I obtained and installed a certificate on our Ruckus ZD3000 two years ago, but failed to make note on how I completed it.  The question has come up a number of time since on Edugeek, and I've struggled to remember the exact process. So due to the fact my original certificate is about to expire, I thought I'd take this opportunity to document the process.Log in to your Ruckus controller and go to Configure - Certificate.

You must create a request for the certificate, it is required by your certificate authority.

You will need to complete some information such as;

• Common Name: This is the name your users will primarily use to connect to the controller.  I had already set up a new zone in DNS for wifi.school.leeds.sch.uk pointing to my controllers IP address.
• Alternative Name: I chose to fall back to an IP address if DNS was an issue. So I popped in my Ruckus controllers IP address.
• Organization: This is the name of the school, and should be the same as the name registered with your school.leeds.sch.uk domain name.
• Locality / City: In my case Leeds
• State / Province: West Yorkshire
• Country: United Kingdom

Then click apply.

You will be prompted to download a file.  I renamed mine so it was called 'wifi-certificate-request-2013.csr'

At this point you need to decide who you would like to generate your certificate for you.  There are lots of companies available.  I chose to use  ipsCA simply because they give educational establishments a two year certificate for free.  StartSSL also give one year certificates for free.

ipsCA require that you complete a simple form.  The key here is to ensure that the details reflect your domain registration information.  You can easily check your domain registration using nominet.org.uk/whois, whois.domaintools.com or whois.net.   Once you have completed and check the form submit it for approval.  This could be almost instant, or take a little bit of time depending on what they are able to check automatically.  Unfortunately mine took a few hours, in which I had to click on verification links in emails, and have my hostmaster@school.leeds.sch.uk approved too.

After a while an email arrives with the certificate attached as a text file.

If you import this certificate (after renaming the text file to .cer) you will find that your users devices will still complain.  They're unaware of the organisation that signed the certificate.  Therefore you must also install an intermediate certificate. If you've used ipsCA like me, I suggest getting the bundled certificate available here which will cover all eventualities.

Open the bundled certificate in Notepad or another plain text editor and copy the complete text (including the beginning and end lines).  Then open your certificate and paste the bundled file text at the bottom of your certificate.  It will end up looking something like this.  Make sure you save it as a .cer file.

To install your certificate, go to Configure - Certificate

Click the Upload button and navigate to your certificate.

Click 'Install this certificate and then reboot' and finally click Import - This will reboot your controller.

Now when you log in, you'll see a lovely green certificate notification in your browser, and your end users will not get any errors - that is until your certificate expires.

• Ruckus have allowed for intermediate certificate import in the GUI.  However I couldn't get it to recognise the ipsCA Level 1 certificate correctly, so would recommend doing it the manual way described above.
  

Tweet

We've been running a BYOD scheme for staff and 6th form for some time.  Although we're not pushing the scheme aggressively, it's gathering a natural pace with around 80 devices connecting most days.  I set up a Proxy.pac file for iOS devices some months ago and it seems to work well for the BYOD users, but my team will need access to more internal services.

Pac files can be unusual, especially on iOS.  Also iOS devices can cache the file making trouble shooting that much more difficult. For my benefit as much as anyone else's, here is the working version as it stands.

function FindProxyForURL(url, host)
{
if ((host=="localhost") ||
shExpMatch(host, "*localhost.*") ||
shExpMatch(host, "10.10.10.0/20") ||
shExpMatch(host, "17.0.0.0/8") ||
shExpMatch(host, "*moodle.school.com*") ||
shExpMatch(host, "*wifi.school.com*") ||
shExpMatch(host, "*proxy.school.com*") ||
shExpMatch(host, "*lead.school.local*") ||
shExpMatch(host, "*aluminium.school.local*") ||
isPlainHostName(host) ||
(host == "127.0.0.1"))
{
return "DIRECT";
}
return "PROXY proxy.LEA.net:80"
}

To explain, 10.10.10.0/20 is our internal range of IPs.
17.0.0.0/8 is the apple range of public IPs - We have found apple devices prefer un-proxied access to home.
moodle.school.com - Our internally hosted moodle server.
wifi.school.com - Our internally hosted wifi controller (which users need to reauthenticate to every so often).
proxy.school.com - This is just an alias of our moodle server. It is where the proxy.pac file resides.
lead.school.local - This is the server hosting our helpdesk. Currently internal only (hence .local).
aluminium.school.local - This server runs our wiki and some other internal sites.
isPlainHostName - This rule allows us to connect to a simple host name. One of our workstations perhaps.
return "DIRECT"; - All the rules above should connect directly.
return "PROXY proxy.LEA.net:80" - If the request is not one stated, return the proxy address.

My goal in the not too distant future is to stop using the LEAs proxy server and run a transparent proxy in house.

Tweet

Bag.  Enough pockets for things, and a large pocket for all the leaflets and info I'll be picking up.
iPad mini. Note taking, tweeting. I also have a rough plan of my day in evernote.
iPhone 4s. Taking pictures of things, may even try tweet a vine video this year.
MiFi (topped up with 1GB of data) & three spare charged batteries. Connectivity in the event of poor wifi.
iPad charger. Something always needs charging on the train home.
Charging cables for iPad, iPhone and Mifi.
Google notepad. A nice freebee from BETT2012.
A mini sharpie and a ball point pen.
Business Cards.
@IrritableTech mini cards. Hopefully I'll make some new connections.
Stickers with my school details on. Save filling out endless forms.
Train tickets, Oyster card & BETT pass.
Water. Possibly pick up a sandwich before you get there too?
Comfy shoes (everyone gives this tip right?).
Coat or no coat? Never quite sure.  It's cold on the platform at 6:30am, but hot inside BETT.  So you either decide to carry it about (the cloak room queues are often very long) or freeze while you wait for public transport.

If you do see me wondering around tomorrow (Thursday), do say hello.  Or tweet me.

Tweet

Graph search is Facebooks way of increasing connections through the site.  Up until now, users mainly search for friends, products and groups by using names.  In the case of individuals this means you really need to know someone's name to find them.  Graph search works differently.

Facebook's announcement and introduction give some examples of how the new search will work.

Search: Photo's I like

That sounds handy.  I can view all the photos I liked and review whether I still 'like' them.

Search: Restaurants my friends have been to in London

A quick way to find the places your 'friends' would recommend, and perhaps more likely, the ones they wouldn't. Super.

Search: People who like cycling and live in my hometown

This is where my worries start to kick in.  Lets suggest someone with less honorable intentions might change part of that search.  They could change it for example to:

Search: People who like Mushi Monsters and live in my hometown

This tool suddenly takes on a more sinister application.  Facebook users are being given a chance to find new people, close by, just by searching interests.

Facebook were quick to point out in their press conference that the new engine only reports information we have made public.  Accounts created by users between the ages of 13-18 who have given their true date of birth, should be protected then.  However there is plenty of evidence to suggest that young people don't always sign up with a true DOB. I've seen it myself.

Graph search is going to make it much easier for other users to find those things you've forgotten or not managed to protect.  If someone finds you via your public 'like' of a organisation, service or person, are you OK with how that person may perceive you?

Facebook has never made it's privacy settings easy to navigate, but if you can get to grips with them, they are pretty good. So take the opportunity before launch to revisit your privacy settings. Think about the level of privacy you're comfortable with, and seek help if you're not sure.  Then pop a date in your diary to look again next month.

And please, don't accept friends requests from people you don't already know in 'real life'.

Facebook Privacy Guides

How Will Graph Search Affect Your Facebook Privacy?

Photo by thoss003 used under Creative Commons with thanks.

Tweet

Social media refers to the means of interactions among people in which they create, share, exchange and comment contents among themselves in virtual communities and networks. Andreas Kaplan - http://en.wikipedia.org/wiki/Social_media

If this definition is to be believed then social media has been going on much before the likes of MySpace in 2003. I think it even pre-dates the internet. A tweet from @Documentally a little while ago got me thinking about when I started my journey into Social Media.

If you include the CB radio, I've been experimenting with social networks for the last 30 years.

— Documentally (@Documentally) November 2, 2012

I had never thought about the CB radio as a social network, but of cause it is.  You created an identity (a handle), you broadcast to the world (or the little bit of the world your 'rig' could manage), talked with friends in the 'real world' and found new CB only friends (One Nine a Roger?).  You could chat with a friend on a specific channel (hashtag?), but anyone within reach could jump in and join the conversation.

I got a CB radio in the summer of 1992 if memory serves.  I'd saved up for the equipment myself and my parents let me get on with it.  They understood I could talk to people on the CB, but probably didn't think about the fact I could talk (or simply just be heard) by anyone within the area with the right equipment.

Conversations would often be interrupted, sometimes by people wanting to chat, other times by people wanting to disrupt.  They'd jump in and swear, transmit over others, tell us to leave 'their' channel.  My friends and I came up with an ingenious series of words which when spoken would tell those in the know which channel to change to. It was our attempt to block the disruptive user.

It was an unwritten rule that you never gave your real name, address,school or where you were going to meet up out on the air.  Anyone could be listening!  We knew our lessons from school about stranger danger.

In late 1994 I finally had access to my first home computer, and shortly afterwards a modem.  I loved viewing all the webpages the net had to offer, but after a while reading most of the (usually text on a grey background) pages I could find on subjects that interested me most I wanted something more.  Very few of my circle of friends had email, so I turned to a service called IRC - Internet Relay Chat.

In many ways IRC was like the CB. Public chat rooms called channels where people could broadcast freely.  I'd join a channel about music and talk to like minded individuals about their likes and dislikes, who they were going to see live, and they might recommend a website for more information. Again, even then, I always kept personal details to myself.  Never giving more away than my first name and which city I lived near.  When a user first annoyed me, I quickly found the command to /ignore.

Once again, my parents had no idea what I was up to.  It was a world they didn't know much about but I was quiet, happy, and not getting myself into trouble.  Or at least that's what they thought.

Thankfully I never really did get myself into any trouble.  Yes, people occasionally called me names. Yes, people wanted me to go into private chats.  However as a young individual entering a new world, I can't say I ever came to any harm.  However looking back now, if I had got myself into trouble, I'm really not sure who I would have turned to.

Fast forward to today, and I am truly connected 24/7.  Computer, tablet, TV, smart phone, GPS. Email, websites, social networks, skype.  The rules which I gave myself on the CB, and my first entry into internet chat rooms are still the ones I mainly live by today.  Unless I know people offline they see limited information about me online.  Never enough to find me, and rarely enough to poke fun at me.

As a parent myself now to two children, I try to keep up with the social media trends.  They are both still in primary school, so it's mainly about mushi monsters and other game based networks at the moment.  I want to keep them safe but show trust, and allow some freedom.  I'd like to be more involved in their online lives than my parents were.  I've started them with a blog each, where we have three important rules.  Don't post anyone's personal details, don't post anyone's picture, and be positive!

My kids know that if anything were to upset them, or make them feel uncomfortable online. They could go straight to me, or another trusted adult.  They know they won't be in trouble and that I'll listen and explain how to make sure it doesn't happen again.  They also know that I'll speak to someone who can help, if I can't fix it myself.

I believe parents owe it to their kids to keep as up to date as they can with the technology their children take for granted.

Today social media sites generally take a more serious approach to safety.  Most have easily accessible reporting mechanisms.  There are organisations like CEOP, The UK Safer Internet Centre, and the Internet Watch Foundation, none of which were around when I was a kid.  Technology is more readily available today than it's ever been, but it really shouldn't be feared.

Photo by Cubwolf and used under creative commons.

Tweet

Both devices out of the box have a fairly simple method of getting them going.  That is of cause as long as you have an Apple ID and a Google ID.  Both connected to our school Wifi quickly and once proxy information (yes I am still waiting for a transparent version from my LEA) was complete, both devices were setup and working.

With only a limited amount of time with the devices, this quite review will only be able to cover hardware, and basic software functionality.  I may revisit this topic later if I get another opportunity.

Firstly I looked over the whole package.  The google Nexus is one of the better built android tablets on the market, but it doesn't compare to the iPad.  The iPads aluminium construction and gorilla glass feels like a higher quality device in the hand.  Weight wise the Nexus comes in at 340g and the iPad is only 308g despite it's bigger size.

The screens are very different.  The Nexus 7 has a seven inch 16:10 screen (1280 x 800) running at 216 points per inch, where as the iPad has a 7.9 inch 4:3 screen (1024 x 768) running at 163 ppi.  Some reviews have been disappointed with the iPads screen and suggest a new 'retina' model will be out sooner rather than later.

One of the most important aspects of those screens is the aspect ratio in my opinion.  The nexus suffers from its ratio, because of the way android is designed.  The home, back and task switcher buttons take up valuable screen space, particularly noticeable when the device is in landscape mode.

The glass on both devices seems as strong, and time will tell how they deal with scratches, but the iPad screen deals better with finger prints.

Apple iPad Mini vs. Google Nexus 7

I opened up the browsers; in my view the single most important application.  Side by side I asked both devices to load my website IrritableTech.Co.Uk.  Chrome on the nexus automatically requested the mobile site. So after finding the option to 'Request Desktop site' and clearing all the caches, I reloaded my site on both devices.

The nexus was faster at rendering the page, but only by half a second or so.  I decided to use the text on my website to decide for myself if the difference in ppi makes a huge difference.

I did think the text was slightly clearer on the nexus, however because of the width of the screen it was also smaller.  I had to zoom in a little on both devices to comfortably read the text.  On the iPad it was even quicker to press the 'Reader' button, and let the iPad remove everything but the text.  A function I couldn't find immediately on the android.

The physical size difference makes the iPad more of a two thumb typing tablet, with the Nexus being more comfortable typing with just the one thumb.  Two thumb typing might get easier with practice on the Android.

Comparing the screens on iPad Mini & Google Nexus 7 up-side-down

To further test the screen I opened a picture from my web site, saved it and opened the image in the respective gallery apps.

The image quality looked very similar, but once again, the Nexus' screen ratio meant the standard 4:3 image had black bars down each side when viewing.

I'd love to do further comparisons, but sadly for me my time with these devices is up.

Which is better for our school?  I'm still stuck.  The apple devices can be managed by us more easily, the number of quality apps is far greater, but the price tag is considerably more.

I think the most important piece of software on a tablet is the browser. There are some fantastic apps, but ultimately I think learning through a browser will outlive any other software.  I've found that Chrome is just a little bit better than Safari, but not enough to win the competition outright.

I'd love to hear your thoughts, especially if you've played with these for longer than I have!

Tweet

I reported the issue which seemed to be affecting all my sites, and others in this shared hosted platform. After a whole support responded that the storage node had failed, and after a further request they updated their service status to reflect this issue.

Although this site doesn't serve thousands of visitors on a daily basis, my stats show it trickles along nicely.  It is the centre of my digital output, however I was more concerned about my short url service. IrTe.Eu unlike many, is not hosted by Bit.ly or Hoot Suite, it is hosted by me.  It's 800 short links have generated over 43,000 clicks, so on average about 53 clicks each.  I've tried to build a twitter account based on sharing great resources on the web, which totally rely's on this service.

I was able to get my site back online before my host was fixed for three reasons...

The Cloud Concept

The storage node was down, which meant I couldn't get to my web files, however because the host I have been using for a number of years is a clustered based service, thankfully their MySQL servers were still running.  I quickly backed up some important DBs.

Cloudflare

I use their free product which gives me access to 'two' name servers, which use dynamic DNS, and are actually numerous DNS servers around the world.  The advantages are, the name servers are closer to the visitors, they propogate very quickly in my tests and in addition to standard DNS, cloudflare cache some of my data.  As long as my host was delivering a 503 error, cloudflare would show visitors a static version of IrritableTech.Co.Uk. Unfortunately, this didn't help IrTe.Eu.

BackWPUp

This free plugin for wordpress was my saviour yesterday.  I can not speak highly enough of it - if you run WP - just get it.  Like any other plugin, you install it into wordpress and configure the plugin.  You can set up tasks to back up any of the folders within your wordpress folder (not just the standard wp ones) and you can set it repeat at a frequency you require.  It also backs up the MySQL database.  You can set the backups to be saved within your website directory, an FTP server, Dropbox, SugarSync (Affiliate links ), and others.  So although my hosts hard drives had failed, I had a backup completed only hours earlier on my dropbox account.

I'd had a host recommended a couple of months back.  A UK based, 'cloud' shared hosting platform with the right amount of services, space and databases for my numerous websites.  With an offer of £1 for the first three months, and a 60 day money back guarantee.  This new host also runs frequent backups throughout the day.

So thanks to not putting all my eggs in one basket (like many shared hosting platforms do), a fast content delivery network with quickly propergating DNS servers, and a fantastic free wordpress plugin the world of IrritableTech was saved within a few hours, two hours before my old host managed to fix it.

In addition, I find the site much quicker to navigate, and my short URLs resolve in a far quicker time.  Hopefully you do too?

Tweet

Each year we have tried to challenge a group of students to look at a subject, report their findings and explain their decision.

This year we have spent a lot of time purchasing, installing, configuring and testing equipment to allow students to bring their own devices into school to aid their learning. What we haven't yet finalized is our policy.

I personally think it is very important to include the students in the policy writing process. Students must be able to understand the policy, and the reasons for it. This takeover day gave us the perfect opportunity to get the student view on our plans, and for them to decide on the rules of use. Ten boys and one girl were able to get involved today.

We discussed the type of mobile technology they had at home, and if they could think of ways of using it in the classroom. The students were paired off to work on presentations to be given to the group.

In both sessions, the students found many positive uses for mobile technology in lessons.

• Tablets are more up to date than textbooks
• Ebooks can't have pages torn out or be scribbled on like books
• Ask google if the teacher is too busy to answer your question, or you are embarrassed to ask
• No need to book computers rooms which are few and far between
• Perfect for research and revision
• Text the teacher for help
• Video a demonstration by the teacher so you can watch it back later
• Typing can be faster than writing when making notes
• Students could adjust their device to their needs - Eg. someone with sight difficulties

The students in the second session also came up with some negatives

• Some students might use their devices for games or other distractions
• Some websites are not appropriate in school, some at not appropriate for children
• Not everything on the internet is true

I think they came up with some excellent points and ideas.

The second task was to create some rules, or a list of Do's and Don'ts for our BYOD program. Group one came up with these.

The second group came up with these.

As you can see these two separate groups of students came up with very similar rules. Many of them we had thought about ourselves, but both groups came up with rules we hadn't immediately thought of. The most interesting for me was "do not be negative about other peoples devices / do respect yours and other people's equipment". Both groups realized that some devices are more fashionable than others, and this shouldn't be allowed to become a reason to taunt or bully. Both groups also wanted to include a rule about sharing the resources with those that don't have one, or don't want to bring in a device.

The whole process was really rewarding for me, and the feedback from the students was great. I think we need to get more students involved, especially more girls before we can finalize our policy.

Tweet

My first tweet was neither funny, clever or helpful to anyone.

Two things happened in November 2011. Firstly I had a disagreement with my line manager and secondly, we both ended up going to a conference in London - thankfully not on the same day. The disagreement had centred around the use of twitter (and possibly other social media) within the classroom. My manager explained that twitter gave staff and students access to leaders in their field, global conversations and one of the fastest ways to gather news. I completely disagreed and argued we were opening a gateway into the classroom which at best, informed us of football players eating habits, and at worst bad language, dodgy pictures and cyberbullying.

Although to this day I try to remind people of the seedier side of social networking that does exist, it was the teachology conference which started to change my mind on twitters positives.

We heard from @trees2066 who explained how he was using hand held technology in primary classrooms, @David_MillerUK who described his use of web 2.0 site to engage students in learning, @caroljallen who uses (and tests) technology in ways I would never have thought of to help differently able students, @chickensaltash explained how he used sites like facebook to help get kids to be creative, and @simfin who introduced himself as the voice of doom but discussed how to use technology safely whilst enhancing education.

All of these people used twitter extensively, and I was surprised to find out on the train home, they had been tweeting while the event went along. I decided I clearly didn't know enough about twitter to form my strong opinion. I decided on the train to get more involved.

A few things in Simons presentation rung a chord with me. Firstly, create policies which stop people losing their job, rather than stop people doing their job - a quote I often come out with now. Secondly that we should flood google with positive things about ourselves. We should be utilising the web to advertise ourselves as well as drowning out the little bits of bad we may have previously left behind.

It made me wonder whether someone could build up a good reputation with little or no previous history, perhaps not even a real name.  @IrritableTech was born.

A year later, I think I have built a decent reputation for knowing one or two things about education technology, eSafety, data security and digital footprints. I've built a large network of people around me who seem to find some of the content I produce useful, but more than that is what I gain from them. I've a lot more to learn, but feel that with this network of people around me, I'm in good hands.

Tweet

After a while trying the app, searching twitter and reading the privacy statements on the SnapChat website, I have five major questions users must ask themselves before using a service such as this one.

Are you prepared to see images from people you do not know?

I decided to search twitter for the work "Snapchat" to see what users were saying. Firstly I noticed a huge amount of young people happily broadcasting their SnapChat username to the world. "Snapchat me, I'm InsertUserNameHere" Surely opening them up to anyone sending any unthinkable image.

Anyone can send you an image if they know, or can work out your username. Only afterwards can you look to block them. It's also not at all intuitive to block a user. For the record, you swipe right on their name in your friends list.

Could you be emotionally hurting someone by creating and sharing an image?

Further to my research, I found numerous images also shared to twitter. Many of which had various words, or body parts scribbled all over them using the drawing tool. Although this issue is not simply restricted to SnapChat, it is sadly an avenue for cyberbullying.

Can you trust the recipient will not share the image?

Perhaps the biggest issue is one of implied safety. One of the unique selling points if you will of SnapChat, is that the image will only display to the person you sent it to for a maximum of ten seconds. You must press down on the screen to view the image sent, and once the timer has run out, it vanishes.

What would happen if this image was made public today, in a month, in a year, ten years?

Unfortunately, it's not very difficult to capture a screenshot. The image in this article is one that the SnapChatTeam sent me. I'd captured it within 5 of the ten seconds, on my first attempt. The SnapChat website points out that if you attempt a screens shot, the sender gets informed. To my mind that feature is of little use. Once is sent, you've lost any control you thought you had. Furthermore, the app cannot inform you if someone uses another camera, or a routed phone to capture the image.

Can you trust the company acting as middleman?

SnapChat explain on their website that they do not look at your pictures. The data is temporarily saved on their servers and deleted soon after the intended recipient has viewed the image. However if you look deeper into their privacy section you'll come across the following.

Although we attempt to delete image data as soon as possible after the message is transmitted, we cannot guarantee that the message contents will be deleted in every case.

These few issues are probably just the tip of the iceberg, and these issues are not limited to this one app. It does however seemed to have grabbed the attention of many users (it is currently higher in itunes picture apps chart than instagram) who may not be concidering all the dangers correctly.

I'd love to hear your thoughts.

Tweet