Chaos Computer Club - recent audio-only feed

A wide variety of video material distributed by the Chaos Computer Club. This feed contains audio files from the last year

//media.ccc.de/

subscribe
share






The 'SUASecLab' Virtual Laboratory (froscon2022)


Because of access restrictions imposed during the Covid-19 pandemic, access to the physical laboratories of our university was no longer possible for students. Lectures requiring specific hardware which is only available to students in laboratories could no longer take place. Therefore, we developed a solution which allows remote access to hardware of our laboratory. The FLOSS application WorkAdventure is used as base for our platform. WorkAdventure (WA) already makes privacy friendly online meetings possible in a 16-bit 2D computer game design. We extended WA to provide interactive, virtual lecture rooms by integrating BigBlueButton (BBB). However, privately communicating with fellow students sitting nearby is still possible. This creates a more realistic feeling when attending online lectures. As far as this solution is well known, but we wanted considerably more... In order to give lecturers and students different rights in BBB, we reimplemented parts of the proprietary administration services of WA. With them, we can give out different invitation links, so they also act as access control method. Furthermore, we embed noVNC, a web application acting as VNC client, into WA. With noVNC, it is possible to access virtual machines (VM) we set up on the computers residing in our physical laboratory from home. Here, we also developed a software which makes it possible to work in groups on the VMs remotely. This software puts all users connected to a VM into a Jitsi conference room, which allows the users to communicate. By using USB pass-through, it is possible to connect the physical hardware to the VMs. Then, by accessing the VMs, students can control the hardware remotely. Therefore, we were able to offer the lectures and exercises requiring special hardware by offering them in our virtual laboratory. Our software solution has a high transferability: New use-cases can be addressed quickly, as web applications can be integrated into WA easily. On the other side, parts of our solution can be used independently in own instances targeting other use cases. We invite developers to participate in the project and further develop the solution for possible use in high schools. Problem Description: Working in physical laboratories during the Covid-19 pandemic was no longer possible due to imposed access restrictions. This makes lectures with special hardware requirements impossible, as students can no longer access the laboratory. Furthermore, we have not enough devices to hand out to students. Therefore, it was necessary to find a solution that allows us to use hardware located in a laboratory in groups online. In our use case, students should be able to program Internet of Things (IoT) microcontrollers remotely. Furthermore, many online lectures were not as interactive as we hoped. While students can ask questions in popular online lecturing tools like BigBlueButton (BBB), it is not possible to quickly switch between working in groups and lecturing. Moreover, switching between multiple groups is not straightforward. Also discussing the lecture's topics with seat neighbors is no longer possible when using only BBB. Therefore, we looked for a solution, which creates a more lecture-like feeling. Furthermore, students should be able to work within groups and switch between them easily. Especially commercial products often harvest user data and use it for analyses. Some companies even sell collected data to advertisement companies. However, the personal information of students should be well protected. Therefore, our solution should also be privacy-friendly. In the optimal case, the used software follows privacy-by-design principles. This means it only collects information which is necessary for operating the service. Approach: During our research in order to find a solution, we could not find a FLOSS application which offers all the features we required. Therefore, we decided to build our own platform. We chose to use the FLOSS software WorkAdventure (WA), developed by TheCodingMachine, as underlying platform. WA is a web application which enables interactive online conferences and has a 16-bit 2D computer game design. WA follows the privacy-by-design principles, as almost all information exchanged with the clients is only stored temporary and removed from the backend after the user closes the tab. Furthermore, decentralized communication channels based on WebRTC technologies are used whenever possible. In WA, people walk a character over a map. Whenever multiple people stand nearby, a communication channel is established between their clients and they can communicate. The communication channel is closed when walking away from the group. However, this way of communication only works for smaller groups. When entering specific, pre-defined areas of the map, corresponding actions can be run in the users' browsers. By default, WA uses this feature to allow embedding Jitsi conference rooms in order to make bigger conferences possible. Furthermore, WA allows embedding websites by using the HTML iframe tag. Based on these features, we decided to build our own maps and set up our own, customized, WA instance. This instance extends the already mentioned capabilities by those we require. In order to make online lectures possible, we embedded BigBlueButton, which was already used at our university as lecturing tool. For this, we extended the frontend and the backend of WA to make an automated assignment of instructor and participant roles possible. Then, instructors are allowed to upload presentations, while participants are not. Furthermore, we reimplemented parts of the proprietary administration services in order to create different invitation links for assigning the different roles. By using this way, either the instructor or participant role is assigned in BBB based on the link that was used to join the laboratory. Moreover, handing out unique invitation links provides access control for the virtual laboratory. We can then define parts of the map as BBB rooms. We use this for setting up lecture halls. By enabling the group communication features mentioned above, it is possible to talk to fellow students sitting nearby while attending the lecture. This creates a more realistic feeling when attending online lectures. For making it possible to program IoT devices remotely, we set up virtual machines (VM) on different servers. We can then connect the physical devices to the VMs by attaching them to the hypervisors and enabling USB passthrough. The hypervisor provides remote access to the VMs by providing a VNC server. In order to make access to the VMs from WA possible, we integrated noVNC, a web application acting as VNC client, into WA. Here, we use websockify to translate the data transmitted through the VNC server port to a websocket, which can then be accessed by noVNC. Then, it is possible to remotely control the VM and work with the attached USB devices. Furthermore, we extended WA to automatically authenticate WA users on the VMs in order to provide access control for the VMs. For making it possible to work in groups, we developed the multi-user-vm-assigner. It allows multiple people working on a VM to communicate by putting all people connected to a specific VM into a Jitsi Meet room. For programming lectures, we also set up a general-purpose virtual PC pool. Here, students can try out different programming languages and get familiar with the GNU/Linux ecosystem. Moreover, Docker was installed on these VMs to feature a webserver, which also makes web development possible. Transferability: As the solution bases on WA, it provides all features from WA. This includes e.g. working in groups online and a high interactivity when meeting in groups as well as Jitsi conference rooms. These features can be used for online meetings, such as conferences and lectures. We extended these features by making it possible to work with computers in groups remotely. This e.g. makes it possible to work on programming projects decentralized. As, our virtual laboratory can be used for remote group work, online workshops and tutorials are also possible. More features can be integrated easily into WA by embedding a corresponding web application. Therefore, the current software can be extended in order to adopt new use cases quickly. Furthermore it is possible to reuse parts of our solution (e.g. the reimplemented administration services) in own instances, even if they address other use cases. It is our medium-term goal to further develop this solution so that it is suitable for use at high school. Additional information: The source code of the virtual laboratory is available on GitHub (https://github.com/SUASecLab). An article about the laboratory was published in German language in the journal "Informatik Spektrum" of Springer Nature (https://doi.org/10.1007/s00287-022-01447-2). about this event: https://programm.froscon.org/2022/events/2792.html


fyyd: Podcast Search Engine
share








 August 21, 2022  56m