool have big limits, they are useful but if a room monitor leaves their station you will have the problem. Lay out the room so all screens can be seen by the instructor and other students all the time.

Less problems when the user does not know who or how many are looking at any time. From here is is what OS do you want to use? If your stuck with Windows then several of the suggestions above are pretty good. The kiosk type setup will save you a lot of headaches and will be easier to setup and manage. For the background systems look at 'Internet Cafe' type setup for your system. You can assign single use passwords for the user for the day and several other options. Once the password has expired they cannot get in without being issued another one.

If you can go Linux I would still suggest the 'Internet Cafe' type setup. Several options on this one, just Google it. I would suggest setting up a stand-alone system with a proxy/filtering system in between your network and any others. This means your own DHCP/DNS system and a proxy system. Easy to do with many Linux distros even if you use Windows clients. With the kiosk type setup AD is not really needed.

The proxy will separate your students from any other network connectivity you have so less security issues with your neighbors! It sounds like you are doing this for a library.

My personal preference would be traditional desktop computers (unless you have an existing VDI environment, otherwise its too much of a hassle for only 10 endpoints) with two accounts configured. One admin account and a user account that is locked down thru local security policy. I would also recommend putting these on a separate VLAN/Subnet with its own DHCP server (you could use an existing with an ip-helper command and an additional DHCP subnet configured, but thats a potential security risk) and using ACL's to prevent these machines from talking to your other endpoints on the city network, but allowing them access to the internet at the same time. Also, make sure that you are CIPA compliant by implementing a content filtering solution.

You may also be eligible for federal e-rate funding if you are a library and have content filtering in place. Are you sure you can't manage those computers though AD? If not then I recommend the following steps: 1) Setup a basic account with user rights (no admin rights of course) 2) Install Avast for Business (FREE), you will have a control panel where you will see all the detections, you can setup a password on Avast, so they will not be able to change anything or turn it OFF, you can manage exclusions, schedule updates etc 3) Disable web-sites you do not permit to use via a hardware Firewall you have in place 4) Install all needed Software remotely using PDQ Deploy This way you will manage these computers mostly remotely without the need of AD. If you already have a VDI environment such as VMware, that is what we did the past two summers in labs at our school district.

Public Kiosk Software Cracking Download

We had around 150 of the NComputing devices and they were horrible when you tried to scale them out. We have around 300 VDI thin clients deployed and we have no issues anymore with stability issues. We installed the Tereadici Apex 2600 offload cards in our servers and all of our desktops refresh upon logout. I had one lab last year that was a constant issue trying to get stuff to stay running. We converted the PC's to ThinPC and made them into Thin Clients and the issues dropped almost to zero.

The issues I have had has been mice and keyboard issues. I spent some years in K12 - desktops are typically the fastest to setup in my experience. We used FOG to image which made it easy to setup one master and then deploy it out. Setup all the settings in one shot and go. Towards the end of my time we started using PDQ Deploy to shrink image sizes and speed up deployments. PDQ allowed us to rollout application packages with new PCs as well as keep the plugins and extra software up to date ongong. If a PC is hosed, push the image, deploy the apps, and done.

We had multiple images, and worked on 800 devices every summer. I also setup thin clients in our part of district. A good thin client is not much cheaper than a decent refurbished PC and takes more time to setup initially. Once you're up it's not bad, but you'll have more upfront setup time and users will almost always notice that they're not on a real computer.

Our solution was not true VDI, but thin clients using RDP - could have been better. I would have went PC if I could do it over, but it was educational for me. We tried NComputing - I would not recommend it. Final thought - have you talked to the local schools in your area to understand what direction they're going? What if they're getting into Google Apps or Office 365 and for homework all students need is internet?I know my goal prior to leaving EDU was getting as much on the web as possible.

This way kids and teachers could work from anywhere on pretty much any device. We were also doing 1 to 1 laptop programs, but we had kids without internet at home.

Maybe better wifi and desks to work on might fit the need instead of workstations. Something to consider.

Adam (Faronics) wrote: zazathebassist wrote: We are looking into setting up about 10 computers. I like the Deep Freeze solution. We don't quite know the scope of the lab, it feels like it's one of those projects where they find out something can be done and immediately want it. As for Mathematica, it's just what I'm familiar with.

Custom Kiosk Software

I wasn't expecting exactly that, it was an example. Feel free to reach out if you have any questions - we a number of products that we can use in this type of situation. Some are completely non-restrictive, others can lock the machine down into a kiosk configuration, and some straddle the middle line. Personally I would look at running Deep Freeze to keep the configuration 'fresh' and then look at our Anti-Executable to prevent unauthorized applications from running. Obviously you would still need a AV solution (we have one as well), and if you don't have a domain you might want to look at a kiosk application like WINSelect or KioWare to restrict where users can go on the machine. As suggested the best thing we can suggest is for you to give them a try. If you wanted to drop me a PM with your contact information we can get whatever you would like in place for a trial, and as I said earlier - any questions just let us know!

Used this at a junior high school, it works pretty dang well provided you lock your BIOS down. Kids can do whatever you allow them to, then you restart the computer and everything's back to the way it should be.

I work in a school district, and my last job was also a school district. Here's some of my experiences that may help: I would go with desktops for your setup as some of the science simulation software can be a little resource intensive. Jim4232is spot on that placement is a key factor in reducing students from going where they shouldn't be going. I also agree that you should avoid a thin-client or nComputing setup. We used nComputing here for a while, and it wasn't too great on the resources of the computer it was installed on (desktops mostly). The thin client or thin PC approach also had issues with software updates to keep things current, because it caused issues with some programs (Plato, Infinite Campus, EverydayMath games, etc.), and if the server had an issue, an entire lab goes down.

PC restoring software, like Deep Freeze, Windows Steady State (if you are still in the XP days), etc. Are GREAT programs for problem resolution.

A reboot solves most computer problems and in most cases gets rid of virus infections as well. Next I would recommend some sort of remote connection software, so either you or your staff can monitor and use computers from a distance. It also helps if the students know 'Hey at anytime they can connect and see what I'm doing'.

Depending on what age range you are dealing with, I would also make sure that the network switch is nowhere in reach of any preteen / teen students or you will be dealing with loopbacks on your network. Finally, a good firewall and user education will go a long way to deal with any other problems you may run into. Josh9374 wrote: Used this at a junior high school, it works pretty dang well provided you lock your BIOS down. Kids can do whatever you allow them to, then you restart the computer and everything's back to the way it should be. Oh so very much THIS. You have no idea how many people don't bother locking down the BIOS on systems when they deploy them and then wonder why things get messed with.

Beyond that I still see people not putting locks on the chassis of the public access computers they put out for people to use. If you don't physically secure the machine then it doesn't matter what software you install, the first person willing to crack the case (and they will) owns it.